From 3b06ee0d381dc1be5f40ca98ad4278046d869d21 Mon Sep 17 00:00:00 2001 From: Andreas Baumann Date: Sun, 17 Nov 2019 20:57:39 +0100 Subject: checked in initial customized verison for Archlinux32 --- register.php | 448 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 448 insertions(+) create mode 100644 register.php (limited to 'register.php') diff --git a/register.php b/register.php new file mode 100644 index 0000000..04a6417 --- /dev/null +++ b/register.php @@ -0,0 +1,448 @@ + +
+

+
+
+
+
+ +
+
+
+
+
+

+
+
+
+query('SELECT 1 FROM '.$db->prefix.'users WHERE registration_ip=\''.$db->escape(get_remote_address()).'\' AND registered>'.(time() - 3600)) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); + + if ($db->num_rows($result)) + message($lang_register['Registration flood']); + + + $username = pun_trim($_POST['req_user']); + $email1 = strtolower(pun_trim($_POST['req_email1'])); + + if ($pun_config['o_regs_verify'] == '1') + { + $email2 = strtolower(pun_trim($_POST['req_email2'])); + + $password1 = random_pass(12); + $password2 = $password1; + } + else + { + $password1 = pun_trim($_POST['req_password1']); + $password2 = pun_trim($_POST['req_password2']); + } + + // Validate username and passwords + check_username($username); + + if (pun_strlen($password1) < 9) + $errors[] = $lang_prof_reg['Pass too short']; + else if ($password1 != $password2) + $errors[] = $lang_prof_reg['Pass not match']; + + // Validate email + require PUN_ROOT.'include/email.php'; + + if (!is_valid_email($email1)) + $errors[] = $lang_common['Invalid email']; + else if ($pun_config['o_regs_verify'] == '1' && $email1 != $email2) + $errors[] = $lang_register['Email not match']; + + // Check if it's a banned email address + if (is_banned_email($email1)) + { + if ($pun_config['p_allow_banned_email'] == '0') + $errors[] = $lang_prof_reg['Banned email']; + + $banned_email = true; // Used later when we send an alert email + } + else + $banned_email = false; + + // Check if someone else already has registered with that email address + $dupe_list = array(); + + $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE email=\''.$db->escape($email1).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); + if ($db->num_rows($result)) + { + if ($pun_config['p_allow_dupe_email'] == '0') + $errors[] = $lang_prof_reg['Dupe email']; + + while ($cur_dupe = $db->fetch_assoc($result)) + $dupe_list[] = $cur_dupe['username']; + } + + // Make sure we got a valid language string + if (isset($_POST['language'])) + { + $language = preg_replace('%[\.\\\/]%', '', $_POST['language']); + if (!file_exists(PUN_ROOT.'lang/'.$language.'/common.php')) + message($lang_common['Bad request'], false, '404 Not Found'); + } + else + $language = $pun_config['o_default_lang']; + + $timezone = round($_POST['timezone'], 1); + + $dst = isset($_POST['dst']) ? '1' : '0'; + + $email_setting = intval($_POST['email_setting']); + if ($email_setting < 0 || $email_setting > 2) + $email_setting = $pun_config['o_default_email_setting']; + + flux_hook('register_after_validation'); + + // Did everything go according to plan? + if (empty($errors)) + { + // Insert the new user into the database. We do this now to get the last inserted ID for later use + $now = time(); + + $intial_group_id = ($pun_config['o_regs_verify'] == '0') ? $pun_config['o_default_user_group'] : PUN_UNVERIFIED; + $password_hash = pun_hash($password1); + + // Add the user + $db->query('INSERT INTO '.$db->prefix.'users (username, group_id, password, email, email_setting, timezone, dst, language, style, registered, registration_ip, last_visit) VALUES(\''.$db->escape($username).'\', '.$intial_group_id.', \''.$password_hash.'\', \''.$db->escape($email1).'\', '.$email_setting.', '.$timezone.' , '.$dst.', \''.$db->escape($language).'\', \''.$pun_config['o_default_style'].'\', '.$now.', \''.$db->escape(get_remote_address()).'\', '.$now.')') or error('Unable to create user', __FILE__, __LINE__, $db->error()); + $new_uid = $db->insert_id(); + + if ($pun_config['o_regs_verify'] == '0') + { + // Regenerate the users info cache + if (!defined('FORUM_CACHE_FUNCTIONS_LOADED')) + require PUN_ROOT.'include/cache.php'; + + generate_users_info_cache(); + } + + // If the mailing list isn't empty, we may need to send out some alerts + if ($pun_config['o_mailing_list'] != '') + { + // If we previously found out that the email was banned + if ($banned_email) + { + // Load the "banned email register" template + $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/banned_email_register.tpl')); + + // The first row contains the subject + $first_crlf = strpos($mail_tpl, "\n"); + $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); + $mail_message = trim(substr($mail_tpl, $first_crlf)); + + $mail_message = str_replace('', $username, $mail_message); + $mail_message = str_replace('', $email1, $mail_message); + $mail_message = str_replace('', get_base_url().'