/**
*
*/
public function register($username, $password, $confirmPassword, $email, $gender, $birthdate, $securityCode)
{
if (preg_match('/[^' . Flux::config('UsernameAllowedChars') . ']/', $username)) {
throw new Flux_RegisterError('Caractere(s) inválido usados no nome de usuário', Flux_RegisterError::INVALID_USERNAME);
} elseif (strlen($username) < Flux::config('MinUsernameLength')) {
throw new Flux_RegisterError('Nome de usuário é muito curto', Flux_RegisterError::USERNAME_TOO_SHORT);
} elseif (strlen($username) > Flux::config('MaxUsernameLength')) {
throw new Flux_RegisterError('Nome de usuário é muito longo', Flux_RegisterError::USERNAME_TOO_LONG);
} elseif (!Flux::config('AllowUserInPassword') && stripos($password, $username) !== false) {
throw new Flux_RegisterError('Senha contém o nome de usuário', Flux_RegisterError::USERNAME_IN_PASSWORD);
} elseif (!ctype_graph($password)) {
throw new Flux_RegisterError('Caractere(s) inválido usado na senha', Flux_RegisterError::INVALID_PASSWORD);
} elseif (strlen($password) < Flux::config('MinPasswordLength')) {
throw new Flux_RegisterError('Senha é muito curta', Flux_RegisterError::PASSWORD_TOO_SHORT);
} elseif (strlen($password) > Flux::config('MaxPasswordLength')) {
throw new Flux_RegisterError('Senha é muito longa', Flux_RegisterError::PASSWORD_TOO_LONG);
} elseif ($password !== $confirmPassword) {
throw new Flux_RegisterError('Senhas não combinam', Flux_RegisterError::PASSWORD_MISMATCH);
} elseif (Flux::config('PasswordMinUpper') > 0 && preg_match_all('/[A-Z]/', $password, $matches) < Flux::config('PasswordMinUpper')) {
throw new Flux_RegisterError('As senhas devem conter pelo menos ' + intval(Flux::config('PasswordMinUpper')) + ' letra(s) maiúscula(s)', Flux_RegisterError::PASSWORD_NEED_UPPER);
} elseif (Flux::config('PasswordMinLower') > 0 && preg_match_all('/[a-z]/', $password, $matches) < Flux::config('PasswordMinLower')) {
throw new Flux_RegisterError('As senhas devem conter pelo menos ' + intval(Flux::config('PasswordMinLower')) + ' letra(s) minúscula(s)', Flux_RegisterError::PASSWORD_NEED_LOWER);
} elseif (Flux::config('PasswordMinNumber') > 0 && preg_match_all('/[0-9]/', $password, $matches) < Flux::config('PasswordMinNumber')) {
throw new Flux_RegisterError('As senhas devem conter pelo menos ' + intval(Flux::config('PasswordMinNumber')) + ' número(s)', Flux_RegisterError::PASSWORD_NEED_NUMBER);
} elseif (Flux::config('PasswordMinSymbol') > 0 && preg_match_all('/[^A-Za-z0-9]/', $password, $matches) < Flux::config('PasswordMinSymbol')) {
throw new Flux_RegisterError('As senhas devem conter pelo menos ' + intval(Flux::config('PasswordMinSymbol')) + ' símbolo(s)', Flux_RegisterError::PASSWORD_NEED_SYMBOL);
} elseif (Flux::config('PasswordMaxSymbols') > 0 && preg_match_all('/[^A-Za-z0-9]/', $password, $matches) > Flux::config('PasswordMaxSymbols')) {
throw new Flux_RegisterError('As senhas não podem conter mais de ' + intval(Flux::config('PasswordMaxSymbols')) + ' Caracteres', Flux_RegisterError::PASSWORD_MAX_SYMBOLS);
} elseif (!preg_match('/^[a-zA-Z0-9][a-zA-Z0-9\\._-]+@([a-zA-Z0-9]+\\.)([a-zA-Z0-9]+)$/', $email)) {
throw new Flux_RegisterError('Endereço de e-mail inválido', Flux_RegisterError::INVALID_EMAIL_ADDRESS);
