Subversion Repositories Applications.papyrus

Rev

Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
831 florian 1
<?php
2
 
3
////////////////////////////////////////////////////////////////////////////////
4
//                                                                            //
5
//   Copyright (C) 2006  Phorum Development Team                              //
6
//   http://www.phorum.org                                                    //
7
//                                                                            //
8
//   This program is free software. You can redistribute it and/or modify     //
9
//   it under the terms of either the current Phorum License (viewable at     //
10
//   phorum.org) or the Phorum License that was distributed with this file    //
11
//                                                                            //
12
//   This program is distributed in the hope that it will be useful,          //
13
//   but WITHOUT ANY WARRANTY, without even the implied warranty of           //
14
//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.                     //
15
//                                                                            //
16
//   You should have received a copy of the Phorum License                    //
17
//   along with this program.                                                 //
18
////////////////////////////////////////////////////////////////////////////////
19
define('phorum_page','register');
20
 
21
include_once("./common.php");
22
include_once("./include/users.php");
23
include_once("./include/profile_functions.php");
24
include_once("./include/email_functions.php");
25
 
26
// set all our URL's
27
phorum_build_common_urls();
28
 
29
// The URL contains an approve argument, which means that a new user
30
// is confirming a new user account.
31
if (isset($PHORUM["args"]["approve"])) {
32
 
33
    // Extract registration validation code and user_id.
34
    $tmp_pass=substr($PHORUM["args"]["approve"], 0, 8);
35
    $user_id = (int)substr($PHORUM["args"]["approve"], 8);
36
    $user_id = phorum_user_verify($user_id, $tmp_pass);
37
 
38
    // Validation code correct.
39
    if ($user_id) {
40
 
41
        $user = phorum_user_get($user_id);
42
 
43
        $moduser=array();
44
 
45
        // The user has been denied by a moderator.
46
        if ($user["active"] == PHORUM_USER_INACTIVE) {
47
             $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegVerifyFailed"];
48
        // The user should still be approved by a moderator.
49
        } elseif ($user["active"] == PHORUM_USER_PENDING_MOD) {
50
        	// TODO: this message should be changed in 5.1 to have a unique message!!!
51
        	$PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegVerifyMod"];
52
        // The user is waiting for email and/or email+moderator confirmation.
53
        } else {
54
            // Waiting for both? Then switch to wait for moderator.
55
            if ($user["active"] == PHORUM_USER_PENDING_BOTH) {
56
                $moduser["active"] = PHORUM_USER_PENDING_MOD;
57
                $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegVerifyMod"];
58
            // Only email confirmation was required. Active the user.
59
            } else {
60
                $moduser["active"] = PHORUM_USER_ACTIVE;
61
                $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegAcctActive"];
62
            }
63
 
64
            // Save the new user active status.
65
            $moduser["user_id"] = $user_id;
66
            phorum_user_save($moduser);
67
        }
68
 
69
    // Validation code incorrect.
70
    } else {
71
        $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegVerifyFailed"];
72
    }
73
 
74
    include phorum_get_template("header");
75
    phorum_hook("after_header");
76
    include phorum_get_template("message");
77
    phorum_hook("before_footer");
78
    include phorum_get_template("footer");
79
    return;
80
 
81
}
82
 
83
$error = ''; // Init error as empty.
84
 
85
// Process posted form data.
86
if (count($_POST)) {
87
 
88
    // Sanitize input data.
89
    foreach ($_POST as $key => $val) {
90
        if ($key == 'username') {
91
            // Trim and space-collapse usernames, so people can't
92
            // impersonate as other users using the same username,
93
            // but with extra spaces in it.
94
            $_POST[$key] = preg_replace('/\s+/', ' ', trim($val));
95
        } else {
96
            $_POST[$key] = trim($val);
97
        }
98
    }
99
 
