/**
* create() - Create a new user.
*
* @param string The unix username.
* @param string The real firstname.
* @param string The real lastname.
* @param string The first password.
* @param string The confirmation password.
* @param string The users email address.
* @param string The users preferred default language.
* @param string The users preferred default timezone.
* @param string The users preference for receiving site updates by email.
* @param string The users preference for receiving community updates by email.
* @param int The ID of the language preference.
* @param string The users preferred timezone.
* @param string The users Jabber address.
* @param int The users Jabber preference.
* @param int The users theme_id.
* @param string The users unix_box.
* @param string The users address.
* @param string The users address part 2.
* @param string The users phone.
* @param string The users fax.
* @param string The users title.
* @param char(2) The users ISO country_code.
* @param bool Whether to send an email or not
* @returns The newly created user ID
*
*/
function create($unix_name, $firstname, $lastname, $password1, $password2, $email, $mail_site, $mail_va, $language_id, $timezone, $jabber_address, $jabber_only, $theme_id, $unix_box = 'shell', $address = '', $address2 = '', $phone = '', $fax = '', $title = '', $ccode = 'US', $send_mail = true)
{
if (!$theme_id) {
$this->setError(_('You must supply a theme'));
return false;
}
if (!$unix_name) {
$this->setError(_('You must supply a username'));
return false;
}
if (!$firstname) {
$this->setError(_('You must supply a first name'));
return false;
}
if (!$lastname) {
$this->setError(_('You must supply a last name'));
return false;
}
if (!$password1) {
$this->setError(_('You must supply a password'));
return false;
}
if ($password1 != $password2) {
$this->setError(_('Passwords do not match'));
return false;
}
if (!account_pwvalid($password1)) {
$this->setError(_('Invalid Password:'******'Invalid Unix Name.'));
return false;
}
if (!validate_email($email)) {
$this->setError(_('Invalid Email Address'));
return false;
}
if ($jabber_address && !validate_email($jabber_address)) {
$this->setError(_('Invalid Jabber Address'));
return false;
}
if (!$jabber_only) {
$jabber_only = 0;
} else {
$jabber_only = 1;
}
if (db_numrows(db_query("SELECT user_id FROM users WHERE user_name LIKE '{$unix_name}'")) > 0) {
$this->setError(_('That username already exists.'));
return false;
}
if ($GLOBALS['sys_require_unique_email']) {
if (db_numrows(db_query("SELECT user_id FROM users WHERE email='{$email}'")) > 0) {
$this->setError(_('User with this email already exists - use people search to recover your login.'));
return false;
}
}
// if we got this far, it must be good
$confirm_hash = substr(md5($password1 . rand() . microtime()), 0, 16);
db_begin();
$sql = "INSERT INTO users (user_name,user_pw,unix_pw,realname,firstname,lastname,email,add_date,\n\t\t\tstatus,confirm_hash,mail_siteupdates,mail_va,language,timezone,jabber_address,jabber_only,\n\t\t\tunix_box,address,address2,phone,fax,title,ccode,theme_id) \n\t\t\tVALUES ('{$unix_name}',\n\t\t\t'" . md5($password1) . "',\n\t\t\t'" . account_genunixpw($password1) . "',\n\t\t\t'" . htmlspecialchars($firstname . ' ' . $lastname) . "',\n\t\t\t'" . htmlspecialchars($firstname) . "',\n\t\t\t'" . htmlspecialchars($lastname) . "',\n\t\t\t'{$email}',\n\t\t\t'" . time() . "',\n\t\t\t'P',\n\t\t\t'{$confirm_hash}',\n\t\t\t'" . ($mail_site ? "1" : "0") . "',\n\t\t\t'" . ($mail_va ? "1" : "0") . "',\n\t\t\t'{$language_id}',\n\t\t\t'{$timezone}',\n\t\t\t'{$jabber_address}',\n\t\t\t'{$jabber_only}',\n\t\t\t'{$unix_box}',\n\t\t\t'" . htmlspecialchars($address) . "',\n\t\t\t'" . htmlspecialchars($address2) . "',\n\t\t\t'" . htmlspecialchars($phone) . "',\n\t\t\t'" . htmlspecialchars($fax) . "',\n\t\t\t'" . htmlspecialchars($title) . "',\n\t\t\t'{$ccode}',\n\t\t\t'{$theme_id}')";
$result = db_query($sql);
if (!$result) {
$this->setError(_('Insert Failed') . db_error() . $sql);
db_rollback();
return false;
} else {
$id = db_insertid($result, 'users', 'user_id');
if (!$id) {
$this->setError('Could Not Get USERID: ' . db_error());
db_rollback();
return false;
}
// send mail
if (!$this->fetchData($id)) {
db_rollback();
return false;
}
$hook_params = array();
$hook_params['user'] = $this;
$hook_params['user_id'] = $this->getID();
$hook_params['user_name'] = $unix_name;
$hook_params['user_password'] = $password1;
plugin_hook("user_create", $hook_params);
if ($send_mail) {
setup_gettext_from_lang_id($language_id);
$this->sendRegistrationEmail();
setup_gettext_from_browser();
}
db_commit();
return $id;
}
}
$mail->AddBCC($tbl_admins['email']);
}
$copyAdmins = "Yes";
}
// initial message
$message = $lang[REG_NEW];
if ($_POST['registerSubmit']) {
global $feedback, $hidden_hash_var, $db_link;
$username = $_POST['username'];
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
$email = $_POST['email'];
//all vars present and passwords match?
if ($username && $password1 && $password1 == $password2 && $email && validate_email($email)) {
//password and name are valid?
if (account_namevalid($username) && account_pwvalid($password1)) {
$username = strtolower($username);
//does the name exist in the database?
