2 /************************************************************************
3 * Mailer v0.2.1-FINAL Start: 07/10/2004 *
4 * =================== Last change: 07/10/2004 *
6 * -------------------------------------------------------------------- *
7 * File : register_functions.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Special functions for register extension *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Spezielle Funktion fuer register-Erweiterung *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * Needs to be in all Files and every File needs "svn propset *
18 * svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
19 * -------------------------------------------------------------------- *
20 * Copyright (c) 2003 - 2009 by Roland Haeder *
21 * Copyright (c) 2009, 2010 by Mailer Developer Team *
22 * For more information visit: http://www.mxchange.org *
24 * This program is free software; you can redistribute it and/or modify *
25 * it under the terms of the GNU General Public License as published by *
26 * the Free Software Foundation; either version 2 of the License, or *
27 * (at your option) any later version. *
29 * This program is distributed in the hope that it will be useful, *
30 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
31 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
32 * GNU General Public License for more details. *
34 * You should have received a copy of the GNU General Public License *
35 * along with this program; if not, write to the Free Software *
36 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
38 ************************************************************************/
40 // Some security stuff...
41 if (!defined('__SECURITY')) {
46 function ifRequiredRegisterFieldsAreSet (&$array) {
47 // By default all is fine
49 foreach ($array as $key => $value) {
50 // Check all fields that must register
51 $result = SQL_QUERY("SELECT `id` FROM `{?_MYSQL_PREFIX?}_must_register` WHERE `field_name`='".$key."' AND `field_required`='Y' LIMIT 1",
52 __FUNCTION__, __LINE__);
53 if (SQL_NUMROWS($result) == 1) {
54 // Check if extension country is not found (you have to enter the 2-chars long country code) or
55 // if extensions is present check if country code was selected
56 // 01 2 21 12 3 32 234 5 54 4 43 34 4 4 5 5432 2 3 3210
57 $country = ((!isExtensionActive('country')) || ((isExtensionActive('country')) && (((empty($value)) && ($key == 'cntry')) || (($key == 'country_code') && (!empty($value)))) && (!empty($array['country_code']))));
58 if ((empty($value)) && ($country === false)) {
59 // Required field not set
66 SQL_FREERESULT($result);
73 // Generates a 'category table' for the registration form
74 function registerGenerateCategoryTable ($mode, $return=false) {
77 // Guests are mostly not interested in how many members has
78 // choosen an individual category
79 $AND = "WHERE `visible`='Y' ";
81 // Admins are allowed to see every category...
82 if (isAdmin()) $AND = '';
84 // Look for categories
85 $result = SQL_QUERY("SELECT `id`, `cat`, `visible` FROM `{?_MYSQL_PREFIX?}_cats` ".$AND." ORDER BY `sort` ASC",
86 __FUNCTION__, __LINE__);
88 if (SQL_NUMROWS($result) > 0) {
89 // List alle visible modules (or all to the admin)
91 $OUT .= '<table border="0" cellspacing="0" cellpadding="0" width="100%">';
92 while ($content = SQL_FETCHARRAY($result)) {
93 // Prepare array for the template
96 'cat' => $content['cat'],
99 'id' => $content['id'],
103 if ((postRequestParameter('cat', $content['id']) == 'Y') || ((getConfig('register_default') == 'Y') && (!isPostRequestParameterSet('cat', $content['id'])))) {
104 $content['def_y'] = ' checked="checked"';
106 $content['def_n'] = ' checked="checked"';
109 // Load template and switch color
110 $OUT .= loadTemplate('guest_cat_row', true, $content);
116 SQL_FREERESULT($result);
118 // No categories setted up so far...
119 $OUT .= loadTemplate('admin_settings_saved', true, getMessage('NO_CATEGORIES_VISIBLE'));
122 if ($return === true) {
123 // Return generated HTML code
126 // Output directly (default)
131 // Outputs a 'failed message'
132 function registerOutputFailedMessage ($messageId, $extra='') {
133 if (empty($messageId)) {
134 outputHtml('<div class="register_failed">' . $extra . '</div>');
136 outputHtml('<div class="register_failed">{--' . $messageId . '--}' . $extra . '</div>');
140 // Run a filter for must-fillout fields
141 function FILTER_REGISTER_MUST_FILLOUT ($content) {
142 // Get all fields for output
143 $result = SQL_QUERY("SELECT `field_name`, `field_required` FROM `{?_MYSQL_PREFIX?}_must_register` ORDER BY `id` ASC",
144 __FUNCTION__, __LINE__);
146 // Walk through all entries
147 while ($row = SQL_FETCHARRAY($result)) {
148 // Must the user fill out this element?
