/**
* Check the email address
*
* @return @e void [Outputs to screen]
*/
public function checkEmail()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$email = '';
$banfilters = array();
if (is_string($_REQUEST['email'])) {
$email = strtolower(IPSText::parseCleanValue(rawurldecode($_REQUEST['email'])));
}
if (!$email) {
$this->returnString('found');
}
if (!IPSText::checkEmailAddress($email)) {
$this->returnString('found');
}
//-----------------------------------------
// Got the member?
//-----------------------------------------
if (!IPSMember::checkByEmail($email)) {
//-----------------------------------------
// Load ban filters
//-----------------------------------------
$this->DB->build(array('select' => '*', 'from' => 'banfilters'));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
$banfilters[$r['ban_type']][] = $r['ban_content'];
}
//-----------------------------------------
// Are they banned [EMAIL]?
//-----------------------------------------
if (is_array($banfilters['email']) and count($banfilters['email'])) {
foreach ($banfilters['email'] as $memail) {
$memail = str_replace("*", '.*', preg_quote($memail, "/"));
if (preg_match("/^{$memail}\$/", $email)) {
$this->returnString('banned');
break;
}
}
}
//-----------------------------------------
// Load handler...
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$han_login = new $classToLoad($this->registry);
$han_login->init();
$han_login->emailExistsCheck($email);
if ($han_login->return_code and $han_login->return_code != 'METHOD_NOT_DEFINED' and $han_login->return_code != 'EMAIL_NOT_IN_USE') {
$this->returnString('found');
}
$this->returnString('notfound');
} else {
$this->returnString('found');
}
}
/**
* Change account data
*
* @param int ID number
* @param string md5( IPS Connect Key (see login method) . ID number )
* @param string New username (blank means do not change)
* @param string New displayname (blank means do not change)
* @param string New email address (blank means do not change)
* @param string New password, md5 encoded (blank means do not change)
* @param string Redirect URL, Base64 encoded
* @param string md5( IPS Connect Key . $redirect )
* @return mixed If the redirect URL is provided, this function should redirect the user to that URL with a single paramater - 'status'
* If blank, will output to screen a JSON object with the same parameter
* Values:
* BAD_KEY Invalid Key
* NO_USER ID number not match any member account
* SUCCESS Information changed successfully
* USERNAME_IN_USE The chosen username was in use and as a result NO information was changed
* DISPLAYNAME_IN_USE The chosen username was in use and as a result NO information was changed
* EMAIL_IN_USE The chosen username was in use and as a result NO information was changed
* MISSING_DATA No details to be changed were provided
*/
public function change($id, $key, $username, $displayname, $email, $md5Password, $redirect, $redirectHash)
{
if ($key != md5($this->masterKey . $id)) {
$this->_return(base64_encode($this->settings['board_url']), array('status' => 'BAD_KEY'));
}
$member = IPSMember::load(intval($id), 'none', 'id');
if (!$member['member_id']) {
$this->_return($redirect, array('status' => 'NO_USER'));
}
$update = array();
if ($username) {
if (IPSMember::getFunction()->checkNameExists($username, $member, 'name', TRUE)) {
$this->_return($redirect, array('status' => 'USERNAME_IN_USE'));
}
$update['name'] = $username;
}
if ($displayname) {
if (IPSMember::getFunction()->checkNameExists($displayname, $member, 'members_display_name', TRUE)) {
$this->_return($redirect, array('status' => 'DISPLAYNAME_IN_USE'));
}
$update['members_display_name'] = $displayname;
}
if ($email) {
if (IPSMember::checkByEmail($email)) {
$this->_return($redirect, array('status' => 'EMAIL_IN_USE'));
}
$update['email'] = $email;
}
if (empty($update)) {
if (!$md5Password) {
$this->_return($redirect, array('status' => 'MISSING_DATA'));
}
} else {
IPSMember::save($member['member_id'], array('members' => $update));
}
if ($md5Password) {
IPSMember::updatePassword($member['member_id'], $md5Password);
}
if ($redirect) {
$redirect = $redirectHash == md5($this->masterKey . $redirect) ? $redirect : base64_encode($this->settings['board_url']);
}
