function post_form()
{
$_POST["email"] = strtolower(trim($_POST["email"]));
$_POST["password"] = trim($_POST["password"]);
$tpl = new templates();
$sock = new sockets();
$ldap = new clladp();
$EnableVirtualDomainsInMailBoxes = $sock->GET_INFO("EnableVirtualDomainsInMailBoxes");
if (!ValidateMail($_POST["email"])) {
echo "<H2>" . $tpl->_ENGINE_parse_body("{ERROR_INVALID_EMAIL_ADDR}: ({original_mail}:{$_POST["email"]})") . "</H2>";
exit;
}
$domain = trim(strtolower($_POST["domain"]));
$company = $_POST["company"];
$password = $_POST["password"];
$uid = trim(strtolower($_POST["username"]));
$ou = $_POST["organization"];
if ($ou == null) {
$ou = $_POST["company"];
}
if ($company == null) {
echo $tpl->_ENGINE_parse_body("<H2>{company}:{ERROR_VALUE_MISSING_PLEASE_FILL_THE_FORM}</H2>");
exit;
}
if ($password == null) {
echo $tpl->_ENGINE_parse_body("<H2>{password}:{ERROR_VALUE_MISSING_PLEASE_FILL_THE_FORM}</H2>");
exit;
}
if ($_POST["domain"] == null) {
echo $tpl->_ENGINE_parse_body("<H2>{domain}:{ERROR_VALUE_MISSING_PLEASE_FILL_THE_FORM}</H2>");
exit;
}
if ($uid == null) {
echo $tpl->_ENGINE_parse_body("<H2>{username}:{ERROR_VALUE_MISSING_PLEASE_FILL_THE_FORM}</H2>");
exit;
}
if (isset($_POST["subdomain"])) {
$_POST["subdomain"] = trim(strtolower($_POST["subdomain"]));
if ($_POST["subdomain"] == null) {
echo $tpl->_ENGINE_parse_body("<H2>{subdomain}:{ERROR_VALUE_MISSING_PLEASE_FILL_THE_FORM}</H2>");
exit;
}
$domain = $_POST["subdomain"] . ".{$domain}";
}
$hashdoms = $ldap->hash_get_all_domains();
if ($hashdoms[$domain] != null) {
echo $tpl->_ENGINE_parse_body("<H2>{error_domain_exists} »<strong>{$domain}</strong></H2");
exit;
}
$ou = $ldap->StripSpecialsChars($ou);
$uid = $ldap->StripSpecialsChars($uid);
if ($ou == "users") {
echo "<H2>Error: Adding\n{$ou} words not permitted\n</H2>";
exit;
}
if ($ou == "groups") {
echo "<H2>Error: Adding\n{$ou} words not permitted\n</H2>";
exit;
}
if ($ou == "computers") {
echo "<H2>Error: Adding\n{$ou} words not permitted\n</H2>";
exit;
}
if ($ou == "pureftpd") {
echo "<H2>Error: Adding\n{$ou} words not permitted\n</H2>";
exit;
}
$ldap = new clladp();
$dn = "ou={$ou},dc=organizations,{$ldap->suffix}";
if ($ldap->ExistsDN($dn)) {
echo $tpl->_ENGINE_parse_body("<H2>{organization}:{ERROR_OBJECT_ALREADY_EXISTS}</H2>");
exit;
}
if ($EnableVirtualDomainsInMailBoxes == 1) {
$uidtests = "{$uid}@{$domain}";
$u = new user($uidtests);
if (!$u->DoesNotExists) {
echo $tpl->_ENGINE_parse_body("<H2>{member}: «{$uid}» {ERROR_OBJECT_ALREADY_EXISTS}</H2>");
exit;
}
}
$u = new user($uid);
if (!$u->DoesNotExists) {
echo $tpl->_ENGINE_parse_body("<H2>{member}: «{$uid}» {ERROR_OBJECT_ALREADY_EXISTS}</H2>");
exit;
}
$zmd5 = md5("{$_POST["email"]}{$ou}{$company}{$domain}{$uid}");
$password = addslashes($password);
$company = addslashes($company);
$uid = addslashes($uid);
$sql = "INSERT IGNORE INTO register_orgs(`email`,`ou`,`company`,`domain`,`username`,`password`,`zmd5`)\n\tVALUES('{$_POST["email"]}','{$ou}','{$company}','{$domain}','{$uid}','{$password}','{$zmd5}')\n\t";
$q = new mysql();
$q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
echo "<H2>{$q->mysql_error}</H2>";
return;
}
$prefix = "http://";
if ($_SERVER["HTTPS"] == "on") {
$prefix = "https://";
}
$link = $prefix . $_SERVER["HTTP_HOST"] . '/' . CurrentPageName() . "?confirm={$zmd5}";
$subject = $tpl->javascript_parse_text("{organization}: {$ou} {register_form}");
$message = "{sendmail_request_form}\n----------------------\n{$link}\n----------------------\n";
$RobotInternetUsers = $sock->GET_INFO("RobotInternetUsers");
if ($RobotInternetUsers == null) {
$RobotInternetUsers = "postmaster@{$user->fqdn}";
}
$email = $_POST["email"];
mail($email, "{$subject}", $message, "From:" . $RobotInternetUsers);
echo "<H2>" . $tpl->_ENGINE_parse_body("{thanks_registration_mail} <strong>{$email}</strong>");
}
/** Side-effect on email changes:
* Send a verification mail or for now just a notification email.
