📄 session.php
字号:
/* Spruce up password and check length*/
$subpass = stripslashes($subpass);
if(strlen($subpass) < 4){
$form->setError($field, "* Password too short");
}
/* Check if password is not alphanumeric */
else if(!eregi("^([0-9a-z])+$", ($subpass = trim($subpass)))){
$form->setError($field, "* Password not alphanumeric");
}
/**
* Note: I trimmed the password only after I checked the length
* because if you fill the password field up with spaces
* it looks like a lot more characters than 4, so it looks
* kind of stupid to report "password too short".
*/
}
/* Email error checking */
$field = "email"; //Use field name for email
if(!$subemail || strlen($subemail = trim($subemail)) == 0){
$form->setError($field, "* Email not entered");
}
else{
/* Check if valid email address */
$regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"
."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"
."\.([a-z]{2,}){1}$";
if(!eregi($regex,$subemail)){
$form->setError($field, "* Email invalid");
}
$subemail = stripslashes($subemail);
}
/* Avatar error checking */
$field = "avatar"; //Use field name for avatar
echo $subavatar_type;
/* Upload Failed */
if ($_POST['avatar_type'] == 'upload' && !$_FILES['avatar_file']['name'])
{
$form->setError($field, "* You must upload an avatar.");
}
else if ($_POST['avatar_type'] == 'upload' && !is_uploaded_file($_FILES['avatar_file']['tmp_name']))
{
$form->setError($field, "* Your avatar failed to upload successfully; please try again.");
}
/* Avatar was not selected */
else if ($_POST['avatar_type'] == 'choose' && !$_POST['avatar'])
{
$form->setError($field, "* You must choose an avatar from the list.");
}
else if ($_POST['avatar_type'] == 'upload')
{
/** Ensure the file is really and image & that the dimensions are correct */
$sizeinfo = getimagesize($_FILES['avatar_file']['tmp_name']);
if (!$sizeinfo)
$form->setError($field, "* The file you uploaded does not appear to be an image.");
elseif (!($sizeinfo[0] == 30 && $sizeinfo[1] == 30))
$form->setError($field, "* The image you uploaded does not measure 30x30 pixels.");
}
/* Terms Of Service error checking */
$field = "terms"; //Use field name for terms
if(!$terms){
$form->setError($field, "* You must read and accept the terms of service");
}
/* Errors exist, have user correct them */
if($form->num_errors > 0){
return 1; //Errors with form
}
/* No errors, add the new account to the */
else{
/** Move uploaded avatar */
if ($_POST['avatar_type'] == 'upload')
{
move_uploaded_file($_FILES['avatar_file']['tmp_name'], AVATARS_DIR.'/'.$_FILES['avatar_file']['name']);
chmod(AVATARS_DIR.'/'.$_FILES['avatar_file']['name'], 7777);
$avatar = $_FILES['avatar_file']['name'];
}
else
$avatar = $_POST['avatar'];
if($database->addNewUser($subuser, md5($subpass), $subemail, $avatar, $sex, $country, $newsletter)){
if(EMAIL_WELCOME){
$mailer->sendWelcome($subuser,$subemail,$subpass);
}
return 0; //New user added succesfully
}else{
return 2; //Registration attempt failed
}
}
}
/**
* editAccount - Attempts to edit the user's account information
* including the password, which it first makes sure is correct
* if entered, if so and the new password is in the right
* format, the change is made. All other fields are changed
* automatically.
