actions/register.php

   1 <?php
   2 /*
   3  * Laconica - a distributed open-source microblogging tool
   4  * Copyright (C) 2008, Controlez-Vous, Inc.
   5  *
   6  * This program is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU Affero General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU Affero General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Affero General Public License
  17  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 if (!defined('LACONICA')) { exit(1); }
  21
  22 class RegisterAction extends Action {
  23
  24         function handle($args) {
  25                 parent::handle($args);
  26
  27                 if (common_logged_in()) {
  28                         common_user_error(_t('Already logged in.'));
  29                 } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  30                         $this->try_register();
  31                 } else {
  32                         $this->show_form();
  33                 }
  34         }
  35
  36         function try_register() {
  37                 $nickname = $this->trimmed('nickname');
  38                 $email = $this->trimmed('email');
  39
  40                 # We don't trim these... whitespace is OK in a password!
  41
  42                 $password = $this->arg('password');
  43                 $confirm = $this->arg('confirm');
  44
  45                 # Input scrubbing
  46
  47                 $nickname = common_canonical_nickname($nickname);
  48                 $email = common_canonical_email($email);
  49
  50                 if (!$this->boolean('license')) {
  51                         $this->show_form(_t('You can\'t register if you don\'t agree to the license.'));
  52                 } else if ($email && !Validate::email($email, true)) {
  53                         $this->show_form(_t('Not a valid email address.'));
  54                 } else if (!Validate::string($nickname, array('min_length' => 1,
  55                                                                                                           'max_length' => 64,
  56                                                                                                           'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
  57                         $this->show_form(_t('Nickname must have only lowercase letters and numbers and no spaces.'));
  58                 } else if ($this->nickname_exists($nickname)) {
  59                         $this->show_form(_t('Nickname already exists.'));
  60                 } else if (!User::allowed_nickname($nickname)) {
  61                         $this->show_form(_t('Not a valid nickname.'));
  62                 } else if ($this->email_exists($email)) {
  63                         $this->show_form(_t('Email address already exists.'));
  64                 } else if ($password != $confirm) {
  65                         $this->show_form(_t('Passwords don\'t match.'));
  66                 } else if ($this->register_user($nickname, $password, $email)) {
  67                         # success!
  68                         if (!common_set_user($nickname)) {
  69                                 common_server_error(_t('Error setting user.'));
  70                                 return;
  71                         }
  72                         common_real_login(true);
  73                         if ($this->boolean('rememberme')) {
  74                                 common_debug('Adding rememberme cookie for ' . $nickname);
  75                                 common_rememberme();
  76                         }
  77                         common_redirect(common_local_url('profilesettings'));
  78                 } else {
  79                         $this->show_form(_t('Invalid username or password.'));
  80                 }
  81         }
  82
  83         # checks if *CANONICAL* nickname exists
  84
  85         function nickname_exists($nickname) {
  86                 $user = User::staticGet('nickname', $nickname);
  87                 return ($user !== false);
  88         }
  89
  90         # checks if *CANONICAL* email exists
  91
  92         function email_exists($email) {
  93                 $email = common_canonical_email($email);
  94                 $user = User::staticGet('email', $email);
  95                 return ($user !== false);
  96         }
  97
  98         function register_user($nickname, $password, $email) {
  99
 100                 $profile = new Profile();
 101
 102                 $profile->query('BEGIN');
 103
 104                 $profile->nickname = $nickname;
 105                 $profile->profileurl = common_profile_url($nickname);
 106                 $profile->created = DB_DataObject_Cast::dateTime(); # current time
 107
 108                 $id = $profile->insert();
 109
 110                 if (!$id) {
 111                         common_log_db_error($profile, 'INSERT', __FILE__);
 112                     return FALSE;
 113                 }
 114                 $user = new User();
 115                 $user->id = $id;
 116                 $user->nickname = $nickname;
 117                 $user->password = common_munge_password($password, $id);
 118                 $user->created =  DB_DataObject_Cast::dateTime(); # current time
 119                 $user->uri = common_user_uri($user);
 120
 121                 $result = $user->insert();
 122
 123                 if (!$result) {
 124                         common_log_db_error($user, 'INSERT', __FILE__);
 125                         return FALSE;
 126                 }
 127
 128                 if ($email) {
 129
 130                         $confirm = new Confirm_address();
 131                         $confirm->code = common_confirmation_code(128);
 132                         $confirm->user_id = $user->id;
 133                         $confirm->address = $email;
 134                         $confirm->address_type = 'email';
 135
 136                         $result = $confirm->insert();
 137                         if (!$result) {
 138                                 common_log_db_error($confirm, 'INSERT', __FILE__);
 139                                 return FALSE;
 140                         }
 141                 }
 142
 143                 $profile->query('COMMIT');
 144
 145                 if ($email) {
 146                         mail_confirm_address($confirm->code,
 147                                                                  $profile->nickname,
 148                                                                  $email);
 149                 }
 150
 151                 return $result;
 152         }
 153
 154         function show_top($error=NULL) {
 155                 if ($error) {
 156                         common_element('p', 'error', $error);
 157                 } else {
 158                         common_element('p', 'instructions',
 159                                                    _t('You can create a new account to start posting notices.'));
 160                 }
 161         }
 162
 163         function show_form($error=NULL) {
 164                 global $config;
 165
 166                 common_show_header(_t('Register'), NULL, $error, array($this, 'show_top'));
 167                 common_element_start('form', array('method' => 'post',
 168                                                                                    'id' => 'login',
 169                                                                                    'action' => common_local_url('register')));
 170                 common_input('nickname', _t('Nickname'), NULL,
 171                                          _t('1-64 lowercase letters or numbers, no punctuation or spaces'));
 172                 common_password('password', _t('Password'),
 173                                                 _t('6 or more characters'));
 174                 common_password('confirm', _t('Confirm'),
 175                                                 _t('Same as password above'));
 176                 common_input('email', _t('Email'), NULL,
 177                                          _t('Used only for updates, announcements, and password recovery'));
 178                 common_checkbox('rememberme', _t('Remember me'), false,
 179                                 _t('Automatically login in the future; ' .
 180                                    'not for shared computers!'));
 181                 common_element_start('p');
 182                 common_element('input', array('type' => 'checkbox',
 183                                                                           'id' => 'license',
 184                                                                           'name' => 'license',
 185                                                                           'value' => 'true'));
 186                 common_text(_t('My text and files are available under '));
 187                 common_element('a', array(href => $config['license']['url']),
 188                                            $config['license']['title']);
 189                 common_text(_t(' except this private data: password, email address, IM address, phone number.'));
 190                 common_element_end('p');
 191                 common_submit('submit', _t('Register'));
 192                 common_element_end('form');
 193                 common_show_footer();
 194         }
 195 }