2 /************************************************************************
3 * Mailer v0.2.1-FINAL Start: 07/10/2004 *
4 * =================== Last change: 07/10/2004 *
6 * -------------------------------------------------------------------- *
7 * File : register_functions.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Special functions for register extension *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Spezielle Funktion fuer register-Erweiterung *
12 * -------------------------------------------------------------------- *
15 * $Tag:: 0.2.1-FINAL $ *
17 * -------------------------------------------------------------------- *
18 * Copyright (c) 2003 - 2009 by Roland Haeder *
19 * Copyright (c) 2009 - 2016 by Mailer Developer Team *
20 * For more information visit: http://mxchange.org *
22 * This program is free software; you can redistribute it and/or modify *
23 * it under the terms of the GNU General Public License as published by *
24 * the Free Software Foundation; either version 2 of the License, or *
25 * (at your option) any later version. *
27 * This program is distributed in the hope that it will be useful, *
28 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
29 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
30 * GNU General Public License for more details. *
32 * You should have received a copy of the GNU General Public License *
33 * along with this program; if not, write to the Free Software *
34 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
36 ************************************************************************/
38 // Some security stuff...
39 if (!defined('__SECURITY')) {
43 // Checks whether all required registration fields are set
44 function ifRequiredRegisterFieldsAreSet (&$array) {
45 // By default all is fine
47 foreach ($array as $key => $value) {
48 // Check all fields that must register
49 $result = sqlQueryEscaped("SELECT `id` FROM `{?_MYSQL_PREFIX?}_must_register` WHERE `field_name`='%s' AND `field_required`='Y' LIMIT 1",
50 array($key), __FUNCTION__, __LINE__);
53 if (sqlNumRows($result) == 1) {
54 // Check if extension country is not found (you have to enter the 2-chars long country code) or
55 // if extensions is present check if country code was selected
56 // 01 2 21 12 3 32 234 5 54 4 43 34 4 4 5 5432 2 3 3210
57 $country = ((!isExtensionActive('country')) || ((isExtensionActive('country')) && (((empty($value)) && ($key == 'cntry')) || (($key == 'country_code') && (!empty($value)))) && (!empty($array['country_code']))));
58 if ((empty($value)) && ($country === FALSE)) {
59 // Required field not set
66 sqlFreeResult($result);
73 // Generates a 'category table' for the registration form
74 function registerGenerateCategoryTable ($mode, $configEntry = 'register_default') {
79 * Guests are mostly not interested in how many members has choosen an
80 * individual category.
82 $whereStatement = "WHERE `visible`='Y' ";
84 // Admins are allowed to see every category...
89 // Look for categories
90 $result = sqlQuery('SELECT
95 `{?_MYSQL_PREFIX?}_cats`
96 ' . $whereStatement . '
99 __FUNCTION__, __LINE__);
101 if (!ifSqlHasZeroNumRows($result)) {
102 // List alle visible modules (or all to the admin)
103 $OUT .= '<table border="0" cellspacing="0" cellpadding="0" width="100%">';
104 while ($content = sqlFetchArray($result)) {
105 // Prepare array for the template
106 $content['default_yes'] = '';
107 $content['default_no'] = '';
110 if ((postRequestElement('cat', $content['id']) == 'Y') || ((getConfig($configEntry) == 'Y') && (!isPostRequestElementSet('cat', $content['id'])))) {
111 $content['default_yes'] = ' checked="checked"';
113 $content['default_no'] = ' checked="checked"';
116 // Load template and switch color
117 $OUT .= loadTemplate('guest_cat_row', TRUE, $content);
122 sqlFreeResult($result);
124 // No categories setted up so far...
125 $OUT .= displayMessage('{--NO_CATEGORIES_VISIBLE--}', TRUE);
128 // Return generated HTML code
132 // Outputs a 'failed message'
133 function registerOutputFailedMessage ($messageId, $extra = '') {
134 if (empty($messageId)) {
135 outputHtml('<div class="bad">' . $extra . '</div>');
137 outputHtml('<div class="bad">{--' . $messageId . '--}' . $extra . '</div>');
141 // Checks whether the registration data is complete
142 function isRegistrationDataComplete () {
144 $GLOBALS['registration_ip_timeout'] = FALSE;
145 $GLOBALS['registration_weak_password'] = FALSE;
146 $GLOBALS['registration_selected_cats'] = '0';
152 // First we only check the submitted data then we continue... :)
154 // Did he agree to the terms of usage?
