]> git.wh0rd.org - tt-rss.git/blob - register.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
fix redirects after schema upgrade; fix logout requiring valid schema
[tt-rss.git] / register.php
1 <?php
2 // This file uses two additional include files:
3 //
4 // 1) templates/register_notice.txt - displayed above the registration form
5 // 2) register_expire_do.php - contains user expiration queries when necessary
6
7 $action = $_REQUEST["action"];
8
9 require_once "functions.php";
10 require_once "sessions.php";
11 require_once "sanity_check.php";
12 require_once "config.php";
13 require_once "db.php";
14
15 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
16
17 init_connection($link);
18
19 /* Remove users which didn't login after receiving their registration information */
20
21 if (DB_TYPE == "pgsql") {
22 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
23 AND created < NOW() - INTERVAL '1 day' AND access_level = 0");
24 } else {
25 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
26 AND created < DATE_SUB(NOW(), INTERVAL 1 DAY) AND access_level = 0");
27 }
28
29 if (file_exists("register_expire_do.php")) {
30 require_once "register_expire_do.php";
31 }
32
33 if ($action == "check") {
34 header("Content-Type: application/xml");
35
36 $login = trim(db_escape_string($_REQUEST['login']));
37
38 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
39 LOWER(login) = LOWER('$login')");
40
41 $is_registered = db_num_rows($result) > 0;
42
43 print "<result>";
44
45 printf("%d", $is_registered);
46
47 print "</result>";
48
49 return;
50 }
51 ?>
52
53 <html>
54 <head>
55 <title>Create new account</title>
56 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
57 <link rel="stylesheet" type="text/css" href="utility.css">
58 <script type="text/javascript" src="functions.js"></script>
59 <script type="text/javascript" src="lib/prototype.js"></script>
60 <script type="text/javascript" src="lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls"></script>
61 </head>
62
63 <script type="text/javascript">
64
65 function checkUsername() {
66
67 try {
68 var f = document.forms['register_form'];
69 var login = f.login.value;
70
71 if (login == "") {
72 new Effect.Highlight(f.login);
73 f.sub_btn.disabled = true;
74 return false;
75 }
76
77 var query = "register.php?action=check&login=" +
78 param_escape(login);
79
80 new Ajax.Request(query, {
81 onComplete: function(transport) {
82
83 try {
84
85 var reply = transport.responseXML;
86
87 var result = reply.getElementsByTagName('result')[0];
88 var result_code = result.firstChild.nodeValue;
89
90 if (result_code == 0) {
91 new Effect.Highlight(f.login, {startcolor : '#00ff00'});
92 f.sub_btn.disabled = false;
93 } else {
94 new Effect.Highlight(f.login, {startcolor : '#ff0000'});
95 f.sub_btn.disabled = true;
96 }
97 } catch (e) {
98 exception_error("checkUsername_callback", e);
99 }
100
101 } });
102
103 } catch (e) {
104 exception_error("checkUsername", e);
105 }
106
107 return false;
108
109 }
110
111 function validateRegForm() {
112 try {
113
114 var f = document.forms['register_form'];
115
116 if (f.login.value.length == 0) {
117 new Effect.Highlight(f.login);
118 return false;
119 }
120
121 if (f.email.value.length == 0) {
122 new Effect.Highlight(f.email);
123 return false;
124 }
125
126 if (f.turing_test.value.length == 0) {
127 new Effect.Highlight(f.turing_test);
128 return false;
129 }
130
131 return true;
132
133 } catch (e) {
134 exception_error("validateRegForm", e);
135 return false;
136 }
137 }
138
139 </script>
140
141 <body>
142
143 <div class="floatingLogo"><img src="images/logo.png"></div>
144
145 <h1><?php echo __("Create new account") ?></h1>
146
147 <?php
148 if (!ENABLE_REGISTRATION) {
149 print_error(__("New user registrations are administratively disabled."));
150
151 print "<p><form method=\"GET\" action=\"backend.php\">
152 <input type=\"hidden\" name=\"op\" value=\"logout\">
153 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
154 </form>";
155 return;
156 }
157 ?>
158
159 <?php if (REG_MAX_USERS > 0) {
160 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
161 $num_users = db_fetch_result($result, 0, "cu");
162 } ?>
163
164 <?php if (!REG_MAX_USERS || $num_users < REG_MAX_USERS) { ?>
165
166 <!-- If you have any rules or ToS you'd like to display, enter them here -->
167
168 <?php if (file_exists("templates/register_notice.txt")) {
169 require_once "templates/register_notice.txt";
170 } ?>
171
172 <?php if (!$action) { ?>
173
174 <p><?php echo __('Your temporary password will be sent to the specified email. Accounts, which were not logged in once, are erased automatically 24 hours after temporary password is sent.') ?></p>
175
176 <form action="register.php" method="POST" name="register_form">
177 <input type="hidden" name="action" value="do_register">
178 <table>
179 <tr>
180 <td><?php echo __('Desired login:') ?></td><td>
181 <input name="login">
182 </td><td>
183 <input type="submit" value="<?php echo __('Check availability') ?>" onclick='return checkUsername()'>
184 </td></tr>
185 <td><?php echo __('Email:') ?></td><td>
186 <input name="email">
187 </td></tr>
188 <td><?php echo __('How much is two plus two:') ?></td><td>
189 <input name="turing_test"></td></tr>
190 <tr><td colspan="2" align="right">
191 <input type="submit" name="sub_btn" value="<?php echo __('Submit registration') ?>"
192 disabled="true" onclick='return validateRegForm()'>
193 </td></tr>
194 </table>
195 </form>
196
197 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
198 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
199 </form>"; ?>
200
201 <?php } else if ($action == "do_register") { ?>
202
203 <?php
204 $login = mb_strtolower(trim(db_escape_string($_REQUEST["login"])));
205 $email = trim(db_escape_string($_REQUEST["email"]));
206 $test = trim(db_escape_string($_REQUEST["turing_test"]));
207
208 if (!$login || !$email || !$test) {
209 print_error(__("Your registration information is incomplete."));
210 print "<p><form method=\"GET\" action=\"tt-rss.php\">
211 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
212 </form>";
213 return;
214 }
215
216 if ($test == "four" || $test == "4") {
217
218 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
219 login = '$login'");
220
221 $is_registered = db_num_rows($result) > 0;
222
223 if ($is_registered) {
224 print_error(__('Sorry, this username is already taken.'));
225 print "<p><form method=\"GET\" action=\"tt-rss.php\">
226 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
227 </form>";
228 } else {
229
230 $password = make_password();
231
232 $pwd_hash = encrypt_password($password, $login);
233
234 db_query($link, "INSERT INTO ttrss_users
235 (login,pwd_hash,access_level,last_login, email, created)
236 VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
237
238 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
239 login = '$login' AND pwd_hash = '$pwd_hash'");
240
241 if (db_num_rows($result) != 1) {
242 print_error(__('Registration failed.'));
243 print "<p><form method=\"GET\" action=\"tt-rss.php\">
244 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
245 </form>";
246 } else {
247
248 $new_uid = db_fetch_result($result, 0, "id");
249
250 initialize_user($link, $new_uid);
251
252 $reg_text = "Hi!\n".
253 "\n".
254 "You are receiving this message, because you (or somebody else) have opened\n".
255 "an account at Tiny Tiny RSS.\n".
256 "\n".
257 "Your login information is as follows:\n".
258 "\n".
259 "Login: $login\n".
260 "Password: $password\n".
261 "\n".
262 "Don't forget to login at least once to your new account, otherwise\n".
263 "it will be deleted in 24 hours.\n".
264 "\n".
265 "If that wasn't you, just ignore this message. Thanks.";
266
267 $mail = new PHPMailer();
268
269 $mail->PluginDir = "lib/phpmailer/";
270 $mail->SetLanguage("en", "lib/phpmailer/language/");
271
272 $mail->CharSet = "UTF-8";
273
274 $mail->From = DIGEST_FROM_ADDRESS;
275 $mail->FromName = DIGEST_FROM_NAME;
276 $mail->AddAddress($email);
277
278 if (DIGEST_SMTP_HOST) {
279 $mail->Host = DIGEST_SMTP_HOST;
280 $mail->Mailer = "smtp";
281 $mail->Username = DIGEST_SMTP_LOGIN;
282 $mail->Password = DIGEST_SMTP_PASSWORD;
283 }
284
285 // $mail->IsHTML(true);
286 $mail->Subject = "Registration information for Tiny Tiny RSS";
287 $mail->Body = $reg_text;
288 // $mail->AltBody = $digest_text;
289
290 $rc = $mail->Send();
291
292 if (!$rc) print_error($mail->ErrorInfo);
293
294 $reg_text = "Hi!\n".
295 "\n".
296 "New user had registered at your Tiny Tiny RSS installation.\n".
297 "\n".
298 "Login: $login\n".
299 "Email: $email\n";
300
301 $mail = new PHPMailer();
302
303 $mail->PluginDir = "lib/phpmailer/";
304 $mail->SetLanguage("en", "lib/phpmailer/language/");
305
306 $mail->CharSet = "UTF-8";
307
308 $mail->From = DIGEST_FROM_ADDRESS;
309 $mail->FromName = DIGEST_FROM_NAME;
310 $mail->AddAddress(REG_NOTIFY_ADDRESS);
311
312 if (DIGEST_SMTP_HOST) {
313 $mail->Host = DIGEST_SMTP_HOST;
314 $mail->Mailer = "smtp";
315 $mail->Username = DIGEST_SMTP_LOGIN;
316 $mail->Password = DIGEST_SMTP_PASSWORD;
317 }
318
319 // $mail->IsHTML(true);
320 $mail->Subject = "Registration notice for Tiny Tiny RSS";
321 $mail->Body = $reg_text;
322 // $mail->AltBody = $digest_text;
323
324 $rc = $mail->Send();
325
326 print_notice(__("Account created successfully."));
327
328 print "<p><form method=\"GET\" action=\"tt-rss.php\">
329 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
330 </form>";
331
332 }
333
334 }
335
336 } else {
337 print_error('Plese check the form again, you have failed the robot test.');
338 print "<p><form method=\"GET\" action=\"tt-rss.php\">
339 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
340 </form>";
341
342 }
343 }
344 ?>
345
346 <?php } else { ?>
347
348 <?php print_notice(__('New user registrations are currently closed.')) ?>
349
350 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
351 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
352 </form>"; ?>
353
354 <?php } ?>
355
356 </body>
357 </html>
358
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/