This commit is contained in:
botanic 2014-09-02 23:26:53 -07:00
commit a162da4479
4 changed files with 80 additions and 60 deletions

View file

@ -25,8 +25,16 @@ class Users{
$cpass = "";
$email = "";
}
if ( helpers :: check_if_game_client() or isset($FORCE_INGAME) ) {
if ( isset( $_POST["TaC"] )) {
$tac="success";
}
} else {
$tac="success";
}
if ( ( $user == "success" ) and ( $pass == "success" ) and ( $cpass == "success" ) and ( $email == "success" ) and ( isset( $_POST["TaC"] ) ) ){
if ( ( $user == "success" ) and ( $pass == "success" ) and ( $cpass == "success" ) and ( $email == "success" ) and ($tac=="success") ){
return "success";
}else{
global $TOS_URL;

View file

@ -11,10 +11,12 @@ function add_user(){
global $INGAME_WEBPATH;
$params = Array('Username' => $_POST["Username"], 'Password' => $_POST["Password"], 'ConfirmPass' => $_POST["ConfirmPass"], 'Email' => $_POST["Email"]);
$webUser = new WebUsers();
//check if the POST variables are valid, before actual registering
$result = $webUser->check_Register($params);
global $SITEBASE;
require_once($SITEBASE . '/inc/settings.php');
// if all are good then create user
if ( $result == "success"){
$edit = array(
@ -29,24 +31,30 @@ function add_user(){
$status = write_user( $edit );
if(Helpers::check_if_game_client()){
//if registering ingame then we have to set the header and dont need to reload the template.
header("Cache-Control: max-age=1");
header('Location: email_sent.php');
throw new SystemExit();
exit;
}
$pageElements['status'] = $status;
$pageElements['no_visible_elements'] = 'TRUE';
$pageElements['ingame_webpath'] = $INGAME_WEBPATH;
helpers :: loadtemplate( 'register_feedback', $pageElements);
throw new SystemExit();
}elseif (isset($_POST['page']) && $_POST['page']=="settings"){
$pageElements = settings();
$pageElements['ingame_webpath'] = $INGAME_WEBPATH;
$pageElements['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$pageElements['SUCCESS_ADD'] = $status;
if (isset($_GET['page']) && $_GET['page']=="settings"){
helpers :: loadtemplate( 'settings', $pageElements);
}else{
$pageElements['no_visible_elements'] = 'TRUE';
helpers :: loadtemplate( 'register_feedback', $pageElements);
}
exit;
}elseif (isset($_GET['page']) && $_GET['page']=="settings"){
$pageElements = array_merge(settings(), $result);
// pass error and reload template accordingly
$result['prevUsername'] = $_POST["Username"];
$result['prevPassword'] = $_POST["Password"];
$result['prevConfirmPass'] = $_POST["ConfirmPass"];
$result['prevEmail'] = $_POST["Email"];
$result['no_visible_elements'] = 'TRUE';
helpers :: loadtemplate( 'settings', $result);
throw new SystemExit();
$pageElements['prevUsername'] = $_POST["Username"];
$pageElements['prevPassword'] = $_POST["Password"];
$pageElements['prevConfirmPass'] = $_POST["ConfirmPass"];
$pageElements['prevEmail'] = $_POST["Email"];
$pageElements['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
helpers :: loadtemplate( 'settings', $pageElements);
exit;
}else{
// pass error and reload template accordingly
$result['prevUsername'] = $_POST["Username"];
@ -56,35 +64,37 @@ function add_user(){
$result['no_visible_elements'] = 'TRUE';
$pageElements['ingame_webpath'] = $INGAME_WEBPATH;
helpers :: loadtemplate( 'register', $result);
throw new SystemExit();
exit;
}
}
//use the valid userdata to create the new user.
function write_user($newUser){
//create salt here, because we want it to be the same on the web/server
$hashpass = crypt($newUser["pass"], WebUsers::generateSALT());
$params = array(
'Login' => $newUser["name"],
'Password' => $hashpass,
'Email' => $newUser["mail"]
'Email' => $newUser["mail"]
);
try{
//make new webuser
$user_id = WebUsers::createWebuser($params['Login'], $params['Password'], $params['Email']);
//Create the user on the shard + in case shard is offline put copy of query in query db
//returns: ok, shardoffline or liboffline
$result = WebUsers::createUser($params, $user_id);
Users::createPermissions(array($newUser["name"]));
}catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
throw new SystemExit();
exit;
}
return $result;
}

View file

@ -7,13 +7,13 @@
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function change_mail(){
try{
//if logged in
if(WebUsers::isLoggedIn()){
if(isset($_POST['target_id'])){
//check if the user who executed this function is the person of whom the emailaddress is or if it's a mod/admin.
if( ($_POST['target_id'] == $_SESSION['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){
if($_POST['target_id'] == $_SESSION['id']){
@ -24,22 +24,22 @@ function change_mail(){
$webUser = new WebUsers($_POST['target_id']);
$target_username = $webUser->getUsername();
}
$webUser = new WebUsers($_POST['target_id']);
//check if emailaddress is valid.
$reply = $webUser->checkEmail($_POST['NewEmail']);
global $SITEBASE;
require_once($SITEBASE . '/inc/settings.php');
$result = settings();
if ( $reply != "success" ){
$result['EMAIL_ERROR'] = 'TRUE';
}else{
$result['EMAIL_ERROR'] = 'FALSE';
}
$result['prevNewEmail'] = filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL);
if ($reply== "success"){
//if validation was successful, update the emailaddress
$status = WebUsers::setEmail($target_username, filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL) );
@ -58,8 +58,8 @@ function change_mail(){
}
}
helpers :: loadtemplate( 'settings', $result);
throw new SystemExit();
exit;
}else{
$result['EMAIL'] = $reply;
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
@ -71,36 +71,34 @@ function change_mail(){
$result['isMod'] = "TRUE";
}
}
$result['CEMAIL_ERROR'] = true;
helpers :: loadtemplate( 'settings', $result);
throw new SystemExit();
exit;
}
}else{
//ERROR: permission denied!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
exit;
}
}else{
//ERROR: The form was not filled in correclty
header("Cache-Control: max-age=1");
//ERROR: The form was not filled in correctly
header("Location: index.php?page=settings");
throw new SystemExit();
}
exit;
}
}else{
//ERROR: user is not logged in
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
exit;
}
}catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
throw new SystemExit();
exit;
}
}