155 if (postRequestElement('agree') != 'Y') {
156 setPostRequestElement('agree', '!');
157 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'agree=N - User did not agree with terms of usage.');
161 // Did he enter a valid email address? (we really don't care about
162 // that, he has to click on a confirmation link :P )
163 if ((!isAdmin()) && ((!isPostRequestElementSet('email')) || (!isEmailValid(postRequestElement('email'))))) {
164 setPostRequestElement('email', '!');
165 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did not enter proper email address.');
169 // And what about surname and family's name?
170 if (!isPostRequestElementSet('surname')) {
171 setPostRequestElement('surname', '!');
172 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did not enter surname.');
175 if (!isPostRequestElementSet('family')) {
176 setPostRequestElement('family', '!');
177 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did not enter family name.');
181 // Get temporary array for modification
182 $postArray = postRequestArray();
184 // Check for required fields
185 $isOkay = ($isOkay && ifRequiredRegisterFieldsAreSet($postArray));
187 // Set it back in request
188 setPostRequestArray($postArray);
190 // Are both passwords zero length?
191 if ((strlen(postRequestElement('password1')) == 0) && (strlen(postRequestElement('password2')) == 0) && ($isOkay === TRUE)) {
192 // Is the extension 'register' newer or equal 0.5.5?
193 if ((isExtensionInstalledAndNewer('register', '0.5.5')) && (isRegisterGeneratePasswordEmptyEnabled())) {
194 // Generate a random password
195 $randomPassword = generatePassword();
198 // Set it in both entries
199 setPostRequestElement('password1', $randomPassword);
200 setPostRequestElement('password2', $randomPassword);
202 // Not allowed or no recent extension version
203 setPostRequestElement('password1', '!');
204 setPostRequestElement('password2', '!');
206 // ... which is both not okay
207 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Random password generation not possible, isExtensionInstalledAndNewer(register, 0.5.5)=' . intval(isExtensionInstalledAndNewer('register', '0.5.5')) . ',isRegisterGeneratePasswordEmptyEnabled()=' . intval(isRegisterGeneratePasswordEmptyEnabled()));
212 // Did he enter his password twice?
213 if (((!isPostRequestElementSet('password1')) || (!isPostRequestElementSet('password2'))) || ((postRequestElement('password1') != postRequestElement('password2')) && (isPostRequestElementSet('password1')) && (isPostRequestElementSet('password2')))) {
214 if ((postRequestElement('password1') != postRequestElement('password2')) && (isPostRequestElementSet('password1')) && (isPostRequestElementSet('password2'))) {
215 // Both passwords did not match
216 setPostRequestElement('password1', '!');
217 setPostRequestElement('password2', '!');
218 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did not enter same passwords.');
220 if (!isPostRequestElementSet('password1')) {
221 // Password 1 is empty
222 setPostRequestElement('password1', '!');
223 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did not enter password1.');
225 // Password 2 is empty
226 setPostRequestElement('password1', '');
228 if (!isPostRequestElementSet('password2')) {
229 // Password 2 is empty
230 setPostRequestElement('password2', '!');
231 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did not enter password2.');
233 // Password 1 is empty
234 setPostRequestElement('password2', '');
240 // Is the password strong enough?
241 if (($isRandom === FALSE) && (!isStrongPassword(postRequestElement('password1')))) {
242 $GLOBALS['registration_weak_password'] = TRUE;
243 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did enter a short password.');
247 // Do this check only when no admin is logged in
248 if (ifPostContainsSelections('cat')) {
249 // Only continue with array
250 foreach (postRequestElement('cat') as $id => $answer) {
251 // Is this category choosen?
252 if ($answer == 'Y') {
253 $GLOBALS['registration_selected_cats']++;
258 // Enougth categories selected?
259 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay=' . intval($isOkay) . ',selected=' . $GLOBALS['registration_selected_cats'] . '/' . getLeastCats());
260 $isOkay = (($isOkay) && ($GLOBALS['registration_selected_cats'] >= getLeastCats()));
262 // Check if email is taken, if configured
263 if ((isExtensionInstalledAndNewer('other', '0.3.0')) && (isCheckDoubleEmailEnabled()) && (postRequestElement('email') != '!') && (isEmailTaken(postRequestElement('email'))) && (!isAdmin())) {
265 setPostRequestElement('email', '?');
266 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did enter a already used email address.');
270 // Check for IP timeout?
