// 1) templates/register_notice.txt - displayed above the registration form
// 2) register_expire_do.php - contains user expiration queries when necessary
- set_include_path(get_include_path() . PATH_SEPARATOR . "include");
+ set_include_path(dirname(__FILE__) ."/include" . PATH_SEPARATOR .
+ get_include_path());
require_once 'lib/phpmailer/class.phpmailer.php';
- $action = $_REQUEST["action"];
-
require_once "functions.php";
require_once "sessions.php";
require_once "sanity_check.php";
require_once "config.php";
require_once "db.php";
+ $action = $_REQUEST["action"];
+
$link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
if (!init_connection($link)) return;
print '<?xml version="1.0" encoding="utf-8"?>';
print "<feed xmlns=\"http://www.w3.org/2005/Atom\">
<id>".htmlspecialchars(SELF_URL_PATH . "/register.php")."</id>
- <title>Tiny Tiny RSS registration slots</title>
+ <title><?php echo get_site_title() ?> registration slots</title>
<link rel=\"self\" href=\"".htmlspecialchars(SELF_URL_PATH . "/register.php?format=feed")."\"/>
<link rel=\"alternate\" href=\"".htmlspecialchars(SELF_URL_PATH)."\"/>";
<table>
<tr>
<td><?php echo __('Desired login:') ?></td><td>
- <input name="login">
+ <input name="login" required>
</td><td>
<input type="submit" value="<?php echo __('Check availability') ?>" onclick='return checkUsername()'>
</td></tr>
<tr><td><?php echo __('Email:') ?></td><td>
- <input name="email">
+ <input name="email" type="email" required>
</td></tr>
<tr><td><?php echo __('How much is two plus two:') ?></td><td>
- <input name="turing_test"></td></tr>
+ <input name="turing_test" required></td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="sub_btn" value="<?php echo __('Submit registration') ?>"
disabled="disabled" onclick='return validateRegForm()'>
$password = make_password();
- $pwd_hash = encrypt_password($password, $login);
+ $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
+ $pwd_hash = encrypt_password($password, $salt, true);
db_query($link, "INSERT INTO ttrss_users
- (login,pwd_hash,access_level,last_login, email, created)
- VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
+ (login,pwd_hash,access_level,last_login, email, created, salt)
+ VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW(), '$salt')");
$result = db_query($link, "SELECT id FROM ttrss_users WHERE
login = '$login' AND pwd_hash = '$pwd_hash'");
$mail->CharSet = "UTF-8";
- $mail->From = DIGEST_FROM_ADDRESS;
- $mail->FromName = DIGEST_FROM_NAME;
+ $mail->From = SMTP_FROM_ADDRESS;
+ $mail->FromName = SMTP_FROM_NAME;
$mail->AddAddress($email);
- if (DIGEST_SMTP_HOST) {
- $mail->Host = DIGEST_SMTP_HOST;
+ if (SMTP_HOST) {
+ $mail->Host = SMTP_HOST;
$mail->Mailer = "smtp";
- $mail->Username = DIGEST_SMTP_LOGIN;
- $mail->Password = DIGEST_SMTP_PASSWORD;
+ $mail->Username = SMTP_LOGIN;
+ $mail->Password = SMTP_PASSWORD;
}
// $mail->IsHTML(true);
$mail->CharSet = "UTF-8";
- $mail->From = DIGEST_FROM_ADDRESS;
- $mail->FromName = DIGEST_FROM_NAME;
+ $mail->From = SMTP_FROM_ADDRESS;
+ $mail->FromName = SMTP_FROM_NAME;
$mail->AddAddress(REG_NOTIFY_ADDRESS);
- if (DIGEST_SMTP_HOST) {
- $mail->Host = DIGEST_SMTP_HOST;
+ if (SMTP_HOST) {
+ $mail->Host = SMTP_HOST;
$mail->Mailer = "smtp";
- $mail->Username = DIGEST_SMTP_LOGIN;
- $mail->Password = DIGEST_SMTP_PASSWORD;
+ $mail->Username = SMTP_LOGIN;
+ $mail->Password = SMTP_PASSWORD;
}
// $mail->IsHTML(true);