]> git.wh0rd.org - tt-rss.git/blob - register.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
reduce the number of always included libraries
[tt-rss.git] / register.php
1 <?php
2 // This file uses two additional include files:
3 //
4 // 1) templates/register_notice.txt - displayed above the registration form
5 // 2) register_expire_do.php - contains user expiration queries when necessary
6
7 require_once 'lib/phpmailer/class.phpmailer.php';
8
9 $action = $_REQUEST["action"];
10
11 require_once "functions.php";
12 require_once "sessions.php";
13 require_once "sanity_check.php";
14 require_once "config.php";
15 require_once "db.php";
16
17 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
18
19 init_connection($link);
20
21 if ($_REQUEST["format"] == "feed") {
22 header("Content-Type: text/xml");
23
24 print '<?xml version="1.0" encoding="utf-8"?>';
25 print "<feed xmlns=\"http://www.w3.org/2005/Atom\">
26 <id>".htmlspecialchars(SELF_URL_PATH . "/register.php")."</id>
27 <title>Tiny Tiny RSS registration slots</title>
28 <link rel=\"self\" href=\"".htmlspecialchars(SELF_URL_PATH . "/register.php?format=feed")."\"/>
29 <link rel=\"alternate\" href=\"".htmlspecialchars(SELF_URL_PATH)."\"/>";
30
31 if (ENABLE_REGISTRATION) {
32 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
33 $num_users = db_fetch_result($result, 0, "cu");
34
35 $num_users = REG_MAX_USERS - $num_users;
36 if ($num_users < 0) $num_users = 0;
37 $reg_suffix = "enabled";
38 } else {
39 $num_users = 0;
40 $reg_suffix = "disabled";
41 }
42
43 print "<entry>
44 <id>".htmlspecialchars(SELF_URL_PATH)."/register.php?$num_users"."</id>
45 <link rel=\"alternate\" href=\"".htmlspecialchars(SELF_URL_PATH . "/register.php")."\"/>";
46
47 print "<title>$num_users slots are currently available, registration $reg_suffix</title>";
48 print "<summary>$num_users slots are currently available, registration $reg_suffix</summary>";
49
50 print "</entry>";
51
52 print "</feed>";
53
54 return;
55 }
56
57 /* Remove users which didn't login after receiving their registration information */
58
59 if (DB_TYPE == "pgsql") {
60 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
61 AND created < NOW() - INTERVAL '1 day' AND access_level = 0");
62 } else {
63 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
64 AND created < DATE_SUB(NOW(), INTERVAL 1 DAY) AND access_level = 0");
65 }
66
67 if (file_exists("register_expire_do.php")) {
68 require_once "register_expire_do.php";
69 }
70
71 if ($action == "check") {
72 header("Content-Type: application/xml");
73
74 $login = trim(db_escape_string($_REQUEST['login']));
75
76 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
77 LOWER(login) = LOWER('$login')");
78
79 $is_registered = db_num_rows($result) > 0;
80
81 print "<result>";
82
83 printf("%d", $is_registered);
84
85 print "</result>";
86
87 return;
88 }
89 ?>
90
91 <html>
92 <head>
93 <title>Create new account</title>
94 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
95 <link rel="stylesheet" type="text/css" href="utility.css">
96 <script type="text/javascript" src="functions.js"></script>
97 <script type="text/javascript" src="lib/prototype.js"></script>
98 <script type="text/javascript" src="lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls"></script>
99 </head>
100
101 <script type="text/javascript">
102
103 function checkUsername() {
104
105 try {
106 var f = document.forms['register_form'];
107 var login = f.login.value;
108
109 if (login == "") {
110 new Effect.Highlight(f.login);
111 f.sub_btn.disabled = true;
112 return false;
113 }
114
115 var query = "register.php?action=check&login=" +
116 param_escape(login);
117
118 new Ajax.Request(query, {
119 onComplete: function(transport) {
120
121 try {
122
123 var reply = transport.responseXML;
124
125 var result = reply.getElementsByTagName('result')[0];
126 var result_code = result.firstChild.nodeValue;
127
128 if (result_code == 0) {
129 new Effect.Highlight(f.login, {startcolor : '#00ff00'});
130 f.sub_btn.disabled = false;
131 } else {
132 new Effect.Highlight(f.login, {startcolor : '#ff0000'});
133 f.sub_btn.disabled = true;
134 }
135 } catch (e) {
136 exception_error("checkUsername_callback", e);
137 }
138
139 } });
140
141 } catch (e) {
142 exception_error("checkUsername", e);
143 }
144
145 return false;
146
147 }
148
149 function validateRegForm() {
150 try {
151
152 var f = document.forms['register_form'];
153
154 if (f.login.value.length == 0) {
155 new Effect.Highlight(f.login);
156 return false;
157 }
158
159 if (f.email.value.length == 0) {
160 new Effect.Highlight(f.email);
161 return false;
162 }
163
164 if (f.turing_test.value.length == 0) {
165 new Effect.Highlight(f.turing_test);
166 return false;
167 }
168
169 return true;
170
171 } catch (e) {
172 exception_error("validateRegForm", e);
173 return false;
174 }
175 }
176
177 </script>
178
179 <body>
180
181 <div class="floatingLogo"><img src="images/logo_wide.png"></div>
182
183 <h1><?php echo __("Create new account") ?></h1>
184
185 <?php
186 if (!ENABLE_REGISTRATION) {
187 print_error(__("New user registrations are administratively disabled."));
188
189 print "<p><form method=\"GET\" action=\"backend.php\">
190 <input type=\"hidden\" name=\"op\" value=\"logout\">
191 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
192 </form>";
193 return;
194 }
195 ?>
196
197 <?php if (REG_MAX_USERS > 0) {
198 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
199 $num_users = db_fetch_result($result, 0, "cu");
200 } ?>
201
202 <?php if (!REG_MAX_USERS || $num_users < REG_MAX_USERS) { ?>
203
204 <!-- If you have any rules or ToS you'd like to display, enter them here -->
205
206 <?php if (file_exists("templates/register_notice.txt")) {
207 require_once "templates/register_notice.txt";
208 } ?>
209
210 <?php if (!$action) { ?>
211
212 <p><?php echo __('Your temporary password will be sent to the specified email. Accounts, which were not logged in once, are erased automatically 24 hours after temporary password is sent.') ?></p>
213
214 <form action="register.php" method="POST" name="register_form">
215 <input type="hidden" name="action" value="do_register">
216 <table>
217 <tr>
218 <td><?php echo __('Desired login:') ?></td><td>
219 <input name="login">
220 </td><td>
221 <input type="submit" value="<?php echo __('Check availability') ?>" onclick='return checkUsername()'>
222 </td></tr>
223 <tr><td><?php echo __('Email:') ?></td><td>
224 <input name="email">
225 </td></tr>
226 <tr><td><?php echo __('How much is two plus two:') ?></td><td>
227 <input name="turing_test"></td></tr>
228 <tr><td colspan="2" align="right">
229 <input type="submit" name="sub_btn" value="<?php echo __('Submit registration') ?>"
230 disabled="disabled" onclick='return validateRegForm()'>
231 </td></tr>
232 </table>
233 </form>
234
235 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
236 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
237 </form>"; ?>
238
239 <?php } else if ($action == "do_register") { ?>
240
241 <?php
242 $login = mb_strtolower(trim(db_escape_string($_REQUEST["login"])));
243 $email = trim(db_escape_string($_REQUEST["email"]));
244 $test = trim(db_escape_string($_REQUEST["turing_test"]));
245
246 if (!$login || !$email || !$test) {
247 print_error(__("Your registration information is incomplete."));
248 print "<p><form method=\"GET\" action=\"tt-rss.php\">
249 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
250 </form>";
251 return;
252 }
253
254 if ($test == "four" || $test == "4") {
255
256 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
257 login = '$login'");
258
259 $is_registered = db_num_rows($result) > 0;
260
261 if ($is_registered) {
262 print_error(__('Sorry, this username is already taken.'));
263 print "<p><form method=\"GET\" action=\"tt-rss.php\">
264 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
265 </form>";
266 } else {
267
268 $password = make_password();
269
270 $pwd_hash = encrypt_password($password, $login);
271
272 db_query($link, "INSERT INTO ttrss_users
273 (login,pwd_hash,access_level,last_login, email, created)
274 VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
275
276 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
277 login = '$login' AND pwd_hash = '$pwd_hash'");
278
279 if (db_num_rows($result) != 1) {
280 print_error(__('Registration failed.'));
281 print "<p><form method=\"GET\" action=\"tt-rss.php\">
282 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
283 </form>";
284 } else {
285
286 $new_uid = db_fetch_result($result, 0, "id");
287
288 initialize_user($link, $new_uid);
289
290 $reg_text = "Hi!\n".
