$password = ""; if ($_POST['radiobutton'] == "auto_pass") { $password = generate_password(); $validate_array = array('login_name' => 'Login name', 'first_name' => 'First name', 'email' => 'Email'); } else { $password = trim($_POST['password']); $validate_array = array('login_name' => 'Login name', 'first_name' => 'First name', 'email' => 'Email', 'password' => 'Password'); } $msg = NULL; foreach ($validate_array as $key => $value) { if (empty($_POST[$key])) { $msg .= "<br> " . $value . " is mandatory"; $error = TRUE; } } if (!Validation::validate_email($email) && !empty($_POST['email'])) { $email_invalid = TRUE; $error = TRUE; $msg .= '<br> Email address is not valid'; } if (strlen($login_name) < 3 and !empty($login_name)) { $msg = "The username must be greater than 3 characters."; $error = TRUE; } if (strlen($password) > 15) { $msg = "The password must be less than 15 characters."; $error = TRUE; } if (strlen($password) < 5) { $msg = "The password must be greater than 5 characters."; $error = TRUE;
public function handlePOST_forgotPasswordSubmit($request_data) { global $error_msg; $msg = NULL; if (isset($request_data['submit'])) { // echo "POST"; $error = FALSE; $this->is_post_set = TRUE; $this->email = trim($request_data['email']); $l_name = trim($request_data['login_name']); // case when Both are Empty if (empty($this->email) && empty($l_name)) { $msg = __('Please enter your email address or login name.'); $error = TRUE; } // Case when Both are filled if (!empty($this->email) && !empty($l_name)) { $msg = __('Please enter either email or Login name'); $error = TRUE; } // case when single field is field if (!$error) { if (!empty($this->email)) { $val = Validation::validate_email($this->email); if (empty($val)) { $msg = __("Invalid email address. Please try again."); $error = TRUE; } } if (!$error) { $usr = new User(); try { !empty($this->email) ? $usr->load($this->email, 'email') : $usr->load($l_name, 'login_name'); User::send_email_to_change_password($usr->email); $msg = urlencode(__("A link has been e-mailed to you to let you change your password. Thanks!")); } catch (PAException $e) { $msg = "{$e->message}"; $error = TRUE; } } else { $msg = nl2br(sprintf(__("There are no accounts in our system with the e-mail address %s.\n If you have spelled the address incorrectly or entered the wrong address, please try again."), $this->email)); $error = TRUE; } } } // $error_msg = $msg; $this->controller->redirect(PA::$url . "/login.php?msg={$msg}"); /* $msg_array = array(); $msg_array['failure_msg'] = $msg; $msg_array['success_msg'] = NULL; $redirect_url = NULL; $query_str = NULL; set_web_variables($msg_array, $redirect_url, $query_str); */ }
/** * authenticate the user data When creating a new user or updating existing user value * */ private function check_authenticated_user_data() { // Checking Login name of the user in the system and can consist of alphanumeric characters and underscores. if (!Validation::validate_auth_id($this->login_name)) { Logger::log("Throwing exception USER_INVALID_LOGIN_NAME | Message: The login name is not a valid authentication ID. Name: " . $this->login_name, LOGGER_ERROR); throw new PAException(USER_INVALID_LOGIN_NAME, 'The login name is not a valid authentication ID. Name: ' . $this->login_name); } if (strlen($this->login_name) >= self::MAX_LOGIN_NAME_LENGTH) { Logger::log("Throwing exception USER_INVALID_LOGIN_NAME | Message: The login name is too long: it must be " . self::MAX_LOGIN_NAME_LENGTH . " characters or less. Name: " . $this->login_name, LOGGER_ERROR); throw new PAException(USER_INVALID_LOGIN_NAME, 'The login name is too long: it must be ' . self::MAX_LOGIN_NAME_LENGTH . ' characters or less. Name: ' . $this->login_name); } if (strlen($this->login_name) <= self::MIN_LOGIN_NAME_LENGTH) { Logger::log("Throwing exception USER_INVALID_LOGIN_NAME | Message: The login name is too short: it must be " . self::MIN_LOGIN_NAME_LENGTH . " characters or greater. Name: " . $this->login_name, LOGGER_ERROR); throw new PAException(USER_INVALID_LOGIN_NAME, 'The login name is too short: it must be ' . self::MIN_LOGIN_NAME_LENGTH . ' characters or greater. Name: ' . $this->login_name); } // Checking First name of the user. if (!Validation::validate_name($this->first_name)) { Logger::log("Throwing exception USER_INVALID_NAME | Message: The first name is not a valid authentication ID. Name: " . $this->first_name, LOGGER_ERROR); throw new PAException(USER_INVALID_NAME, 'The first name is not a valid authentication ID. Name: ' . $this->first_name); } if (strlen($this->first_name) >= self::MAX_FIRST_NAME_LENGTH) { Logger::log("Throwing exception USER_INVALID_NAME | Message: The first name is too long: it must be " . self::MAX_FIRST_NAME_LENGTH . " characters or less. Name: " . $this->first_name, LOGGER_ERROR); throw new PAException(USER_INVALID_NAME, 'The first name is too long: it must be ' . self::MAX_FIRST_NAME_LENGTH . ' characters or less. Name: ' . $this->first_name); } // Checking last name of the user. if (strlen($this->last_name) > 0 && !Validation::validate_name($this->last_name)) { Logger::log("Throwing exception USER_INVALID_LOGIN_NAME | Message: The last name is not a valid authentication ID. Name: " . $this->last_name, LOGGER_ERROR); throw new PAException(USER_INVALID_NAME, 'The last name is not a valid authentication ID. Name: ' . $this->last_name); } if (strlen($this->last_name) >= self::MAX_LAST_NAME_LENGTH) { Logger::log("Throwing exception USER_INVALID_NAME | Message: The last name is too long: it must be " . self::MAX_LAST_NAME_LENGTH . " characters or less. Name: " . $this->last_name, LOGGER_ERROR); throw new PAException(USER_INVALID_NAME, 'The last name is too long: it must be ' . self::MAX_LAST_NAME_LENGTH . ' characters or less. Name: ' . $this->last_name); } // Check for email. if (!Validation::validate_email($this->email)) { Logger::log("Throwing exception USER_INVALID_EMAIL | Message: The email address is invalid. Email: " . $this->email, LOGGER_ERROR); throw new PAException(USER_INVALID_EMAIL, 'The email address is invalid. Email: ' . $this->email); } return TRUE; }
