aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Zotlabs/Module/Admin/Site.php22
-rw-r--r--Zotlabs/Module/Regate.php5
-rw-r--r--Zotlabs/Module/Register.php68
-rw-r--r--include/account.php5
-rw-r--r--view/tpl/admin_site.tpl2
5 files changed, 72 insertions, 30 deletions
diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php
index 18408043c..530eb272a 100644
--- a/Zotlabs/Module/Admin/Site.php
+++ b/Zotlabs/Module/Admin/Site.php
@@ -43,6 +43,7 @@ class Site {
$maximagesize = ((x($_POST,'maximagesize')) ? intval(trim($_POST['maximagesize'])) : 0);
$register_policy = ((x($_POST,'register_policy')) ? intval(trim($_POST['register_policy'])) : 0);
+ $register_wo_email = ((x($_POST,'register_wo_email')) ? intval(trim($_POST['register_wo_email'])) : 0);
$minimum_age = ((x($_POST,'minimum_age')) ? intval(trim($_POST['minimum_age'])) : 13);
$access_policy = ((x($_POST,'access_policy')) ? intval(trim($_POST['access_policy'])) : 0);
$reg_autochannel = ((x($_POST,'auto_channel_create')) ? True : False);
@@ -194,6 +195,7 @@ class Site {
set_config('system','maximagesize', $maximagesize);
set_config('system','register_policy', $register_policy);
+ set_config('system','register_wo_email', $register_wo_email);
set_config('system','minimum_age', $minimum_age);
set_config('system','auto_channel_create', $reg_autochannel);
set_config('system',self::ivo, $invitation_only);
@@ -359,6 +361,7 @@ class Site {
'm' => t('Month(s)') ,
'y' => t('Year(s)')
);
+ $regdelay_n = $regdelay_u = false;
$regdelay = get_config('system','register_delay');
if ($regdelay)
list($regdelay_n, $regdelay_u) = array(substr($regdelay,0,-1),substr($regdelay,-1));
@@ -372,15 +375,16 @@ class Site {
'field' => array(
'name' => 'delay',
'title' => t('duration up from now'),
- 'value' => ($regdelay_n === false ? 90 : $regdelay_n),
+ 'value' => ($regdelay_n === false ? 0 : $regdelay_n),
'min' => '0',
'max' => '99',
'size' => '2',
- 'default' => ($regdelay_u ? $regdelay_u : 'i')
+ 'default' => ($regdelay_u === false ? 'i' : $regdelay_u)
),
'rabot' => $reg_rabots
)
);
+ $regexpire_n = $regexpire_u = false;
$regexpire = get_config('system','register_expire');
if ($regexpire)
list($regexpire_n, $regexpire_u) = array(substr($regexpire,0,-1),substr($regexpire,-1));
@@ -394,11 +398,11 @@ class Site {
'field' => array(
'name' => 'expire',
'title' => t('duration up from now'),
- 'value' => ($regexpire_n === false ? 2 : $regexpire_n),
+ 'value' => ($regexpire_n === false ? 99 : $regexpire_n),
'min' => '0',
'max' => '99',
'size' => '2',
- 'default' => ($regexpire_u ? $regexpire_u : 'i')
+ 'default' => ($regexpire_u === false ? 'y' : $regexpire_u)
),
'rabot' => $reg_rabots
)
@@ -449,6 +453,12 @@ class Site {
"",
$register_choices,
'ZAR0820C'),
+ '$register_wo_email' => array('register_wo_email',
+ t("Registration is also possible without having to enter an email address."),
+ get_config('system','register_wo_email'),
+ t("Registration is also supported without requiring an email address from the applicant. Instead of the email address an artificial identification is generated, which has to be confirmed in a separate dialog. The default value is (Off) and corresponds to the registration procedure up to version 5.4.x."),
+ "", "", 'ZAR0824C'),
+
'$register_duty' => array('register_duty',
