function validate_member($use_screen_name = 'yes')
{
/** -------------------------------------
/** Instantiate validation class
/** -------------------------------------*/
if (!class_exists('EE_Validate')) {
require APPPATH . 'libraries/Validate' . EXT;
}
$VAL = new EE_Validate(array('member_id' => '', 'val_type' => 'new', 'fetch_lang' => TRUE, 'require_cpw' => FALSE, 'enable_log' => FALSE, 'username' => $_POST['username'], 'cur_username' => '', 'screen_name' => $_POST['screen_name'], 'cur_screen_name' => '', 'password' => $_POST['password'], 'password_confirm' => $_POST['password_confirm'], 'cur_password' => '', 'email' => $_POST['email'], 'cur_email' => ''));
$VAL->validate_username();
$VAL->validate_email();
$VAL->validate_password();
if ($use_screen_name == 'yes') {
$VAL->validate_screen_name();
}
// Display errors if there are any
if (count($VAL->errors) > 0) {
return array('result' => 'failed', 'errors' => $VAL->errors);
} else {
return TRUE;
}
}
/** ----------------------------------
/** Update the username/password
/** ----------------------------------*/
function update_un_pw()
{
ee()->load->library('auth');
// Run through basic verifications: authenticate, username and
// password both exist, not banned, IP checking is okay
if (!($verify_result = ee()->auth->verify())) {
// In the event it's a string, send it to show_user_error
return ee()->output->show_user_error('submission', implode(', ', ee()->auth->errors));
}
list($username, $password, $incoming) = $verify_result;
$member_id = $incoming->member('member_id');
/** -------------------------------------
/** Instantiate validation class
/** -------------------------------------*/
if (!class_exists('EE_Validate')) {
require APPPATH . 'libraries/Validate.php';
}
$new_un = (string) ee()->input->post('new_username');
$new_pw = (string) ee()->input->post('new_password');
$new_pwc = (string) ee()->input->post('new_password_confirm');
$VAL = new EE_Validate(array('val_type' => 'new', 'fetch_lang' => TRUE, 'require_cpw' => FALSE, 'enable_log' => FALSE, 'username' => $new_un, 'password' => $new_pw, 'password_confirm' => $new_pwc, 'cur_password' => $password));
$un_exists = $new_un !== '' ? TRUE : FALSE;
$pw_exists = ($new_pw !== '' and $new_pwc !== '') ? TRUE : FALSE;
if ($un_exists) {
$VAL->validate_username();
}
if ($pw_exists) {
$VAL->validate_password();
}
/** -------------------------------------
/** Display errors if there are any
/** -------------------------------------*/
if (count($VAL->errors) > 0) {
return ee()->output->show_user_error('submission', $VAL->errors);
}
if ($un_exists) {
ee()->auth->update_username($member_id, $new_un);
}
if ($pw_exists) {
ee()->auth->update_password($member_id, $new_pw);
}
// Clear the tracker cookie since we're not sure where the redirect should go
ee()->input->delete_cookie('tracker');
$return = ee()->functions->form_backtrack();
if (ee()->config->item('website_session_type') != 'c') {
if (ee()->config->item('force_query_string') == 'y' && substr($return, 0, -3) == "php") {
$return .= '?';
}
if (ee()->session->userdata['session_id'] != '') {
$return .= "/S=" . ee()->session->userdata['session_id'] . "/";
}
}
if (ee()->uri->segment(5)) {
$link = ee()->functions->create_url(ee()->uri->segment(5));
$line = lang('return_to_forum');
} else {
$link = $this->_member_path('login');
$line = lang('return_to_login');
}
// We're done.
$data = array('title' => lang('settings_update'), 'heading' => lang('thank_you'), 'content' => lang('unpw_updated'), 'link' => array($link, $line));
ee()->output->show_message($data);
}
/**
* Update the username/password
*
* This function performs the update once the update form is submitted
*
* @access public
* @return mixed
*/
public function update_un_pw()
{
$this->lang->loadfile('member');
$missing = FALSE;
if (!isset($_POST['new_username']) and !isset($_POST['new_password'])) {
return $this->_un_pw_update_form(lang('all_fields_required'));
}
// Run through basic verifications: authenticate, username and
// password both exist, not banned, IP checking is okay
if (!($verify_result = $this->auth->verify())) {
// In the event it's a string, send it to return to login
$this->_return_to_login(implode(', ', $this->auth->errors));
}
list($username, $password, $incoming) = $verify_result;
$member_id = $incoming->member('member_id');
$new_un = (string) $this->input->post('new_username');
$new_pw = (string) $this->input->post('new_password');
$new_pwc = (string) $this->input->post('new_password_confirm');
// Make sure validation library is available
if (!class_exists('EE_Validate')) {
require APPPATH . 'libraries/Validate.php';
}
// Load it up with the information needed
$VAL = new EE_Validate(array('val_type' => 'new', 'fetch_lang' => TRUE, 'require_cpw' => FALSE, 'enable_log' => FALSE, 'username' => $new_un, 'password' => $new_pw, 'password_confirm' => $new_pwc, 'cur_password' => $this->input->post('password')));
$un_exists = FALSE;
if ($new_un !== '') {
$un_exists = $this->input->post('username') === $new_un ? FALSE : TRUE;
}
$pw_exists = ($new_pw !== '' and $new_pwc !== '') ? TRUE : FALSE;
if ($un_exists) {
$VAL->validate_username();
}
if ($pw_exists) {
$VAL->validate_password();
}
// Display error is there are any
if (count($VAL->errors) > 0) {
$er = '';
foreach ($VAL->errors as $val) {
$er .= $val . BR;
}
return $this->_un_pw_update_form($er);
}
if ($un_exists) {
$this->auth->update_username($member_id, $new_un);
}
if ($pw_exists) {
$this->auth->update_password($member_id, $new_pw);
}
// Send them back to login with updated username and password
$this->session->set_flashdata('message', lang('unpw_updated'));
$this->functions->redirect(BASE . AMP . 'C=login');
}
/**
* Update the username/password
*
* This function performs the update once the update form is submitted
*
* @access public
* @return mixed
*/
function update_un_pw()
{
$this->lang->loadfile('member');
$missing = FALSE;
if (!isset($_POST['new_username']) and !isset($_POST['new_password'])) {
$missing = TRUE;
}
if ($missing === TRUE) {
return $this->_un_pw_update_form(lang('all_fields_required'));
}
/** ----------------------------------------
/** Check password lockout status
/** ----------------------------------------*/
if ($this->session->check_password_lockout($this->input->post('username')) === TRUE) {
$line = str_replace("%x", $this->config->item('password_lockout_interval'), lang('password_lockout_in_effect'));
return $this->_un_pw_update_form($line);
}
/** ----------------------------------------
/** Fetch member data
/** ----------------------------------------*/
$this->db->select('member_id, group_id');
$this->db->where('username', $this->input->post('username'));
$this->db->where('password', do_hash(base64_decode($this->input->post('password'))));
$query = $this->db->get('members');
$member_id = $query->row('member_id');
/** ----------------------------------------
/** Invalid Username or Password
/** ----------------------------------------*/
if ($query->num_rows() == 0) {
$this->session->save_password_lockout($this->input->post('username'));
return $this->_un_pw_update_form(lang('invalid_existing_un_pw'));
}
/** ----------------------------------------
/** Is the user banned?
