validators.php

<?php
include_once 'ldap.php';
include_once 'redis.php';
include_once 'config.php';
include_once 'utils.php';
include_once 'db_backend.php';

use \DB as DB;

$TEMPLATE = template_path();

function validate_username(string $username)
{
        global $TEMPLATE;
        include 'config.php';
        include $TEMPLATE . 'strings.php';
        $error = "";
        if (ldap_user_count($username)) {
                $error = $error . $USERNAME_VALIDATION_ERROR->registered;
        }
        if (preg_match("/\s/", $username)) {
                $error = $error . $USERNAME_VALIDATION_ERROR->no_whitespaces;
        }
        if (strlen($username) > $VAL_USER->max_username) {
                echo $VAL_USER->max_username;
                echo $USERNAME_VALIDATION_ERROR->smaller_than;
                $error = $error . format($USERNAME_VALIDATION_ERROR->smaller_than, ["num" => $VAL_USER->max_username + 1]);
                echo $error;
        }
        if (strlen($username) < $VAL_USER->min_username) {
                $error = $error . format($USERNAME_VALIDATION_ERROR->bigger_than, ["num" => $VAL_USER->min_username - 1]);
        }
        if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\]/', $username)) {
                $error = $error . $USERNAME_VALIDATION_ERROR->no_special_chars;
        }
        if (preg_match('/^\d/', $username)) {
                $error = $error . $USERNAME_VALIDATION_ERROR->no_number_begining;
        }
        include "blacklists/usernames.php";
        if (in_array($username, $USERNAME_BLACKLIST)) {
                $error = $error . $USERNAME_VALIDATION_ERROR->blacklisted;
        }
        return $error;
}

function validate_name(string $name, object $ERRORS)
{
        global $TEMPLATE;
        include "config.php";
        include $TEMPLATE . 'strings.php';
        $error = "";
        if (preg_match("/^\s/", $name)) {
                $error = $error . $ERRORS->no_whitespaces;
        }
        if (strlen($name) > $VAL_USER->max_first_name) {
                $error = $error . format($ERRORS->smaller_than, ["num" => $VAL_USER->max_first_name + 1]);
        }
        if (strlen($name) < $VAL_USER->min_first_name) {
                $error = $error . format($ERRORS->bigger_than, ["num" => $VAL_USER->min_first_name - 1]);
                $error += "actual length: " . strlen($name);
        }
        if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\0-9]-/', $name)) {
                $error = $error . $ERRORS->no_special_chars;
        }
        return $error;
}

function validate_email(string $email)
{
        global $CONFERENCE_REGISTRATION, $TEMPLATE, $log, $MAIL_HOST_BLACKLIST, $EMAIL_VALIDATION_ERROR, $BASE_URL;
        include $TEMPLATE . 'strings.php';
        $error = "";

        if (($CONFERENCE_REGISTRATION && (new DB(null))->mail_count($email)) || (!$CONFERENCE_REGISTRATION && ldap_mail_count($email))) {
                $log->info("Email already registered");
                $error = $error . format($EMAIL_VALIDATION_ERROR->registered, ["link" => $BASE_URL . "?type=recover"]);
        }
        if (in_array(explode("@", $email)[1], $MAIL_HOST_BLACKLIST)) {
                $error = $error . $EMAIL_VALIDATION_ERROR->blacklisted;
        }
        $log->debug("Checking if email is pending");
        $pending = redis_get("pending");
        if ($pending) {
                $log->debug("Email might be pending");
                $maillist = $pending->mails;
                if (is_array($maillist) && in_array($email, $maillist)) {
                        if ($CONFERENCE_REGISTRATION) {
                                unset($maillist[array_search($user->email, $maillist)]);
                                redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY);
                                $log->debug("Email was pending, but let participant change details.");
                                echo '<div class="alert alert-warning" role="alert">A confirmation request has already been sent to this email, but no problem.</div>';
                        } else {
                                $error = $error . $EMAIL_VALIDATION_ERROR->pending;
                                $log->debug("Email is pending");
                        }
                }
        }
        $log->debug("email validated, result: $error");
        return $error;
}


function validate_password(string $password)
{
        global $TEMPLATE;
        include "config.php";
        include $TEMPLATE . 'strings.php';
        $error = "";
        if ($_POST["password"] != $_POST["password_confirm"]) {;
                $error = $error . $PASSWORD_VALIDATION_ERROR->no_match;
        }
        if (strlen($password) < $VAL_USER->min_password) {
                $error = $error . format($PASSWORD_VALIDATION_ERROR->bigger_than, ["num" => $VAL_USER->min_password]);
        }
        if (strlen($password) > $VAL_USER->max_password) {
                $error = $error . format($PASSWORD_VALIDATION_ERROR->smaller_than, ["num" => $VAL_USER->max_password]);
        }
        include "blacklists/password.php";
        if (in_array($password, $PASSWORD_BLACKLIST)) {
                $error = $error . $PASSWORD_VALIDATION_ERROR->blacklisted;
        }
        foreach (array("username", "name", "last_name", "email") as &$field) {
                if (!isset($_POST[$field]))
                        continue;
                $value = strtoupper($_POST[$field]);
                $PASSWORD = strtoupper($password);
                if (strpos($value, $PASSWORD) !== false || strpos($PASSWORD, $value) !== false) {
                        $error = $error . $PASSWORD_VALIDATION_ERROR->shared_inclusion;
                        break;
                }
        }
        return $error;
}