Location: PHPKode > projects > Gnew > Gnew-2013.1/users/register.php
<?php
// -----------------------------------------------------------------------------
// $Id: register.php 644 2013-03-22 12:54:09Z raoul $
//
// Copyright (C) 2013 Raoul Proença
// License: GNU GPL version 3 (see copying.txt file)
// Website: http://www.gnew.fr/
// -----------------------------------------------------------------------------
// This program is free software: you can redistribute it and/or modify it under
// the terms of the GNU General Public License as published by the Free Software
// Foundation, either version 3 of the License, or (at your option) any later
// version.
//
// This program is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
// FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
// details.
//
// You should have received a copy of the GNU General Public License along with
// this program. If not, see <http://www.gnu.org/licenses/>.
// -----------------------------------------------------------------------------

include('./../includes/common.php');

page_header($lang['USERS_REGISTER']);

// Register function enabled?
if ($settings['users_registering'] == 0)
{
    error_template($lang['ERROR_REGISTRATION_DISABLED']);
}
// User logged?
elseif ($_SESSION['user_id'] > 0)
{
    error_template($lang['ERROR_USER_REGISTERED']);
}
else
{
    // Account activation
    if (!empty($_GET['user_key']) && preg_match('`^[0-9a-f]{40}$`', $_GET['user_key']))
    {
        $sql->query('SELECT user_id
                     FROM ' . TABLE_USERS . '
                     WHERE user_key = \'' . $_GET['user_key'] . '\'
                     AND user_level = \'0\'');
        $table_users = $sql->fetch();
        // Check user
        if (!$table_users['user_id'])
        {
            error_template($lang['ERROR_ACCOUNT_UNKNOWN']);
        }
        else
        {
            $sql->query('UPDATE ' . TABLE_USERS . '
                         SET user_key = \'0\', user_level = \'1\'
                         WHERE user_id = \'' . $table_users['user_id'] . '\'');
            // For the time being new users are not displayed
            // $GLOBALS['cache']->clean(TABLE_USERS);
            success_template($lang['ACCOUNT_ACTIVATED'], './../index.php');
        }
    }
    // From register form
    elseif (isset($_POST['register']))
    {
        $error = '';
        $user_email = trim($_POST['user_email']);
        $user_name = trim(utf8_entities($_POST['user_name']));
        $sql->query('SELECT user_email, user_name
                     FROM ' . TABLE_USERS . '
                     WHERE user_name = \'' . $user_name . '\'
                     OR user_email = \'' . $user_email . '\'');
        $table_users = $sql->fetch();
        // Check name
        if (!$user_name)
        {
            $error .= $lang['ERROR_NO_USERNAME'];
        }
        else
        {
            // Name too short?
            if (utf8_strlen(trim($_POST['user_name'])) < $settings['min_usernames_length'])
            {
                $error .= sprintf($lang['ERROR_NAME_LENGTH'], $settings['min_usernames_length']);
            }
            // Check duplicate names
            if (strtolower($user_name) == strtolower($table_users['user_name']))
            {
                $error .= $lang['ERROR_USERNAME_USED'];
            }
        }
        // Check password
        if (!trim($_POST['user_password']))
        {
            $error .= $lang['ERROR_NO_PASSWORD'];
        }
        else
        {
            // Password too short?
            if (utf8_strlen(trim($_POST['user_password'])) < $settings['min_passwords_length'])
            {
                $error .= sprintf($lang['ERROR_PASSWORD_LENGTH'], $settings['min_passwords_length']);
            }
            // Passwords OK?
            if (trim($_POST['user_password2']) != trim($_POST['user_password']))
            {
                $error .= $lang['ERROR_PASSWORD_MATCH'];
            }
        }
        // Check email
        if (!$user_email)
        {
            $error .= $lang['ERROR_NO_EMAIL'];
        }
        else
        {
            // Valid email?
            if (check_email($user_email))
            {
                // Check duplicate e-mails
                if (strtolower($user_email) == strtolower($table_users['user_email']))
                {
                    $error .= $lang['ERROR_EMAIL_USED'];
                }
            }
            else
            {
                $error .= $lang['ERROR_INVALID_USER_EMAIL'];
            }
        }
        if ($_POST['user_captcha'] != $_SESSION['user_captcha'])
        {
            $error .= $lang['ERROR_INVALID_USER_CAPTCHA'];
        }
        if ($error)
        {
            error_template($error);
        }
        else
        {
            $user_key = sha1(time() . $user_name);
            $sql->query('INSERT INTO ' . TABLE_USERS . ' (user_email, user_ip, user_key, user_level, user_name, user_password, user_creation)
                         VALUES (\'' . $user_email . '\', \'' . $_SERVER['REMOTE_ADDR'] . '\', \'' . $user_key . '\', \'0\', \'' . $user_name . '\', \'' . sha1(utf8_entities($_POST['user_password'])) . '\', \'' . time() . '\')');
            $subject = sprintf($lang['MAIL_REGISTER_SUBJECT'], utf8_chars($settings['site_name']));
            $message = sprintf($lang['MAIL_REGISTER_MESSAGE'], utf8_chars($user_name), utf8_chars($settings['site_name']), $settings['site_url'] . '/users/register.php?user_key=' . $user_key, utf8_chars($settings['sender_name']));
            $header = 'From: ' . utf8_chars($settings['sender_name']) . ' <' . $settings['sender_email'] . '>' . "\n";
            $header .= 'Reply-To: ' . utf8_chars($settings['sender_name']) . ' <' . $settings['sender_email'] . '>' . "\n";
            $header .= 'X-Mailer: PHP/' . get_phpversion() . "\n";
            $header .= 'MIME-Version: 1.0' . "\n";
            $header .= 'Content-Type: text/plain; charset=utf-8' . "\n";
            mail($user_email, $subject, $message, $header);
            // For the time being new users are not displayed
            // $GLOBALS['cache']->clean(TABLE_USERS);
            success_template($lang['USER_ADDED'], './../index.php');
        }
    }
    // Register form
    else
    {
        $template->set_file('register', 'users/register.htpl');
        $template->set_var('USER_CAPTCHA', '<img src="./../users/captcha.php" alt="CAPTCHA" title="CAPTCHA" />');
        $template->parse('register');
    }
}

page_footer();

?>
Return current item: Gnew