/lib/Lampcms/Controllers/Register.php
PHP | 354 lines | 131 code | 55 blank | 168 comment | 5 complexity | d392032e48953079e532453603108d80 MD5 | raw file
Possible License(s): LGPL-3.0
- <?php
- /**
- *
- * License, TERMS and CONDITIONS
- *
- * This software is licensed under the GNU LESSER GENERAL PUBLIC LICENSE (LGPL) version 3
- * Please read the license here : http://www.gnu.org/licenses/lgpl-3.0.txt
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote products
- * derived from this software without specific prior written permission.
- *
- * ATTRIBUTION REQUIRED
- * 4. All web pages generated by the use of this software, or at least
- * the page that lists the recent questions (usually home page) must include
- * a link to the http://www.lampcms.com and text of the link must indicate that
- * the website's Questions/Answers functionality is powered by lampcms.com
- * An example of acceptable link would be "Powered by <a href="http://www.lampcms.com">LampCMS</a>"
- * The location of the link is not important, it can be in the footer of the page
- * but it must not be hidden by style attributes
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE FREEBSD PROJECT OR CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- * This product includes GeoLite data created by MaxMind,
- * available from http://www.maxmind.com/
- *
- *
- * @author Dmitri Snytkine <cms@lampcms.com>
- * @copyright 2005-2012 (or current year) Dmitri Snytkine
- * @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU LESSER GENERAL PUBLIC LICENSE (LGPL) version 3
- * @link http://www.lampcms.com Lampcms.com project
- * @version Release: @package_version@
- *
- *
- */
-
- namespace Lampcms\Controllers;
-
- use \Lampcms\WebPage;
- use \Lampcms\String;
- use \Lampcms\Cookie;
- use \Lampcms\Request;
- use \Lampcms\Captcha\Captcha;
- use \Lampcms\Mongo\Schema\User as Schema;
- use \Lampcms\Acl\Role;
-
- /**
- * Main class for creating new account
- * for a new user who is registered
- * with just email address (no 3rd party API login)
- *
- * @todo move as many methods as possible to
- * a wrapper class so that it could be called
- * not only as a web page Controller
- * but also from the API
- * Later it will be easy to reuse if we have the API
- *
- * @author Dmitri Snytkine
- *
- */
- class Register extends WebPage
- {
-
- protected $permission = 'register';
-
-
- protected $layoutID = 1;
-
- /**
- * Object Regform;
- *
- * @var object Forms\Regform
- */
- protected $Form;
-
- /**
- * New temporary password of new user
- *
- * @var string
- */
- protected $pwd;
-
- /**
- * Username of new user
- *
- * @var string
- */
- protected $username;
-
- /**
- *
- * Email address of new user
- *
- * @var string
- */
- protected $email;
-
- /**
- * Object represents on record in EMAILS collection
- *
- * @var object of type \Lampcms\Mongo\Doc
- */
- protected $oEmail;
-
- protected function main()
- {
- $this->aPageVars['title'] = '@@Create New Account@@';
-
- /**
- * Don't bother with token
- * for this form.
- * It uses captcha, so allow
- * users to submit without token
- */
- $this->Form = new \Lampcms\Forms\Regform($this->Registry, false);
- $this->Form->setVar('action', 'register');
-
- /**
- * Set divID to registration because otherwise
- * it is default to 'regform' which causes
- * the whole form's div to be turned into
- * a modal which is used in quickReg or Join controllers
- * but for this controller we want a regular web page,
- * no modals, no Ajax
- *
- * Also set className to 'registration' because it defaults
- * to yui-pre-content which makes the whole div hidden
- * This is a trick for adding something that later is turned
- * into modal, but we don't need it for this page
- */
- $this->Form->setVar('divID', 'registration');
- $this->Form->setVar('className', 'registration');
- $this->Form->setVar('header2', '@@Create New Account@@');
- $this->Form->setVar('button', '<input name="submit" value="@@Register@@" type="submit" class="btn btn-m">');
- $this->Form->setVar('captcha', Captcha::factory($this->Registry->Ini)->getCaptchaBlock());
- $this->Form->setVar('title', '@@Create an Account@@');
- $this->Form->setVar('titleBar', '');
-
- if ($this->Form->isSubmitted() && $this->Form->validate()) {
- $this->getSubmittedValues()
- ->createNewUser()
- ->createEmailRecord()
- ->sendActivationEmail();
-
- $this->aPageVars['body'] = '<div id="tools" class="larger">@@Welcome to out site. We have just emailed your your account activation link@@</div>';
- } else {
- $this->aPageVars['body'] = '<div id="userForm" class="frm1">' . $this->Form->getForm() . '</div>';
- }
- }
-
-
- /**
- * Init instance variables
- * $this->username, $this->email and $this->pwd
- *
- * @return object $this
- */
- protected function getSubmittedValues()
- {
- $this->username = $this->Form->getSubmittedValue('username');
- $this->pwd = \Lampcms\String::makePasswd();
- $this->email = \mb_strtolower($this->Form->getSubmittedValue('email'));
-
- return $this;
- }
-
-
- /**
- *
- * Create new record in USERS collection,
- *
- * @return object $this
- */
- protected function createNewUser()
- {
-
- $coll = $this->Registry->Mongo->USERS;
- $coll->ensureIndex(array(Schema::USERNAME_LOWERCASE => 1), array('unique' => true));
-
- /**
- * Cannot make email unique index because external users
- * don't have email, and then value counts as null
- * and multiple null values count as duplicate!
