This commit is contained in:
botanic 2014-09-02 23:26:53 -07:00
commit 6edcdcf65f
4 changed files with 80 additions and 60 deletions

View file

@ -25,8 +25,16 @@ class Users{
$cpass = ""; $cpass = "";
$email = ""; $email = "";
} }
if ( helpers :: check_if_game_client() or isset($FORCE_INGAME) ) {
if ( isset( $_POST["TaC"] )) {
$tac="success";
}
} else {
$tac="success";
}
if ( ( $user == "success" ) and ( $pass == "success" ) and ( $cpass == "success" ) and ( $email == "success" ) and ( isset( $_POST["TaC"] ) ) ){ if ( ( $user == "success" ) and ( $pass == "success" ) and ( $cpass == "success" ) and ( $email == "success" ) and ($tac=="success") ){
return "success"; return "success";
}else{ }else{
global $TOS_URL; global $TOS_URL;

View file

@ -11,10 +11,12 @@ function add_user(){
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$params = Array('Username' => $_POST["Username"], 'Password' => $_POST["Password"], 'ConfirmPass' => $_POST["ConfirmPass"], 'Email' => $_POST["Email"]); $params = Array('Username' => $_POST["Username"], 'Password' => $_POST["Password"], 'ConfirmPass' => $_POST["ConfirmPass"], 'Email' => $_POST["Email"]);
$webUser = new WebUsers(); $webUser = new WebUsers();
//check if the POST variables are valid, before actual registering //check if the POST variables are valid, before actual registering
$result = $webUser->check_Register($params); $result = $webUser->check_Register($params);
global $SITEBASE;
require_once($SITEBASE . '/inc/settings.php');
// if all are good then create user // if all are good then create user
if ( $result == "success"){ if ( $result == "success"){
$edit = array( $edit = array(
@ -29,24 +31,30 @@ function add_user(){
$status = write_user( $edit ); $status = write_user( $edit );
if(Helpers::check_if_game_client()){ if(Helpers::check_if_game_client()){
//if registering ingame then we have to set the header and dont need to reload the template. //if registering ingame then we have to set the header and dont need to reload the template.
header("Cache-Control: max-age=1");
header('Location: email_sent.php'); header('Location: email_sent.php');
throw new SystemExit(); exit;
} }
$pageElements['status'] = $status; $pageElements = settings();
$pageElements['no_visible_elements'] = 'TRUE'; $pageElements['ingame_webpath'] = $INGAME_WEBPATH;
$pageElements['ingame_webpath'] = $INGAME_WEBPATH; $pageElements['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
helpers :: loadtemplate( 'register_feedback', $pageElements); $pageElements['SUCCESS_ADD'] = $status;
throw new SystemExit(); if (isset($_GET['page']) && $_GET['page']=="settings"){
}elseif (isset($_POST['page']) && $_POST['page']=="settings"){ helpers :: loadtemplate( 'settings', $pageElements);
}else{
$pageElements['no_visible_elements'] = 'TRUE';
helpers :: loadtemplate( 'register_feedback', $pageElements);
}
exit;
}elseif (isset($_GET['page']) && $_GET['page']=="settings"){
$pageElements = array_merge(settings(), $result);
// pass error and reload template accordingly // pass error and reload template accordingly
$result['prevUsername'] = $_POST["Username"]; $pageElements['prevUsername'] = $_POST["Username"];
$result['prevPassword'] = $_POST["Password"]; $pageElements['prevPassword'] = $_POST["Password"];
$result['prevConfirmPass'] = $_POST["ConfirmPass"]; $pageElements['prevConfirmPass'] = $_POST["ConfirmPass"];
$result['prevEmail'] = $_POST["Email"]; $pageElements['prevEmail'] = $_POST["Email"];
$result['no_visible_elements'] = 'TRUE'; $pageElements['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
helpers :: loadtemplate( 'settings', $result); helpers :: loadtemplate( 'settings', $pageElements);
throw new SystemExit(); exit;
}else{ }else{
// pass error and reload template accordingly // pass error and reload template accordingly
$result['prevUsername'] = $_POST["Username"]; $result['prevUsername'] = $_POST["Username"];
@ -56,35 +64,37 @@ function add_user(){
$result['no_visible_elements'] = 'TRUE'; $result['no_visible_elements'] = 'TRUE';
$pageElements['ingame_webpath'] = $INGAME_WEBPATH; $pageElements['ingame_webpath'] = $INGAME_WEBPATH;
helpers :: loadtemplate( 'register', $result); helpers :: loadtemplate( 'register', $result);
throw new SystemExit(); exit;
} }
} }
//use the valid userdata to create the new user. //use the valid userdata to create the new user.
function write_user($newUser){ function write_user($newUser){
//create salt here, because we want it to be the same on the web/server //create salt here, because we want it to be the same on the web/server
$hashpass = crypt($newUser["pass"], WebUsers::generateSALT()); $hashpass = crypt($newUser["pass"], WebUsers::generateSALT());
$params = array( $params = array(
'Login' => $newUser["name"], 'Login' => $newUser["name"],
'Password' => $hashpass, 'Password' => $hashpass,
'Email' => $newUser["mail"] 'Email' => $newUser["mail"]
); );
try{ try{
//make new webuser //make new webuser
$user_id = WebUsers::createWebuser($params['Login'], $params['Password'], $params['Email']); $user_id = WebUsers::createWebuser($params['Login'], $params['Password'], $params['Email']);
//Create the user on the shard + in case shard is offline put copy of query in query db //Create the user on the shard + in case shard is offline put copy of query in query db
//returns: ok, shardoffline or liboffline //returns: ok, shardoffline or liboffline
$result = WebUsers::createUser($params, $user_id); $result = WebUsers::createUser($params, $user_id);
Users::createPermissions(array($newUser["name"])); Users::createPermissions(array($newUser["name"]));
}catch (PDOException $e) { }catch (PDOException $e) {
//go to error page or something, because can't access website db //go to error page or something, because can't access website db
print_r($e); print_r($e);
throw new SystemExit(); exit;
} }
return $result;
} }

View file

@ -7,13 +7,13 @@
* @author Daan Janssens, mentored by Matthew Lagoe * @author Daan Janssens, mentored by Matthew Lagoe
*/ */
function change_mail(){ function change_mail(){
try{ try{
//if logged in //if logged in
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
if(isset($_POST['target_id'])){ if(isset($_POST['target_id'])){
//check if the user who executed this function is the person of whom the emailaddress is or if it's a mod/admin. //check if the user who executed this function is the person of whom the emailaddress is or if it's a mod/admin.
if( ($_POST['target_id'] == $_SESSION['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){ if( ($_POST['target_id'] == $_SESSION['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){
if($_POST['target_id'] == $_SESSION['id']){ if($_POST['target_id'] == $_SESSION['id']){
@ -24,22 +24,22 @@ function change_mail(){
$webUser = new WebUsers($_POST['target_id']); $webUser = new WebUsers($_POST['target_id']);
$target_username = $webUser->getUsername(); $target_username = $webUser->getUsername();
} }
$webUser = new WebUsers($_POST['target_id']); $webUser = new WebUsers($_POST['target_id']);
//check if emailaddress is valid. //check if emailaddress is valid.
$reply = $webUser->checkEmail($_POST['NewEmail']); $reply = $webUser->checkEmail($_POST['NewEmail']);
global $SITEBASE; global $SITEBASE;
require_once($SITEBASE . '/inc/settings.php'); require_once($SITEBASE . '/inc/settings.php');
$result = settings(); $result = settings();
if ( $reply != "success" ){ if ( $reply != "success" ){
$result['EMAIL_ERROR'] = 'TRUE'; $result['EMAIL_ERROR'] = 'TRUE';
}else{ }else{
$result['EMAIL_ERROR'] = 'FALSE'; $result['EMAIL_ERROR'] = 'FALSE';
} }
$result['prevNewEmail'] = filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL); $result['prevNewEmail'] = filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL);
if ($reply== "success"){ if ($reply== "success"){
//if validation was successful, update the emailaddress //if validation was successful, update the emailaddress
$status = WebUsers::setEmail($target_username, filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL) ); $status = WebUsers::setEmail($target_username, filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL) );
@ -58,8 +58,8 @@ function change_mail(){
} }
} }
helpers :: loadtemplate( 'settings', $result); helpers :: loadtemplate( 'settings', $result);
throw new SystemExit(); exit;
}else{ }else{
$result['EMAIL'] = $reply; $result['EMAIL'] = $reply;
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission(); $result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
@ -71,36 +71,34 @@ function change_mail(){
$result['isMod'] = "TRUE"; $result['isMod'] = "TRUE";
} }
} }
$result['CEMAIL_ERROR'] = true;
helpers :: loadtemplate( 'settings', $result); helpers :: loadtemplate( 'settings', $result);
throw new SystemExit(); exit;
} }
}else{ }else{
//ERROR: permission denied! //ERROR: permission denied!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error"); header("Location: index.php?page=error");
throw new SystemExit(); exit;
} }
}else{ }else{
//ERROR: The form was not filled in correclty //ERROR: The form was not filled in correctly
header("Cache-Control: max-age=1");
header("Location: index.php?page=settings"); header("Location: index.php?page=settings");
throw new SystemExit(); exit;
} }
}else{ }else{
//ERROR: user is not logged in //ERROR: user is not logged in
header("Cache-Control: max-age=1");
header("Location: index.php"); header("Location: index.php");
throw new SystemExit(); exit;
} }
}catch (PDOException $e) { }catch (PDOException $e) {
//go to error page or something, because can't access website db //go to error page or something, because can't access website db
print_r($e); print_r($e);
throw new SystemExit(); exit;
} }
} }

