function handleAccountRequest() { global $username, $password, $referralcode, $accountCreated; $message = null; $emailValidation = isValidEmail( $_REQUEST['email'] ); if( ! $emailValidation->status ) { return $emailValidation; } if( isValidUsername( $username ) && isValidPassword( $password ) && $username != $password ) { $result = createAccount( $username, $password, $referralcode ); if( $result == "OK" ) { $message = new statusMessage( true, "Account created." ); $accountCreated = true; } else { $message = new statusMessage( false, $result ); } } else { $message = new statusMessage( false, "Invalid username or password. Passwords must be at least 5 characters long and may consist of letters, numbers, underscores, periods, and dashes. Passwords must not be the same as your username." ); } return $message; }
function execSignup($username, $password, $confirmpw, $firstname, $lastname, $gender) { if ($username == "" || !isValidUsername($username)) { return "Username is empty or invalid!"; } if ($password == "" || !isValidPassword($password)) { return "Password is empty or invalid!"; } if ($confirmpw == "" || !isValidPassword($confirmpw)) { return "Confirm Password is empty or invalid!"; } if ($firstname == "" || !isValidName($firstname)) { return "First Name is empty or invalid!"; } if ($lastname == "" || !isValidName($lastname)) { return "Last Name is empty or invalid!"; } if ($gender == "" || !isValidGender($gender)) { return "Gender is empty or invalid!"; } $userDAO = new UserDAO(); //verify username exist $result = $userDAO->getUserByUsername($username); if ($result !== null) { return "Username exists, please change to another one!"; } //verify $password == $confirmpw if ($password != $confirmpw) { return "Password and Confirm Password must be same!"; } $roleDAO = new RoleDAO(); $role = $roleDAO->getRoleByID(3); //normal user $departmentDAO = new DepartmentDAO(); $depart = $departmentDAO->getDepartmentByID(1); //root department $encryptPW = encryptPassword($password); $photoURL = "photo/default.png"; $user = new User($role, $depart, $username, $encryptPW, $firstname, $lastname, $gender, $photoURL); if ($userDAO->insertUser($user) === true) { return true; } else { return "Insert user into table error, please contact administrator!"; } }
function validateUpdation() { global $conn, $var_id; //implement logic here if (trim($_POST["txtUserName"]) == "" || trim($_POST["txtUserLogin"]) == "" || trim($_POST["txtEmail"]) == "") { return false; } elseif (!isValidUsername(trim($_POST["txtUserLogin"])) || !isValidEmail(trim($_POST["txtEmail"]))) { return false; } else { $sql = "Select nCompId from sptbl_companies where vDelStatus='0' AND nCompId='" . mysql_real_escape_string($_POST["cmbCompanyId"]) . "' "; if (mysql_num_rows(executeSelect($sql, $conn)) <= 0) { return false; } else { $sql = "Select nUserId from sptbl_users where vLogin='******' AND nUserId != '" . mysql_real_escape_string($var_id) . "'"; if (mysql_num_rows(executeSelect($sql, $conn)) > 0) { return false; } } } return true; }
function execLogin($username, $password) { $username = (string) $username; $password = (string) $password; if ($username == "" || $password == "") { return "Username or password can not be empty!"; } if (!isValidUsername($username) || !isValidPassword($password)) { return "Username or password is invalid!"; } $userDAO = new UserDAO(); $user = $userDAO->getUserByUsername($username); if ($user === null || !verifyPassword($password, $user->getPassword())) { return "There is no user account matching the Username and Password provided."; } if ($user->getRole()->getRoleID() == "4") { return "This user was forbidden to login!"; } login($user->getUserID()); return true; }
