diff --git a/code/web/private_php/ams/autoload/users.php b/code/web/private_php/ams/autoload/users.php index 32eb4b4f1..aabdbe98e 100644 --- a/code/web/private_php/ams/autoload/users.php +++ b/code/web/private_php/ams/autoload/users.php @@ -25,8 +25,16 @@ class Users{ $cpass = ""; $email = ""; } + + if ( helpers :: check_if_game_client() or isset($FORCE_INGAME) ) { + if ( isset( $_POST["TaC"] )) { + $tac="success"; + } + } else { + $tac="success"; + } - if ( ( $user == "success" ) and ( $pass == "success" ) and ( $cpass == "success" ) and ( $email == "success" ) and ( isset( $_POST["TaC"] ) ) ){ + if ( ( $user == "success" ) and ( $pass == "success" ) and ( $cpass == "success" ) and ( $email == "success" ) and ($tac=="success") ){ return "success"; }else{ global $TOS_URL; diff --git a/code/web/public_php/ams/func/add_user.php b/code/web/public_php/ams/func/add_user.php index 09cef717a..dffa0ab86 100644 --- a/code/web/public_php/ams/func/add_user.php +++ b/code/web/public_php/ams/func/add_user.php @@ -11,10 +11,12 @@ function add_user(){ global $INGAME_WEBPATH; $params = Array('Username' => $_POST["Username"], 'Password' => $_POST["Password"], 'ConfirmPass' => $_POST["ConfirmPass"], 'Email' => $_POST["Email"]); $webUser = new WebUsers(); - + //check if the POST variables are valid, before actual registering $result = $webUser->check_Register($params); + global $SITEBASE; + require_once($SITEBASE . '/inc/settings.php'); // if all are good then create user if ( $result == "success"){ $edit = array( @@ -29,24 +31,30 @@ function add_user(){ $status = write_user( $edit ); if(Helpers::check_if_game_client()){ //if registering ingame then we have to set the header and dont need to reload the template. - header("Cache-Control: max-age=1"); header('Location: email_sent.php'); - throw new SystemExit(); + exit; } - $pageElements['status'] = $status; - $pageElements['no_visible_elements'] = 'TRUE'; - $pageElements['ingame_webpath'] = $INGAME_WEBPATH; - helpers :: loadtemplate( 'register_feedback', $pageElements); - throw new SystemExit(); - }elseif (isset($_POST['page']) && $_POST['page']=="settings"){ + $pageElements = settings(); + $pageElements['ingame_webpath'] = $INGAME_WEBPATH; + $pageElements['permission'] = unserialize($_SESSION['ticket_user'])->getPermission(); + $pageElements['SUCCESS_ADD'] = $status; + if (isset($_GET['page']) && $_GET['page']=="settings"){ + helpers :: loadtemplate( 'settings', $pageElements); + }else{ + $pageElements['no_visible_elements'] = 'TRUE'; + helpers :: loadtemplate( 'register_feedback', $pageElements); + } + exit; + }elseif (isset($_GET['page']) && $_GET['page']=="settings"){ + $pageElements = array_merge(settings(), $result); // pass error and reload template accordingly - $result['prevUsername'] = $_POST["Username"]; - $result['prevPassword'] = $_POST["Password"]; - $result['prevConfirmPass'] = $_POST["ConfirmPass"]; - $result['prevEmail'] = $_POST["Email"]; - $result['no_visible_elements'] = 'TRUE'; - helpers :: loadtemplate( 'settings', $result); - throw new SystemExit(); + $pageElements['prevUsername'] = $_POST["Username"]; + $pageElements['prevPassword'] = $_POST["Password"]; + $pageElements['prevConfirmPass'] = $_POST["ConfirmPass"]; + $pageElements['prevEmail'] = $_POST["Email"]; + $pageElements['permission'] = unserialize($_SESSION['ticket_user'])->getPermission(); + helpers :: loadtemplate( 'settings', $pageElements); + exit; }else{ // pass error and reload template accordingly $result['prevUsername'] = $_POST["Username"]; @@ -56,35 +64,37 @@ function add_user(){ $result['no_visible_elements'] = 'TRUE'; $pageElements['ingame_webpath'] = $INGAME_WEBPATH; helpers :: loadtemplate( 'register', $result); - throw new SystemExit(); + exit; } } //use the valid userdata to create the new user. function write_user($newUser){ - + //create salt here, because we want it to be the same on the web/server $hashpass = crypt($newUser["pass"], WebUsers::generateSALT()); - + $params = array( 'Login' => $newUser["name"], 'Password' => $hashpass, - 'Email' => $newUser["mail"] + 'Email' => $newUser["mail"] ); try{ //make new webuser $user_id = WebUsers::createWebuser($params['Login'], $params['Password'], $params['Email']); - + //Create