Created
January 25, 2017 21:26
-
-
Save TLMcode/b0981e85fb2075a6709acd5d66d0159f to your computer and use it in GitHub Desktop.
Some user login functions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /******* | |
| Function To: | |
| Register Form And Processing Code - Display's And Processes Register Form | |
| *******/ | |
| function user_login_register() | |
| { | |
| global $SITEURL; | |
| $Feul = new Feul; | |
| $error = ''; | |
| //If User Is Not Logged In | |
| if( !isset( $_SESSION[ 'LoggedIn' ] ) ) | |
| { | |
| if( isset( $_POST[ 'register-form' ] ) ) | |
| { | |
| // Add an unhash here!! | |
| /* | |
| // Working crypt decrypt .. just need to get it working for the client | |
| echo $ctst = cryptare( $_POST[ 'username' ], "1234", "" ); // return; | |
| echo "<br>" . cryptare( $ctst, "1234", "", 0 ); // return; | |
| */ | |
| if ( validate_username( $_POST[ 'username' ] ) == true | |
| && validate_password( $_POST[ 'password' ] ) == true | |
| && validate_email( $_POST[ 'email' ] ) == true ) | |
| { | |
| $addUser = $Feul->processAddUserAdmin( $_POST[ 'username' ], $_POST[ 'password' ], $_POST[ 'email' ] ); | |
| if( $addUser == true ) | |
| { | |
| echo '<div class="success">Your account was successfully created! You can now log in.</div>'; | |
| $Feul->checkLogin( true, $_POST[ 'email' ], $_POST[ 'password' ] ); | |
| //Send Email | |
| $to = $_POST[ 'email' ]; | |
| $Username = $_POST[ 'username' ]; | |
| $chosen_password = $_POST[ 'password' ]; | |
| // subject | |
| $subject = 'Your New Account (' . $Username . ') Is Setup!'; | |
| // message | |
| $message = ' | |
| <html> | |
| <head> | |
| <title>Your New Account Is Setup!</title> | |
| </head> | |
| <body> | |
| <h2><strong>Below is your login information:</strong></h2><br/><br/> | |
| <strong>Username: </strong>' . $Username . '<br/> | |
| <strong>Password: </strong>' . $chosen_password . '<br/> | |
| <br/> | |
| <a href="' . $SITEURL . '">Click Here To Visit Website</a> | |
| </body> | |
| </html> | |
| '; | |
| // To send HTML mail, the Content-type header must be set | |
| $headers = 'MIME-Version: 1.0' . "\r\n"; | |
| $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; | |
| // Additional headers | |
| //$headers .= 'To: Mary <[email protected]>, Kelly <[email protected]>' . "\r\n"; | |
| $headers .= 'From: New Account <'.$Feul->getData('email').'>' . "\r\n"; | |
| //$headers .= 'Cc: [email protected]' . "\r\n"; | |
| //$headers .= 'Bcc: [email protected]' . "\r\n"; | |
| // Mail it | |
| $success = mail($to, $subject, $message, $headers); | |
| if(!$success) | |
| { | |
| $error = '<div class="error">Unable to send welcome email.</div>'; | |
| } | |
| // Kill Session | |
| session_destroy(); | |
| } | |
| else | |
| { | |
| $error = '<div class="error">Could not create user!</div>'; | |
| } | |
| } | |
| } | |
| // echo $Feul->getData( 'registerbox' ); // returns the style for the register box from a XML file CWD | |
| if ( get_theme_name( false ) == "Material_Kit" ) // if theme is Material_Kit use approriate reg form | |
| { | |
| ?> | |
| <div class="card card-signup"> | |
| <form class="form" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>" id="form_reg"> | |
| <div class="header header-primary text-center"> | |
| <h4>Sign Up</h4> | |
| <div class="social-line"> | |
| <a href="#" class="btn btn-simple btn-just-icon"> | |
| <i class="fa fa-facebook-square"></i> | |
| </a> | |
| <a href="#" class="btn btn-simple btn-just-icon"> | |
| <i class="fa fa-twitter"></i> | |
| </a> | |
| <a href="#" class="btn btn-simple btn-just-icon"> | |
| <i class="fa fa-google-plus"></i> | |
| </a> | |
| </div> | |
| </div> | |
| <p class="text-divider">Or Be Classical</p> | |
| <div class="content"> | |
| <div class="input-group"> | |
| <span class="input-group-addon"> | |
| <i class="material-icons">face</i> | |
| </span> | |
| <div class="form-group is-empty"> | |
