/**
* Processes the registration form
*
* @access public
* @return void
*/
public function registerProcessForm()
{
$form_errors = array();
$coppa = $this->request['coppa_user'] == 1 ? 1 : 0;
$in_password = trim($this->request['PassWord']);
$in_email = strtolower(trim($this->request['EmailAddress']));
$_SFS_FOUND = FALSE;
/* Check */
if ($this->settings['no_reg'] == 1) {
$this->registry->output->showError('registration_disabled', 2016, true);
}
/* Custom profile field stuff */
require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php';
$custom_fields = new customProfileFields();
$custom_fields->initData('edit');
$custom_fields->parseToSave($this->request, 'register');
/* Check */
if ($custom_fields->error_messages) {
$form_errors['general'] = $custom_fields->error_messages;
}
/* Check the email address */
if (!$in_email or strlen($in_email) < 6 or !IPSText::checkEmailAddress($in_email)) {
$form_errors['email'][$this->lang->words['err_invalid_email']] = $this->lang->words['err_invalid_email'];
}
if (trim($this->request['PassWord_Check']) != $in_password) {
$form_errors['password'][$this->lang->words['passwords_not_match']] = $this->lang->words['passwords_not_match'];
}
/* Test email address */
$this->request['EmailAddress_two'] = strtolower(trim($this->request['EmailAddress_two']));
$this->request['EmailAddress'] = strtolower(trim($this->request['EmailAddress']));
if (!IPSText::checkEmailAddress($this->request['EmailAddress_two'])) {
$form_errors['email'][$this->lang->words['reg_error_email_invalid']] = $this->lang->words['reg_error_email_invalid'];
} else {
if ($in_email and $this->request['EmailAddress_two'] != $in_email) {
$form_errors['email'][$this->lang->words['reg_error_email_nm']] = $this->lang->words['reg_error_email_nm'];
}
}
/* Need username? */
$uses_name = false;
foreach ($this->cache->getCache('login_methods') as $method) {
if ($method['login_user_id'] == 'username') {
$uses_name = true;
}
}
if (!$uses_name) {
$_REQUEST['UserName'] = $_REQUEST['members_display_name'];
$this->request['UserName'] = $this->request['members_display_name'];
}
/* Check the username */
$user_check = IPSMember::getFunction()->cleanAndCheckName($this->request['UserName'], array(), 'name');
if ($this->settings['auth_allow_dnames']) {
$disp_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'members_display_name');
}
if (is_array($user_check['errors']) && count($user_check['errors'])) {
foreach ($user_check['errors'] as $key => $error) {
$form_errors[$key][] = $error;
}
}
if ($this->settings['auth_allow_dnames'] and is_array($disp_check['errors']) && count($disp_check['errors'])) {
foreach ($disp_check['errors'] as $key => $error) {
$form_errors[$key][] = $error;
}
}
/* CHECK 1: Any errors (missing fields, etc)? */
if (count($form_errors)) {
$this->registerForm($form_errors);
return;
}
/* Is this email addy taken? */
if (IPSMember::checkByEmail($in_email) == TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Load handler... */
require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
$this->han_login = new han_login($this->registry);
$this->han_login->init();
$this->han_login->emailExistsCheck($in_email);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Are they banned [EMAIL]? */
if (IPSMember::isBanned('email', $in_email) === TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_ban']] = $this->lang->words['reg_error_email_ban'];
}
/* Check the CAPTCHA */
if ($this->settings['bot_antispam']) {
if ($this->registry->getClass('class_captcha')->validate() !== TRUE) {
$form_errors['general'][$this->lang->words['err_reg_code']] = $this->lang->words['err_reg_code'];
}
}
/* Check the Q and A */
if ($this->settings['registration_qanda']) {
$qanda = intval($this->request['qanda_id']);
$pass = false;
if ($qanda) {
$data = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'where' => 'qa_id=' . $qanda));
if ($data['qa_id']) {
$answers = explode("\n", str_replace("\r", "", $data['qa_answers']));
if (count($answers)) {
foreach ($answers as $answer) {
if (strtolower($answer) == strtolower($this->request['qa_answer'])) {
$pass = true;
break;
}
}
}
}
} else {
//-----------------------------------------
// Do we have any questions?
//-----------------------------------------
$data = $this->DB->buildAndFetch(array('select' => 'COUNT(*) as questions', 'from' => 'question_and_answer'));
if (!$data['questions']) {
$pass = true;
}
}
if (!$pass) {
$form_errors['general'][$this->lang->words['err_q_and_a']] = $this->lang->words['err_q_and_a'];
}
}
/* CHECK 2: Any errors ? */
if (count($form_errors)) {
$this->registerForm($form_errors);
return;
}
/* Build up the hashes */
$mem_group = $this->settings['member_group'];
/* Are we asking the member or admin to preview? */
if ($this->settings['reg_auth_type']) {
$mem_group = $this->settings['auth_group'];
} else {
if ($coppa == 1) {
$mem_group = $this->settings['auth_group'];
}
}
/* Create member */
$member = array('name' => $this->request['UserName'], 'password' => $in_password, 'members_display_name' => $this->settings['auth_allow_dnames'] ? $this->request['members_display_name'] : $this->request['UserName'], 'email' => $in_email, 'member_group_id' => $mem_group, 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->request['time_offset'], 'coppa_user' => $coppa, 'members_auto_dst' => intval($this->request['dst']), 'allow_admin_mails' => intval($this->request['allow_admin_mail']), 'hide_email' => $this->request['allow_member_mail'] ? 0 : 1);
/* Spam Service */
$spamCode = 0;
if ($this->settings['spam_service_enabled'] && $this->settings['spam_service_api_key']) {
/* Query the service */
$spamCode = IPSMember::querySpamService($in_email);
/* Action to perform */
$action = $this->settings['spam_service_action_' . $spamCode];
/* Perform Action */
switch ($action) {
/* Proceed with registraction */
case 1:
break;
/* Flag for admin approval */
/* Flag for admin approval */
case 2:
$member['member_group_id'] = $this->settings['auth_group'];
$this->settings['reg_auth_type'] = 'admin';
break;
/* Approve the account, but ban it */
/* Approve the account, but ban it */
case 3:
$member['member_banned'] = 1;
$member['member_group_id'] = $this->settings['banned_group'];
$this->settings['reg_auth_type'] = '';
break;
}
}
//-----------------------------------------
// Create the account
//-----------------------------------------
$member = IPSMember::create(array('members' => $member, 'pfields_content' => $this->request));
//-----------------------------------------
// Login handler create account callback
//-----------------------------------------
$this->han_login->createAccount(array('email' => $member['email'], 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $this->member->ip_address, 'username' => $member['members_display_name']));
//-----------------------------------------
// We'll just ignore if this fails - it shouldn't hold up IPB anyways
//-----------------------------------------
/*if ( $han_login->return_code AND ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) )
{
$this->registry->output->showError( 'han_login_create_failed', 2017, true );
}*/
//-----------------------------------------
// Validation
//-----------------------------------------
$validate_key = md5(IPSLib::makePassword() . time());
$time = time();
if ($coppa != 1) {
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin' or $this->settings['reg_auth_type'] == 'admin_user') {
//-----------------------------------------
// We want to validate all reg's via email,
// after email verificiation has taken place,
// we restore their previous group and remove the validate_key
//-----------------------------------------
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin_user') {
IPSText::getTextClass('email')->getTemplate("reg_validate");