View file

@ -83,56 +83,60 @@
<form id="addUser" class="form-vertical" method="post" action="index.php?page=settings&id={$target_id}"> <form id="addUser" class="form-vertical" method="post" action="index.php?page=settings&id={$target_id}">
<legend>Add User</legend> <legend>Add User</legend>
<div class="control-group"> <div class="control-group {if isset($USERNAME_ERROR) and $USERNAME_ERROR eq "TRUE"}error{/if}">
<label class="control-label">Username</label> <label class="control-label">Username</label>
<div class="controls"> <div class="controls">
<div class="input-prepend"> <div class="input-prepend">
<span style="margin-left:5px;" class="add-on"><i class="icon-user"></i></span> <span style="margin-left:5px;" class="add-on"><i class="icon-user"></i></span>
<input type="text" placeholder="Username" name="Username" id="Username" class="input-xlarge"> <input type="text" placeholder="Username" name="Username" id="Username" class="input-xlarge" {if isset($prevUsername)}value="{$prevUsername}"{/if}>
{if isset($USERNAME_ERROR) and $USERNAME_ERROR eq "TRUE"}<span class="help-inline">{$USERNAME}</span>{/if}
</div> </div>
</div> </div>
</div> </div>
<div class="control-group "> <div class="control-group {if isset($PASSWORD_ERROR) and $PASSWORD_ERROR eq "TRUE"}error{/if}">
<label class="control-label">Password</label> <label class="control-label">Password</label>
<div class="controls"> <div class="controls">
<div class="input-prepend"> <div class="input-prepend">
<span style="margin-left:5px;" class="add-on"><i class="icon-lock"></i></span> <span style="margin-left:5px;" class="add-on"><i class="icon-lock"></i></span>
<input type="password" placeholder="Password" name="Password" id="Password" class="input-xlarge"> <input type="password" placeholder="Password" name="Password" id="Password" class="input-xlarge">
{if isset($PASSWORD_ERROR) and $PASSWORD_ERROR eq "TRUE"}<span class="help-inline">{$PASSWORD}</span>{/if}
</div> </div>
</div> </div>
</div> </div>
<div class="control-group "> <div class="control-group {if isset($CPASSWORD_ERROR) and $CPASSWORD_ERROR eq "TRUE"}error{/if}">
<label class="control-label">Confirm Password</label> <label class="control-label">Confirm Password</label>
<div class="controls"> <div class="controls">
<div class="input-prepend"> <div class="input-prepend">
<span style="margin-left:5px;" class="add-on"><i class="icon-lock"></i></span> <span style="margin-left:5px;" class="add-on"><i class="icon-lock"></i></span>
<input type="password" placeholder="Confirm Password" name="ConfirmPass" id="ConfirmPass" class="input-xlarge"> <input type="password" placeholder="Confirm Password" name="ConfirmPass" id="ConfirmPass" class="input-xlarge">
{if isset($CPASSWORD_ERROR) and $CPASSWORD_ERROR eq "TRUE"}<span class="help-inline">{$CPASSWORD}</span>{/if}
</div> </div>
</div> </div>
</div> </div>
