2006-12-02 04:36:16 +00:00
< ? php
/*
2008-12-21 11:07:58 +00:00
* e107 website system
*
2014-08-29 14:17:37 +02:00
* Copyright ( C ) 2008 - 2014 e107 Inc ( e107 . org )
2008-12-21 11:07:58 +00:00
* Released under the terms and conditions of the
* GNU General Public License ( http :// www . gnu . org / licenses / gpl . txt )
*
* User signup
2011-09-14 11:30:58 +00:00
*
*/
2006-12-02 04:36:16 +00:00
require_once ( " class2.php " );
2009-08-28 15:30:25 +00:00
2021-01-19 18:52:56 -08:00
if ( ! empty ( $_POST [ 'email2' ])) // spam-trap.
2013-03-10 22:07:06 -07:00
{
exit ;
}
2014-08-29 14:17:37 +02:00
2006-12-02 04:36:16 +00:00
$qs = explode ( " . " , e_QUERY );
2009-08-28 15:30:25 +00:00
2008-12-21 22:17:05 +00:00
if ( $qs [ 0 ] != 'activate' )
2008-06-13 20:20:23 +00:00
{ // multi-language fix.
2012-11-15 16:02:34 +00:00
e107 :: coreLan ( 'signup' );
//include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE);
2008-12-28 22:37:43 +00:00
// include_lan(e_LANGUAGEDIR.e_LANGUAGE."/lan_usersettings.php"); Shouldn't need this now
2006-12-02 04:36:16 +00:00
}
2009-08-28 15:30:25 +00:00
2021-01-19 18:52:56 -08:00
e107 :: js ( 'inline' , "
function addtext3 ( sc ){
document . getElementById ( 'signupform' ) . image . value = sc ;
}
function addsig ( sc ){
document . getElementById ( 'signupform' ) . signature . value += sc ;
}
function help ( help ){
document . getElementById ( 'signupform' ) . helpb . value = help ;
}
" );
2012-11-15 16:02:34 +00:00
e107 :: coreLan ( 'user' ); // Generic user-related language defines
2008-12-21 11:07:58 +00:00
2015-08-31 15:28:17 -07:00
$bcLans = array (
" LAN_7 " => " LAN_SIGNUP_89 " , // "Display Name: ");
" LAN_8 " => " LAN_SIGNUP_90 " , // "the name that will be displayed on site");
" LAN_9 " => " LAN_SIGNUP_81 " , // "Username: ");
" LAN_10 " => " LAN_SIGNUP_82 " , // "the name that you use to login");
" LAN_17 " => " LAN_SIGNUP_83 " , // "Password: ");
" LAN_109 " => " LAN_SIGNUP_77 " , // "This site complies with The Children's Online Privacy Protection Act of 1998 (COPPA) and as such cannot accept registrations from users under the age of 13 without a written permission document from their parent or guardian. For more information you can read the legislation");
" LAN_111 " => " LAN_SIGNUP_84 " , // "Re-type Password: ");
" LAN_112 " => " LAN_USER_60 " , // "Email Address: ");
" LAN_113 " => " LAN_USER_83 " , // "Hide email address?: ");
" LAN_120 " => " LAN_USER_71 " , // "Signature: ");
" LAN_121 " => " LAN_SIGNUP_94 " , // "Avatar: ");
" LAN_122 " => " " , // "Timezone:");
" LAN_123 " => " LAN_SIGNUP_79 " , // "Register");
" LAN_308 " => " LAN_SIGNUP_91 " , // "Real Name: ");
" LAN_309 " => " LAN_SIGNUP_80 " , // "Please enter your details below.");
" LAN_400 " => " LAN_SIGNUP_85 " , // "Usernames and passwords are <b>case-sensitive</b>.");
" LAN_410 " => " LAN_SIGNUP_95 " , // "Enter code visible in the image");
);
e107 :: getLanguage () -> bcDefs ( $bcLans ); // Backward compatibility fix.
2008-12-21 22:17:05 +00:00
define ( 'SIGNUP_DEBUG' , FALSE );
2006-12-02 04:36:16 +00:00
2013-03-27 16:20:31 -07:00
e107 :: js ( 'core' , 'jquery.mailcheck.min.js' , 'jquery' , 2 );
2008-12-21 22:17:05 +00:00
include_once ( e_HANDLER . 'user_extended_class.php' );
2009-01-04 16:00:19 +00:00
$usere = new e107_user_extended ;
2014-08-29 14:17:37 +02:00
2008-12-21 22:17:05 +00:00
require_once ( e_HANDLER . 'validator_class.php' );
2009-11-22 14:10:09 +00:00
// require_once(e_HANDLER.'user_handler.php');
2010-10-26 07:41:20 +00:00
$userMethods = e107 :: getUserSession ();
2008-12-21 22:17:05 +00:00
$userMethods -> deleteExpired (); // Delete time-expired partial registrations
2006-12-02 04:36:16 +00:00
2019-06-08 10:36:48 -07:00
$SIGNUP_BEGIN = null ;
$SIGNUP_BODY = null ;
$SIGNUP_END = null ;
$COPPA_TEMPLATE = null ;
$COPPA_FAIL = null ;
2021-01-03 10:17:01 -08:00
if ( $template = e107 :: getCoreTemplate ( 'signup' ))
{
$SIGNUP_BEGIN = $template [ 'start' ];
$SIGNUP_BODY = $template [ 'body' ];
$SIGNUP_END = $template [ 'end' ];
$COPPA_TEMPLATE = $template [ 'coppa' ];
$COPPA_FAIL = $template [ 'coppa-fail' ];
$SIGNUP_EXTENDED_USER_FIELDS = $template [ 'extended-user-fields' ];
$SIGNUP_EXTENDED_CAT = $template [ 'extended-category' ];
}
else
{
require_once ( e107 :: coreTemplatePath ( 'signup' )); //correct way to load a core template.
