]> git.wh0rd.org - tt-rss.git/blob - register.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
register: use include files
[tt-rss.git] / register.php
1 <?php
2 // This file uses two additional include files:
3 //
4 // 1) templates/register_notice.txt - displayed above the registration form
5 // 2) register_expire_do.php - contains user expiration queries when necessary
6
7 error_reporting(E_ERROR | E_WARNING | E_PARSE);
8
9 $action = $_REQUEST["action"];
10
11 define('MAX_USERS', 55);
12
13 require_once "sessions.php";
14
15 require_once "sanity_check.php";
16 require_once "functions.php";
17 require_once "config.php";
18 require_once "db.php";
19
20 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
21
22 init_connection($link);
23
24 /* Remove users which didn't login after receiving their registration information */
25
26 if (DB_TYPE == "pgsql") {
27 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
28 AND created < NOW() - INTERVAL '1 day' AND access_level = 0");
29 } else {
30 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
31 AND created < DATE_SUB(NOW(), INTERVAL 1 DAY) AND access_level = 0");
32 }
33
34 if (file_exists("register_expire_do.php")) {
35 require_once "register_expire_do.php";
36 }
37
38 if ($action == "check") {
39 header("Content-Type: application/xml");
40
41 $login = trim(db_escape_string($_REQUEST['login']));
42
43 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
44 LOWER(login) = LOWER('$login')");
45
46 $is_registered = db_num_rows($result) > 0;
47
48 print "<result>";
49
50 printf("%d", $is_registered);
51
52 print "</result>";
53
54 return;
55 }
56 ?>
57
58 <html>
59 <head>
60 <title>Create new account</title>
61 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
62 <link rel="stylesheet" type="text/css" href="utility.css">
63 <script type="text/javascript" src="functions.js"></script>
64 <script type="text/javascript" src="prototype.js"></script>
65 <script type="text/javascript" src="scriptaculous/scriptaculous.js?load=effects,dragdrop,controls"></script>
66 </head>
67
68 <script type="text/javascript">
69
70 function checkUsername() {
71
72 try {
73 var f = document.forms['register_form'];
74 var login = f.login.value;
75
76 if (login == "") {
77 new Effect.Highlight(f.login);
78 f.sub_btn.disabled = true;
79 return false;
80 }
81
82 var query = "register.php?action=check&login=" +
83 param_escape(login);
84
85 new Ajax.Request(query, {
86 onComplete: function(transport) {
87
88 try {
89
90 var reply = transport.responseXML;
91
92 var result = reply.getElementsByTagName('result')[0];
93 var result_code = result.firstChild.nodeValue;
94
95 if (result_code == 0) {
96 new Effect.Highlight(f.login, {startcolor : '#00ff00'});
97 f.sub_btn.disabled = false;
98 } else {
99 new Effect.Highlight(f.login, {startcolor : '#ff0000'});
100 f.sub_btn.disabled = true;
101 }
102 } catch (e) {
103 exception_error("checkUsername_callback", e);
104 }
105
106 } });
107
108 } catch (e) {
109 exception_error("checkUsername", e);
110 }
111
112 return false;
113
114 }
115
116 function validateRegForm() {
117 try {
118
119 var f = document.forms['register_form'];
120
121 if (f.login.value.length == 0) {
122 new Effect.Highlight(f.login);
123 return false;
124 }
125
126 if (f.email.value.length == 0) {
127 new Effect.Highlight(f.email);
128 return false;
129 }
130
131 if (f.turing_test.value.length == 0) {
132 new Effect.Highlight(f.turing_test);
133 return false;
134 }
135
136 return true;
137
138 } catch (e) {
139 exception_error("validateRegForm", e);
140 return false;
141 }
142 }
143
144 </script>
145
146 <body>
147
148 <div class="floatingLogo"><img src="images/ttrss_logo.png"></div>
149
150 <h1><?php echo __("Create new account") ?></h1>
151
152 <?php
153 if (!ENABLE_REGISTRATION) {
154 print_error(__("New user registrations are administratively disabled."));
155
156 print "<p><form method=\"GET\" action=\"logout.php\">
157 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
158 </form>";
159 return;
160 }
161 ?>
162
163 <!-- If you have any rules or ToS you'd like to display, enter them here -->
164
165 <?php if (file_exists("templates/register_notice.txt")) {
166 require_once "templates/register_notice.txt";
167 } ?>
168
169 <?php if (REG_MAX_USERS > 0) {
170 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
171 $num_users = db_fetch_result($result, 0, "cu");
172 } ?>
173
174 <? if (!REG_MAX_USERS || $num_users < REG_MAX_USERS) { ?>
175
176 <? if (!$action) { ?>
177
178 <p><?php echo __('Your temporary password will be sent to the specified email. Accounts, which were not logged in once, are erased automatically 24 hours after temporary password is sent.') ?></p>
179
180 <form action="register.php" method="POST" name="register_form">
181 <input type="hidden" name="action" value="do_register">
182 <table>
183 <tr>
184 <td><?php echo __('Desired login:') ?></td><td>
185 <input name="login">
186 </td><td>
187 <input type="submit" value="<?php echo __('Check availability') ?>" onclick='return checkUsername()'>
188 </td></tr>
189 <td><?php echo __('Email:') ?></td><td>
190 <input name="email">
191 </td></tr>
192 <td><?php echo __('How much is two plus two:') ?></td><td>
193 <input name="turing_test"></td></tr>
194 <tr><td colspan="2" align="right">
195 <input type="submit" name="sub_btn" value="<?php echo __('Submit registration"') ?>"
196 disabled="true" onclick='return validateRegForm()'>
197 </td></tr>
198 </table>
199 </form>
200
201 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
202 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
203 </form>"; ?>
204
205 <? } else if ($action == "do_register") { ?>
206
207 <?
