public function createUser($api_key, $api_module, $username, $email, $display_name, $md5_passwordHash)
{
//-----------------------------------------
// INIT
//-----------------------------------------
$api_key = IPSText::md5Clean($api_key);
$api_module = IPSText::parseCleanValue($api_module);
//-----------------------------------------
// Authenticate
//-----------------------------------------
if ($this->__authenticate($api_key, $api_module, 'createUser') !== FALSE) {
//-----------------------------------------
// Add log
//-----------------------------------------
$this->addLogging($api_key);
//-----------------------------------------
// Create a user
//-----------------------------------------
$test = IPSMember::create(array('core' => array('email' => $email, 'md5_hash_password' => $md5_passwordHash, 'name' => $username, 'members_display_name' => $display_name)));
//-----------------------------------------
// The way IPSMember::create function works is it can't fail.. It always returns true unless all data isn't provided.
// However it will still create a partial record. So in essence never fails
//-----------------------------------------
$this->classApiServer->apiSendReply(array('result' => 'success'));
exit;
}
}
/**
* Converge_Server::__create_user_account()
*
* Routine to create a local user account
*
* @access public
* @param string $email_address Email address of user logged in
* @param string $md5_once_password The plain text password, hashed once
* @param string $ip_address IP Address of registree
* @param string $unix_join_date The member's join date in unix format
* @param string $timezone The member's timezone
* @param string $dst_autocorrect The member's DST autocorrect settings
* @param string $username The member's username
* @return array $member Newly created member array
*
* @deprecated Doesn't seem to be used anymore, need to verify properly for the next major revision
*/
protected function __create_user_account($email_address = '', $md5_once_password, $ip_address, $unix_join_date, $timezone = 0, $dst_autocorrect = 0, $username = '')
{
//-----------------------------------------
// Check to make sure there's not already
// a member registered.
//-----------------------------------------
$member = IPSMember::load($email_address);
if ($member['member_id']) {
return $member;
}
//-----------------------------------------
// INIT
//-----------------------------------------
$unix_join_date = $unix_join_date ? $unix_join_date : time();
$ip_address = $ip_address ? $ip_address : $this->member->ip_address;
//-----------------------------------------
// Create member
//-----------------------------------------
$member = IPSMember::create(array('members' => array('email' => $email_address, 'password' => $md5_once_password, 'name' => $username, 'members_display_name' => $username, 'joined' => $unix_join_date, 'ip_address' => $ip_address, 'members_created_remote' => true)), false, true, false);
return $member;
}
/**
* Register a new account
*
* @param string Key - this can be anything which is known only to the applications. Never reveal this key publically.
* For IPS Community Suite installs, this key can be obtained in the Login Management page in the ACP
* @param string Username
* @param string Display name
* @param string The password, md5 encoded
* @param string Email address
* @return void Outputs to screen JSON object with 2 parameters
'status' One of the following values:
BAD_KEY The key provided was invalid
SUCCESS Account created
EMAIL_IN_USE Email is already in use
USERNAME_IN_USE Username is already in use
BAD_KEY Key was invalid
MISSING_DATA Not all data was provided
FAIL Other error
'id' with master ID number (0 if fail) - if user already exists, will provide ID of existing user
*/
public function register($key, $username, $displayname, $md5Password, $email, $revalidateUrl)
{
//-----------------------------------------
// Checks
//-----------------------------------------
/* Key is good */
if ($key != $this->masterKey) {
echo json_encode(array('status' => 'BAD_KEY', 'id' => 0));
exit;
}
/* We have the data */
if (!$email or !$md5Password) {
echo json_encode(array('status' => 'MISSING_DATA', 'id' => 0));
exit;
}
/* Email/Username is not in use */
$member = IPSMember::load($email, 'none', 'email');
if ($member['member_id']) {
echo json_encode(array('status' => 'EMAIL_IN_USE', 'id' => $member['member_id']));
exit;
}
if ($username) {
$member = IPSMember::load($username, 'none', 'username');
if ($member['member_id']) {
echo json_encode(array('status' => 'USERNAME_IN_USE', 'id' => $member['member_id']));
exit;
}
}
//-----------------------------------------
// Create
//-----------------------------------------
/* Set basic data */
$tables = array('members' => array('email' => $email, 'md5_hash_password' => $md5Password));
if ($displayname and !$username) {
$username = $displayname;
}
/* Are we validating? */
if ($revalidateUrl) {
$tables['members']['member_group_id'] = ipsRegistry::$settings['auth_group'];
$tables['members']['ipsconnect_revalidate_url'] = base64_decode($revalidateUrl);
}
/* Create */
if ($username) {
$tables['members']['name'] = $username;
if ($displayname) {
$tables['members']['members_display_name'] = $displayname;
}
$member = IPSMember::create($tables, TRUE, TRUE);
} else {
$member = IPSMember::create($tables, FALSE, TRUE, FALSE);
}
//-----------------------------------------
// Return
//-----------------------------------------
if ($member['member_id']) {
echo json_encode(array('status' => 'SUCCESS', 'id' => $member['member_id']));
exit;
} else {
echo json_encode(array('status' => 'FAIL', 'id' => 0));
exit;
}
}
/**
* Completes the connection
*
* @access public
* @return redirect
*/
public function finishLogin()
{
/* From reg flag */
if ($_REQUEST['code']) {
/* Load oAuth */
require_once IPS_KERNEL_PATH . 'facebook/facebookoauth.php';
/*noLibHook*/
$this->_oauth = new FacebookOAuth(FACEBOOK_APP_ID, FACEBOOK_APP_SECRET, FACEBOOK_CALLBACK, $this->extendedPerms);
/* Load API */
require_once IPS_KERNEL_PATH . 'facebook/facebook.php';
/*noLibHook*/
$this->_api = new Facebook(array('appId' => FACEBOOK_APP_ID, 'secret' => FACEBOOK_APP_SECRET, 'cookie' => true));
/* Ensure URL is correct */
$_urlExtra = '';
if ($_REQUEST['key']) {
$_urlExtra .= '&key=' . $_REQUEST['key'];
}
if ($_REQUEST['_reg']) {
$_urlExtra .= '&_reg=1';
}
/* Update callback url */
$this->_oauth->setCallBackUrl(FACEBOOK_CALLBACK . $_urlExtra);
/* Generate oAuth token */
$rToken = $this->_oauth->getAccessToken($_REQUEST['code']);
if (is_string($rToken)) {
try {
$_userData = $this->_api->api('me', array('access_token' => $rToken));
} catch (Exception $e) {
/* Try re-authorising */
if (stristr($e->getMessage(), 'invalid')) {
$this->redirectToConnectPage();
}
}
/* A little gymnastics */
$this->_userData = $_userData;
$_userData = $this->fetchUserData($rToken);
/* Got a member linked already? */
$_member = IPSMember::load($_userData['id'], 'all', 'fb_uid');
/* Not connected, check email address */
if (!$_member['member_id'] and $_userData['email']) {
$_member = IPSMember::load($_userData['email'], 'all', 'email');
/* We do have an existing account, so trash email forcing user to sign up with new */
if ($_member['member_id']) {
/* Update row */
IPSMember::save($_member['member_id'], array('core' => array('fb_uid' => $_userData['id'], 'fb_token' => $rToken)));
