| [ Index ] |
PHP Cross Reference of phpBB 3.0 Beta 3 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * @package ucp 5 * @version $Id: ucp_register.php,v 1.91 2006/11/04 17:25:27 acydburn Exp $ 6 * @copyright (c) 2005 phpBB Group 7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 8 * 9 */ 10 11 /** 12 * ucp_register 13 * Board registration 14 * @package ucp 15 */ 16 class ucp_register 17 { 18 var $u_action; 19 20 function main($id, $mode) 21 { 22 global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx; 23 24 // 25 if ($config['require_activation'] == USER_ACTIVATION_DISABLE) 26 { 27 trigger_error('UCP_REGISTER_DISABLE'); 28 } 29 30 include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx); 31 32 $confirm_id = request_var('confirm_id', ''); 33 $coppa = (isset($_REQUEST['coppa'])) ? ((!empty($_REQUEST['coppa'])) ? 1 : 0) : false; 34 $agreed = (!empty($_POST['agreed'])) ? 1 : 0; 35 $submit = (isset($_POST['submit'])) ? true : false; 36 $change_lang = request_var('change_lang', ''); 37 38 if ($change_lang) 39 { 40 $change_lang = basename($change_lang); 41 42 if (file_exists($phpbb_root_path . 'language/' . $change_lang . '/')) 43 { 44 $submit = false; 45 46 $user->lang_name = $lang = $change_lang; 47 $user->lang_path = $phpbb_root_path . 'language/' . $lang . '/'; 48 $user->lang = array(); 49 $user->add_lang(array('common', 'ucp')); 50 51 // Setting back agreed to let the user view the agreement in his/her language 52 $agreed = (empty($_GET['change_lang'])) ? 0 : $agreed; 53 } 54 else 55 { 56 $change_lang = ''; 57 } 58 } 59 60 $cp = new custom_profile(); 61 62 $error = $cp_data = $cp_error = array(); 63 64 // 65 if (!$agreed) 66 { 67 $add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : ''; 68 69 if ($coppa === false && $config['coppa_enable']) 70 { 71 $now = getdate(); 72 $coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']); 73 unset($now); 74 75 $template->assign_vars(array( 76 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 77 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday), 78 79 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=0' . $add_lang), 80 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=1' . $add_lang), 81 82 'S_SHOW_COPPA' => true, 83 'S_HIDDEN_FIELDS' => ($confirm_id) ? '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />' : '', 84 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang)) 85 ); 86 } 87 else 88 { 89 $template->assign_vars(array( 90 'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()), 91 92 'S_SHOW_COPPA' => false, 93 'S_REGISTRATION' => true, 94 'S_HIDDEN_FIELDS' => ($confirm_id) ? '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />' : '', 95 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang)) 96 ); 97 } 98 99 $this->tpl_name = 'ucp_agreement'; 100 return; 101 } 102 103 // Try to manually determine the timezone 104 $timezone = date('Z') / 3600; 105 $is_dst = date('I'); 106 $timezone = ($is_dst) ? $timezone - 1 : $timezone; 107 108 if (!isset($user->lang['tz_zones'][(string) $timezone])) 109 { 110 $timezone = $config['board_timezone']; 111 } 112 113 $data = array( 114 'username' => request_var('username', '', true), 115 'password_confirm' => request_var('password_confirm', '', true), 116 'new_password' => request_var('new_password', '', true), 117 'cur_password' => request_var('cur_password', '', true), 118 'email' => request_var('email', ''), 119 'email_confirm' => request_var('email_confirm', ''), 120 'confirm_code' => request_var('confirm_code', ''), 121 'lang' => request_var('lang', $user->lang_name), 122 'tz' => request_var('tz', (float) $timezone), 123 ); 124 125 // Check and initialize some variables if needed 126 if ($submit) 127 { 128 $error = validate_data($data, array( 129 'username' => array( 130 array('string', false, $config['min_name_chars'], $config['max_name_chars']), 131 array('username')), 132 'new_password' => array( 133 array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), 134 array('password')), 135 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']), 136 'email' => array( 137 array('string', false, 6, 60), 138 array('email')), 139 'email_confirm' => array('string', false, 6, 60), 140 'confirm_code' => array('string', !