diff --git a/e107_admin/users.php b/e107_admin/users.php
index b8497267d..a05b432cc 100644
--- a/e107_admin/users.php
+++ b/e107_admin/users.php
@@ -9,9 +9,9 @@
* Administration Area - Users
*
* $Source: /cvs_backup/e107_0.8/e107_admin/users.php,v $
-* $Revision: 1.22 $
-* $Date: 2008-12-22 14:06:17 $
-* $Author: mcfly_e107 $
+* $Revision: 1.23 $
+* $Date: 2008-12-29 09:31:36 $
+* $Author: e107steved $
*
*/
require_once('../class2.php');
@@ -51,8 +51,10 @@ require_once('auth.php');
require_once(e_HANDLER.'form_handler.php');
require_once(e_HANDLER.'userclass_class.php');
require_once(e_HANDLER.'user_handler.php');
+include_once(e_HANDLER.'user_extended_class.php');
require_once(e_HANDLER.'validator_class.php');
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php');
+$ue = new e107_user_extended;
$userMethods = new UserHandler;
$user_data = array();
@@ -220,10 +222,13 @@ if (isset($_POST['adduser']))
validatorClass::checkMandatory('user_name,user_loginname', $allData); // Check for missing fields (email done in userValidation() )
validatorClass::dbValidateArray($allData, $userMethods->userVettingInfo, 'user', 0); // Do basic DB-related checks
$userMethods->userValidation($allData); // Do user-specific DB checks
- if (($_POST['password1'] != $_POST['password2']) && !isset($allData['errors']['user_password']))
- {
- $allData['errors']['user_password'] = ERR_PASSWORDS_DIFFERENT;
+ if (!isset($allData['errors']['user_password']))
+ { // No errors in password - keep it outside the main data array
+ $savePassword = $allData['validate']['user_password'];
+ unset($allData['validate']['user_password']); // Delete the password value in the output array
}
+ unset($_POST['password1']); // Restrict the scope of this
+ unset($_POST['password2']);
if (!check_class($pref['displayname_class'], $allData['validate']['user_class']))
{
if ($allData['validate']['user_name'] != $allData['validate']['user_loginname'])
@@ -246,11 +251,15 @@ if (isset($_POST['adduser']))
if (!$error)
{
$message = '';
- $user_data['user_password'] = $userMethods->HashPassword($_POST['password1'],$loginname);
+ $user_data['user_password'] = $userMethods->HashPassword($savePassword,$loginname);
$user_data['user_join'] = time();
if ($userMethods->needEmailPassword())
{ // Save separate password encryption for use with email address
- $user_data['user_prefs'] = serialize(array('email_password' => $userMethods->HashPassword($_POST['password1'], $user_data['user_email'])));
+ $user_data['user_prefs'] = serialize(array('email_password' => $userMethods->HashPassword($savePassword, $user_data['user_email'])));
+ }
+ if (varsettrue($pref['user_new_period']))
+ {
+ $user_data['user_class'] = user_class::ucAdd(e_UC_NEWUSER, $user_data['user_class']); // Probationary user class
}
$userMethods->addNonDefaulted($user_data);
if (admin_update($sql -> db_Insert("user", $user_data), 'insert', USRLAN_70))
@@ -262,7 +271,7 @@ if (isset($_POST['adduser']))
if (isset($_POST['sendconfemail']))
{ // Send confirmation email to user
require_once(e_HANDLER.'mail.php');
- $e_message = str_replace(array('--SITE--','--LOGIN--','--PASSWORD--'),array(SITEURL,$loginname,$_POST['password1']),USRLAN_185).USRLAN_186;
+ $e_message = str_replace(array('--SITE--','--LOGIN--','--PASSWORD--'),array(SITEURL,$loginname,$savePassword),USRLAN_185).USRLAN_186;
if (sendemail($user_data['user_email'],USRLAN_187.SITEURL,$e_message,$user_data['user_login'],'',''))
{
$message = USRLAN_188.'
