/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <*****@*****.**> (2003-2009)
* @author Froxlor team <*****@*****.**> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function checkUsername($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
if (!isset($allnewfieldvalues['customer_mysqlprefix'])) {
$allnewfieldvalues['customer_mysqlprefix'] = Settings::Get('customer.mysqlprefix');
}
$returnvalue = array();
if (validateUsername($newfieldvalue, Settings::Get('panel.unix_names'), 14 - strlen($allnewfieldvalues['customer_mysqlprefix'])) === true) {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
} else {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'accountprefixiswrong');
}
return $returnvalue;
}
function UserSignUp()
{
if (isset($_POST['su-btn-submit'])) {
if (isset($_POST['email']) && isset($_POST['username']) && isset($_POST['password']) && isset($_POST['confirm-password']) && isset($_POST['tos-checkbox'])) {
//Get submitted values
$email = validateEmail($_POST['email']) ? 1 : 0;
$user = validateUsername($_POST['username']) ? 1 : 0;
$password = validatePassword($_POST['password']) ? 1 : 0;
$password_hash = password_hash($_POST['password'], PASSWORD_DEFAULT);
$cf_pass = password_verify($_POST['confirm-password'], $password_hash) ? 1 : 0;
$tos_cb = $_POST['tos-checkbox'] ? 1 : 0;
}
}
}
public function validate($retType)
{
parent::validate($retType);
copyArray($_POST, $fv, 'username');
if (validateUsername($fv['username']) == false) {
$rets[] = array('msg' => '<br/>Invalid username!', 'field' => 'username');
}
if (isset($rets)) {
if (isset($retType) && $retType == RT_JSON) {
return outputJson($rets);
} else {
return $rets;
}
}
}
/**
* Functions for checking & validating form
*/
function checkingFormAndSaveNewUser()
{
include_once 'validate.php';
if (isset($_POST['username']) && isset($_POST['email']) && isset($_POST['password']) && isset($_POST['confirm_password']) && isset($_POST['agree'])) {
$username = cleanInput($_POST['username']);
$email = cleanInput($_POST['email']);
$password = cleanInput($_POST['password']);
$confirm_password = cleanInput($_POST['confirm_password']);
$agree = $_POST['agree'];
if (validateUsername($username) == false) {
echo "Name should contain capitals and lower case, not less than 2 symbols";
exit;
}
$email = filter_var($email, FILTER_SANITIZE_EMAIL);
if (validateEmail($email) == false) {
echo "E-mail should be in the format of name@example.com";
exit;
}
if (validateLength($password, 6) == false) {
echo "Password should contain not less than 6 symbols";
exit;
}
if (validateConfirm($password, $confirm_password) == false) {
echo "Passwords do not match";
exit;
}
//$password_hash=password_hash($password, PASSWORD_DEFAULT); //PHP 5 >= 5.5.0
$password_hash = md5($password);
$dir_for_saved_users = "./user/";
if (!is_dir($dir_for_saved_users)) {
mkdir($dir_for_saved_users, 0777, true);
}
chmod('./user/', 0777);
$filename = $dir_for_saved_users . "user_info";
$new_user_info = $username . ":" . $email . ":" . $password_hash . "\n";
file_put_contents($filename, $new_user_info, FILE_APPEND);
//$_SESSION['name'] = $username;
echo "You have signed up successfully! <a href='index.php'>Log in</a>";
} else {
echo "All fields are required. Please fill in all the fields.";
exit;
}
}
function getDataErrors($data)
{
$messages = [];
if (empty($data['first_name']) || empty($data['last_name']) || empty($data['username']) || empty($data['password'])) {
$messages[] = 'Παρακαλούμε συμπληρώστε όλα τα πεδία';
return $messages;
}
if (!validateName($data['first_name'])) {
$messages[] = 'Το όνομα σας περιέχει μη επιτρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο γράμματα της αλφαβήτας';
}
if (!validateName($data['last_name'])) {
$messages[] = 'Το επώνυμό σας περιέχει μη επιτρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο γράμματα της αλφαβήτας';
}
if (!validateUsername($data['username'])) {
$messages[] = 'Το username σας περιέχει μη πετρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο λατινικούς χαρακτήρες και αριθμούς';
}
if (!validateEmail($data['email'])) {
$messages[] = 'Το e-mail σας δεν είναι έγκυρο. Παρακούμε εισάγετε ένα έγκυρο e-mail.';
}
if (!validatePassword($data['password'])) {
$messages[] = 'Μη επιτρεπτός κωδικός. Ο κωδικός σας πρέπει να περιλαμβάνει τουλάχιστον 8 ψηφία.';
}
return $messages;
}
function net2ftp_module_printBody()
{
// --------------
// This function prints the login screen
// --------------
// -------------------------------------------------------------------------
// Global variables
// -------------------------------------------------------------------------
global $net2ftp_settings, $net2ftp_globals, $net2ftp_messages, $net2ftp_result, $net2ftp_output;
if (isset($_POST["troubleshoot_ftpserver"]) == true) {
$troubleshoot_ftpserver = validateFtpserver($_POST["troubleshoot_ftpserver"]);
} else {
$troubleshoot_ftpserver = "";
}
if (isset($_POST["troubleshoot_ftpserverport"]) == true) {
$troubleshoot_ftpserverport = validateFtpserverport($_POST["troubleshoot_ftpserverport"]);
} else {
$troubleshoot_ftpserverport = "";
}
if (isset($_POST["troubleshoot_username"]) == true) {
$troubleshoot_username = validateUsername($_POST["troubleshoot_username"]);
} else {
$troubleshoot_username = "";
}
if (isset($_POST["troubleshoot_password"]) == true) {
$troubleshoot_password = validatePassword($_POST["troubleshoot_password"]);
} else {
$troubleshoot_password = "";
}
if (isset($_POST["troubleshoot_directory"]) == true) {
$troubleshoot_directory = validateDirectory($_POST["troubleshoot_directory"]);
} else {
$troubleshoot_directory = "";
}
if (isset($_POST["troubleshoot_passivemode"]) == true) {
$troubleshoot_passivemode = validatePassivemode($_POST["troubleshoot_passivemode"]);
} else {
$troubleshoot_passivemode = "";
}
$troubleshoot_ftpserver_html = htmlEncode2($troubleshoot_ftpserver);
$troubleshoot_ftpserverport_html = htmlEncode2($troubleshoot_ftpserverport);
$troubleshoot_username_html = htmlEncode2($troubleshoot_username);
$troubleshoot_directory_html = htmlEncode2($troubleshoot_directory);
$troubleshoot_passivemode_html = htmlEncode2($troubleshoot_passivemode);
// -------------------------------------------------------------------------
// Variables for all screens
// -------------------------------------------------------------------------
// Title
$title = __("Troubleshoot an FTP server");
// Form name
$formname = "AdvancedForm";
// -------------------------------------------------------------------------
// Variables for screen 1
// -------------------------------------------------------------------------
if ($net2ftp_globals["screen"] == 1) {
// Next screen
$nextscreen = 2;
// Back and forward buttons
$back_onclick = "document.forms['" . $formname . "'].state.value='advanced';document.forms['" . $formname . "'].screen.value='1';document.forms['" . $formname . "'].submit();";
$forward_onclick = "document.forms['" . $formname . "'].submit();";
} elseif ($net2ftp_globals["screen"] == 2) {
// Back and forward buttons
$back_onclick = "document.forms['" . $formname . "'].state.value='advanced_ftpserver'; document.forms['" . $formname . "'].submit();";
// Initial checks
if ($troubleshoot_passivemode != "yes") {
$troubleshoot_passivemode = "no";
}
// Connect
setStatus(1, 10, __("Connecting to the FTP server"));
$conn_id = ftp_connect("{$troubleshoot_ftpserver}", $troubleshoot_ftpserverport);
// Login with username and password
setStatus(2, 10, __("Logging into the FTP server"));
$ftp_login_result = ftp_login($conn_id, $troubleshoot_username, $troubleshoot_password);
// Passive mode
if ($troubleshoot_passivemode == "yes") {
setStatus(3, 10, __("Setting the passive mode"));
$ftp_pasv_result = ftp_pasv($conn_id, TRUE);
} else {
$ftp_pasv_result = true;
}
// Get the FTP system type
setStatus(4, 10, __("Getting the FTP system type"));
$ftp_systype_result = ftp_systype($conn_id);
// Change the directory
setStatus(5, 10, __("Changing the directory"));
$ftp_chdir_result = ftp_chdir($conn_id, $troubleshoot_directory);
// Get the current directory from the FTP server
setStatus(6, 10, __("Getting the current directory"));
$ftp_pwd_result = ftp_pwd($conn_id);
// Try to get a raw list
setStatus(7, 10, __("Getting the list of directories and files"));
$ftp_rawlist_result = ftp_rawlist($conn_id, "-a");
if (sizeof($ftp_rawlist_result) <= 1) {
$ftp_rawlist_result = ftp_rawlist($conn_id, "");
}
// Parse the list
setStatus(8, 10, __("Parsing the list of directories and files"));
for ($i = 0; $i < sizeof($ftp_rawlist_result); $i++) {
$parsedlist[$i] = ftp_scanline($troubleshoot_directory, $ftp_rawlist_result[$i]);
}
// end for
// Quiting; ftp_quit doesn't return a value
setStatus(9, 10, __("Logging out of the FTP server"));
ftp_quit($conn_id);
}
// end if
// -------------------------------------------------------------------------
// Print the output
// -------------------------------------------------------------------------
setStatus(10, 10, __("Printing the result"));
require_once $net2ftp_globals["application_skinsdir"] . "/" . $net2ftp_globals["skin"] . "/manage.template.php";
}
require 'emailConf.php';
include 'addUser.php';
include 'login.php';
include 'logout.php';
include 'activation.php';
include 'notConfirmed.php';
\Slim\Slim::registerAutoloader();
$app = new Slim\Slim();
// start it up and declare our routes
$app->get('/activate/:activation', 'activation');
$app->get('/notConfirmed/resend', 'nc_resendActivation');
$app->get('/notConfirmed/change/:email', 'nc_changeEmail');
$app->get('/notConfirmed/delete', 'nc_deleteAccount');
$app->post('/user/register/', 'addUser');
$app->post('/user/login/', 'login');
$app->get('/user/logout/', 'logOut');
$app->get('/user/register/validate/email', function () use($app) {
validateEmail($app->request()->get('email'));
});
$app->get('/user/register/validate/username', function () use($app) {
validateUsername($app->request()->get('username'));
});
$app->post('/user/resetPassword/set', function () use($app) {
include 'resetPassword.php';
resetPassword();
});
$app->post('/user/resetPassword/request', function () use($app) {
include 'resetPassword.php';
sendResetPassword();
});
$app->run();
</aside>
<section id="main_section"><!-- meet of the website-->
<div>
<h3>My Info</h3>
<div id="result" style="padding:5px; color:red">
<?php
if (isset($_POST['email'])) {
if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$result = $user->setEmail($_POST['email']);
echo $result;
} else {
echo "invalid email";
}
} else {
if (isset($_POST['username'])) {
if (validateUsername($_POST['username'])) {
//continue
$res = $user->setUsername($_POST['username']);
echo $res;
} else {
echo "Username already taken.";
}
} else {
if (isset($_POST['aboutMe'])) {
$res2 = $user->setAboutMe($_POST['aboutMe']);
echo $res2;
}
}
}
?>
</div>
<?php
require 'models/validation_functions.php';
if (!empty($_POST['value'])) {
switch ($_POST['field']) {
case 1:
$res = validateUsername($_POST['value']);
if (!$res) {
echo 'Το username σας περιέχει μη πετρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο λατινικούς χαρακτήρες και αριθμούς';
}
break;
case 2:
$res = validateName($_POST['value']);
if (!$res) {
echo 'Το όνομα σας περιέχει μη επιτρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο γράμματα της αλφαβήτας';
}
break;
case 3:
$res = validateName($_POST['value']);
if (!$res) {
echo 'Το επώνυμο σας περιέχει μη επιτρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο γράμματα της αλφαβήτας';
}
break;
case 4:
$res = validateEmail($_POST['value']);
if (!$res) {
echo 'Το e-mail σας δεν είναι έγκυρο. Παρακούμε εισάγετε ένα έγκυρο e-mail.';
}
break;
case 5:
$res = validatePassword($_POST['value']);
/**
* Generates a random password for a user and emails it to them.