100
    // Check if all required fields are filled and valid.
101
    if (!isset($_POST["username"]) || empty($_POST['username'])) {
102
        $error = $PHORUM["DATA"]["LANG"]["ErrUsername"];
103
    } elseif (!isset($_POST["email"]) || !phorum_valid_email($_POST["email"])) {
104
        $error = $PHORUM["DATA"]["LANG"]["ErrEmail"];
105
    } elseif (empty($_POST["password"]) || $_POST["password"] != $_POST["password2"]) {
106
        $error = $PHORUM["DATA"]["LANG"]["ErrPassword"];
107
    }
108
    // Check if the username and email address don't already exist.
109
    elseif(phorum_user_check_username($_POST["username"])) {
110
        $error = $PHORUM["DATA"]["LANG"]["ErrRegisterdName"];
111
    } elseif (phorum_user_check_email($_POST["email"])){
112
        $error = $PHORUM["DATA"]["LANG"]["ErrRegisterdEmail"];
113
    }
114
 
115
    // Check banlists.
116
    if (empty($error)) {
117
        $error = phorum_check_bans(array(
118
            array($_POST["username"], PHORUM_BAD_NAMES),
119
            array($_POST["email"],    PHORUM_BAD_EMAILS),
120
            array(NULL,               PHORUM_BAD_IPS),
121
        ));
122
    }
123
 
124
    // Create user if no errors have been encountered.
125
    if (empty($error)) {
126
 
127
        // Setup the default userdata to store.
128
        $userdata = array(
129
            'username'   => NULL,
130
            'password'   => NULL,
131
            'email'      => NULL,
132
        );
133
        // Add custom profile fields as acceptable fields.
134
        foreach ($PHORUM["PROFILE_FIELDS"] as $data) {
135
            $userdata[$data["name"]] = NULL;
136
        }
137
        // Update userdata with $_POST information.
138
        foreach ($_POST as $key => $val) {
139
           if (array_key_exists($key, $userdata)) {
140
               $userdata[$key] = $val;
141
           }
142
        }
143
        // Remove unused custom profile fields.
144
        foreach ($PHORUM["PROFILE_FIELDS"] as $field) {
145
            if (is_null($userdata[$field["name"]])) {
146
                unset($userdata[$field["name"]]);
147
            }
148
        }
149
        // Add static info.
150
        $userdata["date_added"]=time();
151
        $userdata["date_last_active"]=time();
152
        $userdata["hide_email"]=true;
153
 
154
        // Set user active status depending on the registration verification
155
        // setting. Generate a confirmation code for email verification.
156
        if ($PHORUM["registration_control"] == PHORUM_REGISTER_INSTANT_ACCESS) {
157
            $userdata["active"] = PHORUM_USER_ACTIVE;
158
        } elseif ($PHORUM["registration_control"] == PHORUM_REGISTER_VERIFY_EMAIL) {
159
            $userdata["active"] = PHORUM_USER_PENDING_EMAIL;
160
            $userdata["password_temp"]=substr(md5(microtime()), 0, 8);
161
        } elseif ($PHORUM["registration_control"]==PHORUM_REGISTER_VERIFY_MODERATOR) {
162
            $userdata["active"] = PHORUM_USER_PENDING_MOD;
163
        } elseif ($PHORUM["registration_control"]==PHORUM_REGISTER_VERIFY_BOTH) {
164
            $userdata["password_temp"]=substr(md5(microtime()), 0, 8);
165
            $userdata["active"] = PHORUM_USER_PENDING_BOTH;
166
        }
167
 
168
        // Run a hook, so module writers can update and check the userdata.
169
        $userdata = phorum_hook("before_register", $userdata);
170
 
171
        // Set $error, in case the before_register hook did set an error.
172
        if (isset($userdata['error'])) {
173
            $error = $userdata['error'];
174
            unset($userdata['error']);
175
        }
176
        // Try to add the user to the database.
177
        elseif ($user_id = phorum_user_add($userdata)) {
178
 
