Esempio n. 1
0
	function handleAccountRequest() {
		
		global $username, $password, $referralcode, $accountCreated;
		
		$message = null;
		
		$emailValidation = isValidEmail( $_REQUEST['email'] );
		
		if( ! $emailValidation->status ) {
			return $emailValidation;
		}
		
		if( isValidUsername( $username )
				&& isValidPassword( $password )
				&& $username != $password )
		{
			
			$result = createAccount( $username, $password, $referralcode );
			if( $result == "OK" ) {
				$message = new statusMessage( true, "Account created." );
				$accountCreated = true;
			} else {
				$message = new statusMessage( false, $result );
			}
			
		}
		else {
			$message = new statusMessage( false, "Invalid username or password. Passwords must be at least 5 characters long and may consist of letters, numbers, underscores, periods, and dashes. Passwords must not be the same as your username." );
		}
		
		return $message;
	
	}
Esempio n. 2
0
function execSignup($username, $password, $confirmpw, $firstname, $lastname, $gender)
{
    if ($username == "" || !isValidUsername($username)) {
        return "Username is empty or invalid!";
    }
    if ($password == "" || !isValidPassword($password)) {
        return "Password is empty or invalid!";
    }
    if ($confirmpw == "" || !isValidPassword($confirmpw)) {
        return "Confirm Password is empty or invalid!";
    }
    if ($firstname == "" || !isValidName($firstname)) {
        return "First Name is empty or invalid!";
    }
    if ($lastname == "" || !isValidName($lastname)) {
        return "Last Name is empty or invalid!";
    }
    if ($gender == "" || !isValidGender($gender)) {
        return "Gender is empty or invalid!";
    }
    $userDAO = new UserDAO();
    //verify username exist
    $result = $userDAO->getUserByUsername($username);
    if ($result !== null) {
        return "Username exists, please change to another one!";
    }
    //verify $password == $confirmpw
    if ($password != $confirmpw) {
        return "Password and Confirm Password must be same!";
    }
    $roleDAO = new RoleDAO();
    $role = $roleDAO->getRoleByID(3);
    //normal user
    $departmentDAO = new DepartmentDAO();
    $depart = $departmentDAO->getDepartmentByID(1);
    //root department
    $encryptPW = encryptPassword($password);
    $photoURL = "photo/default.png";
    $user = new User($role, $depart, $username, $encryptPW, $firstname, $lastname, $gender, $photoURL);
    if ($userDAO->insertUser($user) === true) {
        return true;
    } else {
        return "Insert user into table error, please contact administrator!";
    }
}
Esempio n. 3
0
function validateUpdation()
{
    global $conn, $var_id;
    //implement logic here
    if (trim($_POST["txtUserName"]) == "" || trim($_POST["txtUserLogin"]) == "" || trim($_POST["txtEmail"]) == "") {
        return false;
    } elseif (!isValidUsername(trim($_POST["txtUserLogin"])) || !isValidEmail(trim($_POST["txtEmail"]))) {
        return false;
    } else {
        $sql = "Select nCompId from sptbl_companies where vDelStatus='0' AND nCompId='" . mysql_real_escape_string($_POST["cmbCompanyId"]) . "' ";
        if (mysql_num_rows(executeSelect($sql, $conn)) <= 0) {
            return false;
        } else {
            $sql = "Select nUserId from sptbl_users where vLogin='******' AND nUserId != '" . mysql_real_escape_string($var_id) . "'";
            if (mysql_num_rows(executeSelect($sql, $conn)) > 0) {
                return false;
            }
        }
    }
    return true;
}
Esempio n. 4
0
function execLogin($username, $password)
{
    $username = (string) $username;
    $password = (string) $password;
    if ($username == "" || $password == "") {
        return "Username or password can not be empty!";
    }
    if (!isValidUsername($username) || !isValidPassword($password)) {
        return "Username or password is invalid!";
    }
    $userDAO = new UserDAO();
    $user = $userDAO->getUserByUsername($username);
    if ($user === null || !verifyPassword($password, $user->getPassword())) {
        return "There is no user account matching the Username and Password provided.";
    }
    if ($user->getRole()->getRoleID() == "4") {
        return "This user was forbidden to login!";
    }
    login($user->getUserID());
    return true;
}
Esempio n. 5
0
 if (isset($_POST['account_active'])) {
     if (!$_POST['account_active'] != 0) {
         //0 = Demo account
         $newuser = array();
         $newuser['id'] = NULL;
         $newuser['username'] = cleanPost($_POST['username']);
         $newuser['fullnames'] = cleanPost($_POST['fullnames']);
         $newuser['group'] = cleanPost($_POST['group']);
