<h1>Signup Results</h1>
<?php
// Possible improvement: all this validation really could be happening via JavaScript
// before form submission.
if (!isUsernameAvailable($r_username)) {
// See if the username is taken
echo "Sorry, but the collector name <b>" . $r_username . "</b> is already taken. Please go ";
echo "<a href=\"javascript:window.history.back();\">back</a> and try again.";
} elseif (strlen($r_password) < 6) {
// Minimum password length is 6 characters. Please fix this magic number
echo "Your password must be at least 6 characters long. Please go ";
echo "<a href=\"javascript:window.history.back();\">back</a> and try again.";
} elseif (strcmp($r_password, $r_password_confirm) != 0) {
// Compare the password and the confirmation password...
echo "Sorry, but your passwords don't match. Please go ";
echo "<a href=\"javascript:window.history.back();\">back</a> and try again.";
} elseif (!isEmailValid($r_email)) {
// Call the isEmailValid() function (defined in functions.php) to see if the email
// matches regexps for a valid address.
echo "Invalid email address. Please go ";
echo "<a href=\"javascript:window.history.back();\">back</a> and try again.";
} else {
// Okay, form checks out
createUser($r_username, $r_password, $r_email, $r_record);
echo "Welcome to Fantasy Collecting! You can now <a href=\"javascript:window.parent.Shadowbox.close();\">Log in</a> and have a look around.";
}
?>
</div>
</body>
</html>
/** specific check the values of the form
* this methods check the entered values
*/
function _checkValues()
{
// check email adresses for equality
if ($this->_form_post['email'] != $this->_form_post['email_confirmation']) {
$this->_error_array[] = $this->_translator->getMessage('USER_EMAIL_ERROR');
$this->_form->setFailure('email', '');
$this->_form->setFailure('email_confirmation', '');
} else {
//check emails for validity
if (isEmailValid($this->_form_post['email']) == false) {
$this->_error_array[] = $this->_translator->getMessage('USER_EMAIL_VALID_ERROR');
$this->_form->setFailure('email', '');
$this->_form->setFailure('email_confirmation', '');
}
}
if ($this->_environment->getCurrentContextItem()->withAGB() and $this->_environment->getCurrentContextItem()->withAGBDatasecurity()) {
if (!isset($this->_form_post['terms_of_use'])) {
$this->_error_array[] = $this->_translator->getMessage('CONFIGURATION_AGB_ACCEPT_ERROR');
$this->_form->setFailure('terms_of_use', '');
}
}
// password check
if ($this->_form_post['password'] != $this->_form_post['password2']) {
$this->_error_array[] = $this->_translator->getMessage('USER_PASSWORD_ERROR');
$this->_form->setFailure('password', '');
$this->_form->setFailure('password2', '');
}
if (isset($this->_form_post['auth_source'])) {
$auth_source_manager = $this->_environment->getAuthSourceManager();
$auth_source_item = $auth_source_manager->getItem($this->_form_post['auth_source']);
if ($auth_source_item->getPasswordLength() > 0) {
if (strlen($this->_form_post['password']) < $auth_source_item->getPasswordLength()) {
$this->_error_array[] = $this->_translator->getMessage('USER_NEW_PASSWORD_LENGTH_ERROR', $auth_source_item->getPasswordLength());
}
}
if ($auth_source_item->getPasswordSecureBigchar() == 1) {
if (!preg_match('~[A-Z]+~u', $this->_form_post['password'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_NEW_PASSWORD_BIGCHAR_ERROR');
}
}
if ($auth_source_item->getPasswordSecureSpecialchar() == 1) {
if (!preg_match('~[^a-zA-Z0-9]+~u', $this->_form_post['password'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_NEW_PASSWORD_SPECIALCHAR_ERROR');
}
}
if ($auth_source_item->getPasswordSecureNumber() == 1) {
if (!preg_match('~[0-9]+~u', $this->_form_post['password'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_NEW_PASSWORD_NUMBER_ERROR');
}
}
if ($auth_source_item->getPasswordSecureSmallchar() == 1) {
if (!preg_match('~[a-z]+~u', $this->_form_post['password'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_NEW_PASSWORD_SMALLCHAR_ERROR');
}
}
unset($auth_source_manager);
}
// is user id free?
