]> git.wh0rd.org - tt-rss.git/blob - register.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
remove error_reporting() hacks; set default error reporting level in functions.php
[tt-rss.git] / register.php
1 <?php
2 // This file uses two additional include files:
3 //
4 // 1) templates/register_notice.txt - displayed above the registration form
5 // 2) register_expire_do.php - contains user expiration queries when necessary
6
7 $action = $_REQUEST["action"];
8
9 require_once "functions.php";
10 require_once "sessions.php";
11 require_once "sanity_check.php";
12 require_once "config.php";
13 require_once "db.php";
14
15 $link = db_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME);
16
17 init_connection($link);
18
19 /* Remove users which didn't login after receiving their registration information */
20
21 if (DB_TYPE == "pgsql") {
22 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
23 AND created < NOW() - INTERVAL '1 day' AND access_level = 0");
24 } else {
25 db_query($link, "DELETE FROM ttrss_users WHERE last_login IS NULL
26 AND created < DATE_SUB(NOW(), INTERVAL 1 DAY) AND access_level = 0");
27 }
28
29 if (file_exists("register_expire_do.php")) {
30 require_once "register_expire_do.php";
31 }
32
33 if ($action == "check") {
34 header("Content-Type: application/xml");
35
36 $login = trim(db_escape_string($_REQUEST['login']));
37
38 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
39 LOWER(login) = LOWER('$login')");
40
41 $is_registered = db_num_rows($result) > 0;
42
43 print "<result>";
44
45 printf("%d", $is_registered);
46
47 print "</result>";
48
49 return;
50 }
51 ?>
52
53 <html>
54 <head>
55 <title>Create new account</title>
56 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
57 <link rel="stylesheet" type="text/css" href="utility.css">
58 <script type="text/javascript" src="functions.js"></script>
59 <script type="text/javascript" src="lib/prototype.js"></script>
60 <script type="text/javascript" src="lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls"></script>
61 </head>
62
63 <script type="text/javascript">
64
65 function checkUsername() {
66
67 try {
68 var f = document.forms['register_form'];
69 var login = f.login.value;
70
71 if (login == "") {
72 new Effect.Highlight(f.login);
73 f.sub_btn.disabled = true;
74 return false;
75 }
76
77 var query = "register.php?action=check&login=" +
78 param_escape(login);
79
80 new Ajax.Request(query, {
81 onComplete: function(transport) {
82
83 try {
84
85 var reply = transport.responseXML;
86
87 var result = reply.getElementsByTagName('result')[0];
88 var result_code = result.firstChild.nodeValue;
89
90 if (result_code == 0) {
91 new Effect.Highlight(f.login, {startcolor : '#00ff00'});
92 f.sub_btn.disabled = false;
93 } else {
94 new Effect.Highlight(f.login, {startcolor : '#ff0000'});
95 f.sub_btn.disabled = true;
96 }
97 } catch (e) {
98 exception_error("checkUsername_callback", e);
99 }
100
101 } });
102
103 } catch (e) {
104 exception_error("checkUsername", e);
105 }
106
107 return false;
108
109 }
110
111 function validateRegForm() {
112 try {
113
114 var f = document.forms['register_form'];
115
116 if (f.login.value.length == 0) {
117 new Effect.Highlight(f.login);
118 return false;
119 }
120
121 if (f.email.value.length == 0) {
122 new Effect.Highlight(f.email);
123 return false;
124 }
125
126 if (f.turing_test.value.length == 0) {
127 new Effect.Highlight(f.turing_test);
128 return false;
129 }
130
131 return true;
132
133 } catch (e) {
134 exception_error("validateRegForm", e);
135 return false;
136 }
137 }
138
139 </script>
140
141 <body>
142
143 <div class="floatingLogo"><img src="images/ttrss_logo.png"></div>
144
145 <h1><?php echo __("Create new account") ?></h1>
146
147 <?php
148 if (!ENABLE_REGISTRATION) {
149 print_error(__("New user registrations are administratively disabled."));
150
151 print "<p><form method=\"GET\" action=\"logout.php\">
152 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
153 </form>";
154 return;
155 }
156 ?>
157
158 <?php if (REG_MAX_USERS > 0) {
159 $result = db_query($link, "SELECT COUNT(*) AS cu FROM ttrss_users");
160 $num_users = db_fetch_result($result, 0, "cu");
161 } ?>
162
163 <?php if (!REG_MAX_USERS || $num_users < REG_MAX_USERS) { ?>
164
165 <!-- If you have any rules or ToS you'd like to display, enter them here -->
166
167 <?php if (file_exists("templates/register_notice.txt")) {
168 require_once "templates/register_notice.txt";
169 } ?>
170
171 <?php if (!$action) { ?>
172
173 <p><?php echo __('Your temporary password will be sent to the specified email. Accounts, which were not logged in once, are erased automatically 24 hours after temporary password is sent.') ?></p>
174
175 <form action="register.php" method="POST" name="register_form">
176 <input type="hidden" name="action" value="do_register">
177 <table>
178 <tr>
179 <td><?php echo __('Desired login:') ?></td><td>
180 <input name="login">
181 </td><td>
182 <input type="submit" value="<?php echo __('Check availability') ?>" onclick='return checkUsername()'>
183 </td></tr>
