function handleAccountRequest() {
		
		global $username, $password, $referralcode, $accountCreated;
		
		$message = null;
		
		$emailValidation = isValidEmail( $_REQUEST['email'] );
		
		if( ! $emailValidation->status ) {
			return $emailValidation;
		}
		
		if( isValidUsername( $username )
				&& isValidPassword( $password )
				&& $username != $password )
		{
			
			$result = createAccount( $username, $password, $referralcode );
			if( $result == "OK" ) {
				$message = new statusMessage( true, "Account created." );
				$accountCreated = true;
			} else {
				$message = new statusMessage( false, $result );
			}
			
		}
		else {
			$message = new statusMessage( false, "Invalid username or password. Passwords must be at least 5 characters long and may consist of letters, numbers, underscores, periods, and dashes. Passwords must not be the same as your username." );
		}
		
		return $message;
	
	}
 public function register($email, $uname, $password, $is_init = 0)
 {
     // 检查站点是否关闭注册
     $register_option = model('Xdata')->get('register:register_type');
     if (strtolower($register_option) == 'closed') {
         $this->last_error = '网站关闭注册';
         return false;
     }
     // 检查参数合法性
     if (!isEmailAvailable($email)) {
         $this->last_error = 'Email不合法或已存在';
         return false;
     }
     if (!isUnameAvailable($uname)) {
         $this->last_error = '昵称不合法或已存在';
         return false;
     }
     if (!isValidPassword($password)) {
         $this->last_error = '密码不合法';
         return false;
     }
     // 参数合法. So, continue...
     $uid = $this->_addUser($email, $uname, $password, $is_init);
     if (!$uid) {
         $this->last_error = 'Có lỗi phát sinh khi lưu';
         return false;
     }
     $this->_addUserToMyopLog($uid);
     $this->_syncUCenter($uid, $email, $uname, $password);
     return $uid;
 }
示例#3
0
 public function createAction()
 {
     // Creamos un nuevo cliente
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         extract($_POST);
         $isValidUser = isset($username) && isset($nombre) && isset($apellidos) && isset($email) && isset($password) && isset($con_password) && isset($news) && !empty($username) && !empty($nombre) && !empty($apellidos) && !empty($email) && !empty($password) && !empty($con_password) && $password === $con_password && isValidPassword($password) && isValidEmail($email);
         try {
             if ($isValidUser) {
                 Log::write('Se esta intentando crear un usuario');
                 $hash = crypt($password, uniqid());
                 $this->client->save(array('username' => $username, 'nombre' => $nombre, 'apellidos' => $apellidos, 'email' => $email, 'password' => $hash, 'news' => $news, 'public' => !!$public ? 1 : 0));
                 $_SESSION['username'] = $username;
                 Log::write("El usuario {$username} se ha creado correctamente");
                 flash('msg', 'El usuario se creó correctamente', 'Reguistro');
                 return header('Location: /client');
             }
             Log::write('Los datos pasados por POST no son correctos');
             return require VIEWS . 'error/400.php';
         } catch (Exception $e) {
             $error = $e->getMessage();
             Log::write('Se ha producido una excepción al intentar crear el usuario');
             return require VIEWS . 'error/500.php';
         }
     }
     return require VIEWS . 'error/400.php';
 }
function doCreateUser($email, $password)
{
    if (isValidEmail($email)) {
        if (isValidPassword($password)) {
            $db = dbconnect();
            $stmt = $db->prepare("INSERT INTO users SET email = :email, password = :password, created = now()");
