2013-06-06 06:04:46 +00:00
|
|
|
<?php
|
2013-06-07 11:05:28 +00:00
|
|
|
class Users{
|
2013-06-17 05:57:09 +00:00
|
|
|
|
2013-06-10 11:17:55 +00:00
|
|
|
public function add_user(){
|
2013-06-17 05:57:09 +00:00
|
|
|
|
2013-06-18 17:48:54 +00:00
|
|
|
helpers :: loadtemplate( 'register', $pageElements );
|
|
|
|
|
2013-06-10 11:17:55 +00:00
|
|
|
}
|
2013-06-19 04:50:08 +00:00
|
|
|
|
|
|
|
public function check_Register(){
|
|
|
|
// check values
|
|
|
|
if ( isset( $_POST["Username"] ) and isset( $_POST["Password"] ) and isset( $_POST["Email"] ) ){
|
|
|
|
$user = Users :: checkUser( $_POST["Username"] );
|
|
|
|
$pass = Users :: checkPassword( $_POST["Password"] );
|
|
|
|
$cpass = Users :: confirmPassword($pass);
|
|
|
|
$email = Users :: checkEmail( $_POST["Email"] );
|
|
|
|
}else{
|
|
|
|
$user = "";
|
|
|
|
$pass = "";
|
|
|
|
$cpass = "";
|
|
|
|
$email = "";
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( ( $user == "success" ) and ( $pass == "success" ) and ( $cpass == "success" ) and ( $email == "success" ) and ( isset( $_POST["TaC"] ) ) ){
|
|
|
|
return "success";
|
|
|
|
}else{
|
|
|
|
$pageElements = array(
|
|
|
|
//'GAME_NAME' => $GAME_NAME,
|
|
|
|
// 'WELCOME_MESSAGE' => $WELCOME_MESSAGE,
|
|
|
|
'USERNAME' => $user,
|
|
|
|
'PASSWORD' => $pass,
|
|
|
|
'CPASSWORD' => $cpass,
|
|
|
|
'EMAIL' => $email
|
|
|
|
);
|
|
|
|
if ( $user != "success" ){
|
|
|
|
$pageElements['USERNAME_ERROR'] = 'TRUE';
|
|
|
|
}else{
|
|
|
|
$pageElements['USERNAME_ERROR'] = 'FALSE';
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( $pass != "success" ){
|
|
|
|
$pageElements['PASSWORD_ERROR'] = 'TRUE';
|
|
|
|
}else{
|
|
|
|
$pageElements['PASSWORD_ERROR'] = 'FALSE';
|
|
|
|
}
|
|
|
|
if ( $cpass != "success" ){
|
|
|
|
$pageElements['CPASSWORD_ERROR'] = 'TRUE';
|
|
|
|
}else{
|
|
|
|
$pageElements['CPASSWORD_ERROR'] = 'FALSE';
|
|
|
|
}
|
|
|
|
if ( $email != "success" ){
|
|
|
|
$pageElements['EMAIL_ERROR'] = 'TRUE';
|
|
|
|
}else{
|
|
|
|
$pageElements['EMAIL_ERROR'] = 'FALSE';
|
|
|
|
}
|
|
|
|
if ( isset( $_POST["TaC"] ) ){
|
|
|
|
$pageElements['TAC_ERROR'] = 'FALSE';
|
|
|
|
}else{
|
|
|
|
$pageElements['TAC_ERROR'] = 'TRUE';
|
|
|
|
}
|
|
|
|
return $pageElements;
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
2013-06-17 05:57:09 +00:00
|
|
|
|
2013-06-10 11:17:55 +00:00
|
|
|
/**
|
|
|
|
* Function checkUser
|
2013-06-17 05:57:09 +00:00
|
|
|
*
|
2013-06-10 11:17:55 +00:00
|
|
|
* @takes $username
|
|
|
|
* @return string Info: Returns a string based on if the username is valid, if valid then "success" is returned
|
|
|
|
*/
|
|
|
|
public function checkUser( $username )
|
|
|
|
{
|
|
|
|
if ( isset( $username ) ){
|
|
|
|
if ( strlen( $username ) > 12 ){
|
|
|
|
return "Username must be no more than 12 characters.";