/** ----------------------------------------*/
// Super Admins can't be banned
if ($query->row('group_id') != 1) {
if ($this->session->ban_check()) {
return $this->output->fatal_error(lang('not_authorized'));
}
}
/** -------------------------------------
/** Instantiate validation class
/** -------------------------------------*/
if (!class_exists('EE_Validate')) {
require APPPATH . 'libraries/Validate' . EXT;
}
$new_un = $this->input->post('new_username') ? $this->input->post('new_username') : '';
$new_pw = $this->input->post('new_password') ? $this->input->post('new_password') : '';
$new_pwc = $this->input->post('new_password_confirm') ? $this->input->post('new_password_confirm') : '';
$VAL = new EE_Validate(array('val_type' => 'new', 'fetch_lang' => TRUE, 'require_cpw' => FALSE, 'enable_log' => FALSE, 'username' => $new_un, 'password' => $new_pw, 'password_confirm' => $new_pwc, 'cur_password' => $this->input->post('password')));
if ($this->input->post('new_username') && $this->input->post('new_username') != '') {
if ($this->input->post('username') == $new_un) {
$un_exists = FALSE;
} else {
$un_exists = TRUE;
}
}
$pw_exists = (isset($_POST['new_password']) and $_POST['new_password'] != '') ? TRUE : FALSE;
if ($un_exists) {
$VAL->validate_username();
}
if ($pw_exists) {
$VAL->validate_password();
}
/** -------------------------------------
/** Display error is there are any
/** -------------------------------------*/
if (count($VAL->errors) > 0) {
$er = '';
foreach ($VAL->errors as $val) {
$er .= $val . BR;
}
return $this->_un_pw_update_form($er);
}
if ($un_exists) {
$this->db->set('username', $this->input->post('new_username'));
$this->db->where('member_id', $member_id);
$this->db->update('members');
}
if ($pw_exists) {
$this->load->helper('security');
$this->db->set('password', do_hash($this->input->post('new_password')));
$this->db->where('member_id', $member_id);
$this->db->update('members');
}
$this->session->set_flashdata('message', lang('unpw_updated'));
$this->functions->redirect(BASE . AMP . 'C=login' . AMP . 'M=login_form');
}
/**
* Register Member
*/
public function register_member()
{
// Do we allow new member registrations?
if (ee()->config->item('allow_member_registration') == 'n') {
return FALSE;
}
// Is user banned?
if (ee()->session->userdata('is_banned') === TRUE) {
return ee()->output->show_user_error('general', array(lang('not_authorized')));
}
// Blacklist/Whitelist Check
if (ee()->blacklist->blacklisted == 'y' && ee()->blacklist->whitelisted == 'n') {
return ee()->output->show_user_error('general', array(lang('not_authorized')));
}
ee()->load->helper('url');
// -------------------------------------------
// 'member_member_register_start' hook.
// - Take control of member registration routine
// - Added EE 1.4.2
//
ee()->extensions->call('member_member_register_start');
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
// Set the default globals
$default = array('username', 'password', 'password_confirm', 'email', 'screen_name', 'url', 'location');
foreach ($default as $val) {
if (!isset($_POST[$val])) {
$_POST[$val] = '';
}
}
if ($_POST['screen_name'] == '') {
$_POST['screen_name'] = $_POST['username'];
}
// Instantiate validation class
if (!class_exists('EE_Validate')) {
require APPPATH . 'libraries/Validate.php';
}
$VAL = new EE_Validate(array('member_id' => '', 'val_type' => 'new', 'fetch_lang' => TRUE, 'require_cpw' => FALSE, 'enable_log' => FALSE, 'username' => trim_nbs($_POST['username']), 'cur_username' => '', 'screen_name' => trim_nbs($_POST['screen_name']), 'cur_screen_name' => '', 'password' => $_POST['password'], 'password_confirm' => $_POST['password_confirm'], 'cur_password' => '', 'email' => trim($_POST['email']), 'cur_email' => ''));
$VAL->validate_username();
$VAL->validate_screen_name();
$VAL->validate_password();
$VAL->validate_email();
// Do we have any custom fields?
$query = ee()->db->select('m_field_id, m_field_name, m_field_label, m_field_type, m_field_list_items, m_field_required')->where('m_field_reg', 'y')->get('member_fields');
$cust_errors = array();
$cust_fields = array();
if ($query->num_rows() > 0) {
foreach ($query->result_array() as $row) {
$field_name = 'm_field_id_' . $row['m_field_id'];
// Assume we're going to save this data, unless it's empty to begin with
$valid = isset($_POST[$field_name]) && $_POST[$field_name] != '';
// Basic validations
if ($row['m_field_required'] == 'y' && !$valid) {
$cust_errors[] = lang('mbr_field_required') . ' ' . $row['m_field_label'];
} elseif ($row['m_field_type'] == 'select' && $valid) {
// Ensure their selection is actually a valid choice
$options = explode("\n", $row['m_field_list_items']);
if (!in_array(htmlentities($_POST[$field_name]), $options)) {
$valid = FALSE;
$cust_errors[] = lang('mbr_field_invalid') . ' ' . $row['m_field_label'];
}
}
if ($valid) {
$cust_fields[$field_name] = ee()->security->xss_clean($_POST[$field_name]);
}
}
}
if (isset($_POST['email_confirm']) && $_POST['email'] != $_POST['email_confirm']) {
$cust_errors[] = lang('mbr_emails_not_match');
}
if (ee()->config->item('use_membership_captcha') == 'y') {
if (!isset($_POST['captcha']) or $_POST['captcha'] == '') {
$cust_errors[] = lang('captcha_required');
}
}
if (ee()->config->item('require_terms_of_service') == 'y') {
if (!isset($_POST['accept_terms'])) {
$cust_errors[] = lang('mbr_terms_of_service_required');
}
}
// -------------------------------------------
// 'member_member_register_errors' hook.
// - Additional error checking prior to submission
// - Added EE 2.5.0
//
ee()->extensions->call('member_member_register_errors', $this);
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
$errors = array_merge($VAL->errors, $cust_errors, $this->errors);
// Display error is there are any
if (count($errors) > 0) {
return ee()->output->show_user_error('submission', $errors);
}
// Do we require captcha?
if (ee()->config->item('use_membership_captcha') == 'y') {
$query = ee()->db->query("SELECT COUNT(*) AS count FROM exp_captcha WHERE word='" . ee()->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . ee()->input->ip_address() . "' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0) {
return ee()->output->show_user_error('submission', array(lang('captcha_incorrect')));
}
ee()->db->query("DELETE FROM exp_captcha WHERE (word='" . ee()->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . ee()->input->ip_address() . "') OR date < UNIX_TIMESTAMP()-7200");
}
ee()->load->helper('security');
// Assign the base query data
$data = array('username' => trim_nbs(ee()->input->post('username')), 'password' => sha1($_POST['password']), 'ip_address' => ee()->input->ip_address(), 'unique_id' => ee()->functions->random('encrypt'), 'join_date' => ee()->localize->now, 'email' => trim_nbs(ee()->input->post('email')), 'screen_name' => trim_nbs(ee()->input->post('screen_name')), 'url' => prep_url(ee()->input->post('url')), 'location' => ee()->input->post('location'), 'language' => ee()->config->item('deft_lang') ? ee()->config->item('deft_lang') : 'english', 'date_format' => ee()->config->item('date_format') ? ee()->config->item('date_format') : '%n/%j/%y', 'time_format' => ee()->config->item('time_format') ? ee()->config->item('time_format') : '12', 'include_seconds' => ee()->config->item('include_seconds') ? ee()->config->item('include_seconds') : 'n', 'timezone' => ee()->config->item('default_site_timezone'));
// Set member group
if (ee()->config->item('req_mbr_activation') == 'manual' or ee()->config->item('req_mbr_activation') == 'email') {
$data['group_id'] = 4;
// Pending
} else {
if (ee()->config->item('default_member_group') == '') {
$data['group_id'] = 4;
// Pending
} else {
$data['group_id'] = ee()->config->item('default_member_group');
}
}
// Optional Fields
$optional = array('bio' => 'bio', 'language' => 'deft_lang', 'timezone' => 'server_timezone', 'date_format' => 'date_format', 'time_format' => 'time_format', 'include_seconds' => 'include_seconds');
foreach ($optional as $key => $value) {
if (isset($_POST[$value])) {
$data[$key] = $_POST[$value];
}
}
// We generate an authorization code if the member needs to self-activate
if (ee()->config->item('req_mbr_activation') == 'email') {
$data['authcode'] = ee()->functions->random('alnum', 10);
}
// Insert basic member data
ee()->db->query(ee()->db->insert_string('exp_members', $data));
$member_id = ee()->db->insert_id();
// Insert custom fields
$cust_fields['member_id'] = $member_id;
ee()->db->query(ee()->db->insert_string('exp_member_data', $cust_fields));
// Create a record in the member homepage table
// This is only necessary if the user gains CP access,
// but we'll add the record anyway.
