API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 26th, 2019
132
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 15.31 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. require_once "../../templates/footer.php";
  3. require_once "../../configs/paths.php";
  4. include_once "../../templates/cookie-warning.php";
  5. include "../../templates/error.html";
  6.  
  7. global $errors;
  8. $errors = array();
  9.  
  10. function allParamsPresent() {
  11.   // x & y are also params since the submit button is a image
  12.   $mandatory_params = array('name', 'gender', 'username', 'cpf', 'phone', 'birth-date', 'password', 'confirm-password', 'institution-name', 'institution-uf', 'institution-city', 'g-recaptcha-response');
  13.   for ($i=0; $i < count($mandatory_params); $i++) {
  14.     if (!(isset($_POST[$mandatory_params[$i]]))) {
  15.       //Param $expected_params[$i] is missing on the request
  16.       $error = 'MISSING DATA \'' . $mandatory_params[$i] . '\'';
  17.       $errors["params"] = $error;
  18.       return false;
  19.     }
  20.   }
  21.   //No params missing (params not validated yet, only present)
  22.   return true;
  23. }
  24.  
  25. function validateName($name = null) {
  26.   if (empty($name)) {
  27.     $errors["name"] = "EMPTY";
  28.     return false;
  29.   }
  30.  
  31.   $reg = '/[^\p{L}\s]+/u'; //Match all chars that are not letters (UTF-8 letters are ok) or whitespaces
  32.   $verif = preg_replace($reg, '', $name);
  33.  
  34.   if ($name === $verif) {
  35.     //Remove space if is the first or last char
  36.     while (empty(explode(' ', $name)[0])) {
  37.       $name = substr($name, 1);
  38.     }
  39.     while (empty(explode(' ', $name)[count(explode(' ', $name)) - 1])) {
  40.       $name = substr($name, 0, strlen($name)-1);
  41.     }
  42.  
  43.     if (count(explode(' ', $name)) < 2) {
  44.       //Name is fine but it is only the first time
  45.       $errors["name"] = "ONLY FIRST NAME";
  46.       return false;
  47.     } else {
  48.       //Full name
  49.       $_POST['full_name'] = $name;
  50.       return true;
  51.     }
  52.  
  53.   } else {
  54.     //Name with not supported chars
  55.     $errors["name"] = "NOT SUPPORTED LETTERS";
  56.     return false;
  57.   }
  58. }
  59.  
  60. function validateGender($gender = null) {
  61.   switch ($gender) {
  62.     case 'M':
  63.       return true;
  64.     case 'F':
  65.       return true;
  66.     case 'NF':
  67.       return true;
  68.     default:
  69.       $errors["gender"] = "NOT SUPPORTED GENDER";
  70.       return false;
  71.   }
  72. }
  73.  
  74. function validateEmail($email = null) {
  75.   if(empty($email)) {
  76.     $errors["email"] = "EMPTY";
  77.         return false;
  78.     }
  79.  
  80.   if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
  81.       $errors["email"] = "NOT VALID EMAIL";
  82.       return false;
  83.   } else {
  84.     return true;
  85.   }
  86. }
  87.  
  88. function validateCpf($cpf = null) {
  89.     if(empty($cpf)) {
  90.     $errors["cpf"] = "EMPTY";
  91.         return false;
  92.     }
  93.  
  94.     // Elimina possivel mascara
  95.     $cpf = preg_replace("/[^0-9]/", "", $cpf);
  96.     $cpf = str_pad($cpf, 11, '0', STR_PAD_LEFT);
  97.  
  98.     if (strlen($cpf) != 11) {
  99.     $errors["cpf"] = "TOO SHORT";
  100.         return false;
  101.     }
  102.  
  103.     else if ($cpf == '00000000000' ||
  104.         $cpf == '11111111111' ||
  105.         $cpf == '22222222222' ||
  106.         $cpf == '33333333333' ||
  107.         $cpf == '44444444444' ||
  108.         $cpf == '55555555555' ||
  109.         $cpf == '66666666666' ||
  110.         $cpf == '77777777777' ||
  111.         $cpf == '88888888888' ||
  112.         $cpf == '99999999999') {
  113.     $errors["cpf"] = "INVALID";
  114.         return false;
  115.  
