Skip to content

Instantly share code, notes, and snippets.

@twelverobots

twelverobots/UserGateway.cfc

Created February 22, 2013 03:50
Show Gist options
  • Save twelverobots/5010575 to your computer and use it in GitHub Desktop.
Save twelverobots/5010575 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
createAccount.cfm
<cfsilent>
<cfparam name="FORM.username" default="" />
<cfparam name="FORM.firstname" default="" />
<cfparam name="FORM.lastname" default="" />
<cfparam name="FORM.email" default="" />
<cfparam name="FORM.active" default="" />
<cfparam name="FORM.password" default="" />
<cfparam name="FORM.retype" default="" />
<cfset title = "Create Account" />
<cfset userGateway = createObject("component", "UserGateway") />
<cfset utils = createObject("component", "Utilities") />
<cfif structKeyExists(FORM, "btnSubmit")>
<cfset errors = [] />
<!--- Error checking --->
<!--- username check --->
<cfif NOT len(FORM.username)>
<cfset ArrayAppend(errors, "You must enter a username") />
<cfelse>
<cfset userQuery = userGateway.getUserByUsername(FORM.username) />
<cfif userQuery.recordcount>
<cfset ArrayAppend(errors, "That username is already in use, please select another") />
</cfif>
</cfif>
<!--- Password check --->
<cfif NOT len(FORM.password) OR NOT len(FORM.retype)>
<cfset ArrayAppend(errors, "You must enter a password and retype it") />
<cfelseif compare(FORM.password, FORM.retype)>
<cfset ArrayAppend(errors, "Passwords do not match") />
<cfelse>
<cfset errors.addAll(utils.checkPassword(FORM.username, FORM.password)) />
</cfif>
<!--- Email check --->
<cfif NOT isValid("email", FORM.email)>
<cfset ArrayAppend(errors, "You must enter a valid email address") />
</cfif>
<!--- Check and insert --->
<cfif NOT arrayLen(errors)>
<cfset userGateway.addUser(argumentCollection=FORM) />
<cfset FORM = {} />
<cfset success="true" />
</cfif>
</cfif>
</cfsilent>
<cfinclude template="includes/header.cfm" />
<cfoutput>
<h1>Create Author Account</h1>
<cfif isDefined("errors") AND isArray(errors)>
<ul class="errors">
<cfloop array="#errors#" index="errorIndex">
<li>#errorIndex#</li>
</cfloop>
</ul>
</cfif>
<cfif isDefined("success") AND success EQ true>
<ul class="success">
<li>User Created</li>
</ul>
</cfif>
<form action="createAccount.cfm" method="post">
<label for="username">Username : </label>
<input type="text" name="username" id="username" value="#FORM.username#" placeholder="Enter desired username" />
<br />
<label for="firstname">First name : </label>
<input type="text" name="firstname" id="firstname" value="#FORM.firstname#" placeholder="First name" />
<br />
<label for="lastname">Last name : </label>
<input type="text" name="lastname" id="lastname" value="#FORM.lastname#" placeholder="Last name" />
<br />
<label for="email">Email : </label>
<input type="text" name="email" id="email" value="#FORM.email#" placeholder="Email Address" />
<br />
<label for="password">Password : </label>
<input type="password" name="password" id="password" value="" placeholder="Password" />
<br />
<label for="retype">Retype Password : </label>
<input type="password" name="retype" id="retype" value="" placeholder="Retype Password" />
<br />
<label for="active">Active : </label>
<input type="radio" name="active" id="activeY" value="1" />Yes
<input type="radio" name="active" id="activeN" value="0" />No
<br />
<input type="submit" name="btnSubmit" value="Create User" />
</form>
</cfoutput>
<cfinclude template="includes/footer.cfm" />
Raw
header.cfm
<cfsilent>
<cfparam name="title" default="Admin" />
</cfsilent><!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Admin - <cfoutput>#title#</cfoutput></title>
<link href="css/style.css" type="text/css" rel="stylesheet" media="screen" />
</head>
<body>
Raw
style.css
label {
width: 150px;
display: inline-block;
}
input[type="text"] {
width: 200px;
}
Raw
UserGateway.cfc
<cfcomponent>
<cffunction name="getUserByUsername" access="public" returntype="query" output="false">
<cfargument name="username" type="string" required="true" />
<cfset var getUser = "" />
<cfquery name="getUser" datasource="blog-jason">
SELECT *
