]> git.wh0rd.org - tt-rss.git/blob - register.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
implement basic feed output for register.php
[tt-rss.git] / register.php
1 <?php
2 // This file uses two additional include files:
3 //
4 // 1) templates/register_notice.txt - displayed above the registration form
5 // 2) register_expire_do.php - contains user expiration queries when necessary
6
7 $action = $_REQUEST["action"];
8
9 require_once "functions.php";
10 require_once "sessions.php";
11 require_once "sanity_check.php";
12 require_once "config.php";
13 require_once "db.php";
14
15 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
16
17 init_connection($link);
18
19 if ($_REQUEST["format"] == "feed") {
20 header("Content-Type: text/xml");
21
22 print '<?xml version="1.0" encoding="utf-8"?>';
23 print "<feed xmlns=\"http://www.w3.org/2005/Atom\">
24 <id>".htmlspecialchars(SELF_URL_PATH . "/register.php")."</id>
25 <title>Tiny Tiny RSS registration slots</title>
26 <link rel=\"self\" href=\"".htmlspecialchars(SELF_URL_PATH . "/register.php?format=feed")."\"/>
27 <link rel=\"alternate\" href=\"".htmlspecialchars(SELF_URL_PATH)."\"/>";
28
29 if (ENABLE_REGISTRATION) {
30 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
31 $num_users = db_fetch_result($result, 0, "cu");
32
33 $num_users -= REG_MAX_USERS;
34 if ($num_users < 0) $num_users = 0;
35 $reg_suffix = "enabled";
36 } else {
37 $num_users = 0;
38 $reg_suffix = "disabled";
39 }
40
41 print "<entry>
42 <id>".htmlspecialchars(SELF_URL_PATH)."/register.php?$num_users"."</id>
43 <link rel=\"alternate\" href=\"".htmlspecialchars(SELF_URL_PATH . "/register.php")."\"/>";
44
45 print "<title>$num_users slots are currently available, registration $reg_suffix</title>";
46 print "<summary>$num_users slots are currently available, registration $reg_suffix</summary>";
47
48 print "</entry>";
49
50 print "</feed>";
51
52 return;
53 }
54
55 /* Remove users which didn't login after receiving their registration information */
56
57 if (DB_TYPE == "pgsql") {
58 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
59 AND created < NOW() - INTERVAL '1 day' AND access_level = 0");
60 } else {
61 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
62 AND created < DATE_SUB(NOW(), INTERVAL 1 DAY) AND access_level = 0");
63 }
64
65 if (file_exists("register_expire_do.php")) {
66 require_once "register_expire_do.php";
67 }
68
69 if ($action == "check") {
70 header("Content-Type: application/xml");
71
72 $login = trim(db_escape_string($_REQUEST['login']));
73
74 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
75 LOWER(login) = LOWER('$login')");
76
77 $is_registered = db_num_rows($result) > 0;
78
79 print "<result>";
80
81 printf("%d", $is_registered);
82
83 print "</result>";
84
85 return;
86 }
87 ?>
88
89 <html>
90 <head>
91 <title>Create new account</title>
92 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
93 <link rel="stylesheet" type="text/css" href="utility.css">
94 <script type="text/javascript" src="functions.js"></script>
95 <script type="text/javascript" src="lib/prototype.js"></script>
96 <script type="text/javascript" src="lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls"></script>
97 </head>
98
99 <script type="text/javascript">
100
101 function checkUsername() {
102
103 try {
104 var f = document.forms['register_form'];
105 var login = f.login.value;
106
107 if (login == "") {
108 new Effect.Highlight(f.login);
109 f.sub_btn.disabled = true;
110 return false;
111 }
112
113 var query = "register.php?action=check&login=" +
114 param_escape(login);
115
116 new Ajax.Request(query, {
117 onComplete: function(transport) {
118
119 try {
120
121 var reply = transport.responseXML;
122
123 var result = reply.getElementsByTagName('result')[0];
124 var result_code = result.firstChild.nodeValue;
125
126 if (result_code == 0) {
127 new Effect.Highlight(f.login, {startcolor : '#00ff00'});
128 f.sub_btn.disabled = false;
129 } else {
130 new Effect.Highlight(f.login, {startcolor : '#ff0000'});
131 f.sub_btn.disabled = true;
132 }
133 } catch (e) {
134 exception_error("checkUsername_callback", e);
135 }
136
137 } });
138
139 } catch (e) {
140 exception_error("checkUsername", e);
141 }
142
143 return false;
144
145 }
146
