actions/register.php

   1 <?php
   2 /**
   3  * StatusNet, the distributed open-source microblogging tool
   4  *
   5  * Register a new user account
   6  *
   7  * PHP version 5
   8  *
   9  * LICENCE: This program is free software: you can redistribute it and/or modify
  10  * it under the terms of the GNU Affero General Public License as published by
  11  * the Free Software Foundation, either version 3 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  * GNU Affero General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU Affero General Public License
  20  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  21  *
  22  * @category  Login
  23  * @package   StatusNet
  24  * @author    Evan Prodromou <evan@status.net>
  25  * @copyright 2008-2009 StatusNet, Inc.
  26  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  27  * @link      http://status.net/
  28  */
  29
  30 if (!defined('STATUSNET') && !defined('LACONICA')) {
  31     exit(1);
  32 }
  33
  34 /**
  35  * An action for registering a new user account
  36  *
  37  * @category Login
  38  * @package  StatusNet
  39  * @author   Evan Prodromou <evan@status.net>
  40  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  41  * @link     http://status.net/
  42  */
  43
  44 class RegisterAction extends Action
  45 {
  46     /**
  47      * Has there been an error?
  48      */
  49
  50     var $error = null;
  51
  52     /**
  53      * Have we registered?
  54      */
  55
  56     var $registered = false;
  57
  58     /**
  59      * Are we processing an invite?
  60      */
  61
  62     var $invite = null;
  63
  64     /**
  65      * Prepare page to run
  66      *
  67      *
  68      * @param $args
  69      * @return string title
  70      */
  71
  72     function prepare($args)
  73     {
  74         parent::prepare($args);
  75         $this->code = $this->trimmed('code');
  76
  77         if (empty($this->code)) {
  78             common_ensure_session();
  79             if (array_key_exists('invitecode', $_SESSION)) {
  80                 $this->code = $_SESSION['invitecode'];
  81             }
  82         }
  83
  84         if (common_config('site', 'inviteonly') && empty($this->code)) {
  85             $this->clientError(_('Sorry, only invited people can register.'));
  86             return false;
  87         }
  88
  89         if (!empty($this->code)) {
  90             $this->invite = Invitation::staticGet('code', $this->code);
  91             if (empty($this->invite)) {
  92                 $this->clientError(_('Sorry, invalid invitation code.'));
  93                 return false;
  94             }
  95             // Store this in case we need it
  96             common_ensure_session();
  97             $_SESSION['invitecode'] = $this->code;
  98         }
  99
 100         return true;
 101     }
 102
 103     /**
 104      * Title of the page
 105      *
 106      * @return string title
 107      */
 108
 109     function title()
 110     {
 111         if ($this->registered) {
 112             return _('Registration successful');
 113         } else {
 114             return _('Register');
 115         }
 116     }
 117
 118     /**
 119      * Handle input, produce output
 120      *
 121      * Switches on request method; either shows the form or handles its input.
 122      *
 123      * Checks if registration is closed and shows an error if so.
 124      *
 125      * @param array $args $_REQUEST data
 126      *
 127      * @return void
 128      */
 129
 130     function handle($args)
 131     {
 132         parent::handle($args);
 133
 134         if (common_config('site', 'closed')) {
 135             $this->clientError(_('Registration not allowed.'));
 136         } else if (common_logged_in()) {
 137             $this->clientError(_('Already logged in.'));
 138         } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 139             $this->tryRegister();
 140         } else {
 141             $this->showForm();
 142         }
 143     }
 144
 145     function showScripts()
 146     {
 147         parent::showScripts();
 148         $this->autofocus('nickname');
 149     }
 150
 151     /**
 152      * Try to register a user
 153      *
 154      * Validates the input and tries to save a new user and profile
 155      * record. On success, shows an instructions page.
 156      *
 157      * @return void
 158      */
 159
 160     function tryRegister()
 161     {
 162         if (Event::handle('StartRegistrationTry', array($this))) {
 163             $token = $this->trimmed('token');
 164             if (!$token || $token != common_session_token()) {
 165                 $this->showForm(_('There was a problem with your session token. '.