ee()->db->query(ee()->db->insert_string('exp_member_homepage', array('member_id' => $member_id)));
// Mailinglist Subscribe
$mailinglist_subscribe = FALSE;
if (isset($_POST['mailinglist_subscribe']) && is_numeric($_POST['mailinglist_subscribe'])) {
// Kill duplicate emails from authorizatin queue.
ee()->db->where('email', $_POST['email'])->delete('mailing_list_queue');
// Validate Mailing List ID
$query = ee()->db->select('COUNT(*) as count')->where('list_id', $_POST['mailinglist_subscribe'])->get('mailing_lists');
// Email Not Already in Mailing List
$results = ee()->db->select('COUNT(*) as count')->where('email', $_POST['email'])->where('list_id', $_POST['mailinglist_subscribe'])->get('mailing_list');
// INSERT Email
if ($query->row('count') > 0 && $results->row('count') == 0) {
$mailinglist_subscribe = TRUE;
$code = ee()->functions->random('alnum', 10);
if (ee()->config->item('req_mbr_activation') == 'email') {
// Activated When Membership Activated
ee()->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)\r\n\t\t\t\t\t\t\t\tVALUES ('" . ee()->db->escape_str($_POST['email']) . "', '" . ee()->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . time() . "')");
} elseif (ee()->config->item('req_mbr_activation') == 'manual') {
// Mailing List Subscribe Email
ee()->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)\r\n\t\t\t\t\t\t\t\tVALUES ('" . ee()->db->escape_str($_POST['email']) . "', '" . ee()->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . time() . "')");
ee()->lang->loadfile('mailinglist');
$action_id = ee()->functions->fetch_action_id('Mailinglist', 'authorize_email');
$swap = array('activation_url' => ee()->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&id=' . $code, 'site_name' => stripslashes(ee()->config->item('site_name')), 'site_url' => ee()->config->item('site_url'));
$template = ee()->functions->fetch_email_template('mailinglist_activation_instructions');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
// Send email
ee()->load->library('email');
ee()->email->wordwrap = true;
ee()->email->mailtype = 'plain';
ee()->email->priority = '3';
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($_POST['email']);
ee()->email->subject($email_tit);
ee()->email->message($email_msg);
ee()->email->send();
} else {
// Automatically Accepted
ee()->db->query("INSERT INTO exp_mailing_list (list_id, authcode, email, ip_address)\r\n\t\t\t\t\t\t\t\t\t\t VALUES ('" . ee()->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . ee()->db->escape_str($_POST['email']) . "', '" . ee()->db->escape_str(ee()->input->ip_address()) . "')");
}
}
}
// Update
if (ee()->config->item('req_mbr_activation') == 'none') {
ee()->stats->update_member_stats();
}
// Send admin notifications
if (ee()->config->item('new_member_notification') == 'y' && ee()->config->item('mbr_notification_emails') != '') {
$name = $data['screen_name'] != '' ? $data['screen_name'] : $data['username'];
$swap = array('name' => $name, 'site_name' => stripslashes(ee()->config->item('site_name')), 'control_panel_url' => ee()->config->item('cp_url'), 'username' => $data['username'], 'email' => $data['email']);
$template = ee()->functions->fetch_email_template('admin_notify_reg');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
// Remove multiple commas
$notify_address = reduce_multiples(ee()->config->item('mbr_notification_emails'), ',', TRUE);
// Send email
ee()->load->helper('text');
ee()->load->library('email');
ee()->email->wordwrap = true;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($notify_address);
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->Send();
}
// -------------------------------------------
// 'member_member_register' hook.
// - Additional processing when a member is created through the User Side
// - $member_id added in 2.0.1
//
ee()->extensions->call('member_member_register', $data, $member_id);
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
// Send user notifications
if (ee()->config->item('req_mbr_activation') == 'email') {
$action_id = ee()->functions->fetch_action_id('Member', 'activate_member');
$name = $data['screen_name'] != '' ? $data['screen_name'] : $data['username'];
$board_id = ee()->input->get_post('board_id') !== FALSE && is_numeric(ee()->input->get_post('board_id')) ? ee()->input->get_post('board_id') : 1;
$forum_id = ee()->input->get_post('FROM') == 'forum' ? '&r=f&board_id=' . $board_id : '';
$add = $mailinglist_subscribe !== TRUE ? '' : '&mailinglist=' . $_POST['mailinglist_subscribe'];
$swap = array('name' => $name, 'activation_url' => ee()->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&id=' . $data['authcode'] . $forum_id . $add, 'site_name' => stripslashes(ee()->config->item('site_name')), 'site_url' => ee()->config->item('site_url'), 'username' => $data['username'], 'email' => $data['email']);
$template = ee()->functions->fetch_email_template('mbr_activation_instructions');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
// Send email
ee()->load->helper('text');
ee()->load->library('email');
ee()->email->wordwrap = true;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($data['email']);
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->Send();
$message = lang('mbr_membership_instructions_email');
} elseif (ee()->config->item('req_mbr_activation') == 'manual') {
$message = lang('mbr_admin_will_activate');
} else {
// Log user in (the extra query is a little annoying)
ee()->load->library('auth');
$member_data_q = ee()->db->get_where('members', array('member_id' => $member_id));
$incoming = new Auth_result($member_data_q->row());
$incoming->remember_me();
$incoming->start_session();
$message = lang('mbr_your_are_logged_in');
}
// Build the message
if (ee()->input->get_post('FROM') == 'forum') {
$query = $this->_do_form_query();
$site_name = $query->row('board_label');
$return = $query->row('board_forum_url');
} else {
$site_name = ee()->config->item('site_name') == '' ? lang('back') : stripslashes(ee()->config->item('site_name'));
$return = ee()->config->item('site_url');
}
$data = array('title' => lang('mbr_registration_complete'), 'heading' => lang('thank_you'), 'content' => lang('mbr_registration_completed') . "\n\n" . $message, 'redirect' => '', 'link' => array($return, $site_name));
ee()->output->show_message($data);
}
function register_member($ext, $doRegister = TRUE, $error_handling = '')
{
$this->EE->load->helper('security');
$inline_errors = array();
//$this->EE->load->language("member");
/** -------------------------------------
/** Do we allow new member registrations?
/** ------------------------------------*/
if ($this->EE->config->item('allow_member_registration') == 'n') {
return array('general', array($this->EE->lang->line('member_registrations_not_allowed')));
}
/** ----------------------------------------
/** Is user banned?
/** ----------------------------------------*/
if ($this->EE->session->userdata['is_banned'] == TRUE) {
return array('general', array($this->EE->lang->line('not_authorized')));
}
/** ----------------------------------------
/** Blacklist/Whitelist Check
/** ----------------------------------------*/
if ($this->EE->blacklist->blacklisted == 'y' && $this->EE->blacklist->whitelisted == 'n') {
return array('general', array($this->EE->lang->line('not_authorized')));
}
$this->EE->load->helper('url');
/* -------------------------------------------
/* 'member_member_register_start' hook.
/* - Take control of member registration routine
/* - Added EE 1.4.2
*/
$edata = $this->EE->extensions->call('member_member_register_start');
if ($this->EE->extensions->end_script === TRUE) {
return;
}
/*
/* -------------------------------------------*/
/** ----------------------------------------
/** Set the default globals
/** ----------------------------------------*/
$default = array('username', 'password', 'password_confirm', 'email', 'screen_name', 'url', 'location');
foreach ($default as $val) {
if (!isset($_POST[$val])) {
$_POST[$val] = '';
}
}
if ($_POST['screen_name'] == '') {
$_POST['screen_name'] = $_POST['username'];
}
/** -------------------------------------
/** Instantiate validation class
/** -------------------------------------*/
if (!class_exists('EE_Validate')) {
require APPPATH . 'libraries/Validate' . EXT;
}
$VAL = new EE_Validate(array('member_id' => '', 'val_type' => 'new', 'fetch_lang' => TRUE, 'require_cpw' => FALSE, 'enable_log' => FALSE, 'username' => $_POST['username'], 'cur_username' => '', 'screen_name' => $_POST['screen_name'], 'cur_screen_name' => '', 'password' => $_POST['password'], 'password_confirm' => $_POST['password_confirm'], 'cur_password' => '', 'email' => $_POST['email'], 'cur_email' => ''));
// load the language file
$this->EE->lang->loadfile('zoo_visitor');
$VAL->validate_email();
$inline_errors["email"] = $VAL->errors;
$offset = count($VAL->errors);
/** -------------------------------------
/** Zoo Visitor conditional checking
/** -------------------------------------*/
if ($this->zoo_settings['email_is_username'] != 'yes') {
$VAL->validate_username();
$inline_errors["username"] = array_slice($VAL->errors, $offset);
$offset = count($VAL->errors);
}
if ($this->zoo_settings['use_screen_name'] != "no") {
$VAL->validate_screen_name();
$inline_errors["screen_name"] = array_slice($VAL->errors, $offset);
$offset = count($VAL->errors);
}
$VAL->validate_password();
$inline_errors["password"] = array_slice($VAL->errors, $offset);
$offset = count($VAL->errors);
/** -------------------------------------
/** Do we have any custom fields?
