]> git.wh0rd.org Git - tt-rss.git/blob - register.php
remove error_reporting() hacks; set default error reporting level in functions.php
[tt-rss.git] / register.php
1 <?php
2         // This file uses two additional include files:
3         //
4         // 1) templates/register_notice.txt - displayed above the registration form
5         // 2) register_expire_do.php - contains user expiration queries when necessary
6
7         $action = $_REQUEST["action"];
8
9         require_once "functions.php";
10         require_once "sessions.php";
11         require_once "sanity_check.php";
12         require_once "config.php";
13         require_once "db.php";
14         
15         $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME); 
16
17         init_connection($link); 
18
19         /* Remove users which didn't login after receiving their registration information */
20
21         if (DB_TYPE == "pgsql") {
22                 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL 
23                                 AND created < NOW() - INTERVAL '1 day' AND access_level = 0");
24         } else {
25                 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL 
26                                 AND created < DATE_SUB(NOW(), INTERVAL 1 DAY) AND access_level = 0");
27         }
28
29         if (file_exists("register_expire_do.php")) {
30                 require_once "register_expire_do.php";
31         }
32
33         if ($action == "check") {
34                 header("Content-Type: application/xml");
35
36                 $login = trim(db_escape_string($_REQUEST['login']));
37
38                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
39                         LOWER(login) = LOWER('$login')");
40         
41                 $is_registered = db_num_rows($result) > 0;
42
43                 print "<result>";
44
45                 printf("%d", $is_registered);
46
47                 print "</result>";
48
49                 return;
50         }
51 ?>
52
53 <html>
54 <head>
55 <title>Create new account</title>
56 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
57 <link rel="stylesheet" type="text/css" href="utility.css">
58 <script type="text/javascript" src="functions.js"></script>
59 <script type="text/javascript" src="lib/prototype.js"></script>
60 <script type="text/javascript" src="lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls"></script>
61 </head>
62
63 <script type="text/javascript">
64
65         function checkUsername() {
66
67                 try {
68                         var f = document.forms['register_form'];
69                         var login = f.login.value;
70
71                         if (login == "") {
72                                 new Effect.Highlight(f.login);
73                                 f.sub_btn.disabled = true;
74                                 return false;
75                         }
76
77                         var query = "register.php?action=check&login=" + 
78                                         param_escape(login);
79
80                         new Ajax.Request(query, {
81                                 onComplete: function(transport) { 
82
83                                         try {
84
85                                                 var reply = transport.responseXML;
86
87                                                 var result = reply.getElementsByTagName('result')[0];
88                                                 var result_code = result.firstChild.nodeValue;
89
90                                                 if (result_code == 0) {
91                                                         new Effect.Highlight(f.login, {startcolor : '#00ff00'});
92                                                         f.sub_btn.disabled = false;
93                                                 } else {
94                                                         new Effect.Highlight(f.login, {startcolor : '#ff0000'});
95                                                         f.sub_btn.disabled = true;
96                                                 }                                       
97                                         } catch (e) {
98                                                 exception_error("checkUsername_callback", e);
99                                         }
100
101                                 } });
102
103                 } catch (e) {
104                         exception_error("checkUsername", e);
105                 }
106
107                 return false;
108
109         }
110
111         function validateRegForm() {
112                 try {
113
114                         var f = document.forms['register_form'];
115
116                         if (f.login.value.length == 0) {
117                                 new Effect.Highlight(f.login);
118                                 return false;
119                         }
120
121                         if (f.email.value.length == 0) {
122                                 new Effect.Highlight(f.email);
123                                 return false;
124                         }
125
126                         if (f.turing_test.value.length == 0) {
127                                 new Effect.Highlight(f.turing_test);
128                                 return false;
129                         }
130
131                         return true;
132
133                 } catch (e) {
134                         exception_error("validateRegForm", e);
135                         return false;
