actions/register.php

   1 <?php
   2 /*
   3  * Laconica - a distributed open-source microblogging tool
   4  * Copyright (C) 2008, Controlez-Vous, Inc.
   5  *
   6  * This program is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU Affero General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU Affero General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Affero General Public License
  17  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 if (!defined('LACONICA')) { exit(1); }
  21
  22 class RegisterAction extends Action {
  23
  24         function handle($args) {
  25                 parent::handle($args);
  26
  27                 if (common_logged_in()) {
  28                         common_user_error(_('Already logged in.'));
  29                 } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  30                         $this->try_register();
  31                 } else {
  32                         $this->show_form();
  33                 }
  34         }
  35
  36         function try_register() {
  37                 $nickname = $this->trimmed('nickname');
  38                 $email = $this->trimmed('email');
  39
  40                 # We don't trim these... whitespace is OK in a password!
  41
  42                 $password = $this->arg('password');
  43                 $confirm = $this->arg('confirm');
  44
  45                 # Input scrubbing
  46
  47                 $nickname = common_canonical_nickname($nickname);
  48                 $email = common_canonical_email($email);
  49
  50                 if (!$this->boolean('license')) {
  51                         $this->show_form(_('You can\'t register if you don\'t agree to the license.'));
  52                 } else if ($email && !Validate::email($email, true)) {
  53                         $this->show_form(_('Not a valid email address.'));
  54                 } else if (!Validate::string($nickname, array('min_length' => 1,
  55                                                                                                           'max_length' => 64,
  56                                                                                                           'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
  57                         $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.'));
  58                 } else if ($this->nickname_exists($nickname)) {
  59                         $this->show_form(_('Nickname already exists.'));
  60                 } else if (!User::allowed_nickname($nickname)) {
  61                         $this->show_form(_('Not a valid nickname.'));
  62                 } else if ($this->email_exists($email)) {
  63                         $this->show_form(_('Email address already exists.'));
  64                 } else if ($password != $confirm) {
  65                         $this->show_form(_('Passwords don\'t match.'));
  66                 } else if ($this->register_user($nickname, $password, $email)) {
  67                         $user = $this->register_user($nickname, $password, $email);
  68                         if (!$user) {
  69                                 $this->show_form(_('Invalid username or password.'));
  70                                 return;
  71                         }
  72                         # success!
  73                         if (!common_set_user($user)) {
  74                                 common_server_error(_('Error setting user.'));
  75                                 return;
  76                         }
  77                         # this is a real login
  78                         common_real_login(true);
  79                         if ($this->boolean('rememberme')) {
  80                                 common_debug('Adding rememberme cookie for ' . $nickname);
  81                                 common_rememberme($user);
  82                         }
  83                         common_redirect(common_local_url('profilesettings'));
  84                 } else {
  85                         $this->show_form(_('Invalid username or password.'));
  86                 }
  87         }
  88
  89         # checks if *CANONICAL* nickname exists
  90
  91         function nickname_exists($nickname) {
  92                 $user = User::staticGet('nickname', $nickname);
  93                 return ($user !== false);
  94         }
  95
  96         # checks if *CANONICAL* email exists
  97
  98         function email_exists($email) {
  99                 $email = common_canonical_email($email);
 100                 $user = User::staticGet('email', $email);
 101                 return ($user !== false);
 102         }
 103
 104         function register_user($nickname, $password, $email) {
 105
 106                 $profile = new Profile();
 107
 108                 $profile->query('BEGIN');
 109
 110                 $profile->nickname = $nickname;
 111                 $profile->profileurl = common_profile_url($nickname);
 112                 $profile->created = DB_DataObject_Cast::dateTime(); # current time
 113
 114                 $id = $profile->insert();
 115
 116                 if (!$id) {
 117                         common_log_db_error($profile, 'INSERT', __FILE__);
 118                     return FALSE;
 119                 }
 120                 $user = new User();
 121                 $user->id = $id;
 122                 $user->nickname = $nickname;
 123                 $user->password = common_munge_password($password, $id);
 124                 $user->created =  DB_DataObject_Cast::dateTime(); # current time
 125                 $user->uri = common_user_uri($user);
 126
 127                 $result = $user->insert();
 128
 129                 if (!$result) {
 130                         common_log_db_error($user, 'INSERT', __FILE__);
 131                         return FALSE;
 132                 }
 133
 134                 if ($email) {
 135
 136                         $confirm = new Confirm_address();
 137                         $confirm->code = common_confirmation_code(128);
 138                         $confirm->user_id = $user->id;
 139                         $confirm->address = $email;
 140                         $confirm->address_type = 'email';
 141
 142                         $result = $confirm->insert();
 143                         if (!$result) {
 144                                 common_log_db_error($confirm, 'INSERT', __FILE__);
 145                                 return FALSE;
 146                         }
 147                 }
 148
 149                 $profile->query('COMMIT');
 150
 151                 if ($email) {
 152                         mail_confirm_address($confirm->code,
 153                                                                  $profile->nickname,
 154                                                                  $email);
 155                 }
 156
 157                 return $user;
 158         }
 159
 160         function show_top($error=NULL) {
 161                 if ($error) {
 162                         common_element('p', 'error', $error);
 163                 } else {
 164                         common_element('div', 'instructions',
 165                                                    _('You can create a new account to start posting notices.'));
 166                 }
 167         }
 168
 169         function show_form($error=NULL) {
 170                 global $config;
 171
 172                 common_show_header(_('Register'), NULL, $error, array($this, 'show_top'));
 173                 common_element_start('form', array('method' => 'post',
 174                                                                                    'id' => 'login',
 175                                                                                    'action' => common_local_url('register')));
 176                 common_input('nickname', _('Nickname'), NULL,
 177                                          _('1-64 lowercase letters or numbers, no punctuation or spaces'));
 178                 common_password('password', _('Password'),
 179                                                 _('6 or more characters'));
 180                 common_password('confirm', _('Confirm'),
 181                                                 _('Same as password above'));
 182                 common_input('email', _('Email'), NULL,
 183                                          _('Used only for updates, announcements, and password recovery'));
 184                 common_checkbox('rememberme', _('Remember me'), false,
 185                                 _('Automatically login in the future; ' .
 186                                    'not for shared computers!'));
 187                 common_element_start('p');
 188                 common_element('input', array('type' => 'checkbox',
 189                                                                           'id' => 'license',
 190                                                                           'name' => 'license',
 191                                                                           'value' => 'true'));
 192                 common_text(_('My text and files are available under '));
 193                 common_element('a', array(href => $config['license']['url']),
 194                                            $config['license']['title']);
 195                 common_text(_(' except this private data: password, email address, IM address, phone number.'));
 196                 common_element_end('p');
 197                 common_submit('submit', _('Register'));
 198                 common_element_end('form');
 199                 common_show_footer();
 200         }
 201 }