~azzar1/unity/add-show-desktop-key : contents of www/php/phpBB3/includes/ucp/ucp

~azzar1/unity/add-show-desktop-key : (revision 1092.1.14)

<?php
/**
*
* @package ucp
* @version $Id: ucp_register.php,v 1.127 2007/10/09 17:35:23 kellanved Exp $
* @copyright (c) 2005 phpBB Group
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/

/**
* @ignore
*/
if (!defined('IN_PHPBB'))
{
	exit;
}

/**
* ucp_register
* Board registration
* @package ucp
*/
class ucp_register
{
	var $u_action;

	function main($id, $mode)
	{
		global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;

		//
		if ($config['require_activation'] == USER_ACTIVATION_DISABLE)
		{
			trigger_error('UCP_REGISTER_DISABLE');
		}

		include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);

		$confirm_id		= request_var('confirm_id', '');
		$coppa			= (isset($_REQUEST['coppa'])) ? ((!empty($_REQUEST['coppa'])) ? 1 : 0) : false;
		$agreed			= (!empty($_POST['agreed'])) ? 1 : 0;
		$submit			= (isset($_POST['submit'])) ? true : false;
		$change_lang	= request_var('change_lang', '');
		$user_lang		= request_var('lang', $user->lang_name);


		// not so fast, buddy
		if (($submit && !check_form_key('ucp_register', false, '', false, $config['min_time_reg']))
			|| (!$submit && !check_form_key('ucp_register_terms', false, '', false, $config['min_time_terms'])))
		{
			$agreed = false;
		}
		
		if ($agreed)
		{
			add_form_key('ucp_register');
		}
		else
		{
			add_form_key('ucp_register_terms');
		}


		if ($change_lang || $user_lang != $config['default_lang'])
		{
			$use_lang = ($change_lang) ? basename($change_lang) : basename($user_lang);

			if (file_exists($phpbb_root_path . 'language/' . $use_lang . '/'))
			{
				if ($change_lang)
				{
					$submit = false;

					// Setting back agreed to let the user view the agreement in his/her language
					$agreed = (empty($_GET['change_lang'])) ? 0 : $agreed;
				}

				$user->lang_name = $lang = $use_lang;
				$user->lang_path = $phpbb_root_path . 'language/' . $lang . '/';
				$user->lang = array();
				$user->add_lang(array('common', 'ucp'));
			}
			else
			{
				$change_lang = '';
				$user_lang = $user->lang_name;
			}
		}

		$cp = new custom_profile();

		$error = $cp_data = $cp_error = array();

		//
		if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable']))
		{
			$add_lang = ($change_lang) ? '&amp;change_lang=' . urlencode($change_lang) : '';
			$add_coppa = ($coppa !== false) ? '&amp;coppa=' . $coppa : '';

			$s_hidden_fields = ($confirm_id) ? array('confirm_id' => $confirm_id) : array();

			// If we change the language, we want to pass on some more possible parameter.
			if ($change_lang)
			{
				// We do not include the password!
				$s_hidden_fields = array_merge($s_hidden_fields, array(
					'username'			=> utf8_normalize_nfc(request_var('username', '', true)),
					'email'				=> strtolower(request_var('email', '')),
					'email_confirm'		=> strtolower(request_var('email_confirm', '')),
					'confirm_code'		=> request_var('confirm_code', ''),
					'lang'				=> $user->lang_name,
					'tz'				=> request_var('tz', (float) $config['board_timezone']),
				));
			}

			if ($coppa === false && $config['coppa_enable'])
			{
				$now = getdate();
				$coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']);
				unset($now);

				$template->assign_vars(array(
					'L_COPPA_NO'		=> sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday),
					'L_COPPA_YES'		=> sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday),

					'U_COPPA_NO'		=> append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&amp;coppa=0' . $add_lang),
					'U_COPPA_YES'		=> append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&amp;coppa=1' . $add_lang),

					'S_SHOW_COPPA'		=> true,
					'S_HIDDEN_FIELDS'	=> build_hidden_fields($s_hidden_fields),
					'S_UCP_ACTION'		=> append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang),
				));
			}
			else
			{
				$template->assign_vars(array(
					'L_TERMS_OF_USE'	=> sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()),

