Automated passwords option during signup/registration.

2025-07-29 19:00:26 +02:00 · 2015-05-12 20:15:05 -07:00
parent 921ff1ff69
commit b1ba628bfa
11 changed files with 521 additions and 202 deletions
--- a/e107_admin/prefs.php
+++ b/e107_admin/prefs.php
@@ -1532,6 +1532,7 @@ $text .= "

 // Signup options ===========================.

+$prefOptionPassword = (isset($pref['signup_option_password'])) ? $pref['signup_option_password'] : 2;

 $text .= "
 		<fieldset class='e-hideme' id='core-prefs-signup'>
@@ -1541,10 +1542,19 @@ $text .= "
 					<col class='col-label' />
 					<col class='col-control' />
 				</colgroup>
-				<tbody>";
+				<tbody>
+				<tr>
+							<td><label for='signup-option-password'>Password</label></td>
+							<td>
+								".$frm->radio('signup_option_password', 0, !$prefOptionPassword, array('label' => CUSTSIG_12))."&nbsp;&nbsp;
+								".$frm->radio('signup_option_password', 1, ($prefOptionPassword == 1), array('label' => CUSTSIG_14, 'disabled'=>true))."&nbsp;&nbsp;
+								".$frm->radio('signup_option_password', 2, ($prefOptionPassword == 2), array('label' => CUSTSIG_15))."
+
+							</td>
+						</tr>";
 				
 		$signup_option_names = array(
-	//	"signup_option_loginname" 	=> "Login Name",
+		//	"signup_option_loginname" 	=> "Login Name",
 		"signup_option_email_confirm" 	=> CUSTSIG_21,
 		"signup_option_realname" 		=> CUSTSIG_2,
 		"signup_option_signature" 		=> CUSTSIG_6,
@@ -1554,6 +1564,7 @@ $text .= "
 		'signup_option_hideemail'		=> CUSTSIG_22
 	);

+
 	foreach($signup_option_names as $value => $key)
 	{
 		$label_value = str_replace('_', '-', $value);
--- a/e107_core/shortcodes/batch/signup_shortcodes.php
+++ b/e107_core/shortcodes/batch/signup_shortcodes.php
@@ -30,28 +30,30 @@ class signup_shortcodes extends e_shortcode
 		else
 		{
 			return "
-		<form method='post' action='".e_SELF."?stage1' autocomplete='off'>\n
-		<div><br />
-		<input type='radio' name='coppa' value='0' checked='checked' /> ".LAN_NO."
-		<input type='radio' name='coppa' value='1' /> ".LAN_YES."<br />
-		<br />
-		<input class='btn btn-primary button' type='submit' name='newver' value=\"".LAN_CONTINUE."\" />
-		</div></form>
+			<form method='post' action='".e_SELF."?stage1' autocomplete='off'>\n
+			<div><br />
+			<input type='radio' name='coppa' value='0' checked='checked' /> ".LAN_NO."
+			<input type='radio' name='coppa' value='1' /> ".LAN_YES."<br />
+			<br />
+			<input class='btn btn-primary button' type='submit' name='newver' value=\"".LAN_CONTINUE."\" />
+			</div></form>
 		";
 		}
 	}
-	
+
+
+
 	function sc_signup_xup($param) // show it to those who were using xup
 	{
 		switch ($param) 
 		{
 			case 'login':
-				return $this->sc_signup_xup_login();	
+				return $this->sc_signup_xup_login($param);
 			break;
 			
 			case 'signup':
 			default:
-				return $this->sc_signup_xup_signup();	
+				return $this->sc_signup_xup_signup($param);
 			break;
 		}
 	}
@@ -173,31 +175,34 @@ class signup_shortcodes extends e_shortcode
 	
 	function sc_signup_displayname()
 	{
-		global $pref, $rs;
+		$pref = e107::getPref();
+
 		if (check_class($pref['displayname_class']))
 		{
-		  $dis_name_len = varset($pref['displayname_maxlength'],15);
-		  return e107::getForm()->text('username', ($_POST['username'] ? $_POST['username'] : $username),  $dis_name_len);
-		//  return $rs->form_text('username', 30, , $dis_name_len);
+			$dis_name_len = varset($pref['displayname_maxlength'],15);
+			return e107::getForm()->text('username', ($_POST['username'] ? $_POST['username'] : ''),  $dis_name_len);
+
 		}
 	}
 	
 	
 	function sc_signup_loginname()
 	{
-		global $rs, $pref;
+
+		$pref = e107::getPref();
 		if (vartrue($pref['predefinedLoginName']))
 		{
 		  return LAN_SIGNUP_67;
 		}
+
 	//	if ($pref['signup_option_loginname'])
 		{
 			$log_name_length = varset($pref['loginname_maxlength'],30);
 			$options = array('size'=>30,'required'=>1);
-			$options['title'] = str_replace("[x]",$log_name_length,LAN_SIGNUP_109); // Password must be at least 
+			$options['title'] = str_replace("[x]",$log_name_length,LAN_SIGNUP_109); // Password must be at least
+			$options['pattern'] = '[\S]*';
 	
-			return e107::getForm()->text('loginname', ($_POST['loginname'] ? $_POST['loginname'] : $loginname), $log_name_length, $options);
-			// return $rs->form_text("loginname", 30,  , $log_name_length);
+			return e107::getForm()->text('loginname', ($_POST['loginname'] ? $_POST['loginname'] : ''), $log_name_length, $options);
 		}
 	}
 	
