validators.php - ids-kl/ldap-signup - Gitiles

 <?php
 include_once 'ldap.php';
 include_once 'redis.php';
 include_once 'config.php';
 include_once 'utils.php';
 include_once 'db_backend.php';

 use \DB as DB;

 $TEMPLATE = template_path();

 function validate_username(string $username)
 {
         global $TEMPLATE;
         include 'config.php';
         include $TEMPLATE . 'strings.php';
         $error = "";
         if (ldap_user_count($username)) {
                 $error = $error . $USERNAME_VALIDATION_ERROR->registered;
         }
         if (preg_match("/\s/", $username)) {
                 $error = $error . $USERNAME_VALIDATION_ERROR->no_whitespaces;
         }
         if (strlen($username) > $VAL_USER->max_username) {
                 echo $VAL_USER->max_username;
                 echo $USERNAME_VALIDATION_ERROR->smaller_than;
                 $error = $error . format($USERNAME_VALIDATION_ERROR->smaller_than, ["num" => $VAL_USER->max_username + 1]);
                 echo $error;
         }
         if (strlen($username) < $VAL_USER->min_username) {
                 $error = $error . format($USERNAME_VALIDATION_ERROR->bigger_than, ["num" => $VAL_USER->min_username - 1]);
         }
         if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\]/', $username)) {
                 $error = $error . $USERNAME_VALIDATION_ERROR->no_special_chars;
         }
         if (preg_match('/^\d/', $username)) {
                 $error = $error . $USERNAME_VALIDATION_ERROR->no_number_begining;
         }
         include "blacklists/usernames.php";
         if (in_array($username, $USERNAME_BLACKLIST)) {
                 $error = $error . $USERNAME_VALIDATION_ERROR->blacklisted;
         }
         return $error;
 }

 function validate_name(string $name, object $ERRORS)
 {
         global $TEMPLATE;
         include "config.php";
         include $TEMPLATE . 'strings.php';
         $error = "";
         if (preg_match("/\s/", $name)) {
                 $error = $error . $ERRORS->no_whitespaces;
         }
         if (strlen($name) > $VAL_USER->max_first_name) {
                 $error = $error . format($ERRORS->smaller_than, ["num" => $VAL_USER->max_first_name + 1]);
         }
         if (strlen($name) < $VAL_USER->min_first_name) {
                 $error = $error . format($ERRORS->bigger_than, ["num" => $VAL_USER->min_first_name - 1]);
         }
         if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\0-9]/', $name)) {
                 $error = $error . $ERRORS->no_special_chars;
         }
         return $error;
 }

 function validate_email(string $email)
 {
         global $CONFERENCE_REGISTRATION, $TEMPLATE, $log, $MAIL_HOST_BLACKLIST, $EMAIL_VALIDATION_ERROR, $BASE_URL;
         include $TEMPLATE . 'strings.php';
         $error = "";

         if (($CONFERENCE_REGISTRATION && (new DB(null))->mail_count($email)) || (!$CONFERENCE_REGISTRATION && ldap_mail_count($email))) {
                 $log->info("Email already registered");
                 $error = $error . format($EMAIL_VALIDATION_ERROR->registered, ["link" => $BASE_URL . "?type=recover"]);
         }
         if (in_array(explode("@", $email)[1], $MAIL_HOST_BLACKLIST)) {
                 $error = $error . $EMAIL_VALIDATION_ERROR->blacklisted;
         }
         $log->debug("Checking if email is pending");
         $pending = redis_get("pending");
         if ($pending) {
                 $log->debug("Email might be pending");
                 $maillist = $pending->mails;
                 if (is_array($maillist) && in_array($email, $maillist)) {
                         if ($CONFERENCE_REGISTRATION) {
                                 unset($maillist[array_search($user->email, $maillist)]);
                                 redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY);
                                 $log->debug("Email was pending, but let participant change details.");
                                 echo '<div class="alert alert-warning" role="alert">A confirmation request has already been sent to this email, but no problem.</div>';
                         } else {
                                 $error = $error . $EMAIL_VALIDATION_ERROR->pending;
                                 $log->debug("Email is pending");
                         }
                 }
         }
         $log->debug("email validated, result: $error");
         return $error;
 }


 function validate_password(string $password)
 {
         global $TEMPLATE;
         include "config.php";
         include $TEMPLATE . 'strings.php';
         $error = "";
         if ($_POST["password"] != $_POST["password_confirm"]) {;
                 $error = $error . $PASSWORD_VALIDATION_ERROR->no_match;
         }
         if (strlen($password) < $VAL_USER->min_password) {
                 $error = $error . format($PASSWORD_VALIDATION_ERROR->bigger_than, ["num" => $VAL_USER->min_password]);
         }
         if (strlen($password) > $VAL_USER->max_password) {
                 $error = $error . format($PASSWORD_VALIDATION_ERROR->smaller_than, ["num" => $VAL_USER->max_password]);
         }
         include "blacklists/password.php";
         if (in_array($password, $PASSWORD_BLACKLIST)) {
                 $error = $error . $PASSWORD_VALIDATION_ERROR->blacklisted;
         }
         foreach (array("username", "name", "last_name", "email") as &$field) {
                 if (!isset($_POST[$field]))
                         continue;
                 $value = strtoupper($_POST[$field]);
                 $PASSWORD = strtoupper($password);
                 if (strpos($value, $PASSWORD) !== false || strpos($PASSWORD, $value) !== false) {
                         $error = $error . $PASSWORD_VALIDATION_ERROR->shared_inclusion;
                         break;
                 }
         }
         return $error;
 }
	<?php
	include_once 'ldap.php';
	include_once 'redis.php';
	include_once 'config.php';
	include_once 'utils.php';
	include_once 'db_backend.php';

	use \DB as DB;

