Пример #1
0
/**
 * Check and load counties
 */
function ukrainerayons_loadcounties()
{
    $counties = ukrainerayons_listcounties();
    static $dao = NULL;
    if (!$dao) {
        $dao = new CRM_Core_DAO();
    }
    // go state-by-state to check existing counties
    foreach ($counties as $id => $state) {
        $check = "SELECT name FROM civicrm_county WHERE state_province_id = {$id}";
        $results = CRM_Core_DAO::executeQuery($check);
        $existing = array();
        while ($results->fetch()) {
            $existing[] = $results->name;
        }
        // identify counties needing to be loaded
        $add = array_diff($state, $existing);
        $insert = array();
        foreach ($add as $county) {
            $countydao = $dao->escape($county);
            $insert[] = "('{$countydao}', {$id})";
        }
        // put it into queries of 50 counties each
        for ($i = 0; $i < count($insert); $i = $i + 50) {
            $inserts = array_slice($insert, $i, 50);
            $query = "INSERT INTO civicrm_county (name, state_province_id) VALUES ";
            $query .= implode(', ', $inserts);
            CRM_Core_DAO::executeQuery($query);
        }
    }
}
Пример #2
0
/**
 * Create a Drupal user and return Drupal ID
 *
 * @param       email   email address of new user
 *
 * @return      res     Drupal ID for new user or FALSE if error
 */
function civicrm_drupal_create_user($email, $rid = NULL)
{
    $email = trim($email);
    if (empty($email)) {
        return FALSE;
    }
    $user_tab = _civicrm_get_user_table_name();
    // If user already exists, return Drupal id
    $uid = db_result(db_query("SELECT uid FROM {$user_tab} WHERE mail = '%s'", $email));
    if ($uid) {
        return $uid;
    }
    // escape email to prevent sql injection
    $dao = new CRM_Core_DAO();
    $email = $dao->escape($email);
    // Default values for new user
    $params = array();
    //WARNING -- this is likely *wrong* since it will crash Drupal 6.
    //calling conventions for Drupal 7 are different, as well.
    //$params['uid']     = db_next_id('{users}_uid');
    $params['name'] = $email;
    $params['pass'] = md5(uniqid(rand(), TRUE));
    $params['mail'] = $email;
    $params['mode'] = 0;
    $params['access'] = 0;
    // don't allow user to login until verified
    $params['status'] = 0;
    $params['init'] = $email;
    $params['created'] = time();
    $db_fields = '(';
    $db_values = '(';
    foreach ($params as $key => $value) {
        $db_fields .= "{$key},";
        $db_values .= "'{$value}',";
    }
    $db_fields = rtrim($db_fields, ",");
    $db_values = rtrim($db_values, ",");
    $db_fields .= ')';
    $db_values .= ')';
    $q = "INSERT INTO {$user_tab} {$db_fields} VALUES {$db_values}";
    db_query($q);
    if ($rid) {
        // Delete any previous roles entry before adding the role id
        //NOTE: weirdly, D7 schema from alpha 3 allows the following:
        db_query('DELETE FROM {users_roles} WHERE uid = %d', $params['uid']);
        db_query('INSERT INTO {users_roles} (uid, rid) VALUES (%d, %d)', $params['uid'], $rid);
    }
    return $params['uid'];
}
Пример #3
0
/**
 * Create a Drupal user and return Drupal ID
 * @param       email   email address of new user
 * @return      res     Drupal ID for new user or FALSE if error
 */
function civicrm_drupal_create_user($email, $rid = null)
{
    $email = trim($email);
    if (empty($email)) {
        return FALSE;
    }
    // If user already exists, return Drupal id
    $uid = db_result(db_query("SELECT uid FROM {users} WHERE mail = '%s'", $email));
    if ($uid) {
        return $uid;
    }
    // escape email to prevent sql injection
    $dao = new CRM_Core_DAO();
    $email = $dao->escape($email);
    // Default values for new user
    $params = array();
    $params['uid'] = db_next_id('{users}_uid');
    $params['name'] = $email;
    $params['pass'] = md5(uniqid(rand(), true));
    $params['mail'] = $email;
    $params['mode'] = 0;
    $params['access'] = 0;
    $params['status'] = 0;
    // don't allow user to login until verified
    $params['init'] = $email;
    $params['created'] = time();
    $db_fields = '(';
    $db_values = '(';
    foreach ($params as $key => $value) {
        $db_fields .= "{$key},";
        $db_values .= "'{$value}',";
    }
    $db_fields = rtrim($db_fields, ",");
    $db_values = rtrim($db_values, ",");
