<?php
/************************************************************************
- * MXChange v0.2.1 Start: 07/10/2004 *
- * =============== Last change: 07/10/2004 *
+ * Mailer v0.2.1-FINAL Start: 07/10/2004 *
+ * =================== Last change: 07/10/2004 *
* *
* -------------------------------------------------------------------- *
* File : register_functions.php *
* Needs to be in all Files and every File needs "svn propset *
* svn:keywords Date Revision" (autoprobset!) at least!!!!!! *
* -------------------------------------------------------------------- *
- * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * Copyright (c) 2003 - 2009 by Roland Haeder *
+ * Copyright (c) 2009, 2010 by Mailer Developer Team *
* For more information visit: http://www.mxchange.org *
* *
* This program is free software; you can redistribute it and/or modify *
// Some security stuff...
if (!defined('__SECURITY')) {
- $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
- require($INC);
+ die();
}
//
-function REGISTER_FILL_MUST_CONSTANTS () {
- $result = SQL_QUERY("SELECT field_name, field_required FROM `{!_MYSQL_PREFIX!}_must_register` ORDER BY `id`",
- __FUNCTION__, __LINE__);
-
- while ($content = SQL_FETCHARRAY($result)) {
- $value = '';
- if ($content['field_required'] == 'Y') $value = "<div class=\\\"guest_failed\\\"> (*)</div>";
- // @TODO Rewrite these constants
- $eval = "define('MUST_".strtoupper($content['field_name'])."', \"".$value."\");";
- eval($eval);
- } // END - while
-
- // Free memory
- SQL_FREERESULT($result);
-
- // Also fill other constants
- define('MUST_GENDER', "<div class=\"guest_failed\"> (*)</div>");
- define('MUST_ADDY' , "<div class=\"guest_failed\"> (*)</div>");
- define('MUST_BIRTH' , "<div class=\"guest_failed\"> (*)</div>");
- define('MUST_MARKER', "<div class=\"guest_failed\"> (*)</div>");
-}
-
-//
-function REGISTER_CHECK_REQUIRED_FIELDS (&$array) {
- $ret = false;
+function ifRequiredRegisterFieldsAreSet (&$array) {
+ // By default all is fine
+ $ret = true;
foreach ($array as $key => $value) {
- $result = SQL_QUERY("SELECT field_required FROM `{!_MYSQL_PREFIX!}_must_register` WHERE field_name='".$key."' LIMIT 1",
- __FUNCTION__, __LINE__);
- if (SQL_NUMROWS($result) == 1) {
- // "Must-line" found
- list($chk) = SQL_FETCHROW($result);
+ // Check all fields that must register
+ $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_must_register` WHERE `field_name`='%s' AND `field_required`='Y' LIMIT 1",
+ array($key), __FUNCTION__, __LINE__);
+ // Entry found?
