function validateFormInputs()
{
if (validateName()) {
if (validateEmail()) {
if (validateMessage()) {
if (validateHiddenInput()) {
return true;
}
}
}
}
return false;
}
function insertNameInput()
{
if (isset($_POST['odeslat'])) {
if (validateName()) {
insertInputWithValue("text", "jmeno", "jmeno", "Jméno a příjmení", 40, trim($_POST['jmeno']));
insertOKSpan();
} else {
insertInput("text", "jmeno", "jmeno", "Jméno a příjmení", 40);
insertWrongSpan();
}
} else {
insertInput("text", "jmeno", "jmeno", "Jméno a příjmení", 40);
insertWrongSpan();
}
}
function getDataErrors($data)
{
$messages = [];
if (empty($data['first_name']) || empty($data['last_name']) || empty($data['username']) || empty($data['password'])) {
$messages[] = 'Παρακαλούμε συμπληρώστε όλα τα πεδία';
return $messages;
}
if (!validateName($data['first_name'])) {
$messages[] = 'Το όνομα σας περιέχει μη επιτρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο γράμματα της αλφαβήτας';
}
if (!validateName($data['last_name'])) {
$messages[] = 'Το επώνυμό σας περιέχει μη επιτρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο γράμματα της αλφαβήτας';
}
if (!validateUsername($data['username'])) {
$messages[] = 'Το username σας περιέχει μη πετρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο λατινικούς χαρακτήρες και αριθμούς';
}
if (!validateEmail($data['email'])) {
$messages[] = 'Το e-mail σας δεν είναι έγκυρο. Παρακούμε εισάγετε ένα έγκυρο e-mail.';
}
if (!validatePassword($data['password'])) {
$messages[] = 'Μη επιτρεπτός κωδικός. Ο κωδικός σας πρέπει να περιλαμβάνει τουλάχιστον 8 ψηφία.';
}
return $messages;
}
//Do an "action" (run a script which isn't supposed to produce HTML, but rather
//redirect back to a page) if the 'a' GET parameter is supplied
if (!empty($_GET['a'])) {
$action = $_GET['a'];
if (!ctype_alnum($action)) {
die("Action name is invalid.");
}
if (!file_exists("{$root}/actions/{$action}.php")) {
die("Action {$action} doesn't exist.");
}
include "{$root}/actions/{$action}.php";
} else {
if (empty($_GET['p'])) {
if ($loggedin) {
$page = "browse";
} else {
$page = "login";
}
} else {
$page = $_GET['p'];
}
if (!validateName($page)) {
die("Page name is invalid.");
}
if (!file_exists("{$root}/views/{$page}/index.php")) {
die("Page {$page} doesn't exist.");
}
template("index", ["page" => $page]);
$_SESSION['error'] = false;
}
ob_end_flush();
private function edit()
{
if (empty($_GET['id'])) {
$this->show_all();
} else {
if (empty($_POST)) {
$id_service = $_GET['id'];
$service = $this->model->get($id_service);
if ($service) {
$section = file_get_contents('Views/Service/edit.html');
$dicc = array('{id}' => $service['id_service'], '{nombre}' => $service['service_name'], '{ubicacion}' => $service['location_name']);
$section = strtr($section, $dicc);
$this->template($section);
} else {
echo 'no existe ese servicio para editarlo';
}
} else {
$id_service = $_GET['id'];
require_once "Controllers/Validaciones.php";
$name = validateName($_POST['name']);
$id_location = validateNumber($_POST['location']);
$service = new Service($name, $id_location);
$result = $this->model->edit($service, $id_service);
if ($result) {
$this->show_message("success", "El servicio se edito correctamente");
} else {
$this->show_message("danger", "No se edito no puede haber duplicados en el nombre");
}
}
}
}
}
}
function validateOption($option, $errMsg)
{
if (isset($option)) {
return !empty($option) && $option != 'default' ? '' : $errMsg . '<br />';
}
}
?>
<form id="loginForm" class="form-horizontal" method="post" action="">
<div><?php
echo validateName($username, 'invalid username');
echo validateName($password, 'invalid password');
echo validateOption($option, 'invalid radio button');
echo validateOption($favNumber, 'invalid dropdown');
?>
</div>