            $binds = array(":email" => $email, ":password" => sha1($password));
            if ($stmt->execute($binds) && $stmt->rowCount() > 0) {
                return true;
            }
        }
    }
    return false;
}
function createNewUser($email, $password)
{
    if (isValidEmail($email)) {
        if (isValidPassword($password)) {
            $db = getDB();
            $stmt = $db->prepare("INSERT INTO users SET email = :email, password = :password, created = now()");
            $hashedPassword = hash('sha1', $password);
            $binds = array(":email" => $email, ":password" => $hashedPassword);
            if ($stmt->execute($binds) && $stmt->rowCount() > 0) {
                return true;
            }
        }
    }
    return false;
}
示例#6
0
function execSignup($username, $password, $confirmpw, $firstname, $lastname, $gender)
{
    if ($username == "" || !isValidUsername($username)) {
        return "Username is empty or invalid!";
    }
    if ($password == "" || !isValidPassword($password)) {
        return "Password is empty or invalid!";
    }
    if ($confirmpw == "" || !isValidPassword($confirmpw)) {
        return "Confirm Password is empty or invalid!";
    }
    if ($firstname == "" || !isValidName($firstname)) {
        return "First Name is empty or invalid!";
    }
    if ($lastname == "" || !isValidName($lastname)) {
        return "Last Name is empty or invalid!";
    }
    if ($gender == "" || !isValidGender($gender)) {
        return "Gender is empty or invalid!";
    }
    $userDAO = new UserDAO();
    //verify username exist
    $result = $userDAO->getUserByUsername($username);
    if ($result !== null) {
        return "Username exists, please change to another one!";
    }
    //verify $password == $confirmpw
    if ($password != $confirmpw) {
        return "Password and Confirm Password must be same!";
    }
    $roleDAO = new RoleDAO();
    $role = $roleDAO->getRoleByID(3);
    //normal user
    $departmentDAO = new DepartmentDAO();
    $depart = $departmentDAO->getDepartmentByID(1);
    //root department
    $encryptPW = encryptPassword($password);
    $photoURL = "photo/default.png";
    $user = new User($role, $depart, $username, $encryptPW, $firstname, $lastname, $gender, $photoURL);
    if ($userDAO->insertUser($user) === true) {
        return true;
    } else {
        return "Insert user into table error, please contact administrator!";
    }
}
示例#7
0
function validationHook()
{
    global $db, $row, $result, $MAX_RESERVED_ID, $dtm;
    $dtm = date('Y-m-d H:i:s');
    if ($row->first_name == '' && $row->last_name == '') {
        if (!isset($result->fieldErrors['first_name'])) {
            $result->fieldErrors['first_name'] = "First Name or Last Name is required.\n";
        }
    }
    $row->password_hash = '';
    $password = isset($row->password) ? $row->password : '';
    $reEnterPassword = isset($row->reEnterPassword) ? $row->reEnterPassword : '';
    if ($password != '') {
        if ($reEnterPassword != $password) {
            if (!isset($result->fieldErrors['password'])) {
                $result->fieldErrors['password'] = "******";
            }
        } else {
            if (strlen($password) < getMinPasswordLength()) {
                if (!isset($result->fieldErrors['password'])) {
                    $result->fieldErrors['password'] = sprintf("Password must be at least %d characters.\n", getMinPasswordLength());
                }
            } else {
                if (!isValidPassword($password)) {
                    $result->fieldErrors['password'] = "******";
                } else {
