FUNCTION createUser() - WKuehnTP/wdk-test GitHub Wiki

---

Function: /models/secure_functions.php:createUser(): Inputs: $user_name, $display_name, $email, $title, $phone, $comp_name, $comp_type, $comp_site, $password, $passwordc, $require_activation, $admin, $referral (default “trupro”) If $admin is creating the user Check that user doing it has permission to do this (F&D) Check that variables are within required length ranges, and are valid (F&D) if $referral contains “biz” or “directory”, don’t require $phone. Check that $user_name is not already in use (F&D) Check that $email is not already in use (F&D) Hash the password (F&D on error) If the $referral contains trupro, and contains neither “biz” nor “directory” Create an AL email address, save as $new_email (/models/secure_functions.php:createEmailAddress()) Otherwise Use $email as $new_email Generate Activation Token

Function: /models/secure_functions.php:createEmailAddress() Inputs:

Bolded things need to be implemented. $variables are stored data that will be accessed later.

• (F&D) means “Fail and Die”: If the statement is not true, stop the request, undo anything done, return to the requesting user in a failed state. ** CSRF is “Cross-Site Request Forgery”. A token (128 characters) is created, then sent to trusted sites when a user wants to do something, so the user will return the token when they want to do something. This is to prevent other sites hijacking our users, making sure it’s actually them, actually on our site, doing the request