public function testValidateEmail() { $this->assertFalse(Utils::validateEmail('yaya')); $this->assertFalse(Utils::validateEmail('yaya@yaya')); $this->assertTrue(Utils::validateEmail('*****@*****.**')); $this->assertTrue(Utils::validateEmail('*****@*****.**')); }
public function testValidateEmail(){ $this->assertFalse(Utils::validateEmail('yaya')); //don't validate local addresses $this->assertFalse(Utils::validateEmail('yaya@yaya')); $this->assertTrue(Utils::validateEmail('*****@*****.**')); $this->assertTrue(Utils::validateEmail('*****@*****.**')); $this->assertTrue(Utils::validateEmail('*****@*****.**')); }
public function testValidateEmail() { //do validate valid public internet addresses $this->assertTrue(Utils::validateEmail('*****@*****.**')); $this->assertTrue(Utils::validateEmail('*****@*****.**')); $this->assertTrue(Utils::validateEmail('*****@*****.**')); //do validate local addresses $this->assertTrue(Utils::validateEmail('yaya@yaya')); $this->assertTrue(Utils::validateEmail('me@localhost')); //don't validate addresses with invalid chars $this->assertFalse(Utils::validateEmail('yaya')); $this->assertFalse(Utils::validateEmail('me@localhost@notavalidaddress')); $this->assertFalse(Utils::validateEmail('me@local host')); $this->assertFalse(Utils::validateEmail('me@local#host')); }
public function go() { $this->setViewTemplate('adduser.tpl'); if (isset($_POST['submit'])) { if ($_POST['username'] == '') { $this->addErrorMessage("Username should not be empty"); } elseif ($_POST['full_name'] == '') { $this->addErrorMessage("Full name should not be empty"); } elseif ($_POST['password'] == '') { $this->addErrorMessage("Password should not be empty"); } elseif ($_POST['confirmpassword'] == '') { $this->addErrorMessage("Please confirm password"); } elseif (!isset($_POST['is_activated'])) { $this->addErrorMessage("Is the user activated?"); } elseif (!isset($_POST['type'])) { $this->addErrorMessage("Select the type of user"); } elseif ($_POST['email'] == '') { $this->addErrorMessage("please enter ur email id"); } else { $username = $_POST['username']; $password = $_POST['password']; $confirmpassword = $_POST['confirmpassword']; $full_name = $_POST['full_name']; $email = $_POST['email']; $is_activated = $_POST['is_activated']; $type = $_POST['type']; if (User::doesUserExist($username)) { $this->addErrorMessage("Username already exists"); } elseif (!($password == $confirmpassword)) { $this->addErrorMessage("The two passwords dont match!"); } elseif (!Utils::validateEmail($email)) { $this->addErrorMessage("Please enter a valid email id"); } else { $subject = "Hackademic new account"; $message = "Hackademic account created succesfully"; //Mailer::mail($email,$subject,$message); $joined = date("Y-m-d H-i-s"); $result = User::addUser($username, $full_name, $email, $password, $joined, $is_activated, $type); $this->addSuccessMessage("User has been added succesfully"); header('Location:' . SOURCE_ROOT_PATH . "admin/pages/usermanager.php?source=add"); } } } return $this->generateView(); }
public function control() { if ($this->isLoggedIn()) { $controller = new DashboardController(true); return $controller->go(); } else { // register form validation $this->addHeaderCSS('assets/css/validate_password.css'); $this->addHeaderJavaScript('assets/js/jquery.validate.min.js'); $this->addHeaderJavaScript('assets/js/jquery.validate.password.js'); $this->addHeaderJavaScript('assets/js/validate_password.js'); $config = Config::getInstance(); $is_registration_open = $config->getValue('is_registration_open'); $this->disableCaching(); $invite_dao = DAOFactory::getDAO('InviteDAO'); if (isset($_GET['code'])) { $invite_code = $_GET['code']; } else { $invite_code = null; } $this->addToView('invite_code', $invite_code); $is_invite_code_valid = $invite_dao->isInviteValid($invite_code); if ($invite_code != null && $is_invite_code_valid) { $this->addSuccessMessage("Welcome, VIP! You've been invited to register on " . $config->getValue('app_title_prefix') . "ThinkUp."); } $has_been_registered = false; if (!$is_registration_open && !