function perform_operation($op) { if ($op == 'login') { validate_user($_POST["useremail"], $_POST["userpassword"]); } else { if ($op == 'getyaks') { get_yaks($_POST["longitude"], $_POST["latitude"]); } else { if ($op == 'post_yak') { post_yak($_POST["postedyak"], $_POST["latitude"], $_POST["longitude"]); } else { if ($op == 'banned_user') { banned_user($_POST["useremail"]); } else { if ($op == 'add_user') { add_user($_POST["useremail"], $_POST["userpassword"]); } else { if ($op == 'send_email') { send_email($_POST["email"]); } else { if ($op == 'getHot_yaks') { getHot_yaks(); } else { if ($op == 'getCold_yaks') { getCold_yaks(); } else { if ($op == 'upvote') { upvote($_POST["id"]); } else { if ($op == 'downvote') { downvote($_POST["id"]); } } } } } } } } } } }
function attempt_register($username, $password1, $password2) { $pass1 = trim($password1); $pass2 = trim($password2); if ($username != "" && $pass1 != "" && $pass2 != "") { $user = find_username($username); if (!$user) { if ($pass1 === $pass2) { $encryptedPass = password_encrypt($pass1); add_user($username, $encryptedPass); return true; } else { echo "<div id=\"error\">"; echo "passwords do not match"; echo "</div>"; } } else { echo "<div id=\"error\">"; echo " this user name has been taken"; echo "</div>"; } } else { echo "<div id=\"error\">"; echo "please enter all feilds"; echo "</div>"; } }
public static function setUpBeforeClass() { global $fossology_testconfig; global $scheduler_path; global $cp2foss_path; global $PG_CONN; $fossology_testconfig = getenv('FOSSOLOGY_TESTCONFIG'); /** set default config dir as /etc/fossology/ */ if (empty($fossology_testconfig)) { $fossology_testconfig = "/usr/local/etc/fossology/"; } fwrite(STDOUT, __METHOD__ . " got fossology_testconfig = '{$fossology_testconfig}'\n"); $cp2foss_path = "cp2foss"; /* locate the scheduler binary */ $scheduler_path = $fossology_testconfig . "/mods-enabled/scheduler/agent/fo_scheduler"; if (!is_executable($scheduler_path)) { print "Error: Scheduler path '{$scheduler_path}' is not executable!\n"; exit(1); } /* invoke the scheduler */ $scheduler_cmd = "{$scheduler_path} --daemon --reset --verbose=952 -c {$fossology_testconfig}"; print "DEBUG: Starting scheduler with '{$scheduler_cmd}'\n"; exec($scheduler_cmd, $output, $return_var); //print_r($output); if ($return_var != 0) { print "Error: Could not start scheduler '{$scheduler_path}'\n"; print "{$output}\n"; exit(1); } $PG_CONN = connect_to_DB($fossology_testconfig); // connect db add_user("fossy", "fossy"); // add account fossy/fossy print "\nStarting functional test for cp2foss. \n"; }
function olpay_end($numcode) { global $db, $pre, $webdb, $banktype, $pay_code, $lfjuid; $pay_code = str_replace('QIBO', '=', $pay_code); //这个符号“=”容易出问题 if (!$pay_code) { showerr("数据有误!!"); } list($type, $atc_moeny, $atc_numcode, $mid, $shopmoney) = explode("\t", mymd5($pay_code, 'DE')); if ($atc_numcode != intval($numcode)) { showerr("数据被修改过!!"); } //主要是针对支付宝不能单纯一位数字的问题,inc/olpay/alipay.php,文件中做了修改 $numcode = str_replace("code", "", $numcode); //万能表单订单 if ($type == 'form') { $rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `formid`='{$mid}'"); //商城订单 } elseif ($type == 'module') { $rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `moduleid`='{$mid}'"); $db->query("UPDATE {$pre}shoporderuser SET ifpay='1' WHERE id='{$atc_numcode}'"); //奖励积分 if ($shopmoney) { add_user($lfjuid, $shopmoney, '购买商品得分'); } } if (!$rt) { showerr('系统中没有您的订单,无法完成支付!'); } if ($rt['ifpay'] == 1) { showerr('该订单已经支付成功!'); } $db->query("UPDATE {$pre}olpay SET ifpay='1' WHERE id='{$rt['id']}'"); refreshto("{$webdb['www_url']}/", "恭喜你支付成功", 60); }
