Example #1
0
/**
* Create a new user
*
* Also calls the custom user registration (if enabled) and plugin functions.
*
* NOTE: Does NOT send out password emails.
*
* @param    string  $username    user name (mandatory)
* @param    string  $email       user's email address (mandatory)
* @param    string  $passwd      password (optional, see above)
* @param    string  $fullname    user's full name (optional)
* @param    string  $homepage    user's home page (optional)
* @param    boolean $batchimport set to true when called from importuser() in admin/users.php (optional)
* @return   int                  new user's ID
*
*/
function USER_createAccount($username, $email, $passwd = '', $fullname = '', $homepage = '', $remoteusername = '', $service = '', $batchimport = false)
{
    global $_CONF, $_TABLES;
    $queueUser = false;
    $username = addslashes($username);
    $email = addslashes($email);
    $regdate = strftime('%Y-%m-%d %H:%M:%S', time());
    $fields = 'username,email,regdate,cookietimeout';
    $values = "'{$username}','{$email}','{$regdate}','{$_CONF['default_perm_cookie_timeout']}'";
    if (!empty($passwd)) {
        $passwd = addslashes($passwd);
        $fields .= ',passwd';
        $values .= ",'{$passwd}'";
    }
    if (!empty($fullname)) {
        $fullname = addslashes($fullname);
        $fields .= ',fullname';
        $values .= ",'{$fullname}'";
    }
    if (!empty($homepage)) {
        $homepage = addslashes($homepage);
        $fields .= ',homepage';
        $values .= ",'{$homepage}'";
    }
    if ($_CONF['usersubmission'] == 1 && !SEC_hasRights('user.edit')) {
        $queueUser = true;
        if (!empty($_CONF['allow_domains'])) {
            if (USER_emailMatches($email, $_CONF['allow_domains'])) {
                $queueUser = false;
            }
        }
        if ($queueUser) {
            $fields .= ',status';
            $values .= ',' . USER_ACCOUNT_AWAITING_APPROVAL;
        }
    } else {
        if (!empty($remoteusername)) {
            $fields .= ',remoteusername';
            $values .= ",'{$remoteusername}'";
        }
        if (!empty($service)) {
            $fields .= ',remoteservice';
            $values .= ",'{$service}'";
        }
    }
    DB_query("INSERT INTO {$_TABLES['users']} ({$fields}) VALUES ({$values})");
    // Get the uid of the user, possibly given a service:
    if ($remoteusername != '') {
        $uid = DB_getItem($_TABLES['users'], 'uid', "remoteusername = '{$remoteusername}' AND remoteservice='{$service}'");
    } else {
        $uid = DB_getItem($_TABLES['users'], 'uid', "username = '{$username}' AND remoteservice IS NULL");
    }
    // Add user to Logged-in group (i.e. members) and the All Users group
    $normal_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='Logged-in Users'");
    $all_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='All Users'");
    DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id,ug_uid) VALUES ({$normal_grp}, {$uid})");
    DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id,ug_uid) VALUES ({$all_grp}, {$uid})");
    DB_query("INSERT INTO {$_TABLES['userprefs']} (uid) VALUES ({$uid})");
    if ($_CONF['emailstoriesperdefault'] == 1) {
        DB_query("INSERT INTO {$_TABLES['userindex']} (uid,etids) VALUES ({$uid},'')");
    } else {
        DB_query("INSERT INTO {$_TABLES['userindex']} (uid,etids) VALUES ({$uid}, '-')");
    }
    DB_query("INSERT INTO {$_TABLES['usercomment']} (uid,commentmode,commentlimit) VALUES ({$uid},'{$_CONF['comment_mode']}','{$_CONF['comment_limit']}')");
    DB_query("INSERT INTO {$_TABLES['userinfo']} (uid) VALUES ({$uid})");
    // call custom registration function and plugins
    if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCreate')) {
        CUSTOM_userCreate($uid, $batchimport);
    }
    PLG_createUser($uid);
    // Notify the admin?
    if (isset($_CONF['notification']) && in_array('user', $_CONF['notification'])) {
        if ($queueUser) {
            $mode = 'inactive';
        } else {
            $mode = 'active';
        }
        $username = COM_getDisplayName($uid, $username, $fullname, $remoteusername, $service);
        USER_sendNotification($username, $email, $uid, $mode);
    }
    return $uid;
}
Example #2
0
/**
 * Create a new user
 * Also calls the custom user registration (if enabled) and plugin functions.
 * NOTE: Does NOT send out password emails.