291 "\n".
292 "You are receiving this message, because you (or somebody else) have opened\n".
293 "an account at Tiny Tiny RSS.\n".
294 "\n".
295 "Your login information is as follows:\n".
296 "\n".
297 "Login: $login\n".
298 "Password: $password\n".
299 "\n".
300 "Don't forget to login at least once to your new account, otherwise\n".
301 "it will be deleted in 24 hours.\n".
302 "\n".
303 "If that wasn't you, just ignore this message. Thanks.";
304
305 $mail = new PHPMailer();
306
307 $mail->PluginDir = "lib/phpmailer/";
308 $mail->SetLanguage("en", "lib/phpmailer/language/");
309
310 $mail->CharSet = "UTF-8";
311
312 $mail->From = DIGEST_FROM_ADDRESS;
313 $mail->FromName = DIGEST_FROM_NAME;
314 $mail->AddAddress($email);
315
316 if (DIGEST_SMTP_HOST) {
317 $mail->Host = DIGEST_SMTP_HOST;
318 $mail->Mailer = "smtp";
319 $mail->Username = DIGEST_SMTP_LOGIN;
320 $mail->Password = DIGEST_SMTP_PASSWORD;
321 }
322
323 // $mail->IsHTML(true);
324 $mail->Subject = "Registration information for Tiny Tiny RSS";
325 $mail->Body = $reg_text;
326 // $mail->AltBody = $digest_text;
327
328 $rc = $mail->Send();
329
330 if (!$rc) print_error($mail->ErrorInfo);
331
332 $reg_text = "Hi!\n".
333 "\n".
334 "New user had registered at your Tiny Tiny RSS installation.\n".
335 "\n".
336 "Login: $login\n".
337 "Email: $email\n";
338
339 $mail = new PHPMailer();
340
341 $mail->PluginDir = "lib/phpmailer/";
342 $mail->SetLanguage("en", "lib/phpmailer/language/");
343
344 $mail->CharSet = "UTF-8";
345
346 $mail->From = DIGEST_FROM_ADDRESS;
347 $mail->FromName = DIGEST_FROM_NAME;
348 $mail->AddAddress(REG_NOTIFY_ADDRESS);
349
350 if (DIGEST_SMTP_HOST) {
351 $mail->Host = DIGEST_SMTP_HOST;
352 $mail->Mailer = "smtp";
353 $mail->Username = DIGEST_SMTP_LOGIN;
354 $mail->Password = DIGEST_SMTP_PASSWORD;
355 }
356
357 // $mail->IsHTML(true);
358 $mail->Subject = "Registration notice for Tiny Tiny RSS";
359 $mail->Body = $reg_text;
360 // $mail->AltBody = $digest_text;
361
362 $rc = $mail->Send();
363
364 print_notice(__("Account created successfully."));
365
366 print "<p><form method=\"GET\" action=\"tt-rss.php\">
367 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
368 </form>";
369
370 }
371
372 }
373
374 } else {
375 print_error('Plese check the form again, you have failed the robot test.');
376 print "<p><form method=\"GET\" action=\"tt-rss.php\">
377 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
378 </form>";
379
380 }
381 }
382 ?>
383
384 <?php } else { ?>
385
386 <?php print_notice(__('New user registrations are currently closed.')) ?>
387
388 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
389 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
390 </form>"; ?>
391
392 <?php } ?>
393
394 </body>
395 </html>
396
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/