/** * @param $in * @return array * * @code * $ php index.php "route=user.Controller.register&username=abc&password=1234&email=abc@def.com" * @endcode * */ public function register($in) { if (!isset($in['username'])) { sys()->log("Username is empty."); return ERROR(-111, "Username is empty."); } if (!isset($in['password'])) { return ERROR(-1121, "Password is empty."); } if (!isset($in['email'])) { return ERROR(-113, "Email is empty."); } if (user_exists($in['username'])) { return ERROR(-121, "User: {$in['username']} exists."); } if (user_email_exists($in['email'])) { return ERROR(-121, "User email: {$in['email']} exists."); } $sets = array(); $sets['username'] = $in['username']; $sets['password'] = password_encrypt($in['password']); $sets['email'] = $in['email']; $sets['first_name'] = hi('first_name', ''); $sets['middle_name'] = hi('middle_name', ''); $sets['last_name'] = hi('last_name'); $sets['mobile'] = hi('mobile', ''); $sets['landline'] = hi('landline', ''); $sets['address'] = hi('address'); $re = user()->create()->sets($sets)->save(); if ($re) { return SUCCESS(); } else { return ERROR(-4, 'Failed on saving user information.'); } }
function user_create($Username, $Password, $Email) { lib('Passwords'); global $pdo; if (user_exists($Username)) { return false; } if (user_email_exists($Email)) { return false; } $stmt = $pdo->prepare(' INSERT INTO `users` ( `uuid` , `username` , `password` ) VALUES ( uuid() , :username , :password )'); $stmt->bindValue(':username', $Username); $stmt->bindValue(':password', password_hash($Password)); $stmt->execute(); $stmt->closeCursor(); return true; }
function facebook_callback() { $facebook = new Facebook(array('appId' => FACEBOOK_API_KEY, 'secret' => FACEBOOK_API_SECRET)); try { $fbuser = $facebook->api('/me'); if ($id = user_email_exists($fbuser['email'])) { $user = new User($id); $user->facebook = $fbuser['id']; $user->save(); $user->fb_login(); redirect('/user'); } else { $user = new User(); $user->set_default(); $user->email = $fbuser['email']; $user->password = md5(time()); $user->status = 1; if (isset($fbuser['username'])) { $user->username = $fbuser['username']; } else { $user->username = $fbuser['name']; } $user->firstname = $fbuser['first_name']; $user->lastname = $fbuser['last_name']; $user->facebook = $fbuser['id']; $user->gender = $fbuser['gender']; $user->picture = new File(); $user->picture->load_from_url('https://graph.facebook.com/' . $fbuser['id'] . '/picture?type=large'); $created = $user->create(); if ($created) { $user->fb_login(); redirect('/user'); } else { redirect('/register'); } } } catch (Exception $e) { redirect('/'); } }
function change_user_details($user_name, $user_email, $user_password) { $user_id = $_SESSION['user_id']; if (validate_user_name($user_name) != true) { return '<span class="error_span">Name must be <u>letters only</u> and be <u>2 to 12 letters long</u>. If your name is longer, use a short version of your name</span>'; } if (validate_user_email($user_email) != true) { return '<span class="error_span">Email must be a valid email address and be no more than 50 characters long</span>'; } elseif (validate_user_password($user_password) != true && !empty($user_password)) { return '<span class="error_span">Password must be at least 4 characters</span>'; } elseif (user_name_exists($user_name, $conn) == true && $user_name != $_SESSION['user_name']) { return '<span class="error_span">Name is already in use. If you have the same name as someone else, use another spelling that identifies you</span>'; } elseif (user_email_exists($user_email) == true && $user_email != $_SESSION['user_email']) { return '<span class="error_span">Email is already registered</span>'; } else { if (empty($user_password)) { mysqli_query($conn, "UPDATE " . global_mysql_users_table . " SET user_name='{$user_name}', user_email='{$user_email}' WHERE user_id='{$user_id}'") or die('<span class="error_span"><u>MySQL error:</u> ' . htmlspecialchars(mysqli_error($conn)) . '</span>'); } else { $user_password = encrypt_password($user_password); mysqli_query($conn, "UPDATE " . global_mysql_users_table . " SET user_name='{$user_name}', user_email='{$user_email}', user_password='******' WHERE