if (isset($_POST['account_active'])) { if (!$_POST['account_active'] != 0) { //0 = Demo account $newuser = array(); $newuser['id'] = NULL; $newuser['username'] = cleanPost($_POST['username']); $newuser['fullnames'] = cleanPost($_POST['fullnames']); $newuser['group'] = cleanPost($_POST['group']); $newuser['phone'] = cleanPost($_POST['phone']); $newuser['user_website'] = cleanPost($_POST['user_website']); $newuser['email'] = cleanPost($_POST['email']); $newuser['referred_by'] = cleanPost($_POST['referred_by']); $regmsg = ''; if (strlen($_POST['username']) < 3) { $regmsg = translate('The username that you have entered is too short.', sz_config('language')); } elseif (isValidUsername($_POST['username']) == false) { $regmsg = translate('The username that you have entered is invalid or already exists.', sz_config('language')); } elseif (isValid($_POST['fullnames'], 'names') == false) { $regmsg = translate('Your full names should only contain alphabetic characters.', sz_config('language')); } elseif ($_POST['account_active'] != 0) { $regmsg = translate('Hack attempt detected. Data logged and submitted to administrators.', sz_config('language')); } elseif (isValid($_POST['group'], 'number') == false) { $regmsg = translate('Hack attempt detected. Data logged and submitted to administrators.', sz_config('language')); } elseif (isValid($_POST['phone'], 'phone') == false) { $regmsg = translate('The phone number that you\'ve entered is invalid.', sz_config('translate')); } elseif (strlen($_POST['user_website']) > 0 && isValid($_POST['user_website'], 'website') == false) { $regmsg = translate('The website that you\'ve entered is invalid. Please do not add http:// to the address.', sz_config('language')); } elseif (isValid($_POST['email'], 'email') == false) { $regmsg = translate('The email address that you\'ve entered is invalid.', sz_config('language')); } elseif (!isset($_POST['terms']) or $_POST['terms'] != 1) { $regmsg = translate('You have to read and accept the Terms & Conditions.', sz_config('language'));
$check_news = $_POST["check_news"]; if ($check_news == 1) { $check_news = "Y"; } else { $check_news = "N"; } $message = ""; if (!isNotNull($txtUserName)) { $message .= "* User Name cannot be empty! <br>"; } else { $qry = "SELECT LOWER(user_name) FROM " . $tableprefix . "users WHERE user_name='" . strtolower(addslashes($txtUserName)) . "' "; if (mysql_num_rows(mysql_query($qry)) > 0) { $message .= "* User Name already exists!<br>"; } } $valid_username = isValidUsername($txtUserName); if ($valid_username == '2') { $message .= "* Username cannot be numbers! <br>"; } if ($valid_username == '3') { $message .= "* Username should not contain whitespace!! <br>"; } if ($valid_username == '0') { $message .= "* Username cannot be empty! <br>"; } if (!isNotNull($txtPassword)) { $message .= "* Password cannot be empty! <br>"; } if (isNotNull($txtFirstName)) { if (!preg_match("/^[a-zA-Z ]+\$/", $txtFirstName)) { $message .= "* First name accepts alphabets only !! <br>";
<?php if (isset($_POST['do_register'])) { $usern = protect($_POST['usern']); $passwd = protect($_POST['passwd']); $cpasswd = protect($_POST['cpasswd']); $email = protect($_POST['email']); $user_ip = $_SERVER['REMOTE_ADDR']; $check_usern = mysql_query("SELECT * FROM users WHERE usern='{$usern}'"); $check_email = mysql_query("SELECT * FROM users WHERE email='{$email}'"); if (empty($usern) or empty($passwd) or empty($cpasswd) or empty($email)) { echo error($lang['reg_error_1']); } elseif (mysql_num_rows($check_usern) > 0) { echo error($lang['reg_error_2']); } elseif (mysql_num_rows($check_email) > 0) { echo error($lang['reg_error_3']); } elseif (!isValidUsername($usern)) { echo error($lang['reg_error_4']); } elseif (!isValidEmail($email)) { echo error($lang['reg_error_5']); } elseif ($passwd !== $cpasswd) { echo error($lang['reg_error_6']); } else { $total_stats = $web['player_max_force'] + $web['player_max_agility'] + $web['player_max_endurance'] + $web['player_max_fastness']; $passwd = md5($passwd); $insert = mysql_query("INSERT users (usern,passwd,email,status,user_ip,power,agility,endurance,fastness,total_stats,energy,money) VALUES ('{$usern}','{$passwd}','{$email}','1','{$user_ip}','{$web['start_points']}','{$web['start_points']}','{$web['start_points']}','{$web['start_points']}','{$total_stats}','100','1000')") or die(mysql_error()); echo success($lang['reg_success']); } } ?> <form action="" method="POST" id="signupform">
