Location: PHPKode > scripts > WebCalendar > WebCalendar-1.2.4/register.php
<?php
/* $Id: register.php,v 1.36.2.5 2011/04/27 00:27:35 rjones6061 Exp $ */
require_once 'includes/classes/WebCalendar.class';

$WebCalendar = new WebCalendar ( __FILE__ );

include 'includes/translate.php';
include 'includes/config.php';
include 'includes/dbi4php.php';
include 'includes/formvars.php';
include 'includes/functions.php';

$WebCalendar->initializeFirstPhase ();

include 'includes/' . $user_inc;
include_once 'includes/access.php';
include 'includes/gradient.php';

$WebCalendar->initializeSecondPhase ();

load_global_settings ();

// TODO make this an option for external users.
$htmlmail = false;

load_user_preferences ( 'guest' );

$WebCalendar->setLanguage ();

require ( 'includes/classes/WebCalMailer.class' );
$mail = &new WebCalMailer;

$appStr = generate_application_name ();

$error = ( empty ( $ALLOW_SELF_REGISTRATION ) || $ALLOW_SELF_REGISTRATION != 'Y'
  ? print_not_auth (26) : '' );

if ( empty ( $SELF_REGISTRATION_FULL ) || $SELF_REGISTRATION_FULL != 'Y' )
  $SELF_REGISTRATION_FULL = 'N';

$form_control = ( $SELF_REGISTRATION_FULL == 'Y' ? 'email' : 'full' );

/* See if new username is unique.
 *
 * Return true if all is OK.
 */
function check_username ( $user ) {
  global $control, $error;

  if ( strlen ( $user ) == 0 ) {
    $error = translate ( 'Username cannot be blank.' );
    return false;
  }
  $res = dbi_execute ( 'SELECT cal_login FROM webcal_user WHERE cal_login = ?',
    array ( $user ) );
  if ( $res ) {
    $row = dbi_fetch_row ( $res );
    if ( $row[0] == $user ) {
      $control = '';
      $error = translate ( 'Username already exists.' );
      return false;
    }
  }
  return true;
}

/* See if  email is unique.
 *
 * Return true if all is OK.
 */
function check_email ( $uemail ) {
  global $control, $error;

  if ( ! strlen ( $uemail ) ) {
    $error = translate ( 'Email address cannot be blank.' );
    return false;
  }
  $res = dbi_execute ( 'SELECT cal_email FROM webcal_user WHERE cal_email = ?',
    array ( $uemail ) );
  if ( $res ) {
    $row = dbi_fetch_row ( $res );
    if ( $row[0] == $uemail ) {
      $control = '';
      $error = translate ( 'Email address already exists.' );
      return false;
    }
  }
  return true;
}

/* Generate unique password.
 */
function generate_password () {
  $pass = '';
  $pass_length = 8;
  $salt = 'abchefghjkmnpqrstuvwxyz0123456789';
  srand ( ( double ) microtime () * 1000000 );
  $i = 0;
  while ( $i < $pass_length ) {
    $pass .= substr ( $salt, rand () % 33, 1 );
    $i++;
  }
  return $pass;
}

$uemail = $ufirstname = $ulastname = $upassword1 = $upassword2 = $user = '';

// We can limit what domain is allowed to self register.
// $self_registration_domain should have this format "192.168.220.0:255.255.240.0";
$valid_ip = validate_domain ();
if ( empty ( $valid_ip ) )
  $error = print_not_auth (36);

// We could make $control a unique value if necessary.
$control = getPostValue ( 'control' );
if ( empty ( $error ) && ! empty ( $control ) ) {
  $uemail = getPostValue ( 'uemail' );
  $ufirstname = getPostValue ( 'ufirstname' );
  $uis_admin = 'N';
  $ulastname = getPostValue ( 'ulastname' );
  $user = trim ( getPostValue ( 'user' ) );
  // translate ( 'Illegal characters in login' )
  if ( $user != addslashes ( $user ) )
    $error = str_replace ( 'XXX', htmlentities ( $user ),
      translate ( 'Illegal characters in login XXX.' ) );

  // Check to make sure user doesn't already exist.
  check_username ( $user );

