コード例 #1
0
ファイル: config.php プロジェクト: shauncjones/Simple-Forum
function getUserByUsername($username)
{
    $user = fetchUserDetails($username);
    if ($user != null) {
        return getUserByID($user["id"]);
        return getUserByID($user["id"]);
    }
}
コード例 #2
0
     }
 }
 if (trim($username) == "") {
     $errors[] = lang("ACCOUNT_SPECIFY_USERNAME");
 } else {
     if (!usernameExists($username)) {
         $errors[] = lang("ACCOUNT_INVALID_USERNAME");
     }
 }
 if (count($errors) == 0) {
     //Check that the username / email are associated to the same account
     if (!emailUsernameLinked($email, $username)) {
         $errors[] = lang("ACCOUNT_USER_OR_EMAIL_INVALID");
     } else {
         //Check if the user has any outstanding lost password requests
         $userdetails = fetchUserDetails($username);
         if ($userdetails["lost_password_request"] == 1) {
             $errors[] = lang("FORGOTPASS_REQUEST_EXISTS");
         } else {
             //Email the user asking to confirm this change password request
             //We can use the template builder here
             //We use the activation token again for the url key it gets regenerated everytime it's used.
             $mail = new userCakeMail();
             $confirm_url = lang("CONFIRM") . "\n" . $websiteUrl . "forgot-password.php?confirm=" . $userdetails["activation_token"];
             $deny_url = lang("DENY") . "\n" . $websiteUrl . "forgot-password.php?deny=" . $userdetails["activation_token"];
             //Setup our custom hooks
             $hooks = array("searchStrs" => array("#CONFIRM-URL#", "#DENY-URL#", "#USERNAME#"), "subjectStrs" => array($confirm_url, $deny_url, $userdetails["user_name"]));
             if (!$mail->newTemplateMsg("lost-password-request.txt", $hooks)) {
                 $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR");
             } else {
                 if (!$mail->sendMail($userdetails["email"], "Lost password request")) {
コード例 #3
0
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     global $baseURL;
     $baseURL = getcwd();
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     //Forms posted
     if (!empty($_POST) && $emailActivation) {
         $email = $_POST["email"];
         $username = $_POST["username"];
         //Perform some validation
         //Feel free to edit / change as required
         if (trim($email) == "") {
             $errors[] = lang("ACCOUNT_SPECIFY_EMAIL");
         } else {
             if (!isValidEmail($email) || !emailExists($email)) {
                 $errors[] = lang("ACCOUNT_INVALID_EMAIL");
             }
         }
         if (trim($username) == "") {
             $errors[] = lang("ACCOUNT_SPECIFY_USERNAME");
         } else {
             if (!usernameExists($username)) {
                 $errors[] = lang("ACCOUNT_INVALID_USERNAME");
             }
         }
         if (count($errors) == 0) {
             //Check that the username / email are associated to the same account
             if (!emailUsernameLinked($email, $username)) {
                 $errors[] = lang("ACCOUNT_USER_OR_EMAIL_INVALID");
             } else {
                 $userdetails = fetchUserDetails($username);
                 //See if the user's account is activation
                 if ($userdetails["active"] == 1) {
                     $errors[] = lang("ACCOUNT_ALREADY_ACTIVE");
                 } else {
                     if ($resend_activation_threshold == 0) {
                         $hours_diff = 0;
                     } else {
                         $last_request = $userdetails["last_activation_request"];
                         $hours_diff = round((time() - $last_request) / (3600 * $resend_activation_threshold), 0);
                     }
                     if ($resend_activation_threshold != 0 && $hours_diff <= $resend_activation_threshold) {
                         $errors[] = lang("ACCOUNT_LINK_ALREADY_SENT", array($resend_activation_threshold));
                     } else {
                         //For security create a new activation url;
                         $new_activation_token = generateActivationToken();
                         if (!updateLastActivationRequest($new_activation_token, $username, $email)) {
                             $errors[] = lang("SQL_ERROR");
                         } else {
                             $mail = new userCakeMail();
                             $activation_url = $websiteUrl . "activate-account.php?token=" . $new_activation_token;
                             //Setup our custom hooks
                             $hooks = array("searchStrs" => array("#ACTIVATION-URL", "#USERNAME#"), "subjectStrs" => array($activation_url, $userdetails["display_name"]));
                             if (!$mail->newTemplateMsg("resend-activation.txt", $hooks)) {
                                 $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR");
                             } else {
                                 if (!$mail->sendMail($userdetails["email"], "Activate your " . $websiteName . " Account")) {
                                     $errors[] = lang("MAIL_ERROR");
                                 } else {
                                     //Success, user details have been updated in the db now mail this information out.