*/
function editAccount($subcurpass, $subnewpass, $subnewpass_confirm, $subemail, $subsex, $subcountry, $subnewsletter){
global $database, $form; //The database and form object
/* New password entered */
if($subnewpass){
/* Current Password error checking */
$field = "curpass"; //Use field name for current password
if(!$subcurpass){
$form->setError($field, "* Current Password not entered");
}
else{
/* Check if password too short or is not alphanumeric */
$subcurpass = stripslashes($subcurpass);
if(strlen($subcurpass) < 4 ||
!eregi("^([0-9a-z])+$", ($subcurpass = trim($subcurpass)))){
$form->setError($field, "* Current Password incorrect");
}
/* Password entered is incorrect */
if($database->confirmUserPass($this->username,md5($subcurpass)) != 0){
$form->setError($field, "* Current Password incorrect");
}
}
/* Password Confirmation error checking */
$field = "newpass_confirm"; //Use field name for password
if(!$subnewpass_confirm){
$form->setError($field, "* Password not entered");
}
/* New Password error checking */
$field = "newpass"; //Use field name for new password
/* Spruce up password and check length*/
$subpass = stripslashes($subnewpass);
if(strlen($subnewpass) < 4){
$form->setError($field, "* New Password too short");
}
/* Make sure passwords match */
else if(!($subnewpass == $subnewpass_confirm)){
$form->setError($field, "* Your new passwords do not match");
}
/* Check if password is not alphanumeric */
else if(!eregi("^([0-9a-z])+$", ($subnewpass = trim($subnewpass)))){
$form->setError($field, "* New Password not alphanumeric");
}
}
/* Change password attempted */
else if($subcurpass){
/* New Password error reporting */
$field = "newpass"; //Use field name for new password
$form->setError($field, "* New Password not entered");
}
/* Email error checking */
$field = "email"; //Use field name for email
if($subemail && strlen($subemail = trim($subemail)) > 0){
/* Check if valid email address */
$regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"
."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"
."\.([a-z]{2,}){1}$";
if(!eregi($regex,$subemail)){
$form->setError($field, "* Email invalid");
}
$subemail = stripslashes($subemail);
}
/* Avatar error checking */
$field = "avatar"; //Use field name for avatar
echo $subavatar_type;
/* Upload Failed */
if ($_POST['avatar_type'] == 'upload' && !$_FILES['avatar_file']['name'])
{
$form->setError($field, "* You must upload an avatar.");
}
else if ($_POST['avatar_type'] == 'upload' && !is_uploaded_file($_FILES['avatar_file']['tmp_name']))
{
$form->setError($field, "* Your avatar failed to upload successfully; please try again.");
}
/* Avatar was not selected */
else if ($_POST['avatar_type'] == 'choose' && !$_POST['avatar'])
{
$form->setError($field, "* You must choose an avatar from the list.");
}
else if ($_POST['avatar_type'] == 'upload')
{
/** Ensure the file is really and image & that the dimensions are correct */
$sizeinfo = getimagesize($_FILES['avatar_file']['tmp_name']);
if (!$sizeinfo)
$form->setError($field, "* The file you uploaded does not appear to be an image.");
elseif (!($sizeinfo[0] == 30 && $sizeinfo[1] == 30))
$form->setError($field, "* The image you uploaded does not measure 30x30 pixels.");
}
/* Errors exist, have user correct them */
if($form->num_errors > 0){
return false; //Errors with form
}
/* Update password since there were no errors */
if($subcurpass && $subnewpass){
$database->updateUserField($this->username,"password",md5($subnewpass));
}
/* Change Email */
if($subemail){
$database->updateUserField($this->username,"email",$subemail);
}
/* Change Avatar */
if ($_POST['avatar_type'] == 'upload')
{
move_uploaded_file($_FILES['avatar_file']['tmp_name'], AVATARS_DIR.'/'.$_FILES['avatar_file']['name']);
$avatar = $_FILES['avatar_file']['name'];
}
else if ($_POST['avatar_type'] == 'choose')
$avatar = $_POST['avatar'];
if ($_POST['avatar_type'] != 'keep')
{
$database->updateUserField($this->username,"avatar",$avatar);
}
/* Change Sex */
if($subsex){
$database->updateUserField($this->username,"sex",$subsex);
}
/* Change Country */
if($subcountry){
$database->updateUserField($this->username,"country",$subcountry);
}
/* Change Newsletter */
$database->updateUserField($this->username,"newsletter",$subnewsletter);
/* Success! */
return true;
}
/**
* isAdmin - Returns true if currently logged in user is
* an administrator, false otherwise.
*/
function isAdmin(){
return ($this->userlevel == ADMIN_LEVEL ||
$this->username == ADMIN_NAME);
}
/**
* generateRandID - Generates a string made up of randomized
* letters (lower and upper case) and digits and returns
* the md5 hash of it to be used as a userid.
*/
function generateRandID(){
return md5($this->generateRandStr(16));
}
/**
* generateRandStr - Generates a string made up of randomized
* letters (lower and upper case) and digits, the length
* is a specified parameter.
*/
function generateRandStr($length){
$randstr = "";
for($i=0; $i<$length; $i++){
$randnum = mt_rand(0,61);
if($randnum < 10){
$randstr .= chr($randnum+48);
}else if($randnum < 36){
$randstr .= chr($randnum+55);
}else{
$randstr .= chr($randnum+61);
}
}
return $randstr;
}
};
/**
* Initialize session object - This must be initialized before
* the form object because the form uses session variables,
* which cannot be accessed unless the session has started.
*/
$session = new Session;
/* Initialize form object */
$form = new Form;
?>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -