function perform_operation($op)
{
if ($op == 'login') {
validate_user($_POST["useremail"], $_POST["userpassword"]);
} else {
if ($op == 'getyaks') {
get_yaks($_POST["longitude"], $_POST["latitude"]);
} else {
if ($op == 'post_yak') {
post_yak($_POST["postedyak"], $_POST["latitude"], $_POST["longitude"]);
} else {
if ($op == 'banned_user') {
banned_user($_POST["useremail"]);
} else {
if ($op == 'add_user') {
add_user($_POST["useremail"], $_POST["userpassword"]);
} else {
if ($op == 'send_email') {
send_email($_POST["email"]);
} else {
if ($op == 'getHot_yaks') {
getHot_yaks();
} else {
if ($op == 'getCold_yaks') {
getCold_yaks();
} else {
if ($op == 'upvote') {
upvote($_POST["id"]);
} else {
if ($op == 'downvote') {
downvote($_POST["id"]);
}
}
}
}
}
}
}
}
}
}
}
function attempt_register($username, $password1, $password2)
{
$pass1 = trim($password1);
$pass2 = trim($password2);
if ($username != "" && $pass1 != "" && $pass2 != "") {
$user = find_username($username);
if (!$user) {
if ($pass1 === $pass2) {
$encryptedPass = password_encrypt($pass1);
add_user($username, $encryptedPass);
return true;
} else {
echo "<div id=\"error\">";
echo "passwords do not match";
echo "</div>";
}
} else {
echo "<div id=\"error\">";
echo " this user name has been taken";
echo "</div>";
}
} else {
echo "<div id=\"error\">";
echo "please enter all feilds";
echo "</div>";
}
}
public static function setUpBeforeClass()
{
global $fossology_testconfig;
global $scheduler_path;
global $cp2foss_path;
global $PG_CONN;
$fossology_testconfig = getenv('FOSSOLOGY_TESTCONFIG');
/** set default config dir as /etc/fossology/ */
if (empty($fossology_testconfig)) {
$fossology_testconfig = "/usr/local/etc/fossology/";
}
fwrite(STDOUT, __METHOD__ . " got fossology_testconfig = '{$fossology_testconfig}'\n");
$cp2foss_path = "cp2foss";
/* locate the scheduler binary */
$scheduler_path = $fossology_testconfig . "/mods-enabled/scheduler/agent/fo_scheduler";
if (!is_executable($scheduler_path)) {
print "Error: Scheduler path '{$scheduler_path}' is not executable!\n";
exit(1);
}
/* invoke the scheduler */
$scheduler_cmd = "{$scheduler_path} --daemon --reset --verbose=952 -c {$fossology_testconfig}";
print "DEBUG: Starting scheduler with '{$scheduler_cmd}'\n";
exec($scheduler_cmd, $output, $return_var);
//print_r($output);
if ($return_var != 0) {
print "Error: Could not start scheduler '{$scheduler_path}'\n";
print "{$output}\n";
exit(1);
}
$PG_CONN = connect_to_DB($fossology_testconfig);
// connect db
add_user("fossy", "fossy");
// add account fossy/fossy
print "\nStarting functional test for cp2foss. \n";
}
function olpay_end($numcode)
{
global $db, $pre, $webdb, $banktype, $pay_code, $lfjuid;
$pay_code = str_replace('QIBO', '=', $pay_code);
//这个符号“=”容易出问题
if (!$pay_code) {
showerr("数据有误!!");
}
list($type, $atc_moeny, $atc_numcode, $mid, $shopmoney) = explode("\t", mymd5($pay_code, 'DE'));
if ($atc_numcode != intval($numcode)) {
showerr("数据被修改过!!");
}
//主要是针对支付宝不能单纯一位数字的问题,inc/olpay/alipay.php,文件中做了修改
$numcode = str_replace("code", "", $numcode);
//万能表单订单
if ($type == 'form') {
$rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `formid`='{$mid}'");
//商城订单
} elseif ($type == 'module') {
$rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `moduleid`='{$mid}'");
$db->query("UPDATE {$pre}shoporderuser SET ifpay='1' WHERE id='{$atc_numcode}'");
//奖励积分
if ($shopmoney) {
add_user($lfjuid, $shopmoney, '购买商品得分');
}
}
if (!$rt) {
showerr('系统中没有您的订单,无法完成支付!');
}
if ($rt['ifpay'] == 1) {
showerr('该订单已经支付成功!');
}
$db->query("UPDATE {$pre}olpay SET ifpay='1' WHERE id='{$rt['id']}'");