function register($params, $network_info = NULL) { $core_id = null; $picture = null; $picture_dimensions = null; $avatar = null; $avatar_dimensions = null; $avatar_small = null; $avatar_small_dimensions = null; $this->newuser = new User(); // set API call variable $this->newuser->api_call = $this->api_call; // filter input parameters (this is the same as filter_all_post()) $params = Validation::get_input_filter(FALSE)->process($params); $this->error = false; $mother_network_info = Network::get_mothership_info(); $mother_extra = unserialize($mother_network_info->extra); if (@$mother_extra['captcha_required'] == NET_YES) { // added by Z.Hron - if captcha is required //Providing the capcha check if (md5(strtoupper($_POST['txtNumber'])) != $_SESSION['image_random_value']) { $_SESSION['image_is_logged_in'] = true; $_SESSION['image_random_value'] = ''; $error_login = true; $this->error = true; $this->msg .= "\nPlease enter correct code"; } } if (!$this->error) { $login_name = trim($params['login_name']); $first_name = trim($params['first_name']); $last_name = trim(@$params['last_name']); // not mandatory $email = trim($params['email']); $password = trim($params['password']); $confirm_password = trim($params['confirm_password']); if ($this->api_call == true) { $core_id = $params['core_id']; // TODO: validate URL $picture = trim($params['profile_picture_url']); $picture_dimensions = $params['profile_picture_dimensions']; $avatar = trim($params['profile_avatar_url']); $avatar_dimensions = $params['profile_avatar_dimensions']; $avatar_small = trim($params['profile_avatar_small_url']); $avatar_small_dimensions = $params['profile_avatar_small_dimensions']; } $date_created = !empty($params['date_created']) ? $params['date_created'] : null; $_years = PA::getYearsList(); $dob_day = !empty($params['dob_day']) ? trim($params['dob_day']) : null; // General data (why? should be personal) $dob_month = !empty($params['dob_month']) ? trim($params['dob_month']) : null; // General data (why? should be personal) $dob_year = !empty($params['dob_year']) ? $_years[(int) trim($params['dob_year'])] : null; // General data (why? should be personal) $homeAddress1 = !empty($params['homeAddress1']) ? trim($params['homeAddress1']) : null; // General data $homeAddress2 = !empty($params['homeAddress2']) ? trim($params['homeAddress2']) : null; // General data $city = !empty($params['city']) ? trim($params['city']) : null; // General data $state = null; if ($params['state'] == -1) { // State/Province: Other selected $state = !empty($params['stateOther']) ? trim($params['stateOther']) : null; // General data } else { if ($params['state'] > 0) { // one of US States selected $state = !empty($params['state']) ? $this->states[(int) $params['state']] : null; // General data } } $country = $params['country'] > 0 ? $this->countries[(int) $params['country']] : null; // General data $postal_code = !empty($params['postal_code']) ? trim($params['postal_code']) : null; // General data $phone = !empty($params['phone']) ? trim($params['phone']) : null; // General data $validate_array = array('login_name' => 'Login name', 'first_name' => 'First name', 'password' => 'Password', 'confirm_password' => 'Confirm password', 'email' => 'Email'); $this->msg = ''; $this->error = FALSE; foreach ($validate_array as $key => $value) { if (empty($params[$key])) { $this->msg .= "\n" . $value . " is mandatory"; $this->error = TRUE; header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_PRECONDITION_FAILED)); } } if (strlen($this->msg) > 0) { $this->msg = "\n" . "Fields marked with * must not be left empty" . $this->msg; } } //$error_login = FALSE; if (!$this->error) { if (empty($login_name)) { $error_login = TRUE; $this->error = TRUE; } if (is_numeric($login_name)) { // Here we check the login name is numeric or not if (strlen($this->msg) > 0) { $this->msg .= "\n"; } $this->msg .= "Login name must not be numeric"; $error_login = TRUE; $this->error = TRUE; } if (is_numeric($first_name)) { // Here we check the first name is numeric or not if (strlen($this->msg) > 0) { $this->msg .= "\n"; } $this->msg .= "First name must not be numeric"; $error_login = TRUE; $this->error = TRUE; } if (is_numeric($last_name)) { // Here we check the last name is numeric or not if (strlen($this->msg) > 0) { $this->msg .= "\n"; } $this->msg .= "Last name must not be numeric"; $error_login = TRUE; $this->error = TRUE; } if ($this->error == TRUE) { header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_PRECONDITION_FAILED)); } } // if error occur than no need to check these errors if (!$this->error) { if (!Validation::validate_email($email)) { $email_invalid = TRUE; $this->array_of_errors['error_email'] = $email_invalid; $this->error = TRUE; $this->msg .= __('E-mail address is not valid.'); header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_PRECONDITION_FAILED)); } // Calculating Allowed Domains if (file_exists(PA::$project_dir . "/config/domain_names.txt")) { $domain_names_file = PA::$project_dir . "/config/domain_names.txt"; } elseif (file_exists(PA::$core_dir . "/config/domain_names.txt")) { $domain_names_file = PA::$core_dir . "/config/domain_names.txt"; } else { throw new Exception("Allowed Domains configuration file \"/config/domain_names.txt\" not found"); } $allowed_domains = preg_split("/\\s+/", file_get_contents($domain_names_file)); // Calcutating user domain $user_email = explode('@', $email); $user_domain = strtolower($user_email[1]); $found = 0; foreach ($allowed_domains as $i => $d) { if (!preg_match('/\\W/', $d)) { continue; } // make proper regex $rx = preg_replace('/\\*/', '[^\\.]*', $d); if (preg_match("/{$rx}/", $user_domain)) { $found++; } } if (!$found) { // show error $email_invalid = TRUE; $this->array_of_errors['error_email'] = $email_invalid; $this->error = TRUE; $this->msg .= __('The domain of your E-mail address is not in the list of allowed domains.'); header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_PRECONDITION_FAILED)); } if ($password != $confirm_password) { $this->msg .