X-Git-Url: https://git.wh0rd.org/?a=blobdiff_plain;f=register.php;h=d03218fc155b1da3811ee02f1bec73ff30e24c49;hb=642677d21aa5de78966e0c39a0962e60c8739ec3;hp=d63fc251affd8d8a779de81d445291b7dd38b6b0;hpb=09e8bdfd18f81e432c5f392e398b8c8088168721;p=tt-rss.git diff --git a/register.php b/register.php index d63fc251..d03218fc 100644 --- a/register.php +++ b/register.php @@ -4,21 +4,22 @@ // 1) templates/register_notice.txt - displayed above the registration form // 2) register_expire_do.php - contains user expiration queries when necessary - set_include_path(get_include_path() . PATH_SEPARATOR . "include"); - - require_once 'lib/phpmailer/class.phpmailer.php'; - - $action = $_REQUEST["action"]; + set_include_path(dirname(__FILE__) ."/include" . PATH_SEPARATOR . + get_include_path()); + require_once 'classes/ttrssmailer.php'; + require_once "autoload.php"; require_once "functions.php"; require_once "sessions.php"; require_once "sanity_check.php"; require_once "config.php"; require_once "db.php"; - $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); + startup_gettext(); - if (!init_connection($link)) return; + $action = $_REQUEST["action"]; + + if (!init_plugins()) return; if ($_REQUEST["format"] == "feed") { header("Content-Type: text/xml"); @@ -31,7 +32,7 @@ "; if (ENABLE_REGISTRATION) { - $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users"); + $result = db_query( "SELECT COUNT(*) AS cu FROM ttrss_users"); $num_users = db_fetch_result($result, 0, "cu"); $num_users = REG_MAX_USERS - $num_users; @@ -59,10 +60,10 @@ /* Remove users which didn't login after receiving their registration information */ if (DB_TYPE == "pgsql") { - db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL + db_query( "DELETE FROM ttrss_users WHERE last_login IS NULL AND created < NOW() - INTERVAL '1 day' AND access_level = 0"); } else { - db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL + db_query( "DELETE FROM ttrss_users WHERE last_login IS NULL AND created < DATE_SUB(NOW(), INTERVAL 1 DAY) AND access_level = 0"); } @@ -73,9 +74,9 @@ if ($action == "check") { header("Content-Type: application/xml"); - $login = trim(db_escape_string($_REQUEST['login'])); + $login = trim(db_escape_string( $_REQUEST['login'])); - $result = db_query($link, "SELECT id FROM ttrss_users WHERE + $result = db_query( "SELECT id FROM ttrss_users WHERE LOWER(login) = LOWER('$login')"); $is_registered = db_num_rows($result) > 0; @@ -94,10 +95,10 @@ Create new account - - - - + + + + - + - +

+
+ 0) { - $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users"); + $result = db_query( "SELECT COUNT(*) AS cu FROM ttrss_users"); $num_users = db_fetch_result($result, 0, "cu"); } ?> @@ -218,15 +221,15 @@ +
- +
- +
-
@@ -241,9 +244,9 @@ 0; @@ -269,13 +272,14 @@ $password = make_password(); - $pwd_hash = encrypt_password($password, $login); + $salt = substr(bin2hex(get_random_bytes(125)), 0, 250); + $pwd_hash = encrypt_password($password, $salt, true); - db_query($link, "INSERT INTO ttrss_users - (login,pwd_hash,access_level,last_login, email, created) - VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())"); + db_query( "INSERT INTO ttrss_users + (login,pwd_hash,access_level,last_login, email, created, salt) + VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW(), '$salt')"); - $result = db_query($link, "SELECT id FROM ttrss_users WHERE + $result = db_query( "SELECT id FROM ttrss_users WHERE login = '$login' AND pwd_hash = '$pwd_hash'"); if (db_num_rows($result) != 1) { @@ -287,7 +291,7 @@ $new_uid = db_fetch_result($result, 0, "id"); - initialize_user($link, $new_uid); + initialize_user( $new_uid); $reg_text = "Hi!\n". "\n". @@ -304,33 +308,15 @@ "\n". "If that wasn't you, just ignore this message. Thanks."; - $mail = new PHPMailer(); - - $mail->PluginDir = "lib/phpmailer/"; - $mail->SetLanguage("en", "lib/phpmailer/language/"); - - $mail->CharSet = "UTF-8"; - - $mail->From = SMTP_FROM_ADDRESS; - $mail->FromName = SMTP_FROM_NAME; - $mail->AddAddress($email); - - if (SMTP_HOST) { - $mail->Host = SMTP_HOST; - $mail->Mailer = "smtp"; - $mail->Username = SMTP_LOGIN; - $mail->Password = SMTP_PASSWORD; - } - - // $mail->IsHTML(true); - $mail->Subject = "Registration information for Tiny Tiny RSS"; - $mail->Body = $reg_text; - // $mail->AltBody = $digest_text; - - $rc = $mail->Send(); + $mail = new ttrssMailer(); + $mail->IsHTML(false); + $rc = $mail->quickMail($email, "", "Registration information for Tiny Tiny RSS", $reg_text, false); if (!$rc) print_error($mail->ErrorInfo); + unset($reg_text); + unset($mail); + unset($rc); $reg_text = "Hi!\n". "\n". "New user had registered at your Tiny Tiny RSS installation.\n". @@ -338,30 +324,11 @@ "Login: $login\n". "Email: $email\n"; - $mail = new PHPMailer(); - - $mail->PluginDir = "lib/phpmailer/"; - $mail->SetLanguage("en", "lib/phpmailer/language/"); - - $mail->CharSet = "UTF-8"; - - $mail->From = SMTP_FROM_ADDRESS; - $mail->FromName = SMTP_FROM_NAME; - $mail->AddAddress(REG_NOTIFY_ADDRESS); - if (SMTP_HOST) { - $mail->Host = SMTP_HOST; - $mail->Mailer = "smtp"; - $mail->Username = SMTP_LOGIN; - $mail->Password = SMTP_PASSWORD; - } - - // $mail->IsHTML(true); - $mail->Subject = "Registration notice for Tiny Tiny RSS"; - $mail->Body = $reg_text; - // $mail->AltBody = $digest_text; - - $rc = $mail->Send(); + $mail = new ttrssMailer(); + $mail->IsHTML(false); + $rc = $mail->quickMail(REG_NOTIFY_ADDRESS, "", "Registration notice for Tiny Tiny RSS", $reg_text, false); + if (!$rc) print_error($mail->ErrorInfo); print_notice(__("Account created successfully.")); @@ -393,6 +360,8 @@ + +