function validate($data, $action, $options = array())
{
$data = parent::validate($data, $action, $options);
if (!$data) {
return $data;
}
switch ($action) {
case 'create':
$data['active'] = array_key_exists('active', $data) ? $data['active'] : true;
//We need either an email, mobile number or username to register a user
//Lower ASCII only
if (!empty($data['username'])) {
$data['username'] = filter_var(trim($data['username']), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH);
//TODO Make the banned usernames configurable
$banned_usernames = array('root', 'admin', 'superadmin', 'superuser', 'webadmin', 'postmaster', 'webdeveloper', 'webmaster', 'administrator', 'sysadmin');
if (in_array($data['username'], $banned_usernames) && BackendUser::hasSuperUser()) {
Backend::addError('Please choose a valid username');
return false;
}
}
if (empty($data['username']) && empty($data['email']) && empty($data['mobile'])) {
Backend::addError('Please provide a username');
}
//If the username is an email address, make it the email address
if (!empty($data['username']) && filter_var($data['username'], FILTER_VALIDATE_EMAIL)) {
if (!empty($data['email'])) {
list($data['username'], $data['email']) = array($data['email'], $data['username']);
} else {
$data['email'] = $data['username'];
unset($data['username']);
}
}
$data['salt'] = get_random('numeric');
$data['password'] = md5($data['salt'] . $data['password'] . Controller::$salt);
if (ConfigValue::get('application.confirmUser')) {
$data['confirmed'] = false;
} else {
$data['confirmed'] = array_key_exists('confirmed', $data) ? $data['confirmed'] : true;
}
break;
case 'update':
if (!empty($data['password'])) {
$data['password'] = md5($this->array['salt'] . $data['password'] . Controller::$salt);
}
break;
}
return $data;
}