$is_invite_code_valid) { $this->addToView('closed', true); $disable_xss = true; $this->addErrorMessage('<p>Sorry, registration is closed on this installation of ' . $config->getValue('app_title_prefix') . "ThinkUp.</p>" . '<p><a href="http://thinkupapp.com">Install ThinkUp on your own server.</a></p>', null, $disable_xss); } else { $owner_dao = DAOFactory::getDAO('OwnerDAO'); $this->addToView('closed', false); $captcha = new Captcha(); if (isset($_POST['Submit']) && $_POST['Submit'] == 'Register') { foreach ($this->REQUIRED_PARAMS as $param) { if (!isset($_POST[$param]) || $_POST[$param] == '') { $this->addErrorMessage('Please fill out all required fields.'); $this->is_missing_param = true; } } if (!$this->is_missing_param) { $valid_input = true; if (!Utils::validateEmail($_POST['email'])) { $this->addErrorMessage("Incorrect email. Please enter valid email address.", 'email'); $valid_input = false; } if (strcmp($_POST['pass1'], $_POST['pass2']) || empty($_POST['pass1'])) { $this->addErrorMessage("Passwords do not match.", 'password'); $valid_input = false; } else { if (!preg_match("/(?=.{8,})(?=.*[a-zA-Z])(?=.*[0-9])/", $_POST['pass1'])) { $this->addErrorMessage("Password must be at least 8 characters and contain both numbers " . "and letters.", 'password'); $valid_input = false; } } if (!$captcha->doesTextMatchImage()) { $this->addErrorMessage("Entered text didn't match the image. Please try again.", 'captcha'); $valid_input = false; } if ($valid_input) { if ($owner_dao->doesOwnerExist($_POST['email'])) { $this->addErrorMessage("User account already exists.", 'email'); } else { // Insert the details into the database $activation_code = $owner_dao->create($_POST['email'], $_POST['pass2'], $_POST['full_name']); if ($activation_code != false) { $es = new ViewManager(); $es->caching = false; $es->assign('application_url', Utils::getApplicationURL(false)); $es->assign('email', urlencode($_POST['email'])); $es->assign('activ_code', $activation_code); $message = $es->fetch('_email.registration.tpl'); Mailer::mail($_POST['email'], "Activate Your Account on " . $config->getValue('app_title_prefix') . "ThinkUp", $message); SessionCache::unsetKey('ckey'); $this->addSuccessMessage("Success! Check your email for an activation link."); //delete invite code if ($is_invite_code_valid) { $invite_dao->deleteInviteCode($invite_code); } $has_been_registered = true; } else { $this->addErrorMessage("Unable to register a new user. Please try again."); } } } } if (isset($_POST["full_name"])) { $this->addToView('name', $_POST["full_name"]); } if (isset($_POST["email"])) { $this->addToView('mail', $_POST["email"]); } $this->addToView('has_been_registered', $has_been_registered); } $challenge = $captcha->generate(); $this->addToView('captcha', $challenge); } $this->view_mgr->addHelp('register', 'userguide/accounts/index'); return $this->generateView(); } }
public function control() { if ($this->isLoggedIn()) { $controller = new DashboardController(true); return $controller->go(); } else { $this->disableCaching(); $config = Config::getInstance(); if (!$config->getValue('is_registration_open')) { $this->addToView('closed', true); $this->addErrorMessage('<p>Sorry, registration is closed on this ThinkUp installation.</p>' . '<p><a href="http://github.com/ginatrapani/thinkup/tree/master">Install ThinkUp on your own ' . 'server.</a></p>'); } else { $owner_dao = DAOFactory::getDAO('OwnerDAO'); $this->addToView('closed', false); $captcha = new Captcha(); if (isset($_POST['Submit']) && $_POST['Submit'] == 'Register') { foreach ($this->REQUIRED_PARAMS as $param) { if (!isset($_POST[$param]) || $_POST[$param] == '') { $this->addErrorMessage('Please fill out all required fields.'); $this->is_missing_param = true; } } if (!$this->is_missing_param) { if (!Utils::validateEmail($_POST['email'])) { $this->addErrorMessage("Incorrect email. Please enter valid email address."); } elseif (strcmp($_POST['pass1'], $_POST['pass2']) || empty($_POST['pass1'])) { $this->addErrorMessage("Passwords do not match."); } elseif (!