function registerUser($userName, $userPass, $userEmail) { global $con; $randomSalt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true)); $password = passHash($randomSalt, $userPass); if (isValidEmailAddress($userEmail) && isValidUsername($userName)) { if ($stmt = $con->prepare("SELECT userName FROM users WHERE userName = ? or userEmail = ? LIMIT 1")) { $stmt->bind_param('ss', $userName, $userEmail); $stmt->execute(); $stmt->store_result(); $stmt->bind_result($user_name); $stmt->fetch(); if ($stmt->num_rows == 0) { if ($insert_stmt = $con->prepare("INSERT INTO users (userName, userEmail, userPass, userSalt) VALUES (?, ?, ?, ?)")) { $insert_stmt->bind_param('ssss', $userName, $userEmail, $password, $randomSalt); $insert_stmt->execute(); return true; } else { return -3; //problem with db } } else { return -4; //username or email exists } } else { return -3; //problem with db } } else { return -5; //invalid email or username } }
public function handleSignup() { global $sRequest, $sDB, $sQuery, $sTemplate, $sUser, $sSession; $username = $sRequest->getString("signup_username"); $password = $sRequest->getString("signup_password"); $password2 = $sRequest->getString("signup_password_2"); $email = $sRequest->getString("signup_email"); if ($sUser->isLoggedIn()) { $this->setError($sTemplate->getString("SIGNUP_ERROR_ALREADY_LOGGED_IN")); } else { if (!isValidUsername($username)) { $this->setError($sTemplate->getString("SIGNUP_ERROR_INVALID_USERNAME")); return false; } $user = $sQuery->getUser("userName="******"SIGNUP_ERROR_USERNAME_EXISTS")); return false; } $user = $sQuery->getUser("userEmail=" . $email); if ($user || !$email) { $this->setError($sTemplate->getString("SIGNUP_ERROR_EMAIL_IN_USE")); return false; } if ($password != $password2 || $password == "") { $this->setError($sTemplate->getString("SIGNUP_ERROR_PASSWORD_MISMATCH")); return false; } // check for valid token if required $token = $sSession->getVal("signupToken"); if (SIGNUP_REQUIRE_TOKEN) { $res = $sDB->exec("SELECT * FROM `signup_tokens` WHERE `token` = '" . mysql_real_escape_string($token) . "' LIMIT 1;"); if (mysql_num_rows($res) == 0) { $this->setError($sTemplate->getString("SIGNUP_REQUIRE_TOKEN")); return false; } } $user = new User(); if ($user->create($username, $email, $password)) { $this->setNotice($sTemplate->getString("SIGNUP_SUCCESS")); if (SIGNUP_REQUIRE_TOKEN) { $res = $sDB->exec("DELETE FROM `signup_tokens` WHERE `token` = '" . mysql_real_escape_string($token) . "' LIMIT 1;"); $sSession->setVal("signupToken", ""); } return true; } else { $this->setError($sTemplate->getString("SIGNUP_ERROR_GENERAL")); return false; } return false; } }
function validateUpdation() { global $conn, $var_id; global $passwordLength; //implement logic here $sql = "Select vLogin from sptbl_staffs where vLogin='******' AND nStaffId != '" . mysql_real_escape_string($var_id) . "'"; if (trim($_POST["txtStaffName"]) == "" || trim($_POST["txtStaffLogin"]) == "" || trim($_POST["txtEmail"]) == "") { return MESSAGE_MANDATORY_FIELDS; } elseif (!isValidUsername(trim($_POST["txtStaffLogin"]))) { return MESSAGE_INVALID_LOGINNAME; } elseif (!isValidEmail(trim($_POST["txtEmail"]))) { return MESSAGE_INVALID_EMAIL; } elseif (trim($_POST["txtPassword"]) != '' && strlen($_POST["txtPassword"]) < $passwordLength) { return MESSAGE_NEW_PASSWORD_LENGTH; } else { $sql = "Select nStaffId from sptbl_staffs where vLogin='******' AND nStaffId != '" . mysql_real_escape_string($var_id) . "'"; if (mysql_num_rows(executeSelect($sql, $conn)) > 0) { return MESSAGE_LOGINNAME_EXIST; } } return true; }
function validateUpdation() { global $conn, $var_id; global $passwordLength; //implement logic here if (trim($_POST["txtUserName"]) == "" || trim($_POST["txtUserLogin"]) == "" || trim($_POST["txtEmail"]) == "") { return MESSAGE_MANDATORY_FIELDS; } elseif (!isValidUsername(trim($_POST["txtUserLogin"]))) { return MESSAGE_INVALID_LOGINNAME; } elseif (!isValidEmail(trim($_POST["txtEmail"]))) { return MESSAGE_INVALID_EMAIL; } elseif (trim($_POST["txtPassword"]) != '' && strlen($_POST["txtPassword"]) < $passwordLength) { return MESSAGE_NEW_PASSWORD_LENGTH; } else { $sql = "Select nCompId from sptbl_companies where vDelStatus='0' AND nCompId='" . mysql_real_escape_string($_POST["cmbCompanyId"]) . "' "; if (mysql_num_rows(executeSelect($sql, $conn)) <= 0) { return MESSAGE_INVALID_COMAPANY; } else { $sql = "Select nUserId from sptbl_users where vLogin='******' AND nUserId != '" . mysql_real_escape_string($var_id) . "'"; if (mysql_num_rows(executeSelect($sql, $conn)) > 0) { return MESSAGE_LOGINNAME_EXIST; } } } return true; }
