/** * @param string param name * @param string param name * @param boolean Is a password required? (non-empty) * @return boolean true if OK */ function param_check_passwords($var1, $var2, $required = false) { global $Settings; $pass1 = $GLOBALS[$var1]; $pass2 = $GLOBALS[$var2]; if (empty($pass1) && empty($pass2) && !$required) { // empty is OK: return true; } if (empty($pass1)) { param_error($var1, T_('Please enter your password twice.')); return false; } if (empty($pass2)) { param_error($var2, T_('Please enter your password twice.')); return false; } // checking the password has been typed twice the same: if ($pass1 != $pass2) { param_error_multiple(array($var1, $var2), T_('You typed two different passwords.')); return false; } if (strlen($pass1) < $Settings->get('user_minpwdlen')) { param_error_multiple(array($var1, $var2), sprintf(T_('The minimum password length is %d characters.'), $Settings->get('user_minpwdlen'))); return false; } return true; }
/** * @param string param name * @param string param name * @param boolean Is a password required? (non-empty) * @param integer Minimum password length * @return boolean true if OK */ function param_check_passwords($var1, $var2, $required = false, $min_length = 6) { $pass1 = get_param($var1); $pass2 = get_param($var2); if (!strlen($pass1) && !strlen($pass2) && !$required) { // empty is OK: return true; } if (!strlen($pass1)) { param_error($var1, T_('Please enter your new password.')); param_error($var2, T_('Please enter your new password twice.')); return false; } if (!strlen($pass2)) { param_error($var2, T_('Please enter your new password twice.')); return false; } // checking the password has been typed twice the same: if ($pass1 != $pass2) { param_error_multiple(array($var1, $var2), T_('You typed two different passwords.')); return false; } if (evo_strlen($pass1) < $min_length) { param_error_multiple(array($var1, $var2), sprintf(T_('The minimum password length is %d characters.'), $min_length)); return false; } return true; }
/** * @param string param name * @param string param name * @param boolean Is a password required? (non-empty) * @param integer Minimum password length * @param array Params * @return boolean true if OK */ function param_check_passwords($var1, $var2, $required = false, $min_length = 6, $params = array()) { $params = array_merge(array('msg_pass_wrong' => T_('Passwords cannot contain the characters <, > and &.'), 'msg_pass_new' => T_('Please enter your new password.'), 'msg_pass_twice' => T_('Please enter your new password twice.'), 'msg_pass_diff' => T_('You typed two different passwords.'), 'msg_pass_min' => T_('The minimum password length is %d characters.')), $params); $pass1 = get_param($var1); $pass2 = get_param($var2); if (!strlen($pass1) && !strlen($pass2) && !$required) { // empty is OK: return true; } if (!strlen($pass1)) { param_error($var1, $params['msg_pass_new']); param_error($var2, $params['msg_pass_twice']); return false; } if (!strlen($pass2)) { param_error($var2, $params['msg_pass_twice']); return false; } // checking the password has been typed twice the same: if ($pass1 != $pass2) { param_error_multiple(array($var1, $var2), $params['msg_pass_diff']); return false; } if (utf8_strlen($pass1) < $min_length) { // Checking min length param_error_multiple(array($var1, $var2), sprintf($params['msg_pass_min'], $min_length)); return false; } if (preg_match('/[<>&]/', isset($_POST[$var1]) ? $_POST[$var1] : $_GET[$var1])) { // Checking the not allowed chars param_error_multiple(array($var1, $var2), $params['msg_pass_wrong']); return false; } return true; }