function try_add_user($login, $pass, $pass2, $realname, $session, $is_admin, $antispam) { $return_val = false; // Help prevent robot registrations if (!check_antispam($antispam)) { display_error("Invalid security code"); } else { if ($session != md5(session_id() . $_SERVER['REMOTE_ADDR'])) { display_error("Invalid session."); } else { if ($pass != $pass2) { display_warning("Password mismatch"); } else { if ($realname == '' || $pass == '' || $pass2 == '' || $login == '') { display_warning("Please fill out all fields"); } else { if (get_user_id($login) > 0) { display_error("The user <strong>{$login}</strong> already exists."); } else { add_user($login, $realname, $pass, $is_admin); $return_val = display_success("<strong>{$login}</strong> has been successfully created"); } } } } } return $return_val; }
function user_add() { $code = _post('code'); if ($_SESSION['code'] == $code) { if (add_user(trim(@mysql_real_escape_string(_post('username'))), @mysql_real_escape_string(_post('email')), md5(@mysql_real_escape_string(_post('password'))), '') > 0) { return ajax_echo('注册成功'); } } else { return ajax_echo('验证码错误'); } }
public function setUp() { $this->genre = "Bouncing"; $this->the_title = "My First DVD Title"; add_genre($this->genre, "A description of {$genre}"); $values = array($this->the_title, "2005", "Bob Jangles", "18", $this->genre); add_dvd($values); $this->testusername = "******"; $this->testpassword = "******"; add_user($this->testusername, $this->testpassword); // store in object so we can use them later on. }
function olpay_end($numcode) { global $db, $pre, $webdb, $banktype; $rt = $db->get_one("SELECT * FROM {$pre}olpay WHERE numcode='{$numcode}' AND `paytype`=1"); if (!$rt) { showerr('系统中没有您的充值订单,无法完成充值!'); } if ($rt['ifpay'] == 1) { showerr('该订单已经充值成功!'); } $db->query("UPDATE {$pre}olpay SET ifpay='1' WHERE id='{$rt['id']}'"); $num = $rt[money] * $webdb[alipay_scale]; add_user($rt[uid], $num, '在线充值'); refreshto("{$webdb['www_url']}/", "恭喜你充值成功", 10); }
function do_wefact_auth($u, $p) { $wefact = new WeFactApi(); $r = $wefact->sendRequest('debtor', 'show', array('DebtorCode' => $u)); if (isset($r['status']) && $r['status'] == 'success') { $r = $wefact->sendRequest('debtor', 'checklogin', array('Username' => $u, 'Password' => $p)); if (isset($r['status']) && $r['status'] == 'success') { if (get_user_info($u) == FALSE) { add_user($u); } return TRUE; } return FALSE; } else { return -1; } }
function get_allInfo($value, $type = 'id') { global $webdb; $array1 = $this->get_passport($value, $type); if (!$array1) { return; } $array2 = $this->get_info($value, $type); if ($array2) { $array1 = $array2 + $array1; } else { $array = array('uid' => $array1[uid], 'username' => $array1[username], 'email' => $array1[email], 'yz' => $webdb[RegYz]); $this->register_data($array); add_user($array1[uid], $webdb[regmoney], '注册得分'); $array1[yz] = $webdb[RegYz]; } return $array1; }