* - called by Profile.php when changing someone's username.
* - checks the validity of the new username.
* - generates and sets a new password for the given user.
* - mails the new password to the email address of the user.
* - if username is not set, only a new password is generated and sent.
*
* @param int $memID
* @param string $username = null
*/
function resetPassword($memID, $username = null)
{
global $scripturl, $context, $txt, $sourcedir, $modSettings, $smcFunc, $language;
// Language... and a required file.
loadLanguage('Login');
require_once $sourcedir . '/Subs-Post.php';
// Get some important details.
$request = $smcFunc['db_query']('', '
SELECT member_name, email_address, lngfile
FROM {db_prefix}members
WHERE id_member = {int:id_member}', array('id_member' => $memID));
list($user, $email, $lngfile) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
if ($username !== null) {
$old_user = $user;
$user = trim($username);
}
// Generate a random password.
$newPassword = substr(preg_replace('/\\W/', '', md5(mt_rand())), 0, 10);
$newPassword_sha1 = sha1(strtolower($user) . $newPassword);
// Do some checks on the username if needed.
if ($username !== null) {
validateUsername($memID, $user);
// Update the database...
updateMemberData($memID, array('member_name' => $user, 'passwd' => $newPassword_sha1));
} else {
updateMemberData($memID, array('passwd' => $newPassword_sha1));
}
call_integration_hook('integrate_reset_pass', array($old_user, $user, $newPassword));
$replacements = array('USERNAME' => $user, 'PASSWORD' => $newPassword);
$emaildata = loadEmailTemplate('change_password', $replacements, empty($lngfile) || empty($modSettings['userLanguage']) ? $language : $lngfile);
// Send them the email informing them of the change - then we're done!
sendmail($email, $emaildata['subject'], $emaildata['body'], null, null, false, 0);
}
/**
* See if a username already exists.
*/
private function _registerCheckUsername()
{
global $context;
// This is XML!
loadTemplate('Xml');
$context['sub_template'] = 'check_username';
$context['checked_username'] = isset($_GET['username']) ? un_htmlspecialchars($_GET['username']) : '';
$context['valid_username'] = true;
// Clean it up like mother would.
$context['checked_username'] = preg_replace('~[\\t\\n\\r \\x0B\\0\\x{A0}\\x{AD}\\x{2000}-\\x{200F}\\x{201F}\\x{202F}\\x{3000}\\x{FEFF}]+~u', ' ', $context['checked_username']);
$errors = Error_Context::context('valid_username', 0);
require_once SUBSDIR . '/Auth.subs.php';
validateUsername(0, $context['checked_username'], 'valid_username', true, false);
$context['valid_username'] = !$errors->hasErrors();
}
<?php
require_once 'connect.php';
//flag used to represent successful registration and valid username
$isValidPassword = false;
$isValidUsername = false;
//make sure username isn't already being used
//set $isValid to false if username is not valid
$username = strip_tags($_POST['username']);
if (validateUsername($username, $link)) {
$isValidUsername = true;
}
//crypt password to create hash for safe DB storage
$salt = "X1K\$6B8";
$password1 = strip_tags($_POST['password1']);
$password2 = strip_tags($_POST['password2']);
$password1 = crypt($password1, $salt);
$password2 = crypt($password2, $salt);
//make sure passwords match
if (validatePasswords($password1, $password2)) {
$isValidPassword = true;
}
//If username is valid and passwords match - update database!
if ($isValidUsername && $isValidPassword) {
//collect user info
$firstName = strip_tags($_POST['firstName']);
$lastName = strip_tags($_POST['lastName']);
$street = strip_tags($_POST['street']);
$city = strip_tags($_POST['city']);
$state = strip_tags($_POST['state']);
$zip = strip_tags($_POST['zip']);
/**
* Generates a random password for a user and emails it to them.
*
* What it does:
* - called by ProfileOptions controller when changing someone's username.
* - checks the validity of the new username.
* - generates and sets a new password for the given user.
* - mails the new password to the email address of the user.
* - if username is not set, only a new password is generated and sent.
*
* @package Authorization
* @param int $memID
* @param string|null $username = null
*/
function resetPassword($memID, $username = null)
{
global $modSettings, $language, $user_info;
// Language... and a required file.
loadLanguage('Login');
require_once SUBSDIR . '/Mail.subs.php';
// Get some important details.
require_once SUBSDIR . '/Members.subs.php';
$result = getBasicMemberData($memID, array('preferences' => true));
$user = $result['member_name'];
$email = $result['email_address'];
$lngfile = $result['lngfile'];
if ($username !== null) {
$old_user = $user;
$user = trim($username);
}
// Generate a random password.
require_once EXTDIR . '/PasswordHash.php';
$t_hasher = new PasswordHash(8, false);
$newPassword = substr(preg_replace('/\\W/', '', md5(mt_rand())), 0, 10);
$newPassword_sha256 = hash('sha256', strtolower($user) . $newPassword);
$db_hash = $t_hasher->HashPassword($newPassword_sha256);
// Do some checks on the username if needed.
if ($username !== null) {
$errors = Error_Context::context('reset_pwd', 0);
validateUsername($memID, $user, 'reset_pwd');
// If there are "important" errors and you are not an admin: log the first error
// Otherwise grab all of them and don't log anything
$error_severity = $errors->hasErrors(1) && !$user_info['is_admin'] ? 1 : null;
foreach ($errors->prepareErrors($error_severity) as $error) {
fatal_error($error, $error_severity === null ? false : 'general');
}
// Update the database...
updateMemberData($memID, array('member_name' => $user, 'passwd' => $db_hash));
} else {
updateMemberData($memID, array('passwd' => $db_hash));
}
call_integration_hook('integrate_reset_pass', array($old_user, $user, $newPassword));
$replacements = array('USERNAME' => $user, 'PASSWORD' => $newPassword);
$emaildata = loadEmailTemplate('change_password', $replacements, empty($lngfile) || empty($modSettings['userLanguage']) ? $language : $lngfile);
// Send them the email informing them of the change - then we're done!
sendmail($email, $emaildata['subject'], $emaildata['body'], null, null, false, 0);
}
$accountnumber = intval($settings['system']['lastaccountnumber']);
$loginname = validate($_POST['loginname'], 'loginname', '/^[a-z0-9\\-_]+$/i');
// Accounts which match systemaccounts are not allowed, filtering them
if (preg_match('/^' . preg_quote($settings['customer']['accountprefix'], '/') . '([0-9]+)/', $loginname)) {
standard_error('loginnameissystemaccount', $settings['customer']['accountprefix']);
}
} else {
$accountnumber = intval($settings['system']['lastaccountnumber']) + 1;
$loginname = $settings['customer']['accountprefix'] . $accountnumber;
}
// Check if the account already exists
$loginname_check = $db->query_first("SELECT `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname` = '" . $db->escape($loginname) . "'");
$loginname_check_admin = $db->query_first("SELECT `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname` = '" . $db->escape($loginname) . "'");
if (strtolower($loginname_check['loginname']) == strtolower($loginname) || strtolower($loginname_check_admin['loginname']) == strtolower($loginname)) {
standard_error('loginnameexists', $loginname);
} elseif (!validateUsername($loginname, $settings['panel']['unix_names'], 14 - strlen($settings['customer']['mysqlprefix']))) {
standard_error('loginnameiswrong', $loginname);
}
$guid = intval($settings['system']['lastguid']) + 1;
$documentroot = makeCorrectDir($settings['system']['documentroot_prefix'] . '/' . $loginname);
if ($service_active == 1) {
$service_active = '1';
if (!isset($servicestart_date) || $servicestart_date == '0000-00-00') {
$servicestart_date = date('Y-m-d');
}
} else {
$service_active = '0';
$servicestart_date = '0000-00-00';
}
if ($calc_tax != '1') {
$calc_tax = '0';
function register($db)
{
//Primero obtenemos las entradas de la forma
$user = mysql_real_escape_string($_POST['user']);
//usamos un string absoluto para evitar sqlinjection
$password = sha1($_POST['password']);
//encriptamos el password
$rpassword = sha1($_POST['rpassword']);
//encriptamos la confirmación del password
//Ahora validamos, si la validación es correcta procedemos a ejecutar la inserción en la DB
if (validateInputs($user, $password, $rpassword)) {
//ya hemos validado los inputs, ahora comprobemos que el usuario este libre
if (!validateUsername($db, $user)) {
//ahora creamos nuestra query
$query = "INSERT INTO users(user,password) values('{$user}','{$password}')";
try {
$db->beginTransaction();
//iniciamos transacción DBO
$db->exec($query);
//ejecutamos la inserción de datos y el registro
$db->commit();
//terminamos la conexión exitosamente
echo "Registro completado\n su usuario:{$user} y su password:{$_POST['password']}" . "\n Entre <a href=\"bienvenido.php\">Aqui</a> para ir a la pagina de bienvenida";
} catch (Exception $e) {
$db->rollBack();
//Si falla la conexión, tiramos la conexión
echo "<p>Ocurrio un error, el registro no pudo ser completado</p>";
}
} else {
echo "<p>El nombre de usuario ya existe, por lo que no se pudo completar el registro.</p>";
}
} else {
echo "<p>Los datos de registro son invalidos, intente de nuevo.</p>";
$db = null;
die;
}
}
/**
* Registers a member to the forum.