 *
 * @param  string  $username    username (mandatory)
 * @param  string  $email       user's email address (mandatory)
 * @param  string  $passwd      password (optional, see above)
 * @param  string  $fullname    user's full name (optional)
 * @param  string  $homepage    user's home page (optional)
 * @param  string  $remoteUserName
 * @param  string  $service
 * @param  boolean $batchImport set to true when called from importuser() in admin/users.php (optional)
 * @return int                     new user's ID
 */
function USER_createAccount($username, $email, $passwd = '', $fullname = '', $homepage = '', $remoteUserName = '', $service = '', $batchImport = false)
{
    global $_CONF, $_TABLES;
    $queueUser = false;
    $username = DB_escapeString($username);
    $email = DB_escapeString($email);
    $regdate = strftime('%Y-%m-%d %H:%M:%S', time());
    $fields = 'username,email,regdate,cookietimeout';
    $values = "'{$username}','{$email}','{$regdate}','{$_CONF['default_perm_cookie_timeout']}'";
    if (!empty($passwd)) {
        // Since no uid exists yet we can't use SEC_updateUserPassword and must handle things manually
        $salt = SEC_generateSalt();
        $passwd = SEC_encryptPassword($passwd, $salt, $_CONF['pass_alg'], $_CONF['pass_stretch']);
        $fields .= ',passwd,salt,algorithm,stretch';
        $values .= ",'{$passwd}','{$salt}','" . $_CONF['pass_alg'] . "','" . $_CONF['pass_stretch'] . "'";
    }
    if (!empty($fullname)) {
        $fullname = DB_escapeString($fullname);
        $fields .= ',fullname';
        $values .= ",'{$fullname}'";
    }
    if (!empty($homepage)) {
        $homepage = DB_escapeString($homepage);
        $fields .= ',homepage';
        $values .= ",'{$homepage}'";
    }
    if ($_CONF['usersubmission'] == 1 && !SEC_hasRights('user.edit')) {
        $queueUser = true;
        if (!empty($_CONF['allow_domains'])) {
            if (USER_emailMatches($email, $_CONF['allow_domains'])) {
                $queueUser = false;
            }
        }
        if ($queueUser) {
            $fields .= ',status';
            $values .= ',' . USER_ACCOUNT_AWAITING_APPROVAL;
        }
    } else {
        if (!empty($remoteUserName)) {
            $fields .= ',remoteusername';
            $values .= ",'{$remoteUserName}'";
        }
        if (!empty($service)) {
            $fields .= ',remoteservice';
            $values .= ",'{$service}'";
        }
    }
    DB_query("INSERT INTO {$_TABLES['users']} ({$fields}) VALUES ({$values})");
    // Get the uid of the user, possibly given a service:
    if ($remoteUserName != '') {
        $uid = DB_getItem($_TABLES['users'], 'uid', "remoteusername = '{$remoteUserName}' AND remoteservice='{$service}'");
    } else {
        $uid = DB_getItem($_TABLES['users'], 'uid', "username = '{$username}' AND remoteservice IS NULL");
    }
    // Add user to Logged-in group (i.e. members) and the All Users group
    $normal_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='Logged-in Users'");
    $all_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='All Users'");
    DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$normal_grp}, {$uid})");
    DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$all_grp}, {$uid})");
    // any default groups?
    $result = DB_query("SELECT grp_id FROM {$_TABLES['groups']} WHERE grp_default = 1");
    $num_groups = DB_numRows($result);
    for ($i = 0; $i < $num_groups; $i++) {
        list($def_grp) = DB_fetchArray($result);
        DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$def_grp}, {$uid})");
    }
    DB_query("INSERT INTO {$_TABLES['userprefs']} (uid) VALUES ({$uid})");
    if ($_CONF['emailstoriesperdefault'] == 1) {
        DB_query("INSERT INTO {$_TABLES['userindex']} (uid,etids) VALUES ({$uid},'')");
    } else {
        DB_query("INSERT INTO {$_TABLES['userindex']} (uid,etids) VALUES ({$uid}, '-')");
    }
    DB_query("INSERT INTO {$_TABLES['usercomment']} (uid,commentmode,commentorder,commentlimit) VALUES ({$uid},'{$_CONF['comment_mode']}','{$_CONF['comment_order']}','{$_CONF['comment_limit']}')");
    DB_query("INSERT INTO {$_TABLES['userinfo']} (uid) VALUES ({$uid})");
    // call custom registration function and plugins
    if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCreate')) {
        CUSTOM_userCreate($uid, $batchImport);
    }
    PLG_createUser($uid);
    // Notify the admin?
    if (isset($_CONF['notification']) && in_array('user', $_CONF['notification'])) {
        $mode = $queueUser ? 'inactive' : 'active';
        $username = COM_getDisplayName($uid, $username, $fullname, $remoteUserName, $service);
        USER_sendNotification($username, $email, $uid, $mode);
    }
    return $uid;
}
Example #3
0
/**
* Create a new user
*
* Also calls the custom user registration (if enabled) and plugin functions.
