$nickname = isset($_POST['name']) ? addslashes(trim($_POST['name'])) : '';
$email = isset($_POST['email']) ? addslashes(trim($_POST['email'])) : '';
$description = isset($_POST['description']) ? addslashes(trim($_POST['description'])) : '';
$login = isset($_POST['username']) ? addslashes(trim($_POST['username'])) : '';
$newpass = isset($_POST['newpass']) ? addslashes(trim($_POST['newpass'])) : '';
$repeatpass = isset($_POST['repeatpass']) ? addslashes(trim($_POST['repeatpass'])) : '';
if (strlen($nickname) > 20) {
emDirect("./blogger.php?error_a=1");
} else {
if ($email != '' && !checkMail($email)) {
emDirect("./blogger.php?error_b=1");
} elseif (strlen($newpass) > 0 && strlen($newpass) < 6) {
emDirect("./blogger.php?error_c=1");
} elseif (!empty($newpass) && $newpass != $repeatpass) {
emDirect("./blogger.php?error_d=1");
} elseif ($User_Model->isUserExist($login, UID)) {
emDirect("./blogger.php?error_e=1");
} elseif ($User_Model->isNicknameExist($nickname, UID)) {
emDirect("./blogger.php?error_f=1");
}
}
if (!empty($newpass)) {
$PHPASS = new PasswordHash(8, true);
$newpass = $PHPASS->HashPassword($newpass);
$User_Model->updateUser(array('password' => $newpass), UID);
}
if (!empty($login)) {
$User_Model->updateUser(array('username' => $login), UID);
}
$photo_type = array('gif', 'jpg', 'jpeg', 'png');
$usericon = $photo;
View::output();
}
if ($action == 'new') {
$login = isset($_POST['login']) ? addslashes(trim($_POST['login'])) : '';
$password = isset($_POST['password']) ? addslashes(trim($_POST['password'])) : '';
$password2 = isset($_POST['password2']) ? addslashes(trim($_POST['password2'])) : '';
$role = isset($_POST['role']) ? addslashes(trim($_POST['role'])) : ROLE_WRITER;
$ischeck = isset($_POST['ischeck']) ? addslashes(trim($_POST['ischeck'])) : 'n';
LoginAuth::checkToken();
if ($role == ROLE_ADMIN) {
$ischeck = 'n';
}
if ($login == '') {
emDirect('./user.php?error_login=1');
}
if ($User_Model->isUserExist($login)) {
emDirect('./user.php?error_exist=1');
}
if (strlen($password) < 6) {
emDirect('./user.php?error_pwd_len=1');
}
if ($password != $password2) {
emDirect('./user.php?error_pwd2=1');
}
$PHPASS = new PasswordHash(8, true);
$password = $PHPASS->HashPassword($password);
$User_Model->addUser($login, $password, $role, $ischeck);
$CACHE->updateCache(array('sta', 'user'));
emDirect('./user.php?active_add=1');
}
if ($action == 'edit') {
if ($action == '') {
require_once View::getView('reg');
View::output();
}
if ($action == 'reg') {
$user = isset($_POST['user']) ? addslashes(trim($_POST['user'])) : '';
$email = isset($_POST['email']) ? addslashes(trim($_POST['email'])) : '';
$pw = isset($_POST['pw']) ? addslashes(trim($_POST['pw'])) : '';
$repw = isset($_POST['repw']) ? addslashes(trim($_POST['repw'])) : '';
$chcode = isset($_POST['chcode']) ? addslashes(trim(strtoupper($_POST['chcode']))) : '';
$User_Model = new User_Model();
$error_msg = '';
if ($user == '') {
emDirect('./reg.php?error_login=1');
}
if ($User_Model->isUserExist($user)) {
emDirect('./reg.php?error_exist=1');
}
if (strlen($pw) < 6) {
emDirect('./reg.php?error_pwd_len=1');
}
if ($pw != $repw) {
emDirect('./reg.php?error_pwd2=1');
}
session_start();
$sessionCode = isset($_SESSION['code']) ? $_SESSION['code'] : '';
if (empty($chcode) || $chcode != $sessionCode) {
emDirect('./reg.php?error_chcode=1');
}
$PHPASS = new PasswordHash(8, true);
$pw = $PHPASS->HashPassword($pw);