*
* What it does:
* - Allows two types of interface: 'guest' and 'admin'. The first
* - includes hammering protection, the latter can perform the registration silently.
* - The strings used in the options array are assumed to be escaped.
* - Allows to perform several checks on the input, e.g. reserved names.
* - The function will adjust member statistics.
* - If an error is detected will fatal error on all errors unless return_errors is true.
*
* @package Members
* @uses Auth.subs.php
* @uses Mail.subs.php
* @param mixed[] $regOptions
* @param string $error_context
* @return integer the ID of the newly created member
*/
function registerMember(&$regOptions, $error_context = 'register')
{
global $scripturl, $txt, $modSettings, $user_info;
$db = database();
loadLanguage('Login');
// We'll need some external functions.
require_once SUBSDIR . '/Auth.subs.php';
require_once SUBSDIR . '/Mail.subs.php';
// Put any errors in here.
$reg_errors = Error_Context::context($error_context, 0);
// Registration from the admin center, let them sweat a little more.
if ($regOptions['interface'] == 'admin') {
is_not_guest();
isAllowedTo('moderate_forum');
} elseif ($regOptions['interface'] == 'guest') {
// You cannot register twice...
if (empty($user_info['is_guest'])) {
redirectexit();
}
// Make sure they didn't just register with this session.
if (!empty($_SESSION['just_registered']) && empty($modSettings['disableRegisterCheck'])) {
fatal_lang_error('register_only_once', false);
}
}
// What method of authorization are we going to use?
if (empty($regOptions['auth_method']) || !in_array($regOptions['auth_method'], array('password', 'openid'))) {
if (!empty($regOptions['openid'])) {
$regOptions['auth_method'] = 'openid';
} else {
$regOptions['auth_method'] = 'password';
}
}
// Spaces and other odd characters are evil...
$regOptions['username'] = trim(preg_replace('~[\\t\\n\\r \\x0B\\0\\x{A0}\\x{AD}\\x{2000}-\\x{200F}\\x{201F}\\x{202F}\\x{3000}\\x{FEFF}]+~u', ' ', $regOptions['username']));
// Valid emails only
require_once SUBSDIR . '/DataValidator.class.php';
if (!Data_Validator::is_valid($regOptions, array('email' => 'valid_email|required|max_length[255]'), array('email' => 'trim'))) {
$reg_errors->addError('bad_email');
}
validateUsername(0, $regOptions['username'], $error_context, !empty($regOptions['check_reserved_name']));
// Generate a validation code if it's supposed to be emailed.
$validation_code = '';
if ($regOptions['require'] == 'activation') {
$validation_code = generateValidationCode();
}
// If you haven't put in a password generate one.
if ($regOptions['interface'] == 'admin' && $regOptions['password'] == '' && $regOptions['auth_method'] == 'password') {
mt_srand(time() + 1277);
$regOptions['password'] = generateValidationCode();
$regOptions['password_check'] = $regOptions['password'];
} elseif ($regOptions['password'] != $regOptions['password_check'] && $regOptions['auth_method'] == 'password') {
$reg_errors->addError('passwords_dont_match');
}
// That's kind of easy to guess...
if ($regOptions['password'] == '') {
if ($regOptions['auth_method'] == 'password') {
$reg_errors->addError('no_password');
} else {
$regOptions['password'] = sha1(mt_rand());
}
}
// Now perform hard password validation as required.
if (!empty($regOptions['check_password_strength']) && $regOptions['password'] != '') {
$passwordError = validatePassword($regOptions['password'], $regOptions['username'], array($regOptions['email']));
// Password isn't legal?
if ($passwordError != null) {
$reg_errors->addError('profile_error_password_' . $passwordError);
}
}
// You may not be allowed to register this email.
if (!empty($regOptions['check_email_ban'])) {
isBannedEmail($regOptions['email'], 'cannot_register', $txt['ban_register_prohibited']);
}
// Check if the email address is in use.
$request = $db->query('', '
SELECT id_member
FROM {db_prefix}members
WHERE email_address = {string:email_address}
OR email_address = {string:username}
LIMIT 1', array('email_address' => $regOptions['email'], 'username' => $regOptions['username']));
if ($db->num_rows($request) != 0) {
$reg_errors->addError(array('email_in_use', array(htmlspecialchars($regOptions['email'], ENT_COMPAT, 'UTF-8'))));
}
$db->free_result($request);
// Perhaps someone else wants to check this user
call_integration_hook('integrate_register_check', array(&$regOptions, &$reg_errors));
// If there's any errors left return them at once!
if ($reg_errors->hasErrors()) {
return false;
}
$reservedVars = array('actual_theme_url', 'actual_images_url', 'base_theme_dir', 'base_theme_url', 'default_images_url', 'default_theme_dir', 'default_theme_url', 'default_template', 'images_url', 'number_recent_posts', 'smiley_sets_default', 'theme_dir', 'theme_id', 'theme_layers', 'theme_templates', 'theme_url');
// Can't change reserved vars.
if (isset($regOptions['theme_vars']) && count(array_intersect(array_keys($regOptions['theme_vars']), $reservedVars)) != 0) {
fatal_lang_error('no_theme');
}
// New password hash
require_once SUBSDIR . '/Auth.subs.php';
// Some of these might be overwritten. (the lower ones that are in the arrays below.)
$regOptions['register_vars'] = array('member_name' => $regOptions['username'], 'email_address' => $regOptions['email'], 'passwd' => validateLoginPassword($regOptions['password'], '', $regOptions['username'], true), 'password_salt' => substr(md5(mt_rand()), 0, 4), 'posts' => 0, 'date_registered' => !empty($regOptions['time']) ? $regOptions['time'] : time(), 'member_ip' => $regOptions['interface'] == 'admin' ? '127.0.0.1' : $regOptions['ip'], 'member_ip2' => $regOptions['interface'] == 'admin' ? '127.0.0.1' : $regOptions['ip2'], 'validation_code' => $validation_code, 'real_name' => $regOptions['username'], 'personal_text' => $modSettings['default_personal_text'], 'pm_email_notify' => 1, 'id_theme' => 0, 'id_post_group' => 4, 'lngfile' => '', 'buddy_list' => '', 'pm_ignore_list' => '', 'message_labels' => '', 'website_title' => '', 'website_url' => '', 'location' => '', 'time_format' => '', 'signature' => '', 'avatar' => '', 'usertitle' => '', 'secret_question' => '', 'secret_answer' => '', 'additional_groups' => '', 'ignore_boards' => '', 'smiley_set' => '', 'openid_uri' => !empty($regOptions['openid']) ? $regOptions['openid'] : '');
// Setup the activation status on this new account so it is correct - firstly is it an under age account?
if ($regOptions['require'] == 'coppa') {
$regOptions['register_vars']['is_activated'] = 5;
// @todo This should be changed. To what should be it be changed??
$regOptions['register_vars']['validation_code'] = '';
} elseif ($regOptions['require'] == 'nothing') {
$regOptions['register_vars']['is_activated'] = 1;
} elseif ($regOptions['require'] == 'activation') {
$regOptions['register_vars']['is_activated'] = 0;
} else {
$regOptions['register_vars']['is_activated'] = 3;
}
if (isset($regOptions['memberGroup'])) {
// Make sure the id_group will be valid, if this is an administator.
$regOptions['register_vars']['id_group'] = $regOptions['memberGroup'] == 1 && !allowedTo('admin_forum') ? 0 : $regOptions['memberGroup'];
// Check if this group is assignable.
$unassignableGroups = array(-1, 3);
$request = $db->query('', '
SELECT id_group
FROM {db_prefix}membergroups
WHERE min_posts != {int:min_posts}' . (allowedTo('admin_forum') ? '' : '
OR group_type = {int:is_protected}'), array('min_posts' => -1, 'is_protected' => 1));
while ($row = $db->fetch_assoc($request)) {
$unassignableGroups[] = $row['id_group'];
}
$db->free_result($request);
if (in_array($regOptions['register_vars']['id_group'], $unassignableGroups)) {
$regOptions['register_vars']['id_group'] = 0;
}
}
// Integrate optional member settings to be set.
if (!empty($regOptions['extra_register_vars'])) {
foreach ($regOptions['extra_register_vars'] as $var => $value) {
$regOptions['register_vars'][$var] = $value;
}
}
// Integrate optional user theme options to be set.
$theme_vars = array();
if (!empty($regOptions['theme_vars'])) {
foreach ($regOptions['theme_vars'] as $var => $value) {
$theme_vars[$var] = $value;
}
}
// Right, now let's prepare for insertion.
$knownInts = array('date_registered', 'posts', 'id_group', 'last_login', 'personal_messages', 'unread_messages', 'notifications', 'new_pm', 'pm_prefs', 'gender', 'hide_email', 'show_online', 'pm_email_notify', 'karma_good', 'karma_bad', 'notify_announcements', 'notify_send_body', 'notify_regularity', 'notify_types', 'id_theme', 'is_activated', 'id_msg_last_visit', 'id_post_group', 'total_time_logged_in', 'warning');
$knownFloats = array('time_offset');
// Call an optional function to validate the users' input.
call_integration_hook('integrate_register', array(&$regOptions, &$theme_vars, &$knownInts, &$knownFloats));
$column_names = array();
$values = array();
foreach ($regOptions['register_vars'] as $var => $val) {
$type = 'string';
if (in_array($var, $knownInts)) {
$type = 'int';
} elseif (in_array($var, $knownFloats)) {
$type = 'float';
} elseif ($var == 'birthdate') {
$type = 'date';
}
$column_names[$var] = $type;
$values[$var] = $val;
}
// Register them into the database.