2021-01-12 12:19:37 -08:00
$template = array (
'extended-user-fields' => $SIGNUP_EXTENDED_USER_FIELDS ,
'extended-category' => $SIGNUP_EXTENDED_CAT
);
2021-01-03 10:17:01 -08:00
}
2012-05-31 06:07:33 +00:00
$signup_shortcodes = e107 :: getScBatch ( 'signup' );
2021-01-03 10:17:01 -08:00
$signup_shortcodes -> wrapper ( 'signup' );
2021-01-12 12:19:37 -08:00
$signup_shortcodes -> template = $template ;
2012-06-15 04:15:46 +00:00
// $facebook_shortcodes = e107::getScBatch('facebook',TRUE);
2006-12-02 04:36:16 +00:00
2009-11-18 20:45:20 +00:00
$signup_imagecode = ( $pref [ 'signcode' ] && extension_loaded ( 'gd' ));
2008-06-13 20:20:23 +00:00
$text = '' ;
2008-12-29 09:31:36 +00:00
$extraErrors = array ();
$error = FALSE ;
2006-12-02 04:36:16 +00:00
// ------------------------------------------------------------------
2008-12-21 11:07:58 +00:00
if ( ! $_POST )
2006-12-02 04:36:16 +00:00
{
2009-11-18 20:45:20 +00:00
$error = '' ;
$text = ' ' ;
$password1 = '' ;
$password2 = '' ;
$email = '' ; // Used in shortcodes
$loginname = '' ;
$realname = '' ;
$image = '' ;
$avatar_upload = '' ;
$photo_upload = '' ;
$_POST [ 'ue' ] = '' ;
$signature = '' ;
2006-12-02 04:36:16 +00:00
}
2012-06-13 04:58:43 +00:00
2015-02-14 01:11:44 -08:00
if ( ! empty ( $pref [ 'membersonly_enabled' ]))
2006-12-02 04:36:16 +00:00
{
2015-02-14 01:11:44 -08:00
$template = e107 :: getCoreTemplate ( 'membersonly' , 'signup' );
define ( 'e_IFRAME' , true );
define ( 'e_IFRAME_HEADER' , $template [ 'header' ] );
define ( 'e_IFRAME_FOOTER' , $template [ 'footer' ] );
unset ( $template );
2006-12-02 04:36:16 +00:00
}
2014-08-29 14:17:37 +02:00
/*
2006-12-02 04:36:16 +00:00
if ( $signup_imagecode )
{
2012-06-19 13:20:30 +00:00
// require_once(e_HANDLER."secure_img_handler.php");
// $sec_img = new secure_image;
2006-12-02 04:36:16 +00:00
}
2014-08-29 14:17:37 +02:00
*/
2009-11-22 23:36:23 +00:00
2015-02-10 19:47:45 -08:00
if (( USER || ( intval ( $pref [ 'user_reg' ]) !== 1 ) || ( vartrue ( $pref [ 'auth_method' ], 'e107' ) != 'e107' )) && ! getperms ( '0' ))
2010-02-10 21:53:56 +00:00
{
2016-01-13 19:17:37 -08:00
e107 :: redirect ();
2015-02-05 16:24:54 -08:00
2012-05-31 06:07:33 +00:00
}
2006-12-02 04:36:16 +00:00
2007-12-09 16:42:23 +00:00
//----------------------------------------
2009-08-28 15:30:25 +00:00
// After clicking the activation link
2007-12-09 16:42:23 +00:00
//----------------------------------------
2019-06-08 10:36:48 -07:00
require_once ( e_HANDLER . " e_signup_class.php " );
2018-12-19 11:21:12 -08:00
if ( e_QUERY && e_QUERY != 'stage1' )
{
require_once ( HEADERF );
2020-06-13 13:18:37 -07:00
$suObj = new e_signup ;
2021-01-11 16:46:33 -08:00
$suObj -> run ( e_QUERY );
2018-12-19 11:21:12 -08:00
require_once ( FOOTERF );
2021-01-19 18:52:56 -08:00
return ;
2018-12-19 11:21:12 -08:00
exit ;
}
2015-05-12 20:15:05 -07:00
2006-12-02 04:36:16 +00:00
2007-12-09 16:42:23 +00:00
//----------------------------------------
// Initial signup (registration)
2015-05-12 20:15:05 -07:00
// TODO - move all of this into the class above.
2015-02-10 19:47:45 -08:00
if ( isset ( $_POST [ 'register' ]) && intval ( $pref [ 'user_reg' ]) === 1 )
2012-06-13 04:58:43 +00:00
{
2014-08-29 14:17:37 +02:00
e107 :: getCache () -> clear ( " online_menu_totals " );
2017-09-14 11:42:59 -07:00
if ( $signup_imagecode )
2012-06-13 04:58:43 +00:00
{
if ( $badCodeMsg = e107 :: getSecureImg () -> invalidCode ( $_POST [ 'rand_num' ], $_POST [ 'code_verify' ])) // better: allows class to return the error.
