-
- $new_password = autoname(6) . mt_rand(100,9999);
- $new_password_encoded = hash('whirlpool',$new_password);
-
- $res=openssl_pkey_new(array(
- 'digest_alg' => 'sha1',
- 'private_key_bits' => 4096,
- 'encrypt_key' => false ));
-
- // Get private key
-
- if(empty($res)) {
- notice( t('SERIOUS ERROR: Generation of security keys failed.') . EOL);
- return;
- }
-
- $prvkey = '';
-
- openssl_pkey_export($res, $prvkey);
-
- // Get public key
-
- $pkey = openssl_pkey_get_details($res);
- $pubkey = $pkey["key"];
-
- /**
- *
- * Create another keypair for signing/verifying
- * salmon protocol messages. We have to use a slightly
- * less robust key because this won't be using openssl
- * but the phpseclib. Since it is PHP interpreted code
- * it is not nearly as efficient, and the larger keys
- * will take several minutes each to process.
- *
- */
-
- $sres=openssl_pkey_new(array(
- 'digest_alg' => 'sha1',
- 'private_key_bits' => 512,
- 'encrypt_key' => false ));
-
- // Get private key
-
- $sprvkey = '';
-
- openssl_pkey_export($sres, $sprvkey);
-
- // Get public key
-
- $spkey = openssl_pkey_get_details($sres);
- $spubkey = $spkey["key"];
-
- $r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,
- `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked` )
- VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )",
- dbesc(generate_user_guid()),
- dbesc($username),
- dbesc($new_password_encoded),
- dbesc($email),
- dbesc($openid_url),
- dbesc($nickname),
- dbesc($pubkey),
- dbesc($prvkey),
- dbesc($spubkey),
- dbesc($sprvkey),
- dbesc(datetime_convert()),
- intval($verified),
- intval($blocked)
- );
-
- if($r) {
- $r = q("SELECT `uid` FROM `user`
- WHERE `username` = '%s' AND `password` = '%s' LIMIT 1",
- dbesc($username),
- dbesc($new_password_encoded)
- );
- if($r !== false && count($r))
- $newuid = intval($r[0]['uid']);
- }
- else {
- notice( t('An error occurred during registration. Please try again.') . EOL );
- return;
- }
-
- /**
- * if somebody clicked submit twice very quickly, they could end up with two accounts
- * due to race condition. Remove this one.
- */
-
- $r = q("SELECT `uid` FROM `user`
- WHERE `nickname` = '%s' ",
- dbesc($nickname)
- );
- if((count($r) > 1) && $newuid) {
- $err .= t('Nickname is already registered. Please choose another.') . EOL;
- q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
- intval($newuid)
- );
- notice ($err);
- return;
- }
-
- if(x($newuid) !== false) {
- $r = q("INSERT INTO `profile` ( `uid`, `profile-name`, `is-default`, `name`, `photo`, `thumb`, `publish`, `net-publish` )
- VALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, %d ) ",
- intval($newuid),
- 'default',
- 1,
- dbesc($username),
- dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"),
- dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"),
- intval($publish),
- intval($netpublish)
-
- );
- if($r === false) {
- notice( t('An error occurred creating your default profile. Please try again.') . EOL );
- // Start fresh next time.
- $r = q("DELETE FROM `user` WHERE `uid` = %d",
- intval($newuid));
- return;
- }
- $r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`, `nurl`,
- `request`, `notify`, `poll`, `confirm`, `poco`, `name-date`, `uri-date`, `avatar-date` )
- VALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
- intval($newuid),
- datetime_convert(),
- dbesc($username),
- dbesc($nickname),
- dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"),
- dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"),
- dbesc($a->get_baseurl() . "/photo/micro/{$newuid}.jpg"),
- dbesc($a->get_baseurl() . "/profile/$nickname"),
- dbesc(normalise_link($a->get_baseurl() . "/profile/$nickname")),
- dbesc($a->get_baseurl() . "/dfrn_request/$nickname"),
- dbesc($a->get_baseurl() . "/dfrn_notify/$nickname"),
- dbesc($a->get_baseurl() . "/dfrn_poll/$nickname"),
- dbesc($a->get_baseurl() . "/dfrn_confirm/$nickname"),
- dbesc($a->get_baseurl() . "/poco/$nickname"),
- dbesc(datetime_convert()),
- dbesc(datetime_convert()),
- dbesc(datetime_convert())
- );
-
-
- }
-
- $use_gravatar = ((get_config('system','no_gravatar')) ? false : true);
-
- // if we have an openid photo use it.
- // otherwise unless it is disabled, use gravatar
-
- if($use_gravatar || strlen($photo)) {
-
- require_once('include/Photo.php');
-
- if(($use_gravatar) && (! strlen($photo)))
- $photo = gravatar_img($email);
- $photo_failure = false;
-
- $filename = basename($photo);
- $img_str = fetch_url($photo,true);
- $img = new Photo($img_str);
- if($img->is_valid()) {
-
- $img->scaleImageSquare(175);
-
- $hash = photo_new_resource();
-
- $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 4 );
-
- if($r === false)
- $photo_failure = true;
-
- $img->scaleImage(80);
-
- $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 5 );
-
- if($r === false)
- $photo_failure = true;
-
- $img->scaleImage(48);
-
- $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 6 );
-
- if($r === false)
- $photo_failure = true;
-
- if(! $photo_failure) {
- q("UPDATE `photo` SET `profile` = 1 WHERE `resource-id` = '%s' ",
- dbesc($hash)
- );
- }
- }
- }