                                     $successes[] = lang("ACCOUNT_NEW_ACTIVATION_SENT");
                                 }
                             }
                         }
                     }
                 }
             }
         }
     }
     //Prevent the user visiting the logged in page if he/she is already logged in
     if (isUserLoggedIn()) {
         header("Location: " . str_replace('index.php/', '', site_url('account')));
         die;
     }
     $this->load->view('resend_activation');
 }
コード例 #4
0
ファイル: user.php プロジェクト: marwyre/PerunioCMS
            $remove = $_POST['removePermission'];
            if ($deletion_count = removePermission($remove, $userId)) {
                $successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array($deletion_count));
            } else {
                $errors[] = lang("SQL_ERROR");
            }
        }
        if (!empty($_POST['addPermission'])) {
            $add = $_POST['addPermission'];
            if ($addition_count = addPermission($add, $userId)) {
                $successes[] = lang("ACCOUNT_PERMISSION_ADDED", array($addition_count));
            } else {
                $errors[] = lang("SQL_ERROR");
            }
        }
        $userdetails = fetchUserDetails(NULL, NULL, $userId);
    }
}
$userPermission = fetchUserPermissions($userId);
$permissionData = fetchAllPermissions();
require_once "models/header.php";
echo "\r\n<div class='container'>\r\n<h1>PerunioCMS</h1>";
echo resultBlock($errors, $successes);
echo "\r\n<form name='adminUser' action='" . $_SERVER['PHP_SELF'] . "?id=" . $userId . "' method='post'>\r\n<table class='admin'><tr><td>\r\n<h3>User Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $userdetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Username:</label>\r\n" . $userdetails['user_name'] . "\r\n</p>\r\n<p>\r\n<label>Display Name:</label>\r\n<input type='text' name='display' value='" . $userdetails['display_name'] . "' />\r\n</p>\r\n<p>\r\n<label>Email:</label>\r\n<input type='text' name='email' value='" . $userdetails['email'] . "' />\r\n</p>\r\n<p>\r\n<label>Active:</label>";
//Display activation link, if account inactive
if ($userdetails['active'] == '1') {
    echo "Yes";
} else {
    echo "No\r\n\t</p>\r\n\t<p>\r\n\t<label>Activate:</label>\r\n\t<input type='checkbox' name='activate' id='activate' value='activate'>\r\n\t";
}
echo "\r\n</p>\r\n<p>\r\n<label>Title:</label>\r\n<input type='text' name='title' value='" . $userdetails['title'] . "' />\r\n</p>\r\n<p>\r\n<label>Sign Up:</label>\r\n" . date("j M, Y", $userdetails['sign_up_stamp']) . "\r\n</p>\r\n<p>\r\n<label>Last Sign In:</label>";
コード例 #5
0
ファイル: forgot-password.php プロジェクト: GetInTheGo/anpac
 if (count($errors) == 0) {
     //Check that the username / email are associated to the same account
     if (!emailUsernameLinked($email, $username)) {
         $errors[] = lang("ACCOUNT_USER_OR_EMAIL_INVALID");
     } else {
         //Check if the user has any outstanding lost password requests
         $userdetails = fetchUserDetails($username);
         if ($userdetails["lost_password_request"] == 1) {
             $errors[] = lang("FORGOTPASS_REQUEST_EXISTS");
         } else {
             $token = $userdetails["activation_token"];
             $rand_pass = getUniqueCode(15);
             //Get unique code
             $secure_pass = generateHash($rand_pass);
             //Generate random hash
             $userdetails = fetchUserDetails(NULL, $token);
             //Fetchs user details
             $mail = new userCakeMail();
             //Setup our custom hooks
             $hooks = array("searchStrs" => array("#GENERATED-PASS#", "#USERNAME#"), "subjectStrs" => array($rand_pass, $userdetails["display_name"]));
             if (!$mail->newTemplateMsg("your-lost-password.txt", $hooks)) {
                 $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR");
             } else {
                 if (!$mail->sendMail($userdetails["email"], "Your new password")) {
                     $errors[] = lang("MAIL_ERROR");
                 } else {
                     if (!updatePasswordFromToken($secure_pass, $token)) {
                         $errors[] = lang("SQL_ERROR");
                     } else {
                         if (!flagLostPasswordRequest($userdetails["user_name"], 0)) {
                             $errors[] = lang("SQL_ERROR");
コード例 #6
0
                    </colgroup>
                    <thead>
