/pages/register.php
PHP | 324 lines | 272 code | 34 blank | 18 comment | 39 complexity | 530b6f1936e863c6c79098029e10cd0e MD5 | raw file
- <?php defined('EF5_SYSTEM') || exit;
- /*********************************************************
- | eXtreme-Fusion 5
- | Content Management System
- |
- | Copyright (c) 2005-2013 eXtreme-Fusion Crew
- | http://extreme-fusion.org/
- |
- | This program is released as free software under the
- | Affero GPL license. You can redistribute it and/or
- | modify it under the terms of this license which you
- | can read by viewing the included agpl.txt or online
- | at www.gnu.org/licenses/agpl.html. Removal of this
- | copyright header is strictly prohibited without
- | written permission from the original author(s).
- *********************************************************/
- if ($_user->isLoggedIn())
- {
- HELP::redirect(ADDR_SITE);
- }
- $_locale->load('register');
- $theme = array(
- 'Title' => __('Register').' » '.$_sett->get('site_name'),
- 'Keys' => 'Rejestracja, stwórz konto, uzyskaj dostęp',
- 'Desc' => 'Chcesz zarejestrować się na: '.$_sett->get('site_name').'? Możesz to zrobić już teraz.'
- );
- if ($_sett->get('enable_registration') !== '1')
- {
- // Rejestracja wyłaczona, wyświetlę komunikat
- throw new userException('Rejestra została wyłączona przez Administratora.');
- }
- $_mail = new Mailer($_sett->get('smtp_username'), $_sett->get('smtp_password'), $_sett->get('smtp_host'), $_sett->get('smtp_port'));
- $_protection = NULL;
- if ($validate_method = $_sett->getUnserialized('validation', 'register'))
- {
- $_security = new Security($_pdo, $_request, $_locale);
- // Zwraca referencje obiektu klasy zabezpieczejącej
- if ($_protection = $_security->getCurrentModule($validate_method))
- {
- // Przekazywanie referencji do obiektów
- $_protection->setObjects($_tpl, $_pdo, $_locale);
- }
- }
- if ($_route->getByID(1) === 'active' && $_route->getByID(2))
- {
- $valid = $_pdo->getRow('SELECT `id` FROM [users] WHERE `valid_code`= :code',
- array(':code', $_route->getByID(2), PDO::PARAM_STR)
- );
- if ($_sett->get('admin_activation') === '1')
- {
- $status = 2;
- }
- else
- {
- $status = 0;
- }
- $query = $_pdo->exec('UPDATE [users] SET `valid` = :valid, `valid_code` = \'\', `status` = \''.$status.'\' WHERE `id` = :id',
- array(
- array(':valid', 1, PDO::PARAM_INT),
- array(':id', $valid['id'], PDO::PARAM_INT)
- )
- );
- if ($_sett->get('admin_activation') == 1)
- {
- $_tpl->assign('active', TRUE);
- }
- else
- {
- $_tpl->assign('create', TRUE);
- }
- }
- if ($_request->post('create_account')->show())
- {
- $error = array();
- if ( ! ($_request->post('username')->show() && $_request->post('user_pass')->show() && $_request->post('user_email')->show() && $_request->post('hide_email')->isNum()))
- {
- $error[] = '1';
- }
- if ( ! $_user->validLogin($_request->post('username')->show()))
- {
- $error[] = '2';
- }
- else
- {
- if ( ! $_user->availableLogin($_request->post('username')->show()))
- {
- $error[] = '5';
- }
- }
- if ( ! $_user->validPassword($_request->post('user_pass')->show(), $_request->post('user_pass2')->show()))
- {
- $error[] = '3';
- }
- if ( ! $_user->validEmail($_request->post('user_email')->show()))
- {
- $error[] = '4';
- }
- else
- {
- if ( ! $_user->availableEmail($_request->post('user_email')->show()))
- {
- $error[] = '6';
- }
- else
- {
- if ($_user->bannedByEmail($_request->post('user_email')->show()))
- {
- $error[] = '7';
-
- $_pdo->exec('INSERT INTO [blacklist] (`ip`, `type`, `user_id`, `email`, `reason`, `datestamp`) VALUES (:ip, :type, :user_id, :email, :reason, '.time().')',
- array(
- array(':ip', $_user->getIP(), PDO::PARAM_STR),
- array(':type', $_user->getIPType(), PDO::PARAM_INT),
- array(':user_id', 1, PDO::PARAM_INT),
- array(':email', $_request->post('user_email')->show(), PDO::PARAM_STR),
- array(':reason', __('Gość próbował się rejestrować na zablokowany email lub domenę, jego adres IP został dodany do bazy danych jako podejrzany!'), PDO::PARAM_STR)
- )
- );
- }
- }
- }
- if ($_protection)
- {
- if ( ! $_protection->isValidAnswer($_security->getUserAnswer($_protection->getResponseInputs())))
- {
- $error['security'] = '8';
- }
- }
- if ( ! $error)
- {
- if ($_sett->get('email_verification') === '1')
- {
- $status = 1;
- $valid = md5(uniqid(time()));
- }
- elseif ($_sett->get('admin_activation') === '1')
- {
- $status = 2;
- $valid = md5(uniqid(time()));
- }
- else
- {
- $status = 0;
- $valid = '';
- }
- $salt = substr(sha512(uniqid(rand(), true)), 0, 5);
- $password = sha512($salt.'^'.$_request->post('user_pass')->show());
-
- $language = $_request->post('language')->show() ? $_request->post('language')->show() : $_sett->get('locale');
