private function validateForm()
{
// is the form submitted?
if ($this->frm->isSubmitted()) {
// cleanup the submitted fields, ignore fields that were added by hackers
$this->frm->cleanupFields();
// get fields
$txtEmail = $this->frm->getField('email');
$txtDisplayName = $this->frm->getField('display_name');
$txtPassword = $this->frm->getField('password');
$txtFirstName = $this->frm->getField('first_name');
$txtLastName = $this->frm->getField('last_name');
$txtCity = $this->frm->getField('city');
$ddmGender = $this->frm->getField('gender');
$ddmDay = $this->frm->getField('day');
$ddmMonth = $this->frm->getField('month');
$ddmYear = $this->frm->getField('year');
$ddmCountry = $this->frm->getField('country');
// email filled in?
if ($txtEmail->isFilled(BL::getError('EmailIsRequired'))) {
// valid email?
if ($txtEmail->isEmail(BL::getError('EmailIsInvalid'))) {
// email already exists?
if (BackendProfilesModel::existsByEmail($txtEmail->getValue())) {
// set error
$txtEmail->addError(BL::getError('EmailExists'));
}
}
}
// display name filled in?
if ($txtDisplayName->isFilled(BL::getError('DisplayNameIsRequired'))) {
// display name already exists?
if (BackendProfilesModel::existsDisplayName($txtDisplayName->getValue())) {
// set error
$txtDisplayName->addError(BL::getError('DisplayNameExists'));
}
}
// profile must not be notified, password must not be empty
if (!$this->notifyProfile) {
$txtPassword->isFilled(BL::err('FieldIsRequired'));
}
// one of the birthday fields are filled in
if ($ddmDay->isFilled() || $ddmMonth->isFilled() || $ddmYear->isFilled()) {
// valid date?
if (!checkdate($ddmMonth->getValue(), $ddmDay->getValue(), $ddmYear->getValue())) {
// set error
$ddmYear->addError(BL::getError('DateIsInvalid'));
}
}
// no errors?
if ($this->frm->isCorrect()) {
$salt = BackendProfilesModel::getRandomString();
$password = $txtPassword->isFilled() ? $txtPassword->getValue() : BackendModel::generatePassword(8);
// build item
$values = array('email' => $txtEmail->getValue(), 'registered_on' => BackendModel::getUTCDate(), 'display_name' => $txtDisplayName->getValue(), 'url' => BackendProfilesModel::getUrl($txtDisplayName->getValue()), 'last_login' => BackendModel::getUTCDate(null, 0), 'password' => BackendProfilesModel::getEncryptedString($password, $salt));
$this->id = BackendProfilesModel::insert($values);
// update salt
BackendProfilesModel::setSetting($this->id, 'salt', $salt);
// bday is filled in
if ($ddmYear->isFilled()) {
// mysql format
$birthDate = $ddmYear->getValue() . '-';
$birthDate .= str_pad($ddmMonth->getValue(), 2, '0', STR_PAD_LEFT) . '-';
$birthDate .= str_pad($ddmDay->getValue(), 2, '0', STR_PAD_LEFT);
} else {
// not filled in
$birthDate = null;
}
// update settings
BackendProfilesModel::setSetting($this->id, 'first_name', $txtFirstName->getValue());
BackendProfilesModel::setSetting($this->id, 'last_name', $txtLastName->getValue());
BackendProfilesModel::setSetting($this->id, 'gender', $ddmGender->getValue());
BackendProfilesModel::setSetting($this->id, 'birth_date', $birthDate);
BackendProfilesModel::setSetting($this->id, 'city', $txtCity->getValue());
BackendProfilesModel::setSetting($this->id, 'country', $ddmCountry->getValue());
// notify values
$notifyValues = array_merge($values, array('id' => $this->id, 'first_name' => $txtFirstName->getValue(), 'last_name' => $txtLastName->getValue(), 'unencrypted_password' => $password));
$redirectUrl = BackendModel::createURLForAction('Edit') . '&id=' . $this->id . '&var=' . rawurlencode($values['display_name']) . '&report=';
// notify new profile user
if ($this->notifyProfile) {
BackendProfilesModel::notifyProfile($notifyValues);
$redirectUrl .= 'saved-and-notified';
} else {
$redirectUrl .= 'saved';
}
// notify admin
if ($this->notifyAdmin) {
BackendProfilesModel::notifyAdmin($notifyValues);
}
// trigger event
BackendModel::triggerEvent($this->getModule(), 'after_add', array('item' => $values));
// everything is saved, so redirect to the overview
$this->redirect($redirectUrl);
}
}
}