if (!empty($this->_form_post['auth_source']) and is_numeric($this->_form_post['auth_source'])) {
$authentication = $this->_environment->getAuthenticationObject();
if (!$authentication->is_free($this->_form_post['user_id'], $this->_form_post['auth_source'])) {
$error_array = $authentication->getErrorArray();
if (count($error_array) > 0) {
$this->_error_array = array_merge($this->_error_array, $error_array);
} else {
$this->_error_array[] = $this->_translator->getMessage('USER_USER_ID_ERROR', $this->_form_post['user_id']);
}
$this->_form->setFailure('user_id', '');
} elseif (withUmlaut($this->_form_post['user_id'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_USER_ID_ERROR_UMLAUT', $this->_form_post['user_id']);
$this->_form->setFailure('user_id', '');
}
} elseif (!empty($this->_form_post['auth_source'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_AUTH_SOURCE_ERROR_NOT_AVAILABLE', $this->_form_post['auth_source']);
} else {
$this->_error_array[] = $this->_translator->getMessage('USER_AUTH_SOURCE_ERROR');
}
}
<?php
function isEmailValid($email)
{
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
return 'false';
} else {
return 'true';
}
}
//On parcours le fichiers en ignorant les lignes vides
$lines = file($argv[1], FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($lines as $line) {
$line = trim($line);
print_r(isEmailValid($line));
print_r("\n");
}
/** specific check the values of the form
* this methods check the entered values
*/
function _checkValues()
{
if (!empty($this->_form_post['email']) and !isEmailValid($this->_form_post['email'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_EMAIL_VALID_ERROR');
$this->_form->setFailure('email', '');
}
// exists user id?
if (!empty($this->_form_post['user_id'])) {
$current_user = $this->_environment->getCurrentUserItem();
$auth_source = $current_user->getAuthSource();
if (!empty($auth_source)) {
$authentication = $this->_environment->getAuthenticationObject();
$this->_user = $this->_environment->getPortalUserItem();
if ($this->_user->getUserID() != $this->_form_post['user_id'] and !$authentication->is_free($this->_form_post['user_id'], $auth_source)) {
$this->_error_array[] = $this->_translator->getMessage('USER_USER_ID_ERROR', $this->_form_post['user_id']);
$this->_form->setFailure('user_id', '');
} elseif (withUmlaut($this->_form_post['user_id'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_USER_ID_ERROR_UMLAUT', $this->_form_post['user_id']);
$this->_form->setFailure('user_id', '');
}
} else {
$this->_error_array[] = $this->_translator->getMessage('USER_AUTH_SOURCE_ERROR');
}
}
}
/** specific check the values of the form
* this methods check the entered values
*/
function _checkValues()
{
if (!empty($this->_form_post['email'])) {
$user_manager = $this->_environment->getUserManager();
$user_manager->resetLimits();
$user_manager->setContextLimit($this->_environment->getCurrentPortalID());
$user_manager->setUserLimit();
$user_manager->setSearchLimit($this->_form_post['email']);
$user_manager->select();
$user_list = $user_manager->get();
// check email adresses for equality
if ($user_list->isEmpty() or $user_list->getCount() < 1) {
$this->_error_array[] = $this->_translator->getMessage('ERROR_EMAIL_DOES_NOT_EXIST');
$this->_form->setFailure('email', '');
}
if (isEmailValid($this->_form_post['email']) == false) {
$this->_error_array[] = $this->_translator->getMessage('USER_EMAIL_VALID_ERROR');
$this->_form->setFailure('email', '');
}
}
}
public function sendIdForget($session_id, $context_id, $email)
{
$xml = "";
$valid = true;
$errorArray = array();
if ($this->_isSessionValid($session_id)) {
$this->_environment->setCurrentContextID($context_id);
$translator = $this->_environment->getTranslationObject();
if (!isEmailValid($email)) {
$errorArray['format'] = $translator->getMessage('USER_EMAIL_VALID_ERROR');
}
if (empty($errorArray)) {
$userManager = $this->_environment->getUserManager();
$userManager->resetLimits();
$userManager->setContextLimit($this->_environment->getCurrentPortalID());
$userManager->setUserLimit();
$userManager->setSearchLimit($email);
$userManager->select();
$userList = $userManager->get();
// did we hit something?