$captcha->check()) { // Captcha not valid, captcha handles message... } else { if ($owner_dao->doesOwnerExist($_POST['email'])) { $this->addErrorMessage("User account already exists."); } else { $es = new SmartyThinkUp(); $es->caching = false; $session = new Session(); $activ_code = rand(1000, 9999); $cryptpass = $session->pwdcrypt($_POST['pass2']); $server = $_SERVER['HTTP_HOST']; $owner_dao->create($_POST['email'], $cryptpass, $activ_code, $_POST['full_name']); $es->assign('server', $server); $es->assign('email', urlencode($_POST['email'])); $es->assign('activ_code', $activ_code); $message = $es->fetch('_email.registration.tpl'); Mailer::mail($_POST['email'], "Activate Your " . $config->getValue('app_title') . " Account", $message); unset($_SESSION['ckey']); $this->addSuccessMessage("Success! Check your email for an activation link."); } } } if (isset($_POST["full_name"])) { $this->addToView('name', $_POST["full_name"]); } if (isset($_POST["email"])) { $this->addToView('mail', $_POST["email"]); } } $challenge = $captcha->generate(); $this->addToView('captcha', $challenge); } return $this->generateView(); } }
/** * Step 3 - Populate database and finish */ private function step3() { $this->setViewTemplate('install.step3.tpl'); $config_file_exists = false; $config_file = THINKUP_WEBAPP_PATH . 'config.inc.php'; // make sure we are here with posted data if (empty($_POST)) { $this->step1(); return; } // check if we have made config.inc.php if (file_exists($config_file) && filesize($config_file) > 0) { // this is could be from step 2 is not able writing // to webapp dir $config_file_exists = true; require $config_file; $db_config['db_type'] = $THINKUP_CFG['db_type']; $db_config['db_name'] = $THINKUP_CFG['db_name']; $db_config['db_user'] = $THINKUP_CFG['db_user']; $db_config['db_password'] = $THINKUP_CFG['db_password']; $db_config['db_host'] = $THINKUP_CFG['db_host']; $db_config['db_socket'] = $THINKUP_CFG['db_socket']; $db_config['db_port'] = $THINKUP_CFG['db_port']; $db_config['table_prefix'] = $THINKUP_CFG['table_prefix']; $db_config['timezone'] = $THINKUP_CFG['timezone']; $email = trim($_POST['site_email']); } else { // make sure we're not from error or couldn't write config.inc.php if (!isset($_POST['db_user']) && !isset($_POST['db_passwd']) && !isset($_POST['db_name']) && !isset($_POST['db_host'])) { $this->addErrorMessage("Missing database credentials"); $this->step2(); return; } // trim each posted value $db_config['db_type'] = trim(@$_POST['db_type']); $db_config['db_name'] = trim($_POST['db_name']); $db_config['db_user'] = trim($_POST['db_user']); $db_config['db_password'] = trim($_POST['db_passwd']); $db_config['db_host'] = trim($_POST['db_host']); $db_config['db_socket'] = trim($_POST['db_socket']); $db_config['db_port'] = trim($_POST['db_port']); $db_config['table_prefix'] = trim($_POST['db_prefix']); $db_config['timezone'] = trim($_POST['timezone']); $email = trim($_POST['site_email']); } $db_config['db_type'] = 'mysql'; //default for now $password = $_POST['password']; $confirm_password = $_POST['confirm_password']; $full_name = $_POST['full_name']; $display_errors = false; // check email if (!Utils::validateEmail($email)) { $this->addErrorMessage("Please enter a valid email address.", "email"); $display_errors = true; } if ($password != $confirm_password || $password == '' || !preg_match("/(?=.{8,})(?=.*[a-zA-Z])(?=.*[0-9])/", $password)) { //check password if ($password != $confirm_password) { $this->addErrorMessage("Your passwords did not match.", "password"); } else { if ($password == '') { $this->addErrorMessage("Please choose a password.", "password"); } else { if (!preg_match("/(?=.{8,})(?=.*[a-zA-Z])(?=.*[0-9])/", $password)) { $this->addErrorMessage("Password must be at least 8 characters and contain both numbers and letters.", "password"); } } } $display_errors = true; } if ($_POST['db_name'] == '') { $this->addErrorMessage("Please enter a database name.", "database_name"); $display_errors = true; } if ($_POST['db_host'] == '') { $this->addErrorMessage("Please enter a database host.", "database_host"); $display_errors = true; } if ($_POST['timezone'] == '') { $this->addErrorMessage("Please select a time zone.", "timezone"); $display_errors = true; } if (($error = $this->installer->checkDb($db_config)) !