/** -------------------------------------*/
$query = $this->EE->db->query("SELECT m_field_id, m_field_name, m_field_label, m_field_required FROM exp_member_fields");
$cust_errors = array();
$cust_fields = array();
if ($query->num_rows() > 0) {
foreach ($query->result_array() as $row) {
if ($row['m_field_required'] == 'y' && (!isset($_POST['m_field_id_' . $row['m_field_id']]) or $_POST['m_field_id_' . $row['m_field_id']] == '')) {
$cust_errors[] = $this->EE->lang->line('mbr_field_required') . ' ' . $row['m_field_label'];
$inline_errors[$row['m_field_name']] = array($this->EE->lang->line('mbr_field_required') . ' ' . $row['m_field_label']);
} elseif (isset($_POST['m_field_id_' . $row['m_field_id']])) {
$cust_fields['m_field_id_' . $row['m_field_id']] = $this->EE->security->xss_clean($_POST['m_field_id_' . $row['m_field_id']]);
}
}
}
if (isset($_POST['email_confirm']) && $_POST['email'] != $_POST['email_confirm']) {
$cust_errors[] = $this->EE->lang->line('mbr_emails_not_match');
$inline_errors["email_confirm"] = array($this->EE->lang->line('mbr_emails_not_match'));
}
if ($this->EE->config->item('use_membership_captcha') == 'y') {
if (!isset($_POST['captcha']) or $_POST['captcha'] == '') {
$cust_errors[] = $this->EE->lang->line('captcha_required');
$inline_errors["captcha"] = array($this->EE->lang->line('captcha_required'));
}
}
/** ----------------------------------------
/** Do we require captcha?
/** ----------------------------------------*/
if ($this->EE->config->item('use_membership_captcha') == 'y') {
$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_captcha WHERE word='" . $this->EE->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0) {
$cust_errors[] = $this->EE->lang->line('captcha_incorrect');
$inline_errors["captcha"] = array($this->EE->lang->line('captcha_incorrect'));
}
//$this->EE->db->query("DELETE FROM exp_captcha WHERE (word='" . $this->EE->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "') OR date < UNIX_TIMESTAMP()-7200");
}
if ($this->EE->config->item('require_terms_of_service') == 'y') {
if (!isset($_POST['accept_terms'])) {
$cust_errors[] = $this->EE->lang->line('mbr_terms_of_service_required');
$inline_errors["accept_terms"] = array($this->EE->lang->line('mbr_terms_of_service_required'));
}
}
$errors = array_merge($VAL->errors, $cust_errors);
// ===========================
// = Set default membergroup =
// ===========================
if ($this->EE->config->item('req_mbr_activation') == 'manual' or $this->EE->config->item('req_mbr_activation') == 'email') {
$data['group_id'] = 4;
// Pending
} else {
if ($this->EE->config->item('default_member_group') == '') {
$data['group_id'] = 4;
// Pending
} else {
$data['group_id'] = $this->EE->config->item('default_member_group');
}
}
// ============================================
// = Check if there is a membergroup selected =
// ============================================
$selected_group_id = $this->check_membergroup_change($data);
/** -------------------------------------
/** Display error is there are any
/** -------------------------------------*/
if (count($errors) > 0) {
return array('submission', $inline_errors);
//return array('submission', $errors);
}
if (!$doRegister) {
return TRUE;
}
/** ----------------------------------------
/** Secure Mode Forms?
/** ----------------------------------------*/
if ($this->EE->config->item('secure_forms') == 'y') {
if (version_compare(APP_VER, '2.5.4', '>=')) {
// Secure Mode Forms?
if ($this->EE->config->item('secure_forms') == 'y' and !$this->EE->security->secure_forms_check($this->EE->input->post('XID'))) {
return $this->EE->output->show_user_error('general', array(lang('not_authorized')));
}
} else {
$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_security_hashes WHERE hash='" . $this->EE->db->escape_str($_POST['XID']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "' AND ip_address = '" . $this->EE->input->ip_address() . "' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0) {
return array('general', array($this->EE->lang->line('not_authorized')));
}
$this->EE->db->query("DELETE FROM exp_security_hashes WHERE (hash='" . $this->EE->db->escape_str($_POST['XID']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "') OR date < UNIX_TIMESTAMP()-7200");
}
}
/** -------------------------------------
/** Assign the base query data
/** -------------------------------------*/
$data['username'] = $_POST['username'];
$data['password'] = version_compare(APP_VER, '2.6.0', '<') ? $this->EE->functions->hash(stripslashes($_POST['password'])) : do_hash(stripslashes($_POST['password']));
$data['ip_address'] = $this->EE->input->ip_address();
$data['unique_id'] = $this->EE->functions->random('encrypt');
$data['join_date'] = $this->EE->localize->now;
$data['email'] = $_POST['email'];
$data['screen_name'] = $_POST['screen_name'];
$data['url'] = prep_url($_POST['url']);
$data['location'] = $_POST['location'];
// overridden below if used as optional fields
$data['language'] = $this->EE->config->item('deft_lang') ? $this->EE->config->item('deft_lang') : 'english';
$data['time_format'] = $this->EE->config->item('time_format') ? $this->EE->config->item('time_format') : 'us';
$data['timezone'] = $this->EE->config->item('default_site_timezone') && $this->EE->config->item('default_site_timezone') != '' ? $this->EE->config->item('default_site_timezone') : $this->EE->config->item('server_timezone');
if (APP_VER < '2.6.0') {
$data['daylight_savings'] = $this->EE->config->item('default_site_dst') && $this->EE->config->item('default_site_dst') != '' ? $this->EE->config->item('default_site_dst') : $this->EE->config->item('daylight_savings');
}
// ==========================
// = Standard member fields =
// ==========================
$fields = array('bday_y', 'bday_m', 'bday_d', 'url', 'location', 'occupation', 'interests', 'aol_im', 'icq', 'yahoo_im', 'msn_im', 'bio');
foreach ($fields as $val) {
if ($this->EE->input->post($val)) {
$data[$val] = isset($_POST[$val]) ? $this->EE->security->xss_clean($_POST[$val]) : '';
unset($_POST[$val]);
}
}
if (isset($data['bday_d']) && is_numeric($data['bday_d']) && is_numeric($data['bday_m'])) {
$year = $data['bday_y'] != '' ? $data['bday_y'] : date('Y');
$mdays = $this->EE->localize->fetch_days_in_month($data['bday_m'], $year);
if ($data['bday_d'] > $mdays) {
$data['bday_d'] = $mdays;
}
}
// Optional Fields
$optional = array('bio' => 'bio', 'language' => 'deft_lang', 'timezone' => 'server_timezone', 'time_format' => 'time_format');
foreach ($optional as $key => $value) {
if (isset($_POST[$value])) {
$data[$key] = $_POST[$value];
}
}
/*
if ($this->EE->input->post('daylight_savings') == 'y') {
$data['daylight_savings'] = 'y';
}
elseif ($this->EE->input->post('daylight_savings') == 'n') {
$data['daylight_savings'] = 'n';
}
*/
// We generate an authorization code if the member needs to self-activate
if ($this->EE->config->item('req_mbr_activation') == 'email') {
$data['authcode'] = $this->EE->functions->random('alnum', 10);
}
/** -------------------------------------
/** Insert basic member data
/** -------------------------------------*/
$this->EE->db->query($this->EE->db->insert_string('exp_members', $data));
$member_id = $this->EE->db->insert_id();
// =============================================
// = Override the screenname for use in emails =
// =============================================
$screen_name_overriden = $this->get_override_screen_name();
$data['screen_name'] = $screen_name_overriden !== FALSE ? $screen_name_overriden : $data['screen_name'];
// =========================================================================================
// = Store the selected membergroup if it is defined in the form AND activation is required =
// ==========================================================================================
if (isset($selected_group_id) and is_numeric($selected_group_id) and $selected_group_id != '1') {
if ($this->EE->config->item('req_mbr_activation') == 'email' || $this->EE->config->item('req_mbr_activation') == 'manual') {
$activation_data = array();
$activation_data['member_id'] = $member_id;
$activation_data['group_id'] = $selected_group_id;
$this->EE->db->insert('zoo_visitor_activation_membergroup', $activation_data);
}
}
// =====================
// = HASH THE PASSWORD =
// =====================
$this->EE->load->library('auth');
$hashed_pair = $this->EE->auth->hash_password($_POST['password']);
if ($hashed_pair === FALSE) {
} else {
$this->EE->db->where('member_id', (int) $member_id);
$this->EE->db->update('members', $hashed_pair);
}
/** -------------------------------------
/** Insert custom fields
/** -------------------------------------*/
$cust_fields['member_id'] = $member_id;
$this->EE->db->query($this->EE->db->insert_string('exp_member_data', $cust_fields));
/** -------------------------------------
/** Create a record in the member homepage table
/** -------------------------------------*/
// This is only necessary if the user gains CP access, but we'll add the record anyway.