/** * Tests the controller function that expects slashed data * */ function test_add_user() { $_POST = $_GET = $_REQUEST = array(); $_POST['user_login'] = '******'; $_POST['pass1'] = 'password'; $_POST['pass2'] = 'password'; $_POST['role'] = 'subscriber'; $_POST['email'] = '*****@*****.**'; $_POST['first_name'] = $this->slash_1; $_POST['last_name'] = $this->slash_3; $_POST['nickname'] = $this->slash_5; $_POST['display_name'] = $this->slash_7; $_POST['description'] = $this->slash_3; $_POST = add_magic_quotes($_POST); // the edit_post() function will strip slashes $id = add_user(); $user = get_user_to_edit($id); $this->assertEquals($this->slash_1, $user->first_name); $this->assertEquals($this->slash_3, $user->last_name); $this->assertEquals($this->slash_5, $user->nickname); $this->assertEquals($this->slash_7, $user->display_name); $this->assertEquals($this->slash_3, $user->description); $_POST = $_GET = $_REQUEST = array(); $_POST['user_login'] = '******'; $_POST['pass1'] = 'password'; $_POST['pass2'] = 'password'; $_POST['role'] = 'subscriber'; $_POST['email'] = '*****@*****.**'; $_POST['first_name'] = $this->slash_2; $_POST['last_name'] = $this->slash_4; $_POST['nickname'] = $this->slash_6; $_POST['display_name'] = $this->slash_2; $_POST['description'] = $this->slash_4; $_POST = add_magic_quotes($_POST); // the edit_post() function will strip slashes $id = add_user(); $user = get_user_to_edit($id); $this->assertEquals($this->slash_2, $user->first_name); $this->assertEquals($this->slash_4, $user->last_name); $this->assertEquals($this->slash_6, $user->nickname); $this->assertEquals($this->slash_2, $user->display_name); $this->assertEquals($this->slash_4, $user->description); }
function get_content($page) { if (!isset($page)) { $page = ""; } switch ($page) { case 'add_user': add_user(); break; case 'get_fed_balance': get_fed_balance(); break; case 'change_fed_pin': change_fed_pin(); break; case 'change_fed_password': change_fed_password(); break; case 'transfer_to_bank': transfer_to_bank(); break; case 'transfer_internal_funds': transfer_internal_funds(); break; case 'view_account_funds': view_account_funds(); break; case 'view_transactions': view_transactions(); break; case 'pay_bill': pay_bill(); break; case 'change_local_password': change_local_password(); break; case 'change_page': change_page(); break; default: echo "Please Select Choice."; } }
function register($username, $password, $confirm) { if (empty($username)) { return error_message(E_REGISTER, E_NO_USERNAME); } if (empty($password)) { return error_message(E_REGISTER, E_NO_PASSWORD); } if (empty($confirm)) { return error_message(E_REGISTER, E_NO_CONFIRM); } if ($password !== $confirm) { return error_message(E_REGISTER, 'Mismatch'); } // $user = look_up_key_value($username, USER_ACCOUNT_FILE); $user = lookup_user($username); if (!empty($user)) { return error_message(E_REGISTER, E_ACCOUNT_EXISTS); } // add_key_value($username, [$username, password_hash($password, PASSWORD_DEFAULT)], USER_ACCOUNT_FILE); add_user($username, password_hash($password, PASSWORD_DEFAULT)); set_user($username); return ''; }
public function proceed() { if (Input::get('currStep') == "1") { $lang = Input::get('language'); Config::set('app.locale', $lang); $this->data['currStep'] = "2"; } if (Input::get('currStep') == "2") { $title = isset($_POST['title']) ? $_POST['title'] : 'Shopvel'; $username = $_POST['username']; $password = $_POST['password']; $password2 = $_POST['password2']; $email = $_POST['email']; $url = $_POST['url']; $this->data['currStep'] = "3"; if (empty($username) || empty($password) || empty($email) || $password !== $password2) { if (empty($username) || empty($password) || empty($email)) { $this->data['installErrors'][] = "Please fill in all required(*) fields."; } if ($password !== $password2) { $this->data['installErrors'][] = "Password fields are not identical."; } $this->data['currStep'] = "2"; } else { add_user($username, $email, $password, 'admin', '', 1); add_option('sitename', $title); add_option('sitedescription', ''); add_option('adminurl', $url); add_option('theme', 'default'); add_option('loginurl', 'login'); add_option('registerurl', 'register'); $this->data['currStep'] = "3"; } } return View::make('install', $this->data); }
