public static function add($username, $password, $realname)
{
// escape input
$username = Fari_Escape::html($username);
$password = Fari_Escape::html($password);
$realname = Fari_Escape::html(Fari_Decode::javascript($realname));
// verify that credentials are provided in a valid form
if (!empty($username) && ctype_alnum($username) && strlen($username) <= 10) {
if (!empty($password) && ctype_alnum($password) && strlen($password) <= 10) {
if (!empty($realname) && strlen($realname) <= 100) {
// all OK, db insert
Fari_Db::insert('users', array('username' => $username, 'password' => sha1($password), 'realname' => $realname));
Fari_Message::success("Welcome {$realname}!");
return TRUE;
} else {
Fari_Message::fail("Please provide a valid real name.");
}
} else {
Fari_Message::fail("Please provide a valid password.");
}
} else {
Fari_Message::fail("Please provide a valid username.");
}
return FALSE;
}
/**
* Send a message from a room
*
* @uses Ajax
*/
public function actionSpeak($roomId)
{
$text = Fari_Escape::text(Fari_Decode::javascript($this->request->getRawPost('text')));
if (!empty($text)) {
$time = mktime();
// a text message
$message = new MessageSpeak($roomId, $time);
$message->text($roomId, $time, $this->user->getShortName(), $this->user->getId(), $text);
// the message might be saved under wrong room id, but activity updater will kick us...
try {
$this->room->updateUserActivity($roomId, $time, $this->user->getId());
} catch (UserNotFoundException $e) {
$this->renderJson('bye');
}
}
}
/**
* Get POSTed value(s), filtered.
* @param string $key Key under which values are saved under, otherwise get all (optional)
* @param string $filter Fari_Escape applied on getting the value (optional)
* @return mixed Values in $_POST variable
*/
function getPost($key = NULL, $filter = 'text')
{
// can we apply the filter passed?
try {
if (!method_exists('Fari_Escape', $filter)) {
// ... throw exception if filter function is invalid
throw new Fari_Exception('Fari_Escape::' . $filter . ' is not a valid escaping function.');
}
} catch (Fari_Exception $exception) {
$exception->fire();
}
// return the value(s), filtered
if (isset($key)) {
return $this->isAjax() ? Fari_Escape::$filter(Fari_Decode::javascript($this->post->{$key})) : Fari_Escape::$filter($this->post->{$key});
} else {
// get the values
$post = $this->post->values;
// decode from AJAX?
if ($this->isAjax()) {
$post = Fari_Decode::javascript($post);
}
// filter them
foreach ($post as $key => &$value) {
$value = Fari_Escape::$filter($value);
}
return $post;
}
}