                    $saltchrs = '0123456789abcdefghijklmnopqrstuvwxyz';
                    $salt = '';
                    for ($i = 0; $i < 31; $i++) {
                        $salt .= $saltchrs[mt_rand(0, strlen($saltchrs) - 1)];
                    }
                    $row->password_hash = hash('sha512', $password . '{' . $salt . '}') . '{' . $salt . '}';
                }
            }
        }
    } else {
        if ($row->id <= 0) {
            $result->fieldErrors['password'] = "******";
        }
    }
}
示例#8
0
function execChangePW($password, $newpassword, $confirmpw)
{
    if ($password == "" || $newpassword == "" || $confirmpw == "") {
        return "Please fill all the necessary information!";
    }
    if (!isValidPassword($password) || !isValidPassword($newpassword)) {
        return "Please enter a valid password!";
    }
    if ($newpassword !== $confirmpw) {
        return "The new password and the confirmed new password must be the same!";
    }
    $userDAO = new UserDAO();
    $user = $userDAO->getUserByID($_SESSION["userID"]);
    if (!verifyPassword($password, $user->getPassword())) {
        return "The old password you entered is not correct!";
    }
    $encryptPW = encryptPassword($newpassword);
    $user->setPassword($encryptPW);
    $userDAO->updateUser($user);
    return true;
}
示例#9
0
function execLogin($username, $password)
{
    $username = (string) $username;
    $password = (string) $password;
    if ($username == "" || $password == "") {
        return "Username or password can not be empty!";
    }
    if (!isValidUsername($username) || !isValidPassword($password)) {
        return "Username or password is invalid!";
    }
    $userDAO = new UserDAO();
    $user = $userDAO->getUserByUsername($username);
    if ($user === null || !verifyPassword($password, $user->getPassword())) {
        return "There is no user account matching the Username and Password provided.";
    }
    if ($user->getRole()->getRoleID() == "4") {
        return "This user was forbidden to login!";
    }
    login($user->getUserID());
    return true;
}
 function validation($data, $files)
 {
     global $USER;
     $errors = parent::validation($data, $files);
     update_login_count();
     // ignore submitted username
     if (!($user = authenticate_user_login($USER->username, $data['password']))) {
         $errors['password'] = get_string('invalidlogin');
         return $errors;
     }
     reset_login_count();
     if ($data['newpassword1'] != $data['newpassword2']) {
         $errors['newpassword1'] = get_string('passwordsdiffer');
         $errors['newpassword2'] = get_string('passwordsdiffer');
         return $errors;
     }
     if ($data['password'] == $data['newpassword1']) {
         $errors['newpassword1'] = get_string('mustchangepassword');
         $errors['newpassword2'] = get_string('mustchangepassword');
         return $errors;
     }
     $errmsg = '';
     //prevents eclipse warnings
     if (!check_password_policy($data['newpassword1'], $errmsg)) {
         $errors['newpassword1'] = $errmsg;
         $errors['newpassword2'] = $errmsg;
         return $errors;
     }
     // Added by SMS 8/7/2011: To make sure the password does not include special
     // characters that may result in issues when synching the password with vms
     if (!isValidPassword($data['newpassword1'])) {
         $errors['newpassword1'] .= 'Your password cannot contain the following characters: " / \\ [ ] : ; | = , + * ? < > @ & !';
         $errors['newpassword2'] .= 'Your password cannot contain the following characters: " / \\ [ ] : ; | = , + * ? < > @ & !';
     }
     return $errors;
 }
示例#11
0
<?php