refreshto("{$webdb['www_url']}/", "恭喜你支付成功", 60);
}
function try_add_user($login, $pass, $pass2, $realname, $session, $is_admin, $antispam)
{
$return_val = false;
// Help prevent robot registrations
if (!check_antispam($antispam)) {
display_error("Invalid security code");
} else {
if ($session != md5(session_id() . $_SERVER['REMOTE_ADDR'])) {
display_error("Invalid session.");
} else {
if ($pass != $pass2) {
display_warning("Password mismatch");
} else {
if ($realname == '' || $pass == '' || $pass2 == '' || $login == '') {
display_warning("Please fill out all fields");
} else {
if (get_user_id($login) > 0) {
display_error("The user <strong>{$login}</strong> already exists.");
} else {
add_user($login, $realname, $pass, $is_admin);
$return_val = display_success("<strong>{$login}</strong> has been successfully created");
}
}
}
}
}
return $return_val;
}
function user_add()
{
$code = _post('code');
if ($_SESSION['code'] == $code) {
if (add_user(trim(@mysql_real_escape_string(_post('username'))), @mysql_real_escape_string(_post('email')), md5(@mysql_real_escape_string(_post('password'))), '') > 0) {
return ajax_echo('注册成功');
}
} else {
return ajax_echo('验证码错误');
}
}
public function setUp()
{
$this->genre = "Bouncing";
$this->the_title = "My First DVD Title";
add_genre($this->genre, "A description of {$genre}");
$values = array($this->the_title, "2005", "Bob Jangles", "18", $this->genre);
add_dvd($values);
$this->testusername = "******";
$this->testpassword = "******";
add_user($this->testusername, $this->testpassword);
// store in object so we can use them later on.
}
function olpay_end($numcode)
{
global $db, $pre, $webdb, $banktype;
$rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `paytype`=1");
if (!$rt) {
showerr('系统中没有您的充值订单,无法完成充值!');
}
if ($rt['ifpay'] == 1) {
showerr('该订单已经充值成功!');
}
$db->query("UPDATE {$pre}olpay SET ifpay='1' WHERE id='{$rt['id']}'");
$num = $rt[money] * $webdb[alipay_scale];
add_user($rt[uid], $num, '在线充值');
refreshto("{$webdb['www_url']}/", "恭喜你充值成功", 10);
}
function do_wefact_auth($u, $p)
{
$wefact = new WeFactApi();
$r = $wefact->sendRequest('debtor', 'show', array('DebtorCode' => $u));
if (isset($r['status']) && $r['status'] == 'success') {
$r = $wefact->sendRequest('debtor', 'checklogin', array('Username' => $u, 'Password' => $p));
if (isset($r['status']) && $r['status'] == 'success') {
if (get_user_info($u) == FALSE) {
add_user($u);
}
return TRUE;
}
return FALSE;
} else {
return -1;
}
}
function get_allInfo($value, $type = 'id')
{
global $webdb;
$array1 = $this->get_passport($value, $type);
if (!$array1) {
return;
}
$array2 = $this->get_info($value, $type);
if ($array2) {
$array1 = $array2 + $array1;
} else {
$array = array('uid' => $array1[uid], 'username' => $array1[username], 'email' => $array1[email], 'yz' => $webdb[RegYz]);
$this->register_data($array);
add_user($array1[uid], $webdb[regmoney], '注册得分');
$array1[yz] = $webdb[RegYz];
}
return $array1;
}
/**
* Tests the controller function that expects slashed data
*
*/
function test_add_user()
{
$_POST = $_GET = $_REQUEST = array();
$_POST['user_login'] = '******';
$_POST['pass1'] = 'password';
$_POST['pass2'] = 'password';
$_POST['role'] = 'subscriber';
$_POST['email'] = '*****@*****.**';
$_POST['first_name'] = $this->slash_1;
$_POST['last_name'] = $this->slash_3;
$_POST['nickname'] = $this->slash_5;
$_POST['display_name'] = $this->slash_7;
$_POST['description'] = $this->slash_3;
$_POST = add_magic_quotes($_POST);
// the edit_post() function will strip slashes
$id = add_user();
$user = get_user_to_edit($id);
$this->assertEquals($this->slash_1, $user->first_name);
