]> git.wh0rd.org - tt-rss.git/blob - register.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
overall directory tree cleanup
[tt-rss.git] / register.php
1 <?php
2 // This file uses two additional include files:
3 //
4 // 1) templates/register_notice.txt - displayed above the registration form
5 // 2) register_expire_do.php - contains user expiration queries when necessary
6
7 set_include_path(get_include_path() . PATH_SEPARATOR . "include");
8
9 require_once 'lib/phpmailer/class.phpmailer.php';
10
11 $action = $_REQUEST["action"];
12
13 require_once "functions.php";
14 require_once "sessions.php";
15 require_once "sanity_check.php";
16 require_once "config.php";
17 require_once "db.php";
18
19 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
20
21 init_connection($link);
22
23 if ($_REQUEST["format"] == "feed") {
24 header("Content-Type: text/xml");
25
26 print '<?xml version="1.0" encoding="utf-8"?>';
27 print "<feed xmlns=\"http://www.w3.org/2005/Atom\">
28 <id>".htmlspecialchars(SELF_URL_PATH . "/register.php")."</id>
29 <title>Tiny Tiny RSS registration slots</title>
30 <link rel=\"self\" href=\"".htmlspecialchars(SELF_URL_PATH . "/register.php?format=feed")."\"/>
31 <link rel=\"alternate\" href=\"".htmlspecialchars(SELF_URL_PATH)."\"/>";
32
33 if (ENABLE_REGISTRATION) {
34 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
35 $num_users = db_fetch_result($result, 0, "cu");
36
37 $num_users = REG_MAX_USERS - $num_users;
38 if ($num_users < 0) $num_users = 0;
39 $reg_suffix = "enabled";
40 } else {
41 $num_users = 0;
42 $reg_suffix = "disabled";
43 }
44
45 print "<entry>
46 <id>".htmlspecialchars(SELF_URL_PATH)."/register.php?$num_users"."</id>
47 <link rel=\"alternate\" href=\"".htmlspecialchars(SELF_URL_PATH . "/register.php")."\"/>";
48
49 print "<title>$num_users slots are currently available, registration $reg_suffix</title>";
50 print "<summary>$num_users slots are currently available, registration $reg_suffix</summary>";
51
52 print "</entry>";
53
54 print "</feed>";
55
56 return;
57 }
58
59 /* Remove users which didn't login after receiving their registration information */
60
61 if (DB_TYPE == "pgsql") {
62 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
63 AND created < NOW() - INTERVAL '1 day' AND access_level = 0");
64 } else {
65 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
66 AND created < DATE_SUB(NOW(), INTERVAL 1 DAY) AND access_level = 0");
67 }
68
69 if (file_exists("register_expire_do.php")) {
70 require_once "register_expire_do.php";
71 }
72
73 if ($action == "check") {
74 header("Content-Type: application/xml");
75
76 $login = trim(db_escape_string($_REQUEST['login']));
77
78 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
79 LOWER(login) = LOWER('$login')");
80
81 $is_registered = db_num_rows($result) > 0;
82
83 print "<result>";
84
85 printf("%d", $is_registered);
86
87 print "</result>";
88
89 return;
90 }
91 ?>
92
93 <html>
94 <head>
95 <title>Create new account</title>
96 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
97 <link rel="stylesheet" type="text/css" href="utility.css">
98 <script type="text/javascript" src="js/functions.js"></script>
99 <script type="text/javascript" src="lib/prototype.js"></script>
100 <script type="text/javascript" src="lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls"></script>
101 </head>
102
103 <script type="text/javascript">
104
105 function checkUsername() {
106
107 try {
108 var f = document.forms['register_form'];
109 var login = f.login.value;
110
111 if (login == "") {
112 new Effect.Highlight(f.login);
113 f.sub_btn.disabled = true;
114 return false;
115 }
116
117 var query = "register.php?action=check&login=" +
118 param_escape(login);
119
120 new Ajax.Request(query, {
121 onComplete: function(transport) {
122
123 try {
124
125 var reply = transport.responseXML;
126
127 var result = reply.getElementsByTagName('result')[0];
128 var result_code = result.firstChild.nodeValue;
129
130 if (result_code == 0) {
131 new Effect.Highlight(f.login, {startcolor : '#00ff00'});
132 f.sub_btn.disabled = false;
133 } else {
134 new Effect.Highlight(f.login, {startcolor : '#ff0000'});
135 f.sub_btn.disabled = true;
136 }
137 } catch (e) {
138 exception_error("checkUsername_callback", e);
139 }
140
141 } });
142
143 } catch (e) {
144 exception_error("checkUsername", e);
