Esempio n. 1
0
function createuser()
{
    global $_CONF, $_TABLES, $LANG01, $LANG04, $MESSAGE, $REMOTE_ADDR;
    $retval = '';
    $retval = '';
    $passwd = '';
    $passwd_conf = '';
    if ($_CONF['disable_new_user_registration']) {
        COM_setMsg($LANG04[122], 'error');
        echo COM_refresh($_CONF['site_url']);
    }
    $email = isset($_POST['email']) ? COM_applyFilter($_POST['email']) : '';
    $email_conf = isset($_POST['email_conf']) ? COM_applyFilter($_POST['email_conf']) : '';
    $username = isset($_POST['username']) ? $_POST['username'] : '';
    if (isset($_POST['passwd'])) {
        $passwd = trim($_POST['passwd']);
    }
    if (isset($_POST['passwd_conf'])) {
        $passwd_conf = trim($_POST['passwd_conf']);
    }
    $username = COM_truncate(trim($username), 48);
    if (!USER_validateUsername($username)) {
        $retval .= newuserform($LANG04[162]);
        return $retval;
    }
    $email = COM_truncate(trim($email), 96);
    $email_conf = trim($email_conf);
    if ($_CONF['registration_type'] == 1) {
        if (empty($passwd) || $passwd != $passwd_conf) {
            $retval .= newuserform($MESSAGE[67]);
            return $retval;
        }
    }
    $fullname = '';
    if (!empty($_POST['fullname'])) {
        $fullname = COM_truncate(trim(USER_sanitizeName($_POST['fullname'])), 80);
    }
    if (!isset($_CONF['disallow_domains'])) {
        $_CONF['disallow_domains'] = '';
    }
    if (COM_isEmail($email) && !empty($username) && $email === $email_conf && !USER_emailMatches($email, $_CONF['disallow_domains']) && strlen($username) <= 48) {
        $ucount = DB_count($_TABLES['users'], 'username', DB_escapeString($username));
        $ecount = DB_count($_TABLES['users'], 'email', DB_escapeString($email));
        if ($ucount == 0 and $ecount == 0) {
            // For glFusion, it would be okay to create this user now. But check
            // with a custom userform first, if one exists.
            if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) {
                $msg = CUSTOM_userCheck($username, $email);
                if (!empty($msg)) {
                    // no, it's not okay with the custom userform
                    $retval = CUSTOM_userForm($msg);
                    return $retval;
                }
            }
            // Let plugins have a chance to decide what to do before creating the user, return errors.
            $spamCheckData = array('username' => $username, 'email' => $email, 'ip' => $REMOTE_ADDR);
            $msg = PLG_itemPreSave('registration', $spamCheckData);
            if (!empty($msg)) {
                $retval .= newuserform($msg);
                return $retval;
            }
            if ($_CONF['registration_type'] == 1 && !empty($passwd)) {
                $encryptedPasswd = SEC_encryptPassword($passwd);
            } else {
                $encryptedPasswd = '';
            }
            $uid = USER_createAccount($username, $email, $encryptedPasswd, $fullname);
            if ($_CONF['usersubmission'] == 1) {
                if (DB_getItem($_TABLES['users'], 'status', "uid = " . (int) $uid) == USER_ACCOUNT_AWAITING_APPROVAL) {
                    echo COM_refresh($_CONF['site_url'] . '/index.php?msg=48');
                } else {
                    $retval = emailpassword($username, $passwd, 1);
                }
            } else {
                $retval = emailpassword($username, $passwd);
            }
            return $retval;
        } else {
            $retval .= newuserform($LANG04[19]);
        }
    } else {
        if ($email !== $email_conf) {
            $msg = $LANG04[125];
            $retval .= newuserform($msg);
        } else {
            // invalid username or email address
            if (empty($username) || strlen($username) > 48) {
                $msg = $LANG01[32];
                // invalid username
            } else {
                $msg = $LANG04[18];
                // invalid email address
            }
            $retval .= newuserform($msg);
        }
    }
    return $retval;
}
Esempio n. 2
0
/**
 * Creates a user
 * Creates a user with the give username and email address
 *
 * @param    string $username   username to create user for
 * @param    string $email      email address to assign to user
 * @param    string $email_conf confirmation email address check
 * @return   string      HTML for the form again if error occurs, otherwise nothing.
 */
function createuser($username, $email, $email_conf)
{
    global $_CONF, $_TABLES, $LANG01, $LANG04;
    $retval = '';
    $username = trim($username);
    $email = trim($email);
    $email_conf = trim($email_conf);
    if (!isset($_CONF['disallow_domains'])) {
        $_CONF['disallow_domains'] = '';
    }
    if (COM_isEmail($email) && !empty($username) && $email === $email_conf && !USER_emailMatches($email, $_CONF['disallow_domains']) && strlen($username) <= 16) {
        $ucount = DB_count($_TABLES['users'], 'username', DB_escapeString($username));
        $ecount = DB_count($_TABLES['users'], 'email', DB_escapeString($email));
        if ($ucount == 0 && $ecount == 0) {
            // For Geeklog, it would be okay to create this user now. But check
            // with a custom userform first, if one exists.
            if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) {
                $ret = CUSTOM_userCheck($username, $email);
                if (!empty($ret)) {
                    // no, it's not okay with the custom userform
                    $retval = COM_createHTMLDocument(CUSTOM_userForm($ret['string']));
                    return $retval;
                }
            }
            // Let plugins have a chance to decide what to do before creating the user, return errors.
            $msg = PLG_itemPreSave('registration', $username);
            if (!empty($msg)) {
                if ($_CONF['custom_registration'] && function_exists('CUSTOM_userForm')) {
                    $retval .= CUSTOM_userForm($msg);
                } else {
                    $retval .= newuserform($msg);
                }
                $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG04[22]));
                return $retval;
            }
            $uid = USER_createAccount($username, $email);
            if ($_CONF['usersubmission'] == 1) {
                if (DB_getItem($_TABLES['users'], 'status', "uid = {$uid}") == USER_ACCOUNT_AWAITING_APPROVAL) {
                    COM_redirect($_CONF['site_url'] . '/index.php?msg=48');
                } else {
                    $retval = emailpassword($username, 1);
                }
            } else {
                $retval = emailpassword($username, 1);
            }
            return $retval;
        } else {
            if ($_CONF['custom_registration'] && function_exists('CUSTOM_userForm')) {
                $retval .= CUSTOM_userForm($LANG04[19]);
            } else {
                $retval .= newuserform($LANG04[19]);
            }
            $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG04[22]));
        }
    } elseif ($email !== $email_conf) {
        $msg = $LANG04[125];
        if ($_CONF['custom_registration'] && function_exists('CUSTOM_userForm')) {
            $retval .= CUSTOM_userForm($msg);
        } else {
            $retval .= newuserform($msg);
        }
        $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG04[22]));
    } else {
        // invalid username or email address
        if (empty($username) || strlen($username) > 16) {
            $msg = $LANG01[32];
            // invalid username
        } else {
            $msg = $LANG04[18];
            // invalid email address
        }
        if ($_CONF['custom_registration'] && function_exists('CUSTOM_userForm')) {
            $retval .= CUSTOM_userForm($msg);
        } else {
            $retval .= newuserform($msg);
        }
        $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG04[22]));
    }
    return $retval;
}