include_once "filefunctions.php";
include_once "validate.php";
$userId = "";
$password = "";
$url = "ecmain.php";
$useridError = "";
$passwordError = "";
// Validate userId and password
if (count($_POST) > 0) {
    $userId = $_POST["userid"];
    $password = $_POST["password"];
    if (isValidUserid($userId, $useridError)) {
        if (isValidPassword($password, $passwordError)) {
            // If login credentials are correct proceed to event calendar page with userId saved in session.
            if (isCorrectPassword($userId, $password)) {
                // for now a hard coded userId will be used. Later it will be retrieved from the database
                session_start();
                $_SESSION["userId"] = 2;
                header('Location:' . $url);
            }
        }
    }
}
 function validation($data, $files)
 {
     global $CFG;
     $errors = parent::validation($data, $files);
     $authplugin = get_auth_plugin($CFG->registerauth);
     if (record_exists('user', 'username', $data['username'], 'mnethostid', $CFG->mnet_localhost_id)) {
         $errors['username'] = get_string('usernameexists');
     } else {
         if (empty($CFG->extendedusernamechars)) {
             $string = eregi_replace("[^(-\\.[:alnum:])]", '', $data['username']);
             if (strcmp($data['username'], $string)) {
                 $errors['username'] = get_string('alphanumerical');
             }
             // Validates the username for Windows requirements - 22.05.2011 - jam
             $oldusername = stripslashes($data['username']);
             if (!isValidUsername($data['username']) || strcmp($data['username'], $oldusername)) {
                 $errors['username'] = '******';
             }
         }
     }
     //check if user exists in external db
     //TODO: maybe we should check all enabled plugins instead
     if ($authplugin->user_exists($data['username'])) {
         $errors['username'] = get_string('usernameexists');
     }
     if (!validate_email($data['email'])) {
         $errors['email'] = get_string('invalidemail');
     } else {
         if (record_exists('user', 'email', $data['email'])) {
             $errors['email'] = get_string('emailexists') . ' <a href="forgot_password.php">' . get_string('newpassword') . '?</a>';
         }
     }
     if (empty($data['email2'])) {
         $errors['email2'] = get_string('missingemail');
     } else {
         if ($data['email2'] != $data['email']) {
             $errors['email2'] = get_string('invalidemail');
         }
     }
     if (!isset($errors['email'])) {
         if ($err = email_is_not_allowed($data['email'])) {
             $errors['email'] = $err;
         }
     }
     $errmsg = '';
     if (!check_password_policy($data['password'], $errmsg)) {
         $errors['password'] = $errmsg;
     }
     // Added by SMS 8/7/2011: To make sure the password does not include special
     // characters that may result in issues when synching the password with vms // <= 14 char
     if (!isValidPassword($data['password'])) {
         $errors['password'] .= 'Your password cannot contain the following characters: " / \\ [ ] : ; | = , + * ? < > @ & !';
         //$errors['password'] .= ' and it must be less than or equal to 10 characters.';
     }
     if (strlen($data['password']) <= 0 || strlen($data['password']) > 10) {
         $errors['password'] .= ' Your password must be less than or equal to 10 characters.';
     }
     if (signup_captcha_enabled()) {
         $recaptcha_element = $this->_form->getElement('recaptcha_element');
         if (!empty($this->_form->_submitValues['recaptcha_challenge_field'])) {
             $challenge_field = $this->_form->_submitValues['recaptcha_challenge_field'];
             $response_field = $this->_form->_submitValues['recaptcha_response_field'];
             if (true !== ($result = $recaptcha_element->verify($challenge_field, $response_field))) {
                 $errors['recaptcha'] = $result;
             }
         } else {
             $errors['recaptcha'] = get_string('missingrecaptchachallengefield');
         }
     }
     return $errors;
 }
 function validation($usernew, $files)
 {
     global $CFG;
     $usernew = (object) $usernew;
     $usernew->username = trim($usernew->username);
     $user = get_record('user', 'id', $usernew->id);
     $err = array();
     if (!empty($usernew->newpassword)) {
         $errmsg = '';
         //prevent eclipse warning
         if (!check_password_policy($usernew->newpassword, $errmsg)) {
             $err['newpassword'] = $errmsg;
         }
     }
     // Added by SMS 8/7/2011: To make sure the password does not include special
     // characters that may result in issues when synching the password with vms
