private function validate()
{
if (!is_numeric($this->options['default_session'])) {
$this->error = _('You must enter a default session (numeric value only).');
}
if (!parent::isEmail($this->options['admin_email'])) {
$this->error = _('You have entered an invalid e-mail address, try again.');
}
if (empty($this->options['site_address'])) {
$this->error = _('Please enter your site address.');
}
if (substr($this->options['site_address'], -1) != '/') {
$this->options['site_address'] = $this->options['site_address'] . '/';
}
if (!empty($this->error)) {
$this->error = '<div class="alert alert-danger fade in"><a class="close" data-dismiss="alert" href="#">×</a>' . $this->error . '</div>';
}
$checkboxes = array();
if (!empty($_POST['denied-form'])) {
$checkboxes[] = 'block-msg-enable';
$checkboxes[] = 'block-msg-out-enable';
}
if (!empty($_POST['general-options-form'])) {
$checkboxes[] = 'user-activation-enable';
$checkboxes[] = 'notify-new-user-enable';
$checkboxes[] = 'custom-avatar-enable';
$checkboxes[] = 'disable-registrations-enable';
$checkboxes[] = 'disable-logins-enable';
$checkboxes[] = 'email-as-username-enable';
$checkboxes[] = 'pw-encrypt-force-enable';
$checkboxes[] = 'signin-redirect-referrer-enable';
$checkboxes[] = 'signout-redirect-referrer-enable';
$checkboxes[] = 'email-welcome-disable';
}
if (!empty($_POST['integration-form'])) {
$checkboxes[] = 'integration-facebook-enable';
$checkboxes[] = 'integration-google-enable';
$checkboxes[] = 'integration-twitter-enable';
$checkboxes[] = 'integration-yahoo-enable';
}
if (!empty($_POST['update-form'])) {
$checkboxes[] = 'update-check-enable';
}
if (!empty($_POST['user-profiles-form'])) {
$checkboxes[] = 'profile-display-email-enable';
$checkboxes[] = 'profile-display-name-enable';
$checkboxes[] = 'profile-public-enable';
$checkboxes[] = 'profile-timestamps-admin-enable';
$checkboxes[] = 'profile-timestamps-enable';
}
foreach ($checkboxes as $label) {
$this->options[$label] = !empty($this->options[$label]) ? 1 : 0;
}
$this->options['default-level'] = !empty($this->options['default-level']) ? serialize($this->options['default-level']) : serialize(array('3'));
$this->options['restrict-signups-by-email'] = !empty($this->options['restrict-signups-by-email']) ? serialize(preg_split('/,/', $this->options['restrict-signups-by-email'])) : '';
}
private function validate()
{
//If demo, check that user being edited isn't any demo user accounts
if ($this->is_demo()) {
if ($this->options['username'] == 'admin' || $this->options['username'] == 'special' || $this->options['username'] == 'user') {
$this->error = '<div class="alert alert-danger">You cannot edit any of the demo users. Please create a new user to test out this functionality.</div>';
return false;
}
}
$this->options['restricted'] = !empty($_POST['restricted']) ? 1 : 0;
// Checkbox handling
$fields = parent::getOption('profile-fields');
if ($fields) {
foreach (unserialize($fields) as $type => $label) {
$name = 'p-' . $label;
if (strstr($type, "checkbox")) {
$this->options[$name] = !empty($this->options[$name]) ? 1 : 0;
}
}
}
// Setting a default user_level if one wasn't selected
$this->options['user_level'] = empty($_POST['user_level']) ? parent::getOption('default-level') : serialize($this->options['user_level']);
if ($this->options['user_level'] != $this->original_level) {
$new_level = unserialize($this->options['user_level']);
$original_level = unserialize($this->original_level);
$send_levels = array_diff($new_level, $original_level);
$levels = implode(',', $send_levels);
$sql = 'SELECT * FROM `login_levels` WHERE `welcome_email` = "1" AND `level_level` IN (' . $levels . ')';
$stmt = parent::query($sql);
$this->sendWelcome = $stmt->rowCount() > 0 ? true : false;
}
if (empty($this->options['name'])) {
$this->error = '<div class="alert alert-danger">' . _('You must enter name.') . '</div>';
} else {
if (!parent::isEmail($this->options['email'])) {