 166                                   'Try again, please.'));
 167                 return;
 168             }
 169
 170             $nickname = $this->trimmed('nickname');
 171             $email    = $this->trimmed('email');
 172             $fullname = $this->trimmed('fullname');
 173             $homepage = $this->trimmed('homepage');
 174             $bio      = $this->trimmed('bio');
 175             $location = $this->trimmed('location');
 176
 177             // We don't trim these... whitespace is OK in a password!
 178             $password = $this->arg('password');
 179             $confirm  = $this->arg('confirm');
 180
 181             // invitation code, if any
 182             $code = $this->trimmed('code');
 183
 184             if ($code) {
 185                 $invite = Invitation::staticGet($code);
 186             }
 187
 188             if (common_config('site', 'inviteonly') && !($code && $invite)) {
 189                 $this->clientError(_('Sorry, only invited people can register.'));
 190                 return;
 191             }
 192
 193             // Input scrubbing
 194             $nickname = common_canonical_nickname($nickname);
 195             $email    = common_canonical_email($email);
 196
 197             if (!$this->boolean('license')) {
 198                 $this->showForm(_('You can\'t register if you don\'t '.
 199                                   'agree to the license.'));
 200             } else if ($email && !Validate::email($email, common_config('email', 'check_domain'))) {
 201                 $this->showForm(_('Not a valid email address.'));
 202             } else if (!Validate::string($nickname, array('min_length' => 1,
 203                                                           'max_length' => 64,
 204                                                           'format' => NICKNAME_FMT))) {
 205                 $this->showForm(_('Nickname must have only lowercase letters '.
 206                                   'and numbers and no spaces.'));
 207             } else if ($this->nicknameExists($nickname)) {
 208                 $this->showForm(_('Nickname already in use. Try another one.'));
 209             } else if (!User::allowed_nickname($nickname)) {
 210                 $this->showForm(_('Not a valid nickname.'));
 211             } else if ($this->emailExists($email)) {
 212                 $this->showForm(_('Email address already exists.'));
 213             } else if (!is_null($homepage) && (strlen($homepage) > 0) &&
 214                        !Validate::uri($homepage,
 215                                       array('allowed_schemes' =>
 216                                             array('http', 'https')))) {
 217                 $this->showForm(_('Homepage is not a valid URL.'));
 218                 return;
 219             } else if (!is_null($fullname) && mb_strlen($fullname) > 255) {
 220                 $this->showForm(_('Full name is too long (max 255 chars).'));
 221                 return;
 222             } else if (Profile::bioTooLong($bio)) {
 223                 $this->showForm(sprintf(_('Bio is too long (max %d chars).'),
 224                                         Profile::maxBio()));
 225                 return;
 226             } else if (!is_null($location) && mb_strlen($location) > 255) {
 227                 $this->showForm(_('Location is too long (max 255 chars).'));
 228                 return;
 229             } else if (strlen($password) < 6) {
 230                 $this->showForm(_('Password must be 6 or more characters.'));
 231                 return;
 232             } else if ($password != $confirm) {
 233                 $this->showForm(_('Passwords don\'t match.'));
 234             } else if ($user = User::register(array('nickname' => $nickname,
 235                                                     'password' => $password,
 236                                                     'email' => $email,
 237                                                     'fullname' => $fullname,
 238                                                     'homepage' => $homepage,
 239                                                     'bio' => $bio,
 240                                                     'location' => $location,
 241                                                     'code' => $code))) {
 242                 if (!$user) {
 243                     $this->showForm(_('Invalid username or password.'));
 244                     return;
 245                 }
 246                 // success!