@@ -210,21 +215,30 @@ class signup_shortcodes extends e_shortcode
 		$options 				= array('size'=>30);
 		$options['required'] 	= ($pref==2) ? 1 : 0;
 		$options['title']		= LAN_SIGNUP_110;
-		return e107::getForm()->text('realname', ($_POST['realname'] ? $_POST['realname'] : $realname), 100, $options);
-			
-		//return $rs->form_text("realname", 30,  ($_POST['realname'] ? $_POST['realname'] : $realname), 100);
+
+		return e107::getForm()->text('realname', ($_POST['realname'] ? $_POST['realname'] : ''), 100, $options);
+
 	}
 	
 	
 	function sc_signup_password1()
 	{
+
+		$pref = e107::getPref('signup_option_password', 2);
+
+		if($pref != 2)
+		{
+			return false;
+		}
+
 		$options = array('size'=>30,'class'=>'e-password tbox','required'=>1);
 	//	$options['title'] = 'Password must contain at least 6 characters, including UPPER/lowercase and numbers';
 		$len = vartrue(e107::getPref('signup_pass_len'),6);
-		$options['title'] = str_replace("[x]",$len,LAN_SIGNUP_107); // Password must be at least 
+		$options['title'] = str_replace("[x]", $len, LAN_SIGNUP_107); // Password must contain  at least
 	//	$options['pattern'] = '(?=.*\d)(?=.*[a-z])(?=.*[A-Z])\w{'.$len.',}'; // at least one number, one lowercase and uppercase. 
 		$options['required'] = true;
 		$options['pattern'] = '(?=^.{'.$len.',}$)((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$';
+		$options['autocomplete'] = 'off';
 		
 	//	$options['pattern'] = '\w{'.$len.',}'; // word of minimum length 
 		
@@ -234,6 +248,14 @@ class signup_shortcodes extends e_shortcode
 	
 	function sc_signup_password2()
 	{
+
+		$pref = e107::getPref('signup_option_password', 2);
+
+		if($pref != 2)
+		{
+			return false;
+		}
+
 		return e107::getForm()->password('password2', '', 20, array('size'=>30,'class'=>'tbox','required'=>1));
 	}
 	
@@ -251,8 +273,9 @@ class signup_shortcodes extends e_shortcode
 	function sc_signup_email()
 	{	
 		$options = array('size'=>30,'required'=>1,'class'=>'tbox form-control input-text e-email');
-		$options['title'] = LAN_SIGNUP_108; // Must be a valid email address. 
-		$text = e107::getForm()->email('email',($_POST['email'] ? $_POST['email'] : $email),100,$options);
+		$options['title'] = LAN_SIGNUP_108; // Must be a valid email address.
+
+		$text = e107::getForm()->email('email',vartrue($_POST['email'], ''),100,$options);
 		$text .= "<div class='e-email-hint' style='display:none' data-hint='Did you mean <b>[x]</b>?'><!-- --></div>";
 		$text .= "<input type='text' name='email2' value='' style='display:none' />"; // spam-trap. 
 		return $text;
@@ -268,7 +291,7 @@ class signup_shortcodes extends e_shortcode
 		$options['required'] 	= ($pref==2) ? 1 : 0;
 		$options['class'] 		= 'tbox input-text e-email';
 		
-		return e107::getForm()->email('email_confirm',($_POST['email_confirm'] ? $_POST['email_confirm'] : $email_confirm),100,$options);
+		return e107::getForm()->email('email_confirm', vartrue($_POST['email_confirm']), 100, $options);

 	}
 	
@@ -278,6 +301,7 @@ class signup_shortcodes extends e_shortcode
 		global $rs;
 		$default_email_setting = 1;   // Gives option of turning into a pref later if wanted
 		$pref = e107::getPref('signup_option_hideemail');
+
 		if ($pref)
 		{
 			return $rs->form_radio("hideemail", 1, $default_email_setting==1)." ".LAN_YES."&nbsp;&nbsp;".$rs->form_radio("hideemail",  0,$default_email_setting==0)." ".LAN_NO;
@@ -289,6 +313,7 @@ class signup_shortcodes extends e_shortcode
 	{
 		global $pref, $e_userclass, $USERCLASS_SUBSCRIBE_START, $USERCLASS_SUBSCRIBE_END, $signupData;
 		$ret = "";
+
 		if($pref['signup_option_class'])
 		{
 		  if (!is_object($e_userclass))
@@ -352,13 +377,8 @@ class signup_shortcodes extends e_shortcode
 			'USERCLASS_CHECKED'     => (in_array($classnum, $tmp) ? " checked='checked'" : '')
 		);

-
-
-
-
 		return $tp->simpleParse($USERCLASS_SUBSCRIBE_ROW, $shortcodes);

-		return str_replace($search, $replace, $USERCLASS_SUBSCRIBE_ROW);
 	}
 	
 	
@@ -428,7 +448,7 @@ class signup_shortcodes extends e_shortcode
 		if($sigActive)
 		{
 			$frm = e107::getForm();
-			return $frm->bbarea('signature', $sig, 'signature','helpb', 'tiny');
+			return $frm->bbarea('signature', '', 'signature','helpb', 'tiny');
 		}
 	}
 	
--- a/e107_core/templates/signup_template.php
+++ b/e107_core/templates/signup_template.php
@@ -169,6 +169,19 @@ $sc_style['SIGNUP_EMAIL_CONFIRM']['post'] = "
 $sc_style['SIGNUP_XUP']['pre'] = "<div class='center' style='display:block;padding:10px'>";
 $sc_style['SIGNUP_XUP']['post'] = "<h2 class='signup-divider'><span>OR</span></h2></div>";

