aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Register.php
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module/Register.php')
-rw-r--r--Zotlabs/Module/Register.php94
1 files changed, 55 insertions, 39 deletions
diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php
index d865b7b49..98a682611 100644
--- a/Zotlabs/Module/Register.php
+++ b/Zotlabs/Module/Register.php
@@ -69,19 +69,21 @@ class Register extends Controller {
$invite_code = ( (x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : '');
$email = ( (x($arr,'email')) ? notags(punify(trim($arr['email']))) : '');
$password = ( (x($arr,'password')) ? trim($arr['password']) : '');
+ $password2 = ( (x($arr,'password2')) ? trim($arr['password2']) : '');
+
$reonar = array();
// case when an invited prepares the own account by supply own pw, accept tos, prepage channel (if auto)
if ($email && $invite_code) {
-
if ( preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email ) ) {
if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) {
$is247 = true;
}
}
-
}
+
+/*
// assume someone tries to validate (dId2 C/D/E), because only field email entered
if ( $email && ( ! $invite_code ) && ( ! $password ) && ( ! $_POST['password2'] ) ) {
@@ -102,14 +104,27 @@ class Register extends Controller {
}
}
+*/
+ $email_verify = get_config('system','verify_email');
+ if ($email_verify && ! $email) {
+ notice(t('Email address required') . EOL);
+ return;
+ }
+ if ($email) {
+ if ( ! preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $_POST['email'] ) ) {
+ // msg!
+ notice(t('Not a valid email address') . EOL);
+ return;
+ }
+ }
if ($act > 0 && !$is247 && !$duty['isduty']) {
// normally (except very 1st timr after install), that should never arrive here (ie js hack or sth like)
// log suitable for f2b also
$logmsg = 'ZAR0230S Unexpected registration request off duty';
zar_log($logmsg);
- goaway(z_root() . '/~');
+ return;
}
if ($sameip && !$is247) {
@@ -119,7 +134,7 @@ class Register extends Controller {
if ($f && $f[0]['atip'] > $sameip) {
$logmsg = 'ZAR0239S Exceeding same ip register request of ' . $sameip;
zar_log($logmsg);
- goaway(z_root() . '/~');
+ return;
}
}
@@ -127,41 +142,41 @@ class Register extends Controller {
// msg?
if ( !$is247 && self::check_reg_limits()['is'] ) return;
- // accept tos
- if(! x($_POST,'tos')) {
+ if(!$password) {
// msg!
- notice( 'ZAR0230E '
- . t('Please indicate acceptance of the Terms of Service. Registration failed.') . EOL);
+ notice(t('No password provided') . EOL);
return;
}
// pw1 == pw2
- if((! $_POST['password']) || ($_POST['password'] !== $_POST['password2'])) {
+ if($password !== $password2) {
// msg!
- notice( 'ZAR0230E '
- . t('Passwords do not match.') . EOL);
+ notice(t('Passwords do not match') . EOL);
return;
}
+ $password_result = check_account_password($password);
+ if(!empty($password_result['error'])) {
+ $msg = $password_result['message'];
+ notice($msg);
+ zar_log($msg . ' ' . $did2);
+ return;
+ }
- $email_verify = intval(get_config('system','verify_email'));
-
- if ($email) {
- if ( ! preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $_POST['email'] ) ) {
- // msg!
- notice('ZAR0239E '
- . t('Email address mistake') . EOL);
- return;
- }
+ // accept tos
+ if(! x($_POST,'tos')) {
+ // msg!