== true) { //check db if (($p = strpos($error->getMessage(), "Unknown MySQL server host")) !== false || ($p = strpos($error->getMessage(), "Can't connect to MySQL server")) !== false || ($p = strpos($error->getMessage(), "Can't connect to local MySQL server through socket")) !== false || ($p = strpos($error->getMessage(), "Access denied for user")) !== false) { $db_error = substr($error->getMessage(), $p); } else { $db_error = $error->getMessage(); } $disable_xss = true; $db_error = filter_var($db_error, FILTER_SANITIZE_SPECIAL_CHARS); $this->addErrorMessage("ThinkUp couldn't connect to your database. The error message is:<br /> " . " <strong>{$db_error}</strong><br />Please correct your database information and try again.", "database", $disable_xss); $display_errors = true; } if ($display_errors) { $this->setViewTemplate('install.step2.tpl'); $this->addToView('db_name', $db_config['db_name']); $this->addToView('db_user', $db_config['db_user']); $this->addToView('db_passwd', $db_config['db_password']); $this->addToView('db_host', $db_config['db_host']); $this->addToView('db_prefix', $db_config['table_prefix']); $this->addToView('db_socket', $db_config['db_socket']); $this->addToView('db_port', $db_config['db_port']); $this->addToView('db_type', $db_config['db_type']); $this->addToView('current_tz', $_POST['timezone']); $this->addToView('tz_list', $this->getTimeZoneList()); $this->addToView('site_email', $email); $this->addToView('full_name', $full_name); return; } $admin_user = array('email' => $email, 'password' => $password, 'confirm_password' => $confirm_password); // trying to create config file if (!$config_file_exists && !$this->installer->createConfigFile($db_config, $admin_user)) { $config_file_contents_arr = $this->installer->generateConfigFile($db_config, $admin_user); $config_file_contents_str = ''; foreach ($config_file_contents_arr as $line) { $config_file_contents_str .= htmlentities($line); } $whoami = @exec('whoami'); $disable_xss = true; if (!empty($whoami)) { $whoami = filter_var($whoami, FILTER_SANITIZE_SPECIAL_CHARS); $this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "Use root (or sudo) to create the file manually, and allow PHP to write to it, by executing the " . "following commands:<br /><code>sudo touch " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><code>sudo chown {$whoami} " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><br />If you don't have root access, create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file, show the contents of your config file below," . " and copy and paste the text into the <code>config.inc.php</code> file.", null, $disable_xss); } else { $this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "You will need to create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file manually, and paste the following text into it.", null, $disable_xss); } $this->addToView('config_file_contents', $config_file_contents_str); $this->addToView('_POST', $_POST); $this->setViewTemplate('install.config.tpl'); return; } unset($admin_user['confirm_password']); // check tables $this->installer->checkTable($db_config); // if empty, we're ready to populate the database with ThinkUp tables $this->installer->populateTables($db_config); //Set the application server name in app settings for access by command-line scripts Installer::storeServerName(); $owner_dao = DAOFactory::getDAO('OwnerDAO', $db_config); if (!$owner_dao->doesAdminExist() && !