2006-12-02 04:36:16 +00:00
{
2012-06-13 04:58:43 +00:00
//$extraErrors[] = LAN_SIGNUP_3."\\n";
$extraErrors [] = $badCodeMsg . " \\ n " ;
2008-12-21 22:17:05 +00:00
$error = TRUE ;
2006-12-02 04:36:16 +00:00
}
}
2014-08-29 14:17:37 +02:00
if ( $invalid = e107 :: getEvent () -> trigger ( " usersup_veri " , $_POST ))
2008-07-16 22:19:57 +00:00
{
2008-12-29 09:31:36 +00:00
$extraErrors [] = $invalid . " \\ n " ;
2008-07-16 22:19:57 +00:00
$error = TRUE ;
}
2008-12-21 22:17:05 +00:00
if ( ! $error )
2006-12-02 04:36:16 +00:00
{
2013-05-26 14:13:37 -07:00
if ( vartrue ( $pref [ 'predefinedLoginName' ]))
2006-12-02 04:36:16 +00:00
{
2008-12-21 22:17:05 +00:00
$_POST [ 'loginname' ] = $userMethods -> generateUserLogin ( $pref [ 'predefinedLoginName' ]);
2006-12-02 04:36:16 +00:00
}
2009-08-28 15:30:25 +00:00
2012-05-31 06:07:33 +00:00
if ( ! isset ( $_POST [ 'hideemail' ])) // For when it is disabled - default is to hide-email.
{
$_POST [ 'hideemail' ] = 1 ;
}
if ( ! isset ( $_POST [ 'email_confirm' ]))
{
$_POST [ 'email_confirm' ] = $_POST [ 'email' ];
}
2008-12-21 22:17:05 +00:00
// Use LoginName for DisplayName if restricted
if ( ! check_class ( $pref [ 'displayname_class' ], e_UC_PUBLIC . ',' . e_UC_MEMBER ))
2006-12-02 04:36:16 +00:00
{
2008-12-21 22:17:05 +00:00
$_POST [ 'username' ] = $_POST [ 'loginname' ];
2006-12-02 04:36:16 +00:00
}
2009-08-28 15:30:25 +00:00
2015-05-12 20:15:05 -07:00
// generate password if passwords are disabled and email validation is enabled.
$noPasswordInput = e107 :: getPref ( 'signup_option_password' , 2 ); //0 = generate it.
2018-03-09 17:52:14 -08:00
if ( empty ( $noPasswordInput ) && ! isset ( $_POST [ 'password1' ]) && $this -> pref [ 'user_reg_veri' ] === 1 )
2015-05-12 20:15:05 -07:00
{
2015-05-16 19:17:24 -07:00
$_POST [ 'password1' ] = $userMethods -> generateRandomString ( " #*******# " );
2015-05-12 20:15:05 -07:00
$_POST [ 'password2' ] = $_POST [ 'password1' ];
}
2016-06-05 13:33:18 -07:00
// posted class subscription - check it's only from the public classes.
if ( ! empty ( $_POST [ 'class' ]))
{
$publicClasses = e107 :: getUserClass () -> get_editable_classes ( e_UC_PUBLIC , true );
$_POST [ 'class' ] = array_intersect ( $publicClasses , $_POST [ 'class' ]);
unset ( $publicClasses );
}
2008-12-21 22:17:05 +00:00
// Now validate everything
$allData = validatorClass :: validateFields ( $_POST , $userMethods -> userVettingInfo , TRUE ); // Do basic validation
2020-12-26 09:28:02 -08:00
validatorClass :: checkMandatory ( 'user_name,user_loginname' , $allData );
// Check for missing fields (email done in userValidation() )
2008-12-21 22:17:05 +00:00
validatorClass :: dbValidateArray ( $allData , $userMethods -> userVettingInfo , 'user' , 0 ); // Do basic DB-related checks
2015-05-12 20:15:05 -07:00
$userMethods -> userValidation ( $allData );
2019-06-08 10:36:48 -07:00
$savePassword = null ;
2008-12-29 09:31:36 +00:00
if ( ! isset ( $allData [ 'errors' ][ 'user_password' ]))
2014-08-29 14:17:37 +02:00
{
// No errors in password - keep it outside the main data array
2009-01-11 21:06:52 +00:00
$savePassword = $allData [ 'data' ][ 'user_password' ];
2014-08-29 14:17:37 +02:00
unset ( $allData [ 'data' ][ 'user_password' ]); // Delete the password value in the output array
2007-12-09 16:42:23 +00:00
}
2014-08-29 14:17:37 +02:00
unset ( $_POST [ 'password1' ]); // Restrict the scope of this
2008-12-28 22:37:43 +00:00
unset ( $_POST [ 'password2' ]);
2009-08-28 15:30:25 +00:00
2012-01-02 22:06:22 +00:00
$allData [ 'user_ip' ] = e107 :: getIPHandler () -> getIP ( FALSE );
2009-08-28 15:30:25 +00:00
2009-11-18 20:45:20 +00:00
// check for multiple signups from the same IP address. But ignore localhost
2015-07-07 12:07:17 -07:00
if ( $allData [ 'user_ip' ] != e107 :: LOCALHOST_IP && $allData [ 'user_ip' ] != e107 :: LOCALHOST_IP2 )
2006-12-02 04:36:16 +00:00
{
2014-08-29 14:17:37 +02:00
if ( $ipcount = $sql -> select ( 'user' , '*' , " user_ip=' " . $allData [ 'user_ip' ] . " ' and user_ban !='2' " ))
2008-12-21 22:17:05 +00:00
{
2009-11-18 20:45:20 +00:00
if ( $ipcount >= $pref [ 'signup_maxip' ] && trim ( $pref [ 'signup_maxip' ]) != " " )
{
$allData [ 'errors' ][ 'user_email' ] = ERR_GENERIC ;
$allData [ 'errortext' ][ 'user_email' ] = LAN_SIGNUP_71 ;
2014-10-23 11:07:18 -07:00
e107 :: getLog () -> add ( 'USET_15' , LAN_SIGNUP_103 . e107 :: getIPHandler () -> getIP ( FALSE ), 4 );
2009-11-18 20:45:20 +00:00
}
2006-12-02 04:36:16 +00:00
}
2008-12-21 22:17:05 +00:00
}
2009-08-28 15:30:25 +00:00
2008-12-21 22:17:05 +00:00
// Email address confirmation.