*
* NOTE: Does NOT send out password emails.
*
* @param    string  $username   user name (mandatory)
* @param    string  $email      user's email address (mandatory)
* @param    string  $passwd     password (optional, see above)
* @param    string  $fullname   user's full name (optional)
* @param    string  $homepage   user's home page (optional)
* @param    boolean $batchimport set to true when called from importuser() in admin/users.php (optional)
* @return   int                 new user's ID
*
*/
function USER_createAccount($username, $email, $passwd = '', $fullname = '', $homepage = '', $remoteusername = '', $service = '', $ignore = 0)
{
    global $_CONF, $_USER, $_TABLES;
    $dt = new Date('now', $_USER['tzid']);
    $queueUser = false;
    $username = DB_escapeString($username);
    $email = DB_escapeString($email);
    $regdate = $dt->toMySQL(true);
    $fields = 'username,email,regdate,cookietimeout';
    $values = "'{$username}','{$email}','{$regdate}','{$_CONF['default_perm_cookie_timeout']}'";
    if (!empty($passwd)) {
        $passwd = DB_escapeString($passwd);
        $fields .= ',passwd';
        $values .= ",'{$passwd}'";
    }
    if (!empty($fullname)) {
        $fullname = DB_escapeString(strip_tags($fullname));
        $fields .= ',fullname';
        $values .= ",'{$fullname}'";
    }
    if (!empty($homepage)) {
        $homepage = DB_escapeString($homepage);
        $fields .= ',homepage';
        $values .= ",'{$homepage}'";
    }
    $account_type = LOCAL_USER;
    if ($_CONF['usersubmission'] == 1 && !SEC_hasRights('user.edit')) {
        $queueUser = true;
        if (!empty($_CONF['allow_domains'])) {
            if (USER_emailMatches($email, $_CONF['allow_domains'])) {
                $queueUser = false;
            }
        }
        if ($queueUser) {
            $fields .= ',status';
            $values .= ',' . USER_ACCOUNT_AWAITING_APPROVAL;
        }
    } else {
        if ($_CONF['registration_type'] == 1 && (empty($remoteusername) || empty($service))) {
            $fields .= ',status';
            $values .= ',' . USER_ACCOUNT_AWAITING_VERIFICATION;
        }
    }
    if (!empty($remoteusername)) {
        $fields .= ',remoteusername';
        $values .= ",'" . DB_escapeString($remoteusername) . "'";
        $account_type = REMOTE_USER;
    }
    if (!empty($service)) {
        $fields .= ',remoteservice';
        $values .= ",'" . DB_escapeString($service) . "'";
    }
    $fields .= ',account_type';
    $values .= ',' . $account_type;
    DB_query("INSERT INTO {$_TABLES['users']} ({$fields}) VALUES ({$values})");
    // Get the uid of the user, possibly given a service:
    if ($remoteusername != '') {
        $uid = DB_getItem($_TABLES['users'], 'uid', "remoteusername = '" . DB_escapeString($remoteusername) . "' AND remoteservice='" . DB_escapeString($service) . "'");
    } else {
        $uid = DB_getItem($_TABLES['users'], 'uid', "username = '{$username}' AND remoteservice IS NULL");
    }
    // Add user to Logged-in group (i.e. members) and the All Users group
    $normal_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='Logged-in Users'");
    $all_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='All Users'");
    DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id,ug_uid) VALUES ({$normal_grp}, {$uid})");
    DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id,ug_uid) VALUES ({$all_grp}, {$uid})");
    // any default groups?
    $result = DB_query("SELECT grp_id FROM {$_TABLES['groups']} WHERE grp_default = 1");
    $num_groups = DB_numRows($result);
    for ($i = 0; $i < $num_groups; $i++) {
        list($def_grp) = DB_fetchArray($result);
        DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$def_grp}, {$uid})");
    }
    DB_query("INSERT INTO {$_TABLES['userprefs']} (uid,tzid) VALUES ({$uid},'{$_CONF['timezone']}')");
    if ($_CONF['emailstoriesperdefault'] == 1) {
        DB_query("INSERT INTO {$_TABLES['userindex']} (uid,etids) VALUES ({$uid},'')");
    } else {
        DB_query("INSERT INTO {$_TABLES['userindex']} (uid,etids) VALUES ({$uid}, '-')");
    }
    DB_query("INSERT INTO {$_TABLES['usercomment']} (uid,commentmode,commentlimit) VALUES ({$uid},'{$_CONF['comment_mode']}','{$_CONF['comment_limit']}')");
    DB_query("INSERT INTO {$_TABLES['userinfo']} (uid) VALUES ({$uid})");
    // call custom registration function and plugins
    if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCreate')) {
        CUSTOM_userCreate($uid, $batchimport);
    }
    if (function_exists('CUSTOM_userCreateHook')) {
        CUSTOM_userCreateHook($uid);
    }
    if ($ignore == 0) {
        PLG_createUser($uid);
    }
    // Notify the admin?
    if (isset($_CONF['notification']) && in_array('user', $_CONF['notification'])) {
        if ($queueUser) {
            $mode = 'inactive';
        } else {
            $mode = 'active';
        }
        USER_sendNotification($username, $email, $uid, $mode);
    }
    return $uid;
}
Example #4
0
/**
* This function will inform all plugins when a new user account is created.
