| 831 |
florian |
1 |
<?php
|
|
|
2 |
|
|
|
3 |
////////////////////////////////////////////////////////////////////////////////
|
|
|
4 |
// //
|
|
|
5 |
// Copyright (C) 2006 Phorum Development Team //
|
|
|
6 |
// http://www.phorum.org //
|
|
|
7 |
// //
|
|
|
8 |
// This program is free software. You can redistribute it and/or modify //
|
|
|
9 |
// it under the terms of either the current Phorum License (viewable at //
|
|
|
10 |
// phorum.org) or the Phorum License that was distributed with this file //
|
|
|
11 |
// //
|
|
|
12 |
// This program is distributed in the hope that it will be useful, //
|
|
|
13 |
// but WITHOUT ANY WARRANTY, without even the implied warranty of //
|
|
|
14 |
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. //
|
|
|
15 |
// //
|
|
|
16 |
// You should have received a copy of the Phorum License //
|
|
|
17 |
// along with this program. //
|
|
|
18 |
////////////////////////////////////////////////////////////////////////////////
|
|
|
19 |
define('phorum_page','register');
|
|
|
20 |
|
|
|
21 |
include_once("./common.php");
|
|
|
22 |
include_once("./include/users.php");
|
|
|
23 |
include_once("./include/profile_functions.php");
|
|
|
24 |
include_once("./include/email_functions.php");
|
|
|
25 |
|
|
|
26 |
// set all our URL's
|
|
|
27 |
phorum_build_common_urls();
|
|
|
28 |
|
|
|
29 |
// The URL contains an approve argument, which means that a new user
|
|
|
30 |
// is confirming a new user account.
|
|
|
31 |
if (isset($PHORUM["args"]["approve"])) {
|
|
|
32 |
|
|
|
33 |
// Extract registration validation code and user_id.
|
|
|
34 |
$tmp_pass=substr($PHORUM["args"]["approve"], 0, 8);
|
|
|
35 |
$user_id = (int)substr($PHORUM["args"]["approve"], 8);
|
|
|
36 |
$user_id = phorum_user_verify($user_id, $tmp_pass);
|
|
|
37 |
|
|
|
38 |
// Validation code correct.
|
|
|
39 |
if ($user_id) {
|
|
|
40 |
|
|
|
41 |
$user = phorum_user_get($user_id);
|
|
|
42 |
|
|
|
43 |
$moduser=array();
|
|
|
44 |
|
|
|
45 |
// The user has been denied by a moderator.
|
|
|
46 |
if ($user["active"] == PHORUM_USER_INACTIVE) {
|
|
|
47 |
$PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegVerifyFailed"];
|
|
|
48 |
// The user should still be approved by a moderator.
|
|
|
49 |
} elseif ($user["active"] == PHORUM_USER_PENDING_MOD) {
|
|
|
50 |
// TODO: this message should be changed in 5.1 to have a unique message!!!
|
|
|
51 |
$PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegVerifyMod"];
|
|
|
52 |
// The user is waiting for email and/or email+moderator confirmation.
|
|
|
53 |
} else {
|
|
|
54 |
// Waiting for both? Then switch to wait for moderator.
|
|
|
55 |
if ($user["active"] == PHORUM_USER_PENDING_BOTH) {
|
|
|
56 |
$moduser["active"] = PHORUM_USER_PENDING_MOD;
|
|
|
57 |
$PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegVerifyMod"];
|
|
|
58 |
// Only email confirmation was required. Active the user.
|
|
|
59 |
} else {
|
|
|
60 |
$moduser["active"] = PHORUM_USER_ACTIVE;
|
|
|
61 |
$PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegAcctActive"];
|
|
|
62 |
}
|
|
|
63 |
|
|
|
64 |
// Save the new user active status.
|
|
|
65 |
$moduser["user_id"] = $user_id;
|
|
|
66 |
phorum_user_save($moduser);
|
|
|
67 |
}
|
|
|
68 |
|
|
|
69 |
// Validation code incorrect.