<div class="control-group "> <div class="control-group {if isset($EMAIL_ERROR) and $EMAIL_ERROR eq "TRUE"}error{/if}">
<label class="control-label">Email</label> <label class="control-label">Email</label>
<div class="controls"> <div class="controls">
<div class="input-prepend"> <div class="input-prepend">
<span style="margin-left:5px;" class="add-on"><i class="icon-envelope"></i></span> <span style="margin-left:5px;" class="add-on"><i class="icon-envelope"></i></span>
<input type="text" placeholder="Email" name="Email" id="Email" class="input-xlarge"> <input type="text" class="input-xlarge" id="Email" name="Email" placeholder="Email" {if isset($prevEmail)}value="{$prevEmail}"{/if}>
{if isset($EMAIL_ERROR) and $EMAIL_ERROR eq "TRUE"}<span class="help-inline">{$EMAIL}</span>{/if}
</div> </div>
</div> </div>
</div> </div>
{if isset($SUCCESS_PASS) and $SUCCESS_PASS eq "OK"} {if isset($SUCCESS_ADD) and $SUCCESS_ADD eq "ok"}
<div class="alert alert-success"> <div class="alert alert-success">
The user is created! The user has been created!
</div> </div>
{/if} {/if}
{if isset($SUCCESS_PASS) and $SUCCESS_PASS eq "SHARDOFF"} {if isset($SUCCESS_ADD) and $SUCCESS_ADD eq "shardoffline"}
<div class="alert alert-warning"> <div class="alert alert-warning">
The user can't be created. The user is created, though the shard seems offline, it may take some time to see the change on the shard.
</div> </div>
{/if} {/if}
@ -158,13 +162,13 @@
<div class="row-fluid"> <div class="row-fluid">
<form id="changeEmail" class="form-vertical" method="post" action="index.php?page=settings&id={$target_id}"> <form id="changeEmail" class="form-vertical" method="post" action="index.php?page=settings&id={$target_id}">
<legend>Change Email</legend> <legend>Change Email</legend>
<div class="control-group {if isset($EMAIL_ERROR) and $EMAIL_ERROR eq "TRUE"}error{/if}"> <div class="control-group {if isset($CEMAIL_ERROR) and $CEMAIL_ERROR eq "TRUE"}error{/if}">
<label class="control-label">New Email</label> <label class="control-label">New Email</label>
<div class="controls"> <div class="controls">
<div class="input-prepend"> <div class="input-prepend">
<span class="add-on" style="margin-left:5px;"><i class="icon-envelope"></i></span> <span class="add-on" style="margin-left:5px;"><i class="icon-envelope"></i></span>
<input type="text" class="input-xlarge" id="NewEmail" name="NewEmail" placeholder="Your new email" {if isset($prevNewEmail)}value="{$prevNewEmail}"{else if isset($current_mail)}value="{$current_mail}"{/if}> <input type="text" class="input-xlarge" id="NewEmail" name="NewEmail" placeholder="Your new email" {if isset($prevNewEmail)}value="{$prevNewEmail}"{else if isset($current_mail)}value="{$current_mail}"{/if}>
{if isset($EMAIL_ERROR) and $EMAIL_ERROR eq "TRUE"}<span class="help-inline">{$EMAIL}</span>{/if} {if isset($CEMAIL_ERROR) and $CEMAIL_ERROR eq "TRUE"}<span class="help-inline">{$EMAIL}</span>{/if}
</div> </div>
</div> </div>