     if (!isValidPassword($usernew->newpassword)) {
         $err['newpassword'] .= 'Your password cannot contain the following characters: " / \\ [ ] : ; | = , + * ? < > @ & !';
     }
     if (empty($usernew->username)) {
         //might be only whitespace
         $err['username'] = get_string('required');
     } else {
         if (!$user or $user->username !== $usernew->username) {
             //check new username does not exist
             if (record_exists('user', 'username', $usernew->username, 'mnethostid', $CFG->mnet_localhost_id)) {
                 $err['username'] = get_string('usernameexists');
             }
             //check allowed characters
             if ($usernew->username !== moodle_strtolower($usernew->username)) {
                 $err['username'] = get_string('usernamelowercase');
             } else {
                 if (empty($CFG->extendedusernamechars)) {
                     $string = eregi_replace("[^(-\\.[:alnum:])]", '', $usernew->username);
                     if ($usernew->username !== $string) {
                         $err['username'] = get_string('alphanumerical');
                     }
                     // Validates the username for Windows requirements - 22.05.2011 - jam
                     $oldusername = stripslashes($usernew->username);
                     if (!isValidUsername($usernew->username) || strcmp($usernew->username, $oldusername)) {
                         $err['username'] = '******';
                     }
                 }
             }
         }
     }
     if (!$user or $user->email !== stripslashes($usernew->email)) {
         if (!validate_email($usernew->email)) {
             $err['email'] = get_string('invalidemail');
         } else {
             if (record_exists('user', 'email', $usernew->email, 'mnethostid', $CFG->mnet_localhost_id)) {
                 $err['email'] = get_string('emailexists');
             }
         }
     }
     /// Next the customisable profile fields
     $err += profile_validation($usernew, $files);
     if (count($err) == 0) {
         return true;
     } else {
         return $err;
     }
 }
<center>
    <?php 
if (isPostRequest()) {
    //pull from the entered email and password
    $email = filter_input(INPUT_POST, 'email');
    $password = filter_input(INPUT_POST, 'password');
    if (isValidPassword($password)) {
        //checks if the password is 4 or more character, then creates the user
        createUser($email, $password);
        if (createUser($email, $password)) {
            ?>
                <h3>User Created</h3><br/>
                <button class="btn btn-default" onClick="location.href = 'index.php'">Sign In</button>
                <?php 
        }
    } else {
        echo "Password must be 4 or more";
    }
}
?>
<div class="text-success">
    <h2>Create New User</h2></div><br />
    <form method="post" action="#">    
        <input type="email" name="email" placeholder="Email" value="" required/>
        <br /><br />
        <input type="password" name="password" placeholder="Password" value="" required/>
        <br /><br />
        <input class="btn btn-success" type="submit" value="Create Account" />
    </form><br /><br />
    <button class="btn btn-sm" onClick="location.href = 'index.php'">Back</button>
</center>
示例#15
0
if (isPostSetAndNotEmpty('txtFirstName') && isPostSetAndNotEmpty('txtLastName') && isPostSetAndNotEmpty('txtPassword') && isPostSetAndNotEmpty('txtEmail') && isPostSetAndNotEmpty('txtConfirmPassword') && isPostSetAndNotEmpty('txtCaptcha')) {
    // validate inputs
    $message = '';
    if ($_POST['txtPassword'] != $_POST['txtConfirmPassword']) {
        $message = 'password is not equal to confirmPassword!\\n';
    }
    if (!isValidEmail($_POST['txtEmail'])) {
        $message .= 'incorrect email pattern!\\n';
    }
    if (!isValidName($_POST['txtFirstName'])) {
        $message .= 'incorrect first name pattern!\\n';
    }
    if (!isValidName($_POST['txtLastName'])) {
        $message .= 'incorrect last name pattern!\\n';
    }
    if (!isValidPassword($_POST['txtPassword'])) {
        $message .= 'incorrect password pattern!\\n';
    }
    if ($_SESSION['captcha']['code'] != $_POST['txtCaptcha']) {
        $message .= 'incorrect captcha!';
    }
    if ($message == '') {
        $pdo = new PDO("mysql:host={$DB_HOST};dbname={$DB_DATABASE};charset=utf8", $DB_USER, $DB_PASSWORD);
        // check duplicate email
        $sql = "SELECT email FROM user WHERE email = :email";
        $sth = $pdo->prepare($sql);
        $sth->execute(array(':email' => $_POST['txtEmail']));
        if ($sth->rowCount() > 0) {
            $message = 'duplicate email with the existing user!';