';
@@ -274,7 +283,7 @@ if (isset($_POST['adduser']))
}
$message .= str_replace('--NAME--',$user_data['user_name'], USRLAN_174) ;
if (isset($_POST['generateloginname'])) $message .= '
'.USRLAN_173.': '.$loginname;
- if (isset($_POST['generatepassword'])) $message .= '
'.USRLAN_172.': '.$_POST['password1'];
+ if (isset($_POST['generatepassword'])) $message .= '
'.USRLAN_172.': '.$savePassword;
unset($user_data); // Don't recycle the data once the user's been accepted without error
}
diff --git a/e107_handlers/userclass_class.php b/e107_handlers/userclass_class.php
index 9f6bab82f..b7055f4bf 100644
--- a/e107_handlers/userclass_class.php
+++ b/e107_handlers/userclass_class.php
@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_handlers/userclass_class.php,v $
-| $Revision: 1.25 $
-| $Date: 2008-12-28 22:37:43 $
+| $Revision: 1.26 $
+| $Date: 2008-12-29 09:31:36 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
@@ -669,6 +669,17 @@ class user_class
}
+ // Utility to add a specified class ID to the default comma-separated list
+ function ucAdd($classID, $to, $asArray = FALSE)
+ {
+ $tmp = array_flip(explode(',',$to));
+ $tmp[$classID] = 1;
+ $tmp = array_keys($tmp);
+ if ($asArray) { return $tmp; }
+ return implode(',',$tmp);
+ }
+
+
/*
Return all users in a particular class or set of classes.
$classlist is a comma separated list of classes - if the 'predefined' classes are required, they must be included. No spaces allowed
diff --git a/signup.php b/signup.php
index 052c03edc..d7e4faeb6 100644
--- a/signup.php
+++ b/signup.php
@@ -9,8 +9,8 @@
* User signup
*
* $Source: /cvs_backup/e107_0.8/signup.php,v $
- * $Revision: 1.29 $
- * $Date: 2008-12-28 22:37:42 $
+ * $Revision: 1.30 $
+ * $Date: 2008-12-29 09:31:36 $
* $Author: e107steved $
*
*/
@@ -28,7 +28,7 @@ include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php'); // Generic user-related
define('SIGNUP_DEBUG', FALSE);
include_once(e_HANDLER.'user_extended_class.php');
-$usere = new e107_user_extended;
+$ue = new e107_user_extended;
require_once(e_HANDLER.'calendar/calendar_class.php');
$cal = new DHTML_Calendar(true);
require_once(e_HANDLER.'validator_class.php');
@@ -49,6 +49,8 @@ include_once(e_FILE."shortcode/batch/signup_shortcodes.php");
$signup_imagecode = ($pref['signcode'] && extension_loaded("gd"));
$text = '';
+$extraErrors = array();
+$error = FALSE;
//-------------------------------
@@ -358,20 +360,19 @@ if (isset($_POST['register']))
$_POST['user_xup'] = trim(varset($_POST['user_xup'],''));
$readXUP = varsettrue($pref['xup_enabled']) && varsettrue($_POST['user_xup']);
$e107cache->clear("online_menu_totals");
- $error_message = "";
require_once(e_HANDLER."message_handler.php");
if (isset($_POST['rand_num']) && $signup_imagecode && !$readXUP )
{
if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify']))
{
- $error_message .= LAN_SIGNUP_3."\\n";
+ $extraErrors[] = LAN_SIGNUP_3."\\n";
$error = TRUE;
}
}
if($invalid = $e_event->trigger("usersup_veri", $_POST))
{
- $error_message .= $invalid."\\n";
+ $extraErrors[] = $invalid."\\n";
$error = TRUE;
}
@@ -381,7 +382,7 @@ if (isset($_POST['register']))
$xml = new parseXml;
if(!$rawData = $xml -> getRemoteXmlFile($_POST['user_xup']))
{
- $error_message .= LAN_SIGNUP_68."\\n";
+ $extraErrors[] = LAN_SIGNUP_68."\\n";
$error = TRUE;
}
else
@@ -436,13 +437,10 @@ if (isset($_POST['register']))
