function strict_form_checking($injection, $uname, $pwd, $message) { if (0 == strcmp($injection, "block")) { $uname = sanitize_username($uname); $pwd = sanitize_password($pwd); $message = sanitize_message($message); } echo "username is: " . $uname . "<br>"; echo "password is: " . $pwd . "<br>"; echo "message is: " . $message . "<br>"; $user_details = array($uname, $pwd); return $user_details; }
function process_form() { // INITIAL DATA FETCHING global $name, $email, $cell, $yog, $mailings; // so that the show_form function can use these values later $name = htmlentities(ucwords(trim(strtolower($_POST['name']), ' \\-\''))); foreach (array('-', '\'') as $delimiter) { if (strpos($name, $delimiter) !== false) { $name = implode($delimiter, array_map('ucfirst', explode($delimiter, $name))); } } // forces characters after spaces, hyphens and apostrophes to be capitalized $name = preg_replace('/[\\s\']*\\-+[\\s\']*/', '-', $name); // removes hyphens not between two characters $name = preg_replace('/[\\s\\-]*\'+[\\s\\-]*/', '\'', $name); // removes apostrophes not between two characters $name = preg_replace('/\\s+/', ' ', $name); // removes multiple consecutive spaces $name = preg_replace('/\\-+/', '-', $name); // removes multiple consecutive hyphens $name = preg_replace('/\'+/', '\'', $name); // removes multiple consecutive apostrophes $email = htmlentities(strtolower($_POST['email'])); $cell = htmlentities($_POST['cell']); $yog = $_POST['yog']; $pass = $_POST['pass1']; $mailings = '0'; if ($_POST['mailings'] == 'Yes') { $mailings = '1'; } // CHECK THAT THE NAME IS VALID if (($name = sanitize_username($name)) === false) { alert('Your name must have only letters, hyphens, apostrophes, and spaces, and be between 3 and 30 characters long', -1); show_form(); return; } if (strpos($name, ' ') == false) { alert('Please enter both your first <span class="i">and</span> last name', -1); show_form(); return; } // CHECK THAT THE EMAIL ADDRESS IS VALID if (!val('e', $email)) { alert('That\'s not a valid email address', -1); show_form(); return; } // CHECK AND FORMAT CELL PHONE NUMBER if ($cell != '' && ($cell = format_phone_number($cell)) === false) { //Validate the format of the cell phone number (if it's not left blank) alert('That\'s not a valid cell phone number', -1); show_form(); return; } // CHECK THAT THE YOG IS VALID $grade = intval(getGradeFromYOG($yog)); if ($grade < 9 || $grade > 12) { alert('That is not a valid YOG (' . $grade . 'you have to be in high school)', -1); show_form(); return; } // CHECK THAT THE PASSWORDS MATCH, MEET MINIMUM LENGTH if ($pass != $_POST['pass2']) { alert('The passwords that you entered do not match', -1); show_form(); return; } if (strlen($pass) < 6) { alert('Please choose a password that has at least 6 characters', -1); show_form(); return; } // CHECK THAT THEY ENTERED THE RECAPTCHA CORRECTLY // CURRENTLY BROKEN: NEED TO UPDATE RECAPTCHA /* $recaptcha_msg = validate_recaptcha(); if ($recaptcha_msg !== true) { alert($recaptcha_msg, -1); show_form(); return; } */ // CHECK THAT AN ACCOUNT WITH THAT EMAIL DOES NOT ALREADY EXIST // this is done *after* checking the reCaptcha to prevent bots from harvesting our email // addresses via a brute-force attack. if (DBExt::queryCount('users', 'LOWER(email)=LOWER(%s)', $email) != 0) { alert('An account with that email address already exists', -1); show_form(); return; } // CHECK THAT AN ACCOUNT WITH THE SAME NAME IN THE SAME GRADE DOES NOT EXIST // - with the exception that if it's permissions = 'E', they probably mistyped their email and are redoing it. if (DBExt::queryCount('users', 'LOWER(name)=%s AND yog=%i AND permissions!="E"', strtolower($name), $yog) != 0) { alert('An account in your grade with that name already exists', -1); show_form(); return; } // ** All information has been validated at this point ** $verification_code = generate_code(5); // for verifying ownership of the email address // Check if email address has been pre-approved if (isset($_SESSION['PREAPPROVED']) && $email === $_SESSION['PREAPPROVED']) { $approved = '1'; // skip Captain approval $verification_code = '1'; // skip email verification (already done) } else { $approved = '0'; } // Create database entry $passhash = hash_pass($email, $pass); if ($cell == '') { $cell = 'None'; } else { $cell = preg_replace('#[^\\d]#', '', $_POST['cell']); } // remove