208 $login = mb_strtolower(trim(db_escape_string($_REQUEST["login"])));
209 $email = trim(db_escape_string($_REQUEST["email"]));
210 $test = trim(db_escape_string($_REQUEST["turing_test"]));
211
212 if (!$login || !$email || !$test) {
213 print_error(__("Your registration information is incomplete."));
214 print "<p><form method=\"GET\" action=\"tt-rss.php\">
215 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
216 </form>";
217 return;
218 }
219
220 if ($test == "four" || $test == "4") {
221
222 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
223 login = '$login'");
224
225 $is_registered = db_num_rows($result) > 0;
226
227 if ($is_registered) {
228 print_error(__('Sorry, this username is already taken.'));
229 print "<p><form method=\"GET\" action=\"tt-rss.php\">
230 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
231 </form>";
232 } else {
233
234 $password = make_password();
235
236 $pwd_hash = encrypt_password($password, $login);
237
238 db_query($link, "INSERT INTO ttrss_users
239 (login,pwd_hash,access_level,last_login, email, created)
240 VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
241
242 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
243 login = '$login' AND pwd_hash = '$pwd_hash'");
244
245 if (db_num_rows($result) != 1) {
246 print_error(__('Registration failed.'));
247 print "<p><form method=\"GET\" action=\"tt-rss.php\">
248 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
249 </form>";
250 } else {
251
252 $new_uid = db_fetch_result($result, 0, "id");
253
254 initialize_user($link, $new_uid);
255
256 $reg_text = "Hi!\n".
257 "\n".
258 "You are receiving this message, because you (or somebody else) have opened\n".
259 "an account at Tiny Tiny RSS.\n".
260 "\n".
261 "Your login information is as follows:\n".
262 "\n".
263 "Login: $login\n".
264 "Password: $password\n".
265 "\n".
266 "Don't forget to login at least once to your new account, otherwise\n".
267 "it will be deleted in 24 hours.\n".
268 "\n".
269 "If that wasn't you, just ignore this message. Thanks.";
270
271 $mail = new PHPMailer();
272
273 $mail->PluginDir = "phpmailer/";
274 $mail->SetLanguage("en", "phpmailer/language/");
275
276 $mail->CharSet = "UTF-8";
277
278 $mail->From = DIGEST_FROM_ADDRESS;
279 $mail->FromName = DIGEST_FROM_NAME;
280 $mail->AddAddress($email);
281
282 if (DIGEST_SMTP_HOST) {
283 $mail->Host = DIGEST_SMTP_HOST;
284 $mail->Mailer = "smtp";
285 $mail->Username = DIGEST_SMTP_LOGIN;
286 $mail->Password = DIGEST_SMTP_PASSWORD;
287 }
288
289 // $mail->IsHTML(true);
290 $mail->Subject = "Registration information for Tiny Tiny RSS";
291 $mail->Body = $reg_text;
292 // $mail->AltBody = $digest_text;
293
294 $rc = $mail->Send();
295
296 if (!$rc) print_error($mail->ErrorInfo);
297
298 $reg_text = "Hi!\n".
299 "\n".
300 "New user had registered at your Tiny Tiny RSS installation.\n".
301 "\n".
302 "Login: $login\n".
303 "Email: $email\n";
304
305 $mail = new PHPMailer();
306
307 $mail->PluginDir = "phpmailer/";
308 $mail->SetLanguage("en", "phpmailer/language/");
309
310 $mail->CharSet = "UTF-8";
311
312 $mail->From = DIGEST_FROM_ADDRESS;
313 $mail->FromName = DIGEST_FROM_NAME;
314 $mail->AddAddress(REG_NOTIFY_ADDRESS);
315
316 if (DIGEST_SMTP_HOST) {
317 $mail->Host = DIGEST_SMTP_HOST;
318 $mail->Mailer = "smtp";
319 $mail->Username = DIGEST_SMTP_LOGIN;
320 $mail->Password = DIGEST_SMTP_PASSWORD;
321 }
322
323 // $mail->IsHTML(true);
324 $mail->Subject = "Registration notice for Tiny Tiny RSS";
325 $mail->Body = $reg_text;
326 // $mail->AltBody = $digest_text;
327
328 $rc = $mail->Send();
329
330 print_notice(__("Account created successfully."));
331
332 print "<p><form method=\"GET\" action=\"tt-rss.php\">
333 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
334 </form>";
335
336 }
337
338 }
339
340 } else {
341 print_error('Plese check the form again, you have failed the robot test.');
342 print "<p><form method=\"GET\" action=\"tt-rss.php\">
343 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
344 </form>";
345
346 }
347 }
348 ?>
349
350 <? } else { ?>
351
352 <?php print_notice(__('New user registrations are currently closed.')) ?>
353
354 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
355 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
356 </form>"; ?>
357
358 <? } ?>
359
360 </body>
361 </html>
362
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/