File egister.php

  1: <?php
  2: /*
  3:  You may not change or alter any portion of this comment or credits
  4:  of supporting developers from this source code or any supporting source code
  5:  which is considered copyrighted (c) material of the original comment or credit authors.
  6: 
  7:  This program is distributed in the hope that it will be useful,
  8:  but WITHOUT ANY WARRANTY; without even the implied warranty of
  9:  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 10: */
 11: 
 12: /**
 13:  * XOOPS Register
 14:  *
 15:  * See the enclosed file license.txt for licensing information.
 16:  * If you did not receive this file, get it at http://www.gnu.org/licenses/gpl-2.0.html
 17:  *
 18:  * @copyright       (c) 2000-2016 XOOPS Project (www.xoops.org)
 19:  * @license             GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
 20:  * @package             core
 21:  * @since               2.0.0
 22:  * @author              Kazumi Ono <webmaster@myweb.ne.jp>
 23:  */
 24: include __DIR__ . '/mainfile.php';
 25: $xoopsPreload = XoopsPreload::getInstance();
 26: $xoopsPreload->triggerEvent('core.register.start');
 27: 
 28: xoops_loadLanguage('user');
 29: xoops_load('XoopsUserUtility');
 30: 
 31: $myts = MyTextSanitizer::getInstance();
 32: /* @var $config_handler XoopsConfigHandler  */
 33: $config_handler  = xoops_getHandler('config');
 34: $xoopsConfigUser = $config_handler->getConfigsByCat(XOOPS_CONF_USER);
 35: 
 36: if (empty($xoopsConfigUser['allow_register'])) {
 37:     redirect_header('index.php', 6, _US_NOREGISTER);
 38: }
 39: 
 40: /**
 41:  * @param $uname
 42:  * @param $email
 43:  * @param $pass
 44:  * @param $vpass
 45:  *
 46:  * @return bool|string
 47:  */
 48: function userCheck($uname, $email, $pass, $vpass)
 49: {
 50:     $GLOBALS['xoopsLogger']->addDeprecated('Function ' . __FUNCTION__ . ' is deprecated, use XoopsUserUtility::validate() instead');
 51: 
 52:     return XoopsUserUtility::validate($uname, $email, $pass, $vpass);
 53: }
 54: 
 55: XoopsLoad::load('XoopsFilterInput');
 56: // from $_POST we use keys: op, uname, email, url, pass, vpass, timezone_offset,
 57: //                          user_viewemail, user_mailok, agree_disc
 58: $op = 'register';
 59: if (isset($_POST['op'])) {
 60:     $op = trim(XoopsFilterInput::clean($_POST['op'], 'STRING'));
 61: }
 62: 
 63: $uname = '';
 64: if (isset($_POST['uname'])) {
 65:     $uname = trim(XoopsFilterInput::clean($myts->stripSlashesGPC($_POST['uname']), 'STRING'));
 66: }
 67: 
 68: $email = '';
 69: if (isset($_POST['email'])) {
 70:     $email = trim(XoopsFilterInput::clean($myts->stripSlashesGPC($_POST['email']), 'STRING'));
 71: }
 72: 
 73: $url = '';
 74: if (isset($_POST['url'])) {
 75:     $url = trim(XoopsFilterInput::clean($myts->stripSlashesGPC($_POST['url']), 'WEBURL'));
 76: }
 77: 
 78: $pass = '';
 79: if (isset($_POST['pass'])) {
 80:     $pass = trim(XoopsFilterInput::clean($myts->stripSlashesGPC($_POST['pass']), 'STRING'));
 81: }
 82: 
 83: $vpass = '';
 84: if (isset($_POST['vpass'])) {
 85:     $vpass = trim(XoopsFilterInput::clean($myts->stripSlashesGPC($_POST['vpass']), 'STRING'));
 86: }
 87: 
 88: $timezone_offset = $xoopsConfig['default_TZ'];
 89: if (isset($_POST['timezone_offset'])) {
 90:     $timezone_offset = XoopsFilterInput::clean($_POST['timezone_offset'], 'FLOAT');
 91: }
 92: 
 93: $user_viewemail = false;
 94: if (isset($_POST['user_viewemail'])) {
 95:     $user_viewemail = XoopsFilterInput::clean($_POST['user_viewemail'], 'BOOL');
 96: }
 97: 
 98: $user_mailok = false;
 99: if (isset($_POST['user_mailok'])) {
100:     $user_mailok = XoopsFilterInput::clean($_POST['user_mailok'], 'BOOL');
101: }
102: 
103: $agree_disc = false;
104: if (isset($_POST['agree_disc'])) {
105:     $agree_disc = XoopsFilterInput::clean($_POST['agree_disc'], 'BOOL');
106: }
107: 
108: // from $_GET we may use keys: op, id, actkey
109: $clean_id     = '';
110: $clean_actkey = '';
111: if (!isset($_POST['op']) && isset($_GET['op'])) {
112:     $op = XoopsFilterInput::clean($_GET['op'], 'STRING');
113:     if (isset($_GET['id'])) {
114:         $clean_id = XoopsFilterInput::clean($_GET['id'], 'INT');
115:     }
116:     if (isset($_GET['actkey'])) {
117:         $clean_actkey = XoopsFilterInput::clean($_GET['actkey'], 'STRING');