|
|
|
70 |
} else {
|
|
|
71 |
$PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegVerifyFailed"];
|
|
|
72 |
}
|
|
|
73 |
|
|
|
74 |
include phorum_get_template("header");
|
|
|
75 |
phorum_hook("after_header");
|
|
|
76 |
include phorum_get_template("message");
|
|
|
77 |
phorum_hook("before_footer");
|
|
|
78 |
include phorum_get_template("footer");
|
|
|
79 |
return;
|
|
|
80 |
|
|
|
81 |
}
|
|
|
82 |
|
|
|
83 |
$error = ''; // Init error as empty.
|
|
|
84 |
|
|
|
85 |
// Process posted form data.
|
|
|
86 |
if (count($_POST)) {
|
|
|
87 |
|
|
|
88 |
// Sanitize input data.
|
|
|
89 |
foreach ($_POST as $key => $val) {
|
|
|
90 |
if ($key == 'username') {
|
|
|
91 |
// Trim and space-collapse usernames, so people can't
|
|
|
92 |
// impersonate as other users using the same username,
|
|
|
93 |
// but with extra spaces in it.
|
|
|
94 |
$_POST[$key] = preg_replace('/\s+/', ' ', trim($val));
|
|
|
95 |
} else {
|
|
|
96 |
$_POST[$key] = trim($val);
|
|
|
97 |
}
|
|
|
98 |
}
|
|
|
99 |
|
|
|
100 |
// Check if all required fields are filled and valid.
|
|
|
101 |
if (!isset($_POST["username"]) || empty($_POST['username'])) {
|
|
|
102 |
$error = $PHORUM["DATA"]["LANG"]["ErrUsername"];
|
|
|
103 |
} elseif (!isset($_POST["email"]) || !phorum_valid_email($_POST["email"])) {
|
|
|
104 |
$error = $PHORUM["DATA"]["LANG"]["ErrEmail"];
|
|
|
105 |
} elseif (empty($_POST["password"]) || $_POST["password"] != $_POST["password2"]) {
|
|
|
106 |
$error = $PHORUM["DATA"]["LANG"]["ErrPassword"];
|
|
|
107 |
}
|
|
|
108 |
// Check if the username and email address don't already exist.
|
|
|
109 |
elseif(phorum_user_check_username($_POST["username"])) {
|
|
|
110 |
$error = $PHORUM["DATA"]["LANG"]["ErrRegisterdName"];
|
|
|
111 |
} elseif (phorum_user_check_email($_POST["email"])){
|
|
|
112 |
$error = $PHORUM["DATA"]["LANG"]["ErrRegisterdEmail"];
|
|
|
113 |
}
|
|
|
114 |
|
|
|
115 |
// Check banlists.
|
|
|
116 |
if (empty($error)) {
|
|
|
117 |
$error = phorum_check_bans(array(
|
|
|
118 |
array($_POST["username"], PHORUM_BAD_NAMES),
|
|
|
119 |
array($_POST["email"], PHORUM_BAD_EMAILS),
|
|
|
120 |
array(NULL, PHORUM_BAD_IPS),
|
|
|
121 |
));
|
|
|
122 |
}
|
|
|
123 |
|
|
|
124 |
// Create user if no errors have been encountered.
|
|
|
125 |
if (empty($error)) {
|
|
|
126 |
|
|
|
127 |
// Setup the default userdata to store.
|
|
|
128 |
$userdata = array(
|
|
|
129 |
'username' => NULL,
|
|
|
130 |
'password' => NULL,
|
|
|
131 |
'email' => NULL,
|
|
|
132 |
);
|
|
|
133 |
// Add custom profile fields as acceptable fields.
|
|
|
134 |
foreach ($PHORUM["PROFILE_FIELDS"] as $data) {
|
|
|
135 |
$userdata[$data["name"]] = NULL;
|
|
|
136 |
}
|
|
|
137 |
// Update userdata with $_POST information.
|
|
|
138 |
foreach ($_POST as $key => $val) {
|
|
|
139 |
if (array_key_exists($key, $userdata)) {
|
|
|
140 |
$userdata[$key] = $val;
|
|
|
141 |
}
|
|
|
142 |
}
|
|
|
143 |
// Remove unused custom profile fields.