+ notice(t('Terms of Service not accepted') . EOL);
+ return;
}
+
$policy = intval(get_config('system','register_policy'));
$invonly = intval(get_config('system','invitation_only'));
$invalso = intval(get_config('system','invitation_also'));
$auto_create = (get_config('system','auto_channel_create') ? true : false);
$auto_create = true;
-
switch($policy) {
case REGISTER_OPEN:
@@ -349,6 +364,7 @@ class Register extends Controller {
]
);
pop_lang();
+ hz_syslog(print_r($reonar,true));
zar_reg_mail($reonar);
} else {
@@ -369,13 +385,6 @@ class Register extends Controller {
$reonar['chan.did1'] = notags(trim($arr['nickname']));
}
- if($password_result['error']) {
- $msg = $password_result['message'];
- notice($msg);
- zar_log($msg . ' ' . $did2);
- goaway('register');
- }
-
$salt = random_string(32);
$password = $salt . ',' . hash('whirlpool', $salt . $password);
@@ -420,13 +429,15 @@ class Register extends Controller {
// notice( 'ZAR0239I,' . t( 'Your digital id is' ) . EOL . 'd' . $didnew . EOL
$_SESSION['zar']['msg'] = ( t('Your validation token is') . ' ' . $pass2 . EOL
. t('Please remember your token and reload this page between') . EOL
- . '<code class="inline-code"><span data-utc="' . datetime_convert('UTC', 'UTC', $regdelay, 'c') . '" class="register_date">' . datetime_convert('UTC', 'UTC', $regdelay, 'c') . '</span></code> ' . t('and') . ' <code class="inline-code"><span data-utc="' . datetime_convert('UTC', 'UTC', $regexpire, 'c') . '" class="register_date">' . datetime_convert('UTC', 'UTC', $regexpire, 'c') . '</span></code>' . EOL
+ . '<code class="inline-code"><span id="register_start" data-utc="' . datetime_convert('UTC', 'UTC', $regdelay, 'c') . '" class="register_date">' . datetime_convert('UTC', 'UTC', $regdelay, 'c') . '</span></code> ' . t('and') . ' <code class="inline-code"><span data-utc="' . datetime_convert('UTC', 'UTC', $regexpire, 'c') . '" class="register_date">' . datetime_convert('UTC', 'UTC', $regexpire, 'c') . '</span></code>' . EOL
. t('to complete registration.')
);
}
else {
$_SESSION['zar']['pin'] = $pass2;
}
+ $_SESSION['zar']['pin'] = $pass2;
+
goaway(z_root() . '/regate/' . bin2hex('d' . $didnew) . 'a' );
}
else {
@@ -435,6 +446,8 @@ class Register extends Controller {
zar_log( $msg . ' ' . $did2);
}
}
+ goaway(z_root() . '/regate/' . bin2hex($email) . $didx );
+
}
}
}
@@ -508,15 +521,21 @@ class Register extends Controller {
$enable_tos = 1 - intval(get_config('system','no_termsofservice'));
+ $auto_create = (get_config('system','auto_channel_create') ? true : false);
+ $default_role = get_config('system','default_permissions_role');
+ $email_verify = get_config('system','verify_email');
+
$emailval = ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : "");
- $email = array('email',
- t('Your email address (or leave blank to register without email)') . ' <sup>ZAR0136I</sup>',
- $emailval,
- t('If the registation was already submitted with your data once ago, enter your identity (like email) here and submit') . '<sup>ZAR0133I</sup>'
- );
+ $email = ['email',
+ t('Your email address'),
+ $emailval,
+ (($email_verify) ? t('Required') : t('Optional')),
+ (($email_verify) ? '*' : ''),
+ $duty['atform']
+ ];
- $password = array('password', t('Choose a password'), '');
- $password2 = array('password2', t('Please re-enter your password'), '');
+ $password = array('password', t('Choose a password'), '', '', '', $duty['atform']);
+ $password2 = array('password2', t('Please re-enter your password'), '', '', '', $duty['atform']);
$invite_code = array('invite_code', t('Please enter your invitation code'), ((x($_REQUEST,'invite_code')) ? strip_tags(trim($_REQUEST['invite_code'])) : ""));
@@ -538,9 +557,6 @@ class Register extends Controller {
$tos = array('tos', $label_tos, '', '', array(t('no'),t('yes')));
- $auto_create = (get_config('system','auto_channel_create') ? true : false);
- $default_role = get_config('system','default_permissions_role');
- $email_verify = get_config('system','verify_email');
require_once('include/bbcode.php');