} elseif (!in_array(strtoupper($gender), array('M', 'F'))) {
throw new Flux_RegisterError('Gênero inválido', Flux_RegisterError::INVALID_GENDER);
} elseif (($birthdatestamp = strtotime($birthdate)) === false || date('Y-m-d', $birthdatestamp) != $birthdate) {
throw new Flux_RegisterError('Data de nascimento inválida', Flux_RegisterError::INVALID_BIRTHDATE);
} elseif (Flux::config('UseCaptcha')) {
if (Flux::config('EnableReCaptcha')) {
require_once 'recaptcha/recaptchalib.php';
$resp = recaptcha_check_answer(Flux::config('ReCaptchaPrivateKey'), $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
if (!$resp->is_valid) {
throw new Flux_RegisterError('Código de segurança inválido', Flux_RegisterError::INVALID_SECURITY_CODE);
}
} elseif (strtolower($securityCode) !== strtolower(Flux::$sessionData->securityCode)) {
throw new Flux_RegisterError('Código de segurança inválido', Flux_RegisterError::INVALID_SECURITY_CODE);
}
}
$sql = "SELECT userid FROM {$this->loginDatabase}.login WHERE ";
if ($this->config->getNoCase()) {
$sql .= 'LOWER(userid) = LOWER(?) ';
} else {
$sql .= 'BINARY userid = ? ';
}
$sql .= 'LIMIT 1';
$sth = $this->connection->getStatement($sql);
$sth->execute(array($username));
$res = $sth->fetch();
if ($res) {
throw new Flux_RegisterError('Nome de usuário já está em uso', Flux_RegisterError::USERNAME_ALREADY_TAKEN);
}
if (!Flux::config('AllowDuplicateEmails')) {
$sql = "SELECT email FROM {$this->loginDatabase}.login WHERE email = ? LIMIT 1";
$sth = $this->connection->getStatement($sql);
$sth->execute(array($email));
$res = $sth->fetch();
if ($res) {
throw new Flux_RegisterError('Endereço de e-mail já está em uso', Flux_RegisterError::EMAIL_ADDRESS_IN_USE);
}
}
if ($this->config->getUseMD5()) {
$password = Flux::hashPassword($password);
}
$sql = "INSERT INTO {$this->loginDatabase}.login (userid, user_pass, email, sex, group_id, birthdate) VALUES (?, ?, ?, ?, ?, ?)";
$sth = $this->connection->getStatement($sql);
$res = $sth->execute(array($username, $password, $email, $gender, (int) $this->config->getGroupID(), date('Y-m-d', $birthdatestamp)));
if ($res) {
$idsth = $this->connection->getStatement("SELECT LAST_INSERT_ID() AS account_id");
$idsth->execute();
$idres = $idsth->fetch();
$createTable = Flux::config('FluxTables.AccountCreateTable');
$sql = "INSERT INTO {$this->loginDatabase}.{$createTable} (account_id, userid, user_pass, sex, email, reg_date, reg_ip, confirmed) ";
$sql .= "VALUES (?, ?, ?, ?, ?, NOW(), ?, 1)";
$sth = $this->connection->getStatement($sql);
$sth->execute(array($idres->account_id, $username, $password, $gender, $email, $_SERVER['REMOTE_ADDR']));
return $idres->account_id;
} else {
return false;
}
}
if ($username && $password && $e->getCode() != Flux_LoginError::INVALID_SERVER) {
$loginAthenaGroup = Flux::getServerGroupByName($server);
$sql = "SELECT account_id FROM {$loginAthenaGroup->loginDatabase}.login WHERE ";
if (!$loginAthenaGroup->loginServer->config->getNoCase()) {
$sql .= "CAST(userid AS BINARY) ";
} else {
$sql .= "userid ";
}
$sql .= "= ? LIMIT 1";
$sth = $loginAthenaGroup->connection->getStatement($sql);
$sth->execute(array($username));
$row = $sth->fetch();
if ($row) {
$accountID = $row->account_id;
if ($loginAthenaGroup->loginServer->config->getUseMD5()) {
