Viewing file:  functions.php (4.44 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
// Strictly three aren't alone functions, but they are functions of sorts
// and we call it every
// page to prevent tainted data expoits
foreach ($_GET as $getkey => $getval)
{
$_GET[$getkey] = preg_replace('/[\'";$%]/','',$getval);
}
foreach ($_POST as $postkey => $postval)
{
$_POST[$postkey] = preg_replace('/[\'";$%]/','',$postval);
}
$globals = array('_GET', '_POST');
foreach ($globals as $i => $val)
{
foreach ($$val as $j => $var)
{
if ( isset($$var) )
{
unset($$var);
}
}
}
/**
* validate user password
*
* validate if password and confirmation password match
* and contain no invalid characters. They can not be empty.
*
* @param string $clear cleartext password
* @param string $vclear cleartext password (for validation)
* @return boolean true if they match and contain no illegal characters
*/
function validate_password($clear,$vclear)
{
return ($clear == $vclear) &&
($clear != "") &&
($clear == preg_replace("/[\'\"\`\;]/","",$clear));
}
/**
* validate alias password
*
* like validate_password, but the pasword can be empty
*
* @see validate_password
* @param string $clear cleartext password
* @param string $vclear cleartext password (for validation)
* @return boolean true if they match and contain no illegal characters
*/
function alias_validate_password($clear,$vclear)
{
return ($clear == $vclear) &&
($clear == preg_replace("/[\'\"\`\;]/","",$clear));
}
/**
* Check if a user already exists.
*
* Queries database $db, and redirects to the $page is the user already
* exists.
*
* @param mixed $db database to query
* @param string $localpart
* @param string $domain_id
* @param string $page page to return to
*/
function check_user_exists($db,$localpart,$domain_id,$page)
{
$query = "SELECT COUNT(*) AS c
FROM users
WHERE localpart='$localpart'
AND domain_id='$domain_id'";
$result = $db->query($query);
$row = $result->fetchRow();
if ($row['c'] != 0)
{
header ("Location: $page?userexists=$localpart");
die;
}
}
/**
* Render the alphabet. Directly onto the page.
*
* @param unknown $flag unknown
*/
function alpha_menu($flag)
{
global $letter; // needs to be available to the parent
if ($letter == 'all')
{
$letter = '';
}
if ($flag)
{
print "\n<p class='alpha'><a href='" . $_SERVER['PHP_SELF'] .
"?LETTER=ALL' class='alpha'>ALL</a> ";
// loops through the alphabet.
// For international alphabets, replace the string in the proper order
foreach (preg_split('//', _("ABCDEFGHIJKLMNOPQRSTUVWXYZ"), -1,
PREG_SPLIT_NO_EMPTY) as $i)
{
print "<a href='" . $_SERVER['PHP_SELF'] .
"?LETTER=$i' class='alpha'>$i</a> ";
}
print "</p>\n";
}
}
/**
* crypt the plaintext password.
*
* @golbal string $cryptscheme
* @param string $clear the cleartext password
* @param string $salt optional salt
* @return string the properly crypted password
*/
function crypt_password($clear, $salt = '')
{
global $cryptscheme;
if ($cryptscheme == 'sha')
{
$hash = sha1($clear);
$cryptedpass = '{SHA}' . base64_encode(pack('H*', $hash));
}
else
{
if ($salt != '')
{
if ($cryptscheme == 'des')
{
$salt = substr($salt, 0, 2);
}
else
if ($cryptscheme == 'md5')
{
$salt = substr($salt, 0, 12);
}
else
{
$salt = '';
}
}
$cryptedpass = crypt($clear, $salt);
}
return $cryptedpass;
}
?>
|