$db->insert('', '{db_prefix}members', $column_names, $values, array('id_member'));
$memberID = $db->insert_id('{db_prefix}members', 'id_member');
// Update the number of members and latest member's info - and pass the name, but remove the 's.
if ($regOptions['register_vars']['is_activated'] == 1) {
updateMemberStats($memberID, $regOptions['register_vars']['real_name']);
} else {
updateMemberStats();
}
// Theme variables too?
if (!empty($theme_vars)) {
$inserts = array();
foreach ($theme_vars as $var => $val) {
$inserts[] = array($memberID, $var, $val);
}
$db->insert('insert', '{db_prefix}themes', array('id_member' => 'int', 'variable' => 'string-255', 'value' => 'string-65534'), $inserts, array('id_member', 'variable'));
}
// If it's enabled, increase the registrations for today.
trackStats(array('registers' => '+'));
// Administrative registrations are a bit different...
if ($regOptions['interface'] == 'admin') {
if ($regOptions['require'] == 'activation') {
$email_message = 'admin_register_activate';
} elseif (!empty($regOptions['send_welcome_email'])) {
$email_message = 'admin_register_immediate';
}
if (isset($email_message)) {
$replacements = array('REALNAME' => $regOptions['register_vars']['real_name'], 'USERNAME' => $regOptions['username'], 'PASSWORD' => $regOptions['password'], 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder', 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $memberID . ';code=' . $validation_code, 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $memberID, 'ACTIVATIONCODE' => $validation_code);
$emaildata = loadEmailTemplate($email_message, $replacements);
sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
}
} else {
// Can post straight away - welcome them to your fantastic community...
if ($regOptions['require'] == 'nothing') {
if (!empty($regOptions['send_welcome_email'])) {
$replacements = array('REALNAME' => $regOptions['register_vars']['real_name'], 'USERNAME' => $regOptions['username'], 'PASSWORD' => $regOptions['password'], 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder', 'OPENID' => !empty($regOptions['openid']) ? $regOptions['openid'] : '');
$emaildata = loadEmailTemplate('register_' . ($regOptions['auth_method'] == 'openid' ? 'openid_' : '') . 'immediate', $replacements);
sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
}
// Send admin their notification.
require_once SUBSDIR . '/Notification.subs.php';
sendAdminNotifications('standard', $memberID, $regOptions['username']);
} elseif ($regOptions['require'] == 'activation' || $regOptions['require'] == 'coppa') {
$replacements = array('REALNAME' => $regOptions['register_vars']['real_name'], 'USERNAME' => $regOptions['username'], 'PASSWORD' => $regOptions['password'], 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder', 'OPENID' => !empty($regOptions['openid']) ? $regOptions['openid'] : '');
if ($regOptions['require'] == 'activation') {
$replacements += array('ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $memberID . ';code=' . $validation_code, 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $memberID, 'ACTIVATIONCODE' => $validation_code);
} else {
$replacements += array('COPPALINK' => $scripturl . '?action=coppa;u=' . $memberID);
}
$emaildata = loadEmailTemplate('register_' . ($regOptions['auth_method'] == 'openid' ? 'openid_' : '') . ($regOptions['require'] == 'activation' ? 'activate' : 'coppa'), $replacements);
sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
} else {
$replacements = array('REALNAME' => $regOptions['register_vars']['real_name'], 'USERNAME' => $regOptions['username'], 'PASSWORD' => $regOptions['password'], 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder', 'OPENID' => !empty($regOptions['openid']) ? $regOptions['openid'] : '');
$emaildata = loadEmailTemplate('register_' . ($regOptions['auth_method'] == 'openid' ? 'openid_' : '') . 'pending', $replacements);
sendmail($regOptions['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
// Admin gets informed here...
require_once SUBSDIR . '/Notification.subs.php';
sendAdminNotifications('approval', $memberID, $regOptions['username']);
}
// Okay, they're for sure registered... make sure the session is aware of this for security. (Just married :P!)
$_SESSION['just_registered'] = 1;
}
// If they are for sure registered, let other people to know about it
call_integration_hook('integrate_register_after', array($regOptions, $memberID));
return $memberID;
}
<?php
session_start();
require_once "php/database.php";
require_once "php/validation.php";
require_once "php/security.php";
require_once "php/storedprocedures.php";
require_once "php/error.php";
$db = connectToDatabase();
if ($db) {
$username = $_POST["username"];
$displayName = $_POST["displayname"];
$rawPassword = $_POST["password"];
$usernameValid = validateUsername($username);
$displaynameValid = validateDisplayname($displayName);
$passwordValid = validatePassword($rawPassword);
if ($usernameValid && $displaynameValid && $passwordValid) {
$hashedPass = hashPassword($rawPassword);
$salt = substr($hashedPass, 7, 22);
$results = registerUser($db, $username, $hashedPass, $salt, $displayName);
switch ($results[SP::ERROR]) {
case ERR::OK:
// It worked, try to log in.
$results = login($db, $username, $hashedPass);
switch ($results[SP::ERROR]) {
case ERR::OK:
$_SESSION['token'] = $results[SP::TOKEN];
$_SESSION['id'] = $results[USER::ID];
$_SESSION['permission'] = $results[PERMISSION::LEVEL];
// Give them a default avatar
copy("avatar/default.jpg", "avatar/" . $results[USER::ID] . ".jpg");
function net2ftp_module_printBody()
{
// --------------
// This function prints the login screen
// --------------
// -------------------------------------------------------------------------
// Global variables
// -------------------------------------------------------------------------
global $net2ftp_settings, $net2ftp_globals, $net2ftp_messages, $net2ftp_result;
if (isset($_POST["input_admin_username"]) == true) {
$input_admin_username = htmlEncode2(validateGenericInput($_POST["input_admin_username"]));
} else {
$input_admin_username = "";
}
if (isset($_POST["input_admin_password"]) == true) {
$input_admin_password = htmlEncode2(validateGenericInput($_POST["input_admin_password"]));
} else {
$input_admin_password = "";
}
if (isset($_POST["dbusername2"]) == true) {
$dbusername2 = validateUsername($_POST["dbusername2"]);
} else {
$dbusername2 = "";
}
if (isset($_POST["dbpassword2"]) == true) {
$dbpassword2 = validatePassword($_POST["dbpassword2"]);
} else {
$dbpassword2 = "";
}
if (isset($_POST["dbname2"]) == true) {
$dbname2 = validateGenericInput($_POST["dbname2"]);
} else {
$dbname2 = "";
}
if (isset($_POST["dbserver2"]) == true) {
$dbserver2 = validateGenericInput($_POST["dbserver2"]);
} else {
$dbserver2 = "";
}
$dbusername2_html = htmlEncode2($dbusername2);
$dbpassword2_html = htmlEncode2($dbpassword2);
$dbname2_html = htmlEncode2($dbname2);
$dbserver2_html = htmlEncode2($dbserver2);
if ($dbserver2 == "") {
$dbserver2 = "localhost";
}
// -------------------------------------------------------------------------
// Variables for all screens
// -------------------------------------------------------------------------
// Output variable
$net2ftp_output["admin_createtables"][] = "";
// Title
$title = __("Admin functions");
// Form name
$formname = "AdminForm";
// Read the SQL file
$filename = glueDirectories($net2ftp_globals["application_rootdir"], "create_tables.sql");
$handle = fopen($filename, "rb");
// Open the file for reading only
if ($handle == false) {
$net2ftp_output["admin_createtables"][] = __("The handle of file %1\$s could not be opened.", $filename);
}
clearstatcache();
// for filesize
$sqlquerystring = fread($handle, filesize($filename));
if ($sqlquerystring == false) {
$net2ftp_output["admin_createtables"][] = __("The file %1\$s could not be opened.", $filename);
}
$result1 = fclose($handle);
if ($result1 == false) {
$net2ftp_output["admin_createtables"][] = __("The handle of file %1\$s could not be closed.", $filename);
}
// Split the SQL file in individual queries
$sqlquerypieces = explode("\n", $sqlquerystring);
// -------------------------------------------------------------------------
// Variables for screen 1
// -------------------------------------------------------------------------
if ($net2ftp_globals["screen"] == 1) {
// Next screen
$nextscreen = 2;
// Back and forward buttons
$back_onclick = "document.forms['" . $formname . "'].state.value='admin';document.forms['" . $formname . "'].screen.value='1';document.forms['" . $formname . "'].submit();";
$forward_onclick = "document.forms['" . $formname . "'].submit();";
} elseif ($net2ftp_globals["screen"] == 2) {
// Next screen
$nextscreen = 1;
// Back and forward buttons
$back_onclick = "document.forms['" . $formname . "'].state.value='admin';document.forms['" . $formname . "'].screen.value='1';document.forms['" . $formname . "'].submit();";
$dbpassword2_length = strlen($dbpassword2);
// ------------------------------------
// Connect
// ------------------------------------
$mydb = mysql_connect($dbserver2, $dbusername2, $dbpassword2);
if ($mydb == false) {
$net2ftp_output["admin_createtables"][] = __("The connection to the server <b>%1\$s</b> could not be set up. Please check the database settings you've entered.", $dbserver2_html) . "\n";
}
// ------------------------------------
// Select
// ------------------------------------
if ($mydb != false) {
$mysql_select_db_result = mysql_select_db($dbname2);
if ($mysql_select_db_result == false) {
$net2ftp_output["admin_createtables"][] = __("Unable to select the database <b>%1\$s</b>.", $dbserver2_html) . "\n";
}
}
// ------------------------------------
// Query
// ------------------------------------
if ($mydb != false && $mysql_select_db_result != false) {
for ($i = 0; $i < sizeof($sqlquerypieces); $i++) {
$mysql_query_results[$i] = mysql_query($sqlquerypieces[$i]);
if ($mysql_query_results[$i] == false) {
$net2ftp_output["admin_createtables"][] = __("The SQL query nr <b>%1\$s</b> could not be executed.", $i + 1) . "\n";
} else {
$net2ftp_output["admin_createtables"][] = __("The SQL query nr <b>%1\$s</b> was executed successfully.", $i + 1) . "\n";
}
}
}
}
// end elseif
// -------------------------------------------------------------------------
// Print the output
