/** * Validates input from user registration form * * @param eZHTTPTool $http * * @return array */ public static function validateUserInput($http) { if ($http->hasPostVariable('data_user_login') && $http->hasPostVariable('data_user_email') && $http->hasPostVariable('data_user_password') && $http->hasPostVariable('data_user_password_confirm')) { $loginName = $http->postVariable('data_user_login'); $email = $http->postVariable('data_user_email'); $password = $http->postVariable('data_user_password'); $passwordConfirm = $http->postVariable('data_user_password_confirm'); if (trim($loginName) == '') { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The username must be specified.')); } else { $existUser = eZUser::fetchByName($loginName); if ($existUser != null) { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The username already exists, please choose another one.')); } // validate user email $isValidate = eZMail::validate($email); if (!$isValidate) { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The email address is not valid.')); } $authenticationMatch = eZUser::authenticationMatch(); if ($authenticationMatch & eZUser::AUTHENTICATE_EMAIL) { if (eZUser::requireUniqueEmail()) { $userByEmail = eZUser::fetchByEmail($email); if ($userByEmail != null) { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'A user with this email already exists.')); } } } // validate user name if (!eZUser::validateLoginName($loginName, $errorText)) { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', $errorText)); } // validate user password $ini = eZINI::instance(); $generatePasswordIfEmpty = $ini->variable("UserSettings", "GeneratePasswordIfEmpty") == 'true'; if (!$generatePasswordIfEmpty || $password != "") { if ($password == "") { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The password cannot be empty.', 'eZUserType')); } if ($password != $passwordConfirm) { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The passwords do not match.', 'eZUserType')); } if (!eZUser::validatePassword($password)) { $minPasswordLength = $ini->hasVariable('UserSettings', 'MinPasswordLength') ? $ini->variable('UserSettings', 'MinPasswordLength') : 3; return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The password must be at least %1 characters long.', null, array($minPasswordLength))); } if (strtolower($password) == 'password') { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The password must not be "password".')); } } } } else { return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'Input required.')); } return array('status' => 'success'); }
function validateObjectAttributeHTTPInput($http, $base, $contentObjectAttribute) { if ($http->hasPostVariable($base . "_data_user_login_" . $contentObjectAttribute->attribute("id")) && $http->hasPostVariable($base . "_data_user_email_" . $contentObjectAttribute->attribute("id")) && $http->hasPostVariable($base . "_data_user_password_" . $contentObjectAttribute->attribute("id")) && $http->hasPostVariable($base . "_data_user_password_confirm_" . $contentObjectAttribute->attribute("id"))) { $classAttribute = $contentObjectAttribute->contentClassAttribute(); $loginName = $http->postVariable($base . "_data_user_login_" . $contentObjectAttribute->attribute("id")); $email = $http->postVariable($base . "_data_user_email_" . $contentObjectAttribute->attribute("id")); $password = $http->postVariable($base . "_data_user_password_" . $contentObjectAttribute->attribute("id")); $passwordConfirm = $http->postVariable($base . "_data_user_password_confirm_" . $contentObjectAttribute->attribute("id")); if (trim($loginName) == '') { if ($contentObjectAttribute->validateIsRequired() || trim($email) != '') { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The username must be specified.')); return eZInputValidator::STATE_INVALID; } } else { $existUser = eZUser::fetchByName($loginName); if ($existUser != null) { $userID = $existUser->attribute('contentobject_id'); if ($userID != $contentObjectAttribute->attribute("contentobject_id")) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The username already exists, please choose another one.')); return eZInputValidator::STATE_INVALID; } } // validate user email $isValidate = eZMail::validate($email); if (!$isValidate) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The email address is not valid.')); return eZInputValidator::STATE_INVALID; } $authenticationMatch = eZUser::authenticationMatch(); if ($authenticationMatch & eZUser::AUTHENTICATE_EMAIL) { if (eZUser::requireUniqueEmail()) { $userByEmail = eZUser::fetchByEmail($email); if ($userByEmail != null) { $userID = $userByEmail->attribute('contentobject_id'); if ($userID != $contentObjectAttribute->attribute("contentobject_id")) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'A user with this email already exists.')); return eZInputValidator::STATE_INVALID; } } } } // validate user name if (!eZUser::validateLoginName($loginName, $errorText)) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', $errorText)); return eZInputValidator::STATE_INVALID; } // validate user password $ini = eZINI::instance(); $generatePasswordIfEmpty = $ini->variable("UserSettings", "GeneratePasswordIfEmpty") == 'true'; if (!$generatePasswordIfEmpty || $password != "") { if ($password == "") { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The password cannot be empty.', 'eZUserType')); return eZInputValidator::STATE_INVALID; } if ($password != $passwordConfirm) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The passwords do not match.', 'eZUserType')); return eZInputValidator::STATE_INVALID; } if (!eZUser::validatePassword($password)) { $minPasswordLength = $ini->variable('UserSettings', 'MinPasswordLength'); $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The password must be at least %1 characters long.', null, array($minPasswordLength))); return eZInputValidator::STATE_INVALID; } if (strtolower($password) == 'password') { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The password must not be "password".')); return eZInputValidator::STATE_INVALID; } } // validate confirm email if ($ini->variable('UserSettings', 'RequireConfirmEmail') == 'true') { $emailConfirm = $http->postVariable($base . "_data_user_email_confirm_" . $contentObjectAttribute->attribute("id")); if ($email != $emailConfirm) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The emails do not match.', 'eZUserType')); return eZInputValidator::STATE_INVALID; } } } } else { if ($contentObjectAttribute->validateIsRequired()) { $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'Input required.')); return eZInputValidator::STATE_INVALID; } } return eZInputValidator::STATE_ACCEPTED; }