private function user_register($profile, $prev_url) { global $forum_config, $lang_fancy_login_loginza, $forum_user, $forum_db, $forum_url; // Load the profile language file if (!isset($lang_profile)) { require FORUM_ROOT . 'lang/' . $forum_user['language'] . '/profile.php'; } // We allowed register new users? if ($forum_config['o_regs_allow'] == '0') { message($lang_profile['No new regs']); } // Check that someone from this IP didn't register a user within the last hour (DoS prevention) $query = array('SELECT' => 'COUNT(u.id)', 'FROM' => 'users AS u', 'WHERE' => 'u.registration_ip=\'' . $forum_db->escape(get_remote_address()) . '\' AND u.registered>' . (time() - 3600)); ($hook = get_hook('rg_register_qr_check_register_flood')) ? eval($hook) : null; $result = $forum_db->query_build($query) or error(__FILE__, __LINE__); if ($forum_db->result($result) > 0) { message($lang_profile['Registration flood']); } // Get user info from Loginza Profile $username = $this->get_username_for_new_user($profile); $loginza_identity = isset($profile->identity) ? forum_trim($profile->identity) : FALSE; $lup = new LoginzaUserProfile($profile); $email = $lup->get_email(); if (!$username) { message($lang_fancy_login_loginza['Error empty username']); } if (!$loginza_identity) { message($lang_fancy_login_loginza['Error empty identity']); } // Check e-mail address $banned_email = FALSE; $dupe_list = array(); if ($email) { $error = $this->check_email($email, $banned_email, $dupe_list); if (TRUE !== $error) { message($error); } } // Clean old unverified registrators - delete older than 72 hours $query = array('DELETE' => 'users', 'WHERE' => 'group_id=' . FORUM_UNVERIFIED . ' AND activate_key IS NOT NULL AND registered < ' . (time() - 259200)); ($hook = get_hook('rg_register_qr_delete_unverified')) ? eval($hook) : null; $forum_db->query_build($query) or error(__FILE__, __LINE__); ($hook = get_hook('rg_register_end_validation')) ? eval($hook) : null; // User default info $language = $forum_config['o_default_lang']; $password = random_key(12, TRUE); $salt = random_key(12); $password_hash = forum_hash($password, $salt); $initial_group_id = $forum_config['o_regs_verify'] == '0' ? $forum_config['o_default_user_group'] : FORUM_UNVERIFIED; // Timezone & DST $this->get_timezone_and_dst($timezone, $dst); // Insert the new user into the database. // We do this now to get the last inserted id for later use. $user_info = array('username' => $username, 'group_id' => $initial_group_id, 'salt' => $salt, 'password' => $password, 'password_hash' => $password_hash, 'email' => $email, 'email_setting' => $forum_config['o_default_email_setting'], 'timezone' => $timezone, 'dst' => $dst, 'language' => $forum_config['o_default_lang'], 'style' => $forum_config['o_default_style'], 'registered' => time(), 'registration_ip' => get_remote_address(), 'activate_key' => $forum_config['o_regs_verify'] == '1' ? '\'' . random_key(8, TRUE) . '\'' : 'NULL', 'require_verification' => $forum_config['o_regs_verify'] == '1', 'notify_admins' => $forum_config['o_regs_report'] == '1', 'loginza_profile' => $profile, 'loginza_return_url' => $prev_url, 'loginza_banned_email' => $banned_email, 'loginza_dupe_list' => $dupe_list); ($hook = get_hook('rg_register_pre_add_user')) ? eval($hook) : null; // If we dont have email — save userdata to session and show form if (!$email) { if (!isset($_SESSION)) { session_start(); } $session_id = 'fancy_login_loginza_' . random_key(12, TRUE, TRUE); $_SESSION[$session_id] = $user_info; $this->form_end_reg($session_id); } else { if ($forum_config['o_regs_verify'] == '1' && $forum_config['o_fancy_login_loginza_trust_openid_emails'] == '1') { // Skip activate email from OpenID $user_info['activate_key'] = 'NULL'; $user_info['require_verification'] = FALSE; $user_info['group_id'] = $forum_config['o_default_user_group']; } $this->register($user_info); } }