the user on the shard + in case shard is offline put copy of query in query db //returns: ok, shardoffline or liboffline $result = WebUsers::createUser($params, $user_id); Users::createPermissions(array($newUser["name"])); - - + + }catch (PDOException $e) { //go to error page or something, because can't access website db print_r($e); - throw new SystemExit(); + exit; } + + return $result; } diff --git a/code/web/public_php/ams/func/change_mail.php b/code/web/public_php/ams/func/change_mail.php index 706c18a58..3eee0251d 100644 --- a/code/web/public_php/ams/func/change_mail.php +++ b/code/web/public_php/ams/func/change_mail.php @@ -7,13 +7,13 @@ * @author Daan Janssens, mentored by Matthew Lagoe */ function change_mail(){ - + try{ //if logged in if(WebUsers::isLoggedIn()){ - + if(isset($_POST['target_id'])){ - + //check if the user who executed this function is the person of whom the emailaddress is or if it's a mod/admin. if( ($_POST['target_id'] == $_SESSION['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){ if($_POST['target_id'] == $_SESSION['id']){ @@ -24,22 +24,22 @@ function change_mail(){ $webUser = new WebUsers($_POST['target_id']); $target_username = $webUser->getUsername(); } - + $webUser = new WebUsers($_POST['target_id']); //check if emailaddress is valid. $reply = $webUser->checkEmail($_POST['NewEmail']); - + global $SITEBASE; require_once($SITEBASE . '/inc/settings.php'); $result = settings(); - + if ( $reply != "success" ){ $result['EMAIL_ERROR'] = 'TRUE'; }else{ $result['EMAIL_ERROR'] = 'FALSE'; } $result['prevNewEmail'] = filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL); - + if ($reply== "success"){ //if validation was successful, update the emailaddress $status = WebUsers::setEmail($target_username, filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL) ); @@ -58,8 +58,8 @@ function change_mail(){ } } helpers :: loadtemplate( 'settings', $result); - throw new SystemExit(); - + exit; + }else{ $result['EMAIL'] = $reply; $result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission(); @@ -71,36 +71,34 @@ function change_mail(){ $result['isMod'] = "TRUE"; } } + $result['CEMAIL_ERROR'] = true; helpers :: loadtemplate( 'settings', $result); - throw new SystemExit(); + exit; } - + }else{ //ERROR: permission denied! $_SESSION['error_code'] = "403"; - header("Cache-Control: max-age=1"); header("Location: index.php?page=error"); - throw new SystemExit(); + exit; } - + }else{ - //ERROR: The form was not filled in correclty - header("Cache-Control: max-age=1"); + //ERROR: The form was not filled in correctly header("Location: index.php?page=settings"); - throw new SystemExit(); - } + exit; + } }else{ //ERROR: user is not logged in - header("Cache-Control: max-age=1"); header("Location: index.php"); - throw new SystemExit(); + exit; } - + }catch (PDOException $e) { //go to error page or something, because can't access website db print_r($e); - throw new SystemExit(); + exit; } - + } diff --git a/code/web/public_php/ams/templates/settings.tpl b/code/web/public_php/ams/templates/settings.tpl index 9efb05eba..ea0f32e34 100644 --- a/code/web/public_php/ams/templates/settings.tpl +++ b/code/web/public_php/ams/templates/settings.tpl @@ -83,56 +83,60 @@
Add User -
+
- + + {if isset($USERNAME_ERROR) and $USERNAME_ERROR eq "TRUE"}{$USERNAME}{/if}
-
+
+ {if isset($PASSWORD_ERROR) and $PASSWORD_ERROR eq "TRUE"}{$PASSWORD}{/if}
-
+
+ {if isset($CPASSWORD_ERROR) and $CPASSWORD_ERROR eq "TRUE"}{$CPASSWORD}{/if}
-
+
- + + {if isset($EMAIL_ERROR) and $EMAIL_ERROR eq "TRUE"}{$EMAIL}{/if}
- {if isset($SUCCESS_PASS) and $SUCCESS_PASS eq "OK"} + {if isset($SUCCESS_ADD) and $SUCCESS_ADD eq "ok"}
- The user is created! + The user has been created!
{/if} - {if isset($SUCCESS_PASS) and $SUCCESS_PASS eq "SHARDOFF"} + {if isset($SUCCESS_ADD) and $SUCCESS_ADD eq "shardoffline"}
- The user can't be created. + The user is created, though the shard seems offline, it may take some time to see the change on the shard.
{/if} @@ -158,13 +162,13 @@
Change Email -
+
- {if isset($EMAIL_ERROR) and $EMAIL_ERROR eq "TRUE"}{$EMAIL}{/if} + {if isset($CEMAIL_ERROR) and $CEMAIL_ERROR eq "TRUE"}{$EMAIL}{/if}