$this->_return($redirect, array('status' => 'SUCCESS'));
}
/**
* Processes the registration form
*
* @access public
* @return void
*/
public function registerProcessForm()
{
$form_errors = array();
$coppa = $this->request['coppa_user'] == 1 ? 1 : 0;
$in_password = trim($this->request['PassWord']);
$in_email = strtolower(trim($this->request['EmailAddress']));
$_SFS_FOUND = FALSE;
/* Check */
if ($this->settings['no_reg'] == 1) {
$this->registry->output->showError('registration_disabled', 2016, true);
}
/* Custom profile field stuff */
require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php';
$custom_fields = new customProfileFields();
$custom_fields->initData('edit');
$custom_fields->parseToSave($this->request, 'register');
/* Check */
if ($custom_fields->error_messages) {
$form_errors['general'] = $custom_fields->error_messages;
}
/* Check the email address */
if (!$in_email or strlen($in_email) < 6 or !IPSText::checkEmailAddress($in_email)) {
$form_errors['email'][$this->lang->words['err_invalid_email']] = $this->lang->words['err_invalid_email'];
}
if (trim($this->request['PassWord_Check']) != $in_password) {
$form_errors['password'][$this->lang->words['passwords_not_match']] = $this->lang->words['passwords_not_match'];
}
/* Test email address */
$this->request['EmailAddress_two'] = strtolower(trim($this->request['EmailAddress_two']));
$this->request['EmailAddress'] = strtolower(trim($this->request['EmailAddress']));
if (!IPSText::checkEmailAddress($this->request['EmailAddress_two'])) {
$form_errors['email'][$this->lang->words['reg_error_email_invalid']] = $this->lang->words['reg_error_email_invalid'];
} else {
if ($in_email and $this->request['EmailAddress_two'] != $in_email) {
$form_errors['email'][$this->lang->words['reg_error_email_nm']] = $this->lang->words['reg_error_email_nm'];
}
}
/* Need username? */
$uses_name = false;
foreach ($this->cache->getCache('login_methods') as $method) {
if ($method['login_user_id'] == 'username') {
$uses_name = true;
}
}
if (!$uses_name) {
$_REQUEST['UserName'] = $_REQUEST['members_display_name'];
$this->request['UserName'] = $this->request['members_display_name'];
}
/* Check the username */
$user_check = IPSMember::getFunction()->cleanAndCheckName($this->request['UserName'], array(), 'name');
if ($this->settings['auth_allow_dnames']) {
$disp_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'members_display_name');
}
if (is_array($user_check['errors']) && count($user_check['errors'])) {
foreach ($user_check['errors'] as $key => $error) {
$form_errors[$key][] = $error;
}
}
if ($this->settings['auth_allow_dnames'] and is_array($disp_check['errors']) && count($disp_check['errors'])) {
foreach ($disp_check['errors'] as $key => $error) {
$form_errors[$key][] = $error;
}
}
/* CHECK 1: Any errors (missing fields, etc)? */
if (count($form_errors)) {
$this->registerForm($form_errors);
return;
}
/* Is this email addy taken? */
if (IPSMember::checkByEmail($in_email) == TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Load handler... */
require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
$this->han_login = new han_login($this->registry);
$this->han_login->init();
$this->han_login->emailExistsCheck($in_email);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Are they banned [EMAIL]? */
if (IPSMember::isBanned('email', $in_email) === TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_ban']] = $this->lang->words['reg_error_email_ban'];
}
/* Check the CAPTCHA */
if ($this->settings['bot_antispam']) {
if ($this->registry->getClass('class_captcha')->validate() !== TRUE) {
$form_errors['general'][$this->lang->words['err_reg_code']] = $this->lang->words['err_reg_code'];
}
}
/* Check the Q and A */
if ($this->settings['registration_qanda']) {
$qanda = intval($this->request['qanda_id']);
$pass = false;
if ($qanda) {
$data = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'where' => 'qa_id=' . $qanda));
if ($data['qa_id']) {
$answers = explode("\n", str_replace("\r", "", $data['qa_answers']));
if (count($answers)) {
foreach ($answers as $answer) {
if (strtolower($answer) == strtolower($this->request['qa_answer'])) {
$pass = true;
break;
}
}
}
}
} else {
//-----------------------------------------
// Do we have any questions?
