blob: 3b5961628d2975189d95ca440cdbef655c790cd4 [file] [log] [blame]
matheusfillipe47cf90b2021-05-13 03:36:21 -03001<?php
matheusfillipec0ce7fa2021-05-13 05:15:37 -03002include_once 'ldap.php';
3include_once 'redis.php';
4include_once 'config.php';
5include_once 'utils.php';
matheusfillipe47cf90b2021-05-13 03:36:21 -03006
matheusfillipec0ce7fa2021-05-13 05:15:37 -03007$TEMPLATE = template_path();
matheusfillipe47cf90b2021-05-13 03:36:21 -03008
9function validate_username(string $username)
10{
matheusfillipec0ce7fa2021-05-13 05:15:37 -030011 global $TEMPLATE;
12 include 'config.php';
13 include $TEMPLATE . 'strings.php';
matheusfillipe47cf90b2021-05-13 03:36:21 -030014 $error = "";
15 if (ldap_user_count($username)) {
16 $error = $error . $USERNAME_VALIDATION_ERROR->registered;
17 unset($_POST["username"]);
18 }
19 if (preg_match("/\s/", $username)) {
20 $error = $error . $USERNAME_VALIDATION_ERROR->no_whitespaces;
21 unset($_POST["username"]);
22 }
23 if (strlen($username) > $VAL_USER->max_username) {
matheusfillipec0ce7fa2021-05-13 05:15:37 -030024 echo $VAL_USER->max_username;
25 echo $USERNAME_VALIDATION_ERROR->smaller_than;
matheusfillipe47cf90b2021-05-13 03:36:21 -030026 $error = $error . format($USERNAME_VALIDATION_ERROR->smaller_than, ["num" => $VAL_USER->max_username + 1]);
matheusfillipec0ce7fa2021-05-13 05:15:37 -030027 echo $error;
matheusfillipe47cf90b2021-05-13 03:36:21 -030028 unset($_POST["username"]);
29 }
30 if (strlen($username) < $VAL_USER->min_username) {
31 $error = $error . format($USERNAME_VALIDATION_ERROR->bigger_than, ["num" => $VAL_USER->min_username - 1]);
32 unset($_POST["username"]);
33 }
34 if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\]/', $username)) {
35 $error = $error . $USERNAME_VALIDATION_ERROR->no_special_chars;
36 unset($_POST["username"]);
37 }
38 if (preg_match('/^\d/', $username)) {
39 $error = $error . $USERNAME_VALIDATION_ERROR->no_number_begining;
40 unset($_POST["username"]);
41 }
matheusfillipec0ce7fa2021-05-13 05:15:37 -030042 include "blacklists/usernames.php";
matheusfillipe47cf90b2021-05-13 03:36:21 -030043 if (in_array($username, $USERNAME_BLACKLIST)) {
matheusfillipec0ce7fa2021-05-13 05:15:37 -030044 $error = $error . $USERNAME_VALIDATION_ERROR->blacklisted;
matheusfillipe47cf90b2021-05-13 03:36:21 -030045 unset($_POST["username"]);
46 }
47 return $error;
48}
49
50function validate_name(string $name, object $ERRORS)
51{
matheusfillipec0ce7fa2021-05-13 05:15:37 -030052 global $TEMPLATE;
53 include "config.php";
54 include $TEMPLATE . 'strings.php';
matheusfillipe47cf90b2021-05-13 03:36:21 -030055 $error = "";
56 if (preg_match("/\s/", $name)) {
57 $error = $error . $ERRORS->no_whitespaces;
58 unset($_POST["name"]);
59 }
60 if (strlen($name) > $VAL_USER->max_first_name) {
61 $error = $error . format($ERRORS->smaller_than, ["num" => $VAL_USER->max_first_name + 1]);
62 unset($_POST["name"]);
63 }
64 if (strlen($name) < $VAL_USER->min_first_name) {
65 $error = $error . format($ERRORS->bigger_than, ["num" => $VAL_USER->min_first_name - 1]);
66 unset($_POST["name"]);
67 }
68 if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\0-9]/', $name)) {
69 $error = $error . $ERRORS->no_special_chars;
70 unset($_POST["name"]);
71 }
72 return $error;
73}
74
75function validate_email(string $email)
76{
matheusfillipec0ce7fa2021-05-13 05:15:37 -030077 global $TEMPLATE;
78 include "config.php";
79 include $TEMPLATE . 'strings.php';
matheusfillipe47cf90b2021-05-13 03:36:21 -030080 $error = "";
81
82 if (ldap_mail_count($email)) {
matheusfillipec0ce7fa2021-05-13 05:15:37 -030083 $error = $error . format($EMAIL_VALIDATION_ERROR->registered, ["link" => $BASE_URL . "?type=recover"]);
matheusfillipe47cf90b2021-05-13 03:36:21 -030084 unset($_POST["email"]);
85 }
86 if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
87 $error = $error . $EMAIL_VALIDATION_ERROR->invalid;
88 unset($_POST["email"]);
89 } elseif (in_array(explode("@", $email)[1], $MAIL_HOST_BLACKLIST)) {
90 $error = $error . $EMAIL_VALIDATION_ERROR->blacklisted;
91 unset($_POST["email"]);
92 }
93 $pending = redis_get("pending");
94 if ($pending) {
95 $maillist = $pending->mails;
96 if (in_array($email, $maillist)) {
97 $error = $error . $EMAIL_VALIDATION_ERROR->pending;
98 unset($_POST["email"]);
99 }
100 }
101 return $error;
102}
103
104
105function validate_password(string $password)
106{
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300107 global $TEMPLATE;
108 include "config.php";
109 include $TEMPLATE . 'strings.php';
matheusfillipe47cf90b2021-05-13 03:36:21 -0300110 $error = "";
Marc Kupietzb527e642023-02-23 10:04:21 +0100111 return $error;
matheusfillipe47cf90b2021-05-13 03:36:21 -0300112 if ($_POST["password"] != $_POST["password_confirm"]) {;
113 $error = $error . $PASSWORD_VALIDATION_ERROR->no_match;
114 unset($_POST["password_confirm"]);
115 }
116 if (strlen($password) < $VAL_USER->min_password) {
117 $error = $error . format($PASSWORD_VALIDATION_ERROR->bigger_than, ["num" => $VAL_USER->min_password]);
118 unset($_POST["password"]);
119 unset($_POST["password_confirm"]);
120 }
121 if (strlen($password) > $VAL_USER->max_password) {
122 $error = $error . format($PASSWORD_VALIDATION_ERROR->smaller_than, ["num" => $VAL_USER->max_password]);
123 unset($_POST["password"]);
124 unset($_POST["password_confirm"]);
125 }
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300126 include "blacklists/password.php";
matheusfillipe47cf90b2021-05-13 03:36:21 -0300127 if (in_array($password, $PASSWORD_BLACKLIST)) {
128 $error = $error . $PASSWORD_VALIDATION_ERROR->blacklisted;
129 unset($_POST["password"]);
130 unset($_POST["password_confirm"]);
131 }
132 foreach (array("username", "name", "last_name", "email") as &$field) {
133 if (!isset($_POST[$field]))
134 continue;
135 $value = strtoupper($_POST[$field]);
136 $PASSWORD = strtoupper($password);
137 if (strpos($value, $PASSWORD) !== false || strpos($PASSWORD, $value) !== false) {
138 $error = $error . $PASSWORD_VALIDATION_ERROR->shared_inclusion;
139 unset($_POST["password"]);
140 unset($_POST["password_confirm"]);
141 break;
142 }
143 }
144 return $error;
145}