/**
* @param string param name
* @param string param name
* @param boolean Is a password required? (non-empty)
* @return boolean true if OK
*/
function param_check_passwords($var1, $var2, $required = false)
{
global $Settings;
$pass1 = $GLOBALS[$var1];
$pass2 = $GLOBALS[$var2];
if (empty($pass1) && empty($pass2) && !$required) {
// empty is OK:
return true;
}
if (empty($pass1)) {
param_error($var1, T_('Please enter your password twice.'));
return false;
}
if (empty($pass2)) {
param_error($var2, T_('Please enter your password twice.'));
return false;
}
// checking the password has been typed twice the same:
if ($pass1 != $pass2) {
param_error_multiple(array($var1, $var2), T_('You typed two different passwords.'));
return false;
}
if (strlen($pass1) < $Settings->get('user_minpwdlen')) {
param_error_multiple(array($var1, $var2), sprintf(T_('The minimum password length is %d characters.'), $Settings->get('user_minpwdlen')));
return false;
}
return true;
}
/**
* @param string param name
* @param string param name
* @param boolean Is a password required? (non-empty)
* @param integer Minimum password length
* @return boolean true if OK
*/
function param_check_passwords($var1, $var2, $required = false, $min_length = 6)
{
$pass1 = get_param($var1);
$pass2 = get_param($var2);
if (!strlen($pass1) && !strlen($pass2) && !$required) {
// empty is OK:
return true;
}
if (!strlen($pass1)) {
param_error($var1, T_('Please enter your new password.'));
param_error($var2, T_('Please enter your new password twice.'));
return false;
}
if (!strlen($pass2)) {
param_error($var2, T_('Please enter your new password twice.'));
return false;
}
// checking the password has been typed twice the same:
if ($pass1 != $pass2) {
param_error_multiple(array($var1, $var2), T_('You typed two different passwords.'));
return false;
}
if (evo_strlen($pass1) < $min_length) {
param_error_multiple(array($var1, $var2), sprintf(T_('The minimum password length is %d characters.'), $min_length));
return false;
}
return true;
}
/**
* @param string param name
* @param string param name
* @param boolean Is a password required? (non-empty)
* @param integer Minimum password length
* @param array Params
* @return boolean true if OK
*/
function param_check_passwords($var1, $var2, $required = false, $min_length = 6, $params = array())
{
$params = array_merge(array('msg_pass_wrong' => T_('Passwords cannot contain the characters <, > and &.'), 'msg_pass_new' => T_('Please enter your new password.'), 'msg_pass_twice' => T_('Please enter your new password twice.'), 'msg_pass_diff' => T_('You typed two different passwords.'), 'msg_pass_min' => T_('The minimum password length is %d characters.')), $params);
$pass1 = get_param($var1);
$pass2 = get_param($var2);
if (!strlen($pass1) && !strlen($pass2) && !$required) {
// empty is OK:
return true;
}
if (!strlen($pass1)) {
param_error($var1, $params['msg_pass_new']);
param_error($var2, $params['msg_pass_twice']);
return false;
}
if (!strlen($pass2)) {
param_error($var2, $params['msg_pass_twice']);
return false;
}
// checking the password has been typed twice the same:
if ($pass1 != $pass2) {
param_error_multiple(array($var1, $var2), $params['msg_pass_diff']);
return false;
}
if (utf8_strlen($pass1) < $min_length) {
// Checking min length
param_error_multiple(array($var1, $var2), sprintf($params['msg_pass_min'], $min_length));
return false;
}
if (preg_match('/[<>&]/', isset($_POST[$var1]) ? $_POST[$var1] : $_GET[$var1])) {
// Checking the not allowed chars
param_error_multiple(array($var1, $var2), $params['msg_pass_wrong']);
return false;
}
return true;
}
/**
* Check profile parameters and add errors through {@link param_error()}.
*
* @param array associative array.
* Either array( $value, $input_name ) or just $value;
* ($input_name gets used for associating it to a form fieldname)
* - 'invitation': check for non-empty when users can register ONLY with an Invitation code/link
* - 'login': check for non-empty
* - 'nickname': check for non-empty
* - 'icq': must be a number
* - 'email': mandatory, must be well formed
* - 'country': check for non-empty
* - 'firstname': check for non-empty
* - 'lastname': check for non-empty
* - 'url': must be well formed, in allowed scheme, not blacklisted
* - 'pass1' / 'pass2': passwords (twice), must be the same and not == login (if given)
* - 'pass_required': false/true (default is true)
* @param User|NULL A user to use for additional checks (password != login/nick).