					'S_SHOW_COPPA'		=> false,
					'S_REGISTRATION'	=> true,
					'S_HIDDEN_FIELDS'	=> build_hidden_fields($s_hidden_fields),
					'S_UCP_ACTION'		=> append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa),
					'S_TIME'			=> 1000 * ((int) $config['min_time_terms']),
					)
				);
			}

			$this->tpl_name = 'ucp_agreement';
			return;
		}


		// Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1
		$timezone = date('Z') / 3600;
		$is_dst = date('I');

		if ($config['board_timezone'] == $timezone || $config['board_timezone'] == ($timezone - 1))
		{
			$timezone = ($is_dst) ? $timezone - 1 : $timezone;

			if (!isset($user->lang['tz_zones'][(string) $timezone]))
			{
				$timezone = $config['board_timezone'];
			}
		}
		else
		{
			$is_dst = $config['board_dst'];
			$timezone = $config['board_timezone'];
		}

		$data = array(
			'username'			=> utf8_normalize_nfc(request_var('username', '', true)),
			'new_password'		=> request_var('new_password', '', true),
			'password_confirm'	=> request_var('password_confirm', '', true),
			'email'				=> strtolower(request_var('email', '')),
			'email_confirm'		=> strtolower(request_var('email_confirm', '')),
			'confirm_code'		=> request_var('confirm_code', ''),
			'lang'				=> basename(request_var('lang', $user->lang_name)),
			'tz'				=> request_var('tz', (float) $timezone),
		);

		// Check and initialize some variables if needed
		if ($submit)
		{
			$error = validate_data($data, array(
				'username'			=> array(
					array('string', false, $config['min_name_chars'], $config['max_name_chars']),
					array('username', '')),
				'new_password'		=> array(
					array('string', false, $config['min_pass_chars'], $config['max_pass_chars']),
					array('password')),
				'password_confirm'	=> array('string', false, $config['min_pass_chars'], $config['max_pass_chars']),
				'email'				=> array(
					array('string', false, 6, 60),
					array('email')),
				'email_confirm'		=> array('string', false, 6, 60),
				'confirm_code'		=> array('string', !$config['enable_confirm'], 5, 8),
				'tz'				=> array('num', false, -14, 14),
				'lang'				=> array('match', false, '#^[a-z_\-]{2,}$#i'),
			));

			// Replace "error" strings with their real, localised form
			$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);

			// DNSBL check
			if ($config['check_dnsbl'])
			{
				if (($dnsbl = $user->check_dnsbl('register')) !== false)
				{
					$error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
				}
			}

			// validate custom profile fields
			$cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error);

			// Visual Confirmation handling
			$wrong_confirm = false;
			if ($config['enable_confirm'])
			{
				if (!$confirm_id)
				{
					$error[] = $user->lang['CONFIRM_CODE_WRONG'];
					$wrong_confirm = true;
				}
				else
				{
					$sql = 'SELECT code
						FROM ' . CONFIRM_TABLE . "
						WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
							AND session_id = '" . $db->sql_escape($user->session_id) . "'
							AND confirm_type = " . CONFIRM_REG;
					$result = $db->sql_query($sql);
					$row = $db->sql_fetchrow($result);
					$db->sql_freeresult($result);

					if ($row)
					{
						if (strcasecmp($row['code'], $data['confirm_code']) === 0)
						{
							$sql = 'DELETE FROM ' . CONFIRM_TABLE . "
								WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
									AND session_id = '" . $db->sql_escape($user->session_id) . "'
									AND confirm_type = " . CONFIRM_REG;
							$db->sql_query($sql);
						}
						else
						{
							$error[] = $user->lang['CONFIRM_CODE_WRONG'];
							$wrong_confirm = true;
						}
					}
					else
					{
						$error[] = $user->lang['CONFIRM_CODE_WRONG'];
						$wrong_confirm = true;
					}
				}
			}

			if (!sizeof($error))
			{
				if ($data['new_password'] != $data['password_confirm'])
				{
					$error[] = $user->lang['NEW_PASSWORD_ERROR'];
				}

				if ($data['email'] != $data['email_confirm'])
				{
					$error[] = $user->lang['NEW_EMAIL_ERROR'];
				}
			}

			if (!sizeof($error))
			{
				$server_url = generate_board_url();

				// Which group by default?
				$group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED';