<!-- username -->
<div class="form-group">
<label for="username" class="col-sm-2 control-label">Username</label>
<div class="col-sm-10">
<input type="text" class="form-control" id="username" name="username" placeholder="Username"
value="<?php
echo htmlspecialchars($username);
?>
">
</div>
<?php
if (!validateName($firstName)) {
echo $styleInvalid;
}
?>
/>
<input type="text" name="LAST" placeholder="Last"
value="<?php
if (isset($_POST['LAST'])) {
echo $lastName;
}
?>
" size="15" id="lastName"
<?php
if (!validateName($firstName)) {
echo $styleInvalid;
}
?>
/><br />
<label>Address:</label>
<input type="text" name="ADDRESS"
value="<?php
if (isset($_POST['ADDRESS'])) {
echo $address;
}
?>
" size="37" id="address"
<?php
if (!validateAddress($address)) {
@session_start();
require_once '../Includes/database.php';
if (isset($_SESSION['username'])) {
redirect('../');
}
require_once '../Includes/header.php';
require_once '../Includes/formvalidation.php';
?>
<script src="../Scripts/formHandling.js" type="text/javascript"></script>
<?php
if (isset($_POST['submit'])) {
$formFields = array('Email', 'FirstName', 'LastName', 'Password1');
$errors = array();
$errors['Email'] = validateEmail($_POST['Email']);
$errors['FirstName'] = validateName($_POST['FirstName']);
$errors['LastName'] = validateName($_POST['LastName']);
$errors['Password1'] = validatePassword($_POST['Password1']);
//$errors['Password2'] = validatePassword($_POST['Password2']);
if ($errors['Password1'] == "") {
if ($_POST['Password1'] != $_POST['Password2']) {
$errors['Password1'] = "Values don't match";
}
}
$totalErrors = "";
foreach ($formFields as $fields) {
$totalErrors .= $errors[$fields];
echo $totalErrors;
//echo "error :{$fields}".$errors[$fields]."<br/>";
//echo $totalErrors;
}
if ($totalErrors == "") {
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>T20KB Register</title>
<link rel="stylesheet" type="text/css" href="css/register.css" media="all" />
</head>
<body>
<div id="container">
<h1 align="center">Registration</h1>
<?php
if (isset($_POST['send']) && (!validateName($_POST['name']) || !validateEmail($_POST['email']) || !validateNum($_POST['number']))) {
?>
<div id="error">
<ul>
<?php
if (!validateName($_POST['name'])) {
?>
<li><strong>Error username aleary exist </strong></li>
<?php
}
?>
<?php
if (!validateEmail($_POST['email'])) {
?>
<li><strong>user with given email already exsist</strong></li>
<?php
}
?>
<?php
if (!validateNum($_POST['number'])) {
?>
$flavor = $client->getFlavor();
if (!isset($_POST['email']) || !isset($_POST['reg_passwd__'])) {
loadErrorClass($flavor);
return;
} else {
$login = isset($_POST['login']) ? true : false;
$name = $_POST['name'];
$email = $_POST['email'];
$password = $_POST['reg_passwd__'];
$nextPage = isset($_POST['next']) ? $_POST['next'] : "index.php";
$auth_token = isset($_POST['auth_token']) ? $_POST['auth_token'] : null;
if (!validateEmail($email)) {
loadErrorClass($flavor, 'Email validation failed.');
return;
}
if (!validateName($name)) {
loadErrorClass($flavor, 'Please specify a first and last name');
return;
}
if (!validatePassword($password)) {
loadErrorClass($flavor, 'Password must be specified');
return;
}
$uid = null;
try {
$dbCon = RingsideApiDbDatabase::getDatabaseConnection();
//$client->api_client->admin_createUser($email, $password);
$user = new Api_Dao_User();
$user->setUsername($email);
$user->setPassword(sha1($password));
if (!$user->initByUserName($email, $dbCon)) {
public static function register($username, $password, $cppassword, $name, $country, $mySQL)
{
$username = htmlentities($username);
$name = htmlentities($name);
$country = htmlentities($country);
$registrationResult = array();
if (empty($username)) {
array_push($registrationResult, "Username field is required.");
} else {