*
* @param    int     $uid    user id of the new user account
* @return   void
*
*/
function PLG_createUser($uid)
{
    global $_PLUGINS;
    foreach ($_PLUGINS as $pi_name) {
        $function = 'plugin_user_create_' . $pi_name;
        if (function_exists($function)) {
            $function($uid);
        }
    }
    if (is_callable('CUSTOM_userCreate')) {
        CUSTOM_userCreate($uid, false);
    } elseif (is_callable('CUSTOM_user_create')) {
        COM_errorLog(__FUNCTION__ . ': CUSTOM_user_create is deprecated as of Geeklog 2.1.2.  Please use CUSTOM_userCreate instead.');
        CUSTOM_user_create($uid);
    }
}
Example #5
0
function fnccreateAccount($username, $email, $passwd = '', $fullname = '', $homepage = '', $uid = "")
{
    global $_CONF, $_TABLES;
    $batchimport = true;
    //一括処理
    $ret = true;
    $username = addslashes($username);
    $email = addslashes($email);
    $fullname = addslashes($fullname);
    $homepage = addslashes($homepage);
    //UIDを取得する
    if ($uid == 0) {
        $w = DB_getItem($_TABLES['users'], "max(uid)", "1=1");
        if ($w == "") {
            $w = 0;
        }
        $uid = $w + 1;
    }
    $regdate = strftime('%Y-%m-%d %H:%M:%S', time());
    $fields = 'uid,username,email,regdate,cookietimeout';
    $values = "{$uid},'{$username}','{$email}','{$regdate}','{$_CONF['default_perm_cookie_timeout']}'";
    //パスワードを更新する
    if (!empty($passwd)) {
        $passwd = addslashes($passwd);
        $fields .= ',passwd';
        $values .= ",'{$passwd}'";
    } else {
        srand((double) microtime() * 1000000);
        //擬似乱数の発生系列を変更する
        $passwd1 = rand();
        $passwd1 = md5($passwd1);
        $passwd1 = substr($passwd1, 1, 8);
        $passwd2 = SEC_encryptPassword($passwd1);
        $fields .= ',passwd';
        $values .= ",'{$passwd2}'";
    }
    //フルネーム
    if (!empty($fullname)) {
        $fullname = addslashes($fullname);
        $fields .= ',fullname';
        $values .= ",'{$fullname}'";
    }
    //ホームページ
    if (!empty($homepage)) {
        $homepage = addslashes($homepage);
        $fields .= ',homepage';
        $values .= ",'{$homepage}'";
    }
    // DB users 追加
    DB_query("INSERT INTO {$_TABLES['users']} ({$fields}) VALUES ({$values})");
    // Add user to Logged-in group (i.e. members) and the All Users group
    $normal_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='Logged-in Users'");
    $all_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='All Users'");
    DB_query("INSERT INTO {$_TABLES['group_assignments']}\n                (ug_main_grp_id,ug_uid) VALUES ({$normal_grp}, {$uid})");
    DB_query("INSERT INTO {$_TABLES['group_assignments']}\n                (ug_main_grp_id,ug_uid) VALUES ({$all_grp}, {$uid})");
    // DB userprefs 追加
    DB_query("INSERT INTO {$_TABLES['userprefs']} (uid) VALUES ({$uid})");
    // デイリーダイジェスト 新規ユーザのデフォルトにより更新
    if ($_CONF['emailstoriesperdefault'] == 1) {
        DB_query("INSERT INTO {$_TABLES['userindex']} (uid,etids) VALUES ({$uid},'')");
    } else {
        DB_query("INSERT INTO {$_TABLES['userindex']} (uid,etids) VALUES ({$uid}, '-')");
    }
    //DB usercomment 追加
    DB_query("INSERT INTO {$_TABLES['usercomment']} (uid,commentmode,commentlimit) VALUES ({$uid},'{$_CONF['comment_mode']}','{$_CONF['comment_limit']}')");
    //DB userinfo 追加
    DB_query("INSERT INTO {$_TABLES['userinfo']} (uid) VALUES ({$uid})");
    // call custom registration function and plugins
    if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCreate')) {
        CUSTOM_userCreate($uid, $batchimport);
    }
    PLG_createUser($uid);
    return $ret;
}