aboutsummaryrefslogtreecommitdiffstats
path: root/mod/register.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/register.php')
-rw-r--r--mod/register.php175
1 files changed, 175 insertions, 0 deletions
diff --git a/mod/register.php b/mod/register.php
new file mode 100644
index 000000000..4e2c0bfb9
--- /dev/null
+++ b/mod/register.php
@@ -0,0 +1,175 @@
+<?php
+
+if(! function_exists('register_post')) {
+function register_post(&$a) {
+
+ $verified = 0;
+ $blocked = 1;
+
+ switch($a->config['register_policy']) {
+
+
+ case REGISTER_OPEN:
+ $blocked = 0;
+ $verified = 1;
+ break;
+
+ case REGISTER_VERIFY:
+ $blocked = 1;
+ $verify = 0;
+ break;
+
+ default:
+ case REGISTER_CLOSED:
+ if((! x($_SESSION,'authenticated') && (! x($_SESSION,'administrator')))) {
+ $_SESSION['sysmsg'] .= "Permission denied." . EOL;
+ return;
+ }
+ $blocked = 0;
+ $verified = 0;
+ break;
+ }
+
+ if(x($_POST,'username'))
+ $username = notags(trim($_POST['username']));
+ if(x($_POST,'email'))
+ $email =notags(trim($_POST['email']));
+
+ if((! x($username)) || (! x($email))) {
+ $_SESSION['sysmsg'] .= "Please enter the required information.". EOL;
+ return;
+ }
+
+ $err = '';
+
+ if(!eregi('[A-Za-z0-9._%-]+@[A-Za-z0-9._%-]+\.[A-Za-z]{2,6}',$email))
+ $err .= " Not valid email.";
+ if(strlen($username) > 40)
+ $err .= " Please use a shorter name.";
+ if(strlen($username) < 3)
+ $err .= " Name too short.";
+ $r = q("SELECT `uid` FROM `user`
+ WHERE `email` = '%s' LIMIT 1",
+ dbesc($email)
+ );
+ if($r !== false && count($r))
+ $err .= " This email address is already registered." . EOL;
+ if(strlen($err)) {
+ $_SESSION['sysmsg'] .= $err;
+ return;
+ }
+
+
+ $new_password = autoname(6) . mt_rand(100,9999);
+ $new_password_encoded = hash('whirlpool',$new_password);
+
+ $res=openssl_pkey_new(array(
+ 'digest_alg' => 'whirlpool',
+ 'private_key_bits' => 4096,
+ 'encrypt_key' => false ));
+
+ // Get private key
+
+ $prvkey = '';
+
+ openssl_pkey_export($res, $prvkey);
+
+ // Get public key
+
+ $pkey = openssl_pkey_get_details($res);
+ $pubkey = $pkey["key"];
+
+ $r = q("INSERT INTO `user` ( `username`, `password`, `email`,
+ `pubkey`, `prvkey`, `verified`, `blocked` )
+ VALUES ( '%s', '%s', '%s', '%s', '%s', %d, %d )",
+ dbesc($username),
+ dbesc($new_password_encoded),
+ dbesc($email),
+ dbesc($pubkey),
+ dbesc($prvkey),
+ intval($verified),
+ intval($blocked)
+ );
+
+ if($r) {
+ $r = q("SELECT `uid` FROM `user`
+ WHERE `username` = '%s' AND `password` = '%s' LIMIT 1",
+ dbesc($username),
+ dbesc($new_password_encoded)
+ );
+ if($r !== false && count($r))
+ $newuid = intval($r[0]['uid']);
+ }
+ else {
+ $_SESSION['sysmsg'] .= "An error occurred during registration. Please try again." . EOL;
+ return;
+ }
+
+ if(x($newuid) !== NULL) {
+ $r = q("INSERT INTO `profile` ( `uid`, `profile-name`, `is-default`, `name`, `photo`, `thumb` )
+ VALUES ( %d, '%s', %d, '%s', '%s', '%s' ) ",
+ intval($newuid),
+ 'default',
+ 1,
+ dbesc($username),
+ dbesc($a->get_baseurl() . '/images/default-profile.jpg'),
+ dbesc($a->get_baseurl() . '/images/default-profile-sm.jpg')
+ );
+ if($r === false) {
+ $_SESSION['sysmsg'] .= "An error occurred creating your default profile. Please try again." . EOL ;
+ // Start fresh next time.
+ $r = q("DELETE FROM `user` WHERE `uid` = %d",
+ intval($newuid));
+ return;
+ }
+ $r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `photo`, `thumb`, `blocked` )
+ VALUES ( %d, '%s', 1, '%s', '%s', '%s', 0 ) ",
+ intval($newuid),
+ datetime_convert(),
+ dbesc($username),
+ dbesc($a->get_baseurl() . '/images/default-profile.jpg'),
+ dbesc($a->get_baseurl() . '/images/default-profile-sm.jpg')
+ );
+
+
+ }
+
+ if( $a->config['register_policy'] == REGISTER_OPEN ) {
+ $email_tpl = file_get_contents("view/register_open_eml.tpl");
+ $email_tpl = replace_macros($email_tpl, array(
+ '$sitename' => $a->config['sitename'],
+ '$siteurl' => $a->get_baseurl(),
+ '$username' => $username,
+ '$email' => $email,
+ '$password' => $new_password,
+ '$uid' => $newuid ));
+
+ $res = mail($email,"Registration details for {$a->config['sitename']}",$email_tpl,"From: Administrator@{$_SERVER[SERVER_NAME]}");
+
+ }
+
+ if($res) {
+ $_SESSION['sysmsg'] .= "Registration successful. Please check your email for further instructions." . EOL ;
+ goaway($a->get_baseurl());
+ }
+ else {
+ $_SESSION['sysmsg'] .= "Failed to send email message. Here is the message that failed. $email_tpl " . EOL;
+ }
+
+ return;
+}}
+
+
+
+
+
+
+if(! function_exists('register_content')) {
+function register_content(&$a) {
+
+ $o = file_get_contents("view/register.tpl");
+ $o = replace_macros($o, array('$registertext' =>((x($a->config,'register_text'))? $a->config['register_text'] : "" )));
+ return $o;
+
+}}
+