示例#1
0
 function downloadBaseLog($formvars = array())
 {
     $mdb = $this->mdb;
     // add all missing keys to array
     fixFormVars($formvars, array('IDbase'));
     // security check
     $base = $mdb->queryFirstRow("SELECT IDbase FROM base WHERE IDbase = %i AND IDaccount = %i", $formvars['IDbase'], $_SESSION['IDaccount']);
     if (count($base) === NULL) {
         return false;
     }
     $path = server_basesock_log_path;
     $file = $path . $base['IDbase'] . '.json';
     if (file_exists($file)) {
         header('Content-Description: File Transfer');
         header('Content-Type: application/octet-stream');
         header('Content-Disposition: attachment; filename=' . basename($file));
         header('Content-Transfer-Encoding: binary');
         header('Expires: 0');
         header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
         header('Pragma: public');
         header('Content-Length: ' . filesize($file));
         ob_clean();
         flush();
         readfile($file);
         die;
     }
     return false;
 }
示例#2
0
 function doRegister($formvars = array())
 {
     $tpl = $this->tpl;
     // add all missing keys to array
     fixFormVars($formvars, array('email', 'password', 'password_again', 'terms'));
     $mdb = $this->mdb;
     $emailDomain = substr(strrchr($formvars['email'], "@"), 1);
     global $BAD_EMAIL_DOMAINS;
     if (!filter_var($formvars['email'], FILTER_VALIDATE_EMAIL)) {
         $this->error = 'email_missing';
         return false;
     } elseif (in_array(strtoupper($emailDomain), $BAD_EMAIL_DOMAINS)) {
         $this->error = 'email_missing';
         return false;
     } elseif (strlen($formvars['password']) < 6) {
         $this->error = 'password_missing';
         return false;
     } elseif ($formvars['password'] != $formvars['password_again']) {
         $this->error = 'password_mismatch';
         return false;
     } elseif ($formvars['terms'] != '1') {
         $this->error = 'terms';
         return false;
     }
     // reCAPTCHA validation enabled?
     if (reCAPTCHA_PRIVATE_KEY != '') {
         // recaptcha is replaced with recaptcha2
         /*
         $reCAPTCHA_RESPONSE = recaptcha_check_answer (reCAPTCHA_PRIVATE_KEY, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
         if (!$reCAPTCHA_RESPONSE->is_valid) {
         	$this->error = 'recaptcha';
         	return;
         }
         */
         if (!isset($formvars['g-recaptcha-response']) || !recaptcha2_verify(reCAPTCHA_PRIVATE_KEY, $formvars['g-recaptcha-response'], $_SERVER["REMOTE_ADDR"])) {
             $this->error = 'recaptcha';
             return;
         }
     }
     // validate e-mail now
     $account = $mdb->queryFirstRow("SELECT * FROM account WHERE email = %s LIMIT 1", $formvars['email']);
     if ($account !== NULL) {
         $this->error = 'email_used';
         return false;
     }
     // we validated everything but e-mail so far
     $hashedpassword = create_hash($formvars['password']);
     // insert into database
     $mdb->insert('account', array('email' => $formvars['email'], 'password' => $hashedpassword, 'active' => 0));
     // send activation e-mail
     $this->resendActivationEmail($formvars['email']);
     return true;
 }