public static function register($username, $password, $firstName, $lastName, $email) { global $db; $username = $db->real_escape_string($username); $password = password_hash($db->real_escape_string($password), PASSWORD_BCRYPT, ['cost' => 12]); $firstName = $db->real_escape_string($firstName); $lastName = $db->real_escape_string($lastName); $email = $db->real_escape_string($email); if (validString([$username, $password, $firstName, $lastName, $email])) { if (!self::fieldValueExists('username', $username)) { $newUser = new User(); $newUser->username = $username; $newUser->password = $password; $newUser->firstName = $firstName; $newUser->lastName = $lastName; $newUser->email = $email; $newUser->type = 'user'; return $newUser; } } return false; }
<?php $root = './..'; require $root . '/../app/initialize.php'; $navSelect = $pageTitle = 'contact'; if (isset($_POST['send'])) { $name = trim($db->real_escape_string($_POST['name'])); $email = trim($db->real_escape_string($_POST['email'])); $msg = trim($db->real_escape_string($_POST['message'])); if (validString([$name, $email, $msg])) { $mail = SiteMail::write($name, $email, $msg); if ($mail && $mail->save()) { $session->message("Message sent successfully!"); redirect('index.php'); } else { $error = "Failed to send message."; } } else { $error = "Please fill out all fields."; } } else { $name = ""; $email = ""; $msg = ""; } ?> <?php includeFile('site/header.php'); ?>
<?php $root = './..'; require $root . '/../app/initialize.php'; if (isset($_POST['register'])) { $firstName = trim($_POST['firstName']); $lastName = trim($_POST['lastName']); $username = trim($_POST['username']); $password = trim($_POST['password']); $repassword = trim($_POST['repassword']); $email = trim($_POST['email']); if (validString([$firstName, $lastName, $username, $password, $repassword, $email])) { if ($password == $repassword) { $newUser = User::register($username, $password, $firstName, $lastName, $email); if ($newUser && $newUser->save()) { $session->message("You are registered and can now log in."); redirect('login.php'); } else { $error = "Failed to register {$username} to the database."; } } else { $error = "Passwords do not match."; } } else { $error = "Please fill out all fields."; } } else { $firstName = ""; $lastName = ""; $username = ""; $email = "";
function getAlerts() { global $message, $error; if (validString($message)) { echo "<p><span class='glyphicon glyphicon-ok-circle message-color' aria-hidden='true'></span> " . $message . "</p>"; } if (validString($error)) { echo "<p><span class='glyphicon glyphicon-remove-circle error-color' aria-hidden='true'></span> " . $error . "</p>"; } }
<?php $root = './../..'; require $root . '/../app/initialize.php'; $user = User::get(); if (isset($_POST['send'])) { $toID = 1; $msg = trim($db->real_escape_string($_POST['message'])); if (is_int($toID) && validString($msg)) { // Check if toID exists if (User::IDExists($toID)) { $mail = UserMail::write($toID, $msg); if ($mail && $mail->save()) { $session->message("Message sent!"); redirect('compose.php'); } else { $error = "Failed to send message."; } } else { $error = "Message not sent because user does not exists."; } } else { $error = "Please fill out all fields."; } } ?> <?php includeFile('site/header.php'); ?>
<?php $root = './../../..'; require $root . '/../app/initialize.php'; $pageTitle = 'New Blog Post'; $navSelect = 'blog'; $user = User::get('admin'); if (isset($_POST['post'])) { $title = trim($db->real_escape_string($_POST['title'])); $keywords = trim($db->real_escape_string($_POST['keywords'])); $article = trim($db->real_escape_string($_POST['article'])); if (validString([$title, $article])) { $post = Blog::post($title, $article, $keywords); if ($post && $post->save()) { $session->message("Posted to blog successfully!"); redirect('index.php'); } else { $error = "Failed posting to the blog."; } } else { $error = "Please fill out all fields."; } } else { $title = ""; $keywords = ""; $article = ""; } ?> <?php includeFile('site/header.php');
} else { if (!strcmp($action, "func")) { /* ACTION: Change state of the monitor. Parms: <mid><func><en> */ if (!canEdit('Monitors')) { logXmlErr("User " . $user['Username'] . " doesn't have monitors Edit perms"); exit; } if (!isset($_GET['mid']) || !isset($_GET['func']) || !isset($_GET['en'])) { logXmlErr("Not all parameters specified for action Monitor state"); exit; } $mid = validInteger($_GET['mid']); if (!isMonitor($mid)) { exit; } $url = "./index.php?view=none&action=function&mid=" . $mid . "&newFunction=" . validString($_GET['func']) . "&newEnabled=" . validString($_GET['en']); header("Location: " . $url); exit; } else { if (!strcmp($action, "vlog")) { /* ACTION: View log file. Must have debug and log to file enabled, and sufficient perms * Parms: [lines] */ if (!canEdit('System')) { logXmlErr("Insufficient permissions to view log file"); echo "Insufficient permissions to view log file"; exit; } if (!ZM_EYEZM_DEBUG || !ZM_EYEZM_LOG_TO_FILE) { echo "eyeZm Debug (EYEZM_DEBUG) or log-to-file (EYEZM_LOG_TO_FILE) not enabled. Please enable first"; exit; }
$lname = $_POST['lname']; } else { print "<p>Please enter a valid last name.</p>"; $isValid = false; } $email = ""; if (validString($_POST['email'])) { $email = $_POST['email']; } else { print "<p>Please enter a valid email.</p>"; $isValid = false; } */ $phonenumber = ""; if (validString($_POST['phonenumber'])) { $phonenumber = $_POST['phonenumber']; } else { print "<p>Please enter a valid phone number.</p>"; $isValid = false; } // check if apptype is valid $apptype = ""; if (isset($_POST['apptype']) and validAppType($_POST['apptype'])) { $apptype = $_POST['apptype']; } else { print "<p>Please select an application type.</p>"; $isValid = false; } // check if activities are valid $activitiesChosen[] = NULL;