    $db_fields .= ')';
    $db_values .= ')';
    $q = "INSERT INTO {users} {$db_fields} VALUES {$db_values}";
    db_query($q);
    if ($rid) {
        // Delete any previous roles entry before adding the role id
        db_query('DELETE FROM {users_roles} WHERE uid = %d', $params['uid']);
        db_query('INSERT INTO {users_roles} (uid, rid) VALUES (%d, %d)', $params['uid'], $rid);
    }
    return $params['uid'];
}
Пример #4
0
 /**
  * Check if username and email exists in the drupal db
  *
  * @params $params    array   array of name and mail values
  * @params $errors    array   array of errors
  * @params $emailName string  field label for the 'email'
  *
  * @return void
  */
 static function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
 {
     $config = CRM_Core_Config::singleton();
     $dao = new CRM_Core_DAO();
     $name = $dao->escape(CRM_Utils_Array::value('name', $params));
     $email = $dao->escape(CRM_Utils_Array::value('mail', $params));
     $errors = form_get_errors();
     if ($errors) {
         // unset drupal messages to avoid twice display of errors
         unset($_SESSION['messages']);
     }
     if (!empty($params['name'])) {
         if ($nameError = user_validate_name($params['name'])) {
             $errors['cms_name'] = $nameError;
         } else {
             $uid = db_query("SELECT uid FROM {users} WHERE name = :name", array(':name' => $params['name']))->fetchField();
             if ((bool) $uid) {
                 $errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $params['name']));
             }
         }
     }
     if (!empty($params['mail'])) {
         if ($emailError = user_validate_mail($params['mail'])) {
             $errors[$emailName] = $emailError;
         } else {
             $uid = db_query("SELECT uid FROM {users} WHERE mail = :mail", array(':mail' => $params['mail']))->fetchField();
             if ((bool) $uid) {
                 $resetUrl = $config->userFrameworkBaseURL . 'user/password';
                 $errors[$emailName] = ts('The email address %1 is already registered. <a href="%2">Have you forgotten your password?</a>', array(1 => $params['mail'], 2 => $resetUrl));
             }
         }
     }
 }
Пример #5
0
 function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
 {
     $config = CRM_Core_Config::singleton();
     $dao = new CRM_Core_DAO();
     $name = $dao->escape(CRM_Utils_Array::value('name', $params));
     $email = $dao->escape(CRM_Utils_Array::value('mail', $params));
     if (!empty($params['name'])) {
         if (!validate_username($params['name'])) {
             $errors['cms_name'] = ts("Your username contains invalid characters");
         } elseif (username_exists(sanitize_user($params['name']))) {
             $errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $params['name']));
         }
     }
     if (!empty($params['mail'])) {
         if (!is_email($params['mail'])) {
             $errors[$emailName] = "Your email is invaid";
         } elseif (email_exists($params['mail'])) {
             $resetUrl = $config->userFrameworkBaseURL . 'wp-login.php?action=lostpassword';
             $errors[$emailName] = ts('The email address %1 is already registered. <a href="%2">Have you forgotten your password?</a>', array(1 => $params['mail'], 2 => $resetUrl));
         }
     }
 }
Пример #6
0
 /**
  * @param array $params
  * @param $errors
  * @param string $emailName
  */
 public function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
 {
     $config = CRM_Core_Config::singleton();
     $dao = new CRM_Core_DAO();
     $name = $dao->escape(CRM_Utils_Array::value('name', $params));
     $email = $dao->escape(CRM_Utils_Array::value('mail', $params));
     if (!empty($params['name'])) {
         if (!validate_username($params['name'])) {
             $errors['cms_name'] = ts("Your username contains invalid characters");
         } elseif (username_exists(sanitize_user($params['name']))) {
             $errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $params['name']));
         }
     }
     if (!empty($params['mail'])) {
         if (!is_email($params['mail'])) {
             $errors[$emailName] = "Your email is invaid";
         } elseif (email_exists($params['mail'])) {