				$sql = 'SELECT group_id
					FROM ' . GROUPS_TABLE . "
					WHERE group_name = '" . $db->sql_escape($group_name) . "'
						AND group_type = " . GROUP_SPECIAL;
				$result = $db->sql_query($sql);
				$row = $db->sql_fetchrow($result);
				$db->sql_freeresult($result);

				if (!$row)
				{
					trigger_error('NO_GROUP');
				}

				$group_id = $row['group_id'];

				if (($coppa ||
					$config['require_activation'] == USER_ACTIVATION_SELF ||
					$config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable'])
				{
					$user_actkey = gen_rand_string(10);
					$key_len = 54 - (strlen($server_url));
					$key_len = ($key_len < 6) ? 6 : $key_len;
					$user_actkey = substr($user_actkey, 0, $key_len);

					$user_type = USER_INACTIVE;
					$user_inactive_reason = INACTIVE_REGISTER;
					$user_inactive_time = time();
				}
				else
				{
					$user_type = USER_NORMAL;
					$user_actkey = '';
					$user_inactive_reason = 0;
					$user_inactive_time = 0;
				}

				$user_row = array(
					'username'				=> $data['username'],
					'user_password'			=> phpbb_hash($data['new_password']),
					'user_email'			=> $data['email'],
					'group_id'				=> (int) $group_id,
					'user_timezone'			=> (float) $data['tz'],
					'user_dst'				=> $is_dst,
					'user_lang'				=> $data['lang'],
					'user_type'				=> $user_type,
					'user_actkey'			=> $user_actkey,
					'user_ip'				=> $user->ip,
					'user_regdate'			=> time(),
					'user_inactive_reason'	=> $user_inactive_reason,
					'user_inactive_time'	=> $user_inactive_time,
				);

				// Register user...
				$user_id = user_add($user_row, $cp_data);

				// This should not happen, because the required variables are listed above...
				if ($user_id === false)
				{
					trigger_error('NO_USER', E_USER_ERROR);
				}

				if ($coppa && $config['email_enable'])
				{
					$message = $user->lang['ACCOUNT_COPPA'];
					$email_template = 'coppa_welcome_inactive';
				}
				else if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable'])
				{
					$message = $user->lang['ACCOUNT_INACTIVE'];
					$email_template = 'user_welcome_inactive';
				}
				else if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable'])
				{
					$message = $user->lang['ACCOUNT_INACTIVE_ADMIN'];
					$email_template = 'admin_welcome_inactive';
				}
				else
				{
					$message = $user->lang['ACCOUNT_ADDED'];
					$email_template = 'user_welcome';
				}

				if ($config['email_enable'])
				{
					include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);

					$messenger = new messenger(false);

					$messenger->template($email_template, $data['lang']);

					$messenger->to($data['email'], $data['username']);

					$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
					$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
					$messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
					$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);

					$messenger->assign_vars(array(
						'WELCOME_MSG'	=> htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
						'USERNAME'		=> htmlspecialchars_decode($data['username']),
						'PASSWORD'		=> htmlspecialchars_decode($data['new_password']),
						'U_ACTIVATE'	=> "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
					);

					if ($coppa)
					{
						$messenger->assign_vars(array(
							'FAX_INFO'		=> $config['coppa_fax'],
							'MAIL_INFO'		=> $config['coppa_mail'],
							'EMAIL_ADDRESS'	=> $data['email'])
						);
					}

					$messenger->send(NOTIFY_EMAIL);

					if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
					{
						// Grab an array of user_id's with a_user permissions ... these users can activate a user
						$admin_ary = $auth->acl_get_list(false, 'a_user', false);
						$admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array();

						// Also include founders
						$where_sql = ' WHERE user_type = ' . USER_FOUNDER;

						if (sizeof($admin_ary))
						{
							$where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary);
						}

						$sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type
							FROM ' . USERS_TABLE . ' ' .
							$where_sql;
						$result = $db->sql_query($sql);

						while ($row = $db->sql_fetchrow($result))
						{
							$messenger->template('admin_activate', $row['user_lang']);
							$messenger->to($row['user_email'], $row['username']);
							$messenger->im($row['user_jabber'], $row['username']);

