]> git.wh0rd.org - tt-rss.git/blob - register.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
registration script: clean html header
[tt-rss.git] / register.php
1 <?php
2 // Note: this script uses an undocumented constant in config.php named
3 // REG_NOTIFY_ADDRESS - email address to send registration notifications to.
4 //
5 // define('REG_NOTIFY_ADDRESS', 'my-address@domain.dom');
6
7 error_reporting(E_ERROR | E_WARNING | E_PARSE);
8
9 $action = $_REQUEST["action"];
10
11 define('MAX_USERS', 55);
12
13 require_once "sessions.php";
14
15 require_once "sanity_check.php";
16 require_once "functions.php";
17 require_once "config.php";
18 require_once "db.php";
19
20 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
21
22 init_connection($link);
23
24 /* Remove users which didn't login after receiving their registration information */
25
26 if (DB_TYPE == "pgsql") {
27 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
28 AND created < NOW() - INTERVAL '1 day' AND access_level = 0");
29 } else {
30 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
31 AND created < DATE_SUB(NOW(), INTERVAL 1 DAY) AND access_level = 0");
32 }
33
34 if ($action == "check") {
35 header("Content-Type: application/xml");
36
37 $login = trim(db_escape_string($_REQUEST['login']));
38
39 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
40 LOWER(login) = LOWER('$login')");
41
42 $is_registered = db_num_rows($result) > 0;
43
44 print "<result>";
45
46 printf("%d", $is_registered);
47
48 print "</result>";
49
50 return;
51 }
52 ?>
53
54 <html>
55 <head>
56 <title>Create new account</title>
57 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
58 <link rel="stylesheet" type="text/css" href="utility.css">
59 <script type="text/javascript" src="functions.js"></script>
60 <script type="text/javascript" src="prototype.js"></script>
61 <script type="text/javascript" src="scriptaculous/scriptaculous.js?load=effects,dragdrop,controls"></script>
62 </head>
63
64 <script type="text/javascript">
65
66 function checkUsername() {
67
68 try {
69 var f = document.forms['register_form'];
70 var login = f.login.value;
71
72 if (login == "") {
73 new Effect.Highlight(f.login);
74 f.sub_btn.disabled = true;
75 return false;
76 }
77
78 var query = "register.php?action=check&login=" +
79 param_escape(login);
80
81 new Ajax.Request(query, {
82 onComplete: function(transport) {
83
84 try {
85
86 var reply = transport.responseXML;
87
88 var result = reply.getElementsByTagName('result')[0];
89 var result_code = result.firstChild.nodeValue;
90
91 if (result_code == 0) {
92 new Effect.Highlight(f.login, {startcolor : '#00ff00'});
93 f.sub_btn.disabled = false;
94 } else {
95 new Effect.Highlight(f.login, {startcolor : '#ff0000'});
96 f.sub_btn.disabled = true;
97 }
98 } catch (e) {
99 exception_error("checkUsername_callback", e);
100 }
101
102 } });
103
104 } catch (e) {
105 exception_error("checkUsername", e);
106 }
107
108 return false;
109
110 }
111
112 function validateRegForm() {
113 try {
114
115 var f = document.forms['register_form'];
116
117 if (f.login.value.length == 0) {
118 new Effect.Highlight(f.login);
119 return false;
120 }
121
122 if (f.email.value.length == 0) {
123 new Effect.Highlight(f.email);
124 return false;
125 }
126
127 if (f.turing_test.value.length == 0) {
128 new Effect.Highlight(f.turing_test);
129 return false;
130 }
131
132 return true;
133
134 } catch (e) {
135 exception_error("validateRegForm", e);
136 return false;
137 }
138 }
139
140 </script>
141
142 <body>
143
144 <div class="floatingLogo"><img src="images/ttrss_logo.png"></div>
145
146 <h1><?php echo __("Create new account") ?></h1>
147
148 <?php
149 if (!ENABLE_REGISTRATION) {
150 print_error(__("New user registrations are administratively disabled."));
151
152 print "<p><form method=\"GET\" action=\"logout.php\">
153 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
154 </form>";
155 return;
156 }
157 ?>
158
159 <!-- If you have any rules or ToS you'd like to display, enter them here -->
160
161
162 <?php if (REG_MAX_USERS > 0) {
163 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
164 $num_users = db_fetch_result($result, 0, "cu");
165 } ?>
166
167 <? if (!REG_MAX_USERS || $num_users < REG_MAX_USERS) { ?>
168
169 <? if (!$action) { ?>
170
171 <p><?php echo __('Your temporary password will be sent to the specified email. Accounts, which were not logged in once, are erased automatically 24 hours after temporary password is sent.') ?></p>
172
173 <form action="register.php" method="POST" name="register_form">
174 <input type="hidden" name="action" value="do_register">
175 <table>
176 <tr>
177 <td><?php echo __('Desired login:') ?></td><td>
178 <input name="login">
179 </td><td>
180 <input type="submit" value="<?php echo __('Check availability') ?>" onclick='return checkUsername()'>
181 </td></tr>
182 <td><?php echo __('Email:') ?></td><td>
183 <input name="email">
184 </td></tr>
185 <td><?php echo __('How much is two plus two:') ?></td><td>
186 <input name="turing_test"></td></tr>
187 <tr><td colspan="2" align="right">
188 <input type="submit" name="sub_btn" value="<?php echo __('Submit registration"') ?>"
189 disabled="true" onclick='return validateRegForm()'>
190 </td></tr>
191 </table>
192 </form>
193
194 <? } else if ($action == "do_register") { ?>
195
196 <p><?php echo __('Processing registration...') ?></p>
197
198 <?