$owner_dao->doesOwnerExist($email)) { // create admin if not exists $activation_code = $owner_dao->createAdmin($email, $password, $full_name); // view for email $cfg_array = array('site_root_path' => Utils::getSiteRootPathFromFileSystem(), 'source_root_path' => THINKUP_ROOT_PATH, 'debug' => false, 'app_title_prefix' => "", 'cache_pages' => false); $email_view = new ViewManager($cfg_array); $email_view->caching = false; $email_view->assign('application_url', Utils::getApplicationURL()); $email_view->assign('email', urlencode($email)); $email_view->assign('activ_code', $activation_code); $message = $email_view->fetch('_email.registration.tpl'); Mailer::mail($email, "Activate Your New ThinkUp Account", $message); } else { $email = 'Use your old email admin'; $password = '******'; } unset($THINKUP_CFG); $this->addToView('errors', $this->installer->getErrorMessages()); $this->addToView('username', $email); $this->addToView('password', $password); $this->addToView('login_url', Utils::getSiteRootPathFromFileSystem() . 'session/login.php'); }
/** * Step 3 - Populate database and finish */ private function step3() { $this->setViewTemplate('install.step3.tpl'); $config_file_exists = false; $config_file = THINKUP_WEBAPP_PATH . 'config.inc.php'; // make sure we are here with posted data if (empty($_POST)) { $this->step1(); return; } // check if we have made config.inc.php if (file_exists($config_file) && filesize($config_file) > 0) { // this is could be from step 2 is not able writing // to webapp dir $config_file_exists = true; require $config_file; $db_config['db_type'] = $THINKUP_CFG['db_type']; $db_config['db_name'] = $THINKUP_CFG['db_name']; $db_config['db_user'] = $THINKUP_CFG['db_user']; $db_config['db_password'] = $THINKUP_CFG['db_password']; $db_config['db_host'] = $THINKUP_CFG['db_host']; $db_config['db_socket'] = $THINKUP_CFG['db_socket']; $db_config['db_port'] = $THINKUP_CFG['db_port']; $db_config['table_prefix'] = $THINKUP_CFG['table_prefix']; $db_config['GMT_offset'] = $THINKUP_CFG['GMT_offset']; $db_config['timezone'] = $THINKUP_CFG['timezone']; $email = trim($_POST['site_email']); } else { // make sure we're not from error of couldn't write config.inc.php if (!isset($_POST['db_user']) && !isset($_POST['db_passwd']) && !isset($_POST['db_name']) && !isset($_POST['db_host'])) { $this->addErrorMessage("Missing database credentials"); $this->step2(); return; } // trim each posted value $db_config['db_type'] = trim(@$_POST['db_type']); $db_config['db_name'] = trim($_POST['db_name']); $db_config['db_user'] = trim($_POST['db_user']); $db_config['db_password'] = trim($_POST['db_passwd']); $db_config['db_host'] = trim($_POST['db_host']); $db_config['db_socket'] = trim($_POST['db_socket']); $db_config['db_port'] = trim($_POST['db_port']); $db_config['table_prefix'] = trim($_POST['db_prefix']); $db_config['timezone'] = trim($_POST['timezone']); $email = trim($_POST['site_email']); // get GMT offset in hours $db_config['GMT_offset'] = timezone_offset_get(new DateTimeZone($_POST['timezone']), new DateTime('now')) / 3600; } $db_config['db_type'] = 'mysql'; //default for now $password = $_POST['password']; $confirm_password = $_POST['confirm_password']; $full_name = $_POST['full_name']; $display_errors = false; // check email if (!Utils::validateEmail($email)) { $this->addErrorMessage("Please enter a valid email address."); $this->setViewTemplate('install.step2.tpl'); $display_errors = true; } else { if ($password != $confirm_password || $password == '') { //check password if ($password != $confirm_password) { $this->addErrorMessage("Your passwords did not match."); } else { $this->addErrorMessage("Please choose a password."); } $this->setViewTemplate('install.step2.tpl'); $display_errors = true; } elseif (($error = $this->installer->checkDb($db_config)) !== true) { //check db if (($p = strpos($error->getMessage(), "Unknown MySQL server host")) !== false || ($p = strpos($error->getMessage(), "Can't connect to MySQL server")) !== false || ($p = strpos($error->getMessage(), "Can't connect to local MySQL server through socket")) !== false || ($p = strpos($error->getMessage(), "Access denied for user")) !