XOOPS  2.6.0
register.php
Go to the documentation of this file.
1 <?php
2 /*
3  You may not change or alter any portion of this comment or credits
4  of supporting developers from this source code or any supporting source code
5  which is considered copyrighted (c) material of the original comment or credit authors.
6 
7  This program is distributed in the hope that it will be useful,
8  but WITHOUT ANY WARRANTY; without even the implied warranty of
9  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10 */
11 
12 use Xoops\Core\FixedGroups;
13 
24 include __DIR__ . '/mainfile.php';
25 
26 $xoops = Xoops::getInstance();
27 $xoops_url = \XoopsBaseConfig::get('url');
28 $xoops->events()->triggerEvent('core.register.start');
29 $xoops->loadLanguage('user');
30 
31 $myts = MyTextSanitizer::getInstance();
32 
33 $xoopsConfigUser = $xoops->getConfigs();
34 
35 if (empty($xoopsConfigUser['allow_register'])) {
36  $xoops->redirect('index.php', 6, XoopsLocale::E_WE_ARE_CLOSED_FOR_REGISTRATION);
37 }
38 
39 // from $_POST we use keys: op, uname, email, url, pass, vpass, timezone_offset,
40 // user_viewemail, user_mailok, agree_disc
41 $clean_input = XoopsFilterInput::gather(
42  'post',
43  array(
44  array('op','string', 'register', true),
45  array('uname','string', '', true),
46  array('email','string', '', true),
47  array('url','weburl', '', true),
48  array('pass','string', '', true),
49  array('vpass','string', '', true),
50  array('timezone_offset','float', $xoopsConfig['default_TZ'], false),
51  array('user_viewemail','boolean', false, false),
52  array('user_mailok','boolean', false, false),
53  array('agree_disc','boolean', false, false),
54  )
55 );
56 
57 // from $_GET we use keys: op, id, actkey
58 $clean_get_input = XoopsFilterInput::gather(
59  'get',
60  array(
61  array('op','string', 'register', true),
62  array('id','int'),
63  array('actkey','string', '', true),
64  ),
65  'actkey'
66 );
67 
68 // move clean array to individual variables
69 $op=$clean_input['op'];
70 $uname=$clean_input['uname'];
71 $email=$clean_input['email'];
72 $url=$clean_input['url'];
73 $pass=$clean_input['pass'];
74 $vpass=$clean_input['vpass'];
75 $timezone_offset=$clean_input['timezone_offset'];
76 $user_viewemail=$clean_input['user_viewemail'];
77 $user_mailok=$clean_input['user_mailok'];
78 $agree_disc=$clean_input['agree_disc'];
79 // if this is an activation, use get
80 if ($clean_get_input!==false) {
81  $op = $clean_get_input['op'];
82  $id = $clean_get_input['id'];
83  $actkey = $clean_get_input['actkey'];
84 }
85 
86 switch ($op) {
87  case 'newuser':
88  $xoops->header();
89  $xoops->tpl()->assign('xoops_pagetitle', XoopsLocale::USER_REGISTRATION);
90  $stop = '';
91  if (!$xoops->security()->check()) {
92  $stop .= implode('<br />', $xoops->security()->getErrors()) . "<br />";
93  }
94  if ($xoopsConfigUser['reg_dispdsclmr'] != 0 && $xoopsConfigUser['reg_disclaimer'] != '') {
95  if (empty($agree_disc)) {
96  $stop .= XoopsLocale::E_YOU_HAVE_TO_AGREE_TO_DISCLAIMER . '<br />';
97  }
98  }
99  $stop .= XoopsUserUtility::validate($uname, $email, $pass, $vpass);
100  if (empty($stop)) {
101  echo XoopsLocale::USERNAME . ": " . $myts->htmlSpecialChars($uname) . "<br />";
102  echo XoopsLocale::EMAIL . ": " . $myts->htmlSpecialChars($email) . "<br />";
103  if ($url != '') {
104  $url = $xoops->formatURL($url);