271 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay=' . intval($isOkay));
272 if ((!isAdmin()) && (getIpTimeout() > 0)) {
273 // Check his IP number
274 $GLOBALS['registration_ip_timeout'] = (countSumTotalData(detectRemoteAddr() , 'user_data', 'userid', 'REMOTE_ADDR', TRUE, ' AND ((UNIX_TIMESTAMP() - `joined`) < {?ip_timeout?} OR (UNIX_TIMESTAMP() - `last_update`) < {?ip_timeout?})') == 1);
275 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay=' . intval($isOkay).',timeout='.intval($GLOBALS['registration_ip_timeout']));
276 $isOkay = (($isOkay) && (!$GLOBALS['registration_ip_timeout']));
280 //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay=' . intval($isOkay) . ' - EXIT!');
284 // Do the registration
285 function doUserRegistration () {
286 // Do not register an account on absent ext-user
287 if (!isExtensionInstalled('user')) {
288 // Please report this
289 reportBug(__FUNCTION__, __LINE__, 'Tried to register a user account without ext-user installed.');
292 // Init filter data array
294 // Registration status is always FALSE by default
298 // Run filter chain for user registration
299 $filterData = runFilterChain('user_registration', $filterData);
302 return $filterData['status'];
305 // Generic user registration
306 function doGenericUserRegistration () {
307 // Init extra SQL data
308 initExtraRegistrationSql();
312 // Initialization not done by default
313 'init_done' => FALSE,
314 'post_data' => postRequestArray(),
316 'message' => '{--PRE_USER_REGISTRATION_FAILED--}',
319 // Run the pre-registration chain
320 $filterData = runFilterChain('pre_user_registration', $filterData);
322 // Did the initialization work?
323 if ($filterData['init_done'] === FALSE) {
324 // Something bad happened!
325 displayMessage($filterData['message']);
331 // These elements must be set
332 assert(isset($GLOBALS['register_country_row']));
333 assert(isset($GLOBALS['register_country_data']));
334 assert(isset($GLOBALS['register_confirm_hash']));
336 // Only comment this in if you develop
337 //* DEVELOPER-CODE: */ $GLOBALS['register_userid'] = 1; return TRUE;
339 // Create user's account...
340 sqlQueryEscaped("INSERT INTO
341 `{?_MYSQL_PREFIX?}_user_data`
364 " . $GLOBALS['register_sql_columns'] . "
383 '{%%pipe,detectRemoteAddr%%}',
387 " . $GLOBALS['register_sql_data'] . "
390 $GLOBALS['register_country_row'],
391 substr(postRequestElement('gender'), 0, 1),
392 postRequestElement('surname'),
393 postRequestElement('family'),
394 postRequestElement('street_nr'),
395 $GLOBALS['register_country_data'],
396 bigintval(postRequestElement('zip')),
397 postRequestElement('city'),
398 postRequestElement('email'),
399 bigintval(postRequestElement('day')),
400 bigintval(postRequestElement('month')),
401 bigintval(postRequestElement('year')),
402 generateHash(postRequestElement('password1')),
403 bigintval(postRequestElement('max_mails')),
404 bigintval(postRequestElement('max_mails')),
405 convertZeroToNull(postRequestElement('refid')),
406 postRequestElement('status'),
407 $GLOBALS['register_confirm_hash']
408 ), __FUNCTION__, __LINE__);
411 $filterData['register_insert_id'] = getSqlInsertId();
414 if (!isValidId($filterData['register_insert_id'])) {
415 // Something bad happened!
416 displayMessage('{--USER_NOT_REGISTERED--}');
422 // Set new user id globally
423 $GLOBALS['register_userid'] = $filterData['register_insert_id'];
425 // Shall we reset random refid? Only possible with latest ext-user
426 if (isExtensionInstalledAndNewer('user', '0.3.4')) {
427 // Reset all accounts, registration is done
428 sqlQuery('UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `rand_confirmed`=0', __FUNCTION__, __LINE__);
431 // Update referral table
432 updateReferralCounter($filterData['register_insert_id']);
434 // Write his welcome-points
435 initReferralSystem();
436 addPointsThroughReferralSystem(
440 $filterData['register_insert_id'],
443 // Referral id (or NULL if none set)
444 convertZeroToNull(postRequestElement('refid'))
448 if (ifPostContainsSelections('cat')) {
450 $sql = 'INSERT INTO `{?_MYSQL_PREFIX?}_user_cats` (`userid`, `cat_id`) VALUES';
453 foreach (postRequestElement('cat') as $categoryId => $joined) {
454 // "Join" this group?