							$messenger->assign_vars(array(
								'USERNAME'			=> htmlspecialchars_decode($data['username']),
								'U_USER_DETAILS'	=> "$server_url/memberlist.$phpEx?mode=viewprofile&u=$user_id",
								'U_ACTIVATE'		=> "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
							);

							$messenger->send($row['user_notify_type']);
						}
						$db->sql_freeresult($result);
					}
				}

				$message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
				trigger_error($message);
			}
		}

		$s_hidden_fields = array(
			'agreed'		=> 'true',
			'change_lang'	=> 0,
		);

		if ($config['coppa_enable'])
		{
			$s_hidden_fields['coppa'] = $coppa;
		}
		$s_hidden_fields = build_hidden_fields($s_hidden_fields);

		$confirm_image = '';

		// Visual Confirmation - Show images
		if ($config['enable_confirm'])
		{
			$str = '';
			if (!$change_lang)
			{
				$user->confirm_gc(CONFIRM_REG);
				
				$sql = 'SELECT COUNT(session_id) AS attempts
					FROM ' . CONFIRM_TABLE . "
					WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
						AND confirm_type = " . CONFIRM_REG;
				$result = $db->sql_query($sql);
				$attempts = (int) $db->sql_fetchfield('attempts');
				$db->sql_freeresult($result);

				if ($config['max_reg_attempts'] && $attempts > $config['max_reg_attempts'])
				{
					trigger_error('TOO_MANY_REGISTERS');
				}

				$code = gen_rand_string(mt_rand(5, 8));
				$confirm_id = md5(unique_id($user->ip));
				$seed = hexdec(substr(unique_id(), 4, 10));

				// compute $seed % 0x7fffffff
				$seed -= 0x7fffffff * floor($seed / 0x7fffffff);

				$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
					'confirm_id'	=> (string) $confirm_id,
					'session_id'	=> (string) $user->session_id,
					'confirm_type'	=> (int) CONFIRM_REG,
					'code'			=> (string) $code,
					'seed'			=> (int) $seed)
				);
				$db->sql_query($sql);
			}
			else
			{
				$str .= '&amp;change_lang=' . $change_lang;
			}

			$confirm_image = '<img src="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=confirm&amp;id=' . $confirm_id . '&amp;type=' . CONFIRM_REG . $str) . '" alt="" title="" />';
			$s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />';
		}

		//
		$l_reg_cond = '';
		switch ($config['require_activation'])
		{
			case USER_ACTIVATION_SELF:
				$l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE'];
			break;

			case USER_ACTIVATION_ADMIN:
				$l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE'];
			break;
		}

		$template->assign_vars(array(
			'ERROR'				=> (sizeof($error)) ? implode('<br />', $error) : '',
			'USERNAME'			=> $data['username'],
			'PASSWORD'			=> $data['new_password'],
			'PASSWORD_CONFIRM'	=> $data['password_confirm'],
			'EMAIL'				=> $data['email'],
			'EMAIL_CONFIRM'		=> $data['email_confirm'],
			'CONFIRM_IMG'		=> $confirm_image,

			'L_CONFIRM_EXPLAIN'			=> sprintf($user->lang['CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'),
			'L_REG_COND'				=> $l_reg_cond,
			'L_USERNAME_EXPLAIN'		=> sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
			'L_PASSWORD_EXPLAIN'		=> sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),

			'S_LANG_OPTIONS'	=> language_select($data['lang']),
			'S_TZ_OPTIONS'		=> tz_select($data['tz']),
			'S_CONFIRM_CODE'	=> ($config['enable_confirm']) ? true : false,
			'S_COPPA'			=> $coppa,
			'S_HIDDEN_FIELDS'	=> $s_hidden_fields,
			'S_UCP_ACTION'		=> append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),
			'S_TIME'			=> 1000 * ((int) $config['min_time_reg']),
			)
		);

		//
		$user->profile_fields = array();

		// Generate profile fields -> Template Block Variable profile_fields
		$cp->generate_profile_fields('register', $user->get_iso_lang_id());

		//
		$this->tpl_name = 'ucp_register';
		$this->page_title = 'UCP_REGISTRATION';
	}
}

