function xoops_user_validate($username, $password, $validate)
 {
     global $xoopsModuleConfig, $xoopsConfig;
     if ($xoopsModuleConfig['site_user_auth'] == 1) {
         if ($ret = check_for_lock(basename(__FILE__), $username, $password)) {
             return $ret;
         }
         if (!checkright(basename(__FILE__), $username, $password)) {
             mark_for_lock(basename(__FILE__), $username, $password);
             return array('ErrNum' => 9, "ErrDesc" => 'No Permission for plug-in');
         }
     }
     if ($validate['passhash'] != '') {
         if ($validate['passhash'] != sha1($validate['time'] - $validate['rand'] . $validate['uname'] . $validate['pass'])) {
             return array("ERRNUM" => 4, "ERRTXT" => 'No Passhash');
         }
     } else {
         return array("ERRNUM" => 4, "ERRTXT" => 'No Passhash');
     }
     include_once XOOPS_ROOT_PATH . '/class/auth/authfactory.php';
     include_once XOOPS_ROOT_PATH . '/language/' . $xoopsConfig['language'] . '/auth.php';
     $xoopsAuth =& XoopsAuthFactory::getAuthConnection($myts->addSlashes($validate['uname']));
     if (check_auth_class($xoopsAuth) == true) {
         $result = $xoopsAuth->validate($validate['uname'], $validate['email'], $validate['pass'], $validate['vpass']);
         return $result;
     } else {
         return array('ERRNUM' => 1, 'RESULT' => XoopsUserUtility::validate($validate['uname'], $validate['email'], $validate['pass'], $validate['vpass']));
     }
 }
Пример #2
0
 $myts =& MyTextSanitizer::getInstance();
 $user->setVar('uname', $_POST['uname']);
 $user->setVar('email', trim($_POST['email']));
 if (isset($_POST['level']) && $user->getVar('level') != intval($_POST['level'])) {
     $user->setVar('level', intval($_POST['level']));
 }
 $password = $vpass = null;
 if (!empty($_POST['password'])) {
     $password = $myts->stripSlashesGPC(trim($_POST['password']));
     $vpass = @$myts->stripSlashesGPC(trim($_POST['vpass']));
     $user->setVar('pass', md5($password));
 } elseif ($user->isNew()) {
     $password = $vpass = '';
 }
 xoops_load("userUtility");
 $stop = XoopsUserUtility::validate($user, $password, $vpass);
 $errors = array();
 if ($stop != "") {
     $errors[] = $stop;
 }
 foreach (array_keys($fields) as $i) {
     $fieldname = $fields[$i]->getVar('field_name');
     if (in_array($fields[$i]->getVar('field_id'), $editable_fields) && isset($_REQUEST[$fieldname])) {
         if (in_array($fieldname, $userfields)) {
             $value = $fields[$i]->getValueForSave($_REQUEST[$fieldname], $user->getVar($fieldname, 'n'));
             $user->setVar($fieldname, $value);
         } else {
             $value = $fields[$i]->getValueForSave(isset($_REQUEST[$fieldname]) ? $_REQUEST[$fieldname] : "", $profile->getVar($fieldname, 'n'));
             $profile->setVar($fieldname, $value);
         }
     }
Пример #3
0
function userCheck($uname, $email, $pass, $vpass)
{
    trigger_error("Function " . __FUNCTION__ . " is deprecated, use XoopsUserUtility::validate() instead", E_USER_WARNING);
    return XoopsUserUtility::validate($uname, $email, $pass, $vpass);
}
Пример #4
0
$myts = \Xoops\Core\Text\Sanitizer::getInstance();
$op = isset($_REQUEST['op']) ? $_REQUEST['op'] : 'editprofile';
$xoops->getConfigs();
if ($op === 'save') {
    if (!$xoops->security()->check()) {
        $xoops->redirect(\XoopsBaseConfig::get('url') . "/modules/" . $xoops->module->getVar('dirname', 'n') . "/", 3, XoopsLocale::E_NO_ACTION_PERMISSION . "<br />" . implode('<br />', $xoops->security()->getErrors()));
        exit;
    }
    $uid = $xoops->user->getVar('uid');
    $errors = array();
    $edituser = $xoops->user;
    if ($xoops->user->isAdmin()) {
        $edituser->setVar('uname', trim($_POST['uname']));
        $edituser->setVar('email', trim($_POST['email']));
    }
    $stop = XoopsUserUtility::validate($edituser);
    if (!empty($stop)) {
        $op = 'editprofile';
    } else {
        // Dynamic fields
        /* @var $profile_handler ProfileProfileHandler */
        $profile_handler = \Xoops::getModuleHelper('profile')->getHandler('profile');
        // Get fields
        $fields = $profile_handler->loadFields();
        // Get ids of fields that can be edited
        $gperm_handler = $xoops->getHandlerGroupPermission();
        $editable_fields = $gperm_handler->getItemIds('profile_edit', $xoops->user->getGroups(), $xoops->module->getVar('mid'));
        if (!($profile = $profile_handler->getProfile($edituser->getVar('uid')))) {
            $profile = $profile_handler->create();
            $profile->setVar('profile_id', $edituser->getVar('uid'));
        }
