public function setEmail($string) { $validator = new Validator(); if ($validator->validateEmail($string)) { } $this->email = $string; }
public function add() { $user = ModelFactory::createModel('User'); $name = $this->request->params['passed']['username']; $email = $this->request->params['passed']['email']; $pw = $this->request->params['passed']['password']; $pwconfirm = $this->request->params['passed']['password_confirmed']; if (!empty($name) && Validator::validateEmail($email) && $user->isUniqueEmail($email) && !Validator::validatePW($pw) && Validator::confirmPW($pw, $pwconfirm)) { $user->setNickname($name); $user->setEmail($email); $user->setPassword($pw); $user->create(); $_SESSION['user_id'] = $user->getId(); $_SESSION['nickname'] = $user->getNickname(); return $this->redirect(ROOT . '/blogs/index'); } return $this->redirect(ROOT . '/login/index?flash=Please adjust the wrong input fields&title=Registration failed'); }
function actionLogin($params = '') { if (!empty($params['email']) && !empty($params['password'])) { if ($this->objAuthentication->login($params['email'], $params['password'])) { //no errors, continue to home /*$objDispatcher = new Dispatcher; $objDispatcher->setController('Forum'); $objDispatcher->setAction('Index'); $objDispatcher->setParams($params); $objDispatcher->dispatch();*/ $this->actionIndex($params); } else { $this->view->assign('errorMsg', 'Unable to login, try again.'); $this->view->assign('content', $this->view->fetch('tpl/community/login.tpl')); $this->finish(); } } else { if (!empty($params['createAccount']) && $params['createAccount'] == 1) { $errorMessages = array(); $objValidator = new Validator(); $objValidator->reset(); $objValidator->validateEmail($params['create_email']); $objValidator->validatePassword($params['create_password']); $objValidator->passwordsMatch($params['create_password'], $params['create_password2']); $objValidator->validateName($params['create_displayName']); if ($objValidator->hasError || empty($params['create_terms'])) { $error = $objValidator->getError(); if (empty($params['create_terms'])) { $error[] = 'You must agree to the Terms of Use to make an account'; } $this->view->assign('errorMessages', $error); $this->view->assign('created', false); } else { $userData = array(); $userData['email'] = $params['create_email']; $userData['password'] = $params['create_password']; $userData['displayName'] = $params['create_displayName']; $userModel = new UserModel(); $created = $userModel->createUser($userData); if (!empty($created)) { $this->view->assign('created', true); $objEmail = new Emailer(); $objEmail->setFrom(CONTACT_EMAIL); $objEmail->setSubject('Retail Roar Community account created'); $objEmail->addTO($userData['email']); $objEmail->setBody($this->view->fetch('emails/communitysignup.tpl'), true); $sent = $objEmail->sendMail(); } else { $this->view->assign('created', false); $this->view->assign('errorMessages', $userModel->errorMsg); } $this->view->assign('submitted', true); } $this->view->assign('content', $this->view->fetch('tpl/community/login.tpl')); $this->finish(); } else { if ($this->objAuthentication->loggedIn()) { $this->view->assign('content', 'Already logged in.'); $this->finish(); } else { $this->view->assign('content', $this->view->fetch('tpl/community/login.tpl')); $this->finish(); } } } }
/* What the hell is this supposed to be doing??? */ if ($check->foundErrors()) { $error1 .= $check->listErrors('x'); } if (isset($error1) && $error1) { $err = explode('|', $error1); $error = $err[0]; } } else { $pixie_login_username = str_replace(" ", "", preg_replace('/\\s\\s+/', ' ', trim($pixie_login_username))); /* This ensures no spaces in the username */ } if (!isset($error) && !$error) { $check_result_number = $check_result_number + 1; } if (!$pixie_email && !$check->validateEmail($pixie_email, $lang['user_email_error'] . ' ')) { $scream[] = 'email'; if ($pixie_email === NULL) { $error1 .= $lang['user_email_error'] . ' '; $scream[] = 'email'; if ($check->foundErrors()) { $error1 .= $check->listErrors('x'); } if (isset($error1) && $error1) { $err = explode('|', $error1); $error = $err[0]; } } } if (!isset($error) && !$error) { $check_result_number = $check_result_number + 1;
} $scream = array(); if (!$name) { if (isset($error)) { } else { $error = NULL; } $error .= $lang['comment_name_error'] . ' '; $scream[] = 'name'; } if (!$comment) { $error .= $lang['comment_comment_error'] . ' '; $scream[] = 'comment'; } $check = new Validator(); if (!$check->validateEmail($email, $lang['comment_email_error'] . ' ')) { $scream[] = 'email'; } if (!preg_match('/localhost/', $prefs['site_url']) && !preg_match('/127.0.0./', $prefs['site_url'])) { if ($web && !$check->validateURL($web, $lang['comment_web_error'] . ' ')) { $scream[] = 'web'; } } if ($comment !== NULL) { $duplicate = 0; $last_comment_last_number = getThing($query = 'SELECT * FROM pixie_module_comments ORDER BY comments_id DESC'); $last_comment = getThing($query = "SELECT comment FROM pixie_module_comments WHERE comments_id='{$last_comment_last_number}'"); if (strcasecmp($comment, $last_comment) === 0) { $duplicate = 1; } }
