]> git.wh0rd.org - tt-rss.git/blob - register.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
register: only display tos when registrations are open
[tt-rss.git] / register.php
1 <?php
2 // This file uses two additional include files:
3 //
4 // 1) templates/register_notice.txt - displayed above the registration form
5 // 2) register_expire_do.php - contains user expiration queries when necessary
6
7 error_reporting(E_ERROR | E_WARNING | E_PARSE);
8
9 $action = $_REQUEST["action"];
10
11 require_once "sessions.php";
12
13 require_once "sanity_check.php";
14 require_once "functions.php";
15 require_once "config.php";
16 require_once "db.php";
17
18 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
19
20 init_connection($link);
21
22 /* Remove users which didn't login after receiving their registration information */
23
24 if (DB_TYPE == "pgsql") {
25 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
26 AND created < NOW() - INTERVAL '1 day' AND access_level = 0");
27 } else {
28 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
29 AND created < DATE_SUB(NOW(), INTERVAL 1 DAY) AND access_level = 0");
30 }
31
32 if (file_exists("register_expire_do.php")) {
33 require_once "register_expire_do.php";
34 }
35
36 if ($action == "check") {
37 header("Content-Type: application/xml");
38
39 $login = trim(db_escape_string($_REQUEST['login']));
40
41 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
42 LOWER(login) = LOWER('$login')");
43
44 $is_registered = db_num_rows($result) > 0;
45
46 print "<result>";
47
48 printf("%d", $is_registered);
49
50 print "</result>";
51
52 return;
53 }
54 ?>
55
56 <html>
57 <head>
58 <title>Create new account</title>
59 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
60 <link rel="stylesheet" type="text/css" href="utility.css">
61 <script type="text/javascript" src="functions.js"></script>
62 <script type="text/javascript" src="prototype.js"></script>
63 <script type="text/javascript" src="scriptaculous/scriptaculous.js?load=effects,dragdrop,controls"></script>
64 </head>
65
66 <script type="text/javascript">
67
68 function checkUsername() {
69
70 try {
71 var f = document.forms['register_form'];
72 var login = f.login.value;
73
74 if (login == "") {
75 new Effect.Highlight(f.login);
76 f.sub_btn.disabled = true;
77 return false;
78 }
79
80 var query = "register.php?action=check&login=" +
81 param_escape(login);
82
83 new Ajax.Request(query, {
84 onComplete: function(transport) {
85
86 try {
87
88 var reply = transport.responseXML;
89
90 var result = reply.getElementsByTagName('result')[0];
91 var result_code = result.firstChild.nodeValue;
92
93 if (result_code == 0) {
94 new Effect.Highlight(f.login, {startcolor : '#00ff00'});
95 f.sub_btn.disabled = false;
96 } else {
97 new Effect.Highlight(f.login, {startcolor : '#ff0000'});
98 f.sub_btn.disabled = true;
99 }
100 } catch (e) {
101 exception_error("checkUsername_callback", e);
102 }
103
104 } });
105
106 } catch (e) {
107 exception_error("checkUsername", e);
108 }
109
110 return false;
111
112 }
113
114 function validateRegForm() {
115 try {
116
117 var f = document.forms['register_form'];
118
119 if (f.login.value.length == 0) {
120 new Effect.Highlight(f.login);
121 return false;
122 }
123
124 if (f.email.value.length == 0) {
125 new Effect.Highlight(f.email);
126 return false;
127 }
128
129 if (f.turing_test.value.length == 0) {
130 new Effect.Highlight(f.turing_test);
131 return false;
132 }
133
134 return true;
135
136 } catch (e) {
137 exception_error("validateRegForm", e);
138 return false;
139 }
140 }
141
142 </script>
143
144 <body>
145
146 <div class="floatingLogo"><img src="images/ttrss_logo.png"></div>
147
148 <h1><?php echo __("Create new account") ?></h1>
149
150 <?php
151 if (!ENABLE_REGISTRATION) {
152 print_error(__("New user registrations are administratively disabled."));
153
154 print "<p><form method=\"GET\" action=\"logout.php\">
155 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
156 </form>";
157 return;
158 }
159 ?>
160
161 <?php if (REG_MAX_USERS > 0) {
162 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
163 $num_users = db_fetch_result($result, 0, "cu");
164 } ?>
165
166 <? if (!REG_MAX_USERS || $num_users < REG_MAX_USERS) { ?>
167
168 <!-- If you have any rules or ToS you'd like to display, enter them here -->
169
170 <?php if (file_exists("templates/register_notice.txt")) {
171 require_once "templates/register_notice.txt";
172 } ?>
173
174 <? if (!$action) { ?>
175
176 <p><?php echo __('Your temporary password will be sent to the specified email. Accounts, which were not logged in once, are erased automatically 24 hours after temporary password is sent.') ?></p>
177
178 <form action="register.php" method="POST" name="register_form">
179 <input type="hidden" name="action" value="do_register">
180 <table>
181 <tr>
182 <td><?php echo __('Desired login:') ?></td><td>
183 <input name="login">
184 </td><td>
185 <input type="submit" value="<?php echo __('Check availability') ?>" onclick='return checkUsername()'>
186 </td></tr>
187 <td><?php echo __('Email:') ?></td><td>
188 <input name="email">
189 </td></tr>
190 <td><?php echo __('How much is two plus two:') ?></td><td>
191 <input name="turing_test"></td></tr>
192 <tr><td colspan="2" align="right">
193 <input type="submit" name="sub_btn" value="<?php echo __('Submit registration"') ?>"
194 disabled="true" onclick='return validateRegForm()'>
195 </td></tr>
196 </table>
197 </form>
198
199 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
200 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
201 </form>"; ?>
202
203 <? } else if ($action == "do_register") { ?>
204
205 <?