+$sc_style['SIGNUP_PASSWORD1']['pre'] = "<tr>
+				<td class='forumheader3' style='width:30%;white-space:nowrap'>".LAN_SIGNUP_83."<span class='required'> *</span></td>
+				<td class='forumheader3' style='width:70%'>";
+$sc_style['SIGNUP_PASSWORD1']['post'] = "</td>
+			</tr>";
+
+$sc_style['SIGNUP_PASSWORD2']['pre'] = "<tr>
+			<td class='forumheader3' style='width:30%;white-space:nowrap'>".LAN_SIGNUP_84."<span class='required'> *</span></td>
+			<td class='forumheader3' style='width:70%'>";
+$sc_style['SIGNUP_PASSWORD2']['post'] = "</td>
+		</tr>";
+
+
 if(!defined($COPPA_TEMPLATE))
 {
 	$COPPA_TEMPLATE = 
@@ -216,18 +229,8 @@ if(!defined($SIGNUP_BODY))
 				</td>
 			</tr>
 			{SIGNUP_EMAIL_CONFIRM}
-			<tr>
-				<td class='forumheader3' style='width:30%;white-space:nowrap'>".LAN_SIGNUP_83."<span class='required'> *</span></td>
-				<td class='forumheader3' style='width:70%'>
-					{SIGNUP_PASSWORD1}
-				</td>
-			</tr>
-			<tr>
-				<td class='forumheader3' style='width:30%;white-space:nowrap'>".LAN_SIGNUP_84."<span class='required'> *</span></td>
-				<td class='forumheader3' style='width:70%'>
-					{SIGNUP_PASSWORD2}
-				</td>
-			</tr>
+			{SIGNUP_PASSWORD1}
+			{SIGNUP_PASSWORD2}
 			{SIGNUP_HIDE_EMAIL}
 			{SIGNUP_USERCLASS_SUBSCRIBE}
 			{SIGNUP_EXTENDED_USER_FIELDS}
--- a/e107_core/xml/default_install.xml
+++ b/e107_core/xml/default_install.xml
@@ -54,7 +54,7 @@
 		<core name="disallowMultiLogin">0</core>
 		<core name="display_memory_usage">0</core>
 		<core name="displayname_class">255</core>
-		<core name="displayname_maxlength">15</core>
+		<core name="displayname_maxlength">20</core>
 		<core name="displayrendertime">0</core>
 		<core name="displaysql">0</core>
 		<core name="displaythemeinfo">1</core>
@@ -201,6 +201,7 @@
 		<core name="signcode">0</core>
 		<core name="signup_disallow_text"></core>
 		<core name="signup_maxip">3</core>
+        <core name="signup_option_password">2</core>
 		<core name="signup_option_class">0</core>
 		<core name="signup_option_customtitle">0</core>
 		<core name="signup_option_email_confirm">0</core>
--- a/e107_handlers/form_handler.php
+++ b/e107_handlers/form_handler.php
@@ -1470,7 +1470,8 @@ class e_form
 	//	return print_a($options,true);
 		if($labelFound) // Bootstrap compatible markup
 		{
-			$text .= "<label class='radio inline'>";	
+			$dis = (!empty($options['disabled'])) ? " disabled" : "";
+			$text .= "<label class='radio inline{$dis}'>";
 			
 		}
 		
--- a/e107_handlers/user_handler.php
+++ b/e107_handlers/user_handler.php
@@ -330,39 +330,41 @@ class UserHandler
 	 *		# - an alpha character
 	 *		. - a numeric character
 	 *		* - an alphanumeric character
+	 *      ! - symbol character
+	 *      ? - alpha, numeric or symbol character.
 	 *		^ - next character from seed
 	 *		alphanumerics are included 'as is'
 	 *	@param int $seed - may be used with the random pattern generator
 	 *
 	 *	@return string - the required random string
 	 */
-	public function generateRandomString($pattern, $seed = '')
+	public function generateRandomString($pattern='', $seed = '')
 	{
 		if (empty($pattern))
+		{
 			$pattern = '##....';
+		}

 		$newname = '';

 		// Create alpha [A-Z][a-z]
-		$alpha = '';
-		for($i = 65; $i < 91; $i++)
-		{
-			$alpha .= chr($i).chr($i+32);
-		}
+		$alpha = 'AaBbCcDdEeFfGgHhIiJjKkLMmNnPpQqRrSsTtUuVvWwXxYyZz'; // O, o and l removed to avoid possible confusion with numbers.
 		$alphaLength = strlen($alpha) - 1;

 		// Create digit [0-9]
-		$digit = '';
-		for($i = 48; $i < 57; $i++)
-		{
-			$digit .= chr($i);
-		}
+		$digit = '0123456789';
 		$digitLength = strlen($digit) - 1;

 		// Create alpha numeric [A-Z][a-z]
 		$alphaNum = $alpha.$digit.chr(45).chr(95); // add support for - and _	
 		$alphaNumLength = strlen($alphaNum) - 1;

+		$symbols = "~!@#$%^*-+?;:"; // avoid < > and quotes.
+		$symbolsLength = strlen($symbols) - 1;
+
+		$alphaNumSymbol = $alphaNum.$symbols;
+		$alphaNumSymbolLength =  strlen($alphaNumSymbol) - 1;
+
 		// Next character of seed (if used)
 		$seed_ptr = 0;
 		for ($i = 0, $patternLength = strlen($pattern); $i < $patternLength; $i++)
@@ -370,7 +372,18 @@ class UserHandler
 			$c = $pattern[$i];
 			switch ($c)
 			{
-				// Alpha only (upper and lower case)
+				// Symbols only.
+				case '!':
+					$t = rand(0, $symbolsLength);
+					$newname .= $symbols[$t];
+					break;
+
+				// Alphanumeric + Symbols (most secure)
+				case '?':
+					$t = rand(0, $alphaNumSymbolLength);
+					$newname .= $alphaNumSymbol[$t];
+					break;
+
 				case '#' :
 					$t = rand(0, $alphaLength);
 					$newname .= $alpha[$t];
--- a/e107_languages/English/lan_signup.php
+++ b/e107_languages/English/lan_signup.php
@@ -152,7 +152,7 @@ define("LAN_USERNAME", "Display Name");

 define("LAN_SIGNUP_107", "Password must be a minimum of [x] characters and include at least one UPPERCASE letter and a digit");
 define("LAN_SIGNUP_108", "Must be a valid email address");
-define("LAN_SIGNUP_109", "Is CaSe sensitive and must not contain spaces");//TODO check against regex requirements 
+define("LAN_SIGNUP_109", "Is CaSe sensitive and must not contain spaces.");//TODO check against regex requirements
 define("LAN_SIGNUP_110", "Your full name");
 define("LAN_SIGNUP_111", "Enter a URL to your image or choose an existing avatar.");
 define("LAN_SIGNUP_112", "You are currently logged in as Main Admin.");
--- a/e107_themes/bootstrap/admin_dark.css
+++ b/e107_themes/bootstrap/admin_dark.css
@@ -75,6 +75,10 @@ tr.highlight-even			{ background-color: #212121; }
 div.col-selection .caret { border-top-color: #C6C6C6;
 border-bottom-color: #C6C6C6; }