if ( ! isset ( $allData [ 'errors' ][ 'user_email' ]))
{ // Obviously nothing wrong with the email address so far (or maybe its not required)
if ( $_POST [ 'email' ] != $_POST [ 'email_confirm' ])
2006-12-02 04:36:16 +00:00
{
2008-12-21 22:17:05 +00:00
$allData [ 'errors' ][ 'user_email' ] = ERR_GENERIC ;
$allData [ 'errortext' ][ 'user_email' ] = LAN_SIGNUP_38 ;
2009-01-11 21:06:52 +00:00
unset ( $allData [ 'data' ][ 'user_email' ]);
2008-12-21 22:17:05 +00:00
}
}
2009-08-28 15:30:25 +00:00
2008-12-21 22:17:05 +00:00
// Verify Custom Signup options if selected - need specific loop since the need for them is configuration-dependent
2008-12-28 22:37:43 +00:00
$signup_option_title = array ( LAN_USER_63 , LAN_USER_71 , LAN_USER_72 , LAN_USER_73 , LAN_USER_74 );
$signup_option_names = array ( 'realname' , 'signature' , 'image' , 'class' , 'customtitle' );
2009-08-28 15:30:25 +00:00
2008-12-21 22:17:05 +00:00
foreach ( $signup_option_names as $key => $value )
{
2009-01-11 21:06:52 +00:00
if ( $pref [ 'signup_option_' . $value ] == 2 && ! isset ( $alldata [ 'data' ][ 'user_' . $value ]) && ! isset ( $alldata [ 'errors' ][ 'user_' . $value ]))
2008-12-21 22:17:05 +00:00
{
$alldata [ 'errors' ][ 'user_' . $value ] = ERR_GENERIC ;
2017-11-06 14:04:02 -08:00
$alldata [ 'errortext' ][ 'user_' . $value ] = str_replace ( '[x]' , $signup_option_title [ $key ], LAN_USER_75 );
2008-12-21 22:17:05 +00:00
}
}
2009-08-28 15:30:25 +00:00
2008-12-28 22:37:43 +00:00
// Validate Extended User Fields.
2008-12-21 22:17:05 +00:00
$eufVals = array ();
2019-06-08 10:36:48 -07:00
if ( isset ( $_POST [ 'ue' ]))
2008-12-21 22:17:05 +00:00
{
2019-06-08 10:36:48 -07:00
$eufVals = $usere -> sanitizeAll ( $_POST [ 'ue' ]);
$eufVals = $usere -> userExtendedValidateAll ( varset ( $eufVals , array ()), varset ( $_POST [ 'hide' ], array ()), TRUE ); // Validate the extended user fields
2006-12-02 04:36:16 +00:00
}
2008-12-28 22:37:43 +00:00
// Determine whether we have an error
2008-12-29 09:31:36 +00:00
$error = (( isset ( $allData [ 'errors' ]) && count ( $allData [ 'errors' ])) || ( isset ( $eufVals [ 'errors' ]) && count ( $eufVals [ 'errors' ])) || count ( $extraErrors ));
2012-06-02 14:36:22 +00:00
2008-12-21 22:17:05 +00:00
// All validated here - handle any errors
2012-06-13 04:58:43 +00:00
if ( $error ) //FIXME - this ignores the errors caused by invalid image-code.
2008-12-21 22:17:05 +00:00
{
2008-12-28 22:37:43 +00:00
$temp = array ();
2008-12-29 09:31:36 +00:00
if ( count ( $extraErrors ))
{
$temp [] = implode ( '<br />' , $extraErrors );
}
2008-12-28 22:37:43 +00:00
if ( count ( $allData [ 'errors' ]))
{
$temp [] = validatorClass :: makeErrorList ( $allData , 'USER_ERR_' , '%n - %x - %t: %v' , '<br />' , $userMethods -> userVettingInfo );
}
2013-05-26 14:13:37 -07:00
if ( vartrue ( $eufVals [ 'errors' ]))
2008-12-28 22:37:43 +00:00
{
2012-06-02 14:36:22 +00:00
$temp [] = validatorClass :: makeErrorList ( $eufVals , 'USER_ERR_' , '%n - %t: %v' , '<br />' );
2008-12-28 22:37:43 +00:00
}
2012-06-02 14:36:22 +00:00
2015-02-10 19:47:45 -08:00
if ( deftrue ( 'BOOTSTRAP' ))
{
e107 :: getMessage () -> addError ( implode ( '<br />' , $temp ));
}
else
{
message_handler ( 'P_ALERT' , implode ( '<br />' , $temp ));
}
2008-12-21 22:17:05 +00:00
}
} // End of data validation
2012-06-13 04:58:43 +00:00
else
{
2015-02-10 19:47:45 -08:00
if ( deftrue ( 'BOOTSTRAP' ))
{
2017-09-14 11:42:59 -07:00
e107 :: getMessage () -> addError ( implode ( '<br />' , $extraErrors ));
2015-02-10 19:47:45 -08:00
}
else
{
message_handler ( 'P_ALERT' , implode ( '<br />' , $extraErrors )); // Workaround for image-code errors.