118:     }
119:     $op = in_array($op, array('actv', 'activate'), true) ? $op : 'register';
120: }
121: 
122: switch ($op) {
123:     case 'newuser':
124:         $xoopsOption['xoops_pagetitle'] = _US_USERREG;
125:         include $GLOBALS['xoops']->path('header.php');
126:         $stop = '';
127:         if (!$GLOBALS['xoopsSecurity']->check()) {
128:             $stop .= implode('<br>', $GLOBALS['xoopsSecurity']->getErrors()) . '<br>';
129:         }
130:         if ($xoopsConfigUser['reg_dispdsclmr'] != 0 && $xoopsConfigUser['reg_disclaimer'] != '') {
131:             if (empty($agree_disc)) {
132:                 $stop .= _US_UNEEDAGREE . '<br>';
133:             }
134:         }
135:         $stop .= XoopsUserUtility::validate($uname, $email, $pass, $vpass);
136:         if (empty($stop)) {
137:             echo _US_USERNAME . ': ' . $myts->htmlSpecialChars($uname) . '<br>';
138:             echo _US_EMAIL . ': ' . $myts->htmlSpecialChars($email) . '<br>';
139:             if ($url != '') {
140:                 $url = formatURL($url);
141:                 echo _US_WEBSITE . ': ' . $myts->htmlSpecialChars($url) . '<br>';
142:             }
143:             $f_timezone = ($timezone_offset < 0) ? 'GMT ' . $timezone_offset : 'GMT +' . $timezone_offset;
144:             echo _US_TIMEZONE . ": $f_timezone<br>";
145:             echo "<form action='register.php' method='post'>";
146:             xoops_load('XoopsFormCaptcha');
147:             $cpatcha = new XoopsFormCaptcha();
148:             echo '<br>' . $cpatcha->getCaption() . ': ' . $cpatcha->render();
149:             echo "<input type='hidden' name='uname' value='" . $myts->htmlSpecialChars($uname) . "' />
150:                   <input type='hidden' name='email' value='" . $myts->htmlSpecialChars($email) . "' />
151:                   <input type='hidden' name='user_viewemail' value='" . $user_viewemail . "' />
152:                   <input type='hidden' name='timezone_offset' value='" . (float)$timezone_offset . "' />
153:                   <input type='hidden' name='url' value='" . $myts->htmlSpecialChars($url) . "' />
154:                   <input type='hidden' name='pass' value='" . $myts->htmlSpecialChars($pass) . "' />
155:                   <input type='hidden' name='vpass' value='" . $myts->htmlSpecialChars($vpass) . "' />
156:                   <input type='hidden' name='user_mailok' value='" . $user_mailok . "' />
157:                   <br><br><input type='hidden' name='op' value='finish' />" . $GLOBALS['xoopsSecurity']->getTokenHTML() . "<input type='submit' value='" . _US_FINISH . "' /></form>";
158:         } else {
159:             echo "<span class='red'>$stop</span>";
160:             include $GLOBALS['xoops']->path('include/registerform.php');
161:             $reg_form->display();
162:         }
163:         include $GLOBALS['xoops']->path('footer.php');
164:         break;
165: 
166:     case 'finish':
167:         include $GLOBALS['xoops']->path('header.php');
168:         $stop = XoopsUserUtility::validate($uname, $email, $pass, $vpass);
169:         if (!$GLOBALS['xoopsSecurity']->check()) {
170:             $stop .= implode('<br>', $GLOBALS['xoopsSecurity']->getErrors()) . '<br>';
171:         }
172:         xoops_load('XoopsCaptcha');
173:         $xoopsCaptcha = XoopsCaptcha::getInstance();
174:         if (!$xoopsCaptcha->verify()) {
175:             $stop .= $xoopsCaptcha->getMessage() . '<br>';
176:         }
177:         if (empty($stop)) {
178:             /* @var $member_handler XoopsMemberHandler */
179:             $member_handler = xoops_getHandler('member');
180:             $newuser        = $member_handler->createUser();
181:             $newuser->setVar('user_viewemail', $user_viewemail, true);
182:             $newuser->setVar('uname', $uname, true);
183:             $newuser->setVar('email', $email, true);
184:             if ($url != '') {
185:                 $newuser->setVar('url', formatURL($url), true);
186:             }
187:             $newuser->setVar('user_avatar', 'avatars/blank.gif', true);
188:             $actkey = substr(md5(uniqid(mt_rand(), 1)), 0, 8);
189:             $newuser->setVar('actkey', $actkey, true);
190:             $newuser->setVar('pass', password_hash($pass, PASSWORD_DEFAULT), true);