* For true verification (value = 2), we'd need a mailserver hook.
*/
function update($value)
{
// e-mail address is already checked by FusionForge
if (FUSIONFORGE) {
return $value;
}
if (!empty($this->_init)) {
return;
}
$verified = $this->getraw('emailVerified');
// hack!
if (($value == 1 or $value === true) and $verified) {
return;
}
if (!empty($value) and !$verified) {
list($ok, $msg) = ValidateMail($value);
if ($ok and mail($value, "[" . WIKI_NAME . "] " . _("Email Verification"), sprintf(_("Welcome to %s!\nYour email account is verified and\nwill be used to send page change notifications.\nSee %s"), WIKI_NAME, WikiURL($GLOBALS['request']->getArg('pagename'), '', true)))) {
$this->set('emailVerified', 1);
} else {
trigger_error($msg, E_USER_WARNING);
}
}
}
/** Side-effect on email changes:
* Send a verification mail or for now just a notification email.
* For true verification (value = 2), we'd need a mailserver hook.
*/
function update($value)
{
if (!empty($this->_init)) {
return;
}
$verified = $this->getraw('emailVerified');
// hack!
if (($value == 1 or $value === true) and $verified) {
return;
}
if (!empty($value) and !$verified) {
list($ok, $msg) = ValidateMail($value);
if ($ok and mail($value, "[" . WIKI_NAME . "] " . _("Email Verification"), sprintf(_("Welcome to %s!\nYour email account is verified and\nwill be used to send page change notifications.\nSee %s"), WIKI_NAME, WikiURL($GLOBALS['request']->getArg('pagename'), '', true)))) {
$this->set('emailVerified', 1);
}
}
}
function inject_contacts($uid, $contacts)
{
while (list($index, $array) = each($contacts)) {
$emailAddress_str = $array["email1address"];
$emailAddress_str = trim(strtolower($emailAddress_str));
if ($emailAddress_str == null) {
continue;
}
if (!ValidateMail($emailAddress_str)) {
if ($GLOBALS["VERBOSE"]) {
echo "inject_contacts({$uid},...) -> ValidateMail({$emailAddress_str}) -> `FALSE`\n";
}
continue;
}
$md5 = md5("{$emailAddress_str}{$uid}");
$f[] = "('{$emailAddress_str}','{$uid}','{$md5}','1')";
$emailAddress_str = $array["email2address"];
$emailAddress_str = trim(strtolower($emailAddress_str));
if ($emailAddress_str == null) {
continue;
}
if (!ValidateMail($emailAddress_str)) {
if ($GLOBALS["VERBOSE"]) {
echo "inject_contacts({$uid},...) -> ValidateMail({$emailAddress_str}) -> `FALSE`\n";
}
continue;
}
$md5 = md5("{$emailAddress_str}{$uid}");
$f[] = "('{$emailAddress_str}','{$uid}','{$md5}','1')";
$emailAddress_str = $array["email3address"];
$emailAddress_str = trim(strtolower($emailAddress_str));
if ($emailAddress_str == null) {
continue;
}
if (!ValidateMail($emailAddress_str)) {
if ($GLOBALS["VERBOSE"]) {
echo "inject_contacts({$uid},...) -> ValidateMail({$emailAddress_str}) -> `FALSE`\n";
}
continue;
}
$md5 = md5("{$emailAddress_str}{$uid}");
$f[] = "('{$emailAddress_str}','{$uid}','{$md5}','1')";
}
if (count($f) > 0) {
$sql = "DELETE FROM `contacts_whitelist` WHERE uid='{$uid}' AND manual=0 AND enabled=1";
$q = new mysql();
$q->QUERY_SQL($sql, "artica_backup");
system_user_events($uid, count($f) . " are added to the whitelist database..", __FUNCTION__, __FILE__, __LINE__, "whitelist");
$sql = "INSERT IGNORE INTO contacts_whitelist (`sender`,`uid`,`md5`,`enabled`) VALUES " . @implode(",", $f);
$q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
system_admin_events("Fatal: {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "zarafa");
return;
}
$GLOBALS["ITEMSC"] = $GLOBALS["ITEMSC"] + count($f);
}
}
function table_blacklist_add()
{
$uid = $_SESSION["uid"];
$emailAddress_str = $_POST["black"];
$md5 = md5("{$emailAddress_str}{$uid}");
if (!ValidateMail($emailAddress_str)) {
echo "Fatal {$_POST["white"]}, wrong email address\n";
return;
}
$sql = "INSERT IGNORE INTO contacts_blacklist (`sender`,`uid`,`enabled`,`md5`) VALUES ('{$emailAddress_str}','{$uid}','1','{$md5}')";
$q = new mysql();
$q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
echo $q->mysql_error;
}
}
if (!ereg("^\\[?[0-9\\.]+\\]?\$", $email_array[1])) {