}
2012-06-13 04:58:43 +00:00
}
2006-12-02 04:36:16 +00:00
2007-12-09 16:42:23 +00:00
// ========== End of verification.. ==============
// If no errors, we can enter the new member in the DB
2008-12-21 22:17:05 +00:00
// At this point we have two data arrays:
2009-01-11 21:06:52 +00:00
// $allData['data'] - the 'core' user data
// $eufVals['data'] - any extended user fields
2006-12-02 04:36:16 +00:00
if ( ! $error )
{
2008-12-29 09:31:36 +00:00
$error_message = '' ;
2006-12-02 04:36:16 +00:00
$fp = new floodprotect ;
if ( $fp -> flood ( " user " , " user_join " ) == FALSE )
{
2016-01-13 19:17:37 -08:00
e107 :: redirect ();
2006-12-02 04:36:16 +00:00
exit ;
}
2014-08-29 14:17:37 +02:00
if ( $_POST [ 'email' ] && $sql -> select ( " user " , " * " , " user_email=' " . $_POST [ 'email' ] . " ' AND user_ban=' " . USER_BANNED . " ' " ))
2007-10-11 19:46:36 +00:00
{
2007-12-09 16:42:23 +00:00
exit ;
2006-12-02 04:36:16 +00:00
}
2014-08-29 14:17:37 +02:00
$u_key = e_user_model :: randomKey (); // Key for signup completion
$allData [ 'data' ][ 'user_sess' ] = $u_key ; // Validation key
2008-12-21 22:17:05 +00:00
2009-06-12 20:41:35 +00:00
$userMethods -> userClassUpdate ( $allData [ 'data' ], 'usersup' );
2006-12-02 04:36:16 +00:00
2008-12-21 22:17:05 +00:00
if ( $pref [ 'user_reg_veri' ])
{
2009-01-11 21:06:52 +00:00
$allData [ 'data' ][ 'user_ban' ] = USER_REGISTERED_NOT_VALIDATED ;
2008-12-21 22:17:05 +00:00
}
else
{
2009-01-11 21:06:52 +00:00
$allData [ 'data' ][ 'user_ban' ] = USER_VALIDATED ;
2008-12-21 22:17:05 +00:00
}
2014-08-29 14:17:37 +02:00
2008-12-21 22:17:05 +00:00
// Work out data to be written to user audit trail
$signup_data = array ( 'user_name' , 'user_loginname' , 'user_email' , 'user_ip' );
2012-01-10 16:31:39 +00:00
// foreach (array() as $f)
foreach ( $signup_data as $f )
2008-12-21 22:17:05 +00:00
{
2014-08-29 14:17:37 +02:00
$signup_data [ $f ] = $allData [ 'data' ][ $f ]; // Just copy across selected fields
2008-12-21 22:17:05 +00:00
}
2009-01-11 21:06:52 +00:00
$allData [ 'data' ][ 'user_password' ] = $userMethods -> HashPassword ( $savePassword , $allData [ 'data' ][ 'user_loginname' ]);
2013-05-26 14:13:37 -07:00
if ( vartrue ( $pref [ 'allowEmailLogin' ]))
2008-12-17 20:26:57 +00:00
{ // Need to create separate password for email login
2014-10-24 07:37:03 +03:00
//$allData['data']['user_prefs'] = serialize(array('email_password' => $userMethods->HashPassword($savePassword, $allData['data']['user_email'])));
2017-12-01 17:00:02 -08:00
$allData [ 'data' ][ 'user_prefs' ] = e107 :: serialize ( array ( 'email_password' => $userMethods -> HashPassword ( $savePassword , $allData [ 'data' ][ 'user_email' ])));
2008-12-17 20:26:57 +00:00
}
2008-01-15 21:57:53 +00:00
2009-01-11 21:06:52 +00:00
$allData [ 'data' ][ 'user_join' ] = time ();
2012-08-01 21:03:07 +00:00
$allData [ 'data' ][ 'user_ip' ] = e107 :: getIPHandler () -> getIP ( FALSE );
2015-05-12 20:15:05 -07:00
2012-01-10 16:31:39 +00:00
2013-05-26 14:13:37 -07:00
if ( ! vartrue ( $allData [ 'data' ][ 'user_name' ]))
{
$allData [ 'data' ][ 'user_name' ] = $allData [ 'data' ][ 'user_loginname' ];
$signup_data [ 'user_name' ] = $allData [ 'data' ][ 'user_loginname' ];
}
2012-01-10 16:31:39 +00:00
// The user_class, user_perms, user_prefs, user_realm fields don't have default value,
// so we put apropriate ones, otherwise - broken DB Insert
2016-06-05 13:33:18 -07:00
if ( empty ( $allData [ 'data' ][ 'user_class' ]))
{
$allData [ 'data' ][ 'user_class' ] = '' ;
}
2012-01-10 16:31:39 +00:00
$allData [ 'data' ][ 'user_perms' ] = '' ;
$allData [ 'data' ][ 'user_prefs' ] = '' ;
$allData [ 'data' ][ 'user_realm' ] = '' ;
2008-12-21 22:17:05 +00:00
2015-05-12 20:15:05 -07:00
if ( empty ( $allData [ 'data' ][ 'user_signature' ]))
{
$allData [ 'data' ][ 'user_signature' ] = '' ; // as above - default required in MYsQL strict mode.