         $newuser['phone'] = cleanPost($_POST['phone']);
         $newuser['user_website'] = cleanPost($_POST['user_website']);
         $newuser['email'] = cleanPost($_POST['email']);
         $newuser['referred_by'] = cleanPost($_POST['referred_by']);
         $regmsg = '';
         if (strlen($_POST['username']) < 3) {
             $regmsg = translate('The username that you have entered is too short.', sz_config('language'));
         } elseif (isValidUsername($_POST['username']) == false) {
             $regmsg = translate('The username that you have entered is invalid or already exists.', sz_config('language'));
         } elseif (isValid($_POST['fullnames'], 'names') == false) {
             $regmsg = translate('Your full names should only contain alphabetic characters.', sz_config('language'));
         } elseif ($_POST['account_active'] != 0) {
             $regmsg = translate('Hack attempt detected. Data logged and submitted to administrators.', sz_config('language'));
         } elseif (isValid($_POST['group'], 'number') == false) {
             $regmsg = translate('Hack attempt detected. Data logged and submitted to administrators.', sz_config('language'));
         } elseif (isValid($_POST['phone'], 'phone') == false) {
             $regmsg = translate('The phone number that you\'ve entered is invalid.', sz_config('translate'));
         } elseif (strlen($_POST['user_website']) > 0 && isValid($_POST['user_website'], 'website') == false) {
             $regmsg = translate('The website that you\'ve entered is invalid. Please do not add http:// to the address.', sz_config('language'));
         } elseif (isValid($_POST['email'], 'email') == false) {
             $regmsg = translate('The email address that you\'ve entered is invalid.', sz_config('language'));
         } elseif (!isset($_POST['terms']) or $_POST['terms'] != 1) {
             $regmsg = translate('You have to read and accept the Terms &amp; Conditions.', sz_config('language'));
Esempio n. 6
0
 $check_news = $_POST["check_news"];
 if ($check_news == 1) {
     $check_news = "Y";
 } else {
     $check_news = "N";
 }
 $message = "";
 if (!isNotNull($txtUserName)) {
     $message .= "* User Name cannot be empty! <br>";
 } else {
     $qry = "SELECT  LOWER(user_name) FROM  " . $tableprefix . "users WHERE user_name='" . strtolower(addslashes($txtUserName)) . "' ";
     if (mysql_num_rows(mysql_query($qry)) > 0) {
         $message .= "* User Name already exists!<br>";
     }
 }
 $valid_username = isValidUsername($txtUserName);
 if ($valid_username == '2') {
     $message .= "* Username cannot be numbers! <br>";
 }
 if ($valid_username == '3') {
     $message .= "* Username should not contain whitespace!! <br>";
 }
 if ($valid_username == '0') {
     $message .= "* Username cannot be empty! <br>";
 }
 if (!isNotNull($txtPassword)) {
     $message .= "* Password cannot be empty! <br>";
 }
 if (isNotNull($txtFirstName)) {
     if (!preg_match("/^[a-zA-Z ]+\$/", $txtFirstName)) {
         $message .= "* First name accepts alphabets only !! <br>";
Esempio n. 7
0
							<?php 
if (isset($_POST['do_register'])) {
    $usern = protect($_POST['usern']);
    $passwd = protect($_POST['passwd']);
    $cpasswd = protect($_POST['cpasswd']);
    $email = protect($_POST['email']);
    $user_ip = $_SERVER['REMOTE_ADDR'];
    $check_usern = mysql_query("SELECT * FROM users WHERE usern='{$usern}'");
    $check_email = mysql_query("SELECT * FROM users WHERE email='{$email}'");
    if (empty($usern) or empty($passwd) or empty($cpasswd) or empty($email)) {
        echo error($lang['reg_error_1']);
    } elseif (mysql_num_rows($check_usern) > 0) {
        echo error($lang['reg_error_2']);
    } elseif (mysql_num_rows($check_email) > 0) {
        echo error($lang['reg_error_3']);
    } elseif (!isValidUsername($usern)) {
        echo error($lang['reg_error_4']);
    } elseif (!isValidEmail($email)) {
        echo error($lang['reg_error_5']);
    } elseif ($passwd !== $cpasswd) {
        echo error($lang['reg_error_6']);
    } else {
        $total_stats = $web['player_max_force'] + $web['player_max_agility'] + $web['player_max_endurance'] + $web['player_max_fastness'];
        $passwd = md5($passwd);
        $insert = mysql_query("INSERT users (usern,passwd,email,status,user_ip,power,agility,endurance,fastness,total_stats,energy,money) VALUES ('{$usern}','{$passwd}','{$email}','1','{$user_ip}','{$web['start_points']}','{$web['start_points']}','{$web['start_points']}','{$web['start_points']}','{$total_stats}','100','1000')") or die(mysql_error());
        echo success($lang['reg_success']);
    }
}
?>
		