$this->EE->db->query($this->EE->db->insert_string('exp_member_homepage', array('member_id' => $member_id)));
/** -------------------------------------
/** Mailinglist Subscribe
/** -------------------------------------*/
$mailinglist_subscribe = FALSE;
if (isset($_POST['mailinglist_subscribe']) && is_numeric($_POST['mailinglist_subscribe'])) {
// Kill duplicate emails from authorizatin queue.
$this->EE->db->query("DELETE FROM exp_mailing_list_queue WHERE email = '" . $this->EE->db->escape_str($_POST['email']) . "'");
// Validate Mailing List ID
$query = $this->EE->db->query("SELECT COUNT(*) AS count\n\t\t\t\t\t\t\t\t FROM exp_mailing_lists\n\t\t\t\t\t\t\t\t WHERE list_id = '" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "'");
// Email Not Already in Mailing List
$results = $this->EE->db->query("SELECT count(*) AS count\n\t\t\t\t\t\t\t\t\tFROM exp_mailing_list\n\t\t\t\t\t\t\t\t\tWHERE email = '" . $this->EE->db->escape_str($_POST['email']) . "'\n\t\t\t\t\t\t\t\t\tAND list_id = '" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "'");
/** -------------------------------------
/** INSERT Email
/** -------------------------------------*/
if ($query->row('count') > 0 && $results->row('count') == 0) {
$mailinglist_subscribe = TRUE;
$code = $this->EE->functions->random('alnum', 10);
if ($this->EE->config->item('req_mbr_activation') == 'email') {
// Activated When Membership Activated
$this->EE->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)\n\t\t\t\t\t\t\t\tVALUES ('" . $this->EE->db->escape_str($_POST['email']) . "', '" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . time() . "')");
} elseif ($this->EE->config->item('req_mbr_activation') == 'manual') {
// Mailing List Subscribe Email
$this->EE->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)\n\t\t\t\t\t\t\t\tVALUES ('" . $this->EE->db->escape_str($_POST['email']) . "', '" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . time() . "')");
$this->EE->lang->loadfile('mailinglist');
$action_id = $this->EE->functions->fetch_action_id('Mailinglist', 'authorize_email');
$swap = array('activation_url' => $this->EE->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&id=' . $code, 'site_name' => stripslashes($this->EE->config->item('site_name')), 'site_url' => $this->EE->config->item('site_url'));
$template = $this->EE->functions->fetch_email_template('mailinglist_activation_instructions');
$email_tit = $this->EE->functions->var_swap($template['title'], $swap);
$email_msg = $this->EE->functions->var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->mailtype = 'plain';
$this->EE->email->priority = '3';
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($_POST['email']);
$this->EE->email->subject($email_tit);
$this->EE->email->message($email_msg);
$this->EE->email->send();
} else {
// Automatically Accepted
$this->EE->db->query("INSERT INTO exp_mailing_list (list_id, authcode, email, ip_address)\n\t\t\t\t\t\t\t\t\t\t VALUES ('" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . $this->EE->db->escape_str($_POST['email']) . "', '" . $this->EE->db->escape_str($this->EE->input->ip_address()) . "')");
}
}
}
/** -------------------------------------
/** Update
/** -------------------------------------*/
if ($this->EE->config->item('req_mbr_activation') == 'none') {
$this->EE->stats->update_member_stats();
}
/** -------------------------------------
/** Send admin notifications
/** -------------------------------------*/
if ($this->EE->config->item('new_member_notification') == 'y' and $this->EE->config->item('mbr_notification_emails') != '') {
$name = $data['screen_name'] != '' ? $data['screen_name'] : $data['username'];
$swap = array('name' => $name, 'site_name' => stripslashes($this->EE->config->item('site_name')), 'control_panel_url' => $this->EE->config->item('cp_url'), 'username' => $data['username'], 'email' => $data['email']);
$template = $this->EE->functions->fetch_email_template('admin_notify_reg');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
$this->EE->load->helper('string');
// Remove multiple commas
$notify_address = reduce_multiples($this->EE->config->item('mbr_notification_emails'), ',', TRUE);
/** ----------------------------
/** Send email
/** ----------------------------*/
// Load the text helper
$this->EE->load->helper('text');
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($notify_address);
$this->EE->email->subject($email_tit);
$this->EE->email->message(entities_to_ascii($email_msg));
$this->EE->email->Send();
}
// -------------------------------------------
// 'member_member_register' hook.