+
+
+
+
 /* Uncomment if font-awesome/darkstrap overlay issue returns. 
 .btn-primary > [class^="icon-"] {
 	background-image: none;	
--- a/e107_themes/bootstrap/admin_style.css
+++ b/e107_themes/bootstrap/admin_style.css
@@ -135,12 +135,12 @@ a.brand:hover img 			{

 } 

-img.image-selector							{ margin-bottom:0px; }
+img.image-selector							{ margin-bottom:0; }
      
 .nav-collapse 								{ margin-top:8px; }
-.dropdown-menu 								{ box-shadow: 0px 5px 10px rgba(0, 0, 0, 0.3); }
+.dropdown-menu 								{ box-shadow: 0 5px 10px rgba(0, 0, 0, 0.3); }
 .dropdown-menu i,
-.dropdown-menu img 							{ padding: 0px 0px; margin-right: 10px; }
+.dropdown-menu img 							{ padding: 0 0; margin-right: 10px; }

 .nav ul li ul.dropdown-menu > li a img,
 .nav ul li ul.dropdown-menu > li a i		{
@@ -165,7 +165,7 @@ fieldset.hour legend, fieldset.minute legend {

 .bootstrap-select.btn-group, .bootstrap-select.btn-group[class*="span"] {

-    margin-bottom: 0px;
+    margin-bottom: 0;

 }

@@ -182,6 +182,8 @@ input:-moz-placeholder 						{ font-style:italic }

 /* input[type='radio'] 		{ vertical-align:top; } */

+.radio.disabled, .checkbox.disabled             {  opacity: .2; }
+
 label.legacy 						{ margin-left:5px;margin-right:10px;	display: inline-block;  }

 /* Core Icons & Image Buttons */
@@ -234,17 +236,19 @@ img.S32:hover 				{}
 .adminlist td 								{ border-bottom:1px solid #ddd }
 */
 .adminlist th.last,
-.adminlist td.last 							{ border-right: 0px solid;}
-.adminlist tr.last td						{ border-bottom: 0px solid;}
+.adminlist td.last 							{ border-right: 0 solid;}
+.adminlist tr.last td						{ border-bottom: 0 solid;}

 .adminlist .col-selection-cont 				{ position: relative; float:right; }
-table.adminlist								{ margin-bottom: 0px }
+table.adminlist								{ margin-bottom: 0 }
+
+span.e-search input[type='text']				{ padding-left:15px; font-style: italic }

-span.e-search input[type='text']				{ padding-left:15px; text-decoration: italic }
 /*
 span.e-search i								{ margin-right:-20px; margin-left:5px; margin-top:-7px; z-index:100; position:relative; }
-*/
+
 // span.e-search								{ margin-bottom:-5px; margin-top:10px }
+*/
 /******** SyS Messages / Message text formatting */

 .s-message .s-message-title { height: 32px; background: 0 50% no-repeat; padding-left: 42px; line-height: 32px; }
--- a/e107_themes/bootstrap3/templates/menu_template.php
+++ b/e107_themes/bootstrap3/templates/menu_template.php
@@ -9,12 +9,12 @@
 	$MENU_TEMPLATE['default']['end'] 					= ''; 

 	$MENU_TEMPLATE['button']['start'] 					= '<div class="cpage-menu">'; 
-	$MENU_TEMPLATE['button']['body'] 					= '{CMENUBODY}<br />{CPAGEBUTTON}'; 
+	$MENU_TEMPLATE['button']['body'] 					= '<div>{CMENUBODY}</div>{CPAGEBUTTON}';
 	$MENU_TEMPLATE['button']['end'] 					= '</div>'; 

 	### Additional control over image thumbnailing is possible via SETIMAGE e.g. {SETIMAGE: w=200&h=150&crop=1}
 	$MENU_TEMPLATE['buttom-image']['start'] 			= '<div class="cpage-menu">'; 
-	$MENU_TEMPLATE['buttom-image']['body'] 				= '{CMENUIMAGE}<br />{CPAGEBUTTON}'; 
+	$MENU_TEMPLATE['buttom-image']['body'] 				= '<div>{CMENUIMAGE}</div>{CPAGEBUTTON}';
 	$MENU_TEMPLATE['buttom-image']['end'] 				= '</div>'; 


--- a/signup.php
+++ b/signup.php
@@ -53,6 +53,7 @@ $error = FALSE;
 //-------------------------------
 // Resend Activation Email
 //-------------------------------
+/*
 if((e_QUERY == 'resend') && !USER && ($pref['user_reg_veri'] == 1))
 {
 	require_once(HEADERF);
@@ -183,7 +184,7 @@ if((e_QUERY == 'resend') && !USER && ($pref['user_reg_veri'] == 1))
 		exit;
 	}
    exit;
-}
+}*/