IPSText::getTextClass('email')->buildMessage(array('THE_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=auto_validate&uid=" . urlencode($member['member_id']) . "&aid=" . urlencode($validate_key), 'NAME' => $member['members_display_name'], 'MAN_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=05", 'EMAIL' => $member['email'], 'ID' => $member['member_id'], 'CODE' => $validate_key));
IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email'] . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
$this->output = $this->registry->output->getTemplate('register')->showAuthorize($member);
} else {
if ($this->settings['reg_auth_type'] == 'admin') {
$this->output = $this->registry->output->getTemplate('register')->showPreview($member);
}
}
if ($this->settings['new_reg_notify']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'MEMBER_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email1'] . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
$this->registry->output->setTitle($this->lang->words['reg_success']);
$this->registry->output->addNavigation($this->lang->words['nav_reg'], '');
} else {
/* We don't want to preview, or get them to validate via email. */
$stat_cache = $this->caches['stats'];
if ($member['members_display_name'] and $member['member_id']) {
$stat_cache['last_mem_name'] = $member['members_display_name'];
$stat_cache['last_mem_id'] = $member['member_id'];
}
$stat_cache['mem_count'] += 1;
$this->cache->setCache('stats', $stat_cache, array('array' => 1, 'deletefirst' => 0));
if ($this->settings['new_reg_notify']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'MEMBER_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email1'] . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
IPSCookie::set('pass_hash', $member['member_login_key'], 1);
IPSCookie::set('member_id', $member['member_id'], 1);
//-----------------------------------------
// Fix up session
//-----------------------------------------
$privacy = $this->request['Privacy'] ? 1 : 0;
if ($member['g_hide_online_list']) {
$privacy = 1;
}
$this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy));
$this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&fromreg=1');
}
} else {
/* This is a COPPA user, so lets tell them they registered OK and redirect to the form. */
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
$this->registry->output->redirectScreen($this->lang->words['cp_success'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=12');
}
}
/**
* Completes the connection
*
* @access public
* @return redirect
*/
public function finishLogin()
{
/* From reg flag */
if ($_REQUEST['code']) {
/* Load oAuth */
require_once IPS_KERNEL_PATH . 'facebook/facebookoauth.php';
/*noLibHook*/
$this->_oauth = new FacebookOAuth(FACEBOOK_APP_ID, FACEBOOK_APP_SECRET, FACEBOOK_CALLBACK, $this->extendedPerms);
/* Load API */
require_once IPS_KERNEL_PATH . 'facebook/facebook.php';
/*noLibHook*/
$this->_api = new Facebook(array('appId' => FACEBOOK_APP_ID, 'secret' => FACEBOOK_APP_SECRET, 'cookie' => true));
/* Ensure URL is correct */
$_urlExtra = '';
if ($_REQUEST['key']) {
$_urlExtra .= '&key=' . $_REQUEST['key'];
}
if ($_REQUEST['_reg']) {
$_urlExtra .= '&_reg=1';
}
/* Update callback url */
$this->_oauth->setCallBackUrl(FACEBOOK_CALLBACK . $_urlExtra);
/* Generate oAuth token */
$rToken = $this->_oauth->getAccessToken($_REQUEST['code']);
if (is_string($rToken)) {
try {
$_userData = $this->_api->api('me', array('access_token' => $rToken));
} catch (Exception $e) {
/* Try re-authorising */
if (stristr($e->getMessage(), 'invalid')) {
$this->redirectToConnectPage();
}
}
/* A little gymnastics */
$this->_userData = $_userData;
$_userData = $this->fetchUserData($rToken);
/* Got a member linked already? */
$_member = IPSMember::load($_userData['id'], 'all', 'fb_uid');
/* Not connected, check email address */
if (!$_member['member_id'] and $_userData['email']) {
$_member = IPSMember::load($_userData['email'], 'all', 'email');
/* We do have an existing account, so trash email forcing user to sign up with new */
if ($_member['member_id']) {
/* Update row */
IPSMember::save($_member['member_id'], array('core' => array('fb_uid' => $_userData['id'], 'fb_token' => $rToken)));
}
}
if ($_member['member_id']) {
$memberData = $_member;
/* Ensure user's row is up to date */
IPSMember::save($memberData['member_id'], array('core' => array('fb_token' => $rToken)));
/* Here, so log us in!! */
/* changed by denchu 26/12/12 */
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
} else {
/* No? Create a new member */
foreach (array('fbc_s_pic', 'fbc_s_status', 'fbc_s_aboutme') as $field) {
$toSave[$field] = 1;
}
$fb_bwoptions = IPSBWOptions::freeze($toSave, 'facebook');
$safeFBName = IPS_DOC_CHAR_SET != 'UTF-8' ? IPSText::utf8ToEntities($_userData['name']) : $_userData['name'];
/* Make sure usernames are safe */
if ($this->settings['username_characters']) {
$check_against = preg_quote($this->settings['username_characters'], "/");
$check_against = str_replace('\\-', '-', $check_against);
$safeFBName = preg_replace('/[^' . $check_against . ']+/i', '', $safeFBName);
}
/* Check ban filters? */
if (IPSMember::isBanned('email', $_userData['email']) or IPSMember::isBanned('name', $safeFBName)) {
$this->registry->output->showError('you_are_banned', 1090003);
}
$displayName = $this->settings['fb_realname'] == 'enforced' ? $safeFBName : '';
/* From reg, so create new account properly */
$toSave = array('core' => array('name' => IPSText::parseCleanValue($safeFBName), 'members_display_name' => IPSText::parseCleanValue($displayName), 'members_created_remote' => 1, 'member_group_id' => $this->settings['fbc_mgid'] ? $this->settings['fbc_mgid'] : $this->settings['member_group'], 'email' => $_userData['email'], 'fb_uid' => $_userData['id'], 'time_offset' => $_userData['timezone'], 'members_auto_dst' => 1, 'fb_token' => $rToken), 'extendedProfile' => array('pp_about_me' => IPSText::getTextClass('bbcode')->stripBadWords(IPSText::convertCharsets($_userData['about'], 'utf-8', IPS_DOC_CHAR_SET)), 'fb_bwoptions' => $fb_bwoptions));
$memberData = IPSMember::create($toSave, FALSE, FALSE, TRUE);
if (!$memberData['member_id']) {
throw new Exception('CREATION_FAIL');
}
/* Sync up photo */
$this->syncMember($memberData['member_id']);
$pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id']));
if ($pmember['partial_member_id']) {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']);
} else {
/* Already got a display name */
if ($displayName) {
/* Here, so log us in!! */
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
IPSLib::runMemberSync('onCompleteAccount', $memberData);
if ($this->settings['new_reg_notify']) {
$this->registry->class_localization->loadLanguageFile(array('public_register'), 'core');
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("admin_newuser"));
IPSText::getTextClass('email')->buildMessage(array('DATE' => $this->registry->getClass('class_localization')->getDate(time(), 'LONG', 1), 'LOG_IN_NAME' => $safeFBName, 'EMAIL' => $_userData['email'], 'IP' => $this->member->ip_address, 'DISPLAY_NAME' => $displayName));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
} else {
throw new Exception('CREATION_FAIL');
}
}
}
} else {
throw new Exception('CREATION_FAIL');
}
} else {
/* Need to re-auth */
}
}
/**
* Show the login form
*
* @param string Message to show on login form
* @return string Login form HTML
*/
public function loginForm($message = "", $replacement = '')
{
//-----------------------------------------
// INIT
//-----------------------------------------
$extra_form = "";
$show_form = 1;
$template = '';
$serviceClick = trim($this->request['serviceClick']);
//-----------------------------------------
// Are they banned?