$this->error = '<div class="alert alert-danger">' . _('You have entered an invalid e-mail address, try again.') . '</div>';
} else {
if (!isset($this->options['user_level'])) {
$this->error = '<div class="alert alert-danger">' . _('No user level has been selected.') . '</div>';
}
}
}
// Password been entered? If so, validate
if (!empty($this->options['password'])) {
if ($this->options['password'] != $this->options['password2']) {
$this->error = '<div class="alert alert-danger">' . _('Your passwords did not match.') . '</div>';
}
if (strlen($this->options['password']) < 5) {
$this->error = '<div class="alert alert-danger">' . _('Your password must be at least 5 characters.') . '</div>';
}
}
}
private function validate()
{
if (!$this->use_emails) {
if (empty($this->settings['username'])) {
$this->error .= '<li>' . _('You must enter a username.') . '</li>';
} else {
$params = array(':username' => $this->settings['username']);
$stmt = parent::query("SELECT * FROM `accounts` WHERE `username` = :username", $params);
if ($stmt->rowCount() > 0) {
$this->error .= '<li>Sorry, username already taken.</li>';
}
}
if (strlen($this->settings['username']) > 11) {
$this->error .= '<li>' . _('Your username must be under 11 characters') . '</li>';
}
}
if (empty($this->settings['name'])) {
$this->error .= '<li>' . _('You must enter your name.') . '</li>';
}
if (!empty($this->settings['email'])) {
// See if this email is allowed
$allowed = parent::getOption('restrict-signups-by-email');
if ($allowed) {
$allowed = unserialize($allowed);
$domain = array_pop(explode('@', $this->settings['email']));
if (in_array($domain, $allowed)) {
$this->error .= '<li>' . _('That email address is not allowed.') . '</li>';
}
}
// Check for a taken email address
$params = array(':email' => $this->settings['email']);
$stmt = parent::query("SELECT * FROM accounts WHERE email = :email;", $params);
if ($stmt->rowCount() > 0) {
$this->error .= '<li>' . _('That email address has already been taken.') . '</li>';
}
}
if (!parent::isEmail($this->settings['email'])) {
$this->error .= '<li>' . _('You have entered an invalid e-mail address, try again.') . '</li>';
}
if ($this->settings['password'] != $this->settings['password_confirm']) {
$this->error .= '<li>' . _('Your passwords did not match.') . '</li>';
}
if (strlen($this->settings['password']) < 5) {
$this->error .= '<li>' . _('Your password must be at least 5 characters.') . '</li>';
}
if (!empty($this->captchaError)) {
$this->error .= '<li>' . _('Please enter the correct captcha!') . '</li>';
}
// Checkbox handling
$sql = "SELECT * FROM `login_profile_fields` WHERE `signup` <> 'hide';";
$stmt = parent::query($sql);
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$name = 'p-' . $row['id'];
if ($row['type'] == 'checkbox') {
$this->settings[$name] = !empty($this->settings[$name]) ? 1 : 0;
}
/* Required signup fields validation. */
if ($row['signup'] == 'require' && empty($this->settings[$name])) {
$this->error .= '<li>' . sprintf('The field "%s" is required!', $row['label']) . '</li>';
}
}
// Output the errors in a pretty format :]
$this->error = isset($this->error) ? "<div class='alert alert-error alert-block'><h4 class='alert-heading'>" . _('Attention!') . "</h4>{$this->error}</div>" : '';
}
private function verify()
{
if (empty($this->name)) {
$this->error = '<div class="alert alert-danger">' . _('You must enter a name.') . '</div>';
return false;
}
if (empty($this->username)) {
$this->error = '<div class="alert alert-danger">' . _('You must enter a username.') . '</div>';
return false;
}
if (!parent::isEmail($this->email)) {
$this->error = '<div class="alert alert-danger">' . _('You have entered an invalid e-mail address, try again.') . '</div>';
return false;
}
$params = array(':email' => $this->email);
$stmt = parent::query("SELECT * FROM `login_users` WHERE `email` = :email", $params);
if ($stmt->rowCount() > 0) {
$this->error = '<div class="alert alert-danger">' . _('That email address has already been taken.') . '</div>';