                        <tr>
                            <th>Title</th>
                            <th class="hidden-xs">Description</th>
                            <th>Person</th>
                            <th>Start</th>
                            <th>End</th>
                            <th class="hidden-xs hidden-sm">Gear</th>
                        </tr>
                    </thead>
                    <tbody>
						<?php 
    foreach ($checkouts as $checkout) {
        $person = $checkout->getPerson();
        $personDetails = fetchUserDetails(NULL, NULL, $person);
        $co_start = new DateTime($checkout->getStart());
        $co_end = new DateTime($checkout->getEnd());
        $now = new DateTime();
        if ($co_end < $now) {
            echo "<tr class='text-muted'>";
        } else {
            echo "<tr>";
        }
        printf("<td><a href='checkout.php?co_id=%s'>%s</a></td>", $checkout->getID(), $checkout->getTitle());
        printf("<td class='hidden-xs'>%s</td>", shortString($checkout->getDescription(), 100, true));
        printf("<td>%s</td>", $personDetails['display_name']);
        printf("<td>%s</td>", $co_start->format('m-d g:iA'));
        printf("<td>%s</td>", $co_end->format('m-d g:iA'));
        printf("<td class='hidden-xs hidden-sm'>");
        $i = 0;
コード例 #7
0
function withdraw($userid, $currency, $amount, $address = NULL, $fiatcurrency = "USD")
{
    global $handshake;
    global $dogeWalletServer;
    global $btcWalletServer;
    if ($address == NULL) {
        $userdetails = fetchUserDetails(NULL, NULL, $userid);
        $address = $userdetails[$currency . 'address'];
    }
    $params = $address . '@@@' . $amount . '@@@' . 'dogepos-' . $userid;
    $key = $params . $handshake;
    $key = sha1($key);
    if (strtoupper($currency) == "DOGE") {
        //generate api call
        $url = $dogeWalletServer . 'index.php?call=withdraw&params=' . $params . '&key=' . $key;
        //do conversion
        $fiat = get_doge_conversion($amount, $fiatcurrency, true);
    } else {
        if (strtoupper($currency) == "BTC") {
            $url = $btcWalletServer . 'index.php?call=withdraw&params=' . $params . '&key=' . $key;
            //do conversion
            $fiat = get_btc_conversion($amount, $fiatcurrency, true);
        }
    }
    echo "[fiat=" . $fiat . $fiatcurrency . " || amount=" . $amount . $currency;
    echo $url;
    //open connection
    $ch = curl_init();
    //set the url, number of POST vars, POST data
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    //execute post
    $result = curl_exec($ch);
    //print_r($result);
    if (strlen($result) > 20) {
        $logamount = 0 - $amount;
        $logfiat = 0 - $fiat;
        log_transaction($address, $logamount, $logfiat, $fiatcurrency, strtoupper($currency), $userid, $result);
    }
    //close connection
    curl_close($ch);
    //echo "result".$result;
    return $result;
    /* part of pin check
    	}
    	*/
}
コード例 #8
0
ファイル: login.php プロジェクト: AdwayLele/CupCake
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     global $baseURL;
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     //Prevent the user visiting the logged in page if he/she is already logged in
     if (isUserLoggedIn()) {
         header("Location: " . str_replace('index.php/', '', site_url('account')));
         die;
     }
     //Forms posted
     if (!empty($_POST)) {
         global $errors;
         $errors = array();
         $username = sanitize(trim($_POST["username"]));
         $password = trim($_POST["password"]);
         //Perform some validation
         //Feel free to edit / change as required
         if ($username == "") {
             $errors[] = lang("ACCOUNT_SPECIFY_USERNAME");
         }
         if ($password == "") {
             $errors[] = lang("ACCOUNT_SPECIFY_PASSWORD");
         }
         if (count($errors) == 0) {
             //A security note here, never tell the user which credential was incorrect
             if (!usernameExists($username)) {
                 $errors[] = lang("ACCOUNT_USER_OR_PASS_INVALID");
             } else {
                 $userdetails = fetchUserDetails($username);
                 //See if the user's account is activated
                 if ($userdetails["active"] == 0) {
                     $errors[] = lang("ACCOUNT_INACTIVE");
                 } else {
                     //Hash the password and use the salt from the database to compare the password.