//-----------------------------------------
if (IPSMember::isBanned('ip', $this->member->ip_address)) {
$this->registry->getClass('output')->showError('you_are_banned', 2011, null, null, 403);
}
if ($message != "") {
if ($replacement) {
$message = sprintf($this->lang->words[$message], $replacement);
} else {
$message = $this->lang->words[$message];
}
$name = $this->request['UserName'] ? $this->request['UserName'] : $this->request['address'];
$message = str_replace("<#NAME#>", "<b>" . $name . "</b>", $message);
$template .= $this->registry->getClass('output')->getTemplate('login')->errors($message);
}
//-----------------------------------------
// Using an alternate log in form?
//-----------------------------------------
$this->han_login->checkLoginUrlRedirect();
/* Did we click a service? */
if ($serviceClick) {
switch ($serviceClick) {
case 'facebook':
$this->registry->getClass('output')->silentRedirect($this->settings['_original_base_url'] . "/interface/facebook/index.php?_reg=1");
break;
case 'twitter':
$this->registry->getClass('output')->silentRedirect($this->settings['_original_base_url'] . "/interface/twitter/index.php?_reg=1");
break;
}
}
//-----------------------------------------
// Extra HTML?
//-----------------------------------------
$additionalForm = $this->han_login->additionalFormHTML();
if (count($additionalForm[1])) {
if ($additionalForm[0] == 'add') {
$extra_form = $additionalForm[1];
$show_form = 1;
} else {
if (is_array($additionalForm[1])) {
foreach ($additionalForm[1] as $_form) {
$template .= $_form;
}
} else {
$template .= $additionalForm[1];
}
$show_form = 0;
}
}
//-----------------------------------------
// Continue...
//-----------------------------------------
if ($show_form) {
if ($this->request['referer']) {
$http_referrer = $this->request['referer'];
} else {
/* @link http://community.invisionpower.com/tracker/issue-32302-login-redirect-when-activating */
$_urlPieces = @parse_url($this->settings['board_url']);
if (strpos(my_getenv('HTTP_REFERER'), $_urlPieces['host'] ? $_urlPieces['host'] : $this->settings['board_url']) !== false) {
$http_referrer = my_getenv('HTTP_REFERER');
} else {
$http_referrer = '';
}
}
$login_methods = false;
$uses_name = false;
$uses_email = false;
foreach ($this->cache->getCache('login_methods') as $method) {
$login_methods[$method['login_folder_name']] = $method['login_folder_name'];
if ($method['login_user_id'] == 'username' or $method['login_user_id'] == 'either') {
$uses_name = true;
}
if ($method['login_user_id'] == 'email' or $method['login_user_id'] == 'either') {
$uses_email = true;
}
}
if ($uses_name and $uses_email) {
$this->lang->words['enter_name'] = $this->lang->words['enter_name_and_email'];
} else {
if ($uses_email) {
$this->lang->words['enter_name'] = $this->lang->words['enter_useremail'];
} else {
$this->lang->words['enter_name'] = $this->lang->words['enter_username'];
}
}
$template .= $this->registry->getClass('output')->getTemplate('login')->showLogInForm($this->lang->words['please_log_in'], htmlentities(urldecode($http_referrer)), $extra_form, $login_methods);
}
$this->registry->getClass('output')->addNavigation($this->lang->words['log_in'], '');
$this->registry->getClass('output')->setTitle($this->lang->words['log_in'] . ' - ' . ipsRegistry::$settings['board_name']);
$this->registry->getClass('output')->addContent($template);
$this->registry->getClass('output')->sendOutput();
}
/**
* Processes the registration form
*
* @return @e void
*/
public function registerProcessForm()
{
$this->_resetMember();
$form_errors = array();
$coppa = $this->request['coppa_user'] == 1 ? 1 : 0;
$in_password = trim($this->request['PassWord']);
$in_email = strtolower(trim($this->request['EmailAddress']));
/* Did we agree to the t&c? */
if (!$this->request['agree_tos']) {
$form_errors['tos'] = array($this->lang->words['must_agree_to_terms']);
}
/* Custom profile field stuff */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields');
$custom_fields = new $classToLoad();
$custom_fields->initData('edit');
$custom_fields->parseToSave($_POST, 'register');
/* Check */
if ($custom_fields->error_messages) {
$form_errors['general'] = $custom_fields->error_messages;
}
/* Check the email address */
if (!$in_email or strlen($in_email) < 6 or !IPSText::checkEmailAddress($in_email)) {
$form_errors['email'][$this->lang->words['err_invalid_email']] = $this->lang->words['err_invalid_email'];
}
if (trim($this->request['PassWord_Check']) != $in_password or !$in_password) {
$form_errors['password'][$this->lang->words['passwords_not_match']] = $this->lang->words['passwords_not_match'];
}
/*
There's no reason for this - http://community.invisionpower.com/resources/bugs.html/_/ip-board/registrations-limit-passwords-to-32-characters-for-no-apparent-reason-r37770
elseif ( strlen( $in_password ) < 3 )
{
$form_errors['password'][$this->lang->words['pass_too_short']] = $this->lang->words['pass_too_short'];
}
elseif ( strlen( $in_password ) > 32 )
{
$form_errors['password'][$this->lang->words['pass_too_long']] = $this->lang->words['pass_too_long'];
}
*/
/* Check the username */
$user_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'name');
$disp_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'members_display_name');
if (is_array($user_check['errors']) && count($user_check['errors'])) {
foreach ($user_check['errors'] as $key => $error) {
$form_errors['dname'][$error] = isset($this->lang->words[$error]) ? $this->lang->words[$error] : $error;
}
}
/* this duplicates username error above */
/*if( is_array( $disp_check['errors'] ) && count( $disp_check['errors'] ) )
{
foreach( $disp_check['errors'] as $key => $error )
{
$form_errors['dname'][ $error ] = isset($this->lang->words[ $error ]) ? $this->lang->words[ $error ] : $error;
}
}*/
/* Is this email addy taken? */
if (IPSMember::checkByEmail($in_email) == TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Load handler... */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
$this->han_login->emailExistsCheck($in_email);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Are they banned [EMAIL]? */
if (IPSMember::isBanned('email', $in_email) === TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_ban']] = $this->lang->words['reg_error_email_ban'];
}
/* Check the CAPTCHA */
if ($this->settings['bot_antispam_type'] != 'none') {
if ($this->registry->getClass('class_captcha')->validate() !== TRUE) {
$form_errors['general'][$this->lang->words['err_reg_code']] = $this->lang->words['err_reg_code'];
}
}
/* Check the Q and A */
$qanda = intval($this->request['qanda_id']);
$pass = true;
if ($qanda) {
$pass = false;
$data = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'where' => 'qa_id=' . $qanda));
if ($data['qa_id']) {
$answers = explode("\n", str_replace("\r", "", $data['qa_answers']));
if (count($answers)) {
foreach ($answers as $answer) {
$answer = trim($answer);
if (IPSText::mbstrlen($answer) and mb_strtolower($answer) == mb_strtolower($this->request['qa_answer'])) {
$pass = true;
break;
}
}
}
}
} else {
//-----------------------------------------
// Do we have any questions?
