public function postAction($request, $db) { // check element 3, there's no user associated with the not-logged-in collections if (isset($request->url_elements[3])) { switch ($request->url_elements[3]) { case 'verifications': $user_mapper = new UserMapper($db, $request); $token = filter_var($request->getParameter("token"), FILTER_SANITIZE_STRING); if (empty($token)) { throw new Exception("Verification token must be supplied", 400); } else { $success = $user_mapper->verifyUser($token); if ($success) { header("Content-Length: 0", null, 204); exit; // no more content } else { throw new Exception("Verification failed", 400); } } break; default: throw new InvalidArgumentException('Unknown Subrequest', 404); break; } } else { $user = array(); $errors = array(); $user_mapper = new UserMapper($db, $request); // Required Fields $user['username'] = filter_var(trim($request->getParameter("username")), FILTER_SANITIZE_STRING); if (empty($user['username'])) { $errors[] = "'username' is a required field"; } else { // does anyone else have this username? $existing_user = $user_mapper->getUserByUsername($user['username']); if ($existing_user['users']) { $errors[] = "That username is already in use. Choose another"; } } $user['full_name'] = filter_var(trim($request->getParameter("full_name")), FILTER_SANITIZE_STRING); if (empty($user['full_name'])) { $errors[] = "'full_name' is a required field"; } $user['email'] = filter_var(trim($request->getParameter("email")), FILTER_VALIDATE_EMAIL); if (empty($user['email'])) { $errors[] = "A valid entry for 'email' is required"; } else { // does anyone else have this email? $existing_user = $user_mapper->getUserByEmail($user['email']); if ($existing_user['users']) { $errors[] = "That email is already associated with another account"; } } $password = $request->getParameter("password"); if (empty($password)) { $errors[] = "'password' is a required field"; } else { // check it's sane $validity = $user_mapper->checkPasswordValidity($password); if (true === $validity) { // OK good, go ahead $user['password'] = $password; } else { // the password wasn't acceptable, tell the user why $errors = array_merge($errors, $validity); } } // Optional Fields $user['twitter_username'] = filter_var(trim($request->getParameter("twitter_username")), FILTER_SANITIZE_STRING); // How does it look? With no errors, we can proceed if ($errors) { throw new Exception(implode(". ", $errors), 400); } else { $user_id = $user_mapper->createUser($user); header("Location: " . $request->base . $request->path_info . '/' . $user_id, null, 201); // autoverify for test platforms if (isset($this->config['features']['allow_auto_verify_users']) && $this->config['features']['allow_auto_verify_users']) { if ($request->getParameter("auto_verify_user") == "true") { // the test suite sends this extra field, if we got // this far then this platform supports this $user_mapper->verifyThisTestUser($user_id); } } // Generate a verification token and email it to the user $token = $user_mapper->generateEmailVerificationTokenForUserId($user_id); $recipients = array($user['email']); $emailService = new UserRegistrationEmailService($this->config, $recipients, $token); $emailService->sendEmail(); exit; } } }
if ($isValid === false) { $errors[] = "The email contains one or more invalid characters. Please try again."; } $isValid = maxLengthTest($_POST['usr_email'], 91); // some emails can be names + period or space + long url if ($isValid === false) { $errors[] = "The email is too long. Please enter a different one."; } $isValid = minLengthTest($_POST['usr_email'], 8); // the smallest email I can really think should exist if ($isValid === false) { $errors[] = "The email is too short. Please enter a different one."; } if (count($errors) == 0) { $newUser = new User($_POST['usr_username'], $_POST['usr_password'], $_POST['usr_lastname'], $_POST['usr_firstname'], $_POST['usr_email']); $result = $mapper->createUser($newUser); // Creating a multi-line message $success[] = "<p>New user created successfully!</p>"; $success[] = "<p>Username: "******".<br />"; $success[] = "Name: " . $newUser->__get(usr_firstname) . " " . $newUser->__get(usr_lastname) . ". <br />"; $success[] = "Email: " . $newUser->__get(usr_email) . ".</p>"; } } if (isset($success)) { foreach ($success as $msg) { echo $msg; } } else { echo "<ol>"; foreach ($errors as $error) { echo " <li class='error'>" . $error . "</li>";