function checkPost($args)
{
global $Security;
global $Language;
global $dbUsers;
global $Site;
if ($Security->isBlocked()) {
Alert::set($Language->g('IP address has been blocked') . '<br>' . $Language->g('Try again in a few minutes'));
return false;
}
// Remove illegal characters from email
$email = Sanitize::email($args['email']);
if (Valid::email($email)) {
// Get username associated to an email.
$username = $dbUsers->getByEmail($email);
if ($username != false) {
// Generate the token and the token expiration date.
$token = $dbUsers->generateTokenEmail($username);
// ---- EMAIL ----
$link = $Site->url() . 'admin/login-email?tokenEmail=' . $token . '&username='******'BLUDIT Login access code');
$message = Text::replaceAssoc(array('{{WEBSITE_NAME}}' => $Site->title(), '{{LINK}}' => '<a href="' . $link . '">' . $link . '</a>'), $Language->g('email-notification-login-access-code'));
$sent = Email::send(array('from' => $Site->emailFrom(), 'to' => $email, 'subject' => $subject, 'message' => $message));
if ($sent) {
Alert::set($Language->g('check-your-inbox-for-your-login-access-code'));
return true;
} else {
Alert::set($Language->g('There was a problem sending the email'));
return false;
}
}
}
// Bruteforce protection, add IP to blacklist.
$Security->addLoginFail();
Alert::set($Language->g('check-your-inbox-for-your-login-access-code'));
return false;
}
public static function email($email)
{
// Make sure the email doesn't contain illegal characters
$illegalChars = Sanitize::email($email, "", true);
if ($illegalChars != array()) {
Alert::error("Validate Email", "The email does not allow: " . self::announceIllegalChars($illegalChars), 3);
return false;
}
// Make sure the email has an "@"
if (strpos($email, "@") === false) {
Alert::error("Validate Email", "Email improperly formatted: doesn't include an @ character.", 3);
return false;
}
// Prepare Values
$emailData = array();
$exp = explode("@", $email);
$emailData['full'] = $email;
$emailData['username'] = $exp[0];
$emailData['domain'] = $exp[1];
$lenEmail = strlen($email);
$lenUser = strlen($emailData['username']);
$lenDomain = strlen($emailData['domain']);
// Check if the email is too long
if ($lenEmail > 72) {
Alert::error("Validate Email", "Email is over 72 characters long.", 1);
return false;
}
// Check if the username is too long
if ($lenUser < 1 or $lenUser > 50) {
Alert::error("Validate Email", "Email username must be between 1 and 50 characters.", 2);
return false;
}
// Check if the domain is too long
if ($lenDomain < 1 or $lenDomain > 50) {
Alert::error("Validate Email", "Email domain must be between 1 and 50 characters.", 2);
return false;
}
// Check for valid emails with the username
if ($emailData['username'][0] == '.' or $emailData['username'][$lenUser - 1] == '.') {
Alert::error("Validate Email", "Email username cannot start or end with a period.", 5);
return false;
}
// Username cannot have two consecutive dots
if (strpos($emailData['username'], "..") !== false) {
Alert::error("Validate Email", "Email username cannot contain two consecutive periods.", 5);
return false;
}
// Check the domain for valid characters
if (!IsSanitized::variable($emailData['domain'], "-.")) {
Alert::error("Validate Email", "Email domain was not properly sanitized.", 3);
return false;
}
// The email was successfully validated
return true;
}
// Create the ProfilePic for this Account
$packet = array("uni_id" => $uniID, "title" => $_POST['display_name']);
$response = API_Connect::to("profile_picture", "SetDefaultPic", $packet);
// Reset Values
$_POST['handle'] = "";
$_POST['display_name'] = "";
$_POST['email'] = "";
$_POST['password'] = "";
}
} else {
Database::endTransaction(false);
Alert::error("Process Error", "An error has occurred while processing this registration.", 1);
}
}
} else {
$_POST['email'] = isset($_POST['email']) ? Sanitize::email($_POST['email']) : "";
$_POST['password'] = isset($_POST['password']) ? Sanitize::safeword($_POST['password']) : "";
$_POST['handle'] = isset($_POST['handle']) ? Sanitize::variable($_POST['handle']) : "";
$_POST['display_name'] = isset($_POST['display_name']) ? Sanitize::safeword($_POST['display_name'], ' ') : "";
}
// Run Header
require SYS_PATH . "/controller/includes/admin_header.php";
// Display the Editing Form
echo '
<h3>Add a New User</h3>
<form class="uniform" action="/admin/AppAccount/Add User" method="post">' . Form::prepare("add-user-uni6") . '
<p>
<strong>Profile Handle:</strong><br />
<input type="text" name="handle" value="' . $_POST['handle'] . '" style="width:200px;" maxlength="22" />
</p>
