PageRenderTime 26ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 0ms

/register.php

https://gitlab.com/VoyaTrax/vtCMS
PHP | 277 lines | 241 code | 6 blank | 30 comment | 62 complexity | 2ffae1ece4dadaa1bf85ab7b81c2a64d MD5 | raw file
Possible License(s): LGPL-2.1, AGPL-3.0, AGPL-1.0 
    

  1. <?php

    2. 

  2. // $Id: register.php 1029 2007-09-09 03:49:25Z phppp $

    3. 

  3. //  ------------------------------------------------------------------------ //

    4. 

  4. //                XOOPS - PHP Content Management System                      //

    5. 

  5. //                    Copyright (c) 2000 XOOPS.org                           //

    6. 

  6. //                       <http://www.xoops.org/>                             //

    7. 

  7. //  ------------------------------------------------------------------------ //

    8. 

  8. //  This program is free software; you can redistribute it and/or modify     //

    9. 

  9. //  it under the terms of the GNU General Public License as published by     //

    10. 

  10. //  the Free Software Foundation; either version 2 of the License, or        //

    11. 

  11. //  (at your option) any later version.                                      //

    12. 

  12. //                                                                           //

    13. 

  13. //  You may not change or alter any portion of this comment or credits       //

    14. 

  14. //  of supporting developers from this source code or any supporting         //

    15. 

  15. //  source code which is considered copyrighted (c) material of the          //

    16. 

  16. //  original comment or credit authors.                                      //

    17. 

  17. //                                                                           //

    18. 

  18. //  This program is distributed in the hope that it will be useful,          //

    19. 

  19. //  but WITHOUT ANY WARRANTY; without even the implied warranty of           //

    20. 

  20. //  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            //

    21. 

  21. //  GNU General Public License for more details.                             //

    22. 

  22. //                                                                           //

    23. 

  23. //  You should have received a copy of the GNU General Public License        //

    24. 

  24. //  along with this program; if not, write to the Free Software              //

    25. 

  25. //  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA //

    26. 

  26. //  ------------------------------------------------------------------------ //

    27. 

  27. 

    28. 

  28. $xoopsOption['pagetype'] = 'user';

    29. 

  29. 

    30. 

  30. include 'mainfile.php';

    31. 

  31. $myts =& MyTextSanitizer::getInstance();

    32. 

  32. 

    33. 

  33. $config_handler =& xoops_gethandler('config');

    34. 

  34. $xoopsConfigUser =& $config_handler->getConfigsByCat(XOOPS_CONF_USER);

    35. 

  35. 

    36. 

  36. if (empty($xoopsConfigUser['allow_register'])) {

    37. 

  37. 	redirect_header('index.php', 6, _US_NOREGISTER);

    38. 

  38. 	exit();

    39. 

  39. }

    40. 

  40. 

    41. 

  41. function userCheck($uname, $email, $pass, $vpass)

    42. 

  42. {

    43. 

  43. 	global $xoopsConfigUser;

    44. 

  44. 	$xoopsDB =& Database::getInstance();

    45. 

  45. 	$myts =& MyTextSanitizer::getInstance();

    46. 

  46. 	$stop = '';

    47. 

  47. 	if (!checkEmail($email)) {

    48. 

  48. 		$stop .= _US_INVALIDMAIL.'<br />';

    49. 

  49. 	}

    50. 

  50. 	foreach ($xoopsConfigUser['bad_emails'] as $be) {

    51. 

  51. 		if (!empty($be) && preg_match("/".$be."/i", $email)) {

    52. 

  52. 			$stop .= _US_INVALIDMAIL.'<br />';

    53. 

  53. 			break;

    54. 

  54. 		}

    55. 

  55. 	}

    56. 

  56. 	if (strrpos($email,' ') > 0) {

    57. 

  57. 		$stop .= _US_EMAILNOSPACES.'<br />';

    58. 

  58. 	}

    59. 

  59. 	$uname = xoops_trim($uname);

    60. 

  60. 	switch ($xoopsConfigUser['uname_test_level']) {

    61. 

  61. 	case 0:

    62. 

  62. 		// strict

    63. 

  63. 		$restriction = '/[^a-zA-Z0-9\_\-]/';

    64. 

  64. 		break;

    65. 

  65. 	case 1:

    66. 

  66. 		// medium

    67. 

  67. 		$restriction = '/[^a-zA-Z0-9\_\-\<\>\,\.\$\%\#\@\!\\\'\"]/';

    68. 

  68. 		break;

    69. 

  69. 	case 2:

    70. 

  70. 		// loose

    71. 

  71. 		$restriction = '/[\000-\040]/';

    72. 

  72. 		break;

    73. 

  73. 	}

    74. 

  74. 	if (empty($uname) || preg_match($restriction, $uname)) {

    75. 

  75. 		$stop .= _US_INVALIDNICKNAME."<br />";

    76. 

  76. 	}

    77. 

  77. 	if (strlen($uname) > $xoopsConfigUser['maxuname']) {

    78. 

  78. 		$stop .= sprintf(_US_NICKNAMETOOLONG, $xoopsConfigUser['maxuname'])."<br />";

    79. 

  79. 	}

    80. 

  80. 	if (strlen($uname) < $xoopsConfigUser['minuname']) {

    81. 

  81. 		$stop .= sprintf(_US_NICKNAMETOOSHORT, $xoopsConfigUser['minuname'])."<br />";

    82. 

  82. 	}

    83. 

  83. 	foreach ($xoopsConfigUser['bad_unames'] as $bu) {

    84. 

  84. 		if (!empty($bu) && preg_match("/".$bu."/i", $uname)) {

    85. 

  85. 			$stop .= _US_NAMERESERVED."<br />";

    86. 

  86. 			break;

    87. 

  87. 		}

    88. 

  88. 	}

    89. 

  89. 	if (strrpos($uname, ' ') > 0) {

    90. 

  90. 		$stop .= _US_NICKNAMENOSPACES."<br />";

    91. 

  91. 	}

    92. 

  92. 	$sql = sprintf('SELECT COUNT(*) FROM %s WHERE uname = %s', $xoopsDB->prefix('users'), $xoopsDB->quoteString(addslashes($uname)));

    93. 

  93. 	$result = $xoopsDB->query($sql);

    94. 

  94. 	list($count) = $xoopsDB->fetchRow($result);

    95. 

  95. 	if ($count > 0) {

    96. 

  96. 		$stop .= _US_NICKNAMETAKEN."<br />";

    97. 

  97. 	}

    98. 

  98. 	$count = 0;

    99. 

  99. 	if ( $email ) {

    100. 

  100. 		$sql = sprintf('SELECT COUNT(*) FROM %s WHERE email = %s', $xoopsDB->prefix('users'), $xoopsDB->quoteString(addslashes($email)));

    101. 

  101. 		$result = $xoopsDB->query($sql);

    102. 

  102. 		list($count) = $xoopsDB->fetchRow($result);

    103. 

  103. 		if ( $count > 0 ) {

    104. 

  104. 			$stop .= _US_EMAILTAKEN."<br />";

    105. 

  105. 		}

    106. 

  106. 	}

    107. 

  107. 	if ( !isset($pass) || $pass == '' || !isset($vpass) || $vpass == '' ) {

    108. 

  108. 		$stop .= _US_ENTERPWD.'<br />';

    109. 

  109. 	}

    110. 

  110. 	if ( (isset($pass)) && ($pass != $vpass) ) {

    111. 

  111. 		$stop .= _US_PASSNOTSAME.'<br />';

    112. 

  112. 	} elseif ( ($pass != '') && (strlen($pass) < $xoopsConfigUser['minpass']) ) {

    113. 

  113. 		$stop .= sprintf(_US_PWDTOOSHORT,$xoopsConfigUser['minpass'])."<br />";

    114. 

  114. 	}

    115. 

  115. 	return $stop;

    116. 

  116. }

    117. 

  117. $op = !isset($_POST['op']) ? 'register' : $_POST['op'];

    118. 

  118. $uname = isset($_POST['uname']) ? $myts->stripSlashesGPC($_POST['uname']) : '';

    119. 

