diff options
-rw-r--r-- | include/account.php | 81 | ||||
-rw-r--r-- | mod/zregister.php | 105 | ||||
-rw-r--r-- | version.inc | 2 |
3 files changed, 96 insertions, 92 deletions
diff --git a/include/account.php b/include/account.php index b2835b48b..fe0be87bc 100644 --- a/include/account.php +++ b/include/account.php @@ -121,9 +121,8 @@ function create_account($arr) { $password_encoded = hash('whirlpool', $salt . $password); $r = q("INSERT INTO account - ( account_parent, account_salt, account_password, account_email, account_language, - account_created, account_flags, account_roles, account_expires, - account_service_class ) + ( account_parent, account_salt, account_password, account_email, account_language, + account_created, account_flags, account_roles, account_expires, account_service_class ) VALUES ( %d, '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s' )", intval($parent), dbesc($salt), @@ -184,3 +183,79 @@ function account_verify_password($email,$pass) { } +function send_reg_approval_email($arr) { + + $r = q("select * from account where account_roles & " . intval(ACCOUNT_ROLE_ADMIN)); + if(! ($r && count($r))) + return false; + + $admins = array(); + + foreach($r as $rr) { + if(strlen($rr['account_email'])) { + $admins[] = array('email' => $rr['account_email'], 'lang' => $rr['account_lang']); + } + } + + if(! count($admins)) + return false; + + $hash = random_string(); + + $r = q("INSERT INTO register ( hash, created, uid, password, language ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", + dbesc($hash), + dbesc(datetime_convert()), + intval($arr['account']['account_id']), + dbesc($arr['password']), + dbesc($arr['account']['account_language']) + ); + + $delivered = 0; + + foreach($admins as $admin) { + if(strlen($admin['lang'])) + push_lang($admin['lang']); + else + push_lang('en'); + + + $email_msg = replace_macros(get_intltext_template('register_verify_email.tpl'), array( + '$sitename' => get_config('config','sitename'), + '$siteurl' => z_root(), + '$email' => $arr['email'], + '$uid' => $arr['account']['account_id'], + '$hash' => $hash + )); + + $res = mail($admin['email'], sprintf( t('Registration request at %s'), get_config('config','sitename')), + $email_msg, + 'From: ' . t('Administrator') . '@' . get_app()->get_hostname() . "\n" + . 'Content-type: text/plain; charset=UTF-8' . "\n" + . 'Content-transfer-encoding: 8bit' + ); + + if($res) + $delivered ++; + pop_lang(); + } + + return($delivered ? true : false); +} + +function send_verification_email($email,$password) { + + $email_msg = replace_macros(get_intltext_template('register_open_eml.tpl'), array( + '$sitename' => $get_config('config','sitename'), + '$siteurl' => z_root(), + '$email' => $email, + '$password' => $password, + )); + + $res = mail($email, sprintf( t('Registration details for %s'), get_config('config','sitename')), + $email_msg, + 'From: ' . t('Administrator') . '@' . get_app()->get_hostname() . "\n" + . 'Content-type: text/plain; charset=UTF-8' . "\n" + . 'Content-transfer-encoding: 8bit' + ); + return($res ? true : false); +} diff --git a/mod/zregister.php b/mod/zregister.php index 6478c7c9a..e8fdafae2 100644 --- a/mod/zregister.php +++ b/mod/zregister.php @@ -57,11 +57,10 @@ function zregister_post(&$a) { default: case REGISTER_CLOSED: - // TODO check against service class and fix this line - // if((! x($_SESSION,'authenticated') && (! x($_SESSION,'administrator')))) { - // notice( t('Permission denied.') . EOL ); - // return; - // } + if(! is_site_admin()) { + notice( t('Permission denied.') . EOL ); + return; + } $flags = ACCOUNT_UNVERIFIED | ACCOUNT_BLOCKED; break; } @@ -79,102 +78,32 @@ function zregister_post(&$a) { authenticate_success($result['account'],true,true); -//??? - // in fact we need the sponsor, not the user - $user = $result['user']; -/// - - $using_invites = get_config('system','invitation_only'); - $num_invites = get_config('system','number_invites'); - $invite_id = ((x($_POST,'invite_id')) ? notags(trim($_POST['invite_id'])) : ''); + $using_invites = intval(get_config('system','invitation_only')); + $num_invites = intval(get_config('system','number_invites')); + $invite_code = ((x($_POST,'invite_code')) ? notags(trim($_POST['invite_code'])) : ''); + if($using_invites && $invite_code) { + q("delete * from register where hash = '%s' limit 1", dbesc($invite_code)); + set_pconfig($result['account']['account_id'],'system','invites_remaining',$num_invites); + } if($policy == REGISTER_OPEN ) { - - if($using_invites && $invite_code) { - q("delete * from register where hash = '%s' limit 1", dbesc($invite_code)); -// set $sponsor - set_pconfig($sponsor['uid'],'system','invites_remaining',$num_invites); - } - - $email_tpl = get_intltext_template("register_open_eml.tpl"); - $email_tpl = replace_macros($email_tpl, array( - '$sitename' => $a->config['sitename'], - '$siteurl' => $a->get_baseurl(), - '$email' => $user['email'], - '$password' => $result['password'], - )); - - $res = mail($user['email'], sprintf(t('Registration details for %s'), $a->config['sitename']), - $email_tpl, - 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" - . 'Content-type: text/plain; charset=UTF-8' . "\n" - . 'Content-transfer-encoding: 8bit' ); - + $res = send_verification_email($result['email'],$result['password']); if($res) { info( t('Registration successful. Please check your email for validation instructions.') . EOL ) ; - - - - goaway(z_root()); } } elseif($policy == REGISTER_APPROVE) { - - if(! strlen($a->config['admin_email'])) { - notice( t('Your registration can not be processed.') . EOL); - goaway(z_root()); - } - - $hash = random_string(); - $r = q("INSERT INTO `register` ( `hash`, `created`, `uid`, `password`, `language` ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", - dbesc($hash), - dbesc(datetime_convert()), - intval($user['uid']), - dbesc($result['password']), - dbesc($a->language) - ); - - $r = q("SELECT `language` FROM `user` WHERE `email` = '%s' LIMIT 1", - dbesc($a->config['admin_email']) - ); - if(count($r)) - push_lang($r[0]['language']); - else - push_lang('en'); - - if($using_invites && $invite_id) { - q("delete * from register where hash = '%s' limit 1", dbesc($invite_id)); - set_pconfig($sponsor['uid'],'system','invites_remaining',$num_invites); - } - - $email_tpl = get_intltext_template("register_verify_eml.tpl"); - $email_tpl = replace_macros($email_tpl, array( - '$sitename' => $a->config['sitename'], - '$siteurl' => $a->get_baseurl(), - '$username' => $user['username'], - '$email' => $user['email'], - '$password' => $result['password'], - '$uid' => $user['uid'], - '$hash' => $hash - )); - - $res = mail($a->config['admin_email'], sprintf(t('Registration request at %s'), $a->config['sitename']), - $email_tpl, - 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" - . 'Content-type: text/plain; charset=UTF-8' . "\n" - . 'Content-transfer-encoding: 8bit' ); - - pop_lang(); - + $res = send_reg_approval_email($result); if($res) { info( t('Your registration is pending approval by the site owner.') . EOL ) ; - goaway(z_root()); } - + else { + notice( t('Your registration can not be processed.') . EOL); + } + goaway(z_root()); } - return; } diff --git a/version.inc b/version.inc index 38008a10f..750c54773 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2012-08-21.53 +2012-08-22.54 |