 // ------------------------------------------------------------------

@@ -204,43 +205,6 @@ if(!$_POST)
 }


-if(ADMIN && (e_QUERY == 'preview' || e_QUERY == 'test'  || e_QUERY == 'preview.aftersignup'))
-{
-	if(e_QUERY == "preview.aftersignup")
-	{
-		require_once(HEADERF);
-
-        $allData['data']['user_email'] = "example@email.com";
-		$allData['data']['user_loginname'] = "user_loginname";
-
-	  	$after_signup = render_after_signup($error_message);
-
-		$ns->tablerender($after_signup['caption'], $after_signup['text']);
-		require_once(FOOTERF);
-		exit;
-	}
-
-	$temp = array();
-	$eml = render_email($temp, TRUE); // It ignores the data, anyway
-	echo $eml['preview'];
-
-	if(e_QUERY == 'test')
-	{
-		require_once(e_HANDLER.'mail.php');
-		$mailer = new e107Email();
-
-		if(!$mailer->sendEmail(USEREMAIL, USERNAME, $eml, FALSE))
-		{
-			echo "<br /><br /><br /><br >&nbsp;&nbsp;>> ".LAN_SIGNUP_42; // there was a problem.
-		}
-		else
-		{
-			echo "<br /><br />&nbsp;&nbsp;>> ".LAN_SIGNUP_43." [ ".USEREMAIL." ] - ".LAN_SIGNUP_45;
-		}
-	}
-	exit;
-}
-

 if (!empty($pref['membersonly_enabled']))
 {
@@ -270,113 +234,375 @@ if(getperms('0')) // allow main admin to view signup page for design/testing.
 {
 	//$mes = e107::getMessage();
 	//$mes->debug("You are currently logged in.");
-	
+
 	$adminMsg = LAN_SIGNUP_112;
-	
+
 	if(intval($pref['user_reg']) !== 1)
 	{
-		$adminMsg .= "<br />User registration is currently disabled";	
+		$adminMsg .= "<br />User registration is currently disabled";
 	}
-	
-	$SIGNUP_BEGIN = "<div class='alert alert-block alert-error alert-danger text-center'>".$adminMsg."</div>". $SIGNUP_BEGIN;	
-	unset($adminMsg); 	
+
+	$SIGNUP_BEGIN = "<div class='alert alert-block alert-error alert-danger text-center'>".$adminMsg."</div>". $SIGNUP_BEGIN;
+	unset($adminMsg);
 }