}
2008-12-21 22:17:05 +00:00
// Actually write data to DB
2013-05-26 14:13:37 -07:00
validatorClass :: addFieldTypes ( $userMethods -> userVettingInfo , $allData );
$nid = $sql -> insert ( 'user' , $allData );
2009-01-11 21:06:52 +00:00
if ( isset ( $eufVals [ 'data' ]) && count ( $eufVals [ 'data' ]))
2008-12-21 22:17:05 +00:00
{
2009-01-11 21:06:52 +00:00
$usere -> addFieldTypes ( $eufVals ); // Add in the data types for storage
$eufVals [ 'WHERE' ] = '`user_extended_id` = ' . intval ( $nid );
//$usere->addDefaultFields($eufVals); // Add in defaults for anything not explicitly set (commented out for now - will slightly modify behaviour)
2013-05-26 14:13:37 -07:00
$sql -> gen ( " INSERT INTO `#user_extended` (user_extended_id) values (' { $nid } ') " );
$sql -> update ( 'user_extended' , $eufVals );
}
2019-06-08 10:36:48 -07:00
// if (SIGNUP_DEBUG)
// {
2020-12-18 09:39:02 -08:00
// $admin_log->addEvent(10,debug_backtrace(),"DEBUG","Signup new user",array_merge($allData['data'],$eufVals) ,FALSE,LOG_TO_ROLLING);
2019-06-08 10:36:48 -07:00
// }
2008-01-15 21:57:53 +00:00
// Log to user audit log if enabled
2008-03-23 21:43:47 +00:00
$signup_data [ 'user_id' ] = $nid ;
2008-01-15 21:57:53 +00:00
$signup_data [ 'signup_key' ] = $u_key ;
2013-05-26 14:13:37 -07:00
$signup_data [ 'user_realname' ] = $tp -> toDB ( $_POST [ 'realname' ]);
2008-01-15 21:57:53 +00:00
$admin_log -> user_audit ( USER_AUDIT_SIGNUP , $signup_data );
2007-12-15 15:06:40 +00:00
2008-12-21 22:17:05 +00:00
if ( ! $nid )
2006-12-02 04:36:16 +00:00
{
require_once ( HEADERF );
2015-05-12 20:15:05 -07:00
$message = e107 :: getMessage () -> addError ( LAN_SIGNUP_36 ) -> render ();
$ns -> tablerender ( " " , $message );
2006-12-02 04:36:16 +00:00
require_once ( FOOTERF );
}
2008-12-17 20:26:57 +00:00
$adviseLoginName = '' ;
2013-05-26 14:13:37 -07:00
if ( vartrue ( $pref [ 'predefinedLoginName' ]) && ( integer ) $pref [ 'allowEmailLogin' ] === 0 )
2008-12-17 20:26:57 +00:00
{
2009-01-11 21:06:52 +00:00
$adviseLoginName = LAN_SIGNUP_65 . ': ' . $allData [ 'data' ][ 'user_loginname' ] . '<br />' . LAN_SIGNUP_66 . '<br />' ;
2008-12-17 20:26:57 +00:00
}
2008-06-13 20:20:23 +00:00
2014-08-29 14:17:37 +02:00
// Verification required (may be by email or by admin)
2006-12-02 04:36:16 +00:00
if ( $pref [ 'user_reg_veri' ])
2014-08-29 14:17:37 +02:00
{
2006-12-02 04:36:16 +00:00
// ========== Send Email =========>
2018-03-09 17:52:14 -08:00
if ((( int ) $pref [ 'user_reg_veri' ] !== 2 ) && $allData [ 'data' ][ 'user_email' ]) // Don't send if email address blank - means that its not compulsory
2006-12-02 04:36:16 +00:00
{
2009-01-11 21:06:52 +00:00
$allData [ 'data' ][ 'user_id' ] = $nid ; // User ID
2013-05-24 22:18:20 +03:00
// FIXME build while rendering - user::renderEmail()
$allData [ 'data' ][ 'activation_url' ] = SITEURL . " signup.php?activate. " . $allData [ 'data' ][ 'user_id' ] . " . " . $allData [ 'data' ][ 'user_sess' ];
// FIX missing user_name
if ( ! vartrue ( $allData [ 'data' ][ 'user_name' ])) $allData [ 'data' ][ 'user_name' ] = $allData [ 'data' ][ 'user_login' ];
// prefered way to send user emails
2015-05-16 19:17:24 -07:00
if ( getperms ( '0' ) && ! empty ( $_POST [ 'simulation' ]))
{
$simulation = true ;
$check = true ; //removes error message below.