  116.      } else {
  117.  
  118.         for ($t = 9; $t < 11; $t++) {
  119.  
  120.             for ($d = 0, $c = 0; $c < $t; $c++) {
  121.                 $d += $cpf{$c} * (($t + 1) - $c);
  122.             }
  123.             $d = ((10 * $d) % 11) % 10;
  124.             if ($cpf{$c} != $d) {
  125.         $errors["cpf"] = "INVALID";
  126.                 return false;
  127.             }
  128.         }
  129.  
  130.         return true;
  131.     }
  132. }
  133.  
  134. function validatePhone($phone = null) {
  135.   if(empty($phone)) {
  136.     $errors["phone"] = "EMPTY";
  137.         return false;
  138.     }
  139.  
  140.   $phone= trim(str_replace('/', '', str_replace(' ', '', str_replace('-', '', str_replace(')', '', str_replace('(', '', $phone))))));
  141.   $phone_regex = "/^[0-9]{11}$/";
  142.   if (preg_match($phone_regex, $phone) == 1) {
  143.     return true;
  144.   } else {
  145.     $errors["phone"] = "WRONG FORMAT";
  146.     return false;
  147.   }
  148. }
  149.  
  150. function validateBirth($date = null) {
  151.   $min_age = 12;
  152.   date_default_timezone_set('America/Sao_Paulo');
  153.  
  154.   if (empty($date) ||
  155.       strlen($date) != 10 ||
  156.       $date[2] != '/' ||
  157.       $date[5] != '/') {
  158.     $errors["birth"] = "WRONG FORMAT";
  159.         return false;
  160.     }
  161.  
  162.   $date = explode("/", $date);
  163.   $year = $date[2];
  164.   $month = $date[1];
  165.   $day = $date[0];
  166.  
  167.   if (!(checkdate((int)$month, (int)$day, (int)$year))) {
  168.     $errors["birth"] = "INVALID DATE";
  169.     return false;
  170.   }
  171.  
  172.   $today = new DateTime(date('m/d/Y', time()));
  173.   $birth = new DateTime($month . '.' . $day . '.' . $year);
  174.   $age = $today->diff($birth)->y;
  175.  
  176.   if ($age < $min_age) {
  177.     $errors["birth"] = "AGE BELOW MINIMUM";
  178.     return false;
  179.   } else {
  180.     //Change date on $_POST to SQL friendly
  181.     $birth = $year . '-' . $month . '-' . $day;
  182.     $_POST['birth-date'] = $birth;
  183.     return true;
  184.   }
  185. }
  186.  
  187. function validatePassword($pwrd = null, $confirm_pwrd = null) {
  188.  
  189.   $pwrd_req = array('numbers' => 1, 'up_case' => 1, 'low_case' => 1, 'min_length' => 8, 'max_length' => 30);
  190.  
  191.   //Has to be different ifs because needs to set the right error
  192.   if (empty($pwrd)) {
  193.     $errors["password"] = "EMPTY";
  194.     return false;
  195.   }
  196.   if (empty($confirm_pwrd)) {
  197.     $errors["password"] = "CONFIRM EMPTY";
  198.     return false;
  199.   }
  200.   if ($pwrd != $confirm_pwrd) {
  201.     $errors["password"] = "NOT EQUAL TO CONFIRM";
  202.     return false;
  203.   }
  204.   if (strlen($pwrd) > $pwrd_req['max_length']) {
  205.     $errors["password"] = "TOO LONG";
  206.     return false;
  207.   }
  208.   if (strlen($pwrd) < $pwrd_req['min_length']) {
  209.     $errors["password"] = "TOO SHORT";
  210.     return false;
  211.   }
  212.  
