update SITE_TITLE customization to work without needing to be pre-defined, make it...

[tt-rss.git] / register.php

diff --git a/register.php b/register.php
index 33a6628f41cf1a78141234bf7ced39d5f8f592fc..69a3dbf5031e0330a05e362691e73173a77bc4d1 100644 (file)
--- a/register.php
+++ b/register.php
@@ -4,18 +4,19 @@
        // 1) templates/register_notice.txt - displayed above the registration form
        // 2) register_expire_do.php - contains user expiration queries when necessary
 
-       set_include_path(get_include_path() . PATH_SEPARATOR . "include");
+       set_include_path(dirname(__FILE__) ."/include" . PATH_SEPARATOR .
+               get_include_path());
 
        require_once 'lib/phpmailer/class.phpmailer.php';
 
-       $action = $_REQUEST["action"];
-
        require_once "functions.php";
        require_once "sessions.php";
        require_once "sanity_check.php";
        require_once "config.php";
        require_once "db.php";
 
+       $action = $_REQUEST["action"];
+
        $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 
        if (!init_connection($link)) return;
@@ -26,7 +27,7 @@
                print '<?xml version="1.0" encoding="utf-8"?>';
                print "<feed xmlns=\"http://www.w3.org/2005/Atom\">
                        <id>".htmlspecialchars(SELF_URL_PATH . "/register.php")."</id>
-                       <title>Tiny Tiny RSS registration slots</title>
+                       <title><?php echo get_site_title() ?> registration slots</title>
                        <link rel=\"self\" href=\"".htmlspecialchars(SELF_URL_PATH . "/register.php?format=feed")."\"/>
                        <link rel=\"alternate\" href=\"".htmlspecialchars(SELF_URL_PATH)."\"/>";
 
@@ -218,15 +219,15 @@
        <table>
        <tr>
        <td><?php echo __('Desired login:') ?></td><td>
-               <input name="login">
+               <input name="login" required>
        </td><td>
                <input type="submit" value="<?php echo __('Check availability') ?>" onclick='return checkUsername()'>
        </td></tr>
        <tr><td><?php echo __('Email:') ?></td><td>
-               <input name="email">
+               <input name="email" type="email" required>
        </td></tr>
        <tr><td><?php echo __('How much is two plus two:') ?></td><td>
-               <input name="turing_test"></td></tr>
+               <input name="turing_test" required></td></tr>
        <tr><td colspan="2" align="right">
        <input type="submit" name="sub_btn" value="<?php echo __('Submit registration') ?>"
                        disabled="disabled" onclick='return validateRegForm()'>
@@ -269,11 +270,12 @@
 
                                $password = make_password();
 
-                               $pwd_hash = encrypt_password($password, $login);
+                               $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
+                               $pwd_hash = encrypt_password($password, $salt, true);
 
                                db_query($link, "INSERT INTO ttrss_users
-                                       (login,pwd_hash,access_level,last_login, email, created)
-                                       VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
+                                       (login,pwd_hash,access_level,last_login, email, created, salt)
+                                       VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW(), '$salt')");
 
                                $result = db_query($link, "SELECT id FROM ttrss_users WHERE
                                        login = '$login' AND pwd_hash = '$pwd_hash'");
@@ -311,15 +313,15 @@
 
                                        $mail->CharSet = "UTF-8";
 
-                                       $mail->From = DIGEST_FROM_ADDRESS;
-                                       $mail->FromName = DIGEST_FROM_NAME;
+                                       $mail->From = SMTP_FROM_ADDRESS;
+                                       $mail->FromName = SMTP_FROM_NAME;
                                        $mail->AddAddress($email);
 
-                                       if (DIGEST_SMTP_HOST) {
-                                               $mail->Host = DIGEST_SMTP_HOST;
+                                       if (SMTP_HOST) {
+                                               $mail->Host = SMTP_HOST;
                                                $mail->Mailer = "smtp";
-                                               $mail->Username = DIGEST_SMTP_LOGIN;
-                                               $mail->Password = DIGEST_SMTP_PASSWORD;
+                                               $mail->Username = SMTP_LOGIN;
+                                               $mail->Password = SMTP_PASSWORD;
                                        }
 
                        //              $mail->IsHTML(true);
@@ -345,15 +347,15 @@
 
                                        $mail->CharSet = "UTF-8";
 
-                                       $mail->From = DIGEST_FROM_ADDRESS;
-                                       $mail->FromName = DIGEST_FROM_NAME;
+                                       $mail->From = SMTP_FROM_ADDRESS;
+                                       $mail->FromName = SMTP_FROM_NAME;
                                        $mail->AddAddress(REG_NOTIFY_ADDRESS);
 
-                                       if (DIGEST_SMTP_HOST) {
-                                               $mail->Host = DIGEST_SMTP_HOST;
+                                       if (SMTP_HOST) {
+                                               $mail->Host = SMTP_HOST;
                                                $mail->Mailer = "smtp";
-                                               $mail->Username = DIGEST_SMTP_LOGIN;
-                                               $mail->Password = DIGEST_SMTP_PASSWORD;
+                                               $mail->Username = SMTP_LOGIN;
+                                               $mail->Password = SMTP_PASSWORD;
                                        }
 
                        //              $mail->IsHTML(true);