defined('C5_EXECUTE') or die("Access Denied."); $token = \Core::make('Concrete\\Core\\Validation\\CSRF\\Token'); ?> <div class="row"> <div class="col-sm-10 col-sm-offset-1"> <div class="page-header"> <h1><?php echo t('Site Registration'); ?> </h1> </div> </div> </div> <?php $attribs = UserAttributeKey::getRegistrationList(); if ($registerSuccess) { ?> <div class="row"> <div class="col-sm-10 col-sm-offset-1"> <?php switch ($registerSuccess) { case "registered": ?> <p><strong><?php echo $successMsg; ?> </strong><br/><br/> <a href="<?php echo $view->url('/'); ?>
public function do_register() { $registerData['success']=0; $userHelper = Loader::helper('concrete/user'); $e = Loader::helper('validation/error'); $ip = Loader::helper('validation/ip'); $txt = Loader::helper('text'); $vals = Loader::helper('validation/strings'); $valc = Loader::helper('concrete/validation'); $username = $_POST['uName']; $password = $_POST['uPassword']; $passwordConfirm = $_POST['uPasswordConfirm']; // clean the username $username = trim($username); $username = preg_replace("/ +/", " ", $username); if (!$ip->check()) { $e->add($ip->getErrorMessage()); } if (ENABLE_REGISTRATION_CAPTCHA) { $captcha = Loader::helper('validation/captcha'); if (!$captcha->check()) { $e->add(t("Incorrect image validation code. Please check the image and re-enter the letters or numbers as necessary.")); } } if (!$vals->email($_POST['uEmail'])) { $e->add(t('Invalid email address provided.')); } else if (!$valc->isUniqueEmail($_POST['uEmail'])) { $e->add(t("The email address %s is already in use. Please choose another.", $_POST['uEmail'])); } //if (USER_REGISTRATION_WITH_EMAIL_ADDRESS == false) { if (strlen($username) < USER_USERNAME_MINIMUM) { $e->add(t('A username must be between at least %s characters long.', USER_USERNAME_MINIMUM)); } if (strlen($username) > USER_USERNAME_MAXIMUM) { $e->add(t('A username cannot be more than %s characters long.', USER_USERNAME_MAXIMUM)); } if (strlen($username) >= USER_USERNAME_MINIMUM && !$valc->username($username)) { if(USER_USERNAME_ALLOW_SPACES) { $e->add(t('A username may only contain letters, numbers and spaces.')); } else { $e->add(t('A username may only contain letters or numbers.')); } } if (!$valc->isUniqueUsername($username)) { $e->add(t("The username %s already exists. Please choose another", $username)); } //} if ($username == USER_SUPER) { $e->add(t('Invalid Username')); } /* if ((strlen($password) < USER_PASSWORD_MINIMUM) || (strlen($password) > USER_PASSWORD_MAXIMUM)) { $e->add(t('A password must be between %s and %s characters', USER_PASSWORD_MINIMUM, USER_PASSWORD_MAXIMUM)); } if (strlen($password) >= USER_PASSWORD_MINIMUM && !$valc->password($password)) { $e->add(t('A password may not contain ", \', >, <, or any spaces.')); } */ $userHelper->validNewPassword($password,$e); if ($password) { if ($password != $passwordConfirm) { $e->add(t('The two passwords provided do not match.')); } } $aks = UserAttributeKey::getRegistrationList(); foreach($aks as $uak) { if ($uak->isAttributeKeyRequiredOnRegister()) { $e1 = $uak->validateAttributeForm(); if ($e1 == false) { $e->add(t('The field "%s" is required', $uak->getAttributeKeyName())); } else if ($e1 instanceof ValidationErrorHelper) { $e->add($e1); } } } if (!