Просмотр файла includes/functions_validate.php

Конкурс дизайнеров на 15000 рублей
Милый пушистый сайт !!!!
Размер файла: 4.31Kb 
  1. <?php
  2. /***************************************************************************
  3.  *                                mides.ru
  4.  *                            -------------------
  5.  ***************************************************************************/
  6. function validate_username($username)
  7. {
  8. 	global $db, $lang, $userdata;
  9.  
  10. 	
  11. 	$username = preg_replace('#\s+#', ' ', trim($username)); 
  12. 	$username = phpbb_clean_username($username);
  13.  
  14. 	$sql = "SELECT username 
  15. 		FROM " . USERS_TABLE . "
  16. 		WHERE LOWER(username) = '" . strtolower($username) . "'";
  17. 	if ($result = $db->sql_query($sql))
  18. 	{
  19. 		while ($row = $db->sql_fetchrow($result))
  20. 		{
  21. 			if (($userdata['session_logged_in'] && $row['username'] != $userdata['username']) || !$userdata['session_logged_in'])
  22. 			{
  23. 				$db->sql_freeresult($result);
  24. 				return array('error' => true, 'error_msg' => $lang['Username_taken']);
  25. 			}
  26. 		}
  27. 	}
  28. 	$db->sql_freeresult($result);
  29.  
  30. 	$sql = "SELECT group_name
  31. 		FROM " . GROUPS_TABLE . " 
  32. 		WHERE LOWER(group_name) = '" . strtolower($username) . "'";
  33. 	if ($result = $db->sql_query($sql))
  34. 	{
  35. 		if ($row = $db->sql_fetchrow($result))
  36. 		{
  37. 			$db->sql_freeresult($result);
  38. 			return array('error' => true, 'error_msg' => $lang['Username_taken']);
  39. 		}
  40. 	}
  41. 	$db->sql_freeresult($result);
  42.  
  43. 	$sql = "SELECT disallow_username
  44. 		FROM " . DISALLOW_TABLE;
  45. 	if ($result = $db->sql_query($sql))
  46. 	{
  47. 		if ($row = $db->sql_fetchrow($result))
  48. 		{
  49. 			do
  50. 			{
  51. 				if (preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['disallow_username'], '#')) . ")\b#i", $username))
  52. 				{
  53. 					$db->sql_freeresult($result);
  54. 					return array('error' => true, 'error_msg' => $lang['Username_disallowed']);
  55. 				}
  56. 			}
  57. 			while($row = $db->sql_fetchrow($result));
  58. 		}
  59. 	}
  60. 	$db->sql_freeresult($result);
  61.  
  62. 	$sql = "SELECT word 
  63. 		FROM  " . WORDS_TABLE;
  64. 	if ($result = $db->sql_query($sql))
  65. 	{
  66. 		if ($row = $db->sql_fetchrow($result))
  67. 		{
  68. 			do
  69. 			{
  70. 				if (preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['word'], '#')) . ")\b#i", $username))
  71. 				{
  72. 					$db->sql_freeresult($result);
  73. 					return array('error' => true, 'error_msg' => $lang['Username_disallowed']);
  74. 				}
  75. 			}
  76. 			while ($row = $db->sql_fetchrow($result));
  77. 		}
  78. 	}
  79. 	$db->sql_freeresult($result);
  80.  
  81. 	
  82. 	if (strstr($username, '"') || strstr($username, '&quot;') || strstr($username, chr(160)) || strstr($username, chr(173)))
  83. 	{
  84. 		return array('error' => true, 'error_msg' => $lang['Username_invalid']);
  85. 	}
  86.  
  87. 	return array('error' => false, 'error_msg' => '');
  88. }
  89.  
  90.  
  91. function validate_email($email)
  92. {
  93. 	global $db, $lang;
  94.  
  95. 	if ($email != '')
  96. 	{
  97. 		if (preg_match('/^[a-z0-9&\'\.\-_\+]+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*?[a-z]+$/is', $email))
  98. 		{
  99. 			$sql = "SELECT ban_email
  100. 				FROM " . BANLIST_TABLE;
  101. 			if ($result = $db->sql_query($sql))
  102. 			{
  103. 				if ($row = $db->sql_fetchrow($result))
  104. 				{
  105. 					do
  106. 					{
  107. 						$match_email = str_replace('*', '.*?', $row['ban_email']);
  108. 						if (preg_match('/^' . $match_email . '$/is', $email))
  109. 						{
  110. 							$db->sql_freeresult($result);
  111. 							return array('error' => true, 'error_msg' => $lang['Email_banned']);
  112. 						}
  113. 					}
  114. 					while($row = $db->sql_fetchrow($result));
  115. 				}
  116. 			}
  117. 			$db->sql_freeresult($result);
  118.  
  119. 			$sql = "SELECT user_email
  120. 				FROM " . USERS_TABLE . "
  121. 				WHERE user_email = '" . str_replace("\'", "''", $email) . "'";
  122. 			if (!($result = $db->sql_query($sql)))
  123. 			{
  124. 				message_die(GENERAL_ERROR, "Couldn't obtain user email information.", "", __LINE__, __FILE__, $sql);
  125. 			}
  126. 		
  127. 			if ($row = $db->sql_fetchrow($result))
  128. 			{
  129. 				return array('error' => true, 'error_msg' => $lang['Email_taken']);
  130. 			}
  131. 			$db->sql_freeresult($result);
  132.  
  133. 			return array('error' => false, 'error_msg' => '');
  134. 		}
  135. 	}
  136.  
  137. 	return array('error' => true, 'error_msg' => $lang['Email_invalid']);
  138. }
  139.  
  140.  
  141. function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$location, &$occupation, &$interests)
  142. {
  143. 	$check_var_length = array('aim', 'msnm', 'yim', 'location', 'occupation', 'interests');
  144.  
  145. 	for($i = 0; $i < count($check_var_length); $i++)
  146. 	{
  147. 		if (strlen($$check_var_length[$i]) < 2)
  148. 		{
  149. 			$$check_var_length[$i] = '';
  150. 		}
  151. 	}
  152.  
  153. 	if (!preg_match('/^[0-9]+$/', $icq))
  154. 	{
  155. 		$icq = '';
  156. 	}
  157.  
  158. 	if ($website != "")
  159. 	{
  160. 		if (!preg_match('#^http[s]?:\/\/#i', $website))
  161. 		{
  162. 			$website = 'http://' . $website;
  163. 		}
  164.  
  165. 		if (!preg_match('#^http[s]?\\:\\/\\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i', $website))
  166. 		{
  167. 			$website = '';
  168. 		}
  169. 	}
  170.  
  171. 	return;
  172. }
  173.  
  174. ?>