                     $entered_pass = generateHash($password, $userdetails["password"]);
                     if ($entered_pass != $userdetails["password"]) {
                         //Again, we know the password is at fault here, but lets not give away the combination incase of someone bruteforcing
                         $errors[] = lang("ACCOUNT_USER_OR_PASS_INVALID");
                     } else {
                         //Passwords match! we're good to go'
                         //Construct a new logged in user object
                         //Transfer some db data to the session object
                         $loggedInUser = new loggedInUser();
                         $loggedInUser->email = $userdetails["email"];
                         $loggedInUser->user_id = $userdetails["id"];
                         $loggedInUser->hash_pw = $userdetails["password"];
                         $loggedInUser->title = $userdetails["title"];
                         $loggedInUser->displayname = $userdetails["display_name"];
                         $loggedInUser->username = $userdetails["user_name"];
                         //Update last sign in
                         $loggedInUser->updateLastSignIn();
                         $this->session->set_userdata('userCakeUser', $loggedInUser);
                         // $_SESSION["userCakeUser"] = $loggedInUser;
                         //Redirect to user account page
                         header("Location: " . str_replace('index.php/', '', site_url('account')));
                         die;
                     }
                 }
             }
         }
     }
     $this->load->view('login');
 }
コード例 #9
0
ファイル: user_settings.php プロジェクト: khalid-ali/DogePos
     //End data validation
     if (count($errors) == 0) {
         $loggedInUser->updateEmail($email);
         $successes[] = lang("ACCOUNT_EMAIL_UPDATED");
     }
 }
 //Update Currency
 if ($currency != $loggedInUser->currency && count($errors) == 0) {
     $loggedInUser->updateCurrency($currency);
     $successes[] = "currency updated";
 }
 //update withraw addresses
 if ($autodoge != $loggedInUser->autodoge || $autobtc != $loggedInUser->autobtc || $dogeaddress != $loggedInUser->dogeaddress || $btcaddress != $loggedInUser->btcaddress) {
     $check = "TRIGGERED";
     //check pin
     $userdetails = fetchUserDetails(NULL, NULL, $loggedInUser->user_id);
     $entered_pin = generateHash($pin, $userdetails["pin"]);
     if ($entered_pin != $userdetails["pin"]) {
         $errors[] = "wrong pin!";
     }
     //update doge address
     if ($dogeaddress != $loggedInUser->dogeaddress) {
         if (trim($dogeaddress) == "") {
             $errors[] = "error";
         }
         //End data validation
         if (count($errors) == 0) {
             $loggedInUser->updateDogeaddress($dogeaddress);
             $successes[] = "address updated";
         }
     }
コード例 #10
0
ファイル: thread.php プロジェクト: shauncjones/Simple-Forum
 public function printThread($user)
 {
     $stats = count($this->getChildren()) . " post(s) " . $this->getViews() . " view(s)";
     $printLatestPost = "No posts.";
     $latestPost = $this->getLatestPost();
     if ($latestPost->fields["User"] != null) {
         $latestPostUser = getUserByID($latestPost->fields["User"]);
         $printLatestPost = "Last Post By: <b>" . $latestPostUser->username . "</b><br />" . $latestPost->getDate();
     }
     $thisOwner = "Annoymous";
     if ($this->getFirstPost()->fields["User"] != null) {
         $userdetails = fetchUserDetails(null, null, $this->getFirstPost()->fields["User"]);
         $thisOwner = $userdetails["display_name"];
     }
     return "\r\n            <div class='thread_wrapper " . ($this->isUnread($user) ? "thread_unread" : ($this->fields["Sticky"] == "yes" ? "thread_sticky" : "thread_normal")) . "'>\r\n            <div class='forum_element'>\r\n                    <div class='two_third thread_content'>\r\n                         <h3 class='element_title'><a href='{$_SERVER['PHP_SELF']}?p=t{$this->getID()}'>{$this->name}</a></h3>\r\n                         <div class='forum_element_info'>\r\n                               {$thisOwner}, {$this->getFirstPost()->getDate()}\r\n                         </div>\r\n                    </div>\r\n                    <div class='forum_element_info one_third column-last'>\r\n                         {$printLatestPost} <br/> {$stats}\r\n                    </div>\r\n                    <div class='clear'></div>\r\n                </div>\r\n            </div>\r\n            <div class='hrline_silver' style='width: 95%'></div>";