 247                 if (!common_set_user($user)) {
 248                     $this->serverError(_('Error setting user.'));
 249                     return;
 250                 }
 251                 // this is a real login
 252                 common_real_login(true);
 253                 if ($this->boolean('rememberme')) {
 254                     common_debug('Adding rememberme cookie for ' . $nickname);
 255                     common_rememberme($user);
 256                 }
 257
 258                 Event::handle('EndRegistrationTry', array($this));
 259
 260                 // Re-init language env in case it changed (not yet, but soon)
 261                 common_init_language();
 262
 263                 if (common_config('ssl', 'sometimes') && // mixed environment
 264                     common_config('site', 'server') != common_config('site', 'sslserver')) {
 265                     $url = common_local_url('all',
 266                                             array('nickname' =>
 267                                                   $user->nickname));
 268                     $this->redirectFromSSL($user, $url, $this->boolean('rememberme'));
 269                     return;
 270                 }
 271
 272                 $this->showSuccess();
 273             } else {
 274                 $this->showForm(_('Invalid username or password.'));
 275             }
 276         }
 277     }
 278
 279     /**
 280      * Does the given nickname already exist?
 281      *
 282      * Checks a canonical nickname against the database.
 283      *
 284      * @param string $nickname nickname to check
 285      *
 286      * @return boolean true if the nickname already exists
 287      */
 288
 289     function nicknameExists($nickname)
 290     {
 291         $user = User::staticGet('nickname', $nickname);
 292         return ($user !== false);
 293     }
 294
 295     /**
 296      * Does the given email address already exist?
 297      *
 298      * Checks a canonical email address against the database.
 299      *
 300      * @param string $email email address to check
 301      *
 302      * @return boolean true if the address already exists
 303      */
 304
 305     function emailExists($email)
 306     {
 307         $email = common_canonical_email($email);
 308         if (!$email || strlen($email) == 0) {
 309             return false;
 310         }
 311         $user = User::staticGet('email', $email);
 312         return ($user !== false);
 313     }
 314
 315     // overrrided to add entry-title class
 316     function showPageTitle() {
 317         if (Event::handle('StartShowPageTitle', array($this))) {
 318             $this->element('h1', array('class' => 'entry-title'), $this->title());
 319         }
 320     }
 321
 322     // overrided to add hentry, and content-inner class
 323     function showContentBlock()
 324     {
 325         $this->elementStart('div', array('id' => 'content', 'class' => 'hentry'));
 326         $this->showPageTitle();
 327         $this->showPageNoticeBlock();
 328         $this->elementStart('div', array('id' => 'content_inner',
 329                                          'class' => 'entry-content'));
 330         // show the actual content (forms, lists, whatever)
 331         $this->showContent();
 332         $this->elementEnd('div');
 333         $this->elementEnd('div');
 334     }
 335
 336     /**
 337      * Instructions or a notice for the page
 338      *
 339      * Shows the error, if any, or instructions for registration.
 340      *
 341      * @return void
 342      */
 343
 344     function showPageNotice()
 345     {
 346         if ($this->registered) {
 347             return;
 348         } else if ($this->error) {
 349             $this->element('p', 'error', $this->error);
 350         } else {
 351             $instr =
 352               common_markup_to_html(_('With this form you can create '.
 353                                       ' a new account. ' .
 354                                       'You can then post notices and '.
 355                                       'link up to friends and colleagues. '));
 356
 357             $this->elementStart('div', 'instructions');
 358             $this->raw($instr);
 359             $this->elementEnd('div');
 360         }
 361     }
 362
 363     /**
 364      * Wrapper for showing a page
 365      *
 366      * Stores an error and shows the page
 367      *
 368      * @param string $error Error, if any
 369      *
 370      * @return void
 371      */
 372
 373     function showForm($error=null)
 374     {
 375         $this->error = $error;
 376         $this->showPage();
 377     }
 378
 379     /**
 380      * Show the page content
 381      *
 382      * Either shows the registration form or, if registration was successful,
 383      * instructions for using the site.