//-----------------------------------------
$data = $this->DB->buildAndFetch(array('select' => 'COUNT(*) as questions', 'from' => 'question_and_answer'));
if ($data['questions']) {
$pass = false;
}
}
if (!$pass) {
$form_errors['general'][$this->lang->words['err_q_and_a']] = $this->lang->words['err_q_and_a'];
}
/* CHECK 2: Any errors ? */
if (count($form_errors)) {
$this->registerForm($form_errors);
return;
}
/* Build up the hashes */
$mem_group = $this->settings['member_group'];
/* Are we asking the member or admin to preview? */
if ($this->settings['reg_auth_type']) {
$mem_group = $this->settings['auth_group'];
} else {
if ($coppa == 1) {
$mem_group = $this->settings['auth_group'];
}
}
/* Create member */
$member = array('name' => $this->request['members_display_name'], 'password' => $in_password, 'members_display_name' => $this->request['members_display_name'], 'email' => $in_email, 'member_group_id' => $mem_group, 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->request['time_offset'], 'coppa_user' => $coppa, 'members_auto_dst' => intval($this->settings['time_dst_auto_correction']), 'allow_admin_mails' => intval($this->request['allow_admin_mail']), 'language' => $this->member->language_id);
/* Spam Service */
$spamCode = 0;
$_spamFlag = 0;
if ($this->settings['spam_service_enabled']) {
/* Query the service */
$spamCode = IPSMember::querySpamService($in_email);
/* Action to perform */
$action = $this->settings['spam_service_action_' . $spamCode];
/* Perform Action */
switch ($action) {
/* Proceed with registration */
case 1:
break;
/* Flag for admin approval */
/* Flag for admin approval */
case 2:
$member['member_group_id'] = $this->settings['auth_group'];
$this->settings['reg_auth_type'] = 'admin';
$_spamFlag = 1;
break;
/* Approve the account, but ban it */
/* Approve the account, but ban it */
case 3:
$member['member_banned'] = 1;
$member['bw_is_spammer'] = 1;
$this->settings['reg_auth_type'] = '';
break;
/* Deny registration */
/* Deny registration */
case 4:
$this->registry->output->showError('spam_denied_account', '100x001', FALSE, '', 200);
break;
}
}
//-----------------------------------------
// Create the account
//-----------------------------------------
$member = IPSMember::create(array('members' => $member, 'pfields_content' => $custom_fields->out_fields), FALSE, FALSE, FALSE);
//-----------------------------------------
// Login handler create account callback
//-----------------------------------------
$this->han_login->createAccount(array('member_id' => $member['member_id'], 'email' => $member['email'], 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $this->member->ip_address, 'username' => $member['members_display_name'], 'name' => $member['name'], 'members_display_name' => $member['members_display_name']));
//-----------------------------------------
// We'll just ignore if this fails - it shouldn't hold up IPB anyways
//-----------------------------------------
/*if ( $han_login->return_code AND ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) )
{
$this->registry->output->showError( 'han_login_create_failed', 2017, true );
}*/
//-----------------------------------------
// Validation
//-----------------------------------------
$validate_key = md5(IPSMember::makePassword() . time());
$time = time();
if ($coppa != 1) {
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin' or $this->settings['reg_auth_type'] == 'admin_user') {
//-----------------------------------------
// We want to validate all reg's via email,
// after email verificiation has taken place,
// we restore their previous group and remove the validate_key
//-----------------------------------------
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address'], 'spam_flag' => $_spamFlag));
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin_user') {
/* Send out the email. */
$message = array('THE_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=auto_validate&uid=" . urlencode($member['member_id']) . "&aid=" . urlencode($validate_key), 'publicNoSession', 'false'), 'NAME' => $member['members_display_name'], 'MAN_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=05", 'publicNoSession', 'false'), 'EMAIL' => $member['email'], 'ID' => $member['member_id'], 'CODE' => $validate_key);
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("reg_validate", $this->member->language_id));
IPSText::getTextClass('email')->buildPlainTextContent($message);
IPSText::getTextClass('email')->buildHtmlContent($message);
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
$this->output = $this->registry->output->getTemplate('register')->showAuthorize($member);
} else {
if ($this->settings['reg_auth_type'] == 'admin') {
$this->output = $this->registry->output->getTemplate('register')->showPreview($member);
}
}
/* Only send new registration email if the member wasn't banned */
if ($this->settings['new_reg_notify'] and !$member['member_banned']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
$this->registry->output->setTitle($this->lang->words['reg_success'] . ' - ' . ipsRegistry::$settings['board_name']);
$this->registry->output->addNavigation($this->lang->words['nav_reg'], '');
} else {
/* We don't want to preview, or get them to validate via email. */
$stat_cache = $this->cache->getCache('stats');
if ($member['members_display_name'] and $member['member_id'] and !$this->caches['group_cache'][$member['member_group_id']]['g_hide_online_list']) {
$stat_cache['last_mem_name'] = $member['members_display_name'];
$stat_cache['last_mem_name_seo'] = IPSText::makeSeoTitle($member['members_display_name']);
$stat_cache['last_mem_id'] = $member['member_id'];
}
$stat_cache['mem_count'] += 1;
$this->cache->setCache('stats', $stat_cache, array('array' => 1));
/* Only send new registration email if the member wasn't banned */
if ($this->settings['new_reg_notify'] and !$member['member_banned']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
IPSCookie::set('pass_hash', $member['member_login_key'], 1);
IPSCookie::set('member_id', $member['member_id'], 1);
//-----------------------------------------
// Fix up session
//-----------------------------------------
$privacy = $member['g_hide_online_list'] || empty($this->settings['disable_anonymous']) && !empty($this->request['Privacy']) ? 1 : 0;
# Update value for onCompleteAccount call
$member['login_anonymous'] = $privacy . '&1';
$this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy));
IPSLib::runMemberSync('onCompleteAccount', $member);
$this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&fromreg=1');
}
} else {
/* This is a COPPA user, so lets tell them they registered OK and redirect to the form. */
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
$this->registry->output->redirectScreen($this->lang->words['cp_success'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=12');
}
}
/**
* Initiate the registry
*
* @return mixed false or void
*/
public static function init()
{
$INFO = array();
$_ipsPowerSettings = array();
if (self::$initiated === TRUE) {
return FALSE;
}
self::$initiated = TRUE;
/* Load static classes */
require IPS_ROOT_PATH . "sources/base/core.php";
/*noLibHook*/
require IPS_ROOT_PATH . "sources/base/ipsMember.php";
/*noLibHook*/
/* Debugging notices? */
if (defined('IPS_ERROR_CAPTURE') and IPS_ERROR_CAPTURE !== FALSE) {
@error_reporting(E_ALL | E_NOTICE);
@set_error_handler("IPSDebug::errorHandler");
}
/* Load core variables */
self::_loadCoreVariables();
/* Load config file */
if (is_file(DOC_IPS_ROOT_PATH . 'conf_global.php')) {
require DOC_IPS_ROOT_PATH . 'conf_global.php';
/*noLibHook*/
if (is_array($INFO)) {
foreach ($INFO as $key => $val) {
ipsRegistry::$settings[$key] = str_replace('\', '\\', $val);
}
}
}
/* Load secret sauce */
if (is_array($_ipsPowerSettings)) {
ipsRegistry::$settings = array_merge($_ipsPowerSettings, ipsRegistry::$settings);
}
/* Make sure we're installed */
if (empty($INFO['sql_database'])) {
/* Quick PHP version check */
if (!version_compare(MIN_PHP_VERS, PHP_VERSION, '<=')) {
print "You must be using PHP " . MIN_PHP_VERS . " or better. You are currently using: " . PHP_VERSION;
exit;
}
$host = $_SERVER['HTTP_HOST'] ? $_SERVER['HTTP_HOST'] : @getenv('HTTP_HOST');
$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : @getenv('PHP_SELF');
if (IPS_AREA == 'admin') {
@header("Location: http://" . $host . rtrim(dirname($self), '/\\') . "/install/index.php");
} else {
if (!defined('CP_DIRECTORY')) {
define('CP_DIRECTORY', 'admin');
}
@header("Location: http://" . $host . rtrim(dirname($self), '/\\') . "/" . CP_DIRECTORY . "/install/index.php");
}
}
/* Switch off dev mode you idjit */
if (!defined('IN_DEV')) {
define('IN_DEV', 0);
}
/* Shell defined? */
if (!defined('IPS_IS_SHELL')) {
define('IPS_IS_SHELL', FALSE);
}
/* If this wasn't defined in the gateway file... */
if (!defined('ALLOW_FURLS')) {
define('ALLOW_FURLS', ipsRegistry::$settings['use_friendly_urls'] ? TRUE : FALSE);
}
if (!defined('IPS_IS_MOBILE_APP')) {
define('IPS_IS_MOBILE_APP', false);
}
/**
* File and folder permissions
*/
if (!defined('IPS_FILE_PERMISSION')) {
define('IPS_FILE_PERMISSION', 0777);
}
if (!defined('IPS_FOLDER_PERMISSION')) {
define('IPS_FOLDER_PERMISSION', 0777);
}
/* Set it again incase a gateway turned it off */
ipsRegistry::$settings['use_friendly_urls'] = ALLOW_FURLS;
/* Start timer */
IPSDebug::startTimer();
/* Cookies... */
IPSCookie::$sensitive_cookies = array('session_id', 'admin_session_id', 'member_id', 'pass_hash');
/* INIT DB */
self::$handles['db'] = ips_DBRegistry::instance();
/* Set DB */
self::$handles['db']->setDB(ipsRegistry::$settings['sql_driver']);
/* Input set up... */
if (is_array($_POST) and count($_POST)) {
foreach ($_POST as $key => $value) {
# Skip post arrays
if (!is_array($value)) {
$_POST[$key] = IPSText::stripslashes($value);
}
}
}
//-----------------------------------------
// Clean globals, first.
//-----------------------------------------
IPSLib::cleanGlobals($_GET);
IPSLib::cleanGlobals($_POST);
IPSLib::cleanGlobals($_COOKIE);
IPSLib::cleanGlobals($_REQUEST);
# GET first
$input = IPSLib::parseIncomingRecursively($_GET, array());
# Then overwrite with POST
self::$request = IPSLib::parseIncomingRecursively($_POST, $input);
# Fix some notices
if (!isset(self::$request['module'])) {
self::$request['module'] = '';
}
if (!isset(self::$request['section'])) {
self::$request['section'] = '';
}
# Assign request method
self::$request['request_method'] = strtolower(my_getenv('REQUEST_METHOD'));
/* Define some constants */
define('IPS_IS_TASK', (isset(self::$request['module']) and self::$request['module'] == 'task' and self::$request['app'] == 'core') ? TRUE : FALSE);
define('IPS_IS_AJAX', (isset(self::$request['module']) and self::$request['module'] == 'ajax') ? TRUE : FALSE);
/* First pass of app set up. Needs to be BEFORE caches and member are set up */
self::_fUrlInit();
self::_manageIncomingURLs();
/* _manageIncomingURLs MUST be called first!!! */
self::_setUpAppData();
/* Load app / coreVariables.. must be called after app Data */
self::_loadAppCoreVariables(IPS_APP_COMPONENT);
/* Must be called after _manageIncomingURLs */
self::$handles['db']->getDB()->setDebugMode(IPS_SQL_DEBUG_MODE ? isset($_GET['debug']) ? intval($_GET['debug']) : 0 : 0);
/* Get caches */
self::$handles['caches'] = ips_CacheRegistry::instance();
/* Make sure all is well before we proceed */
try {
self::instance()->setUpSettings();
} catch (Exception $e) {
print file_get_contents(IPS_CACHE_PATH . 'cache/skin_cache/settingsEmpty.html');
exit;
}
/* Reset database log file paths to cache path */
self::$handles['db']->resetLogPaths();
/* Just in case they copy a space in the license... */
ipsRegistry::$settings['ipb_reg_number'] = trim(ipsRegistry::$settings['ipb_reg_number']);
/* Bah, now let's go over any input cleaning routines that have settings *sighs* */
self::$request = IPSLib::postParseIncomingRecursively(self::$request);
/* Set up dummy member class to prevent errors if cache rebuild required */
self::$handles['member'] = ips_MemberRegistryDummy::instance();
/* Build module and application caches */
self::instance()->checkCaches();
/* Set up app specific redirects. Must be called before member/sessions setup */
self::_parseAppResets();
/* Re-assign member */
unset(self::$handles['member']);
self::$handles['member'] = ips_MemberRegistry::instance();
/* Load other classes */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/class_localization.php', 'class_localization');
self::instance()->setClass('class_localization', new $classToLoad(self::instance()));
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/class_public_permissions.php', 'classPublicPermissions');
self::instance()->setClass('permissions', new $classToLoad(self::instance()));
/* Must be called before output initiated */
self::getAppClass(IPS_APP_COMPONENT);
if (IPS_AREA == 'admin') {
require_once IPS_ROOT_PATH . 'sources/classes/output/publicOutput.php';
/*noLibHook*/
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/output/adminOutput.php', 'adminOutput');
self::instance()->setClass('output', new $classToLoad(self::instance()));
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . "sources/classes/class_admin_functions.php", 'adminFunctions');
self::instance()->setClass('adminFunctions', new $classToLoad(self::instance()));
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/class_permissions.php', 'class_permissions');