199 $login = mb_strtolower(trim(db_escape_string($_REQUEST["login"])));
200 $email = trim(db_escape_string($_REQUEST["email"]));
201 $test = trim(db_escape_string($_REQUEST["turing_test"]));
202
203 if (!$login || !$email || !$test) {
204 print "<div class='error'>Please fill in the form.</div>";
205 print "<p><a href='register.php'>Return to registration form</a></p>";
206 return;
207 }
208
209 if ($test == "four" || $test == "4") {
210
211 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
212 login = '$login'");
213
214 $is_registered = db_num_rows($result) > 0;
215
216 if ($is_registered) {
217 print_error(__('Sorry, this username is already taken.'));
218 print "<p><form method=\"GET\" action=\"tt-rss.php\">
219 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
220 </form>";
221 } else {
222
223 $password = make_password();
224
225 $pwd_hash = encrypt_password($password, $login);
226
227 db_query($link, "INSERT INTO ttrss_users
228 (login,pwd_hash,access_level,last_login, email, created)
229 VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
230
231 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
232 login = '$login' AND pwd_hash = '$pwd_hash'");
233
234 if (db_num_rows($result) != 1) {
235 print_error(__('Registration failed.'));
236 print "<p><form method=\"GET\" action=\"tt-rss.php\">
237 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
238 </form>";
239 } else {
240
241 $new_uid = db_fetch_result($result, 0, "id");
242
243 initialize_user($link, $new_uid);
244
245 $reg_text = "Hi!\n".
246 "\n".
247 "You are receiving this message, because you (or somebody else) have opened\n".
248 "an account at Tiny Tiny RSS.\n".
249 "\n".
250 "Your login information is as follows:\n".
251 "\n".
252 "Login: $login\n".
253 "Password: $password\n".
254 "\n".
255 "Don't forget to login at least once to your new account, otherwise\n".
256 "it will be deleted in 24 hours.\n".
257 "\n".
258 "If that wasn't you, just ignore this message. Thanks.";
259
260 $mail = new PHPMailer();
261
262 $mail->PluginDir = "phpmailer/";
263 $mail->SetLanguage("en", "phpmailer/language/");
264
265 $mail->CharSet = "UTF-8";
266
267 $mail->From = DIGEST_FROM_ADDRESS;
268 $mail->FromName = DIGEST_FROM_NAME;
269 $mail->AddAddress($email);
270
271 if (DIGEST_SMTP_HOST) {
272 $mail->Host = DIGEST_SMTP_HOST;
273 $mail->Mailer = "smtp";
274 $mail->Username = DIGEST_SMTP_LOGIN;
275 $mail->Password = DIGEST_SMTP_PASSWORD;
276 }
277
278 // $mail->IsHTML(true);
279 $mail->Subject = "Registration information for Tiny Tiny RSS";
280 $mail->Body = $reg_text;
281 // $mail->AltBody = $digest_text;
282
283 $rc = $mail->Send();
284
285 if (!$rc) print_error($mail->ErrorInfo);
286
287 $reg_text = "Hi!\n".
288 "\n".
289 "New user had registered at your Tiny Tiny RSS installation.\n".
290 "\n".
291 "Login: $login\n".
292 "Email: $email\n";
293
294 $mail = new PHPMailer();
295
296 $mail->PluginDir = "phpmailer/";
297 $mail->SetLanguage("en", "phpmailer/language/");
298
299 $mail->CharSet = "UTF-8";
300
301 $mail->From = DIGEST_FROM_ADDRESS;
302 $mail->FromName = DIGEST_FROM_NAME;
303 $mail->AddAddress(REG_NOTIFY_ADDRESS);
304
305 if (DIGEST_SMTP_HOST) {
306 $mail->Host = DIGEST_SMTP_HOST;
307 $mail->Mailer = "smtp";
308 $mail->Username = DIGEST_SMTP_LOGIN;
309 $mail->Password = DIGEST_SMTP_PASSWORD;
310 }
311
312 // $mail->IsHTML(true);
313 $mail->Subject = "Registration notice for Tiny Tiny RSS";
314 $mail->Body = $reg_text;
315 // $mail->AltBody = $digest_text;
316
317 $rc = $mail->Send();
318
319 print_notice(__("Account created successfully."));
320
321 print "<p><form method=\"GET\" action=\"tt-rss.php\">
322 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
323 </form>";
324
325 }
326
327 }
328
329 } else {
330 print_error('Plese check the form again, you have failed the robot test.');
331 print "<p><form method=\"GET\" action=\"tt-rss.php\">
332 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
333 </form>";
334
335 }
336 }
337 ?>
338
339 <? } else { ?>
340
341 <?php print_notice(__('New user registrations are currently closed.')) ?>
342
343 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
344 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
345 </form>"; ?>
346
347 <? } ?>
348
349 </body>
350 </html>
351
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/