179
            // The user was added. Determine what message to show.
180
            if ($PHORUM["registration_control"] == PHORUM_REGISTER_INSTANT_ACCESS) {
181
                $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegThanks"];
182
            } elseif($PHORUM["registration_control"] == PHORUM_REGISTER_VERIFY_EMAIL ||
183
                     $PHORUM["registration_control"] == PHORUM_REGISTER_VERIFY_BOTH) {
184
                $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegVerifyEmail"];
185
            } elseif($PHORUM["registration_control"] == PHORUM_REGISTER_VERIFY_MODERATOR) {
186
                $PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegVerifyMod"];
187
            }
188
 
189
            // Send a message to the new user in case email verification is required.
190
            if ($PHORUM["registration_control"] == PHORUM_REGISTER_VERIFY_BOTH ||
191
                $PHORUM["registration_control"] == PHORUM_REGISTER_VERIFY_EMAIL) {
192
                $verify_url = phorum_get_url(PHORUM_REGISTER_URL, "approve=".$userdata["password_temp"]."$user_id");
193
                // make the link an anchor tag for AOL users
194
                if (preg_match("!aol\.com$!i", $userdata["email"])) {
195
                    $verify_url = "<a href=\"$verify_url\">$verify_url</a>";
196
                }
197
                $maildata["mailsubject"] = $PHORUM["DATA"]["LANG"]["VerifyRegEmailSubject"];
198
                $maildata["mailmessage"] = wordwrap($PHORUM["DATA"]["LANG"]["VerifyRegEmailBody1"], 72)."\n\n$verify_url\n\n".wordwrap($PHORUM["DATA"]["LANG"]["VerifyRegEmailBody2"], 72);
199
                phorum_email_user(array($userdata["email"]), $maildata);
200
            }
201
 
202
            $PHORUM["DATA"]["BACKMSG"] = $PHORUM["DATA"]["LANG"]["RegBack"];
203
            $PHORUM["DATA"]["URL"]["REDIRECT"] = phorum_get_url(PHORUM_LOGIN_URL);
204
 
205
            // Run a hook, so module writers can run tasks after registering.
206
            phorum_hook("after_register",$userdata);
207
 
208
            include phorum_get_template("header");
209
            phorum_hook("after_header");
210
            include phorum_get_template("message");
211
            phorum_hook("before_footer");
212
            include phorum_get_template("footer");
213
            return;
214
 
215
        // Adding the user to the database failed.
216
        } else {
217
            $error = $PHORUM["DATA"]["LANG"]["ErrUserAddUpdate"];
218
        }
219
    }
220
 
221
    // Some error encountered during processing? Then setup the
222
    // data to redisplay the registration form, including an error.
223
    if (!empty($error)) {
224
        foreach($_POST as $key => $val){
225
            $PHORUM["DATA"]["REGISTER"][$key] = htmlspecialchars($val);
226
        }
227
        $PHORUM["DATA"]["ERROR"] = htmlspecialchars($error);
228
    }
229
 
230
// No data posted, so this is the first request. Initialize form data.
231
} else {
232
    // Initialize fixed fields.
233
    $PHORUM["DATA"]["REGISTER"]["username"] = "";
234
    $PHORUM["DATA"]["REGISTER"]["email"] = "";
235
    $PHORUM["DATA"]["ERROR"] = "";
236
 
237
    // Initialize custom profile fields.
238
    foreach($PHORUM["PROFILE_FIELDS"] as $field) {
239
        $PHORUM["DATA"]["REGISTER"][$field["name"]] = "";
240
    }
241
}
242
 
243
# Setup static template data.
244
$PHORUM["DATA"]["URL"]["ACTION"] = phorum_get_url( PHORUM_REGISTER_ACTION_URL );
245
$PHORUM["DATA"]["REGISTER"]["forum_id"] = $PHORUM["forum_id"];
246
$PHORUM["DATA"]["REGISTER"]["block_title"] = $PHORUM["DATA"]["LANG"]["Register"];
247
 
248
// Display the registration page.
249
include phorum_get_template("header");
250
phorum_hook("after_header");
251
include phorum_get_template("register");
252
phorum_hook("before_footer");
253
include phorum_get_template("footer");
254
 
255
?>