Hello everyone i want to ask question my html form, requires to input username/Email that you can put.
Then it searches by username or email if in database that account exists if yes process.
The script works, but only with email.
My problem is how to identify in input field is the user written an username or email? Now it checks both but for some reason it dosen't detect username only email typed.
function getUserEmailExist( $input )
{
global $database;
if( preg_match( '/^[a-z0-9]+([_\\.-][a-z0-9]+)*#([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i', $input ) ) {
$type = 2;
$get = $database->checkExistRecovery( $input, $type );
}
if( preg_match( '/[^0-9A-Za-z]/', $input ) ) {
$type = 1;
$get = $database->checkExistRecovery( $input, $type );
}
if( $get ) {
$this->updateRecover( $input, $type );
} else {
return false;
}
}
You need to move your email if statement below.
Because if the input is an email, it's going to match the second preg match anyway.
So you're overwriting your $type variable.
Fixed.
function getUserEmailExist( $input )
{
global $database;
if( preg_match( '/[A-Za-z0-9]+/', $input ) ) {
$type = 1;
$get = $database->checkExistRecovery( $input, $type );
}
if( preg_match( '/^[a-z0-9]+([_\\.-][a-z0-9]+)*#([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i', $input ) ) {
$type = 2;
$get = $database->checkExistRecovery( $input, $type );
}
if( $get ) {
$this->updateRecover( $input, $type );
} else {
return false;
}
}
I think you want your second regex to be /[A-Za-z0-9]+/. You are currently looking for anything that doesn't contain those characters.
Why do you care about all that validation logic? I can't see your actual DB queries, but it seems you could easily do something like this:
SELECT * FROM users
WHERE email = ? OR username = ?
Where ? would be the email or username value.
Related
I've been banging my head all day on this last piece of my project. I'm using Ninja Forms and looking to validate a string before submitting the form. I have broken this into pieces and tested using simple string checks and it worked but when I try to use the file_get_contents() function it's just submitting without running the check. The file realtor_info.txt contains the following: mikeoberdick#gmail.com - BP61AM. The page is found here: https://www.rhwarranty.com/realtor-quote/
add_filter( 'ninja_forms_submit_data', 'my_ninja_forms_submit_data');
function my_ninja_forms_submit_data( $form_data ) {
$form_id = $form_data[ 'form_id' ];
if ( $form_id = 4 ) {
$email_field_id = 41;
$coupon_field_id = 49;
$email = $form_data['fields'][$email_field_id]['value'];
$coupon = $form_data['fields'][$coupon_field_id]['value'];
$string = $email . ' - ' . $coupon;
$file = "https://rhwarranty.com/wp-content/themes/regal-home-warranty/stripe/realtor_info.txt";
//check the file to see if the string exists
if( strpos(file_get_contents($file),$string) !== false) {
return $form_data;
} else {
$form_data['errors']['fields'][$coupon_field_id] = 'Something is not quite right here!';
}
}
}
Any thoughts on what is going wrong?
Why do you assign the value of the form in the if statement ?
Or if ( $form_id = 4 ) {
this should be
if ( $form_id == 4 ) {
In php/wordpress I have made a function. I want to pass some parameteres inside the function so that it will show result according to that. So far now my function code is like this
$user_id = get_current_user_id();
function check_user_access($role, $action = NULL ) {
if( $role == 'subscriber') {
if( $action = 'check_customer' ) {
$check_customer = $wpdb->get_var("SELECT COUNT(id) FROM `table1` WHERE `user_id` = $user_id");
return $check_customer;
}
if( $action = 'check_users' ) {
$check_users = $wpdb->get_var("SELECT COUNT(id) FROM `table2` WHERE `user_id` = $user_id");
return $check_users;
}
}
}
Now I am using this function like this
$role = 'subscriber';
$check_customers = check_user_access($role, $action = 'check_users' );
if( $check_users <=1 ) {
//do something;
}
if( $check_users > 1 ) {
//do something other;
}
But its showing the result of $action = 'check_customer'. Means its working for the first block condition. Can someone tell me how to solve this? Am I doing something wrong?
change your
if( $action = 'check_customer' ) {}
to
if( $action == 'check_customer' ) {}
= means Assignment Operator
== means Comparison Operator
refer - from here
I'm trying to ignore uppercase or lowercase with the code below to detect whether the user is blocked or not. Is working when matching the username or email but with the case problem, the validation does not work. How to make it case insensitive? Thanks for helping.
$msg = "something";
$blocked = preg_split('/[\r\n]([a-z])([A-Z])+/', admin_get_option('blocked_users'), -1, PREG_SPLIT_NO_EMPTY);
if ( isset($form['username_or_email']) && in_array( $form['username_or_email'], $blocked) ) {
$errors['username_or_email'] = $msg;
}
if ( isset($form['user_login']) && in_array( $form['user_login'], $blocked) ) {
$errors['user_login'] = $msg;
}
if ( isset($form['user_email']) && in_array( $form['user_email'], $blocked) ) {
$errors['user_email'] = $msg;
}
" i " Modifier Makes the match case insensitive
ANSWER EDIT:
The fix was to change:
if (get_user_data( $input_user, $logindata ) === $input_pwd ) {
to
if (get_user_data(strtolower($input_user), $logindata) === $input_pwd ) {
so that the username is forced to lowercase. I just have to be conscious to store my usernames as all lowercase too.