self::instance()->setClass('class_permissions', new $classToLoad(self::instance()));
/* Do stuff that needs both adminFunctions and output initiated */
self::instance()->getClass('adminFunctions')->postOutputInit();
} else {
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/output/publicOutput.php', 'output');
self::instance()->setClass('output', new $classToLoad(self::instance(), TRUE));
register_shutdown_function(array('ipsRegistry', '__myDestruct'));
}
/* Post member processing */
self::$handles['member']->postOutput();
/* Add SEO templates to the output system */
self::instance()->getClass('output')->seoTemplates = self::$_seoTemplates;
//-----------------------------------------
// Sort out report center early, so counts
// and cache is right
//-----------------------------------------
$memberData =& self::$handles['member']->fetchMemberData();
$memberData['showReportCenter'] = false;
$member_group_ids = array($memberData['member_group_id']);
$member_group_ids = array_diff(array_merge($member_group_ids, explode(',', $memberData['mgroup_others'])), array(''));
$report_center = array_diff(explode(',', ipsRegistry::$settings['report_mod_group_access']), array(''));
foreach ($report_center as $groupId) {
if (in_array($groupId, $member_group_ids)) {
$memberData['showReportCenter'] = true;
break;
}
}
if ($memberData['showReportCenter']) {
$memberData['access_report_center'] = true;
$memberCache = $memberData['_cache'];
$reportsCache = self::$handles['caches']->getCache('report_cache');
if (!$memberCache['report_last_updated'] || $memberCache['report_last_updated'] < $reportsCache['last_updated']) {
$classToLoad = IPSLib::loadLibrary(IPSLib::getAppDir('core') . '/sources/classes/reportLibrary.php', 'reportLibrary');
$reports = new $classToLoad(ipsRegistry::instance());
$totalReports = $reports->rebuildMemberCacheArray();
$memberCache['report_num'] = $totalReports;
$memberData['_cache'] = $memberCache;
}
}
/* More set up */
self::_finalizeAppData();
/* Finish fURL stuffs */
self::_fUrlComplete();
self::instance()->getClass('class_localization')->loadLanguageFile(array('public_global'), 'core');
if (IPS_AREA == 'admin') {
$validationStatus = self::member()->sessionClass()->getStatus();
$validationMessage = self::member()->sessionClass()->getMessage();
if (ipsRegistry::$request['module'] != 'login' and !$validationStatus) {
//-----------------------------------------
// Force log in
//-----------------------------------------
if (ipsRegistry::$request['module'] == 'ajax') {
@header("Content-type: application/json;charset=" . IPS_DOC_CHAR_SET);
print json_encode(array('error' => self::instance()->getClass('class_localization')->words['acp_sessiontimeout'], '__session__expired__log__out__' => 1));
exit;
} elseif (ipsRegistry::$settings['logins_over_https'] && (empty($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on')) {
/* Bug 38301 */
ipsRegistry::getClass('output')->silentRedirect(str_replace('http://', 'https://', ipsRegistry::$settings['this_url']));
return;
} else {
ipsRegistry::$request['module'] = 'login';
ipsRegistry::$request['core'] = 'login';
$classToLoad = IPSLib::loadActionOverloader(IPSLib::getAppDir('core') . "/modules_admin/login/manualResolver.php", 'admin_core_login_manualResolver');
$runme = new $classToLoad(self::instance());
$runme->doExecute(self::instance());
exit;
}
}
} else {
if (IPS_AREA == 'public') {
/* Set up member */
self::$handles['member']->finalizePublicMember();
/* Proper no cache key <update:1> */
ipsRegistry::$settings['noCacheKey'] = md5('$Rev: 12261 $');
/* Are we banned: Via IP Address? */
if (IPSMember::isBanned('ipAddress', self::$handles['member']->ip_address) === TRUE) {
self::instance()->getClass('output')->showError('you_are_banned', 2000, true, null, 403);
}
/* Are we banned: By DB */
if (self::$handles['member']->getProperty('member_banned') == 1 or self::$handles['member']->getProperty('temp_ban')) {
/* Don't show this message if we're viewing the warn log */
if (ipsRegistry::$request['module'] != 'ajax' or ipsRegistry::$request['section'] != 'warnings') {
self::getClass('class_localization')->loadLanguageFile('public_error', 'core');
$message = '';
if (self::$handles['member']->getProperty('member_banned')) {
$message = self::getClass('class_localization')->words['no_view_board_b'];
} else {
$ban_arr = IPSMember::processBanEntry(self::$handles['member']->getProperty('temp_ban'));
/* No longer banned */
if (time() >= $ban_arr['date_end']) {
self::DB()->update('members', array('temp_ban' => ''), 'member_id=' . self::$handles['member']->getProperty('member_id'));
} else {
$message = sprintf(self::getClass('class_localization')->words['account_susp'], self::getClass('class_localization')->getDate($ban_arr['date_end'], 'LONG', 1));
}
}
/* Get anything? */
if ($message) {
$warn = ipsRegistry::DB()->buildAndFetch(array('select' => '*', 'from' => 'members_warn_logs', 'where' => 'wl_member=' . self::$handles['member']->getProperty('member_id') . ' AND wl_suspend<>0 AND wl_suspend<>-2', 'order' => 'wl_date DESC', 'limit' => 1));
if ($warn['wl_id'] and ipsRegistry::$settings['warn_show_own']) {
$moredetails = "<a href='javascript:void(0);' onclick='warningPopup( this, {$warn['wl_id']} );'>" . self::getClass('class_localization')->words['warnings_moreinfo'] . "</a>";
}
self::instance()->getClass('output')->showError("{$message} {$moredetails}", 1001, true, null, 403);
}
}
}
/* Check server load */
if (ipsRegistry::$settings['load_limit'] > 0) {
$server_load = IPSDebug::getServerLoad();
if ($server_load) {
$loadinfo = explode("-", $server_load);
if (count($loadinfo)) {
self::$server_load = $loadinfo[0];
if (self::$server_load > ipsRegistry::$settings['load_limit']) {
self::instance()->getClass('output')->showError('server_too_busy', 2001);
}
}
}
}
/* Specific Ajax Check */
if (IPS_IS_AJAX and ipsRegistry::$request['section'] != 'warnings') {
if (self::$handles['member']->getProperty('g_view_board') != 1 || ipsRegistry::$settings['board_offline'] && !self::$handles['member']->getProperty('g_access_offline')) {
@header("Content-type: application/json;charset=" . IPS_DOC_CHAR_SET);
print json_encode(array('error' => 'no_permission', '__board_offline__' => 1));
exit;
}
}
/* Other public check */
if (IPB_THIS_SCRIPT == 'public' and IPS_ENFORCE_ACCESS === FALSE and (ipsRegistry::$request['section'] != 'login' and ipsRegistry::$request['section'] != 'lostpass' and IPS_IS_AJAX === FALSE and ipsRegistry::$request['section'] != 'rss' and ipsRegistry::$request['section'] != 'attach' and ipsRegistry::$request['module'] != 'task' and ipsRegistry::$request['section'] != 'captcha')) {
//-----------------------------------------
// Permission to see the board?