147 function validateRegForm() {
148 try {
149
150 var f = document.forms['register_form'];
151
152 if (f.login.value.length == 0) {
153 new Effect.Highlight(f.login);
154 return false;
155 }
156
157 if (f.email.value.length == 0) {
158 new Effect.Highlight(f.email);
159 return false;
160 }
161
162 if (f.turing_test.value.length == 0) {
163 new Effect.Highlight(f.turing_test);
164 return false;
165 }
166
167 return true;
168
169 } catch (e) {
170 exception_error("validateRegForm", e);
171 return false;
172 }
173 }
174
175 </script>
176
177 <body>
178
179 <div class="floatingLogo"><img src="images/logo_wide.png"></div>
180
181 <h1><?php echo __("Create new account") ?></h1>
182
183 <?php
184 if (!ENABLE_REGISTRATION) {
185 print_error(__("New user registrations are administratively disabled."));
186
187 print "<p><form method=\"GET\" action=\"backend.php\">
188 <input type=\"hidden\" name=\"op\" value=\"logout\">
189 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
190 </form>";
191 return;
192 }
193 ?>
194
195 <?php if (REG_MAX_USERS > 0) {
196 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
197 $num_users = db_fetch_result($result, 0, "cu");
198 } ?>
199
200 <?php if (!REG_MAX_USERS || $num_users < REG_MAX_USERS) { ?>
201
202 <!-- If you have any rules or ToS you'd like to display, enter them here -->
203
204 <?php if (file_exists("templates/register_notice.txt")) {
205 require_once "templates/register_notice.txt";
206 } ?>
207
208 <?php if (!$action) { ?>
209
210 <p><?php echo __('Your temporary password will be sent to the specified email. Accounts, which were not logged in once, are erased automatically 24 hours after temporary password is sent.') ?></p>
211
212 <form action="register.php" method="POST" name="register_form">
213 <input type="hidden" name="action" value="do_register">
214 <table>
215 <tr>
216 <td><?php echo __('Desired login:') ?></td><td>
217 <input name="login">
218 </td><td>
219 <input type="submit" value="<?php echo __('Check availability') ?>" onclick='return checkUsername()'>
220 </td></tr>
221 <td><?php echo __('Email:') ?></td><td>
222 <input name="email">
223 </td></tr>
224 <td><?php echo __('How much is two plus two:') ?></td><td>
225 <input name="turing_test"></td></tr>
226 <tr><td colspan="2" align="right">
227 <input type="submit" name="sub_btn" value="<?php echo __('Submit registration') ?>"
228 disabled="true" onclick='return validateRegForm()'>
229 </td></tr>
230 </table>
231 </form>
232
233 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
234 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
235 </form>"; ?>
236
237 <?php } else if ($action == "do_register") { ?>
238
239 <?php
240 $login = mb_strtolower(trim(db_escape_string($_REQUEST["login"])));
241 $email = trim(db_escape_string($_REQUEST["email"]));
242 $test = trim(db_escape_string($_REQUEST["turing_test"]));
243
244 if (!$login || !$email || !$test) {
245 print_error(__("Your registration information is incomplete."));
246 print "<p><form method=\"GET\" action=\"tt-rss.php\">
247 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
248 </form>";
249 return;
250 }
251
252 if ($test == "four" || $test == "4") {
253
254 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
255 login = '$login'");
256
257 $is_registered = db_num_rows($result) > 0;
258
259 if ($is_registered) {
260 print_error(__('Sorry, this username is already taken.'));
261 print "<p><form method=\"GET\" action=\"tt-rss.php\">
262 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
263 </form>";
264 } else {
265
266 $password = make_password();
267
268 $pwd_hash = encrypt_password($password, $login);
269
270 db_query($link, "INSERT INTO ttrss_users
271 (login,pwd_hash,access_level,last_login, email, created)
272 VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
273
274 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
275 login = '$login' AND pwd_hash = '$pwd_hash'");
276
277 if (db_num_rows($result) != 1) {
278 print_error(__('Registration failed.'));
279 print "<p><form method=\"GET\" action=\"tt-rss.php\">
280 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
281 </form>";
282 } else {
283
284 $new_uid = db_fetch_result($result, 0, "id");
285
286 initialize_user($link, $new_uid);
287
288 $reg_text = "Hi!\n".