$e->has()) { // do the registration $data = $_POST; $data['uName'] = $username; $data['uPassword'] = $password; $data['uPasswordConfirm'] = $passwordConfirm; $process = UserInfo::register($data); if (is_object($process)) { foreach($aks as $uak) { $uak->saveAttributeForm($process); } if (REGISTER_NOTIFICATION) { //do we notify someone if a new user is added? $mh = Loader::helper('mail'); if(EMAIL_ADDRESS_REGISTER_NOTIFICATION) { $mh->to(EMAIL_ADDRESS_REGISTER_NOTIFICATION); } else { $adminUser = UserInfo::getByID(USER_SUPER_ID); if (is_object($adminUser)) { $mh->to($adminUser->getUserEmail()); } } $mh->addParameter('uName', $process->getUserName()); $mh->addParameter('uID', $process->getUserID()); $mh->addParameter('uEmail', $process->getUserEmail()); $attribs = UserAttributeKey::getRegistrationList(); foreach($attribs as $ak) { $attribValues[] = $ak->getAttributeKeyDisplayHandle() . ': ' . $process->getAttribute($ak->getAttributeKeyHandle(), 'display'); } $mh->addParameter('attribs', $attribValues); if (defined('EMAIL_ADDRESS_REGISTER_NOTIFICATION_FROM')) { $mh->from(EMAIL_ADDRESS_REGISTER_NOTIFICATION_FROM, t('Website Registration Notification')); } else { $adminUser = UserInfo::getByID(USER_SUPER_ID); if (is_object($adminUser)) { $mh->from($adminUser->getUserEmail(), t('Website Registration Notification')); } } if(REGISTRATION_TYPE == 'manual_approve') { $mh->load('user_register_approval_required'); } else { $mh->load('user_register'); } $mh->sendMail(); } // now we log the user in if (USER_REGISTRATION_WITH_EMAIL_ADDRESS) { $u = new User($_POST['uEmail'], $_POST['uPassword']); } else { $u = new User($_POST['uName'], $_POST['uPassword']); } // if this is successful, uID is loaded into session for this user $rcID = $this->post('rcID'); $nh = Loader::helper('validation/numbers'); if (!$nh->integer($rcID)) { $rcID = 0; } // now we check whether we need to validate this user's email address if (defined("USER_VALIDATE_EMAIL") && USER_VALIDATE_EMAIL) { if (USER_VALIDATE_EMAIL > 0) { $uHash = $process->setupValidation(); $mh = Loader::helper('mail'); if (defined('EMAIL_ADDRESS_VALIDATE')) { $mh->from(EMAIL_ADDRESS_VALIDATE, t('Validate Email Address')); } $mh->addParameter('uEmail', $_POST['uEmail']); $mh->addParameter('uHash', $uHash); $mh->to($_POST['uEmail']); $mh->load('validate_user_email'); $mh->sendMail(); //$this->redirect('/register', 'register_success_validate', $rcID); $redirectMethod='register_success_validate'; $registerData['msg']= join('<br><br>',$this->getRegisterSuccessValidateMsgs()); $u->logout(); } } else if(defined('USER_REGISTRATION_APPROVAL_REQUIRED') && USER_REGISTRATION_APPROVAL_REQUIRED) { $ui = UserInfo::getByID($u->getUserID()); $ui->deactivate(); //$this->redirect('/register', 'register_pending', $rcID); $redirectMethod='register_pending'; $registerData['msg']=$this->getRegisterPendingMsg(); $u->logout(); } if (!$u->isError()) { //$this->redirect('/register', 'register_success', $rcID); if(!$redirectMethod){ $redirectMethod='register_success'; $registerData['msg']=$this->getRegisterSuccessMsg(); } $registerData['uID']=intval($u->uID); } $registerData['success']=1; if($_REQUEST['format']!='JSON') $this->redirect('/register', $redirectMethod, $rcID); } } else { $ip->logSignupRequest(); if ($ip->signupRequestThreshholdReached()) { $ip->createIPBan(); } $this->set('error', $e); $registerData['errors'] = $e->getList(); } if( $_REQUEST['format']=='JSON' ){ $jsonHelper=Loader::helper('json'); echo $jsonHelper->encode($registerData); die; } }