  // Check to make sure email address doesn't already exist.
  check_email ( $uemail );
}

if ( empty ( $error ) && ! empty ( $control ) ) {
  if ( $control == 'full' ) {
    // Process full account addition.
    $upassword1 = getPostValue ( 'upassword1' );
    $upassword2 = getPostValue ( 'upassword2' );
    // Do some checking of user info.
    if ( ! empty ( $user ) && ! empty ( $upassword1 ) ) {
      if ( get_magic_quotes_gpc () ) {
        $upassword1 = stripslashes ( $upassword1 );
        $user = stripslashes ( $user );
      }
      $user = trim ( $user );
      if ( $user != addslashes ( $user ) )
        $error = str_replace ( 'XXX', htmlentities ( $user ),
          translate ( 'Illegal characters in login XXX.' ) );
    } else
    if ( $upassword1 != $upassword2 ) {
      $control = '';
      $error = translate ( 'The passwords were not identical.' );
    }

    if ( empty ( $error ) ) {
      user_add_user ( $user, $upassword1, $ufirstname, $ulastname,
        $uemail, $uis_admin );
      activity_log ( 0, 'system', $user, LOG_NEWUSER_FULL,
        translate ( 'New user via self-registration.' ) );
    }
  } elseif ( $control == 'email' ) {
    // Process account info for email submission.
    // Need to generate unique passwords and email them to the new user.
    $new_pass = generate_password ();
    // TODO allow admin to approve account and emails prior to processing.
    user_add_user ( $user, $new_pass, $ufirstname, $ulastname,
      $uemail, $uis_admin );

    $tempName = trim ( $ufirstname . ' ' . $ulastname );
    $msg = str_replace ( ', XXX.',
      ( strlen ( $tempName ) ? ', ' . $tempName . '.' : '.' ),
      translate ( 'Hello, XXX.' ) ) . "\n\n"
     . translate ( 'A new WebCalendar account has been set up for you.' )
     . "\n\n"
    // translate ( 'Your username is' )
    . str_replace ( 'XXX', $user, translate ( 'Your username is XXX.' ) )
     . "\n\n"
    // translate ( 'Your password is' )
    . str_replace ( 'XXX', $new_pass, translate ( 'Your password is XXX.' ) )
     . "\n\n"
    // translate ( 'Please visit' )
    // translate ( 'to log in and start using your account' )
    . str_replace ( 'XXX', $appStr,
      translate ( 'Please visit XXX to log in and start using your account!' ) )
     . "\n";
    // Add URL to event, if we can figure it out.
    if ( ! empty ( $SERVER_URL ) ) {
      $url = $SERVER_URL . 'login.php';
      if ( $htmlmail == 'Y' )
        $url = activate_urls ( $url );

      $msg .= "\n\n" . $url;
    }
    $msg .= "\n\n"
     . translate ( 'You may change your password after logging in the first time.' )
     . "\n\n" . translate ( 'If you received this email in error' ) . "\n\n";
    $adminStr = translate ( 'Administrator', true );
    $name = $appStr . ' ' . translate ( 'Welcome' ) . ': ' . $ufirstname;
    // Send  via WebCalMailer class.
    $mail->WC_Send ( $adminStr, $uemail, $ufirstname . ' '
       . $ulastname, $name, $msg, $htmlmail, $EMAIL_FALLBACK_FROM );
    activity_log ( 0, 'system', $user, LOG_NEWUSER_EMAIL,
      translate ( 'New user via email.' ) );
  }
}

echo send_doctype ( $appStr );
echo '
    <script type="text/javascript" src="includes/js/prototype.js"></script>
    <script type="text/javascript">
      var validform = false;

      function valid_form () {
        if ( document.selfreg.upassword1.value.length == 0 ) {
          alert ( "'
           . translate ( 'You have not entered a password.', true ) . '" );
          return false;
        }
        if ( document.selfreg.user.value.length == 0 ) {
          alert ( "' . translate ( 'Username cannot be blank.', true ) . '" );
          return false;
        }
        if ( document.selfreg.upassword1.value != document.selfreg.upassword2.value ) {
          alert ( "'
           . translate ( 'The passwords were not identical.', true ) . '" );
          return false;
        }

        checkers ( \'user\', \'register\' );
        checkers ( \'uemail\', \'email\' );

        return validform;
      }

      function checkers ( formfield, params ) {
        var ajax = new Ajax.Request ( \'ajax.php\',
          {method: \'post\',
          parameters: \'page=\' + params + \'&name=\' + $F ( formfield ),
          onComplete: showResponse} );
      }

      function showResponse ( originalRequest ) {
        if ( originalRequest.responseText ) {
          text = originalRequest.responseText;
          '// This causes javascript errors in Firefox, but these can be ignored.
 . 'alert ( text );
          if ( formfield == \'user\' )
            document.selfreg.user.focus ();

          if ( formfield == \'uemail\' )
            document.selfreg.uemail.focus ();

          validform = false;
        } else {
          validform =  true;
        }
      }
    </script>
    <link rel="stylesheet" type="text/css" href="css_cacher.php?login=__public__" />'