}
else
{
$simulation = false ;
}
if ( $simulation !== true ) // Alow logged in main-admin to test signup procedure.
{
2015-05-12 20:15:05 -07:00
$sysuser = e107 :: getSystemUser ( false , false );
$sysuser -> setData ( $allData [ 'data' ]);
2015-05-13 15:21:27 -07:00
$sysuser -> setId ( $nid );
2015-05-12 20:15:05 -07:00
$check = $sysuser -> email ( 'signup' , array (
2015-05-13 15:21:27 -07:00
'user_id' => $nid ,
2015-05-12 20:15:05 -07:00
'user_password' => $savePassword , // for security reasons - password passed ONLY through options
));
2015-05-16 19:17:24 -07:00
}
2015-05-13 15:21:27 -07:00
if ( getperms ( '0' ))
2015-05-12 20:15:05 -07:00
{
e107 :: getMessage () -> addDebug ( print_a ( $allData , true ));
e107 :: getMessage () -> addDebug ( " Password: <b> " . $savePassword . " </b> " );
}
2015-05-13 15:21:27 -07:00
2013-05-24 22:18:20 +03:00
/*
2009-01-11 21:06:52 +00:00
$eml = render_email ( $allData [ 'data' ]);
2009-11-18 20:45:20 +00:00
$eml [ 'e107_header' ] = $eml [ 'userid' ];
require_once ( e_HANDLER . 'mail.php' );
$mailer = new e107Email ();
2012-07-31 07:32:00 +00:00
// FIX - sendEmail returns TRUE or error message...
2013-05-24 22:18:20 +03:00
$check = $mailer -> sendEmail ( $allData [ 'data' ][ 'user_email' ], $allData [ 'data' ][ 'user_name' ], $eml , FALSE ); */
if ( true !== $check )
2006-12-02 04:36:16 +00:00
{
$error_message = LAN_SIGNUP_42 ; // There was a problem, the registration mail was not sent, please contact the website administrator.
}
2009-11-18 20:45:20 +00:00
unset ( $allData [ 'data' ][ 'user_password' ]);
2006-12-02 04:36:16 +00:00
}
2013-05-26 14:13:37 -07:00
2014-08-29 14:17:37 +02:00
e107 :: getEvent () -> trigger ( 'usersup' , $_POST ); // Old trigger - send everything in the template, including extended fields.
2020-12-27 11:34:05 -08:00
e107 :: getEvent () -> trigger ( 'userpartial' , array_merge ( $allData [ 'data' ], ( array ) $eufVals [ 'data' ])); // New trigger - send everything in the template, including extended fields.
2016-03-17 11:02:25 -07:00
e107 :: getEvent () -> trigger ( 'user_signup_submitted' , $_POST );
2006-12-02 04:36:16 +00:00
require_once ( HEADERF );
2009-03-21 22:59:29 +00:00
2021-01-11 16:46:33 -08:00
$after_signup = e_signup :: renderAfterSignup ( $error_message );
2009-03-22 21:07:33 +00:00
$ns -> tablerender ( $after_signup [ 'caption' ], $after_signup [ 'text' ]);
2009-03-21 22:59:29 +00:00
2006-12-02 04:36:16 +00:00
require_once ( FOOTERF );
exit ;
}
2014-08-29 14:56:16 +02:00
// User can be signed up immediately
2006-12-02 04:36:16 +00:00
else
2014-08-29 14:56:16 +02:00
{
2006-12-02 04:36:16 +00:00
require_once ( HEADERF );
2014-08-29 14:56:16 +02:00
if ( ! $sql -> select ( " user " , " user_id " , " user_loginname=' " . $allData [ 'data' ][ 'user_loginname' ] . " ' AND user_password=' " . $allData [ 'data' ][ 'user_password' ] . " ' " ))
2014-08-29 14:17:37 +02:00
{
// Error looking up newly created user
2006-12-02 04:36:16 +00:00
$ns -> tablerender ( " " , LAN_SIGNUP_36 );
require_once ( FOOTERF );
exit ;
}
2014-08-29 14:56:16 +02:00
// Set initial classes, and any which the user can opt to join
if ( $init_class = $userMethods -> userClassUpdate ( $row , 'userpartial' ))
{
$allData [ 'data' ][ 'user_class' ] = $init_class ;
2019-02-22 11:10:05 -08:00
$user_class_update = $sql -> update ( " user " , " user_class = ' { $allData [ 'data' ][ 'user_class' ] } ' WHERE user_name=' { $allData [ 'data' ][ 'user_name' ] } ' LIMIT 1 " );
2014-08-29 14:56:16 +02:00
if ( $user_class_update === FALSE )
{
2020-12-18 09:39:02 -08:00
//$admin_log->addEvent(10,debug_backtrace(),'USER','Userclass update fail',print_r($row,TRUE),FALSE,LOG_TO_ROLLING);
2014-08-29 14:56:16 +02:00
require_once ( HEADERF );
$ns -> tablerender ( LAN_SIGNUP_75 , LAN_SIGNUP_101 );
require_once ( FOOTERF );
exit ;
}
}
2014-08-29 14:17:37 +02:00
e107 :: getEvent () -> trigger ( 'usersup' , $_POST ); // send everything in the template, including extended fields.
e107 :: getEvent () -> trigger ( 'userfull' , array_merge ( $allData [ 'data' ], $eufVals [ 'data' ])); // New trigger - send everything in the template, including extended fields.