$password = Flux::hashPassword($password);
}
$sql = "INSERT INTO {$loginAthenaGroup->loginDatabase}.{$loginLogTable} ";
$sql .= "(account_id, username, password, ip, error_code, login_date) ";
$sql .= "VALUES (?, ?, ?, ?, ?, NOW())";
$sth = $loginAthenaGroup->connection->getStatement($sql);
$sth->execute(array($accountID, $username, $password, $_SERVER['REMOTE_ADDR'], $e->getCode()));
}
}
switch ($e->getCode()) {
case Flux_LoginError::UNEXPECTED:
$errorMessage = Flux::message('UnexpectedLoginError');
break;
case Flux_LoginError::INVALID_SERVER:
$errorMessage = Flux::message('InvalidLoginServer');
break;
} elseif (Flux::config('PasswordMinLower') > 0 && preg_match_all('/[a-z]/', $newPassword, $matches) < $passwordMinLower) {
$errorMessage = sprintf(Flux::message('NewPasswordNeedLower'), $passwordMinLower);
} elseif (Flux::config('PasswordMinNumber') > 0 && preg_match_all('/[0-9]/', $newPassword, $matches) < $passwordMinNumber) {
$errorMessage = sprintf(Flux::message('NewPasswordNeedNumber'), $passwordMinNumber);
} elseif (Flux::config('PasswordMinSymbol') > 0 && preg_match_all('/[^A-Za-z0-9]/', $newPassword, $matches) < $passwordMinSymbol) {
$errorMessage = sprintf(Flux::message('NewPasswordNeedSymbol'), $passwordMinSymbol);
} elseif (!Flux_Security::csrfValidate('PasswordEdit', $_POST, $error)) {
$errorMessage = $error;
} else {
$sql = "SELECT user_pass AS currentPassword FROM {$server->loginDatabase}.login WHERE account_id = ?";
$sth = $server->connection->getStatement($sql);
$sth->execute(array($session->account->account_id));
$account = $sth->fetch();
$useMD5 = $session->loginServer->config->getUseMD5();
$currentPassword = $useMD5 ? Flux::hashPassword($currentPassword) : $currentPassword;
$newPassword = $useMD5 ? Flux::hashPassword($newPassword) : $newPassword;
if ($currentPassword != $account->currentPassword) {
$errorMessage = Flux::message('OldPasswordInvalid');
} else {
$sql = "UPDATE {$server->loginDatabase}.login SET user_pass = ? WHERE account_id = ?";
$sth = $server->connection->getStatement($sql);
if ($sth->execute(array($newPassword, $session->account->account_id))) {
$pwChangeTable = Flux::config('FluxTables.ChangePasswordTable');
$sql = "INSERT INTO {$server->loginDatabase}.{$pwChangeTable} ";
$sql .= "(account_id, old_password, new_password, change_ip, change_date) ";
$sql .= "VALUES (?, ?, ?, ?, NOW())";
$sth = $server->connection->getStatement($sql);
$sth->execute(array($session->account->account_id, $currentPassword, $newPassword, $_SERVER['REMOTE_ADDR']));
$session->setMessageData(Flux::message('PasswordHasBeenChanged'));
$session->logout();
$this->redirect($this->url('account', 'login'));
/**
*
*/
public function register($username, $password, $confirmPassword, $email, $gender, $birthdate, $securityCode)
{
if (preg_match('/^[^' . Flux::config('UsernameAllowedChars') . ']$/', $username)) {
throw new Flux_RegisterError('Invalid character(s) used in username', Flux_RegisterError::INVALID_USERNAME);
} elseif (strlen($username) < Flux::config('MinUsernameLength')) {
throw new Flux_RegisterError('Username is too short', Flux_RegisterError::USERNAME_TOO_SHORT);
} elseif (strlen($username) > Flux::config('MaxUsernameLength')) {