289 "\n".
290 "You are receiving this message, because you (or somebody else) have opened\n".
291 "an account at Tiny Tiny RSS.\n".
292 "\n".
293 "Your login information is as follows:\n".
294 "\n".
295 "Login: $login\n".
296 "Password: $password\n".
297 "\n".
298 "Don't forget to login at least once to your new account, otherwise\n".
299 "it will be deleted in 24 hours.\n".
300 "\n".
301 "If that wasn't you, just ignore this message. Thanks.";
302
303 $mail = new PHPMailer();
304
305 $mail->PluginDir = "lib/phpmailer/";
306 $mail->SetLanguage("en", "lib/phpmailer/language/");
307
308 $mail->CharSet = "UTF-8";
309
310 $mail->From = DIGEST_FROM_ADDRESS;
311 $mail->FromName = DIGEST_FROM_NAME;
312 $mail->AddAddress($email);
313
314 if (DIGEST_SMTP_HOST) {
315 $mail->Host = DIGEST_SMTP_HOST;
316 $mail->Mailer = "smtp";
317 $mail->Username = DIGEST_SMTP_LOGIN;
318 $mail->Password = DIGEST_SMTP_PASSWORD;
319 }
320
321 // $mail->IsHTML(true);
322 $mail->Subject = "Registration information for Tiny Tiny RSS";
323 $mail->Body = $reg_text;
324 // $mail->AltBody = $digest_text;
325
326 $rc = $mail->Send();
327
328 if (!$rc) print_error($mail->ErrorInfo);
329
330 $reg_text = "Hi!\n".
331 "\n".
332 "New user had registered at your Tiny Tiny RSS installation.\n".
333 "\n".
334 "Login: $login\n".
335 "Email: $email\n";
336
337 $mail = new PHPMailer();
338
339 $mail->PluginDir = "lib/phpmailer/";
340 $mail->SetLanguage("en", "lib/phpmailer/language/");
341
342 $mail->CharSet = "UTF-8";
343
344 $mail->From = DIGEST_FROM_ADDRESS;
345 $mail->FromName = DIGEST_FROM_NAME;
346 $mail->AddAddress(REG_NOTIFY_ADDRESS);
347
348 if (DIGEST_SMTP_HOST) {
349 $mail->Host = DIGEST_SMTP_HOST;
350 $mail->Mailer = "smtp";
351 $mail->Username = DIGEST_SMTP_LOGIN;
352 $mail->Password = DIGEST_SMTP_PASSWORD;
353 }
354
355 // $mail->IsHTML(true);
356 $mail->Subject = "Registration notice for Tiny Tiny RSS";
357 $mail->Body = $reg_text;
358 // $mail->AltBody = $digest_text;
359
360 $rc = $mail->Send();
361
362 print_notice(__("Account created successfully."));
363
364 print "<p><form method=\"GET\" action=\"tt-rss.php\">
365 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
366 </form>";
367
368 }
369
370 }
371
372 } else {
373 print_error('Plese check the form again, you have failed the robot test.');
374 print "<p><form method=\"GET\" action=\"tt-rss.php\">
375 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
376 </form>";
377
378 }
379 }
380 ?>
381
382 <?php } else { ?>
383
384 <?php print_notice(__('New user registrations are currently closed.')) ?>
385
386 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
387 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
388 </form>"; ?>
389
390 <?php } ?>
391
392 </body>
393 </html>
394
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/