$nickname = isset($_POST['name']) ? addslashes(trim($_POST['name'])) : ''; $email = isset($_POST['email']) ? addslashes(trim($_POST['email'])) : ''; $description = isset($_POST['description']) ? addslashes(trim($_POST['description'])) : ''; $login = isset($_POST['username']) ? addslashes(trim($_POST['username'])) : ''; $newpass = isset($_POST['newpass']) ? addslashes(trim($_POST['newpass'])) : ''; $repeatpass = isset($_POST['repeatpass']) ? addslashes(trim($_POST['repeatpass'])) : ''; if (strlen($nickname) > 20) { emDirect("./blogger.php?error_a=1"); } else { if ($email != '' && !checkMail($email)) { emDirect("./blogger.php?error_b=1"); } elseif (strlen($newpass) > 0 && strlen($newpass) < 6) { emDirect("./blogger.php?error_c=1"); } elseif (!empty($newpass) && $newpass != $repeatpass) { emDirect("./blogger.php?error_d=1"); } elseif ($User_Model->isUserExist($login, UID)) { emDirect("./blogger.php?error_e=1"); } elseif ($User_Model->isNicknameExist($nickname, UID)) { emDirect("./blogger.php?error_f=1"); } } if (!empty($newpass)) { $PHPASS = new PasswordHash(8, true); $newpass = $PHPASS->HashPassword($newpass); $User_Model->updateUser(array('password' => $newpass), UID); } if (!empty($login)) { $User_Model->updateUser(array('username' => $login), UID); } $photo_type = array('gif', 'jpg', 'jpeg', 'png'); $usericon = $photo;
View::output(); } if ($action == 'new') { $login = isset($_POST['login']) ? addslashes(trim($_POST['login'])) : ''; $password = isset($_POST['password']) ? addslashes(trim($_POST['password'])) : ''; $password2 = isset($_POST['password2']) ? addslashes(trim($_POST['password2'])) : ''; $role = isset($_POST['role']) ? addslashes(trim($_POST['role'])) : ROLE_WRITER; $ischeck = isset($_POST['ischeck']) ? addslashes(trim($_POST['ischeck'])) : 'n'; LoginAuth::checkToken(); if ($role == ROLE_ADMIN) { $ischeck = 'n'; } if ($login == '') { emDirect('./user.php?error_login=1'); } if ($User_Model->isUserExist($login)) { emDirect('./user.php?error_exist=1'); } if (strlen($password) < 6) { emDirect('./user.php?error_pwd_len=1'); } if ($password != $password2) { emDirect('./user.php?error_pwd2=1'); } $PHPASS = new PasswordHash(8, true); $password = $PHPASS->HashPassword($password); $User_Model->addUser($login, $password, $role, $ischeck); $CACHE->updateCache(array('sta', 'user')); emDirect('./user.php?active_add=1'); } if ($action == 'edit') {
if ($action == '') { require_once View::getView('reg'); View::output(); } if ($action == 'reg') { $user = isset($_POST['user']) ? addslashes(trim($_POST['user'])) : ''; $email = isset($_POST['email']) ? addslashes(trim($_POST['email'])) : ''; $pw = isset($_POST['pw']) ? addslashes(trim($_POST['pw'])) : ''; $repw = isset($_POST['repw']) ? addslashes(trim($_POST['repw'])) : ''; $chcode = isset($_POST['chcode']) ? addslashes(trim(strtoupper($_POST['chcode']))) : ''; $User_Model = new User_Model(); $error_msg = ''; if ($user == '') { emDirect('./reg.php?error_login=1'); } if ($User_Model->isUserExist($user)) { emDirect('./reg.php?error_exist=1'); } if (strlen($pw) < 6) { emDirect('./reg.php?error_pwd_len=1'); } if ($pw != $repw) { emDirect('./reg.php?error_pwd2=1'); } session_start(); $sessionCode = isset($_SESSION['code']) ? $_SESSION['code'] : ''; if (empty($chcode) || $chcode != $sessionCode) { emDirect('./reg.php?error_chcode=1'); } $PHPASS = new PasswordHash(8, true); $pw = $PHPASS->HashPassword($pw);