?>

443 by dcoles Added Forum application along with unmodifed version of phpBB3 "Olympus" 3.0.0	1	<?php
	2	/**
	3	*
	4	* @package ucp
	5	* @version $Id: ucp_register.php,v 1.127 2007/10/09 17:35:23 kellanved Exp $
	6	* @copyright (c) 2005 phpBB Group
	7	* @license http://opensource.org/licenses/gpl-license.php GNU Public License
	8	*
	9	*/
	10
	11	/**
	12	* @ignore
	13	*/
	14	if (!defined('IN_PHPBB'))
	15	{
	16	exit;
	17	}
	18
	19	/**
	20	* ucp_register
	21	* Board registration
	22	* @package ucp
	23	*/
	24	class ucp_register
	25	{
	26	var $u_action;
	27
	28	function main($id, $mode)
	29	{
	30	global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;
	31
	32	//
	33	if ($config['require_activation'] == USER_ACTIVATION_DISABLE)
	34	{
	35	trigger_error('UCP_REGISTER_DISABLE');
	36	}
	37
	38	include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
	39
	40	$confirm_id = request_var('confirm_id', '');
	41	$coppa = (isset($_REQUEST['coppa'])) ? ((!empty($_REQUEST['coppa'])) ? 1 : 0) : false;
	42	$agreed = (!empty($_POST['agreed'])) ? 1 : 0;
	43	$submit = (isset($_POST['submit'])) ? true : false;
	44	$change_lang = request_var('change_lang', '');
	45	$user_lang = request_var('lang', $user->lang_name);
	46
	47
	48	// not so fast, buddy
	49	if (($submit && !check_form_key('ucp_register', false, '', false, $config['min_time_reg']))
	50	\|\| (!$submit && !check_form_key('ucp_register_terms', false, '', false, $config['min_time_terms'])))
	51	{
	52	$agreed = false;
	53	}
	54
	55	if ($agreed)
	56	{
	57	add_form_key('ucp_register');
	58	}
	59	else
	60	{
	61	add_form_key('ucp_register_terms');
	62	}
	63
	64
65	if ($change_lang \|\| $user_lang != $config['default_lang'])
66	{
67	$use_lang = ($change_lang) ? basename($change_lang) : basename($user_lang);
68
69	if (file_exists($phpbb_root_path . 'language/' . $use_lang . '/'))
70	{
71	if ($change_lang)
72	{
73	$submit = false;
74
75	// Setting back agreed to let the user view the agreement in his/her language
76	$agreed = (empty($_GET['change_lang'])) ? 0 : $agreed;
77	}
78
79	$user->lang_name = $lang = $use_lang;
80	$user->lang_path = $phpbb_root_path . 'language/' . $lang . '/';
81	$user->lang = array();
82	$user->add_lang(array('common', 'ucp'));
83	}
84	else
85	{
86	$change_lang = '';
87	$user_lang = $user->lang_name;
88	}
89	}
90
91	$cp = new custom_profile();
92
93	$error = $cp_data = $cp_error = array();
94
95	//
96	if (!$agreed \|\| ($coppa === false && $config['coppa_enable']) \|\| ($coppa && !$config['coppa_enable']))
97	{
98	$add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : '';
99	$add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : '';
100
101	$s_hidden_fields = ($confirm_id) ? array('confirm_id' => $confirm_id) : array();
102
103	// If we change the language, we want to pass on some more possible parameter.
104	if ($change_lang)
105	{
106	// We do not include the password!
107	$s_hidden_fields = array_merge($s_hidden_fields, array(
108	'username' => utf8_normalize_nfc(request_var('username', '', true)),
109	'email' => strtolower(request_var('email', '')),
110	'email_confirm' => strtolower(request_var('email_confirm', '')),
111	'confirm_code' => request_var('confirm_code', ''),
112	'lang' => $user->lang_name,
113	'tz' => request_var('tz', (float) $config['board_timezone']),
114	));
115	}
116
117	if ($coppa === false && $config['coppa_enable'])
118	{
119	$now = getdate();
120	$coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']);
121	unset($now);
122
123	$template->assign_vars(array(
124	'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday),
125	'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday),
126
127	'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=0' . $add_lang),
128	'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=1' . $add_lang),
129
130	'S_SHOW_COPPA' => true,
131	'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
132	'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang),
133	));
134	}
135	else
136	{
137	$template->assign_vars(array(
138	'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()),