= "\nPassword and Confirm Password do not match."; $error_password_conf = TRUE; $this->error = TRUE; } if ($this->api_call == true) { // dont check maximum password length if this is an API call // this is so that the API call can accept an encrypted password } else { // this is not an API request, so check password length normally if (strlen($password) > PA::$password_max_length) { $this->msg .= sprintf(__("\nThe password must be less than %d characters."), PA::$password_max_length); $error_password_l = TRUE; $this->error = TRUE; header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_PRECONDITION_FAILED)); } } if (strlen($password) < PA::$password_min_length) { $this->msg .= sprintf(__("\nThe password must be longer than %d characters."), PA::$password_min_length); $error_password_g = TRUE; $this->error = TRUE; header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_PRECONDITION_FAILED)); } } if (!$this->error) { if (User::user_exist($login_name)) { $this->msg = "Login name {$login_name} is already taken"; $error_login = TRUE; $this->error = TRUE; header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_CONFLICT)); } elseif (User::user_existed($login_name)) { $this->msg = "Login name {$login_name} has been used in the past; it belongs to a deleted user."; $error_login = $this->error = TRUE; header(HttpStatusCodes::httpHeaderFor(HttpStatusCodes::HTTP_CONFLICT)); } $this->array_of_errors = array("error_login" => @$error_login, "error_first_name" => @$error_first_name, "error_email" => @$error_email, "error_password_conf" => @$error_password_conf, "error_password_l" => @$error_password_l, "error_password_g" => @$error_password_g); } if ($this->error != TRUE) { $this->newuser->login_name = $login_name; //TODO: change to md5 $this->newuser->password = $password; $this->newuser->first_name = $first_name; $this->newuser->last_name = $last_name; $this->newuser->email = $email; if ($date_created) { // for users inserted via import accounts script! $this->newuser->created = $date_created; } if ($this->api_call == true) { $this->newuser->core_id = $core_id; if ($picture != null && $picture != '') { $this->newuser->picture = $picture; $this->newuser->picture_dimensions = $picture_dimensions; } else { $this->newuser->picture_dimensions = User::image_dimensions_to_array(0, 0); } if ($avatar != null && $avatar != '') { $this->newuser->avatar = $avatar; $this->newuser->avatar_dimensions = $avatar_dimensions; } else { $this->newuser->avatar_dimensions = User::image_dimensions_to_array(0, 0); } if ($avatar_small != null && $avatar_small != '') { $this->newuser->avatar_small = $avatar_small; $this->newuser->avatar_small_dimensions = $avatar_small_dimensions; } else { $this->newuser->avatar_small_dimensions = User::image_dimensions_to_array(0, 0); } } else { $this->newuser->picture = Storage::validateFileId(@$params['user_filename']); } } if ($this->error != TRUE) { try { $save_error = FALSE; $extra = unserialize($network_info->extra); if ($mother_extra['email_validation'] == NET_NO || $this->api_call == true) { // if email validation not required $this->newuser->is_active = ACTIVE; } else { $this->newuser->is_active = UNVERIFIED; } $this->newuser->save(); if ($this->newuser->picture) { Storage::link($this->newuser->picture, array("role" => "avatar", "user" => $this->newuser->user_id)); } /* The following code should now be obsolete as this is done in User->save() */ // saving data in user profile data also -- for searching making more easier $data_array = array(array('uid' => $this->newuser->user_id, 'name' => 'first_name', 'value' => $this->newuser->first_name, 'type' => BASIC, 'perm' => 1), array('uid' => $this->newuser->user_id, 'name' => 'last_name', 'value' => $this->newuser->last_name, 'type' => BASIC, 'perm' => 1)); $this->newuser->save_user_profile($data_array, BASIC); // saving default notification for user from network notification setting $user_notification = array(); $profile = array(); $user_notification = $extra['notify_members']; $user_notification['msg_waiting_blink'] = $extra['msg_waiting_blink']; $profile['settings']['name'] = 'settings'; $profile['settings']['value'] = serialize($user_notification); $this->newuser->save_profile_section($profile, 'notifications'); // default notification for user ends $desktop_images = User_Registration::get_default_desktopimage($this->newuser->user_id, $network_info); // code for adding default desktop image for user if ($desktop_images == "") { $desktop_images = array('bay.jpg', 'everglade.jpg', 'bay_boat.jpg', 'delhi.jpg'); $rand_key = array_rand($desktop_images); $desk_img = $desktop_images[$rand_key]; } else { $desk_img = $desktop_images; } $data_array = array(0 => array('uid' => $this->newuser->user_id, 'name' => 'user_caption_image', 'value' => $desk_img, 'type' => GENERAL, 'perm' => NONE), 1 => array('uid' => $this->newuser->user_id, 'name' => 'dob_day', 'value' => $dob_day, 'type' => GENERAL, 'perm' => NONE), 2 => array('uid' => $this->newuser->user_id, 'name' => 'dob_month', 'value' => $dob_month, 'type' => GENERAL, 'perm' => NONE), 3 => array('uid' => $this->newuser->user_id, 'name' => 'dob_year', 'value' => $dob_year, 'type' => GENERAL, 'perm' => NONE), 4 => array('uid' => $this->newuser->user_id, 'name' => 'dob', 'value' => $dob_year . '-' . $dob_month . '-' . $dob_day, 'type' => GENERAL, 'perm' => NONE), 5 => array('uid' => $this->newuser->user_id, 'name' => 'homeAddress1', 'value' => $homeAddress1, 'type' => GENERAL, 'perm' => NONE), 6 => array('uid' => $this->newuser->user_id, 'name' => 'homeAddress2', 'value' => $homeAddress2, 'type' => GENERAL, 'perm' => NONE), 7 => array('uid' => $this->newuser->user_id, 'name' => 'city', 'value' => $city, 'type' => GENERAL, 'perm' => NONE), 8 => array('uid' => $this->newuser->user_id, 'name' => 'state', 'value' => $state, 'type' => GENERAL, 'perm' => NONE), 9 => array('uid' => $this->newuser->user_id, 'name' => 'country', 'value' => $country, 'type' => GENERAL, 