Пример #1
0
 /**
  * Save user registration and notify users and admins if required
  * for Joomla! 1.5
  * @return boolean
  */
 function register_save()
 {
     global $mainframe, $mosConfig_live_site;
     // Check for request forgeries
     JRequest::checkToken() or die('Invalid Token');
     // Get required system objects
     $user = clone JFactory::getUser();
     $pathway =& $mainframe->getPathway();
     $config =& JFactory::getConfig();
     $authorize =& JFactory::getACL();
     $document =& JFactory::getDocument();
     // If user registration is not allowed, show 403 not authorized.
     $usersConfig =& JComponentHelper::getParams('com_users');
     if ($usersConfig->get('allowUserRegistration') == '0') {
         JError::raiseError(403, JText::_('Access Forbidden'));
         return false;
     }
     // Initialize new usertype setting
     $newUsertype = $usersConfig->get('new_usertype');
     if (!$newUsertype) {
         $newUsertype = 'Registered';
     }
     // Bind the post array to the user object
     $_post_ =& vmRequest::get('post');
     if (!$user->bind($_post_, 'usertype')) {
         JError::raiseError(500, $user->getError());
     }
     // Set some initial user values
     $user->set('id', 0);
     $user->set('usertype', $newUsertype);
     $user->set('gid', $authorize->get_group_id('', $newUsertype, 'ARO'));
     // TODO: Should this be JDate?
     $user->set('registerDate', date('Y-m-d H:i:s'));
     // If user activation is turned on, we need to set the activation information
     $useractivation = $usersConfig->get('useractivation');
     if ($useractivation == '1') {
         jimport('joomla.user.helper');
         $user->set('activation', md5(JUserHelper::genRandomPassword()));
         $user->set('block', '1');
     }
     // If there was an error with registration, set the message and display form
     if (!$user->save()) {
         JError::raiseWarning('', JText::_($user->getError()));
         return false;
     }
     // Send registration confirmation mail
     $password = JRequest::getString('password', '', 'post', JREQUEST_ALLOWRAW);
     $password = preg_replace('/[\\x00-\\x1F\\x7F]/', '', $password);
     //Disallow control chars in the email
     $name = $user->get('name');
     $email = $user->get('email');
     $username = $user->get('username');
     $component = 'com_user';
     $activation_link = $mosConfig_live_site . "/index.php?option={$component}&task=activate&activation=" . $user->get('activation');
     // Send the registration email
     $this->_sendMail($name, $email, $username, $password, $activation_link);
     return true;
 }
Пример #2
0
     // prevent SQL injection
     if ($perm->check('admin,storeadmin')) {
         $myInsecureArray = $vmInputFilter->safeSQL($myInsecureArray);
         $myInsecureArray = $vmInputFilter->process($myInsecureArray);
         // Re-insert the escaped strings into $_REQUEST
         foreach ($myInsecureArray as $requestvar => $requestval) {
             $_REQUEST[$requestvar] = $requestval;
         }
     } else {
         // Strip all tags from all input values
         $_REQUEST = $vmInputFilter->process($_REQUEST);
         $_REQUEST = $vmInputFilter->safeSQL($_REQUEST);
     }
     // Limit the keyword (=search string) length to 50
     $keyword = substr(urldecode(vmGet($_REQUEST, 'keyword')), 0, 50);
     $vars = vmRequest::get('', VMREQUEST_ALLOWRAW);
 }
 // The Page will change with every different parameter / argument, so provide this for identification
 // "call" will call the function load_that_shop_page when it is not yet cached with exactly THESE parameters
 // or the caching time range has expired
 $GLOBALS['cache_id'] = vmTemplate::getCacheId();
 if ($option == "com_virtuemart") {
     // Check if we have to run a Shop Function
     // and if the user is allowed to execute it
     $funcParams = $ps_function->getFuncPermissions($func);
     /**********************************************
      ** Get Page/Directory Permissions
      ** Displays error if directory is not registered,
      ** user has no permission to view it , or file doesn't exist
      ************************************************/
     if (empty($page)) {