+ if (SQL_NUMROWS($result) == 1) {
// Check if extension country is not found (you have to enter the 2-chars long country code) or
// if extensions is present check if country code was selected
// 01 2 21 12 3 32 234 5 54 4 43 34 4 4 5 5432 2 3 3210
- $country = ((!EXT_IS_ACTIVE('country')) || ((EXT_IS_ACTIVE('country')) && (((empty($value)) && ($key == "cntry")) || (($key == "country_code") && (!empty($value)))) && (!empty($array['country_code']))));
- if ((empty($value)) && ($chk == 'Y') && (!$country))
- {
+ $country = ((!isExtensionActive('country')) || ((isExtensionActive('country')) && (((empty($value)) && ($key == 'cntry')) || (($key == 'country_code') && (!empty($value)))) && (!empty($array['country_code']))));
+ if ((empty($value)) && ($country === false)) {
// Required field not set
- $array[$key] = "!";
- $ret = true;
- }
- }
+ $array[$key] = '!';
+ $ret = false;
+ } // END - if
+ } // END - if
// Free result
SQL_FREERESULT($result);
- }
- return $ret;
-}
-
-//
-function REGISTER_OUTPUT_REQUIRE_CHECK (&$array) {
- $result = SQL_QUERY("SELECT field_name, field_required FROM `{!_MYSQL_PREFIX!}_must_register` ORDER BY `id`", __FUNCTION__, __LINE__);
- while ($content = SQL_FETCHARRAY($result)) {
- if (($array[$content['field_name']] == "!") && ($content['field_required'] == 'Y')) {
- // Empty entry found
- $array[$content['field_name']] = '';
- $OUT = constant('REGISTER_'.strtoupper($content['field_name']).'_REQUIRED');
- OUTPUT_HTML("<div class=\"register_failed\">".$OUT."</div>");
- } // END - if
- } // END - while
+ } // END - foreach
- // Free memory
- SQL_FREERESULT($result);
+ // Return result
+ return $ret;
}
-//
-function REGISTER_ADD_CATEGORY_TABLE ($MODE, $return=false) {
+// Generates a 'category table' for the registration form
+function registerGenerateCategoryTable ($mode, $return=false) {
$OUT = '';
// Guests are mostly not interested in how many members has
$AND = "WHERE `visible`='Y' ";
// Admins are allowed to see every category...
- if (IS_ADMIN()) $AND = '';
+ if (isAdmin()) $AND = '';
// Look for categories
- $result = SQL_QUERY("SELECT id, cat, visible FROM `{!_MYSQL_PREFIX!}_cats` ".$AND." ORDER BY `sort`",
+ $result = SQL_QUERY("SELECT `id`, `cat`, `visible` FROM `{?_MYSQL_PREFIX?}_cats` ".$AND." ORDER BY `sort` ASC",
__FUNCTION__, __LINE__);
if (SQL_NUMROWS($result) > 0) {
// List alle visible modules (or all to the admin)
- $SW = 2;
- $OUT .= "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\">\n";
+ $OUT .= '<table border="0" cellspacing="0" cellpadding="0" width="100%">';
while ($content = SQL_FETCHARRAY($result)) {
- // Is the array element not set?
- if (!REQUEST_ISSET_POST('cat', $content['id'])) {
- // Then set it
- REQUEST_SET_POST(array('cat', $content['id']), '');
- } // END - if
-
// Prepare array for the template
$content = array(
- 'sw' => $SW,
'cat' => $content['cat'],
- 'def_y' => "",
- 'def_n' => "",
+ 'def_y' => '',
+ 'def_n' => '',
'id' => $content['id'],
);
- if ((REQUEST_POST('cat', $content['id']) == 'Y') || ((getConfig('register_default') == 'Y') && (!REQUEST_ISSET_POST('cat', $content['id'])))) {
- $content['def_y'] = ' chkecked="checked"';
+ // Mark categories
+ if ((postRequestParameter('cat', $content['id']) == 'Y') || ((getConfig('register_default') == 'Y') && (!isPostRequestParameterSet('cat', $content['id'])))) {
+ $content['def_y'] = ' checked="checked"';
} else {
- $content['def_n'] = ' chkecked="checked"';
+ $content['def_n'] = ' checked="checked"';
}
// Load template and switch color
- $OUT .= LOAD_TEMPLATE("guest_cat_row", true, $content);
- $SW = 3 - $SW;
- }
- $OUT .= "</table>\n";
+ $OUT .= loadTemplate('guest_cat_row', true, $content);
+ } // END - while
+ $OUT .= '</table>';
// Free memory
SQL_FREERESULT($result);
} else {
// No categories setted up so far...