//-----------------------------------------
$data = $this->DB->buildAndFetch(array('select' => 'COUNT(*) as questions', 'from' => 'question_and_answer'));
if (!$data['questions']) {
$pass = true;
}
}
if (!$pass) {
$form_errors['general'][$this->lang->words['err_q_and_a']] = $this->lang->words['err_q_and_a'];
}
}
/* CHECK 2: Any errors ? */
if (count($form_errors)) {
$this->registerForm($form_errors);
return;
}
/* Build up the hashes */
$mem_group = $this->settings['member_group'];
/* Are we asking the member or admin to preview? */
if ($this->settings['reg_auth_type']) {
$mem_group = $this->settings['auth_group'];
} else {
if ($coppa == 1) {
$mem_group = $this->settings['auth_group'];
}
}
/* Create member */
$member = array('name' => $this->request['UserName'], 'password' => $in_password, 'members_display_name' => $this->settings['auth_allow_dnames'] ? $this->request['members_display_name'] : $this->request['UserName'], 'email' => $in_email, 'member_group_id' => $mem_group, 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->request['time_offset'], 'coppa_user' => $coppa, 'members_auto_dst' => intval($this->request['dst']), 'allow_admin_mails' => intval($this->request['allow_admin_mail']), 'hide_email' => $this->request['allow_member_mail'] ? 0 : 1);
/* Spam Service */
$spamCode = 0;
if ($this->settings['spam_service_enabled'] && $this->settings['spam_service_api_key']) {
/* Query the service */
$spamCode = IPSMember::querySpamService($in_email);
/* Action to perform */
$action = $this->settings['spam_service_action_' . $spamCode];
/* Perform Action */
switch ($action) {
/* Proceed with registraction */
case 1:
break;
/* Flag for admin approval */
/* Flag for admin approval */
case 2:
$member['member_group_id'] = $this->settings['auth_group'];
$this->settings['reg_auth_type'] = 'admin';
break;
/* Approve the account, but ban it */
/* Approve the account, but ban it */
case 3:
$member['member_banned'] = 1;
$member['member_group_id'] = $this->settings['banned_group'];
$this->settings['reg_auth_type'] = '';
break;
}
}
//-----------------------------------------
// Create the account
//-----------------------------------------
$member = IPSMember::create(array('members' => $member, 'pfields_content' => $this->request));
//-----------------------------------------
// Login handler create account callback
//-----------------------------------------
$this->han_login->createAccount(array('email' => $member['email'], 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $this->member->ip_address, 'username' => $member['members_display_name']));
//-----------------------------------------
// We'll just ignore if this fails - it shouldn't hold up IPB anyways
//-----------------------------------------
/*if ( $han_login->return_code AND ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) )
{
$this->registry->output->showError( 'han_login_create_failed', 2017, true );
}*/
//-----------------------------------------
// Validation
//-----------------------------------------
$validate_key = md5(IPSLib::makePassword() . time());
$time = time();
if ($coppa != 1) {
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin' or $this->settings['reg_auth_type'] == 'admin_user') {
//-----------------------------------------
// We want to validate all reg's via email,
// after email verificiation has taken place,
// we restore their previous group and remove the validate_key
//-----------------------------------------
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin_user') {
IPSText::getTextClass('email')->getTemplate("reg_validate");
IPSText::getTextClass('email')->buildMessage(array('THE_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=auto_validate&uid=" . urlencode($member['member_id']) . "&aid=" . urlencode($validate_key), 'NAME' => $member['members_display_name'], 'MAN_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=05", 'EMAIL' => $member['email'], 'ID' => $member['member_id'], 'CODE' => $validate_key));
IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email'] . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
$this->output = $this->registry->output->getTemplate('register')->showAuthorize($member);
} else {
if ($this->settings['reg_auth_type'] == 'admin') {
$this->output = $this->registry->output->getTemplate('register')->showPreview($member);
}
}
if ($this->settings['new_reg_notify']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'MEMBER_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email1'] . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
$this->registry->output->setTitle($this->lang->words['reg_success']);
$this->registry->output->addNavigation($this->lang->words['nav_reg'], '');
} else {
/* We don't want to preview, or get them to validate via email. */
$stat_cache = $this->caches['stats'];
if ($member['members_display_name'] and $member['member_id']) {
