function updateProfile($user_id, $user) { $user = validateFixProfile($user); if (is_string($user)) { # error msg return $user; } if (checkPasswordById($user_id, $user["current_password"])) { return INVALID_CURRENT_PASS_ERR; } if ($user["password"] !== "") { $checkPasswords = checkPasswords($user["password"], $user["confirm_password"]); if (is_string($checkPasswords)) { return $checkPasswords; } } else { $user["password"] = $user["current_password"]; } $newEmail = false; if (getFullUserById($user_id)["email"] !== $user["email"]) { # user changed email if (userExists($user["email"]) === true) { return ACCOUNT_ALREADY_EXISTS_ERR . UPDATE_FAIL_ERR; } $newEmail = true; } if (updateUser($user_id, $user) === true) { if ($newEmail === true) { $code = updateCode($user_id); if (is_string($code)) { sendActivationMail($user["email"], $user_id, $code); } } return true; } else { return false; } }
<?php echo "</fieldset>"; } ?> <?php //IF FILL OUT FORM, GRAB INFORMATION if (isset($_POST['formsubmitted'])) { $name = $_POST['name']; $email = $_POST['email']; $pw1 = $_POST['pw1']; $pw2 = $_POST['pw2']; $membership = $_POST['membership']; //echo "name is $name email is $email pw1 is $pw1 and pw2 is $pw2 membership is $membership <br/>"; connectToDB(); checkPasswords($pw1, $pw2); checkEmail($email); //handleform($name, $email, $pw1, $membership); //new stuff if (!strcmp($pw1, $pw2) && checkEmail($email) == 0) { handleform($name, $email, $pw1, $membership); echo "<br/>Thank you for your interest!"; } } ?> <?php function checkPasswords($pw1, $pw2) { if (!strcmp($pw1, $pw2)) { return $pw1;
$registro = !empty($_POST['registro']) ? test_input($_POST['registro']) : NULL; $registro = $registro === 'true' ? true : NULL; $login = !empty($_POST['login']) ? test_input($_POST['login']) : NULL; $login = $login === 'true' ? true : NULL; $logout = !empty($_POST['logout']) ? test_input($_POST['logout']) : NULL; $logout = $logout === 'true' ? true : NULL; $usu_nombre = !empty($_POST['username']) ? test_input($_POST['username']) : NULL; $usu_correo = !empty($_POST['email']) ? test_input($_POST['email']) : NULL; $usu_clave = !empty($_POST['password']) ? test_input($_POST['password']) : NULL; $usu_clavev = !empty($_POST['passwordv']) ? test_input($_POST['passwordv']) : NULL; $usu_rol = !empty($_POST['rol']) ? test_input($_POST['rol']) : NULL; $db = new Database(); if ($registro) { sleep(1.5); if (!empty($usu_nombre) and !empty($usu_correo) and !empty($usu_clave) and !empty($usu_clavev) and !empty($usu_rol)) { checkPasswords($usu_clave, $usu_clavev); if (!empty(test_input($_FILES['picture']['name'])) and is_uploaded_file($_FILES['picture']['tmp_name']) || $_FILES['picture']['error'] === UPLOAD_ERR_OK) { $imageFileType = pathinfo($_FILES['picture']['name'], PATHINFO_EXTENSION); $target_file = $_FILES['picture']['name']; // Check file size if ($_FILES["picture"]["size"] > 6000000) { header('HTTP/1.1 409 Conflict'); echo result_construct('error', 'imagen', 'Lo siento, el archivo recibido es demasiado grande.'); die; } // Check if image file is a actual image or fake image $check = getimagesize($_FILES['picture']['tmp_name']); if ($check === false) { header('HTTP/1.1 409 Conflict'); echo result_construct('error', 'imagen', 'El archivo recibido no es una imagen - ' . $check["mime"] . '.'); die;
$error_login = "******"; $is_error = true; } if (iconv_strlen($password) < 3 || iconv_strlen($password) > 20) { $error_password = "******"; $is_error = true; } if (iconv_strlen($password_r) < 3 || iconv_strlen($password_r) > 20) { $error_password = "******"; $is_error = true; } if (iconv_strlen($email) < 4 || iconv_strlen($email) > 20) { $error_email = "E-mail должен быть от 4-х символов"; $is_error = true; } $check_pass = checkPasswords($password, $password_r); if (!$check_pass) { $error_password = "******"; $is_error = true; } if ($is_error == false) { $ip = $_SERVER["REMOTE_ADDR"]; $date = date('Y-m-d H:i:s'); $group = "Пользователь"; $salt = rand(324546, 679861); $password = md5(md5($password) . md5($salt)); $new_user = new RegUser($login, $password, $salt, $group, $name, $last_name, $email, $ip, $date); if ($new_user->checkLoginReg() == ERROR_CONNECT_DB || $new_user->checkLoginReg($login) == LOGIN_BUSY) { $error_reg = $new_user->checkLoginReg(); } else { if ($new_user->addUser()) {
function verifyData($names, $lengths, $insert) { $result = checkMandatoryFields($names, $lengths); if ($result != "") { return $result; } $result = checkFieldsLength($names, $lengths); if ($result != "") { return $result; } $result = checkSymbols($names, $lengths); if ($result != "") { return $result; } $result = checkAges(); if ($result != "") { return $result; } $result = checkDates(); if ($result != "") { return $result; } $result = checkPasswords(); if ($result != "") { return $result; } }