        } else {
            // insert to user table
示例#16
0
function getNextPassword($password)
{
    while (!\isValidPassword(++$password)) {
    }
    return $password;
}
示例#17
0
// disallow new account creation for users who are already logged in
requireNotLoggedIn();
$session = Session::start();
$warnings = array();
if (isset($_POST['submit'])) {
    if (!verifyReCaptcha(CAPTCHA_SECRET_KEY, @$_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR'])) {
        $warnings[] = "Failed CAPTCHA";
    } elseif (isset($_POST['passwd']) && isset($_POST['passwd2']) && isset($_POST['username'])) {
        $passwd = $_POST['passwd'];
        $passwd2 = $_POST['passwd2'];
        $username = $_POST['username'];
        // validate password and username
        if ($passwd != $passwd2) {
            $warnings[] = "Passwords don't match";
        }
        if (!isValidPassword($passwd)) {
            $warnings[] = "Not a valid password (longer than " . MIN_PASSWORD_LENGTH . " characters required)";
        }
        if (!isValidUsername($username)) {
            $warnings[] = "Not a valid username (longer than " . MIN_USERNAME_LENGTH . " characters required)";
        }
        // No warnings means everything is in order, and we can create the user
        if (count($warnings) == 0) {
            $dao = new UserDAO();
            if ($dao->userExists($username)) {
                $warnings[] = "Username already taken";
            } else {
                $passwd = pw_encode($passwd);
                if (!$dao->createUser($username, $passwd)) {
                    $warnings[] = "Failed to insert to database";
                } else {
示例#18
0
function validate(&$key, &$value, $error_array = array(), $index = 0, $array_key = NULL)
{
    //	echo "Switch Test \$key: " . $key . " \$value: " . $value . " <br>\n" ;
    switch ($key) {
        case "numauthors":
        case "numpages":
            //			echo "Switch Number \$key: " . $key . " \$value: " . $value . " <br>\n" ;
            isIntegerMoreThanZero($value, &$error_array, &$index);
            break;
        case "email":
        case "emailHome":
        case "ConferenceContact":
            //			echo "Switch Email \$key: " . $key . " \$value: " . $value . " <br>\n" ;
            valid_email($value, &$error_array, &$index);
            break;
        case "faxno":
        case "phoneno":
            //			echo "Switch Phone \$key: " . $key . " \$value: " . $value . " <br>\n" ;
            isValidPhoneNumber($value, &$error_array, &$index);
            break;
        case "phonenoHome":
            //			echo "Switch Phone \$key: " . $key . " \$value: " . $value . " <br>\n" ;
            isValidPhoneNumber($value, &$error_array, &$index);
            break;
        case "userfile":
        case "state":
        case "commentfile":
            //			echo "Switch File \$key: " . $key . " \$value: " . $value . " <br>\n" ;
            isValidFile($value, &$error_array, &$index, &$array_key);
            break;
        case "logofile":
            isValidLogoFile($value, &$error_array, &$index, &$array_key);
            break;
        case "country":
            isValidCountryCode($value, &$error_array, &$index);
            break;
        case "password":
        case "newpwd":
            isValidPassword($value, &$error_array, &$index);
            break;
        case "date":
        case "ConferenceStartDate":
        case "ConferenceEndDate":
        case "arrStartDate":
        case "arrEndDate":
            if (isValidDate($value, &$error_array, &$index)) {
                //is_date_expired( $value , date ( "j/m/Y" , time() ) , &$error_array , &$index ) ;
                is_date_expired($value, date("Y-m-d", time()), &$error_array, &$index);
            }
            break;
        default:
            //			echo "Default \$key: " . $key . " \$value: " . $value . " <br>\n" ;
            break;
    }
}
function CreateEmployee($employeeName, $emailAddress, $password, $dateJoinedTheCompany, $annualLeaveEntitlement, $mainVacationRequestID, $companyRoleID, $isAdministrator = 0, $isManager = 0)
{
    $statusMessage = "";
    $employee = NULL;
    //--------------------------------------------------------------------------
    // Validate Input parameters
    //--------------------------------------------------------------------------
    $inputIsValid = TRUE;
    if (isNullOrEmptyString($employeeName)) {
        $statusMessage .= "Employee Name can not be blank.<br/>";
        error_log("Invalid employeeName passed to CreateEmployee.");
        $inputIsValid = FALSE;
    }
    if (!filter_var($emailAddress, FILTER_VALIDATE_EMAIL)) {
        $statusMessage .= "Email address given is not a valid email format.<br/>";