$config['enable_confirm'], 5, 8), 141 'tz' => array('num', false, -14, 14), 142 'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'), 143 )); 144 145 // Replace "error" strings with their real, localised form 146 $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error); 147 148 // DNSBL check 149 if ($config['check_dnsbl']) 150 { 151 if (($dnsbl = $user->check_dnsbl()) !== false) 152 { 153 $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); 154 } 155 } 156 157 // validate custom profile fields 158 $cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error); 159 160 // Visual Confirmation handling 161 $wrong_confirm = false; 162 if ($config['enable_confirm']) 163 { 164 if (!$confirm_id) 165 { 166 $error[] = $user->lang['CONFIRM_CODE_WRONG']; 167 $wrong_confirm = true; 168 } 169 else 170 { 171 $sql = 'SELECT code 172 FROM ' . CONFIRM_TABLE . " 173 WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "' 174 AND session_id = '" . $db->sql_escape($user->session_id) . "' 175 AND confirm_type = " . CONFIRM_REG; 176 $result = $db->sql_query($sql); 177 $row = $db->sql_fetchrow($result); 178 $db->sql_freeresult($result); 179 180 if ($row) 181 { 182 if (strcasecmp($row['code'], $data['confirm_code']) === 0) 183 { 184 $sql = 'DELETE FROM ' . CONFIRM_TABLE . " 185 WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "' 186 AND session_id = '" . $db->sql_escape($user->session_id) . "' 187 AND confirm_type = " . CONFIRM_REG; 188 $db->sql_query($sql); 189 } 190 else 191 { 192 $error[] = $user->lang['CONFIRM_CODE_WRONG']; 193 $wrong_confirm = true; 194 } 195 } 196 else 197 { 198 $error[] = $user->lang['CONFIRM_CODE_WRONG']; 199 $wrong_confirm = true; 200 } 201 } 202 } 203 204 if (!sizeof($error)) 205 { 206 if ($data['new_password'] != $data['password_confirm']) 207 { 208 $error[] = $user->lang['NEW_PASSWORD_ERROR']; 209 } 210 211 if ($data['email'] != $data['email_confirm']) 212 { 213 $error[] = $user->lang['NEW_EMAIL_ERROR']; 214 } 215 } 216 217 if (!sizeof($error)) 218 { 219 $server_url = generate_board_url(); 220 221 // Which group by default? 222 $group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED'; 223 224 $sql = 'SELECT group_id 225 FROM ' . GROUPS_TABLE . " 226 WHERE group_name = '" . $db->sql_escape($group_name) . "' 227 AND group_type = " . GROUP_SPECIAL; 228 $result = $db->sql_query($sql); 229 $row = $db->sql_fetchrow($result); 230 $db->sql_freeresult($result); 231 232 if (!$row) 233 { 234 trigger_error('NO_GROUP'); 235 } 236 237 $group_id = $row['group_id']; 238 239 if (($coppa || 240 $config['require_activation'] == USER_ACTIVATION_SELF || 241 $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) 242 { 243 $user_actkey = gen_rand_string(10); 244 $key_len = 54 - (strlen($server_url)); 245 $key_len = ($key_len < 6) ? 6 : $key_len; 246 $user_actkey = substr($user_actkey, 0, $key_len); 247 248 $user_type = USER_INACTIVE; 249 $user_inactive_reason = INACTIVE_REGISTER; 250 $user_inactive_time = time(); 251 } 252 else 253 { 254 $user_type = USER_NORMAL; 255 $user_actkey = ''; 256 $user_inactive_reason = 0; 257 $user_inactive_time = 0; 258 } 259 260 $user_row = array( 261 'username' => $data['username'], 262 'user_password' => md5($data['new_password']), 263 'user_email' => $data['email'], 264 'group_id' => (int) $group_id, 265 'user_timezone' => (float) $data['tz'], 266 'user_dst' => $is_dst, 267 'user_lang' => $data['lang'], 268 'user_type' => $user_type, 269 'user_actkey' => $user_actkey, 270 'user_ip' => $user->ip, 271 'user_regdate' => time(), 272 'user_inactive_reason' => $user_inactive_reason, 273 'user_inactive_time' => $user_inactive_time, 274 ); 275 276 // Register user... 277 $user_id = user_add($user_row, $cp_data); 278 279 // This should not happen, because the required variables are listed above... 