455 if ($joined == 'Y') {
456 // Insert category entry
457 $sql .= ' (' . $filterData['register_insert_id'] . ', ' . bigintval($categoryId) . '),';
461 // Run SQL without last commata
462 sqlQuery(substr($sql, 0, -1), __FUNCTION__, __LINE__);
465 // Registration phase is done here, so for tester accounts we end here
466 if (((getExtensionVersion('user') >= '0.5.0')) && (isTesterUserName(postRequestElement('surname'))) && (ifTesterAccountsAllowed())) {
471 // ... rewrite a zero referral id to the main title
472 if (!isValidId(postRequestElement('refid'))) {
473 setPostRequestElement('refid', getMainTitle());
477 if (isPostRequestElementSet('zip')) {
478 // Prepare data array for the email template
480 'hash' => $GLOBALS['register_confirm_hash'],
481 'userid' => $filterData['register_insert_id'],
482 'gender' => sqlEscapeString(postRequestElement('gender')),
483 'surname' => sqlEscapeString(postRequestElement('surname')),
484 'family' => sqlEscapeString(postRequestElement('family')),
485 'email' => sqlEscapeString(postRequestElement('email')),
486 'street' => sqlEscapeString(postRequestElement('street_nr')),
487 'city' => sqlEscapeString(postRequestElement('city')),
488 'zip' => bigintval(postRequestElement('zip')),
489 'country' => $GLOBALS['register_country_data'],
490 'refid' => sqlEscapeString(postRequestElement('refid')),
491 'password' => sqlEscapeString(postRequestElement('password1')),
494 // No ZIP code entered
496 'hash' => $GLOBALS['register_confirm_hash'],
497 'userid' => $filterData['register_insert_id'],
498 'gender' => sqlEscapeString(postRequestElement('gender')),
499 'surname' => sqlEscapeString(postRequestElement('surname')),
500 'family' => sqlEscapeString(postRequestElement('family')),
501 'email' => sqlEscapeString(postRequestElement('email')),
502 'street' => sqlEscapeString(postRequestElement('street_nr')),
503 'city' => sqlEscapeString(postRequestElement('city')),
505 'country' => $GLOBALS['register_country_data'],
506 'refid' => sqlEscapeString(postRequestElement('refid')),
507 'password' => sqlEscapeString(postRequestElement('password1')),
511 // Continue with birthday...
512 switch (getLanguage()) {
514 $content['birthday'] = bigintval(postRequestElement('day')) . '.' . bigintval(postRequestElement('month')) . '.' . bigintval(postRequestElement('year'));
518 $content['birthday'] = bigintval(postRequestElement('month')) . '/' . bigintval(postRequestElement('day')) . '/' . bigintval(postRequestElement('year'));
522 // Display information to the user that he got mail and send it away
523 $messageGuest = loadEmailTemplate('guest_register_done', $content, $filterData['register_insert_id'], FALSE);
525 // Send mail to user (confirmation link!)
526 sendEmail($filterData['register_insert_id'], '{--GUEST_CONFIRM_LINK_SUBJECT--}', $messageGuest);
528 // Send mail to admin
529 sendAdminNotification('{--ADMIN_NEW_ACCOUNT_SUBJECT--}', 'admin_register_done', $content, $filterData['register_insert_id']);
535 // Initialize extra registration SQL
536 function initExtraRegistrationSql () {
537 $GLOBALS['register_sql_columns'] = '';
538 $GLOBALS['register_sql_data'] = '';
541 // Add extra column for registration SQL
542 function addExtraRegistrationColumns ($column) {
544 $GLOBALS['register_sql_columns'] .= $column;
547 // Add extra data for registration SQL
548 function addExtraRegistrationData ($data) {
550 $GLOBALS['register_sql_data'] .= $data;
553 //-----------------------------------------------------------------------------
554 // Wrapper functions for ext-register
555 //-----------------------------------------------------------------------------
557 // Getter for 'display_refid'
558 function getDisplayRefid () {
559 // Is the cache entry set?
560 if (!isset($GLOBALS[__FUNCTION__])) {
561 // No, so determine it
562 $GLOBALS[__FUNCTION__] = getConfig('display_refid');
565 // Return cached entry
566 return $GLOBALS[__FUNCTION__];
569 // Checks whether 'display_refid' is "Y"
570 function isDisplayRefidEnabled () {
571 // Is the cache entry set?