// Print custom header (since we do not call print_header function).
 . ( ! empty ( $CUSTOM_SCRIPT ) && $CUSTOM_SCRIPT == 'Y'
  ? load_template ( $login, 'S' ) : '' ) . '
  </head>
  <body id="register">
    <h2>' . $appStr . ' ' . translate ( 'Registration' ) . '</h2>'
 . ( ! empty ( $error )
  ? '
    <span style="color:#FF0000; font-weight:bold;">' . translate ( 'Error' )
   . ": $error" . '</span><br />'
  : '<br /><br />' . ( empty ( $control ) ? '' : '
    <form action="login.php" method="post">
      <input type="hidden" name="login" value="' . $user . '" />
      <table align="center" cellspacing="10" cellpadding="10">
        <tr>
          <td rowspan="3"><img src="images/register.gif"></td>
          <td>' . translate ( 'Welcome to WebCalendar' ) . '</td>
        </tr>' . ( $SELF_REGISTRATION_FULL == 'Y' ? '
        <tr>
          <td colspan="3" align="center"><label>'
       . translate ( 'Your email should arrive shortly.' ) . '</label></td>
        </tr>' : '' ) . '
        <tr>
          <td colspan="3" align="center"><input type="submit" value="'
     . translate ( 'Return to Login screen' ) . '" /></td>
        </tr>
      </table>
    </form>' ) . '
    <form action="register.php" method="post" onSubmit="return valid_form()"
        name="selfreg">
      <input type="hidden" name="control" value="' . $form_control . '" />
      <table align="center" cellpadding="10" cellspacing="10">
        <tr>
          <td rowspan="3"><img src="images/register.gif" alt="" /></td>
          <td align="right"><label>' . translate ( 'Username' ) . ':</label></td>
          <td align="left"><input type="text" name="user" id="user" value="'
   . $user . '" size="20" maxlength="20" onChange="check_name();" /></td>
        </tr>
        <tr>
          <td align="right"><label>' . translate ( 'First Name' )
   . ':</label></td>
          <td align="left"><input type="text" name="ufirstname" value="'
   . $ufirstname . '" size="25" maxlength="25" /></td>
        </tr>
        <tr>
          <td align="right"><label>' . translate ( 'Last Name' ) . ':</label></td>
          <td align="left"><input type="text" name="ulastname" value="'
   . $ulastname . '" size="25" maxlength="25" /></td>
        </tr>
        <tr>
          <td align="right" colspan="2"><label>' . translate ( 'E-mail address' )
   . ':</label></td>
          <td align="left"><input type="text" name="uemail" id="uemail" value="'
   . $uemail . '" size="40" maxlength="75" onChange="check_uemail();" /></td>
        </tr>
        <tr>
          <td ' . ( $SELF_REGISTRATION_FULL != 'Y'
    ? 'align="right" colspan="2"><label>' . translate ( 'Password' )
     . ':</label></td>
          <td align="left"><input name="upassword1" value="' . $upassword1
     . '" size="15" type="password" /></td>
        </tr>
        <tr>
          <td align="right" colspan="2"><label>'
           . translate ( 'Password (again)' )     . ':</label></td>
          <td align="left"><input name="upassword2" value="' . $upassword2
     . '" size="15" type="password" />'
    : 'colspan="3" align="center"><label>'
     . translate ( 'Your account information will be emailed to you.' )
     . '</label>' ) . '</td>
        </tr>
        <tr>
          <td colspan="3" align="center"><input type="submit" value="'
   . translate ( 'Submit' ) . '" /></td>
        </tr>
      </table>
    </form>' ) . '<br /><br /><br /><br /><br /><br /><br /><br />
    <span class="cookies">' . translate ( 'cookies-note' )
 . '</span><br />
    <hr />
    <br /><br />
    <a href="' . $PROGRAM_URL . '" id="programname">' . $PROGRAM_NAME . '</a>';
// Print custom trailer (since we do not call print_trailer function).
if ( ! empty ( $CUSTOM_TRAILER ) && $CUSTOM_TRAILER == 'Y' ) {
  $res = dbi_execute ( 'SELECT cal_template_text FROM webcal_report_template
    WHERE cal_template_type = \'T\' and cal_report_id = 0' );
  if ( $res ) {
    if ( $row = dbi_fetch_row ( $res ) )
      echo $row[0];

    dbi_free_result ( $res );
  }
}

?>
 </body>
</html>
Return current item: WebCalendar