}
}
if ($_member['member_id']) {
$memberData = $_member;
/* Ensure user's row is up to date */
IPSMember::save($memberData['member_id'], array('core' => array('fb_token' => $rToken)));
/* Here, so log us in!! */
/* changed by denchu 26/12/12 */
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
} else {
/* No? Create a new member */
foreach (array('fbc_s_pic', 'fbc_s_status', 'fbc_s_aboutme') as $field) {
$toSave[$field] = 1;
}
$fb_bwoptions = IPSBWOptions::freeze($toSave, 'facebook');
$safeFBName = IPS_DOC_CHAR_SET != 'UTF-8' ? IPSText::utf8ToEntities($_userData['name']) : $_userData['name'];
/* Make sure usernames are safe */
if ($this->settings['username_characters']) {
$check_against = preg_quote($this->settings['username_characters'], "/");
$check_against = str_replace('\\-', '-', $check_against);
$safeFBName = preg_replace('/[^' . $check_against . ']+/i', '', $safeFBName);
}
/* Check ban filters? */
if (IPSMember::isBanned('email', $_userData['email']) or IPSMember::isBanned('name', $safeFBName)) {
$this->registry->output->showError('you_are_banned', 1090003);
}
$displayName = $this->settings['fb_realname'] == 'enforced' ? $safeFBName : '';
/* From reg, so create new account properly */
$toSave = array('core' => array('name' => IPSText::parseCleanValue($safeFBName), 'members_display_name' => IPSText::parseCleanValue($displayName), 'members_created_remote' => 1, 'member_group_id' => $this->settings['fbc_mgid'] ? $this->settings['fbc_mgid'] : $this->settings['member_group'], 'email' => $_userData['email'], 'fb_uid' => $_userData['id'], 'time_offset' => $_userData['timezone'], 'members_auto_dst' => 1, 'fb_token' => $rToken), 'extendedProfile' => array('pp_about_me' => IPSText::getTextClass('bbcode')->stripBadWords(IPSText::convertCharsets($_userData['about'], 'utf-8', IPS_DOC_CHAR_SET)), 'fb_bwoptions' => $fb_bwoptions));
$memberData = IPSMember::create($toSave, FALSE, FALSE, TRUE);
if (!$memberData['member_id']) {
throw new Exception('CREATION_FAIL');
}
/* Sync up photo */
$this->syncMember($memberData['member_id']);
$pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id']));
if ($pmember['partial_member_id']) {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']);
} else {
/* Already got a display name */
if ($displayName) {
/* Here, so log us in!! */
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
IPSLib::runMemberSync('onCompleteAccount', $memberData);
if ($this->settings['new_reg_notify']) {
$this->registry->class_localization->loadLanguageFile(array('public_register'), 'core');
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("admin_newuser"));
IPSText::getTextClass('email')->buildMessage(array('DATE' => $this->registry->getClass('class_localization')->getDate(time(), 'LONG', 1), 'LOG_IN_NAME' => $safeFBName, 'EMAIL' => $_userData['email'], 'IP' => $this->member->ip_address, 'DISPLAY_NAME' => $displayName));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
} else {
throw new Exception('CREATION_FAIL');
}
}
}
} else {
throw new Exception('CREATION_FAIL');
}
} else {
/* Need to re-auth */
}
}
/**
* Processes the registration form
*
* @access public
* @return void
*/
public function registerProcessForm()
{
$form_errors = array();
$coppa = $this->request['coppa_user'] == 1 ? 1 : 0;
$in_password = trim($this->request['PassWord']);
$in_email = strtolower(trim($this->request['EmailAddress']));
$_SFS_FOUND = FALSE;
/* Check */
if ($this->settings['no_reg'] == 1) {
$this->registry->output->showError('registration_disabled', 2016, true);
}
/* Custom profile field stuff */
require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php';
$custom_fields = new customProfileFields();
$custom_fields->initData('edit');
$custom_fields->parseToSave($this->request, 'register');
/* Check */
if ($custom_fields->error_messages) {
$form_errors['general'] = $custom_fields->error_messages;
}
/* Check the email address */
if (!$in_email or strlen($in_email) < 6 or !IPSText::checkEmailAddress($in_email)) {
$form_errors['email'][$this->lang->words['err_invalid_email']] = $this->lang->words['err_invalid_email'];
}
if (trim($this->request['PassWord_Check']) != $in_password) {
$form_errors['password'][$this->lang->words['passwords_not_match']] = $this->lang->words['passwords_not_match'];
}
/* Test email address */
$this->request['EmailAddress_two'] = strtolower(trim($this->request['EmailAddress_two']));
$this->request['EmailAddress'] = strtolower(trim($this->request['EmailAddress']));
if (!IPSText::checkEmailAddress($this->request['EmailAddress_two'])) {
$form_errors['email'][$this->lang->words['reg_error_email_invalid']] = $this->lang->words['reg_error_email_invalid'];
} else {
if ($in_email and $this->request['EmailAddress_two'] != $in_email) {
$form_errors['email'][$this->lang->words['reg_error_email_nm']] = $this->lang->words['reg_error_email_nm'];
}
}
/* Need username? */
$uses_name = false;
foreach ($this->cache->getCache('login_methods') as $method) {
if ($method['login_user_id'] == 'username') {
$uses_name = true;
}
}
if (!$uses_name) {
$_REQUEST['UserName'] = $_REQUEST['members_display_name'];
$this->request['UserName'] = $this->request['members_display_name'];
}
/* Check the username */
$user_check = IPSMember::getFunction()->cleanAndCheckName($this->request['UserName'], array(), 'name');
if ($this->settings['auth_allow_dnames']) {
$disp_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'members_display_name');
}
if (is_array($user_check['errors']) && count($user_check['errors'])) {
foreach ($user_check['errors'] as $key => $error) {
$form_errors[$key][] = $error;
}
}
if ($this->settings['auth_allow_dnames'] and is_array($disp_check['errors']) && count($disp_check['errors'])) {
foreach ($disp_check['errors'] as $key => $error) {
$form_errors[$key][] = $error;
}
}
/* CHECK 1: Any errors (missing fields, etc)? */
if (count($form_errors)) {
$this->registerForm($form_errors);
return;
}
/* Is this email addy taken? */
if (IPSMember::checkByEmail($in_email) == TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Load handler... */
require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
$this->han_login = new han_login($this->registry);
$this->han_login->init();
$this->han_login->emailExistsCheck($in_email);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Are they banned [EMAIL]? */
if (IPSMember::isBanned('email', $in_email) === TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_ban']] = $this->lang->words['reg_error_email_ban'];
}
/* Check the CAPTCHA */
if ($this->settings['bot_antispam']) {
if ($this->registry->getClass('class_captcha')->validate() !== TRUE) {
$form_errors['general'][$this->lang->words['err_reg_code']] = $this->lang->words['err_reg_code'];
}
}
/* Check the Q and A */
if ($this->settings['registration_qanda']) {
$qanda = intval($this->request['qanda_id']);
$pass = false;
if ($qanda) {
$data = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'where' => 'qa_id=' . $qanda));
if ($data['qa_id']) {
$answers = explode("\n", str_replace("\r", "", $data['qa_answers']));
if (count($answers)) {
foreach ($answers as $answer) {
if (strtolower($answer) == strtolower($this->request['qa_answer'])) {
$pass = true;
break;
}
}
}
}
} else {
//-----------------------------------------
// Do we have any questions?