if (strlen($username) < 3) {
array_push($registrationResult, "Username must be at least 6 characters long.");
} else {
if (strlen($username) > 50) {
array_push($registrationResult, "Username can be maximum 50 characters long.");
} else {
if ($mySQL->selectUser($username)) {
array_push($registrationResult, "Username is already taken");
} else {
if (!preg_match("/^[a-zA-Z1-9]*\$/", $username)) {
array_push($registrationResult, "Username can only contain letters and digits.");
}
}
}
}
}
if (empty($password)) {
array_push($registrationResult, "Password field is required.");
} else {
if (strlen($password) < 6) {
array_push($registrationResult, "Password must be at least 6 characters long.");
} else {
if (strlen($password) > 50) {
array_push($registrationResult, "Password cannot be longer than 50 characters.");
}
}
}
if ($password != $cppassword) {
array_push($registrationResult, "Passwords do not match.");
}
$name_check = validateName($name);
if ($name_check !== true) {
array_push($registrationResult, $name_check);
}
if (!empty($registrationResult)) {
return $registrationResult;
}
$hash = password_hash($password . SiteUser::$salt, PASSWORD_DEFAULT);
if (($id = getCountryID($country, $mySQL)) == null) {
array_push($registrationResult, "An error occurred. Please try again later.");
return $registrationResult;
}
$type = "Reader";
$stmt = $mySQL->prepare("INSERT INTO users (username, password, name, country_id, type) VALUES (?,?,?,?,?)");
$stmt->bind_param("sssis", $username, $hash, $name, $id, $type);
$stmt->execute();
return true;
}
private function edit()
{
if (empty($_GET['id'])) {
$this->show_all();
} else {
if (empty($_POST)) {
$id_employee = $_GET['id'];
$employee = $this->model->get($id_employee);
if ($employee) {
$section = file_get_contents('Views/Employee/edit.html');
$dicc = array('{id}' => $employee['id_employee'], '{nombre}' => $employee['emp_name'], '{apellido}' => $employee['emp_last_name'], '{RFC}' => $employee['RFC'], '{email}' => $employee['emp_email'], '{telefono}' => $employee['emp_phone'], '{celular}' => $employee['emp_cellpone'], '{direcccion}' => $employee['address'], '{colonia}' => $employee['colony']);
$section = strtr($section, $dicc);
$this->template($section);
} else {
echo 'no existe ese empleado para editarlo';
}
} else {
$id_employee = $_GET['id'];
require_once "Controllers/Validaciones.php";
$name = validateName($_POST['name']);
$last_name = validateName($_POST['last_name']);
$RFC = validateRFC($_POST['RFC']);
$email = validateEmail($_POST['email']);
$phone = $_POST['phone'];
$cellphone = $_POST['cellphone'];
$address = $_POST['address'];
$colony = validateText($_POST['colony']);
$city = $_POST['city'];
$employee = new Employee($name, $last_name, $RFC, $email, $phone, $cellphone, $address, $colony, $city);
$result = $this->model->edit($employee, $id_employee);
if ($result) {
$this->show_message("success", "El empleado se edito correctamente");
} else {
$this->show_message("danger", "No se edito no puede haber duplicados en el correo o el RFC");
}
}
}
}
if (!empty($_POST['value'])) {
switch ($_POST['field']) {
case 1:
$res = validateUsername($_POST['value']);
if (!$res) {
echo 'Το username σας περιέχει μη πετρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο λατινικούς χαρακτήρες και αριθμούς';
}
break;
case 2:
$res = validateName($_POST['value']);
if (!$res) {
echo 'Το όνομα σας περιέχει μη επιτρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο γράμματα της αλφαβήτας';
}
break;
case 3:
$res = validateName($_POST['value']);
if (!$res) {
echo 'Το επώνυμο σας περιέχει μη επιτρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο γράμματα της αλφαβήτας';
}
break;
case 4:
$res = validateEmail($_POST['value']);
if (!$res) {
echo 'Το e-mail σας δεν είναι έγκυρο. Παρακούμε εισάγετε ένα έγκυρο e-mail.';