- $query = $_pdo->exec('
- INSERT INTO [users] (`username`, `password`, `salt`, `link`, `email`, `hide_email`, `valid_code`, `joined`, `status`, `role`, `roles`, `lang`)
- VALUES (:username, \''.$password.'\', \''.$salt.'\', :link, :email, :hidemail, :valid, '.time().', \''.$status.'\', 2, \''.serialize(array(2, 3)).'\', :lang)',
- array(
- array(':username', $_request->post('username')->show(), PDO::PARAM_STR),
- array(':link', HELP::Title2Link($_request->post('username')->show()), PDO::PARAM_STR),
- array(':email', $_request->post('user_email')->show(), PDO::PARAM_STR),
- array(':hidemail', $_request->post('hide_email')->show(), PDO::PARAM_STR),
- array(':valid', $valid, PDO::PARAM_STR),
- array(':lang', $language, PDO::PARAM_STR)
- )
- );
-
- if (class_exists('PhpBB', FALSE))
- {
- if ($_phpbb->bridgeOn())
- {
- $query = $_phpbb->registerPhpBB($_request->post('username')->show(), $_request->post('user_pass')->show(), $_request->post('user_email')->show());
- }
- }
- $lastuser = $_pdo->getRow('SELECT `id` FROM [users] WHERE `username` = :user',
- array(':user', $_request->post('username')->show(), PDO::PARAM_STR)
- );
- $query = $_pdo->getData('SELECT * FROM [user_fields] WHERE `register` = 1');
- $match = $_pdo->getRowsCount($query);
- $i = 0; $field = ''; $index_val = ''; $field_val = '';
- if($match !== NULL)
- {
- foreach($query as $data)
- {
- $index = $data['index'];
- $val = $_request->post($index)->show();
- $index_val .= '`'.$index.'`'.($i < $match-1 ? ', ' : '');
- $field_val .= '"'.$val.'"'.($i < $match-1 ? ', ' : '');
- $field .= '`'.$index.'` = "'.$val.'"'.($i < $match-1 ? ', ' : '');
- $i++;
- }
-
- if ($field)
- {
- if ($lastuser['id'] === NULL)
- {
- $_pdo->exec('UPDATE [users_data] SET '.$field);
- }
- else
- {
- $_pdo->exec('INSERT INTO [users_data] (`user_id`, '.$index_val.') VALUES ('.$lastuser['id'].', '.$field_val.') ON DUPLICATE KEY UPDATE '.$field.'');
- }
- }
- }
- if ($_sett->get('email_verification') === '1')
- {
- $message = 'Witaj '.$_request->post('username')->show().'!<br /><br />
- Dane dla Twojego konta na portalu '.$_sett->get('site_name').':<br />
- <strong>Login:</strong> '.$_request->post('username')->show().'<br />
- <strong>Hasło:</strong> '.$_request->post('user_pass')->show().'<br />
- <br />
- Żeby w pełni korzystać z portalu musisz aktywować swoje konto za pomocą poniższego linki:<br />
- <br />
- <a href="'.$_route->path(array('controller' => 'register', 'action' => 'active', $valid)).'">'.$_route->path(array('controller' => 'register', 'action' => 'active', $valid)).'</a><br />
- <br />
- <strong>Pozdrawiam</strong><br />
- <em>'.$_sett->get('site_username').'</em><br />
- <br />
- <hr />
- Wiadomość wysłana automatycznie. Proszę nie odpisywać.';
- if ($_mail->send($_request->post('user_email')->show(), $_sett->get('contact_email'), __('Aktywacja konta'), $message, array(), TRUE))
- {
- $_tpl->assign('email_send', TRUE);
- }
- else
- {
- $_tpl->assign('email_not_send', TRUE);
- }
- }
- elseif ($_sett->get('admin_activation') === '1')
- {
- $_tpl->assign('active', TRUE);
- }
- else
- {
- $_tpl->assign('create', TRUE);
- }
- }
- else
- {
- $_tpl->assignGroup(array(
- 'error' => $error,
- 'username' => $_request->post('username')->show(),
- 'email' => $_request->post('user_email')->show(),
- 'hide_email' => $_request->post('hide_email')->show()
- ));
- }
- }
- $result = $_pdo->getData('SELECT `id`, `name`, `index`, `type`, `option` FROM [user_fields] WHERE `register` = 1 ORDER by `id`');
- if ($result)
- {
- if ($_pdo->getRowsCount($result))
- {
- $i = 0; $data = array();
- foreach ($result as $row)
- {
- if ($row['type'] == 3)
- {
- $n = 0;
- foreach(unserialize($row['option']) as $keys => $val)
- {
- $option[$i][$keys] = array(
- 'value' => $val,
- 'n' => $n
- );
- $n++;
- }
- $_tpl->assign('option', $option);
- }
-
- $data[] = array(
- 'row_color' => $i % 2 == 0 ? 'tbl2' : 'tbl1',
- 'id' => $row['id'],
- 'name' => $row['name'],
- 'index' => $row['index'],
- 'type' => $row['type'],
- 'value' => NULL,
- );
- $i++;
- }
- }
- $_tpl->assignGroup(array(
- 'data' => $data,
- 'i' => $i
- ));
- }
- if ($_sett->get('enable_terms') === '1')
- {
- $_tpl->assign('license_agreement', $_sett->get('license_agreement'));
- }
- $_tpl->assignGroup(array(
- 'portal' => $_sett->get('site_name'),
- 'validation' => (bool) $_protection,
- 'enable_terms' => $_sett->get('enable_terms'),
- 'locale_set' => $_tpl->createSelectOpts($_files->createFileList(DIR_SITE.'locale', array(), TRUE, 'folders'), $_user->getLang(), FALSE, TRUE, Html::SELECT_NO_SELECTION)
- ));
- if ($_protection)
- {
- $_tpl->assign('security', isset($error['security']) ? $_protection->getView_wrongAnswer() : $_protection->getView());
- }