/** * Check profile parameters and add errors through {@link param_error()}. * * @param array associative array. * Either array( $value, $input_name ) or just $value; * ($input_name gets used for associating it to a form fieldname) * - 'invitation': check for non-empty when users can register ONLY with an Invitation code/link * - 'login': check for non-empty * - 'nickname': check for non-empty * - 'icq': must be a number * - 'email': mandatory, must be well formed * - 'country': check for non-empty * - 'firstname': check for non-empty * - 'lastname': check for non-empty * - 'url': must be well formed, in allowed scheme, not blacklisted * - 'pass1' / 'pass2': passwords (twice), must be the same and not == login (if given) * - 'pass_required': false/true (default is true) * @param User|NULL A user to use for additional checks (password != login/nick). */ function profile_check_params($params, $User = NULL) { global $Messages, $Settings, $dummy_fields; foreach ($params as $k => $v) { // normalize params: if ($k != 'pass_required' && !is_array($v)) { $params[$k] = array($v, $k); } } // checking invitation code: if (isset($params['invitation'][0])) { if (empty($params['invitation'][0])) { // invitation code can't be empty param_error($params['invitation'][1], T_('Please enter your invitation code.')); } } // checking login has been typed: if (isset($params['login'][0])) { if (empty($params['login'][0])) { // login can't be empty param_error($dummy_fields[$params['login'][1]], T_('Please enter your login.')); } else { param_check_valid_login($dummy_fields[$params['login'][1]]); } } // checking e-mail address if (isset($params['email'][0])) { if (empty($params['email'][0])) { param_error($dummy_fields[$params['email'][1]], T_('Please enter your e-mail address.')); } elseif (!is_email($params['email'][0])) { param_error($dummy_fields[$params['email'][1]], T_('The email address is invalid.')); } } // Checking country if (isset($params['country']) && empty($params['country'][0])) { param_error($params['country'][1], T_('Please select country.')); } // Checking first name if (isset($params['firstname']) && empty($params['firstname'][0])) { param_error($params['firstname'][1], T_('Please enter your first name.')); } // Checking last name if (isset($params['lastname']) && empty($params['lastname'][0])) { param_error($params['lastname'][1], T_('Please enter your last name.')); } // Checking gender if (isset($params['gender'])) { if (empty($params['gender'][0])) { param_error($params['gender'][1], T_('Please select gender.')); } elseif ($params['gender'][0] != 'M' && $params['gender'][0] != 'F') { param_error($params['gender'][1], 'Gender value is invalid'); } } // Checking URL: if (isset($params['url'])) { if ($error = validate_url($params['url'][0], 'commenting')) { param_error($params['url'][1], T_('Supplied URL is invalid: ') . $error); } } // Check passwords: $pass_required = isset($params['pass_required']) ? $params['pass_required'] : true; if (isset($params['pass1'][0]) && isset($params['pass2'][0])) { if ($pass_required || !empty($params['pass1'][0]) || !empty($params['pass2'][0])) { // Password is required or was given // checking the password has been typed twice if (empty($params['pass1'][0]) || empty($params['pass2'][0])) { param_error($dummy_fields[$params['pass2'][1]], T_('Please enter your password twice.')); } // checking the password has been typed twice the same: if ($params['pass1'][0] !== $params['pass2'][0]) { param_error($dummy_fields[$params['pass1'][1]], T_('You typed two different passwords.')); } elseif ($Settings->get('passwd_special') && !preg_match('~[\\x20-\\x2f\\x3a-\\x40\\x5b-\\x60\\x7b-\\x7f]~', $params['pass1'][0])) { param_error($dummy_fields[$params['pass1'][1]], T_('Your password should contain at least one special character (like & ! $ * - _ + etc.)')); } elseif (utf8_strlen($params['pass1'][0]) < $Settings->get('user_minpwdlen')) { param_error($dummy_fields[$params['pass1'][1]], sprintf(T_('The minimum password length is %d characters.'), $Settings->get('user_minpwdlen'))); } elseif (isset($User) && $params['pass1'][0] == $User->get('login')) { param_error($dummy_fields[$params['pass1'][1]], T_('The password must be different from your login.')); } elseif (isset($User) && $params['pass1'][0] == $User->get('nickname')) { param_error($dummy_fields[$params['pass1'][1]], T_('The password must be different from your nickname.')); } elseif (preg_match('/[<>&]/', $_POST[$dummy_fields[$params['pass1'][1]]])) { // Checking the not allowed chars param_error_multiple(array($dummy_fields[$params['pass1'][1]], $dummy_fields[$params['pass2'][1]]), T_('Passwords cannot contain the characters <, > and &.')); } } } }