 }
コード例 #11
0
ファイル: forgot_password.php プロジェクト: AdwayLele/CupCake
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     global $baseURL;
     $baseURL = getcwd();
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     //User has confirmed they want their password changed
     if (!empty($_GET["confirm"])) {
         $token = trim($_GET["confirm"]);
         if ($token == "" || !validateActivationToken($token, TRUE)) {
             $errors[] = lang("FORGOTPASS_INVALID_TOKEN");
         } else {
             $rand_pass = getUniqueCode(15);
             //Get unique code
             $secure_pass = generateHash($rand_pass);
             //Generate random hash
             $userdetails = fetchUserDetails(NULL, $token);
             //Fetchs user details
             $mail = new userCakeMail();
             //Setup our custom hooks
             $hooks = array("searchStrs" => array("#GENERATED-PASS#", "#USERNAME#"), "subjectStrs" => array($rand_pass, $userdetails["display_name"]));
             if (!$mail->newTemplateMsg("{$baseURL}/application/third_party/user_cake/mail-templates/your-lost-password.txt", $hooks)) {
                 $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR");
             } else {
                 if (!$mail->sendMail($userdetails["email"], "Your new password")) {
                     $errors[] = lang("MAIL_ERROR");
                 } else {
                     if (!updatePasswordFromToken($secure_pass, $token)) {
                         $errors[] = lang("SQL_ERROR");
                     } else {
                         if (!flagLostPasswordRequest($userdetails["user_name"], 0)) {
                             $errors[] = lang("SQL_ERROR");
                         } else {
                             $successes[] = lang("FORGOTPASS_NEW_PASS_EMAIL");
                         }
                     }
                 }
             }
         }
     }
     //User has denied this request
     if (!empty($_GET["deny"])) {
         $token = trim($_GET["deny"]);
         if ($token == "" || !validateActivationToken($token, TRUE)) {
             $errors[] = lang("FORGOTPASS_INVALID_TOKEN");
         } else {
             $userdetails = fetchUserDetails(NULL, $token);
             if (!flagLostPasswordRequest($userdetails["user_name"], 0)) {
                 $errors[] = lang("SQL_ERROR");
             } else {
                 $successes[] = lang("FORGOTPASS_REQUEST_CANNED");
             }
         }
     }
     //Forms posted
     if (!empty($_POST)) {
         $email = $_POST["email"];
         $username = sanitize($_POST["username"]);
         //Perform some validation
         //Feel free to edit / change as required
         if (trim($email) == "") {
             $errors[] = lang("ACCOUNT_SPECIFY_EMAIL");
         } else {
             if (!isValidEmail($email) || !emailExists($email)) {
                 $errors[] = lang("ACCOUNT_INVALID_EMAIL");
             }
         }
         if (trim($username) == "") {
             $errors[] = lang("ACCOUNT_SPECIFY_USERNAME");
         } else {
             if (!usernameExists($username)) {
                 $errors[] = lang("ACCOUNT_INVALID_USERNAME");
             }
         }
         if (count($errors) == 0) {
             //Check that the username / email are associated to the same account
             if (!emailUsernameLinked($email, $username)) {
                 $errors[] = lang("ACCOUNT_USER_OR_EMAIL_INVALID");
             } else {
                 //Check if the user has any outstanding lost password requests
                 $userdetails = fetchUserDetails($username);
                 if ($userdetails["lost_password_request"] == 1) {
                     $errors[] = lang("FORGOTPASS_REQUEST_EXISTS");
                 } else {
                     //Email the user asking to confirm this change password request
                     //We can use the template builder here
                     //We use the activation token again for the url key it gets regenerated everytime it's used.