             $errors[$emailName] = ts('The email address %1 already has an account associated with it. <a href="%2">Have you forgotten your password?</a>', array(1 => $params['mail'], 2 => wp_lostpassword_url()));
         }
     }
 }
 /**
  * Check if username and email exists in the drupal db
  *
  * @params $params    array   array of name and mail values
  * @params $errors    array   array of errors
  * @params $emailName string  field label for the 'email'
  *
  * @return void
  */
 function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
 {
     $config = CRM_Core_Config::singleton();
     $dao = new CRM_Core_DAO();
     $name = $dao->escape(CRM_Utils_Array::value('name', $params));
     $email = $dao->escape(CRM_Utils_Array::value('mail', $params));
     _user_edit_validate(NULL, $params);
     $errors = form_get_errors();
     if ($errors) {
         if (CRM_Utils_Array::value('name', $errors)) {
             $errors['cms_name'] = $errors['name'];
         }
         if (CRM_Utils_Array::value('mail', $errors)) {
             $errors[$emailName] = $errors['mail'];
         }
         // also unset drupal messages to avoid twice display of errors
         unset($_SESSION['messages']);
     }
     // drupal api sucks do the name check manually
     $nameError = user_validate_name($params['name']);
     if ($nameError) {
         $errors['cms_name'] = $nameError;
     }
     $sql = "\nSELECT name, mail\n  FROM {$config->userFrameworkUsersTableName}\n WHERE (LOWER(name) = LOWER('{$name}')) OR (LOWER(mail) = LOWER('{$email}'))";
     $db_cms = DB::connect($config->userFrameworkDSN);
     if (DB::isError($db_cms)) {
         die("Cannot connect to UF db via {$dsn}, " . $db_cms->getMessage());
     }
     $query = $db_cms->query($sql);
     $row = $query->fetchRow();
     if (!empty($row)) {
         $dbName = CRM_Utils_Array::value(0, $row);
         $dbEmail = CRM_Utils_Array::value(1, $row);
         if (strtolower($dbName) == strtolower($name)) {
             $errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $name));
         }
         if (strtolower($dbEmail) == strtolower($email)) {
             $errors[$emailName] = ts('This email %1 is already registered. Please select another email.', array(1 => $email));
         }
     }
 }
Пример #8
0
 /**
  * Check if username and email exists in the Joomla db.
  *
  * @param array $params
  *   Array of name and mail values.
  * @param array $errors
  *   Array of errors.
  * @param string $emailName
  *   Field label for the 'email'.
  */
 public function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
 {
     $config = CRM_Core_Config::singleton();
     $dao = new CRM_Core_DAO();
     $name = $dao->escape(CRM_Utils_Array::value('name', $params));
     $email = $dao->escape(CRM_Utils_Array::value('mail', $params));
     //don't allow the special characters and min. username length is two
     //regex \\ to match a single backslash would become '/\\\\/'
     $isNotValid = (bool) preg_match('/[\\<|\\>|\\"|\'|\\%|\\;|\\(|\\)|\\&|\\\\|\\/]/im', $name);
     if ($isNotValid || strlen($name) < 2) {
         $errors['cms_name'] = ts('Your username contains invalid characters or is too short');
     }
     $JUserTable =& JTable::getInstance('User', 'JTable');
     $db = $JUserTable->getDbo();
     $query = $db->getQuery(TRUE);
     $query->select('username, email');
     $query->from($JUserTable->getTableName());
     $query->where('(LOWER(username) = LOWER(\'' . $name . '\')) OR (LOWER(email) = LOWER(\'' . $email . '\'))');
     $db->setQuery($query, 0, 10);
     $users = $db->loadAssocList();
     $row = array();
     if (count($users)) {
         $row = $users[0];
     }
     if (!empty($row)) {
         $dbName = CRM_Utils_Array::value('username', $row);
         $dbEmail = CRM_Utils_Array::value('email', $row);
         if (strtolower($dbName) == strtolower($name)) {
             $errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $name));
         }
         if (strtolower($dbEmail) == strtolower($email)) {
             $resetUrl = str_replace('administrator/', '', $config->userFrameworkBaseURL) . 'index.php?option=com_users&view=reset';
             $errors[$emailName] = ts('The email address %1 already has an account associated with it. <a href="%2">Have you forgotten your password?</a>', array(1 => $email, 2 => $resetUrl));
         }
     }
 }
Пример #9
0
 /**
  * SQL-escape the given string