139
140	'S_SHOW_COPPA' => false,
141	'S_REGISTRATION' => true,
142	'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
143	'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa),
144	'S_TIME' => 1000 * ((int) $config['min_time_terms']),
145	)
146	);
147	}
148
149	$this->tpl_name = 'ucp_agreement';
150	return;
151	}
152
153
154	// Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1
155	$timezone = date('Z') / 3600;
156	$is_dst = date('I');
157
158	if ($config['board_timezone'] == $timezone \|\| $config['board_timezone'] == ($timezone - 1))
159	{
160	$timezone = ($is_dst) ? $timezone - 1 : $timezone;
161
162	if (!isset($user->lang['tz_zones'][(string) $timezone]))
163	{
164	$timezone = $config['board_timezone'];
165	}
166	}
167	else
168	{
169	$is_dst = $config['board_dst'];
170	$timezone = $config['board_timezone'];
171	}
172
173	$data = array(
174	'username' => utf8_normalize_nfc(request_var('username', '', true)),
175	'new_password' => request_var('new_password', '', true),
176	'password_confirm' => request_var('password_confirm', '', true),
177	'email' => strtolower(request_var('email', '')),
178	'email_confirm' => strtolower(request_var('email_confirm', '')),
179	'confirm_code' => request_var('confirm_code', ''),
180	'lang' => basename(request_var('lang', $user->lang_name)),
181	'tz' => request_var('tz', (float) $timezone),
182	);
183
184	// Check and initialize some variables if needed
185	if ($submit)
186	{
187	$error = validate_data($data, array(
188	'username' => array(
189	array('string', false, $config['min_name_chars'], $config['max_name_chars']),
190	array('username', '')),
191	'new_password' => array(
192	array('string', false, $config['min_pass_chars'], $config['max_pass_chars']),
193	array('password')),
194	'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']),
195	'email' => array(
196	array('string', false, 6, 60),
197	array('email')),
198	'email_confirm' => array('string', false, 6, 60),
199	'confirm_code' => array('string', !$config['enable_confirm'], 5, 8),
200	'tz' => array('num', false, -14, 14),
201	'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
202	));
203
204	// Replace "error" strings with their real, localised form
205	$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
206
207	// DNSBL check
208	if ($config['check_dnsbl'])
209	{
210	if (($dnsbl = $user->check_dnsbl('register')) !== false)
211	{
212	$error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
213	}
214	}
215
216	// validate custom profile fields
217	$cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error);
218
219	// Visual Confirmation handling
220	$wrong_confirm = false;
221	if ($config['enable_confirm'])
222	{
223	if (!$confirm_id)
224	{
225	$error[] = $user->lang['CONFIRM_CODE_WRONG'];
226	$wrong_confirm = true;
227	}
228	else
229	{
230	$sql = 'SELECT code
231	FROM ' . CONFIRM_TABLE . "
232	WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
233	AND session_id = '" . $db->sql_escape($user->session_id) . "'
234	AND confirm_type = " . CONFIRM_REG;
235	$result = $db->sql_query($sql);
236	$row = $db->sql_fetchrow($result);
237	$db->sql_freeresult($result);
238
239	if ($row)
240	{
241	if (strcasecmp($row['code'], $data['confirm_code']) === 0)
242	{
243	$sql = 'DELETE FROM ' . CONFIRM_TABLE . "
244	WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
245	AND session_id = '" . $db->sql_escape($user->session_id) . "'
246	AND confirm_type = " . CONFIRM_REG;
247	$db->sql_query($sql);
248	}
249	else
250	{
251	$error[] = $user->lang['CONFIRM_CODE_WRONG'];
252	$wrong_confirm = true;
253	}
254	}
255	else
256	{
257	$error[] = $user->lang['CONFIRM_CODE_WRONG'];
258	$wrong_confirm = true;
259	}
260	}
261	}
262
263	if (!sizeof($error))
264	{
265	if ($data['new_password'] != $data['password_confirm'])
266	{
267	$error[] = $user->lang['NEW_PASSWORD_ERROR'];
268	}
269
270	if ($data['email'] != $data['email_confirm'])
271	{
272	$error[] = $user->lang['NEW_EMAIL_ERROR'];
273	}
274	}
275
276	if (!sizeof($error))
277	{
278	$server_url = generate_board_url();
279
280	// Which group by default?