Пример #5
0
if ($current_step == 1) {
    $uname = isset($_POST['uname']) ? $myts->stripSlashesGPC(trim($_POST['uname'])) : '';
    $email = isset($_POST['email']) ? $myts->stripSlashesGPC(trim($_POST['email'])) : '';
    $url = isset($_POST['url']) ? $myts->stripSlashesGPC(trim($_POST['url'])) : '';
    $pass = isset($_POST['pass']) ? $myts->stripSlashesGPC(trim($_POST['pass'])) : '';
    $vpass = isset($_POST['vpass']) ? $myts->stripSlashesGPC(trim($_POST['vpass'])) : '';
    $agree_disc = isset($_POST['agree_disc']) && (int) $_POST['agree_disc'] ? 1 : 0;
    if ($xoops->getConfig('reg_dispdsclmr') != 0 && $xoops->getConfig('reg_disclaimer') != '') {
        if (empty($agree_disc)) {
            $stop .= XoopsLocale::E_YOU_HAVE_TO_AGREE_TO_DISCLAIMER . '<br />';
        }
    }
    $newuser->setVar('uname', $uname);
    $newuser->setVar('email', $email);
    $newuser->setVar('pass', $pass ? password_hash($pass, PASSWORD_DEFAULT) : '');
    $stop .= XoopsUserUtility::validate($newuser, $pass, $vpass);
    $xoopsCaptcha = XoopsCaptcha::getInstance();
    if (!$xoopsCaptcha->verify()) {
        $stop .= $xoopsCaptcha->getMessage();
    }
}
// If the last step required SAVE or if we're on the last step then we will insert/update user on database
if ($current_step > 0 && empty($stop) && (!empty($steps[$current_step - 1]['step_save']) || !isset($steps[$current_step]))) {
    $isNew = $newuser->isNew();
    //Did created an user already? If not then let us set some extra info
    if ($isNew) {
        $uname = isset($_POST['uname']) ? $myts->stripSlashesGPC(trim($_POST['uname'])) : '';
        $email = isset($_POST['email']) ? $myts->stripSlashesGPC(trim($_POST['email'])) : '';
        $url = isset($_POST['url']) ? $myts->stripSlashesGPC(trim($_POST['url'])) : '';
        $pass = isset($_POST['pass']) ? $myts->stripSlashesGPC(trim($_POST['pass'])) : '';
        $newuser->setVar('uname', $uname);
Пример #6
0
 function userCheck($uname, $email, $pass, $vpass)
 {
     return XoopsUserUtility::validate($uname, $email, $pass, $vpass);
 }
Пример #7
0
/**
 * @param $uname
 * @param $email
 * @param $pass
 * @param $vpass
 *
 * @return bool|string
 */
function userCheck($uname, $email, $pass, $vpass)
{
    $GLOBALS['xoopsLogger']->addDeprecated('Function ' . __FUNCTION__ . ' is deprecated, use XoopsUserUtility::validate() instead');
    return XoopsUserUtility::validate($uname, $email, $pass, $vpass);
}
Пример #8
0
         }
         echo XoopsLocale::TIME_ZONE . ": {$timezone}<br />";
         echo "<form action='register.php' method='post'>";
         $cpatcha = new Xoops\Form\Captcha();
         echo "<br />" . $cpatcha->getCaption() . ": " . $cpatcha->render();
         echo "<input type='hidden' name='uname' value='" . $myts->htmlSpecialChars($uname) . "' />\n                  <input type='hidden' name='email' value='" . $myts->htmlSpecialChars($email) . "' />\n                  <input type='hidden' name='user_viewemail' value='" . $user_viewemail . "' />\n                  <input type='hidden' name='timezone' value='" . $timezone . "' />\n                  <input type='hidden' name='url' value='" . $myts->htmlSpecialChars($url) . "' />\n                  <input type='hidden' name='pass' value='" . $myts->htmlSpecialChars($pass) . "' />\n                  <input type='hidden' name='vpass' value='" . $myts->htmlSpecialChars($vpass) . "' />\n                  <input type='hidden' name='user_mailok' value='" . $user_mailok . "' />\n                  <br /><br /><input type='hidden' name='op' value='finish' />" . $xoops->security()->getTokenHTML() . "<input type='submit' value='" . XoopsLocale::A_FINISH . "' /></form>";
     } else {
         echo "<span class='red'>{$stop}</span>";
         include $xoops->path('include/registerform.php');
         $reg_form->display();
     }
     $xoops->footer();
     break;
 case 'finish':
     $xoops->header();
     $stop = XoopsUserUtility::validate($uname, $email, $pass, $vpass);
     if (!$xoops->security()->check()) {
         $stop .= implode('<br />', $xoops->security()->getErrors()) . "<br />";
     }
     $xoopsCaptcha = XoopsCaptcha::getInstance();
     if (!$xoopsCaptcha->verify()) {
         $stop .= $xoopsCaptcha->getMessage() . "<br />";
     }
     if (empty($stop)) {
         $member_handler = $xoops->getHandlerMember();
         $newuser = $member_handler->createUser();
         $newuser->setVar('user_viewemail', $user_viewemail);
         $newuser->setVar('uname', $uname);
         $newuser->setVar('email', $email);
         if ($url != '') {
             $newuser->setVar('url', $xoops->formatURL($url));