'perm' => NONE), 10 => array('uid' => $this->newuser->user_id, 'name' => 'postal_code', 'value' => $postal_code, 'type' => GENERAL, 'perm' => NONE), 11 => array('uid' => $this->newuser->user_id, 'name' => 'phone', 'value' => $phone, 'type' => GENERAL, 'perm' => NONE)); //} $this->newuser->save_user_profile($data_array, GENERAL); if ($mother_extra['email_validation'] == NET_NO || $this->api_call == true) { //if email validation is not required // creating message basic folders Message::create_basic_folders($this->newuser->user_id); // adding default relation if ($this->newuser->user_id != SUPER_USER_ID) { User_Registration::add_default_relation($this->newuser->user_id, $network_info); } // adding default media as well as album User_Registration::add_default_media($this->newuser->user_id, '', $network_info); User_Registration::add_default_media($this->newuser->user_id, '_audio', $network_info); User_Registration::add_default_media($this->newuser->user_id, '_video', $network_info); User_Registration::add_default_blog($this->newuser->user_id); //adding default link categories & links User_Registration::add_default_links($this->newuser->user_id); // adding header image User_Registration::add_default_header($this->newuser->user_id); // Making user member of a network if he is registering to PA from a network if (!empty($network_info) && $network_info->type != PRIVATE_NETWORK_TYPE) { $user_type = null; $register_by_admin = false; if ($this->api_call == true) { // since this is an API call, default this member as a // NETWORK_MEMBER since they already registered $user_type = NETWORK_MEMBER; // since this is an API call, act like it is registration by admin $register_by_admin = true; } Network::join($network_info->network_id, $this->newuser->user_id, $user_type, $register_by_admin); if ($this->api_call == false) { // only send notification of network if this is NOT an API call PANotify::send("network_join", $network_info, $this->newuser, array()); } } } } catch (CNException $e) { $this->msg = $e->message; if ($e->code == USER_EMAIL_NOT_UNIQUE) { $this->msg = "Email Address has already been taken, please enter other email address."; } $save_error = TRUE; if ($e->message == "The email address is invalid.") { $email_invalid = TRUE; $this->array_of_errors['error_email'] = $email_invalid; } } } if ($this->error == TRUE || $save_error == TRUE) { $this->msg = "Sorry! your registration failed. " . $this->msg; return FALSE; } // success! // give Login User permissions to new user is moved to Network::join() now! /* $this->newuser->set_user_role(array(LOGINUSER_ROLE)); */ return TRUE; }
private function handlePOST_addChild($request_data) { global $error_msg; $error = FALSE; $login_name = trim($_POST['login_name']); $first_name = stripslashes(trim($_POST['first_name'])); $last_name = stripslashes(trim($_POST['last_name'])); $email = trim($_POST['email']); $password = trim($_POST['password']); $use_parent_email = $_POST['use_parent_email']; //echo "<pre>".print_r($_POST, 1)."</pre>"; die(); if (!isset($_POST['state'])) { if (isset($_POST['stateOther'])) { $_POST['state'] = $_POST['stateOther']; } } if (isset($_POST['stateOther'])) { unset($_POST['stateOther']); } $msg = NULL; if (!Validation::validate_email($email) && !empty($_POST['email'])) { $email_invalid = TRUE; $error = TRUE; $msg .= '<br> Email address is not valid'; } if (User::user_exist($login_name)) { $msg = "Username {$login_name} is already taken"; $error = TRUE; } if ($error == FALSE) { $newuser = new User(); $newuser->login_name = $login_name; $newuser->password = $password; $newuser->first_name = $first_name; $newuser->last_name = $last_name; $newuser->email = $email; $newuser->is_active = ACTIVE; if (!empty($_FILES['userfile']['name'])) { $myUploadobj = new FileUploader(); //creating instance of file. $image_type = 'image'; $file = $myUploadobj->upload_file(PA::$upload_path, 'userfile', true, true, $image_type); if ($file == false) { $msg = $myUploadobj->error; $error = TRUE; } else { $newuser->picture = $file; } } if ($error == FALSE) { try { if ($use_parent_email) { $newuser->save($check_unique_email = false); } else { $newuser->save($check_unique_email = true); } if (!empty($file)) { Storage::link($file, array("role" => "avatar", "user" => $newuser->user_id)); } // creating message basic folders Message::create_basic_folders($newuser->user_id); // adding default relation if ($newuser->user_id != SUPER_USER_ID) { User_Registration::add_default_relation($newuser->user_id, PA::$network_info); } // adding default media as well as album User_Registration::add_default_media($newuser->user_id, '', PA::$network_info); User_Registration::add_default_media($newuser->user_id, '_audio', PA::$network_info); User_Registration::add_default_media($newuser->user_id, '_video', PA::$network_info); User_Registration::add_default_blog($newuser->user_id); //adding default link categories & links User_Registration::add_default_links($newuser->user_id); // code for adding default desktop image for user $desk_img = uihelper_add_default_desktopimage($newuser->user_id); if (empty($desk_img)) { $desktop_images = array('bay.jpg', 'everglade.jpg', 'bay_boat.jpg', 'delhi.jpg'); $rand_key = array_rand($desktop_images); $desk_img = $desktop_images[$rand_key]; } $states = array_values(PA::getStatesList()); $countries = array_values(PA::getCountryList()); $profile_keys = array('dob_day', 'dob_month', 'dob_year', 'homeAddress1', 'homeAddress2', 'city', 'state', 'country', 'postal_code', 'phone', 'use_parent_email'); $profile_data = array(); filter_all_post($_POST); //filters all data of html foreach ($profile_keys as $k => $pkey) { if (!empty($_POST[$pkey])) { if ($pkey == 'state' && $_POST[$pkey] >= 0) { $prof_rec = array('uid' => $newuser->user_id, 'name' => $pkey, 'value' => $states[$_POST[$pkey]], 'type' => GENERAL, 'perm' => 1); } else { if ($pkey == 'country' && $_POST[$pkey] >= 0) { $prof_rec = array('uid' => $newuser->user_id, 'name' => $pkey, 'value' => $countries[$_POST[$pkey]], 'type' => GENERAL, 'perm' => 1); } else { $prof_rec = array('uid' => $newuser->user_id, 'name' => $pkey, 'value' => $_POST[$pkey], 'type' => GENERAL, 'perm' => 1); } } $profile_data[] = $prof_rec; } } $profile_data[] = array('uid' => $newuser->user_id, 'name' => 'user_caption_image', 'value' => $desk_img, 'type' => GENERAL, 'perm' => 1); // echo "<pre>".print_r($profile_data,1)."