-
Notifications
You must be signed in to change notification settings - Fork 1
/
register.php
213 lines (183 loc) · 7.01 KB
/
register.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
<?php
require_once("models/config.php");
//REDIRECT USERS THAT ARE ALREADY LOGGED IN TO THE PORTAL PAGE
if(isUserLoggedIn()) {
$destination = (isUserActive() ? $websiteUrl . "dashboard/index.php" : $websiteUrl . "consent.php");
header("Location: " . $destination);
exit;
}
//ELIGIBLE CITY/ZIP COMBINATIONS
include("models/inc/city_zips.php");
$username_label = "";
$badlogin = "";
$eligible_zips = array();
foreach($city_zips as $city => $zips){
$eligible_zips = array_merge($eligible_zips, $zips);
}
$eligible_map = json_encode($city_zips);
$lang_req = $_SESSION["use_lang"];
$step_one_on = empty($_GET['step']) ? "on" : "";
$step_two_on = !empty($_GET['step']) ? "on" : "";
if(!empty($_GET["msg"])){
addSessionAlert( $_GET["msg"] );
}
if(isset($_GET["ref"])){
$linked_proj = base64_decode($_GET["ref"]);
$_SESSION["linked_project"] = json_decode($linked_proj,1);
}
// PROCESS NEW USER
if(!empty($_POST['submit_new_user'])){
$errors = array();
$email = trim($_POST["username"]);
$emailchek = trim($_POST["usernametoo"]);
// use the email as the username if configured
$username = $portal_config['useEmailAsUsername'] ? $email : trim($_POST["username"]);
$password = md5("somelongthingsurewhynot" + $username); //USE A TEMP PASSWORD FOR NOW
$fname = (!empty($_POST["firstname"]) ? $_POST["firstname"] : null ) ;
$lname = (!empty($_POST["lastname"]) ? $_POST["lastname"] : null) ;
$zip = (!empty($_POST["zip"]) ? intval($_POST["zip"]) :null ) ;
$city = (!empty($_POST["city"]) ? ucwords($_POST["city"]) :null ) ;
$state = (isset($_POST["state"]) ? $_POST["state"]: null) ;
$nextyear = (isset($_POST["nextyear"]) ? $_POST["nextyear"] :null ) ;
$in_usa = (isset($_POST["in_usa"]) ? $_POST["in_usa"] :null ) ;
$oldenough = (isset($_POST["oldenough"]) ? $_POST["oldenough"] : null) ;
$birthyear = (isset($_POST["birthyear"])) ? intval($_POST["birthyear"]) : null;
$optin = (isset($_POST["optin"]) ? $_POST["optin"] :null ) ;
$actualage = (!$birthyear ? null : date("Y") - $birthyear);
$lang_req = $_POST["lang_req"];
//VALIDATE STUFF (matching valid emails, nonnull fname, lastname, zip or city)
if(is_null($fname) || is_null($lname)){
$errors[] = lang("ACCOUNT_SPECIFY_F_L_NAME");
}
if($email != $emailchek){
$errors[] = lang("ACCOUNT_EMAIL_MISMATCH");
}elseif(!isValidemail($email)){
$errors[] = lang("ACCOUNT_INVALID_EMAIL");
}
// if(is_null($zip) && is_null($city)){
// $errors[] = lang("ACCOUNT_NEED_LOCATION");
// }
//End data validation
if(count($errors) == 0){
//Construct a user auth object
$auth = new RedcapAuth($username,NULL,$email, $fname, $lname, $zip, $city,$state, $actualage);
//Checking this flag tells us whether there were any errors such as possible data duplication occured
if($auth->emailExists()){
$tempu = getUserByEmail($email);
$olduser = new RedcapPortalUser($tempu->user_id);
if($olduser->isActive()){
//CURRENT ACCOUNT + ACTIVE (LINK ALREADY CLICKED)
$errors[] = lang("ACCOUNT_EMAIL_IN_USE_ACTIVE",array($email));
}else{
//CURRENT ACCOUTN NOT ACTIVE
if($oldenough && $optin && $actualage >= 18){
//WAS FORMERLY INELIGIBLE NOW ELIGIBLE, SEND ACTIVATION LINK
$errors[] = lang("ACCOUNT_NEW_ACTIVATION_SENT",array($email));
//SEND NEW ACTIVATION LINK
$olduser->updateUser(array(
