]> git.wh0rd.org - tt-rss.git/blob - register.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
add registration script and required config options
[tt-rss.git] / register.php
1 <?php
2 // Note: this script uses an undocumented constant in config.php named
3 // REG_NOTIFY_ADDRESS - email address to send registration notifications to.
4 //
5 // define('REG_NOTIFY_ADDRESS', 'my-address@domain.dom');
6
7 error_reporting(E_ERROR | E_WARNING | E_PARSE);
8
9 $action = $_REQUEST["action"];
10
11 define('MAX_USERS', 55);
12
13 require_once "sessions.php";
14
15 require_once "sanity_check.php";
16 require_once "functions.php";
17 require_once "config.php";
18 require_once "db.php";
19
20 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
21
22 init_connection($link);
23
24 /* Remove users which didn't login after receiving their registration information */
25
26 if (DB_TYPE == "pgsql") {
27 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
28 AND created < NOW() - INTERVAL '1 day' AND access_level = 0");
29 } else {
30 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
31 AND created < DATE_SUB(NOW(), INTERVAL 1 DAY) AND access_level = 0");
32 }
33
34 if ($action == "check") {
35 header("Content-Type: application/xml");
36
37 $login = trim(db_escape_string($_REQUEST['login']));
38
39 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
40 LOWER(login) = LOWER('$login')");
41
42 $is_registered = db_num_rows($result) > 0;
43
44 print "<result>";
45
46 printf("%d", $is_registered);
47
48 print "</result>";
49
50 return;
51 }
52 ?>
53
54 <html>
55 <head>
56 <title>Create new account</title>
57 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
58 <link rel="stylesheet" type="text/css" href="utility.css">
59 <link rel="alternate" type="application/rss+xml" title="online.tt-rss.org - Registration Status" href="http://online.tt-rss.org/register_rss.php">
60 <script type="text/javascript" src="functions.js"></script>
61 <script type="text/javascript" src="prototype.js"></script>
62 <script type="text/javascript" src="scriptaculous/scriptaculous.js?load=effects,dragdrop,controls"></script>
63 </head>
64
65 <script type="text/javascript">
66
67 function checkUsername() {
68
69 try {
70 var f = document.forms['register_form'];
71 var login = f.login.value;
72
73 if (login == "") {
74 new Effect.Highlight(f.login);
75 f.sub_btn.disabled = true;
76 return false;
77 }
78
79 var query = "register.php?action=check&login=" +
80 param_escape(login);
81
82 new Ajax.Request(query, {
83 onComplete: function(transport) {
84
85 try {
86
87 var reply = transport.responseXML;
88
89 var result = reply.getElementsByTagName('result')[0];
90 var result_code = result.firstChild.nodeValue;
91
92 if (result_code == 0) {
93 new Effect.Highlight(f.login, {startcolor : '#00ff00'});
94 f.sub_btn.disabled = false;
95 } else {
96 new Effect.Highlight(f.login, {startcolor : '#ff0000'});
97 f.sub_btn.disabled = true;
98 }
99 } catch (e) {
100 exception_error("checkUsername_callback", e);
101 }
102
103 } });
104
105 } catch (e) {
106 exception_error("checkUsername", e);
107 }
108
109 return false;
110
111 }
112
113 function validateRegForm() {
114 try {
115
116 var f = document.forms['register_form'];
117
118 if (f.login.value.length == 0) {
119 new Effect.Highlight(f.login);
120 return false;
121 }
122
123 if (f.email.value.length == 0) {
124 new Effect.Highlight(f.email);
125 return false;
126 }
127
128 if (f.turing_test.value.length == 0) {
129 new Effect.Highlight(f.turing_test);
130 return false;
131 }
132
133 return true;
134
135 } catch (e) {
136 exception_error("validateRegForm", e);
137 return false;
138 }
139 }
140
141 </script>
142
143 <body>
144
145 <div class="floatingLogo"><img src="images/ttrss_logo.png"></div>
146
147 <h1><?php echo __("Create new account") ?></h1>
148
149 <?php
150 if (!ENABLE_REGISTRATION) {
151 print_error(__("New user registrations are administratively disabled."));
152
153 print "<p><form method=\"GET\" action=\"logout.php\">
154 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
155 </form>";
156 return;
157 }
158 ?>
159
160 <!-- If you have any rules or ToS you'd like to display, enter them here -->
161
162
163 <?php if (REG_MAX_USERS > 0) {
164 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
165 $num_users = db_fetch_result($result, 0, "cu");
166 } ?>
167
168 <? if (!REG_MAX_USERS || $num_users < REG_MAX_USERS) { ?>
169
170 <? if (!$action) { ?>
171
172 <p><?php echo __('Your temporary password will be sent to the specified email. Accounts, which were not logged in once, are erased automatically 24 hours after temporary password is sent.') ?></p>
173
174 <form action="register.php" method="POST" name="register_form">
175 <input type="hidden" name="action" value="do_register">
176 <table>
177 <tr>
178 <td><?php echo __('Desired login:') ?></td><td>
179 <input name="login">
180 </td><td>
181 <input type="submit" value="<?php echo __('Check availability') ?>" onclick='return checkUsername()'>
182 </td></tr>
183 <td><?php echo __('Email:') ?></td><td>
184 <input name="email">
185 </td></tr>
186 <td><?php echo __('How much is two plus two:') ?></td><td>
187 <input name="turing_test"></td></tr>
188 <tr><td colspan="2" align="right">
189 <input type="submit" name="sub_btn" value="<?php echo __('Submit registration"') ?>"
190 disabled="true" onclick='return validateRegForm()'>
191 </td></tr>
192 </table>
193 </form>
194
195 <? } else if ($action == "do_register") { ?>
196
197 <p><?php echo __('Processing registration...') ?></p>
198
199 <?