  213.   //Check if uppercase if present
  214.   if (preg_match("/[A-Z]/", $pwrd)===0) {
  215.     return false;
  216.   }
  217.   //Check if lower case is present
  218.   if (preg_match("/[a-z]/", $pwrd)===0) {
  219.     return false;
  220.   }
  221.   //Check if digit is present
  222.   if (preg_match("/[0-9]/", $pwrd)===0) {
  223.     return false;
  224.   }
  225.   //Check if has white space
  226.   if (!(preg_match("/\s/", $pwrd))===0) {
  227.     return false;
  228.   }
  229.  
  230.   return true;
  231. }
  232.  
  233. function validateInstName($inst_name = null) {
  234.   //Disable if inst not declared
  235.   if ($_POST['institution-checkbox'] == 'on') {
  236.     return true;
  237.   }
  238.  
  239.   if (empty($inst_name)) {
  240.     $errors["inst-name"] = "EMPTY";
  241.     return false;
  242.   }
  243.  
  244.   $reg = '/[^\p{L}\s]+/u'; //Match all chars that are not letters (UTF-8 letters are ok) or whitespaces
  245.   $verif = preg_replace($reg, '', $inst_name);
  246.  
  247.   if ($inst_name === $verif) {
  248.     //Remove space if is the first or last char
  249.     while (empty(explode(' ', $inst_name)[0])) {
  250.       $inst_name = substr($inst_name, 1);
  251.     }
  252.     while (empty(explode(' ', $inst_name)[count(explode(' ', $inst_name)) - 1])) {
  253.       $inst_name = substr($inst_name, 0, strlen($inst_name)-1);
  254.     }
  255.  
  256.     $_POST['institution-name'] = $inst_name;
  257.     return true;
  258.  
  259.   } else {
  260.     //Name with not supported chars
  261.     $errors["inst-name"] = "NOT SUPPORTED CHARS";
  262.     return false;
  263.   }
  264. }
  265.  
  266. function validateInstUf($uf = null, $data = null) {
  267.   //Disable if inst not declared
  268.   if ($_POST['institution-checkbox'] == 'on') {
  269.     return true;
  270.   }
  271.  
  272.   if (empty($uf) ||
  273.       strlen($uf) != 2 ||
  274.       empty($data)) {
  275.     $errors["inst-uf"] = "EMPTY";
  276.     return false;
  277.   }
  278.   $uf = strtoupper($uf);
  279.   $siglas = array();
  280.   for ($i=0; $i < count($data); $i++) {
  281.     array_push($siglas, $data[$i]['sigla']);
  282.   }
  283.  
  284.   if (in_array($uf, $siglas)) {
  285.     return true;
  286.   } else {
  287.     $errors["inst-uf"] = "INVALID";
  288.     return false;
  289.   }
  290. }
  291.  
  292. function validateInstCity($inst_uf = null, $inst_city = null, $data = null) {
  293.   //Disable if inst not declared
  294.   if ($_POST['institution-checkbox'] == 'on') {
  295.     return true;
  296.   }
  297.  
  298.   if (empty($inst_uf) ||
  299.       empty($inst_city) ||
  300.       empty($data)) {
  301.         $errors["inst-city"] = "EMPTY";
  302.         return false;
  303.   }
  304.  
  305.   $idx;
  306.   for ($i=0; $i < count($data); $i++) {
  307.     if ($data[$i]['sigla'] == $inst_uf) {
  308.       $idx = $i;
  309.       break;
  310.     }
  311.   }
  312.  
  313.   if (in_array($inst_city, $data[$idx]['cidades'])) {
  314.     return true;
  315.   } else {
  316.     $errors["inst-city"] = "CITY NOT IN GIVEN PROVINCE";
  317.     return false;
  318.   }
  319. }
  320.  
  321. // Checks if everything provided is valid
  322. function dataIsValid() {
  323.   include "../web/assets/estados-cidades.php";
  324.   if (allParamsPresent() &&
  325.       validateName($_POST['name']) &&
  326.       validateGender($_POST['gender']) &&
  327.       validateEmail($_POST['username']) &&
  328.       validateCpf($_POST['cpf']) &&
  329.       validatePhone($_POST['phone']) &&
  330.       validateBirth($_POST['birth-date']) &&
  331.       validatePassword($_POST['password'], $_POST['confirm-password']) &&
  332.       validateInstName($_POST['institution-name']) &&
  333.       validateInstUf($_POST['institution-uf'], $states_json) &&
  334.       validateInstCity($_POST['institution-uf'], $_POST['institution-city'], $states_json)) {
  335.     return true;
  336.   } else {
  337.     return false;
  338.   }
  339. }
  340.  
