function updateProfile($user_id, $user)
{
$user = validateFixProfile($user);
if (is_string($user)) {
# error msg
return $user;
}
if (checkPasswordById($user_id, $user["current_password"])) {
return INVALID_CURRENT_PASS_ERR;
}
if ($user["password"] !== "") {
$checkPasswords = checkPasswords($user["password"], $user["confirm_password"]);
if (is_string($checkPasswords)) {
return $checkPasswords;
}
} else {
$user["password"] = $user["current_password"];
}
$newEmail = false;
if (getFullUserById($user_id)["email"] !== $user["email"]) {
# user changed email
if (userExists($user["email"]) === true) {
return ACCOUNT_ALREADY_EXISTS_ERR . UPDATE_FAIL_ERR;
}
$newEmail = true;
}
if (updateUser($user_id, $user) === true) {
if ($newEmail === true) {
$code = updateCode($user_id);
if (is_string($code)) {
sendActivationMail($user["email"], $user_id, $code);
}
}
return true;
} else {
return false;
}
}
<?php
echo "</fieldset>";
}
?>
<?php
//IF FILL OUT FORM, GRAB INFORMATION
if (isset($_POST['formsubmitted'])) {
$name = $_POST['name'];
$email = $_POST['email'];
$pw1 = $_POST['pw1'];
$pw2 = $_POST['pw2'];
$membership = $_POST['membership'];
//echo "name is $name email is $email pw1 is $pw1 and pw2 is $pw2 membership is $membership <br/>";
connectToDB();
checkPasswords($pw1, $pw2);
checkEmail($email);
//handleform($name, $email, $pw1, $membership);
//new stuff
if (!strcmp($pw1, $pw2) && checkEmail($email) == 0) {
handleform($name, $email, $pw1, $membership);
echo "<br/>Thank you for your interest!";
}
}
?>
<?php
function checkPasswords($pw1, $pw2)
{
if (!strcmp($pw1, $pw2)) {
return $pw1;
$registro = !empty($_POST['registro']) ? test_input($_POST['registro']) : NULL;
$registro = $registro === 'true' ? true : NULL;
$login = !empty($_POST['login']) ? test_input($_POST['login']) : NULL;
$login = $login === 'true' ? true : NULL;
$logout = !empty($_POST['logout']) ? test_input($_POST['logout']) : NULL;
$logout = $logout === 'true' ? true : NULL;
$usu_nombre = !empty($_POST['username']) ? test_input($_POST['username']) : NULL;
$usu_correo = !empty($_POST['email']) ? test_input($_POST['email']) : NULL;
$usu_clave = !empty($_POST['password']) ? test_input($_POST['password']) : NULL;
$usu_clavev = !empty($_POST['passwordv']) ? test_input($_POST['passwordv']) : NULL;
$usu_rol = !empty($_POST['rol']) ? test_input($_POST['rol']) : NULL;
$db = new Database();
if ($registro) {
sleep(1.5);
if (!empty($usu_nombre) and !empty($usu_correo) and !empty($usu_clave) and !empty($usu_clavev) and !empty($usu_rol)) {
checkPasswords($usu_clave, $usu_clavev);
if (!empty(test_input($_FILES['picture']['name'])) and is_uploaded_file($_FILES['picture']['tmp_name']) || $_FILES['picture']['error'] === UPLOAD_ERR_OK) {
$imageFileType = pathinfo($_FILES['picture']['name'], PATHINFO_EXTENSION);
$target_file = $_FILES['picture']['name'];
// Check file size
if ($_FILES["picture"]["size"] > 6000000) {
header('HTTP/1.1 409 Conflict');
echo result_construct('error', 'imagen', 'Lo siento, el archivo recibido es demasiado grande.');
die;
}
// Check if image file is a actual image or fake image
$check = getimagesize($_FILES['picture']['tmp_name']);
if ($check === false) {
header('HTTP/1.1 409 Conflict');
echo result_construct('error', 'imagen', 'El archivo recibido no es una imagen - ' . $check["mime"] . '.');
die;
$error_login = "******";
$is_error = true;
}
if (iconv_strlen($password) < 3 || iconv_strlen($password) > 20) {
$error_password = "******";
$is_error = true;
}
if (iconv_strlen($password_r) < 3 || iconv_strlen($password_r) > 20) {
$error_password = "******";
$is_error = true;
}
if (iconv_strlen($email) < 4 || iconv_strlen($email) > 20) {
$error_email = "E-mail должен быть от 4-х символов";
$is_error = true;
}
$check_pass = checkPasswords($password, $password_r);
if (!$check_pass) {
$error_password = "******";
$is_error = true;
}
if ($is_error == false) {
$ip = $_SERVER["REMOTE_ADDR"];
$date = date('Y-m-d H:i:s');
$group = "Пользователь";
$salt = rand(324546, 679861);
$password = md5(md5($password) . md5($salt));
$new_user = new RegUser($login, $password, $salt, $group, $name, $last_name, $email, $ip, $date);
if ($new_user->checkLoginReg() == ERROR_CONNECT_DB || $new_user->checkLoginReg($login) == LOGIN_BUSY) {
$error_reg = $new_user->checkLoginReg();
} else {
if ($new_user->addUser()) {
function verifyData($names, $lengths, $insert)
{
$result = checkMandatoryFields($names, $lengths);
if ($result != "") {
return $result;
}
$result = checkFieldsLength($names, $lengths);
if ($result != "") {
return $result;
}
$result = checkSymbols($names, $lengths);
if ($result != "") {
return $result;
}
$result = checkAges();
if ($result != "") {
return $result;
}
$result = checkDates();
if ($result != "") {
return $result;
}
$result = checkPasswords();
if ($result != "") {
return $result;
}
}