$warnings = array(); if (isset($_POST['submit'])) { if (!verifyReCaptcha(CAPTCHA_SECRET_KEY, @$_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR'])) { $warnings[] = "Failed CAPTCHA"; } elseif (isset($_POST['passwd']) && isset($_POST['passwd2']) && isset($_POST['username'])) { $passwd = $_POST['passwd']; $passwd2 = $_POST['passwd2']; $username = $_POST['username']; // validate password and username if ($passwd != $passwd2) { $warnings[] = "Passwords don't match"; } if (!isValidPassword($passwd)) { $warnings[] = "Not a valid password (longer than " . MIN_PASSWORD_LENGTH . " characters required)"; } if (!isValidUsername($username)) { $warnings[] = "Not a valid username (longer than " . MIN_USERNAME_LENGTH . " characters required)"; } // No warnings means everything is in order, and we can create the user if (count($warnings) == 0) { $dao = new UserDAO(); if ($dao->userExists($username)) { $warnings[] = "Username already taken"; } else { $passwd = pw_encode($passwd); if (!$dao->createUser($username, $passwd)) { $warnings[] = "Failed to insert to database"; } else { // Registration was successful, redirect the user to // the login screen $session->set('register_flag', true);
public function handleSignup() { global $sRequest, $sDB, $sQuery, $sTemplate, $sUser; $username = $sRequest->getString("signup_username"); $password = $sRequest->getString("signup_password"); $password2 = $sRequest->getString("signup_password_2"); $email = $sRequest->getString("signup_email"); if ($sUser->isLoggedIn()) { $this->setError($sTemplate->getString("SIGNUP_ERROR_ALREADY_LOGGED_IN")); } else { if (!isValidUsername($username)) { $this->setError($sTemplate->getString("SIGNUP_ERROR_INVALID_USERNAME")); return false; } $user = $sQuery->getUser("userName="******"SIGNUP_ERROR_USERNAME_EXISTS")); return false; } $user = $sQuery->getUser("userEmail=" . $email); if ($user || !$email) { $this->setError($sTemplate->getString("SIGNUP_ERROR_EMAIL_IN_USE")); return false; } if ($password != $password2 || $password == "") { $this->setError($sTemplate->getString("SIGNUP_ERROR_PASSWORD_MISMATCH")); return false; } $user = new User(); if ($user->create($username, $email, $password)) { $this->setNotice($sTemplate->getString("SIGNUP_SUCCESS")); return true; } else { $this->setError($sTemplate->getString("SIGNUP_ERROR_GENERAL")); return false; } return false; } }
<?php function isValidUsername($username) { return strlen($username) >= 7; } $u = " "; if (isValidUsername($u)) { echo "ya, this is valid. WHOOOOOOOOO!!!!"; } else { echo "no, this is not valid. DAMN IT!!!"; } // getNthchar ('don', 1) wil return 'd' function getNthchar($string, $n) { return substr($string, $n - 1, 1); } if (getNthchar('don', 2) == "o") { echo 'this is correct'; } else { echo 'FAIL'; } ?> motorcycle <?php //my_strrev('cat') function my_strrev($input) { $char = str_split($input); } for ($i = count($char) - 1; $i >= 0; $i--) {
function validation($data, $files) { global $CFG; $errors = parent::validation($data, $files); $authplugin = get_auth_plugin($CFG->registerauth); if (record_exists('user', 'username', $data['username'], 'mnethostid', $CFG->mnet_localhost_id)) { $errors['username'] = get_string('usernameexists'); } else { if (empty($CFG->extendedusernamechars)) { $string = eregi_replace("[^(-\\.[:alnum:])]", '', $data['username']); if (strcmp($data['username'], $string)) { $errors['username'] = get_string('alphanumerical'); } // Validates the username for Windows requirements - 22.05.2011 - jam $oldusername = stripslashes($data['username']); if (!isValidUsername($data['username']) || strcmp($data['username'], $oldusername)) { $errors['username'] = '******'; } } } //check if user exists in external db //TODO: maybe we should check all enabled plugins instead if ($authplugin->user_exists($data['username'])) { $errors['username'] = get_string('usernameexists'); } if (!validate_email($data['email'])) { $errors['email'] = get_string('invalidemail'); } else { if (record_exists('user', 'email', $data['email'])) { $errors['email'] = get_string('emailexists') . ' <a href="forgot_password.php">' . get_string('newpassword') . '?