- *
- */
- $coll->ensureIndex(array(Schema::EMAIL => 1));
- $coll->ensureIndex(array(Schema::ROLE => 1));
- /**
- * Indexes for managing 3 types
- * of following
- */
- $coll->ensureIndex(array('a_f_t' => 1));
- $coll->ensureIndex(array('a_f_u' => 1));
- $coll->ensureIndex(array('a_f_q' => 1));
-
- $sid = Cookie::getSidCookie();
- if (false !== $tzn = Cookie::get('tzn')) {
- $timezone = $tzn;
- } else {
- $timezone = $this->Registry->Ini->SERVER_TIMEZONE;
- }
-
- $aData[Schema::USERNAME] = $this->username;
- $aData[Schema::USERNAME_LOWERCASE] = \mb_strtolower($this->username);
- $aData[Schema::EMAIL] = $this->email;
- $aData[Schema::SID] = (false !== $sid) ? $sid : \Lampcms\String::makeSid();
- $aData[Schema::ROLE] = $this->getRole();
- $aData[Schema::TIMEZONE] = $timezone;
- $aData[Schema::PASSWORD] = String::hashPassword($this->pwd);
- $aData[Schema::REGISTRATION_TIMESTAMP] = time();
- $aData[Schema::REGISTRATION_TIME] = date('r');
- $aData[Schema::FIRST_VISIT_TIMESTAMP] = (false !== $intFv = \Lampcms\Cookie::getSidCookie(true)) ? $intFv : time();
- $aData[Schema::LOCALE] = $this->Registry->Locale->getLocale();
-
- /**
- * Initial reputation is always 1
- *
- * @var int
- */
- $aData[Schema::REPUTATION] = 1;
- $aUser = \array_merge($this->Registry->Geo->Location->data, $aData);
-
- d('aUser: ' . \json_encode($aUser));
-
- $User = \Lampcms\User::userFactory($this->Registry, $aUser);
- $User->save();
- d('new user _id: ' . $User['_id']);
-
- $this->processLogin($User);
-
- \Lampcms\PostRegistration::createReferrerRecord($this->Registry, $User);
-
- return $this;
- }
-
-
- /**
- * Normally the role of newly registered user
- * is 'unactivated' unless
- * the email address matches that of the EMAIL_ADMIN
- * in settings, in which case the account will
- * automatically become an administrator account
- *
- *
- * @internal param string $email email address
- * @return string
- */
- protected function getRole()
- {
-
- return ($this->Registry->Ini->EMAIL_ADMIN === $this->email) ? Role::ADMINISTRATOR : Role::UNACTIVATED;
- }
-
-
- /**
- * Created a new record in EMAILS collection
- *
- * @param null $userId
- *
- * @return object $this
- */
- protected function createEmailRecord($userId = null)
- {
-
- $coll = $this->Registry->Mongo->EMAILS;
- $coll->ensureIndex(array(Schema::EMAIL => 1), array('unique' => true));
- $uid = (\is_numeric($userId)) ? $userId : $this->Registry->Viewer->getUid();
-
- $a = array(
- Schema::EMAIL => $this->email,
- 'i_uid' => $uid,
- 'has_gravatar' => \Lampcms\Gravatar::factory($this->email)->hasGravatar(),
- 'ehash' => \hash('md5', $this->email),
- 'i_code_ts' => time(),
- 'code' => \substr(hash('md5', \uniqid(\mt_rand())), 0, 12));
-
- $this->oEmail = \Lampcms\Mongo\Doc::factory($this->Registry, 'EMAILS', $a);
-
- $res = $this->oEmail->save();
- d('$res: ' . $res);
-
-
- return $this;
- }
-
-
- /**
- * Make account activation link
- *
- * @return string url of account activation link
- */
- protected function makeActivationLink()
- {
- $routerCallback = $this->Registry->Router->getCallback();
- $uri = $routerCallback('{_WEB_ROOT_}/{_activate_}');
- d('uri: ' . $uri);
-
- $tpl = $this->Registry->Ini->SITE_URL . $uri . '/%d/%s';
- $link = \sprintf($tpl, $this->oEmail['_id'], $this->oEmail['code']);
- d('activation link: ' . $link);
-
- return $link;
- }
-
-
- /**
- * Send registration email to new user
- * Email will contain activation link
- * and instructions to activate the account
- *
- * @return Register
- */
- protected function sendActivationEmail()
- {
- $Tr = $this->Registry->Tr;
-
- $activationLink = $this->makeActivationLink();
- $siteName = $this->Registry->Ini->SITE_NAME;
-
- $body = $Tr->get('email.body.registration', array(
- '{site_title}' => $siteName,
- '{username}' => $this->username,
- '{password}' => $this->pwd,
- '{link}' => $activationLink)
- );
-
- $body = \Lampcms\Utf8String::leftAlign($body, 2);
-
- $subject = $Tr->get('email.subject.registration', array('{site_title}' => $siteName));
-
- /**
- * By default Mailer::mail sends email from shutdown function (returns immediately, sends later)
- */
- $this->Registry->Mailer->mail($this->email, $subject, $body);
-
- return $this;
- }
-
- }