// - Additional processing when a member is created through the User Side
// - $member_id added in 2.0.1
//
$edata = $this->EE->extensions->call('member_member_register', $data, $member_id);
if ($this->EE->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** -------------------------------------
/** Zoo Visitor assignment
/** -------------------------------------*/
$member_data = $data;
$member_data["member_id"] = $member_id;
/** -------------------------------------
/** Send user notifications
/** -------------------------------------*/
if ($this->EE->config->item('req_mbr_activation') == 'email') {
$action_id = $this->EE->functions->fetch_action_id('Member', 'activate_member');
$name = $data['screen_name'] != '' ? $data['screen_name'] : $data['username'];
$board_id = $this->EE->input->get_post('board_id') !== FALSE && is_numeric($this->EE->input->get_post('board_id')) ? $this->EE->input->get_post('board_id') : 1;
$forum_id = $this->EE->input->get_post('FROM') == 'forum' ? '&r=f&board_id=' . $board_id : '';
$add = $mailinglist_subscribe !== TRUE ? '' : '&mailinglist=' . $_POST['mailinglist_subscribe'];
$swap = array('name' => $name, 'activation_url' => $this->EE->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&id=' . $data['authcode'] . $forum_id . $add, 'site_name' => stripslashes($this->EE->config->item('site_name')), 'site_url' => $this->EE->config->item('site_url'), 'username' => $data['username'], 'email' => $data['email']);
$template = $this->EE->functions->fetch_email_template('mbr_activation_instructions');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
// Load the text helper
$this->EE->load->helper('text');
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($data['email']);
$this->EE->email->subject($email_tit);
$this->EE->email->message(entities_to_ascii($email_msg));
$this->EE->email->Send();
$message = $this->EE->lang->line('mbr_membership_instructions_email');
} elseif ($this->EE->config->item('req_mbr_activation') == 'manual') {
$message = $this->EE->lang->line('mbr_admin_will_activate');
} else {
/** ----------------------------------------
/** Log user is handled at the end of the extension
/** ----------------------------------------*/
}
/** ----------------------------------------
/** Build the message
/** ----------------------------------------*/
if ($this->EE->input->get_post('FROM') == 'forum') {
if ($this->EE->input->get_post('board_id') !== FALSE && is_numeric($this->EE->input->get_post('board_id'))) {
$query = $this->EE->db->query("SELECT board_forum_url, board_id, board_label FROM exp_forum_boards WHERE board_id = '" . $this->EE->db->escape_str($this->EE->input->get_post('board_id')) . "'");
} else {
$query = $this->EE->db->query("SELECT board_forum_url, board_id, board_label FROM exp_forum_boards WHERE board_id = '1'");
}
$site_name = $query->row('board_label');
$return = $query->row('board_forum_url');
} else {
$site_name = $this->EE->config->item('site_name') == '' ? $this->EE->lang->line('back') : stripslashes($this->EE->config->item('site_name'));
$return = $this->EE->config->item('site_url');
}
$data = array('title' => $this->EE->lang->line('mbr_registration_complete'), 'heading' => $this->EE->lang->line('thank_you'), 'content' => $this->EE->lang->line('mbr_registration_completed'), 'redirect' => '', 'link' => array($return, $site_name), 'result' => 'registration_complete', 'member_data' => $member_data);
//$this->EE->output->show_message($data);
return $data;
}
/** ----------------------------------
/** Update the username/password
/** ----------------------------------*/
function update_un_pw()
{
$missing = FALSE;
if ( ! isset($_POST['new_username']) AND ! isset($_POST['new_password']))
{
$missing = TRUE;
}
if ((isset($_POST['new_username']) AND $_POST['new_username'] == '') OR (isset($_POST['new_password']) AND $_POST['new_password'] == ''))
{
$missing = TRUE;
}
if ($this->EE->input->post('username') == '' OR $this->EE->input->get_post('password') == '')
{
$missing = TRUE;
}
if ($missing == TRUE)
{
return $this->EE->output->show_user_error('submission', $this->EE->lang->line('all_fields_required'));
}
/** ----------------------------------------
/** Check password lockout status
/** ----------------------------------------*/
if ($this->EE->session->check_password_lockout($this->EE->input->post('username')) === TRUE)
{
$line = str_replace("%x", $this->EE->config->item('password_lockout_interval'), $this->EE->lang->line('password_lockout_in_effect'));
return $this->EE->output->show_user_error('submission', $line);
}
/** ----------------------------------------
/** Fetch member data
/** ----------------------------------------*/
$sql = "SELECT member_id, group_id
FROM exp_members
WHERE username = '******'username'))."'
AND password = '******'password')))."'";
$query = $this->EE->db->query($sql);
/** ----------------------------------------
/** Invalid Username or Password
/** ----------------------------------------*/
if ($query->num_rows() == 0)
{
$this->EE->session->save_password_lockout($this->EE->input->post('username'));
return $this->EE->output->show_user_error('submission', $this->EE->lang->line('invalid_existing_un_pw'));
}
$member_id = $query->row('member_id') ;
/** ----------------------------------------
/** Is the user banned?
/** ----------------------------------------*/
// Super Admins can't be banned
if ($query->row('group_id') != 1)
{
if ($this->EE->session->ban_check())
{
return $this->EE->output->fatal_error($this->EE->lang->line('not_authorized'));
}
}
/** -------------------------------------
/** Instantiate validation class
/** -------------------------------------*/
if ( ! class_exists('EE_Validate'))
{
require APPPATH.'libraries/Validate'.EXT;
}
$new_un = (isset($_POST['new_username'])) ? $_POST['new_username'] : '';
$new_pw = (isset($_POST['new_password'])) ? $_POST['new_password'] : '';
$new_pwc = (isset($_POST['new_password_confirm'])) ? $_POST['new_password_confirm'] : '';
$VAL = new EE_Validate(
array(
'val_type' => 'new',
'fetch_lang' => TRUE,
'require_cpw' => FALSE,
'enable_log' => FALSE,
'username' => $new_un,
'password' => $new_pw,
'password_confirm' => $new_pwc,
'cur_password' => $_POST['password'],
)
);
$un_exists = (isset($_POST['new_username']) AND $_POST['new_username'] != '') ? TRUE : FALSE;
$pw_exists = (isset($_POST['new_password']) AND $_POST['new_password'] != '') ? TRUE : FALSE;
if ($un_exists)
$VAL->validate_username();
if ($pw_exists)
$VAL->validate_password();
/** -------------------------------------
/** Display error is there are any
/** -------------------------------------*/
if (count($VAL->errors) > 0)
{
return $this->EE->output->show_user_error('submission', $VAL->errors);
}
if ($un_exists)
{
$this->EE->db->query("UPDATE exp_members SET username = '******'new_username'])."' WHERE member_id = '{$member_id}'");
}
if ($pw_exists)
{
$this->EE->db->query("UPDATE exp_members SET password = '******'new_password']))."' WHERE member_id = '{$member_id}'");
}
// Clear the tracker cookie since we're not sure where the redirect should go
$this->EE->functions->set_cookie('tracker');
$return = $this->EE->functions->form_backtrack();
if ($this->EE->config->item('user_session_type') != 'c')
{
if ($this->EE->config->item('force_query_string') == 'y' && substr($return, 0, -3) == "php")
{
$return .= '?';
}
if ($this->EE->session->userdata['session_id'] != '')
{
$return .= "/S=".$this->EE->session->userdata['session_id']."/";
}
}
if ($this->EE->uri->segment(5))
{
$link = $this->EE->functions->create_url($this->EE->uri->segment(5));
$line = $this->EE->lang->line('return_to_forum');
}
else
{
$link = $this->_member_path('login');
$line = $this->EE->lang->line('return_to_login');
}
// We're done.
$data = array( 'title' => $this->EE->lang->line('settings_update'),
'heading' => $this->EE->lang->line('thank_you'),
'content' => $this->EE->lang->line('unpw_updated'),
'link' => array($link, $line)
);
$this->EE->output->show_message($data);
}
/** ----------------------------------------
/** Register Member
/** ----------------------------------------*/
function register_member()
{
/** -------------------------------------
/** Do we allow new member registrations?
/** ------------------------------------*/
if ($this->EE->config->item('allow_member_registration') == 'n')
{
return FALSE;
}
/** ----------------------------------------
/** Is user banned?
/** ----------------------------------------*/
if ($this->EE->session->userdata['is_banned'] == TRUE)
{
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('not_authorized')));
}
/** ----------------------------------------
/** Blacklist/Whitelist Check
/** ----------------------------------------*/
if ($this->EE->blacklist->blacklisted == 'y' && $this->EE->blacklist->whitelisted == 'n')
{
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('not_authorized')));
}
$this->EE->load->helper('url');
/* -------------------------------------------
/* 'member_member_register_start' hook.
/* - Take control of member registration routine
/* - Added EE 1.4.2
*/
$edata = $this->EE->extensions->call('member_member_register_start');
if ($this->EE->extensions->end_script === TRUE) return;
/*
/* -------------------------------------------*/
/** ----------------------------------------
/** Set the default globals
/** ----------------------------------------*/
$default = array('username', 'password', 'password_confirm', 'email', 'screen_name', 'url', 'location');
foreach ($default as $val)
{
if ( ! isset($_POST[$val])) $_POST[$val] = '';
}
if ($_POST['screen_name'] == '')
$_POST['screen_name'] = $_POST['username'];
/** -------------------------------------
/** Instantiate validation class
/** -------------------------------------*/
if ( ! class_exists('EE_Validate'))
{
require APPPATH.'libraries/Validate'.EXT;
}
$VAL = new EE_Validate(
array(
'member_id' => '',
'val_type' => 'new', // new or update
'fetch_lang' => TRUE,
'require_cpw' => FALSE,
'enable_log' => FALSE,
'username' => $_POST['username'],
'cur_username' => '',
'screen_name' => $_POST['screen_name'],
'cur_screen_name' => '',
'password' => $_POST['password'],
'password_confirm' => $_POST['password_confirm'],
'cur_password' => '',
'email' => $_POST['email'],
'cur_email' => ''
)
);
$VAL->validate_username();
$VAL->validate_screen_name();
$VAL->validate_password();
$VAL->validate_email();
/** -------------------------------------
/** Do we have any custom fields?