                            <form action=""	method="POST" id="signupform">
Esempio n. 8
0
function registerUser($userName, $userPass, $userEmail)
{
    global $con;
    $randomSalt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
    $password = passHash($randomSalt, $userPass);
    if (isValidEmailAddress($userEmail) && isValidUsername($userName)) {
        if ($stmt = $con->prepare("SELECT userName FROM users WHERE userName = ? or userEmail = ? LIMIT 1")) {
            $stmt->bind_param('ss', $userName, $userEmail);
            $stmt->execute();
            $stmt->store_result();
            $stmt->bind_result($user_name);
            $stmt->fetch();
            if ($stmt->num_rows == 0) {
                if ($insert_stmt = $con->prepare("INSERT INTO users (userName, userEmail, userPass, userSalt) VALUES (?, ?, ?, ?)")) {
                    $insert_stmt->bind_param('ssss', $userName, $userEmail, $password, $randomSalt);
                    $insert_stmt->execute();
                    return true;
                } else {
                    return -3;
                    //problem with db
                }
            } else {
                return -4;
                //username or email exists
            }
        } else {
            return -3;
            //problem with db
        }
    } else {
        return -5;
        //invalid email or username
    }
}
Esempio n. 9
0
 public function handleSignup()
 {
     global $sRequest, $sDB, $sQuery, $sTemplate, $sUser, $sSession;
     $username = $sRequest->getString("signup_username");
     $password = $sRequest->getString("signup_password");
     $password2 = $sRequest->getString("signup_password_2");
     $email = $sRequest->getString("signup_email");
     if ($sUser->isLoggedIn()) {
         $this->setError($sTemplate->getString("SIGNUP_ERROR_ALREADY_LOGGED_IN"));
     } else {
         if (!isValidUsername($username)) {
             $this->setError($sTemplate->getString("SIGNUP_ERROR_INVALID_USERNAME"));
             return false;
         }
         $user = $sQuery->getUser("userName="******"SIGNUP_ERROR_USERNAME_EXISTS"));
             return false;
         }
         $user = $sQuery->getUser("userEmail=" . $email);
         if ($user || !$email) {
             $this->setError($sTemplate->getString("SIGNUP_ERROR_EMAIL_IN_USE"));
             return false;
         }
         if ($password != $password2 || $password == "") {
             $this->setError($sTemplate->getString("SIGNUP_ERROR_PASSWORD_MISMATCH"));
             return false;
         }
         // check for valid token if required
         $token = $sSession->getVal("signupToken");
         if (SIGNUP_REQUIRE_TOKEN) {
             $res = $sDB->exec("SELECT * FROM `signup_tokens` WHERE `token` = '" . mysql_real_escape_string($token) . "' LIMIT 1;");
             if (mysql_num_rows($res) == 0) {
                 $this->setError($sTemplate->getString("SIGNUP_REQUIRE_TOKEN"));
                 return false;
             }
         }
         $user = new User();
         if ($user->create($username, $email, $password)) {
             $this->setNotice($sTemplate->getString("SIGNUP_SUCCESS"));
             if (SIGNUP_REQUIRE_TOKEN) {
                 $res = $sDB->exec("DELETE FROM `signup_tokens` WHERE `token` = '" . mysql_real_escape_string($token) . "' LIMIT 1;");
                 $sSession->setVal("signupToken", "");
             }
             return true;
         } else {
             $this->setError($sTemplate->getString("SIGNUP_ERROR_GENERAL"));
             return false;
         }
         return false;
     }
 }
Esempio n. 10
0
function validateUpdation()
{
    global $conn, $var_id;
    global $passwordLength;
    //implement logic here
    $sql = "Select vLogin from sptbl_staffs where vLogin='******' AND nStaffId != '" . mysql_real_escape_string($var_id) . "'";
    if (trim($_POST["txtStaffName"]) == "" || trim($_POST["txtStaffLogin"]) == "" || trim($_POST["txtEmail"]) == "") {
        return MESSAGE_MANDATORY_FIELDS;
    } elseif (!isValidUsername(trim($_POST["txtStaffLogin"]))) {
        return MESSAGE_INVALID_LOGINNAME;
    } elseif (!isValidEmail(trim($_POST["txtEmail"]))) {
        return MESSAGE_INVALID_EMAIL;
    } elseif (trim($_POST["txtPassword"]) != '' && strlen($_POST["txtPassword"]) < $passwordLength) {