105  echo XoopsLocale::WEBSITE . ': ' . $myts->htmlSpecialChars($url) . '<br />';
106  }
107  $f_timezone = ($timezone_offset < 0) ? 'GMT ' . $timezone_offset : 'GMT +' . $timezone_offset;
108  echo XoopsLocale::TIME_ZONE . ": $f_timezone<br />";
109  echo "<form action='register.php' method='post'>";
110  $cpatcha = new Xoops\Form\Captcha();
111  echo "<br />" . $cpatcha->getCaption() . ": " . $cpatcha->render();
112  echo "<input type='hidden' name='uname' value='" . $myts->htmlSpecialChars($uname) . "' />
113  <input type='hidden' name='email' value='" . $myts->htmlSpecialChars($email) . "' />
114  <input type='hidden' name='user_viewemail' value='" . $user_viewemail . "' />
115  <input type='hidden' name='timezone_offset' value='" . (float)$timezone_offset . "' />
116  <input type='hidden' name='url' value='" . $myts->htmlSpecialChars($url) . "' />
117  <input type='hidden' name='pass' value='" . $myts->htmlSpecialChars($pass) . "' />
118  <input type='hidden' name='vpass' value='" . $myts->htmlSpecialChars($vpass) . "' />
119  <input type='hidden' name='user_mailok' value='" . $user_mailok . "' />
120  <br /><br /><input type='hidden' name='op' value='finish' />"
121  . $xoops->security()->getTokenHTML()
122  . "<input type='submit' value='" . XoopsLocale::A_FINISH . "' /></form>";
123  } else {
124  echo "<span class='red'>$stop</span>";
125  include $xoops->path('include/registerform.php');
126  $reg_form->display();
127  }
128  $xoops->footer();
129  break;
130 
131  case 'finish':
132  $xoops->header();
133  $stop = XoopsUserUtility::validate($uname, $email, $pass, $vpass);
134  if (!$xoops->security()->check()) {
135  $stop .= implode('<br />', $xoops->security()->getErrors()) . "<br />";
136  }
137  $xoopsCaptcha = XoopsCaptcha::getInstance();
138  if (!$xoopsCaptcha->verify()) {
139  $stop .= $xoopsCaptcha->getMessage() . "<br />";
140  }
141  if (empty($stop)) {
142  $member_handler = $xoops->getHandlerMember();
143  $newuser = $member_handler->createUser();
144  $newuser->setVar('user_viewemail', $user_viewemail, true);
145  $newuser->setVar('uname', $uname, true);
146  $newuser->setVar('email', $email, true);
147  if ($url != '') {
148  $newuser->setVar('url', $xoops->formatURL($url), true);
149  }
150  $newuser->setVar('user_avatar', 'blank.gif', true);
151  $actkey = substr(md5(uniqid(mt_rand(), 1)), 0, 8);
152  $newuser->setVar('actkey', $actkey, true);
153  $newuser->setVar('pass', password_hash($pass, PASSWORD_DEFAULT), true);
154  $newuser->setVar('timezone_offset', $timezone_offset, true);
155  $newuser->setVar('user_regdate', time(), true);
156  $newuser->setVar('uorder', $xoops->getConfig('com_order'), true);
157  $newuser->setVar('umode', $xoops->getConfig('com_mode'), true);
158  $newuser->setVar('theme', $xoops->getConfig('theme_set'), true);
159  $newuser->setVar('user_mailok', $user_mailok, true);
160  if ($xoopsConfigUser['activation_type'] == 1) {
161  $newuser->setVar('level', 1, true);
162  } else {
163  $newuser->setVar('level', 0, true);
164  }
165  if (!$member_handler->insertUser($newuser)) {
166  echo XoopsLocale::E_USER_NOT_REGISTERED;
167  $xoops->footer();
168  }
169  $newid = $newuser->getVar('uid');
170  if (!$member_handler->addUserToGroup(FixedGroups::USERS, $newid)) {
171  echo XoopsLocale::E_USER_NOT_REGISTERED;
172  $xoops->footer();