*/
function profile_check_params($params, $User = NULL)
{
global $Messages, $Settings, $dummy_fields;
foreach ($params as $k => $v) {
// normalize params:
if ($k != 'pass_required' && !is_array($v)) {
$params[$k] = array($v, $k);
}
}
// checking invitation code:
if (isset($params['invitation'][0])) {
if (empty($params['invitation'][0])) {
// invitation code can't be empty
param_error($params['invitation'][1], T_('Please enter your invitation code.'));
}
}
// checking login has been typed:
if (isset($params['login'][0])) {
if (empty($params['login'][0])) {
// login can't be empty
param_error($dummy_fields[$params['login'][1]], T_('Please enter your login.'));
} else {
param_check_valid_login($dummy_fields[$params['login'][1]]);
}
}
// checking e-mail address
if (isset($params['email'][0])) {
if (empty($params['email'][0])) {
param_error($dummy_fields[$params['email'][1]], T_('Please enter your e-mail address.'));
} elseif (!is_email($params['email'][0])) {
param_error($dummy_fields[$params['email'][1]], T_('The email address is invalid.'));
}
}
// Checking country
if (isset($params['country']) && empty($params['country'][0])) {
param_error($params['country'][1], T_('Please select country.'));
}
// Checking first name
if (isset($params['firstname']) && empty($params['firstname'][0])) {
param_error($params['firstname'][1], T_('Please enter your first name.'));
}
// Checking last name
if (isset($params['lastname']) && empty($params['lastname'][0])) {
param_error($params['lastname'][1], T_('Please enter your last name.'));
}
// Checking gender
if (isset($params['gender'])) {
if (empty($params['gender'][0])) {
param_error($params['gender'][1], T_('Please select gender.'));
} elseif ($params['gender'][0] != 'M' && $params['gender'][0] != 'F') {
param_error($params['gender'][1], 'Gender value is invalid');
}
}
// Checking URL:
if (isset($params['url'])) {
if ($error = validate_url($params['url'][0], 'commenting')) {
param_error($params['url'][1], T_('Supplied URL is invalid: ') . $error);
}
}
// Check passwords:
$pass_required = isset($params['pass_required']) ? $params['pass_required'] : true;
if (isset($params['pass1'][0]) && isset($params['pass2'][0])) {
if ($pass_required || !empty($params['pass1'][0]) || !empty($params['pass2'][0])) {
// Password is required or was given
// checking the password has been typed twice
if (empty($params['pass1'][0]) || empty($params['pass2'][0])) {
param_error($dummy_fields[$params['pass2'][1]], T_('Please enter your password twice.'));
}
// checking the password has been typed twice the same:
if ($params['pass1'][0] !== $params['pass2'][0]) {
param_error($dummy_fields[$params['pass1'][1]], T_('You typed two different passwords.'));
} elseif ($Settings->get('passwd_special') && !preg_match('~[\\x20-\\x2f\\x3a-\\x40\\x5b-\\x60\\x7b-\\x7f]~', $params['pass1'][0])) {
param_error($dummy_fields[$params['pass1'][1]], T_('Your password should contain at least one special character (like & ! $ * - _ + etc.)'));
} elseif (utf8_strlen($params['pass1'][0]) < $Settings->get('user_minpwdlen')) {
param_error($dummy_fields[$params['pass1'][1]], sprintf(T_('The minimum password length is %d characters.'), $Settings->get('user_minpwdlen')));
} elseif (isset($User) && $params['pass1'][0] == $User->get('login')) {
param_error($dummy_fields[$params['pass1'][1]], T_('The password must be different from your login.'));
} elseif (isset($User) && $params['pass1'][0] == $User->get('nickname')) {
param_error($dummy_fields[$params['pass1'][1]], T_('The password must be different from your nickname.'));
} elseif (preg_match('/[<>&]/', $_POST[$dummy_fields[$params['pass1'][1]]])) {
// Checking the not allowed chars
param_error_multiple(array($dummy_fields[$params['pass1'][1]], $dummy_fields[$params['pass2'][1]]), T_('Passwords cannot contain the characters <, > and &.'));
}
}
}
}