</pre>"; $newuser->save_user_profile($profile_data, GENERAL); //if new user is created in a network then he must set as a joined user if (!empty(PA::$network_info)) { $by_admin = true; Network::join(PA::$network_info->network_id, $newuser->user_id, NETWORK_MEMBER, $by_admin); // $by_admin = true overrides the // user_waiting status if it would get set // this is an admin action, so we want it to happen in any case } $user_joined = $this->family->join((int) $newuser->user_id, $newuser->email, null); if ($user_joined) { // deal with TypedGroup Relations require_once "api/Entity/TypedGroupEntityRelation.php"; $type = 'child'; TypedGroupEntityRelation::set_relation($newuser->user_id, $this->family->collection_id, $type); if ($type == 'child') { // if user type == child remove LoginUser and GroupMember roles $newuser->delete_user_role(); // then assign 'Child' role only $_extra = serialize(array('user' => false, 'network' => false, 'groups' => array($this->family->collection_id))); $user_roles[] = array('role_id' => CHILD_MEMBER_ROLE, 'extra' => $_extra); $newuser->set_user_role($user_roles); } } $msg = __("Child's account was successfully created"); } catch (PAException $e) { $msg = $e->message; } } // end if } //end if $error_msg = $msg; }
public function handlePOST_GroupInvitationSubmit($request_data) { if (isset($request_data['submit'])) { filter_all_post($request_data); $gid = $request_data['groups']; $self_invite = FALSE; $error = FALSE; // check if groups are there if (empty($gid)) { $error = TRUE; $msg[] = __("Please select a group"); } if (empty($error) && !empty($request_data['email_user_name'])) { // if login name are supplied $friend_user_name = trim($request_data['email_user_name']); $friend_user_name_array = explode(',', $friend_user_name); $cnt_usr_name = count($friend_user_name_array); for ($counter = 0; $counter < $cnt_usr_name; $counter++) { try { $user_obj = new User(); $user_obj->load(trim($friend_user_name_array[$counter])); if ($user_obj->email == PA::$login_user->email) { $self_invite = TRUE; //you can not invite your self } else { $valid_user_login_names[] = $user_obj->login_name; $valid_usr_name_email[] = $user_obj->email; } } catch (PAException $e) { if (!empty($friend_user_name_array[$counter])) { $invalid_login_msg .= $friend_user_name_array[$counter] . ', '; } } } // end for if (!empty($invalid_login_msg)) { $invalid_login_msg = substr($invalid_login_msg, 0, -2); $msg[] = sprintf(__('Invitation could not be sent to following login names- %s'), $invalid_login_msg); } } // end if : if user names are supplied. $invalid = null; if (empty($error) && !empty($request_data['email_id'])) { // if email ids are supplied $friend_email = trim($request_data['email_id']); $friend_email_array = explode(',', $friend_email); $cnt_email = count($friend_email_array); // Check for valid-invalid email addresses start for ($counter = 0; $counter < $cnt_email; $counter++) { $email_validation = Validation::validate_email(trim($friend_email_array[$counter])); if ($email_validation == '0') { $invalid[] = trim($friend_email_array[$counter]); } else { if ($friend_email_array[$counter] == PA::$login_user->email) { $self_invite = TRUE; } else { $valid_user_first_emails[] = $friend_email_array[$counter]; $valid_email[] = trim($friend_email_array[$counter]); } } } } // Check for valid-invalid email addresses end // Action for valid-invalid email addresses start if (empty($friend_email) && empty($friend_user_name)) { // if email field is left empty $msg[] = MessagesHandler::get_message(6001); $error = TRUE; } else { if (!empty($friend_email) && !empty($friend_user_name)) { $msg = array(); $msg[] = MessagesHandler::get_message(7026); $error = TRUE; } else { if (!empty($self_invite) || sizeof($invalid) > 0) { // if self invitation is made if (!empty($self_invite)) { $msg[] = MessagesHandler::get_message(6002); } if (!empty($invalid)) { // if invalid email addresses are supplied $invalid_cnt = count($invalid); $invalid_msg = ''; for ($counter = 0; $counter < $invalid_cnt; $counter++) { if (!empty($invalid[$counter])) { $invalid_msg .= $invalid[$counter] . ', '; } } if (!empty($invalid_msg)) { $invalid_msg = substr($invalid_msg, 0, -2); $msg[] = sprintf(__('Invitation could not be sent to following email addresses- %s'), $invalid_msg); } } } } } if (empty($error)) { // At this point invitation could be made if (!empty($valid_email) && !empty($valid_usr_name_email)) { $valid_email = array_merge($valid_email, $valid_usr_name_email); $valid_user_first_emails = array_merge($valid_user_first_emails, $valid_user_login_names); } else { if (!empty($valid_usr_name_email)) { $valid_email = $valid_usr_name_email; $valid_user_first_emails = $valid_user_login_names; } } if (!empty($valid_email)) { $valid_cnt = count($valid_email); $invitation_message = nl2br($request_data['message']); for ($counter = 0; $counter < $valid_cnt; $counter++) { $group = new Group(); $group->load((int) $gid); $inv = new Invitation(); $inv->user_id = PA::$login_uid; $inv->username = PA::$login_user->login_name; // for invitation not for any group invitation collection id is -1 $inv->inv_collection_id = $gid; $inv->inv_group_name = $group->title; $inv->inv_status = INVITATION_PENDING; $auth_token = get_invitation_token(LONG_EXPIRES, $valid_email[$counter]); $token = '&token=' . $auth_token; $link_desc = wordwrap(PA::$url . '/' . FILE_REGISTER . "?GInvID={$inv->inv_id}", 120, "<br>", 1); $inv->register_url = "<a href=\"" . PA::$url . '/' . FILE_REGISTER . "?GInvID={$inv->inv_id}\">{$link_desc}</a>"; $acc_link_desc = wordwrap(PA::$url . "/" . FILE_LOGIN . "?action=accept&GInvID={$inv->inv_id}{$token}", 120, "<br>", 1); $inv->accept_url = "<a href=\"" . PA::$url . "/" . FILE_LOGIN . "?action=accept&GInvID={$inv->inv_id}{$token}\">{$acc_link_desc}</a>"; $inv->inv_user_id = null; $inv->inv_user_first_name = $valid_user_first_emails[$counter]; $inv->inv_email = $valid_email[$counter]; $inv->inv_summary = sprintf(__("Invitation from %s %s to join %s"), PA::$login_user->first_name, PA::$login_user->last_name, $inv->inv_group_name); $inv->inv_message = !empty($invitation_message) ? $invitation_message : null; $save_error = false; try { $inv->send(); } catch (PAException $e) { $save_msg = "{$e->message}"; $save_error = true; } if ($save_error == true) { $msg[] = sprintf(__('Sorry: you are unable to invite a friend. Reason: %s'), $sav_msg); } else { // invitation has been sent, now send email $user_type = Group::get_user_type(PA::$login_uid, $gid); if ($user_type == OWNER) { $mail_type = 'invite_group'; $requester = $group; } else { if ($user_type == MEMBER) { $mail_type = 'invite_group_by_member'; $requester = PA::$login_user; } } PAMail::send($mail_type, $inv->inv_email, $requester, $inv); $succ_msg .= $valid_user_first_emails[$counter] . ', '; if ($counter == $valid_cnt - 1) { $succ_msg = substr($succ_msg, 0, -2); //$msg_1[] = "Invitation has been sent successfully to -" . $succ_msg; } } } // end for : invitation to multiple email } } } //..do invite if (!empty($msg)) { $msg = array_reverse($msg); $message = NULL; for ($counter = 0; $counter < count($msg); $counter++) { $message .= $msg[$counter] . "<br />"; } } $msg_array = array(); $msg_array['failure_msg'] = $message; $msg_array['success_msg'] = 6004; $redirect_url = PA::$url . PA_ROUTE_GROUP; if (!empty($request_data['groups'])) { $query_str = "gid=" . $request_data['groups']; } set_web_variables($msg_array, $redirect_url, $query_str); }
public function handlePOSTPageSubmit($request_data) { if (!empty($request_data['submit'])) { filter_all_post($request_data); if (!empty($request_data['email_user_name'])) { $msg = NULL; $friend_user_name = trim($request_data['email_user_name']); $friend_user_name_array = explode(',', $friend_user_name); $cnt_usr_name = count($friend_user_name_array); for ($counter = 0; $counter < $cnt_usr_name; $counter++) { try { $user_obj = new User(); $user_obj->load(trim($friend_user_name_array[$counter])); if ($user_obj->email == PA::$login_user->email) { $msg = 6002; //you can not invite your self } else { $valid_user_login_names[] = $user_obj->login_name; $valid_usr_name_email[] = $user_obj->email; } } catch (PAException $e) { if (!empty($friend_user_name_array[$counter])) { $msg .= '<br />' . $friend_user_name_array[$counter]; } } } // end for if (!empty($msg) && !is_int($msg)) { $msg = sprintf(__('Following user names are not valid %s'), $msg); } } // end if : if user names are supplied. $invalid = array(); if (!empty($request_data['email_id'])) { $friend_email = trim($request_data['email_id']); $friend_email_array = explode(',', $friend_email); $cnt_email = count($friend_email_array); $self_invite = FALSE; $error = FALSE; // Check for valid-invalid email addresses start for ($counter = 0; $counter < $cnt_email; $counter++) { $email_validation = Validation::validate_email(trim($friend_email_array[$counter])); if ($email_validation == '0') { $invalid[] = trim($friend_email_array[$counter]); } else { if ($friend_email_array[$counter] == PA::$login_user->email) { $self_invite = TRUE; } else { $valid_user_first_emails[] = $friend_email_array[$counter]; $valid_email[] = trim($friend_email_array[$counter]); } } } } // Check for valid-invalid email addresses end // Action for valid-invalid email addresses start if (empty($friend_email) && empty($friend_user_name)) { // if email field is left empty if (PA::$network_info->type == MOTHER_NETWORK_TYPE) { $msg = 6003; } else { $msg = 6001; } $error_email = TRUE; $error = TRUE; } else { if (!empty($friend_email) && !empty($friend_user_name)) { $msg = 7026; $error = TRUE; } else { if (!empty($self_invite)) { // if self invitation is made $msg = 6002; $error_email = TRUE; $error = TRUE; } else { if (sizeof($invalid) > 0) { // if invalid email addresses are supplied $invalid_cnt = count($invalid); $msg = ''; for ($counter = 0; $counter < $invalid_cnt; $counter++) { if (!empty($invalid[$counter])) { $msg .= '<br />' . $invalid[$counter]; } } if (!empty($msg)) { $msg = sprintf(__('Following email addresses are not valid: %s'), $msg); } else { $msg = __(' Invalid Email addresses'); } $error_email = TRUE; $error = TRUE; } else { if (empty($msg)) { // At this point invitation could be made $msg = ''; if (!empty($valid_email) && !empty($valid_usr_name_email)) { $valid_email = array_merge($valid_email, $valid_usr_name_email); $valid_user_first_emails = array_merge($valid_user_first_emails, $valid_user_login_names); } else { if (!empty($valid_usr_name_email)) { $valid_email = $valid_usr_name_email; $valid_user_first_emails = $valid_user_login_names; } } $valid_cnt = count($valid_email); $message = nl2br($request_data['message']); for ($counter = 0; $counter < $valid_cnt; $counter++) { $inv = new Invitation(); $inv->user_id = PA::$login_user->user_id; $inv->username = PA::$login_user->login_name; // for invitation not for any group invitation collection id is -1 $inv->inv_collection_id = -1; $inv->inv_status = INVITATION_PENDING; $auth_token = get_invitation_token(LONG_EXPIRES, $valid_email[$counter]); $token = '&token=' . $auth_token; $inv->register_url = PA::$url . "/" . FILE_REGISTER . "?InvID={$inv->inv_id}"; $inv->accept_url = PA::$url . "/" . FILE_LOGIN . "?action=accept&InvID={$inv->inv_id}{$token}"; $inv->inv_user_id = NULL; $inv->inv_user_first_name = $valid_user_first_emails[$counter]; $inv->inv_email = $valid_email[$counter]; $inv->inv_summary = 'Invitation from' . PA::$login_user->first_name . ' ' . PA::$login_user->last_name . ' to join ' . PA::$site_name; if ($message != CUSTOM_INVITATION_MESSAGE) { $inv->inv_message = !empty($message) ? $message : NULL; } if (empty($error)) { try { $inv->send(); } catch (PAException $e) { $msg = "{$e->message}"; $save_error = TRUE; } } if (isset($save_error) && $save_error == TRUE) { $msg = sprintf(__('Sorry: you are unable to invite a friend. Reason: %s'), $msg); } else { // invitation has been sent, now send mail PAMail::send('invite_pa', $inv->inv_email, PA::$login_user, $inv); $msg .= $valid_user_first_emails[$counter]; if ($counter == $valid_cnt - 1) { $msg = sprintf(__('An Invitation has been sent to - %s'), $msg); } } } // end for : invitation to multiple email } } } } } $this->message = $msg; $this->redirect2 = NULL; $this->queryString = NULL; $this->isError = TRUE; $this->setWebPageMessage(); } }