173  }
174  if ($xoopsConfigUser['activation_type'] == 1) {
175  XoopsUserUtility::sendWelcome($newuser);
176  $xoops->redirect(
177  'index.php',
178  4,
179  XoopsLocale::S_YOUR_ACCOUNT_ACTIVATED . ' ' . XoopsLocale::LOGIN_WITH_REGISTERED_PASSWORD
180  );
181  }
182  // Sending notification email to user for self activation
183  if ($xoopsConfigUser['activation_type'] == 0) {
184  $xoopsMailer = $xoops->getMailer();
185  $xoopsMailer->useMail();
186  $xoopsMailer->setTemplate('register.tpl');
187  $xoopsMailer->assign('SITENAME', $xoops->getConfig('sitename'));
188  $xoopsMailer->assign('ADMINMAIL', $xoops->getConfig('adminmail'));
189  $xoopsMailer->assign('SITEURL', $xoops_url . "/");
190  $xoopsMailer->setToUsers(new XoopsUser($newid));
191  $xoopsMailer->setFromEmail($xoops->getConfig('adminmail'));
192  $xoopsMailer->setFromName($xoops->getConfig('sitename'));
193  $xoopsMailer->setSubject(sprintf(XoopsLocale::F_USER_ACTIVATION_KEY_FOR, $uname));
194  if (!$xoopsMailer->send()) {
195  echo XoopsLocale::S_YOU_ARE_NOW_REGISTERED . ' '
196  . XoopsLocale::EMAIL_HAS_NOT_BEEN_SENT_WITH_ACTIVATION_KEY;
197  } else {
198  echo XoopsLocale::S_YOU_ARE_NOW_REGISTERED . ' '
199  . XoopsLocale::EMAIL_HAS_BEEN_SENT_WITH_ACTIVATION_KEY;
200  }
201  // Sending notification email to administrator for activation
202  } elseif ($xoopsConfigUser['activation_type'] == 2) {
203  $xoopsMailer = $xoops->getMailer();
204  $xoopsMailer->useMail();
205  $xoopsMailer->setTemplate('adminactivate.tpl');
206  $xoopsMailer->assign('USERNAME', $uname);
207  $xoopsMailer->assign('USEREMAIL', $email);
208  $xoopsMailer->assign(
209  'USERACTLINK',
210  $xoops_url . '/register.php?op=actv&id=' . $newid . '&actkey=' . $actkey
211  );
212  $xoopsMailer->assign('SITENAME', $xoops->getConfig('sitename'));
213  $xoopsMailer->assign('ADMINMAIL', $xoops->getConfig('adminmail'));
214  $xoopsMailer->assign('SITEURL', $xoops_url . "/");
215  $member_handler = $xoops->getHandlerMember();
216  $xoopsMailer->setToGroups($member_handler->getGroup($xoopsConfigUser['activation_group']));
217  $xoopsMailer->setFromEmail($xoops->getConfig('adminmail'));
218  $xoopsMailer->setFromName($xoops->getConfig('sitename'));
219  $xoopsMailer->setSubject(sprintf(XoopsLocale::F_USER_ACTIVATION_KEY_FOR, $uname));
220  if (!$xoopsMailer->send()) {
221  echo XoopsLocale::S_YOU_ARE_NOW_REGISTERED . ' '
222  . XoopsLocale::EMAIL_HAS_NOT_BEEN_SENT_WITH_ACTIVATION_KEY;
223  echo XoopsLocale::S_YOU_ARE_NOW_REGISTERED . ' '
224  . XoopsLocale::PLEASE_WAIT_FOR_ACCOUNT_ACTIVATION;
225  }
226  }
227  if ($xoopsConfigUser['new_user_notify'] == 1 && !empty($xoopsConfigUser['new_user_notify_group'])) {
228  $xoopsMailer = $xoops->getMailer();
229  $xoopsMailer->reset();
230  $xoopsMailer->useMail();
231  $member_handler = $xoops->getHandlerMember();
232  $xoopsMailer->setToGroups($member_handler->getGroup($xoopsConfigUser['new_user_notify_group']));
233  $xoopsMailer->setFromEmail($xoops->getConfig('adminmail'));
234  $xoopsMailer->setFromName($xoops->getConfig('sitename'));
235  $xoopsMailer->setSubject(
236  sprintf(XoopsLocale::F_NEW_USER_REGISTRATION_AT, $xoops->getConfig('sitename'))
237  );
238  $xoopsMailer->setBody(sprintf(XoopsLocale::F_HAS_JUST_REGISTERED, $uname));
239  $xoopsMailer->send();
240  }
241  } else {
242  echo "<span class='red bold'>{$stop}</span>";