$stat_cache['last_mem_name'] = $member['members_display_name'];
$stat_cache['last_mem_id'] = $member['member_id'];
}
$stat_cache['mem_count'] += 1;
$this->cache->setCache('stats', $stat_cache, array('array' => 1, 'deletefirst' => 0));
if ($this->settings['new_reg_notify']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'MEMBER_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email1'] . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
IPSCookie::set('pass_hash', $member['member_login_key'], 1);
IPSCookie::set('member_id', $member['member_id'], 1);
//-----------------------------------------
// Fix up session
//-----------------------------------------
$privacy = $this->request['Privacy'] ? 1 : 0;
if ($member['g_hide_online_list']) {
$privacy = 1;
}
$this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy));
$this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&fromreg=1');
}
} else {
/* This is a COPPA user, so lets tell them they registered OK and redirect to the form. */
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
$this->registry->output->redirectScreen($this->lang->words['cp_success'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=12');
}
}
/**
* Processes the registration form
*
* @return @e void
*/
public function registerProcessForm()
{
$this->_resetMember();
$form_errors = array();
$coppa = $this->request['coppa_user'] == 1 ? 1 : 0;
$in_password = trim($this->request['PassWord']);
$in_email = strtolower(trim($this->request['EmailAddress']));
/* Did we agree to the t&c? */
if (!$this->request['agree_tos']) {
$form_errors['tos'] = array($this->lang->words['must_agree_to_terms']);
}
/* Custom profile field stuff */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields');
$custom_fields = new $classToLoad();
$custom_fields->initData('edit');
$custom_fields->parseToSave($_POST, 'register');
/* Check */
if ($custom_fields->error_messages) {
$form_errors['general'] = $custom_fields->error_messages;
}
/* Check the email address */
if (!$in_email or strlen($in_email) < 6 or !IPSText::checkEmailAddress($in_email)) {
$form_errors['email'][$this->lang->words['err_invalid_email']] = $this->lang->words['err_invalid_email'];
}
if (trim($this->request['PassWord_Check']) != $in_password or !$in_password) {
$form_errors['password'][$this->lang->words['passwords_not_match']] = $this->lang->words['passwords_not_match'];
}
/*
There's no reason for this - http://community.invisionpower.com/resources/bugs.html/_/ip-board/registrations-limit-passwords-to-32-characters-for-no-apparent-reason-r37770
elseif ( strlen( $in_password ) < 3 )
{
$form_errors['password'][$this->lang->words['pass_too_short']] = $this->lang->words['pass_too_short'];
}
elseif ( strlen( $in_password ) > 32 )
{
$form_errors['password'][$this->lang->words['pass_too_long']] = $this->lang->words['pass_too_long'];
}
*/
/* Check the username */
$user_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'name');
$disp_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'members_display_name');
if (is_array($user_check['errors']) && count($user_check['errors'])) {
foreach ($user_check['errors'] as $key => $error) {
$form_errors['dname'][$error] = isset($this->lang->words[$error]) ? $this->lang->words[$error] : $error;
}
}
/* this duplicates username error above */
/*if( is_array( $disp_check['errors'] ) && count( $disp_check['errors'] ) )
{
foreach( $disp_check['errors'] as $key => $error )
{
$form_errors['dname'][ $error ] = isset($this->lang->words[ $error ]) ? $this->lang->words[ $error ] : $error;
}
}*/
/* Is this email addy taken? */
if (IPSMember::checkByEmail($in_email) == TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Load handler... */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
$this->han_login->emailExistsCheck($in_email);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Are they banned [EMAIL]? */
if (IPSMember::isBanned('email', $in_email) === TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_ban']] = $this->lang->words['reg_error_email_ban'];
}
/* Check the CAPTCHA */
if ($this->settings['bot_antispam_type'] != 'none') {
if ($this->registry->getClass('class_captcha')->validate() !== TRUE) {
$form_errors['general'][$this->lang->words['err_reg_code']] = $this->lang->words['err_reg_code'];
}
}
/* Check the Q and A */
$qanda = intval($this->request['qanda_id']);
$pass = true;
if ($qanda) {
$pass = false;
$data = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'where' => 'qa_id=' . $qanda));
if ($data['qa_id']) {
$answers = explode("\n", str_replace("\r", "", $data['qa_answers']));
if (count($answers)) {
foreach ($answers as $answer) {
$answer = trim($answer);
if (IPSText::mbstrlen($answer) and mb_strtolower($answer) == mb_strtolower($this->request['qa_answer'])) {
$pass = true;
break;
}
}
}
}
} else {
//-----------------------------------------
// Do we have any questions?