	$TEMPLATE = template_path();

	function validate_username(string $username)
	{
	global $TEMPLATE;
	include 'config.php';
	include $TEMPLATE . 'strings.php';
	$error = "";
	if (ldap_user_count($username)) {
	$error = $error . $USERNAME_VALIDATION_ERROR->registered;
	}
	if (preg_match("/\s/", $username)) {
	$error = $error . $USERNAME_VALIDATION_ERROR->no_whitespaces;
	}
	if (strlen($username) > $VAL_USER->max_username) {
	echo $VAL_USER->max_username;
	echo $USERNAME_VALIDATION_ERROR->smaller_than;
	$error = $error . format($USERNAME_VALIDATION_ERROR->smaller_than, ["num" => $VAL_USER->max_username + 1]);
	echo $error;
	}
	if (strlen($username) < $VAL_USER->min_username) {
	$error = $error . format($USERNAME_VALIDATION_ERROR->bigger_than, ["num" => $VAL_USER->min_username - 1]);
	}
	if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\\|;:"\<\>,\.\?\\\]/', $username)) {
	$error = $error . $USERNAME_VALIDATION_ERROR->no_special_chars;
	}
	if (preg_match('/^\d/', $username)) {
	$error = $error . $USERNAME_VALIDATION_ERROR->no_number_begining;
	}
	include "blacklists/usernames.php";
	if (in_array($username, $USERNAME_BLACKLIST)) {
	$error = $error . $USERNAME_VALIDATION_ERROR->blacklisted;
	}
	return $error;
	}

	function validate_name(string $name, object $ERRORS)
	{
	global $TEMPLATE;
	include "config.php";
	include $TEMPLATE . 'strings.php';
	$error = "";
	if (preg_match("/\s/", $name)) {
	$error = $error . $ERRORS->no_whitespaces;
	}
	if (strlen($name) > $VAL_USER->max_first_name) {
	$error = $error . format($ERRORS->smaller_than, ["num" => $VAL_USER->max_first_name + 1]);
	}
	if (strlen($name) < $VAL_USER->min_first_name) {
	$error = $error . format($ERRORS->bigger_than, ["num" => $VAL_USER->min_first_name - 1]);
	}
	if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\\|;:"\<\>,\.\?\\\0-9]/', $name)) {
	$error = $error . $ERRORS->no_special_chars;
	}
	return $error;
	}

	function validate_email(string $email)
	{
	global $CONFERENCE_REGISTRATION, $TEMPLATE, $log, $MAIL_HOST_BLACKLIST, $EMAIL_VALIDATION_ERROR, $BASE_URL;
	include $TEMPLATE . 'strings.php';
	$error = "";

	if (($CONFERENCE_REGISTRATION && (new DB(null))->mail_count($email)) \|\| (!$CONFERENCE_REGISTRATION && ldap_mail_count($email))) {
	$log->info("Email already registered");
	$error = $error . format($EMAIL_VALIDATION_ERROR->registered, ["link" => $BASE_URL . "?type=recover"]);
	}
	if (in_array(explode("@", $email)[1], $MAIL_HOST_BLACKLIST)) {
	$error = $error . $EMAIL_VALIDATION_ERROR->blacklisted;
	}
	$log->debug("Checking if email is pending");
	$pending = redis_get("pending");
	if ($pending) {
	$log->debug("Email might be pending");
	$maillist = $pending->mails;
	if (is_array($maillist) && in_array($email, $maillist)) {
	if ($CONFERENCE_REGISTRATION) {
	unset($maillist[array_search($user->email, $maillist)]);
	redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY);
	$log->debug("Email was pending, but let participant change details.");
	echo '<div class="alert alert-warning" role="alert">A confirmation request has already been sent to this email, but no problem.</div>';
	} else {
	$error = $error . $EMAIL_VALIDATION_ERROR->pending;
	$log->debug("Email is pending");
	}
	}
	}
	$log->debug("email validated, result: $error");
	return $error;
	}


	function validate_password(string $password)
	{
	global $TEMPLATE;
	include "config.php";
	include $TEMPLATE . 'strings.php';
	$error = "";
	if ($_POST["password"] != $_POST["password_confirm"]) {;
	$error = $error . $PASSWORD_VALIDATION_ERROR->no_match;
	}
	if (strlen($password) < $VAL_USER->min_password) {
	$error = $error . format($PASSWORD_VALIDATION_ERROR->bigger_than, ["num" => $VAL_USER->min_password]);
	}
	if (strlen($password) > $VAL_USER->max_password) {
	$error = $error . format($PASSWORD_VALIDATION_ERROR->smaller_than, ["num" => $VAL_USER->max_password]);
	}
	include "blacklists/password.php";
	if (in_array($password, $PASSWORD_BLACKLIST)) {
	$error = $error . $PASSWORD_VALIDATION_ERROR->blacklisted;
	}
	foreach (array("username", "name", "last_name", "email") as &$field) {
	if (!isset($_POST[$field]))
	continue;
	$value = strtoupper($_POST[$field]);
	$PASSWORD = strtoupper($password);
	if (strpos($value, $PASSWORD) !== false \|\| strpos($PASSWORD, $value) !== false) {
	$error = $error . $PASSWORD_VALIDATION_ERROR->shared_inclusion;
	break;
	}
	}
	return $error;
	}