| <input data-form_item="username" type="text" class="form-control" placeholder="User Name..." autocomplete="off" /> | |
| <span class="material-input"></span> | |
| </div> | |
| </div> | |
| <div class="input-group"> | |
| <span class="input-group-addon"> | |
| <i class="material-icons">email</i> | |
| </span> | |
| <div class="form-group is-empty"> | |
| <input data-form_item="email" type="text" class="form-control" placeholder="Email..." autocomplete="off" /> | |
| <span class="material-input"></span> | |
| </div> | |
| </div> | |
| <div class="input-group"> | |
| <span class="input-group-addon"> | |
| <i class="material-icons">lock_outline</i> | |
| </span> | |
| <div class="form-group is-empty"> | |
| <input data-form_item="password" type="password" class="form-control" placeholder="Password..." autocomplete="off" /> | |
| <span class="material-input"></span> | |
| </div> | |
| </div> | |
| </div> | |
| <div class="footer text-center"> | |
| <input type="submit" name="register" class="btn btn-simple btn-primary btn-lg" id="reg_btn" value="Register" /> | |
| <input type="hidden" name="register-form" value="yes" id="reg_hidden" /> | |
| </div> | |
| </form> | |
| </div> | |
| <?php | |
| } | |
| else | |
| { | |
| ?> | |
| <h2 class="register_h2">Register</h2> | |
| <form class="form" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>" name="registerform" id="registerform"> | |
| <p> | |
| <label for="username" class="required" >Username:</label> | |
| <input type="text" class="required" name="username" id="name" /> | |
| </p> | |
| <p> | |
| <label for="email" class="required" >Email Address:</label> | |
| <input type="text" class="required" name="email" /> | |
| </p> | |
| <p> | |
| <label for="password" class="required" >Password:</label> | |
| <input type="password" class="required" name="password" id="password" /> | |
| </p> | |
| <p> | |
| <input type="submit" name="register" id="register" value="Register" /> | |
| <input type="hidden" name="register-form" value="yes" /> | |
| </p> | |
| </form> | |
| <?php | |
| } | |
| } | |
| } | |
| // CWD | |
| // Checks db users against signup fields | |
| function check_existing_userfield( $field, $value ) | |
| { | |
| $Feul = new Feul; | |
| $users = $Feul->getAllUsers(); | |
| foreach ( $users as $row ) // Parse db values, compare to one entered into form field | |
| { | |
| if ( $Feul->Storage == 'XML' && strtolower( $row->$field ) === strtolower( $value ) ) // Check XML field | |
| { | |
| return true; | |
| } | |
| else if ( $Feul->Storage == 'DB' && strtolower( $row[ $field ] ) === strtolower( $value ) ) // Check SQL field | |
| { | |
| return true; | |
| } | |
| } | |
| } | |
| // CWD | |
| // Makes sure Email field is not empty | |
| // Makes sure Email field doesn't contain injection and illegal characters | |
| // Makes sure Email address FORMAT is valid | |
| function validate_email( $address ) | |
| { | |
| if ( $address == "" ) // Make sure Email Address field is not empty | |
| { | |
| echo '<div class="error">Email Address Cannot Be Blank!</div>'; | |
| return false; | |
| } | |
| if ( check_existing_userfield( "EmailAddress", $address ) == true ) // Check if Email Address exists | |
| { | |
| echo '<div class="error">Email Address Already Exists! Please choose different one.</div>'; | |
| return false; | |
| } | |
| else if ( isInjected( $address ) == true ) // Blocks use of inject characters | |
| { | |
| echo '<div class="error">Email Address Is Not Valid! Please choose different one.</div>'; | |
| return false; | |
| } | |
| else if ( !preg_match( '/^[\w-\._\+%]+@(?:[\w-]+\.)+[\w]{2,6}$/i', $address ) ) // Email Address format validation | |
| { | |
| echo '<div class="error">Email Address Is Not Valid! Please use correct email format.</div>'; | |
| return false; | |
| } | |
| else | |
| { | |
| return true; | |
| } | |
| } | |
| // CWD | |
| // Makes sure Username field is not empty | |
