-
Notifications
You must be signed in to change notification settings - Fork 4
/
register.php
171 lines (149 loc) · 6.44 KB
/
register.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
<?php
/* vim:set softtabstop=4 shiftwidth=4 expandtab: */
/**
*
* LICENSE: GNU Affero General Public License, version 3 (AGPLv3)
* Copyright 2001 - 2015 Ampache.org
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
define('NO_SESSION','1');
$_SESSION['login'] = true;
require_once 'lib/init.php';
/* Check Perms */
if (!AmpConfig::get('allow_public_registration') || AmpConfig::get('demo_mode')) {
debug_event('DENIED','Error Attempted registration','1');
UI::access_denied();
exit();
}
/* Don't even include it if we aren't going to use it */
if (AmpConfig::get('captcha_public_reg')) {
define ("CAPTCHA_INVERSE", 1);
define ("CAPTCHA_BASE_URL", AmpConfig::get('web_path') . '/modules/captcha/captcha.php');
require_once AmpConfig::get('prefix') . '/modules/captcha/captcha.php';
}
/* Start switch based on action passed */
switch ($_REQUEST['action']) {
case 'validate':
$username = scrub_in($_GET['username']);
$validation = scrub_in($_GET['auth']);
require_once AmpConfig::get('prefix') . UI::find_template('show_user_activate.inc.php');
break;
case 'add_user':
/**
* User information has been entered
* we need to check the database for possible existing username first
* if username exists, error and say "Please choose a different name."
* if username does not exist, insert user information into database
* then allow the user to 'click here to login'
* possibly by logging them in right then and there with their current info
* and 'click here to login' would just be a link back to index.php
*/
$fullname = scrub_in($_POST['fullname']);
$username = scrub_in($_POST['username']);
$email = scrub_in($_POST['email']);
$website = scrub_in($_POST['website']);
$pass1 = $_POST['password_1'];
$pass2 = $_POST['password_2'];
$state = (string) scrub_in($_POST['state']);
$city = (string) scrub_in($_POST['city']);
/* If we're using the captcha stuff */
if (AmpConfig::get('captcha_public_reg')) {
$captcha = captcha::solved();
if (!isset ($captcha)) {
AmpError::add('captcha', T_('Error Captcha Required'));
}
if (isset ($captcha)) {
if ($captcha) {
$msg="SUCCESS";
} else {
AmpError::add('captcha', T_('Error Captcha Failed'));
}
} // end if we've got captcha
} // end if it's enabled
if (AmpConfig::get('user_agreement')) {
if (!$_POST['accept_agreement']) {
AmpError::add('user_agreement', T_("You <U>must</U> accept the user agreement"));
}
} // if they have to agree to something
if (!$_POST['username']) {
AmpError::add('username', T_("You did not enter a username"));
}
// Check the mail for correct address formation.
if (!Mailer::validate_address($email)) {
AmpError::add('email', T_('Invalid email address'));
}
$mandatory_fields = (array) AmpConfig::get('registration_mandatory_fields');
if (in_array('fullname', $mandatory_fields) && !$fullname) {
AmpError::add('fullname', T_("Please fill in your full name (Firstname Lastname)"));
}
if (in_array('website', $mandatory_fields) && !$website) {
AmpError::add('website', T_("Please fill in your website"));
}
if (in_array('state', $mandatory_fields) && !$state) {
AmpError::add('state', T_("Please fill in your state"));
}
if (in_array('city', $mandatory_fields) && !$city) {
AmpError::add('city', T_("Please fill in your city"));
}
if (!$pass1) {
AmpError::add('password', T_("You must enter a password"));
}
if ($pass1 != $pass2) {
AmpError::add('password', T_("Your passwords do not match"));
}
if (!User::check_username($username)) {
AmpError::add('duplicate_user', T_("Error Username already exists"));
}
// If we've hit an error anywhere up there break!
if (AmpError::occurred()) {
require_once AmpConfig::get('prefix') . UI::find_template('show_user_registration.inc.php');
break;
}
/* Attempt to create the new user */
$access = '5';
switch (AmpConfig::get('auto_user')) {
case 'admin':
$access = '100';
break;
case 'user':
$access = '25';
break;
case 'guest':
default:
$access = '5';
break;
} // auto-user level
$new_user = User::create($username, $fullname, $email, $website, $pass1,
$access, $state, $city, AmpConfig::get('admin_enable_required'));
if (!$new_user) {
AmpError::add('duplicate_user', T_("Error: Insert Failed"));
require_once AmpConfig::get('prefix') . UI::find_template('show_user_registration.inc.php');
break;
}
if (!AmpConfig::get('user_no_email_confirm')) {
$client = new User($new_user);
$validation = md5(uniqid(rand(), true));
$client->update_validation($validation);
// Notify user and/or admins
Registration::send_confirmation($username, $fullname, $email, $website, $pass1, $validation);
}
require_once AmpConfig::get('prefix') . UI::find_template('show_registration_confirmation.inc.php');
break;
case 'show_add_user':
default:
require_once AmpConfig::get('prefix') . UI::find_template('show_user_registration.inc.php');
break;
} // end switch on action