I am aware of strcasecmp. I am not sure how that would apply to my working code though, as you can only compare 2 variables.
Am I able to make preg_match case insensitive in the context of my working code below?
Can I add the /i regex to my preg_match command to a returned variable?
I just want the username that is entered by the user (including domain name) to be case insenstive. (ie. uSeRnAMe#dOmAIN1.CoM) without having to add every combination of valid username to my pseudo database!
This is my working code:
// Get users
$input_pwd = ( isset( $_POST["password"] ) ? $_POST["password"] : '' );
$input_user = ( isset( $_POST["username"] ) ? $_POST["username"] : '' );
// Your pseudo database here
$usernames = array(
"username#domain1.com",
"username2#domain1.com",
"username3#domain1.com",
"username1#domain2.com",
"/[a-z][A-Z][0-9]#domain2\.com/", // use an emtpy password string for each of these
"/[^#]+#domain3\.com/" // entries if they don't need to authenticate
);
$passwords = array( "password1", "password2", "password3", "password4", "", "" );
// Create an array of username literals or patterns and corresponding redirection targets
$targets = array(
"username#domain1.com" => "http://www.google.com",
"username2#domain1.com" => "http://www.yahoo.com",
"username3#domain1.com" => "http://www.stackoverflow.com",
"username1#domain2.com" => "http://www.serverfault.com",
"/[a-z][A-Z][0-9]#domain2\.com/" => "http://target-for-aA1-usertypes.com",
"/[^#]+#domain3\.com/" => "http://target-for-all-domain3-users.com",
"/.+/" => "http://default-target-if-all-else-fails.com",
);
$logindata = array_combine( $usernames, $passwords );
if ( get_user_data( $input_user, $logindata ) === $input_pwd ) {
session_start();
$_SESSION["username"] = $input_user;
header('Location: ' . get_user_data( $input_user, $targets ) );
exit;
} else {
// Supplied username is invalid, or the corresponding password doesn't match
header('Location: login.php?login_error=1');
exit;
}
function get_user_data ( $user, array $data ) {
$retrieved = null;
foreach ( $data as $user_pattern => $value ) {
if (
( $user_pattern[0] == '/' and preg_match( $user_pattern, $user ) )
or ( $user_pattern[0] != '/' and $user_pattern === $user)
) {
$retrieved = $value;
break;
}
}
return $retrieved;
}
You can do a case insensitive match in PHP with i. For instance, the following will print 'This matches!':
<?php
if ( preg_match('/def/i', 'ABCDEF') ) {
echo 'This matches!';
}
?>
So just add i to the pattern, and the case will be ignored.
One approach if you want case-insensitive usernames is to always lowercase a new one when you store it, and then to always lowercase the comparing value when you check. (This is a lot faster than using preg_match.)
After a user signs in and his password is verified, I need to store his username in a cookie. I tried to simply add setcookie() when the password is successfully verified in the section that looks like if ( $password_match == $user_login_password ) {... but for some reason it doesn't seem to be working. I can't set cookies when a user successfully logins with correct password/username. Is there some reason you can't setcookies from inside a function?
public function write($p) {
if ( $_POST['user_login_username'] )
$user_login_username = mysql_real_escape_string($_POST['user_login_username']);
if ( $_POST['user_login_password'] )
$password = mysql_real_escape_string($_POST['user_login_password']);
$password .= 'some_Salt';
$user_login_password = hash('sha256', $password);
} elseif ( $user_login_username && $user_login_password ) {
$q = "SELECT * FROM users WHERE username = '$user_login_username'";
$r = mysql_query($q);
if ( $r !== false && mysql_num_rows($r) > 0 ) {
while ( $a = mysql_fetch_assoc($r) ) {
$password_match = stripslashes($a['password']);
}
if ( $password_match == $user_login_password ) {
echo $this ->display_login('Correct!');
setcookie('user','some_username');
} else {
echo $this ->display_login('Wrong Password!');
}
} else {
echo $this ->display_login('That username does not exist.');
}
return;
} else {
return false;
}
}
I'd do this that way:
function mysetcookie($name, $value, $timestamp=null, $directory='/') {
return setcookie($name, $value, time()+$timestamp, $directory);
}
And I'd be using mysetcookie() instead of setcookie() :) And I'd consider reading this:
http://php.net/manual/en/function.setcookie.php
Ahh I got it. Protocol restriction with setcookie, I was trying to set it after the tags. Thanks to everyone who looked, I should have read the documentation better. Sorry!