$sql = "SELECT * FROM " . TABLE_USERS . " WHERE username='******'";
$result = mysql_query($sql, $db_link);
if ($result && mysql_numrows($result) > 0) {
$feedback .= "ERR_USERNAME_RESERVED";
} else {
//create a new hash to insert into the db and the confirmation email
$hash = md5($email . $hidden_hash_var);
$sql = "INSERT INTO " . TABLE_USERS . " (username, usertype, password, email, confirm_hash, is_confirmed) " . "VALUES ('{$username}','user','" . md5($password1) . "','{$email}', '{$hash}','0')";
$result = mysql_query($sql, $db_link);
if (!$result) {
$feedback .= ' MySQL ERROR - ' . mysql_error();
} else {
//send the confirm email
function account_groupnamevalid($name)
{
if (!account_namevalid($name)) {
return 0;
}
// illegal names
if (eregi("^((www[0-9]?)|(cvs[0-9]?)|(shell[0-9]?)|(ftp[0-9]?)|(irc[0-9]?)|(news[0-9]?)" . "|(mail[0-9]?)|(ns[0-9]?)|(download[0-9]?)|(pub)|(users)|(compile)|(lists)" . "|(slayer)|(orbital)|(tokyojoe)|(webdev)|(projects)|(cvs)|(slayer)|(monitor)|(backup)|(mirrors?))\$", $name)) {
$GLOBALS['register_error'] = "Name is reserved for DNS purposes.";
return 0;
}
if (eregi("_", $name)) {
$GLOBALS['register_error'] = "Group name cannot contain underscore for DNS reasons.";
return 0;
}
return 1;
}
//
// SourceForge: Breaking Down the Barriers to Open Source Development
// Copyright 1999-2000 (c) The SourceForge Crew
// http://sourceforge.net
//
// $Id: editaliases-new.php,v 1.2 2003/11/13 11:29:26 helix Exp $
require "pre.php";
require "account.php";
require $DOCUMENT_ROOT . '/project/admin/project_admin_utils.php';
session_require(array('group' => $group_id, 'admin_flags' => 'A'));
if ($GLOBALS[Submit]) {
/*
PROBLEM - no feedbacks or checks for success/failure
*/
if (account_namevalid(strtolower($form_username))) {
$res_domain = db_query("SELECT http_domain FROM groups WHERE group_id={$group_id}");
$row_domain = db_fetch_array($res_domain);
$res = db_query("INSERT INTO mailaliases (group_id,domain,user_name,email_forward) VALUES " . "({$group_id},'{$row_domain['http_domain']}','" . strtolower($form_username) . "','{$form_email}')");
if (!$res) {
exit_error('Error in Query', 'This database query had an unknown failure. Please email
admin@' . $GLOBALS['sys_default_domain'] . ' with details of the problem.');
}
session_redirect("/project/admin/editaliases.php?group_id={$group_id}");
}
}
project_admin_header(array('title' => 'Add Mail Alias', 'group' => $group_id));
?>
<P>Add email alias/forward for project: <B><?php
html_a_group($group_id);
?>
function user_register($user_name, $password1, $password2, $email, $real_name)
{
global $feedback, $hidden_hash_var;
//all vars present and passwords match?
if ($user_name && $password1 && $password1 == $password2 && $email && validate_email($email)) {
//password and name are valid?
if (account_namevalid($user_name) && account_pwvalid($password1)) {
$user_name = strtolower($user_name);
$password1 = strtolower($password1);
//does the name exist in the database?
$sql = "SELECT * FROM user WHERE user_name='{$user_name}'";
$result = db_query($sql);
if ($result && db_numrows($result) > 0) {
$feedback .= ' ERROR - USER NAME EXISTS ';
return false;
} else {
//create a new hash to insert into the db and the confirmation email
$hash = md5($email . $hidden_hash_var);
$sql = "INSERT INTO user (user_name,real_name,password,email,remote_addr,confirm_hash,is_confirmed) " . "VALUES ('{$user_name}','{$real_name}','" . md5($password1) . "','{$email}','{$GLOBALS['REMOTE_ADDR']}','{$hash}','0')";
$result = db_query($sql);
if (!$result) {
$feedback .= ' ERROR - ' . db_error();
return false;
} else {
//send the confirm email
user_send_confirm_email($email, $hash);
$feedback .= ' Successfully Registered. You Should Have a Confirmation Email Waiting ';
return true;
}
}
} else {
$feedback .= ' Account Name or Password Invalid ';
return false;
}
} else {
$feedback .= ' ERROR - Must Fill In User Name, Matching Passwords, And Provide Valid Email Address ';
return false;
}
}