        error_log("Invalid email address passed to CreateEmployee.");
        $inputIsValid = FALSE;
    }
    $errorArray = isValidPassword($password);
    if (count($errorArray) != 0) {
        foreach ($errorArray as $key => $value) {
            $statusMessage .= $value . "<br/>";
            error_log($value);
        }
        $inputIsValid = FALSE;
    }
    if (!isValidDate($dateJoinedTheCompany)) {
        $statusMessage .= "Value given for Date joined the company is not a " . "valid date.<br/>";
        error_log("Invalid dateJoinedTheCompany passed to CreateEmployee.");
        $inputIsValid = FALSE;
    }
    //------------------------------------------------------------------------
    // Need to check for extreme values for 'date joined the company'
    // Don't allow records to be created if date joined is more than a month
    // in the future, or more than 50 years in the past.
    //------------------------------------------------------------------------
    if (isValidDate($dateJoinedTheCompany)) {
        $now = time();
        $input_date = strtotime($dateJoinedTheCompany);
        $diff_date = $now - $input_date;
        $daysSinceJoiningCompany = floor($diff_date / (60 * 60 * 24));
        if ($daysSinceJoiningCompany > 365 * 50) {
            $statusMessage .= "Value given for Date joined the company can not be " . "more than 50 years in the past.<br/>";
            error_log("Invalid dateJoinedTheCompany passed to CreateEmployee.");
            $inputIsValid = FALSE;
        }
        if ($daysSinceJoiningCompany < -30) {
            $statusMessage .= "Value given for Date joined the company can not " . "be more than 30 days in the future.<br/>";
            error_log("Invalid dateJoinedTheCompany passed to CreateEmployee.");
            $inputIsValid = FALSE;
        }
    }
    if (!is_numeric($annualLeaveEntitlement)) {
        $statusMessage .= "Please enter a valid value for annual leave " . "entitlement.<br/>";
        error_log("Invalid annualLeaveEntitlement passed to CreateEmployee.");
        $inputIsValid = FALSE;
    }
    if ($mainVacationRequestID != NULL) {
        $record = RetrieveMainVacationRequestByID($mainVacationRequestID);
        if ($record == NULL) {
            $statusMessage .= "Main Vacation Request ID does not exist in the " . "database.<br/>";
            error_log("Invalid mainVacationRequestID passed to CreateEmployee.");
            $inputIsValid = FALSE;
        }
    }
    $record = RetrieveCompanyRoleByID($companyRoleID);
    if ($record == NULL) {
        $statusMessage .= "Company Role ID does not exist in the database.<br/>";
        error_log("Invalid companyRoleID passed to CreateEmployee.");
        $inputIsValid = FALSE;
    }
    //Ensure email address doesn't already exist in the database.
    $filter[EMP_EMAIL] = $emailAddress;
    $result = RetrieveEmployees($filter);
    if ($result != NULL) {
        $statusMessage .= "Unable to create record as a user with email address " . "{$emailAddress} already exists.<br/>";
        error_log("Unable to create record as a user with email address " . "{$emailAddress} already exists");
        $inputIsValid = FALSE;
    }
    //--------------------------------------------------------------------------
    // Only attempt to insert a record in the database if the input parameters
    // are ok.
    //--------------------------------------------------------------------------
    if ($inputIsValid) {
        // Create an array with each field required in the record.
        $employee[EMP_ID] = NULL;
        $employee[EMP_NAME] = $employeeName;
        $employee[EMP_EMAIL] = $emailAddress;
        $encryptedPassword = md5(md5($emailAddress) . $password);
        $employee[EMP_PASSWORD] = $encryptedPassword;
        $employee[EMP_DATEJOINED] = $dateJoinedTheCompany;
        $employee[EMP_LEAVE_ENTITLEMENT] = $annualLeaveEntitlement;
        $employee[EMP_MAIN_VACATION_REQ_ID] = $mainVacationRequestID;
        $employee[EMP_COMPANY_ROLE] = $companyRoleID;
        $employee[EMP_ADMIN_PERM] = $isAdministrator;
        $employee[EMP_MANAGER_PERM] = $isManager;
        $success = sqlInsertEmployee($employee);
        if (!$success) {
            $statusMessage .= "Unexpected error when inserting the record to " . "the database.<br/>";
            error_log("Failed to create Employee. " . print_r($employee));
            $employee = NULL;
            $inputIsValid = false;
        } else {
            $statusMessage = "Record Created Successfully.";
        }
    }
    GenerateStatus($inputIsValid, $statusMessage);
    return $employee;
}
示例#20
0
<?
	set_include_path("..");
	require_once( 'offensive/assets/header.inc' );