2006-12-02 04:36:16 +00:00
2008-12-17 20:26:57 +00:00
if ( isset ( $pref [ 'signup_text_after' ]) && ( strlen ( $pref [ 'signup_text_after' ]) > 2 ))
2006-12-02 04:36:16 +00:00
{
2008-12-17 20:26:57 +00:00
$text = $tp -> toHTML ( str_replace ( '{NEWLOGINNAME}' , $loginname , $pref [ 'signup_text_after' ]), TRUE , 'parse_sc,defs' ) . " <br /> " ;
2006-12-02 04:36:16 +00:00
}
else
{
2015-08-31 15:28:17 -07:00
$text = LAN_SIGNUP_76 . " " . SITENAME . " , " . LAN_SIGNUP_12 . " <br /><br /> " ;
2016-04-30 11:17:15 +02:00
$text .= str_replace ( array ( '[' , ']' ), array ( " <a href=' " . e_LOGIN . " '> " , " </a> " ), LAN_SIGNUP_13 );
2006-12-02 04:36:16 +00:00
}
2013-05-26 14:13:37 -07:00
2006-12-02 04:36:16 +00:00
$ns -> tablerender ( LAN_SIGNUP_8 , $text );
require_once ( FOOTERF );
exit ;
}
2008-12-21 22:17:05 +00:00
} // End - if (!$error)
else
{ // 'Recirculate' selected values so they are retained on the form when an error occurs
foreach ( array ( 'user_class' ) as $a )
{
2009-01-11 21:06:52 +00:00
$signupData [ $a ] = $tp -> toForm ( varset ( $allData [ 'data' ][ $a ], '' ));
2008-12-21 22:17:05 +00:00
}
2006-12-02 04:36:16 +00:00
}
}
2008-06-13 20:20:23 +00:00
// Disable the signup form - if either there was an error, or starting from scratch
2006-12-02 04:36:16 +00:00
require_once ( HEADERF );
$qs = ( $error ? " stage " : e_QUERY );
if ( $pref [ 'use_coppa' ] == 1 && strpos ( $qs , " stage " ) === FALSE )
{
$text = $tp -> parseTemplate ( $COPPA_TEMPLATE , TRUE , $signup_shortcodes );
2017-03-01 12:17:00 +01:00
$ns -> tablerender ( LAN_SIGNUP_78 , $text , 'coppa' );
2006-12-02 04:36:16 +00:00
require_once ( FOOTERF );
exit ;
}
2007-10-11 19:46:36 +00:00
if ( $qs == 'stage1' && $pref [ 'use_coppa' ] == 1 )
2006-12-02 04:36:16 +00:00
{
2007-10-11 19:46:36 +00:00
if ( isset ( $_POST [ 'newver' ]))
2006-12-02 04:36:16 +00:00
{
2013-05-26 14:13:37 -07:00
if ( ! vartrue ( $_POST [ 'coppa' ]))
2006-12-02 04:36:16 +00:00
{
$text = $tp -> parseTemplate ( $COPPA_FAIL );
2020-10-04 11:36:07 +02:00
$ns -> tablerender ( LAN_SIGNUP_78 , $text , 'coppa' );
2006-12-02 04:36:16 +00:00
require_once ( FOOTERF );
exit ;
}
}
2007-10-11 19:46:36 +00:00
else
{
2016-01-13 19:17:37 -08:00
e107 :: redirect ();
2007-10-11 19:46:36 +00:00
exit ;
}
2006-12-02 04:36:16 +00:00
}
require_once ( e_HANDLER . " form_handler.php " );
$rs = new form ;
2018-12-19 11:21:12 -08:00
// e107::getCoreTemplate('signup', 'signup');
2006-12-02 04:36:16 +00:00
$text = $tp -> parseTemplate ( $SIGNUP_BEGIN . $SIGNUP_BODY . $SIGNUP_END , TRUE , $signup_shortcodes );
2017-03-01 12:17:00 +01:00
$ns -> tablerender ( LAN_SIGNUP_79 , e107 :: getMessage () -> render ( 'default' , true ) . $text , 'signup' );
2018-03-09 17:52:14 -08:00
2006-12-02 04:36:16 +00:00
require_once ( FOOTERF );
exit ;
2008-06-13 20:20:23 +00:00
//----------------------------------
2008-12-21 22:17:05 +00:00
// Function returns an image if a field is required.
2006-12-02 04:36:16 +00:00
function req ( $field )
{
2019-03-01 20:01:40 -08:00
return ( $field == 2 ? " <span class='required'></span> " : " " );
2006-12-02 04:36:16 +00:00
}
2008-06-13 20:20:23 +00:00
//----------------------------------
2021-01-19 18:52:56 -08:00
/*
2006-12-02 04:36:16 +00:00
function headerjs ()
{
2020-04-20 12:37:39 -07:00
return "
2006-12-02 04:36:16 +00:00
< script type = \ " text/javascript \" >
function addtext3 ( sc ){
document . getElementById ( 'signupform' ) . image . value = sc ;
}
function addsig ( sc ){
document . getElementById ( 'signupform' ) . signature . value += sc ;
}
function help ( help ){
document . getElementById ( 'signupform' ) . helpb . value = help ;
}
</ script > \n " ;
2021-01-19 18:52:56 -08:00
} */