//-----------------------------------------
$data = $this->DB->buildAndFetch(array('select' => 'COUNT(*) as questions', 'from' => 'question_and_answer'));
if (!$data['questions']) {
$pass = true;
}
}
if (!$pass) {
$form_errors['general'][$this->lang->words['err_q_and_a']] = $this->lang->words['err_q_and_a'];
}
}
/* CHECK 2: Any errors ? */
if (count($form_errors)) {
$this->registerForm($form_errors);
return;
}
/* Build up the hashes */
$mem_group = $this->settings['member_group'];
/* Are we asking the member or admin to preview? */
if ($this->settings['reg_auth_type']) {
$mem_group = $this->settings['auth_group'];
} else {
if ($coppa == 1) {
$mem_group = $this->settings['auth_group'];
}
}
/* Create member */
$member = array('name' => $this->request['UserName'], 'password' => $in_password, 'members_display_name' => $this->settings['auth_allow_dnames'] ? $this->request['members_display_name'] : $this->request['UserName'], 'email' => $in_email, 'member_group_id' => $mem_group, 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->request['time_offset'], 'coppa_user' => $coppa, 'members_auto_dst' => intval($this->request['dst']), 'allow_admin_mails' => intval($this->request['allow_admin_mail']), 'hide_email' => $this->request['allow_member_mail'] ? 0 : 1);
/* Spam Service */
$spamCode = 0;
if ($this->settings['spam_service_enabled'] && $this->settings['spam_service_api_key']) {
/* Query the service */
$spamCode = IPSMember::querySpamService($in_email);
/* Action to perform */
$action = $this->settings['spam_service_action_' . $spamCode];
/* Perform Action */
switch ($action) {
/* Proceed with registraction */
case 1:
break;
/* Flag for admin approval */
/* Flag for admin approval */
case 2:
$member['member_group_id'] = $this->settings['auth_group'];
$this->settings['reg_auth_type'] = 'admin';
break;
/* Approve the account, but ban it */
/* Approve the account, but ban it */
case 3:
$member['member_banned'] = 1;
$member['member_group_id'] = $this->settings['banned_group'];
$this->settings['reg_auth_type'] = '';
break;
}
}
//-----------------------------------------
// Create the account
//-----------------------------------------
$member = IPSMember::create(array('members' => $member, 'pfields_content' => $this->request));
//-----------------------------------------
// Login handler create account callback
//-----------------------------------------
$this->han_login->createAccount(array('email' => $member['email'], 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $this->member->ip_address, 'username' => $member['members_display_name']));
//-----------------------------------------
// We'll just ignore if this fails - it shouldn't hold up IPB anyways
//-----------------------------------------
/*if ( $han_login->return_code AND ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) )
{
$this->registry->output->showError( 'han_login_create_failed', 2017, true );
}*/
//-----------------------------------------
// Validation
//-----------------------------------------
$validate_key = md5(IPSLib::makePassword() . time());
$time = time();
if ($coppa != 1) {
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin' or $this->settings['reg_auth_type'] == 'admin_user') {
//-----------------------------------------
// We want to validate all reg's via email,
// after email verificiation has taken place,
// we restore their previous group and remove the validate_key
//-----------------------------------------
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin_user') {
IPSText::getTextClass('email')->getTemplate("reg_validate");
IPSText::getTextClass('email')->buildMessage(array('THE_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=auto_validate&uid=" . urlencode($member['member_id']) . "&aid=" . urlencode($validate_key), 'NAME' => $member['members_display_name'], 'MAN_LINK' => $this->settings['base_url'] . "app=core&module=global§ion=register&do=05", 'EMAIL' => $member['email'], 'ID' => $member['member_id'], 'CODE' => $validate_key));
IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email'] . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
$this->output = $this->registry->output->getTemplate('register')->showAuthorize($member);
} else {
if ($this->settings['reg_auth_type'] == 'admin') {
$this->output = $this->registry->output->getTemplate('register')->showPreview($member);
}
}
if ($this->settings['new_reg_notify']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'MEMBER_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email1'] . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
$this->registry->output->setTitle($this->lang->words['reg_success']);
$this->registry->output->addNavigation($this->lang->words['nav_reg'], '');
} else {
/* We don't want to preview, or get them to validate via email. */
$stat_cache = $this->caches['stats'];
if ($member['members_display_name'] and $member['member_id']) {
$stat_cache['last_mem_name'] = $member['members_display_name'];
$stat_cache['last_mem_id'] = $member['member_id'];
}
$stat_cache['mem_count'] += 1;
$this->cache->setCache('stats', $stat_cache, array('array' => 1, 'deletefirst' => 0));
if ($this->settings['new_reg_notify']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'MEMBER_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email1'] . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
IPSCookie::set('pass_hash', $member['member_login_key'], 1);
IPSCookie::set('member_id', $member['member_id'], 1);
//-----------------------------------------
// Fix up session
//-----------------------------------------
$privacy = $this->request['Privacy'] ? 1 : 0;
if ($member['g_hide_online_list']) {
$privacy = 1;
}
$this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy));
$this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&fromreg=1');
}
} else {
/* This is a COPPA user, so lets tell them they registered OK and redirect to the form. */
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
$this->registry->output->redirectScreen($this->lang->words['cp_success'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=12');
}
}
function ipb_create($username, $email, $password, $id_level, $newuid)
{
global $THIS_BASEPATH, $TABLE_PREFIX, $registry;
if (!isset($THIS_BASEPATH) || empty($THIS_BASEPATH)) {
$THIS_BASEPATH = str_replace(array("\\", "/include"), array("/", ""), dirname(__FILE__));
}
if (!defined('IPS_ENFORCE_ACCESS')) {
define('IPS_ENFORCE_ACCESS', true);
}
if (!defined('IPB_THIS_SCRIPT')) {
define('IPB_THIS_SCRIPT', 'public');
}
if (!isset($registry) || empty($registry)) {
require_once $THIS_BASEPATH . '/ipb/initdata.php';
require_once IPS_ROOT_PATH . 'sources/base/ipsRegistry.php';
require_once IPS_ROOT_PATH . 'sources/base/ipsController.php';
$registry = ipsRegistry::instance();
$registry->init();
}
$member_info = IPSMember::create(array("members" => array("name" => "{$username}", "members_display_name" => "{$username}", "email" => "{$email}", "password" => "{$password}", "member_group_id" => "{$id_level}", "allow_admin_mails" => "1", "members_created_remote" => "1")));
$ipb_fid = $member_info["member_id"];
do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `ipb_fid`=" . $ipb_fid . " WHERE `id`=" . $newuid);
}
/**
* Processes the registration form
*
* @return @e void
*/
public function registerProcessForm()
{
$this->_resetMember();
$form_errors = array();
$coppa = $this->request['coppa_user'] == 1 ? 1 : 0;
$in_password = trim($this->request['PassWord']);
$in_email = strtolower(trim($this->request['EmailAddress']));
/* Did we agree to the t&c? */
if (!$this->request['agree_tos']) {
$form_errors['tos'] = array($this->lang->words['must_agree_to_terms']);
}
/* Custom profile field stuff */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields');
$custom_fields = new $classToLoad();
$custom_fields->initData('edit');
$custom_fields->parseToSave($_POST, 'register');