throw new Flux_RegisterError('Username is too long', Flux_RegisterError::USERNAME_TOO_LONG);
} elseif (!Flux::config('AllowUserInPassword') && stripos($password, $username) !== false) {
throw new Flux_RegisterError('Password contains username', Flux_RegisterError::USERNAME_IN_PASSWORD);
} elseif (!ctype_graph($password)) {
throw new Flux_RegisterError('Invalid character(s) used in password', Flux_RegisterError::INVALID_PASSWORD);
} elseif (strlen($password) < Flux::config('MinPasswordLength')) {
throw new Flux_RegisterError('Password is too short', Flux_RegisterError::PASSWORD_TOO_SHORT);
} elseif (strlen($password) > Flux::config('MaxPasswordLength')) {
throw new Flux_RegisterError('Password is too long', Flux_RegisterError::PASSWORD_TOO_LONG);
} elseif ($password !== $confirmPassword) {
throw new Flux_RegisterError('Passwords do not match', Flux_RegisterError::PASSWORD_MISMATCH);
} elseif (Flux::config('PasswordMinUpper') > 0 && preg_match_all('/[A-Z]/', $password, $matches) < Flux::config('PasswordMinUpper')) {
throw new Flux_RegisterError('Passwords must contain at least ' + intval(Flux::config('PasswordMinUpper')) + ' uppercase letter(s)', Flux_RegisterError::PASSWORD_NEED_UPPER);
} elseif (Flux::config('PasswordMinLower') > 0 && preg_match_all('/[a-z]/', $password, $matches) < Flux::config('PasswordMinLower')) {
throw new Flux_RegisterError('Passwords must contain at least ' + intval(Flux::config('PasswordMinLower')) + ' lowercase letter(s)', Flux_RegisterError::PASSWORD_NEED_LOWER);
} elseif (Flux::config('PasswordMinNumber') > 0 && preg_match_all('/[0-9]/', $password, $matches) < Flux::config('PasswordMinNumber')) {
throw new Flux_RegisterError('Passwords must contain at least ' + intval(Flux::config('PasswordMinNumber')) + ' number(s)', Flux_RegisterError::PASSWORD_NEED_NUMBER);
} elseif (Flux::config('PasswordMinSymbol') > 0 && preg_match_all('/[^A-Za-z0-9]/', $password, $matches) < Flux::config('PasswordMinSymbol')) {
throw new Flux_RegisterError('Passwords must contain at least ' + intval(Flux::config('PasswordMinSymbol')) + ' symbol(s)', Flux_RegisterError::PASSWORD_NEED_SYMBOL);
} elseif (!preg_match('/^(.+?)@(.+?)$/', $email)) {
throw new Flux_RegisterError('Invalid e-mail address', Flux_RegisterError::INVALID_EMAIL_ADDRESS);
} elseif (!in_array(strtoupper($gender), array('M', 'F'))) {
throw new Flux_RegisterError('Invalid gender', Flux_RegisterError::INVALID_GENDER);
} elseif (($birthdatestamp = strtotime($birthdate)) === false || date('Y-m-d', $birthdatestamp) != $birthdate) {
throw new Flux_RegisterError('Invalid birthdate', Flux_RegisterError::INVALID_BIRTHDATE);
} elseif (Flux::config('UseCaptcha')) {
if (Flux::config('EnableReCaptcha')) {
require_once 'recaptcha/recaptchalib.php';
$resp = recaptcha_check_answer(Flux::config('ReCaptchaPrivateKey'), $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
if (!$resp->is_valid) {
throw new Flux_RegisterError('Invalid security code', Flux_RegisterError::INVALID_SECURITY_CODE);
}
} elseif (strtolower($securityCode) !== strtolower(Flux::$sessionData->securityCode)) {
throw new Flux_RegisterError('Invalid security code', Flux_RegisterError::INVALID_SECURITY_CODE);
}
}
$sql = "SELECT userid FROM {$this->loginDatabase}.login WHERE ";
if ($this->config->getNoCase()) {
