actions/register.php

   1 <?php
   2 /*
   3  * Laconica - a distributed open-source microblogging tool
   4  * Copyright (C) 2008, Controlez-Vous, Inc.
   5  *
   6  * This program is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU Affero General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU Affero General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Affero General Public License
  17  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 if (!defined('LACONICA')) { exit(1); }
  21
  22 class RegisterAction extends Action {
  23
  24         function handle($args) {
  25                 parent::handle($args);
  26
  27                 if (common_logged_in()) {
  28                         common_user_error(_t('Already logged in.'));
  29                 } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  30                         $this->try_register();
  31                 } else {
  32                         $this->show_form();
  33                 }
  34         }
  35
  36         function try_register() {
  37                 $nickname = $this->trimmed('nickname');
  38                 $email = $this->trimmed('email');
  39
  40                 # We don't trim these... whitespace is OK in a password!
  41
  42                 $password = $this->arg('password');
  43                 $confirm = $this->arg('confirm');
  44
  45                 # Input scrubbing
  46
  47                 $nickname = common_canonical_nickname($nickname);
  48                 $email = common_canonical_email($email);
  49
  50                 if (!$this->boolean('license')) {
  51                         $this->show_form(_t('You can\'t register if you don\'t agree to the license.'));
  52                 } else if ($email && !Validate::email($email, true)) {
  53                         $this->show_form(_t('Not a valid email address.'));
  54                 } else if (!Validate::string($nickname, array('min_length' => 1,
  55                                                                                                           'max_length' => 64,
  56                                                                                                           'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
  57                         $this->show_form(_t('Nickname must have only lowercase letters and numbers and no spaces.'));
  58                 } else if ($this->nickname_exists($nickname)) {
  59                         $this->show_form(_t('Nickname already exists.'));
  60                 } else if (!User::allowed_nickname($nickname)) {
  61                         $this->show_form(_t('Not a valid nickname.'));
  62                 } else if ($this->email_exists($email)) {
  63                         $this->show_form(_t('Email address already exists.'));
  64                 } else if ($password != $confirm) {
  65                         $this->show_form(_t('Passwords don\'t match.'));
  66                 } else {
  67                         $user = $this->register_user($nickname, $password, $email);
  68                         if (!$user) {
  69                                 $this->show_form(_t('Invalid username or password.'));
  70                                 return;
  71                         }
  72                         # success!
  73                         if (!common_set_user($user)) {
  74                                 common_server_error(_t('Error setting user.'));
  75                                 return;
  76                         }
  77                         # this is a real login
  78                         common_real_login(true);
  79                         if ($this->boolean('rememberme')) {
  80                                 common_debug('Adding rememberme cookie for ' . $nickname);
  81                                 common_rememberme($user);
  82                         }
  83                         common_redirect(common_local_url('profilesettings'));
  84                 }
  85         }
  86
  87         # checks if *CANONICAL* nickname exists
  88
  89         function nickname_exists($nickname) {
  90                 $user = User::staticGet('nickname', $nickname);
  91                 return ($user !== false);
  92         }
  93
  94         # checks if *CANONICAL* email exists
  95
  96         function email_exists($email) {
  97                 $email = common_canonical_email($email);
  98                 $user = User::staticGet('email', $email);
  99                 return ($user !== false);
 100         }
 101
 102         function register_user($nickname, $password, $email) {
 103
 104                 $profile = new Profile();
 105
 106                 $profile->query('BEGIN');
 107
 108                 $profile->nickname = $nickname;
 109                 $profile->profileurl = common_profile_url($nickname);
 110                 $profile->created = DB_DataObject_Cast::dateTime(); # current time
 111
 112                 $id = $profile->insert();
 113
 114                 if (!$id) {
 115                         common_log_db_error($profile, 'INSERT', __FILE__);
 116                     return FALSE;
 117                 }
 118                 $user = new User();
 119                 $user->id = $id;
 120                 $user->nickname = $nickname;
 121                 $user->password = common_munge_password($password, $id);
 122                 $user->created =  DB_DataObject_Cast::dateTime(); # current time
 123                 $user->uri = common_user_uri($user);
 124
 125                 $result = $user->insert();
 126
 127                 if (!$result) {
 128                         common_log_db_error($user, 'INSERT', __FILE__);
 129                         return FALSE;
 130                 }
 131
 132                 if ($email) {
 133
 134                         $confirm = new Confirm_address();
 135                         $confirm->code = common_confirmation_code(128);
 136                         $confirm->user_id = $user->id;
 137                         $confirm->address = $email;
 138                         $confirm->address_type = 'email';
 139
 140                         $result = $confirm->insert();
 141                         if (!$result) {
 142                                 common_log_db_error($confirm, 'INSERT', __FILE__);
 143                                 return FALSE;
 144                         }
 145                 }
 146
 147                 $profile->query('COMMIT');
 148
 149                 if ($email) {
 150                         mail_confirm_address($confirm->code,
 151                                                                  $profile->nickname,
 152                                                                  $email);
 153                 }
 154
 155                 return $user;
 156         }
 157
 158         function show_top($error=NULL) {
 159                 if ($error) {
 160                         common_element('p', 'error', $error);
 161                 } else {
 162                         common_element('div', 'instructions',
 163                                                    _t('You can create a new account to start posting notices.'));
 164                 }
 165         }
 166
 167         function show_form($error=NULL) {
 168                 global $config;
 169
 170                 common_show_header(_t('Register'), NULL, $error, array($this, 'show_top'));
 171                 common_element_start('form', array('method' => 'post',
 172                                                                                    'id' => 'login',
 173                                                                                    'action' => common_local_url('register')));
 174                 common_input('nickname', _t('Nickname'), NULL,
 175                                          _t('1-64 lowercase letters or numbers, no punctuation or spaces'));
 176                 common_password('password', _t('Password'),
 177                                                 _t('6 or more characters'));
 178                 common_password('confirm', _t('Confirm'),
 179                                                 _t('Same as password above'));
 180                 common_input('email', _t('Email'), NULL,
 181                                          _t('Used only for updates, announcements, and password recovery'));
 182                 common_checkbox('rememberme', _t('Remember me'), false,
 183                                 _t('Automatically login in the future; ' .
 184                                    'not for shared computers!'));
 185                 common_element_start('p');
 186                 common_element('input', array('type' => 'checkbox',
 187                                                                           'id' => 'license',
 188                                                                           'name' => 'license',
 189                                                                           'value' => 'true'));
 190                 common_text(_t('My text and files are available under '));
 191                 common_element('a', array(href => $config['license']['url']),
 192                                            $config['license']['title']);
 193                 common_text(_t(' except this private data: password, email address, IM address, phone number.'));
 194                 common_element_end('p');
 195                 common_submit('submit', _t('Register'));
 196                 common_element_end('form');
 197                 common_show_footer();
 198         }
 199 }