184 <td><?php echo __('Email:') ?></td><td>
185 <input name="email">
186 </td></tr>
187 <td><?php echo __('How much is two plus two:') ?></td><td>
188 <input name="turing_test"></td></tr>
189 <tr><td colspan="2" align="right">
190 <input type="submit" name="sub_btn" value="<?php echo __('Submit registration') ?>"
191 disabled="true" onclick='return validateRegForm()'>
192 </td></tr>
193 </table>
194 </form>
195
196 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
197 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
198 </form>"; ?>
199
200 <?php } else if ($action == "do_register") { ?>
201
202 <?php
203 $login = mb_strtolower(trim(db_escape_string($_REQUEST["login"])));
204 $email = trim(db_escape_string($_REQUEST["email"]));
205 $test = trim(db_escape_string($_REQUEST["turing_test"]));
206
207 if (!$login || !$email || !$test) {
208 print_error(__("Your registration information is incomplete."));
209 print "<p><form method=\"GET\" action=\"tt-rss.php\">
210 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
211 </form>";
212 return;
213 }
214
215 if ($test == "four" || $test == "4") {
216
217 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
218 login = '$login'");
219
220 $is_registered = db_num_rows($result) > 0;
221
222 if ($is_registered) {
223 print_error(__('Sorry, this username is already taken.'));
224 print "<p><form method=\"GET\" action=\"tt-rss.php\">
225 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
226 </form>";
227 } else {
228
229 $password = make_password();
230
231 $pwd_hash = encrypt_password($password, $login);
232
233 db_query($link, "INSERT INTO ttrss_users
234 (login,pwd_hash,access_level,last_login, email, created)
235 VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())");
236
237 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
238 login = '$login' AND pwd_hash = '$pwd_hash'");
239
240 if (db_num_rows($result) != 1) {
241 print_error(__('Registration failed.'));
242 print "<p><form method=\"GET\" action=\"tt-rss.php\">
243 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
244 </form>";
245 } else {
246
247 $new_uid = db_fetch_result($result, 0, "id");
248
249 initialize_user($link, $new_uid);
250
251 $reg_text = "Hi!\n".
252 "\n".
253 "You are receiving this message, because you (or somebody else) have opened\n".
254 "an account at Tiny Tiny RSS.\n".
255 "\n".
256 "Your login information is as follows:\n".
257 "\n".
258 "Login: $login\n".
259 "Password: $password\n".
260 "\n".
261 "Don't forget to login at least once to your new account, otherwise\n".
262 "it will be deleted in 24 hours.\n".
263 "\n".
264 "If that wasn't you, just ignore this message. Thanks.";
265
266 $mail = new PHPMailer();
267
268 $mail->PluginDir = "lib/phpmailer/";
269 $mail->SetLanguage("en", "lib/phpmailer/language/");
270
271 $mail->CharSet = "UTF-8";
272
273 $mail->From = DIGEST_FROM_ADDRESS;
274 $mail->FromName = DIGEST_FROM_NAME;
275 $mail->AddAddress($email);
276
277 if (DIGEST_SMTP_HOST) {
278 $mail->Host = DIGEST_SMTP_HOST;
279 $mail->Mailer = "smtp";
280 $mail->Username = DIGEST_SMTP_LOGIN;
281 $mail->Password = DIGEST_SMTP_PASSWORD;
282 }
283
284 // $mail->IsHTML(true);
285 $mail->Subject = "Registration information for Tiny Tiny RSS";
286 $mail->Body = $reg_text;
287 // $mail->AltBody = $digest_text;
288
289 $rc = $mail->Send();
290
291 if (!$rc) print_error($mail->ErrorInfo);
292
293 $reg_text = "Hi!\n".
294 "\n".
295 "New user had registered at your Tiny Tiny RSS installation.\n".
296 "\n".
297 "Login: $login\n".
298 "Email: $email\n";
299
300 $mail = new PHPMailer();
301
302 $mail->PluginDir = "lib/phpmailer/";
303 $mail->SetLanguage("en", "lib/phpmailer/language/");
304
305 $mail->CharSet = "UTF-8";
306
307 $mail->From = DIGEST_FROM_ADDRESS;
308 $mail->FromName = DIGEST_FROM_NAME;
309 $mail->AddAddress(REG_NOTIFY_ADDRESS);
310
311 if (DIGEST_SMTP_HOST) {
312 $mail->Host = DIGEST_SMTP_HOST;
313 $mail->Mailer = "smtp";
314 $mail->Username = DIGEST_SMTP_LOGIN;
315 $mail->Password = DIGEST_SMTP_PASSWORD;
316 }
317
318 // $mail->IsHTML(true);
319 $mail->Subject = "Registration notice for Tiny Tiny RSS";
320 $mail->Body = $reg_text;
321 // $mail->AltBody = $digest_text;
322
323 $rc = $mail->Send();
324
325 print_notice(__("Account created successfully."));
326
327 print "<p><form method=\"GET\" action=\"tt-rss.php\">
328 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
329 </form>";
330
331 }
332
333 }
334
335 } else {
336 print_error('Plese check the form again, you have failed the robot test.');
337 print "<p><form method=\"GET\" action=\"tt-rss.php\">
338 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
339 </form>";
340
341 }
342 }
343 ?>
344
345 <?php } else { ?>
346
347 <?php print_notice(__('New user registrations are currently closed.')) ?>
348
349 <?php print "<p><form method=\"GET\" action=\"tt-rss.php\">
350 <input type=\"submit\" value=\"".__("Return to Tiny Tiny RSS")."\">
351 </form>"; ?>
352
353 <?php } ?>
354
355 </body>
356 </html>
357
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/