$this->assertEquals($this->slash_3, $user->last_name);
$this->assertEquals($this->slash_5, $user->nickname);
$this->assertEquals($this->slash_7, $user->display_name);
$this->assertEquals($this->slash_3, $user->description);
$_POST = $_GET = $_REQUEST = array();
$_POST['user_login'] = '******';
$_POST['pass1'] = 'password';
$_POST['pass2'] = 'password';
$_POST['role'] = 'subscriber';
$_POST['email'] = '*****@*****.**';
$_POST['first_name'] = $this->slash_2;
$_POST['last_name'] = $this->slash_4;
$_POST['nickname'] = $this->slash_6;
$_POST['display_name'] = $this->slash_2;
$_POST['description'] = $this->slash_4;
$_POST = add_magic_quotes($_POST);
// the edit_post() function will strip slashes
$id = add_user();
$user = get_user_to_edit($id);
$this->assertEquals($this->slash_2, $user->first_name);
$this->assertEquals($this->slash_4, $user->last_name);
$this->assertEquals($this->slash_6, $user->nickname);
$this->assertEquals($this->slash_2, $user->display_name);
$this->assertEquals($this->slash_4, $user->description);
}
function get_content($page)
{
if (!isset($page)) {
$page = "";
}
switch ($page) {
case 'add_user':
add_user();
break;
case 'get_fed_balance':
get_fed_balance();
break;
case 'change_fed_pin':
change_fed_pin();
break;
case 'change_fed_password':
change_fed_password();
break;
case 'transfer_to_bank':
transfer_to_bank();
break;
case 'transfer_internal_funds':
transfer_internal_funds();
break;
case 'view_account_funds':
view_account_funds();
break;
case 'view_transactions':
view_transactions();
break;
case 'pay_bill':
pay_bill();
break;
case 'change_local_password':
change_local_password();
break;
case 'change_page':
change_page();
break;
default:
echo "Please Select Choice.";
}
}
function register($username, $password, $confirm)
{
if (empty($username)) {
return error_message(E_REGISTER, E_NO_USERNAME);
}
if (empty($password)) {
return error_message(E_REGISTER, E_NO_PASSWORD);
}
if (empty($confirm)) {
return error_message(E_REGISTER, E_NO_CONFIRM);
}
if ($password !== $confirm) {
return error_message(E_REGISTER, 'Mismatch');
}
// $user = look_up_key_value($username, USER_ACCOUNT_FILE);
$user = lookup_user($username);
if (!empty($user)) {
return error_message(E_REGISTER, E_ACCOUNT_EXISTS);
}
// add_key_value($username, [$username, password_hash($password, PASSWORD_DEFAULT)], USER_ACCOUNT_FILE);
add_user($username, password_hash($password, PASSWORD_DEFAULT));
set_user($username);
return '';
}
public function proceed()
{
if (Input::get('currStep') == "1") {
$lang = Input::get('language');
Config::set('app.locale', $lang);
$this->data['currStep'] = "2";
}
if (Input::get('currStep') == "2") {
$title = isset($_POST['title']) ? $_POST['title'] : 'Shopvel';
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$email = $_POST['email'];
$url = $_POST['url'];
$this->data['currStep'] = "3";
if (empty($username) || empty($password) || empty($email) || $password !== $password2) {
if (empty($username) || empty($password) || empty($email)) {
$this->data['installErrors'][] = "Please fill in all required(*) fields.";
}
if ($password !== $password2) {
$this->data['installErrors'][] = "Password fields are not identical.";
}
$this->data['currStep'] = "2";
} else {
add_user($username, $email, $password, 'admin', '', 1);
add_option('sitename', $title);
add_option('sitedescription', '');
add_option('adminurl', $url);
add_option('theme', 'default');
add_option('loginurl', 'login');
add_option('registerurl', 'register');
$this->data['currStep'] = "3";
}
}
return View::make('install', $this->data);
}
if (isset($_POST['submit'])) {
// did they fall for the honeypot?
