function signupUser($email, $password, $name, $screenName) { global $dbCon; if (!Verify::email($email)) { echo 'invalid email'; return; } if (!Verify::password($password)) { echo 'invalid password'; return; } if (!Verify::name($name)) { echo 'invalid name'; return; } if (!Verify::name($screenName)) { echo 'invalid screen name'; return; } $cols = "email, password, name, screen_name"; $values = "'{$email}', '{$password}', '{$name}', '{$screenName}'"; //$dbCon = openConnection(); $sql = "SELECT user_id FROM users WHERE email='{$email}'"; $row = $dbCon->query($sql)->fetch(PDO::FETCH_ASSOC); if (!$row) { //echo $sql; $sql = 'INSERT INTO users (' . $cols . ') VALUES (' . $values . ')'; try { $rowCount = $dbCon->exec($sql); if ($rowCount > 0) { $sql = "SELECT user_id FROM users WHERE email='{$email}'"; $row = $dbCon->query($sql)->fetch(PDO::FETCH_ASSOC); _setNewUserPrefs($row['user_id']); loginUser($email, $password); } else { echo 'Error registering user, plese try again'; } } catch (Exception $e) { throw new Exception('DB error ' . $e->getMessage()); } } else { echo "e-mail already registered"; } }
public function edit() { $this->assertLoggedIn(); try { $this->setTitle("Edit Profile"); //how do we find them? if ($this->args('id')) { $user = new User($this->args('id')); } else { if ($this->args('username')) { $user = User::byUsername($this->args('username')); } else { $user = User::$me; } } //are we cool? if (!$user->isHydrated()) { throw new Exception("Could not find that user."); } else { if (!$user->isMe() && !User::isAdmin()) { throw new Exception("You do not have permission to edit this user."); } } /** @var Form $form */ $form = $this->_createProfileEditForm($user); //did we get a form submission? if ($form->checkSubmitAndValidate($this->args())) { if ($this->args('birthday')) { if (strtotime($this->args('birthday'))) { $user->set('birthday', date("Y-m-d H:i:s", strtotime($this->args('birthday')))); } else { /** @var FormField $birthday_field */ $birthday_field = $form->get('birthday'); $birthday_field->error("We couldn't understand your birthday. Try using MM/DD/YYY"); } } // email change? if (Verify::email($this->args('email'))) { $user->set('email', $this->args('email')); } else { /** @var EmailField $email_field */ $email_field = $form->get('email'); $email_field->error("Your email address is invalid"); } // WARNING Be careful with this, it's perfect for // privilege elevation if done incorrectly. if (User::$me->isAdmin()) { $user->set('is_admin', $form->data('admin')); } if (!$form->hasError()) { if ($user->isMe()) { Activity::log("edited their profile."); } else { Activity::log("edited " . $this->args('username') . "'s profile."); } $user->save(); $this->forwardToURL($user->getUrl()); } } $this->set('form', $form); } catch (Exception $e) { $this->setTitle('Edit User - Error'); $this->set('megaerror', $e->getMessage()); } }
public function edit() { $this->assertLoggedIn(); try { $this->setTitle("Edit Profile"); //how do we find them? if ($this->args('id')) { $user = new User($this->args('id')); } else { if ($this->args('username')) { $user = User::byUsername($this->args('username')); } else { $user = User::$me; } } //are we cool? if (!$user->isHydrated()) { throw new Exception("Could not find that user."); } else { if (!$user->isMe() && !User::isAdmin()) { throw new Exception("You do not have permission to edit this user."); } } //did we get a form submission? if ($this->args('submit')) { // birthday boy? if ($this->args('birthday')) { if (strtotime($this->args('birthday'))) { $user->set('birthday', date("Y-m-d H:i:s", strtotime($this->args('birthday')))); } else { $errors['birthday'] = "We couldn't understand your birthday. Try using MM/DD/YYY."; } } // email change? if (Verify::email($this->args('email'))) { $user->set('email', $this->args('email')); } else { $errors['email'] = "Your email address is invalid."; } // password change? if ($this->args('changepass1') && $this->args('changepass2')) { if ($this->args('changepass1') == $this->args('changepass2')) { $user->set('pass_hash', User::hashPass($this->args('changepass1'))); } else { $errors['password'] = "******"; } } $user->set('first_name', stripslashes($this->args('first_name'))); $user->set('last_name', stripslashes($this->args('last_name'))); if (empty($errors)) { if ($user->isMe()) { Activity::log("edited their profile."); } else { Activity::log("edited " . $this->args('username') . "'s profile."); } $user->save(); $this->set('status', "Your " . $user->getLink("profile information") . " has been updated."); } else { $this->set('errors', $errors); $this->set('error', "Uh oh, there was an error!"); } $this->set('user', $user); } } catch (Exception $e) { $this->setTitle('Edit User - Error'); $this->set('megaerror', $e->getMessage()); } }
public function register() { if ($this->args('submit') && $this->args('action') == 'register') { //validate username $username = $this->args('username'); if (!Verify::username($username, $reason)) { $errors['username'] = $reason; $errorfields['username'] = '******'; } //validate email $email = $this->args('email'); if (!Verify::email($email)) { $errors['email'] = "You must supply a valid email."; $errorfields['email'] = 'error'; } else { $testUser = User::byEmail($email); if ($testUser->isHydrated()) { $errors['email'] = "That email is already being used."; $errorfields['email'] = 'error'; } } //check passwords if ($this->args('pass1') != $this->args('pass2')) { $errors['password'] = "******"; $errorfields['password'] = '******'; } else { if (!strlen($this->args('pass1'))) { $errors['password'] = "******"; $errorfields['password'] = '******'; } } //okay, we good? if (empty($errors)) { //woot! $user = new User(); $user->set('username', $username); $user->set('email', $email); $user->set('pass_hash', User::hashPass($this->args('pass1'))); $user->set('registered_on', date("Y-m-d H:i:s")); $user->save(); //create them a default queue. $q = new Queue(); $q->set("name", 'Default'); $q->set("user_id", $user->id); $q->save(); //todo: send a confirmation email. Activity::log("registered a new account on BotQueue.", $user); //automatically log them in. $token = $user->createToken(); $token->setCookie(); $this->forwardToUrl('/'); } else { $this->set('errors', $errors); $this->set('errorfields', $errorfields); $this->setArg('username'); $this->setArg('email'); $this->setArg('pass1'); $this->setArg('pass2'); } } }