200 $login = mb_strtolower(trim(db_escape_string($_REQUEST["login"])));
201 $email = trim(db_escape_string($_REQUEST["email"]));
202 $test = trim(db_escape_string($_REQUEST["turing_test"]));
203
204 if (!$login || !$email || !$test) {
205 print "<div class='error'>Please fill in the form.</div>";
206 print "<p><a href='register.php'>Return to registration form</a></p>";
207 return;
208 }
209
210 if ($test == "four" || $test == "4") {
211
212 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
213 login = '$login'");
214
215 $is_registered = db_num_rows($result) > 0;
216
217 if ($is_registered) {
218 print_error(__('Sorry, this username is already taken.'));
219 print "<p><form method=\"GET\" action=\"tt-rss.php\">
220 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
221 </form>";
222 } else {
223
224 $password = make_password();
225
226 $pwd_hash = encrypt_password($password, $login);
227
228 db_query($link, "INSERT INTO ttrss_users
229 (login,pwd_hash,access_level,last_login, email, created)
230 VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
231
232 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
233 login = '$login' AND pwd_hash = '$pwd_hash'");
234
235 if (db_num_rows($result) != 1) {
236 print_error(__('Registration failed.'));
237 print "<p><form method=\"GET\" action=\"tt-rss.php\">
238 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
239 </form>";
240 } else {
241
242 $new_uid = db_fetch_result($result, 0, "id");
243
244 initialize_user($link, $new_uid);
245
246 $reg_text = "Hi!\n".
247 "\n".
248 "You are receiving this message, because you (or somebody else) have opened\n".
249 "an account at Tiny Tiny RSS.\n".
250 "\n".
251 "Your login information is as follows:\n".
252 "\n".
253 "Login: $login\n".
254 "Password: $password\n".
255 "\n".
256 "Don't forget to login at least once to your new account, otherwise\n".
257 "it will be deleted in 24 hours.\n".
258 "\n".
259 "If that wasn't you, just ignore this message. Thanks.";
260
261 $mail = new PHPMailer();
262
263 $mail->PluginDir = "phpmailer/";
264 $mail->SetLanguage("en", "phpmailer/language/");
265
266 $mail->CharSet = "UTF-8";
267
268 $mail->From = DIGEST_FROM_ADDRESS;
269 $mail->FromName = DIGEST_FROM_NAME;
270 $mail->AddAddress($email);
271
272 if (DIGEST_SMTP_HOST) {
273 $mail->Host = DIGEST_SMTP_HOST;
274 $mail->Mailer = "smtp";
275 $mail->Username = DIGEST_SMTP_LOGIN;
276 $mail->Password = DIGEST_SMTP_PASSWORD;
277 }
278
279 // $mail->IsHTML(true);
280 $mail->Subject = "Registration information for Tiny Tiny RSS";
281 $mail->Body = $reg_text;
282 // $mail->AltBody = $digest_text;
283
284 $rc = $mail->Send();
285
286 if (!$rc) print_error($mail->ErrorInfo);
287
288 $reg_text = "Hi!\n".
289 "\n".
290 "New user had registered at your Tiny Tiny RSS installation.\n".
291 "\n".
292 "Login: $login\n".
293 "Email: $email\n";
294
295 $mail = new PHPMailer();
296
297 $mail->PluginDir = "phpmailer/";
298 $mail->SetLanguage("en", "phpmailer/language/");
299
300 $mail->CharSet = "UTF-8";
301
302 $mail->From = DIGEST_FROM_ADDRESS;
303 $mail->FromName = DIGEST_FROM_NAME;
304 $mail->AddAddress(REG_NOTIFY_ADDRESS);
305
306 if (DIGEST_SMTP_HOST) {
307 $mail->Host = DIGEST_SMTP_HOST;
308 $mail->Mailer = "smtp";
309 $mail->Username = DIGEST_SMTP_LOGIN;
310 $mail->Password = DIGEST_SMTP_PASSWORD;
311 }
312
313 // $mail->IsHTML(true);
314 $mail->Subject = "Registration notice for Tiny Tiny RSS";
315 $mail->Body = $reg_text;
316 // $mail->AltBody = $digest_text;
317
318 $rc = $mail->Send();
319
320 print_notice(__("Account created successfully."));
321
322 print "<p><form method=\"GET\" action=\"tt-rss.php\">
323 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
324 </form>";
325
326 }
327
328 }
329
330 } else {
331 print_error('Plese check the form again, you have failed the robot test.');
332 print "<p><form method=\"GET\" action=\"tt-rss.php\">
333 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
334 </form>";
335
336 }
337 }
338 ?>
339
340 <? } else { ?>
341
342 <?php print_notice(__('New user registrations are currently closed.')) ?>
343
344 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
345 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
346 </form>"; ?>
347
348 <? } ?>
349
350 </body>
351 </html>
352
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/