if ($_POST['username']) {
$error = "bot.";
} else {
load_hook('registration_check');
if (!$error) {
// If they want to validate age then ok!
if ($config['age_validation']) {
// Age conversion
$age = "{$_POST['month']}/{$_POST['day']}/{$_POST['year']}";
} else {
$age = false;
}
// The results
$result = add_user($_POST['blatent'], $_POST['password'], $_POST['pagain'], $_POST['email'], $age);
// Check the results?
if (is_string($result)) {
// String is instant error.
$error = $result;
} else {
if ($result === false) {
$error = lang('error_unknown');
} else {
if (is_numeric($result)) {
switch ($result) {
case 1:
header('location: index.php');
break;
case 904:
$success = lang_parse('success_reg_email_msg', array($_POST['email']));
$initial_group_id = $forum_config['o_regs_verify'] == '0' ? $forum_config['o_default_user_group'] : FORUM_UNVERIFIED;
}
$salt = random_key(12);
$password_hash = forum_hash($password1, $salt);
// Validate timezone and DST
$timezone = isset($_POST['timezone']) ? floatval($_POST['timezone']) : $forum_config['o_default_timezone'];
// Validate timezone — on error use default value
if ($timezone > 14.0 || $timezone < -12.0) {
$timezone = $forum_config['o_default_timezone'];
}
// DST
$dst = isset($_POST['dst']) && intval($_POST['dst']) === 1 ? 1 : $forum_config['o_default_dst'];
// Insert the new user into the database. We do this now to get the last inserted id for later use.
$user_info = array('username' => $username, 'pubkey' => $pubkey, 'btcaddress' => $btcaddress, 'invitedBy' => $username2, 'group_id' => $initial_group_id, 'salt' => $salt, 'password' => $password1, 'password_hash' => $password_hash, 'email' => $email1, 'email_setting' => $forum_config['o_default_email_setting'], 'timezone' => $timezone, 'dst' => $dst, 'language' => $language, 'style' => $forum_config['o_default_style'], 'registered' => time(), 'registration_ip' => get_remote_address(), 'activate_key' => $forum_config['o_regs_verify'] == '1' ? '\'' . random_key(8, true) . '\'' : 'NULL', 'require_verification' => $forum_config['o_regs_verify'] == '1', 'notify_admins' => $forum_config['o_regs_report'] == '1');
($hook = get_hook('rg_register_pre_add_user')) ? eval($hook) : null;
add_user($user_info, $new_uid);
// If we previously found out that the e-mail was banned
if ($banned_email && $forum_config['o_mailing_list'] != '') {
$mail_subject = 'Alert - Banned e-mail detected';
$mail_message = 'User \'' . $username . '\' registered with banned e-mail address: ' . $email1 . "\n\n" . 'User profile: ' . forum_link($forum_url['user'], $new_uid) . "\n\n" . '-- ' . "\n" . 'Forum Mailer' . "\n" . '(Do not reply to this message)';
($hook = get_hook('rg_register_banned_email')) ? eval($hook) : null;
forum_mail($forum_config['o_mailing_list'], $mail_subject, $mail_message);
}
// If we previously found out that the e-mail was a dupe
if (!empty($dupe_list) && $forum_config['o_mailing_list'] != '') {
$mail_subject = 'Alert - Duplicate e-mail detected';
$mail_message = 'User \'' . $username . '\' registered with an e-mail address that also belongs to: ' . implode(', ', $dupe_list) . "\n\n" . 'User profile: ' . forum_link($forum_url['user'], $new_uid) . "\n\n" . '-- ' . "\n" . 'Forum Mailer' . "\n" . '(Do not reply to this message)';