  * (slightly abridged version of CRM_Core_DAO::escapeString)
  *
  * @see CRM_Core_DAO::escapeString
  */
 public static function escapeString($string)
 {
     static $_dao = NULL;
     if (!$_dao) {
         if (!defined('CIVICRM_DSN')) {
             if (function_exists('mysql_real_escape_string')) {
                 return mysql_real_escape_string($string);
             } elseif (function_exists('mysql_escape_string')) {
                 return mysql_escape_string($string);
             } else {
                 throw new CRM_Core_Exception("Cannot generate SQL. \"mysql_{real_}escape_string\" is missing. Have you installed PHP \"mysql\" extension?");
             }
         }
         $_dao = new CRM_Core_DAO();
     }
     return $_dao->escape($string);
 }
Пример #10
0
 /**
  * @param $string
  *
  * @return string
  */
 static function escapeString($string)
 {
     static $_dao = NULL;
     if (!$_dao) {
         $_dao = new CRM_Core_DAO();
     }
     return $_dao->escape($string);
 }
Пример #11
0
function civicrm_mysql_real_escape_string($string)
{
    static $dao = null;
    if (!$dao) {
        $dao = new CRM_Core_DAO();
    }
    return $dao->escape($string);
}
Пример #12
0
 /**
  * Check if username and email exists in the drupal db
  * 
  * @params $params    array   array of name and mail values
  * @params $errors    array   array of errors
  * @params $emailName string  field label for the 'email'
  *
  * @return void
  * @static
  */
 static function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
 {
     $config = CRM_Core_Config::singleton();
     $isDrupal = ucfirst($config->userFramework) == 'Drupal' ? true : false;
     $isJoomla = ucfirst($config->userFramework) == 'Joomla' ? true : false;
     $dao = new CRM_Core_DAO();
     $name = $dao->escape(CRM_Utils_Array::value('name', $params));
     $email = $dao->escape(CRM_Utils_Array::value('mail', $params));
     if ($isDrupal) {
         _user_edit_validate(null, $params);
         $errors = form_get_errors();
         if ($errors) {
             if (CRM_Utils_Array::value('name', $errors)) {
                 $errors['cms_name'] = $errors['name'];
             }
             if (CRM_Utils_Array::value('mail', $errors)) {
                 $errors[$emailName] = $errors['mail'];
             }
             // also unset drupal messages to avoid twice display of errors
             unset($_SESSION['messages']);
         }
         // drupal api sucks
         // do the name check manually
         $nameError = user_validate_name($params['name']);
         if ($nameError) {
             $errors['cms_name'] = $nameError;
         }
         $sql = "\nSELECT name, mail\n  FROM {$config->userFrameworkUsersTableName}\n WHERE (LOWER(name) = LOWER('{$name}')) OR (LOWER(mail) = LOWER('{$email}'))";
     } elseif ($isJoomla) {
         //don't allow the special characters and min. username length is two
         //regex \\ to match a single backslash would become '/\\\\/'
         $isNotValid = (bool) preg_match('/[\\<|\\>|\\"|\'|\\%|\\;|\\(|\\)|\\&|\\\\|\\/]/im', $name);
         if ($isNotValid || strlen($name) < 2) {
             $errors['cms_name'] = ts("Your username contains invalid characters or is too short");
         }
         $sql = "\nSELECT username, email\n  FROM {$config->userFrameworkUsersTableName}\n WHERE (LOWER(username) = LOWER('{$name}')) OR (LOWER(email) = LOWER('{$email}'))\n";
     }
     $db_cms = DB::connect($config->userFrameworkDSN);
     if (DB::isError($db_cms)) {
         die("Cannot connect to UF db via {$dsn}, " . $db_cms->getMessage());
     }
     $query = $db_cms->query($sql);
     $row = $query->fetchRow();
     if (!empty($row)) {
         $dbName = CRM_Utils_Array::value(0, $row);
         $dbEmail = CRM_Utils_Array::value(1, $row);
         if (strtolower($dbName) == strtolower($name)) {
             $errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $name));
         }
         if (strtolower($dbEmail) == strtolower($email)) {
             $errors[$emailName] = ts('This email %1 is already registered. Please select another email.', array(1 => $email));
         }
     }
 }
Пример #13
0
 /**
  * Check if username and email exists in the drupal db.
  *
  * @param array $params
  *   Array of name and mail values.
  * @param array $errors
  *   Array of errors.
  * @param string $emailName
  *   Field label for the 'email'.
  */
 public function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
 {
     $config = CRM_Core_Config::singleton();
     $dao = new CRM_Core_DAO();
     $name = $dao->escape(CRM_Utils_Array::value('name', $params));
     $email = $dao->escape(CRM_Utils_Array::value('mail', $params));
     _user_edit_validate(NULL, $params);
     $errors = form_get_errors();
     if ($errors) {
         if (!empty($errors['name'])) {
             $errors['cms_name'] = $errors['name'];
         }
         if (!empty($errors['mail'])) {
             $errors[$emailName] = $errors['mail'];
         }
         // also unset drupal messages to avoid twice display of errors
         unset($_SESSION['messages']);
     }
     // Do the name check manually.
     $nameError = user_validate_name($params['name']);
     if ($nameError) {
         $errors['cms_name'] = $nameError;
     }
     $sql = "\n      SELECT name, mail\n      FROM {users}\n      WHERE (LOWER(name) = LOWER('{$name}')) OR (LOWER(mail) = LOWER('{$email}'))\n    ";
     $result = db_query($sql);
     $row = db_fetch_array($result);
     if (!$row) {
         return;
     }
     $user = NULL;
     if (!empty($row)) {
         $dbName = CRM_Utils_Array::value('name', $row);
         $dbEmail = CRM_Utils_Array::value('mail', $row);
         if (strtolower($dbName) == strtolower($name)) {
             $errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $name));
         }
         if (strtolower($dbEmail) == strtolower($email)) {
             if (empty($email)) {
                 $errors[$emailName] = ts('You cannot create an email account for a contact with no email', array(1 => $email));
             } else {
                 $errors[$emailName] = ts('This email %1 is already registered. Please select another email.', array(1 => $email));
             }
         }
     }
 }
 function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
 {
     $config = CRM_Core_Config::singleton();
     $dao = new CRM_Core_DAO();
     $name = $dao->escape(CRM_Utils_Array::value('name', $params));
     $email = $dao->escape(CRM_Utils_Array::value('mail', $params));
     if (CRM_Utils_Array::value('name', $params)) {
         if (!validate_username($params['name'])) {
             $errors['cms_name'] = ts("Your username contains invalid characters");
         } elseif (username_exists(sanitize_user($params['name']))) {
             $errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $params['name']));
         }
     }
     if (CRM_Utils_Array::value('mail', $params)) {
         if (!is_email($params['mail'])) {
             $errors[$emailName] = "Your email is invaid";
         } elseif (email_exists($params['mail'])) {
             $errors[$emailName] = ts('This email %1 is already registered. Please select another email.', array(1 => $params['mail']));
         }
     }
 }
Пример #15
0
 /**
  * @param $string
  *
  * @return string
  */
 public static function escapeString($string)
 {
     static $_dao = NULL;
     if (!$_dao) {
         // If this is an atypical case (e.g. preparing .sql file before CiviCRM
         // has been installed), then we fallback DB-less str_replace escaping, as
         // we can't use mysqli_real_escape_string, as there is no DB connection.
         // Note: In typical usage, escapeString() will only check one conditional
         // ("if !$_dao") rather than two conditionals ("if !defined(DSN)")
         if (!defined('CIVICRM_DSN')) {
             // See http://php.net/manual/en/mysqli.real-escape-string.php for the
             // list of characters mysqli_real_escape_string escapes.
             $search = array("\\", "", "\n", "\r", "'", '"', "");
             $replace = array("\\\\", "\\0", "\\n", "\\r", "\\'", '\\"', "\\Z");
             return str_replace($search, $replace, $string);
         }
         $_dao = new CRM_Core_DAO();
     }
     return $_dao->escape($string);
 }
Пример #16
0
 /**
  * @param bool $includeContactIDs
  *
  * @return string
  */
 function where($includeContactIDs = FALSE)
 {
     $clauses = array();
     // add contact name search; search on primary name, source contact, assignee
     $contactname = $this->_formValues['sort_name'];
     if (!empty($contactname)) {
         $dao = new CRM_Core_DAO();
         $contactname = $dao->escape($contactname);
         $clauses[] = "(contact_a.sort_name LIKE '%{$contactname}%' OR\n                           contact_b.sort_name LIKE '%{$contactname}%' OR\n                           contact_c.display_name LIKE '%{$contactname}%')";
     }
     $subject = $this->_formValues['activity_subject'];
     if (!empty($this->_formValues['contact_type'])) {