protected function testEmail($eid_or_elem) { return Validator::validateEmail($this->getFirstElementValue($eid_or_elem)); }
$res["reason"] = "用户信息更新失败!"; } } else { $res["reason"] = "输入不合法!"; } } else { $res["reason"] = "两次密码不同!"; } } else { $res["reason"] = "新旧密码不能一样!"; } } else { $res["reason"] = "密码错误!"; } } else { if (Validator::validateUserName($username) && Validator::validateEmail($email)) { $user->username = $username; $user->email = $email; if ($user->updateUser($id)) { $_SESSION['user_info']['username'] = $username; $_SESSION['user_info']['email'] = $email; $res["result"] = true; $res["reason"] = "用户信息更新成功!"; } else { $res["reason"] = "用户信息更新失败!"; } } else { $res["reason"] = "输入不合法!"; } } }
} if (isset($user_new) && $user_new) { $table_name = 'pixie_users'; $check = new Validator(); if (!isset($uname) or $uname == "") { $error .= $lang['user_name_missing'] . ' '; $scream[] = 'uname'; } if (isset($uname)) { $uname = str_replace(" ", "", preg_replace('/\\s\\s+/', ' ', trim($uname))); } if (!isset($realname) or $realname == "") { $error .= $lang['user_realname_missing'] . ' '; $scream[] = 'realname'; } if (!isset($email) or !$check->validateEmail($email, $lang['user_email_error'] . ' ')) { $scream[] = 'email'; } if ($check->foundErrors()) { $error .= $check->listErrors('x'); } if (!isset($error)) { $password = generate_password(6); $nonce = md5(uniqid(rand(), TRUE)); $sql = "user_name = '{$uname}', realname = '{$realname}', email = '{$email}', pass = password(lower('{$password}')), nonce = '{$nonce}', privs = '{$privilege}', link_1 = 'http://www.toggle.uk.com', link_2 = 'http://www.getpixie.co.uk', link_3 = 'http://www.iwouldlikeawebsite.com', biography=''"; if (isset($table_name)) { $ok = safe_insert($table_name, $sql); } if (!$ok) { $message = $lang['user_duplicate']; $do = 'newuser';
public static function create($username, $password, $repeat, $email) { /* We load the $dbConn variable as global to use it inside the function. */ global $dbConn; /* * We first need to sanitize the variables we got in order to avoid * SQL injection attacks from malicious users. */ $username = $dbConn->real_escape_string($username); $password = $dbConn->real_escape_string($password); $repeat = $dbConn->real_escape_string($repeat); $email = $dbConn->real_escape_string($email); /* We check if the two passwords match each other. */ if ($password == $repeat) { /* Check if username is empty. */ if (Validator::isEmpty($username)) { new Message(3); return; } /* We check if the user has supplied a valid email address. */ if (Validator::validateEmail($email) == false) { new Message(6); return; } /* We check for duplicate usernames. */ if (Validator::userExists($username)) { new Message(8); return; } /* We check for duplicate email address. */ if (Validator::emailExists($email)) { new Message(9); return; } /* * Check password for security. * Password security policy rules: * --------------------------------- * 1. It must contain both numbers/letters. * 2. It must be longer than 8 characters. */ if (Validator::isValidPassword($password) == false) { new Message(10); return; } /* We generate a new unique salt for the user. */ $salt = Salt::getHash(); /* * We now need to store the password as a hash and for that reason * we will use the hash function sha-256 which generates a 64 character * hash (256 bits long and uses 4 bits per character = 64 characters). * We also mix the salt with the hash so that it is harder for an * attacker to bruteforce the hash and find the correct password. */ $hashedPassword = hash("sha256", $salt . $password . $salt); /* We build our query and execute it. */ $result = $dbConn->query("INSERT INTO `accounts` VALUES ('', '{$username}', '{$hashedPassword}', '{$email}', '{$salt}', NULL, NULL);"); /* Supposing the query ran then */ if ($result) { //The account was created successfully. new Message(7, "success"); } } else { /* The two passwords don't match each other. */ new Message(5); } }
protected function validate_email() { if ($this->testRequiredNonDefault('email')) { return Validator::validateEmail($this->getFirstElementValue('email')) ? self::STR_OK : self::STR_INVALID; } else { return self::STR_MISSING; } }