($hook = get_hook('rg_register_dupe_email')) ? eval($hook) : null;
forum_mail($forum_config['o_mailing_list'], $mail_subject, $mail_message);
}
($hook = get_hook('rg_register_pre_login_redirect')) ? eval($hook) : null;
if ($user_type != $LIS_CLERK) {
if ($_REQUEST['showpname'] == 1) {
$user_type = $LIS_TECH_SHOWPNAME;
}
}
$user = new User();
$user->username = $username;
$user->password = $password;
$user->level = $user_type;
$user->actualName = $fullname;
$user->labConfigId = $lab_config_id;
$user->email = $email;
$user->phone = $phone;
$user->createdBy = $_SESSION['user_id'];
$user->langId = $lang_id;
add_user($user);
?>
<table cellspacing="20px">
<tr>
<td>
<?php
echo LangUtil::$generalTerms['MSG_ACC_ADDED'] . "<br>";
echo LangUtil::$generalTerms['USERNAME'] . ": " . $user->username;
echo "<br>";
echo LangUtil::$generalTerms['PWD_TEMP'] . ": " . $user->password;
?>
</td>
</tr>
</table>
<?php
SessionUtil::restore($saved_session);
<?php
if (!function_exists('html')) {
die('F');
}
if (!$lfjuid) {
showerr('请先登录');
}
$_erp = $Fid_db[tableid][$fid];
$rs = $db->get_one("SELECT * FROM {$_pre}content{$_erp} WHERE id='{$id}'");
if ($rs[uid] != $lfjuid && !$web_admin) {
showerr('你没权限');
}
$list = $timestamp + 3600 * 24 * $webdb[Info_TopDay];
if (!$web_admin) {
$lfjdb[money] = intval(get_money($lfjuid));
if ($lfjdb[money] < $webdb[Info_TopMoney]) {
showerr("你的积分不足:{$webdb['Info_TopMoney']},不能选择置顶");
}
add_user($lfjuid, -intval($webdb[Info_TopMoney]), '置顶扣分');
}
$db->query("UPDATE {$_pre}content{$_erp} SET list='{$list}' WHERE id='{$id}'");
refreshto("{$FROMURL}", "置顶成功", 1);
$new_passwd = $_POST['ajax_newpasswd'];
}
update_user($uid, $new_passwd, $fname, $lname, $email, $active);
break;
// the caller wishes to add a new
// user to the db
// the caller wishes to add a new
// user to the db
case "add_user":
$uname = $_POST['ajax_uname'];
$passwd = $_POST['ajax_passwd'];
$fname = $_POST['ajax_fname'];
$lname = $_POST['ajax_lname'];
$email = $_POST['ajax_email'];
$active = $_POST['ajax_active'];
add_user($uname, $passwd, $fname, $lname, $email, $active);
// regenerate the user list
// and send back the new list
// as xml
get_user_list($user_list);
$xml = generate_object_list_xml($user_list, "");
echo $xml;
break;
}
}
}
///
/// get_user_list()
/// get the user list from the
/// database
///
if (!$db_server) {
die("Unable to connect to MySQL: " . mysql_error());
}
mysqli_select_db($db_server, $db_database) or die("Unable to select database: " . mysql_error());
$query = "CREATE TABLE users (\n\t\t\tforename VARCHAR(32) NOT NULL, \n\t\t\tsurname VARCHAR(32) NOT NULL, \n\t\t\tusername VARCHAR(32) NOT NULL UNIQUE, \n\t\t\tpassword VARCHAR(32) NOT NULL \n\t)";
$result = mysqli_query($db_server, $query);
if (!$result) {
die("Database access failed: " . mysqli_error($db_server));
}
$salt1 = "z0on!";
$salt2 = "&!h*";
$forename = 'Bill';
$surname = 'Smith';
$username = '******';
$password = '******';
$token = md5("{$salt1}{$password}{$salt2}");
add_user($db_server, $forename, $surname, $username, $token);
$forename = 'Pauline';
$surname = 'Jones';
$username = '******';
$password = '******';
$token = md5("{$salt1}{$password}{$salt2}");
add_user($db_server, $forename, $surname, $username, $token);