== false) { $db_error = substr($error->getMessage(), $p); } else { $db_error = $error->getMessage(); } $this->addErrorMessage("ThinkUp couldn't connect to your database. The error message is:<br /> " . " <strong>{$db_error}</strong><br />Please correct your database information and try again."); $this->setViewTemplate('install.step2.tpl'); $display_errors = true; } } if ($display_errors) { $this->addToView('db_name', $db_config['db_name']); $this->addToView('db_user', $db_config['db_user']); $this->addToView('db_passwd', $db_config['db_password']); $this->addToView('db_host', $db_config['db_host']); $this->addToView('db_prefix', $db_config['table_prefix']); $this->addToView('db_socket', $db_config['db_socket']); $this->addToView('db_port', $db_config['db_port']); $this->addToView('db_type', $db_config['db_type']); $this->addToView('current_tz', $_POST['timezone']); $this->addToView('tz_list', $this->getTimeZoneList()); $this->addToView('site_email', $email); $this->addToView('full_name', $full_name); return; } $admin_user = array('email' => $email, 'password' => $password, 'confirm_password' => $confirm_password); // trying to create config file if (!$config_file_exists && !$this->installer->createConfigFile($db_config, $admin_user)) { $config_file_contents_arr = $this->installer->generateConfigFile($db_config, $admin_user); $config_file_contents_str = ''; foreach ($config_file_contents_arr as $line) { $config_file_contents_str .= htmlentities($line); } $whoami = exec('whoami'); if (!empty($whoami)) { $this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "Use root (or sudo) to create the file manually, and allow PHP to write to it, by executing the " . "following commands:<br /><code>touch " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><code>chown {$whoami} " . escapeshellcmd(THINKUP_WEBAPP_PATH . "config.inc.php") . "</code><br /><br />If you don't have root access, create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file manually, and paste the following text into it." . "<br /><br />Click the <strong>Next Step</strong> button below once you did either."); } else { $this->addErrorMessage("ThinkUp couldn't write the <code>config.inc.php</code> file.<br /><br />" . "You will need to create the <code>" . THINKUP_WEBAPP_PATH . "config.inc.php</code> file manually, and paste the following text into it." . "<br /><br />Click the <strong>Next Step</strong> button once this is done."); } $this->addToView('config_file_contents', $config_file_contents_str); $this->addToView('_POST', $_POST); $this->setViewTemplate('install.config.tpl'); return; } unset($admin_user['confirm_password']); // check tables $this->installer->checkTable($db_config); // if empty, we're ready to populate the database with ThinkUp tables $this->installer->populateTables($db_config); $owner_dao = DAOFactory::getDAO('OwnerDAO', $db_config); if (!$owner_dao->doesAdminExist() && !$owner_dao->doesOwnerExist($email)) { // create admin if not exists $session = new Session(); $activation_code = rand(1000, 9999); $crypt_pass = $session->pwdcrypt($password); //$owner_dao->insertActivatedAdmin($email, $crypt_pass, $full_name); $owner_dao->createAdmin($email, $crypt_pass, $activation_code, $full_name); // view for email $cfg_array = array('site_root_path' => THINKUP_BASE_URL, 'source_root_path' => THINKUP_ROOT_PATH, 'debug' => false, 'app_title' => "ThinkUp", 'cache_pages' => false); $email_view = new SmartyThinkUp($cfg_array); $email_view->caching = false; $email_view->assign('server', $_SERVER['HTTP_HOST']); $email_view->assign('email', urlencode($email)); $email_view->assign('activ_code', $activation_code); $message = $email_view->fetch('_email.registration.tpl'); Mailer::mail($email, "Activate Your New ThinkUp Account", $message); } else { $email = 'Use your old email admin'; $password = '******'; } unset($THINKUP_CFG); $this->addToView('errors', $this->installer->getErrorMessages()); $this->addToView('username', $email); $this->addToView('password', $password); $this->addToView('login_url', THINKUP_BASE_URL . 'session/login.php'); }