        return MESSAGE_NEW_PASSWORD_LENGTH;
    } else {
        $sql = "Select nStaffId from sptbl_staffs where vLogin='******' AND nStaffId != '" . mysql_real_escape_string($var_id) . "'";
        if (mysql_num_rows(executeSelect($sql, $conn)) > 0) {
            return MESSAGE_LOGINNAME_EXIST;
        }
    }
    return true;
}
Esempio n. 11
0
function validateUpdation()
{
    global $conn, $var_id;
    global $passwordLength;
    //implement logic here
    if (trim($_POST["txtUserName"]) == "" || trim($_POST["txtUserLogin"]) == "" || trim($_POST["txtEmail"]) == "") {
        return MESSAGE_MANDATORY_FIELDS;
    } elseif (!isValidUsername(trim($_POST["txtUserLogin"]))) {
        return MESSAGE_INVALID_LOGINNAME;
    } elseif (!isValidEmail(trim($_POST["txtEmail"]))) {
        return MESSAGE_INVALID_EMAIL;
    } elseif (trim($_POST["txtPassword"]) != '' && strlen($_POST["txtPassword"]) < $passwordLength) {
        return MESSAGE_NEW_PASSWORD_LENGTH;
    } else {
        $sql = "Select nCompId from sptbl_companies where vDelStatus='0' AND nCompId='" . mysql_real_escape_string($_POST["cmbCompanyId"]) . "' ";
        if (mysql_num_rows(executeSelect($sql, $conn)) <= 0) {
            return MESSAGE_INVALID_COMAPANY;
        } else {
            $sql = "Select nUserId from sptbl_users where vLogin='******' AND nUserId != '" . mysql_real_escape_string($var_id) . "'";
            if (mysql_num_rows(executeSelect($sql, $conn)) > 0) {
                return MESSAGE_LOGINNAME_EXIST;
            }
        }
    }
    return true;
}
Esempio n. 12
0
$warnings = array();
if (isset($_POST['submit'])) {
    if (!verifyReCaptcha(CAPTCHA_SECRET_KEY, @$_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR'])) {
        $warnings[] = "Failed CAPTCHA";
    } elseif (isset($_POST['passwd']) && isset($_POST['passwd2']) && isset($_POST['username'])) {
        $passwd = $_POST['passwd'];
        $passwd2 = $_POST['passwd2'];
        $username = $_POST['username'];
        // validate password and username
        if ($passwd != $passwd2) {
            $warnings[] = "Passwords don't match";
        }
        if (!isValidPassword($passwd)) {
            $warnings[] = "Not a valid password (longer than " . MIN_PASSWORD_LENGTH . " characters required)";
        }
        if (!isValidUsername($username)) {
            $warnings[] = "Not a valid username (longer than " . MIN_USERNAME_LENGTH . " characters required)";
        }
        // No warnings means everything is in order, and we can create the user
        if (count($warnings) == 0) {
            $dao = new UserDAO();
            if ($dao->userExists($username)) {
                $warnings[] = "Username already taken";
            } else {
                $passwd = pw_encode($passwd);
                if (!$dao->createUser($username, $passwd)) {
                    $warnings[] = "Failed to insert to database";
                } else {
                    // Registration was successful, redirect the user to
                    // the login screen
                    $session->set('register_flag', true);
Esempio n. 13
0
 public function handleSignup()
 {
     global $sRequest, $sDB, $sQuery, $sTemplate, $sUser;
     $username = $sRequest->getString("signup_username");
     $password = $sRequest->getString("signup_password");
     $password2 = $sRequest->getString("signup_password_2");
     $email = $sRequest->getString("signup_email");
     if ($sUser->isLoggedIn()) {
         $this->setError($sTemplate->getString("SIGNUP_ERROR_ALREADY_LOGGED_IN"));
     } else {
         if (!isValidUsername($username)) {
             $this->setError($sTemplate->getString("SIGNUP_ERROR_INVALID_USERNAME"));
             return false;
         }
         $user = $sQuery->getUser("userName="******"SIGNUP_ERROR_USERNAME_EXISTS"));
             return false;
         }
         $user = $sQuery->getUser("userEmail=" . $email);
         if ($user || !$email) {
             $this->setError($sTemplate->getString("SIGNUP_ERROR_EMAIL_IN_USE"));
             return false;
         }
         if ($password != $password2 || $password == "") {
             $this->setError($sTemplate->getString("SIGNUP_ERROR_PASSWORD_MISMATCH"));
             return false;
         }
         $user = new User();