} } } if ($at[$j] == 'longtext') { // remove para from <!--more--> if (isset($m) && $m == 'dynamic') { // hacky to try and clean the more $value = str_replace('<p><!--more--></p>', '<!--more-->', $value); $value = str_replace('<p> <!--more--></p>', '<!--more-->', $value); $value = str_replace('<!--more--></p>', '</p><!--more-->', $value); $value = str_replace('<p><!--more-->', '<!--more--><p>', $value); } } if ($an[$j] == 'email') { if ($nullf[0] == 'not_null') { $check->validateEmail($value, $lang['email_error'] . ' '); } else { if ($value != "") { $check->validateEmail($value, $lang['email_error'] . ' '); } } } if ($nullf[0] == 'not_null' && $value == "") { $error .= ucwords($an[$j]) . " " . $lang['is_required'] . ' '; } // if empty int set to 0 if ($at[$j] == 'int') { $value = $value ? $value : 0; } if (isset($sql)) { } else {
function saveUser($data) { // dont trust posted user_id if (!empty($data['user_id'])) { if ($data['user_id'] != $this->objAuthentication->user_id) { // editing someone elses profile $this->errorMsg = 'Unauthorized'; return false; } } $user_id = false; $this->errorMsg = null; $saveData = array(); $saveData['id'] = !empty($data['user_id']) ? intval($data['user_id']) : false; $saveData['email'] = !empty($data['user_email']) ? $data['user_email'] : false; $saveData['company'] = !empty($data['user_company']) ? $data['user_company'] : false; $saveData['title'] = !empty($data['user_title']) ? $data['user_title'] : false; $saveData['fName'] = !empty($data['user_fName']) ? $data['user_fName'] : false; $saveData['lName'] = !empty($data['user_lName']) ? $data['user_lName'] : false; $saveData['phone'] = !empty($data['user_phone']) ? $data['user_phone'] : false; $saveData['address'] = !empty($data['user_address']) ? $data['user_address'] : false; $saveData['address2'] = !empty($data['user_address2']) ? $data['user_address2'] : false; $saveData['city'] = !empty($data['user_city']) ? $data['user_city'] : false; $saveData['province'] = !empty($data['user_province']) ? $data['user_province'] : false; $saveData['country'] = !empty($data['user_country']) ? $data['user_country'] : false; $saveData['zip'] = !empty($data['user_zip']) ? $data['user_zip'] : false; if (!empty($data['user_password'])) { $saveData['password'] = !empty($data['user_password']) ? $data['user_password'] : false; } if (isset($data['active'])) { $saveData['active'] = intval($data['active']); } if (!empty($data['activateString'])) { $saveData['activateString'] = $data['activateString']; } // validate it all $objValidator = new Validator(); $objValidator->validateEmail($saveData['email']); $objValidator->validateName($saveData['fName']); $objValidator->validateName($saveData['lName']); $objValidator->validatePhone($saveData['phone']); $objValidator->validateNotEmpty($saveData['title'], 'title'); $objValidator->validateNotEmpty($saveData['company'], 'company'); $objValidator->validateNotEmpty($saveData['address'], 'address'); $objValidator->validateNotEmpty($saveData['city'], 'city'); $objValidator->validateNotEmpty($saveData['province'], 'province'); $objValidator->validateNotEmpty($saveData['country'], 'country'); $objValidator->validateNotEmpty($saveData['zip'], 'zip'); if (!empty($data['password'])) { $objValidator->validatePassword($saveData['password']); @$objValidator->passwordsMatch($saveData['password'], $data['password2']); } if ($objValidator->hasError) { $this->errorMsg = $objValidator->getError(); } else { $objUser = new UserModel(); $user_id = $objUser->saveUser($saveData); } return $user_id; }
$password_2 = $_POST["password_2"]; $invitation_code = $_POST["invitation_code"]; $captcha = $_POST["captcha"]; $username = $username ? htmlspecialchars($username, ENT_QUOTES) : ""; $email = $email ? htmlspecialchars($email, ENT_QUOTES) : ""; $password_1 = $password_1 ? $password_1 : ""; $password_2 = $password_2 ? $password_2 : ""; $invitation_code = $invitation_code ? $invitation_code : ""; $captcha = $captcha ? $captcha : ""; $res = array("result" => false, "reason" => ""); if ($password_1 != $password_2) { $res["reason"] = "两次密码输入不同!"; die(json_encode($res)); } //string format validate if (!(Validator::validateUserName($username) && Validator::validateEmail($email) && Validator::validatePassword($password_1) && Validator::validateCaptcha($captcha))) { $res["reason"] = "输入不合法!"; die(json_encode($res)); } //Captcha Validate require_once PHP_BASE_DIR . "/securimage/securimage.php"; $img = new Securimage(); if ($img->check($captcha) == false) { $res['reason'] = '验证码错误!'; die(json_encode($res)); } $db = new MySQL($log); if ($mysqli = $db->openDB()) { $user = new User($mysqli, $log); $invitation = new Invitation($mysqli, $log); if ($user->getUserByName($username)) {