/* Check */
if ($custom_fields->error_messages) {
$form_errors['general'] = $custom_fields->error_messages;
}
/* Check the email address */
if (!$in_email or strlen($in_email) < 6 or !IPSText::checkEmailAddress($in_email)) {
$form_errors['email'][$this->lang->words['err_invalid_email']] = $this->lang->words['err_invalid_email'];
}
if (trim($this->request['PassWord_Check']) != $in_password or !$in_password) {
$form_errors['password'][$this->lang->words['passwords_not_match']] = $this->lang->words['passwords_not_match'];
}
/*
There's no reason for this - http://community.invisionpower.com/resources/bugs.html/_/ip-board/registrations-limit-passwords-to-32-characters-for-no-apparent-reason-r37770
elseif ( strlen( $in_password ) < 3 )
{
$form_errors['password'][$this->lang->words['pass_too_short']] = $this->lang->words['pass_too_short'];
}
elseif ( strlen( $in_password ) > 32 )
{
$form_errors['password'][$this->lang->words['pass_too_long']] = $this->lang->words['pass_too_long'];
}
*/
/* Check the username */
$user_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'name');
$disp_check = IPSMember::getFunction()->cleanAndCheckName($this->request['members_display_name'], array(), 'members_display_name');
if (is_array($user_check['errors']) && count($user_check['errors'])) {
foreach ($user_check['errors'] as $key => $error) {
$form_errors['dname'][$error] = isset($this->lang->words[$error]) ? $this->lang->words[$error] : $error;
}
}
/* this duplicates username error above */
/*if( is_array( $disp_check['errors'] ) && count( $disp_check['errors'] ) )
{
foreach( $disp_check['errors'] as $key => $error )
{
$form_errors['dname'][ $error ] = isset($this->lang->words[ $error ]) ? $this->lang->words[ $error ] : $error;
}
}*/
/* Is this email addy taken? */
if (IPSMember::checkByEmail($in_email) == TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Load handler... */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
$this->han_login->emailExistsCheck($in_email);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') {
$form_errors['email'][$this->lang->words['reg_error_email_taken']] = $this->lang->words['reg_error_email_taken'];
}
/* Are they banned [EMAIL]? */
if (IPSMember::isBanned('email', $in_email) === TRUE) {
$form_errors['email'][$this->lang->words['reg_error_email_ban']] = $this->lang->words['reg_error_email_ban'];
}
/* Check the CAPTCHA */
if ($this->settings['bot_antispam_type'] != 'none') {
if ($this->registry->getClass('class_captcha')->validate() !== TRUE) {
$form_errors['general'][$this->lang->words['err_reg_code']] = $this->lang->words['err_reg_code'];
}
}
/* Check the Q and A */
$qanda = intval($this->request['qanda_id']);
$pass = true;
if ($qanda) {
$pass = false;
$data = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'question_and_answer', 'where' => 'qa_id=' . $qanda));
if ($data['qa_id']) {
$answers = explode("\n", str_replace("\r", "", $data['qa_answers']));
if (count($answers)) {
foreach ($answers as $answer) {
$answer = trim($answer);
if (IPSText::mbstrlen($answer) and mb_strtolower($answer) == mb_strtolower($this->request['qa_answer'])) {
$pass = true;
break;
}
}
}
}
} else {
//-----------------------------------------
// Do we have any questions?
//-----------------------------------------
$data = $this->DB->buildAndFetch(array('select' => 'COUNT(*) as questions', 'from' => 'question_and_answer'));
if ($data['questions']) {
$pass = false;
}
}
if (!$pass) {
$form_errors['general'][$this->lang->words['err_q_and_a']] = $this->lang->words['err_q_and_a'];
}
/* CHECK 2: Any errors ? */
if (count($form_errors)) {
$this->registerForm($form_errors);
return;
}
/* Build up the hashes */
$mem_group = $this->settings['member_group'];
/* Are we asking the member or admin to preview? */
if ($this->settings['reg_auth_type']) {
$mem_group = $this->settings['auth_group'];
} else {
if ($coppa == 1) {
$mem_group = $this->settings['auth_group'];
}
}
/* Create member */
$member = array('name' => $this->request['members_display_name'], 'password' => $in_password, 'members_display_name' => $this->request['members_display_name'], 'email' => $in_email, 'member_group_id' => $mem_group, 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->request['time_offset'], 'coppa_user' => $coppa, 'members_auto_dst' => intval($this->settings['time_dst_auto_correction']), 'allow_admin_mails' => intval($this->request['allow_admin_mail']), 'language' => $this->member->language_id);
/* Spam Service */
$spamCode = 0;
$_spamFlag = 0;
if ($this->settings['spam_service_enabled']) {
/* Query the service */
$spamCode = IPSMember::querySpamService($in_email);
/* Action to perform */
$action = $this->settings['spam_service_action_' . $spamCode];
/* Perform Action */
switch ($action) {
/* Proceed with registration */
case 1:
break;
/* Flag for admin approval */
/* Flag for admin approval */
case 2:
$member['member_group_id'] = $this->settings['auth_group'];
$this->settings['reg_auth_type'] = 'admin';
$_spamFlag = 1;
break;
/* Approve the account, but ban it */
/* Approve the account, but ban it */
case 3:
$member['member_banned'] = 1;
$member['bw_is_spammer'] = 1;
$this->settings['reg_auth_type'] = '';
break;
/* Deny registration */
/* Deny registration */
case 4:
$this->registry->output->showError('spam_denied_account', '100x001', FALSE, '', 200);
break;
}
}
//-----------------------------------------
// Create the account
//-----------------------------------------
$member = IPSMember::create(array('members' => $member, 'pfields_content' => $custom_fields->out_fields), FALSE, FALSE, FALSE);
//-----------------------------------------
// Login handler create account callback
//-----------------------------------------
$this->han_login->createAccount(array('member_id' => $member['member_id'], 'email' => $member['email'], 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $this->member->ip_address, 'username' => $member['members_display_name'], 'name' => $member['name'], 'members_display_name' => $member['members_display_name']));
//-----------------------------------------
// We'll just ignore if this fails - it shouldn't hold up IPB anyways
//-----------------------------------------
/*if ( $han_login->return_code AND ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' ) )
{
$this->registry->output->showError( 'han_login_create_failed', 2017, true );
}*/
//-----------------------------------------
// Validation
//-----------------------------------------
$validate_key = md5(IPSMember::makePassword() . time());
$time = time();
if ($coppa != 1) {
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin' or $this->settings['reg_auth_type'] == 'admin_user') {
//-----------------------------------------
// We want to validate all reg's via email,
// after email verificiation has taken place,
// we restore their previous group and remove the validate_key
//-----------------------------------------
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address'], 'spam_flag' => $_spamFlag));
if ($this->settings['reg_auth_type'] == 'user' or $this->settings['reg_auth_type'] == 'admin_user') {
/* Send out the email. */
$message = array('THE_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=auto_validate&uid=" . urlencode($member['member_id']) . "&aid=" . urlencode($validate_key), 'publicNoSession', 'false'), 'NAME' => $member['members_display_name'], 'MAN_LINK' => $this->registry->getClass('output')->buildSEOUrl("app=core&module=global§ion=register&do=05", 'publicNoSession', 'false'), 'EMAIL' => $member['email'], 'ID' => $member['member_id'], 'CODE' => $validate_key);
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("reg_validate", $this->member->language_id));
IPSText::getTextClass('email')->buildPlainTextContent($message);
IPSText::getTextClass('email')->buildHtmlContent($message);
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