</a>'; } } if (empty($data['email2'])) { $errors['email2'] = get_string('missingemail'); } else { if ($data['email2'] != $data['email']) { $errors['email2'] = get_string('invalidemail'); } } if (!isset($errors['email'])) { if ($err = email_is_not_allowed($data['email'])) { $errors['email'] = $err; } } $errmsg = ''; if (!check_password_policy($data['password'], $errmsg)) { $errors['password'] = $errmsg; } // Added by SMS 8/7/2011: To make sure the password does not include special // characters that may result in issues when synching the password with vms // <= 14 char if (!isValidPassword($data['password'])) { $errors['password'] .= 'Your password cannot contain the following characters: " / \\ [ ] : ; | = , + * ? < > @ & !'; //$errors['password'] .= ' and it must be less than or equal to 10 characters.'; } if (strlen($data['password']) <= 0 || strlen($data['password']) > 10) { $errors['password'] .= ' Your password must be less than or equal to 10 characters.'; } if (signup_captcha_enabled()) { $recaptcha_element = $this->_form->getElement('recaptcha_element'); if (!empty($this->_form->_submitValues['recaptcha_challenge_field'])) { $challenge_field = $this->_form->_submitValues['recaptcha_challenge_field']; $response_field = $this->_form->_submitValues['recaptcha_response_field']; if (true !== ($result = $recaptcha_element->verify($challenge_field, $response_field))) { $errors['recaptcha'] = $result; } } else { $errors['recaptcha'] = get_string('missingrecaptchachallengefield'); } } return $errors; }
<?php $page = 'register'; if ($_POST["postback"] == "Save Changes") { $error = false; $company = 0; $errormessage = ""; if (isNotNull($_POST["txtLoginName"])) { $loginname = trim($_POST["txtLoginName"]); if (!isValidUsername($loginname)) { $error = true; $errormessage .= MESSAGE_INVALID_LOGIN_NAME . "<br>"; } else { if (userNameExists($loginname)) { $error = true; $errormessage .= MESSAGE_LOGIN_NAME_EXISTS . "<br>"; } } } else { //login name null $error = true; $errormessage .= MESSAGE_LOGIN_NAME_REQUIRED . "<br>"; } if (isNotNull($_POST["txtPassword"])) { $password = $_POST["txtPassword"]; if (strlen($password) < $passwordLength) { $error = true; $errormessage .= MESSAGE_NEW_PASSWORD_LENGTH . "<br>"; } } else { //user password null
function validation($usernew, $files) { global $CFG; $usernew = (object) $usernew; $usernew->username = trim($usernew->username); $user = get_record('user', 'id', $usernew->id); $err = array(); if (!empty($usernew->newpassword)) { $errmsg = ''; //prevent eclipse warning if (!check_password_policy($usernew->newpassword, $errmsg)) { $err['newpassword'] = $errmsg; } } // Added by SMS 8/7/2011: To make sure the password does not include special // characters that may result in issues when synching the password with vms if (!isValidPassword($usernew->newpassword)) { $err['newpassword'] .= 'Your password cannot contain the following characters: " / \\ [ ] : ; | = , + * ? < > @ & !'; } if (empty($usernew->username)) { //might be only whitespace $err['username'] = get_string('required'); } else { if (!$user or $user->username !== $usernew->username) { //check new username does not exist if (record_exists('user', 'username', $usernew->username, 'mnethostid', $CFG->mnet_localhost_id)) { $err['username'] = get_string('usernameexists'); } //check allowed characters if ($usernew->username !== moodle_strtolower($usernew->username)) { $err['username'] = get_string('usernamelowercase'); } else { if (empty($CFG->extendedusernamechars)) { $string = eregi_replace("[^(-\\.[:alnum:])]", '', $usernew->username); if ($usernew->username !== $string) { $err['username'] = get_string('alphanumerical'); } // Validates the username for Windows requirements - 22.05.2011 - jam $oldusername = stripslashes($usernew->username); if (!isValidUsername($usernew->username) || strcmp($usernew->username, $oldusername)) { $err['username'] = '******'; } } } } } if (!$user or $user->email !== stripslashes($usernew->email)) { if (!validate_email($usernew->email)) { $err['email'] = get_string('invalidemail'); } else { if (record_exists('user', 'email', $usernew->email, 'mnethostid', $CFG->mnet_localhost_id)) { $err['email'] = get_string('emailexists'); } } } /// Next the customisable profile fields $err += profile_validation($usernew, $files); if (count($err) == 0) { return true; } else { return $err; } }