|
|
|
|
}elseif ( strlen( $username ) < 5 ){
|
|
|
|
return "Username must be 5 or more characters.";
|
|
|
|
}elseif ( !preg_match( '/^[a-z0-9\.]*$/', $username ) ){
|
|
|
|
return "Username can only contain numbers and letters.";
|
2013-06-19 04:50:08 +00:00
|
|
|
}elseif ( $username == "" ){
|
|
|
|
return "You have to fill in a username";
|
|
|
|
|
2013-06-18 05:22:24 +00:00
|
|
|
/*}elseif ( sql :: db_query( "SELECT COUNT(*) FROM {users} WHERE name = :name", array(
|
2013-06-10 11:17:55 +00:00
|
|
|
':name' => $username
|
|
|
|
) ) -> fetchField() ){
|
2013-06-18 05:22:24 +00:00
|
|
|
return "Username " . $username . " is in use.";*/
|
2013-06-07 11:05:28 +00:00
|
|
|
}else{
|
|
|
|
return "success";
|
|
|
|
}
|
2013-06-10 11:17:55 +00:00
|
|
|
}else{
|
|
|
|
return "success";
|
|
|
|
}
|
|
|
|
return "fail";
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
* Function checkPassword
|
2013-06-17 05:57:09 +00:00
|
|
|
*
|
2013-06-10 11:17:55 +00:00
|
|
|
* @takes $pass
|
|
|
|
* @return string Info: Returns a string based on if the password is valid, if valid then "success" is returned
|
|
|
|
*/
|
|
|
|
public function checkPassword( $pass )
|
|
|
|
{
|
|
|
|
if ( isset( $pass ) ){
|
|
|
|
if ( strlen( $pass ) > 20 ){
|
|
|
|
return "Password must be no more than 20 characters.";
|
|
|
|
}elseif ( strlen( $pass ) < 5 ){
|
|
|
|
return "Password must be more than 5 characters.";
|
2013-06-19 04:50:08 +00:00
|
|
|
}elseif ( $pass == ""){
|
|
|
|
return "You have to fill in a password";
|
2013-06-07 11:05:28 +00:00
|
|
|
}else{
|
|
|
|
return "success";
|
|
|
|
}
|
2013-06-10 11:17:55 +00:00
|
|
|
}
|
|
|
|
return "fail";
|
|
|
|
}
|
|
|
|
/**
|
|
|
|
* Function confirmPassword
|
2013-06-17 05:57:09 +00:00
|
|
|
*
|
2013-06-10 11:17:55 +00:00
|
|
|
* @takes $pass
|
|
|
|
* @return string Info: Verify's $_POST["Password"] is the same as $_POST["ConfirmPass"]
|
|
|
|
*/
|
2013-06-19 04:50:08 +00:00
|
|
|
public function confirmPassword($pass_result)
|
2013-06-10 11:17:55 +00:00
|
|
|
{
|
2013-06-19 04:50:08 +00:00
|
|
|
if ( ( $_POST["Password"] ) != ( $_POST["ConfirmPass"] ) ){
|
2013-06-10 11:17:55 +00:00
|
|
|
return "Passwords do not match.";
|
2013-06-19 04:50:08 +00:00
|
|
|
}else if ($_POST["ConfirmPass"]==""){
|
|
|
|
return "You have to fill in the confirmation password.";
|
|
|
|
}else if($pass_result != "success"){
|
|
|
|
return;
|
|
|
|
}else{
|
2013-06-10 11:17:55 +00:00
|
|
|
return "success";
|
2013-06-19 04:50:08 +00:00
|
|
|
}
|
|
|
|
return "fail";
|
|
|
|
}
|
2013-06-10 11:17:55 +00:00
|
|
|
/**
|
|
|
|
* Function checkEmail
|
2013-06-17 05:57:09 +00:00
|
|
|
*
|
2013-06-10 11:17:55 +00:00
|
|
|
* @takes $email
|
2013-06-17 05:57:09 +00:00
|
|
|
* @return
|