function add_user($db, $fn, $sn, $un, $pw)
{
$query = "INSERT INTO users VALUES('{$fn}', '{$sn}', '{$un}', '{$pw}')";
$result = mysqli_query($db, $query);
if (!$result) {
die("Databse access failed" . mysqli_error($db));
}
}
break;
case 'show_add_user':
include '/view/add_user.php';
break;
case 'add_user':
$EId = $_POST['EId'];
$DoB = $_POST['DoB'];
$Name = $_POST['Name'];
$Sex = $_POST['Sex'];
$Address = $_POST['Address'];
$Email = $_POST['Email'];
$Distance = $_POST['Distance'];
$BSSalary = $_POST['BSSalary'];
$PoF = $_POST['PoF'];
$pwd = sha1($EId . $_POST['pwd']);
add_user($EId, $DoB, $Name, $Sex, $Email, $Distance, $BSSalary, $PoF, $pwd);
include '/view/add_user.php';
break;
case 'add_department':
$Name = $_POST['Name'];
$Info = $_POST['Info'];
add_department($Name, $Info);
include 'view/department.php';
break;
case 'delete_department':
delete_department($_POST['DId']);
include 'view/department.php';
break;
case 'show_project':
include 'view/project.php';
break;
<?php
include "init.php";
//ROOT_URL./api.php?app=begin & account=douban
switch ($_GET['app']) {
case "begin":
$douban = new DoubanOAuth($douban_consumer_key, $douban_consumer_secret);
$tok = $douban->getRequestToken();
$url = $douban->getAuthorizeURL($tok['oauth_token']) . "&oauth_callback=";
//$url .= $_SEVERAL[PHP_SELF]."?request_token=".$tok['oauth_token']."&request_token_secret=".$tok['oauth_token_secret'];
$arr = array_merge($tok, array("url" => $url));
$out = json_encode($arr);
echo $out;
break;
case "access":
$tok = $_GET["request_token"];
$tok_s = $_GET["request_token_secret"];
$douban = new DoubanOAuth($douban_consumer_key, $douban_consumer_secret, $tok, $tok_s);
$access = $douban->getAccessToken();
$out = json_encode($access);
if (!check_user("douban", $access['douban_user_id'])) {
add_user("douban", $access['douban_user_id']);
}
echo $out;
break;
}
exit;
protected function syncUserToFA($ldap, $username, $password, $primaryGroup)
{
// FIXME: these should probably be fetched from the configuration variables
// default user settings for LDAP-based users
$language = 'en_GB';
$profile = '';
$rep_popup = '1';
$pos = '1';
$isActive = '1';
$userArray = '';
// settings available from LDAP
$uid = $ldap->getAttribute('uid');
$name = $ldap->getAttribute('sn') . " " . $ldap->getAttribute('givenname');
$mobilephone = $ldap->getAttribute('mobile');
$email = $ldap->getAttribute('mail');
// connect to FA database
set_global_connection();
// get role ID from primary group
$map = $this->getConfigValue('group_role_map');
$userRole = $map[$primaryGroup];
// FIXME: should error if empty
$sql = "SELECT id FROM " . TB_PREF . "security_roles WHERE role = " . db_escape($userRole);
$query = db_query($sql, "could not get user role for {$userRole}");
$ret = db_fetch($query);
// FIXME: should error if empty
$role_id = $ret[0];
// check for existing user in FA
$user = get_user_by_login($username);
// if user exists
if ($user) {
// update FA user from LDAP
$dbid = $user[0];
// FIXME: LDAP attribute IDs could be supplied in config for site-specific LDAP compatibility
update_user($dbid, $uid, $name, $mobilephone, $email, $role_id, $language, $profile, $rep_popup, $pos);
// FIXME: update password hash? what about re-auth requests?