$sql .= 'LOWER(userid) = LOWER(?) ';
} else {
$sql .= 'BINARY userid = ? ';
}
$sql .= 'LIMIT 1';
$sth = $this->connection->getStatement($sql);
$sth->execute(array($username));
$res = $sth->fetch();
if ($res) {
throw new Flux_RegisterError('Username is already taken', Flux_RegisterError::USERNAME_ALREADY_TAKEN);
}
if (!Flux::config('AllowDuplicateEmails')) {
$sql = "SELECT email FROM {$this->loginDatabase}.login WHERE email = ? LIMIT 1";
$sth = $this->connection->getStatement($sql);
$sth->execute(array($email));
$res = $sth->fetch();
if ($res) {
throw new Flux_RegisterError('E-mail address is already in use', Flux_RegisterError::EMAIL_ADDRESS_IN_USE);
}
}
if ($this->config->getUseMD5()) {
$password = Flux::hashPassword($password);
}
$sql = "INSERT INTO {$this->loginDatabase}.login (userid, user_pass, email, sex, group_id, birthdate) VALUES (?, ?, ?, ?, ?, ?)";
$sth = $this->connection->getStatement($sql);
$res = $sth->execute(array($username, $password, $email, $gender, (int) $this->config->getGroupID(), date('Y-m-d', $birthdatestamp)));
if ($res) {
$idsth = $this->connection->getStatement("SELECT LAST_INSERT_ID() AS account_id");
$idsth->execute();
$idres = $idsth->fetch();
$createTable = Flux::config('FluxTables.AccountCreateTable');
$sql = "INSERT INTO {$this->loginDatabase}.{$createTable} (account_id, userid, user_pass, sex, email, reg_date, reg_ip, confirmed) ";
$sql .= "VALUES (?, ?, ?, ?, ?, NOW(), ?, 1)";
$sth = $this->connection->getStatement($sql);
$sth->execute(array($idres->account_id, $username, $password, $gender, $email, $_SERVER['REMOTE_ADDR']));
return $idres->account_id;
} else {
return false;
}
}
if (!$sth->execute(array($account, $code)) || !($reset = $sth->fetch())) {
$this->deny();
}
$sql = "UPDATE {$loginAthenaGroup->loginDatabase}.{$resetPassTable} SET ";
$sql .= "reset_done = 1, reset_date = NOW(), reset_ip = ?, new_password = ? WHERE id = ?";
$sth = $loginAthenaGroup->connection->getStatement($sql);
$newPassword = '';
$characters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$characters = str_split($characters, 1);
$passLength = intval(($len = Flux::config('RandomPasswordLength')) < 8 ? 8 : $len);
for ($i = 0; $i < $passLength; ++$i) {
$newPassword .= $characters[array_rand($characters)];
}
$unhashedNewPassword = $newPassword;
if ($loginAthenaGroup->loginServer->config->getUseMD5()) {
$newPassword = Flux::hashPassword($newPassword);
}
if (!$sth->execute(array($_SERVER['REMOTE_ADDR'], $newPassword, $reset->id))) {
$session->setMessageData(Flux::message('ResetPwFailed'));
$this->redirect();
}
$sql = "UPDATE {$loginAthenaGroup->loginDatabase}.login SET user_pass = ? WHERE account_id = ?";
$sth = $loginAthenaGroup->connection->getStatement($sql);
if (!$sth->execute(array($newPassword, $account))) {
$session->setMessageData(Flux::message('ResetPwFailed'));
$this->redirect();
}
require_once 'Flux/Mailer.php';
$mail = new Flux_Mailer();
$sent = $mail->send($acc->email, 'Password Has Been Reset', 'newpass', array('AccountUsername' => $acc->userid, 'NewPassword' => $unhashedNewPassword));
if ($sent) {
/**
*
*/
public function register($username, $password, $confirmPassword, $email, $gender, $securityCode)
{
if (strlen($username) < Flux::config('MinUsernameLength')) {
