Example #1
0
 public function userAddUser()
 {
     global $DB, $emailActivation, $websiteUrl, $db_table_prefix;
     //Prevent this function being called if there were construction errors
     if ($this->status) {
         //Construct a secure hash for the plain text password
         $secure_pass = password_hash($this->clean_password, PASSWORD_BCRYPT);
         //Construct a unique activation token
         $this->activation_token = generateActivationToken();
         //Do we need to send out an activation email?
         if ($emailActivation == "true") {
             //User must activate their account first
             $this->user_active = 0;
             $mail = new userMail();
             //Build the activation message
             $activation_message = lang("ACCOUNT_ACTIVATION_MESSAGE", array($websiteUrl, $this->activation_token));
             //Define more if you want to build larger structures
             $hooks = array("searchStrs" => array("#ACTIVATION-MESSAGE", "#ACTIVATION-KEY", "#USERNAME#"), "subjectStrs" => array($activation_message, $this->activation_token, $this->displayname));
             /* Build the template - Optional, you can just use the sendMail function
             			Instead to pass a message. */
             if (!$mail->newTemplateMsg("new-registration.txt", $hooks)) {
                 $this->mail_failure = true;
             } else {
                 //Send the mail. Specify users email here and subject.
                 //SendMail can have a third parementer for message if you do not wish to build a template.
                 if (!$mail->sendMail($this->clean_email, "New User")) {
                     $this->mail_failure = true;
                 }
             }
             $this->success = lang("ACCOUNT_REGISTRATION_COMPLETE_TYPE2");
         } else {
             //Instant account activation
             $this->user_active = 1;
             $this->success = lang("ACCOUNT_REGISTRATION_COMPLETE_TYPE1");
         }
         if (!$this->mail_failure) {
             //Insert the user into the database providing no errors have been found.
             $stmt = $DB->prepare("INSERT INTO " . $db_table_prefix . "users (\r\n\t\t\t\t\tuser_name,\r\n\t\t\t\t\tdisplay_name,\r\n\t\t\t\t\tpassword,\r\n\t\t\t\t\temail,\r\n\t\t\t\t\tactivation_token,\r\n\t\t\t\t\tlast_activation_request,\r\n\t\t\t\t\tlost_password_request,\r\n\t\t\t\t\tactive,\r\n\t\t\t\t\ttitle,\r\n\t\t\t\t\tsign_up_stamp,\r\n\t\t\t\t\tlast_sign_in_stamp\r\n\t\t\t\t\t)\r\n\t\t\t\t\tVALUES (\r\n\t\t\t\t\t?,\r\n\t\t\t\t\t?,\r\n\t\t\t\t\t?,\r\n\t\t\t\t\t?,\r\n\t\t\t\t\t?,\r\n\t\t\t\t\t'" . time() . "',\r\n\t\t\t\t\t'0',\r\n\t\t\t\t\t?,\r\n\t\t\t\t\t'New Member',\r\n\t\t\t\t\t'" . time() . "',\r\n\t\t\t\t\t'0'\r\n\t\t\t\t\t)");
             $stmt->bindParam(1, $this->username);
             $stmt->bindParam(2, $this->displayname);
             $stmt->bindParam(3, $secure_pass);
             $stmt->bindParam(4, $this->clean_email);
             $stmt->bindParam(5, $this->activation_token);
             $stmt->bindParam(6, $this->user_active);
             $stmt->execute();
             $inserted_id = $DB->insert_id;
             //Insert default permission into matches table
             $stmt = $DB->prepare("INSERT INTO " . $db_table_prefix . "user_permission_matches  (\r\n\t\t\t\t\tuser_id,\r\n\t\t\t\t\tpermission_id\r\n\t\t\t\t\t)\r\n\t\t\t\t\tVALUES (\r\n\t\t\t\t\t?,\r\n\t\t\t\t\t'1'\r\n\t\t\t\t\t)");
             $stmt->bindParam(1, $inserted_id);
             $stmt->execute();
         }
     }
 }
Example #2
0
     }
 }
 if (count($errors) == 0) {
     //Check that the username / email are associated to the same account
     if (!emailUsernameLinked($email, $username)) {
         $errors[] = lang("ACCOUNT_USER_OR_EMAIL_INVALID");
     } else {
         //Check if the user has any outstanding lost password requests
         $userdetails = fetchUserDetails($username);
         if ($userdetails["lost_password_request"] == 1) {
             $errors[] = lang("FORGOTPASS_REQUEST_EXISTS");
         } else {
             //Email the user asking to confirm this change password request
             //We can use the template builder here
             //We use the activation token again for the url key it gets regenerated everytime it's used.
             $mail = new userMail();
             $confirm_url = lang("CONFIRM") . "\n" . $websiteUrl . "forgot-password.php?confirm=" . $userdetails["activation_token"];
             $deny_url = lang("DENY") . "\n" . $websiteUrl . "forgot-password.php?deny=" . $userdetails["activation_token"];
             //Setup our custom hooks
             $hooks = array("searchStrs" => array("#CONFIRM-URL#", "#DENY-URL#", "#USERNAME#"), "subjectStrs" => array($confirm_url, $deny_url, $userdetails["user_name"]));
             if (!$mail->newTemplateMsg("lost-password-request.txt", $hooks)) {
                 $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR");
             } else {
                 if (!$mail->sendMail($userdetails["email"], "Lost password request")) {
                     $errors[] = lang("MAIL_ERROR");
                 } else {
                     //Update the DB to show this account has an outstanding request
                     if (!flagLostPasswordRequest($userdetails["user_name"], 1)) {
                         $errors[] = lang("SQL_ERROR");
                     } else {
                         $successes[] = lang("FORGOTPASS_REQUEST_SUCCESS");