}
break;
case 5:
$res = validatePassword($_POST['value']);
if (!$res) {
echo 'Μη επιτρεπτός κωδικός. Ο κωδικός σας πρέπει να περιλαμβάνει τουλάχιστον 8 ψηφία.';
}
$outp .= '"Type":"' . $rs["type"] . '"}';
}
$outp .= "]";
echo $outp;
}
}
}
}
if (isset($_POST['val'])) {
if ($siteUser->isLoggedIn() == false) {
return;
}
if ($_POST['val'] == "cpupdate") {
if (isset($_POST['change']) && $_POST['change'] === "name") {
if (isset($_POST["data"])) {
$name_check = validateName($_POST['data']);
if ($name_check === true) {
$stmt = $mysql->prepare("UPDATE users SET name = ? WHERE user_id = {$siteUser->getUserId()} ");
$stmt->bind_param("s", $_POST['data']);
$stmt->execute();
echo "Your name has been updated.";
} else {
echo $name_check;
}
}
} elseif (isset($_POST['change']) && $_POST['change'] === "country") {
$id = getCountryID($_POST['data'], $mysql);
if ($id != null) {
$mysql->query("UPDATE users SET country_id = '" . $id . "' WHERE user_id = {$siteUser->getUserId()} ");
echo "Country Updated.";
} else {
private function edit()
{
if (empty($_GET['id'])) {
$this->show_all();
} else {
if (empty($_POST)) {
$id_user = $_GET['id'];
$user = $this->model->get($id_user);
if ($user) {
$section = file_get_contents('Views/User/edit.html');
//$rolName = $user['rol'] == 'admin' ? 'Administrador' : ($user['rol'] == 'employee' ? 'Empleado' : 'Cliente');
$dicc = array('{id}' => $user['id_user'], '{nombre}' => $user['user_name'], '{password}' => $user['password'], '{email}' => $user['user_email']);
$section = strtr($section, $dicc);
$this->template($section);
} else {
echo 'no existe ese usuario para editarlo';
}
} else {
$id_user = $_GET['id'];
require_once "Controllers/Validaciones.php";
$name = validateNameUser($_POST['name']);
$password = md5(validatePass($_POST['password']));
$password_confirm = md5(validatePass($_POST['password_confirm']));
$email = validateEmail($_POST['email']);
$rol = validateName($_POST['rol']);
$join = isset($_POST['join']) ? $_POST['join'] : NULL;
$option = $rol == 'admin' ? 'id_employee' : ($rol == 'employee' ? 'id_employee' : ($rol == 'client' ? 'id_client' : NULL));
$user = new User($name, $password, $email, $rol);
$result = $this->model->edit($user, $id_user, $option, $join);
if ($result) {
$this->show_message("success", "El usuario se edito correctamente");
} else {
$this->show_message("danger", "No se edito no puede haber duplicados en el nombre o el correo");
}
}
}
}
private function edit()
{
if (empty($_GET['id'])) {
$this->show_all();
} else {
if (empty($_POST)) {
$id_location = $_GET['id'];
$location = $this->model->get($id_location);
if ($location) {
$section = file_get_contents('Views/Location/edit.html');
$dicc = array('{id}' => $location['id_location'], '{nombre}' => $location['location_name']);
$section = strtr($section, $dicc);
$this->template($section);
} else {
echo 'no existe ubicacion para editarla';
}
} else {
$id_location = $_GET['id'];
require_once "Controllers/Validaciones.php";
$name = validateName($_POST['name']);
$location = new Location($name);
$result = $this->model->edit($location, $id_location);
if ($result) {
$this->show_message("success", "La ubicacion se edito exitosamente");
} else {
$this->show_message("danger", "No se edito, no puede haber duplicados en el nombre");
}
}
}
}
}
if (isset($_POST['CONFIRMPASSWORD'])) {
$password2 = $_POST['CONFIRMPASSWORD'];
}
if (isset($_POST['GENDER'])) {
$gender = $_POST['GENDER'];
}
if (isset($_POST['SUBSCRIPTION'])) {
$subscription = $_POST['SUBSCRIPTION'];
}
if (isset($_POST['comments'])) {
$comments = $_POST['comments'];
}
if (validateName($firstName)) {
//$x = true;
if (validateName($lastName)) {
// $x = true;
if (validateEmail($email)) {
// $y = true;
if ($dob != "") {
// $x = true;