getRF("zip") => $zip,
getRF("city") => $city,
getRF("state") => $state,
getRF("age") => $actualage,
getRF("lang") => $lang_req
));
$olduser->createEmailToken();
$olduser->emailEmailToken();
//CLEAN UP
unset($fname, $lname, $email, $zip, $city);
}else{
//WAS FORMERLY AND STILL IS INELIGIBLE
addSessionMessage( lang("ACCOUNT_NOT_YET_ELIGIBLE",array("")), "notice" );
}
}
}else{
//IF THEY DONT PASS ELIGIBILITY THEN THEY GET A THANK YOU , BUT NO ACCOUNT CREATION
//BUT NEED TO STORE THEIR STUFF FOR CONTACT
if($in_usa && $oldenough && $optin && $actualage >= 18){
//Attempt to add the user to the database, carry out finishing tasks like emailing the user (if required)
if($auth->createNewUser($password)){
addSessionMessage( lang("ACCOUNT_NEW_ACTIVATION_SENT"), "success");
header("Location: register.php?step=2");
exit;
// // THEY WILL NOW NEED TO VERIFY THEIR EMAIL LINK
// $loggedInUser = new RedcapPortalUser($auth->new_user_id);
}else{
$errors[] = !empty($auth->error) ? $auth->error : 'Unknown error creating user';
}
}else{
//ADD THEIR EMAIL , NAME TO CONTACT DB
$auth->createNewUser($password, FALSE);
$reason = "";
if(!$oldenough || $actualage < 18){
$reason = lang("ACCOUNT_TOO_YOUNG");
}
if(!$in_usa){
$reason = lang("ACCOUNT_NOT_IN_USA");
}
addSessionMessage( lang("ACCOUNT_NOT_YET_ELIGIBLE",array($reason)), "notice" );
}
//CLEAN UP
unset($fname, $lname, $email, $zip, $city);
}
}
// Add alerts to session for display
foreach ($errors as $error) {
addSessionAlert($error);
}
}elseif(!empty($_GET['activation']) && !empty($_GET['uid'])){
$uid = $_GET['uid'];
$activation = $_GET['activation'];
$newuser = new RedcapPortalUser($uid);
if($newuser->isEmailTokenValid($activation)){
//SET EMAIL = VERIFIED
$newuser->setEmailVerified();
//SET USER IN SESSION
$loggedInUser = new RedcapPortalUser($uid);
//AT THIS POINT, LOOK THROUGH ANY OTHER PROJECTS IN THE SURVEYS CONFIG
//THEN GO AHEAD AND CREATE A NEW RECORD ID FOR EACH INSTRUMENT (logged in user id + p001_1)
$supp_proj = SurveysConfig::$projects;
foreach($supp_proj as $proj_name => $project){
if($proj_name == $_CFG->SESSION_NAME){
continue;
}
$supp_id = linkSupplementalProject($project, $loggedInUser,REDCAP_PORTAL_EVENT);
$loggedInUser->{$proj_name} = $supp_id;
}
setSessionUser($loggedInUser);
//REDIRECT TO CONSENT
header("Location: consent.php");
exit;
}else{
// Invalid token match
$errors[] = lang("REGISTER_TOKEN_INVALID_1");
addSessionAlert( lang("REGISTER_TOKEN_INVALID_2"));
}
}
$username_validation = $portal_config['useEmailAsUsername'] ? "required: true, email: true" : "required: true";
$pg_title = "Register | $websiteName";
$body_classes = "login register";
include("models/inc/gl_header.php");
?>
<div id="content" class="container" role="main" tabindex="0">
<div class="row">
<div id="main-content" class="col-md-8 col-md-offset-2 registerAccount" role="main">
<?php
include("models/inc/language_select.php");
?>
<div class="well row">
<ul id="register_steps">
<li class='<?php echo $step_one_on ?>'><span>1</span> <?php echo lang("STEP_REGISTER") ?></li>
<li class='<?php echo $step_two_on ?>'><span>2</span> <?php echo lang("STEP_VERIFY") ?></li>
<li><span>3</span> <?php echo lang("STEP_CONSENT") ?></li>
<li><span>4</span> <?php echo lang("STEP_SECURITY") ?></li>
</ul>
<?php
include("models/inc/form_register.php");
?>
</div>
</div>
</div>
</div>
<?php
include("models/inc/gl_footer.php");
?>