191:             $newuser->setVar('timezone_offset', $timezone_offset, true);
192:             $newuser->setVar('user_regdate', time(), true);
193:             $newuser->setVar('uorder', $GLOBALS['xoopsConfig']['com_order'], true);
194:             $newuser->setVar('umode', $GLOBALS['xoopsConfig']['com_mode'], true);
195:             $newuser->setVar('theme', $GLOBALS['xoopsConfig']['theme_set'], true);
196:             $newuser->setVar('user_mailok', $user_mailok, true);
197:             if ($xoopsConfigUser['activation_type'] == 1) {
198:                 $newuser->setVar('level', 1, true);
199:             } else {
200:                 $newuser->setVar('level', 0, true);
201:             }
202:             if (!$member_handler->insertUser($newuser)) {
203:                 echo _US_REGISTERNG;
204:                 include $GLOBALS['xoops']->path('footer.php');
205:                 exit();
206:             }
207:             $newid = $newuser->getVar('uid');
208:             if (!$member_handler->addUserToGroup(XOOPS_GROUP_USERS, $newid)) {
209:                 echo _US_REGISTERNG;
210:                 include $GLOBALS['xoops']->path('footer.php');
211:                 exit();
212:             }
213:             if ($xoopsConfigUser['activation_type'] == 1) {
214:                 XoopsUserUtility::sendWelcome($newuser);
215:                 redirect_header('index.php', 4, _US_ACTLOGIN);
216:             }
217:             // Sending notification email to user for self activation
218:             if ($xoopsConfigUser['activation_type'] == 0) {
219:                 $xoopsMailer = xoops_getMailer();
220:                 $xoopsMailer->useMail();
221:                 $xoopsMailer->setTemplate('register.tpl');
222:                 $xoopsMailer->assign('SITENAME', $xoopsConfig['sitename']);
223:                 $xoopsMailer->assign('ADMINMAIL', $xoopsConfig['adminmail']);
224:                 $xoopsMailer->assign('SITEURL', XOOPS_URL . '/');
225:                 $xoopsMailer->setToUsers(new XoopsUser($newid));
226:                 $xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
227:                 $xoopsMailer->setFromName($xoopsConfig['sitename']);
228:                 $xoopsMailer->setSubject(sprintf(_US_USERKEYFOR, $uname));
229:                 if (!$xoopsMailer->send()) {
230:                     echo _US_YOURREGMAILNG;
231:                 } else {
232:                     echo _US_YOURREGISTERED;
233:                 }
234:                 // Sending notification email to administrator for activation
235:             } elseif ($xoopsConfigUser['activation_type'] == 2) {
236:                 $xoopsMailer = xoops_getMailer();
237:                 $xoopsMailer->useMail();
238:                 $xoopsMailer->setTemplate('adminactivate.tpl');
239:                 $xoopsMailer->assign('USERNAME', $uname);
240:                 $xoopsMailer->assign('USEREMAIL', $email);
241:                 $xoopsMailer->assign('USERACTLINK', XOOPS_URL . '/register.php?op=actv&id=' . $newid . '&actkey=' . $actkey);
242:                 $xoopsMailer->assign('SITENAME', $xoopsConfig['sitename']);
243:                 $xoopsMailer->assign('ADMINMAIL', $xoopsConfig['adminmail']);
244:                 $xoopsMailer->assign('SITEURL', XOOPS_URL . '/');
245:                 /* @var $member_handler XoopsMemberHandler */
246:                 $member_handler = xoops_getHandler('member');
247:                 $xoopsMailer->setToGroups($member_handler->getGroup($xoopsConfigUser['activation_group']));
248:                 $xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
249:                 $xoopsMailer->setFromName($xoopsConfig['sitename']);
250:                 $xoopsMailer->setSubject(sprintf(_US_USERKEYFOR, $uname));
251:                 if (!$xoopsMailer->send()) {
252:                     echo _US_YOURREGMAILNG;
253:                 } else {
254:                     echo _US_YOURREGISTERED2;
255:                 }
256:             }
257:             if ($xoopsConfigUser['new_user_notify'] == 1 && !empty($xoopsConfigUser['new_user_notify_group'])) {
258:                 $xoopsMailer = xoops_getMailer();
259:                 $xoopsMailer->reset();
260:                 $xoopsMailer->useMail();
261:                 /* @var $member_handler XoopsMemberHandler */
