//------------------------------------------------------------------//
// register.php
//
// <::VERSION>1.2<::/VERSION>
// <::DATE>07-22-2009<::/DATE>
// <::LOCATION>%forum_root%<::/LOCATION>
//------------------------------------------------------------------//
session_start();
include("config.php");
include("class/hryampcha.php");
$capt = new captchaZDR;
$db=new My_db;
$db->connect();
// MyNG setting up...
init();
$message ='';
// Set up the language
modules_get_language();
// Templates
$t = new Template($_SESSION['conf_system_root']."/themes/".$_SESSION['conf_vis_theme']."/templates/");
if(isset($_POST) && !empty($_POST))
{
/*
$logfile = '/home/diettosu/record_reg.txt';
$current_time = date(DATE_RFC822, time());
$referer = $_SERVER['HTTP_REFERER'];
$ip=$_SERVER['REMOTE_ADDR'];
$content = "
[NEW REGISTRATION]
SUBMITTED: " . $current_time . "
USER IP: " . $ip . "
REFERRER: " . $referer . "
(careful - Referrer data is not to be trusted)
**********************************************
";
$content .= print_r($_POST, true);
$content .= "
[END OF REGISTRATION]
**********************************************
";
logwrite($content);
*/
// Check all required variables:
if(!isset($_POST['registro_usuario']) || $_POST['registro_usuario'] != "ok") return_registration_error();
if(!isset($_POST['id_user']) || $_POST['id_user'] == "") return_registration_error();
if(!isset($_POST['hashpasswd']) || $_POST['hashpasswd'] == "") return_registration_error();
if(!isset($_POST['hashpasswd2']) || $_POST['hashpasswd2'] == "") return_registration_error();
if(!isset($_POST['email']) || $_POST['email'] == "") return_registration_error();
if(!($capt->check_result()))
{
$message = "Error: Sorry, you did not pass the image test. Please try again!
";
$t->set_var("error",$message);
$left_bar = manage_login(time(),$t,$db);
$system_info = $message;
$main = "register.htm";
$t->set_file("main",$main);
$t->set_var("id_user",$id_user);
$t->set_var("email",$email);
//$t->set_var("country",$country);
// Show the text of the template in the required language
parse_text($t);
// Show all the page
show_layout($t,$left_bar,$system_info,MYNG_VERSION);
$message ='';
exit;
}
}
// Check if the user pushed 'register!'
if($_POST['registro_usuario'] == "ok"){
// Sanitize all input now!
//sanitize($input, 10, $min='', $max='');
$email = sanitize($_POST['email'], 10, $min='', $max='');
$id_user = sanitize($_POST['id_user'], 10, $min='', $max='');
$first_name = sanitize($_POST['first_name'], 10, $min='', $max='');
$last_name = sanitize($_POST['last_name'], 10, $min='', $max='');
$hashpasswd = sanitize($_POST['hashpasswd'], 10, $min='', $max='');
$hashpasswd2 = sanitize($_POST['hashpasswd2'], 10, $min='', $max='');
$visible = sanitize($_POST['visible'], 10, $min='', $max='');
// Do not use $_POST beyond this point!
// Instantiate an 'user' object, with the variables passed
// through the form
$new_user = new User($id_user,$hashpasswd,$email,$visible,$first_name,$last_name);
// Call the required methods
$response = $new_user->register_user($hashpasswd2);
if($response['ok'] == 1){
mail_confirm_code($email, $id_user);
// The registration was succesfully completed
$left_bar = manage_login(time(),$t,$db);
$system_info = $response['message'];
$main = "register_confirm.htm";
$t->set_file("main",$main);
// Show all the page
show_layout($t,$left_bar,$system_info,MYNG_VERSION);
}else{
// Something has happended
$left_bar = manage_login(time(),$t,$db);
$system_info = $response['message'];
$main = "register.htm";
$t->set_file("main",$main);
$t->set_var("error","Error: ".$response['message']."
");
$t->set_var("id_user",$id_user);
$t->set_var("email",$email);
//$t->set_var("country",$country);
// Show the text of the template in the required language
parse_text($t);
// Show all the page
show_layout($t,$left_bar,$system_info,MYNG_VERSION);
}
}else{
// Check if the login system is activated or not
if($_SESSION['conf_system_login_yn']=="Y"){
// We only display the required form
$left_bar = manage_login(time(),$t,$db);
// Only if left_bar = 'login' !!
$challenge=md5(uniqid($_SESSION['conf_sec_secret_string']));
$t->set_var("secret_challenge",$challenge);
$system_info = _MYNGFILL_FORM;
$main = "register.htm";
$t->set_file("main",$main);
// Show the text of the template in the required language
parse_text($t);
$finish = finish_time($start);
$t->set_var("page_time",$finish);
// Show all the page
show_layout($t,$left_bar,$system_info,MYNG_VERSION);
}else{
// There's no login system
$left_bar = manage_login($current_time,$t,$db);
//$left_bar = "poweredby.htm";
$challenge=md5(uniqid($myng['cadena']));
$t->set_var("secret_challenge",$challenge);
$system_info = _MYNGMUST_LOGIN;
$main = "error.htm";
$t->set_file("main",$main);
$t->set_var("error_message",_MYNGMUST_LOGIN);
$finish = finish_time($start);
$t->set_var("page_time",$finish);
// Show all the page
show_layout($t,$left_bar,$system_info,MYNG_VERSION);
exit();
}
}
function parse_text(&$t){
// Registration text
$t->set_var("_myngfill_form",_MYNGFILL_FORM);
$t->set_var("_myngall_fields",_MYNGALL_FIELDS);
$t->set_var("_myngrequired",_MYNGREQUIRED);
$t->set_var("_mynguser_name",_MYNGUSER_NAME);
$t->set_var("_myngemail",_MYNGEMAIL);
$t->set_var("_myngpassword",_MYNGPASSWORD);
$t->set_var("_myngvisible",_MYNGVISIBLE);
$t->set_var("_myngyes",_MYNGYES);
$t->set_var("_myngno",_MYNGNO);
$t->set_var("_myngpassword_again",_MYNGPASSWORD_AGAIN);
$t->set_var("_mynginsert_valid_email",_MYNGINSERT_VALID_EMAIL);
$t->set_var("_myngspam_protected",_MYNGSPAM_PROTECTED);
$t->set_var("_myngpassword_transfer",_MYNGPASSWORD_TRANSFER);
$t->set_var("_myngsecure_login",_MYNGSECURE_LOGIN);
$t->set_var("_myngcountry",_MYNGCOUNTRY);
}
function mail_confirm_code($email,$id_user)
{
$db=new My_db;
$db->connect();
// BUILD PASSWORD RESET CODE HERE
$code = $email . 'per*aspera#ad@astra' . $id_user . time();
// OK, save the password now
$hashedpass = md5($code); //garble it first ;-)
$query = "UPDATE myng_user SET usr_conf_code='".$hashedpass."' WHERE usr_name = '" . $id_user."';";
$db->query($query);
if($db->num_rows() == 0)
{
global $system_info;
global $message;
$system_info = "Error: cannot update user's record with the new code - please contact the site administrator";
$message = $system_info;
}
$mail = new PHPMailer();
$mail->IsSendmail(); // set mailer to use sendmail()
//$mail->Host = "smtp1.example.com;smtp2.example.com"; // specify main and backup server
//$mail->SMTPAuth = true; // turn on SMTP authentication
//$mail->Username = "jswan"; // SMTP username
//$mail->Password = "secret"; // SMTP password
$admin_host = preg_replace("/(.*?)\.(.*)/","\\2",$_SERVER['SERVER_NAME']);
$admin_email = "info@" . $admin_host;
$mail->Sender = $admin_email;
$mail->Hostname = $admin_host;
$mail->From = $admin_email;
$mail->FromName = $_SERVER['SERVER_NAME'] . " New Accounts";
$mail->AddAddress("$email", $id_user);
//$mail->AddAddress("ellen@example.com"); // name is optional
$mail->AddReplyTo("$admin_email", "Administrator");
$mail->WordWrap = 50; // set word wrap to 50 characters
//$mail->AddAttachment("/var/tmp/file.tar.gz"); // add attachments
//$mail->AddAttachment("/tmp/image.jpg", "new.jpg"); // optional name
$reset_URL = 'http://' . $_SERVER['SERVER_NAME'] . $_SESSION['conf_system_prefix'] . "confirm_new.php?c=" . $hashedpass;
$mail->IsHTML(false); // set email format to HTML
$mail->Subject = "Your attention required: new account at " . $_SERVER['SERVER_NAME'] . " needs to be confirmed";
$mail->Body = "Hello $id_user, \nthank you for creating an account at " . $_SERVER['SERVER_NAME'];
$mail->Body .= "\n
Here is your confirmation code: " . $hashedpass . "";
$mail->Body .= "\n
Please visit this page to confirm your e-mail and start using your account: ". '' . $reset_URL . '';
$mail->AltBody = "Hello $id_user, \nthank you for creating an account at " . $_SERVER['SERVER_NAME'];
$mail->AltBody = "\nHere is your confirmation code: " . $hashedpass;
$mail->AltBody .= "\nPlease visit this page to confirm your e-mail and start using your account: ". $reset_URL . "\n";
if(!$mail->Send())
{
echo "Message could not be sent.
";
echo "Mailer Error: " . $mail->ErrorInfo;
return false;
exit;
} else
{
return true;
}
}
function logwrite($message){
global $v;
global $logfile;
if (!$handle = fopen($logfile, 'a')) {
if ($v) echo "Cannot open file ($logfile)";
exit;
}
if (fwrite($handle, $message) === FALSE) {
if ($v) echo "Cannot write to file ($logfile)";
exit;
}
fclose($handle);
}
function return_registration_error()
{
$t = new Template($_SESSION['conf_system_root']."/themes/".$_SESSION['conf_vis_theme']."/templates/");
$message = "Please fill in all required information!
";
$t->set_var("error",$message);
$left_bar = manage_login(time(),$t,$db);
$system_info = $message;
$main = "register.htm";
$t->set_file("main",$main);
$t->set_var("id_user",$id_user);
$t->set_var("email",$email);
//$t->set_var("country",$country);
// Show the text of the template in the required language
parse_text($t);
// Show all the page
show_layout($t,$left_bar,$system_info,MYNG_VERSION);
exit;
}
?>