  119. $email = isset($_POST['email']) ? trim($myts->stripSlashesGPC($_POST['email'])) : '';

    120. 

  120. $url = isset($_POST['url']) ? trim($myts->stripSlashesGPC($_POST['url'])) : '';

    121. 

  121. $pass = isset($_POST['pass']) ? $myts->stripSlashesGPC($_POST['pass']) : '';

    122. 

  122. $vpass = isset($_POST['vpass']) ? $myts->stripSlashesGPC($_POST['vpass']) : '';

    123. 

  123. $timezone_offset = isset($_POST['timezone_offset']) ? intval($_POST['timezone_offset']) : $xoopsConfig['default_TZ'];

    124. 

  124. $user_viewemail = (isset($_POST['user_viewemail']) && intval($_POST['user_viewemail'])) ? 1 : 0;

    125. 

  125. $user_mailok = (isset($_POST['user_mailok']) && intval($_POST['user_mailok'])) ? 1 : 0;

    126. 

  126. $agree_disc = (isset($_POST['agree_disc']) && intval($_POST['agree_disc'])) ? 1 : 0;

    127. 

  127. switch ( $op ) {

    128. 

  128. case 'newuser':

    129. 

  129. 	include 'header.php';

    130. 

  130. 	$stop = '';

    131. 

  131. 	if (!$GLOBALS['xoopsSecurity']->check()) {

    132. 

  132. 	    $stop .= implode('<br />', $GLOBALS['xoopsSecurity']->getErrors())."<br />";

    133. 

  133. 	}

    134. 

  134. // Add CAPTCHA by PinMaster -- added hack- hyperclock \\

    135. 

  135. 	include 'include/captcha_validate.php';

    136. 

  136. 

    137. 

  137. 	include 'header.php';

    138. 

  138. 	$stop = '';

    139. 

  139. // ---------- End CAPTCHA HACK ------------ \\

    140. 

  140. 	if ($xoopsConfigUser['reg_dispdsclmr'] != 0 && $xoopsConfigUser['reg_disclaimer'] != '') {

    141. 

  141. 		if (empty($agree_disc)) {

    142. 

  142. 			$stop .= _US_UNEEDAGREE.'<br />';

    143. 

  143. 		}

    144. 

  144. 	}

    145. 

  145. 	$stop .= userCheck($uname, $email, $pass, $vpass);

    146. 

  146. 	if (empty($stop)) {

    147. 

  147. 		echo _US_USERNAME.": ".$myts->htmlSpecialChars($uname)."<br />";

    148. 

  148. 		echo _US_EMAIL.": ".$myts->htmlSpecialChars($email)."<br />";

    149. 

  149. 		if ($url != '') {

    150. 

  150. 			$url = formatURL($url);

    151. 

  151. 			echo _US_WEBSITE.': '.$myts->htmlSpecialChars($url).'<br />';

    152. 

  152. 		}

    153. 

  153. 		$f_timezone = ($timezone_offset < 0) ? 'GMT '.$timezone_offset : 'GMT +'.$timezone_offset;

    154. 

  154. 		echo _US_TIMEZONE.": $f_timezone<br />";

    155. 

  155. 		echo "<form action='register.php' method='post'>

    156. 

  156. 		<input type='hidden' name='uname' value='".$myts->htmlSpecialChars($uname)."' />

    157. 

  157. 		<input type='hidden' name='email' value='".$myts->htmlSpecialChars($email)."' />";

    158. 

  158. 		echo "<input type='hidden' name='user_viewemail' value='".$user_viewemail."' />

    159. 

  159. 		<input type='hidden' name='timezone_offset' value='".(float)$timezone_offset."' />

    160. 

  160. 		<input type='hidden' name='url' value='".$myts->htmlSpecialChars($url)."' />

    161. 

  161. 		<input type='hidden' name='pass' value='".$myts->htmlSpecialChars($pass)."' />

    162. 

  162. 		<input type='hidden' name='vpass' value='".$myts->htmlSpecialChars($vpass)."' />

    163. 

  163. 		<input type='hidden' name='user_mailok' value='".$user_mailok."' />

    164. 

