X-Git-Url: http://git.vanrenterghem.biz/www.vanrenterghem.biz.git/blobdiff_plain/4b1ce0d83844cfd7c55e75a60ccb239882cd62e3..83ab5456767602f2a9860a7db7247f002ec96945:/phpBB2/includes/functions_validate.php diff --git a/phpBB2/includes/functions_validate.php b/phpBB2/includes/functions_validate.php deleted file mode 100644 index 69197a3..0000000 --- a/phpBB2/includes/functions_validate.php +++ /dev/null @@ -1,205 +0,0 @@ -sql_query($sql)) - { - while ($row = $db->sql_fetchrow($result)) - { - if (($userdata['session_logged_in'] && $row['username'] != $userdata['username']) || !$userdata['session_logged_in']) - { - $db->sql_freeresult($result); - return array('error' => true, 'error_msg' => $lang['Username_taken']); - } - } - } - $db->sql_freeresult($result); - - $sql = "SELECT group_name - FROM " . GROUPS_TABLE . " - WHERE LOWER(group_name) = '" . strtolower($username) . "'"; - if ($result = $db->sql_query($sql)) - { - if ($row = $db->sql_fetchrow($result)) - { - $db->sql_freeresult($result); - return array('error' => true, 'error_msg' => $lang['Username_taken']); - } - } - $db->sql_freeresult($result); - - $sql = "SELECT disallow_username - FROM " . DISALLOW_TABLE; - if ($result = $db->sql_query($sql)) - { - if ($row = $db->sql_fetchrow($result)) - { - do - { - if (preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['disallow_username'], '#')) . ")\b#i", $username)) - { - $db->sql_freeresult($result); - return array('error' => true, 'error_msg' => $lang['Username_disallowed']); - } - } - while($row = $db->sql_fetchrow($result)); - } - } - $db->sql_freeresult($result); - - $sql = "SELECT word - FROM " . WORDS_TABLE; - if ($result = $db->sql_query($sql)) - { - if ($row = $db->sql_fetchrow($result)) - { - do - { - if (preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['word'], '#')) . ")\b#i", $username)) - { - $db->sql_freeresult($result); - return array('error' => true, 'error_msg' => $lang['Username_disallowed']); - } - } - while ($row = $db->sql_fetchrow($result)); - } - } - $db->sql_freeresult($result); - - // Don't allow " and ALT-255 in username. - if (strstr($username, '"') || strstr($username, '"') || strstr($username, chr(160))) - { - return array('error' => true, 'error_msg' => $lang['Username_invalid']); - } - - return array('error' => false, 'error_msg' => ''); -} - -// -// Check to see if email address is banned -// or already present in the DB -// -function validate_email($email) -{ - global $db, $lang; - - if ($email != '') - { - if (preg_match('/^[a-z0-9&\'\.\-_\+]+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*?[a-z]+$/is', $email)) - { - $sql = "SELECT ban_email - FROM " . BANLIST_TABLE; - if ($result = $db->sql_query($sql)) - { - if ($row = $db->sql_fetchrow($result)) - { - do - { - $match_email = str_replace('*', '.*?', $row['ban_email']); - if (preg_match('/^' . $match_email . '$/is', $email)) - { - $db->sql_freeresult($result); - return array('error' => true, 'error_msg' => $lang['Email_banned']); - } - } - while($row = $db->sql_fetchrow($result)); - } - } - $db->sql_freeresult($result); - - $sql = "SELECT user_email - FROM " . USERS_TABLE . " - WHERE user_email = '" . str_replace("\'", "''", $email) . "'"; - if (!($result = $db->sql_query($sql))) - { - message_die(GENERAL_ERROR, "Couldn't obtain user email information.", "", __LINE__, __FILE__, $sql); - } - - if ($row = $db->sql_fetchrow($result)) - { - return array('error' => true, 'error_msg' => $lang['Email_taken']); - } - $db->sql_freeresult($result); - - return array('error' => false, 'error_msg' => ''); - } - } - - return array('error' => true, 'error_msg' => $lang['Email_invalid']); -} - -// -// Does supplementary validation of optional profile fields. This expects common stuff like trim() and strip_tags() -// to have already been run. Params are passed by-ref, so we can set them to the empty string if they fail. -// -function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$location, &$occupation, &$interests, &$sig) -{ - $check_var_length = array('aim', 'msnm', 'yim', 'location', 'occupation', 'interests', 'sig'); - - for($i = 0; $i < count($check_var_length); $i++) - { - if (strlen($$check_var_length[$i]) < 2) - { - $$check_var_length[$i] = ''; - } - } - - // ICQ number has to be only numbers. - if (!preg_match('/^[0-9]+$/', $icq)) - { - $icq = ''; - } - - // website has to start with http://, followed by something with length at least 3 that - // contains at least one dot. - if ($website != "") - { - if (!preg_match('#^http[s]?:\/\/#i', $website)) - { - $website = 'http://' . $website; - } - - if (!preg_match('#^http[s]?\\:\\/\\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i', $website)) - { - $website = ''; - } - } - - return; -} - -?> \ No newline at end of file