aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--database.sql10
-rw-r--r--mod/register.php50
-rw-r--r--mod/regmod.php85
-rw-r--r--view/register_verify_eml.tpl26
4 files changed, 163 insertions, 8 deletions
diff --git a/database.sql b/database.sql
index 55dcaeb13..ca9485777 100644
--- a/database.sql
+++ b/database.sql
@@ -316,3 +316,13 @@ CREATE TABLE IF NOT EXISTS `user` (
`pwdreset` char(255) NOT NULL,
PRIMARY KEY (`uid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+
+
+CREATE TABLE IF NOT EXISTS `register` (
+ `id` INT(11) UNSIGNED NOT NULL AUTO_INCREMENT,
+ `hash` CHAR( 255 ) NOT NULL ,
+ `created` DATETIME NOT NULL ,
+ `uid` INT(11) UNSIGNED NOT NULL,
+ `password` CHAR(255) NOT NULL,
+ PRIMARY KEY (`id`)
+) ENGINE = MYISAM DEFAULT CHARSET=utf8; \ No newline at end of file
diff --git a/mod/register.php b/mod/register.php
index 5e132d584..f74f57146 100644
--- a/mod/register.php
+++ b/mod/register.php
@@ -14,9 +14,9 @@ function register_post(&$a) {
$verified = 1;
break;
- case REGISTER_VERIFY:
+ case REGISTER_APPROVE:
$blocked = 1;
- $verify = 0;
+ $verified = 0;
break;
default:
@@ -168,14 +168,48 @@ function register_post(&$a) {
$res = mail($email,"Registration details for {$a->config['sitename']}",$email_tpl,"From: Administrator@{$_SERVER[SERVER_NAME]}");
- }
- if($res) {
- notice( "Registration successful. Please check your email for further instructions." . EOL ) ;
- goaway($a->get_baseurl());
+ if($res) {
+ notice( "Registration successful. Please check your email for further instructions." . EOL ) ;
+ goaway($a->get_baseurl());
+ }
+ else {
+ notice( "Failed to send email message. Here is the message that failed. $email_tpl " . EOL );
+ }
}
- else {
- notice( "Failed to send email message. Here is the message that failed. $email_tpl " . EOL );
+ elseif($a->config['register_policy'] == REGISTER_APPROVE) {
+ if(! strlen($a->config['admin_email'])) {
+ notice( t('Your registration can not be processed.') . EOL);
+ goaway($a->get_baseurl());
+ }
+
+ $hash = random_string();
+ $r = q("INSERT INTO `register` ( `hash`, `created`, `uid`, `password` ) VALUES ( '%s', '%s', %d, '%s' ) ",
+ dbesc($hash),
+ dbesc(datetime_convert()),
+ intval($newuid),
+ dbesc($new_password)
+ );
+
+ $email_tpl = file_get_contents("view/register_verify_eml.tpl");
+ $email_tpl = replace_macros($email_tpl, array(
+ '$sitename' => $a->config['sitename'],
+ '$siteurl' => $a->get_baseurl(),
+ '$username' => $username,
+ '$email' => $email,
+ '$password' => $new_password,
+ '$uid' => $newuid,
+ '$hash' => $hash
+ ));
+
+ $res = mail($a->config['admin_email'],"Registration request at {$a->config['sitename']}",
+ $email_tpl,"From: Administrator@{$_SERVER[SERVER_NAME]}");
+
+ if($res) {
+ notice( "Your registration is pending approval by the site owner." . EOL ) ;
+ goaway($a->get_baseurl());
+ }
+
}
return;
diff --git a/mod/regmod.php b/mod/regmod.php
new file mode 100644
index 000000000..f2c3cb807
--- /dev/null
+++ b/mod/regmod.php
@@ -0,0 +1,85 @@
+<?php
+
+
+
+function regmod_content(&$a) {
+
+ if(! local_user()) {
+ notice( t('Please login.') . EOL);
+ $o = login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
+ return $o;
+ }
+
+ if($a->argc != 3)
+ killme();
+
+ $cmd = $a->argv[1];
+ $hash = $a->argv[2];
+
+
+ $register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
+ dbesc($hash)
+ );
+
+
+ if(! count($register))
+ killme();
+
+ if($cmd == 'deny') {
+
+ $r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
+ intval($register[0]['uid'])
+ );
+ $r = q("DELETE FROM `contact` WHERE `uid` = %d",
+ intval($register[0]['uid'])
+ );
+ $r = q("DELETE FROM `profile` WHERE `uid` = %d",
+ intval($register[0]['uid'])
+ );
+
+ $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
+ dbesc($register[0]['hash'])
+ );
+ notice( t('Registration revoked.') . EOL);
+ return;
+
+ }
+
+ if($cmd == 'allow') {
+
+ $user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
+ intval($register[0]['uid'])
+ );
+ if(! count($user))
+ killme();
+
+ $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
+ dbesc($register[0]['hash'])
+ );
+
+
+ $r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1",
+ intval($register[0]['uid'])
+ );
+
+ $email_tpl = file_get_contents("view/register_open_eml.tpl");
+ $email_tpl = replace_macros($email_tpl, array(
+ '$sitename' => $a->config['sitename'],
+ '$siteurl' => $a->get_baseurl(),
+ '$username' => $user[0]['username'],
+ '$email' => $user[0]['email'],
+ '$password' => $register[0]['password'],
+ '$uid' => $user[0]['uid']
+ ));
+
+ $res = mail($user[0]['email'], t('Registration details for '). $a->config['sitename'],
+ $email_tpl,'From: ' . t('Administrator@') . $_SERVER[SERVER_NAME] );
+
+
+ if($res) {
+ notice( t('Account approved.') . EOL );
+ return;
+ }
+
+ }
+} \ No newline at end of file
diff --git a/view/register_verify_eml.tpl b/view/register_verify_eml.tpl
new file mode 100644
index 000000000..60c38d800
--- /dev/null
+++ b/view/register_verify_eml.tpl
@@ -0,0 +1,26 @@
+
+A new user registration request was received at $sitename which requires
+your approval.
+
+
+The login details are as follows:
+
+Full Name: $username
+Site Location: $siteurl
+Login Name: $email
+
+
+To approve this request please visit the following link:
+
+
+$siteurl/regmod/allow/$hash
+
+
+To deny the request and remove the account, please visit:
+
+
+$siteurl/regmod/deny/$hash
+
+
+Thank you.
+