blob: 966f1d1151c75f3846396182ea25a8957811ff61 [file] [log] [blame]
matheusfillipe47cf90b2021-05-13 03:36:21 -03001<?php
matheusfillipec0ce7fa2021-05-13 05:15:37 -03002include_once 'ldap.php';
3include_once 'redis.php';
4include_once 'config.php';
5include_once 'utils.php';
Marc Kupietz87a14312023-03-09 20:39:31 +01006include_once 'db_backend.php';
7
8use \DB as DB;
matheusfillipe47cf90b2021-05-13 03:36:21 -03009
matheusfillipec0ce7fa2021-05-13 05:15:37 -030010$TEMPLATE = template_path();
matheusfillipe47cf90b2021-05-13 03:36:21 -030011
12function validate_username(string $username)
13{
matheusfillipec0ce7fa2021-05-13 05:15:37 -030014 global $TEMPLATE;
15 include 'config.php';
16 include $TEMPLATE . 'strings.php';
matheusfillipe47cf90b2021-05-13 03:36:21 -030017 $error = "";
18 if (ldap_user_count($username)) {
19 $error = $error . $USERNAME_VALIDATION_ERROR->registered;
matheusfillipe47cf90b2021-05-13 03:36:21 -030020 }
21 if (preg_match("/\s/", $username)) {
22 $error = $error . $USERNAME_VALIDATION_ERROR->no_whitespaces;
matheusfillipe47cf90b2021-05-13 03:36:21 -030023 }
24 if (strlen($username) > $VAL_USER->max_username) {
matheusfillipec0ce7fa2021-05-13 05:15:37 -030025 echo $VAL_USER->max_username;
26 echo $USERNAME_VALIDATION_ERROR->smaller_than;
matheusfillipe47cf90b2021-05-13 03:36:21 -030027 $error = $error . format($USERNAME_VALIDATION_ERROR->smaller_than, ["num" => $VAL_USER->max_username + 1]);
matheusfillipec0ce7fa2021-05-13 05:15:37 -030028 echo $error;
matheusfillipe47cf90b2021-05-13 03:36:21 -030029 }
30 if (strlen($username) < $VAL_USER->min_username) {
31 $error = $error . format($USERNAME_VALIDATION_ERROR->bigger_than, ["num" => $VAL_USER->min_username - 1]);
matheusfillipe47cf90b2021-05-13 03:36:21 -030032 }
33 if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\]/', $username)) {
34 $error = $error . $USERNAME_VALIDATION_ERROR->no_special_chars;
matheusfillipe47cf90b2021-05-13 03:36:21 -030035 }
36 if (preg_match('/^\d/', $username)) {
37 $error = $error . $USERNAME_VALIDATION_ERROR->no_number_begining;
matheusfillipe47cf90b2021-05-13 03:36:21 -030038 }
matheusfillipec0ce7fa2021-05-13 05:15:37 -030039 include "blacklists/usernames.php";
matheusfillipe47cf90b2021-05-13 03:36:21 -030040 if (in_array($username, $USERNAME_BLACKLIST)) {
matheusfillipec0ce7fa2021-05-13 05:15:37 -030041 $error = $error . $USERNAME_VALIDATION_ERROR->blacklisted;
matheusfillipe47cf90b2021-05-13 03:36:21 -030042 }
43 return $error;
44}
45
46function validate_name(string $name, object $ERRORS)
47{
matheusfillipec0ce7fa2021-05-13 05:15:37 -030048 global $TEMPLATE;
49 include "config.php";
50 include $TEMPLATE . 'strings.php';
matheusfillipe47cf90b2021-05-13 03:36:21 -030051 $error = "";
52 if (preg_match("/\s/", $name)) {
53 $error = $error . $ERRORS->no_whitespaces;
matheusfillipe47cf90b2021-05-13 03:36:21 -030054 }
55 if (strlen($name) > $VAL_USER->max_first_name) {
56 $error = $error . format($ERRORS->smaller_than, ["num" => $VAL_USER->max_first_name + 1]);
matheusfillipe47cf90b2021-05-13 03:36:21 -030057 }
58 if (strlen($name) < $VAL_USER->min_first_name) {
59 $error = $error . format($ERRORS->bigger_than, ["num" => $VAL_USER->min_first_name - 1]);
matheusfillipe47cf90b2021-05-13 03:36:21 -030060 }
61 if (preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\0-9]/', $name)) {
62 $error = $error . $ERRORS->no_special_chars;
matheusfillipe47cf90b2021-05-13 03:36:21 -030063 }
64 return $error;
65}
66
67function validate_email(string $email)
68{
Marc Kupietz87a14312023-03-09 20:39:31 +010069 global $CONFERENCE_REGISTRATION, $TEMPLATE, $log, $MAIL_HOST_BLACKLIST, $EMAIL_VALIDATION_ERROR, $BASE_URL;