 384      *
 385      * @return void
 386      */
 387
 388     function showContent()
 389     {
 390         if ($this->registered) {
 391             $this->showSuccessContent();
 392         } else {
 393             $this->showFormContent();
 394         }
 395     }
 396
 397     /**
 398      * Show the registration form
 399      *
 400      * @return void
 401      */
 402
 403     function showFormContent()
 404     {
 405         $code = $this->trimmed('code');
 406
 407         $invite = null;
 408
 409         if ($code) {
 410             $invite = Invitation::staticGet($code);
 411         }
 412
 413         if (common_config('site', 'inviteonly') && !($code && $invite)) {
 414             $this->clientError(_('Sorry, only invited people can register.'));
 415             return;
 416         }
 417
 418         $this->elementStart('form', array('method' => 'post',
 419                                           'id' => 'form_register',
 420                                           'class' => 'form_settings',
 421                                           'action' => common_local_url('register')));
 422         $this->elementStart('fieldset');
 423         $this->element('legend', null, 'Account settings');
 424         $this->hidden('token', common_session_token());
 425
 426         if ($this->code) {
 427             $this->hidden('code', $this->code);
 428         }
 429
 430         $this->elementStart('ul', 'form_data');
 431         if (Event::handle('StartRegistrationFormData', array($this))) {
 432             $this->elementStart('li');
 433             $this->input('nickname', _('Nickname'), $this->trimmed('nickname'),
 434                          _('1-64 lowercase letters or numbers, '.
 435                            'no punctuation or spaces. Required.'));
 436             $this->elementEnd('li');
 437             $this->elementStart('li');
 438             $this->password('password', _('Password'),
 439                             _('6 or more characters. Required.'));
 440             $this->elementEnd('li');
 441             $this->elementStart('li');
 442             $this->password('confirm', _('Confirm'),
 443                             _('Same as password above. Required.'));
 444             $this->elementEnd('li');
 445             $this->elementStart('li');
 446             if ($this->invite && $this->invite->address_type == 'email') {
 447                 $this->input('email', _('Email'), $this->invite->address,
 448                              _('Used only for updates, announcements, '.
 449                                'and password recovery'));
 450             } else {
 451                 $this->input('email', _('Email'), $this->trimmed('email'),
 452                              _('Used only for updates, announcements, '.
 453                                'and password recovery'));
 454             }
 455             $this->elementEnd('li');
 456             $this->elementStart('li');
 457             $this->input('fullname', _('Full name'),
 458                          $this->trimmed('fullname'),
 459                          _('Longer name, preferably your "real" name'));
 460             $this->elementEnd('li');
 461             $this->elementStart('li');
 462             $this->input('homepage', _('Homepage'),
 463                          $this->trimmed('homepage'),
 464                          _('URL of your homepage, blog, '.
 465                            'or profile on another site'));
 466             $this->elementEnd('li');
 467             $this->elementStart('li');
 468             $maxBio = Profile::maxBio();
 469             if ($maxBio > 0) {
 470                 $bioInstr = sprintf(_('Describe yourself and your interests in %d chars'),
 471                                     $maxBio);
 472             } else {
 473                 $bioInstr = _('Describe yourself and your interests');
 474             }
 475             $this->textarea('bio', _('Bio'),
 476                             $this->trimmed('bio'),
 477                             $bioInstr);
 478             $this->elementEnd('li');
 479             $this->elementStart('li');
 480             $this->input('location', _('Location'),
 481                          $this->trimmed('location'),
 482                          _('Where you are, like "City, '.
 483                            'State (or Region), Country"'));
 484             $this->elementEnd('li');
 485             Event::handle('EndRegistrationFormData', array($this));
 486             $this->elementStart('li', array('id' => 'settings_rememberme'));
 487             $this->checkbox('rememberme', _('Remember me'),
 488                             $this->boolean('rememberme'),
 489                             _('Automatically login in the future; '.