2013-06-10 11:17:55 +00:00
|
|
|
*/
|
|
|
|
public function checkEmail( $email )
|
|
|
|
{
|
|
|
|
if ( isset( $email ) ){
|
2013-06-19 04:50:08 +00:00
|
|
|
if ( !Users::validEmail( $email ) ){
|
|
|
|
return "Email address is not valid.";
|
|
|
|
}else if($email == ""){
|
|
|
|
return "You have to fill in an email address";
|
|
|
|
}
|
2013-06-18 05:22:24 +00:00
|
|
|
/*}elseif ( db_query( "SELECT COUNT(*) FROM {users} WHERE mail = :mail", array(
|
2013-06-10 11:17:55 +00:00
|
|
|
':mail' => $email
|
|
|
|
) ) -> fetchField() ){
|
2013-06-19 04:50:08 +00:00
|
|
|
return "Email is in use.";}*/
|
|
|
|
else{
|
2013-06-07 11:05:28 +00:00
|
|
|
return "success";
|
|
|
|
}
|
2013-06-10 11:17:55 +00:00
|
|
|
}else{
|
|
|
|
return "success";
|
|
|
|
}
|
|
|
|
return "fail";
|
|
|
|
}
|
2013-06-18 17:48:54 +00:00
|
|
|
|
2013-06-18 05:22:24 +00:00
|
|
|
public function validEmail( $email ){
|
|
|
|
$isValid = true;
|
|
|
|
$atIndex = strrpos( $email, "@" );
|
|
|
|
if ( is_bool( $atIndex ) && !$atIndex ){
|
|
|
|
$isValid = false;
|
|
|
|
}else{
|
|
|
|
$domain = substr( $email, $atIndex + 1 );
|
|
|
|
$local = substr( $email, 0, $atIndex );
|
|
|
|
$localLen = strlen( $local );
|
|
|
|
$domainLen = strlen( $domain );
|
|
|
|
if ( $localLen < 1 || $localLen > 64 ){
|
|
|
|
// local part length exceeded
|
|
|
|
$isValid = false;
|
|
|
|
}else if ( $domainLen < 1 || $domainLen > 255 ){
|
|
|
|
// domain part length exceeded
|
|
|
|
$isValid = false;
|
|
|
|
}else if ( $local[0] == '.' || $local[$localLen - 1] == '.' ){
|
|
|
|
// local part starts or ends with '.'
|
|
|
|
$isValid = false;
|
|
|
|
}else if ( preg_match( '/\\.\\./', $local ) ){
|
|
|
|
// local part has two consecutive dots
|
|
|
|
$isValid = false;
|
|
|
|
}else if ( !preg_match( '/^[A-Za-z0-9\\-\\.]+$/', $domain ) ){
|
|
|
|
// character not valid in domain part
|
|
|
|
$isValid = false;
|
|
|
|
}else if ( preg_match( '/\\.\\./', $domain ) ){
|
|
|
|
// domain part has two consecutive dots
|
|
|
|
$isValid = false;
|
|
|
|
}else if ( !preg_match( '/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace( "\\\\", "", $local ) ) ){
|
|
|
|
// character not valid in local part unless
|
|
|
|
// local part is quoted
|
|
|
|
if ( !preg_match( '/^"(\\\\"|[^"])+"$/', str_replace( "\\\\", "", $local ) ) ){
|
|
|
|
$isValid = false;
|
2013-06-07 11:05:28 +00:00
|
|
|
}
|
2013-06-18 05:22:24 +00:00
|
|
|
}
|
|
|
|
if ( $isValid && !( checkdnsrr( $domain, "MX" ) || checkdnsrr( $domain, "A" ) ) ){
|
|
|
|
// domain not found in DNS
|
|
|
|
$isValid = false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $isValid;
|
|
|
|
}
|
2013-06-18 17:48:54 +00:00
|
|
|
|
2013-06-10 11:17:55 +00:00
|
|
|
public function generateSALT( $length = 2 )
|
|
|
|
{
|
|
|
|
// start with a blank salt