t('Registration office on duty'),
$this->register_duty = get_config('system', 'register_duty'),
@@ -458,9 +468,9 @@ class Site {
. t('Several values or ranges are to split by comma') . '. '
. t('From-To ranges are joined with `-`') . '. '
. t('ie') . ' `1-5:0900-1200,1300-1700 6:900-1230` ' . t('or') .' `1-2,4-5:800-1800` '
- . ' <a id="zar083a" href="javascript:;">' . t('Parse and test your input') . '</a>'. EOL
+ . EOL . ' <a id="zar083a" class="zuia btn">' . t('Parse and test your input') . '</a>'. EOL
. t('If left empty, defaults to 24h closed everyday the week.') . ' '
- . t('To keep open 24h everyday the week, short is `-:-`.') . ' '
+ . t('To open 24h everyday the week, short is `-:-`.') . ' '
. t('Note, ranges are specified as open-close pairs and in case of')
. ' 0900-1200 '
. t('results to: opens 9h and closes 12h. If meant open 9h to 12h exactly, say `0900-1201`'),
diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php
index 077e5fd54..0d430d68c 100644
--- a/Zotlabs/Module/Regate.php
+++ b/Zotlabs/Module/Regate.php
@@ -61,14 +61,13 @@ class Regate extends \Zotlabs\Web\Controller {
// do we have a valid dId2 ?
if ( ($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2))
- || ($didx == 'e') ) {
+ || ($didx == 'e') || ($didx == 'i')) {
// check startup and expiration via [=[register
$r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_did2 = '%s' ", dbesc($did2) );
if ( $r && count($r) == 1 ) {
$r = $r[0];
// check timeframe
if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now ) {
-
if ( isset($_POST['resend']) && $didx == 'e' ) {
$re = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = 'e' AND reg_did2 = '%s' ", dbesc($r['reg_did2']) );
if ( $re && count($re) == 1 ) {
@@ -91,6 +90,8 @@ class Regate extends \Zotlabs\Web\Controller {
$acpin = (preg_match('/^[0-9]{6,6}$/', $_POST['acpin']) ? $_POST['acpin'] : false);
elseif ( $didx == 'e' )
$acpin = (preg_match('/^[0-9a-f]{24,24}$/', $_POST['acpin']) ? $_POST['acpin'] : false);
+ elseif ( $didx == 'i' )
+ $acpin = $r['reg_hash'];
else $acpin = false;
if ( $acpin && ($r['reg_hash'] == $acpin )) {
diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php
index c25475550..d865b7b49 100644
--- a/Zotlabs/Module/Register.php
+++ b/Zotlabs/Module/Register.php
@@ -2,6 +2,7 @@
namespace Zotlabs\Module;
+use App;
use Zotlabs\Web\Controller;
require_once('include/security.php');
@@ -216,7 +217,15 @@ class Register extends Controller {
// transit ?
// update reg vital 0 off
- $icdone = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d ",
+ //$icdone = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d ",
+ //intval($reg['reg_id'])
+ //);
+
+ // update DB flags, password
+ // TODO: what else?
+ q("UPDATE register set reg_flags = %d, reg_pass = '%s', reg_stuff = '%s' WHERE reg_id = '%s'",
+ intval($flags),
+ dbesc(bin2hex($password)),
intval($reg['reg_id'])
);
@@ -225,8 +234,15 @@ class Register extends Controller {
// msg!
info($msg . EOL);
- $well = true;
+ // the invitecode has verified us and we have all the info we need
+ // take the shortcut.
+ $mod = new Regate();
+ $_REQUEST['form_security_token'] = get_form_security_token("regate");
+ App::$argc = 2;
+ App::$argv[0] = 'regate';
+ App::$argv[1] = bin2hex($reg['reg_did2']) . 'i';
+ return $mod->post();
} else {
// msg!
