Exemplo n.º 1
0
function account_register_new($unix_name, $realname, $password1, $password2, $email, $language, $timezone, $mail_site, $mail_va, $language_id, $timezone)
{
    global $feedback;
    if (db_numrows(db_query("SELECT user_id FROM users WHERE user_name LIKE '{$unix_name}'")) > 0) {
        $feedback .= "That username already exists.";
        return false;
    }
    // Check that username is not identical with an existing unix groupname (groups) helix 22.06.2001
    if (db_numrows(db_query("SELECT unix_group_name FROM groups WHERE unix_group_name LIKE '{$unix_name}'")) > 0) {
        $feedback .= "That username is identical with the unixname of an existing group.";
        return false;
    }
    // End of change helix 22.06.2001
    if (!$unix_name) {
        $feedback .= "You must supply a username.";
        return false;
    }
    if (!$password1) {
        $feedback .= "You must supply a password.";
        return false;
    }
    if ($password1 != $password2) {
        $feedback .= "Passwords do not match.";
        return false;
    }
    if (!account_pwvalid($password1)) {
        $feedback .= ' Password must be at least 6 characters. ';
        return false;
    }
    if (!account_namevalid($unix_name)) {
        $feedback .= ' Invalid Unix Name ';
        return false;
    }
    if (!validate_email($email)) {
        $feedback .= ' Invalid Email Address ';
        return false;
    }
    // if we got this far, it must be good
    $confirm_hash = substr(md5($session_hash . $HTTP_POST_VARS['form_pw'] . time()), 0, 16);
    $result = db_query("INSERT INTO users (user_name,user_pw,unix_pw,realname,email,add_date," . "status,confirm_hash,mail_siteupdates,mail_va,language,timezone) " . "VALUES ('{$unix_name}'," . "'" . md5($password1) . "'," . "'" . account_genunixpw($password1) . "'," . "'" . "{$realname}'," . "'{$email}'," . "'" . time() . "'," . "'P'," . "'{$confirm_hash}'," . "'" . ($mail_site ? "1" : "0") . "'," . "'" . ($mail_va ? "1" : "0") . "'," . "'{$language_id}'," . "'{$timezone}')");
    $user_id = db_insertid($result, 'users', 'user_id');
    if (!$result || !$user_id) {
        $feedback .= ' Insert Failed ' . db_error();
        return false;
    } else {
        // send mail
        $message = "Thank you for registering on the " . $GLOBALS['sys_default_name'] . " web site. In order\n" . "to complete your registration, visit the following url: \n\n" . "https://" . $GLOBALS['HTTP_HOST'] . "/account/verify.php?confirm_hash={$confirm_hash}\n\n" . "Enjoy the site.\n\n" . " -- the " . $GLOBALS['sys_default_name'] . " staff\n";
        mail($email, $GLOBALS['sys_default_name'] . " Account Registration", $message, "From: noreply@" . $GLOBALS['sys_default_domain']);
        return $user_id;
    }
}
Exemplo n.º 2
0
 /**
  *	setPasswd - Changes user's password.
  *
  *	@param	string	The plaintext password.
  *	@return boolean success.
  */
 function setPasswd($passwd)
 {
     global $SYS;
     if (!account_pwvalid($passwd)) {
         $this->setError('Error: ' . $GLOBALS['register_error']);
         return false;
     }
     db_begin();
     $unix_pw = account_genunixpw($passwd);
     $res = db_query("\n\t\t\tUPDATE users\n\t\t\tSET user_pw='" . md5($passwd) . "',\n\t\t\tunix_pw='{$unix_pw}'\n\t\t\tWHERE user_id='" . $this->getID() . "'\n\t\t");
     if (!$res || db_affected_rows($res) < 1) {
         $this->setError('ERROR - Could Not Change User Password: '******'{crypt}' . $unix_pw)) {
                 $this->setError($SYS->getErrorMessage());
                 db_rollback();
                 return false;
             }
         }
     }
     $hook_params = array();
     $hook_params['user'] = $this;
     $hook_params['user_id'] = $this->getID();
     $hook_params['user_password'] = $passwd;
     plugin_hook("user_setpasswd", $hook_params);
     db_commit();
     return true;
 }