281	$group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED';
282
283	$sql = 'SELECT group_id
284	FROM ' . GROUPS_TABLE . "
285	WHERE group_name = '" . $db->sql_escape($group_name) . "'
286	AND group_type = " . GROUP_SPECIAL;
287	$result = $db->sql_query($sql);
288	$row = $db->sql_fetchrow($result);
289	$db->sql_freeresult($result);
290
291	if (!$row)
292	{
293	trigger_error('NO_GROUP');
294	}
295
296	$group_id = $row['group_id'];
297
298	if (($coppa \|\|
299	$config['require_activation'] == USER_ACTIVATION_SELF \|\|
300	$config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable'])
301	{
302	$user_actkey = gen_rand_string(10);
303	$key_len = 54 - (strlen($server_url));
304	$key_len = ($key_len < 6) ? 6 : $key_len;
305	$user_actkey = substr($user_actkey, 0, $key_len);
306
307	$user_type = USER_INACTIVE;
308	$user_inactive_reason = INACTIVE_REGISTER;
309	$user_inactive_time = time();
310	}
311	else
312	{
313	$user_type = USER_NORMAL;
314	$user_actkey = '';
315	$user_inactive_reason = 0;
316	$user_inactive_time = 0;
317	}
318
319	$user_row = array(
320	'username' => $data['username'],
321	'user_password' => phpbb_hash($data['new_password']),
322	'user_email' => $data['email'],
323	'group_id' => (int) $group_id,
324	'user_timezone' => (float) $data['tz'],
325	'user_dst' => $is_dst,
326	'user_lang' => $data['lang'],
327	'user_type' => $user_type,
328	'user_actkey' => $user_actkey,
329	'user_ip' => $user->ip,
330	'user_regdate' => time(),
331	'user_inactive_reason' => $user_inactive_reason,
332	'user_inactive_time' => $user_inactive_time,
333	);
334
335	// Register user...
336	$user_id = user_add($user_row, $cp_data);
337
338	// This should not happen, because the required variables are listed above...
339	if ($user_id === false)
340	{
341	trigger_error('NO_USER', E_USER_ERROR);
342	}
343
344	if ($coppa && $config['email_enable'])
345	{
346	$message = $user->lang['ACCOUNT_COPPA'];
347	$email_template = 'coppa_welcome_inactive';
348	}
349	else if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable'])
350	{
351	$message = $user->lang['ACCOUNT_INACTIVE'];
352	$email_template = 'user_welcome_inactive';
353	}
354	else if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable'])
355	{
356	$message = $user->lang['ACCOUNT_INACTIVE_ADMIN'];
357	$email_template = 'admin_welcome_inactive';
358	}
359	else
360	{
361	$message = $user->lang['ACCOUNT_ADDED'];
362	$email_template = 'user_welcome';
363	}
364
365	if ($config['email_enable'])
366	{
367	include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
368
369	$messenger = new messenger(false);
370
371	$messenger->template($email_template, $data['lang']);
372
373	$messenger->to($data['email'], $data['username']);
374
375	$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
376	$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
377	$messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
378	$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
379
380	$messenger->assign_vars(array(
381	'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
382	'USERNAME' => htmlspecialchars_decode($data['username']),
383	'PASSWORD' => htmlspecialchars_decode($data['new_password']),
384	'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
385	);
386
387	if ($coppa)
388	{
389	$messenger->assign_vars(array(
390	'FAX_INFO' => $config['coppa_fax'],
391	'MAIL_INFO' => $config['coppa_mail'],
392	'EMAIL_ADDRESS' => $data['email'])
393	);
394	}
395
396	$messenger->send(NOTIFY_EMAIL);
397
398	if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
399	{
400	// Grab an array of user_id's with a_user permissions ... these users can activate a user
401	$admin_ary = $auth->acl_get_list(false, 'a_user', false);
402	$admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array();
403
404	// Also include founders
405	$where_sql = ' WHERE user_type = ' . USER_FOUNDER;
406
407	if (sizeof($admin_ary))
408	{
409	$where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary);
410	}
411
412	$sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type
413	FROM ' . USERS_TABLE . ' ' .