if (isset($_POST['submit'])) { // did they fall for the honeypot? if ($_POST['username']) { $error = "bot."; } else { load_hook('registration_check'); if (!$error) { // If they want to validate age then ok! if ($config['age_validation']) { // Age conversion $age = "{$_POST['month']}/{$_POST['day']}/{$_POST['year']}"; } else { $age = false; } // The results $result = add_user($_POST['blatent'], $_POST['password'], $_POST['pagain'], $_POST['email'], $age); // Check the results? if (is_string($result)) { // String is instant error. $error = $result; } else { if ($result === false) { $error = lang('error_unknown'); } else { if (is_numeric($result)) { switch ($result) { case 1: header('location: index.php'); break; case 904: $success = lang_parse('success_reg_email_msg', array($_POST['email']));
$initial_group_id = $forum_config['o_regs_verify'] == '0' ? $forum_config['o_default_user_group'] : FORUM_UNVERIFIED; } $salt = random_key(12); $password_hash = forum_hash($password1, $salt); // Validate timezone and DST $timezone = isset($_POST['timezone']) ? floatval($_POST['timezone']) : $forum_config['o_default_timezone']; // Validate timezone — on error use default value if ($timezone > 14.0 || $timezone < -12.0) { $timezone = $forum_config['o_default_timezone']; } // DST $dst = isset($_POST['dst']) && intval($_POST['dst']) === 1 ? 1 : $forum_config['o_default_dst']; // Insert the new user into the database. We do this now to get the last inserted id for later use. $user_info = array('username' => $username, 'pubkey' => $pubkey, 'btcaddress' => $btcaddress, 'invitedBy' => $username2, 'group_id' => $initial_group_id, 'salt' => $salt, 'password' => $password1, 'password_hash' => $password_hash, 'email' => $email1, 'email_setting' => $forum_config['o_default_email_setting'], 'timezone' => $timezone, 'dst' => $dst, 'language' => $language, 'style' => $forum_config['o_default_style'], 'registered' => time(), 'registration_ip' => get_remote_address(), 'activate_key' => $forum_config['o_regs_verify'] == '1' ? '\'' . random_key(8, true) . '\'' : 'NULL', 'require_verification' => $forum_config['o_regs_verify'] == '1', 'notify_admins' => $forum_config['o_regs_report'] == '1'); ($hook = get_hook('rg_register_pre_add_user')) ? eval($hook) : null; add_user($user_info, $new_uid); // If we previously found out that the e-mail was banned if ($banned_email && $forum_config['o_mailing_list'] != '') { $mail_subject = 'Alert - Banned e-mail detected'; $mail_message = 'User \'' . $username . '\' registered with banned e-mail address: ' . $email1 . "\n\n" . 'User profile: ' . forum_link($forum_url['user'], $new_uid) . "\n\n" . '-- ' . "\n" . 'Forum Mailer' . "\n" . '(Do not reply to this message)'; ($hook = get_hook('rg_register_banned_email')) ? eval($hook) : null; forum_mail($forum_config['o_mailing_list'], $mail_subject, $mail_message); } // If we previously found out that the e-mail was a dupe if (!empty($dupe_list) && $forum_config['o_mailing_list'] != '') { $mail_subject = 'Alert - Duplicate e-mail detected'; $mail_message = 'User \'' . $username . '\' registered with an e-mail address that also belongs to: ' . implode(', ', $dupe_list) . "\n\n" . 'User profile: ' . forum_link($forum_url['user'], $new_uid) . "\n\n" . '-- ' . "\n" . 'Forum Mailer' . "\n" . '(Do not reply to this message)'; ($hook = get_hook('rg_register_dupe_email')) ? eval($hook) : null; forum_mail($forum_config['o_mailing_list'], $mail_subject, $mail_message); } ($hook = get_hook('rg_register_pre_login_redirect')) ? eval($hook) : null;