View file

@ -83,56 +83,60 @@
<form id="addUser" class="form-vertical" method="post" action="index.php?page=settings&id={$target_id}">
<legend>Add User</legend>
<div class="control-group">
<div class="control-group {if isset($USERNAME_ERROR) and $USERNAME_ERROR eq "TRUE"}error{/if}">
<label class="control-label">Username</label>
<div class="controls">
<div class="input-prepend">
<span style="margin-left:5px;" class="add-on"><i class="icon-user"></i></span>
<input type="text" placeholder="Username" name="Username" id="Username" class="input-xlarge">
<input type="text" placeholder="Username" name="Username" id="Username" class="input-xlarge" {if isset($prevUsername)}value="{$prevUsername}"{/if}>
{if isset($USERNAME_ERROR) and $USERNAME_ERROR eq "TRUE"}<span class="help-inline">{$USERNAME}</span>{/if}
</div>
</div>
</div>
<div class="control-group ">
<div class="control-group {if isset($PASSWORD_ERROR) and $PASSWORD_ERROR eq "TRUE"}error{/if}">
<label class="control-label">Password</label>
<div class="controls">
<div class="input-prepend">
<span style="margin-left:5px;" class="add-on"><i class="icon-lock"></i></span>
<input type="password" placeholder="Password" name="Password" id="Password" class="input-xlarge">
{if isset($PASSWORD_ERROR) and $PASSWORD_ERROR eq "TRUE"}<span class="help-inline">{$PASSWORD}</span>{/if}
</div>
</div>
</div>
<div class="control-group ">
<div class="control-group {if isset($CPASSWORD_ERROR) and $CPASSWORD_ERROR eq "TRUE"}error{/if}">
<label class="control-label">Confirm Password</label>
<div class="controls">
<div class="input-prepend">
<span style="margin-left:5px;" class="add-on"><i class="icon-lock"></i></span>
<input type="password" placeholder="Confirm Password" name="ConfirmPass" id="ConfirmPass" class="input-xlarge">
{if isset($CPASSWORD_ERROR) and $CPASSWORD_ERROR eq "TRUE"}<span class="help-inline">{$CPASSWORD}</span>{/if}
</div>
</div>
</div>
<div class="control-group ">
<div class="control-group {if isset($EMAIL_ERROR) and $EMAIL_ERROR eq "TRUE"}error{/if}">
<label class="control-label">Email</label>
<div class="controls">
<div class="input-prepend">
<span style="margin-left:5px;" class="add-on"><i class="icon-envelope"></i></span>
<input type="text" placeholder="Email" name="Email" id="Email" class="input-xlarge">
<input type="text" class="input-xlarge" id="Email" name="Email" placeholder="Email" {if isset($prevEmail)}value="{$prevEmail}"{/if}>
{if isset($EMAIL_ERROR) and $EMAIL_ERROR eq "TRUE"}<span class="help-inline">{$EMAIL}</span>{/if}
</div>
</div>
</div>
{if isset($SUCCESS_PASS) and $SUCCESS_PASS eq "OK"}
{if isset($SUCCESS_ADD) and $SUCCESS_ADD eq "ok"}
<div class="alert alert-success">
The user is created!
The user has been created!
</div>
{/if}
{if isset($SUCCESS_PASS) and $SUCCESS_PASS eq "SHARDOFF"}
{if isset($SUCCESS_ADD) and $SUCCESS_ADD eq "shardoffline"}
<div class="alert alert-warning">
The user can't be created.
The user is created, though the shard seems offline, it may take some time to see the change on the shard.
</div>
{/if}
@ -158,13 +162,13 @@
<div class="row-fluid">
<form id="changeEmail" class="form-vertical" method="post" action="index.php?page=settings&id={$target_id}">
<legend>Change Email</legend>
<div class="control-group {if isset($EMAIL_ERROR) and $EMAIL_ERROR eq "TRUE"}error{/if}">
<div class="control-group {if isset($CEMAIL_ERROR) and $CEMAIL_ERROR eq "TRUE"}error{/if}">
<label class="control-label">New Email</label>
<div class="controls">
<div class="input-prepend">
<span class="add-on" style="margin-left:5px;"><i class="icon-envelope"></i></span>
<input type="text" class="input-xlarge" id="NewEmail" name="NewEmail" placeholder="Your new email" {if isset($prevNewEmail)}value="{$prevNewEmail}"{else if isset($current_mail)}value="{$current_mail}"{/if}>
{if isset($EMAIL_ERROR) and $EMAIL_ERROR eq "TRUE"}<span class="help-inline">{$EMAIL}</span>{/if}
{if isset($CEMAIL_ERROR) and $CEMAIL_ERROR eq "TRUE"}<span class="help-inline">{$EMAIL}</span>{/if}
</div>
</div>