  341. //CAPTCHA HANDLING AND DB QUERY
  342. if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  343.     function post_captcha($user_response) {
  344.         $fields_string = '';
  345.         $fields = array(
  346.             'secret' => "6Ld4aZkUAAAAAOkQjEEEDXz6bW6oj8Nb7CI_dtrI",
  347.             'response' => $user_response
  348.         );
  349.         foreach($fields as $key=>$value)
  350.         $fields_string .= $key . '=' . $value . '&';
  351.         $fields_string = rtrim($fields_string, '&');
  352.  
  353.         $ch = curl_init();
  354.         curl_setopt($ch, CURLOPT_URL, 'https://www.google.com/recaptcha/api/siteverify');
  355.         curl_setopt($ch, CURLOPT_POST, count($fields));
  356.         curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string);
  357.         curl_setopt($ch, CURLOPT_RETURNTRANSFER, True);
  358.  
  359.         $result = curl_exec($ch);
  360.         curl_close($ch);
  361.  
  362.         return json_decode($result, true);
  363.     }
  364.  
  365.     $res = post_captcha($_POST['g-recaptcha-response']);
  366.  
  367.     if (!$res['success']) {
  368.         // FAILURE
  369.         $_POST = array();
  370.         echo '<script>showError(\'reCAPTCHA INVÁLIDO\')</script>';
  371.     } else {
  372.         // SUCCESS
  373.         if (dataIsValid()) {
  374.           //MAKE DB QUERY
  375.           require_once "../../configs/db.php";
  376.  
  377.           $name = $_POST['name'];
  378.           $gender = $_POST['gender'];
  379.           $email = $_POST['username'];
  380.           $cpf = $_POST['cpf'];
  381.           $phone = $_POST['phone'];
  382.           $birth = $_POST['birth-date'];
  383.           $password = hash('sha256', $_POST['password']);
  384.           $inst_name = $_POST['institution-name'];
  385.           $inst_uf = $_POST['institution-uf'];
  386.           $inst_city = $_POST['institution-city'];
  387.  
  388.           //Save Data
  389.           $insert = "INSERT INTO users (id, name, gender, email, cpf, phone, birth, password, inst_name, inst_uf, inst_city) ";
  390.           $values = "VALUES (NULL, \"$name\", \"$gender\", \"$email\", \"$cpf\", \"$phone\", \"$birth\", \"$password\", \"$inst_name\", \"$inst_uf\", \"$inst_city\")";
  391.           $sql = $insert . $values;
  392.  
  393.           $result = $connection->query($sql);
  394.           if ($result) {
  395.             header("Location: entrar.php");
  396.             exit;
  397.           } else {
  398.             $error = mysqli_error($connection);
  399.             $msg;
  400.             if(preg_match("/unique_email/i", $error)) {
  401.               $msg = "EMAIL JÁ ESTÁ EM USO";
  402.             }
  403.             if(preg_match("/unique_phone/i", $error)) {
  404.               $msg = "TELEFONE JÁ ESTÁ EM USO";
  405.             }
  406.             if(preg_match("/unique_cpf/i", $error)) {
  407.               $msg = "CPF JÁ ESTÁ EM USO";
  408.             }
  409.             if(preg_match("/unique_id/i", $error)) {
  410.               $msg = "ENTRE EM CONTATO CONOSCO! -  ERROR UNIQUE_ID";
  411.             }
  412.             echo "<script>showError('$msg')</script>";
  413.           }
  414.         } else {
  415.           //Captach is ok but data was not verified
  416.           print_r($errors);
  417.         }
  418.     }
  419. }
  420.  
  421. ?>
  422.  
  423.  