if ($userList->isEmpty()) {
$errorArray['not_found'] = $translator->getMessage('ERROR_EMAIL_DOES_NOT_EXIST');
} else {
$userManager->resetLimits();
$userManager->setContextLimit($this->_environment->getCurrentPortalID());
$userManager->setEmailLimit($email);
$userManager->select();
$userList = $userManager->get();
$userItem = $userList->getFirst();
$portalItem = $this->_environment->getCurrentPortalItem();
$authSourceId = null;
$accountText = "";
$userFullname = "";
$showAuthSource = false;
while ($userItem) {
if ($authSourceId && $authSourceId != $userItem->getAuthSource()) {
$showAuthSource = true;
break;
} else {
$authSourceId = $userItem->getAuthSource();
}
$userItem = $userList->getNext();
}
$first = true;
$userItem = $userList->getFirst();
while ($userItem) {
if ($first) {
$first = false;
} else {
$accountText .= LF;
}
$accountText .= $userItem->getUserID();
if ($showAuthSource) {
$authSourceItem = $portalItem->getAuthSource($userItem->getAuthSource());
$accountText .= " (" . $authSourceItem->getTitle() . ")";
}
$userFullname = $userItem->getFullname();
$userItem = $userList->getNext();
}
// send email
$modText = "";
$modList = $portalItem->getContactModeratorList();
if (!$modList->isEmpty()) {
$modItem = $modList->getFirst();
$contactModerator = $modItem;
while ($modItem) {
if (!empty($modText)) {
$modText .= "," . LF;
}
$modText .= $modItem->getFullname();
$modText .= " (" . $modItem->getEmail() . ")";
$modItem = $modList->getNext();
}
}
include_once 'classes/cs_mail.php';
$mail = new cs_mail();
$mail->set_to($email);
$serverItem = $this->_environment->getServerItem();
$defaultSenderAddress = $serverItem->getDefaultSenderAddress();
if (!empty($defaultSenderAddress)) {
$mail->set_from_email($defaultSenderAddress);
} else {
$mail->set_from_email('@');
}
if (isset($contactModerator)) {
$mail->set_reply_to_email($contactModerator->getEmail());
$mail->set_reply_to_name($contactModerator->getFullname());
}
$mail->set_from_name($translator->getMessage('SYSTEM_MAIL_MESSAGE', $portalItem->getTitle()));
$mail->set_subject($translator->getMessage('USER_ACCOUNT_FORGET_MAIL_SUBJECT', $portalItem->getTitle()));
$body = $translator->getMessage('MAIL_AUTO', $translator->getDateInLang(getCurrentDateTimeInMySQL()), $translator->getTimeInLang(getCurrentDateTimeInMySQL()));
$body .= LF . LF;
$body .= $translator->getEmailMessage('MAIL_BODY_HELLO', $userFullname);
$body .= LF . LF;
$body .= $translator->getMessage('USER_ACCOUNT_FORGET_MAIL_BODY', $portalItem->getTitle(), $accountText);
$body .= LF . LF;
if (empty($contactModerator)) {
$body .= $translator->getMessage('SYSTEM_MAIL_REPLY_INFO') . LF;
$body .= $modText;
$body .= LF . LF;
} else {
$body .= $translator->getEmailMessage('MAIL_BODY_CIAO', $contactModerator->getFullname(), $portalItem->getTitle());
$body .= LF . LF;
}
$body .= "http://" . $_SERVER["HTTP_HOST"] . $_SERVER["PHP_SELF"] . "?cid=" . $this->_environment->getCurrentContextID();
$mail->set_message($body);
if (!$mail->send()) {
$errorArray['send'] = "";
}
}
}
if (sizeof($errorArray) > 0) {
$xml = "<errors>\n";
foreach ($errorArray as $code => $description) {
$xml .= "<" . $code . "><![CDATA[" . $description . "]]></" . $code . ">\n";
}
$xml .= "</errors>";
} else {
$xml = "<success></success>";
}
$xml = $this->_encode_output($xml);
} else {
return new SoapFault('ERROR', 'Session (' . $session_id . ') not valid!');
}
return $xml;
}
/** specific check the values of the form
* this methods check the entered values
*/
function _checkValues()
{
if ($this->_environment->getCurrentContextItem()->withAGB() and $this->_environment->getCurrentContextItem()->withAGBDatasecurity()) {
if (!isset($this->_form_post['terms_of_use'])) {
$this->_error_array[] = $this->_translator->getMessage('CONFIGURATION_AGB_ACCEPT_ERROR');
$this->_form->setFailure('terms_of_use', '');
}
}
// check email adresses for equality
if ($this->_form_post['email'] != $this->_form_post['email_confirmation']) {
$this->_error_array[] = $this->_translator->getMessage('USER_EMAIL_ERROR');
$this->_form->setFailure('email', '');
$this->_form->setFailure('email_confirmation', '');
} else {
//check emails for validity