private function POST_step_4($params) { global $app; require_once "api/Validation/Validation.php"; $form_data = $this->form_data; $this->allow_network_spawning = isset($form_data['network_spawning']) && $form_data['network_spawning'] == 'checked' ? 1 : 0; $domain = explode(".", $_SERVER['SERVER_NAME']); $this->subdomain = isset($form_data['domain_prefix']) ? $form_data['domain_prefix'] : $domain[0]; $this->keys = array('key' => $form_data['fb_key'], 'secret' => $form_data['fb_secret'], 'amazon_key' => $form_data['amazon_key'], 'amazon_secret' => $form_data['amazon_secret'], 'amazon_bucket' => $form_data['amazon_bucket'], 'hoptoad_key' => $form_data['hoptoad_key'], 'hoptoad_env' => $form_data['hoptoad_env'], 'cc_application_url' => $form_data['cc_application_url'], 'pw_pepper' => $form_data['pw_pepper']); if (!$this->admin_exists) { $error = false; $errors = array(); if (empty($form_data['admin_first'])) { $form_data['admin_first'] = "Admin"; } if (empty($form_data['admin_last'])) { $form_data['admin_last'] = "Peepagg"; } if (!Validation::validate_auth_id($form_data['admin_username']) || empty($form_data['admin_username'])) { $error = true; $errors[] = __("Invalid or empty user name."); } if (strlen($form_data['admin_password']) < MIN_PASSWORD_LENGTH) { $error = true; $errors[] = sprintf(__("Your password must be at least %d characters long."), MIN_PASSWORD_LENGTH); } if (strlen($form_data['admin_password']) > MAX_PASSWORD_LENGTH) { $error = true; $errors[] = sprintf(__("Your password can not be longer than %d characters."), MAX_PASSWORD_LENGTH); } if (!Validation::validate_email($form_data['admin_email']) || empty($form_data['admin_email'])) { $error = true; $errors[] = __("Invalid or empty email field."); } if ($error) { $params['message']['msg'] = implode("<br />", $errors); $params['message']['class'] = 'msg_err'; return $this->GET_step_4($params); } $adm_login = $form_data['admin_username']; $adm_first = $form_data['admin_first']; $adm_last = $form_data['admin_last']; $adm_pass = $form_data['admin_password']; $adm_mail = $form_data['admin_email']; $sql = "INSERT INTO `users` (`user_id`, `core_id`, `login_name`, `password`, `first_name`, `last_name`, `email`, `is_active`, `picture`, `created`, `changed`, `last_login`, `zipcode`) VALUES (1, 1, '{$adm_login}', '" . md5($adm_pass) . "', '{$adm_first}', '{$adm_last}', '{$adm_mail}', 1, NULL, " . time() . ", " . time() . ", " . time() . ", NULL);"; $sql_link = @mysql_connect($this->config['database']['db_host'], $this->config['database']['db_user'], $this->config['database']['db_password']); if ($sql_link && @mysql_select_db($this->config['database']['db_name'], $sql_link)) { if (mysql_query($sql, $sql_link)) { $params['message']['msg'] = __("Administrator account data sucessfully stored. Click 'Next' please..."); $params['message']['class'] = 'msg_info'; $this->adm_data['login_name'] = $adm_login; $this->adm_data['password'] = $adm_pass; } else { $params['message']['msg'] = __("Installer is unable to store administrator account data...Please, ensure previous database credentials are correct. 1"); $params['message']['class'] = 'msg_err'; $this->error = true; } } else { $sql_link = @mysql_connect($this->config['database']['db_host'], $this->config['database']['mysql_root_username'], $this->config['database']['mysql_root_password']); if ($sql_link && @mysql_select_db($this->config['database']['db_name'], $sql_link)) { if (mysql_query($sql, $sql_link)) { $params['message']['msg'] = __("Administrator account data sucessfully stored. Click 'Next' please..."); $params['message']['class'] = 'msg_info'; $this->adm_data['login_name'] = $adm_login; $this->adm_data['password'] = $adm_pass; } else { $params['message']['msg'] = __("Installer is unable to store administrator account data...Please, ensure previous database credentials are correct. 2"); $params['message']['class'] = 'msg_err'; $this->error = true; } } else { $params['message']['msg'] = __("Installer is unable to store administrator account data...Please, ensure previous database credentials are correct. 3"); $params['message']['class'] = 'msg_err'; $this->error = true; } } } else { // If the user installed to an existing PA database... $params['message']['msg'] = __("Information successfully stored. Admin data remains in database from previous install."); $params['message']['class'] = 'msg_info'; $this->adm_data['login_name'] = "[ unavailable ]"; $this->adm_data['password'] = "******"; } $_SESSION['installer'] = serialize($this); return $this->GET_step_4($params, true); }