//-----------------------------------------
$data = $this->DB->buildAndFetch(array('select' => 'COUNT(*) as questions', 'from' => 'question_and_answer'));
if ($data['questions']) {
$pass = false;
}
}
if (!$pass) {
$form_errors['general'][$this->lang->words['err_q_and_a']] = $this->lang->words['err_q_and_a'];
}
/* CHECK 2: Any errors ? */
if (count($form_errors)) {
$this->registerForm($form_errors);
return;
}
/* Build up the hashes */
$mem_group = $this->settings['member_group'];
/* Are we asking the member or admin to preview? */
if ($this->settings['reg_auth_type']) {
$mem_group = $this->settings['auth_group'];
} else {
if ($coppa == 1) {
$mem_group = $this->settings['auth_group'];
}
}
/* Create member */
$member = array('name' => $this->request['members_display_name'], 'password' => $in_password, 'members_display_name' => $this->request['members_display_name'], 'email' => $in_email, 'member_group_id' => $mem_group, 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->request['time_offset'], 'coppa_user' => $coppa, 'members_auto_dst' => intval($this->settings['time_dst_auto_correction']), 'allow_admin_mails' => intval($this->request['allow_admin_mail']), 'language' => $this->member->language_id);
/* Spam Service */
$spamCode = 0;
$_spamFlag = 0;
if ($this->settings['spam_service_enabled']) {
/* Query the service */
$spamCode = IPSMember::querySpamService($in_email);
/* Action to perform */
$action = $this->settings['spam_service_action_' . $spamCode];
/* Perform Action */
switch ($action) {
/* Proceed with registration */
case 1:
break;
/* Flag for admin approval */
/* Flag for admin approval */
case 2:
$member['member_group_id'] = $this->settings['auth_group'];
$this->settings['reg_auth_type'] = 'admin';
$_spamFlag = 1;
break;
/* Approve the account, but ban it */
/* Approve the account, but ban it */
case 3:
$member['member_banned'] = 1;
$member['bw_is_spammer'] = 1;
$this->settings['reg_auth_type'] = '';
break;
/* Deny registration */
/* Deny registration */
case 4:
$this->registry->output->showError('spam_denied_account', '100x001', FALSE, '', 200);
break;
}
}
//-----------------------------------------
// Create the account
//-----------------------------------------
$member = IPSMember::create(array('members' => $member, 'pfields_content' => $custom_fields->out_fields), FALSE, FALSE, FALSE);
//-----------------------------------------
// Login handler create account callback
//-----------------------------------------
$this->han_login->createAccount(array('member_id' => $member['member_id'], 'email' => $member['email'], 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $this->member->ip_address, 'username' => $member['members_display_name'], 'name' => $member['name'], 'members_display_name' => $member['members_display_name']));
//-----------------------------------------
// We'll just ignore if this fails - it shouldn't hold up IPB anyways
//-----------------------------------------
/*if ( $han_login->return_code AND ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) )
{
$this->registry->output->showError( 'han_login_create_failed', 2017, true );
}*/
//-----------------------------------------
// Validation
//-----------------------------------------
$validate_key = md5(IPSMember::makePassword() . time());
$time = time();
if ($coppa != 1) {
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin' or $this->settings['reg_auth_type'] == 'admin_user') {
//-----------------------------------------
// We want to validate all reg's via email,
// after email verificiation has taken place,
// we restore their previous group and remove the validate_key
//-----------------------------------------
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address'], 'spam_flag' => $_spamFlag));
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin_user') {
/* Send out the email. */
$message = array('THE_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=auto_validate&uid=" . urlencode($member['member_id']) . "&aid=" . urlencode($validate_key), 'publicNoSession', 'false'), 'NAME' => $member['members_display_name'], 'MAN_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=05", 'publicNoSession', 'false'), 'EMAIL' => $member['email'], 'ID' => $member['member_id'], 'CODE' => $validate_key);
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("reg_validate", $this->member->language_id));
IPSText::getTextClass('email')->buildPlainTextContent($message);
IPSText::getTextClass('email')->buildHtmlContent($message);
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
$this->output = $this->registry->output->getTemplate('register')->showAuthorize($member);
} else {
if ($this->settings['reg_auth_type'] == 'admin') {
$this->output = $this->registry->output->getTemplate('register')->showPreview($member);
}
}
/* Only send new registration email if the member wasn't banned */
if ($this->settings['new_reg_notify'] and !$member['member_banned']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
$this->registry->output->setTitle($this->lang->words['reg_success'] . ' - ' . ipsRegistry::$settings['board_name']);
$this->registry->output->addNavigation($this->lang->words['nav_reg'], '');
} else {
/* We don't want to preview, or get them to validate via email. */
$stat_cache = $this->cache->getCache('stats');
if ($member['members_display_name'] and $member['member_id'] and !$this->caches['group_cache'][$member['member_group_id']]['g_hide_online_list']) {
$stat_cache['last_mem_name'] = $member['members_display_name'];
$stat_cache['last_mem_name_seo'] = IPSText::makeSeoTitle($member['members_display_name']);
$stat_cache['last_mem_id'] = $member['member_id'];
}
$stat_cache['mem_count'] += 1;
$this->cache->setCache('stats', $stat_cache, array('array' => 1));
/* Only send new registration email if the member wasn't banned */
if ($this->settings['new_reg_notify'] and !$member['member_banned']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
IPSCookie::set('pass_hash', $member['member_login_key'], 1);
IPSCookie::set('member_id', $member['member_id'], 1);
//-----------------------------------------
// Fix up session
//-----------------------------------------
$privacy = $member['g_hide_online_list'] || empty($this->settings['disable_anonymous']) && !empty($this->request['Privacy']) ? 1 : 0;
# Update value for onCompleteAccount call
$member['login_anonymous'] = $privacy . '&1';
$this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy));
IPSLib::runMemberSync('onCompleteAccount', $member);
$this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&fromreg=1');
}
} else {
/* This is a COPPA user, so lets tell them they registered OK and redirect to the form. */
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
$this->registry->output->redirectScreen($this->lang->words['cp_success'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=12');
}
}
/**
* UserCP Save Form: Email Address
*
* @return mixed Array of errors / boolean true
*/
public function saveFormEmailPassword()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$_emailOne = strtolower(trim($this->request['in_email_1']));
$_emailTwo = strtolower(trim($this->request['in_email_2']));
$cur_pass = trim($this->request['current_pass']);
$new_pass = trim($this->request['new_pass_1']);
$chk_pass = trim($this->request['new_pass_2']);
$isRemote = (!$this->memberData['bw_local_password_set'] and $this->memberData['members_created_remote']) ? true : false;
if ($cur_pass or $new_pass) {
if ($this->memberData['g_access_cp']) {
return array(0 => $this->lang->words['admin_emailpassword']);
}
if ($isRemote === false and (!$_POST['current_pass'] or empty($new_pass) or empty($chk_pass))) {
return array(0 => $this->lang->words['complete_entire_form']);
}
//-----------------------------------------
// Do the passwords actually match?