- $OUT .= LOAD_TEMPLATE('admin_settings_saved', true, getMessage('NO_CATEGORIES_VISIBLE'));
+ $OUT .= loadTemplate('admin_settings_saved', true, '{--NO_CATEGORIES_VISIBLE--}');
}
if ($return === true) {
return $OUT;
} else {
// Output directly (default)
- OUTPUT_HTML($OUT);
+ outputHtml($OUT);
}
}
-//
+
+// Outputs a 'failed message'
+function registerOutputFailedMessage ($messageId, $extra='') {
+ if (empty($messageId)) {
+ outputHtml('<div class="register_failed">' . $extra . '</div>');
+ } else {
+ outputHtml('<div class="register_failed">{--' . $messageId . '--}' . $extra . '</div>');
+ }
+}
+
+// Run a filter for must-fillout fields
+function FILTER_REGISTER_MUST_FILLOUT ($content) {
+ // Get all fields for output
+ $result = SQL_QUERY("SELECT `field_name`, `field_required` FROM `{?_MYSQL_PREFIX?}_must_register` ORDER BY `id` ASC",
+ __FUNCTION__, __LINE__);
+
+ // Walk through all entries
+ while ($row = SQL_FETCHARRAY($result)) {
+ // Must the user fill out this element?
+ $value = '';
+ if ($row['field_required'] == 'Y') $value = '<span class="guest_failed">(*)</span>';
+
+ // Add it
+ $content['must_fillout_'.strtolower($row['field_name']).''] = $value;
+ } // END - while
+
+ // Free memory
+ SQL_FREERESULT($result);
+
+ // Return it
+ return $content;
+}
+
+// Checks wether the registration data is complete
+function isRegistrationDataComplete () {
+ // Init elements
+ $GLOBALS['registration_ip_timeout'] = false;
+ $GLOBALS['registration_short_password'] = false;
+ $GLOBALS['register_selected_cats'] = '0';
+
+ // Default is okay
+ $isOkay = true;
+
+ // First we only check the submitted data then we continue... :)
+ //
+ // Did he agree to our Terms Of Usage?
+ if (postRequestParameter('agree') != 'Y') {
+ setPostRequestParameter('agree', '!');
+ $isOkay = false;
+ } // END - if
+
+ // Did he enter a valid email address? (we really don't care about
+ // that, he has to click on a confirmation link :P )
+ if ((!isPostRequestParameterSet('email')) || (!isEmailValid(postRequestParameter('email')))) {
+ setPostRequestParameter('email', '!');
+ $isOkay = false;
+ } // END - if
+
+ // And what about surname and family's name?
+ if (!isPostRequestParameterSet('surname')) {
+ setPostRequestParameter('surname', '!');
+ $isOkay = false;
+ } // END - if
+ if (!isPostRequestParameterSet('family')) {
+ setPostRequestParameter('family', '!');
+ $isOkay = false;
+ } // END - if
+
+ // Get temporary array for modification
+ $postArray = postRequestArray();
+
+ // Check for required fields
+ $isOkay = ($isOkay && ifRequiredRegisterFieldsAreSet($postArray));
+
+ // Set it back in request
+ setPostRequestArray($postArray);
+
+ // Did he enter his password twice?
+ if (((!isPostRequestParameterSet('pass1')) || (!isPostRequestParameterSet('pass2'))) || ((postRequestParameter('pass1') != postRequestParameter('pass2')) && (isPostRequestParameterSet('pass1')) && (isPostRequestParameterSet('pass2')))) {
+ if ((postRequestParameter('pass1') != postRequestParameter('pass2')) && (isPostRequestParameterSet('pass1')) && (isPostRequestParameterSet('pass2'))) {
+ setPostRequestParameter('pass1', '!');
+ setPostRequestParameter('pass2', '!');
+ } else {
+ if (!isPostRequestParameterSet('pass1')) { setPostRequestParameter('pass1', '!'); } else { setPostRequestParameter('pass1', ''); }
+ if (!isPostRequestParameterSet('pass2')) { setPostRequestParameter('pass2', '!'); } else { setPostRequestParameter('pass2', ''); }
+ }
+ $isOkay = false;
+ } // END - if
+
+ // Is the password long enouth?