if ($user_type != $LIS_CLERK) { if ($_REQUEST['showpname'] == 1) { $user_type = $LIS_TECH_SHOWPNAME; } } $user = new User(); $user->username = $username; $user->password = $password; $user->level = $user_type; $user->actualName = $fullname; $user->labConfigId = $lab_config_id; $user->email = $email; $user->phone = $phone; $user->createdBy = $_SESSION['user_id']; $user->langId = $lang_id; add_user($user); ?> <table cellspacing="20px"> <tr> <td> <?php echo LangUtil::$generalTerms['MSG_ACC_ADDED'] . "<br>"; echo LangUtil::$generalTerms['USERNAME'] . ": " . $user->username; echo "<br>"; echo LangUtil::$generalTerms['PWD_TEMP'] . ": " . $user->password; ?> </td> </tr> </table> <?php SessionUtil::restore($saved_session);
<?php if (!function_exists('html')) { die('F'); } if (!$lfjuid) { showerr('请先登录'); } $_erp = $Fid_db[tableid][$fid]; $rs = $db->get_one("SELECT * FROM {$_pre}content{$_erp} WHERE id='{$id}'"); if ($rs[uid] != $lfjuid && !$web_admin) { showerr('你没权限'); } $list = $timestamp + 3600 * 24 * $webdb[Info_TopDay]; if (!$web_admin) { $lfjdb[money] = intval(get_money($lfjuid)); if ($lfjdb[money] < $webdb[Info_TopMoney]) { showerr("你的积分不足:{$webdb['Info_TopMoney']},不能选择置顶"); } add_user($lfjuid, -intval($webdb[Info_TopMoney]), '置顶扣分'); } $db->query("UPDATE {$_pre}content{$_erp} SET list='{$list}' WHERE id='{$id}'"); refreshto("{$FROMURL}", "置顶成功", 1);
$new_passwd = $_POST['ajax_newpasswd']; } update_user($uid, $new_passwd, $fname, $lname, $email, $active); break; // the caller wishes to add a new // user to the db // the caller wishes to add a new // user to the db case "add_user": $uname = $_POST['ajax_uname']; $passwd = $_POST['ajax_passwd']; $fname = $_POST['ajax_fname']; $lname = $_POST['ajax_lname']; $email = $_POST['ajax_email']; $active = $_POST['ajax_active']; add_user($uname, $passwd, $fname, $lname, $email, $active); // regenerate the user list // and send back the new list // as xml get_user_list($user_list); $xml = generate_object_list_xml($user_list, ""); echo $xml; break; } } } /// /// get_user_list() /// get the user list from the /// database ///
if (!$db_server) { die("Unable to connect to MySQL: " . mysql_error()); } mysqli_select_db($db_server, $db_database) or die("Unable to select database: " . mysql_error()); $query = "CREATE TABLE users (\n\t\t\tforename VARCHAR(32) NOT NULL, \n\t\t\tsurname VARCHAR(32) NOT NULL, \n\t\t\tusername VARCHAR(32) NOT NULL UNIQUE, \n\t\t\tpassword VARCHAR(32) NOT NULL \n\t)"; $result = mysqli_query($db_server, $query); if (!$result) { die("Database access failed: " . mysqli_error($db_server)); } $salt1 = "z0on!"; $salt2 = "&!h*"; $forename = 'Bill'; $surname = 'Smith'; $username = '******'; $password = '******'; $token = md5("{$salt1}{$password}{$salt2}"); add_user($db_server, $forename, $surname, $username, $token); $forename = 'Pauline'; $surname = 'Jones'; $username = '******'; $password = '******'; $token = md5("{$salt1}{$password}{$salt2}"); add_user($db_server, $forename, $surname, $username, $token); function add_user($db, $fn, $sn, $un, $pw) { $query = "INSERT INTO users VALUES('{$fn}', '{$sn}', '{$un}', '{$pw}')"; $result = mysqli_query($db, $query); if (!$result) { die("Databse access failed" . mysqli_error($db)); } }