                     $mail = new userCakeMail();
                     $confirm_url = lang("CONFIRM") . "\n" . $websiteUrl . "forgot-password.php?confirm=" . $userdetails["activation_token"];
                     $deny_url = lang("DENY") . "\n" . $websiteUrl . "forgot-password.php?deny=" . $userdetails["activation_token"];
                     //Setup our custom hooks
                     $hooks = array("searchStrs" => array("#CONFIRM-URL#", "#DENY-URL#", "#USERNAME#"), "subjectStrs" => array($confirm_url, $deny_url, $userdetails["user_name"]));
                     if (!$mail->newTemplateMsg("{$baseURL}/application/third_party/user_cake/mail-templates/lost-password-request.txt", $hooks)) {
                         $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR");
                     } else {
                         if (!$mail->sendMail($userdetails["email"], "Lost password request")) {
                             $errors[] = lang("MAIL_ERROR");
                         } else {
                             //Update the DB to show this account has an outstanding request
                             if (!flagLostPasswordRequest($userdetails["user_name"], 1)) {
                                 $errors[] = lang("SQL_ERROR");
                             } else {
                                 $successes[] = lang("FORGOTPASS_REQUEST_SUCCESS");
                             }
                         }
                     }
                 }
             }
         }
     }
     $this->load->view('forgot_password');
 }
コード例 #12
0
ファイル: admin_user.php プロジェクト: AdwayLele/CupCake
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     global $baseURL;
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     $userId = $_GET['id'];
     //Check if selected user exists
     if (!userIdExists($userId)) {
         header("Location: " . str_replace('index.php/', '', site_url('admin_users')));
         die;
     }
     $userdetails = fetchUserDetails(NULL, NULL, $userId);
     //Fetch user details
     //Forms posted
     if (!empty($_POST)) {
         //Delete selected account
         if (!empty($_POST['delete'])) {
             $deletions = $_POST['delete'];
             if ($deletion_count = deleteUsers($deletions)) {
                 $successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count));
             } else {
                 $errors[] = lang("SQL_ERROR");
             }
         } else {
             //Update display name
             if ($userdetails['display_name'] != $_POST['display']) {
                 $displayname = trim($_POST['display']);
                 //Validate display name
                 if (displayNameExists($displayname)) {
                     $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE", array($displayname));
                 } elseif (minMaxRange(5, 25, $displayname)) {
                     $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 25));
                 } elseif (!ctype_alnum($displayname)) {
                     $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");
                 } else {
                     if (updateDisplayName($userId, $displayname)) {
                         $successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED", array($displayname));
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             } else {
                 $displayname = $userdetails['display_name'];
             }
             //Activate account
             if (isset($_POST['activate']) && $_POST['activate'] == "activate") {
                 if (setUserActive($userdetails['activation_token'])) {
                     $successes[] = lang("ACCOUNT_MANUALLY_ACTIVATED", array($displayname));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             //Update email
             if ($userdetails['email'] != $_POST['email']) {
                 $email = trim($_POST["email"]);
                 //Validate email
                 if (!isValidEmail($email)) {
                     $errors[] = lang("ACCOUNT_INVALID_EMAIL");
                 } elseif (emailExists($email)) {
                     $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email));
                 } else {
                     if (updateEmail($userId, $email)) {
                         $successes[] = lang("ACCOUNT_EMAIL_UPDATED");
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             }
             //Update title
             if ($userdetails['title'] != $_POST['title']) {
                 $title = trim($_POST['title']);
                 //Validate title
                 if (minMaxRange(1, 50, $title)) {
                     $errors[] = lang("ACCOUNT_TITLE_CHAR_LIMIT", array(1, 50));
                 } else {
                     if (updateTitle($userId, $title)) {
                         $successes[] = lang("ACCOUNT_TITLE_UPDATED", array($displayname, $title));
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             }
             //Remove permission level
             if (!empty($_POST['removePermission'])) {
                 $remove = $_POST['removePermission'];