if (isEmailValid($this->_form_post['email']) == false) {
$this->_error_array[] = $this->_translator->getMessage('USER_EMAIL_VALID_ERROR');
$this->_form->setFailure('email', '');
$this->_form->setFailure('email_confirmation', '');
}
}
}
/** specific check the values of the form
* this methods check the entered values
*/
function _checkValues()
{
if ($this->_form_post['password'] != $this->_form_post['password2']) {
$this->_error_array[] = $this->_translator->getMessage('USER_PASSWORD_ERROR');
$this->_form->setFailure('password');
$this->_form->setFailure('password2');
}
if (isset($this->_form_post['auth_source_id'])) {
$auth_source_manager = $this->_environment->getAuthSourceManager();
$auth_source_item = $auth_source_manager->getItem($this->_form_post['auth_source_id']);
if ($auth_source_item->getPasswordLength() > 0) {
if (strlen($this->_form_post['password']) < $auth_source_item->getPasswordLength()) {
$this->_error_array[] = $this->_translator->getMessage('USER_NEW_PASSWORD_LENGTH_ERROR', $auth_source_item->getPasswordLength());
}
}
if ($auth_source_item->getPasswordSecureBigchar() == 1) {
if (!preg_match('~[A-Z]+~u', $this->_form_post['password'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_NEW_PASSWORD_BIGCHAR_ERROR');
}
}
if ($auth_source_item->getPasswordSecureSpecialchar() == 1) {
if (!preg_match('~[^a-zA-Z0-9]+~u', $this->_form_post['password'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_NEW_PASSWORD_SPECIALCHAR_ERROR');
}
}
if ($auth_source_item->getPasswordSecureNumber() == 1) {
if (!preg_match('~[0-9]+~u', $this->_form_post['password'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_NEW_PASSWORD_NUMBER_ERROR');
}
}
if ($auth_source_item->getPasswordSecureSmallchar() == 1) {
if (!preg_match('~[a-z]+~u', $this->_form_post['password'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_NEW_PASSWORD_SMALLCHAR_ERROR');
}
}
unset($auth_source_manager);
}
if ($this->_environment->getCurrentUserItem()->isRoot()) {
if (!isEmailValid($this->_form_post['email'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_EMAIL_VALID_ERROR');
$this->_form->setFailure('email');
}
if ($this->_form_post['email'] != $this->_form_post['email2']) {
$this->_error_array[] = $this->_translator->getMessage('USER_EMAIL_ERROR');
$this->_form->setFailure('email');
$this->_form->setFailure('email2');
}
}
}
$firstname = trim($_POST['fname']);
$lastname = trim($_POST['lname']);
$emailaddr = trim($_POST['email']);
$dobmonth = $_POST['dob_m'];
$dobday = $_POST['dob_d'];
$dobyear = $_POST['dob_y'];
// Not really doing anything with comments for now...
//$comments = htmlspecialchars(trim($_POST['comments']), ENT_NOQUOTES, "UTF-8");
// TODO: Fancy regex to make sure username/pw doesn't contain forbidden characters?
$error = "";
$failed = FALSE;
if (strlen($username) < 1 || strlen($password) < 1) {
$error = $error . "Please enter both a username and a password.<br>";
$failed = TRUE;
}
if (!isEmailValid($emailaddr)) {
$error = $error . "Please enter a valid email address.<br>";
$failed = TRUE;
}
if (is_numeric($dobday) && is_numeric($dobmonth) && is_numeric($dobyear)) {
if (!checkdate($dobmonth, $dobday, $dobyear)) {
$error = $error . "Invalid date of birth specified!<br>";
$failed = TRUE;
}
} else {
$error = $error . "Invalid entry for birth date!<br>";
$failed = TRUE;
}
$firstname = htmlspecialchars($firstname, ENT_NOQUOTES, "UTF-8");
$lastname = htmlspecialchars($lastname, ENT_NOQUOTES, "UTF-8");
if (strlen($firstname) < 0 || strlen($firstname > 20)) {
/** specific check the values of the form
* this methods check the entered values
*/
function _checkValues()
{
//check emails for validity
if (!empty($this->_form_post['server_default_sender_address']) and !isEmailValid($this->_form_post['server_default_sender_address'])) {
$this->_error_array[] = $this->_translator->getMessage('USER_EMAIL_VALID_ERROR');
$this->_form->setFailure('server_default_sender_address', '');
}
$portal_item = $this->_environment->getCurrentPortalItem();
if (isset($portal_item)) {
$project_room_link_status = $portal_item->getProjectRoomLinkStatus();
if (isset($this->_form_post['communityrooms']) and $project_room_link_status != 'optional') {