public function control() { if ($this->isLoggedIn()) { $controller = new DashboardController(true); return $controller->go(); } else { $config = Config::getInstance(); $is_registration_open = $config->getValue('is_registration_open'); $this->disableCaching(); $invite_dao = DAOFactory::getDAO('InviteDAO'); if (isset($_GET['code'])) { $invite_code = $_GET['code']; } else { $invite_code = null; } $this->addToView('invite_code', $invite_code); $is_invite_code_valid = $invite_dao->isInviteValid($invite_code); if (!$is_registration_open && !$is_invite_code_valid) { $this->addToView('closed', true); $this->addErrorMessage('<p>Sorry, registration is closed on this ThinkUp installation.</p>' . '<p><a href="http://thinkupapp.com">Install ThinkUp on your own server.</a></p>'); } else { $owner_dao = DAOFactory::getDAO('OwnerDAO'); $this->addToView('closed', false); $captcha = new Captcha(); if (isset($_POST['Submit']) && $_POST['Submit'] == 'Register') { foreach ($this->REQUIRED_PARAMS as $param) { if (!isset($_POST[$param]) || $_POST[$param] == '') { $this->addErrorMessage('Please fill out all required fields.'); $this->is_missing_param = true; } } if (!$this->is_missing_param) { $valid_input = true; if (!Utils::validateEmail($_POST['email'])) { $this->addErrorMessage("Incorrect email. Please enter valid email address.", 'email'); $valid_input = false; } if (strcmp($_POST['pass1'], $_POST['pass2']) || empty($_POST['pass1'])) { $this->addErrorMessage("Passwords do not match.", 'password'); $valid_input = false; } else { if (strlen($_POST['pass1']) < 5) { $this->addErrorMessage("Password must be at least 5 characters.", 'password'); $valid_input = false; } } if (!$captcha->doesTextMatchImage()) { $this->addErrorMessage("Entered text didn't match the image. Please try again.", 'captcha'); $valid_input = false; } if ($valid_input) { if ($owner_dao->doesOwnerExist($_POST['email'])) { $this->addErrorMessage("User account already exists.", 'email'); } else { // Insert the details into the database $activation_code = $owner_dao->create($_POST['email'], $_POST['pass2'], $_POST['full_name']); if ($activation_code != false) { $es = new SmartyThinkUp(); $es->caching = false; $server = $_SERVER['HTTP_HOST']; $es->assign('server', $server); $es->assign('email', urlencode($_POST['email'])); $es->assign('activ_code', $activation_code); $message = $es->fetch('_email.registration.tpl'); Mailer::mail($_POST['email'], "Activate Your " . $config->getValue('app_title') . " Account", $message); SessionCache::unsetKey('ckey'); $this->addSuccessMessage("Success! Check your email for an activation link."); //delete invite code if ($is_invite_code_valid) { $invite_dao->deleteInviteCode($invite_code); } } else { $this->addErrorMessage("Unable to register a new user. Please try again."); } } } } if (isset($_POST["full_name"])) { $this->addToView('name', $_POST["full_name"]); } if (isset($_POST["email"])) { $this->addToView('mail', $_POST["email"]); } } $challenge = $captcha->generate(); $this->addToView('captcha', $challenge); } $this->view_mgr->addHelp('register', 'userguide/accounts/index'); return $this->generateView(); } }
public function control() { $this->redirectToEmpoddyLabsEndpoint(); if ($this->isLoggedIn()) { $controller = new DashboardController(true); return $controller->go(); } else { $this->disableCaching(); $has_been_registered = false; $is_registration_open = true; if (!$is_registration_open && !$is_invite_code_valid) { $this->addToView('closed', true); $disable_xss = true; $this->addErrorMessage('Sorry, registration is closed on ' . $config->getValue('app_title_prefix') . "EFC Labs. " . 'Try <a href="https://EFC">EFC</a>.', null, $disable_xss); } else { $user_arr = array(); $user_dao = DAOFactory::getDAO('UserDAO'); $this->addToView('closed', false); $captcha = new Captcha(); if (isset($_POST['Submit']) && $_POST['Submit'] == 'Register') { foreach ($this->REQUIRED_PARAMS as $param) { if (!isset($_POST[$param]) || $_POST[$param] == '') { $this->addErrorMessage('Please fill out all required fields.'); $this->is_missing_param = true; } else { $user_arr[$param] = $_POST[$param]; } } if (!