matheusfillipec0ce7fa2021-05-13 05:15:37 -030070 include $TEMPLATE . 'strings.php';
matheusfillipe47cf90b2021-05-13 03:36:21 -030071 $error = "";
72
Marc Kupietz87a14312023-03-09 20:39:31 +010073 if (($CONFERENCE_REGISTRATION && (new DB(null))->mail_count($email)) || (!$CONFERENCE_REGISTRATION && ldap_mail_count($email))) {
74 $log->info("Email already registered");
matheusfillipec0ce7fa2021-05-13 05:15:37 -030075 $error = $error . format($EMAIL_VALIDATION_ERROR->registered, ["link" => $BASE_URL . "?type=recover"]);
matheusfillipe47cf90b2021-05-13 03:36:21 -030076 }
Marc Kupietz87a14312023-03-09 20:39:31 +010077 if (in_array(explode("@", $email)[1], $MAIL_HOST_BLACKLIST)) {
matheusfillipe47cf90b2021-05-13 03:36:21 -030078 $error = $error . $EMAIL_VALIDATION_ERROR->blacklisted;
matheusfillipe47cf90b2021-05-13 03:36:21 -030079 }
Marc Kupietz87a14312023-03-09 20:39:31 +010080 $log->debug("Checking if email is pending");
matheusfillipe47cf90b2021-05-13 03:36:21 -030081 $pending = redis_get("pending");
82 if ($pending) {
Marc Kupietz87a14312023-03-09 20:39:31 +010083 $log->debug("Email might be pending");
matheusfillipe47cf90b2021-05-13 03:36:21 -030084 $maillist = $pending->mails;
Marc Kupietz87a14312023-03-09 20:39:31 +010085 if (is_array($maillist) && in_array($email, $maillist)) {
86 if ($CONFERENCE_REGISTRATION) {
87 unset($maillist[array_search($user->email, $maillist)]);
88 redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY);
89 $log->debug("Email was pending, but let participant change details.");
90 echo '<div class="alert alert-warning" role="alert">A confirmation request has already been sent to this email, but no problem.</div>';
91 } else {
92 $error = $error . $EMAIL_VALIDATION_ERROR->pending;
93 $log->debug("Email is pending");
94 }
matheusfillipe47cf90b2021-05-13 03:36:21 -030095 }
96 }
Marc Kupietz87a14312023-03-09 20:39:31 +010097 $log->debug("email validated, result: $error");
matheusfillipe47cf90b2021-05-13 03:36:21 -030098 return $error;
99}
100
101
102function validate_password(string $password)
103{
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300104 global $TEMPLATE;
105 include "config.php";
106 include $TEMPLATE . 'strings.php';
matheusfillipe47cf90b2021-05-13 03:36:21 -0300107 $error = "";
108 if ($_POST["password"] != $_POST["password_confirm"]) {;
109 $error = $error . $PASSWORD_VALIDATION_ERROR->no_match;
matheusfillipe47cf90b2021-05-13 03:36:21 -0300110 }
111 if (strlen($password) < $VAL_USER->min_password) {
112 $error = $error . format($PASSWORD_VALIDATION_ERROR->bigger_than, ["num" => $VAL_USER->min_password]);
matheusfillipe47cf90b2021-05-13 03:36:21 -0300113 }
114 if (strlen($password) > $VAL_USER->max_password) {
115 $error = $error . format($PASSWORD_VALIDATION_ERROR->smaller_than, ["num" => $VAL_USER->max_password]);
matheusfillipe47cf90b2021-05-13 03:36:21 -0300116 }
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300117 include "blacklists/password.php";
matheusfillipe47cf90b2021-05-13 03:36:21 -0300118 if (in_array($password, $PASSWORD_BLACKLIST)) {
119 $error = $error . $PASSWORD_VALIDATION_ERROR->blacklisted;
matheusfillipe47cf90b2021-05-13 03:36:21 -0300120 }
121 foreach (array("username", "name", "last_name", "email") as &$field) {
122 if (!isset($_POST[$field]))
123 continue;
124 $value = strtoupper($_POST[$field]);
125 $PASSWORD = strtoupper($password);
126 if (strpos($value, $PASSWORD) !== false || strpos($PASSWORD, $value) !== false) {
127 $error = $error . $PASSWORD_VALIDATION_ERROR->shared_inclusion;
matheusfillipe47cf90b2021-05-13 03:36:21 -0300128 break;
129 }
130 }
131 return $error;
132}