 490                               'not for shared computers!'));
 491             $this->elementEnd('li');
 492             $attrs = array('type' => 'checkbox',
 493                            'id' => 'license',
 494                            'class' => 'checkbox',
 495                            'name' => 'license',
 496                            'value' => 'true');
 497             if ($this->boolean('license')) {
 498                 $attrs['checked'] = 'checked';
 499             }
 500             $this->elementStart('li');
 501             $this->element('input', $attrs);
 502             $this->elementStart('label', array('class' => 'checkbox', 'for' => 'license'));
 503             $this->text(_('My text and files are available under '));
 504             $this->element('a', array('href' => common_config('license', 'url')),
 505                            common_config('license', 'title'), _("Creative Commons Attribution 3.0"));
 506             $this->text(_(' except this private data: password, '.
 507                           'email address, IM address, and phone number.'));
 508             $this->elementEnd('label');
 509             $this->elementEnd('li');
 510         }
 511         $this->elementEnd('ul');
 512         $this->submit('submit', _('Register'));
 513         $this->elementEnd('fieldset');
 514         $this->elementEnd('form');
 515     }
 516
 517     /**
 518      * Show some information about registering for the site
 519      *
 520      * Save the registration flag, run showPage
 521      *
 522      * @return void
 523      */
 524
 525     function showSuccess()
 526     {
 527         $this->registered = true;
 528         $this->showPage();
 529     }
 530
 531     /**
 532      * Show some information about registering for the site
 533      *
 534      * Gives some information and options for new registrees.
 535      *
 536      * @return void
 537      */
 538
 539     function showSuccessContent()
 540     {
 541         $nickname = $this->arg('nickname');
 542
 543         $profileurl = common_local_url('showstream',
 544                                        array('nickname' => $nickname));
 545
 546         $this->elementStart('div', 'success');
 547         $instr = sprintf(_('Congratulations, %s! And welcome to %%%%site.name%%%%. '.
 548                            'From here, you may want to...'. "\n\n" .
 549                            '* Go to [your profile](%s) '.
 550                            'and post your first message.' .  "\n" .
 551                            '* Add a [Jabber/GTalk address]'.
 552                            '(%%%%action.imsettings%%%%) '.
 553                            'so you can send notices '.
 554                            'through instant messages.' . "\n" .
 555                            '* [Search for people](%%%%action.peoplesearch%%%%) '.
 556                            'that you may know or '.
 557                            'that share your interests. ' . "\n" .
 558                            '* Update your [profile settings]'.
 559                            '(%%%%action.profilesettings%%%%)'.
 560                            ' to tell others more about you. ' . "\n" .
 561                            '* Read over the [online docs](%%%%doc.help%%%%)'.
 562                            ' for features you may have missed. ' . "\n\n" .
 563                            'Thanks for signing up and we hope '.
 564                            'you enjoy using this service.'),
 565                          $nickname, $profileurl);
 566
 567         $this->raw(common_markup_to_html($instr));
 568
 569         $have_email = $this->trimmed('email');
 570         if ($have_email) {
 571             $emailinstr = _('(You should receive a message by email '.
 572                             'momentarily, with ' .
 573                             'instructions on how to confirm '.
 574                             'your email address.)');
 575             $this->raw(common_markup_to_html($emailinstr));
 576         }
 577         $this->elementEnd('div');
 578     }
 579
 580     /**
 581      * Show the login group nav menu
 582      *
 583      * @return void
 584      */
 585
 586     function showLocalNav()
 587     {
 588         $nav = new LoginGroupNav($this);
 589         $nav->show();
 590     }
 591
 592     function redirectFromSSL($user, $returnto, $rememberme)
 593     {
 594         try {
 595             $login_token = Login_token::makeNew($user);
 596         } catch (Exception $e) {
 597             $this->serverError($e->getMessage());
 598             return;
 599         }
 600
 601         $params = array();
 602
 603         if (!empty($returnto)) {
 604             $params['returnto'] = $returnto;
 605         }
 606
 607         if (!empty($rememberme)) {
 608             $params['rememberme'] = $rememberme;
 609         }
 610
 611         $target = common_local_url('otp',
 612                                    array('user_id' => $login_token->user_id,
 613                                          'token' => $login_token->token),
 614                                    $params);
 615
 616         common_redirect($target, 303);
 617     }
 618 }
 619