@@ -309,7 +325,7 @@ class Register extends Controller {
$regexpire = (($reg_expires) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_expires['due']) : datetime_convert('UTC', 'UTC', 'now + 99 years'));
// handle an email request that will be verified or an ivitation associated with an email address
- if ( $email > '' && ($email_verify || $icdone) ) {
+ if ($email > '' && $email_verify) {
// enforce in case of icdone
$flags |= ACCOUNT_UNVERIFIED;
$empin = $pass2 = random_string(24);
@@ -353,28 +369,40 @@ class Register extends Controller {
$reonar['chan.did1'] = notags(trim($arr['nickname']));
}
+ if($password_result['error']) {
+ $msg = $password_result['message'];
+ notice($msg);
+ zar_log($msg . ' ' . $did2);
+ goaway('register');
+ }
+
+ $salt = random_string(32);
+ $password = $salt . ',' . hash('whirlpool', $salt . $password);
+
$reg = q("INSERT INTO register ("
- . "reg_flags,reg_didx,reg_did2,reg_hash,reg_created,reg_startup,reg_expires,"
- . "reg_email,reg_pass,reg_lang,reg_atip,reg_stuff)"
- . " VALUES (%d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
- intval($flags),
- dbesc($didx),
- dbesc($did2),
- dbesc($pass2),
- dbesc($now),
- dbesc($regdelay),
- dbesc($regexpire),
- dbesc($email),
- dbesc(bin2hex($password)),
- dbesc(substr(get_best_language(),0,2)),
- dbesc($ip),
- dbesc(json_encode( $reonar ))
- );
+ . "reg_flags,reg_didx,reg_did2,reg_hash,reg_created,reg_startup,reg_expires,"
+ . "reg_email,reg_pass,reg_lang,reg_atip,reg_stuff)"
+ . " VALUES (%d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
+ intval($flags),
+ dbesc($didx),
+ dbesc($did2),
+ dbesc($pass2),
+ dbesc($now),
+ dbesc($regdelay),
+ dbesc($regexpire),
+ dbesc($email),
+ dbesc($password),
+ dbesc(substr(get_best_language(),0,2)),
+ dbesc($ip),
+ dbesc(json_encode( $reonar ))
+ );
if ($didx == 'a') {
$lid = q("SELECT reg_id FROM register WHERE reg_vital = 1 AND reg_did2 = '%s' AND reg_pass = '%s' ",
- dbesc($did2), dbesc(bin2hex($password)) );
+ dbesc($did2),
+ dbesc($password)
+ );
if ($lid && count($lid) == 1 ) {
diff --git a/include/account.php b/include/account.php
index c3c7d26b7..858c915e0 100644
--- a/include/account.php
+++ b/include/account.php
@@ -327,8 +327,9 @@ function create_account_from_register($arr) {
$roles = ACCOUNT_ROLE_ADMIN;
}
- $salt = random_string(32);
- $password_encoded = hash('whirlpool', $salt . (hex2bin($register[0]['reg_pass'])));
+ $password_parts = explode(',', $register[0]['reg_pass']);
+ $salt = $password_parts[0];
+ $password_encoded = $password_parts[1];
$ri = q(
"INSERT INTO account ("
diff --git a/view/tpl/admin_site.tpl b/view/tpl/admin_site.tpl
index 6af867e8c..0fff7029a 100644
--- a/view/tpl/admin_site.tpl
+++ b/view/tpl/admin_site.tpl
@@ -33,6 +33,7 @@
{{include file="field_input.tpl" field=$register_text}}
{{include file="field_select_grouped.tpl" field=$role}}
{{include file="field_select.tpl" field=$register_policy}}
+ {{include file="field_checkbox.tpl" field=$register_wo_email}}
{{include file="register_duty.tpl" field=$register_duty}}
{{include file="field_input.tpl" field=$register_perday}}
{{include file="field_input.tpl" field=$register_sameip}}
@@ -131,6 +132,7 @@
'<style> '+
' .zuiqmid { font-weight: normal; font-family: monospace; }'+
' .zui_n { width: 5em; text-align: center; }'+
+ ' .zuia { cursor: pointer; font-weight: bold; }'+
'</style>');
// <-hilmar]
</script>