return false;
}
$params = array(':username' => $this->username);
$stmt = parent::query("SELECT * FROM `login_users` WHERE `username` = :username", $params);
if ($stmt->rowCount() > 0) {
$this->error = '<div class="alert alert-danger">' . _('Sorry, username already taken.') . '</div>';
return false;
}
}
private function validate()
{
if (empty($this->settings['CurrentPass'])) {
$this->error = '<div class="alert alert-error">' . _('You must enter the current password to make changes.') . '</div>';
return false;
}
$params = array(':username' => $this->username);
$sql = "SELECT `password` FROM `accounts` WHERE {$this->username_type} = :username;";
$stmt = parent::query($sql, $params);
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if (!parent::validatePassword($this->settings['CurrentPass'], $row['password'])) {
$this->error = '<div class="alert alert-error">' . _('You entered the wrong current password.') . '</div>';
return false;
}
if (empty($this->settings['name'])) {
$this->error .= '<div class="alert alert-error">' . _('You must enter a name.') . '</div>';
}
if (!parent::isEmail($this->settings['email'])) {
$this->error .= '<div class="alert alert-error">' . _('You have entered an invalid e-mail address, try again.') . '</div>';
}
if (!empty($this->settings['password'])) {
if ($this->settings['password'] != $this->settings['confirm']) {
$this->error .= '<div class="alert alert-error">' . _('Your passwords did not match.') . '</div>';
}
if (strlen($this->settings['password']) < 5) {
$this->error = '<div class="alert alert-error">' . _('Your password must be at least 5 characters.') . '</div>';
}
}
// Checkbox handling
$sql = "SELECT * FROM `login_profile_fields`;";
$stmt = parent::query($sql);
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$name = 'p-' . $row['id'];
if ($row['type'] == 'checkbox') {
$this->settings[$name] = !empty($this->settings[$name]) ? 1 : 0;
}
}
}
private function validate()
{
//If demo, check that user being edited isn't any demo user accounts
if ($this->is_demo()) {
if ($this->settings['username'] == 'admin' || $this->settings['username'] == 'special' || $this->settings['username'] == 'user') {
$this->error = '<div class="alert alert-danger">You cannot edit this user because it is a demo user. Please create a new user to test out this functionality.</div>';
return false;
}
}
if (empty($this->settings['CurrentPass'])) {
$this->error = '<div class="alert alert-danger">' . _('You must enter the current password to make changes.') . '</div>';
return false;
}
$params = array(':username' => $this->username);
$sql = "SELECT `password` FROM `login_users` WHERE {$this->username_type} = :username;";
$stmt = parent::query($sql, $params);
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if (!parent::validatePassword($this->settings['CurrentPass'], $row['password'])) {
$this->error = '<div class="alert alert-danger">' . _('You entered the wrong current password.') . '</div>';
return false;
}
if (empty($this->settings['name'])) {
$this->error .= '<div class="alert alert-danger">' . _('You must enter a name.') . '</div>';
}
if (!parent::isEmail($this->settings['email'])) {
$this->error .= '<div class="alert alert-danger">' . _('You have entered an invalid e-mail address, try again.') . '</div>';
}
if (!empty($this->settings['password'])) {
if ($this->settings['password'] != $this->settings['confirm']) {
$this->error .= '<div class="alert alert-danger">' . _('Your passwords did not match.') . '</div>';
}
if (strlen($this->settings['password']) < 5) {
$this->error = '<div class="alert alert-danger">' . _('Your password must be at least 5 characters.') . '</div>';
}
}
// Checkbox handling
$sql = "SELECT * FROM `login_profile_fields`;";
$stmt = parent::query($sql);
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$name = 'p-' . $row['id'];
if ($row['type'] == 'checkbox') {
$this->settings[$name] = !empty($this->settings[$name]) ? 1 : 0;
}
}
}