Esempio n. 1
0
    /**
     * Processing registration
     *
     * This is a POST callback function
     *
     * Sets following errors in POST-vars:
     * username   - general username fault
     * uinuse     - username already in use
     * email      - general email fault, email format error
     * einuse     - email in use
     * pw         - general password fault
     * pwmismatch - password mismatch
     * inserror   - error performing db insertion
     *
     * @param void
     */
    public function registerProcess()
    {
        $c = PFunctions::hex2base64(sha1(__METHOD__));
        if (PPostHandler::isHandling()) {
            $vars =& PPostHandler::getVars();
            $errors = array();
            // check username
            if (!isset($vars['u']) || !preg_match(User::HANDLE_PREGEXP, $vars['u']) || strpos($vars['u'], 'xn--') !== false) {
                $errors[] = 'username';
            } elseif ($this->handleInUse($vars['u'])) {
                $errors[] = 'uinuse';
            }
            // email
            if (!isset($vars['e']) || !PFunctions::isEmailAddress($vars['e'])) {
                $errors[] = 'email';
            } elseif ($this->emailInUse($vars['e'])) {
                $errors[] = 'einuse';
            }
            // password
            if (!isset($vars['p']) || !isset($vars['pc']) || !$vars['p'] || !$vars['pc'] || strlen($vars['p']) < 8) {
                $errors[] = 'pw';
            } elseif ($vars['p'] != $vars['pc']) {
                $errors[] = 'pwmismatch';
            } else {
                if (substr_count($vars['p'], '*') != strlen($vars['p'])) {
                    // set encoded pw
                    $vars['pwenc'] = MOD_user::passwordEncrypt($vars['p']);
                    $shadow = str_repeat('*', strlen($vars['p']));
                    $vars['p'] = $shadow;
                    $vars['pc'] = $shadow;
                }
            }
            if (count($errors) > 0) {
                $vars['errors'] = $errors;
                return false;
            }
            $Auth = new MOD_user_Auth();
            $authId = $Auth->checkAuth('defaultUser');
            $query = '
INSERT INTO `user`
(`id`, `auth_id`, `handle`, `email`, `pw`, `active`)
VALUES
(
    ' . $this->dao->nextId('user') . ',
    ' . (int) $authId . ',
    \'' . $this->dao->escape($vars['u']) . '\',
    \'' . $this->dao->escape($vars['e']) . '\',
    \'' . $this->dao->escape($vars['pwenc']) . '\',
    0
)';
            $s = $this->dao->query($query);
            if (!$s->insertId()) {
                $vars['errors'] = array('inserror');
                return false;
            }
            $userId = $s->insertId();
            $key = PFunctions::randomString(16);
            // save register key
            if (!APP_User::addSetting($userId, 'regkey', $key)) {
                $vars['errors'] = array('inserror');
                return false;
            }
            // save lang
            if (!APP_User::addSetting($userId, 'lang', PVars::get()->lang)) {
                $vars['errors'] = array('inserror');
                return false;
            }
            $View = new UserView($this);
            $View->registerMail($userId);
            PPostHandler::clearVars();
            return PVars::getObj('env')->baseuri . 'user/register/finish';
        } else {
            PPostHandler::setCallback($c, __CLASS__, __FUNCTION__);
            return $c;
        }
    }
Esempio n. 2
0
 function logout()
 {
     if (isset($_SESSION['IdMember'])) {
         MOD_log::get()->write("Logout in bwauth.lib.php", "Login");
         // todo optimize periodically online table because it will be a gruyere
         // remove from online list
         $query = "delete from online where IdMember=" . $_SESSION['IdMember'];
         $this->dao->query($query);
     }
     unset($_SESSION['IdMember']);
     unset($_SESSION['IsVol']);
     unset($_SESSION['Username']);
     unset($_SESSION['MemberStatus']);
     unset($_SESSION['Status']);
     unset($_SESSION["stylesheet"]);
     if (isset($_SESSION['Param'])) {
         unset($_SESSION["Param"]);
     }
     if (isset($_SESSION['TimeOffset'])) {
         unset($_SESSION["TimeOffset"]);
     }
     if (isset($_SESSION['PreferenceDayLight'])) {
         unset($_SESSION["PreferenceDayLight"]);
     }
     if (isset($_SESSION['MemberCryptKey'])) {
         unset($_SESSION['MemberCryptKey']);
     }
     if (isset($_SESSION['LogCheck'])) {
         unset($_SESSION['LogCheck']);
     }
     foreach ($_SESSION as $key => $name) {
         if (strpos($key, "RightLevel") !== false) {
             unset($_SESSION[$key]);
         }
         if (strpos($key, "RightScope") !== false) {
             unset($_SESSION[$key]);
         }
         if (strpos($key, "FlagLevel") !== false) {
             unset($_SESSION[$key]);
         }
         //			if (isset($_SESSION[$key])) print_r( $key ); echo " "; print_r( $name ); echo "<br />\n" ;
     }
     //		die(0) ;
     //$_SESSION = array() ; // Raz the session properly , beware not compatible with signup
     parent::logout();
 }