280 if ($user_id === false) 281 { 282 trigger_error($user->lang['NO_USER'], E_USER_ERROR); 283 } 284 285 if ($coppa && $config['email_enable']) 286 { 287 $message = $user->lang['ACCOUNT_COPPA']; 288 $email_template = 'coppa_welcome_inactive'; 289 } 290 else if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable']) 291 { 292 $message = $user->lang['ACCOUNT_INACTIVE']; 293 $email_template = 'user_welcome_inactive'; 294 } 295 else if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable']) 296 { 297 $message = $user->lang['ACCOUNT_INACTIVE_ADMIN']; 298 $email_template = 'admin_welcome_inactive'; 299 } 300 else 301 { 302 $message = $user->lang['ACCOUNT_ADDED']; 303 $email_template = 'user_welcome'; 304 } 305 306 if ($config['email_enable']) 307 { 308 include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); 309 310 $messenger = new messenger(false); 311 312 $messenger->template($email_template, $data['lang']); 313 314 $messenger->replyto($config['board_contact']); 315 $messenger->to($data['email'], $data['username']); 316 317 $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); 318 $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); 319 $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); 320 $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip); 321 322 $messenger->assign_vars(array( 323 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])), 324 'USERNAME' => htmlspecialchars_decode($data['username']), 325 'PASSWORD' => htmlspecialchars_decode($data['new_password']), 326 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") 327 ); 328 329 if ($coppa) 330 { 331 $messenger->assign_vars(array( 332 'FAX_INFO' => $config['coppa_fax'], 333 'MAIL_INFO' => $config['coppa_mail'], 334 'EMAIL_ADDRESS' => $data['email']) 335 ); 336 } 337 338 $messenger->send(NOTIFY_EMAIL); 339 340 if ($config['require_activation'] == USER_ACTIVATION_ADMIN) 341 { 342 // Grab an array of user_id's with a_user permissions ... these users can activate a user 343 $admin_ary = $auth->acl_get_list(false, 'a_user', false); 344 $admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array(); 345 346 // Also include founders 347 $where_sql = ' WHERE user_type = ' . USER_FOUNDER; 348 349 if (sizeof($admin_ary)) 350 { 351 $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary); 352 } 353 354 $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type 355 FROM ' . USERS_TABLE . ' ' . 356 $where_sql; 357 $result = $db->sql_query($sql); 358 359 while ($row = $db->sql_fetchrow($result)) 360 { 361 $messenger->template('admin_activate', $row['user_lang']); 362 $messenger->replyto($config['board_contact']); 363 $messenger->to($row['user_email'], $row['username']); 364 $messenger->im($row['user_jabber'], $row['username']); 365 366 $messenger->assign_vars(array( 367 'USERNAME' => htmlspecialchars_decode($data['username']), 368 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey") 369 ); 370 371 $messenger->send($row['user_notify_type']); 372 } 373 $db->sql_freeresult($result); 374 } 375 } 376 377 $message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>'); 378 trigger_error($message); 379 } 380 } 381 382 $s_hidden_fields = build_hidden_fields(array( 383 'agreed' => 'true', 384 'coppa' => $coppa, 385 'change_lang' => 0) 386 ); 387 388 $confirm_image = ''; 389 390 // Visual Confirmation - Show images 391 if ($config['enable_confirm']) 392 { 393 $str = ''; 394 if (!