//-----------------------------------------
if ($new_pass != $chk_pass) {
return array(0 => $this->lang->words['passwords_not_matchy']);
}
//-----------------------------------------
// Check password...
//-----------------------------------------
if ($isRemote === false) {
if ($this->_checkPassword($cur_pass) !== TRUE) {
return array(0 => $this->lang->words['current_pw_bad']);
}
} else {
/* This is INIT in _checkPassword */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
}
//-----------------------------------------
// Create new password...
//-----------------------------------------
$md5_pass = md5($new_pass);
//-----------------------------------------
// han_login was loaded during check_password
//-----------------------------------------
$this->han_login->changePass($this->memberData['email'], $md5_pass, $new_pass, $this->memberData);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'SUCCESS') {
return array(0 => $this->lang->words['hanlogin_pw_failed']);
}
//-----------------------------------------
// Update the DB
//-----------------------------------------
IPSMember::updatePassword($this->memberData['email'], $md5_pass);
IPSLib::runMemberSync('onPassChange', $this->memberData['member_id'], $new_pass);
//-----------------------------------------
// Update members log in key...
//-----------------------------------------
$key = IPSMember::generateAutoLoginKey();
IPSMember::save($this->memberData['member_id'], array('core' => array('member_login_key' => $key, 'bw_local_password_set' => 1)));
$this->ok_message = $this->lang->words['pw_change_successful'];
}
if ($_emailOne or $_emailTwo) {
//-----------------------------------------
// Do not allow validating members to change
// email when admin validation is on
// @see http://community.invisionpower.com/tracker/issue-19964-loophole-in-registration-procedure/
//-----------------------------------------
if ($this->memberData['member_group_id'] == $this->settings['auth_group'] and in_array($this->settings['reg_auth_type'], array('admin', 'admin_user'))) {
$this->registry->output->showError($this->lang->words['admin_val_no_email_chg'], 10190);
}
//-----------------------------------------
// Check input
//-----------------------------------------
if ($this->memberData['g_access_cp']) {
return array(0 => $this->lang->words['admin_emailpassword']);
}
if (!$_POST['in_email_1'] or !$_POST['in_email_2']) {
return array(0 => $this->lang->words['complete_entire_form']);
}
//-----------------------------------------
// Check password...
//-----------------------------------------
if (!$this->_isFBUser) {
if ($this->_checkPassword($this->request['password']) === FALSE) {
return array(0 => $this->lang->words['current_pw_bad']);
}
}
//-----------------------------------------
// Test email addresses
//-----------------------------------------
if ($_emailOne != $_emailTwo) {
return array(0 => $this->lang->words['emails_no_matchy']);
}
if (IPSText::checkEmailAddress($_emailOne) !== TRUE) {
return array(0 => $this->lang->words['email_not_valid']);
}
//-----------------------------------------
// Is this email addy taken?
//-----------------------------------------
if (IPSMember::checkByEmail($_emailOne) == TRUE) {
return array(0 => $this->lang->words['email_is_taken']);
}
//-----------------------------------------
// Load ban filters
//-----------------------------------------
$banfilters = array();
$this->DB->build(array('select' => '*', 'from' => 'banfilters'));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
$banfilters[$r['ban_type']][] = $r['ban_content'];
}
//-----------------------------------------
// Check in banned list
//-----------------------------------------
if (isset($banfilters['email']) and is_array($banfilters['email']) and count($banfilters['email'])) {
foreach ($banfilters['email'] as $email) {
$email = str_replace('\\*', '.*', preg_quote($email, "/"));
if (preg_match("/^{$email}\$/i", $_emailOne)) {
return array(0 => $this->lang->words['email_is_taken']);
}
}
}
//-----------------------------------------
// Load handler...
