X-Git-Url: https://git.wh0rd.org/?a=blobdiff_plain;f=register.php;h=d03218fc155b1da3811ee02f1bec73ff30e24c49;hb=2c940c4861b8d059e9de65826c8a0c48a025c519;hp=3198095a59b795b5deea550d5e3fc99c9be27490;hpb=870a70e109ac9e80a88047044530de53d0404ec7;p=tt-rss.git
diff --git a/register.php b/register.php
index 3198095a..d03218fc 100644
--- a/register.php
+++ b/register.php
@@ -4,17 +4,22 @@
// 1) templates/register_notice.txt - displayed above the registration form
// 2) register_expire_do.php - contains user expiration queries when necessary
- $action = $_REQUEST["action"];
+ set_include_path(dirname(__FILE__) ."/include" . PATH_SEPARATOR .
+ get_include_path());
+ require_once 'classes/ttrssmailer.php';
+ require_once "autoload.php";
require_once "functions.php";
require_once "sessions.php";
require_once "sanity_check.php";
require_once "config.php";
require_once "db.php";
- $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
+ startup_gettext();
+
+ $action = $_REQUEST["action"];
- init_connection($link);
+ if (!init_plugins()) return;
if ($_REQUEST["format"] == "feed") {
header("Content-Type: text/xml");
@@ -27,10 +32,10 @@
";
if (ENABLE_REGISTRATION) {
- $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
+ $result = db_query( "SELECT COUNT(*) AS cu FROM ttrss_users");
$num_users = db_fetch_result($result, 0, "cu");
- $num_users -= REG_MAX_USERS;
+ $num_users = REG_MAX_USERS - $num_users;
if ($num_users < 0) $num_users = 0;
$reg_suffix = "enabled";
} else {
@@ -55,10 +60,10 @@
/* Remove users which didn't login after receiving their registration information */
if (DB_TYPE == "pgsql") {
- db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
+ db_query( "DELETE FROM ttrss_users WHERE last_login IS NULL
AND created < NOW() - INTERVAL '1 day' AND access_level = 0");
} else {
- db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
+ db_query( "DELETE FROM ttrss_users WHERE last_login IS NULL
AND created < DATE_SUB(NOW(), INTERVAL 1 DAY) AND access_level = 0");
}
@@ -69,9 +74,9 @@
if ($action == "check") {
header("Content-Type: application/xml");
- $login = trim(db_escape_string($_REQUEST['login']));
+ $login = trim(db_escape_string( $_REQUEST['login']));
- $result = db_query($link, "SELECT id FROM ttrss_users WHERE
+ $result = db_query( "SELECT id FROM ttrss_users WHERE
LOWER(login) = LOWER('$login')");
$is_registered = db_num_rows($result) > 0;
@@ -90,10 +95,10 @@
+
0) {
- $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
+ $result = db_query( "SELECT COUNT(*) AS cu FROM ttrss_users");
$num_users = db_fetch_result($result, 0, "cu");
} ?>
@@ -214,36 +221,36 @@
-
"; ?>
";
return;
@@ -251,39 +258,40 @@
if ($test == "four" || $test == "4") {
- $result = db_query($link, "SELECT id FROM ttrss_users WHERE
+ $result = db_query( "SELECT id FROM ttrss_users WHERE
login = '$login'");
$is_registered = db_num_rows($result) > 0;
if ($is_registered) {
print_error(__('Sorry, this username is already taken.'));
- print "
";
} else {
$password = make_password();
- $pwd_hash = encrypt_password($password, $login);
+ $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
+ $pwd_hash = encrypt_password($password, $salt, true);
- db_query($link, "INSERT INTO ttrss_users
- (login,pwd_hash,access_level,last_login, email, created)
- VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
+ db_query( "INSERT INTO ttrss_users
+ (login,pwd_hash,access_level,last_login, email, created, salt)
+ VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW(), '$salt')");
- $result = db_query($link, "SELECT id FROM ttrss_users WHERE
+ $result = db_query( "SELECT id FROM ttrss_users WHERE
login = '$login' AND pwd_hash = '$pwd_hash'");
if (db_num_rows($result) != 1) {
print_error(__('Registration failed.'));
- print "
";
} else {
$new_uid = db_fetch_result($result, 0, "id");
- initialize_user($link, $new_uid);
+ initialize_user( $new_uid);
$reg_text = "Hi!\n".
"\n".
@@ -300,33 +308,15 @@
"\n".
"If that wasn't you, just ignore this message. Thanks.";
- $mail = new PHPMailer();
-
- $mail->PluginDir = "lib/phpmailer/";
- $mail->SetLanguage("en", "lib/phpmailer/language/");
-
- $mail->CharSet = "UTF-8";
-
- $mail->From = DIGEST_FROM_ADDRESS;
- $mail->FromName = DIGEST_FROM_NAME;
- $mail->AddAddress($email);
-
- if (DIGEST_SMTP_HOST) {
- $mail->Host = DIGEST_SMTP_HOST;
- $mail->Mailer = "smtp";
- $mail->Username = DIGEST_SMTP_LOGIN;
- $mail->Password = DIGEST_SMTP_PASSWORD;
- }
-
- // $mail->IsHTML(true);
- $mail->Subject = "Registration information for Tiny Tiny RSS";
- $mail->Body = $reg_text;
- // $mail->AltBody = $digest_text;
-
- $rc = $mail->Send();
+ $mail = new ttrssMailer();
+ $mail->IsHTML(false);
+ $rc = $mail->quickMail($email, "", "Registration information for Tiny Tiny RSS", $reg_text, false);
if (!$rc) print_error($mail->ErrorInfo);
+ unset($reg_text);
+ unset($mail);
+ unset($rc);
$reg_text = "Hi!\n".
"\n".
"New user had registered at your Tiny Tiny RSS installation.\n".
@@ -334,34 +324,15 @@
"Login: $login\n".
"Email: $email\n";
- $mail = new PHPMailer();
-
- $mail->PluginDir = "lib/phpmailer/";
- $mail->SetLanguage("en", "lib/phpmailer/language/");
-
- $mail->CharSet = "UTF-8";
- $mail->From = DIGEST_FROM_ADDRESS;
- $mail->FromName = DIGEST_FROM_NAME;
- $mail->AddAddress(REG_NOTIFY_ADDRESS);
-
- if (DIGEST_SMTP_HOST) {
- $mail->Host = DIGEST_SMTP_HOST;
- $mail->Mailer = "smtp";
- $mail->Username = DIGEST_SMTP_LOGIN;
- $mail->Password = DIGEST_SMTP_PASSWORD;
- }
-
- // $mail->IsHTML(true);
- $mail->Subject = "Registration notice for Tiny Tiny RSS";
- $mail->Body = $reg_text;
- // $mail->AltBody = $digest_text;
-
- $rc = $mail->Send();
+ $mail = new ttrssMailer();
+ $mail->IsHTML(false);
+ $rc = $mail->quickMail(REG_NOTIFY_ADDRESS, "", "Registration notice for Tiny Tiny RSS", $reg_text, false);
+ if (!$rc) print_error($mail->ErrorInfo);
print_notice(__("Account created successfully."));
- print "
";
@@ -371,7 +342,7 @@
} else {
print_error('Plese check the form again, you have failed the robot test.');
- print "
";
@@ -383,12 +354,14 @@
-
"; ?>
+
+