/profile.php?id='.$new_uid, $mail_message); + $mail_message = str_replace('', $pun_config['o_board_title'], $mail_message); + + pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message); + } + + // If we previously found out that the email was a dupe + if (!empty($dupe_list)) + { + // Load the "dupe email register" template + $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/dupe_email_register.tpl')); + + // The first row contains the subject + $first_crlf = strpos($mail_tpl, "\n"); + $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); + $mail_message = trim(substr($mail_tpl, $first_crlf)); + + $mail_message = str_replace('', $username, $mail_message); + $mail_message = str_replace('', implode(', ', $dupe_list), $mail_message); + $mail_message = str_replace('', get_base_url().'/profile.php?id='.$new_uid, $mail_message); + $mail_message = str_replace('', $pun_config['o_board_title'], $mail_message); + + pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message); + } + + // Should we alert people on the admin mailing list that a new user has registered? + if ($pun_config['o_regs_report'] == '1') + { + // Load the "new user" template + $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/new_user.tpl')); + + // The first row contains the subject + $first_crlf = strpos($mail_tpl, "\n"); + $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); + $mail_message = trim(substr($mail_tpl, $first_crlf)); + + $mail_message = str_replace('', $username, $mail_message); + $mail_message = str_replace('', get_base_url().'/', $mail_message); + $mail_message = str_replace('', get_base_url().'/profile.php?id='.$new_uid, $mail_message); + $mail_message = str_replace('', get_base_url().'/profile.php?section=admin&id='.$new_uid, $mail_message); + $mail_message = str_replace('', $pun_config['o_board_title'], $mail_message); + + pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message); + } + } + + // Must the user verify the registration or do we log him/her in right now? + if ($pun_config['o_regs_verify'] == '1') + { + // Load the "welcome" template + $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/welcome.tpl')); + + // The first row contains the subject + $first_crlf = strpos($mail_tpl, "\n"); + $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8)); + $mail_message = trim(substr($mail_tpl, $first_crlf)); + + $mail_subject = str_replace('', $pun_config['o_board_title'], $mail_subject); + $mail_message = str_replace('', get_base_url().'/', $mail_message); + $mail_message = str_replace('', $username, $mail_message); + $mail_message = str_replace('', $password1, $mail_message); + $mail_message = str_replace('', get_base_url().'/login.php', $mail_message); + $mail_message = str_replace('', $pun_config['o_board_title'], $mail_message); + + pun_mail($email1, $mail_subject, $mail_message); + + message($lang_register['Reg email'].' '.pun_htmlspecialchars($pun_config['o_admin_email']).'.', true); + } + + pun_setcookie($new_uid, $password_hash, time() + $pun_config['o_timeout_visit']); + + redirect('index.php', $lang_register['Reg complete']); + } +} + + +$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_register['Register']); +$required_fields = array('req_user' => $lang_common['Username'], 'req_password1' => $lang_common['Password'], 'req_password2' => $lang_prof_reg['Confirm pass'], 'req_email1' => $lang_common['Email'], 'req_email2' => $lang_common['Email'].' 2'); +$focus_element = array('register', 'req_user'); + +flux_hook('register_before_header'); + +define('PUN_ACTIVE_PAGE', 'register'); +require PUN_ROOT.'header.php'; + +$timezone = isset($timezone) ? $timezone : $pun_config['o_default_timezone']; +$dst = isset($dst) ? $dst : $pun_config['o_default_dst']; +$email_setting = isset($email_setting) ? $email_setting : $pun_config['o_default_email_setting']; + +// If there are errors, we display them +if (!empty($errors)) +{ + +?> +
+

+
+
+

+
    +'.$cur_error.''."\n"; +?> +
+
+
+
+ + +
+

+
+
+
+
+

+

+

+
+
+ +
+ + +
+
+
+
+
+ +
+ + +

+
+
+
+
+
+ +
+

+ + +
+
+
+
+
+ +
+

+ +
+ +
+ 1) + { + +?> + + +
+
+
+
+
+ +
+

+
+ + + +
+
+
+
+ +

+
+
+
+