1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
<?php
function init_register() {
global $S, $request, $conf;
if (isset($S['user'])) {
header('Location: '.url());
return 'welcome';
}
if (isset($request['token']) && preg_match('/^[a-zA-Z0-9]{30}$/', $request['token'])) {
$r=$S['pdo']->query('SELECT * FROM `registrationtokens` WHERE `id`=\''.$request['token'].'\'');
if ($r->rowCount()) {
$S['register.token']=new sql_registrationtoken($r->fetch(PDO::FETCH_ASSOC));
if (isset($request['password'])) {
$S['register.fail']='';
if (!isset($request['name']) || !Validate::username($request['name']))
$S['register.fail'].=print_warning('The username you entered is invalid. Names must be at least two characters long and may contain alphanumeric characters, period, space, underscore, and dash.');
if (!isset($request['password']) || strlen($request['password']) <= 4)
$S['register.fail'].=print_warning('Please enter a password at least five characters long.');
if ($S['register.fail']=='') {
$S['user']=new sql_user(null, $S['register.token']->email, $request['name'], sha1($request['password']), '');
$S['user']->write();
$S['register.token']->delete();
unset($S['register.token']);
sql_session::create();
}
}
}
} elseif (!$conf['registration']) return '404';
return array('title' => 'Register');
}
function body_register() {
global $S, $request, $conf;
if (isset($S['user']))
echo print_success('Account creation complete.');
elseif (isset($request['email'])) {
if (!Validate::email($request['email']))
echo print_warning('The email address you entered is invalid.').'<a href="javascript:history.go(-1)">Back</a>';
// 5.3.0 - goto print form
else {
if ($S['pdo']->query('SELECT COUNT(*) FROM `users` WHERE `email`='.$S['pdo']->quote($request['email']))->fetch(PDO::FETCH_COLUMN))
echo print_warning('An account already exists with this email address.').'<a href="'.url('login').'">Login</a>';
else {
if ($token=$S['pdo']->query('SELECT * FROM `registrationtokens` WHERE `email`='.$S['pdo']->quote($request['email']))->fetch(PDO::FETCH_ASSOC)) {
echo print_warning('A confirmation email has already been sent to this email address... sending another email.');
$token=new sql_registrationtoken($token);
} else {
$token=sql_registrationtoken::create();
$token->email=$request['email'];
}
$token->expire=time()+24*3600; // 24 Hours before expiration (not implemented)
$token->write();
xhtmlemail($request['email'], null, $conf['title'].' account creation', 'To complete your account registration, click this link: <a href="'.url('register/'.$token->id).'">'.url('register/'.$token->id).'</a>.');
echo print_success('You will receive an email soon at '.htmlentities($request['email']).' with instructions to finish creating your account.');
}
}
} elseif (isset($S['register.token'])) {
if (isset($S['register.fail']))
echo $S['register.fail'];
echo '<h3>Register</h3><form action="'.url('register').'" method="post"><input type="hidden" name="token" value="'.$request['token'].'" />Display name: <input name="name" /><br/>Password: <input type="password" name="password" /><br/><input type="submit" value="Create Account" /></form>';
} else
echo '<h3>Register</h3><form action="'.url('register').'" method="post">
E-mail: <input name="email" /><br/>
<input type="submit" value="Create Account" />
</form>';
}
?>
|
GitWeb