136                 }
137         }
138
139 </script>
140
141 <body>
142
143 <div class="floatingLogo"><img src="images/ttrss_logo.png"></div>
144
145 <h1><?php echo __("Create new account") ?></h1>
146
147 <?php
148                 if (!ENABLE_REGISTRATION) {
149                         print_error(__("New user registrations are administratively disabled."));
150
151                         print "<p><form method=\"GET\" action=\"logout.php\">
152                                 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
153                                 </form>";
154                         return;
155                 }
156 ?>
157
158 <?php if (REG_MAX_USERS > 0) {
159                 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
160                 $num_users = db_fetch_result($result, 0, "cu");
161 } ?>
162
163 <?php if (!REG_MAX_USERS || $num_users < REG_MAX_USERS) { ?>
164
165         <!-- If you have any rules or ToS you'd like to display, enter them here -->
166
167         <?php   if (file_exists("templates/register_notice.txt")) {
168                         require_once "templates/register_notice.txt";
169         } ?>
170
171         <?php if (!$action) { ?>
172         
173         <p><?php echo __('Your temporary password will be sent to the specified email. Accounts, which were not logged in once, are erased automatically 24 hours after temporary password is sent.') ?></p> 
174         
175         <form action="register.php" method="POST" name="register_form">
176         <input type="hidden" name="action" value="do_register">
177         <table>
178         <tr>
179         <td><?php echo __('Desired login:') ?></td><td>
180                 <input name="login">
181         </td><td>
182                 <input type="submit" value="<?php echo __('Check availability') ?>" onclick='return checkUsername()'>
183         </td></tr>
184         <td><?php echo __('Email:') ?></td><td>
185                 <input name="email">
186         </td></tr>
187         <td><?php echo __('How much is two plus two:') ?></td><td>
188                 <input name="turing_test"></td></tr>
189         <tr><td colspan="2" align="right">
190         <input type="submit" name="sub_btn" value="<?php echo __('Submit registration') ?>"
191                         disabled="true" onclick='return validateRegForm()'>
192         </td></tr>
193         </table>
194         </form>
195
196         <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
197                                 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
198                                 </form>"; ?>
199
200         <?php } else if ($action == "do_register") { ?>
201         
202         <?php
203                 $login = mb_strtolower(trim(db_escape_string($_REQUEST["login"])));
204                 $email = trim(db_escape_string($_REQUEST["email"]));
205                 $test = trim(db_escape_string($_REQUEST["turing_test"]));
206         
207                 if (!$login || !$email || !$test) {
208                         print_error(__("Your registration information is incomplete."));
209                         print "<p><form method=\"GET\" action=\"tt-rss.php\">
210                                 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
211                                 </form>";
212                         return;
213                 }
214         
215                 if ($test == "four" || $test == "4") {
216         
217                         $result = db_query($link, "SELECT id FROM ttrss_users WHERE
218                                 login = '$login'");
219                 
220                         $is_registered = db_num_rows($result) > 0;
221                 
222                         if ($is_registered) {
223                                 print_error(__('Sorry, this username is already taken.'));
224                                 print "<p><form method=\"GET\" action=\"tt-rss.php\">
225                                 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
226                                 </form>";
227                         } else {
228         
229                                 $password = make_password();
230         
231                                 $pwd_hash = encrypt_password($password, $login);
232         
233                                 db_query($link, "INSERT INTO ttrss_users 
234                                         (login,pwd_hash,access_level,last_login, email, created)
235                                         VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
236         
237                                 $result = db_query($link, "SELECT id FROM ttrss_users WHERE 
238                                         login = '$login' AND pwd_hash = '$pwd_hash'");
239                 
240                                 if (db_num_rows($result) != 1) {
241                                         print_error(__('Registration failed.'));
242                                         print "<p><form method=\"GET\" action=\"tt-rss.php\">
243                                         <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
244                                         </form>";
245                                 } else {
246         
247                                         $new_uid = db_fetch_result($result, 0, "id");
248                 
249                                         initialize_user($link, $new_uid);
250         
251                                         $reg_text = "Hi!\n".