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
if ($this->han_login->emailExistsCheck($_emailOne) !== FALSE) {
return array(0 => $this->lang->words['email_is_taken']);
}
$this->han_login->changeEmail($this->memberData['email'], $_emailOne, $this->memberData);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'SUCCESS') {
return array(0 => $this->lang->words['email_is_taken']);
}
//-----------------------------------------
// Want a new validation? NON ADMINS ONLY
//-----------------------------------------
if ($this->settings['reg_auth_type'] and !$this->memberData['g_access_cp']) {
//-----------------------------------------
// Remove any existing entries
//-----------------------------------------
$_previous = $this->DB->buildAndFetch(array('select' => 'prev_email, real_group', 'from' => 'validating', 'where' => "member_id={$this->memberData['member_id']} AND email_chg=1"));
if ($_previous['prev_email']) {
$this->DB->delete('validating', "member_id={$this->memberData['member_id']} AND email_chg=1");
$this->memberData['email'] = $_previous['prev_email'];
$this->memberData['member_group_id'] = $_previous['real_group'];
}
$validate_key = md5(IPSMember::makePassword() . time());
//-----------------------------------------
// Update the new email, but enter a validation key
// and put the member in "awaiting authorisation"
// and send an email..
//-----------------------------------------
$db_str = array('vid' => $validate_key, 'member_id' => $this->memberData['member_id'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => time(), 'coppa_user' => 0, 'email_chg' => 1, 'ip_address' => $this->member->ip_address, 'prev_email' => $this->memberData['email']);
if ($this->memberData['member_group_id'] != $this->settings['auth_group']) {
$db_str['real_group'] = $this->memberData['member_group_id'];
}
$this->DB->insert('validating', $db_str);
IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($_emailOne), $this->memberData['email']);
IPSMember::save($this->memberData['member_id'], array('core' => array('member_group_id' => $this->settings['auth_group'], 'email' => $_emailOne)));
//-----------------------------------------
// Update their session with the new member group
//-----------------------------------------
if ($this->member->session_id) {
$this->member->sessionClass()->convertMemberToGuest();
}
//-----------------------------------------
// Kill the cookies to stop auto log in
//-----------------------------------------
IPSCookie::set('pass_hash', '-1', 0);
IPSCookie::set('member_id', '-1', 0);
IPSCookie::set('session_id', '-1', 0);
//-----------------------------------------
// Dispatch the mail, and return to the activate form.
//-----------------------------------------
IPSText::getTextClass('email')->getTemplate("newemail");
IPSText::getTextClass('email')->buildMessage(array('NAME' => $this->memberData['members_display_name'], 'THE_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=auto_validate&type=newemail&uid=" . $this->memberData['member_id'] . "&aid=" . $validate_key, 'publicNoSession', 'false'), 'ID' => $this->memberData['member_id'], 'MAN_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=07", 'publicNoSession', 'false'), 'CODE' => $validate_key));
IPSText::getTextClass('email')->subject = $this->lang->words['lp_subject'] . ' ' . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $_emailOne;
IPSText::getTextClass('email')->sendMail();
$this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global&section=register&do=07');
} else {
//-----------------------------------------
// No authorisation needed, change email addy and return
//-----------------------------------------
IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($_emailOne), $this->memberData['email']);
IPSMember::save($this->memberData['member_id'], array('core' => array('email' => $_emailOne)));
//-----------------------------------------
// Add to OK message
//-----------------------------------------
$this->ok_message = $this->lang->words['ok_email_changed'];
}
}
return TRUE;
}
/**
* UserCP Save Form: Email Address
*
* @access public
* @return mixed Array of errors / boolean true
*/
public function saveFormEmail()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$_emailOne = strtolower(trim($this->request['in_email_1']));
$_emailTwo = strtolower(trim($this->request['in_email_2']));
$captchaInput = trim(ipsRegistry::$request['captchaInput']);
$captchaUniqueID = trim(ipsRegistry::$request['captchaUniqueID']);
//-----------------------------------------
// Check input
//-----------------------------------------
if ($this->memberData['g_access_cp']) {
return array(0 => $this->lang->words['admin_emailpassword']);
}
if (!$_POST['in_email_1'] or !$_POST['in_email_2']) {
return array(0 => $this->lang->words['complete_entire_form']);
}
//-----------------------------------------
// Check password...