validatorClass::checkMandatory('user_name,user_loginname', $allData); // Check for missing fields (email done in userValidation() )
validatorClass::dbValidateArray($allData, $userMethods->userVettingInfo, 'user', 0); // Do basic DB-related checks
$userMethods->userValidation($allData); // Do user-specific DB checks
- if (($_POST['password1'] != $_POST['password2']) && !isset($allData['errors']['user_password']))
- {
- $allData['errors']['user_password'] = ERR_PASSWORDS_DIFFERENT;
- }
- else
- {
- $savePassword = $_POST['password1']; // May need in plaintext later
+ if (!isset($allData['errors']['user_password']))
+ { // No errors in password - keep it outside the main data array
+ $savePassword = $allData['validate']['user_password'];
+ unset($allData['validate']['user_password']); // Delete the password value in the output array
}
unset($_POST['password1']); // Restrict the scope of this
unset($_POST['password2']);
@@ -495,13 +493,17 @@ if (isset($_POST['register']))
// Determine whether we have an error
- $error = ((isset($allData['errors']) && count($allData['errors'])) || (isset($eufVals['errors']) && count($eufVals['errors'])));
+ $error = ((isset($allData['errors']) && count($allData['errors'])) || (isset($eufVals['errors']) && count($eufVals['errors'])) || count($extraErrors));
// All validated here - handle any errors
if ($error)
{
require_once(e_HANDLER."message_handler.php");
$temp = array();
+ if (count($extraErrors))
+ {
+ $temp[] = implode('
', $extraErrors);
+ }
if (count($allData['errors']))
{
$temp[] = validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '
', $userMethods->userVettingInfo);
@@ -510,7 +512,6 @@ if (isset($_POST['register']))
{
$temp[] = validatorClass::makeErrorList($eufData,'USER_ERR_','%n - %x - %t: %v', '
', $userMethods->userVettingInfo);
}
- if ($error_message) { $temp[] = $error_message; }
message_handler('P_ALERT', implode('
', $temp));
}
} // End of data validation
@@ -525,6 +526,7 @@ if (isset($_POST['register']))
if (!$error)
{
+ $error_message = '';
$fp = new floodprotect;
if ($fp->flood("user", "user_join") == FALSE)
{
diff --git a/usersettings.php b/usersettings.php
index fb3f1a67f..d8a12b42e 100644
--- a/usersettings.php
+++ b/usersettings.php
@@ -9,8 +9,8 @@
* User settings modify
*
* $Source: /cvs_backup/e107_0.8/usersettings.php,v $
- * $Revision: 1.30 $
- * $Date: 2008-12-28 22:37:42 $
+ * $Revision: 1.31 $
+ * $Date: 2008-12-29 09:31:36 $
* $Author: e107steved $
*
*/
@@ -521,20 +521,20 @@ if (!$error && !$promptPassword) { unset($_POST); }
if ($error)
{
require_once (e_HANDLER.'message_handler.php');
- $temp = '';
+ $temp = array();
if (count($extraErrors))
{
- $temp .= implode('
', $extraErrors);
+ $temp[] = implode('
', $extraErrors);
}
if (count($allData['errors']))
{
- $temp .= validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '
', $userMethods->userVettingInfo);
+ $temp[] = validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '
', $userMethods->userVettingInfo);
}
if (varsettrue($eufData['errors']))
{
- $temp .= '
'.validatorClass::makeErrorList($eufData,'USER_ERR_','%n - %x - %t: %v', '
', $userMethods->userVettingInfo);
+ $temp[] = '
'.validatorClass::makeErrorList($eufData,'USER_ERR_','%n - %x - %t: %v', '
', $userMethods->userVettingInfo);
}
- message_handler('P_ALERT', $temp);
+ message_handler('P_ALERT', implode('
', $temp));
// $adref = $_POST['adminreturn'];
}