if ($address != "") {
// $x = true;
if ($city != "") {
// $x = true;
if (validateState($state)) {
// $x = true;
if (validateZip($zip)) {
// $y = true;
if (validatePhone($phone)) {
// $y = true;
<?php
if (!$loggedin) {
fail("Not logged in.");
}
if (empty($_GET['file'])) {
fail("You must supply a file name.");
} else {
$file = urldecode($_GET['file']);
}
if (empty($_GET['path'])) {
$path = "";
} else {
$path = urldecode($_GET['path']);
}
if (!validateName($path, '\\/') || preg_match('/\\.\\./', $path)) {
fail("Path name contains illegal characters.");
}
if (!validateName($file)) {
fail("File name contains illegal characters.");
}
header("Content-Disposition: attachment; filename=\"{$file}\"");
header("Content-Transfer-Encoding: bytes");
$filePath = "{$conf->schemsDir}/{$uuid}/{$path}/{$file}";
echo file_get_contents($filePath);
fail("You're not logged in.");
}
if (empty($_FILES['file'])) {
fail("No file specified.");
}
if (empty($_GET['path'])) {
$path = "";
} else {
$path = urldecode($_GET['path']);
}
$allowedExtensions = ["schematic", "prog"];
$file = $_FILES['file'];
$file['ext'] = strtolower(end(explode(".", $file['name'])));
if (!in_array($file['ext'], $allowedExtensions)) {
fail("Extension {$file['ext']} is not allowed.");
}
if ($file['size'] > $conf->maxFileSize) {
fail("File too big.");
}
if (!validateName($file['name'])) {
fail("File name contains illegal characters.");
}
if (!validateName($path, '\\/') || preg_match('/\\.\\./', $path)) {
fail("Path name contains illegal characters.");
}
$uploadPath = "{$conf->schemsDir}/{$uuid}/{$path}/{$file['name']}";
if (move_uploaded_file($file['tmp_name'], $uploadPath)) {
redirect();
} else {
fail("Couldn't upload file.");
}
$path = "";
} else {
$path = urldecode($_GET['path']);
}
if (empty($_GET['newname'])) {
fail("You must supply a new name.");
} else {
$newName = urldecode($_GET['newname']);
}
if (!validateName($path, '\\/') || preg_match('/\\.\\./', $path)) {
fail("Path name contains illegal characters.");
}
if (!validateName($file)) {
fail("File name contains illegal characters.");
}
if (!validateName($newName)) {
fail("New name contains illegal characters.");
}
if (pathinfo($file, PATHINFO_EXTENSION) !== pathinfo($file, PATHINFO_EXTENSION)) {
fail("You can't change the file extension.");
}
$basePath = "{$conf->schemsDir}/{$uuid}/{$path}";
//die("Renaming $basePath/$file to $basePath/$newName.");
if (file_exists("{$basePath}/{$newName}")) {
fail("File '{$newName}' already exists.");
}
if (rename("{$basePath}/{$file}", "{$basePath}/{$newName}")) {
redirect();
} else {
fail("Couldn't rename file.");
}
private function edit()
{
if (empty($_GET['id'])) {
$this->show_all();
} else {
if (empty($_POST)) {
$id_client = $_GET['id'];
$client = $this->model->get($id_client);
if ($client) {
$section = file_get_contents('Views/Client/edit.html');
$dicc = array('{id}' => $client['id_client'], '{nombre}' => $client['client_name'], '{RFC}' => $client['client_RFC'], '{email}' => $client['client_emai'], '{telefono}' => $client['client_phone'], '{celular}' => $client['client_cellphone']);
$section = strtr($section, $dicc);
$this->template($section);
} else {
echo 'no existe ese empleado para editarlo';
}
} else {
$id_client = $_GET['id'];
require_once "Controllers/Validaciones.php";
$name = validateName($_POST['name']);
$RFC = validateRFC($_POST['RFC']);
$email = validateEmail($_POST['email']);
$phone = $_POST['phone'];
$cellphone = $_POST['cellphone'];
$client = new Client($name, $RFC, $email, $phone, $cellphone);
$result = $this->model->edit($client, $id_client);
if ($result) {
$this->show_message("success", "El cliente se edito correctamente");
} else {
$this->show_message("danger", "No se edito no puede haber duplicados en el nombre o el correo");
}
}
}
}
