{
global $isv_db;
$stmt = $isv_db->prepare("SELECT user_reg,user_validate,sys_cron,timezone,admin_end,logo_name,favicon,mobile,plugins,errors,newuser_notice FROM s_settings WHERE id=1");
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($sett_userReg, $sett_userValid, $sett_sysCron, $sett_defTimeZone, $sett_adminEnd, $sett_logo, $sett_favicon, $sett_mobile, $sett_plugins, $sett_errors, $sett_newuserNotice);
$stmt->fetch();
$stmt->close();
return array('user_reg' => $sett_userReg, 'user_validate' => $sett_userValid, 'sys_cron' => $sett_sysCron, 'defaultTzone' => $sett_defTimeZone, 'adminEnd' => $sett_adminEnd, 'logo' => $sett_logo, 'favicon' => $sett_favicon, 'enable_mobile' => $sett_mobile, 'enable_plugins' => $sett_plugins, 'hide_errors' => $sett_errors, 'notifyAdmin_newUser' => $sett_newuserNotice);
}
public function maintenanceMode()
{
if ($this->s_status === 0) {
require_once ISVIPI_PAGES_BASE . 'maintenance.php';
exit;
}
}
public function enableSSL()
{
if ($this->s_enable_ssl === 1 && $_SERVER["HTTPS"] != "on") {
header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
exit;
}
}
}
/*** load our global site variables */
$siteInfo = new siteManager();
$isv_siteDetails = $siteInfo->getSiteInfo();
$isv_siteSettings = $siteInfo->getSiteSettings();
/*** check if SSL active and enable */
$enableSSL = $siteInfo->enableSSL();
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
******************************************************/
global $PAGE, $p;
if (!isset($PAGE[0]) || empty($PAGE[0])) {
$p = '';
} else {
$p = $PAGE[0];
}
//if logged in, redirect to member page
if (!isLoggedIn()) {
$_SESSION['isv_error'] = '404 Error: The page you are looking for could not be found or you go not have permission to view it.';
header('location:' . ISVIPI_URL . 'err_404/');
exit;
}
/** instantiate site_settings */
$siteInfo = new siteManager();
$isv_siteDetails = $siteInfo->getSiteInfo();
$isv_siteSettings = $siteInfo->getSiteSettings();
/** require our members class **/
require_once ISVIPI_CLASSES_BASE . 'global/member_cls.php';
$member = new member($_SESSION['isv_user_id']);
$memberinfo = $member->memberDetails();
/** Page Manager **/
$pageManager = new pageManager();
$s_m = $pageManager->siteMeta();
include_once ISVIPI_ACT_THEME . 'err_404.php';
public function __construct($userFields)
{
//check if supplied/empty
foreach ($userFields as $field => $value) {
if (!isSupplied($value)) {
$array['err'] = true;
$array['message'] = 'Please fill in ' . $field . '!';
echo json_encode($array);
exit;
}
}
//assign our variables
$this->username = $userFields['Username'];
$this->name = $userFields['Full Name'];
$this->email = $userFields['Email'];
$this->password = $userFields['Password'];
$this->rPassword = $userFields['Repeat Password'];
$this->country = $userFields['Country'];
$this->dob = $userFields['Date of Birth'];
$this->sex = $userFields['Gender'];
//validate username
/*(allow only alphanumeric,hyphen and underscores) */
if (preg_match('/[^a-z_\\-0-9]/i', $this->username)) {
$array['err'] = true;
$array['message'] = 'Username cannot have any space. It MUST be one word with 8 or more characters.';
echo json_encode($array);
exit;
}
if (strlen($this->username) < 6) {
$array['err'] = true;
$array['message'] = 'Username MUST be 6 or more characters.';
echo json_encode($array);
exit;
}
//check if the username is already taken
if ($this->isRegistered($this->username, 'username')) {
$array['err'] = true;
$array['message'] = '' . $this->username . ' is taken. Please try another.';
echo json_encode($array);
exit;
}
//validate email
if (!filter_var($this->email, FILTER_VALIDATE_EMAIL)) {
$array['err'] = true;
$array['message'] = 'Your email is invalid.';
echo json_encode($array);
exit;
}
//check if a user with the same email exists
if ($this->isRegistered($this->email, 'email')) {
$array['err'] = true;
$array['message'] = 'A user with this email is already registered.';
echo json_encode($array);
exit;
}
//check if passwords is long enough
if (strlen($this->password) < 8) {
$array['err'] = true;
$array['message'] = 'Password MUST be 8 or more characters.';
echo json_encode($array);
exit;
}
//check if the two passwords match
if ($this->password !== $this->rPassword) {
$array['err'] = true;
$array['message'] = 'Password and Re-enter Password do not match.';
echo json_encode($array);
exit;
}
//validate date format
$format = "d/m/Y";
$this->dob = $this->validateDate($this->dob, $format);
//hash the password
$hashedPWD = password_hash($this->password, PASSWORD_DEFAULT);
//save in a database
global $isv_db;
$stmt = $isv_db->prepare("INSERT INTO users (username,email,pwd,reg_date,last_activity) VALUES (?,?,?,UTC_TIMESTAMP(),UTC_TIMESTAMP())");
$stmt->bind_param('sss', $this->username, $this->email, $hashedPWD);
$stmt->execute();
//retrieve new user id
