<?php
/**
 * Validator for Register.
 */
final class RegisterValidator {
    private function __construct() {

    }
    /**
     * Validate the given username, password, repeat_password and email.
     * @param $username, $password, $repeat_password and $email to be validated
     * @return array array of {@link Error} s
     */
    public static function validate($username, $password, $repeat_password, $email) {
        $errors = array();
        $username = trim($username);
        $password = trim($password);
        if (!$username) {
            $errors[] = new Error('username', '用戶名不能為空。');
        } elseif (strlen($username)<3) {
            $errors[] = new Error('username', '用戶名長度不能小于3個字符。');
        } elseif (strlen($username)>30) {
            $errors[] = new Error('username', '用戶名長度不能超過30個字符。');
        } elseif (!preg_match('/^[A-Za-z]+$/',substr($username, 0, 1))) {
            $errors[] = new Error('username', '用戶名必須以字母開頭。');
        } elseif (!preg_match('/^[A-Za-z0-9_]+$/', $username)) {
            $errors[] = new Error('username', '用戶名只能是字母、數(shù)字以及下劃線( _ )的組合。');
        } elseif (!$password) {
            $errors[] = new Error('password', '密碼不能為空。');
        } elseif (strlen($password)<6) {
            $errors[] = new Error('password', '密碼長度不能小于6個字符。');
        } elseif (strlen($password)>30) {
            $errors[] = new Error('password', '密碼長度不能超過30個字符。');
        } elseif (!preg_match('/^[A-Za-z0-9!@#\\$%\\^&\\*_]+$/', $password)) {
            $errors[] = new Error('password', '密碼只能是數(shù)字、字母或!@#$%^&*_等字符的組合。');
        } elseif ($password != trim($repeat_password)) {
            $errors[] = new Error('password', '兩次輸入密碼不一致。');
        } elseif (!Utils::isValidEmail($email)) {
            $errors[] = new Error('email', '郵箱格式有誤。');
        } else {
            // check whether user exists or not
            $dao = new UserDao();
            $user = $dao->findByName(trim($username));
            if ($user) {
                $errors[] = new Error('username', '該用戶名已經(jīng)被使用。');
            }

            $user = null;
            // check whether email being used or not
            $user = $dao->findByEmail(trim($email));
            if ($user) {
                $errors[] = new Error('email', '該郵箱已被注冊。');
            }
        }
        return $errors;
    }
}
?>

$username = null;
$password = null;
$repeat_password = null;
$email = null;
$msg = "";
if (isset($_POST['username']) && isset($_POST['password'])
        && isset($_POST['repeat_password']) && isset($_POST['email'])) {
    $username = addslashes(trim(stripslashes($_POST ['username'])));
    $password = addslashes(trim(stripslashes($_POST ['password'])));
    $repeat_password = addslashes(trim(stripslashes($_POST ['repeat_password'])));
    $email = addslashes(trim(stripslashes($_POST ['email'])));
    // validate
    $errors = RegisterValidator::validate($username, $password, $repeat_password, $email);
    // validate
    if (empty($errors)) {
        // save
        $dao = new UserDao();
        $user = new User();
        $user->setEmail($email);
        $last_login_ip = Utils::getIpAddress();
        $user->setLastLoginIp($last_login_ip);
        $user->setUsername($username);
        $salt = substr(sha1(mt_rand()), 0, 22);
        $hash_password = sha1($salt . $password);
        $user->setPassword($hash_password);
        $user->setSalt($salt);
        $user = $dao->save($user);
        if ($user) {
            UserLogin::setUserInfo($user);
            Flash::addFlash('注冊成功！');
        }
        else {
            Flash::addFlash('對不起，由于服務(wù)器內(nèi)部錯誤，導(dǎo)致注冊失敗。請稍后再試。');
        }
        Utils::redirect('welcome');
    }

    foreach ($errors as $e) {
        $msg .= $e->getMessage()."<br>";
    }

<?php
/**
 * Validation error.
 */
final class Error {
    private $source;
    private $message;
    /**
     * Create new error.
     * @param mixed $source source of the error
     * @param string $message error message
     */
    function __construct($source, $message) {
        $this->source = $source;
        $this->message = $message;
    }
    /**
     * Get source of the error.
     * @return mixed source of the error
     */
    public function getSource() {
        return $this->source;
    }
    /**
     * Get error message.
     * @return string error message
     */
    public function getMessage() {
        return $this->message;
    }
}
?>