arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Fix email checking

Browse Source 
user_account now saves info, and does online-checking of usernames.
Form validation is fun!
This commit is contained in:
dave 2010-07-14 18:09:28 +00:00
parent 1697287a35
commit 712348dbb9
2 changed files with 137 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
account.inc.php
View File

@ -48,7 +48,7 @@ function account_valid_password($pass)
/* A more strict version of isEmailAddress() */ /* A more strict version of isEmailAddress() */
function account_valid_email($str) function account_valid_email($str)
{ {
$x = preg_match('^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$', $str); $x = eregi('^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$', $str);
return ($x == 1) ? true : false; return ($x == 1) ? true : false;
} }

190
user_account.php
View File

@ -48,60 +48,87 @@
$back_link = "user_main.php"; $back_link = "user_main.php";
unset($_SESSION['request_uri']); unset($_SESSION['request_uri']);
if($_GET['action']=="save") { function user_account_check_username($accounts_id, $username)
echo "Not implemented!"; {
if(!account_valid_user($username)) return false;
$u = mysql_real_escape_string($u);
$q = mysql_query("SELECT id FROM accounts WHERE username='$u' AND deleted='no' AND id!=$accounts_id");
if(mysql_num_rows($q) != 0) return false;
return true;
}
switch($_GET['action']) {
case 'check_username':
$x = user_account_check_username($accounts_id, $_GET['username']);
echo json_encode(array('valid' => $x));
exit; exit;
case 'save':
$a = account_load($accounts_id); $a = account_load($accounts_id);
$save_email = false; /* Since we're using input validation we dont' have to report errors back to the user, the validator
if($a['email'] != $_POST['email']) { * should catch them all, so we'll just go ahead and save (or error out) */
$save_email = true; debug_(print_r($_POST), true);
$email = trim($_POST['email']);
$username_link = ($_POST['username_link'] == 'yes') ? true : false;
$username = $username_link ? $email : trim($_POST['username']);
if($a['email'] != $email && $email != '') {
$save = true;
/* Change email */ /* Change email */
$email = $_POST['email'];
if(!account_valid_email($email)) { if(!account_valid_email($email)) {
error_('Invalid email address'); error_('Invalid email address');
$save_email = false; $save = false;
} }
if($save) {
// action_create_set_email($accounts_id, $email);
happy_("An email has been sent to %1 to confirm the new email address", array($email));
}
} }
$save_username = false; if($a['username'] != $username) {
$save = true;
/* Make sure it isn't in use */
$x = user_account_check_username($accounts_id, $username);
if($x == false) $save = false;
if($save) {
/* Update it */
$u = mysql_real_escape_string($username);
mysql_query("UPDATE accounts SET username='$u' WHERE id=$accounts_id");
happy_("Username updated");
}
}
$save_pass = false; $pass1 = $_POST['pass1'];
if($_POST['pass1']!='' || $_POST['pass2']!='') { $pass2 = $_POST['pass2'];
$pass = mysql_escape_string($_POST['pass1']); if($pass1!='' || $pass2!='') {
$pass = mysql_escape_string($pass1);
//first, lets see if they choose the same password again (bad bad bad) //first, lets see if they choose the same password again (bad bad bad)
$q=mysql_query("SELECT password FROM accounts WHERE $q=mysql_query("SELECT password FROM accounts WHERE
id='{$_SESSION['accounts_id']}' id='$accounts_id' AND password='$pass'");
AND password='$pass'");
$save = false;
if(mysql_num_rows($q)) if(mysql_num_rows($q))
error_("You cannot choose the same password again. Please choose a different password"); error_("You cannot choose the same password again. Please choose a different password");
else if($_POST['pass1'] == '') else if($pass1 == '')
error_("New Password is required"); error_("New Password is required");
else if($_POST['pass1'] != $_POST['pass2']) else if($pass1 != $pass2)
error_("Passwords do not match"); error_("Passwords do not match");
else if(account_valid_password($_POST['pass1']) == false) else if(account_valid_password($pass1) == false)
error_("The password contains invalid characters or is not long enough"); error_("The password contains invalid characters or is not long enough");
else { else {
$pass = $_POST['pass1']; account_set_password($_SESSION['accounts_id'], $pass);
$save_pass = true; unset($_SESSION['password_expired']);
}
}
happy_('Password has been successfully updated');
if($save_email) { }
action_create_set_email($accounts_id, $email);
happy_("An email has been sent to %1 to confirm the new email address", array($email));
}
if($save_pass) {
account_set_password($_SESSION['accounts_id'], $pass);
unset($_SESSION['password_expired']);
happy_('Password has been successfully updated');
header("location: $back_link");
exit;
} }
exit;
} }
send_header("Account Information", send_header("Account Information",