// -------------------------------------------------------------------------
require_once $net2ftp_globals["application_skinsdir"] . "/" . $net2ftp_globals["skin"] . "/manage.template.php";
}
function net2ftp_module_printBody()
{
// --------------
// This function prints the copy/move/delete screen
// --------------
// -------------------------------------------------------------------------
// Global variables
// -------------------------------------------------------------------------
global $net2ftp_settings, $net2ftp_globals, $net2ftp_messages, $net2ftp_result, $net2ftp_output;
if (isset($_POST["list"]) == true) {
$list = getSelectedEntries($_POST["list"]);
} else {
$list = "";
}
if (isset($_POST["ftpserver2"]) == true) {
$net2ftp_globals["ftpserver2"] = validateFtpserver($_POST["ftpserver2"]);
} else {
$net2ftp_globals["ftpserver2"] = "";
}
if (isset($_POST["ftpserverport2"]) == true) {
$net2ftp_globals["ftpserverport2"] = validateFtpserverport($_POST["ftpserverport2"]);
} else {
$net2ftp_globals["ftpserverport2"] = "";
}
if (isset($_POST["username2"]) == true) {
$net2ftp_globals["username2"] = validateUsername($_POST["username2"]);
} else {
$net2ftp_globals["username2"] = "";
}
if (isset($_POST["password2"]) == true) {
$net2ftp_globals["password2"] = validatePassword($_POST["password2"]);
} else {
$net2ftp_globals["password2"] = "";
}
// -------------------------------------------------------------------------
// Variables for all screens
// -------------------------------------------------------------------------
// Title
if ($net2ftp_globals["state2"] == "copy") {
$title = __("Copy directories and files");
} elseif ($net2ftp_globals["state2"] == "move") {
$title = __("Move directories and files");
} elseif ($net2ftp_globals["state2"] == "delete") {
$title = __("Delete directories and files");
}
// Form name, back and forward buttons
$formname = "CopyMoveDeleteForm";
$back_onclick = "document.forms['" . $formname . "'].state.value='browse';document.forms['" . $formname . "'].state2.value='main';document.forms['" . $formname . "'].submit();";
$forward_onclick = "document.forms['" . $formname . "'].submit();";
// -------------------------------------------------------------------------
// Variables for screen 1
// -------------------------------------------------------------------------
if ($net2ftp_globals["screen"] == 1) {
// Next screen
$nextscreen = 2;
} elseif ($net2ftp_globals["screen"] == 2) {
// ---------------------------------------
// Open connection to the source server
// ---------------------------------------
setStatus(2, 10, __("Connecting to the FTP server"));
$conn_id_source = ftp_openconnection();
if ($net2ftp_result["success"] == false) {
return false;
}
// ---------------------------------------
// Open connection to the target server, if it is different from the source server, or if the username
// is different (different users may have different authorizations on the same FTP server)
// ---------------------------------------
if (($net2ftp_globals["ftpserver2"] != "" || $net2ftp_globals["username2"] != "") && ($net2ftp_globals["ftpserver2"] != $net2ftp_globals["ftpserver"] || $net2ftp_globals["username2"] != $net2ftp_globals["username"])) {
$conn_id_target = ftp_openconnection2();
// Note: ftp_openconnection2 cleans the input values
if ($net2ftp_result["success"] == false) {
return false;
}
} else {
$conn_id_target = $conn_id_source;
}
// ---------------------------------------
// Copy, move or delete the files and directories
// ---------------------------------------
ftp_copymovedelete($conn_id_source, $conn_id_target, $list, $net2ftp_globals["state2"], 0);
// ---------------------------------------
// Close the connection to the source server
// ---------------------------------------
ftp_closeconnection($conn_id_source);
// ---------------------------------------
// Close the connection to the target server, if it is different from the source server
// ---------------------------------------
if ($conn_id_source != $conn_id_target) {
ftp_closeconnection($conn_id_target);
}
}
// end elseif
// -------------------------------------------------------------------------
// Print the output
// -------------------------------------------------------------------------
require_once $net2ftp_globals["application_skinsdir"] . "/" . $net2ftp_globals["skin"] . "/manage.template.php";
}
function loadProfileFields($force_reload = false)
{
global $context, $profile_fields, $txt, $scripturl, $modSettings, $user_info, $old_profile, $smcFunc, $cur_profile, $language;
// Don't load this twice!
if (!empty($profile_fields) && !$force_reload) {
return;
}
/* This horrific array defines all the profile fields in the whole world!
In general each "field" has one array - the key of which is the database column name associated with said field. Each item
can have the following attributes:
string $type: The type of field this is - valid types are:
- callback: This is a field which has its own callback mechanism for templating.
- check: A simple checkbox.
- hidden: This doesn't have any visual aspects but may have some validity.
- password: A password box.
- select: A select box.
- text: A string of some description.
string $label: The label for this item - default will be $txt[$key] if this isn't set.
string $subtext: The subtext (Small label) for this item.
int $size: Optional size for a text area.
array $input_attr: An array of text strings to be added to the input box for this item.
string $value: The value of the item. If not set $cur_profile[$key] is assumed.
string $permission: Permission required for this item (Excluded _any/_own subfix which is applied automatically).
function $input_validate: A runtime function which validates the element before going to the database. It is passed
the relevant $_POST element if it exists and should be treated like a reference.
Return types:
- true: Element can be stored.
- false: Skip this element.
- a text string: An error occured - this is the error message.
function $preload: A function that is used to load data required for this element to be displayed. Must return
true to be displayed at all.
string $cast_type: If set casts the element to a certain type. Valid types (bool, int, float).
string $save_key: If the index of this element isn't the database column name it can be overriden
with this string.
bool $is_dummy: If set then nothing is acted upon for this element.
bool $enabled: A test to determine whether this is even available - if not is unset.
string $link_with: Key which links this field to an overall set.
Note that all elements that have a custom input_validate must ensure they set the value of $cur_profile correct to enable
the changes to be displayed correctly on submit of the form.
*/
$profile_fields = array('avatar_choice' => array('type' => 'callback_template', 'callback_name' => 'profile/avatar_select', 'preload' => 'profileLoadAvatarData', 'input_validate' => 'profileSaveAvatarData', 'save_key' => 'avatar'), 'bday1' => array('type' => 'callback_template', 'callback_name' => 'profile/birthdate_select', 'permission' => 'profile_extra', 'preload' => function () {
global $cur_profile, $context;
// Split up the birthdate....
list($uyear, $umonth, $uday) = explode('-', empty($cur_profile['birthdate']) || $cur_profile['birthdate'] == '0001-01-01' ? '0000-00-00' : $cur_profile['birthdate']);
$context['member']['birth_date'] = array('year' => $uyear == '0004' ? '0000' : $uyear, 'month' => $umonth, 'day' => $uday);
return true;
}, 'input_validate' => function (&$value) {
global $profile_vars, $cur_profile;
if (isset($_POST['bday2'], $_POST['bday3']) && $value > 0 && $_POST['bday2'] > 0) {
// Set to blank?
if ((int) $_POST['bday3'] == 1 && (int) $_POST['bday2'] == 1 && (int) $value == 1) {
$value = '0001-01-01';
} else {
$value = checkdate($value, $_POST['bday2'], $_POST['bday3'] < 4 ? 4 : $_POST['bday3']) ? sprintf('%04d-%02d-%02d', $_POST['bday3'] < 4 ? 4 : $_POST['bday3'], $_POST['bday1'], $_POST['bday2']) : '0001-01-01';
}
} else {
$value = '0001-01-01';
}
$profile_vars['birthdate'] = $value;
$cur_profile['birthdate'] = $value;
return false;
}), 'birthdate' => array('type' => 'hidden', 'permission' => 'profile_extra', 'input_validate' => function (&$value) {
global $cur_profile;
// !!! Should we check for this year and tell them they made a mistake :P? (based on coppa at least?)
if (preg_match('/(\\d{4})[\\-\\., ](\\d{2})[\\-\\., ](\\d{2})/', $value, $dates) === 1) {
$value = checkdate($dates[2], $dates[3], $dates[1] < 4 ? 4 : $dates[1]) ? sprintf('%04d-%02d-%02d', $dates[1] < 4 ? 4 : $dates[1], $dates[2], $dates[3]) : '0001-01-01';
return true;
} else {
$value = empty($cur_profile['birthdate']) ? '0001-01-01' : $cur_profile['birthdate'];
return false;
}
}), 'date_registered' => array('type' => 'text', 'value' => empty($cur_profile['date_registered']) ? $txt['not_applicable'] : strftime('%Y-%m-%d', $cur_profile['date_registered'] + ($user_info['time_offset'] + $modSettings['time_offset']) * 3600), 'label' => $txt['date_registered'], 'log_change' => true, 'permission' => 'moderate_forum', 'input_validate' => function (&$value) {
global $txt, $user_info, $modSettings, $cur_profile, $context;
// Bad date! Go try again - please?
if (($value = strtotime($value)) === -1) {
$value = $cur_profile['date_registered'];
return $txt['invalid_registration'] . ' ' . strftime('%d %b %Y ' . (strpos($user_info['time_format'], '%H') !== false ? '%I:%M:%S %p' : '%H:%M:%S'), forum_time(false));
} elseif ($value != $txt['not_applicable'] && $value != strtotime(strftime('%Y-%m-%d', $cur_profile['date_registered'] + ($user_info['time_offset'] + $modSettings['time_offset']) * 3600))) {
$value = $value - ($user_info['time_offset'] + $modSettings['time_offset']) * 3600;
} else {
$value = $cur_profile['date_registered'];
}
return true;
}), 'email_address' => array('type' => 'text', 'label' => $txt['email'], 'subtext' => $txt['valid_email'], 'log_change' => true, 'permission' => 'profile_identity', 'input_validate' => function (&$value) {
global $context, $old_profile, $context, $profile_vars, $sourcedir, $modSettings;
if (strtolower($value) == strtolower($old_profile['email_address'])) {
return false;
}
$isValid = profileValidateEmail($value, $context['id_member']);
// Do they need to revalidate? If so schedule the function!