// Check if domain is IP. If not, it should be valid domain name
$domain_array = explode(".", $email_array[1]);
if (sizeof($domain_array) < 2) {
return false;
// Not enough parts to domain
}
foreach ($domain_array as $entry) {
if (!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))\$", $entry)) {
return false;
}
}
}
return true;
}
if (!ValidateMail($email)) {
echo $email . ' is not a valid email address.';
exit;
}
$first_name = mysqli_real_escape_string($db, trim($_POST['first_name']));
$last_name = mysqli_real_escape_string($db, trim($_POST['last_name']));
$user_name = mysqli_real_escape_string($db, trim($_POST['user_name']));
$email = mysqli_real_escape_string($db, trim($email));
$password = mysqli_real_escape_string($db, trim($_POST['password']));
$query = "SELECT * FROM login WHERE username = '******';";
$result = mysqli_query($db, $query) or die("Error querying database.");
$confirmation = mysqli_num_rows($result);
if ($confirmation == 0) {
$userInfo = "INSERT INTO login(username, password, firstname, lastname, email) VALUES ('{$user_name}', SHA('{$password}'), '{$first_name}', '{$last_name}', '{$email}');";
$result = mysqli_query($db, $userInfo);
$new_user = true;
$eflag = true;
$fields .= " " . $strOrganization . ",";
}
if (trim($companyType) == "") {
$eflag = true;
$fields .= " " . $strOrgType . ",";
}
if (trim($activity) == "") {
$eflag = true;
$fields .= " " . $strActivity . ",";
}
if (trim($email) == "") {
$eflag = true;
$fields .= " E-mail" . ",";
} else {
$result = ValidateMail($email);
if (!$result[0]) {
$eflag = true;
echo "<h4>" . $strMess5 . "{$result['1']}<h4><br></font>";
}
}
#
# Let's see if user is Internal (INPE's employee)
#
$inpe = false;
$_SESSION['userIP'] = $_SERVER["REMOTE_ADDR"];
if (substr($_SESSION['userIP'], 0, 8) == "150.163.") {
$inpe = true;
}
if ($inpe) {
$userType = 3;
<?php
function ValidateMail($mail)
{
if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\\._-])*@{1}([a-zA-Z0-9_-])+([a-zA-Z0-9\\._-]+)+\\.+([a-zA-Z0-9])+([a-zA-Z0-9\\._-])+\$/", $mail, $matches)) {
return true;
} else {
return false;
}
}
if (ValidateMail("*****@*****.**")) {
echo "Adres prawidlowy";
} else {
echo "Adres NIEPRAWIDLOWY";
}
/************************************************************************************************
*** CODE:
*** You shouldn't need to change this, unless you want to add some parameters on creation time.
*** My recomendation is that you do it at runtime.
***
*************************************************************************************************/
global $xml;
echo '<div id="account_form">';
$created_char = false;
if (isset($HTTP_POST_VARS['cmd'])) {
if (!isset($HTTP_POST_VARS['realname']) or ereg("\"", $HTTP_POST_VARS['realname']) or (!isset($HTTP_POST_VARS['email']) or ereg("\"", $HTTP_POST_VARS['email'])) or (!isset($HTTP_POST_VARS['username']) or ereg("\"", $HTTP_POST_VARS['username'])) or (!isset($HTTP_POST_VARS['password']) or ereg("\"", $HTTP_POST_VARS['password']))) {
echo '<p>Please don\'t mess about here. This is a free game</p>';
} else {
include 'mailValidator.php';
$result = ValidateMail($HTTP_POST_VARS['email']);
if ($result[0] == false) {
echo '<p>You need to provide a valid email address. We want to limit the server to one account per person.</p>';
}
/* Create the account. */
$cmdline = '"' . $xml['serversite'][0]['accountcreationinfo'][0]['routetojavaVM'][0] . ' -cp "' . $xml['serversite'][0]['accountcreationinfo'][0]['classpath'][0] . '" ' . $xml['serversite'][0]['accountcreationinfo'][0]['createAccountclass'][0];
$cmdline = $cmdline . ' -u "' . $HTTP_POST_VARS['username'] . '"';
$cmdline = $cmdline . ' -p "' . $HTTP_POST_VARS['password'] . '"';
$cmdline = $cmdline . ' -c "' . $HTTP_POST_VARS['username'] . '"';
$cmdline = $cmdline . ' -e "' . $HTTP_POST_VARS['email'] . '"';
$output = array();
exec($cmdline, $output, $return);
if ($return == 1) {
echo '<p class="warning">You forgot to set a value. Check again form</p>';
} else {
if ($return == 2) {