206 $login = mb_strtolower(trim(db_escape_string($_REQUEST["login"])));
207 $email = trim(db_escape_string($_REQUEST["email"]));
208 $test = trim(db_escape_string($_REQUEST["turing_test"]));
209
210 if (!$login || !$email || !$test) {
211 print_error(__("Your registration information is incomplete."));
212 print "<p><form method=\"GET\" action=\"tt-rss.php\">
213 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
214 </form>";
215 return;
216 }
217
218 if ($test == "four" || $test == "4") {
219
220 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
221 login = '$login'");
222
223 $is_registered = db_num_rows($result) > 0;
224
225 if ($is_registered) {
226 print_error(__('Sorry, this username is already taken.'));
227 print "<p><form method=\"GET\" action=\"tt-rss.php\">
228 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
229 </form>";
230 } else {
231
232 $password = make_password();
233
234 $pwd_hash = encrypt_password($password, $login);
235
236 db_query($link, "INSERT INTO ttrss_users
237 (login,pwd_hash,access_level,last_login, email, created)
238 VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
239
240 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
241 login = '$login' AND pwd_hash = '$pwd_hash'");
242
243 if (db_num_rows($result) != 1) {
244 print_error(__('Registration failed.'));
245 print "<p><form method=\"GET\" action=\"tt-rss.php\">
246 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
247 </form>";
248 } else {
249
250 $new_uid = db_fetch_result($result, 0, "id");
251
252 initialize_user($link, $new_uid);
253
254 $reg_text = "Hi!\n".
255 "\n".
256 "You are receiving this message, because you (or somebody else) have opened\n".
257 "an account at Tiny Tiny RSS.\n".
258 "\n".
259 "Your login information is as follows:\n".
260 "\n".
261 "Login: $login\n".
262 "Password: $password\n".
263 "\n".
264 "Don't forget to login at least once to your new account, otherwise\n".
265 "it will be deleted in 24 hours.\n".
266 "\n".
267 "If that wasn't you, just ignore this message. Thanks.";
268
269 $mail = new PHPMailer();
270
271 $mail->PluginDir = "phpmailer/";
272 $mail->SetLanguage("en", "phpmailer/language/");
273
274 $mail->CharSet = "UTF-8";
275
276 $mail->From = DIGEST_FROM_ADDRESS;
277 $mail->FromName = DIGEST_FROM_NAME;
278 $mail->AddAddress($email);
279
280 if (DIGEST_SMTP_HOST) {
281 $mail->Host = DIGEST_SMTP_HOST;
282 $mail->Mailer = "smtp";
283 $mail->Username = DIGEST_SMTP_LOGIN;
284 $mail->Password = DIGEST_SMTP_PASSWORD;
285 }
286
287 // $mail->IsHTML(true);
288 $mail->Subject = "Registration information for Tiny Tiny RSS";
289 $mail->Body = $reg_text;
290 // $mail->AltBody = $digest_text;
291
292 $rc = $mail->Send();
293
294 if (!$rc) print_error($mail->ErrorInfo);
295
296 $reg_text = "Hi!\n".
297 "\n".
298 "New user had registered at your Tiny Tiny RSS installation.\n".
299 "\n".
300 "Login: $login\n".
301 "Email: $email\n";
302
303 $mail = new PHPMailer();
304
305 $mail->PluginDir = "phpmailer/";
306 $mail->SetLanguage("en", "phpmailer/language/");
307
308 $mail->CharSet = "UTF-8";
309
310 $mail->From = DIGEST_FROM_ADDRESS;
311 $mail->FromName = DIGEST_FROM_NAME;
312 $mail->AddAddress(REG_NOTIFY_ADDRESS);
313
314 if (DIGEST_SMTP_HOST) {
315 $mail->Host = DIGEST_SMTP_HOST;
316 $mail->Mailer = "smtp";
317 $mail->Username = DIGEST_SMTP_LOGIN;
318 $mail->Password = DIGEST_SMTP_PASSWORD;
319 }
320
321 // $mail->IsHTML(true);
322 $mail->Subject = "Registration notice for Tiny Tiny RSS";
323 $mail->Body = $reg_text;
324 // $mail->AltBody = $digest_text;
325
326 $rc = $mail->Send();
327
328 print_notice(__("Account created successfully."));
329
330 print "<p><form method=\"GET\" action=\"tt-rss.php\">
331 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
332 </form>";
333
334 }
335
336 }
337
338 } else {
339 print_error('Plese check the form again, you have failed the robot test.');
340 print "<p><form method=\"GET\" action=\"tt-rss.php\">
341 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
342 </form>";
343
344 }
345 }
346 ?>
347
348 <? } else { ?>
349
350 <?php print_notice(__('New user registrations are currently closed.')) ?>
351
352 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
353 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
354 </form>"; ?>
355
356 <? } ?>
357
358 </body>
359 </html>
360
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/