  164. 		<br /><br /><input type='hidden' name='op' value='finish' />".$GLOBALS['xoopsSecurity']->getTokenHTML()."<input type='submit' value='". _US_FINISH ."' /></form>";

    165. 

  165. 	} else {

    166. 

  166. 		echo "<span style='color:#ff0000;'>$stop</span>";

    167. 

  167. 		include 'include/registerform.php';

    168. 

  168. 		$reg_form->display();

    169. 

  169. 	}

    170. 

  170. 	include 'footer.php';

    171. 

  171. 	break;

    172. 

  172. case 'finish':

    173. 

  173. 	include 'header.php';

    174. 

  174. 	$stop = userCheck($uname, $email, $pass, $vpass);

    175. 

  175. 	if (!$GLOBALS['xoopsSecurity']->check()) {

    176. 

  176. 	    $stop .= implode('<br />', $GLOBALS['xoopsSecurity']->getErrors())."<br />";

    177. 

  177. 	}

    178. 

  178. 	if ( empty($stop) ) {

    179. 

  179. 		$member_handler =& xoops_gethandler('member');

    180. 

  180. 		$newuser =& $member_handler->createUser();

    181. 

  181. 		$newuser->setVar('user_viewemail',$user_viewemail, true);

    182. 

  182. 		$newuser->setVar('uname', $uname, true);

    183. 

  183. 		$newuser->setVar('email', $email, true);

    184. 

  184. 		if ($url != '') {

    185. 

  185. 			$newuser->setVar('url', formatURL($url), true);

    186. 

  186. 		}

    187. 

  187. 		$newuser->setVar('user_avatar','blank.gif', true);

    188. 

  188. 		$actkey = substr(md5(uniqid(mt_rand(), 1)), 0, 8);

    189. 

  189. 		$newuser->setVar('actkey', $actkey, true);

    190. 

  190. 		$newuser->setVar('pass', md5($pass), true);

    191. 

  191. 		$newuser->setVar('timezone_offset', $timezone_offset, true);

    192. 

  192. 		$newuser->setVar('user_regdate', time(), true);

    193. 

  193. 		$newuser->setVar('uorder',$xoopsConfig['com_order'], true);

    194. 

  194. 		$newuser->setVar('umode',$xoopsConfig['com_mode'], true);

    195. 

  195. 		$newuser->setVar('user_mailok',$user_mailok, true);

    196. 

  196. 		if ($xoopsConfigUser['activation_type'] == 1) {

    197. 

  197. 			$newuser->setVar('level', 1, true);

    198. 

  198. 		}

    199. 

  199. 		if (!$member_handler->insertUser($newuser)) {

    200. 

  200. 			echo _US_REGISTERNG;

    201. 

  201. 			include 'footer.php';

    202. 

  202. 			exit();

    203. 

  203. 		}

    204. 

  204. 		$newid = $newuser->getVar('uid');

    205. 

  205. 		if (!$member_handler->addUserToGroup(XOOPS_GROUP_USERS, $newid)) {

    206. 

  206. 			echo _US_REGISTERNG;

    207. 

  207. 			include 'footer.php';

    208. 

  208. 			exit();

    209. 

  209. 		}

    210. 

  210. 		if ($xoopsConfigUser['activation_type'] == 1) {

    211. 

  211. 			redirect_header('index.php', 4, _US_ACTLOGIN);

    212. 

  212. 			exit();

    213. 

  213. 		}

    214. 

  214. 		if ($xoopsConfigUser['activation_type'] == 0) {

    215. 

  215. 			$xoopsMailer =& getMailer();

    216. 

  216. 			$xoopsMailer->useMail();

    217. 

  217. 			$xoopsMailer->setTemplate('register.tpl');

    218. 

  218. 			$xoopsMailer->assign('SITENAME', $xoopsConfig['sitename']);

    219. 

  219. 			$xoopsMailer->assign('ADMINMAIL', $xoopsConfig['adminmail']);

    220. 

  220. 			$xoopsMailer->assign('SITEURL', XOOPS_URL."/");

    221. 

  221. 			$xoopsMailer->setToUsers(new XoopsUser($newid));

    222. 