@ -119,8 +146,7 @@ if($_GET['action']=="save") {
$d = ''; $d = '';
$email = $a['email']; $email = $a['email'];
$username_yes = 'checked="checked"'; $username_link = 'checked="checked"';
$username_no = '';
$username = $email; $username = $email;
$ud = 'disabled="disabled"'; $ud = 'disabled="disabled"';
@ -171,69 +197,125 @@ if($_GET['action']=="save") {
<script type="text/javascript"> <script type="text/javascript">
$.validator.setDefaults({ $.validator.setDefaults({
submitHandler: function() { alert("submitted!"); }
}); });
$().ready(function() { var username_valid = true;
var username_checking = true;
var check_username_time = false;
// validate signup form on keyup and submit function username_changed()
{
username_checking = false;
username_valid = true;
/* Immediately go to checking... */
$("#accountform").validate().element( "#username" );
$("#accountform").validate().element( "#email" );
if(check_username_time != false)
clearTimeout(check_username_time);
check_username_time = setTimeout(function() {
var username = $("#username").val();
username_checking = false;
$.getJSON("<?=$config['SFIABDIRECTORY']?>/user_account.php?action=check_username&accounts_id=<?=$accounts_id?>&username="+username,
function(json){
username_valid = (json.valid == 1) ? true : false;
username_checking = true;
$("#accountform").validate().element( "#username" );
$("#accountform").validate().element( "#email" );
});
}, 500);
}
function email_changed() {
if($("#username_link").is(":checked")) {
$("#username").val($('#email').val());
username_changed();
}
}
$.validator.addMethod("username_in_use",function(value, element) {
if(element.id == 'username') {
return username_valid;
} else {
if($("#username_link").is(":checked"))
return username_valid;
else
return true;
}
});
$.validator.addMethod("checking",function(value, element) {
return username_checking;
});
$().ready(function() {
$("#accountform").validate({ $("#accountform").validate({
rules: { rules: {
email: { email: {
required: true, required: true,
email: true email: true,
username_in_use: true,
}, },
username: { username: {
required: "#username_link:checked", // required: "#username_link:checked",
username_in_use: true,
checking: true,
minlength: 4 minlength: 4
}, },
pass1: { pass1: {
required: true,
minlength: 6, minlength: 6,
maxlength: 32 maxlength: 32
}, },
pass2: { pass2: {
required: true,
minlength: 6, minlength: 6,
maxlength: 32, maxlength: 32,
equalTo: "#pass1" equalTo: "#pass1"
} }
}, },
messages: { messages: {
email: "Please enter a valid email address", email: {
required: "Please enter an email address",
email: "Please enter a valid email address",
username_in_use: "Email aready in use as a username, use a different email, or uncheck the username box below"
},
username: { username: {
required: "Please enter a username", required: "Please enter a username",
minlength: "Your username must consist of at least 2 characters" minlength: "Your username must consist of at least 2 characters",
username_in_use: "Username is taken, please choose a different one",
checking: "Checking..."
}, },
pass1: { pass1: {
required: "Please provide a password",
minlength: "Your password must be at least 6 characters long", minlength: "Your password must be at least 6 characters long",
maxlength: "Your password must be at most 32 characters long" maxlength: "Your password must be at most 32 characters long"
}, },
pass2: { pass2: {
required: "Please provide a password",
minlength: "Your password must be at least 6 characters long", minlength: "Your password must be at least 6 characters long",
maxlength: "Your password must be at most 32 characters long", maxlength: "Your password must be at most 32 characters long",
equalTo: "Please enter the same password as above" equalTo: "Please enter the same password as above"
} }
},
submitHandler: function() {
$("#debug").load("user_account.php?action=save&accounts_id=<?=$accounts_id?>", $("#accountform").serializeArray());
} }
}); });
/* Code to disable the username box */
var username_link = $("#username_link").is(":checked"); var username_link = $("#username_link").is(":checked");
$("#username").attr("disabled", username_link); $("#username").attr("disabled", username_link);
$("#username_link").click(function() { $("#username_link").click(function() {
$("#username").attr("disabled", this.checked); $("#username").attr("disabled", this.checked);
username_link_change(); email_changed();
username_changed();
}); });
function username_link_change() { $("#email").change(email_changed);
if($("#username_link").is(":checked")) { $("#email").keyup(email_changed);
$("#username").val($('#email').val()); $("#username").change(username_changed);
} $("#username").keyup(username_changed);
}
$("#email").change(username_link_change);
$("#email").keyup(username_link_change);
}); });
</script> </script>