145 }
146
147 return false;
148
149 }
150
151 function validateRegForm() {
152 try {
153
154 var f = document.forms['register_form'];
155
156 if (f.login.value.length == 0) {
157 new Effect.Highlight(f.login);
158 return false;
159 }
160
161 if (f.email.value.length == 0) {
162 new Effect.Highlight(f.email);
163 return false;
164 }
165
166 if (f.turing_test.value.length == 0) {
167 new Effect.Highlight(f.turing_test);
168 return false;
169 }
170
171 return true;
172
173 } catch (e) {
174 exception_error("validateRegForm", e);
175 return false;
176 }
177 }
178
179 </script>
180
181 <body>
182
183 <div class="floatingLogo"><img src="images/logo_wide.png"></div>
184
185 <h1><?php echo __("Create new account") ?></h1>
186
187 <?php
188 if (!ENABLE_REGISTRATION) {
189 print_error(__("New user registrations are administratively disabled."));
190
191 print "<p><form method=\"GET\" action=\"backend.php\">
192 <input type=\"hidden\" name=\"op\" value=\"logout\">
193 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
194 </form>";
195 return;
196 }
197 ?>
198
199 <?php if (REG_MAX_USERS > 0) {
200 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
201 $num_users = db_fetch_result($result, 0, "cu");
202 } ?>
203
204 <?php if (!REG_MAX_USERS || $num_users < REG_MAX_USERS) { ?>
205
206 <!-- If you have any rules or ToS you'd like to display, enter them here -->
207
208 <?php if (file_exists("templates/register_notice.txt")) {
209 require_once "templates/register_notice.txt";
210 } ?>
211
212 <?php if (!$action) { ?>
213
214 <p><?php echo __('Your temporary password will be sent to the specified email. Accounts, which were not logged in once, are erased automatically 24 hours after temporary password is sent.') ?></p>
215
216 <form action="register.php" method="POST" name="register_form">
217 <input type="hidden" name="action" value="do_register">
218 <table>
219 <tr>
220 <td><?php echo __('Desired login:') ?></td><td>
221 <input name="login">
222 </td><td>
223 <input type="submit" value="<?php echo __('Check availability') ?>" onclick='return checkUsername()'>
224 </td></tr>
225 <tr><td><?php echo __('Email:') ?></td><td>
226 <input name="email">
227 </td></tr>
228 <tr><td><?php echo __('How much is two plus two:') ?></td><td>
229 <input name="turing_test"></td></tr>
230 <tr><td colspan="2" align="right">
231 <input type="submit" name="sub_btn" value="<?php echo __('Submit registration') ?>"
232 disabled="disabled" onclick='return validateRegForm()'>
233 </td></tr>
234 </table>
235 </form>
236
237 <?php print "<p><form method=\"GET\" action=\"index.php\">
238 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
239 </form>"; ?>
240
241 <?php } else if ($action == "do_register") { ?>
242
243 <?php
244 $login = mb_strtolower(trim(db_escape_string($_REQUEST["login"])));
245 $email = trim(db_escape_string($_REQUEST["email"]));
246 $test = trim(db_escape_string($_REQUEST["turing_test"]));
247
248 if (!$login || !$email || !$test) {
249 print_error(__("Your registration information is incomplete."));
250 print "<p><form method=\"GET\" action=\"index.php\">
251 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
252 </form>";
253 return;
254 }
255
256 if ($test == "four" || $test == "4") {
257
258 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
259 login = '$login'");
260
261 $is_registered = db_num_rows($result) > 0;
262
263 if ($is_registered) {
264 print_error(__('Sorry, this username is already taken.'));
265 print "<p><form method=\"GET\" action=\"index.php\">
266 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
267 </form>";
268 } else {
269
270 $password = make_password();
271
272 $pwd_hash = encrypt_password($password, $login);
273
274 db_query($link, "INSERT INTO ttrss_users
275 (login,pwd_hash,access_level,last_login, email, created)
276 VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
277
278 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
279 login = '$login' AND pwd_hash = '$pwd_hash'");
280
281 if (db_num_rows($result) != 1) {
282 print_error(__('Registration failed.'));
283 print "<p><form method=\"GET\" action=\"index.php\">
284 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
285 </form>";
286 } else {
287
288 $new_uid = db_fetch_result($result, 0, "id");
289
290 initialize_user($link, $new_uid);
291
292 $reg_text = "Hi!\n".