function register($params, $network_info = NULL) { $this->newuser = new User(); // filter input parameters (this is the same as filter_all_post()) $params = Validation::get_input_filter(FALSE)->process($params); $login_name = trim($params['login_name']); $first_name = trim($params['first_name']); $last_name = trim(@$params['last_name']); // not mandatory $email = trim($params['email']); $password = trim($params['password']); $confirm_password = trim($params['confirm_password']); $validate_array = array('login_name' => 'Login name', 'first_name' => 'First name', 'password' => 'Password', 'confirm_password' => 'Confirm password', 'email' => 'Email'); $this->msg = ''; $this->error = FALSE; foreach ($validate_array as $key => $value) { if (empty($params[$key])) { $this->msg .= "\n" . $value . " is mandatory"; $this->error = TRUE; } } if (strlen($this->msg) > 0) { $this->msg = "\n" . "Fields marked with * must not be left empty" . $this->msg; } $error_login = FALSE; if (empty($login_name)) { $error_login = TRUE; $this->error = TRUE; } if (is_numeric($login_name)) { // Here we check the login name is numeric or not if (strlen($this->msg) > 0) { $this->msg .= "\n"; } $this->msg .= "Login name must not be numeric"; $error_login = TRUE; $this->error = TRUE; } if (is_numeric($first_name)) { // Here we check the first name is numeric or not if (strlen($this->msg) > 0) { $this->msg .= "\n"; } $this->msg .= "First name must not be numeric"; $error_login = TRUE; $this->error = TRUE; } if (is_numeric($last_name)) { // Here we check the last name is numeric or not if (strlen($this->msg) > 0) { $this->msg .= "\n"; } $this->msg .= "Last name must not be numeric"; $error_login = TRUE; $this->error = TRUE; } // if error occur than no need to checks these errors if (!$this->error) { if (!Validation::validate_email($email)) { $email_invalid = TRUE; $this->array_of_errors['error_email'] = $email_invalid; $this->error = TRUE; $this->msg .= " E-mail address ({$email}) is not valid"; } if ($password != $confirm_password) { $this->msg .= "\nPassword and Confirm Password do not match."; $error_password_conf = TRUE; $this->error = TRUE; } if (strlen($password) > 15) { $this->msg .= "\nThe password must be less than 15 characters."; $error_password_l = TRUE; $this->error = TRUE; } if (strlen($password) < 5) { $this->msg .= "\nThe password must be longer than 5 characters."; $error_password_g = TRUE; $this->error = TRUE; } } if (User::user_exist($login_name)) { $this->msg = "Login name {$login_name} is already taken"; $error_login = TRUE; $this->error = TRUE; } elseif (User::user_existed($login_name)) { $this->msg = "Login name {$login_name} has been used in the past; it belongs to a deleted user."; $error_login = $this->error = TRUE; } $this->array_of_errors = array("error_login" => $error_login, "error_first_name" => @$error_first_name, "error_email" => @$error_email, "error_password_conf" => @$error_password_conf, "error_password_l" => @$error_password_l, "error_password_g" => @$error_password_g); if ($this->error != TRUE) { $this->newuser->login_name = $login_name; //TODO: change to md5 $this->newuser->password = $password; $this->newuser->first_name = $first_name; $this->newuser->last_name = $last_name; $this->newuser->email = $email; if (!empty($params['user_filename'])) { $user_fn_base = basename($params['user_filename']); if (file_exists(PA::$upload_path . $user_fn_base)) { $this->newuser->picture = $user_fn_base; } } if ($this->error != TRUE) { try { $save_error = FALSE; $extra = unserialize($network_info->extra); if ($extra['email_validation'] == NET_NO) { // if email validation not required $this->newuser->is_active = ACTIVE; } else { $this->newuser->is_active = UNVERIFIED; } $this->newuser->save(); // saving data in user profile data also -- for searching making more easier $data_array = array(0 => array('uid' => $this->newuser->user_id, 'name' => 'first_name', 'value' => $this->newuser->first_name, 'type' => BASIC, 'perm' => 1), 1 => array('uid' => $this->newuser->user_id, 'name' => 'last_name', 'value' => $this->newuser->last_name, 'type' => BASIC, 'perm' => 1)); $this->newuser->save_user_profile($data_array, BASIC); // saving default notification for user from network notification setting $user_notification = array(); $profile = array(); $user_notification = $extra['notify_members']; $user_notification['msg_waiting_blink'] = $extra['msg_waiting_blink']; $profile['settings']['name'] = 'settings'; $profile['settings']['value'] = serialize($user_notification); $this->newuser->save_profile_section($profile, 'notifications'); // default notification for user ends $desktop_images = User_Registration::get_default_desktopimage($this->newuser->user_id, $network_info); // code for adding default desktop image for user if ($desktop_images == "") { $desktop_images = array('bay.jpg', 'everglade.jpg', 'bay_boat.jpg', 'delhi.jpg'); $rand_key = array_rand($desktop_images); $desk_img = $desktop_images[$rand_key]; } else { $desk_img = $desktop_images; } $data_array = array(0 => array('uid' => $this->newuser->user_id, 'name' => 'user_caption_image', 'value' => $desk_img, 'type' => GENERAL, 'perm' => 1)); //} $this->newuser->save_user_profile($data_array, GENERAL); if ($extra['email_validation'] == NET_NO) { //if email validation is not required // creating message basic folders Message::create_basic_folders($this->newuser->user_id); // adding default relation if ($this->newuser->user_id != SUPER_USER_ID) { User_Registration::add_default_relation($this->newuser->user_id, $network_info); } // adding default media as well as album User_Registration::add_default_media($this->newuser->user_id, '', $network_info); User_Registration::add_default_media($this->newuser->user_id, '_audio', $network_info); User_Registration::add_default_media($this->newuser->user_id, '_video', $network_info); User_Registration::add_default_blog($this->newuser->user_id); //adding default link categories & links User_Registration::add_default_links($this->newuser->user_id); // adding header image User_Registration::add_default_header($this->newuser->user_id); // Making user member of a network if he is registering to PA from a network if (!empty($network_info) && $network_info->type != PRIVATE_NETWORK_TYPE) { Network::join($network_info->network_id, $this->newuser->user_id); $params['uid'] = $this->newuser->user_id; auto_email_notification('some_joins_a_network', $params); } } } catch (PAException $e) { $this->msg = $e->message; if ($e->code == USER_EMAIL_NOT_UNIQUE) { $this->msg = "Email Address has already been taken, please enter other email address."; } $save_error = TRUE; if ($e->message == "The email address is invalid.") { $email_invalid = TRUE; $this->array_of_errors['error_email'] = $email_invalid; } } } } if ($this->error == TRUE || $save_error == TRUE) { $this->msg = "Sorry! your registration failed. " . $this->msg; return FALSE; } // success! return TRUE; }