262:                 $member_handler = xoops_getHandler('member');
263:                 $xoopsMailer->setToGroups($member_handler->getGroup($xoopsConfigUser['new_user_notify_group']));
264:                 $xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
265:                 $xoopsMailer->setFromName($xoopsConfig['sitename']);
266:                 $xoopsMailer->setSubject(sprintf(_US_NEWUSERREGAT, $xoopsConfig['sitename']));
267:                 $xoopsMailer->setBody(sprintf(_US_HASJUSTREG, $uname));
268:                 $xoopsMailer->send();
269:             }
270:         } else {
271:             echo "<span class='red bold'>{$stop}</span>";
272:             include $GLOBALS['xoops']->path('include/registerform.php');
273:             $reg_form->display();
274:         }
275:         include $GLOBALS['xoops']->path('footer.php');
276:         break;
277: 
278:     case 'actv':
279:     case 'activate':
280:         $id     = $clean_id;
281:         $actkey = $clean_actkey;
282:         if (empty($id)) {
283:             redirect_header('index.php', 1, '');
284:         }
285:     /* @var $member_handler XoopsMemberHandler */
286:         $member_handler = xoops_getHandler('member');
287:         $thisuser       = $member_handler->getUser($id);
288:         if (!is_object($thisuser)) {
289:             exit();
290:         }
291:         if ($thisuser->getVar('actkey') != $actkey) {
292:             redirect_header('index.php', 5, _US_ACTKEYNOT);
293:         } else {
294:             if ($thisuser->getVar('level') > 0) {
295:                 redirect_header('user.php', 5, _US_ACONTACT, false);
296:             } else {
297:                 if (false !== $member_handler->activateUser($thisuser)) {
298:                     $xoopsPreload->triggerEvent('core.behavior.user.activate', $thisuser);
299:                     $config_handler  = xoops_getHandler('config');
300:                     $xoopsConfigUser = $config_handler->getConfigsByCat(XOOPS_CONF_USER);
301:                     if ($xoopsConfigUser['activation_type'] == 2) {
302:                         $myts        = MyTextSanitizer::getInstance();
303:                         $xoopsMailer = xoops_getMailer();
304:                         $xoopsMailer->useMail();
305:                         $xoopsMailer->setTemplate('activated.tpl');
306:                         $xoopsMailer->assign('SITENAME', $xoopsConfig['sitename']);
307:                         $xoopsMailer->assign('ADMINMAIL', $xoopsConfig['adminmail']);
308:                         $xoopsMailer->assign('SITEURL', XOOPS_URL . '/');
309:                         $xoopsMailer->setToUsers($thisuser);
310:                         $xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
311:                         $xoopsMailer->setFromName($xoopsConfig['sitename']);
312:                         $xoopsMailer->setSubject(sprintf(_US_YOURACCOUNT, $xoopsConfig['sitename']));
313:                         include $GLOBALS['xoops']->path('header.php');
314:                         if (!$xoopsMailer->send()) {
315:                             printf(_US_ACTVMAILNG, $thisuser->getVar('uname'));
316:                         } else {
317:                             printf(_US_ACTVMAILOK, $thisuser->getVar('uname'));
318:                         }
319:                         include $GLOBALS['xoops']->path('footer.php');
320:                     } else {
321:                         redirect_header('user.php', 5, _US_ACTLOGIN, false);
322:                     }
323:                 } else {
324:                     redirect_header('index.php', 5, _US_ACTFAILD);
325:                 }
326:             }
327:         }
328:         break;
329: 
330:     case 'register':
331:     default:
332:         $xoopsOption['xoops_pagetitle'] = _US_USERREG;
333:         include $GLOBALS['xoops']->path('header.php');
334:         $xoTheme->addMeta('meta', 'keywords', _US_USERREG . ', ' . _US_NICKNAME); // FIXME!
335:         $xoTheme->addMeta('meta', 'description', strip_tags($xoopsConfigUser['reg_disclaimer']));
336:         include $GLOBALS['xoops']->path('include/registerform.php');
337:         $reg_form->display();
338:         include $GLOBALS['xoops']->path('footer.php');
339:         break;
340: }
341:
Namespaces

Classes

Interfaces

Exceptions

Functions