$this->is_missing_param) { $valid_input = true; if (!Utils::validateEmail($_POST['email'])) { $this->addErrorMessage("Sorry, that email address looks wrong. Can you double-check it?", 'email'); $valid_input = false; } if (strcmp($_POST['pwd'], $_POST['cpwd']) || empty($_POST['pwd'])) { $this->addErrorMessage("Passwords do not match.", 'password'); $valid_input = false; } else { if (!preg_match("/(?=.{8,})(?=.*[a-zA-Z])(?=.*[0-9])/", $_POST['pass1'])) { $this->addErrorMessage("Password must be at least 8 characters and contain both numbers " . "and letters.", 'password'); $valid_input = false; } } if ($valid_input) { if ($user_dao->doesUserExist($_POST['email'])) { $this->addErrorMessage("User account already exists.", 'email'); } else { // Insert the details into the database $activation_code = $user_dao->create($user_arr); if ($activation_code != false) { /* $es = new ViewManager(); $es->caching=false; $es->assign('application_url', Utils::getApplicationURL(false) ); $es->assign('email', urlencode($_POST['email']) ); $es->assign('activ_code', $activation_code ); $message = $es->fetch('_email.registration.tpl'); Mailer::mail($_POST['email'], "Activate Your Account on ". $config->getValue('app_title_prefix')."EFC", $message); $this->addSuccessMessage("Success! Check your email for an activation link."); //delete invite code if ( $is_invite_code_valid ) { $invite_dao->deleteInviteCode($invite_code); } */ $has_been_registered = true; $this->addToView('success', $has_been_registered); } else { $this->addErrorMessage("Unable to register a new user. Please try again."); } } } } if (isset($_POST["first_name"])) { $this->addToView('first_name', $_POST["first_name"]); } } } return $this->generateView(); } }
private function addUser($user_dao = null) { $user_arr = array(); $this->disableCaching(); $has_been_registered = false; $this->setViewTemplate('_user_register.tpl'); if (isset($_POST['Submit']) && $_POST['Submit'] == 'Submit') { $msg = array(); foreach ($this->REQUIRED_PARAMS as $param) { if (!isset($_POST[$param]) || $_POST[$param] == '') { $msg[] = 'Please fill out all required fields.'; $this->sendJsonResponse(500, $msg); $this->addErrorMessage('Please fill out all required fields.'); $this->is_missing_param = true; unset($user_arr); break; } else { //else make array of all Posts array $user_arr[$param] = $_POST[$param]; } } if (!$this->is_missing_param) { $valid_input = true; if (!Utils::validateEmail($_POST['email']) || !Utils::validateEmail($_POST['reporting'])) { $this->addErrorMessage("Sorry, that email address for user looks wrong. Can you double-check it?", 'email'); $valid_input = false; } if (!$user_dao->doesUserExist($_POST['reporting'])) { $msg[] = "Sorry, that email address for reporting manager looks wrong. Can you double-check it?"; $this->sendJsonResponse(500, $msg); $this->addErrorMessage("Sorry, that email address for reporting manager looks wrong. Can you double-check it?", 'email'); $valid_input = false; } //TODO: check for reporting user type if ($valid_input) { if ($user_dao->doesUserExist($_POST['email'])) { $msg[] = "User account already exists."; $this->sendJsonResponse(500, $msg); $this->addErrorMessage("User account already exists.", 'email'); } else { //$activation_code = 123456; $activation_code = $user_dao->create($user_arr); if ($activation_code != false) { $config = Config::getInstance(); $msg[] = $user_arr['first_name'] . " has been registered successfully"; $args = array('subject' => "Activate your account on " . $config->getValue('app_title_prefix') . " | Registeration !", 'data' => array('application_url' => Utils::getApplicationURL(false), 'email' => $_POST['email'], 'activ_code' => $activation_code['activation_code'], 'password' => $activation_code['password'])); //$this->sendJsonResponse(1, $msg); $this->makeSendMailQueue('_email.registration.tpl', $args); $this->sendJsonResponse(200, $msg); } else { $msg[] = "Unable to register a new user. Please try again."; $this->sendJsonResponse(500, $msg); $this->addErrorMessage("Unable to register a new user. Please try again."); } } } } } //$this->addToView('has_been_registered', $has_been_registered); return $this->generateView(); }