|
|
|
144 |
foreach ($PHORUM["PROFILE_FIELDS"] as $field) {
|
|
|
145 |
if (is_null($userdata[$field["name"]])) {
|
|
|
146 |
unset($userdata[$field["name"]]);
|
|
|
147 |
}
|
|
|
148 |
}
|
|
|
149 |
// Add static info.
|
|
|
150 |
$userdata["date_added"]=time();
|
|
|
151 |
$userdata["date_last_active"]=time();
|
|
|
152 |
$userdata["hide_email"]=true;
|
|
|
153 |
|
|
|
154 |
// Set user active status depending on the registration verification
|
|
|
155 |
// setting. Generate a confirmation code for email verification.
|
|
|
156 |
if ($PHORUM["registration_control"] == PHORUM_REGISTER_INSTANT_ACCESS) {
|
|
|
157 |
$userdata["active"] = PHORUM_USER_ACTIVE;
|
|
|
158 |
} elseif ($PHORUM["registration_control"] == PHORUM_REGISTER_VERIFY_EMAIL) {
|
|
|
159 |
$userdata["active"] = PHORUM_USER_PENDING_EMAIL;
|
|
|
160 |
$userdata["password_temp"]=substr(md5(microtime()), 0, 8);
|
|
|
161 |
} elseif ($PHORUM["registration_control"]==PHORUM_REGISTER_VERIFY_MODERATOR) {
|
|
|
162 |
$userdata["active"] = PHORUM_USER_PENDING_MOD;
|
|
|
163 |
} elseif ($PHORUM["registration_control"]==PHORUM_REGISTER_VERIFY_BOTH) {
|
|
|
164 |
$userdata["password_temp"]=substr(md5(microtime()), 0, 8);
|
|
|
165 |
$userdata["active"] = PHORUM_USER_PENDING_BOTH;
|
|
|
166 |
}
|
|
|
167 |
|
|
|
168 |
// Run a hook, so module writers can update and check the userdata.
|
|
|
169 |
$userdata = phorum_hook("before_register", $userdata);
|
|
|
170 |
|
|
|
171 |
// Set $error, in case the before_register hook did set an error.
|
|
|
172 |
if (isset($userdata['error'])) {
|
|
|
173 |
$error = $userdata['error'];
|
|
|
174 |
unset($userdata['error']);
|
|
|
175 |
}
|
|
|
176 |
// Try to add the user to the database.
|
|
|
177 |
elseif ($user_id = phorum_user_add($userdata)) {
|
|
|
178 |
|
|
|
179 |
// The user was added. Determine what message to show.
|
|
|
180 |
if ($PHORUM["registration_control"] == PHORUM_REGISTER_INSTANT_ACCESS) {
|
|
|
181 |
$PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegThanks"];
|
|
|
182 |
} elseif($PHORUM["registration_control"] == PHORUM_REGISTER_VERIFY_EMAIL ||
|
|
|
183 |
$PHORUM["registration_control"] == PHORUM_REGISTER_VERIFY_BOTH) {
|
|
|
184 |
$PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegVerifyEmail"];
|
|
|
185 |
} elseif($PHORUM["registration_control"] == PHORUM_REGISTER_VERIFY_MODERATOR) {
|
|
|
186 |
$PHORUM["DATA"]["MESSAGE"] = $PHORUM["DATA"]["LANG"]["RegVerifyMod"];
|
|
|
187 |
}
|
|
|
188 |
|
|
|
189 |
// Send a message to the new user in case email verification is required.