|
|
|
|
$salt = "";
|
|
|
|
// define possible characters - any character in this string can be
|
|
|
|
// picked for use in the salt, so if you want to put vowels back in
|
|
|
|
// or add special characters such as exclamation marks, this is where
|
|
|
|
// you should do it
|
|
|
|
$possible = "2346789bcdfghjkmnpqrtvwxyzBCDFGHJKLMNPQRTVWXYZ";
|
|
|
|
// we refer to the length of $possible a few times, so let's grab it now
|
|
|
|
$maxlength = strlen( $possible );
|
|
|
|
// check for length overflow and truncate if necessary
|
|
|
|
if ( $length > $maxlength ){
|
|
|
|
$length = $maxlength;
|
|
|
|
}
|
|
|
|
// set up a counter for how many characters are in the salt so far
|
|
|
|
$i = 0;
|
|
|
|
// add random characters to $salt until $length is reached
|
|
|
|
while ( $i < $length ){
|
|
|
|
// pick a random character from the possible ones
|
|
|
|
$char = substr( $possible, mt_rand( 0, $maxlength - 1 ), 1 );
|
|
|
|
// have we already used this character in $salt?
|
|
|
|
if ( !strstr( $salt, $char ) ){
|
|
|
|
// no, so it's OK to add it onto the end of whatever we've already got...
|
|
|
|
$salt .= $char;
|
|
|
|
// ... and increase the counter by one
|
|
|
|
$i++;
|
2013-06-07 11:05:28 +00:00
|
|
|
}
|
2013-06-10 11:17:55 +00:00
|
|
|
}
|
|
|
|
// done!
|
|
|
|
return $salt;
|
2013-06-19 21:53:53 +00:00
|
|
|
}
|
|
|
|
|
2013-06-27 18:18:36 +00:00
|
|
|
|
2013-06-19 23:02:27 +00:00
|
|
|
function createUser($values){
|
|
|
|
|
2013-06-27 16:06:09 +00:00
|
|
|
$libdb = $values['db']['lib'];
|
|
|
|
$sharddb = $values['db']['shard'];
|
2013-06-19 23:02:27 +00:00
|
|
|
|
2013-06-26 01:26:25 +00:00
|
|
|
try {
|
|
|
|
//make connection with and put into shard db
|
2013-06-27 16:06:09 +00:00
|
|
|
$dbs = new DBLayer($sharddb);
|
|
|
|
$dbs->execute("INSERT INTO user (Login, Password, Email) VALUES (:name, :pass, :mail)",$values["params"]);
|
2013-06-26 01:26:25 +00:00
|
|
|
return "ok";
|
|
|
|
}
|
|
|
|
catch (PDOException $e) {
|
|
|
|
//oh noooz, the shard is offline! Put in query queue at ams_lib db!
|
2013-06-19 23:02:27 +00:00
|
|
|
try {
|
2013-06-27 16:06:09 +00:00
|
|
|
$dbl = new DBLayer($libdb);
|
|
|
|
$dbl->execute("INSERT INTO ams_querycache (type, query) VALUES (:type, :query)",array("type" => "createUser",
|
|
|
|
"query" => json_encode(array($values["params"]["name"],$values["params"]["pass"],$values["params"]["mail"]))));
|
2013-06-26 01:26:25 +00:00
|
|
|
return "shardoffline";
|
|
|
|
}catch (PDOException $e) {
|
|
|
|
print_r($e);
|
|
|
|
return "liboffline";
|
2013-06-19 23:02:27 +00:00
|
|
|
}
|
2013-06-26 01:26:25 +00:00
|
|
|
}
|
|
|
|
|
2013-06-19 23:02:27 +00:00
|
|
|
}
|
2013-06-25 18:57:10 +00:00
|
|
|
|
2013-06-19 21:53:53 +00:00
|
|
|
}
|
|
|
|
|
2013-06-10 11:17:55 +00:00
|
|
|
|