/** -------------------------------------*/
$query = $this->EE->db->query("SELECT m_field_id, m_field_name, m_field_label, m_field_required FROM exp_member_fields WHERE m_field_reg = 'y'");
$cust_errors = array();
$cust_fields = array();
if ($query->num_rows() > 0)
{
foreach ($query->result_array() as $row)
{
if ($row['m_field_required'] == 'y' && ( ! isset($_POST['m_field_id_'.$row['m_field_id']]) OR $_POST['m_field_id_'.$row['m_field_id']] == ''))
{
$cust_errors[] = $this->EE->lang->line('mbr_field_required').' '.$row['m_field_label'];
}
elseif (isset($_POST['m_field_id_'.$row['m_field_id']]))
{
$cust_fields['m_field_id_'.$row['m_field_id']] = $this->EE->security->xss_clean($_POST['m_field_id_'.$row['m_field_id']]);
}
}
}
if (isset($_POST['email_confirm']) && $_POST['email'] != $_POST['email_confirm'])
{
$cust_errors[] = $this->EE->lang->line('mbr_emails_not_match');
}
if ($this->EE->config->item('use_membership_captcha') == 'y')
{
if ( ! isset($_POST['captcha']) OR $_POST['captcha'] == '')
{
$cust_errors[] = $this->EE->lang->line('captcha_required');
}
}
if ($this->EE->config->item('require_terms_of_service') == 'y')
{
if ( ! isset($_POST['accept_terms']))
{
$cust_errors[] = $this->EE->lang->line('mbr_terms_of_service_required');
}
}
$errors = array_merge($VAL->errors, $cust_errors);
/** -------------------------------------
/** Display error is there are any
/** -------------------------------------*/
if (count($errors) > 0)
{
return $this->EE->output->show_user_error('submission', $errors);
}
/** ----------------------------------------
/** Do we require captcha?
/** ----------------------------------------*/
if ($this->EE->config->item('use_membership_captcha') == 'y')
{
$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_captcha WHERE word='".$this->EE->db->escape_str($_POST['captcha'])."' AND ip_address = '".$this->EE->input->ip_address()."' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0)
{
return $this->EE->output->show_user_error('submission', array($this->EE->lang->line('captcha_incorrect')));
}
$this->EE->db->query("DELETE FROM exp_captcha WHERE (word='".$this->EE->db->escape_str($_POST['captcha'])."' AND ip_address = '".$this->EE->input->ip_address()."') OR date < UNIX_TIMESTAMP()-7200");
}
/** ----------------------------------------
/** Secure Mode Forms?
/** ----------------------------------------*/
if ($this->EE->config->item('secure_forms') == 'y')
{
$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_security_hashes WHERE hash='".$this->EE->db->escape_str($_POST['XID'])."' AND ip_address = '".$this->EE->input->ip_address()."' AND ip_address = '".$this->EE->input->ip_address()."' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0)
{
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('not_authorized')));
}
$this->EE->db->query("DELETE FROM exp_security_hashes WHERE (hash='".$this->EE->db->escape_str($_POST['XID'])."' AND ip_address = '".$this->EE->input->ip_address()."') OR date < UNIX_TIMESTAMP()-7200");
}
/** -------------------------------------
/** Assign the base query data
/** -------------------------------------*/
// Set member group
if ($this->EE->config->item('req_mbr_activation') == 'manual' OR $this->EE->config->item('req_mbr_activation') == 'email')
{
$data['group_id'] = 4; // Pending
}
else
{
if ($this->EE->config->item('default_member_group') == '')
{
$data['group_id'] = 4; // Pending
}
else
{
$data['group_id'] = $this->EE->config->item('default_member_group');
}
}
$data['username'] = $_POST['username'];
$data['password'] = $this->EE->functions->hash(stripslashes($_POST['password']));
$data['ip_address'] = $this->EE->input->ip_address();
$data['unique_id'] = $this->EE->functions->random('encrypt');
$data['join_date'] = $this->EE->localize->now;
$data['email'] = $_POST['email'];
$data['screen_name'] = $_POST['screen_name'];
$data['url'] = prep_url($_POST['url']);
$data['location'] = $_POST['location'];
// overridden below if used as optional fields
$data['language'] = ($this->EE->config->item('deft_lang')) ? $this->EE->config->item('deft_lang') : 'english';
$data['time_format'] = ($this->EE->config->item('time_format')) ? $this->EE->config->item('time_format') : 'us';
$data['timezone'] = ($this->EE->config->item('default_site_timezone') && $this->EE->config->item('default_site_timezone') != '') ? $this->EE->config->item('default_site_timezone') : $this->EE->config->item('server_timezone');
$data['daylight_savings'] = ($this->EE->config->item('default_site_dst') && $this->EE->config->item('default_site_dst') != '') ? $this->EE->config->item('default_site_dst') : $this->EE->config->item('daylight_savings');
// Optional Fields
$optional = array('bio' => 'bio',
'language' => 'deft_lang',
'timezone' => 'server_timezone',
'time_format' => 'time_format');
foreach($optional as $key => $value)
{
if (isset($_POST[$value]))
{
$data[$key] = $_POST[$value];
}
}
if ($this->EE->input->post('daylight_savings') == 'y')
{
$data['daylight_savings'] = 'y';
}
elseif ($this->EE->input->post('daylight_savings') == 'n')
{
$data['daylight_savings'] = 'n';
}
// We generate an authorization code if the member needs to self-activate
if ($this->EE->config->item('req_mbr_activation') == 'email')
{
$data['authcode'] = $this->EE->functions->random('alnum', 10);
}
/** -------------------------------------
/** Insert basic member data
/** -------------------------------------*/
$this->EE->db->query($this->EE->db->insert_string('exp_members', $data));
$member_id = $this->EE->db->insert_id();
/** -------------------------------------
/** Insert custom fields
/** -------------------------------------*/
$cust_fields['member_id'] = $member_id;
$this->EE->db->query($this->EE->db->insert_string('exp_member_data', $cust_fields));
/** -------------------------------------
/** Create a record in the member homepage table
/** -------------------------------------*/
// This is only necessary if the user gains CP access, but we'll add the record anyway.
$this->EE->db->query($this->EE->db->insert_string('exp_member_homepage', array('member_id' => $member_id)));
/** -------------------------------------
/** Mailinglist Subscribe
/** -------------------------------------*/
$mailinglist_subscribe = FALSE;
if (isset($_POST['mailinglist_subscribe']) && is_numeric($_POST['mailinglist_subscribe']))
{
// Kill duplicate emails from authorizatin queue.
$this->EE->db->query("DELETE FROM exp_mailing_list_queue WHERE email = '".$this->EE->db->escape_str($_POST['email'])."'");
// Validate Mailing List ID
$query = $this->EE->db->query("SELECT COUNT(*) AS count
FROM exp_mailing_lists
WHERE list_id = '".$this->EE->db->escape_str($_POST['mailinglist_subscribe'])."'");
// Email Not Already in Mailing List
$results = $this->EE->db->query("SELECT count(*) AS count
FROM exp_mailing_list
WHERE email = '".$this->EE->db->escape_str($_POST['email'])."'