243  include $xoops->path('include/registerform.php');
244  $reg_form->display();
245  }
246  $xoops->footer();
247  break;
248 
249  case 'actv':
250  case 'activate':
251  $id = $id;
252  $actkey = $actkey;
253  if (empty($id)) {
254  $xoops->redirect('index.php', 1, '');
255  exit();
256  }
257  $member_handler = $xoops->getHandlerMember();
258  $thisuser = $member_handler->getUser($id);
259  if (!is_object($thisuser)) {
260  exit();
261  }
262  if ($thisuser->getVar('actkey') != $actkey) {
263  $xoops->redirect('index.php', 5, XoopsLocale::E_ACTIVATION_KEY_INCORRECT);
264  } else {
265  if ($thisuser->getVar('level') > 0) {
266  $xoops->redirect('user.php', 5, XoopsLocale::E_SELECTED_ACCOUNT_IS_ALREADY_ACTIVATED, false);
267  } else {
268  if (false != $member_handler->activateUser($thisuser)) {
269  $xoopsConfigUser = $xoops->getConfigs();
270  if ($xoopsConfigUser['activation_type'] == 2) {
271  $myts = MyTextSanitizer::getInstance();
272  $xoopsMailer = $xoops->getMailer();
273  $xoopsMailer->useMail();
274  $xoopsMailer->setTemplate('activated.tpl');
275  $xoopsMailer->assign('SITENAME', $xoops->getConfig('sitename'));
276  $xoopsMailer->assign('ADMINMAIL', $xoops->getConfig('adminmail'));
277  $xoopsMailer->assign('SITEURL', $xoops_url . "/");
278  $xoopsMailer->setToUsers($thisuser);
279  $xoopsMailer->setFromEmail($xoops->getConfig('adminmail'));
280  $xoopsMailer->setFromName($xoops->getConfig('sitename'));
281  $xoopsMailer->setSubject(
282  sprintf(XoopsLocale::F_YOUR_ACCOUNT_AT, $xoops->getConfig('sitename'))
283  );
284  $xoops->header();
285  if (!$xoopsMailer->send()) {
286  printf(XoopsLocale::EF_NOTIFICATION_EMAIL_NOT_SENT_TO, $thisuser->getVar('uname'));
287  } else {
288  printf(XoopsLocale::SF_NOTIFICATION_EMAIL_SENT_TO, $thisuser->getVar('uname'));
289  }
290  $xoops->footer();
291  } else {
292  $xoops->redirect(
293  'user.php',
294  5,
295  XoopsLocale::S_YOUR_ACCOUNT_ACTIVATED . ' ' . XoopsLocale::LOGIN_WITH_REGISTERED_PASSWORD,
296  false
297  );
298  }
299  } else {
300  $xoops->redirect('index.php', 5, XoopsLocale::E_ACTIVATION_FAILED);
301  }
302  }
303  }
304  break;
305 
306  case 'register':
307  default:
308  $xoops->header();
309  $xoops->tpl()->assign('xoops_pagetitle', XoopsLocale::USER_REGISTRATION);
310  $xoops->theme()->addMeta(
311  'meta',
312  'keywords',
313  XoopsLocale::USER_REGISTRATION . ", " . XoopsLocale::USERNAME
314  ); // FIXME!
315  $xoops->theme()->addMeta('meta', 'description', strip_tags($xoopsConfigUser['reg_disclaimer']));
316  include $xoops->path('include/registerform.php');
317  $reg_form->display();
318  $xoops->footer();
319  break;
320 }
XoopsLocaleEn_US\EMAIL_HAS_BEEN_SENT_WITH_ACTIVATION_KEY
const EMAIL_HAS_BEEN_SENT_WITH_ACTIVATION_KEY
Definition: en_US.php:280
$user_viewemail
$user_viewemail
Definition: register.php:76
$member_handler
if($uname== ''||$pass== '') $member_handler
Definition: checklogin.php:44
XoopsLocaleEn_US\SF_NOTIFICATION_EMAIL_SENT_TO
const SF_NOTIFICATION_EMAIL_SENT_TO
Definition: en_US.php:990
XoopsLocaleEn_US\F_HAS_JUST_REGISTERED
const F_HAS_JUST_REGISTERED
Definition: en_US.php:412
XoopsCaptcha\getInstance
static getInstance()
Definition: xoopscaptcha.php:90
XoopsLocaleEn_US\E_SELECTED_ACCOUNT_IS_ALREADY_ACTIVATED
const E_SELECTED_ACCOUNT_IS_ALREADY_ACTIVATED
Definition: en_US.php:363