  424. <!DOCTYPE html>
  425. <html lang="pt-br">
  426.   <head>
  427.     <meta charset="utf-8">
  428.     <link rel="stylesheet" href="<?echo $sing_up_css;?>">
  429.     <link href="https://fonts.googleapis.com/css?family=Work+Sans:300,400" rel="stylesheet">
  430.     <script src="https://www.google.com/recaptcha/api.js?hl=pt-BR" async defer></script>
  431.     <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
  432.     <!--<script src="<?//echo $sign_up_js;?>" defer></script>-->
  433.     <script src="/js/sign-up.js" defer></script>
  434.     <title>iStudiWeb | Cadastrar</title>
  435.   </head>
  436.   <body>
  437.     <div id="wraper">
  438.       <img id="logo" alt="iStudiWeb Logo" src="<?echo $web_logo_black;?>">
  439.  
  440.       <form id="form" action="cadastrar" method="POST">
  441.         <ul class="left-list ul-list">
  442.           <li><label class="list-title">Sobre Mim</label></li>
  443.           <li><input class="text-input" type="text" name="name"  id="name" placeholder="Nome" autocomplete="off" required></input></li>
  444.           <li>
  445.             <select class="text-input" id="gender" name="gender" placeholder="Sexo" required>
  446.               <option id="gender-placeholder" value="" disabled selected style="">Sexo</option>
  447.               <option value="M">Masculino</option>
  448.               <option value="F">Feminino</option>
  449.               <option value="NF">Prefiro não informar</option>
  450.             </select>
  451.           </li>
  452.           <li><input class="text-input" type="email" name="username" id="email" placeholder="Email" autocomplete="on" required></input></li>
  453.           <li><input class="text-input" type="text" name="cpf" id="cpf" placeholder="CPF" autocomplete="off" required></input></li>
  454.           <li><input class="text-input" type="tel" name="phone" id="phone" placeholder="Celular" autocomplete="on" required></input></li>
  455.           <li><input class="text-input" type="text" name="birth-date" id="birth-date" placeholder="Data de Nascimento" autocomplete="off" required></input></li>
  456.           <li><input class="text-input" type="password" name="password" id="password" placeholder="Senha" autocomplete="off" required></input></li>
  457.           <li><input class="text-input" type="password" name="confirm-password" id="confirm-password" placeholder="Confirme sua senha" autocomplete="off" required></input></li>
  458.         </ul>
  459.  
  460.         <hr class="separator">
  461.  
  462.         <ul class="right-list ul-list">
  463.           <li><label class="list-title">Minha Instituição</label></li>
  464.           <li><label id="institution-label"><input class="check-input" type="checkbox" name="institution-checkbox" id="institution-checkbox" value="on"></input>Não estou em nenhuma Instituição</label></li>
  465.           <li><input class="text-input" type="text" name="institution-name"  id="institution-name" placeholder="Nome" autocomplete="off" required></input></li>
  466.           <li>
  467.             <input class="text-input" name="institution-uf"  id="institution-uf" placeholder="UF" list="inst-uf-list" required>
  468.             <datalist id="inst-uf-list"></datalist>
  469.           </li>
  470.           <li>
  471.             <input class="text-input" name="institution-city" id="institution-city" list="inst-city-list" placeholder="Cidade" required readonly>
  472.             <datalist id="inst-city-list"></datalist>
  473.           </li>
  474.         </ul>
  475.  
  476.         <hr class="separator">
  477.  
  478.         <div id="submit-wrap">
  479.           <div class="g-recaptcha" id="reCaptcha" data-callback="recaptchaCallback" data-sitekey="6Ld4aZkUAAAAANscwRBTTGhaEIWvwj0gm3BY4BNQ"></div>
  480.           <input id="cadastrar-btn" type="image" alt="Criar Conta" src=<?echo $sing_up_btn;?> disabled><br>
  481.           <span class="legal-agreement">Ao se cadastrar, você concorda com os nossos</span><br>
  482.           <span class="legal-agreement"><a href="#" class="legal-agreement">Termos de Uso</a> e <a href="#" class="legal-agreement">Política de Privacidade</a></span>
  483.         </div>
  484.       </form>
  485.     </div>
  486.  
  487.  
  488.   </body>
  489. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!