$stmt->prepare("SELECT id FROM users WHERE email=?");
$stmt->bind_param('s', $this->email);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($userID);
$stmt->fetch();
//save other details in user_profile table
$stmt->prepare("INSERT INTO user_profile (user_id,fullname,gender,dob,country) VALUES (?,?,?,?,?)");
$stmt->bind_param('issss', $userID, $this->name, $this->sex, $this->dob, $this->country);
$stmt->execute();
$stmt->close();
//send activation email if this is enabled
$siteInfo = new siteManager();
$isv_siteSettings = $siteInfo->getSiteSettings();
$isv_siteDetails = $siteInfo->getSiteInfo();
if ($isv_siteSettings['user_validate'] === 1) {
/* generate our validation code */
$validCode = $this->getValidationCode($hashedPWD);
/* include our email functions file */
require_once ISVIPI_FUNCTIONS_BASE . 'emails/reg_emails.php';
/*send the email */
sendValidationEmail($this->email, $this->name, $validCode, $isv_siteDetails['s_email'], $isv_siteDetails['s_title'], $isv_siteDetails['s_url'], $isv_siteSettings['logo']);
$msg = 'Account created. We have sent an email with an activation code to ' . $this->email . '. Follow instructions in the email to activate your account.';
} else {
$msg = 'Account created. You can now login.';
}
//notify admin if this is enabled
if ($isv_siteSettings['notifyAdmin_newUser'] === 1) {
notifyAdmin($this->name, 'New User', $isv_siteDetails['s_email'], $isv_siteDetails['s_title']);
}
//return success notice
$array['err'] = false;
$array['message'] = $msg;
echo json_encode($array);
exit;
}
public function footerText()
{
$siteInfo = new siteManager();
$isv_siteDetails = $siteInfo->getSiteInfo();
echo 'Copyright © ' . date('Y') . ' <a href="' . $isv_siteDetails['s_url'] . '" title="' . $isv_siteDetails['s_title'] . '">' . $isv_siteDetails['s_title'] . '</a>. Powered by <a href="//isvipi.org" title="Open Source Social Networking Software" target="_blank">IsVipi OSSN</a>.';
}
public function resetPWD($user, $type)
{
$this->type = $type;
if ($this->type == 'username') {
$this->username = $user;
global $isv_db;
//select email from the db
$stmt = $isv_db->prepare("SELECT email FROM users WHERE username=?");
$stmt->bind_param('s', $this->username);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($userEmail);
$stmt->fetch();
if ($stmt->num_rows() < 1) {
$stmt->close();
$_SESSION['isv_error'] = 'No such user found in our database';
header('location:' . ISVIPI_URL . 'forgot');
exit;
}
$this->email = $userEmail;
//check if a validation code already exists in our db
if (valid_codeExists($this->email, 'email')) {
global $exstCode;
$newCode = $exstCode;
//update our query time
$stmt->prepare("UPDATE user_validations SET time=UTC_TIMESTAMP() WHERE code=?");
$stmt->bind_param('s', $newCode);
$stmt->execute();
$stmt->close();
} else {
//generate validation code
$newCode = randomCode($this->email, '25');
//save in our db
$stmt->prepare("INSERT INTO user_validations (email,code,time) VALUES (?,?,UTC_TIMESTAMP())");
$stmt->bind_param('ss', $this->email, $newCode);
$stmt->execute();
$stmt->close();
}
} else {
if ($this->type == 'email') {
$this->email = $user;
//check if a user with this email exists
global $isv_db;
$stmt = $isv_db->prepare("SELECT id FROM users WHERE email=?");
$stmt->bind_param('s', $this->email);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($userID);
$stmt->fetch();
if ($stmt->num_rows() < 1) {
$stmt->close();
$_SESSION['isv_error'] = 'No such user found in our database';
header('location:' . ISVIPI_URL . 'forgot');
exit;
}
//check if a validation code already exists in our db
if (valid_codeExists($this->email, 'email')) {
global $exstCode;
$newCode = $exstCode;
//update our query time
$stmt->prepare("UPDATE user_validations SET time=UTC_TIMESTAMP() WHERE code=?");
$stmt->bind_param('s', $newCode);
$stmt->execute();
$stmt->close();
} else {
//generate validation code
$newCode = randomCode($this->email, '25');
//save in our db
$stmt = $isv_db->prepare("INSERT INTO user_validations (email,code,time) VALUES (?,?,UTC_TIMESTAMP())");
$stmt->bind_param('ss', $this->email, $newCode);
$stmt->execute();
$stmt->close();
}
}
}
/* include our email functions file */
require_once ISVIPI_FUNCTIONS_BASE . 'emails/resetPWD_email.php';
// send our email
$siteInfo = new siteManager();
$isv_siteSettings = $siteInfo->getSiteSettings();
$isv_siteDetails = $siteInfo->getSiteInfo();
sendResetPWDEmail($this->email, $newCode, $isv_siteDetails['s_email'], $isv_siteDetails['s_title'], $isv_siteDetails['s_url'], $isv_siteSettings['logo']);
//redirect with a success message
$_SESSION['isv_success'] = 'An email with your password reset link has been sent to ' . $this->email . '. Follow instructions in the email to change your password.';
header('location:' . ISVIPI_URL . 'forgot');
exit;
}
