has("oc_users", ["uid" => $_POST["username"]]) === TRUE; } if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { header("Location: purchase.php?plan=" . $plan . "&err=bademail"); die("Invalid email address."); } $renewing = (isset($_POST["renewing"]) && $_POST["renewing"] == "1"); if ($renewing && !$userexists) { header("Location: purchase.php?plan=" . $plan . "&err=renewinvaliduser"); die("Username doesn't exist."); } else if (!$renewing && $userexists) { header("Location: purchase.php?plan=" . $plan . "&err=usernameinvalid"); die("Invalid username."); } if ($renewing) { $hash = $database->get("oc_users", "password", ["uid" => $_POST['username']]); $hash = explode("|", $hash, 2)[1]; if (!password_verify($_POST["password"], $hash)) { header("Location: purchase.php?plan=" . $plan . "&err=renewpasswrong"); die("Password incorrect."); } } else { if (strlen($_POST["password"]) < 8) { header("Location: purchase.php?plan=" . $plan . "&err=shortpassword"); die("Short password."); } $passwordFile = '/var/www/nextcloud/apps/password_policy/lists/list-' . strlen($_POST['password']) . '.php'; if (file_exists($passwordFile)) { $commonPasswords = require_once $passwordFile; if (isset($commonPasswords[strtolower($_POST['password'])])) { header("Location: purchase.php?plan=" . $plan . "&err=commonpassword"); die("Password too common."); } } } $_SESSION['username'] = $_POST['username']; $_SESSION['password'] = $_POST['password']; $_SESSION['renewing'] = $renewing; ?> <?php echo SITE_TITLE; ?>