| // Makes sure Username field doesn't contain injection and illegal characters | |
| // Makes sure Username is between min/max length. (default min = 5, max = 10 characters) | |
| // Makes sure Username contains some letters ( default 4 ) | |
| // ToDo Add Unicode/Multi language character support! | |
| function validate_username( $username, $min_length = 5, $max_length = 20, $min_letters = 4 ) | |
| { | |
| if ( $username == "" ) // Make sure Username field is not empty | |
| { | |
| echo '<div class="error">Username cannot be blank!</div>'; | |
| return false; | |
| } | |
| else if ( check_existing_userfield( "Username", $username ) == true ) // Check if username exists | |
| { | |
| echo '<div class="error">Username Already Exists! Please choose a different one.</div>'; | |
| return false; | |
| } | |
| else if ( strlen( $username ) < $min_length ) // Check Username against minimum length | |
| { | |
| echo '<div class="error">Username must have at least ' . $min_length . ' character' . ( $min_length > 1 ? 's' : '' ) . '!</div>'; | |
| return false; | |
| } | |
| else if ( strlen( $username ) > $max_length ) // Check Username against maximum length | |
| { | |
| echo '<div class="error">Username can only have ' . $max_length . ' character' . ( $max_length > 1 ? 's' : '' ) . '!</div>'; | |
| return false; | |
| } | |
| else if ( isInjected( $username ) == true ) // Blocks use of inject characters | |
| { | |
| echo '<div class="error">Username is not valid!</div>'; | |
| return false; | |
| } | |
| else if ( preg_match( '/^[^a-z0-9]+$/is', $username ) || preg_match( '/^(?=.*[\s]).*$/s', $username ) ) // Username can only be alphanumeric and must not contain spaces | |
| { | |
| echo '<div class="error">Username can only have letters and numbers!</div>'; | |
| return false; | |
| } | |
| else if ( !preg_match( '/^(?=.*[a-z]{' . $min_letters . '}).*$/is', $username ) ) // Username must contain at least $min_letters ANYWHERE not just at the start of value | |
| { | |
| echo '<div class="error">Username must have at least ' . $min_letters . ' letter' . ( $min_letters > 1 ? 's' : '' ) . '!</div>'; | |
| return false; | |
| } | |
| else | |
| { | |
| return true; | |
| } | |
| } | |
| // CWD | |
| // Makes sure Password field is not empty | |
| // Makes sure Password field doesn't contain injection and illegal characters | |
| // Makes sure Password is between min/max length. (default min = 5, max = 10 characters) | |
| // ToDo Add Unicode/Multi language character support! | |
| function validate_password( $password, $min_length = 5, $max_length = 20 ) | |
| { | |
| if( $password == "" ) // Make sure Password field is not empty | |
| { | |
| echo '<div class="error">Password cannot be blank!</div>'; | |
| return false; | |
| } | |
| else if ( strlen( $password ) < $min_length ) // Check Username against minimum length | |
| { | |
| echo '<div class="error">Password must have at least ' . $min_length . ' character' . ( $min_length > 1 ? 's' : '' ) . '!</div>'; | |
| return false; | |
| } | |
| else if ( strlen( $password ) > $max_length ) // Check Username against maximum length | |
| { | |
| echo '<div class="error">Password can only have ' . $max_length . ' character' . ( $max_length > 1 ? 's' : '' ) . '!</div>'; | |
| return false; | |
| } | |
| else if ( isInjected( $password ) == true ) // Blocks use of inject characters | |
| { | |
| echo '<div class="error">Password is not valid! Please choose a different one.</div>'; | |
| return false; | |
| } | |
| else if ( !preg_match( '/^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[:-\?!-\.]).*$/s', $password ) ) // Password must contain at least 1 letter, number and special character | |
| { | |
| echo '<div class="error">Password must contain at least 1 lowercase, uppercase, number and <a href="#" title="Example: ! " # $ % ' ) ( : ; < = >">special character!</a></div>'; // ToDo add popup hover link display for specical character | |
