public function registerTBMember($vars) { $Auth = new MOD_bw_user_Auth(); $authId = $Auth->checkAuth('defaultUser'); // TODO: we shouldn't use mysql's password(), // but for now it's to get nearer to the BW style $query = ' INSERT INTO `user` (`id`, `auth_id`, `handle`, `email`, `active`) VALUES ( ' . $this->dao->nextId('user') . ', ' . (int) $authId . ', \'' . $vars['username'] . '\', \'' . $vars['email'] . '\', 0 )'; $s = $this->dao->query($query); if (!$s->insertId()) { $vars['errors'] = array('inserror'); return false; } $userId = $s->insertId(); $key = PFunctions::randomString(16); // save register key if (!APP_User::addSetting($userId, 'regkey', $key)) { $vars['errors'] = array('inserror'); return false; } // save lang if (!APP_User::addSetting($userId, 'lang', PVars::get()->lang)) { $vars['errors'] = array('inserror'); return false; } return $userId; }
/** * Processing registration * * This is a POST callback function * * Sets following errors in POST-vars: * username - general username fault * uinuse - username already in use * email - general email fault, email format error * einuse - email in use * pw - general password fault * pwmismatch - password mismatch * inserror - error performing db insertion * * @param void */ public function registerProcess() { $c = PFunctions::hex2base64(sha1(__METHOD__)); if (PPostHandler::isHandling()) { $vars =& PPostHandler::getVars(); $errors = array(); // check username if (!isset($vars['u']) || !preg_match(User::HANDLE_PREGEXP, $vars['u']) || strpos($vars['u'], 'xn--') !== false) { $errors[] = 'username'; } elseif ($this->handleInUse($vars['u'])) { $errors[] = 'uinuse'; } // email if (!isset($vars['e']) || !PFunctions::isEmailAddress($vars['e'])) { $errors[] = 'email'; } elseif ($this->emailInUse($vars['e'])) { $errors[] = 'einuse'; } // password if (!isset($vars['p']) || !isset($vars['pc']) || !$vars['p'] || !$vars['pc'] || strlen($vars['p']) < 8) { $errors[] = 'pw'; } elseif ($vars['p'] != $vars['pc']) { $errors[] = 'pwmismatch'; } else { if (substr_count($vars['p'], '*') != strlen($vars['p'])) { // set encoded pw $vars['pwenc'] = MOD_user::passwordEncrypt($vars['p']); $shadow = str_repeat('*', strlen($vars['p'])); $vars['p'] = $shadow; $vars['pc'] = $shadow; } } if (count($errors) > 0) { $vars['errors'] = $errors; return false; } $Auth = new MOD_user_Auth(); $authId = $Auth->checkAuth('defaultUser'); $query = ' INSERT INTO `user` (`id`, `auth_id`, `handle`, `email`, `pw`, `active`) VALUES ( ' . $this->dao->nextId('user') . ', ' . (int) $authId . ', \'' . $this->dao->escape($vars['u']) . '\', \'' . $this->dao->escape($vars['e']) . '\', \'' . $this->dao->escape($vars['pwenc']) . '\', 0 )'; $s = $this->dao->query($query); if (!$s->insertId()) { $vars['errors'] = array('inserror'); return false; } $userId = $s->insertId(); $key = PFunctions::randomString(16); // save register key if (!APP_User::addSetting($userId, 'regkey', $key)) { $vars['errors'] = array('inserror'); return false; } // save lang if (!APP_User::addSetting($userId, 'lang', PVars::get()->lang)) { $vars['errors'] = array('inserror'); return false; } $View = new UserView($this); $View->registerMail($userId); PPostHandler::clearVars(); return PVars::getObj('env')->baseuri . 'user/register/finish'; } else { PPostHandler::setCallback($c, __CLASS__, __FUNCTION__); return $c; } }