break; case 'show_add_user': include '/view/add_user.php'; break; case 'add_user': $EId = $_POST['EId']; $DoB = $_POST['DoB']; $Name = $_POST['Name']; $Sex = $_POST['Sex']; $Address = $_POST['Address']; $Email = $_POST['Email']; $Distance = $_POST['Distance']; $BSSalary = $_POST['BSSalary']; $PoF = $_POST['PoF']; $pwd = sha1($EId . $_POST['pwd']); add_user($EId, $DoB, $Name, $Sex, $Email, $Distance, $BSSalary, $PoF, $pwd); include '/view/add_user.php'; break; case 'add_department': $Name = $_POST['Name']; $Info = $_POST['Info']; add_department($Name, $Info); include 'view/department.php'; break; case 'delete_department': delete_department($_POST['DId']); include 'view/department.php'; break; case 'show_project': include 'view/project.php'; break;
<?php include "init.php"; //ROOT_URL./api.php?app=begin & account=douban switch ($_GET['app']) { case "begin": $douban = new DoubanOAuth($douban_consumer_key, $douban_consumer_secret); $tok = $douban->getRequestToken(); $url = $douban->getAuthorizeURL($tok['oauth_token']) . "&oauth_callback="; //$url .= $_SEVERAL[PHP_SELF]."?request_token=".$tok['oauth_token']."&request_token_secret=".$tok['oauth_token_secret']; $arr = array_merge($tok, array("url" => $url)); $out = json_encode($arr); echo $out; break; case "access": $tok = $_GET["request_token"]; $tok_s = $_GET["request_token_secret"]; $douban = new DoubanOAuth($douban_consumer_key, $douban_consumer_secret, $tok, $tok_s); $access = $douban->getAccessToken(); $out = json_encode($access); if (!check_user("douban", $access['douban_user_id'])) { add_user("douban", $access['douban_user_id']); } echo $out; break; } exit;
protected function syncUserToFA($ldap, $username, $password, $primaryGroup) { // FIXME: these should probably be fetched from the configuration variables // default user settings for LDAP-based users $language = 'en_GB'; $profile = ''; $rep_popup = '1'; $pos = '1'; $isActive = '1'; $userArray = ''; // settings available from LDAP $uid = $ldap->getAttribute('uid'); $name = $ldap->getAttribute('sn') . " " . $ldap->getAttribute('givenname'); $mobilephone = $ldap->getAttribute('mobile'); $email = $ldap->getAttribute('mail'); // connect to FA database set_global_connection(); // get role ID from primary group $map = $this->getConfigValue('group_role_map'); $userRole = $map[$primaryGroup]; // FIXME: should error if empty $sql = "SELECT id FROM " . TB_PREF . "security_roles WHERE role = " . db_escape($userRole); $query = db_query($sql, "could not get user role for {$userRole}"); $ret = db_fetch($query); // FIXME: should error if empty $role_id = $ret[0]; // check for existing user in FA $user = get_user_by_login($username); // if user exists if ($user) { // update FA user from LDAP $dbid = $user[0]; // FIXME: LDAP attribute IDs could be supplied in config for site-specific LDAP compatibility update_user($dbid, $uid, $name, $mobilephone, $email, $role_id, $language, $profile, $rep_popup, $pos); // FIXME: update password hash? what about re-auth requests? // else } else { // prepare to create FA user from LDAP // FIXME: LDAP attribute IDs could be supplied in config for site-specific LDAP compatibility add_user($uid, $name, md5($password), $mobilephone, $email, $role_id, $language, $profile, $rep_popup, $pos); // endif } }