$change_lang) 395 { 396 $sql = 'SELECT session_id 397 FROM ' . SESSIONS_TABLE; 398 $result = $db->sql_query($sql); 399 400 if ($row = $db->sql_fetchrow($result)) 401 { 402 $sql_in = array(); 403 do 404 { 405 $sql_in[] = (string) $row['session_id']; 406 } 407 while ($row = $db->sql_fetchrow($result)); 408 409 if (sizeof($sql_in)) 410 { 411 $sql = 'DELETE FROM ' . CONFIRM_TABLE . ' 412 WHERE ' . $db->sql_in_set('session_id', $sql_in, true) . ' 413 AND confirm_type = ' . CONFIRM_REG; 414 $db->sql_query($sql); 415 } 416 } 417 $db->sql_freeresult($result); 418 419 $sql = 'SELECT COUNT(session_id) AS attempts 420 FROM ' . CONFIRM_TABLE . " 421 WHERE session_id = '" . $db->sql_escape($user->session_id) . "' 422 AND confirm_type = " . CONFIRM_REG; 423 $result = $db->sql_query($sql); 424 $attempts = (int) $db->sql_fetchfield('attempts'); 425 $db->sql_freeresult($result); 426 427 if ($config['max_reg_attempts'] && $attempts > $config['max_reg_attempts']) 428 { 429 trigger_error($user->lang['TOO_MANY_REGISTERS']); 430 } 431 432 $code = gen_rand_string(mt_rand(5, 8)); 433 $confirm_id = md5(unique_id($user->ip)); 434 435 $sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array( 436 'confirm_id' => (string) $confirm_id, 437 'session_id' => (string) $user->session_id, 438 'confirm_type' => (int) CONFIRM_REG, 439 'code' => (string) $code) 440 ); 441 $db->sql_query($sql); 442 } 443 else 444 { 445 $str .= '&change_lang=' . $change_lang; 446 } 447 448 $confirm_image = '<img src="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=confirm&id=' . $confirm_id . '&type=' . CONFIRM_REG . $str) . '" alt="" title="" />'; 449 $s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />'; 450 } 451 452 // 453 $l_reg_cond = ''; 454 switch ($config['require_activation']) 455 { 456 case USER_ACTIVATION_SELF: 457 $l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE']; 458 break; 459 460 case USER_ACTIVATION_ADMIN: 461 $l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE']; 462 break; 463 } 464 465 $user_char_ary = array('.*' => 'USERNAME_CHARS_ANY', '[\w]+' => 'USERNAME_ALPHA_ONLY', '[\w_\+\. \-\[\]]+' => 'USERNAME_ALPHA_SPACERS'); 466 $pass_char_ary = array('.*' => 'PASS_TYPE_ANY', '[a-zA-Z]' => 'PASS_TYPE_CASE', '[a-zA-Z0-9]' => 'PASS_TYPE_ALPHA', '[a-zA-Z\W]' => 'PASS_TYPE_SYMBOL'); 467 468 // 469 $template->assign_vars(array( 470 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '', 471 'USERNAME' => $data['username'], 472 'PASSWORD' => $data['new_password'], 473 'PASSWORD_CONFIRM' => $data['password_confirm'], 474 'EMAIL' => $data['email'], 475 'EMAIL_CONFIRM' => $data['email_confirm'], 476 'CONFIRM_IMG' => $confirm_image, 477 478 'L_CONFIRM_EXPLAIN' => sprintf($user->lang['CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'), 479 'L_REG_COND' => $l_reg_cond, 480 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$user_char_ary[str_replace('\\\\', '\\', $config['allow_name_chars'])] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), 481 'L_NEW_PASSWORD_EXPLAIN' => sprintf($user->lang[$pass_char_ary[str_replace('\\\\', '\\', $config['pass_complex'])] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']), 482 483 'S_LANG_OPTIONS' => language_select($data['lang']), 484 'S_TZ_OPTIONS' => tz_select($data['tz']), 485 'S_CONFIRM_CODE' => ($config['enable_confirm']) ? true : false, 486 'S_COPPA' => $coppa, 487 'S_HIDDEN_FIELDS' => $s_hidden_fields, 488 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register')) 489 ); 490 491 // 492 $user->profile_fields = array(); 493 494 // Generate profile fields -> Template Block Variable profile_fields 495 $cp->generate_profile_fields('register', $user->get_iso_lang_id()); 496 497 // 498 $this->tpl_name = 'ucp_register'; 499 $this->page_title = 'UCP_REGISTRATION'; 500 } 501 } 502 503 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Nov 22 00:35:05 2006 | Cross-referenced by PHPXref 0.6 |