protected function finishLogin($loginData = array()) { $u = new User(); if ($this->post('uMaintainLogin')) { $u->setUserForeverCookie(); } if (count($this->locales) > 0) { if (Config::get('LANGUAGE_CHOOSE_ON_LOGIN') && $this->post('USER_LOCALE') != '') { $u->setUserDefaultLanguage($this->post('USER_LOCALE')); } } // Verify that the user has filled out all // required items that are required on register // That means users logging in after new user attributes // have been created and required will be prompted here to // finish their profile $this->set('invalidRegistrationFields', false); Loader::model('attribute/categories/user'); $ui = UserInfo::getByID($u->getUserID()); $aks = UserAttributeKey::getRegistrationList(); $unfilledAttributes = array(); foreach ($aks as $uak) { if ($uak->isAttributeKeyRequiredOnRegister()) { $av = $ui->getAttributeValueObject($uak); if (!is_object($av)) { $unfilledAttributes[] = $uak; } } } if ($this->post('completePartialProfile')) { foreach ($unfilledAttributes as $uak) { $e1 = $uak->validateAttributeForm(); if ($e1 == false) { $this->error->add(t('The field "%s" is required', $uak->getAttributeKeyName())); } else { if ($e1 instanceof ValidationErrorHelper) { $this->error->add($e1); } } } if (!$this->error->has()) { // the user has needed to complete a partial profile, and they have done so, // and they have no errors. So we save our profile data against the account. foreach ($unfilledAttributes as $uak) { $uak->saveAttributeForm($ui); $unfilledAttributes = array(); } } } if (count($unfilledAttributes) > 0) { $u->logout(); $this->set('invalidRegistrationFields', true); $this->set('unfilledAttributes', $unfilledAttributes); } $txt = Loader::helper('text'); $rcID = $this->post('rcID'); $nh = Loader::helper('validation/numbers'); //set redirect url if ($nh->integer($rcID)) { $nh = Loader::helper('navigation'); $rc = Page::getByID($rcID); $url = $nh->getLinkToCollection($rc, true); $loginData['redirectURL'] = $url; } elseif (strlen($rcID)) { $rcID = trim($rcID, '/'); $nc2 = Page::getByPath('/' . $rcID); if (is_object($nc2) && !$nc2->isError()) { $loginData['redirectURL'] = BASE_URL . DIR_REL . '/' . DISPATCHER_FILENAME . '/' . $rcID; } } /* //full page login redirect (non-ajax login) if( strlen($loginData['redirectURL']) && $_REQUEST['format']!='JSON' ){ header('Location: ' . $loginData['redirectURL']); exit; } */ $dash = Page::getByPath("/dashboard", "RECENT"); $dbp = new Permissions($dash); Events::fire('on_user_login', $this); //End JSON Login if ($_REQUEST['format'] == 'JSON') { return $loginData; } //should administrator be redirected to dashboard? defaults to yes if not set. $adminToDash = intval(Config::get('LOGIN_ADMIN_TO_DASHBOARD')); //Full page login, standard redirection $u = new User(); // added for the required registration attribute change above. We recalc the user and make sure they're still logged in if ($u->isRegistered()) { if ($u->config('NEWSFLOW_LAST_VIEWED') == 'FIRSTRUN') { $u->saveConfig('NEWSFLOW_LAST_VIEWED', 0); } if ($loginData['redirectURL']) { //make double secretly sure there's no caching going on header("Cache-Control: no-store, no-cache, must-revalidate"); header("Pragma: no-cache"); header('Expires: Fri, 30 Oct 1998 14:19:41 GMT'); //in the past $this->externalRedirect($loginData['redirectURL']); } else { if ($dbp->canRead() && $adminToDash) { $this->redirect('/dashboard'); } else { //options set in dashboard/users/registration $login_redirect_cid = intval(Config::get('LOGIN_REDIRECT_CID')); $login_redirect_mode = Config::get('LOGIN_REDIRECT'); //redirect to user profile if ($login_redirect_mode == 'PROFILE' && ENABLE_USER_PROFILES) { $this->redirect('/profile/', $u->uID); //redirect to custom page } elseif ($login_redirect_mode == 'CUSTOM' && $login_redirect_cid > 0) { $redirectTarget = Page::getByID($login_redirect_cid); if (intval($redirectTarget->cID) > 0) { $this->redirect($redirectTarget->getCollectionPath()); } else { $this->redirect('/'); } //redirect home } else { $this->redirect('/'); } } } } }