+ if ((strlen(postRequestParameter('pass1')) < getConfig('pass_len')) && ($isOkay === true)) {
+ $GLOBALS['registration_short_password'] = true;
+ $isOkay = false;
+ } // END - if
+
+ // Do this check only when no admin is logged in
+ if (is_array(postRequestParameter('cat'))) {
+ // Only continue with array
+ foreach (postRequestParameter('cat') as $id => $answer) {
+ // Is this category choosen?
+ if ($answer == 'Y') {
+ $GLOBALS['register_selected_cats']++;
+ } // END - if
+ } // END - foreach
+ } // END - if
+
+ // Enougth categories selected?
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay='.intval($isOkay).',selected='.$GLOBALS['register_selected_cats'].'/'.getConfig('least_cats'));
+ $isOkay = (($isOkay) && ($GLOBALS['register_selected_cats'] >= getConfig('least_cats')));
+
+ if ((postRequestParameter('email') != '!') && (getConfig('check_double_email') == 'Y')) {
+ // Does the email address already exists in our database?
+ if ((!isAdmin()) && (isEmailTaken(postRequestParameter('email')))) {
+ setPostRequestParameter('email', '?');
+ $isOkay = false;
+ } // END - if
+ } // END - if
+
+ // Check for IP timeout?
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay='.intval($isOkay));
+ if ((!isAdmin()) && (getConfig('ip_timeout') > 0)) {
+ // Check his IP number
+ $GLOBALS['registration_ip_timeout'] = (countSumTotalData(detectRemoteAddr() , 'user_data', 'userid', 'REMOTE_ADDR', true, " AND ((UNIX_TIMESTAMP() - `joined`) < {?ip_timeout?} OR (UNIX_TIMESTAMP() - `last_update`) < {?ip_timeout?}) LIMIT 1") == 1);
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay='.intval($isOkay).',timeout='.intval($GLOBALS['registration_ip_timeout']));
+ $isOkay = (($isOkay) && (!$GLOBALS['registration_ip_timeout']));
+ } // END - if
+
+ // Return result
+ //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay='.intval($isOkay));
+ return $isOkay;
+}
+
+// Do the registration
+function doRegistration () {
+ // Prepapre month and day of birth
+ if (strlen(postRequestParameter('day')) == 1) setPostRequestParameter('day' , '0' . postRequestParameter('day'));
+ if (strlen(postRequestParameter('month')) == 1) setPostRequestParameter('month', '0' . postRequestParameter('month'));
+
+ // Get total ...
+ // ... confirmed, ...
+ $confirmedUsers = countSumTotalData('CONFIRMED' , 'user_data', 'userid', 'status', true);
+ // ... unconfirmed ...
+ $unconfirmedUsers = countSumTotalData('UNCONFIRMED', 'user_data', 'userid', 'status', true);
+ // ... and locked users!
+ $lockedUsers = countSumTotalData('LOCKED' , 'user_data', 'userid', 'status', true);
+
+ // Generate hash which will be inserted into confirmation mail
+ $hash = generateHash(sha1(
+ $confirmedUsers . getConfig('ENCRYPT_SEPERATOR') .
+ $unconfirmedUsers . getConfig('ENCRYPT_SEPERATOR') .
+ $lockedUsers . getConfig('ENCRYPT_SEPERATOR') .
+ postRequestParameter('month') . '-' .
+ postRequestParameter('day') . '-' .
+ postRequestParameter('year') . getConfig('ENCRYPT_SEPERATOR') .
+ detectServerName() . getConfig('ENCRYPT_SEPERATOR') .
+ detectRemoteAddr() . getConfig('ENCRYPT_SEPERATOR') .
+ detectUserAgent() . '/' .
+ getConfig('SITE_KEY') . '/' .
+ getConfig('DATE_KEY') . '/' .