$this->output = $this->registry->output->getTemplate('register')->showAuthorize($member);
} else {
if ($this->settings['reg_auth_type'] == 'admin') {
$this->output = $this->registry->output->getTemplate('register')->showPreview($member);
}
}
/* Only send new registration email if the member wasn't banned */
if ($this->settings['new_reg_notify'] and !$member['member_banned']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
$this->registry->output->setTitle($this->lang->words['reg_success'] . ' - ' . ipsRegistry::$settings['board_name']);
$this->registry->output->addNavigation($this->lang->words['nav_reg'], '');
} else {
/* We don't want to preview, or get them to validate via email. */
$stat_cache = $this->cache->getCache('stats');
if ($member['members_display_name'] and $member['member_id'] and !$this->caches['group_cache'][$member['member_group_id']]['g_hide_online_list']) {
$stat_cache['last_mem_name'] = $member['members_display_name'];
$stat_cache['last_mem_name_seo'] = IPSText::makeSeoTitle($member['members_display_name']);
$stat_cache['last_mem_id'] = $member['member_id'];
}
$stat_cache['mem_count'] += 1;
$this->cache->setCache('stats', $stat_cache, array('array' => 1));
/* Only send new registration email if the member wasn't banned */
if ($this->settings['new_reg_notify'] and !$member['member_banned']) {
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'LOG_IN_NAME' => $member['name'], 'EMAIL' => $member['email'], 'IP' => $member['ip_address'], 'DISPLAY_NAME' => $member['members_display_name']));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email1'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
IPSCookie::set('pass_hash', $member['member_login_key'], 1);
IPSCookie::set('member_id', $member['member_id'], 1);
//-----------------------------------------
// Fix up session
//-----------------------------------------
$privacy = $member['g_hide_online_list'] || empty($this->settings['disable_anonymous']) && !empty($this->request['Privacy']) ? 1 : 0;
# Update value for onCompleteAccount call
$member['login_anonymous'] = $privacy . '&1';
$this->member->sessionClass()->convertGuestToMember(array('member_name' => $member['members_display_name'], 'member_id' => $member['member_id'], 'member_group' => $member['member_group_id'], 'login_type' => $privacy));
IPSLib::runMemberSync('onCompleteAccount', $member);
$this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&fromreg=1');
}
} else {
/* This is a COPPA user, so lets tell them they registered OK and redirect to the form. */
$this->DB->insert('validating', array('vid' => $validate_key, 'member_id' => $member['member_id'], 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => $time, 'coppa_user' => $coppa, 'new_reg' => 1, 'ip_address' => $member['ip_address']));
$this->registry->output->redirectScreen($this->lang->words['cp_success'], $this->settings['base_url'] . 'app=core&module=global&section=register&do=12');
}
}
/**
* Add a member [process]
*
* @access private
* @return void [Outputs to screen]
*/
private function _memberDoAdd()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$in_username = trim($this->request['name']);
$in_password = trim($this->request['password']);
$in_email = trim(strtolower($this->request['email']));
$members_display_name = trim($this->request['members_display_name']);
$this->registry->output->global_message = '';
//-----------------------------------------
// Check form
//-----------------------------------------
foreach (array('name', 'password', 'email', 'member_group_id') as $field) {
if (!$_POST[$field]) {
$this->registry->output->showError($this->lang->words['m_completeform'], 11238);
}
}
//-----------------------------------------
// Check
//-----------------------------------------
if (!IPSText::checkEmailAddress($in_email)) {
$this->registry->output->global_message = $this->lang->words['m_emailinv'];
}
$userName = IPSMember::getFunction()->cleanAndCheckName($in_username, array(), 'name');
$displayName = IPSMember::getFunction()->cleanAndCheckName($members_display_name, array(), 'members_display_name');
if (count($userName['errors'])) {
$this->registry->output->global_message .= '<p>' . $this->lang->words['sm_loginname'] . ' ' . $userName['errors']['username'] . '</p>';
}
if ($this->settings['auth_allow_dnames'] and count($displayName['errors'])) {
$this->registry->output->global_message .= '<p>' . $this->lang->words['sm_display'] . ' ' . $displayName['errors']['dname'] . '</p>';
}
/* Errors? */
if ($this->registry->output->global_message) {
$this->_memberAddForm();
return;
}
//-----------------------------------------
// Load handler...
//-----------------------------------------
require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
$this->han_login = new han_login($this->registry);
$this->han_login->init();
$this->han_login->emailExistsCheck($in_email);
if ($this->han_login->return_code and $this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'EMAIL_NOT_IN_USE') {
$this->registry->output->global_message = $this->lang->words['m_emailalready'];
$this->_memberAddForm();
return;
}
//-----------------------------------------
// Allowed to add administrators?
//-----------------------------------------
if ($this->caches['group_cache'][intval($this->request['member_group_id'])]['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_add_admin')) {
$this->registry->output->global_message = $this->lang->words['m_addadmin'];
$this->_memberAddForm();
return;
}
$member = array('name' => $in_username, 'members_display_name' => $members_display_name ? $members_display_name : $in_username, 'email' => $in_email, 'member_group_id' => intval($this->request['member_group_id']), 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->settings['time_offset'], 'coppa_user' => intval($this->request['coppa']), 'allow_admin_mails' => 1, 'password' => $in_password);
//-----------------------------------------
// Create the account
//-----------------------------------------
$member = IPSMember::create(array('members' => $member, 'pfields_content' => $this->request));
//-----------------------------------------
// Login handler create account callback
//-----------------------------------------
$this->han_login->createAccount(array('email' => $in_email, 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $member['ip_address'], 'username' => $member['members_display_name']));
/*if( $this->han_login->return_code AND $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'SUCCESS' )
{
$this->registry->output->global_message = sprintf( $this->lang->words['m_cantadd'], $this->han_login->return_code ) . $this->han_login->return_details;
$this->_memberAddForm();
return;
}*/
//-----------------------------------------
// Restriction permissions stuff
//-----------------------------------------
if ($this->memberData['row_perm_cache']) {
if ($this->caches['group_cache'][intval($this->request['member_group_id'])]['g_access_cp']) {
//-----------------------------------------
// Copy restrictions...
//-----------------------------------------
$this->DB->insert('admin_permission_rows', array('row_member_id' => $member_id, 'row_perm_cache' => $this->memberData['row_perm_cache'], 'row_updated' => time()));
}
}
//-----------------------------------------
// Send teh email (I love 'teh' as much as !!11!!1)
//-----------------------------------------
if ($this->request['sendemail']) {
IPSText::getTextClass('email')->getTemplate("account_created");
IPSText::getTextClass('email')->buildMessage(array('NAME' => $member['name'], 'EMAIL' => $member['email'], 'PASSWORD' => $in_password));
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
}
//-----------------------------------------
// Stats
//-----------------------------------------
$this->cache->rebuildCache('stats', 'global');
//-----------------------------------------
// Log and bog?
