actions/register.php

   1 <?php
   2 /*
   3  * Laconica - a distributed open-source microblogging tool
   4  * Copyright (C) 2008, Controlez-Vous, Inc.
   5  *
   6  * This program is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU Affero General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU Affero General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Affero General Public License
  17  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 if (!defined('LACONICA')) { exit(1); }
  21
  22 class RegisterAction extends Action {
  23
  24         function handle($args) {
  25                 parent::handle($args);
  26
  27                 if (common_logged_in()) {
  28                         common_user_error(_t('Already logged in.'));
  29                 } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  30                         $this->try_register();
  31                 } else {
  32                         $this->show_form();
  33                 }
  34         }
  35
  36         function try_register() {
  37                 $nickname = $this->trimmed('nickname');
  38                 $email = $this->trimmed('email');
  39
  40                 # We don't trim these... whitespace is OK in a password!
  41
  42                 $password = $this->arg('password');
  43                 $confirm = $this->arg('confirm');
  44
  45                 # Input scrubbing
  46
  47                 $nickname = common_canonical_nickname($nickname);
  48                 $email = common_canonical_email($email);
  49
  50                 if (!$this->boolean('license')) {
  51                         $this->show_form(_t('You can\'t register if you don\'t agree to the license.'));
  52                 } else if ($email && !Validate::email($email, true)) {
  53                         $this->show_form(_t('Not a valid email address.'));
  54                 } else if (!Validate::string($nickname, array('min_length' => 1,
  55                                                                                                           'max_length' => 64,
  56                                                                                                           'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
  57                         $this->show_form(_t('Nickname must have only lowercase letters and numbers and no spaces.'));
  58                 } else if ($this->nickname_exists($nickname)) {
  59                         $this->show_form(_t('Nickname already exists.'));
  60                 } else if (!User::allowed_nickname($nickname)) {
  61                         $this->show_form(_t('Not a valid nickname.'));
  62                 } else if ($this->email_exists($email)) {
  63                         $this->show_form(_t('Email address already exists.'));
  64                 } else if ($password != $confirm) {
  65                         $this->show_form(_t('Passwords don\'t match.'));
  66                 } else if ($this->register_user($nickname, $password, $email)) {
  67                         # success!
  68                         if (!common_set_user($nickname)) {
  69                                 common_server_error(_t('Error setting user.'));
  70                                 return;
  71                         }
  72                         common_real_login(true);
  73                         if ($this->boolean('rememberme')) {
  74                                 common_rememberme();
  75                         }
  76                         common_redirect(common_local_url('profilesettings'));
  77                 } else {
  78                         $this->show_form(_t('Invalid username or password.'));
  79                 }
  80         }
  81
  82         # checks if *CANONICAL* nickname exists
  83
  84         function nickname_exists($nickname) {
  85                 $user = User::staticGet('nickname', $nickname);
  86                 return ($user !== false);
  87         }
  88
  89         # checks if *CANONICAL* email exists
  90
  91         function email_exists($email) {
  92                 $email = common_canonical_email($email);
  93                 $user = User::staticGet('email', $email);
  94                 return ($user !== false);
  95         }
  96
  97         function register_user($nickname, $password, $email) {
  98
  99                 $profile = new Profile();
 100
 101                 $profile->query('BEGIN');
 102
 103                 $profile->nickname = $nickname;
 104                 $profile->profileurl = common_profile_url($nickname);
 105                 $profile->created = DB_DataObject_Cast::dateTime(); # current time
 106
 107                 $id = $profile->insert();
 108
 109                 if (!$id) {
 110                         common_log_db_error($profile, 'INSERT', __FILE__);
 111                     return FALSE;
 112                 }
 113                 $user = new User();
 114                 $user->id = $id;
 115                 $user->nickname = $nickname;
 116                 $user->password = common_munge_password($password, $id);
 117                 $user->created =  DB_DataObject_Cast::dateTime(); # current time
 118                 $user->uri = common_user_uri($user);
 119
 120                 $result = $user->insert();
 121
 122                 if (!$result) {
 123                         common_log_db_error($user, 'INSERT', __FILE__);
 124                         return FALSE;
 125                 }
 126
 127                 if ($email) {
 128
 129                         $confirm = new Confirm_address();
 130                         $confirm->code = common_confirmation_code(128);
 131                         $confirm->user_id = $user->id;
 132                         $confirm->address = $email;
 133                         $confirm->address_type = 'email';
 134
 135                         $result = $confirm->insert();
 136                         if (!$result) {
 137                                 common_log_db_error($confirm, 'INSERT', __FILE__);
 138                                 return FALSE;
 139                         }
 140                 }
 141
 142                 $profile->query('COMMIT');
 143
 144                 if ($email) {
 145                         mail_confirm_address($confirm->code,
 146                                                                  $profile->nickname,
 147                                                                  $email);
 148                 }
 149
 150                 return $result;
 151         }
 152
 153         function show_top($error=NULL) {
 154                 if ($error) {
 155                         common_element('p', 'error', $error);
 156                 } else {
 157                         common_element('p', 'instructions',
 158                                                    _t('You can create a new account to start posting notices.'));
 159                 }
 160         }
 161
 162         function show_form($error=NULL) {
 163                 global $config;
 164
 165                 common_show_header(_t('Register'), NULL, $error, array($this, 'show_top'));
 166                 common_element_start('form', array('method' => 'post',
 167                                                                                    'id' => 'login',
 168                                                                                    'action' => common_local_url('register')));
 169                 common_input('nickname', _t('Nickname'), NULL,
 170                                          _t('1-64 lowercase letters or numbers, no punctuation or spaces'));
 171                 common_password('password', _t('Password'),
 172                                                 _t('6 or more characters'));
 173                 common_password('confirm', _t('Confirm'),
 174                                                 _t('Same as password above'));
 175                 common_input('email', _t('Email'), NULL,
 176                                          _t('Used only for updates, announcements, and password recovery'));
 177                 common_checkbox('rememberme', _t('Remember me'), false,
 178                                 _t('Automatically login in the future; ' .
 179                                    'not for shared computers!'));
 180                 common_element_start('p');
 181                 common_element('input', array('type' => 'checkbox',
 182                                                                           'id' => 'license',
 183                                                                           'name' => 'license',
 184                                                                           'value' => 'true'));
 185                 common_text(_t('My text and files are available under '));
 186                 common_element('a', array(href => $config['license']['url']),
 187                                            $config['license']['title']);
 188                 common_text(_t(' except this private data: password, email address, IM address, phone number.'));
 189                 common_element_end('p');
 190                 common_submit('submit', _t('Register'));
 191                 common_element_end('form');
 192                 common_show_footer();
 193         }
 194 }