252                                                 "\n".
253                                                 "You are receiving this message, because you (or somebody else) have opened\n".
254                                                 "an account at Tiny Tiny RSS.\n".
255                                                 "\n".
256                                                 "Your login information is as follows:\n".
257                                                 "\n".
258                                                 "Login: $login\n".
259                                                 "Password: $password\n".
260                                                 "\n".
261                                                 "Don't forget to login at least once to your new account, otherwise\n".
262                                                 "it will be deleted in 24 hours.\n".
263                                                 "\n".
264                                                 "If that wasn't you, just ignore this message. Thanks.";
265                         
266                                         $mail = new PHPMailer();
267                         
268                                         $mail->PluginDir = "lib/phpmailer/";
269                                         $mail->SetLanguage("en", "lib/phpmailer/language/");
270                         
271                                         $mail->CharSet = "UTF-8";
272                         
273                                         $mail->From = DIGEST_FROM_ADDRESS;
274                                         $mail->FromName = DIGEST_FROM_NAME;
275                                         $mail->AddAddress($email);
276                         
277                                         if (DIGEST_SMTP_HOST) {
278                                                 $mail->Host = DIGEST_SMTP_HOST;
279                                                 $mail->Mailer = "smtp";
280                                                 $mail->Username = DIGEST_SMTP_LOGIN;
281                                                 $mail->Password = DIGEST_SMTP_PASSWORD;
282                                         }
283                         
284                         //              $mail->IsHTML(true);
285                                         $mail->Subject = "Registration information for Tiny Tiny RSS";
286                                         $mail->Body = $reg_text;
287                         //              $mail->AltBody = $digest_text;
288                         
289                                         $rc = $mail->Send();
290                         
291                                         if (!$rc) print_error($mail->ErrorInfo);
292                 
293                                         $reg_text = "Hi!\n".
294                                                 "\n".
295                                                 "New user had registered at your Tiny Tiny RSS installation.\n".
296                                                 "\n".
297                                                 "Login: $login\n".
298                                                 "Email: $email\n";
299                         
300                                         $mail = new PHPMailer();
301                         
302                                         $mail->PluginDir = "lib/phpmailer/";
303                                         $mail->SetLanguage("en", "lib/phpmailer/language/");
304                         
305                                         $mail->CharSet = "UTF-8";
306                         
307                                         $mail->From = DIGEST_FROM_ADDRESS;
308                                         $mail->FromName = DIGEST_FROM_NAME;
309                                         $mail->AddAddress(REG_NOTIFY_ADDRESS);
310                         
311                                         if (DIGEST_SMTP_HOST) {
312                                                 $mail->Host = DIGEST_SMTP_HOST;
313                                                 $mail->Mailer = "smtp";
314                                                 $mail->Username = DIGEST_SMTP_LOGIN;
315                                                 $mail->Password = DIGEST_SMTP_PASSWORD;
316                                         }
317                         
318                         //              $mail->IsHTML(true);
319                                         $mail->Subject = "Registration notice for Tiny Tiny RSS";
320                                         $mail->Body = $reg_text;
321                         //              $mail->AltBody = $digest_text;
322                         
323                                         $rc = $mail->Send();
324         
325                                         print_notice(__("Account created successfully."));
326         
327                                         print "<p><form method=\"GET\" action=\"tt-rss.php\">
328                                         <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
329                                         </form>";
330         
331                                 }
332         
333                         }
334         
335                         } else {
336                                 print_error('Plese check the form again, you have failed the robot test.');
337                                 print "<p><form method=\"GET\" action=\"tt-rss.php\">
338                                 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
339                                 </form>";
340         
341                         }
342                 }
343         ?>
344
345 <?php } else { ?>
346
347         <?php print_notice(__('New user registrations are currently closed.')) ?>
348
349         <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
350                                 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
351                                 </form>"; ?>
352
353 <?php } ?>
354
355 </body>
356 </html>
357