/** * Check user information supplied for creation, e.g. duplicate emails, usernames, passwords not the same * @param sfc\Form $form - user creation form * @return bool - returns true on failure */ protected function userCreateCheck(&$form) { // Checks the user creation form for the passwords being the same $error = false; if (isset($form->elements["password"])) { if ($form->getField('askUser') === '0' and strlen(trim($form->getField("password"))) < $this->cfg->minPassword) { $form->setError("password", "Please enter a password at least {$this->cfg->minPassword} in length"); $error = true; } elseif ($form->getField('askUser') === '0' and strcmp($form->getField("password"), $form->getField("password2")) != 0) { // check passwords are identical if requested $form->setError("password2", "The two passwords must be identical"); $error = true; } } // encrypt email $email = SSP_encrypt($form->getField("email")); // check email is unique $values["UserEmail"] = $form->getField("email"); if ($this->db->get($this->cfg->userTable, $values, "SSP User Creation: Checking user email unique")) { // flag duplicate email $form->setError("email", "Email needs to be unique"); $error = true; } else { $form->setField("email", $email); } // check user name is unique if (isset($form->elements["name"])) { $values = array(); // clear array $values["UserName"] = $form->getField("name"); if ($this->db->get($this->cfg->userTable, $values, "SSP User Creation: Checking user name is unique")) { // flag duplicate user name $form->setError("name", "User name needs to be unique"); $error = true; } } return $error; }
/** * User joinup function */ public function userJoin() { if ($this->cfg->confirmType == 0 or $this->cfg->confirmType == 3) { $needPassword = true; } else { $needPassword = false; } $form = new sfc\Form(SSP_Path(), $this->cfg->userTable, "userJoin"); $form->tpl = $this->tpl(array("title" => "Join SSP"), true); $form->errorAutoFormDisplay = false; if ($this->subTpl != "") { $form->tplf = $this->subTpl; } else { $form->tplf = "userJoin.tpl"; } $form->fe("text", "firstName", "First name"); $form->fep("width=30, required=true"); $form->fe("text", "lastName", "Last name"); $form->fep("width=30, required=true"); $form->fe("text", "email", "Your email"); $form->fep("width=30,required=true, dataType=email"); if ($this->cfg->loginType == 1 or $this->cfg->getUserName) { $form->fe("text", "name", "User name"); $form->fep("width=15,required=true,dataType=password"); } if ($needPassword) { $form->fe("password", "password", "Your password"); $form->fep("width=15, required=true, dataType=password, minChar=" . $this->cfg->minPassword); $form->fe("password", "password2", "Enter password again"); $form->fep("width=15,sql=false,dataType=password,required=true"); } if ($this->cfg->userHasSignUpOptions) { // user has a set of options to sign up $form->fe("select", "signUpLevel", "Type of membership", $this->cfg->userAccessSignUpDropdown); $form->fep("dataType=int, sql=false"); } $form->tda("loginPath", $this->cfg->logonScript); if ($form->processForm($_POST)) { if (!$form->error) { $form->setField("email", strtolower($form->getField("email"))); if ($this->userCreateCheck($form)) { return $form->create(true); } else { $loginData = array(); $userId = SSP_uniqueId(); $loginData["UserId"] = $userId; $loginData["UserEmail"] = $form->getField("email"); if ($needPassword) { $loginData["UserPassword"] = $this->session->cryptPassword($form->getField("password")); } if ($this->cfg->userHasSignUpOptions) { if (isset($this->cfg->userAccessSignUpLevels[$form->getField("signUpLevel")])) { $loginData["UserAccess"] = $this->cfg->userAccessSignUpLevels[$form->getField("signUpLevel")]; } else { $loginData["UserAccess"] = $this->cfg->userDefault; } } else { $loginData["UserAccess"] = $this->cfg->userDefault; } if ($this->cfg->adminCheck) { $loginData["UserAdminPending"] = 1; } if ($this->cfg->confirmType != 0) { $loginData["UserWaiting"] = 1; } if ($this->cfg->furtherProgram) { $loginData["UserPending"] = 1; } // create login record $this->db->insert($this->cfg->userTable, $loginData, "Inserting new member login data"); $miscData = array(); $miscData["UserId"] = $userId; $miscData["FirstName"] = $form->getField("firstName"); $miscData["FamilyName"] = $form->getField("lastName"); $this->db->insert($this->cfg->userMiscTable, $miscData, "Inserting new member misc data"); $this->id = $userId; $this->userFinish($userId); return $this->welcomeScreen(); } } else { return $form->create(true); } } else { return $form->create(); } }