 //----------------------------------------
 // After clicking the activation link
 //----------------------------------------
-if (e_QUERY)
+
+
+class signup
 {
-	$qs = explode('.', e_QUERY);
-	if ($qs[0] == 'activate' && (count($qs) == 3 || count($qs) == 4) && $qs[2])
+
+	function __construct()
 	{
-		// FIXME TODO use generic multilanguage selection => e107::coreLan(); 
-		// return the message in the correct language.
-		if(isset($qs[3]) && strlen($qs[3]) == 2 )
+		$pref = e107::pref('core');
+
+
+		if(substr(e_QUERY,0,9)=='activate.')
 		{
-			require_once(e_HANDLER.'language_class.php');
-			$slng = new language;
-			$the_language = $slng->convert($qs[3]);
-			if(is_readable(e_LANGUAGEDIR.$the_language.'/lan_'.e_PAGE))
+			$this->processActivationLink();
+		}
+
+		if((e_QUERY == 'resend') && (!USER || getperms('0')) && ($pref['user_reg_veri'] == 1))
+		{
+			if(empty($_POST['submit_resend']))
 			{
-				include(e_LANGUAGEDIR.$the_language.'/lan_'.e_PAGE);
+				$this->renderResendForm();
+			}
+			else
+			{
+				$this->resendEmail();
+			}
+		}
+
+		if(getperms('0'))
+		{
+			if(e_QUERY == 'preview')
+			{
+				$this->renderEmailPreview();
+			}
+
+			if(e_QUERY == "preview.aftersignup")
+			{
+				$this->renderAfterSignupPreview();
+			}
+
+			if(e_QUERY == 'test')
+			{
+				$this->sendEmailPreview();
+			}
+		}
+
+	}
+
+
+	private function resendEmail()
+	{
+		global $userMethods;
+
+		$ns = e107::getRender();
+		$tp = e107::getParser();
+		$sql = e107::getDb();
+		// Action user's submitted information
+		// 'resend_email' - user name or email address actually used to sign up
+		// 'resend_newemail' - corrected email address
+		// 'resend_password' - password (required if changing email address)
+
+		$clean_email = $tp->toDB($_POST['resend_email']);
+		if(!check_email($clean_email))
+		{
+			$clean_email = "xxx";
+		}
+
+		$new_email = $tp->toDB(varset($_POST['resend_newemail'], ''));
+		if(!check_email($new_email ))
+		{
+			$new_email = FALSE;
+		}
+
+		// Account already activated
+		if($_POST['resend_email'] && !$new_email && $clean_email && $sql->gen("SELECT * FROM #user WHERE user_ban=0 AND user_sess='' AND (`user_loginname`= '".$clean_email."' OR `user_name` = '".$clean_email."' OR `user_email` = '".$clean_email."' ) "))
+		{
+			$ns->tablerender(LAN_SIGNUP_40,LAN_SIGNUP_41."<br />");
+			return false;
+		}
+
+
+		// Start by looking up the user
+		if(!$sql->select("user", "*", "(`user_loginname` = '".$clean_email."' OR `user_name` = '".$clean_email."' OR `user_email` = '".$clean_email."' ) AND `user_ban`=".USER_REGISTERED_NOT_VALIDATED." AND `user_sess` !='' LIMIT 1"))
+		{
+			message_handler("ALERT",LAN_SIGNUP_64.': '.$clean_email); // email (or other info) not valid.
+			return false;
+		}
+
+		$row = $sql -> fetch();
+		// We should have a user record here
+
+		if(trim($_POST['resend_password']) !="" && $new_email) // Need to change the email address - check password to make sure
+		{
+			if ($userMethods->CheckPassword($_POST['resend_password'], $row['user_loginname'], $row['user_password']) === TRUE)
+			{
+				if ($sql->select('user', 'user_id, user_email', "user_email='".$new_email."'"))
+				{	// Email address already used by someone
+					message_handler("ALERT",LAN_SIGNUP_106); 	// Duplicate email
+					return false;
+				}
+				if($sql->update("user", "user_email='".$new_email."' WHERE user_id = '".$row['user_id']."' LIMIT 1 "))
+				{
+					$row['user_email'] = $new_email;
+				}
+			}
+			else
+			{
+				message_handler("ALERT",LAN_SIGNUP_52); // Incorrect Password.
+				return false;
+			}
+		}
+
+		// Now send the email - got some valid info
+		$row['user_password'] = 'xxxxxxx';		// Don't know the real one
+		$eml = render_email($row);
+		$eml['e107_header'] = $row['user_id'];
+
+		require_once(e_HANDLER.'mail.php');
+		$mailer = new e107Email();
+
+		if(!$mailer->sendEmail(USEREMAIL, USERNAME, $eml, FALSE))
+
+		$do_log['signup_action'] = LAN_SIGNUP_63;
+
+		if(!sendemail($row['user_email'], $eml['subject'], $eml['message'], $row['user_name'], "", "", $eml['attachments'], $eml['cc'], $eml['bcc'], $returnpath, $returnreceipt, $eml['inline-images']))
+		{
+			$ns->tablerender(LAN_ERROR,LAN_SIGNUP_42);
+			$do_log['signup_result'] = LAN_SIGNUP_62;
+		}
+		else
+		{
+			$ns->tablerender(LAN_SIGNUP_43,LAN_SIGNUP_44." ".$row['user_email']." - ".LAN_SIGNUP_45."<br /><br />");
+			$do_log['signup_result'] = LAN_SIGNUP_61;
+		}
+		// Now log this (log will ignore if its disabled)
+
+		e107::getLog()->user_audit(USER_AUDIT_PW_RES,$do_log,$row['user_id'],$row['user_name']);
+
+
+
+	}
+
+
+
+
+	private function renderResendForm()
+	{
+		$ns = e107::getRender();
+		$frm = e107::getForm();
+
+		$text = "<div id='signup-resend-email'>
+		<form method='post' class='form-horizontal' action='".e_SELF."?resend' id='resend_form' autocomplete='off'>
+		<table style='".USER_WIDTH."' class='table fborder'>
+		<tr>
+			<td class='forumheader3' style='width:30%'>".LAN_SIGNUP_48."</td>
+            <td class='forumheader3'>".$frm->text('resend_email','',80)."
+            <a class='e-expandit' href='#different'>Use a different email address</a></td>
+		</tr>
+		</table>
+
+		<div  id='different' class='e-hideme'>
+			<table  style='".USER_WIDTH."' class='table fborder'>
+				<tr>
+					<td class='forumheader3' colspan='2'>".LAN_SIGNUP_49."</td>
+				</tr>
+				<tr>
+					<td class='forumheader3' style='width:30%'>".LAN_SIGNUP_50."</td>
+					<td class='forumheader3'>".$frm->text('resend_newemail', '', 50)."</td>
+				</tr>
+				<tr>
+					<td class='forumheader3'>".LAN_SIGNUP_51."</td>
+					<td class='forumheader3'>".$frm->text('resend_password', '', 50)."</td>
+				</tr>
+			</table>
+			</div>
+		";
+
+		$text .="<div class='center'>";
+		$text .= "<input class='btn btn-primary button' type='submit' name='submit_resend' value=\"".LAN_SIGNUP_47."\" />";  // resend activation email.
+		$text .= "</div>
+
+		</form>
+		</div>";
+
+		$ns->tablerender(LAN_SIGNUP_47, $text);
+
+
+	}
+
+
+
+
+	private function sendEmailPreview()
+	{
+		$temp = array();
+		$eml = render_email($temp, TRUE); // It ignores the data, anyway
+		$mailer = e107::getEmail();
+
+		if(!$mailer->sendEmail(USEREMAIL, USERNAME, $eml, FALSE))
+		{
+			echo "<br /><br /><br /><br >&nbsp;&nbsp;>> ".LAN_SIGNUP_42; // there was a problem.
+		}
+		else
+		{
+			echo "<br /><br />&nbsp;&nbsp;>> ".LAN_SIGNUP_43." [ ".USEREMAIL." ] - ".LAN_SIGNUP_45;
+		}
+
+	}
+
+
+	function renderEmailPreview()
+	{
+
+		$temp = array();
+		$eml = render_email($temp, TRUE); // It ignores the data, anyway
+		echo $eml['preview'];
+
+	}
+
+
+	private function renderAfterSignupPreview()
+	{
+		global $allData;
+		$ns = e107::getRender();
+
+	    $allData['data']['user_email'] = "example@email.com";
+		$allData['data']['user_loginname'] = "user_loginname";
+
+	  	$after_signup = render_after_signup(null);
+
+		$ns->tablerender($after_signup['caption'], $after_signup['text']);
+	}
+
+
+
+	private function processActivationLink()
+	{
+		global $userMethods;
+
+		$sql = e107::getDb();
+		$tp = e107::getParser();
+		$ns = e107::getRender();
+		$log = e107::getLog();
+		$pref = e107::pref('core');
+
+		$qs = explode('.', e_QUERY);
+
+
+		if ($qs[0] == 'activate' && (count($qs) == 3 || count($qs) == 4) && $qs[2])
+		{
+			// FIXME TODO use generic multilanguage selection => e107::coreLan();
+			// return the message in the correct language.
+			if(isset($qs[3]) && strlen($qs[3]) == 2 )
+			{
+				require_once(e_HANDLER.'language_class.php');
+				$slng = new language;
+				$the_language = $slng->convert($qs[3]);
+				if(is_readable(e_LANGUAGEDIR.$the_language.'/lan_'.e_PAGE))
+				{
+					include(e_LANGUAGEDIR.$the_language.'/lan_'.e_PAGE);
+				}
+				else
+				{
+					include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE);
+				}
 			}
 			else
 			{
 				include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE);
 			}
-		}
-		else
-		{
-				include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE);
-		}