//-----------------------------------------
if (!$this->_isFBUser) {
if ($this->_checkPassword($this->request['password']) === FALSE) {
return array(0 => $this->lang->words['current_pw_bad']);
}
}
//-----------------------------------------
// Test email addresses
//-----------------------------------------
if ($_emailOne != $_emailTwo) {
return array(0 => $this->lang->words['emails_no_matchy']);
}
if (IPSText::checkEmailAddress($_emailOne) !== TRUE) {
return array(0 => $this->lang->words['email_not_valid']);
}
//-----------------------------------------
// Is this email addy taken?
//-----------------------------------------
if (IPSMember::checkByEmail($_emailOne) == TRUE) {
return array(0 => $this->lang->words['email_is_taken']);
}
//-----------------------------------------
// Load ban filters
//-----------------------------------------
$this->DB->build(array('select' => '*', 'from' => 'banfilters'));
$this->DB->execute();
while ($r = $this->DB->fetch()) {
$banfilters[$r['ban_type']][] = $r['ban_content'];
}
//-----------------------------------------
// Check in banned list
//-----------------------------------------
if (isset($banfilters['email']) and is_array($banfilters['email']) and count($banfilters['email'])) {
foreach ($banfilters['email'] as $email) {
$email = str_replace('\\*', '.*', preg_quote($email, "/"));
if (preg_match("/^{$email}\$/i", $_emailOne)) {
return array(0 => $this->lang->words['email_is_taken']);
}
}
}
//-----------------------------------------
// Anti bot flood...
//-----------------------------------------
if ($this->settings['bot_antispam']) {
if ($this->registry->getClass('class_captcha')->validate() !== TRUE) {
return array(0 => $this->lang->words['captcha_email_invalid']);
}
}
//-----------------------------------------
// Load handler...
//-----------------------------------------
require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
$this->han_login = new han_login($this->registry);
$this->han_login->init();
if ($this->han_login->emailExistsCheck($_emailOne) !== FALSE) {
return array(0 => $this->lang->words['email_is_taken']);
}
$this->han_login->changeEmail($this->memberData['email'], $_emailOne);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'SUCCESS') {
return array(0 => $this->lang->words['email_is_taken']);
}
//-----------------------------------------
// Require new validation? NON ADMINS ONLY
//-----------------------------------------
if ($this->settings['reg_auth_type'] and !$this->memberData['g_access_cp']) {
$validate_key = md5(IPSLib::makePassword() . time());
//-----------------------------------------
// Update the new email, but enter a validation key
// and put the member in "awaiting authorisation"
// and send an email..
//-----------------------------------------
$db_str = array('vid' => $validate_key, 'member_id' => $this->memberData['member_id'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => time(), 'coppa_user' => 0, 'email_chg' => 1, 'ip_address' => $this->request['IP_ADDRESS'], 'prev_email' => $this->memberData['email']);
if ($this->memberData['member_group_id'] != $this->settings['auth_group']) {
$db_str['real_group'] = $this->memberData['member_group_id'];
}
$this->DB->insert('validating', $db_str);
IPSMember::save($this->memberData['member_id'], array('core' => array('member_group_id' => $this->settings['auth_group'], 'email' => $_emailOne)));
IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($_emailOne));
//-----------------------------------------
// Update their session with the new member group
//-----------------------------------------
if ($this->member->session_id) {
$this->member->sessionClass()->convertMemberToGuest();
}
//-----------------------------------------
// Kill the cookies to stop auto log in
//-----------------------------------------
IPSCookie::set('pass_hash', '-1', 0);
IPSCookie::set('member_id', '-1', 0);
IPSCookie::set('session_id', '-1', 0);
//-----------------------------------------
// Dispatch the mail, and return to the activate form.
//-----------------------------------------
IPSText::getTextClass('email')->getTemplate("newemail");
IPSText::getTextClass('email')->buildMessage(array('NAME' => $this->memberData['members_display_name'], 'THE_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=auto_validate&type=newemail&uid=" . $this->memberData['member_id'] . "&aid=" . $validate_key, 'ID' => $this->memberData['member_id'], 'MAN_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=07", 'CODE' => $validate_key));
IPSText::getTextClass('email')->subject = $this->lang->words['lp_subject'] . ' ' . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $_emailOne;
IPSText::getTextClass('email')->sendMail();
$this->registry->getClass('output')->redirectScreen($this->lang->words['ce_redirect'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=07');
} else {
//-----------------------------------------
// No authorisation needed, change email addy and return
//-----------------------------------------
IPSMember::save($this->memberData['member_id'], array('core' => array('email' => $_emailOne)));
IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($_emailOne));
//-----------------------------------------
// Add to OK message
//-----------------------------------------
$this->ok_message = $this->lang->words['ok_email_changed'];
return TRUE;
}
}