| return false; | |
| } | |
| else | |
| { | |
| return true; | |
| } | |
| } | |
| //Displays members Only Checkbox In edit.php | |
| function user_login_edit() | |
| { | |
| $Feul = new Feul; | |
| $member_checkbox = ''; | |
| if($Feul->showMembersPermBox() == true) | |
| { | |
| $member_checkbox = "checked"; | |
| } | |
| ?> | |
| <div class="leftopt" style="margin-top:20px;"> | |
| <p class="inline"> | |
| <label for="member-only">Members Only:</label> | |
| <input type="checkbox" value="yes" name="member-only" style="" <?php echo $member_checkbox; ?> /> | |
| </p> | |
| </div> | |
| <?php | |
| } | |
| //Saves Value Of Checkbox in function - user_login_edit() | |
| function user_login_save() | |
| { | |
| global $xml; | |
| if(isset($_POST['member-only'])) | |
| { | |
| $node = $xml->addChild(strtolower('memberonly'))->addCData(stripslashes($_POST['member-only'])); | |
| } | |
| } | |
| // CWD | |
| // Makes sure there is no injection characters | |
| function isInjected( $str ) | |
| { | |
| $injections = array | |
| ( | |
| '(&)', | |
| '(\n+)', | |
| '(\r+)', | |
| '(\t+)', | |
| '(%0A+)', | |
| '(%0D+)', | |
| '(%08+)', | |
| '(%09+)' | |
| ); | |
| return preg_match( '/' . join( '|', $injections ) . '/is', $str ); | |
| } | |
| // Parameters: | |
| // $text = The text that you want to encrypt. | |
| // $key = The key you're using to encrypt. | |
| // $alg = The algorithm. | |
| // $crypt = 1 if you want to crypt, or 0 if you want to decrypt. | |
| // source: http://php.net/manual/en/function.mdecrypt-generic.php#88812 | |
| function cryptare( $text, $key, $alg, $crypt = 1 ) | |
| { | |
| $encrypted_data = ""; | |
| switch( $alg ) | |
| { | |
| case "3des": | |
| $td = mcrypt_module_open( 'tripledes', '', 'ecb', '' ); | |
| break; | |
| case "cast-128": | |
| $td = mcrypt_module_open( 'cast-128', '', 'ecb', '' ); | |
| break; | |
| case "gost": | |
| $td = mcrypt_module_open( 'gost', '', 'ecb', '' ); | |
| break; | |
| case "rijndael-128": | |
| $td = mcrypt_module_open( 'rijndael-128', '', 'ecb', '' ); | |
| break; | |
| case "twofish": | |
| $td = mcrypt_module_open( 'twofish', '', 'ecb', '' ); | |
| break; | |
| case "arcfour": | |
| $td = mcrypt_module_open( 'arcfour', '', 'ecb', '' ); | |
| break; | |
| case "cast-256": | |
| $td = mcrypt_module_open( 'cast-256', '', 'ecb', '' ); | |
| break; | |
| case "loki97": | |
| $td = mcrypt_module_open( 'loki97', '', 'ecb', '' ); | |
| break; | |
| case "rijndael-192": | |
| $td = mcrypt_module_open( 'rijndael-192', '', 'ecb', '' ); | |
| break; | |
| case "saferplus": | |
| $td = mcrypt_module_open( 'saferplus', '', 'ecb', '' ); | |
| break; | |
| case "wake": | |
| $td = mcrypt_module_open( 'wake', '', 'ecb', '' ); | |
| break; | |
| case "blowfish-compat": | |
| $td = mcrypt_module_open( 'blowfish-compat', '', 'ecb', '' ); | |
| break; | |
| case "des": | |
| $td = mcrypt_module_open( 'des', '', 'ecb', '' ); | |
| break; | |
| case "rijndael-256": | |
| $td = mcrypt_module_open( 'rijndael-256', '', 'ecb', '' ); | |
| break; | |
| case "xtea": | |
| $td = mcrypt_module_open( 'xtea', '', 'ecb', '' ); | |
| break; | |
| case "enigma": | |
| $td = mcrypt_module_open( 'enigma', '', 'ecb', '' ); | |
| break; | |
| case "rc2": | |
| $td = mcrypt_module_open( 'rc2', '', 'ecb', '' ); | |
| break; | |
| default: | |
| $td = mcrypt_module_open( 'blowfish', '', 'ecb', '' ); | |
| break; | |
| } | |
| $iv = mcrypt_create_iv( mcrypt_enc_get_iv_size( $td ), MCRYPT_RAND ); | |
| $key = substr( $key, 0, mcrypt_enc_get_key_size( $td ) ); | |
| mcrypt_generic_init( $td, $key, $iv ); | |
| if( $crypt ) | |
| { | |
| $encrypted_data = mcrypt_generic( $td, $text ); | |
| } | |
| else | |
| { | |
| $encrypted_data = mdecrypt_generic( $td, $text ); | |
| } | |
| mcrypt_generic_deinit( $td ); | |
| mcrypt_module_close( $td ); | |
| return $encrypted_data; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment