next_if_test_pass('email', 'step3.php'); /** * Set defaults */ $email_value = ""; $email_readonly = ""; $email_code = ""; /** * Handle form data * * There are two steps on same form * 1. Entering e-mail address * 2. Entering verification code */ if ($_POST) { check_and_dec_limit('check_email_limit'); $email_value = post_arg('email_input', 'strtolower', '/^[\\w\\d_\\-\\.]+@[\\w\\d\\-\\.]+\\.\\w+$/'); $email_code = post_arg('email_code_input', 'intval'); // if we on second step restore email from session if ($email_code && $_SESSION['email_value']) { $email_value = $_SESSION['email_value']; } /** * if email already sent */ if (!empty($_SESSION['email_value']) && !empty($_SESSION['email_code'])) { // pass this test if user has entered correct code if ($email_code && $email_code == $_SESSION['email_code']) { set_test_passed('email'); redirect('step3.php'); } else {
next_if_test_pass('mobile', 'step4.php'); /** * Set defaults */ $mobile_value = ""; $mobile_readonly = ""; $mobile_code = ""; /** * Handle form data * * There are two steps on same form * 1. Entering mobile phone number * 2. Entering verification code */ if ($_POST) { check_and_dec_limit('check_mobile_limit'); $mobile_value = post_arg('mobile_input', 'clean_mobile', '/^[\\d]{10,12}$/'); $mobile_code = post_arg('mobile_code_input', 'intval'); // if we on second step restore mobile number from session if ($mobile_code && $_SESSION['mobile_value']) { $mobile_value = $_SESSION['mobile_value']; } /** * if sms already sent */ if (!empty($_SESSION['mobile_value']) && !empty($_SESSION['mobile_code'])) { // pass this test if user has entered correct code if ($mobile_code && $mobile_code == $_SESSION['mobile_code']) { set_test_passed('mobile'); redirect('step4.php'); } else {
require "settings.php"; set_error_handler("debug_error_handler"); date_default_timezone_set("Europe/Kiev"); $_ERRORS = array(); /** * session starts only if cookie present */ if (isset($_COOKIE[session_name()])) { session_start(); } /** * if session present check common restrictions */ if (!empty($_SESSION) && !check_session_limits()) { session_unset(); session_destroy(); $_SESSION = array(); } /** * check total post limit */ if (!empty($_SESSION) && $_POST) { check_and_dec_limit('total_post_limit'); check_csrf_token(); } /** * verify HTTP Referer only for POST */ if (!empty($_SERVER['HTTP_REFERER']) && $_POST) { check_request_referer(); }