  222. 			$xoopsMailer->setFromEmail($xoopsConfig['adminmail']);

    223. 

  223. 			$xoopsMailer->setFromName($xoopsConfig['sitename']);

    224. 

  224. 			$xoopsMailer->setSubject(sprintf(_US_USERKEYFOR, $uname));

    225. 

  225. 			if ( !$xoopsMailer->send() ) {

    226. 

  226. 				echo _US_YOURREGMAILNG;

    227. 

  227. 			} else {

    228. 

  228. 				echo _US_YOURREGISTERED;

    229. 

  229. 			}

    230. 

  230. 		} elseif ($xoopsConfigUser['activation_type'] == 2) {

    231. 

  231. 			$xoopsMailer =& getMailer();

    232. 

  232. 			$xoopsMailer->useMail();

    233. 

  233. 			$xoopsMailer->setTemplate('adminactivate.tpl');

    234. 

  234. 			$xoopsMailer->assign('USERNAME', $uname);

    235. 

  235. 			$xoopsMailer->assign('USEREMAIL', $email);

    236. 

  236. 			$xoopsMailer->assign('USERACTLINK', XOOPS_URL.'/user.php?op=actv&id='.$newid.'&actkey='.$actkey);

    237. 

  237. 			$xoopsMailer->assign('SITENAME', $xoopsConfig['sitename']);

    238. 

  238. 			$xoopsMailer->assign('ADMINMAIL', $xoopsConfig['adminmail']);

    239. 

  239. 			$xoopsMailer->assign('SITEURL', XOOPS_URL."/");

    240. 

  240. 			$member_handler =& xoops_gethandler('member');

    241. 

  241. 			$xoopsMailer->setToGroups($member_handler->getGroup($xoopsConfigUser['activation_group']));

    242. 

  242. 			$xoopsMailer->setFromEmail($xoopsConfig['adminmail']);

    243. 

  243. 			$xoopsMailer->setFromName($xoopsConfig['sitename']);

    244. 

  244. 			$xoopsMailer->setSubject(sprintf(_US_USERKEYFOR, $uname));

    245. 

  245. 			if ( !$xoopsMailer->send() ) {

    246. 

  246. 				echo _US_YOURREGMAILNG;

    247. 

  247. 			} else {

    248. 

  248. 				echo _US_YOURREGISTERED2;

    249. 

  249. 			}

    250. 

  250. 		}

    251. 

  251. 		if ($xoopsConfigUser['new_user_notify'] == 1 && !empty($xoopsConfigUser['new_user_notify_group'])) {

    252. 

  252. 			$xoopsMailer =& getMailer();

    253. 

  253. 			$xoopsMailer->useMail();

    254. 

  254. 			$member_handler =& xoops_gethandler('member');

    255. 

  255. 			$xoopsMailer->setToGroups($member_handler->getGroup($xoopsConfigUser['new_user_notify_group']));

    256. 

  256. 			$xoopsMailer->setFromEmail($xoopsConfig['adminmail']);

    257. 

  257. 			$xoopsMailer->setFromName($xoopsConfig['sitename']);

    258. 

  258. 			$xoopsMailer->setSubject(sprintf(_US_NEWUSERREGAT,$xoopsConfig['sitename']));

    259. 

  259. 			$xoopsMailer->setBody(sprintf(_US_HASJUSTREG, $uname));

    260. 

  260. 			$xoopsMailer->send();

    261. 

  261. 		}

    262. 

  262. 	} else {

    263. 

  263. 		echo "<span style='color:#ff0000; font-weight:bold;'>$stop</span>";

    264. 

  264. 		include 'include/registerform.php';

    265. 

  265. 		$reg_form->display();

    266. 

  266. 	}

    267. 

  267. 	include 'footer.php';

    268. 

  268. 	break;

    269. 

  269. case 'register':

    270. 

  270. default:

    271. 

  271. 	include 'header.php';

    272. 

  272. 	include 'include/registerform.php';

    273. 

  273. 	$reg_form->display();

    274. 

  274. 	include 'footer.php';

    275. 

  275. 	break;

    276. 

  276. }

    277. 

  277. ?>

    278. 

  278.