non-numbers from cell phone # again DB::insert('users', array('name' => $name, 'email' => $email, 'passhash' => $passhash, 'cell' => $cell, 'yog' => $yog, 'mailings' => $mailings, 'approved' => $approved, 'email_verification' => $verification_code, 'registration_ip' => htmlentities(strtolower($_SERVER['REMOTE_ADDR'])))); set_login_data(DB::insertId()); // LOG THEM IN // For pre-approved members: if ($approved == '1') { global $WEBMASTER_EMAIL; $to = array($email => $name); $subject = 'Account Created'; $body = <<<HEREDOC Welcome to the LHS Math Club website, {$name}! Your account has been created. If you have any questions about the site, please email the webmaster at {$WEBMASTER_EMAIL} HEREDOC; send_email($to, $subject, $body, $WEBMASTER_EMAIL); $_SESSION['HOME_welcome'] = 'Welcome to the LHS Math Club website, ' . $name . '!'; header('Location: Home'); } $_SESSION['ACCOUNT_do_send_verification_email'] = true; header('Location: Verify_Email'); }
function process_form() { // Check XSRF token if ($_SESSION['xsrf_token'] != $_REQUEST['xsrf_token']) { trigger_error('Invalid XSRF token', E_USER_ERROR); } //Check Test ID $row = DB::queryFirstRow('SELECT test_id, name, total_points FROM tests WHERE test_id=%s LIMIT 1', $_REQUEST['ID']); if (!$row) { trigger_error('Process_Form: Invalid Test ID', E_USER_ERROR); } //Get some data $test_name = $row['name']; $test_id = intval($row['test_id']); $total_points = intval($row['total_points']); $score = $_REQUEST['score']; //No intval() because intval('') is 0. $user = sanitize_username($_REQUEST['user']); if ($user === false) { //Validate username alert('Name must have only letters, hyphens, apostrophes, and spaces, and be between 3 and 30 characters long', -1); } elseif (!val('i0+', $score) || ($score = intval($score)) > $total_points) { //Validate Score alert('Score must be a nonnegative integer not more than the total points', -1); } elseif (count($userdata = autocomplete_users_php($user)) == 0) { // Check for username - No such users found. if (@isset($_GET['Temporary'])) { if (DB::queryFirstField('SELECT COUNT(*) FROM users WHERE name=%s', $user) > 0) { alert('User already exists!', -1); } DB::insert('users', array('name' => $user, 'permissions' => 'T', 'approved' => 1)); DB::insert('test_scores', array('test_id' => $test_id, 'user_id' => DB::insertId(), 'score' => $score)); alert('Created new temporary user <b>' . $user . '</b>, and entered a score of ' . $score . '.', 1); } else { alert('Could not find <b>' . $user . '</b>. <a href="Enter_Scores?Temporary&ID=' . $test_id . '&user='******'&score=' . $score . '&xsrf_token=' . $_SESSION['xsrf_token'] . '">Create Temporary User</a>?', -1); } } elseif (count($userdata) > 1) { alert('<b>' . $user . '</b> matches multiple people.' . ' <a href="Enter_Scores?Temporary&ID=' . $test_id . '&user='******'&score=' . $score . '&xsrf_token=' . $_SESSION['xsrf_token'] . '">Create Temporary User?</a>', -1); } else { //We've got exactly one match for the user name. $user = $userdata[0]['name']; $user_id = (int) $userdata[0]['id']; // Check for previously-entered scores $row = DB::queryFirstRow('SELECT score_id, score FROM test_scores WHERE test_id=%i AND user_id=%i LIMIT 1', $test_id, $user_id); $prev_score = $row['score']; $score_id = $row['score_id']; if (!is_null($prev_score)) { //Already entered. $prev_score = intval($prev_score); if ($prev_score == $score) { alert('<b>' . $user . '</b>\'s score has already been entered as ' . $prev_score, -1); } else { if (@isset($_REQUEST['Override'])) { DB::update('test_scores', array('score' => $score), 'score_id=%i LIMIT 1', $score_id); alert('Changed score from ' . $prev_score . ' to ' . $score . ' for <b>' . $user . '</b>', 1); } else { alert("<b>{$user}</b>'s score has already been entered as {$prev_score}. <a href='?Override&ID={$test_id}&user={$user}&score={$score}&xsrf_token={$_SESSION['xsrf_token']}'>Change to {$score}?</a>", -1); } } } else { //Non-duplicate, valid. Let's enter it. DB::insert('test_scores', array('test_id' => $test_id, 'user_id' => $user_id, 'score' => $score)); alert('Entered a score of ' . $score . ' for ' . $user, 1); } } show_page(); }
function do_verify() { $output = ''; // All users have a valid name $new_output = ''; $result = DB::queryRaw('SELECT name FROM users'); $row = mysqli_fetch_assoc($result); while ($row) { if (sanitize_username($row['name']) === false) { $new_output .= ' <span style="color: #a00;">User "' . htmlentities($row['name']) . '" does not have a valid name</span><br />' . "\n"; } $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All users have a valid name</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // Check for duplicate emails $new_output = ''; $result = DB::queryRaw('SELECT email FROM users GROUP BY email HAVING COUNT(*) > 1'); $row = mysqli_fetch_assoc($result); while ($row) { if ($row['email'] != '') { $new_output .= ' <span style="color: #a00;">Duplicate email: <' . htmlentities($row['email']) . '></span><br />' . "\n"; } $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">No duplicate email addresses</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All non-temporary users have an email address $new_output = ''; $result = DB::queryRaw('SELECT name FROM users WHERE email="" AND permissions!="T"'); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">User "' . htmlentities($row['name']) . '" does not have an email address</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All users have email addresses</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All non-temporary users have a password $new_output = ''; $query = 'SELECT name FROM users WHERE passhash NOT REGEXP "^[0-9a-fA-F]{128}$" AND permissions!="T"'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">User "' . htmlentities($row['name']) . '" does not have a valid password hash</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All users have valid password hashes</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All users have valid cell phone information $new_output = ''; $query = 'SELECT name FROM users WHERE cell NOT REGEXP "^[0-9]{10}$" AND cell!="None" AND permissions!="T"'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">User "' . htmlentities($row['name']) . '" has invalid cell phone information</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All users have valid cell phone information</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All users have a valid YOG $new_output = ''; $query = 'SELECT name FROM users WHERE yog NOT REGEXP "^[0-9]{4}$" AND permissions!="T"'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">User "' . htmlentities($row['name']) . '" has an invalid YOG</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All users have a valid YOG</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All users have valid permissions $new_output = ''; $query = 'SELECT name FROM users WHERE permissions!="C" AND permissions!="A" AND permissions!="R" AND permissions!="L" AND permissions!="T"'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">User "' . htmlentities($row['name']) . '" has an invalid permission state</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All users have valid permission states</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All users have valid approval states $new_output = ''; $query = 'SELECT name FROM users WHERE approved!="1" AND approved!="0" AND approved!="-1"'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">User "' . htmlentities($row['name']) . '" has an invalid approval state</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All users have valid approval states</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All users have a valid email verification status $new_output = ''; $query = 'SELECT name FROM users WHERE email_verification NOT REGEXP "^[0-9a-fA-F]{5}$" AND email_verification!="1" AND permissions!="T"'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">User "' . htmlentities($row['name']) . '" has an invalid email verification state</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All users have valid email verification states</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All users have a valid password reset status $new_output = ''; $query = 'SELECT name FROM users WHERE password_reset_code NOT REGEXP "^[0-9a-fA-F]{5}$" AND password_reset_code!="0"'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">User "' . htmlentities($row['name']) . 