query('SELECT 1 FROM '.$db->prefix.'users WHERE registration_ip=\''.$db->escape(get_remote_address()).'\' AND registered>'.(time() - 3600)) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
message($lang_register['Registration flood']);
$username = pun_trim($_POST['req_user']);
$email1 = strtolower(pun_trim($_POST['req_email1']));
if ($pun_config['o_regs_verify'] == '1')
{
$email2 = strtolower(pun_trim($_POST['req_email2']));
$password1 = random_pass(12);
$password2 = $password1;
}
else
{
$password1 = pun_trim($_POST['req_password1']);
$password2 = pun_trim($_POST['req_password2']);
}
// Validate username and passwords
check_username($username);
if (pun_strlen($password1) < 9)
$errors[] = $lang_prof_reg['Pass too short'];
else if ($password1 != $password2)
$errors[] = $lang_prof_reg['Pass not match'];
// Validate email
require PUN_ROOT.'include/email.php';
if (!is_valid_email($email1))
$errors[] = $lang_common['Invalid email'];
else if ($pun_config['o_regs_verify'] == '1' && $email1 != $email2)
$errors[] = $lang_register['Email not match'];
// Check if it's a banned email address
if (is_banned_email($email1))
{
if ($pun_config['p_allow_banned_email'] == '0')
$errors[] = $lang_prof_reg['Banned email'];
$banned_email = true; // Used later when we send an alert email
}
else
$banned_email = false;
// Check if someone else already has registered with that email address
$dupe_list = array();
$result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE email=\''.$db->escape($email1).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result))
{
if ($pun_config['p_allow_dupe_email'] == '0')
$errors[] = $lang_prof_reg['Dupe email'];
while ($cur_dupe = $db->fetch_assoc($result))
$dupe_list[] = $cur_dupe['username'];
}
// Make sure we got a valid language string
if (isset($_POST['language']))
{
$language = preg_replace('%[\.\\\/]%', '', $_POST['language']);
if (!file_exists(PUN_ROOT.'lang/'.$language.'/common.php'))
message($lang_common['Bad request'], false, '404 Not Found');
}
else
$language = $pun_config['o_default_lang'];
$timezone = round($_POST['timezone'], 1);
$dst = isset($_POST['dst']) ? '1' : '0';
$email_setting = intval($_POST['email_setting']);
if ($email_setting < 0 || $email_setting > 2)
$email_setting = $pun_config['o_default_email_setting'];
flux_hook('register_after_validation');
// Did everything go according to plan?
if (empty($errors))
{
// Insert the new user into the database. We do this now to get the last inserted ID for later use
$now = time();
$intial_group_id = ($pun_config['o_regs_verify'] == '0') ? $pun_config['o_default_user_group'] : PUN_UNVERIFIED;
$password_hash = pun_hash($password1);
// Add the user
$db->query('INSERT INTO '.$db->prefix.'users (username, group_id, password, email, email_setting, timezone, dst, language, style, registered, registration_ip, last_visit) VALUES(\''.$db->escape($username).'\', '.$intial_group_id.', \''.$password_hash.'\', \''.$db->escape($email1).'\', '.$email_setting.', '.$timezone.' , '.$dst.', \''.$db->escape($language).'\', \''.$pun_config['o_default_style'].'\', '.$now.', \''.$db->escape(get_remote_address()).'\', '.$now.')') or error('Unable to create user', __FILE__, __LINE__, $db->error());
$new_uid = $db->insert_id();
if ($pun_config['o_regs_verify'] == '0')
{
// Regenerate the users info cache
if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
require PUN_ROOT.'include/cache.php';
generate_users_info_cache();
}
// If the mailing list isn't empty, we may need to send out some alerts
if ($pun_config['o_mailing_list'] != '')
{
// If we previously found out that the email was banned
if ($banned_email)
{
// Load the "banned email register" template
$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/banned_email_register.tpl'));
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('', $username, $mail_message);
$mail_message = str_replace('', $email1, $mail_message);
$mail_message = str_replace('', get_base_url().'/profile.php?id='.$new_uid, $mail_message);
$mail_message = str_replace('', $pun_config['o_board_title'], $mail_message);
pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
}
// If we previously found out that the email was a dupe
if (!empty($dupe_list))
{
// Load the "dupe email register" template
$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/dupe_email_register.tpl'));
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('', $username, $mail_message);
$mail_message = str_replace('', implode(', ', $dupe_list), $mail_message);
$mail_message = str_replace('', get_base_url().'/profile.php?id='.$new_uid, $mail_message);
$mail_message = str_replace('', $pun_config['o_board_title'], $mail_message);
pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
}
// Should we alert people on the admin mailing list that a new user has registered?
if ($pun_config['o_regs_report'] == '1')
{
// Load the "new user" template
$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/new_user.tpl'));
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_message = str_replace('', $username, $mail_message);
$mail_message = str_replace('', get_base_url().'/', $mail_message);
$mail_message = str_replace('', get_base_url().'/profile.php?id='.$new_uid, $mail_message);
$mail_message = str_replace('', get_base_url().'/profile.php?section=admin&id='.$new_uid, $mail_message);
$mail_message = str_replace('', $pun_config['o_board_title'], $mail_message);
pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
}
}
// Must the user verify the registration or do we log him/her in right now?
if ($pun_config['o_regs_verify'] == '1')
{
// Load the "welcome" template
$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/welcome.tpl'));
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
$mail_subject = str_replace('', $pun_config['o_board_title'], $mail_subject);
$mail_message = str_replace('', get_base_url().'/', $mail_message);
$mail_message = str_replace('', $username, $mail_message);
$mail_message = str_replace('', $password1, $mail_message);
$mail_message = str_replace('', get_base_url().'/login.php', $mail_message);
$mail_message = str_replace('', $pun_config['o_board_title'], $mail_message);
pun_mail($email1, $mail_subject, $mail_message);
message($lang_register['Reg email'].' '.pun_htmlspecialchars($pun_config['o_admin_email']).'.', true);
}
pun_setcookie($new_uid, $password_hash, time() + $pun_config['o_timeout_visit']);
redirect('index.php', $lang_register['Reg complete']);
}
}
$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_register['Register']);
$required_fields = array('req_user' => $lang_common['Username'], 'req_password1' => $lang_common['Password'], 'req_password2' => $lang_prof_reg['Confirm pass'], 'req_email1' => $lang_common['Email'], 'req_email2' => $lang_common['Email'].' 2');
$focus_element = array('register', 'req_user');
flux_hook('register_before_header');
define('PUN_ACTIVE_PAGE', 'register');
require PUN_ROOT.'header.php';
$timezone = isset($timezone) ? $timezone : $pun_config['o_default_timezone'];
$dst = isset($dst) ? $dst : $pun_config['o_default_dst'];
$email_setting = isset($email_setting) ? $email_setting : $pun_config['o_default_email_setting'];
// If there are errors, we display them
if (!empty($errors))
{
?>