414	$where_sql;
415	$result = $db->sql_query($sql);
416
417	while ($row = $db->sql_fetchrow($result))
418	{
419	$messenger->template('admin_activate', $row['user_lang']);
420	$messenger->to($row['user_email'], $row['username']);
421	$messenger->im($row['user_jabber'], $row['username']);
422
423	$messenger->assign_vars(array(
424	'USERNAME' => htmlspecialchars_decode($data['username']),
425	'U_USER_DETAILS' => "$server_url/memberlist.$phpEx?mode=viewprofile&u=$user_id",
426	'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
427	);
428
429	$messenger->send($row['user_notify_type']);
430	}
431	$db->sql_freeresult($result);
432	}
433	}
434
435	$message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
436	trigger_error($message);
437	}
438	}
439
440	$s_hidden_fields = array(
441	'agreed' => 'true',
442	'change_lang' => 0,
443	);
444
445	if ($config['coppa_enable'])
446	{
447	$s_hidden_fields['coppa'] = $coppa;
448	}
449	$s_hidden_fields = build_hidden_fields($s_hidden_fields);
450
451	$confirm_image = '';
452
453	// Visual Confirmation - Show images
454	if ($config['enable_confirm'])
455	{
456	$str = '';
457	if (!$change_lang)
458	{
459	$user->confirm_gc(CONFIRM_REG);
460
461	$sql = 'SELECT COUNT(session_id) AS attempts
462	FROM ' . CONFIRM_TABLE . "
463	WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
464	AND confirm_type = " . CONFIRM_REG;
465	$result = $db->sql_query($sql);
466	$attempts = (int) $db->sql_fetchfield('attempts');
467	$db->sql_freeresult($result);
468
469	if ($config['max_reg_attempts'] && $attempts > $config['max_reg_attempts'])
470	{
471	trigger_error('TOO_MANY_REGISTERS');
472	}
473
474	$code = gen_rand_string(mt_rand(5, 8));
475	$confirm_id = md5(unique_id($user->ip));
476	$seed = hexdec(substr(unique_id(), 4, 10));
477
478	// compute $seed % 0x7fffffff
479	$seed -= 0x7fffffff * floor($seed / 0x7fffffff);
480
481	$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
482	'confirm_id' => (string) $confirm_id,
483	'session_id' => (string) $user->session_id,
484	'confirm_type' => (int) CONFIRM_REG,
485	'code' => (string) $code,
486	'seed' => (int) $seed)
487	);
488	$db->sql_query($sql);
489	}
490	else
491	{
492	$str .= '&change_lang=' . $change_lang;
493	}
494
495	$confirm_image = '<img src="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=confirm&id=' . $confirm_id . '&type=' . CONFIRM_REG . $str) . '" alt="" title="" />';
496	$s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />';
497	}
498
499	//
500	$l_reg_cond = '';
501	switch ($config['require_activation'])
502	{
503	case USER_ACTIVATION_SELF:
504	$l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE'];
505	break;
506
507	case USER_ACTIVATION_ADMIN:
508	$l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE'];
509	break;
510	}
511
512	$template->assign_vars(array(
513	'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
514	'USERNAME' => $data['username'],
515	'PASSWORD' => $data['new_password'],
516	'PASSWORD_CONFIRM' => $data['password_confirm'],
517	'EMAIL' => $data['email'],
518	'EMAIL_CONFIRM' => $data['email_confirm'],
519	'CONFIRM_IMG' => $confirm_image,
520
521	'L_CONFIRM_EXPLAIN' => sprintf($user->lang['CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'),
522	'L_REG_COND' => $l_reg_cond,
523	'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
524	'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
525
526	'S_LANG_OPTIONS' => language_select($data['lang']),
527	'S_TZ_OPTIONS' => tz_select($data['tz']),
528	'S_CONFIRM_CODE' => ($config['enable_confirm']) ? true : false,
529	'S_COPPA' => $coppa,
530	'S_HIDDEN_FIELDS' => $s_hidden_fields,
531	'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),
532	'S_TIME' => 1000 * ((int) $config['min_time_reg']),
533	)
534	);
535
536	//
537	$user->profile_fields = array();
538
539	// Generate profile fields -> Template Block Variable profile_fields
540	$cp->generate_profile_fields('register', $user->get_iso_lang_id());
541
542	//
543	$this->tpl_name = 'ucp_register';
544	$this->page_title = 'UCP_REGISTRATION';
545	}
546	}
547
548	?>