throw new Flux_RegisterError('Username is too short', Flux_RegisterError::USERNAME_TOO_SHORT);
} elseif (strlen($username) > Flux::config('MaxUsernameLength')) {
throw new Flux_RegisterError('Username is too long', Flux_RegisterError::USERNAME_TOO_LONG);
} elseif (strlen($password) < Flux::config('MinPasswordLength')) {
throw new Flux_RegisterError('Password is too short', Flux_RegisterError::PASSWORD_TOO_SHORT);
} elseif (strlen($password) > Flux::config('MaxPasswordLength')) {
throw new Flux_RegisterError('Password is too long', Flux_RegisterError::PASSWORD_TOO_LONG);
} elseif ($password !== $confirmPassword) {
throw new Flux_RegisterError('Passwords do not match', Flux_RegisterError::PASSWORD_MISMATCH);
} elseif (!preg_match('/(.+?)@(.+?)/', $email)) {
throw new Flux_RegisterError('Invalid e-mail address', Flux_RegisterError::INVALID_EMAIL_ADDRESS);
} elseif (!in_array(strtoupper($gender), array('M', 'F'))) {
throw new Flux_RegisterError('Invalid gender', Flux_RegisterError::INVALID_GENDER);
} elseif (Flux::config('UseCaptcha')) {
if (Flux::config('EnableReCaptcha')) {
require_once 'recaptcha/recaptchalib.php';
$resp = recaptcha_check_answer(Flux::config('ReCaptchaPrivateKey'), $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
if (!$resp->is_valid) {
throw new Flux_RegisterError('Invalid security code', Flux_RegisterError::INVALID_SECURITY_CODE);
}
} elseif (strtolower($securityCode) !== strtolower(Flux::$sessionData->securityCode)) {
throw new Flux_RegisterError('Invalid security code', Flux_RegisterError::INVALID_SECURITY_CODE);
}
}
$sql = "SELECT userid FROM {$this->loginDatabase}.login WHERE ";
if ($this->config->getNoCase()) {
$sql .= 'LOWER(userid) = LOWER(?) ';
} else {
$sql .= 'BINARY userid = ? ';
}
$sql .= 'LIMIT 1';
$sth = $this->connection->getStatement($sql);
$sth->execute(array($username));
$res = $sth->fetch();
if ($res) {
throw new Flux_RegisterError('Username is already taken', Flux_RegisterError::USERNAME_ALREADY_TAKEN);
}
if (!Flux::config('AllowDuplicateEmails')) {
$sql = "SELECT email FROM {$this->loginDatabase}.login WHERE email = ? LIMIT 1";
$sth = $this->connection->getStatement($sql);
$sth->execute(array($email));
$res = $sth->fetch();
if ($res) {
throw new Flux_RegisterError('E-mail address is already in use', Flux_RegisterError::EMAIL_ADDRESS_IN_USE);
}
}
if ($this->config->getUseMD5()) {
$password = Flux::hashPassword($password);
}
$sql = "INSERT INTO {$this->loginDatabase}.login (userid, user_pass, email, sex) VALUES (?, ?, ?, ?)";
$sth = $this->connection->getStatement($sql);
$res = $sth->execute(array($username, $password, $email, $gender));
if ($res) {
$idsth = $this->connection->getStatement("SELECT LAST_INSERT_ID() AS account_id");
$idsth->execute();
$idres = $idsth->fetch();
$createTable = Flux::config('FluxTables.AccountCreateTable');
$sql = "INSERT INTO {$this->loginDatabase}.{$createTable} (account_id, userid, user_pass, sex, email, reg_date, reg_ip, confirmed) ";
$sql .= "VALUES (?, ?, ?, ?, ?, NOW(), ?, 1)";
$sth = $this->connection->getStatement($sql);
$sth->execute(array($idres->account_id, $username, $password, $gender, $email, $_SERVER['REMOTE_ADDR']));
return $idres->account_id;
} else {
return false;
}
}
