/** * Function used to validate username * @input USERNAME */ function username_check($username) { global $Cbucket; $banned_words = $Cbucket->configs['disallowed_usernames']; $banned_words = explode(',', $banned_words); foreach ($banned_words as $word) { preg_match("/{$word}/Ui", $username, $match); if (!empty($match[0])) { return false; } } //Checking if its syntax is valid or not $multi = config('allow_unicode_usernames'); //Checking Spaces if (!config('allow_username_spaces')) { preg_match('/ /', $username, $matches); } if (!is_valid_syntax('username', $username) && $multi != 'yes' || $matches) { e(lang("class_invalid_user")); } return true; }
/** * */ public function isValidEmail($email) { //global $userquery; return is_valid_syntax('email', $email); // Source: http://www.zend.com/zend/spotlight/ev12apr.php //return eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email); }
/** * Function used to update use details */ function update_user($array) { global $LANG, $db, $signup, $Upload; if ($array == NULL) { $array = $_POST; } if (is_array($_FILES)) { $array = array_merge($array, $_FILES); } $userfields = $this->load_profile_fields($array); //$signup_fields = $this->load_signup_fields($array); $custom_signup_fields = $this->load_custom_signup_fields($array); //Adding Custom Form Fields if (count($this->custom_profile_fields) > 0) { $userfields = array_merge($userfields, $this->custom_profile_fields); } //Adding custom fields from group if (count($this->custom_profile_fields_groups) > 0) { $custom_fields_from_group_fields = array(); $custom_fields_from_group = $this->custom_profile_fields_groups; foreach ($custom_fields_from_group as $cffg) { $custom_fields_from_group_fields = array_merge($custom_fields_from_group_fields, $cffg['fields']); } $userfields = array_merge($userfields, $custom_fields_from_group_fields); } validate_cb_form($custom_signup_fields, $array); validate_cb_form($userfields, $array); foreach ($userfields as $field) { $name = formObj::rmBrackets($field['name']); $val = $array[$name]; if ($field['use_func_val']) { $val = $field['validate_function']($val); } //Overrides use_func_val if ($field['value_function'] && function_exists($field['value_function'])) { $val = $field['value_function']($val); } if (!empty($field['db_field'])) { $query_field[] = $field['db_field']; } if (is_array($val)) { $new_val = ''; foreach ($val as $v) { $new_val .= "#" . $v . "# "; } $val = $new_val; } if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) { $val = mysql_clean($val); } else { $val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val)); } if (!empty($field['db_field'])) { $query_val[] = $val; } } //Category if ($cat_field) { $field = $cat_field; $name = formObj::rmBrackets($field['name']); $val = $array[$name]; if ($field['use_func_val']) { $val = $field['validate_function']($val); } if (!empty($field['db_field'])) { $uquery_field[] = $field['db_field']; } if (is_array($val)) { $new_val = ''; foreach ($val as $v) { $new_val .= "#" . $v . "# "; } $val = $new_val; } if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) { $val = mysql_clean($val); } else { $val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val)); } if (!empty($field['db_field'])) { $uquery_val[] = $val; } } //updating user detail if (has_access('admin_access', TRUE) && isset($array['admin_manager'])) { //Checking Username if (empty($array['username'])) { e(lang('usr_uname_err')); } elseif ($array['dusername'] != $array['username'] && $this->username_exists($array['username'])) { e(lang('usr_uname_err2')); } elseif (!username_check($array['username'])) { e(lang('usr_uname_err3')); } else { $username = $array['username']; } //Checking Email if (empty($array['email'])) { e(lang('usr_email_err1')); } elseif (!is_valid_syntax('email', $array['email'])) { e(lang('usr_email_err2')); } elseif (email_exists($array['email']) && $array['email'] != $array['demail']) { e(lang('usr_email_err3')); } else { $email = $array['email']; } $uquery_field[] = 'username'; $uquery_val[] = $username; $uquery_field[] = 'email'; $uquery_val[] = $email; //Changning Password if (!empty($array['pass'])) { if ($array['pass'] != $array['cpass']) { e(lang("pass_mismatched")); } else { $pass = pass_code($array['pass']); } $uquery_field[] = 'password'; $uquery_val[] = $pass; } //Changing User Level $uquery_field[] = 'level'; $uquery_val[] = $array['level']; //Checking for user stats $uquery_field[] = 'profile_hits'; $uquery_val[] = $array['profile_hits']; $uquery_field[] = 'total_watched'; $uquery_val[] = $array['total_watched']; $uquery_field[] = 'total_videos'; $uquery_val[] = $array['total_videos']; $uquery_field[] = 'total_comments'; $uquery_val[] = $array['total_comments']; $uquery_field[] = 'subscribers'; $uquery_val[] = $array['subscribers']; $uquery_field[] = 'comments_count'; $uquery_val[] = $array['comments_count']; $query_field[] = 'rating'; $rating = $array['rating']; if ($rating < 1 || $rating > 10) { $rating = 1; } $query_val[] = $rating; $query_field[] = 'rated_by'; $query_val[] = $array['rated_by']; //Changing JOined Date if (isset($array['doj'])) { $uquery_field[] = 'doj'; $uquery_val[] = $array['doj']; } } //Changing Gender if ($array['sex']) { $uquery_field[] = 'sex'; $uquery_val[] = mysql_clean($array['sex']); } //Changing Country if ($array['country']) { $uquery_field[] = 'country'; $uquery_val[] = mysql_clean($array['country']); } //Changing Date of birth if (isset($array['dob'])) { $uquery_field[] = 'dob'; $uquery_val[] = $array['dob']; } //Changing category if (isset($array['category'])) { $uquery_field[] = 'category'; $uquery_val[] = $array['category']; } //Updating User Avatar if ($array['avatar_url']) { $uquery_field[] = 'avatar_url'; $uquery_val[] = $array['avatar_url']; } if ($array['remove_avatar_url'] == 'yes') { $uquery_field[] = 'avatar_url'; $uquery_val[] = ''; } //Deleting User Avatar if ($array['delete_avatar'] == 'yes') { $file = USER_THUMBS_DIR . '/' . $array['avatar_file_name']; if (file_exists($file) && $array['avatar_file_name'] != '') { unlink($file); } } //Deleting User Bg if ($array['delete_bg'] == 'yes') { $file = USER_BG_DIR . '/' . $array['bg_file_name']; if (file_exists($file) && $array['bg_file_name']) { unlink($file); } } if (isset($_FILES['avatar_file']['name'])) { $file = $Upload->upload_user_file('a', $_FILES['avatar_file'], $array['userid']); if ($file) { $uquery_field[] = 'avatar'; $uquery_val[] = $file; } } //Updating User Background if ($array['background_url']) { $uquery_field[] = 'background_url'; $uquery_val[] = $array['background_url']; } if ($array['background_color']) { $uquery_field[] = 'background_color'; $uquery_val[] = $array['background_color']; } if ($array['background_repeat']) { $uquery_field[] = 'background_repeat'; $uquery_val[] = $array['background_repeat']; } if (isset($_FILES['background_file']['name'])) { $file = $Upload->upload_user_file('b', $_FILES['background_file'], $array['userid']); if ($file) { $uquery_field[] = 'background'; $uquery_val[] = $file; } } //Adding Custom Field if (is_array($custom_signup_fields)) { foreach ($custom_signup_fields as $field) { $name = formObj::rmBrackets($field['name']); $val = $array[$name]; if ($field['use_func_val']) { $val = $field['validate_function']($val); } if (!empty($field['db_field'])) { $uquery_field[] = $field['db_field']; } if (is_array($val)) { $new_val = ''; foreach ($val as $v) { $new_val .= "#" . $v . "# "; } $val = $new_val; } if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) { $val = mysql_clean($val); } else { $val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val)); } if (!empty($field['db_field'])) { $uquery_val[] = $val; } } } if (!error() && is_array($uquery_field)) { $db->update(tbl($this->dbtbl['users']), $uquery_field, $uquery_val, " userid='" . mysql_clean($array['userid']) . "'"); e(lang("usr_upd_succ_msg"), 'm'); } //updating user profile if (!error()) { $log_array = array('success' => 'yes', 'details' => "updated profile"); //Login Upload insert_log('profile_update', $log_array); $db->update(tbl($this->dbtbl['user_profile']), $query_field, $query_val, " userid='" . mysql_clean($array['userid']) . "'"); e(lang("usr_pof_upd_msg"), 'm'); } }