|
|
|
190 |
if ($PHORUM["registration_control"] == PHORUM_REGISTER_VERIFY_BOTH ||
|
|
|
191 |
$PHORUM["registration_control"] == PHORUM_REGISTER_VERIFY_EMAIL) {
|
|
|
192 |
$verify_url = phorum_get_url(PHORUM_REGISTER_URL, "approve=".$userdata["password_temp"]."$user_id");
|
|
|
193 |
// make the link an anchor tag for AOL users
|
|
|
194 |
if (preg_match("!aol\.com$!i", $userdata["email"])) {
|
|
|
195 |
$verify_url = "<a href=\"$verify_url\">$verify_url</a>";
|
|
|
196 |
}
|
|
|
197 |
$maildata["mailsubject"] = $PHORUM["DATA"]["LANG"]["VerifyRegEmailSubject"];
|
|
|
198 |
$maildata["mailmessage"] = wordwrap($PHORUM["DATA"]["LANG"]["VerifyRegEmailBody1"], 72)."\n\n$verify_url\n\n".wordwrap($PHORUM["DATA"]["LANG"]["VerifyRegEmailBody2"], 72);
|
|
|
199 |
phorum_email_user(array($userdata["email"]), $maildata);
|
|
|
200 |
}
|
|
|
201 |
|
|
|
202 |
$PHORUM["DATA"]["BACKMSG"] = $PHORUM["DATA"]["LANG"]["RegBack"];
|
|
|
203 |
$PHORUM["DATA"]["URL"]["REDIRECT"] = phorum_get_url(PHORUM_LOGIN_URL);
|
|
|
204 |
|
|
|
205 |
// Run a hook, so module writers can run tasks after registering.
|
|
|
206 |
phorum_hook("after_register",$userdata);
|
|
|
207 |
|
|
|
208 |
include phorum_get_template("header");
|
|
|
209 |
phorum_hook("after_header");
|
|
|
210 |
include phorum_get_template("message");
|
|
|
211 |
phorum_hook("before_footer");
|
|
|
212 |
include phorum_get_template("footer");
|
|
|
213 |
return;
|
|
|
214 |
|
|
|
215 |
// Adding the user to the database failed.
|
|
|
216 |
} else {
|
|
|
217 |
$error = $PHORUM["DATA"]["LANG"]["ErrUserAddUpdate"];
|
|
|
218 |
}
|
|
|
219 |
}
|
|
|
220 |
|
|
|
221 |
// Some error encountered during processing? Then setup the
|
|
|
222 |
// data to redisplay the registration form, including an error.
|
|
|
223 |
if (!empty($error)) {
|
|
|
224 |
foreach($_POST as $key => $val){
|
|
|
225 |
$PHORUM["DATA"]["REGISTER"][$key] = htmlspecialchars($val);
|
|
|
226 |
}
|
|
|
227 |
$PHORUM["DATA"]["ERROR"] = htmlspecialchars($error);
|
|
|
228 |
}
|
|
|
229 |
|
|
|
230 |
// No data posted, so this is the first request. Initialize form data.
|
|
|
231 |
} else {
|
|
|
232 |
// Initialize fixed fields.
|
|
|
233 |
$PHORUM["DATA"]["REGISTER"]["username"] = "";
|
|
|
234 |
$PHORUM["DATA"]["REGISTER"]["email"] = "";
|
|
|
235 |
$PHORUM["DATA"]["ERROR"] = "";
|
|
|
236 |
|
|
|
237 |
// Initialize custom profile fields.
|
|
|
238 |
foreach($PHORUM["PROFILE_FIELDS"] as $field) {
|
|
|
239 |
$PHORUM["DATA"]["REGISTER"][$field["name"]] = "";
|
|
|
240 |
}
|
|
|
241 |
}
|
|
|
242 |
|
|
|
243 |
# Setup static template data.
|
|
|
244 |
$PHORUM["DATA"]["URL"]["ACTION"] = phorum_get_url( PHORUM_REGISTER_ACTION_URL );
|
|
|
245 |
$PHORUM["DATA"]["REGISTER"]["forum_id"] = $PHORUM["forum_id"];
|
|
|
246 |
$PHORUM["DATA"]["REGISTER"]["block_title"] = $PHORUM["DATA"]["LANG"]["Register"];
|
|
|
247 |
|
|
|
248 |
// Display the registration page.
|
|
|
249 |
include phorum_get_template("header");
|
|
|
250 |
phorum_hook("after_header");
|
|
|
251 |
include phorum_get_template("register");
|
|
|
252 |
phorum_hook("before_footer");
|
|
|
253 |
include phorum_get_template("footer");
|
|
|
254 |
|
|
|
255 |
?>
|