function user_allow($hash)
{
$a = get_app();
$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1", dbesc($hash));
if (!count($register)) {
return false;
}
$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($register[0]['uid']));
if (!count($user)) {
killme();
}
$r = q("DELETE FROM `register` WHERE `hash` = '%s'", dbesc($register[0]['hash']));
$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d", intval($register[0]['uid']));
$r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1", intval($user[0]['uid']));
if (count($r) && $r[0]['net-publish']) {
$url = $a->get_baseurl() . '/profile/' . $user[0]['nickname'];
if ($url && strlen(get_config('system', 'directory'))) {
proc_run('php', "include/directory.php", "{$url}");
}
}
push_lang($register[0]['language']);
send_register_open_eml($user[0]['email'], $a->config['sitename'], $a->get_baseurl(), $user[0]['username'], $register[0]['password']);
pop_lang();
if ($res) {
info(t('Account approved.') . EOL);
return true;
}
}
function register_post(&$a)
{
global $lang;
$verified = 0;
$blocked = 1;
$arr = array('post' => $_POST);
call_hooks('register_post', $arr);
$max_dailies = intval(get_config('system', 'max_daily_registrations'));
if ($max_dailies) {
$r = q("select count(*) as total from user where register_date > UTC_TIMESTAMP - INTERVAL 1 day");
if ($r && $r[0]['total'] >= $max_dailies) {
return;
}
}
switch ($a->config['register_policy']) {
case REGISTER_OPEN:
$blocked = 0;
$verified = 1;
break;
case REGISTER_APPROVE:
$blocked = 1;
$verified = 0;
break;
default:
case REGISTER_CLOSED:
if (!x($_SESSION, 'authenticated') && !x($_SESSION, 'administrator')) {
notice(t('Permission denied.') . EOL);
return;
}
$blocked = 1;
$verified = 0;
break;
}
$arr = $_POST;
$arr['blocked'] = $blocked;
$arr['verified'] = $verified;
$result = create_user($arr);
if (!$result['success']) {
notice($result['message']);
return;
}
$user = $result['user'];
if ($netpublish && $a->config['register_policy'] != REGISTER_APPROVE) {
$url = $a->get_baseurl() . '/profile/' . $user['nickname'];
proc_run('php', "include/directory.php", "{$url}");
}
$using_invites = get_config('system', 'invitation_only');
$num_invites = get_config('system', 'number_invites');
$invite_id = x($_POST, 'invite_id') ? notags(trim($_POST['invite_id'])) : '';
if ($a->config['register_policy'] == REGISTER_OPEN) {
if ($using_invites && $invite_id) {
q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
set_pconfig($user['uid'], 'system', 'invites_remaining', $num_invites);
}
// Only send a password mail when the password wasn't manually provided
if (!x($_POST, 'password1') or !x($_POST, 'confirm')) {
$res = send_register_open_eml($user['email'], $a->config['sitename'], $a->get_baseurl(), $user['username'], $result['password']);
if ($res) {
info(t('Registration successful. Please check your email for further instructions.') . EOL);
goaway(z_root());
} else {
notice(sprintf(t('Failed to send email message. Here your accout details:<br> login: %s<br> password: %s<br><br>You can change your password after login.'), $user['email'], $result['password']) . EOL);
}
} else {
info(t('Registration successful.') . EOL);
goaway(z_root());
}
} elseif ($a->config['register_policy'] == REGISTER_APPROVE) {
if (!strlen($a->config['admin_email'])) {
notice(t('Your registration can not be processed.') . EOL);
goaway(z_root());
}
$hash = random_string();
$r = q("INSERT INTO `register` ( `hash`, `created`, `uid`, `password`, `language` ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", dbesc($hash), dbesc(datetime_convert()), intval($user['uid']), dbesc($result['password']), dbesc($lang));
// invite system
if ($using_invites && $invite_id) {
q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
set_pconfig($user['uid'], 'system', 'invites_remaining', $num_invites);
}
// send email to admins
$admin_mail_list = "'" . implode("','", array_map(dbesc, explode(",", str_replace(" ", "", $a->config['admin_email'])))) . "'";
$adminlist = q("SELECT uid, language, email FROM user WHERE email IN (%s)", $admin_mail_list);
foreach ($adminlist as $admin) {
notification(array('type' => NOTIFY_SYSTEM, 'event' => 'SYSTEM_REGISTER_REQUEST', 'source_name' => $user['username'], 'source_mail' => $user['email'], 'source_nick' => $user['nickname'], 'source_link' => $a->get_baseurl() . "/admin/users/", 'link' => $a->get_baseurl() . "/admin/users/", 'source_photo' => $a->get_baseurl() . "/photo/avatar/" . $user['uid'] . ".jpg", 'to_email' => $admin['email'], 'uid' => $admin['uid'], 'language' => $admin['language'] ? $admin['language'] : 'en'));
}
info(t('Your registration is pending approval by the site owner.') . EOL);
goaway(z_root());
}
return;
}