$date_of_birth = $validation_signup[DOB][VALUE]; $validation_signup[DOB][IS_VALID] = 1 === preg_match('/[0-9]{4}-[0-9]{2}-[0-9]{2}/', $date_of_birth); $validation_signup[DOB][ERR_MSG] = $validation_signup[DOB][IS_VALID] ? VAL_MSG : ERR_MSG; $isFormValid = true; foreach ($validation_signup as $field) { if (!$field[IS_VALID]) { $isFormValid = false; break; } } if ($isFormValid) { require_once '_addresses.php'; require_once '_user.php'; $add_id = add_address($street_num, $street, $city, $province, $postal_code); // var_dump($add_id); add_user($add_id, $first_name, $last_name, $email, $pass); $_SESSION[FIRST_NAME] = $first_name; $_SESSION[U_ID] = add_user($add_id, $first_name, $last_name, $email, $pass); header('Location: index.php'); } } /*if ($isFormValid) { echo 'le formulaire est valide'; } else { echo 'FORMULAIRE INCORRECT!!!'; } var_dump($validation_signup); echo '******************************'; var_dump($_POST);*/ //var_dump($_POST);
if (isset($_REQUEST['password1']) && $_REQUEST['alias'] == ZBX_GUEST_USER && !zbx_empty($_REQUEST['password1'])) { show_error_message(S_FOR_GUEST_PASSWORD_MUST_BE_EMPTY); } else { if (isset($_REQUEST['password1']) && $_REQUEST['alias'] != ZBX_GUEST_USER && zbx_empty($_REQUEST['password1'])) { show_error_message(S_PASSWORD_SHOULD_NOT_BE_EMPTY); } else { if (isset($_REQUEST['userid'])) { $action = AUDIT_ACTION_UPDATE; DBstart(); $result = update_user($_REQUEST['userid'], $_REQUEST['name'], $_REQUEST['surname'], $_REQUEST['alias'], $_REQUEST['password1'], $_REQUEST['url'], get_request('autologin', 0), get_request('autologout', 0), $_REQUEST['lang'], $_REQUEST['theme'], $_REQUEST['refresh'], $_REQUEST['user_type'], $user_groups, $user_medias); $result = DBend($result); show_messages($result, S_USER_UPDATED, S_CANNOT_UPDATE_USER); } else { $action = AUDIT_ACTION_ADD; DBstart(); $result = add_user($_REQUEST['name'], $_REQUEST['surname'], $_REQUEST['alias'], $_REQUEST['password1'], $_REQUEST['url'], get_request('autologin', 0), get_request('autologout', 0), $_REQUEST['lang'], $_REQUEST['theme'], $_REQUEST['refresh'], $_REQUEST['user_type'], $user_groups, $user_medias); $result = DBend($result); show_messages($result, S_USER_ADDED, S_CANNOT_ADD_USER); } if ($result) { add_audit($action, AUDIT_RESOURCE_USER, 'User alias [' . $_REQUEST['alias'] . '] name [' . $_REQUEST['name'] . '] surname [' . $_REQUEST['surname'] . ']'); unset($_REQUEST['form']); } } } } } else { if (isset($_REQUEST['del_user_media'])) { $user_medias_to_del = get_request('user_medias_to_del', array()); foreach ($user_medias_to_del as $mediaid) { if (isset($_REQUEST['user_medias'][$mediaid])) {
require_once('recaptchalib.php'); $privatekey = "6Ld7MQcAAAAAABVrkgntR-suieZdkTl2iuO915qZ"; $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $errors[] = "The reCAPTCHA wasn't entered correctly. (reCAPTCHA said: " . $resp->error . ")"; } */ if (email_in_use($_POST['email'])) { $errors[] = 'That email address is already in use.'; } if (!inError()) { if (!add_user($_POST['email'], $_POST['password1'], $_POST['firstname'], $_POST['lastname'], true)) { $errors[] = 'There was a database error.'; } else { echo "<p>User added successfully!"; $validation_key = get_validation_key($_POST['email']); // User successfully created! $emailMessage = "Hi " . $_POST['firstname'] . ",\n\t\t\nWelcome to GovDialogue. Validate your account here: http://govdialogue.com/govit/validate.php?v={$validation_key}\n\nThanks,\nGovit\n"; // Send email confirmation if (mail($_POST['email'], "Welcome to GovDialogue", $emailMessage, "From: GovDialogue <*****@*****.**>")) { ?> Thanks! You should get an email at <strong><?php echo $_POST['email']; ?> </strong> with a confirmation link. Once you verify your email address, you'll be able to post.