if (($this->_form_post['communityrooms'] == -1 or $this->_form_post['communityrooms'] == 'disabled' or $this->_form_post['communityrooms'] == '--------------------') and !isset($this->_form_post['communityroomlist'])) {
$this->_form->setFailure('communityrooms', 'mandatory');
$this->_error_array[] = $this->_translator->getMessage('COMMON_ERROR_COMMUNITY_ROOM_ENTRY', $this->_translator->getMessage('PREFERENCES_COMMUNITY_ROOMS'));
}
}
}
// url: portal/server
if (!empty($this->_form_post['url'])) {
$portal_manager = $this->_environment->getPortalManager();
$url = $this->_form_post['url'];
$url = str_replace('http://', '', $url);
$url = str_replace('https://', '', $url);
if (strstr($url, '?')) {
$url = mb_substr($url, 0, strpos($url, '?'));
}
$url = str_replace('/commsy.php', '', $url);
$url = str_replace('/index.php', '', $url);
if (substr($url, strlen($url) - 1) == '/') {
$url = substr($url, 0, strlen($url) - 1);
}
if (!empty($url)) {
// check server
$server_item = $this->_environment->getServerItem();
$server_url = $server_item->getUrl();
$server_id = $server_item->getItemID();
$current_id = $this->_form_post['iid'];
if ($current_id != $server_id and $server_url == $url) {
$this->_form->setFailure('url', '');
$this->_error_array[] = $this->_translator->getMessage('CONFIGURATION_ERROR_SERVER_URL', $this->_form_post['url']);
} else {
// check portal
$portal_manager->setUrlLimit($url);
$portal_manager->select();
$portal_list = $portal_manager->get();
if (!empty($portal_list) and $portal_list->isNotEmpty()) {
$portal_item = $portal_list->getFirst();
$portal_id = $portal_item->getItemID();
$current_id = $this->_form_post['iid'];
if ($portal_id != $current_id) {
$this->_form->setFailure('url', '');
$this->_error_array[] = $this->_translator->getMessage('CONFIGURATION_ERROR_PORTAL_URL', $this->_form_post['url'], $portal_item->getTitle());
}
unset($portal_id);
unset($current_id);
unset($portal_item);
}
unset($portal_manager);
unset($portal_list);
}
}
}
}
/** specific check the values of the form
* this methods check the entered values
*/
function _checkValues()
{
//check emails for validity. Empty fields are accepted, too.
if (!empty($this->_form_post['serviceemail']) and isEmailValid($this->_form_post['serviceemail']) == false) {
$this->_error_array[] = $this->_translator->getMessage('USER_EMAIL_VALID_ERROR');
$this->_form->setFailure('email', '');
$this->_form->setFailure('email_confirmation', '');
}
}
// ...........................................................
// Izpis vpisanih vrednosti v obrazec
echo "Ime = " . htmlspecialchars($ime, ENT_NOQUOTES, "UTF-8") . "<br/>";
echo "E-mail = " . $email . "<br/>";
echo "Geslo = " . $geslo . "<br/>";
echo "Geslo2 = " . $geslo2 . "<br/>";
echo "CaptchaCode = " . $captchaCode . "<br/>";
// Preverjanje funkcij za odstranjevanje / dodajanje slashev
echo "<hr/>";
echo "Odstranim slashe:" . stripslashes($_POST['ime']) . "<br/>";
echo "Dodam slashe:" . addslashes($_POST['ime']) . "<br/>";
echo "<hr/>";
echoResult("Preverjanje dolžine (med 6 in 16 znaki): ", isWithinLength($geslo, 6, 16));
echoResult("Preverjanje ujemanja obeh vpisanih gesel: ", $geslo == $geslo2);
echoResult("Ali geslo vsebuje cifre: ", areDigitsPresent($geslo));
echoResult("Ali geslo vsebuje male znake abecede: ", areLowerCharsPresent($geslo));
echoResult("Ali geslo vsebuje velike znake abecede: ", areUpperCharsPresent($geslo));
echoResult("Ali geslo vsebuje posebne znake: ", areSpecCharsPresent($geslo));
echo "Moč gesla (pri min. dolžini 6 znakov) = " . passwordStrength($geslo, 6) . "<br/>";
echoResult("Ali geslo ima moč 4 in je med 6 - 16 znaki? ", isStrongEnough($geslo, 6, 16, 4));
echoResult("Je e-mail ustrezen? ", isEmailValid($email));
echoResult('Ali je bila CAPTCHA koda pravilno vnešena? ', $imgCaptcha->check($captchaCode) == true);
// ...........................................................
// Izpis informacije v desn stolpec
// ...........................................................
$infoOdstavek = "Preverjanje moči gesla, funkcij za delo z nizi, ter preprečevanje " . "napadov kot sta XSS in SQL injection";
desniStolpec($infoOdstavek);
noga();
?>