//-----------------------------------------
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_createlog'], $this->request['name']));
$this->registry->output->global_message = $this->lang->words['m_memadded'];
$this->request['member_id'] = $member['member_id'];
$this->_showAdminForm($member, array());
$this->_memberView();
}
/**
* Create a local member account [public interface]
*
* @access public
* @param array Member Information [members,pfields,profile_portal]
* @return array New member information
*/
public function createLocalMember($member)
{
$member['members']['members_created_remote'] = true;
$member['members']['members_display_name'] = $member['members']['members_display_name'] ? $member['members']['members_display_name'] : $member['members']['name'];
// #38703 timezone when registering
$member['members']['time_offset'] = $member['members']['time_offset'] ? $member['members']['time_offset'] : $this->settings['time_offset'];
$_return = IPSMember::create($member, FALSE, FALSE, TRUE);
$this->cache->rebuildCache('stats', 'global');
if ($_return['full']) {
IPSLib::runMemberSync('onCompleteAccount', $_return);
}
return $_return;
}
/**
* Create a local member account [public interface]
*
* @access public
* @param array Member Information [members,pfields,profile_portal]
* @return array New member information
* @deprecated Just redirects to IPSMember::create
*/
public function createLocalMember($member)
{
$member['members']['members_created_remote'] = true;
return IPSMember::create($member);
}
/**
* Add a member [process]
*
* @return @e void
*/
protected function _memberDoAdd()
{
/* Init vars */
$in_username = trim($this->request['name']);
$in_password = trim($this->request['password']);
$in_email = trim(strtolower($this->request['email']));
$members_display_name = $this->request['mirror_loginname'] ? $in_username : trim($this->request['members_display_name']);
$this->registry->output->global_error = '';
$this->registry->class_localization->loadLanguageFile(array('public_register'), 'core');
/* Check erros */
foreach (array('name', 'password', 'email', 'member_group_id') as $field) {
if (!$_POST[$field]) {
$this->registry->output->showError($this->lang->words['m_completeform'], 11238);
}
}
//-----------------------------------------
// Check
//-----------------------------------------
if (!IPSText::checkEmailAddress($in_email)) {
$this->registry->output->global_error = $this->lang->words['m_emailinv'];
}
$userName = IPSMember::getFunction()->cleanAndCheckName($in_username, array(), 'name');
$displayName = IPSMember::getFunction()->cleanAndCheckName($members_display_name, array(), 'members_display_name');
if (count($userName['errors'])) {
$_message = $this->lang->words[$userName['errors']['username']] ? $this->lang->words[$userName['errors']['username']] : $userName['errors']['username'];
$this->registry->output->global_error .= '<p>' . $this->lang->words['sm_loginname'] . ': ' . $_message . '</p>';
}
if ($this->settings['auth_allow_dnames'] and count($displayName['errors'])) {
$_message = $this->lang->words[$displayName['errors']['dname']] ? $this->lang->words[$displayName['errors']['dname']] : $displayName['errors']['dname'];
$this->registry->output->global_error .= '<p>' . $this->lang->words['sm_display'] . ': ' . $_message . '</p>';
}
/* Errors? */
if ($this->registry->output->global_error) {
$this->_memberAddForm();
return;
}
//-----------------------------------------
// Load handler...
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
//-----------------------------------------
// Only check local, else a user being in Converge
// means that you can't manually add the user to the board
//-----------------------------------------
$email_check = $this->DB->buildAndFetch(array('select' => 'member_id', 'from' => 'members', 'where' => "email='" . $in_email . "'"));
if ($email_check['member_id']) {
$this->registry->output->global_error = $this->lang->words['m_emailalready'];
$this->_memberAddForm();
return;
}
//$this->han_login->emailExistsCheck( $in_email );
//if( $this->han_login->return_code AND $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'EMAIL_NOT_IN_USE' )
//{
// $this->registry->output->global_message = $this->lang->words['m_emailalready'];
// $this->_memberAddForm();
// return;
//}
//-----------------------------------------
// Allowed to add administrators?
//-----------------------------------------
if ($this->caches['group_cache'][intval($this->request['member_group_id'])]['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_add_admin')) {
$this->registry->output->global_error = $this->lang->words['m_addadmin'];
$this->_memberAddForm();
return;
}
$member = array('name' => $in_username, 'members_display_name' => $members_display_name ? $members_display_name : $in_username, 'email' => $in_email, 'member_group_id' => intval($this->request['member_group_id']), 'joined' => time(), 'ip_address' => $this->member->ip_address, 'time_offset' => $this->settings['time_offset'], 'coppa_user' => intval($this->request['coppa']), 'allow_admin_mails' => 1, 'password' => $in_password, 'language' => IPSLib::getDefaultLanguage());
//-----------------------------------------
// Create the account
//-----------------------------------------
$member = IPSMember::create(array('members' => $member, 'pfields_content' => $this->request), FALSE, FALSE, FALSE);
//-----------------------------------------
// Login handler create account callback
//-----------------------------------------
$this->han_login->createAccount(array('email' => $in_email, 'joined' => $member['joined'], 'password' => $in_password, 'ip_address' => $member['ip_address'], 'username' => $member['members_display_name']));
/*if( $this->han_login->return_code AND $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'SUCCESS' )
{
$this->registry->output->global_message = sprintf( $this->lang->words['m_cantadd'], $this->han_login->return_code ) . $this->han_login->return_details;
$this->_memberAddForm();
return;
}*/
//-----------------------------------------
// Restriction permissions stuff
//-----------------------------------------
if ($this->memberData['row_perm_cache']) {
if ($this->caches['group_cache'][intval($this->request['member_group_id'])]['g_access_cp']) {
//-----------------------------------------
// Copy restrictions...
//-----------------------------------------
$this->DB->insert('admin_permission_rows', array('row_member_id' => $member['member_id'], 'row_perm_cache' => $this->memberData['row_perm_cache'], 'row_updated' => time()));
}
}
//-----------------------------------------
// Send teh email (I love 'teh' as much as !!11!!1)
//-----------------------------------------
if ($this->request['sendemail']) {
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("account_created"));
IPSText::getTextClass('email')->buildMessage(array('NAME' => $member['name'], 'EMAIL' => $member['email'], 'PASSWORD' => $in_password));
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
}
//-----------------------------------------
// Stats
//-----------------------------------------
$this->cache->rebuildCache('stats', 'global');
$this->cache->rebuildCache('birthdays', 'calendar');
//-----------------------------------------
// Log and bog?