'quot; has an invalid password reset state</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All users have valid password reset states</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All test scores match a test $new_output = ''; $query = 'SELECT score_id FROM test_scores WHERE NOT EXISTS (SELECT * FROM tests WHERE tests.test_id = test_scores.test_id)'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">Score entry #' . htmlentities($row['score_id']) . ' is not associated with a real test</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All score entries are associated with a real test</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All test scores match a user $new_output = ''; $query = 'SELECT score_id FROM test_scores WHERE NOT EXISTS (SELECT * FROM users WHERE users.id = test_scores.user_id)'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">Score entry #' . htmlentities($row['score_id']) . ' is not associated with a real user</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All score entries are associated with a real user</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All test scores are under the maximum $new_output = ''; $query = 'SELECT score_id FROM test_scores WHERE score < 0 OR EXISTS (SELECT * FROM tests WHERE tests.test_id = test_scores.test_id AND test_scores.score > tests.total_points)'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">Score entry #' . htmlentities($row['score_id']) . ' has an invalid score</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All score entries have valid scores</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // No file_category ID 0 $query = 'SELECT * FROM file_categories WHERE category_id="0"'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); if ($row) { $output .= '<span style="color: #a00;">The file category "' . $row['name'] . '" has an ID of 0</span><br />' . "\n" . ' <br />' . "\n"; } else { $output .= '<span style="color: #0a0;">No file categories have an ID of 0</span><br />' . "\n" . ' <br />' . "\n"; } // All files have a valid category $new_output = ''; $query = 'SELECT name FROM files WHERE category!="0" AND NOT EXISTS (SELECT * FROM file_categories WHERE file_categories.category_id = files.category)'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">The file "' . $row['name'] . '" is not in a real category</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All files are in real categories</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All files have valid permissions $new_output = ''; $query = 'SELECT name FROM files WHERE permissions!="A" AND permissions!="M" AND permissions!="P"'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">The file "' . $row['name'] . '" has an invalid permission state</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All files have valid permission states</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // All files exist on disk $new_output = ''; $query = 'SELECT name, filename FROM files'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { if (!file_exists('../.content/uploads/' . $row['filename'])) { $new_output .= ' <span style="color: #a00;">The file "' . $row['name'] . '" [' . htmlentities($row['filename']) . '] does not exist on disk</span><br />' . "\n"; } $row = mysqli_fetch_assoc($result); } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All files exist on disk</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; // No duplicate orders $new_output = ''; $query = 'SELECT name FROM file_categories WHERE EXISTS (SELECT * FROM files WHERE files.category=file_categories.category_id GROUP BY order_num HAVING COUNT(*) > 1)'; $result = DB::queryRaw($query); $row = mysqli_fetch_assoc($result); while ($row) { $new_output .= ' <span style="color: #a00;">The file category "' . $row['name'] . '" has multiple files with the same order number</span><br />' . "\n"; $row = mysqli_fetch_assoc($result); } $query = 'SELECT * FROM files WHERE files.category="0" GROUP BY order_num HAVING COUNT(*) > 1'; $result = DB::queryRaw($query); if (mysqli_num_rows($result) == 1) { $new_output .= ' <span style="color: #a00;">The file category "Miscellaneous" has multiple files with the same order number</span><br />' . "\n"; } if ($new_output == '') { $new_output .= ' <span style="color: #0a0;">All files have valid order numbers</span><br />' . "\n"; } $output .= $new_output . ' <br />' . "\n"; $output .= ' <a href="Database" class="small">[Clear]</a>'; show_page($output); }