-		e107::getCache()->clear("online_menu_totals");
-		if ($sql->select("user", "*", "user_sess='".$tp->toDB($qs[2], true)."' "))
-		{
-			if ($row = $sql->fetch())
+			e107::getCache()->clear("online_menu_totals");
+
+			if ($sql->select("user", "*", "user_sess='".$tp->toDB($qs[2], true)."' "))
 			{
-				$dbData = array();
-				$dbData['WHERE'] = " user_sess='".$tp->toDB($qs[2], true)."' ";
-				$dbData['data'] = array('user_ban'=>'0', 'user_sess'=>'');
-				
-				 
-				// Set initial classes, and any which the user can opt to join
-				if ($init_class = $userMethods->userClassUpdate($row, 'userfull'))
+				if ($row = $sql->fetch())
 				{
-					//print_a($init_class); exit; 
-					$dbData['data']['user_class'] = $init_class;
-				}
-				
-				$userMethods->addNonDefaulted($dbData);
-				validatorClass::addFieldTypes($userMethods->userVettingInfo,$dbData);
-				$newID = $sql->update('user',$dbData);
-				
-				if($newID === FALSE)
-				{
-					$admin_log->e_log_event(10,debug_backtrace(),'USER','Verification Fail',print_r($row,TRUE),FALSE,LOG_TO_ROLLING);
-					require_once(HEADERF);
-					$ns->tablerender(LAN_SIGNUP_75, LAN_SIGNUP_101);
-					require_once(FOOTERF);
-					exit;
-				}
+					$dbData = array();
+					$dbData['WHERE'] = " user_sess='".$tp->toDB($qs[2], true)."' ";
+					$dbData['data'] = array('user_ban'=>'0', 'user_sess'=>'');

-				// Log to user audit log if enabled
-				$admin_log->user_audit(USER_AUDIT_EMAILACK,$row);

-				e107::getEvent()->trigger('userveri', $row);			// Legacy event
-				e107::getEvent()->trigger('user_signup_activated', $row);	
-				e107::getEvent()->trigger('userfull', $row);			// 'New' event
-				
-				if (varset($pref['autologinpostsignup']))
-				{
-					require_once(e_HANDLER.'login.php');
-					$usr = new userlogin();
-					$usr->login($row['user_loginname'], md5($row['user_name'].$row['user_password'].$row['user_join']), 'signup', '');
+					// Set initial classes, and any which the user can opt to join
+					if ($init_class = $userMethods->userClassUpdate($row, 'userfull'))
+					{
+						//print_a($init_class); exit;
+						$dbData['data']['user_class'] = $init_class;
+					}
+
+					$userMethods->addNonDefaulted($dbData);
+					validatorClass::addFieldTypes($userMethods->userVettingInfo,$dbData);
+					$newID = $sql->update('user',$dbData);
+
+					if($newID === FALSE)
+					{
+						$log->e_log_event(10,debug_backtrace(),'USER','Verification Fail',print_r($row,TRUE),FALSE,LOG_TO_ROLLING);
+						$ns->tablerender(LAN_SIGNUP_75, LAN_SIGNUP_101);
+						return false;
+					}
+
+					// Log to user audit log if enabled
+					$log->user_audit(USER_AUDIT_EMAILACK,$row);
+
+					e107::getEvent()->trigger('userveri', $row);			// Legacy event
+					e107::getEvent()->trigger('user_signup_activated', $row);
+					e107::getEvent()->trigger('userfull', $row);			// 'New' event
+
+					if (varset($pref['autologinpostsignup']))
+					{
+						require_once(e_HANDLER.'login.php');
+						$usr = new userlogin();
+						$usr->login($row['user_loginname'], md5($row['user_name'].$row['user_password'].$row['user_join']), 'signup', '');
+					}
+
+					$text = "<div class='alert alert-success'>".LAN_SIGNUP_74." <a href='index.php'>".LAN_SIGNUP_22."</a> ".LAN_SIGNUP_23."<br />".LAN_SIGNUP_24." ".SITENAME."</div>";
+
+					$ns->tablerender(LAN_SIGNUP_75, $text);
+
 				}
-
-				require_once(HEADERF);
-				$text = LAN_SIGNUP_74." <a href='index.php'>".LAN_SIGNUP_22."</a> ".LAN_SIGNUP_23."<br />".LAN_SIGNUP_24." ".SITENAME;
-				$ns->tablerender(LAN_SIGNUP_75, $text);
-				require_once(FOOTERF);
-				exit;
+			}
+			else
+			{
+				// Invalid activation code
+				echo e107::getMessage()->addError("Invalid URL")->render();
+			//	header("location: ".e_BASE."index.php");
+				return;
 			}
 		}
-		else
-		{	
-			// Invalid activation code
-			header("location: ".e_BASE."index.php");
-			exit;
-		}
+
+
+
+
 	}
+
+
+
 }

+	if(e_QUERY && e_QUERY != 'stage1')
+	{
+		require_once(HEADERF);
+		new signup;
+		require_once(FOOTERF);
+		exit;
+	}
+
+
+
+

 //----------------------------------------
 // 		Initial signup (registration)
-
+// TODO - move all of this into the class above.
 if (isset($_POST['register']) && intval($pref['user_reg']) === 1) 
 {	
 	e107::getCache()->clear("online_menu_totals");
@@ -421,12 +647,21 @@ if (isset($_POST['register']) && intval($pref['user_reg']) === 1)
 			$_POST['username'] = $_POST['loginname'];
 		}