                 if ($deletion_count = removePermission($remove, $userId)) {
                     $successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array($deletion_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             if (!empty($_POST['addPermission'])) {
                 $add = $_POST['addPermission'];
                 if ($addition_count = addPermission($add, $userId)) {
                     $successes[] = lang("ACCOUNT_PERMISSION_ADDED", array($addition_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             $userdetails = fetchUserDetails(NULL, NULL, $userId);
         }
     }
     $userPermission = fetchUserPermissions($userId);
     $permissionData = fetchAllPermissions();
     require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
     echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin User</h2>\r\n<div id='left-nav'>";
     include "{$baseURL}/application/third_party/user_cake/left-nav.php";
     echo "\r\n</div>\r\n<div id='main'>";
     echo resultBlock($errors, $successes);
     echo "\r\n<form name='adminUser' action='" . $_SERVER['PHP_SELF'] . "?id=" . $userId . "' method='post'>\r\n<table class='admin'><tr><td>\r\n<h3>User Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $userdetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Username:</label>\r\n" . $userdetails['user_name'] . "\r\n</p>\r\n<p>\r\n<label>Display Name:</label>\r\n<input type='text' name='display' value='" . $userdetails['display_name'] . "' />\r\n</p>\r\n<p>\r\n<label>Email:</label>\r\n<input type='text' name='email' value='" . $userdetails['email'] . "' />\r\n</p>\r\n<p>\r\n<label>Active:</label>";
     //Display activation link, if account inactive
     if ($userdetails['active'] == '1') {
         echo "Yes";
     } else {
         echo "No\r\n\t</p>\r\n\t<p>\r\n\t<label>Activate:</label>\r\n\t<input type='checkbox' name='activate' id='activate' value='activate'>\r\n\t";
     }
     echo "\r\n</p>\r\n<p>\r\n<label>Title:</label>\r\n<input type='text' name='title' value='" . $userdetails['title'] . "' />\r\n</p>\r\n<p>\r\n<label>Sign Up:</label>\r\n" . date("j M, Y", $userdetails['sign_up_stamp']) . "\r\n</p>\r\n<p>\r\n<label>Last Sign In:</label>";
     //Last sign in, interpretation
     if ($userdetails['last_sign_in_stamp'] == '0') {
         echo "Never";
     } else {
         echo date("j M, Y", $userdetails['last_sign_in_stamp']);
     }
     echo "\r\n</p>\r\n<p>\r\n<label>Delete:</label>\r\n<input type='checkbox' name='delete[" . $userdetails['id'] . "]' id='delete[" . $userdetails['id'] . "]' value='" . $userdetails['id'] . "'>\r\n</p>\r\n<p>\r\n<label>&nbsp;</label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</div>\r\n</td>\r\n<td>\r\n<h3>Permission Membership</h3>\r\n<div id='regbox'>\r\n<p>Remove Permission:";
     //List of permission levels user is apart of
     foreach ($permissionData as $v1) {
         if (isset($userPermission[$v1['id']])) {
             echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
         }
     }
     //List of permission levels user is not apart of
     echo "</p><p>Add Permission:";
     foreach ($permissionData as $v1) {
         if (!isset($userPermission[$v1['id']])) {
             echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
         }
     }
     echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
 }
コード例 #13
0
 $resp = recaptcha_check_answer($recaptcha_privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
 if (!$resp->is_valid) {
     $v->set_global_error(lang("CAPTCHA_ERROR"));
 }
 // If no validation errors present
 if (count($v->errors_global) + count($v->errors_specific) == 0) {
     $success = true;
     //Construct a user object
     $user = new User($_POST['username'], $_POST['password'], $_POST['email']);
     //Attempt to add the user to the database, carry out finishing  tasks like emailing the user (if required)
     if ($user->userCakeAddUser()) {
         if ($user->mail_failure) {
             array_push($warning_messages, lang("ACTIVATION_MAIL_NOT_SENT", array($_POST['username'], $_POST['email'])));
         }
         // Retrieve the User_ID from the database
         $userdetails = fetchUserDetails($user->clean_username);
         if (!empty($userdetails)) {
             $contact = new Contact(true, $userdetails['User_ID'], $_POST);
             $personal = new Personal(true, $userdetails['User_ID'], $_POST);
             $status = new Status(true, $userdetails['User_ID'], $_POST);
             if ($_POST['group_id'] == 1 || $_POST['group_id'] == 2) {
                 $studies = new Studies_Undergr(true, $userdetails['User_ID'], $_POST);
             }
             $inserted = array();
             $inserted['contact'] = $contact->insert();
             $inserted['personal'] = $personal->insert();
             $inserted['status'] = $status->insert();
             if ($_POST['group_id'] == 1 || $_POST['group_id'] == 2) {
                 $inserted['studies'] = $studies->insert();
             }
             // TODO Failure handling here is non-existent