// else
} else {
// prepare to create FA user from LDAP
// FIXME: LDAP attribute IDs could be supplied in config for site-specific LDAP compatibility
add_user($uid, $name, md5($password), $mobilephone, $email, $role_id, $language, $profile, $rep_popup, $pos);
// endif
}
}
$date_of_birth = $validation_signup[DOB][VALUE];
$validation_signup[DOB][IS_VALID] = 1 === preg_match('/[0-9]{4}-[0-9]{2}-[0-9]{2}/', $date_of_birth);
$validation_signup[DOB][ERR_MSG] = $validation_signup[DOB][IS_VALID] ? VAL_MSG : ERR_MSG;
$isFormValid = true;
foreach ($validation_signup as $field) {
if (!$field[IS_VALID]) {
$isFormValid = false;
break;
}
}
if ($isFormValid) {
require_once '_addresses.php';
require_once '_user.php';
$add_id = add_address($street_num, $street, $city, $province, $postal_code);
// var_dump($add_id);
add_user($add_id, $first_name, $last_name, $email, $pass);
$_SESSION[FIRST_NAME] = $first_name;
$_SESSION[U_ID] = add_user($add_id, $first_name, $last_name, $email, $pass);
header('Location: index.php');
}
}
/*if ($isFormValid) {
echo 'le formulaire est valide';
} else {
echo 'FORMULAIRE INCORRECT!!!';
}
var_dump($validation_signup);
echo '******************************';
var_dump($_POST);*/
//var_dump($_POST);
if (isset($_REQUEST['password1']) && $_REQUEST['alias'] == ZBX_GUEST_USER && !zbx_empty($_REQUEST['password1'])) {
show_error_message(S_FOR_GUEST_PASSWORD_MUST_BE_EMPTY);
} else {
if (isset($_REQUEST['password1']) && $_REQUEST['alias'] != ZBX_GUEST_USER && zbx_empty($_REQUEST['password1'])) {
show_error_message(S_PASSWORD_SHOULD_NOT_BE_EMPTY);
} else {
if (isset($_REQUEST['userid'])) {
$action = AUDIT_ACTION_UPDATE;
DBstart();
$result = update_user($_REQUEST['userid'], $_REQUEST['name'], $_REQUEST['surname'], $_REQUEST['alias'], $_REQUEST['password1'], $_REQUEST['url'], get_request('autologin', 0), get_request('autologout', 0), $_REQUEST['lang'], $_REQUEST['theme'], $_REQUEST['refresh'], $_REQUEST['user_type'], $user_groups, $user_medias);
$result = DBend($result);
show_messages($result, S_USER_UPDATED, S_CANNOT_UPDATE_USER);
} else {
$action = AUDIT_ACTION_ADD;
DBstart();
$result = add_user($_REQUEST['name'], $_REQUEST['surname'], $_REQUEST['alias'], $_REQUEST['password1'], $_REQUEST['url'], get_request('autologin', 0), get_request('autologout', 0), $_REQUEST['lang'], $_REQUEST['theme'], $_REQUEST['refresh'], $_REQUEST['user_type'], $user_groups, $user_medias);
$result = DBend($result);
show_messages($result, S_USER_ADDED, S_CANNOT_ADD_USER);
}
if ($result) {
add_audit($action, AUDIT_RESOURCE_USER, 'User alias [' . $_REQUEST['alias'] . '] name [' . $_REQUEST['name'] . '] surname [' . $_REQUEST['surname'] . ']');
unset($_REQUEST['form']);
}
}
}
}
} else {
if (isset($_REQUEST['del_user_media'])) {
$user_medias_to_del = get_request('user_medias_to_del', array());
foreach ($user_medias_to_del as $mediaid) {
if (isset($_REQUEST['user_medias'][$mediaid])) {
require_once('recaptchalib.php');
$privatekey = "6Ld7MQcAAAAAABVrkgntR-suieZdkTl2iuO915qZ";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid)
{
$errors[] = "The reCAPTCHA wasn't entered correctly. (reCAPTCHA said: " . $resp->error . ")";
}
*/
if (email_in_use($_POST['email'])) {
$errors[] = 'That email address is already in use.';
}
if (!inError()) {
if (!add_user($_POST['email'], $_POST['password1'], $_POST['firstname'], $_POST['lastname'], true)) {
$errors[] = 'There was a database error.';
} else {
echo "<p>User added successfully!";
$validation_key = get_validation_key($_POST['email']);
// User successfully created!