FROM USERS
WHERE username = <cfqueryparam value="#arguments.username#" cfsqltype="cf_sql_varchar" />
</cfquery>
<cfreturn getUser />
</cffunction>
<cffunction name="addUser" access="public" returntype="void" output="false">
<cfargument name="username" type="string" required="true" />
<cfargument name="password" type="string" required="true" />
<cfargument name="firstname" type="string" required="true" />
<cfargument name="lastname" type="string" required="true" />
<cfargument name="email" type="string" required="true" />
<cfargument name="active" type="boolean" required="true" />
<cfquery datasource="blog-jason">
INSERT INTO USERS (
USERNAME,
PASSWORD,
EMAIL,
FIRSTNAME,
LASTNAME,
ACTIVE,
SALT
) VALUES (
<cfqueryparam value="#arguments.username#" cfsqltype="cf_sql_varchar" />,
<cfqueryparam value="#arguments.password#" cfsqltype="cf_sql_varchar" />,
<cfqueryparam value="#arguments.email#" cfsqltype="cf_sql_varchar" />,
<cfqueryparam value="#arguments.firstname#" cfsqltype="cf_sql_varchar" />,
<cfqueryparam value="#arguments.lastname#" cfsqltype="cf_sql_varchar" />,
<cfqueryparam value="#arguments.active#" cfsqltype="cf_sql_tinyint" />,
<cfqueryparam value="#createUUID()#" cfsqltype="cf_sql_varchar" />
)
</cfquery>
</cffunction>
</cfcomponent>
Raw
Utilities.cfc
<cfcomponent>
<!--- I recommend placing this inside of a CFC and using it as a supporting function to your user registration or password change function, hence the access="private" --->
<cffunction name="checkPassword" access="public" returntype="array" hint="I check password strength and determine if it is up to snuff, I return an array of error messages">
<!--- Accept username arg for comparing later in the function --->
<cfargument name="usernameIn" required="true" type="string" hint="Send in username as string">
<!--- Accept password argument, default to blank string should be ok cause it will fail all of the tests --->
<cfargument name="passwordIn" required="false" default="" type="string" hint="Send in password as a string, default is a blank string, which will fail">
<!--- Initialize return variable --->
<cfset var aErrors = ArrayNew(1) />
<!--- If the password is more than X and less than Y, add an error. You could make this two functions (one for the lower limit and one for the upper), but why bother, can your users count? --->
<cfif Len(arguments.passwordIn) LT 8 OR Len(arguments.passwordIn) GT 25>
<cfset ArrayAppend(aErrors, "Your password must be between 8 and 25 characters long") />
</cfif>
<!--- Check for atleast 1 uppercase letter --->
<cfif NOT REFind('[A-Z]+', arguments.passwordIn)>
<cfset ArrayAppend(aErrors, "Your password must contain at least 1 uppercase letter") />
</cfif>
<!--- Check for atleast 1 lowercase letter --->
<cfif NOT REFind('[a-z]+', arguments.passwordIn)>
<cfset ArrayAppend(aErrors, "Your password must contain at least 1 lowercase letter") />
</cfif>
<!--- Check for atleast 1 numeral --->
<cfif NOT REFind('[0-9]+', arguments.passwordIn)>
<cfset ArrayAppend(aErrors, "Your password must contain at least 1 numeral") />
</cfif>
<!--- Check for one of the predfined special characters, you can add more by seperating each character with a pipe(|) --->
<cfif NOT REFind("[^\w\d\s]+", arguments.passwordIn)>
<cfset ArrayAppend(aErrors, "Your password must contain at least 1 special character") />
</cfif>
<!--- Check to see if the password contains the username --->
<cfif findNoCase(arguments.usernameIn, arguments.passwordIn)>
<cfset ArrayAppend(aErrors, "Your password cannot contain your username") />
</cfif>
<!--- Make sure password contains no spaces --->
<cfif arguments.passwordIn CONTAINS " ">
<cfset ArrayAppend(aErrors, "Your password cannot contain spaces") />
</cfif>
<!--- Make sure password is not a date --->
<cfif IsDate(arguments.passwordIn)>
<cfset ArrayAppend(aErrors, "Your password cannot be a date") />
</cfif>
<!--- return the array of errors. On the other end you can do a check of <cfif ArrayLen(aErrors) EQ true>There are errors</cfif> --->
<cfreturn aErrors />
</cffunction>
</cfcomponent>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment