function tbxUploadStepOne() { global $t; $v = Validator::Create(); $_REQUEST['tags'] = Tags::Format($_REQUEST['tags']); $v->Register($_REQUEST['title'], Validator_Type::LENGTH_BETWEEN, _T('Validation:Invalid Length', _T('Label:Title'), Config::Get('title_min_length'), Config::Get('title_max_length')), Config::Get('title_min_length') . ',' . Config::Get('title_max_length')); $v->Register($_REQUEST['description'], Validator_Type::LENGTH_BETWEEN, _T('Validation:Invalid Length', _T('Label:Description'), Config::Get('description_min_length'), Config::Get('description_max_length')), Config::Get('description_min_length') . ',' . Config::Get('description_max_length')); $v->Register(Tags::Count($_REQUEST['tags']), Validator_Type::IS_BETWEEN, _T('Validation:Invalid Num Tags', Config::Get('tags_min'), Config::Get('tags_max')), Config::Get('tags_min') . ',' . Config::Get('tags_max')); // Register user-defined field validators $schema = GetDBSchema(); $v->RegisterFromXml($schema->el('//table[name="tbx_video_custom"]'), 'user', 'create'); // Check blacklist $_REQUEST['ip_address'] = $_SERVER['REMOTE_ADDR']; if (($match = Blacklist::Match($_REQUEST, Blacklist::ITEM_VIDEO)) !== false) { $v->SetError(_T('Validation:Blacklisted', $match['match'])); } // Validate CAPTCHA if (Config::Get('flag_captcha_on_upload')) { Captcha::Verify(); } if (!$v->Validate()) { $t->Assign('g_errors', $v->GetErrors()); $t->AssignByRef('g_form', $_REQUEST); return tbxDisplayUpload(); } $_REQUEST['step_one_data'] = base64_encode(serialize($_REQUEST)); $_REQUEST['step_one_sig'] = sha1($_REQUEST['step_one_data'] . Config::Get('random_value')); $t->Assign('g_file_types', '*.' . str_replace(',', ';*.', Config::Get('upload_extensions'))); $t->Assign('g_cookie', $_COOKIE[LOGIN_COOKIE]); $t->AssignByRef('g_form', $_REQUEST); $t->Display('upload-step-two.tpl'); }
function tbxRegister() { global $t; $DB = GetDB(); $v = Validator::Create(); $v->Register($_REQUEST['username'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Username'))); $v->Register($_REQUEST['username'], Validator_Type::IS_ALPHANUM, _T('Validation:Alphanumeric', _T('Label:Username'))); $v->Register($DB->QueryCount('SELECT COUNT(*) FROM `tbx_user` WHERE `username`=?', array($_REQUEST['username'])), Validator_Type::IS_ZERO, _T('Validation:Username Taken')); $v->Register($_REQUEST['password'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Password'))); $v->Register($_REQUEST['password'], Validator_Type::LENGTH_GREATER_EQ, _T('Validation:Length Greater Equal', _T('Label:Password'), 8), 8); $v->Register($_REQUEST['password'], Validator_Type::EQUALS, _T('Validation:Passwords do not match'), $_REQUEST['confirm_password']); $v->Register($_REQUEST['email'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:E-mail'))); $v->Register($_REQUEST['email'], Validator_Type::VALID_EMAIL, _T('Validation:E-mail', _T('Label:E-mail'))); $v->Register($DB->QueryCount('SELECT COUNT(*) FROM `tbx_user` WHERE `email`=?', array($_REQUEST['email'])), Validator_Type::IS_ZERO, _T('Validation:E-mail Taken')); $v->Register($_REQUEST['name'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Name'))); $v->Register(empty($_REQUEST['birth_month']) || empty($_REQUEST['birth_day']) || empty($_REQUEST['birth_year']), Validator_Type::IS_FALSE, _T('Validation:Birthday Required')); $v->Register($_REQUEST['gender'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Gender'))); $v->Register($_REQUEST['terms'], Validator_Type::NOT_EMPTY, _T('Validation:Accept Terms')); // Register user-defined field validators $schema = GetDBSchema(); $v->RegisterFromXml($schema->el('//table[name="tbx_user_custom"]'), 'user', 'create'); // Check blacklist $_REQUEST['ip_address'] = $_SERVER['REMOTE_ADDR']; if (($match = Blacklist::Match($_REQUEST, Blacklist::ITEM_USER)) !== false) { $v->SetError(_T('Validation:Blacklisted', $match['match'])); } // Check CAPTCHA if (Config::Get('flag_captcha_on_signup')) { Captcha::Verify(); } if (!$v->Validate()) { $t->Assign('g_errors', $v->GetErrors()); $t->Assign('g_form', $_REQUEST); return tbxDisplayRegister(); } // Format data $_REQUEST['date_birth'] = $_REQUEST['birth_year'] . '-' . $_REQUEST['birth_month'] . '-' . $_REQUEST['birth_day']; $_REQUEST['date_created'] = Database_MySQL::Now(); $_REQUEST['user_level_id'] = $DB->QuerySingleColumn('SELECT `user_level_id` FROM `tbx_user_level` WHERE `is_default`=1'); $_REQUEST['password'] = sha1($_REQUEST['password']); // Strip HTML tags if (Config::Get('flag_user_strip_tags')) { $_REQUEST = String::StripTags($_REQUEST); } // Prepare fields for database Form_Prepare::Standard('tbx_user'); Form_Prepare::Standard('tbx_user_stat'); Form_Prepare::Custom('tbx_user_custom_schema', 'on_submit'); // Setup account status $_REQUEST['status'] = STATUS_ACTIVE; $email_template = 'email-user-added.tpl'; if (Config::Get('flag_user_confirm_email')) { $_REQUEST['status'] = STATUS_SUBMITTED; $email_template = 'email-user-confirm.tpl'; } else { if (Config::Get('flag_user_approve')) { $_REQUEST['status'] = STATUS_PENDING; $email_template = 'email-user-pending.tpl'; } } // Add data to the database DatabaseAdd('tbx_user', $_REQUEST); DatabaseAdd('tbx_user_custom', $_REQUEST); DatabaseAdd('tbx_user_stat', $_REQUEST); if ($_REQUEST['status'] == STATUS_SUBMITTED) { $_REQUEST['register_code'] = sha1(uniqid(mt_rand(), true)); $_REQUEST['timestamp'] = time(); DatabaseAdd('tbx_user_register_code', $_REQUEST); $t->Assign('g_code', $_REQUEST['register_code']); } $t->AssignByRef('g_user', $_REQUEST); $t->AssignByRef('g_form', $_REQUEST); // Send e-mail message $m = new Mailer(); $m->Mail($email_template, $t, $_REQUEST['email'], $_REQUEST['name']); // Display confirmation $t->Display('user-register-complete.tpl'); }
function _xRegister() { global $t, $C; require_once 'validator.php'; $_REQUEST = string_strip_tags($_REQUEST); $v =& Validator::Get(); $v->Register($_REQUEST['return_url'], VT_VALID_HTTP_URL, "The 'URL to Send Traffic' field must be a valid HTTP URL"); if (!string_is_empty($_REQUEST['return_url'])) { require_once 'http.php'; $http = new HTTP(); $v->Register($http->GET($_REQUEST['return_url'], null, true), VT_NOT_FALSE, "The 'URL to Send Traffic' does not seem to be working: " . $http->error); $_REQUEST['header'] = $http->response_headers; $_REQUEST['content'] = $http->body; } if ($C['flag_req_email'] || !empty($_REQUEST['email'])) { $v->Register($_REQUEST['email'], VT_VALID_EMAIL, "The 'E-mail Address' field must be a valid email"); } if ($C['flag_req_site_name'] || !empty($_REQUEST['site_name'])) { $v->Register($_REQUEST['site_name'], VT_LENGTH_BETWEEN, "The 'Site Name' field must have between {$C['site_name_min']} and {$C['site_name_max']} characters", array($C['site_name_min'], $C['site_name_max'])); } if ($C['flag_req_site_description'] || !empty($_REQUEST['site_description'])) { $v->Register($_REQUEST['site_description'], VT_LENGTH_BETWEEN, "The 'Site Description' field must have between {$C['site_description_min']} and {$C['site_description_max']} characters", array($C['site_description_min'], $C['site_description_max'])); } if ($C['flag_req_icq'] || !empty($_REQUEST['icq'])) { $v->Register($_REQUEST['icq'], VT_IS_NUMERIC, "The 'ICQ Number' field must be numeric"); } if ($C['flag_req_nickname'] || !empty($_REQUEST['nickname'])) { $v->Register($_REQUEST['nickname'], VT_NOT_EMPTY, "The 'Nickname' field is required"); } if ($C['flag_req_banner'] || !empty($_REQUEST['banner'])) { $v->Register($_REQUEST['banner'], VT_VALID_HTTP_URL, "The 'Banner URL' field must be a valid HTTP URL"); if (!string_is_empty($_REQUEST['banner'])) { require_once 'http.php'; $http = new HTTP(); $v->Register($http->GET($_REQUEST['banner'], null, true), VT_NOT_FALSE, "The 'Banner URL' does not seem to be working: " . $http->error); } } if ($C['flag_captcha_register']) { require_once 'captcha.php'; $captcha = new Captcha(); $captcha->Verify(); } $_REQUEST['domain'] = domain_from_url($_REQUEST['return_url']); require_once 'dirdb.php'; $db = new TradeDB(); $v->Register($db->Exists($_REQUEST['domain']), VT_IS_FALSE, "The site you are trying to register already exists in our database"); // Check blacklist $_REQUEST['server_ip'] = gethostbyname($domain); $_REQUEST['dns'] = gethostbyname($domain); if (($blacklisted = check_blacklist($_REQUEST)) !== false) { $v->SetError("You have matched one or more of our blacklist items and cannot register new trade accounts" . (!empty($blacklisted[1]) ? ": " . $blacklisted[1] : '')); } // Check category $categories = array_map('trim', file(FILE_CATEGORIES)); if ($C['flag_allow_select_category'] && count($categories)) { $v->Register(in_array($_REQUEST['category'], $categories), VT_IS_TRUE, "You have selected an invalid category"); $_REQUEST['categories'] = array($_REQUEST['category']); } if (!$v->Validate()) { $t->Assign('g_errors', $v->GetErrors()); return _xRegisterShow(); } $_REQUEST = array_merge($_REQUEST, unserialize(file_get_contents(FILE_NEW_TRADE_DEFAULTS))); $password = $_REQUEST['password'] = get_random_password(); $t->AssignByRef('g_trade', $_REQUEST); trade_add($_REQUEST, true); $_REQUEST['password'] = $password; $t->Display('register-complete.tpl'); }
$max_length = Config::Get('comment_max_length'); $throttle = Config::Get('comment_throttle_period'); if (!empty($video)) { $v = Validator::Create(); $v->Register($video['allow_comments'], Validator_Type::NOT_EQUALS, _T('Validation:Comments disabled'), COMMENTS_NO); $v->Register($_REQUEST['comment'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Comment'))); $v->Register($_REQUEST['comment'], Validator_Type::LENGTH_LESS_EQ, _T('Validation:Length too long', _T('Label:Comment'), $max_length), $max_length); $v->Register($DB->QueryCount('SELECT COUNT(*) FROM `tbx_video_comment` WHERE `video_id`=? AND `username`=? AND `date_commented`>=DATE_SUB(?, INTERVAL ? SECOND)', array($video_id, $username, Database_MySQL::Now(), $throttle)), Validator_Type::IS_ZERO, _T('Validation:Comment throttle', $throttle)); // Check blacklist $_REQUEST['ip_address'] = $_SERVER['REMOTE_ADDR']; if (($match = Blacklist::Match($_REQUEST, Blacklist::ITEM_COMMENT)) !== false) { $v->SetError(_T('Validation:Blacklisted', $match['match'])); } // Validate CAPTCHA if (Config::Get('flag_captcha_on_comment')) { Captcha::Verify(); } if (!$v->Validate()) { echo join('<br />', $v->GetErrors()); return; } $_REQUEST['username'] = $username; $_REQUEST['status'] = $video['allow_comments'] == COMMENTS_APPROVE ? STATUS_PENDING : STATUS_ACTIVE; $_REQUEST['date_commented'] = Database_MySQL::Now(); // Strip HTML tags if (Config::Get('flag_comment_strip_tags')) { $_REQUEST = String::StripTags($_REQUEST); } DatabaseAdd('tbx_video_comment', $_REQUEST); if ($_REQUEST['status'] == STATUS_ACTIVE) { StatsRollover();