+ getConfig('CACHE_BUSTER')
+ ));
+
+ // Old way with enterable two-char-code
+ $countryRow = '`country`';
+ $countryData = substr(postRequestParameter('cntry'), 0, 2);
+
+ // Add design when extension sql_patches is v0.2.7 or greater
+ // @TODO Rewrite these all to a single filter
+ $GLOBALS['register_sql_columns'] = '';
+ $GLOBALS['register_sql_data'] = '';
+ if (isExtensionInstalledAndNewer('theme', '0.0.8')) {
+ // Okay, add design here
+ $GLOBALS['register_sql_columns'] = ', `curr_theme`';
+ $GLOBALS['register_sql_data'] = ", '" . getCurrentTheme() . "'";
+ } // END - if
+
+ // Check if I shall disable sending mail to newly registered members out about active/begging rallye
+ //
+ // First comes first: begging rallye
+ if (isExtensionInstalledAndNewer('beg', '0.2.8')) {
+ // Okay, shall I disable now?
+ if (getConfig('beg_new_member_notify') != 'Y') {
+ $GLOBALS['register_sql_columns'] .= ', `beg_rallye_notify`, `beg_rallye_enable_notify`';
+ $GLOBALS['register_sql_data'] .= ', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()';
+ } // END - if
+ } // END - if
+
+ // Second: active rallye
+ if (isExtensionInstalledAndNewer('bonus', '0.9.2')) {
+ // Okay, shall I disable now?
+ if (getConfig('bonus_new_member_notify') != 'Y') {
+ $GLOBALS['register_sql_columns'] .= ', `bonus_rallye_notify`, `bonus_rallye_enable_notify`';
+ $GLOBALS['register_sql_data'] .= ', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()';
+ } // END - if
+ } // END - if
+
+ // Write user data to table
+ if (isExtensionActive('country')) {
+ // Save with new selectable country code
+ $countryRow = '`country_code`';
+ $countryData = bigintval(postRequestParameter('country_code'));
+ } // END - if
+
+ //////////////////////////////
+ // Create user's account... //
+ //////////////////////////////
+ //
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_data` (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$GLOBALS['register_sql_columns'].")
+VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$GLOBALS['register_sql_data'].")",
+ array(
+ $countryRow,
+ substr(postRequestParameter('gender'), 0, 1),
+ postRequestParameter('surname'),
+ postRequestParameter('family'),
+ postRequestParameter('street_nr'),
+ $countryData,
+ bigintval(postRequestParameter('zip')),
+ postRequestParameter('city'),
+ postRequestParameter('email'),
+ bigintval(postRequestParameter('day')),
+ bigintval(postRequestParameter('month')),
+ bigintval(postRequestParameter('year')),
+ generateHash(postRequestParameter('pass1')),
+ bigintval(postRequestParameter('max_mails')),
+ bigintval(postRequestParameter('max_mails')),
+ bigintval(postRequestParameter('refid')),
+ $hash,
+ detectRemoteAddr(),
+ ), __FUNCTION__, __LINE__);
+
+ // Get his userid
+ $userid = bigintval(SQL_INSERTID());
+
+ // Did this work?
+ if ($userid == '0') {
+ // Something bad happened!
+ loadTemplate('admin_settings_saved', false, '{--USER_NOT_REGISTERED--}');
+
+ // Stop here
+ return;
+ } // END - if
+
+ // Is the refback extension there?
+ // @TODO Rewrite this to a filter
+ if (isExtensionActive('refback')) {
+ // Update refback table
+ updateRefbackTable($userid);
+ } // END - if
+
+ // Write his welcome-points
+ // @TODO Rewrite this whole if() block to addPointsThroughReferalSystem(). This will also make following if() block obsolete
+ // @TODO Wether the registration bonus should only be added to user directly or through referal system should be configurable
+ $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_user_points` WHERE `userid`=%s AND `ref_depth`=0 LIMIT 1",
+ array($userid), __FUNCTION__, __LINE__);
+ if (SQL_HASZERONUMS($result)) {
+ // Add only when the line was not found (maybe some more secure?)
+ $locked = 'points';
+
+ // Pay him later. First he has to confirm some mails!