         $clauses[] = "contact_a.contact_type LIKE '%{$this->_formValues['contact_type']}%'";
     }
     if (!empty($subject)) {
         $dao = new CRM_Core_DAO();
         $subject = $dao->escape($subject);
         $clauses[] = "activity.subject LIKE '%{$subject}%'";
     }
     if (!empty($this->_formValues['activity_status_id'])) {
         $clauses[] = "activity.status_id = {$this->_formValues['activity_status_id']}";
     }
     if (!empty($this->_formValues['activity_type_id'])) {
         $clauses[] = "activity.activity_type_id = {$this->_formValues['activity_type_id']}";
     }
     $startDate = $this->_formValues['start_date'];
     if (!empty($startDate)) {
         $startDate .= '00:00:00';
         $startDateFormatted = CRM_Utils_Date::processDate($startDate);
         if ($startDateFormatted) {
             $clauses[] = "activity.activity_date_time >= {$startDateFormatted}";
         }
     }
     $endDate = $this->_formValues['end_date'];
     if (!empty($endDate)) {
         $endDate .= '23:59:59';
         $endDateFormatted = CRM_Utils_Date::processDate($endDate);
         if ($endDateFormatted) {
             $clauses[] = "activity.activity_date_time <= {$endDateFormatted}";
         }
     }
     if ($includeContactIDs) {
         $contactIDs = array();
         foreach ($this->_formValues as $id => $value) {
             if ($value && substr($id, 0, CRM_Core_Form::CB_PREFIX_LEN) == CRM_Core_Form::CB_PREFIX) {
                 $contactIDs[] = substr($id, CRM_Core_Form::CB_PREFIX_LEN);
             }
         }
         if (!empty($contactIDs)) {
             $contactIDs = implode(', ', $contactIDs);
             $clauses[] = "contact_a.id IN ( {$contactIDs} )";
         }
     }
     return implode(' AND ', $clauses);
 }
Пример #17
0
 /**
  * @param $string
  *
  * @return string
  */
 public static function escapeString($string)
 {
     static $_dao = NULL;
     if (!$_dao) {
         // If this is an atypical case (e.g. preparing .sql files
         // before Civi has been installed), then we fallback to
         // DB-less escaping helper (mysql_real_escape_string).
         // Note: In typical usage, escapeString() will only
         // check one conditional ("if !$_dao") rather than
         // two conditionals ("if !defined(DSN)")
         if (!defined('CIVICRM_DSN')) {
             if (function_exists('mysql_real_escape_string')) {
                 return mysql_real_escape_string($string);
             } else {
                 throw new CRM_Core_Exception("Cannot generate SQL. \"mysql_real_escape_string\" is missing. Have you installed PHP \"mysql\" extension?");
             }
         }
         $_dao = new CRM_Core_DAO();
     }
     return $_dao->escape($string);
 }
Пример #18
0
 /**
  * Check if username and email exists in the Joomla! db
  *
  * @params $params    array   array of name and mail values
  * @params $errors    array   array of errors
  * @params $emailName string  field label for the 'email'
  *
  * @return void
  */
 function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
 {
     $config = CRM_Core_Config::singleton();
     $dao = new CRM_Core_DAO();
     $name = $dao->escape(CRM_Utils_Array::value('name', $params));
     $email = $dao->escape(CRM_Utils_Array::value('mail', $params));
     //don't allow the special characters and min. username length is two
     //regex \\ to match a single backslash would become '/\\\\/'
     $isNotValid = (bool) preg_match('/[\\<|\\>|\\"|\'|\\%|\\;|\\(|\\)|\\&|\\\\|\\/]/im', $name);
     if ($isNotValid || strlen($name) < 2) {
         $errors['cms_name'] = ts('Your username contains invalid characters or is too short');
     }
     $JUserTable =& JTable::getInstance('User', 'JTable');
     $db = $JUserTable->getDbo();
     $query = $db->getQuery(TRUE);
     $query->select('username, email');
     $query->from($JUserTable->getTableName());
     $query->where('(LOWER(username) = LOWER(\'' . $name . '\')) OR (LOWER(email) = LOWER(\'' . $email . '\'))');
     $db->setQuery($query, 0, 10);
     $users = $db->loadAssocList();
     $row = array();
     if (count($users)) {
         $row = $users[0];
     }
     if (!empty($row)) {
         $dbName = CRM_Utils_Array::value('username', $row);
         $dbEmail = CRM_Utils_Array::value('email', $row);
         if (strtolower($dbName) == strtolower($name)) {
             $errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $name));
         }
         if (strtolower($dbEmail) == strtolower($email)) {
             $errors[$emailName] = ts('This email %1 is already registered. Please select another email.', array(1 => $email));
         }
     }
 }