150 if ($row['field_required'] == 'Y') $value = '<span class="guest_failed">(*)</span>';
153 $content['must_fillout_'.strtolower($row['field_name']).''] = $value;
157 SQL_FREERESULT($result);
163 // Checks wether the registration data is complete
164 function isRegistrationDataComplete () {
166 $GLOBALS['registration_ip_timeout'] = false;
167 $GLOBALS['registration_short_password'] = false;
168 $GLOBALS['register_selected_cats'] = '0';
173 // First we only check the submitted data then we continue... :)
175 // Did he agree to our Terms Of Usage?
176 if (postRequestParameter('agree') != 'Y') {
177 setPostRequestParameter('agree', '!');
181 // Did he enter a valid email address? (we really don't care about
182 // that, he has to click on a confirmation link :P )
183 if ((!isPostRequestParameterSet('email')) || (!isEmailValid(postRequestParameter('email')))) {
184 setPostRequestParameter('email', '!');
188 // And what about surname and family's name?
189 if (!isPostRequestParameterSet('surname')) {
190 setPostRequestParameter('surname', '!');
193 if (!isPostRequestParameterSet('family')) {
194 setPostRequestParameter('family', '!');
198 // Get temporary array for modification
199 $postArray = postRequestArray();
201 // Check for required fields
202 $isOkay = ($isOkay && ifRequiredRegisterFieldsAreSet($postArray));
204 // Set it back in request
205 setPostRequestArray($postArray);
207 // Did he enter his password twice?
208 if (((!isPostRequestParameterSet('pass1')) || (!isPostRequestParameterSet('pass2'))) || ((postRequestParameter('pass1') != postRequestParameter('pass2')) && (isPostRequestParameterSet('pass1')) && (isPostRequestParameterSet('pass2')))) {
209 if ((postRequestParameter('pass1') != postRequestParameter('pass2')) && (isPostRequestParameterSet('pass1')) && (isPostRequestParameterSet('pass2'))) {
210 setPostRequestParameter('pass1', '!');
211 setPostRequestParameter('pass2', '!');
213 if (!isPostRequestParameterSet('pass1')) { setPostRequestParameter('pass1', '!'); } else { setPostRequestParameter('pass1', ''); }
214 if (!isPostRequestParameterSet('pass2')) { setPostRequestParameter('pass2', '!'); } else { setPostRequestParameter('pass2', ''); }
219 // Is the password long enouth?
220 if ((strlen(postRequestParameter('pass1')) < getConfig('pass_len')) && ($isOkay === true)) {
221 $GLOBALS['registration_short_password'] = true;
225 // Do this check only when no admin is logged in
226 foreach (postRequestParameter('cat') as $id => $answer) {
227 if ($answer == 'Y') $GLOBALS['register_selected_cats']++;
230 // Enougth categories selected?
231 $isOkay = (($isOkay) && ($GLOBALS['register_selected_cats'] >= getConfig('least_cats')));
233 if ((postRequestParameter('email') != '!') && (getConfig('check_double_email') == 'Y')) {
234 // Does the email address already exists in our database?
235 if ((!isAdmin()) && (isEmailTaken(postRequestParameter('email')))) {
236 setPostRequestParameter('email', '?');
241 // Check for IP timeout?
242 if ((!isAdmin()) && (getConfig('ip_timeout') > 0)) {
243 // Check his IP number
244 $GLOBALS['registration_ip_timeout'] = (countSumTotalData(detectRemoteAddr() , 'user_data', 'userid', 'REMOTE_ADDR', true, " AND (`joined` > (UNIX_TIMESTAMP() - {?ip_timeout?}) OR `last_update` > (UNIX_TIMESTAMP() - {?ip_timeout?}))") == 1);
252 // Do the registration
253 function doRegistration () {
254 // Prepapre month and day of birth
255 if (strlen(postRequestParameter('day')) == 1) setPostRequestParameter('day' , '0' . postRequestParameter('day'));
256 if (strlen(postRequestParameter('month')) == 1) setPostRequestParameter('month', '0' . postRequestParameter('month'));
259 // ... confirmed, ...