+ if (getConfig('ref_payout') > 0) $locked = 'locked_points';
+
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_points` (`userid`, `ref_depth`, `%s`) VALUES (%s,0,'{?points_register?}')",
+ array($locked, $userid), __FUNCTION__, __LINE__);
+
+ // Update mediadata as well
+ if ((isExtensionInstalledAndNewer('mediadata', '0.0.4')) && ($locked == 'points')) {
+ // Update database
+ updateMediadataEntry(array('total_points'), 'add', getConfig('points_register'));
+ } // END - if
+ } // END - if
+
+ // Write catgories
+ if ((is_array(postRequestParameter('cat'))) && (count(postRequestParameter('cat')))) {
+ foreach (postRequestParameter('cat') as $cat => $joined) {
+ if ($joined == 'Y') {
+ // Insert category entry
+ SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_cats` (`userid`, `cat_id`) VALUES (%s, %s)",
+ array($userid, bigintval($cat)), __FUNCTION__, __LINE__);
+ } // END - if
+ } // END - foreach
+ } // END - if
+
+ // ... rewrite a zero referal id to the main title
+ if (postRequestParameter('refid') == '0') setPostRequestParameter('refid', getConfig('MAIN_TITLE'));
+
+ // Is ZIP code set?
+ if (isPostRequestParameterSet('zip')) {
+ // Prepare data array for the email template
+ // Start with the gender...
+ $content = array(
+ 'hash' => $hash,
+ 'userid' => $userid,
+ 'gender' => SQL_ESCAPE(postRequestParameter('gender')),
+ 'surname' => SQL_ESCAPE(postRequestParameter('surname')),
+ 'family' => SQL_ESCAPE(postRequestParameter('family')),
+ 'email' => SQL_ESCAPE(postRequestParameter('email')),
+ 'street' => SQL_ESCAPE(postRequestParameter('street_nr')),
+ 'city' => SQL_ESCAPE(postRequestParameter('city')),
+ 'zip' => bigintval(postRequestParameter('zip')),
+ 'country' => $countryData,
+ 'refid' => SQL_ESCAPE(postRequestParameter('refid')),
+ 'pass' => SQL_ESCAPE(postRequestParameter('pass1')),
+ );
+ } else {
+ // No ZIP code entered
+ $content = array(
+ 'hash' => $hash,
+ 'userid' => $userid,
+ 'gender' => SQL_ESCAPE(postRequestParameter('gender')),
+ 'surname' => SQL_ESCAPE(postRequestParameter('surname')),
+ 'family' => SQL_ESCAPE(postRequestParameter('family')),
+ 'email' => SQL_ESCAPE(postRequestParameter('email')),
+ 'street' => SQL_ESCAPE(postRequestParameter('street_nr')),
+ 'city' => SQL_ESCAPE(postRequestParameter('city')),
+ 'zip' => '',
+ 'country' => $countryData,
+ 'refid' => SQL_ESCAPE(postRequestParameter('refid')),
+ 'pass' => SQL_ESCAPE(postRequestParameter('pass1')),
+ );
+ }
+
+ // Continue with birthday...
+ switch (getLanguage()) {
+ case 'de':
+ $content['birthday'] = bigintval(postRequestParameter('day')) . '.' . bigintval(postRequestParameter('month')) . '.' . bigintval(postRequestParameter('year'));
+ break;
+
+ default:
+ $content['birthday'] = bigintval(postRequestParameter('month')) . '/' . bigintval(postRequestParameter('day')) . '/' . bigintval(postRequestParameter('year'));
+ break;
+ } // END - switch
+
+ // Display information to the user that he got mail and send it away
+ $messageGuest = loadEmailTemplate('register-member', $content, $userid);
+
+ // Send mail to user (confirmation link!)
+ $email = $content['email'];
+ sendEmail($content['email'], '{--GUEST_CONFIRM_LINK_SUBJECT--}', $messageGuest);
+ $content['email'] = $email;
+
+ // Send mail to admin
+ sendAdminNotification('{--ADMIN_NEW_ACCOUNT_SUBJECT--}', 'register-admin', $content, $userid);
+}
+
+// [EOF]
?>