Esempio n. 1
0
    public function registerTBMember($vars)
    {
        $Auth = new MOD_bw_user_Auth();
        $authId = $Auth->checkAuth('defaultUser');
        // TODO: we shouldn't use mysql's password(),
        // but for now it's to get nearer to the BW style
        $query = '
INSERT INTO `user`
(`id`, `auth_id`, `handle`, `email`, `active`)
VALUES
(
    ' . $this->dao->nextId('user') . ',
    ' . (int) $authId . ',
    \'' . $vars['username'] . '\',
    \'' . $vars['email'] . '\',
    0
)';
        $s = $this->dao->query($query);
        if (!$s->insertId()) {
            $vars['errors'] = array('inserror');
            return false;
        }
        $userId = $s->insertId();
        $key = PFunctions::randomString(16);
        // save register key
        if (!APP_User::addSetting($userId, 'regkey', $key)) {
            $vars['errors'] = array('inserror');
            return false;
        }
        // save lang
        if (!APP_User::addSetting($userId, 'lang', PVars::get()->lang)) {
            $vars['errors'] = array('inserror');
            return false;
        }
        return $userId;
    }
Esempio n. 2
0
    /**
     * Processing registration
     *
     * This is a POST callback function
     *
     * Sets following errors in POST-vars:
     * username   - general username fault
     * uinuse     - username already in use
     * email      - general email fault, email format error
     * einuse     - email in use
     * pw         - general password fault
     * pwmismatch - password mismatch
     * inserror   - error performing db insertion
     *
     * @param void
     */
    public function registerProcess()
    {
        $c = PFunctions::hex2base64(sha1(__METHOD__));
        if (PPostHandler::isHandling()) {
            $vars =& PPostHandler::getVars();
            $errors = array();
            // check username
            if (!isset($vars['u']) || !preg_match(User::HANDLE_PREGEXP, $vars['u']) || strpos($vars['u'], 'xn--') !== false) {
                $errors[] = 'username';
            } elseif ($this->handleInUse($vars['u'])) {
                $errors[] = 'uinuse';
            }
            // email
            if (!isset($vars['e']) || !PFunctions::isEmailAddress($vars['e'])) {
                $errors[] = 'email';
            } elseif ($this->emailInUse($vars['e'])) {
                $errors[] = 'einuse';
            }
            // password
            if (!isset($vars['p']) || !isset($vars['pc']) || !$vars['p'] || !$vars['pc'] || strlen($vars['p']) < 8) {
                $errors[] = 'pw';
            } elseif ($vars['p'] != $vars['pc']) {
                $errors[] = 'pwmismatch';
            } else {
                if (substr_count($vars['p'], '*') != strlen($vars['p'])) {
                    // set encoded pw
                    $vars['pwenc'] = MOD_user::passwordEncrypt($vars['p']);
                    $shadow = str_repeat('*', strlen($vars['p']));
                    $vars['p'] = $shadow;
                    $vars['pc'] = $shadow;
                }
            }
            if (count($errors) > 0) {
                $vars['errors'] = $errors;
                return false;
            }
            $Auth = new MOD_user_Auth();
            $authId = $Auth->checkAuth('defaultUser');
            $query = '
INSERT INTO `user`
(`id`, `auth_id`, `handle`, `email`, `pw`, `active`)
VALUES
(
    ' . $this->dao->nextId('user') . ',
    ' . (int) $authId . ',
    \'' . $this->dao->escape($vars['u']) . '\',
    \'' . $this->dao->escape($vars['e']) . '\',
    \'' . $this->dao->escape($vars['pwenc']) . '\',
    0
)';
            $s = $this->dao->query($query);
            if (!$s->insertId()) {
                $vars['errors'] = array('inserror');
                return false;
            }
            $userId = $s->insertId();
            $key = PFunctions::randomString(16);
            // save register key
            if (!APP_User::addSetting($userId, 'regkey', $key)) {
                $vars['errors'] = array('inserror');
                return false;
            }
            // save lang
            if (!APP_User::addSetting($userId, 'lang', PVars::get()->lang)) {
                $vars['errors'] = array('inserror');
                return false;
            }
            $View = new UserView($this);
            $View->registerMail($userId);
            PPostHandler::clearVars();
            return PVars::getObj('env')->baseuri . 'user/register/finish';
        } else {
            PPostHandler::setCallback($c, __CLASS__, __FUNCTION__);
            return $c;
        }
    }