| @ Author : ArslanHassan | @ Software : ClipBucket , © PHPBucket.com **************************************************************** Very Basic Contact Form Edit it according to your own need */ define("THIS_PAGE", "contact"); require 'includes/config.inc.php'; $name = post('name'); $email = post('email'); $reason = post('reason'); $message = post('message'); if (isset($_POST['contact'])) { if (empty($name)) { e(lang("name_was_empty")); } elseif (empty($email) || !is_valid_syntax('email', $email)) { e(lang("invalid_email")); } elseif (empty($reason)) { e(lang("pelase_enter_reason")); } elseif (empty($message)) { e(lang("please_enter_something_for_message")); } elseif (!verify_captcha()) { e(lang('usr_ccode_err')); } else { $tpl = $cbemail->get_template('contact_form'); $more_var = array('{name}' => substr($name, 0, 100), '{email}' => substr($email, 0, 100), '{reason}' => substr($reason, 0, 300), '{message}' => $message, '{ip_address}' => $_SERVER['REMOTE_ADDR'], '{now}' => now()); if (!is_array($var)) { $var = array(); } $var = array_merge($more_var, $var); $subj = $cbemail->replace($tpl['email_template_subject'], $var);
/** * ClipBucket Form Validator * this function controls the whole logic of how to operate input * validate it, generate proper error */ function validate_cb_form($input, $array) { //Check the Collpase Category Checkboxes if ($input['cat']['title'] == 'Video Category') { global $db; $query = "SELECT * FROM " . tbl("config") . " WHERE configid=234"; $row = db_select($query); $row[0]['value'] . $input['cat']['title']; if ($row[0]['value'] == '0') { unset($input['cat']); } } if (is_array($input)) { foreach ($input as $field) { $field['name'] = formObj::rmBrackets($field['name']); //pr($field); $title = $field['title']; $val = $array[$field['name']]; $req = $field['required']; $invalid_err = $field['invalid_err']; $function_error_msg = $field['function_error_msg']; if (is_string($val)) { if (!isUTF8($val)) { $val = utf8_decode($val); } $length = strlen($val); } $min_len = $field['min_length']; $min_len = $min_len ? $min_len : 0; $max_len = $field['max_length']; $rel_val = $array[$field['relative_to']]; if (empty($invalid_err)) { $invalid_err = sprintf("Invalid '%s'", $title); } if (is_array($array[$field['name']])) { $invalid_err = ''; } //Checking if its required or not if ($req == 'yes') { if (empty($val) && !is_array($array[$field['name']])) { e($invalid_err); $block = true; } else { $block = false; } } $funct_err = is_valid_value($field['validate_function'], $val); if ($block != true) { //Checking Syntax if (!$funct_err) { if (!empty($function_error_msg)) { e($function_error_msg); } elseif (!empty($invalid_err)) { e($invalid_err); } } if (!is_valid_syntax($field['syntax_type'], $val)) { if (!empty($invalid_err)) { e($invalid_err); } } if (isset($max_len)) { if ($length > $max_len || $length < $min_len) { e(sprintf(lang('please_enter_val_bw_min_max'), $title, $min_len, $field['max_length'])); } } if (function_exists($field['db_value_check_func'])) { $db_val_result = $field['db_value_check_func']($val); if ($db_val_result != $field['db_value_exists']) { if (!empty($field['db_value_err'])) { e($field['db_value_err']); } elseif (!empty($invalid_err)) { e($invalid_err); } } } if ($field['relative_type'] != '') { switch ($field['relative_type']) { case 'exact': if ($rel_val != $val) { if (!empty($field['relative_err'])) { e($field['relative_err']); } elseif (!empty($invalid_err)) { e($invalid_err); } } break; } } } } } }