260 $confirmedUsers = countSumTotalData('CONFIRMED' , 'user_data', 'userid', 'status', true);
261 // ... unconfirmed ...
262 $unconfirmedUsers = countSumTotalData('UNCONFIRMED', 'user_data', 'userid', 'status', true);
263 // ... and locked users!
264 $lockedUsers = countSumTotalData('LOCKED' , 'user_data', 'userid', 'status', true);
266 // Generate hash which will be inserted into confirmation mail
267 $hash = generateHash(sha1(
268 $confirmedUsers . getConfig('ENCRYPT_SEPERATOR') .
269 $unconfirmedUsers . getConfig('ENCRYPT_SEPERATOR') .
270 $lockedUsers . getConfig('ENCRYPT_SEPERATOR') .
271 postRequestParameter('month') . '-' .
272 postRequestParameter('day') . '-' .
273 postRequestParameter('year') . getConfig('ENCRYPT_SEPERATOR') .
274 detectServerName() . getConfig('ENCRYPT_SEPERATOR') .
275 detectRemoteAddr() . getConfig('ENCRYPT_SEPERATOR') .
276 detectUserAgent() . '/' .
277 getConfig('SITE_KEY') . '/' .
278 getConfig('DATE_KEY') . '/' .
279 getConfig('CACHE_BUSTER')
282 // Old way with enterable two-char-code
283 $countryRow = '`country`';
284 $countryData = substr(postRequestParameter('cntry'), 0, 2);
286 // Add design when extension sql_patches is v0.2.7 or greater
287 // @TODO Rewrite these all to a single filter
288 $GLOBALS['register_sql_columns'] = '';
289 $GLOBALS['register_sql_data'] = '';
290 if (isExtensionInstalledAndNewer('theme', '0.0.8')) {
291 // Okay, add design here
292 $GLOBALS['register_sql_columns'] = ', `curr_theme`';
293 $GLOBALS['register_sql_data'] = ", '" . getCurrentTheme() . "'";
296 // Check if I shall disable sending mail to newly registered members out about active/begging rallye
298 // First comes first: begging rallye
299 if (isExtensionInstalledAndNewer('beg', '0.1.7')) {
300 // Okay, shall I disable now?
301 if (getConfig('beg_new_mem_notify') != 'Y') {
302 $GLOBALS['register_sql_columns'] .= ', `beg_ral_notify`, `beg_ral_en_notify`';
303 $GLOBALS['register_sql_data'] .= ', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()';
307 // Second: active rallye
308 if (isExtensionInstalledAndNewer('bonus', '0.7.7')) {
309 // Okay, shall I disable now?
310 if (getConfig('bonus_new_mem_notify') != 'Y') {
311 $GLOBALS['register_sql_columns'] .= ', `bonus_ral_notify`, `bonus_ral_en_notify`';
312 $GLOBALS['register_sql_data'] .= ', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()';
316 // Write user data to table
317 if (isExtensionActive('country')) {
318 // Save with new selectable country code
319 $countryRow = '`country_code`';
320 $countryData = bigintval(postRequestParameter('country_code'));
323 //////////////////////////////
324 // Create user's account... //
325 //////////////////////////////
327 SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_data` (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$GLOBALS['register_sql_columns'].")
328 VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$GLOBALS['register_sql_data'].")",
331 substr(postRequestParameter('gender'), 0, 1),
332 postRequestParameter('surname'),
333 postRequestParameter('family'),
334 postRequestParameter('street_nr'),
336 bigintval(postRequestParameter('zip')),
337 postRequestParameter('city'),
338 postRequestParameter('email'),
339 bigintval(postRequestParameter('day')),
340 bigintval(postRequestParameter('month')),
341 bigintval(postRequestParameter('year')),
342 generateHash(postRequestParameter('pass1')),
343 bigintval(postRequestParameter('max_mails')),
344 bigintval(postRequestParameter('max_mails')),
345 bigintval(postRequestParameter('refid')),
348 ), __FILE__, __LINE__);
351 $userid = bigintval(SQL_INSERTID());
354 if ($userid == '0') {
355 // Something bad happened!