//-----------------------------------------
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_createlog'], $this->request['name']));
$this->registry->output->global_message = $this->lang->words['m_memadded'];
$this->request['member_id'] = $member['member_id'];
$this->_showAdminForm($member, array());
$this->_memberView();
}
/**
* Log in and create a brand new forum account
*
* @access public
* @return mixed On success, an array containing a message and redirect URL
*
* EXCEPTION CODES:
* NO_FACEBOOK_USER_LOGGED_IN System cannot detect a logged in facebook user
* NO_FB_EMAIL Could not locate a facebook proxy email
* CREATION_FAIL Account creation failed
* ALREADY_LINKED_MEMBER The facebook UID is already linked to another IPB account
*/
public function loginWithNewAccount()
{
$loggedInUser = $this->FB()->get_loggedin_user();
if (!$loggedInUser) {
throw new Exception('NO_FACEBOOK_USER_LOGGED_IN');
}
/* Ensure that there is not already a linked account */
/* Now get the linked user */
$_member = IPSMember::load($loggedInUser, 'all', 'fb_uid');
if ($_member['member_id']) {
throw new Exception('ALREADY_LINKED_MEMBER');
}
/* Now fetch more data */
$_fbData = $this->API()->users_getInfo($loggedInUser, array('name', 'proxied_email', 'timezone', 'pic', 'pic_square', 'pic_square_with_logo', 'about_me'));
$fbData = $_fbData[0];
if (!$fbData['proxied_email']) {
throw new Exception('NO_FB_EMAIL');
}
/* Generate BW options */
foreach (array('fbc_s_pic', 'fbc_s_avatar', 'fbc_s_status', 'fbc_s_aboutme') as $field) {
$toSave[$field] = 1;
}
$fb_bwoptions = IPSBWOptions::freeze($toSave, 'facebook');
/* Generate FB hash */
$hash = $this->generateEmailHash($fbData['proxied_email']);
$memberData = IPSMember::create(array('core' => array('name' => IPSText::convertCharsets($fbData['name'], 'utf-8', IPS_DOC_CHAR_SET), 'members_display_name' => IPSText::convertCharsets($fbData['name'], 'utf-8', IPS_DOC_CHAR_SET), 'members_created_remote' => 1, 'member_group_id' => $this->settings['fbc_mgid'] ? $this->settings['fbc_mgid'] : $this->settings['member_group'], 'email' => $fbData['proxied_email'], 'time_offset' => $fbData['timezone'], 'fb_uid' => $loggedInUser, 'fb_emailhash' => $hash), 'extendedProfile' => array('pp_about_me' => IPSText::convertCharsets($fbData['about_me'], 'utf-8', IPS_DOC_CHAR_SET), 'fb_photo' => $fbData['pic'], 'fb_photo_thumb' => $fbData['pic_square_with_logo'], 'fb_bwoptions' => $fb_bwoptions, 'avatar_location' => $fbData['pic_square'], 'avatar_type' => 'facebook')), TRUE);
if (!$memberData['member_id']) {
throw new Exception('CREATION_FAIL');
}
/* Register with Facebook */
try {
$reg = $this->API()->connect_registerUsers(json_encode(array(array('email_hash' => $hash, 'account_id' => $memberData['member_id']))));
} catch (Exception $error) {
//print $error->getMessage(); exit();
}
//-----------------------------------------
// Update Stats
//-----------------------------------------
$cache = $this->cache->getCache('stats');
if ($memberData['members_display_name'] and $memberData['member_id']) {
$cache['last_mem_name'] = $memberData['members_display_name'];
$cache['last_mem_id'] = $memberData['member_id'];
}
$cache['mem_count'] += 1;
$this->cache->setCache('stats', $cache, array('array' => 1, 'deletefirst' => 0));
//-----------------------------------------
// New registration emails
//-----------------------------------------
if ($this->settings['new_reg_notify']) {
$this->lang->loadLanguageFile(array('public_register'), 'core');
$date = $this->registry->class_localization->getDate(time(), 'LONG', 1);
IPSText::getTextClass('email')->getTemplate('admin_newuser');
IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'MEMBER_NAME' => $memberData['members_display_name']));
IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email1'] . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
/* Here, so log us in!! */
return $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
}
/**
* Set member based on IPS Connect
*
* @param array Data returned from IPS Connect
* @return void
*/
protected function _handleIpsConnect($data)
{
if ($data['connect_status'] != 'SUCCESS') {
return false;
}
$update = array();
$member = IPSMember::load($data['connect_id'], 'all,members_partial', 'ipsconnect');
if (!isset($member['member_id'])) {
if (IPSText::mbstrlen($data['connect_username']) > ipsRegistry::$settings['max_user_name_length']) {
$data['connect_username'] = IPSText::mbsubstr($data['connect_username'], 0, ipsRegistry::$settings['max_user_name_length']);
}
$member = IPSMember::create(array('members' => array('name' => $data['connect_username'], 'members_display_name' => $data['connect_displayname'], 'email' => $data['connect_email'], 'ipsconnect_id' => $data['connect_id'])), FALSE, TRUE, FALSE);
}
if (!$member['ipsconnect_id']) {
$update['ipsconnect_id'] = $data['connect_id'];
}
if ($member['name'] != $data['connect_username'] and !defined('CONNECT_NOSYNC_NAMES')) {
$update['name'] = $data['connect_username'];
}
if ($member['members_display_name'] != $data['connect_displayname'] and !defined('CONNECT_NOSYNC_NAMES')) {
$update['members_display_name'] = $data['connect_displayname'];
}
if ($member['email'] != $data['connect_email']) {
$update['email'] = $data['connect_email'];
}
if (!empty($update)) {
IPSMember::save($member['member_id'], array('members' => $update));
}
self::setMember($member['member_id']);
if ($member['partial_member_id']) {
$this->DB->delete('members_partial', "partial_member_id={$member['partial_member_id']}");
}
}
/**
* Completes the connection
*
* @access public
* @return redirect
*
*/
public function finishLogin()
{
/* From reg flag */
$connectData = array('t_key' => '');
if ($_REQUEST['key']) {
$connectData = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'twitter_connect', 'where' => "t_key='" . IPSText::md5Clean($_REQUEST['key']) . "'"));
if (!$connectData['t_key']) {
throw new Exception("NO_KEY_FOUND");
}
/* Delete connect row */
$this->DB->delete('twitter_connect', "t_key='" . IPSText::md5Clean($_REQUEST['key']) . "'");
$member = array('twitter_token' => $connectData['t_token'], 'twitter_secret' => $connectData['t_secret']);
}
if ($_REQUEST['oauth_token']) {
if ($member['twitter_token'] == $_REQUEST['oauth_token']) {
/* Reset api to ensure user is not logged in */
require_once IPS_KERNEL_PATH . 'twitter/twitteroauth.php';
/*noLibHook*/
$this->_api = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $member['twitter_token'], $member['twitter_secret']);
/* Generate oAuth token */
$rToken = $this->_api->getAccessToken($_REQUEST['oauth_verifier']);
if ($rToken['oauth_token'] and $rToken['oauth_token_secret']) {
$_userData = $this->_api->get('account/verify_credentials');
/* From registration? */
if ($connectData['t_key']) {
/* Got a member linked already? */
$_member = IPSMember::load($_userData['id'], 'all', 'twitter_id');
if ($_member['member_id']) {
$memberData = array_merge($member, $_member);
/* Ensure user's row is up to date */
IPSMember::save($memberData['member_id'], array('core' => array('twitter_token' => $rToken['oauth_token'], 'twitter_secret' => $rToken['oauth_token_secret'])));
/* Check for partial member id */
$pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id']));
if ($pmember['partial_member_id']) {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']);
} else {
/* Here, so log us in!! */
/* changed by denchu 26/12/12 */
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
}
} else {
/* No? Create a new member */
/* Generate BW options */
foreach (array('tc_s_pic', 'tc_s_status', 'tc_s_aboutme', 'tc_si_status') as $field) {
$_toSave[$field] = 1;
}
$tc_bwoptions = IPSBWOptions::freeze($_toSave, 'twitter');
$safeFBName = str_replace(' ', '', IPSText::convertCharsets($_userData['screen_name'], 'utf-8', IPS_DOC_CHAR_SET));
/* Make sure usernames are safe */
if ($this->settings['username_characters']) {
$check_against = preg_quote($this->settings['username_characters'], "/");
$check_against = str_replace('\\-', '-', $check_against);
$safeFBName = preg_replace('/[^' . $check_against . ']+/i', '', $safeFBName);
}
$displayName = !$this->settings['auth_allow_dnames'] ? $safeFBName : FALSE;
/* From reg, so create new account properly */
$toSave = array('core' => array('name' => $safeFBName, 'members_display_name' => $displayName, 'members_created_remote' => 1, 'member_group_id' => $this->settings['tc_mgid'] ? $this->settings['tc_mgid'] : $this->settings['member_group'], 'email' => '', 'twitter_id' => $_userData['id'], 'twitter_token' => $rToken['oauth_token'], 'twitter_secret' => $rToken['oauth_token_secret']), 'extendedProfile' => array('pp_about_me' => IPSText::getTextClass('bbcode')->stripBadWords(IPSText::convertCharsets($_userData['description'], 'utf-8', IPS_DOC_CHAR_SET)), 'tc_bwoptions' => $tc_bwoptions));
$memberData = IPSMember::create($toSave, TRUE, FALSE, TRUE);
if (!$memberData['member_id']) {
throw new Exception('CREATION_FAIL');
}
/* Sync up photo */
$this->syncMember($memberData['member_id']);
$pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id']));
if ($pmember['partial_member_id']) {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']);
} else {
throw new Exception('CREATION_FAIL');
}
}
}
}
}
}
}
/**
* Routine to create a local user account
*
* @access protected
* @param string $email_address Email address of user logged in
* @param string $md5_once_password The plain text password, hashed once
* @param string $ip_address IP Address of registree
* @param string $unix_join_date The member's join date in unix format
* @param string $timezone The member's timezone
* @param string $dst_autocorrect The member's DST autocorrect settings
* @return array $member Newly created member array
*/
protected function __create_user_account($email_address = '', $md5_once_password, $ip_address, $unix_join_date, $timezone = 0, $dst_autocorrect = 0)
{
//-----------------------------------------
// Check to make sure there's not already
// a member registered.