if ($isValid === true && !empty($modSettings['send_validation_onChange']) && !allowedTo('moderate_forum')) {
require_once $sourcedir . '/lib/Subs-Members.php';
$profile_vars['validation_code'] = generateValidationCode();
$profile_vars['is_activated'] = 2;
$context['profile_execute_on_save'][] = 'profileSendActivation';
unset($context['profile_execute_on_save']['reload_user']);
}
return $isValid;
}), 'gender' => array('type' => 'select', 'cast_type' => 'int', 'options' => 'return array(0 => \'\', 1 => $txt[\'male\'], 2 => $txt[\'female\']);', 'label' => $txt['gender'], 'permission' => 'profile_extra'), 'hide_email' => array('type' => 'check', 'value' => empty($cur_profile['hide_email']) ? true : false, 'label' => $txt['allow_user_email'], 'permission' => 'profile_identity', 'input_validate' => function (&$value) {
$value = $value == 0 ? 1 : 0;
return true;
}), 'id_group' => array('type' => 'callback_template', 'callback_name' => 'profile/group_manage', 'permission' => 'manage_membergroups', 'preload' => 'profileLoadGroups', 'log_change' => true, 'input_validate' => 'profileSaveGroups'), 'id_theme' => array('type' => 'callback_template', 'callback_name' => 'profile/theme_pick', 'permission' => 'profile_extra', 'enabled' => $modSettings['theme_allow'] || allowedTo('admin_forum'), 'preload' => function () {
global $context, $cur_profile, $txt;
$request = smf_db_query('SELECT value
FROM {db_prefix}themes
WHERE id_theme = {int:id_theme}
AND variable = {string:variable}
LIMIT 1', array('id_theme' => $cur_profile['id_theme'], 'variable' => 'name'));
list($name) = mysql_fetch_row($request);
mysql_free_result($request);
$context['member']['theme'] = array('id' => $cur_profile['id_theme'], 'name' => empty($cur_profile['id_theme']) ? $txt['theme_forum_default'] : $name);
return true;
}, 'input_validate' => function (&$value) {
$value = (int) $value;
return true;
}), 'karma_good' => array('type' => 'callback_template', 'callback_name' => 'profile/reputation_display', 'permission' => 'admin_forum', 'input_validate' => function (&$value) {
global $profile_vars, $cur_profile;
$value = (int) $value;
if (isset($_POST['karma_bad'])) {
$profile_vars['karma_bad'] = $_POST['karma_bad'] != '' ? (int) $_POST['karma_bad'] : 0;
$cur_profile['karma_bad'] = $_POST['karma_bad'] != '' ? (int) $_POST['karma_bad'] : 0;
}
return true;
}, 'preload' => function () {
global $context, $cur_profile;
//$context['member']['karma']['good'] = $cur_profile['karma_good'];
//$context['member']['karma']['bad'] = $cur_profile['karma_bad'];
return true;
}, 'enabled' => !empty($modSettings['karmaMode'])), 'lngfile' => array('type' => 'select', 'options' => 'return $context[\'profile_languages\'];', 'label' => $txt['preferred_language'], 'permission' => 'profile_identity', 'preload' => 'profileLoadLanguages', 'enabled' => !empty($modSettings['userLanguage']), 'value' => empty($cur_profile['lngfile']) ? $language : $cur_profile['lngfile'], 'input_validate' => function (&$value) {
global $context, $cur_profile;
// Load the languages.
profileLoadLanguages();
if (isset($context['profile_languages'][$value])) {
if ($context['user']['is_owner']) {
$_SESSION['language'] = $value;
}
return true;
} else {
$value = $cur_profile['lngfile'];
return false;
}
}), 'location' => array('type' => 'text', 'label' => $txt['location'], 'log_change' => true, 'size' => 50, 'permission' => 'profile_extra'), 'member_name' => array('type' => allowedTo('admin_forum') && isset($_GET['changeusername']) ? 'text' : 'label', 'label' => $txt['username'], 'subtext' => allowedTo('admin_forum') && !isset($_GET['changeusername']) ? '(<a href="' . $scripturl . '?action=profile;u=' . $context['id_member'] . ';area=account;changeusername" style="font-style: italic;">' . $txt['username_change'] . '</a>)' : '', 'log_change' => true, 'permission' => 'profile_identity', 'prehtml' => allowedTo('admin_forum') && isset($_GET['changeusername']) ? '<div class="alert">' . $txt['username_warning'] . '</div>' : '', 'input_validate' => function (&$value) {
global $sourcedir, $context, $user_info, $cur_profile;
if (allowedTo('admin_forum')) {
// We\'ll need this...
require_once $sourcedir . '/lib/Subs-Auth.php';
// Maybe they are trying to change their password as well?
$resetPassword = true;
if (isset($_POST['passwrd1']) && $_POST['passwrd1'] != '' && isset($_POST['passwrd2']) && $_POST['passwrd1'] == $_POST['passwrd2'] && validatePassword($_POST['passwrd1'], $value, array($cur_profile['real_name'], $user_info['username'], $user_info['name'], $user_info['email'])) == null) {
$resetPassword = false;
}
// Do the reset... this will send them an email too.
if ($resetPassword) {
resetPassword($context['id_member'], $value);
} elseif ($value !== null) {
validateUsername($context['id_member'], $value);
updateMemberData($context['id_member'], array('member_name' => $value));
}
}
return false;
}), 'passwrd1' => array('type' => 'password', 'label' => $txt['choose_pass'], 'subtext' => $txt['password_strength'], 'size' => 20, 'value' => '', 'enabled' => empty($cur_profile['openid_uri']), 'permission' => 'profile_identity', 'save_key' => 'passwd', 'input_validate' => function (&$value) {
global $sourcedir, $user_info, $smcFunc, $cur_profile;
// If we didn\'t try it then ignore it!
if ($value == '') {
return false;
}
// Do the two entries for the password even match?
if (!isset($_POST['passwrd2']) || $value != $_POST['passwrd2']) {
return 'bad_new_password';
}
// Let\'s get the validation function into play...
require_once $sourcedir . '/lib/Subs-Auth.php';
$passwordErrors = validatePassword($value, $cur_profile['member_name'], array($cur_profile['real_name'], $user_info['username'], $user_info['name'], $user_info['email']));
// Were there errors?
if ($passwordErrors != null) {
return 'password_' . $passwordErrors;
}
// Set up the new password variable... ready for storage.
$value = sha1(strtolower($cur_profile['member_name']) . un_htmlspecialchars($value));
return true;
}), 'passwrd2' => array('type' => 'password', 'label' => $txt['verify_pass'], 'enabled' => empty($cur_profile['openid_uri']), 'size' => 20, 'value' => '', 'permission' => 'profile_identity', 'is_dummy' => true), 'personal_text' => array('type' => 'text', 'label' => $txt['personal_text'], 'log_change' => true, 'input_attr' => array('maxlength="50"'), 'size' => 50, 'permission' => 'profile_extra'), 'pm_prefs' => array('type' => 'callback_template', 'callback_name' => 'pm/settings', 'permission' => 'pm_read', 'preload' => function () {
global $context, $cur_profile;
$context['display_mode'] = $cur_profile['pm_prefs'] & 3;
$context['send_email'] = $cur_profile['pm_email_notify'];
$context['receive_from'] = !empty($cur_profile['pm_receive_from']) ? $cur_profile['pm_receive_from'] : 0;
return true;
}, 'input_validate' => function (&$value) {
global $cur_profile, $profile_vars;
// Simple validate and apply the two "sub settings"
$value = max(min($value, 2), 0);
$cur_profile['pm_email_notify'] = $profile_vars['pm_email_notify'] = max(min((int) $_POST['pm_email_notify'], 2), 0);
$cur_profile['pm_receive_from'] = $profile_vars['pm_receive_from'] = max(min((int) $_POST['pm_receive_from'], 4), 0);
return true;
}), 'posts' => array('type' => 'int', 'label' => $txt['profile_posts'], 'log_change' => true, 'size' => 7, 'permission' => 'moderate_forum', 'input_validate' => function (&$value) {
$value = $value != '' ? strtr($value, array(',' => '', '.' => '', ' ' => '')) : 0;
return true;
}), 'real_name' => array('type' => !empty($modSettings['allow_editDisplayName']) || allowedTo('moderate_forum') ? 'text' : 'label', 'label' => $txt['name'], 'subtext' => $txt['display_name_desc'], 'log_change' => true, 'input_attr' => array('maxlength="60"'), 'permission' => 'profile_identity', 'enabled' => !empty($modSettings['allow_editDisplayName']) || allowedTo('moderate_forum'), 'input_validate' => function (&$value) {
global $context, $smcFunc, $sourcedir, $cur_profile;
$value = trim(preg_replace('~[\\s]~' . ($context['utf8'] ? 'u' : ''), ' ', $value));
if (trim($value) == '') {
return 'no_name';
} elseif (CommonAPI::strlen($value) > 60) {
return 'name_too_long';
} elseif ($cur_profile['real_name'] != $value) {
require_once $sourcedir . '/lib/Subs-Members.php';
if (isReservedName($value, $context['id_member'])) {
return 'name_taken';
}
}
return true;
}), 'secret_question' => array('type' => 'text', 'label' => $txt['secret_question'], 'subtext' => $txt['secret_desc'], 'size' => 50, 'permission' => 'profile_identity'), 'secret_answer' => array('type' => 'text', 'label' => $txt['secret_answer'], 'subtext' => $txt['secret_desc2'], 'size' => 20, 'postinput' => '<span class="smalltext" style="margin-left: 4ex;"><a href="' . $scripturl . '?action=helpadmin;help=secret_why_blank" onclick="return reqWin(this.href);">' . $txt['secret_why_blank'] . '</a></span>', 'value' => '', 'permission' => 'profile_identity', 'input_validate' => function (&$value) {
$value = $value != '' ? md5($value) : '';
return true;
}), 'signature' => array('type' => 'callback_template', 'callback_name' => allowedTo('profile_signature') ? 'profile/signature_modify' : 'profile/signature_cannot_modify', 'permission' => 'profile_extra', 'enabled' => substr($modSettings['signature_settings'], 0, 1) == 1, 'preload' => 'profileLoadSignatureData', 'input_validate' => 'profileValidateSignature'), 'show_online' => array('type' => 'check', 'label' => $txt['show_online'], 'permission' => 'profile_identity', 'enabled' => !empty($modSettings['allow_hideOnline']) || allowedTo('moderate_forum')), 'smiley_set' => array('type' => 'callback_template', 'callback_name' => 'profile/smiley_pick', 'enabled' => !empty($modSettings['smiley_sets_enable']), 'permission' => 'profile_extra', 'preload' => function () {
global $modSettings, $context, $txt, $cur_profile;
$context['member']['smiley_set']['id'] = empty($cur_profile['smiley_set']) ? '' : $cur_profile['smiley_set'];
$context['smiley_sets'] = explode(',', 'none,,' . $modSettings['smiley_sets_known']);
$set_names = explode("\n", $txt['smileys_none'] . "\n" . $txt['smileys_forum_board_default'] . "\n" . $modSettings['smiley_sets_names']);
foreach ($context['smiley_sets'] as $i => $set) {
$context['smiley_sets'][$i] = array('id' => htmlspecialchars($set), 'name' => htmlspecialchars($set_names[$i]), 'selected' => $set == $context['member']['smiley_set']['id']);
if ($context['smiley_sets'][$i]['selected']) {
$context['member']['smiley_set']['name'] = $set_names[$i];
}
}
return true;
}, 'input_validate' => function (&$value) {
global $modSettings;
$smiley_sets = explode(',', $modSettings['smiley_sets_known']);
if (!in_array($value, $smiley_sets) && $value != 'none') {
$value = '';
}
return true;
}), 'theme_settings' => array('type' => 'callback_template', 'callback_name' => 'profile/theme_settings', 'permission' => 'profile_extra', 'is_dummy' => true, 'preload' => function () {
loadLanguage('Settings');
return true;
}), 'time_format' => array('type' => 'callback_template', 'callback_name' => 'profile/timeformat_modify', 'permission' => 'profile_extra', 'preload' => function () {
global $context, $user_info, $txt, $cur_profile, $modSettings;
$context['easy_timeformats'] = array(array('format' => '', 'title' => $txt['timeformat_default']), array('format' => '%B %d, %Y, %I:%M:%S %p', 'title' => $txt['timeformat_easy1']), array('format' => '%B %d, %Y, %H:%M:%S', 'title' => $txt['timeformat_easy2']), array('format' => '%Y-%m-%d, %H:%M:%S', 'title' => $txt['timeformat_easy3']), array('format' => '%d %B %Y, %H:%M:%S', 'title' => $txt['timeformat_easy4']), array('format' => '%d-%m-%Y, %H:%M:%S', 'title' => $txt['timeformat_easy5']));
$context['member']['time_format'] = $cur_profile['time_format'];
$context['current_forum_time'] = strftime($modSettings['time_format'], forum_time(false)) . ' ' . date_default_timezone_get();
$context['current_forum_time_js'] = strftime('%Y,' . ((int) strftime('%m', time() + $modSettings['time_offset'] * 3600) - 1) . ',%d,%H,%M,%S', time() + $modSettings['time_offset'] * 3600);
$context['current_forum_time_hour'] = (int) strftime('%H', forum_time(false));
return true;
}), 'time_offset' => array('type' => 'callback_template', 'callback_name' => 'profile/timeoffset_modify', 'permission' => 'profile_extra', 'preload' => function () {
global $context, $cur_profile;
$context['member']['time_offset'] = $cur_profile['time_offset'];
return true;
}, 'input_validate' => function (&$value) {
// Validate the time_offset...