293 "\n".
294 "You are receiving this message, because you (or somebody else) have opened\n".
295 "an account at Tiny Tiny RSS.\n".
296 "\n".
297 "Your login information is as follows:\n".
298 "\n".
299 "Login: $login\n".
300 "Password: $password\n".
301 "\n".
302 "Don't forget to login at least once to your new account, otherwise\n".
303 "it will be deleted in 24 hours.\n".
304 "\n".
305 "If that wasn't you, just ignore this message. Thanks.";
306
307 $mail = new PHPMailer();
308
309 $mail->PluginDir = "lib/phpmailer/";
310 $mail->SetLanguage("en", "lib/phpmailer/language/");
311
312 $mail->CharSet = "UTF-8";
313
314 $mail->From = DIGEST_FROM_ADDRESS;
315 $mail->FromName = DIGEST_FROM_NAME;
316 $mail->AddAddress($email);
317
318 if (DIGEST_SMTP_HOST) {
319 $mail->Host = DIGEST_SMTP_HOST;
320 $mail->Mailer = "smtp";
321 $mail->Username = DIGEST_SMTP_LOGIN;
322 $mail->Password = DIGEST_SMTP_PASSWORD;
323 }
324
325 // $mail->IsHTML(true);
326 $mail->Subject = "Registration information for Tiny Tiny RSS";
327 $mail->Body = $reg_text;
328 // $mail->AltBody = $digest_text;
329
330 $rc = $mail->Send();
331
332 if (!$rc) print_error($mail->ErrorInfo);
333
334 $reg_text = "Hi!\n".
335 "\n".
336 "New user had registered at your Tiny Tiny RSS installation.\n".
337 "\n".
338 "Login: $login\n".
339 "Email: $email\n";
340
341 $mail = new PHPMailer();
342
343 $mail->PluginDir = "lib/phpmailer/";
344 $mail->SetLanguage("en", "lib/phpmailer/language/");
345
346 $mail->CharSet = "UTF-8";
347
348 $mail->From = DIGEST_FROM_ADDRESS;
349 $mail->FromName = DIGEST_FROM_NAME;
350 $mail->AddAddress(REG_NOTIFY_ADDRESS);
351
352 if (DIGEST_SMTP_HOST) {
353 $mail->Host = DIGEST_SMTP_HOST;
354 $mail->Mailer = "smtp";
355 $mail->Username = DIGEST_SMTP_LOGIN;
356 $mail->Password = DIGEST_SMTP_PASSWORD;
357 }
358
359 // $mail->IsHTML(true);
360 $mail->Subject = "Registration notice for Tiny Tiny RSS";
361 $mail->Body = $reg_text;
362 // $mail->AltBody = $digest_text;
363
364 $rc = $mail->Send();
365
366 print_notice(__("Account created successfully."));
367
368 print "<p><form method=\"GET\" action=\"index.php\">
369 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
370 </form>";
371
372 }
373
374 }
375
376 } else {
377 print_error('Plese check the form again, you have failed the robot test.');
378 print "<p><form method=\"GET\" action=\"index.php\">
379 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
380 </form>";
381
382 }
383 }
384 ?>
385
386 <?php } else { ?>
387
388 <?php print_notice(__('New user registrations are currently closed.')) ?>
389
390 <?php print "<p><form method=\"GET\" action=\"index.php\">
391 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
392 </form>"; ?>
393
394 <?php } ?>
395
396 </body>
397 </html>
398
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/