user_id='{$user_id}'") or die('<span class="error_span"><u>MySQL error:</u> ' . htmlspecialchars(mysqli_error($conn)) . '</span>'); } mysqli_query($conn, "UPDATE " . global_mysql_reservations_table . " SET reservation_user_name='{$user_name}', reservation_user_email='{$user_email}' WHERE reservation_user_id='{$user_id}'") or die('<span class="error_span"><u>MySQL error:</u> ' . htmlspecialchars(mysqli_error($conn)) . '</span>'); $_SESSION['user_name'] = $user_name; $_SESSION['user_email'] = $user_email; $user_password = strip_salt($user_password); setcookie(global_cookie_prefix . '_user_email', $user_email, time() + 3600 * 24 * intval(global_remember_login_days)); setcookie(global_cookie_prefix . '_user_password', $user_password, time() + 3600 * 24 * intval(global_remember_login_days)); return 1; } }
$error=false; $error_extra=""; $user_email=getval("email",""); hook("preuserrequest"); if (getval("save","")!="") { # Check the anti-spam code is correct if (getval("antispamcode","")!=md5(getval("antispam",""))) { $error=$lang["requiredfields"]; } # Check that the e-mail address doesn't already exist in the system elseif (user_email_exists(getval("email",""))) { # E-mail already exists $error=$lang["accountemailalreadyexists"];$error_extra="<br/><a href=\"".$baseurl_short."pages/user_password.php?email=" . urlencode(getval("email","")) . "\">" . $lang["forgottenpassword"] . "</a>"; } else { # E-mail is unique if ($user_account_auto_creation) { # Automatically create a new user account $try=auto_create_user_account(); } else {
if ($custom_field_sub_value_list != "") { $customContents .= i18n_get_translated($custom[$n]) . ": " . i18n_get_translated($custom_field_sub_value_list) . "\n\n"; # append with list of all sub values found } elseif ($custom_field_value != "") { $customContents .= i18n_get_translated($custom[$n]) . ": " . i18n_get_translated($custom_field_value) . "\n\n"; # there is a value so append it } elseif (isset($required) && in_array($custom[$n], $required)) { $missingFields[] = $custom[$n]; } } } if (!empty($missingFields)) { $error = $lang["requiredfields"] . ' ' . i18n_get_translated(implode(', ', $missingFields), true); } elseif (getval("antispamcode", "") != md5(getval("antispam", ""))) { $error = $lang["requiredantispam"]; } elseif (user_email_exists($user_email)) { # E-mail already exists $error = $lang["accountemailalreadyexists"]; $error_extra = "<br/><a href=\"" . $baseurl_short . "pages/user_password.php?email=" . urlencode($user_email) . "\">" . $lang["forgottenpassword"] . "</a>"; } else { # E-mail is unique if ($user_account_auto_creation) { # Automatically create a new user account $try = auto_create_user_account(); } else { $try = email_user_request(); } if ($try === true) { redirect($baseurl_short . "pages/done.php?text=user_request"); } else { $error = $try;
if (empty($_POST['password'])) { $errors[] = 'Please enter a password'; } if (empty($_POST['email'])) { $errors[] = 'Please enter an email'; } if (!$errors) { // More validation, but no point if anything is empty if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { $errors[] = 'Please enter a valid email'; } lib('User'); if (user_exists($_POST['username'])) { $errors[] = 'That username is already taken. Please try again'; } if (user_email_exists($_POST['email'])) { $errors[] = 'That email is already taken. Please try again'; } if (strlen($_POST['password']) < 4) { $errors[] = 'Please enter a longer password'; } } if (!$errors) { if (user_create($_POST['username'], $_POST['password'], $_POST['email'])) { user_force_authenticate($_POST['username']); $smarty->display('registration_complete.tpl'); die; // All complete! } else { $errors[] = 'Unknown error. Please try again'; }