AND list_id = '".$this->EE->db->escape_str($_POST['mailinglist_subscribe'])."'");
/** -------------------------------------
/** INSERT Email
/** -------------------------------------*/
if ($query->row('count') > 0 && $results->row('count') == 0)
{
$mailinglist_subscribe = TRUE;
$code = $this->EE->functions->random('alnum', 10);
if ($this->EE->config->item('req_mbr_activation') == 'email')
{
// Activated When Membership Activated
$this->EE->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)
VALUES ('".$this->EE->db->escape_str($_POST['email'])."', '".$this->EE->db->escape_str($_POST['mailinglist_subscribe'])."', '".$code."', '".time()."')");
}
elseif ($this->EE->config->item('req_mbr_activation') == 'manual')
{
// Mailing List Subscribe Email
$this->EE->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)
VALUES ('".$this->EE->db->escape_str($_POST['email'])."', '".$this->EE->db->escape_str($_POST['mailinglist_subscribe'])."', '".$code."', '".time()."')");
$this->EE->lang->loadfile('mailinglist');
$action_id = $this->EE->functions->fetch_action_id('Mailinglist', 'authorize_email');
$swap = array(
'activation_url' => $this->EE->functions->fetch_site_index(0, 0).QUERY_MARKER.'ACT='.$action_id.'&id='.$code,
'site_name' => stripslashes($this->EE->config->item('site_name')),
'site_url' => $this->EE->config->item('site_url')
);
$template = $this->EE->functions->fetch_email_template('mailinglist_activation_instructions');
$email_tit = $this->EE->functions->var_swap($template['title'], $swap);
$email_msg = $this->EE->functions->var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->mailtype = 'plain';
$this->EE->email->priority = '3';
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($_POST['email']);
$this->EE->email->subject($email_tit);
$this->EE->email->message($email_msg);
$this->EE->email->send();
}
else
{
// Automatically Accepted
$this->EE->db->query("INSERT INTO exp_mailing_list (list_id, authcode, email, ip_address)
VALUES ('".$this->EE->db->escape_str($_POST['mailinglist_subscribe'])."', '".$code."', '".$this->EE->db->escape_str($_POST['email'])."', '".$this->EE->db->escape_str($this->EE->input->ip_address())."')");
}
}
}
/** -------------------------------------
/** Update
/** -------------------------------------*/
if ($this->EE->config->item('req_mbr_activation') == 'none')
{
$this->EE->stats->update_member_stats();
}
/** -------------------------------------
/** Send admin notifications
/** -------------------------------------*/
if ($this->EE->config->item('new_member_notification') == 'y' AND $this->EE->config->item('mbr_notification_emails') != '')
{
$name = ($data['screen_name'] != '') ? $data['screen_name'] : $data['username'];
$swap = array(
'name' => $name,
'site_name' => stripslashes($this->EE->config->item('site_name')),
'control_panel_url' => $this->EE->config->item('cp_url'),
'username' => $data['username'],
'email' => $data['email']
);
$template = $this->EE->functions->fetch_email_template('admin_notify_reg');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
$this->EE->load->helper('string');
// Remove multiple commas
$notify_address = reduce_multiples($this->EE->config->item('mbr_notification_emails'), ',', TRUE);
/** ----------------------------
/** Send email
/** ----------------------------*/
// Load the text helper
$this->EE->load->helper('text');
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($notify_address);
$this->EE->email->subject($email_tit);
$this->EE->email->message(entities_to_ascii($email_msg));
$this->EE->email->Send();
}
// -------------------------------------------
// 'member_member_register' hook.
// - Additional processing when a member is created through the User Side
// - $member_id added in 2.0.1
//
$edata = $this->EE->extensions->call('member_member_register', $data, $member_id);
if ($this->EE->extensions->end_script === TRUE) return;
//
// -------------------------------------------
/** -------------------------------------
/** Send user notifications
/** -------------------------------------*/
if ($this->EE->config->item('req_mbr_activation') == 'email')
{
$action_id = $this->EE->functions->fetch_action_id('Member', 'activate_member');
$name = ($data['screen_name'] != '') ? $data['screen_name'] : $data['username'];
$board_id = ($this->EE->input->get_post('board_id') !== FALSE && is_numeric($this->EE->input->get_post('board_id'))) ? $this->EE->input->get_post('board_id') : 1;
$forum_id = ($this->EE->input->get_post('FROM') == 'forum') ? '&r=f&board_id='.$board_id : '';
$add = ($mailinglist_subscribe !== TRUE) ? '' : '&mailinglist='.$_POST['mailinglist_subscribe'];
$swap = array(
'name' => $name,
'activation_url' => $this->EE->functions->fetch_site_index(0, 0).QUERY_MARKER.'ACT='.$action_id.'&id='.$data['authcode'].$forum_id.$add,
'site_name' => stripslashes($this->EE->config->item('site_name')),
'site_url' => $this->EE->config->item('site_url'),
'username' => $data['username'],
'email' => $data['email']
);
$template = $this->EE->functions->fetch_email_template('mbr_activation_instructions');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
// Load the text helper
$this->EE->load->helper('text');
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($data['email']);
$this->EE->email->subject($email_tit);
$this->EE->email->message(entities_to_ascii($email_msg));
$this->EE->email->Send();
$message = $this->EE->lang->line('mbr_membership_instructions_email');
}
elseif ($this->EE->config->item('req_mbr_activation') == 'manual')
{
$message = $this->EE->lang->line('mbr_admin_will_activate');
}
else
{
/** ----------------------------------------
/** Log user in
/** ----------------------------------------*/
$expire = 60*60*24*182;
$this->EE->functions->set_cookie($this->EE->session->c_expire , time()+$expire, $expire);
$this->EE->functions->set_cookie($this->EE->session->c_uniqueid , $data['unique_id'], $expire);
$this->EE->functions->set_cookie($this->EE->session->c_password , $data['password'], $expire);
/** ----------------------------------------
/** Create a new session
/** ----------------------------------------*/
if ($this->EE->config->item('user_session_type') == 'cs' OR $this->EE->config->item('user_session_type') == 's')
{
$this->EE->session->sdata['session_id'] = $this->EE->functions->random();
$this->EE->session->sdata['member_id'] = $member_id;
$this->EE->session->sdata['last_activity'] = $this->EE->localize->now;
$this->EE->session->sdata['site_id'] = $this->EE->config->item('site_id');
$this->EE->functions->set_cookie($this->EE->session->c_session , $this->EE->session->sdata['session_id'], $this->EE->session->session_length);
$this->EE->db->query($this->EE->db->insert_string('exp_sessions', $this->EE->session->sdata));
}
/** ----------------------------------------
/** Update existing session variables
/** ----------------------------------------*/
$this->EE->session->userdata['username'] = $data['username'];
$this->EE->session->userdata['member_id'] = $member_id;
/** ----------------------------------------
/** Update stats
/** ----------------------------------------*/
$cutoff = $this->EE->localize->now - (15 * 60);
$this->EE->db->query("DELETE FROM exp_online_users WHERE site_id = '".$this->EE->db->escape_str($this->EE->config->item('site_id'))."' AND ((ip_address = '".$this->EE->input->ip_address()."' AND member_id = '0') OR date < $cutoff)");
$data = array(
'member_id' => $this->EE->session->userdata('member_id'),
'name' => ($this->EE->session->userdata['screen_name'] == '') ? $this->EE->session->userdata['username'] : $this->EE->session->userdata['screen_name'],
'ip_address' => $this->EE->input->ip_address(),
'date' => $this->EE->localize->now,
'anon' => 'y',
'site_id' => $this->EE->config->item('site_id')
);
$this->EE->db->query($this->EE->db->update_string('exp_online_users', $data, array("ip_address" => $this->EE->input->ip_address(), "member_id" => $data['member_id'])));
$message = $this->EE->lang->line('mbr_your_are_logged_in');
}
/** ----------------------------------------
/** Build the message
/** ----------------------------------------*/
if ($this->EE->input->get_post('FROM') == 'forum')
{
if ($this->EE->input->get_post('board_id') !== FALSE && is_numeric($this->EE->input->get_post('board_id')))
{
$query = $this->EE->db->query("SELECT board_forum_url, board_id, board_label FROM exp_forum_boards WHERE board_id = '".$this->EE->db->escape_str($this->EE->input->get_post('board_id'))."'");
}
else
{
$query = $this->EE->db->query("SELECT board_forum_url, board_id, board_label FROM exp_forum_boards WHERE board_id = '1'");
}
$site_name = $query->row('board_label') ;
$return = $query->row('board_forum_url') ;
}
else
{
$site_name = ($this->EE->config->item('site_name') == '') ? $this->EE->lang->line('back') : stripslashes($this->EE->config->item('site_name'));
$return = $this->EE->config->item('site_url');
}
$data = array( 'title' => $this->EE->lang->line('mbr_registration_complete'),
'heading' => $this->EE->lang->line('thank_you'),
'content' => $this->EE->lang->line('mbr_registration_completed')."\n\n".$message,
'redirect' => '',
'link' => array($return, $site_name)
);
$this->EE->output->show_message($data);
}