$value = (double) strtr($value, ',', '.');
if ($value < -23.5 || $value > 23.5) {
return 'bad_offset';
}
return true;
}), 'usertitle' => array('type' => 'text', 'label' => $txt['custom_title'], 'log_change' => true, 'size' => 50, 'permission' => 'profile_title', 'input_attr' => array('maxlength="50"'), 'enabled' => !empty($modSettings['titlesEnable'])));
$disabled_fields = !empty($modSettings['disabled_profile_fields']) ? explode(',', $modSettings['disabled_profile_fields']) : array();
// For each of the above let's take out the bits which don't apply - to save memory and security!
foreach ($profile_fields as $key => $field) {
// Do we have permission to do this?
if (isset($field['permission']) && !allowedTo($context['user']['is_owner'] ? array($field['permission'] . '_own', $field['permission'] . '_any') : $field['permission'] . '_any') && !allowedTo($field['permission'])) {
unset($profile_fields[$key]);
}
// Is it enabled?
if (isset($field['enabled']) && !$field['enabled']) {
unset($profile_fields[$key]);
}
// Is it specifically disabled?
if (in_array($key, $disabled_fields) || isset($field['link_with']) && in_array($field['link_with'], $disabled_fields)) {
unset($profile_fields[$key]);
}
}
}
// Additional filtering for Bug #962
if (function_exists('posix_getpwnam') && !in_array("posix_getpwnam", explode(",", ini_get('disable_functions'))) && posix_getpwnam($loginname)) {
standard_error('loginnameissystemaccount', Settings::Get('customer.accountprefix'));
}
} else {
$accountnumber = intval(Settings::Get('system.lastaccountnumber')) + 1;
$loginname = Settings::Get('customer.accountprefix') . $accountnumber;
}
// Check if the account already exists
$loginname_check_stmt = Database::prepare("\n\t\t\t\t\t\tSELECT `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname` = :loginname");
$loginname_check = Database::pexecute_first($loginname_check_stmt, array('loginname' => $loginname));
$loginname_check_admin_stmt = Database::prepare("\n\t\t\t\t\t\tSELECT `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname` = :loginname");
$loginname_check_admin = Database::pexecute_first($loginname_check_admin_stmt, array('loginname' => $loginname));
if (strtolower($loginname_check['loginname']) == strtolower($loginname) || strtolower($loginname_check_admin['loginname']) == strtolower($loginname)) {
standard_error('loginnameexists', $loginname);
} elseif (!validateUsername($loginname, Settings::Get('panel.unix_names'), 14 - strlen(Settings::Get('customer.mysqlprefix')))) {
if (strlen($loginname) > 14 - strlen(Settings::Get('customer.mysqlprefix'))) {
standard_error('loginnameiswrong2', 14 - strlen(Settings::Get('customer.mysqlprefix')));
} else {
standard_error('loginnameiswrong', $loginname);
}
}
$guid = intval(Settings::Get('system.lastguid')) + 1;
$documentroot = makeCorrectDir(Settings::Get('system.documentroot_prefix') . '/' . $loginname);
if (file_exists($documentroot)) {
standard_error('documentrootexists', $documentroot);
}
if ($createstdsubdomain != '1') {
$createstdsubdomain = '0';
}
if ($phpenabled != '0') {
oci_free_statement($stid);
}
}
}
}
// REMOVE USER
if (isset($_POST['removeUserBtn'])) {
$username = $_POST['username'];
// check if username is entered, if not display message & return
if (empty($username)) {
echo '<ul class="list-group">
<li class="list-group-item list-group-item-info">Username cannot be blank. A username must be selected.</li>
</ul>';
} else {
// Check if username is in the database
$results = validateUsername($username, $conn);
// if username doesn't exist in the database, display message & return
if (empty($results)) {
echo '<ul class="list-group">
<li class="list-group-item list-group-item-danger">Username does not exist in the database.</li>
</ul>';
} else {
// if username exists, remove it
removeUser($username, $conn);
}
}
}
// retrive contents of users table to display
function get_all_users($conn)
{
$arr = array();
<?php
include 'registrationConnection.php';
$action = $_GET['action'];
///////////////////////////////////////// GET ALL THE USERNAME /////////////////////////////////////////////////
if ($action == "getUsername1") {
$user = trim($_POST['uname']);
if (validateUsername($user) == true) {
echo true;
} else {
echo false;
}
} else {
if ($action == "getUsernameforUpdate") {
$user = trim($_POST['uname']);
if (validateUsernameForUpdate($user) == true) {
echo true;
} else {
echo false;
}
} else {
if ($action == "checkClientPassword") {
if (checkClientPassword(trim($_POST['cpold'])) == true) {
echo true;
} else {
echo false;
}
} elseif ($action == "clientUpdatePassword") {
$password = trim($_POST['cpconew']);
$result = clientUpdatePassword($password);
echo $result;
<?php
include "validate.php";
$formSend = count($_POST) > 0;
$username = "";
$email = "";
if ($formSend) {
$usernameValid = validateUsername($_POST["username"]);
$emailValid = validateEmail($_POST["email"]);
$passwordValid = validatePassword($_POST["password"]);
$passwordCValid = validateCPassword($_POST["password"], $_POST["passwordC"]);
$username = htmlspecialchars($_POST["username"]);
$email = htmlspecialchars($_POST["email"]);
if ($usernameValid == "" && $emailValid == "" && $passwordValid == "" && $passwordCValid == "") {
header('Location: welcome.php?username='******'text/css' rel='stylesheet' href='style.css'/>
<script src="jquery-2.1.4.min.js"></script>
<script src="jquery.validate.js"></script>
<script type="text/javascript" src="registration.js"></script>
<script type="text/javascript" src="script.js"></script>
</head>
<body>
<header>
}
// -------------------------------------------------------------------------
// 6 COOKIE variabes
// -------------------------------------------------------------------------
if (isset($_COOKIE["net2ftpcookie_ftpserver"]) == true) {
$net2ftp_globals["cookie_ftpserver"] = validateFtpserver($_COOKIE["net2ftpcookie_ftpserver"]);
} else {
$net2ftp_globals["cookie_ftpserver"] = "";
}
if (isset($_COOKIE["net2ftpcookie_ftpserverport"]) == true) {
$net2ftp_globals["cookie_ftpserverport"] = validateFtpserverport($_COOKIE["net2ftpcookie_ftpserverport"]);
} else {
$net2ftp_globals["cookie_ftpserverport"] = "";
}
if (isset($_COOKIE["net2ftpcookie_username"]) == true) {
$net2ftp_globals["cookie_username"] = validateUsername($_COOKIE["net2ftpcookie_username"]);
} else {
$net2ftp_globals["cookie_username"] = "";
}
if (isset($_COOKIE["net2ftpcookie_language"]) == true) {
$net2ftp_globals["cookie_language"] = validateLanguage($_COOKIE["net2ftpcookie_language"]);
} else {
$net2ftp_globals["cookie_language"] = "";
}
if (isset($_COOKIE["net2ftpcookie_skin"]) == true) {
$net2ftp_globals["cookie_skin"] = validateSkin($_COOKIE["net2ftpcookie_skin"]);
} else {
$net2ftp_globals["cookie_skin"] = "";
}
if (isset($_COOKIE["net2ftpcookie_ftpmode"]) == true) {
$net2ftp_globals["cookie_ftpmode"] = validateFtpmode($_COOKIE["net2ftpcookie_ftpmode"]);
function register($username, $email, $password)
{
global $TLD, $tld_db;
show_header();
/* prepare clean data */
$username = htmlspecialchars(stripslashes($username));
$password = htmlspecialchars(stripslashes($password));
#$name=htmlspecialchars(stripslashes($name));
$email = htmlspecialchars(stripslashes($email));
/* perform validation checks */
if (filter_var($email, FILTER_VALIDATE_EMAIL) == FALSE) {
echo "Not a valid email address";
die;
}
if (!validateUsername($username)) {
echo "Usernames must be alphanumeric characters only<br>";
die;
}
$username = clean_up_input($username);
/* just in case */
$username = strtolower($username);
if (username_taken($username)) {
echo "That username is already taken. Please try using another, different username.";
die;
}
/* let the user know */
echo "Creating new account for {$username}<BR>\n";
/* generate user verification key */
$userkeyfile = "tmp/" . $username . ".ukf";
// some environments does not allow execuion outside its boundaries even /tmp
$fh = fopen($userkeyfile, 'w') or die("Can't create user key verification file. Please report this to the admin.");
$userkey = unique_id(16);
fwrite($fh, $userkey);
fclose($fh);
/* prepare account */
$base = database_open_now($tld_db, 0666);
$real_password = hash('sha256', $password);
date_default_timezone_set('Etc/UTC');
$registered = strftime('%Y-%m-%d');
#$query = "INSERT INTO users (username, password, email, registered, verified)
# VALUES('".$username."', '".$real_password."', '".$email."', '".$registered."', 0)";
#$results = database_query_now($base, $query);
$results = database_pdo_query("INSERT INTO users (username, password, email, registered, verified) VALUES('" . $username . "', '" . $real_password . "', '" . $email . "', '" . $registered . "', 0)");
/* construct email */
$msg_FROM = "FROM: hostmaster@opennic." . $TLD;
$msg_subject = "OpenNIC " . $TLD . " User Registration.";
$msg = "Welcome " . $username . " to OpenNIC." . $TLD . "!\n\n";
$msg .= "Your details are:\n";
$msg .= "Username: "******"\n";
$msg .= "Password: (The one you specified during sign up. Remember, this is encrypted and cannot be retrieved.)\n\n";
$msg .= "Always ensure your contact details are up to date.\n\n";
$msg .= "To confirm this email and activate your account, please visit https://www.opennic." . $TLD . "/register/confirm.php?username="******"&userkey=" . $userkey . "\nYou have 24 hours to activate your account, otherwise it will be deleted.\n\n";