unset($_SESSION['register_errors']); } if (isset($_SESSION['name']) && isset($_SESSION['email']) && isset($_SESSION['bio'])) { unset($_SESSION['name']); unset($_SESSION['email']); unset($_SESSION['bio']); } $name = mysqli_real_escape_string($dbc, $_POST['name']); $email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL); $bio = mysqli_real_escape_string($dbc, $_POST['bio']); $password = sha1(SHA1_SALT . $_POST['password']); $confirm = sha1(SHA1_SALT . $_POST['confirm']); if ($email == false) { $_SESSION['register_errors'][] = "Email is not valid"; } else { if (user_email_exists($email)) { $_SESSION['register_errors'][] = "Email already exists"; } } if ($password != '' && $confirm != '') { if ($password != $confirm) { $_SESSION['register_errors'][] = "Passwords don't match"; } } else { $_SESSION['register_errors'][] = "Please complete password fields"; } if (!isset($_SESSION['register_errors'])) { $update = user_insert($name, $email, $bio, $password); if ($update) { header('Location: index.php?controller=login'); break;
public function create() { if (empty($this->email)) { return false; } if (empty($this->username) && !empty($this->email)) { $this->username = array_shift(explode('@', $this->email)); } $this->email = strtolower($this->email); $this->created = time(); $this->updated = time(); $this->deleted = 0; $this->password = md5($this->email . $this->password); if (!user_email_exists($this->email) && !user_name_exists($this->username)) { $this->save(); return true; } else { return false; } }
function user_set_email($user_id, $new_email) { //If the new username is different from current if (strcmp($new_email, user_get_email($user_id))) { //check that no other user has it if (!user_email_exists($new_email)) { //set it $sql = "UPDATE " . PREFIX . "user SET email='" . sql_safe($new_email) . "' WHERE id=" . sql_safe($user_id) . ";"; if (mysql_query($sql)) { add_message("New email set"); } else { add_error("Email could not be set: " . mysql_error()); } } else { add_error("Email '{$new_email}' is already in use."); } } }
function user_email_exists_json() { if ($param = get('email')) { $response = array('status' => 200, 'response' => user_email_exists($param)); } else { $response = array('status' => 500, 'response' => 'missing arguments'); } return json_encode($response); }
function change_user_details($user_name, $user_email, $user_password) { $user_id = $_SESSION['user_id']; if (validate_user_name($user_name) != true) { // return('<span class="error_span">Name must be <u>letters only</u> and be <u>2 to 12 letters long</u>. If your name is longer, use a short version of your name</span>'); return '<span class="error_span">El "Número de Alumno"solo admite <u>números</u>. Entre 3 y 6 dígitos</span>'; } if (validate_user_email($user_email) != true) { return '<span class="error_span">El Email debe ser válido y no tener más de 50 caracteres.</span>'; } elseif (validate_user_password($user_password) != true && !empty($user_password)) { return '<span class="error_span">El Password debe tener un mínimo de 4 caracteres</span>'; } elseif (user_name_exists($user_name) == true && $user_name != $_SESSION['user_name']) { return '<span class="error_span">Ese número de alumno ya fue utilizado</span>'; } elseif (user_email_exists($user_email) == true && $user_email != $_SESSION['user_email']) { return '<span class="error_span">Email ya registrado</span>'; } else { if (empty($user_password)) { mysql_query("UPDATE " . global_mysql_users_table . " SET user_name='{$user_name}', user_email='{$user_email}' WHERE user_id='{$user_id}'") or die('<span class="error_span"><u>MySQL error:</u> ' . htmlspecialchars(mysql_error()) . '</span>'); } else { $user_password = encrypt_password($user_password); mysql_query("UPDATE " . global_mysql_users_table . " SET user_name='{$user_name}', user_email='{$user_email}', user_password='******' WHERE user_id='{$user_id}'") or die('<span class="error_span"><u>MySQL error:</u> ' . htmlspecialchars(mysql_error()) . '</span>'); } mysql_query("UPDATE " . global_mysql_reservations_table . " SET reservation_user_name='{$user_name}', reservation_user_email='{$user_email}' WHERE reservation_user_id='{$user_id}'") or die('<span class="error_span"><u>MySQL error:</u> ' . htmlspecialchars(mysql_error()) . '</span>'); $_SESSION['user_name'] = $user_name; $_SESSION['user_email'] = $user_email; $user_password = strip_salt($user_password); setcookie(global_cookie_prefix . '_user_email', $user_email, time() + 3600 * 24 * intval(global_remember_login_days)); setcookie(global_cookie_prefix . '_user_password', $user_password, time() + 3600 * 24 * intval(global_remember_login_days)); return 1; } }