forked from ed-org-ua/nabuvote
/
step2.php
79 lines (69 loc) · 2.18 KB
/
step2.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
<?php
require("system/__init__.php");
require_test_pass('captcha', 'step1.php');
next_if_test_pass('email', 'step3.php');
/**
* Set defaults
*/
$email_value = "";
$email_readonly = "";
$email_code = "";
/**
* Handle form data
*
* There are two steps on same form
* 1. Entering e-mail address
* 2. Entering verification code
*/
if ($_POST) {
check_and_dec_limit('check_email_limit');
$email_value = post_arg('email_input', 'strtolower', '/^[\w\d_\-\.]+@[\w\d\-\.]+\.\w+$/');
$email_code = post_arg('email_code_input', 'intval');
// if we on second step restore email from session
if ($email_code && $_SESSION['email_value'])
$email_value = $_SESSION['email_value'];
/**
* if email already sent
*/
if (!empty($_SESSION['email_value']) &&
!empty($_SESSION['email_code'])) {
// pass this test if user has entered correct code
if ($email_code && $email_code == $_SESSION['email_code']) {
set_test_passed('email');
redirect('step3.php');
} else {
append_error("Код невірний");
$email_code = "";
}
} else {
// some checks before send code
if (strlen($email_value) < 6)
$email_value = "";
if (strpbrk($email_value, " ,;'\"\t\n") !== false)
$email_value = "";
// verify not empty and not used email then send code
if ($email_value && email_not_used($email_value)) {
$secret_code = safe_rand(100000, 999999);
$_SESSION['email_value'] = $email_value;
$_SESSION['email_code'] = $secret_code;
send_email_code($email_value, $secret_code);
$email_code = "";
} else {
append_error("Цю адресу неможливо використати.");
$email_value = "";
}
}
} else {
/**
* get code from query string if present
*/
if (isset($_SESSION['email_value'])) {
$email_value = $_SESSION['email_value'];
}
if (isset($_GET['code'])) {
$email_code = $_GET['code'];
}
}
if ($email_value)
$email_readonly = ' readonly="readonly"';
require(get_template('step2'));