         if ($user->create($username, $email, $password)) {
             $this->setNotice($sTemplate->getString("SIGNUP_SUCCESS"));
             return true;
         } else {
             $this->setError($sTemplate->getString("SIGNUP_ERROR_GENERAL"));
             return false;
         }
         return false;
     }
 }
Esempio n. 14
0
<?php 
function isValidUsername($username)
{
    return strlen($username) >= 7;
}
$u = " ";
if (isValidUsername($u)) {
    echo "ya, this is valid. WHOOOOOOOOO!!!!";
} else {
    echo "no, this is not valid. DAMN IT!!!";
}
// getNthchar ('don', 1) wil return 'd'
function getNthchar($string, $n)
{
    return substr($string, $n - 1, 1);
}
if (getNthchar('don', 2) == "o") {
    echo 'this is correct';
} else {
    echo 'FAIL';
}
?>
motorcycle
<?php 
//my_strrev('cat')
function my_strrev($input)
{
    $char = str_split($input);
}
for ($i = count($char) - 1; $i >= 0; $i--) {
Esempio n. 15
0
 function validation($data, $files)
 {
     global $CFG;
     $errors = parent::validation($data, $files);
     $authplugin = get_auth_plugin($CFG->registerauth);
     if (record_exists('user', 'username', $data['username'], 'mnethostid', $CFG->mnet_localhost_id)) {
         $errors['username'] = get_string('usernameexists');
     } else {
         if (empty($CFG->extendedusernamechars)) {
             $string = eregi_replace("[^(-\\.[:alnum:])]", '', $data['username']);
             if (strcmp($data['username'], $string)) {
                 $errors['username'] = get_string('alphanumerical');
             }
             // Validates the username for Windows requirements - 22.05.2011 - jam
             $oldusername = stripslashes($data['username']);
             if (!isValidUsername($data['username']) || strcmp($data['username'], $oldusername)) {
                 $errors['username'] = '******';
             }
         }
     }
     //check if user exists in external db
     //TODO: maybe we should check all enabled plugins instead
     if ($authplugin->user_exists($data['username'])) {
         $errors['username'] = get_string('usernameexists');
     }
     if (!validate_email($data['email'])) {
         $errors['email'] = get_string('invalidemail');
     } else {
         if (record_exists('user', 'email', $data['email'])) {
             $errors['email'] = get_string('emailexists') . ' <a href="forgot_password.php">' . get_string('newpassword') . '?</a>';
         }
     }
     if (empty($data['email2'])) {
         $errors['email2'] = get_string('missingemail');
     } else {
         if ($data['email2'] != $data['email']) {
             $errors['email2'] = get_string('invalidemail');
         }
     }
     if (!isset($errors['email'])) {
         if ($err = email_is_not_allowed($data['email'])) {
             $errors['email'] = $err;
         }
     }
     $errmsg = '';
     if (!check_password_policy($data['password'], $errmsg)) {
         $errors['password'] = $errmsg;
     }
     // Added by SMS 8/7/2011: To make sure the password does not include special
     // characters that may result in issues when synching the password with vms // <= 14 char
     if (!isValidPassword($data['password'])) {
         $errors['password'] .= 'Your password cannot contain the following characters: " / \\ [ ] : ; | = , + * ? < > @ & !';
         //$errors['password'] .= ' and it must be less than or equal to 10 characters.';
     }
     if (strlen($data['password']) <= 0 || strlen($data['password']) > 10) {
         $errors['password'] .= ' Your password must be less than or equal to 10 characters.';
     }
     if (signup_captcha_enabled()) {
         $recaptcha_element = $this->_form->getElement('recaptcha_element');
         if (!empty($this->_form->_submitValues['recaptcha_challenge_field'])) {
             $challenge_field = $this->_form->_submitValues['recaptcha_challenge_field'];
             $response_field = $this->_form->_submitValues['recaptcha_response_field'];
             if (true !== ($result = $recaptcha_element->verify($challenge_field, $response_field))) {
                 $errors['recaptcha'] = $result;
             }
         } else {
             $errors['recaptcha'] = get_string('missingrecaptchachallengefield');
         }
     }
     return $errors;
 }
Esempio n. 16
0
<?php

