/** * Save user registration and notify users and admins if required * for Joomla! 1.5 * @return boolean */ function register_save() { global $mainframe, $mosConfig_live_site; // Check for request forgeries JRequest::checkToken() or die('Invalid Token'); // Get required system objects $user = clone JFactory::getUser(); $pathway =& $mainframe->getPathway(); $config =& JFactory::getConfig(); $authorize =& JFactory::getACL(); $document =& JFactory::getDocument(); // If user registration is not allowed, show 403 not authorized. $usersConfig =& JComponentHelper::getParams('com_users'); if ($usersConfig->get('allowUserRegistration') == '0') { JError::raiseError(403, JText::_('Access Forbidden')); return false; } // Initialize new usertype setting $newUsertype = $usersConfig->get('new_usertype'); if (!$newUsertype) { $newUsertype = 'Registered'; } // Bind the post array to the user object $_post_ =& vmRequest::get('post'); if (!$user->bind($_post_, 'usertype')) { JError::raiseError(500, $user->getError()); } // Set some initial user values $user->set('id', 0); $user->set('usertype', $newUsertype); $user->set('gid', $authorize->get_group_id('', $newUsertype, 'ARO')); // TODO: Should this be JDate? $user->set('registerDate', date('Y-m-d H:i:s')); // If user activation is turned on, we need to set the activation information $useractivation = $usersConfig->get('useractivation'); if ($useractivation == '1') { jimport('joomla.user.helper'); $user->set('activation', md5(JUserHelper::genRandomPassword())); $user->set('block', '1'); } // If there was an error with registration, set the message and display form if (!$user->save()) { JError::raiseWarning('', JText::_($user->getError())); return false; } // Send registration confirmation mail $password = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW); $password = preg_replace('/[\\x00-\\x1F\\x7F]/', '', $password); //Disallow control chars in the email $name = $user->get('name'); $email = $user->get('email'); $username = $user->get('username'); $component = 'com_user'; $activation_link = $mosConfig_live_site . "/index.php?option={$component}&task=activate&activation=" . $user->get('activation'); // Send the registration email $this->_sendMail($name, $email, $username, $password, $activation_link); return true; }
// prevent SQL injection if ($perm->check('admin,storeadmin')) { $myInsecureArray = $vmInputFilter->safeSQL($myInsecureArray); $myInsecureArray = $vmInputFilter->process($myInsecureArray); // Re-insert the escaped strings into $_REQUEST foreach ($myInsecureArray as $requestvar => $requestval) { $_REQUEST[$requestvar] = $requestval; } } else { // Strip all tags from all input values $_REQUEST = $vmInputFilter->process($_REQUEST); $_REQUEST = $vmInputFilter->safeSQL($_REQUEST); } // Limit the keyword (=search string) length to 50 $keyword = substr(urldecode(vmGet($_REQUEST, 'keyword')), 0, 50); $vars = vmRequest::get('', VMREQUEST_ALLOWRAW); } // The Page will change with every different parameter / argument, so provide this for identification // "call" will call the function load_that_shop_page when it is not yet cached with exactly THESE parameters // or the caching time range has expired $GLOBALS['cache_id'] = vmTemplate::getCacheId(); if ($option == "com_virtuemart") { // Check if we have to run a Shop Function // and if the user is allowed to execute it $funcParams = $ps_function->getFuncPermissions($func); /********************************************** ** Get Page/Directory Permissions ** Displays error if directory is not registered, ** user has no permission to view it , or file doesn't exist ************************************************/ if (empty($page)) {