//-----------------------------------------
if (self::$handles['member']->getProperty('g_view_board') != 1) {
self::getClass('output')->showError('no_view_board', 1000, null, null, 403);
}
//--------------------------------
// Is the board offline?
//--------------------------------
if (ipsRegistry::$settings['board_offline'] == 1 and !IPS_IS_SHELL) {
if (self::$handles['member']->getProperty('g_access_offline') != 1) {
ipsRegistry::$settings['no_reg'] = 1;
self::getClass('output')->showBoardOffline();
}
}
//-----------------------------------------
// Do we have a display name?
//-----------------------------------------
if (!(ipsRegistry::$request['section'] == 'register' and (ipsRegistry::$request['do'] == 'complete_login' or ipsRegistry::$request['do'] == 'complete_login_do'))) {
if (!self::$handles['member']->getProperty('members_display_name')) {
$pmember = self::DB()->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . self::$handles['member']->getProperty('member_id')));
if (!$pmember['partial_member_id']) {
$pmember = array('partial_member_id' => self::$handles['member']->getProperty('member_id'), 'partial_date' => time(), 'partial_email_ok' => self::$handles['member']->getProperty('email') == self::$handles['member']->getProperty('name') . '@' . self::$handles['member']->getProperty('joined') ? 0 : 1);
self::DB()->insert('members_partial', $pmember);
$pmember['partial_id'] = self::DB()->getInsertId();
}
self::instance()->getClass('output')->silentRedirect(ipsRegistry::$settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . self::$handles['member']->getProperty('member_id') . '&key=' . $pmember['partial_date']);
}
}
//--------------------------------
// Is log in enforced?
//--------------------------------
if (!(defined('IPS_IS_SHELL') && IPS_IS_SHELL === TRUE) && (!IPS_IS_MOBILE_APP && self::$handles['member']->getProperty('member_group_id') == ipsRegistry::$settings['guest_group'] and ipsRegistry::$settings['force_login'] == 1 && !in_array(ipsRegistry::$request['section'], array('register', 'privacy', 'unsubscribe')))) {
if (ipsRegistry::$settings['logins_over_https'] and (!$_SERVER['HTTPS'] or $_SERVER['HTTPS'] != 'on')) {
//-----------------------------------------
// Set referrer
//-----------------------------------------
if (!my_getenv('HTTP_REFERER') or stripos(my_getenv('HTTP_REFERER'), ipsRegistry::$settings['board_url']) === false) {
$http_referrer = (strtolower($_SERVER['HTTPS']) == 'on' ? "https://" : "http://") . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
} else {
$http_referrer = my_getenv('HTTP_REFERER');
}
self::instance()->getClass('output')->silentRedirect(str_replace('http://', 'https://', ipsRegistry::$settings['base_url']) . 'app=core&module=global§ion=login&referer=' . urlencode($http_referrer));
}
ipsRegistry::$request['app'] = 'core';
ipsRegistry::$request['module'] = 'login';
ipsRegistry::$request['core'] = 'login';
ipsRegistry::$request['referer'] = ipsRegistry::$request['referer'] ? ipsRegistry::$request['referer'] : (strtolower($_SERVER['HTTPS']) == 'on' ? "https://" : "http://") . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
if (is_file(DOC_IPS_ROOT_PATH . '/' . PUBLIC_DIRECTORY . '/style_css/' . ipsRegistry::getClass('output')->skin['_csscacheid'] . '/ipb_login_register.css')) {
ipsRegistry::getClass('output')->addToDocumentHead('importcss', ipsRegistry::$settings['css_base_url'] . 'style_css/' . ipsRegistry::getClass('output')->skin['_csscacheid'] . '/ipb_login_register.css');
}
$classToLoad = IPSLib::loadActionOverloader(IPSLib::getAppDir('core') . "/modules_public/global/login.php", 'public_core_global_login');
$runme = new $classToLoad(self::instance());
$runme->doExecute(self::instance());
exit;
}
}
/* Have we entered an incorrect FURL that has no match? */
if (ipsRegistry::$settings['use_friendly_urls'] and self::$_noFurlMatch === true) {
self::getClass('output')->showError('incorrect_furl', 404, null, null, 404);
} else {
if (isset(ipsRegistry::$request['act']) and ipsRegistry::$request['act'] == 'rssout') {
self::getClass('output')->showError('incorrect_furl', 404, null, null, 404);
}
}
/* Track search engine visits */
if (!IPS_IS_TASK and $_SERVER['HTTP_REFERER']) {
seoTracker::track($_SERVER['HTTP_REFERER'], self::$settings['query_string_real'], self::$handles['member']->getProperty('member_id'));
}
}
}
IPSDebug::setMemoryDebugFlag("Registry initialized");
}
/**
* Show the login form
*
* @access public
* @param string Message to show on login form
* @return string Login form HTML
*/
public function loginForm($message = "", $replacement = '')
{
//-----------------------------------------
// INIT
//-----------------------------------------
$extra_form = "";
$show_form = 1;
$template = '';
//-----------------------------------------
// Are they banned?
//-----------------------------------------
if (IPSMember::isBanned('ip', $this->member->ip_address)) {
$this->registry->getClass('output')->showError('you_are_banned', 2011);
}
if ($message != "") {
if ($replacement) {
$message = sprintf($this->lang->words[$message], $replacement);
} else {
$message = $this->lang->words[$message];
}
$name = $this->request['UserName'] ? $this->request['UserName'] : $this->request['address'];
$message = str_replace("<#NAME#>", "<b>" . $name . "</b>", $message);
$template .= $this->registry->getClass('output')->getTemplate('login')->errors($message);
}
//-----------------------------------------
// Using an alternate log in form?
//-----------------------------------------
$this->han_login->checkLoginUrlRedirect();
//-----------------------------------------
// Extra HTML?