//-----------------------------------------
$member = $this->registry->DB()->buildAndFetch(array('select' => '*', 'from' => 'members', 'where' => "email='" . $this->registry->DB()->addSlashes($email_address) . "'"));
if ($member['id']) {
return $member;
}
//-----------------------------------------
// INIT
//-----------------------------------------
$unix_join_date = $unix_join_date ? $unix_join_date : time();
$ip_address = $ip_address ? $ip_address : $this->registry->member()->ip_address;
//-----------------------------------------
// Create member
//-----------------------------------------
$member = IPSMember::create(array('members' => array('email' => $email_address, 'password' => $md5_once_password, 'joined' => $unix_join_date, 'ip_address' => $ip_address)));
return $member;
}
/**
* Completes the connection
*
* @access public
* @return redirect
*
*/
public function finishLogin()
{
/* From reg flag */
if ($_REQUEST['code']) {
/* Reset api to ensure user is not logged in */
$this->resetApi();
/* Ensure URL is correct */
$_urlExtra = '';
if ($_REQUEST['key']) {
$_urlExtra .= '&key=' . $_REQUEST['key'];
}
if ($_REQUEST['reg']) {
$_urlExtra .= '®=1';
}
/* Update callback url */
$this->_api->setVariable('authorize_callback_uri', VKONTAKTE_CALLBACK . $_urlExtra);
/* Generate oAuth token */
$rToken = $this->_api->getAccessToken();
if (is_string($rToken)) {
try {
$oAuthSession = $this->_api->getSession();
$r = $this->_api->api('getProfiles', 'GET', array('uids' => $oAuthSession['user_id'], 'fields' => 'uid,first_name,last_name,nickname,photo,photo_medium,photo_big,timezone,sex,nickname,activity'));
$_userData = array_pop($r['response']);
} catch (Exception $e) {
}
/* A little gymnastics */
$this->_userData = $_userData;
$this->_userData['photo'] = $_userData['photo_big'];
/* Got a member linked already? */
$_member = IPSMember::load($_userData['uid'], 'all', 'vk_uid');
if ($_member['member_id']) {
$memberData = $_member;
/* Ensure user's row is up to date */
IPSMember::save($memberData['member_id'], array('core' => array('vk_token' => $rToken)));
/* Here, so log us in!! */
/* changed by denchu 26/12/12 */
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
} else {
/* No? Create a new member */
foreach (array('vc_s_pic', 'vc_s_status') as $field) {
$toSave[$field] = 1;
}
$vk_bwoptions = IPSBWOptions::freeze($toSave, 'vkontakte');
$safeName = IPSText::convertCharsets($_userData['first_name'] . ' ' . $_userData['last_name'], 'utf-8', IPS_DOC_CHAR_SET);
$displayName = $this->settings['fb_realname'] == 'enforced' ? $safeName : '';
//$displayName = ( ! $this->settings['auth_allow_dnames'] ) ? $safeName : FALSE;
/* Make sure usernames are safe */
if ($this->settings['username_characters']) {
$check_against = preg_quote($this->settings['username_characters'], "/");
$check_against = str_replace('\\-', '-', $check_against);
$safeName = preg_replace('/[^' . $check_against . ']+/i', '', $safeName);
}
if (IPSText::mbstrlen($safeName) > $this->settings['max_user_name_length']) {
$safeName = mb_substr(IPSText::convertCharsets($_userData['last_name'], 'utf-8', IPS_DOC_CHAR_SET), 0, $this->settings['max_user_name_length'], 'UTF-8');
}
/* Check ban filters? */
if (IPSMember::isBanned('name', $safeName)) {
$this->registry->output->showError('you_are_banned', 1090003);
}
/* From reg, so create new account properly */
$toSave = array('core' => array('name' => $safeName, 'members_display_name' => $displayName, 'members_created_remote' => 1, 'member_group_id' => $this->settings['vk_mgid'] ? $this->settings['vk_mgid'] : $this->settings['member_group'], 'email' => '', 'vk_uid' => $_userData['uid'], 'time_offset' => $_userData['timezone'], 'vk_token' => $rToken), 'extendedProfile' => array('vk_bwoptions' => $vk_bwoptions));
$memberData = IPSMember::create($toSave, TRUE, FALSE, TRUE);
if (!$memberData['member_id']) {
throw new Exception('CREATION_FAIL');
}
/* Sync up photo */
$this->syncMember($memberData['member_id']);
$pmember = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id=" . $memberData['member_id']));
if ($pmember['partial_member_id']) {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url'] . 'app=core&module=global§ion=register&do=complete_login&mid=' . $memberData['member_id'] . '&key=' . $pmember['partial_date']);
} else {
/* Already got a display name */
if ($displayName) {
/* Here, so log us in!! */
/* changed by denchu 26/12/12*/
$r = $this->_login()->loginWithoutCheckingCredentials($memberData['member_id'], TRUE);
IPSLib::runMemberSync('onCompleteAccount', $memberData);
if ($this->settings['new_reg_notify']) {
$this->registry->class_localization->loadLanguageFile(array('public_register'), 'core');
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("admin_newuser"));
IPSText::getTextClass('email')->buildMessage(array('DATE' => $this->registry->getClass('class_localization')->getDate(time(), 'LONG', 1), 'LOG_IN_NAME' => $safeFBName, 'EMAIL' => $_userData['email'], 'IP' => $this->member->ip_address, 'DISPLAY_NAME' => $displayName));
IPSText::getTextClass('email')->subject = sprintf($this->lang->words['new_registration_email'], $this->settings['board_name']);
IPSText::getTextClass('email')->to = $this->settings['email_in'];
IPSText::getTextClass('email')->sendMail();
}
if (is_array($r)) {
if (isset($r[1])) {
$this->registry->getClass('output')->redirectScreen($r[0], $r[1]);
$this->registry->getClass('output')->silentRedirect($r[1]);
} else {
$this->registry->getClass('output')->silentRedirect($r[0]);
}
} elseif (!$r) {
throw new Exception('LINKED_MEMBER_LOGIN_FAIL');
} else {
$this->registry->getClass('output')->silentRedirect($this->settings['base_url']);
}
} else {
throw new Exception('CREATION_FAIL');
}
}
}
} else {
throw new Exception('CREATION_FAIL');
}
}
}