$emailMessage = "Hi " . $_POST['firstname'] . ",\n\t\t\nWelcome to GovDialogue. Validate your account here: http://govdialogue.com/govit/validate.php?v={$validation_key}\n\nThanks,\nGovit\n";
// Send email confirmation
if (mail($_POST['email'], "Welcome to GovDialogue", $emailMessage, "From: GovDialogue <*****@*****.**>")) {
?>
Thanks! You should get an email at <strong><?php
echo $_POST['email'];
?>
</strong> with a confirmation link. Once you verify your email address, you'll be able to post.
}
if (isset($_POST['pass'])) {
$password = sanitizeString($_POST['pass']);
}
//set validation variable
$fail = validate_username($username);
$fail .= validate_password($password);
$fail .= check_user($username);
//validate received post data
if ($fail == "") {
//enter the posted fields(username,password) into a database,using hash encryption for the password.
$salt1 = "qm&h*";
$salt2 = "pg!@";
$token = hash('ripemd128', "{$salt1}{$password}{$salt2}");
$score = '';
add_user($connection, $username, $token, $score);
$fail = "Signed up successfully";
}
//validate username
function validate_username($field)
{
if ($field == "") {
return "No Username was entered<br>";
} else {
if (strlen($field) < 5) {
return "Usernames must be at least 5 characters<br>";
} else {
if (preg_match("/[^a-zA-Z0-9_-]/", $field)) {
return "Only letters, numbers, - and _ in usernames<br>";
}
}
_e('There are no valid users selected for deletion.');
?>
</p>
<?php
}
?>
</div>
</form>
<?php
break;
case 'adduser':
check_admin_referer('add-user');
if (!current_user_can('create_users')) {
wp_die(__('You can’t create users.'));
}
$user_id = add_user();
$update = 'add';
if (is_wp_error($user_id)) {
$add_user_errors = $user_id;
} else {
$new_user_login = apply_filters('pre_user_login', sanitize_user(stripslashes($_POST['user_login']), true));
$redirect = add_query_arg(array('usersearch' => urlencode($new_user_login), 'update' => $update), $redirect);
wp_redirect($redirect . '#user-' . $user_id);
die;
}
default:
wp_enqueue_script('admin-users');
include 'admin-header.php';
// Query the users
$wp_user_search = new WP_User_Search($_GET['usersearch'], $_GET['userspage']);
// Make the user objects
<?php
include 'config.php';
/** Switch Case to Get Action from controller **/
switch ($_GET['action']) {
case 'add_user':
add_user();
break;
case 'get_users':
get_users();
break;
case 'edit_user':
edit_user();
break;
case 'delete_user':
delete_user();
break;
case 'update_user':
update_user();
break;
}
/** Function to Add User **/
function add_user()
{
$data = json_decode(file_get_contents("php://input"));
// print_r($data);
$full_name = $data->full_name;
$addr_first = $data->addr_first;
$addr_second = $data->addr_second;
$addr_third = $data->addr_third;
$postcode = $data->postcode;
if ($connection->connect_error) {
die($connection->connect_error);
}
$query = "CREATE TABLE users (\n forename VARCHAR(32) NOT NULL,\n surname VARCHAR(32) NOT NULL,\n username VARCHAR(32) NOT NULL UNIQUE,\n password VARCHAR(32) NOT NULL\n )";
$result = $connection->query($query);
if (!$result) {
die($connection->error);
}
$salt1 = "qm&h*";
$salt2 = "pg!@";
$forename = 'Bill';
$surname = 'Smith';
$username = '******';
$password = '******';
$token = hash('ripemd128', "{$salt1}{$password}{$salt2}");
add_user($forename, $surname, $username, $token);
$forename = 'Pauline';
$surname = 'Jones';
$username = '******';
$password = '******';
$token = hash('ripemd128', "{$salt1}{$password}{$salt2}");
add_user($forename, $surname, $username, $token);
function add_user($fn, $sn, $un, $pw)
{
global $connection;
$query = "INSERT INTO users VALUES('{$fn}', '{$sn}', '{$un}', '{$pw}')";
$result = $connection->query($query);
if (!$result) {
die($connection->error);
}
}