$uname
$uname
Definition: register.php:70
$xoopsConfigUser
$xoopsConfigUser
Definition: register.php:33
XoopsUserUtility\validate
static validate()
Definition: userutility.php:71
Xoops\getInstance
static getInstance()
Definition: Xoops.php:160
XoopsLocaleEn_US\E_ACTIVATION_FAILED
const E_ACTIVATION_FAILED
Definition: en_US.php:310
$clean_get_input
$clean_get_input
Definition: register.php:58
XoopsLocaleEn_US\PLEASE_WAIT_FOR_ACCOUNT_ACTIVATION
const PLEASE_WAIT_FOR_ACCOUNT_ACTIVATION
Definition: en_US.php:901
XoopsLocaleEn_US\EMAIL_HAS_NOT_BEEN_SENT_WITH_ACTIVATION_KEY
const EMAIL_HAS_NOT_BEEN_SENT_WITH_ACTIVATION_KEY
Definition: en_US.php:281
$timezone_offset
$timezone_offset
Definition: register.php:75
XoopsLocaleEn_US\EMAIL
const EMAIL
Definition: en_US.php:279
$pass
$pass
Definition: register.php:73
$clean_input
if(empty($xoopsConfigUser['allow_register'])) $clean_input
Definition: register.php:41
XoopsLocaleEn_US\A_FINISH
const A_FINISH
Definition: en_US.php:97
Xoops\Core\FilterInput\gather
static gather($source, $input_map, $require=false)
Definition: FilterInput.php:557
XoopsLocaleEn_US\LOGIN_WITH_REGISTERED_PASSWORD
const LOGIN_WITH_REGISTERED_PASSWORD
Definition: en_US.php:518
XoopsLocaleEn_US\F_YOUR_ACCOUNT_AT
const F_YOUR_ACCOUNT_AT
Definition: en_US.php:450
XoopsLocaleEn_US\E_YOU_HAVE_TO_AGREE_TO_DISCLAIMER
const E_YOU_HAVE_TO_AGREE_TO_DISCLAIMER
Definition: en_US.php:383
XoopsLocaleEn_US\E_WE_ARE_CLOSED_FOR_REGISTRATION
const E_WE_ARE_CLOSED_FOR_REGISTRATION
Definition: en_US.php:380
exit
exit
Definition: browse.php:104
XoopsLocaleEn_US\TIME_ZONE
const TIME_ZONE
Definition: en_US.php:1052
XoopsLocaleEn_US\USER_REGISTRATION
const USER_REGISTRATION
Definition: en_US.php:1084
$op
$op
Definition: register.php:69
$vpass
$vpass
Definition: register.php:74
$email
$email
Definition: register.php:71
XoopsLocaleEn_US\E_USER_NOT_REGISTERED
const E_USER_NOT_REGISTERED
Definition: en_US.php:377
$xoops_url
$xoops_url
Definition: register.php:27
XoopsUserUtility\sendWelcome
static sendWelcome($user)
Definition: userutility.php:32
$id
$id
Definition: admin_menu.php:36
$myts
$myts
Definition: register.php:31
XoopsLocaleEn_US\F_USER_ACTIVATION_KEY_FOR
const F_USER_ACTIVATION_KEY_FOR
Definition: en_US.php:446
XoopsBaseConfig\get
static get($name)
Definition: XoopsBaseConfig.php:117
$reg_form
$reg_form
Definition: registerform.php:26
XoopsLocaleEn_US\S_YOU_ARE_NOW_REGISTERED
const S_YOU_ARE_NOW_REGISTERED
Definition: en_US.php:1039
XoopsLocaleEn_US\F_NEW_USER_REGISTRATION_AT
const F_NEW_USER_REGISTRATION_AT
Definition: en_US.php:431
$user_mailok
$user_mailok
Definition: register.php:77
$xoops
$xoops
Definition: register.php:26
$agree_disc
$agree_disc
Definition: register.php:78
$url
$url
Definition: register.php:72
XoopsLocaleEn_US\USERNAME
const USERNAME
Definition: en_US.php:1079
XoopsLocaleEn_US\S_YOUR_ACCOUNT_ACTIVATED
const S_YOUR_ACCOUNT_ACTIVATED
Definition: en_US.php:1034
$xoopsConfig
$xoopsConfig
Definition: common.php:130
MyTextSanitizer\getInstance
static getInstance()
Definition: module.textsanitizer.php:254
XoopsLocaleEn_US\E_ACTIVATION_KEY_INCORRECT
const E_ACTIVATION_KEY_INCORRECT
Definition: en_US.php:311
XoopsLocaleEn_US\EF_NOTIFICATION_EMAIL_NOT_SENT_TO
const EF_NOTIFICATION_EMAIL_NOT_SENT_TO
Definition: en_US.php:258
XoopsLocaleEn_US\WEBSITE
const WEBSITE
Definition: en_US.php:1096