356 loadTemplate('admin_settings_saved', false, getMessage('USER_NOT_REGISTERED'));
362 // Is the refback extension there?
363 // @TODO Rewrite this to a filter
364 if (isExtensionActive('refback')) {
365 // Update refback table
366 updateRefbackTable($userid);
369 // Write his welcome-points
370 // @TODO Rewrite this whole if() block to addPointsThroughReferalSystem(). This will also make following if() block obsolete
371 // @TODO Wether the registration bonus should only be added to user directly or through referal system should be configurable
372 $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_user_points` WHERE `userid`=%s AND `ref_depth`=0 LIMIT 1",
373 array($userid), __FILE__, __LINE__);
374 if (SQL_NUMROWS($result) == '0') {
375 // Add only when the line was not found (maybe some more secure?)
378 // Pay him later. First he has to confirm some mails!
379 if (getConfig('ref_payout') > 0) $locked = 'locked_points';
381 SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_points` (`userid`, `ref_depth`, `%s`) VALUES (%s,0,'{?points_register?}')",
382 array($locked, $userid), __FILE__, __LINE__);
384 // Update mediadata as well
385 if ((isExtensionInstalledAndNewer('mediadata', '0.0.4')) && ($locked == 'points')) {
387 updateMediadataEntry(array('total_points'), 'add', getConfig('points_register'));
392 if ((is_array(postRequestParameter('cat'))) && (count(postRequestParameter('cat')))) {
393 foreach (postRequestParameter('cat') as $cat => $joined) {
394 if ($joined == 'Y') {
395 // Insert category entry
396 SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_cats` (`userid`, `cat_id`) VALUES (%s, %s)",
397 array($userid, bigintval($cat)), __FILE__, __LINE__);
402 // ... rewrite a zero referal id to the main title
403 if (postRequestParameter('refid') == '0') setPostRequestParameter('refid', getConfig('MAIN_TITLE'));
406 if (isPostRequestParameterSet('zip')) {
407 // Prepare data array for the email template
408 // Start with the gender...
412 'gender' => translateGender(postRequestParameter('gender')),
413 'surname' => SQL_ESCAPE(postRequestParameter('surname')),
414 'family' => SQL_ESCAPE(postRequestParameter('family')),
415 'email' => SQL_ESCAPE(postRequestParameter('email')),
416 'street' => SQL_ESCAPE(postRequestParameter('street_nr')),
417 'city' => SQL_ESCAPE(postRequestParameter('city')),
418 'zip' => bigintval(postRequestParameter('zip')),
419 'country' => $countryData,
420 'refid' => SQL_ESCAPE(postRequestParameter('refid')),
421 'pass' => SQL_ESCAPE(postRequestParameter('pass1')),
424 // No ZIP code entered
428 'gender' => translateGender(postRequestParameter('gender')),
429 'surname' => SQL_ESCAPE(postRequestParameter('surname')),
430 'family' => SQL_ESCAPE(postRequestParameter('family')),
431 'email' => SQL_ESCAPE(postRequestParameter('email')),
432 'street' => SQL_ESCAPE(postRequestParameter('street_nr')),
433 'city' => SQL_ESCAPE(postRequestParameter('city')),
435 'country' => $countryData,
436 'refid' => SQL_ESCAPE(postRequestParameter('refid')),
437 'pass' => SQL_ESCAPE(postRequestParameter('pass1')),
441 // Continue with birthday...
442 switch (getLanguage()) {
444 $content['birthday'] = bigintval(postRequestParameter('day')) . '.' . bigintval(postRequestParameter('month')) . '.' . bigintval(postRequestParameter('year'));
448 $content['birthday'] = bigintval(postRequestParameter('month')) . '/' . bigintval(postRequestParameter('day')) . '/' . bigintval(postRequestParameter('year'));
452 // Display information to the user that he got mail and send it away
453 $messageGuest = loadEmailTemplate('register-member', $content, $userid);
455 // Send mail to user (confirmation link!)
456 $email = $content['email'];
457 sendEmail($content['email'], getMessage('GUEST_SUBJECT_CONFIRM_LINK'), $messageGuest);
458 $content['email'] = $email;
460 // Send mail to admin
461 sendAdminNotification(getMessage('ADMIN_SUBJECT_NEW_ACCOUNT'), 'register-admin', $content, $userid);