+		// generate password if passwords are disabled and email validation is enabled.
+		$noPasswordInput = e107::getPref('signup_option_password', 2); //0 = generate it.
+		if(empty($noPasswordInput) && !isset($_POST['password1']) && intval($pref['user_reg_veri'])===1)
+		{
+			$_POST['password1'] = $userMethods->generateRandomString("#???????!????*#");
+			$_POST['password2'] = $_POST['password1'];
+		}
+
 		// Now validate everything
 		$allData = validatorClass::validateFields($_POST,$userMethods->userVettingInfo, TRUE);		// Do basic validation
 		validatorClass::checkMandatory('user_name,user_loginname', $allData);						// Check for missing fields (email done in userValidation() )
 		validatorClass::dbValidateArray($allData, $userMethods->userVettingInfo, 'user', 0);		// Do basic DB-related checks
-		$userMethods->userValidation($allData);														// Do user-specific DB checks
-		
+		$userMethods->userValidation($allData);
+
+
 		if (!isset($allData['errors']['user_password']))
 		{	
 			// No errors in password - keep it outside the main data array
@@ -588,6 +823,8 @@ if (isset($_POST['register']) && intval($pref['user_reg']) === 1)

 		$allData['data']['user_join'] = time();
 		$allData['data']['user_ip'] = e107::getIPHandler()->getIP(FALSE);
+
+
 		
 		if(!vartrue($allData['data']['user_name']))
 		{
@@ -602,6 +839,12 @@ if (isset($_POST['register']) && intval($pref['user_reg']) === 1)
 		$allData['data']['user_prefs'] = '';
 		$allData['data']['user_realm'] = '';

+		if(empty($allData['data']['user_signature']))
+		{
+			$allData['data']['user_signature'] = ''; // as above - default required in MYsQL strict mode.
+		}
+
+
 		// Actually write data to DB
 		validatorClass::addFieldTypes($userMethods->userVettingInfo, $allData);
 		
@@ -631,7 +874,9 @@ if (isset($_POST['register']) && intval($pref['user_reg']) === 1)
 		if (!$nid)
 		{
 			require_once(HEADERF);
-			$ns->tablerender("", LAN_SIGNUP_36);
+			$message = e107::getMessage()->addError(LAN_SIGNUP_36)->render();
+			$ns->tablerender("", $message);
+
 			require_once(FOOTERF);
 		}

@@ -654,12 +899,21 @@ if (isset($_POST['register']) && intval($pref['user_reg']) === 1)
 				if(!vartrue($allData['data']['user_name'])) $allData['data']['user_name'] = $allData['data']['user_login'];
 				
 				// prefered way to send user emails
-				$sysuser = e107::getSystemUser(false, false);
-				$sysuser->setData($allData['data']);
-				$sysuser->setId($userid);
-				$check = $sysuser->email('signup', array(
-					'user_password' => $savePassword, // for security reasons - password passed ONLY through options
-				));
+				if(!getperms('0')) // Alow logged in main-admin to test signup procedure.
+				{
+					$sysuser = e107::getSystemUser(false, false);
+					$sysuser->setData($allData['data']);
+					$sysuser->setId($userid);
+					$check = $sysuser->email('signup', array(
+						'user_password' => $savePassword, // for security reasons - password passed ONLY through options
+					));
+				}
+				else
+				{
+					$check = true;
+					e107::getMessage()->addDebug(print_a($allData,true));
+					e107::getMessage()->addDebug("Password: <b>".$savePassword."</b>");
+				}
 				
 				/*
                $eml = render_email($allData['data']);
@@ -842,24 +1096,38 @@ function render_email($userInfo, $preview = FALSE)



-function render_after_signup($error_message)
+function render_after_signup($error_message='')
 {
+
+	$ret = array();
+
+	if(!empty($error_message))
+	{
+		$ret['text'] = "<div class='alert alert-danger'>".$error_message."</b></div>";	// Just display the error message
+		$ret['caption'] = LAN_SIGNUP_99; // Problem Detected
+		return $ret;
+	}
+
 	global $pref, $allData, $adviseLoginName, $tp;

 	$srch = array("[sitename]","[email]","{NEWLOGINNAME}","{EMAIL}");
 	$repl = array(SITENAME,"<b>".$allData['data']['user_email']."</b>",$allData['data']['user_loginname'],$allData['data']['user_email']);

+	$text = "<div class='alert alert-warning'>";
+
 	if (isset($pref['signup_text_after']) && (strlen($pref['signup_text_after']) > 2))
 	{
-		$text = str_replace($srch, $repl, $tp->toHTML($pref['signup_text_after'], TRUE, 'parse_sc,defs'))."<br />";
+		$text .= str_replace($srch, $repl, $tp->toHTML($pref['signup_text_after'], TRUE, 'parse_sc,defs'))."<br />";
 		// keep str_replace() outside of toHTML to allow for search/replace of dynamic terms within 'defs'.
 	}
 	else
 	{
-		$text = ($pref['user_reg_veri'] == 2) ?  LAN_SIGNUP_37 : str_replace($srch,$repl, LAN_SIGNUP_72);
+		$text .= ($pref['user_reg_veri'] == 2) ?  LAN_SIGNUP_37 : str_replace($srch,$repl, LAN_SIGNUP_72);
 		$text .= "<br /><br />".$adviseLoginName;
 	}

+	$text .= "</div>";
+
 	$caption_arr = array();
 	$caption_arr[0] = LAN_SIGNUP_73; // Thank you!  (No Approval).
 	$caption_arr[1] = LAN_SIGNUP_98; // Confirm Email (Email Confirmation)
@@ -867,16 +1135,10 @@ function render_after_signup($error_message)

    $caption = $caption_arr[$pref['user_reg_veri']];

-	if($error_message)
-	{
-		$text = "<br /><b>".$error_message."</b><br />";	// Just display the error message
-        $caption = LAN_SIGNUP_99; // Problem Detected
-	}
-
-    $ret['text'] = $text;
+    $ret['text']    = $text;
    $ret['caption'] = $caption;
-	return $ret;

+	return $ret;

 }
 ?>