$msg .= "Thank you for your patronage.\nOpenNIC" . $TLD . " Administration.\n";
mail($email, $msg_subject, $msg, $msg_FROM);
echo "If registration was successful, you should receive an email shortly. Please contact hostmaster@opennic." . $TLD . " if you do not receive one within 24 hours. Please ensure that email address is on your email whitelist.";
// echo "DEBUG: [".$msg."]";
}
}
?>
/>
<span class="formcheck" id="spanEmail"> </span><br />
<label>Username:</label>
<input type="text" name="USERNAME" size="30" id="user"
onfocus="usernameValid()"
value="<?php
if (isset($_POST['USERNAME'])) {
echo $username;
}
?>
"
<?php
if (!validateUsername($username)) {
echo $styleInvalid;
}
?>
/>
<span class="formcheck" id="spanUsername"> </span><br />
<label>Password:</label>
<input type="password" name="PASSWORD" size="30" id="passwd" class="validates"
onfocus="pValid()" />
<span class="formcheck" id="spanP"></span><br />
<label>Confirm Password:</label>
<input type="password" name="CONFIRMPASSWORD" size="30" id="confirmPasswd" class="validates"
onkeyup="passwdValid()"
<?php
}
$diskspace = $diskspace * 1024;
$traffic = $traffic * 1024 * 1024;
$ipaddress = intval_ressource($_POST['ipaddress']);
// Check if the account already exists
$loginname_check_stmt = Database::prepare("\n\t\t\t\tSELECT `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname` = :login\n\t\t\t");
$loginname_check = Database::pexecute_first($loginname_check_stmt, array('login' => $loginname));
$loginname_check_admin_stmt = Database::prepare("\n\t\t\t\tSELECT `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname` = :login\n\t\t\t");
$loginname_check_admin = Database::pexecute_first($loginname_check_admin_stmt, array('login' => $loginname));
if ($loginname == '') {
standard_error(array('stringisempty', 'myloginname'));
} elseif (strtolower($loginname_check['loginname']) == strtolower($loginname) || strtolower($loginname_check_admin['loginname']) == strtolower($loginname)) {
standard_error('loginnameexists', $loginname);
} elseif (preg_match('/^' . preg_quote(Settings::Get('customer.accountprefix'), '/') . '([0-9]+)/', $loginname)) {
standard_error('loginnameissystemaccount', Settings::Get('customer.accountprefix'));
} elseif (!validateUsername($loginname)) {
standard_error('loginnameiswrong', $loginname);
} elseif ($name == '') {
standard_error(array('stringisempty', 'myname'));
} elseif ($email == '') {
standard_error(array('stringisempty', 'emailadd'));
} elseif ($password == '') {
standard_error(array('stringisempty', 'mypassword'));
} elseif (!validateEmail($email)) {
standard_error('emailiswrong', $email);
} else {
if ($customers_see_all != '1') {
$customers_see_all = '0';
}
if ($domains_see_all != '1') {
$domains_see_all = '0';
function net2ftp_module_printBody()
{
// --------------
// This function prints the login screen
// --------------
// -------------------------------------------------------------------------
// Global variables
// -------------------------------------------------------------------------
global $net2ftp_settings, $net2ftp_globals, $net2ftp_messages, $net2ftp_result, $net2ftp_output;
// The 2 go_to_state variables come from the bookmark, or from registerglobals.inc.php
if (isset($_GET["go_to_state"]) == true) {
$go_to_state = validateGenericInput($_GET["go_to_state"]);
} else {
$go_to_state = $net2ftp_globals["go_to_state"];
}
if (isset($_GET["go_to_state2"]) == true) {
$go_to_state2 = validateGenericInput($_GET["go_to_state2"]);
} else {
$go_to_state2 = $net2ftp_globals["go_to_state2"];
}
if (isset($_GET["errormessage"]) == true) {
$errormessage = validateGenericInput($_GET["errormessage"]);
}
// Most actions
if (isset($_POST["list"]) == true) {
$list = getSelectedEntries($_POST["list"]);
} else {
$list = "";
}
// Bookmark
if (isset($_POST["url"]) == true) {
$url = validateGenericInput($_POST["url"]);
} else {
$url = "";
}
if (isset($_POST["text"]) == true) {
$text = validateGenericInput($_POST["text"]);
} else {
$text = "";
}
// Copy, move, delete
if (isset($_POST["ftpserver2"]) == true) {
$net2ftp_globals["ftpserver2"] = validateFtpserver($_POST["ftpserver2"]);
} else {
$net2ftp_globals["ftpserver2"] = "";
}
if (isset($_POST["ftpserverport2"]) == true) {
$net2ftp_globals["ftpserverport2"] = validateFtpserverport($_POST["ftpserverport2"]);
} else {
$net2ftp_globals["ftpserverport2"] = "";
}
if (isset($_POST["username2"]) == true) {
$net2ftp_globals["username2"] = validateUsername($_POST["username2"]);
} else {
$net2ftp_globals["username2"] = "";
}
if (isset($_POST["password2"]) == true) {
$net2ftp_globals["password2"] = validatePassword($_POST["password2"]);
} else {
$net2ftp_globals["password2"] = "";
}
// Edit
if (isset($_POST["textareaType"]) == true) {
$textareaType = validateTextareaType($_POST["textareaType"]);
} else {
$textareaType = "";
}
if (isset($_POST["text"]) == true) {
$text = $_POST["text"];
} else {
$text = "";
}
if (isset($_POST["text_splitted"]) == true) {
$text_splitted = $_POST["text_splitted"];
} else {
$text_splitted = "";
}
// Find string
if (isset($_POST["searchoptions"]) == true) {
$searchoptions = $_POST["searchoptions"];
}
// New directory
// Rename
if (isset($_POST["newNames"]) == true) {
$newNames = validateEntry($_POST["newNames"]);
} else {
$newNames = "";
}
// Raw FTP command
if (isset($_POST["command"]) == true) {
$command = $_POST["command"];
} else {
$command = "CWD {$directory_html}\nPWD\n";
}
// Zip
if (isset($_POST["zipactions"]) == true) {
$zipactions = $_POST["zipactions"];
} else {
$zipactions = "";
}
// -------------------------------------------------------------------------
// Variables for all screens
// -------------------------------------------------------------------------
$formname = "LoginForm";
$enctype = "";
if ($net2ftp_globals["state2"] == "admin") {
$message = __("Please enter your Administrator username and password.");
$button_text = __("Login");
$username_fieldname = "input_admin_username";
$password_fieldname = "input_admin_password";
$username_value = "";
$password_value = "";
$focus = $username_fieldname;
} elseif ($net2ftp_globals["state2"] == "bookmark") {
$message = __("Please enter your username and password for FTP server <b>%1\$s</b>.", htmlEncode2($net2ftp_globals["ftpserver"]));
$button_text = __("Login");
$username_fieldname = "username";
$password_fieldname = "password";
if (isset($net2ftp_globals["username"]) == true) {
$username_value = htmlEncode2($net2ftp_globals["username"]);
$focus = $password_fieldname;
} else {
$username_value = "";
$focus = $username_fieldname;
}
$password_value = "";
} elseif ($net2ftp_globals["state2"] == "session_expired") {
$message = __("Your session has expired; please enter your password for FTP server <b>%1\$s</b> to continue.", htmlEncode2($net2ftp_globals["ftpserver"]));
$button_text = __("Continue");
$username_fieldname = "username";
$password_fieldname = "password";
if (isset($net2ftp_globals["username"]) == true) {
$username_value = htmlEncode2($net2ftp_globals["username"]);
$focus = $password_fieldname;
} else {
$username_value = "";
$focus = $username_fieldname;
}
$password_value = "";
} elseif ($net2ftp_globals["state2"] == "session_ipchange") {
$message = __("Your IP address has changed; please enter your password for FTP server <b>%1\$s</b> to continue.", htmlEncode2($net2ftp_globals["ftpserver"]));
$button_text = __("Continue");
$username_fieldname = "username";
$password_fieldname = "password";
if (isset($net2ftp_globals["username"]) == true) {
$username_value = htmlEncode2($net2ftp_globals["username"]);
$focus = $password_fieldname;
} else {
$username_value = "";
$focus = $username_fieldname;
}
$password_value = "";
}
// -------------------------------------------------------------------------
// Print the output
// -------------------------------------------------------------------------
require_once $net2ftp_globals["application_skinsdir"] . "/" . $net2ftp_globals["skin"] . "/login_small.template.php";
}
$r = $this->db1->query("SELECT username FROM users WHERE email='" . $fb_email . "' AND auth='facebook'");
if (!($obj = $db2->fetch_object($r))) {
$code = uniqueCode(11, 1, 'users', 'code');
$fb_pass = getCode(10, 1);
$salt = md5(uniqid(rand(), true));
$hash = hash('sha512', $salt . $fb_pass);
$ip = $this->db1->escape(ip2long($_SERVER['REMOTE_ADDR']));
$fb_id = $D->fb_user_profile['id'];
$fb_first_name = $this->db1->e($D->fb_user_profile['first_name']);
$fb_last_name = $this->db1->e($D->fb_user_profile['last_name']);
$fb_gender = $D->fb_user_profile['gender'];
$fb_username = $D->fb_user_profile['name'];
$fb_username = str_replace(' ', '', $fb_username);
$fb_username = str_replace('.', '', $fb_username);
//if the username does not work, use your email
if (!validateUsername($fb_username)) {
$newUser = explode('@', $fb_email);
$fb_username = str_replace('.', '', $newUser[0]);
$fb_username = str_replace('-', '', $fb_username);
$lenun = strlen($fb_username);
if (strlen($fb_username) < 6) {
$fb_username = $fb_username . getCode(6 - $lenun, 1);
}
}
$numu = $this->db1->fetch_field("SELECT count(iduser) FROM users WHERE username='******'");
if ($numu != 0) {
$fb_username = $fb_username . '' . ($numu + 1);
}
$fb_username = $this->db1->e($fb_username);
$gender = 0;
if ($fb_gender == 'male') {