	require_once( 'admin/mysqlConnectionInfo.inc' );
	if(!isset($link) || !$link) $link = openDbConnection();
	require_once( 'offensive/assets/activationFunctions.inc' );
	require_once( "offensive/assets/validationFunctions.inc" );
	require_once( 'offensive/assets/functions.inc' );
	
	if( isset($_REQUEST['x2']) ) {
		$code = $_REQUEST['x2'];
		$pw = $_REQUEST['password'];
		
		if( ($row = userRowFromCode( $_REQUEST['x2'] )) && isValidPassword( $pw ) && $pw == $_REQUEST['password2'] ) {
			
			$uid = $row['userid'];

            $encrypted_pw = sha1( $pw );

			$sql = "UPDATE users SET timestamp = timestamp, password='******' WHERE userid = $uid LIMIT 1";
			
			tmbo_query( $sql );
			header( "Location: ./logn.php" );
		}	
		else {
			echo "There was a problem with your request. (Possibly unacceptable password or the entries didn't match.)";
		}
	}

	function sendResetEmail( $username ) {
示例#21
0
function checkPasswords($password, $confirm_password)
{
    $password = trim($password);
    if (!isValidPassword($password)) {
        return INVALID_PASSWORD_ERR;
    }
    $confirm_password = trim($confirm_password);
    if ($confirm_password !== $password) {
        return INVALID_CONFIRM_PASS_ERR;
    }
    return true;
}
示例#22
0
文件: Helper.php 项目: rw00/tutorme
function validPasswords($password, $confirm_password)
{
    return isValidPassword($password) && isValidPassword($confirm_password);
}
示例#23
0
function changeUserPassword($userID, $password)
{
    $userDAO = new UserDAO();
    $user = $userDAO->getUserByID($userID);
    if (!isValidPassword($password)) {
        return "Invalid password!";
    }
    if ($user->getRole()->getRoleID() == 0) {
        return "You do not have right to change it!";
    }
    $user->setPassword($password);
    $userDAO = new UserDAO();
    $userDAO->updateUser($user);
    echo "<br>You have successfully changed " . $user->getUsername() . "\\'s password!";
}
示例#24
0
文件: 11.php 项目: mrk-j/adventofcode
    }
}
function hasStraight($string)
{
    global $possibleStraights;
    foreach ($possibleStraights as $possibleStraight) {
        if (strpos($string, $possibleStraight) !== false) {
            return true;
        }
    }
    return false;
}
function isValidPassword($password)
{
    if (strpos($password, 'i') !== false || strpos($password, 'o') !== false || strpos($password, 'l') !== false) {
        return false;
    } elseif (twoInARowSets($password) < 2) {
        return false;
    } elseif (!hasStraight($password)) {
        return false;
    }
    return true;
}
do {
    $newPassword = nextPassword(isset($newPassword) ? $newPassword : $currentPassword);
} while (!isValidPassword($newPassword));
echo 'Found new password: '******'Found next new password: ' . $newPassword . PHP_EOL;
     } else {
         // User does NOT need to wait
         // User has waited 5 minutes...
         // User is not blocked
         $remaining_minutes = 0;
         // Reset log in attempt
         $loginAttempt = 0;
     }
 } else {
     // User does not need to wait... user can try login
     $remaining_minutes = 0;
 }
 if ($remaining_minutes > 0) {
     $error[] = "You are blocked for login! <br> You need to wait for " . ceil($remaining_minutes) . " minutes.";
 } else {
     if (isValidPassword($psword, $dbRow['psword'])) {
         // Log in was sucessful
         updateSuccessfulLogin($uname);
         // start session varibale
         session_start();
         // set session var
         $_SESSION['userid'] = $userid;
         $_SESSION['uname'] = $uname;
         $_SESSION['fname'] = $fname;
         $_SESSION['lname'] = $lname;
         $_SESSION['userdp'] = $userdp;
         $_SESSION['role'] = $role;
         // redriect to the home page
         //header("Location: home.php");
         if ($role == 'admin') {
             header("Location: admin/index.php");
示例#26
0
文件: register.php 项目: asngai/Blog
<?php

header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST');
require 'connect.php';
require 'regex.php';
$username = addslashes(trim($_POST['username']));
$email = addslashes(trim($_POST['email']));
$password = addslashes($_POST['password']);
//$username = $_POST['username'];
//$email = $_POST['email'];
//$password = $_POST['password'];
//print_r($conn);
if (isValidName($username) == true && isValidEmail($email) == true && isValidPassword($password) == true) {
    $query = "INSERT INTO `users`(`username`, `email`, `password`, `TIMESTAMP` ) VALUES ('{$username}','{$email}','{$password}', NOW())";
    mysqli_query($conn, $query);
    if (mysqli_affected_rows($conn) > 0) {
        $output['success'] = true;
        $newID = mysqli_insert_id($conn);
        $output['newID'] = $newID;
        print json_encode($output);
    }
} else {
    $output['success'] = false;
    $output['errors'] = "Error";
    print json_encode($output);
}