} if (isset($_POST['pass'])) { $password = sanitizeString($_POST['pass']); } //set validation variable $fail = validate_username($username); $fail .= validate_password($password); $fail .= check_user($username); //validate received post data if ($fail == "") { //enter the posted fields(username,password) into a database,using hash encryption for the password. $salt1 = "qm&h*"; $salt2 = "pg!@"; $token = hash('ripemd128', "{$salt1}{$password}{$salt2}"); $score = ''; add_user($connection, $username, $token, $score); $fail = "Signed up successfully"; } //validate username function validate_username($field) { if ($field == "") { return "No Username was entered<br>"; } else { if (strlen($field) < 5) { return "Usernames must be at least 5 characters<br>"; } else { if (preg_match("/[^a-zA-Z0-9_-]/", $field)) { return "Only letters, numbers, - and _ in usernames<br>"; } }
_e('There are no valid users selected for deletion.'); ?> </p> <?php } ?> </div> </form> <?php break; case 'adduser': check_admin_referer('add-user'); if (!current_user_can('create_users')) { wp_die(__('You can’t create users.')); } $user_id = add_user(); $update = 'add'; if (is_wp_error($user_id)) { $add_user_errors = $user_id; } else { $new_user_login = apply_filters('pre_user_login', sanitize_user(stripslashes($_POST['user_login']), true)); $redirect = add_query_arg(array('usersearch' => urlencode($new_user_login), 'update' => $update), $redirect); wp_redirect($redirect . '#user-' . $user_id); die; } default: wp_enqueue_script('admin-users'); include 'admin-header.php'; // Query the users $wp_user_search = new WP_User_Search($_GET['usersearch'], $_GET['userspage']); // Make the user objects
<?php include 'config.php'; /** Switch Case to Get Action from controller **/ switch ($_GET['action']) { case 'add_user': add_user(); break; case 'get_users': get_users(); break; case 'edit_user': edit_user(); break; case 'delete_user': delete_user(); break; case 'update_user': update_user(); break; } /** Function to Add User **/ function add_user() { $data = json_decode(file_get_contents("php://input")); // print_r($data); $full_name = $data->full_name; $addr_first = $data->addr_first; $addr_second = $data->addr_second; $addr_third = $data->addr_third; $postcode = $data->postcode;
if ($connection->connect_error) { die($connection->connect_error); } $query = "CREATE TABLE users (\n forename VARCHAR(32) NOT NULL,\n surname VARCHAR(32) NOT NULL,\n username VARCHAR(32) NOT NULL UNIQUE,\n password VARCHAR(32) NOT NULL\n )"; $result = $connection->query($query); if (!$result) { die($connection->error); } $salt1 = "qm&h*"; $salt2 = "pg!@"; $forename = 'Bill'; $surname = 'Smith'; $username = '******'; $password = '******'; $token = hash('ripemd128', "{$salt1}{$password}{$salt2}"); add_user($forename, $surname, $username, $token); $forename = 'Pauline'; $surname = 'Jones'; $username = '******'; $password = '******'; $token = hash('ripemd128', "{$salt1}{$password}{$salt2}"); add_user($forename, $surname, $username, $token); function add_user($fn, $sn, $un, $pw) { global $connection; $query = "INSERT INTO users VALUES('{$fn}', '{$sn}', '{$un}', '{$pw}')"; $result = $connection->query($query); if (!$result) { die($connection->error); } }