572 if (!isset($GLOBALS[__FUNCTION__])) {
573 // No, so determine it
574 $GLOBALS[__FUNCTION__] = (getDisplayRefid() == 'Y');
577 // Return cached entry
578 return $GLOBALS[__FUNCTION__];
581 // Getter for 'ip_timeout'
582 function getIpTimeout () {
583 // Is the cache entry set?
584 if (!isset($GLOBALS[__FUNCTION__])) {
585 // No, so determine it
586 $GLOBALS[__FUNCTION__] = getConfig('ip_timeout');
589 // Return cached entry
590 return $GLOBALS[__FUNCTION__];
593 // Getter for 'register_default'
594 function getRegisterDefault () {
595 // Is the cache entry set?
596 if (!isset($GLOBALS[__FUNCTION__])) {
597 // No, so determine it
598 $GLOBALS[__FUNCTION__] = getConfig('register_default');
601 // Return cached entry
602 return $GLOBALS[__FUNCTION__];
605 // Checks whether 'register_default' is "YES"
606 function isRegisterDefaultEnabled () {
607 // Is the cache entry set?
608 if (!isset($GLOBALS[__FUNCTION__])) {
609 // No, so determine it
610 $GLOBALS[__FUNCTION__] = (getRegisterDefault() == 'Y');
613 // Return cached entry
614 return $GLOBALS[__FUNCTION__];
617 // Getter for 'register_generate_password_empty'
618 function getRegisterGeneratePasswordEmpty () {
619 // Is the cache entry set?
620 if (!isset($GLOBALS[__FUNCTION__])) {
621 // No, so determine it
622 $GLOBALS[__FUNCTION__] = getConfig('register_generate_password_empty');
625 // Return cached entry
626 return $GLOBALS[__FUNCTION__];
629 // Checks whether 'register_generate_password_empty' is "YES"
630 function isRegisterGeneratePasswordEmptyEnabled () {
631 // Is the cache entry set?
632 if (!isset($GLOBALS[__FUNCTION__])) {
633 // No, so determine it
634 $GLOBALS[__FUNCTION__] = (getRegisterGeneratePasswordEmpty() == 'Y');
637 // Return cached entry
638 return $GLOBALS[__FUNCTION__];
641 // Getter for 'default_registration_provider'
642 function getDefaultRegistrationProvider () {
643 // Is the cache entry set?
644 if (!isset($GLOBALS[__FUNCTION__])) {
645 // No, so determine it
646 $GLOBALS[__FUNCTION__] = getConfig('default_registration_provider');
649 // Return cached entry
650 return $GLOBALS[__FUNCTION__];
653 // "Getter" for least_cats
654 function getLeastCats () {
656 if (!isset($GLOBALS[__FUNCTION__])) {
658 $GLOBALS[__FUNCTION__] = getConfig('least_cats');
662 return $GLOBALS[__FUNCTION__];
665 // ----------------------------------------------------------------------------
666 // Template helper functions
667 // ----------------------------------------------------------------------------
669 // Template helper for generating a category selection table for admin area with given configuration entry
670 function doTemplateAdminRegisterCategoryTable ($templateName, $clear = FALSE, $configEntry) {
671 // Call the inner function
672 return registerGenerateCategoryTable('admin', $configEntry);
675 // Template helper for generating a list of all activated user registration provider
676 function doTemplateGuestRegistrationList ($templateName, $clear = FALSE) {
680 // Default is only activated provider
681 $addSql = " AND `provider_is_active`='Y'";
683 // Is admin logged-in?
690 $result = sqlQuery("SELECT
694 `{?_MYSQL_PREFIX?}_user_register_provider`
696 `provider_extension` != 'register'
699 `provider_name` ASC", __FUNCTION__, __LINE__);
701 // Are there entries?
702 if (sqlNumRows($result) > 0) {
705 while ($content = sqlFetchArray($result)) {
707 $row .= loadTemplate('guest_registration_provider_row', TRUE, $content);
710 // Load main template
711 $content = loadTemplate('guest_registration_provider', TRUE, $row);
714 $content = returnMessage('{--GUEST_EXTRA_REGISTRATION_PROVIDER_404--}');
718 sqlFreeResult($result);
720 // Return the generated content
724 // ----------------------------------------------------------------------------
725 // "Translator" functions
726 // ----------------------------------------------------------------------------
728 function translateRegistrationProviderName ($providerName) {
730 return '{--REGISTRATION_PROVIDER_' . strtoupper($providerName) . '--}';