public function view() { $assignment = PermissionKey::getByHandle('edit_user_properties')->getMyAssignment(); $vals = Loader::helper('validation/strings'); $valt = Loader::helper('validation/token'); $valc = Loader::helper('concrete/validation'); if ($_POST['create']) { $username = trim($_POST['uName']); $username = preg_replace("/\\s+/", " ", $username); $_POST['uName'] = $username; $password = $_POST['uPassword']; if (!$vals->email($_POST['uEmail'])) { $this->error->add(t('Invalid email address provided.')); } else { if (!$valc->isUniqueEmail($_POST['uEmail'])) { $this->error->add(t("The email address '%s' is already in use. Please choose another.", $_POST['uEmail'])); } } if (strlen($username) < USER_USERNAME_MINIMUM) { $this->error->add(t('A username must be between at least %s characters long.', USER_USERNAME_MINIMUM)); } if (strlen($username) > USER_USERNAME_MAXIMUM) { $this->error->add(t('A username cannot be more than %s characters long.', USER_USERNAME_MAXIMUM)); } if (strlen($username) >= USER_USERNAME_MINIMUM && !$valc->username($username)) { if (USER_USERNAME_ALLOW_SPACES) { $this->error->add(t('A username may only contain letters, numbers and spaces.')); } else { $this->error->add(t('A username may only contain letters or numbers.')); } } if (!$valc->isUniqueUsername($username)) { $this->error->add(t("The username '%s' already exists. Please choose another", $username)); } if ($username == USER_SUPER) { $this->error->add(t('Invalid Username')); } if (strlen($password) < USER_PASSWORD_MINIMUM || strlen($password) > USER_PASSWORD_MAXIMUM) { $this->error->add(t('A password must be between %s and %s characters', USER_PASSWORD_MINIMUM, USER_PASSWORD_MAXIMUM)); } if (strlen($password) >= USER_PASSWORD_MINIMUM && !$valc->password($password)) { $this->error->add(t('A password may not contain ", \', >, <, or any spaces.')); } if (!$valt->validate('create_account')) { $this->error->add($valt->getErrorMessage()); } Loader::model("attribute/categories/user"); $aks = UserAttributeKey::getRegistrationList(); foreach ($aks as $uak) { if ($uak->isAttributeKeyRequiredOnRegister()) { $e1 = $uak->validateAttributeForm(); if ($e1 == false) { $this->error->add(t('The field "%s" is required', $uak->getAttributeKeyName())); } else { if ($e1 instanceof ValidationErrorHelper) { $this->error->add($e1->getList()); } } } } if (!$this->error->has()) { // do the registration $data = array('uName' => $username, 'uPassword' => $password, 'uEmail' => $_POST['uEmail'], 'uDefaultLanguage' => $_POST['uDefaultLanguage']); $uo = UserInfo::add($data); if (is_object($uo)) { $av = Loader::helper('concrete/avatar'); if ($assignment->allowEditAvatar()) { if (is_uploaded_file($_FILES['uAvatar']['tmp_name'])) { $uHasAvatar = $av->updateUserAvatar($_FILES['uAvatar']['tmp_name'], $uo->getUserID()); } } foreach ($aks as $uak) { if (in_array($uak->getAttributeKeyID(), $assignment->getAttributesAllowedArray())) { $uak->saveAttributeForm($uo); } } $gak = PermissionKey::getByHandle('assign_user_groups'); $gIDs = array(); if (is_array($_POST['gID'])) { foreach ($_POST['gID'] as $gID) { if ($gak->validate($gID)) { $gIDs[] = $gID; } } } $uo->updateGroups($gIDs); $uID = $uo->getUserID(); $this->redirect('/dashboard/users/search?uID=' . $uID . '&user_created=1'); } else { $this->error->add(t('An error occurred while trying to create the account.')); $this->set('error', $this->error); } } else { $this->set('error', $this->error); } } }