$page = 'register';
if ($_POST["postback"] == "Save Changes") {
    $error = false;
    $company = 0;
    $errormessage = "";
    if (isNotNull($_POST["txtLoginName"])) {
        $loginname = trim($_POST["txtLoginName"]);
        if (!isValidUsername($loginname)) {
            $error = true;
            $errormessage .= MESSAGE_INVALID_LOGIN_NAME . "<br>";
        } else {
            if (userNameExists($loginname)) {
                $error = true;
                $errormessage .= MESSAGE_LOGIN_NAME_EXISTS . "<br>";
            }
        }
    } else {
        //login name null
        $error = true;
        $errormessage .= MESSAGE_LOGIN_NAME_REQUIRED . "<br>";
    }
    if (isNotNull($_POST["txtPassword"])) {
        $password = $_POST["txtPassword"];
        if (strlen($password) < $passwordLength) {
            $error = true;
            $errormessage .= MESSAGE_NEW_PASSWORD_LENGTH . "<br>";
        }
    } else {
        //user password null
Esempio n. 17
0
 function validation($usernew, $files)
 {
     global $CFG;
     $usernew = (object) $usernew;
     $usernew->username = trim($usernew->username);
     $user = get_record('user', 'id', $usernew->id);
     $err = array();
     if (!empty($usernew->newpassword)) {
         $errmsg = '';
         //prevent eclipse warning
         if (!check_password_policy($usernew->newpassword, $errmsg)) {
             $err['newpassword'] = $errmsg;
         }
     }
     // Added by SMS 8/7/2011: To make sure the password does not include special
     // characters that may result in issues when synching the password with vms
     if (!isValidPassword($usernew->newpassword)) {
         $err['newpassword'] .= 'Your password cannot contain the following characters: " / \\ [ ] : ; | = , + * ? < > @ & !';
     }
     if (empty($usernew->username)) {
         //might be only whitespace
         $err['username'] = get_string('required');
     } else {
         if (!$user or $user->username !== $usernew->username) {
             //check new username does not exist
             if (record_exists('user', 'username', $usernew->username, 'mnethostid', $CFG->mnet_localhost_id)) {
                 $err['username'] = get_string('usernameexists');
             }
             //check allowed characters
             if ($usernew->username !== moodle_strtolower($usernew->username)) {
                 $err['username'] = get_string('usernamelowercase');
             } else {
                 if (empty($CFG->extendedusernamechars)) {
                     $string = eregi_replace("[^(-\\.[:alnum:])]", '', $usernew->username);
                     if ($usernew->username !== $string) {
                         $err['username'] = get_string('alphanumerical');
                     }
                     // Validates the username for Windows requirements - 22.05.2011 - jam
                     $oldusername = stripslashes($usernew->username);
                     if (!isValidUsername($usernew->username) || strcmp($usernew->username, $oldusername)) {
                         $err['username'] = '******';
                     }
                 }
             }
         }
     }
     if (!$user or $user->email !== stripslashes($usernew->email)) {
         if (!validate_email($usernew->email)) {
             $err['email'] = get_string('invalidemail');
         } else {
             if (record_exists('user', 'email', $usernew->email, 'mnethostid', $CFG->mnet_localhost_id)) {
                 $err['email'] = get_string('emailexists');
             }
         }
     }
     /// Next the customisable profile fields
     $err += profile_validation($usernew, $files);
     if (count($err) == 0) {
         return true;
     } else {
         return $err;
     }
 }