//-----------------------------------------
$additionalForm = $this->han_login->additionalFormHTML();
if (count($additionalForm[1])) {
if ($additionalForm[0] == 'add') {
$extra_form = $additionalForm[1];
$show_form = 1;
} else {
$template .= $additionalForm[1];
$show_form = 0;
}
}
//-----------------------------------------
// Continue...
//-----------------------------------------
if ($show_form) {
if ($this->request['referer']) {
$http_referrer = $this->request['referer'];
} else {
if (!my_getenv('HTTP_REFERER') or stripos(my_getenv('HTTP_REFERER'), $this->settings['board_url']) === false) {
// HTTP_REFERER isn't set when force_login is enabled
// This method will piece together the base url, and the querystring arguments
// This is not anymore secure/insecure than IPB, as IPB will have to process
// those arguments whether force_login is enabled or not.
$argv = is_array(my_getenv('argv')) && count(my_getenv('argv')) > 0 ? my_getenv('argv') : array();
$http_referrer = $this->settings['base_url'] . @implode("&", $argv);
} else {
$http_referrer = my_getenv('HTTP_REFERER');
}
}
$facebookOpts = array();
$login_methods = false;
$uses_name = false;
$uses_email = false;
foreach ($this->cache->getCache('login_methods') as $method) {
$login_methods[$method['login_folder_name']] = $method['login_folder_name'];
if ($method['login_user_id'] == 'username') {
$uses_name = true;
}
if ($method['login_user_id'] == 'email') {
$uses_email = true;
}
}
if ($uses_name and $uses_email) {
$this->lang->words['enter_name'] = $this->lang->words['enter_name_and_email'];
} else {
if ($uses_email) {
$this->lang->words['enter_name'] = $this->lang->words['enter_useremail'];
} else {
$this->lang->words['enter_name'] = $this->lang->words['enter_username'];
}
}
$template .= $this->registry->getClass('output')->getTemplate('login')->showLogInForm($this->lang->words['please_log_in'], htmlentities(urldecode($http_referrer)), $extra_form, $login_methods, $facebookOpts);
}
/* Work around for bug http://bugs.developers.facebook.com/show_bug.cgi?id=3237 */
if (IPSLib::fbc_enabled()) {
$this->_facebook->testConnectSession();
}
$this->registry->getClass('output')->addNavigation($this->lang->words['log_in'], '');
$this->registry->getClass('output')->setTitle($this->lang->words['log_in']);
$this->registry->getClass('output')->addContent($template);
$this->registry->getClass('output')->sendOutput();
}
/**
* Completes the connection
*
* @access public
* @return redirect
*
*/
public function finishLogin()
{
/* From reg flag */
if ($_REQUEST['code']) {
/* Reset api to ensure user is not logged in */
$this->resetApi();
/* Ensure URL is correct */
$_urlExtra = '';
if ($_REQUEST['key']) {
$_urlExtra .= '&key=' . $_REQUEST['key'];
}
if ($_REQUEST['reg']) {
$_urlExtra .= '®=1';
}
/* Update callback url */
$this->_api->setVariable('authorize_callback_uri', VKONTAKTE_CALLBACK . $_urlExtra);
/* Generate oAuth token */
$rToken = $this->_api->getAccessToken();
if (is_string($rToken)) {
try {
$oAuthSession = $this->_api->getSession();
$r = $this->_api->api('getProfiles', 'GET', array('uids' => $oAuthSession['user_id'], 'fields' => 'uid,first_name,last_name,nickname,photo,photo_medium,photo_big,timezone,sex,nickname,activity'));
$_userData = array_pop($r['response']);
} catch (Exception $e) {
}
/* A little gymnastics */
$this->_userData = $_userData;
$this->_userData['photo'] = $_userData['photo_big'];
/* Got a member linked already? */
$_member = IPSMember::load($_userData['uid'], 'all', 'vk_uid');
if ($_member['member_id']) {
$memberData = $_member;
/* Ensure user's row is up to date */
IPSMember::save($memberData['member_id'], array('core' => array('vk_token' => $rToken)));
/* Here, so log us in!! */
/* changed by denchu 26/12/12 */
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
} else {
/* No? Create a new member */
foreach (array('vc_s_pic', 'vc_s_status') as $field) {
$toSave[$field] = 1;
}
$vk_bwoptions = IPSBWOptions::freeze($toSave, 'vkontakte');
$safeName = IPSText::convertCharsets($_userData['first_name'] . ' ' . $_userData['last_name'], 'utf-8', IPS_DOC_CHAR_SET);
$displayName = $this->settings['fb_realname'] == 'enforced' ? $safeName : '';
//$displayName = ( ! $this->settings['auth_allow_dnames'] ) ? $safeName : FALSE;
/* Make sure usernames are safe */
if ($this->settings['username_characters']) {
$check_against = preg_quote($this->settings['username_characters'], "/");
$check_against = str_replace('\\-', '-', $check_against);
$safeName = preg_replace('/[^' . $check_against . ']+/i', '', $safeName);
}
if (IPSText::mbstrlen($safeName) > $this->settings['max_user_name_length']) {
$safeName = mb_substr(IPSText::convertCharsets($_userData['last_name'], 'utf-8', IPS_DOC_CHAR_SET), 0, $this->settings['max_user_name_length'], 'UTF-8');
}
/* Check ban filters? */
if (IPSMember::isBanned('name', $safeName)) {
$this->registry->output->showError('you_are_banned', 1090003);
}
/* From reg, so create new account properly */
$toSave = array('core' => array('name' => $safeName, 'members_display_name' => $displayName, 'members_created_remote' => 1, 'member_group_id' => $this->settings['vk_mgid'] ? $this->settings['vk_mgid'] : $this->settings['member_group'], 'email' => '', 'vk_uid' => $_userData['uid'], 'time_offset' => $_userData['timezone'], 'vk_token' => $rToken), 'extendedProfile' => array('vk_bwoptions' => $vk_bwoptions));
$memberData = IPSMember::create($toSave, TRUE, FALSE, TRUE);
if (!$memberData['member_id']) {
throw new Exception('CREATION_FAIL');
}
/* Sync up photo */
$this->syncMember($memberData['member_id']);
$pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id']));
if ($pmember['partial_member_id']) {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']);
} else {
/* Already got a display name */
if ($displayName) {
/* Here, so log us in!! */
/* changed by denchu 26/12/12*/
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
IPSLib::runMemberSync('onCompleteAccount', $memberData);
if ($this->settings['new_reg_notify']) {
$this->registry->class_localization->loadLanguageFile(array('public_register'), 'core');
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("admin_newuser"));
IPSText::getTextClass('email')->buildMessage(array('DATE' => $this->registry->getClass('class_localization')->getDate(time(), 'LONG', 1), 'LOG_IN_NAME' => $safeFBName, 'EMAIL' => $_userData['email'], 'IP' => $this->member->ip_address, 'DISPLAY_NAME' => $displayName));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
} else {
throw new Exception('CREATION_FAIL');
}
}
}
} else {
throw new Exception('CREATION_FAIL');
}
}
}
