/**
* Filter a registration/user control panel form. An exception is thrown if
* data can't be filtered. An array of variables usable in SQL are returned.
*
* @param array $input An array of unfiltered data from a registration/control panel form
* @return array An array of filtered SQL insertable data
*/
public static function processForm($input, &$errors)
{
global $DB;
$SQLVars = array();
$available = array('username' => '', 'password' => '', 'passwordcheck' => '', 'email' => '', 'hideEmail' => '', 'showEmail' => '', 'homepage' => '', 'comment' => '');
$userForm = array();
foreach ($available as $name => $val) {
if (isset($input[$name]) and $input) {
$userForm[$name] = $input[$name];
}
}
if (isset($userForm['username'])) {
$SQLVars['username'] = trim($DB->escape($userForm['username']));
}
if (isset($userForm['password']) and $userForm['password']) {
if (isset($userForm['passwordcheck']) and $userForm['password'] == $userForm['passwordcheck']) {
$SQLVars['password'] = "******" . libAuth::pass_Hash($userForm['password']) . "')";
} else {
$errors[] = l_t("The two passwords do not match");
}
}
if (isset($userForm['email']) and $userForm['email']) {
$userForm['email'] = trim($DB->escape($userForm['email']));
if (!libAuth::validate_email($userForm['email'])) {
$errors[] = l_t("The e-mail address you entered isn't valid. Please enter a valid one");
} else {
$SQLVars['email'] = $userForm['email'];
}
}
if (isset($userForm['hideEmail'])) {
if ($userForm['hideEmail'] == "Yes") {
$SQLVars['hideEmail'] = "Yes";
} else {
$SQLVars['hideEmail'] = "No";
}
}
if (isset($userForm['homepage']) and $userForm['homepage']) {
$userForm['homepage'] = $DB->escape($userForm['homepage']);
$SQLVars['homepage'] = $userForm['homepage'];
}
if (isset($userForm['comment']) and $userForm['comment']) {
$userForm['comment'] = $DB->msg_escape($userForm['comment']);
$SQLVars['comment'] = $userForm['comment'];
}
return $SQLVars;
}
$imageToken = explode('|', $_COOKIE['imageToken'], 2);
if (count($imageToken) != 2) {
throw new Exception(l_t("A bad anti-script code was given, please try again"));
}
list($Hash, $Time) = $imageToken;
if (md5(Config::$secret . $_REQUEST['imageText'] . $_SERVER['REMOTE_ADDR'] . $Time) != $Hash) {
throw new Exception(l_t("An invalid anti-script code was given, please try again"));
} elseif (time() - 3 * 60 > $Time) {
throw new Exception(l_t("This anti-script code has expired, please submit it within 3 minutes"));
}
// The user's imageText is validated; he's not a robot. But does he have a real e-mail address?
$email = trim($DB->escape($_REQUEST['emailValidate']));
if (User::findEmail($email)) {
throw new Exception(l_t("The e-mail address '%s', is already in use. Please choose another.", $email));
}
if (!libAuth::validate_email($email)) {
throw new Exception(l_t("A first check of this e-mail is finding it invalid. Remember you need one to " . "play, and it will not be spammed or released."));
}
// Prelim checks look okay, lets send the e-mail
$Mailer->Send(array($email => $email), l_t('Your new webDiplomacy account'), l_t("Hello and welcome!") . "<br><br>\r\n\r\n" . l_t("Thanks for validating your e-mail address; just use this link to create your new webDiplomacy account:") . "<br>\r\n" . libAuth::email_validateURL($email) . "<br><br>\r\n\r\n" . l_t("There are two main rules that we want you to be aware of:") . "<br>\r\n\r\n" . l_t("1. No Multi-Accounting") . "<br><br>\r\n\r\n" . l_t("You may only have one account, second accounts are not allowed under any circumstances, and will be banned. This may also lead to your first account also being banned. If you forget your password, use the lost password finder here: http://www.webdiplomacy.net/logon.php?forgotPassword=1. If you are still unable to log in, contact the mods.") . "<br><br>\r\n\r\n" . l_t("2. No Meta-gaming") . "<br><br>\r\n\r\n" . l_t("You cannot play a public game with players that you know outside of the site. In doing so, you create an unfair environment for other players by giving yourself the opportunity to form alliances for reasons outside the game. This includes playing public games with family, friends, relatives, coworkers, or even joining a game with any player of a previous game with a predetermined intent to ally with or attack certain players.") . "<br><br>\r\n\r\n" . l_t("Because Diplomacy is a social game, we always encourage playing with friends. However, you should always do so in a private, password-protected game and make sure that every player knows about any real life connections before the game begins.") . "<br><br>\r\n\r\n" . l_t("The rest of the rules can be found here: http://www.webdiplomacy.net/rules.php") . "<br><br>\r\n" . l_t("If you have any further problems contact the server's admin at %s.", Config::$adminEMail) . "<br><br>\r\n\r\n" . l_t("Enjoy your new account!") . "<br>\r\n");
$page = 'emailSent';
} catch (Exception $e) {
print '<div class="content">';
print '<p class="notice">' . $e->getMessage() . '</p>';
print '</div>';
$page = 'validationForm';
}
} elseif (isset($_REQUEST['emailToken'])) {
try {
if (!($email = libAuth::emailToken_email($_REQUEST['emailToken']))) {
throw new Exception(l_t("A bad e-mail token was given, please try again"));
