X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=mod%2Fregister.php;h=fbd21a567f7e513f805810cdf9e4e56e6e7edb56;hb=fcf6651299418f834076649f1fad4833476aad76;hp=7aaf747925216a14777f81a3fc3ec7c20ab28aef;hpb=4e7a5dc56ebb8d99ed06b0b303c4ee24460ae6a8;p=friendica.git

diff --git a/mod/register.php b/mod/register.php
index 7aaf747925..fbd21a567f 100644
--- a/mod/register.php
+++ b/mod/register.php
@@ -32,7 +32,11 @@ function register_post(&$a) {
 		break;
 	}
 
+	$using_invites = get_config('system','invitation_only');
+	$num_invites = get_config('system','number_invites');
 
+
+	$invite_id  = ((x($_POST,'invite_id'))  ? notags(trim($_POST['invite_id']))  : '');
 	$username   = ((x($_POST,'username'))   ? notags(trim($_POST['username']))   : '');
 	$nickname   = ((x($_POST,'nickname'))   ? notags(trim($_POST['nickname']))   : '');
 	$email      = ((x($_POST,'email'))      ? notags(trim($_POST['email']))      : '');
@@ -43,6 +47,19 @@ function register_post(&$a) {
 	$netpublish = ((strlen(get_config('system','directory_submit_url'))) ? $publish : 0);
 		
 	$tmp_str = $openid_url;
+
+	if($using_invites) {
+		if(! $invite_id) {
+			notice( t('An invitation is required.') . EOL);
+			return;
+		}
+		$r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_id));
+		if(! results($r)) {
+			notice( t('Invitation could not be verified.') . EOL);
+			return;
+		}
+	} 
+
 	if((! x($username)) || (! x($email)) || (! x($nickname))) {
 		if($openid_url) {
 			if(! validate_url($tmp_str)) {
@@ -103,10 +120,15 @@ function register_post(&$a) {
 		$err .= t('Not a valid email address.') . EOL;
 
 	// Disallow somebody creating an account using openid that uses the admin email address,
-	// since openid bypasses email verification.
+	// since openid bypasses email verification. We'll allow it if there is not yet an admin account.
 
-	if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url))
-		$err .= t('Cannot use that email.') . EOL;
+	if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) {
+		$r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1",
+			dbesc($email)
+		);
+		if(count($r))
+			$err .= t('Cannot use that email.') . EOL;
+	}
 
 	$nickname = $_POST['nickname'] = strtolower($nickname);
 
@@ -176,9 +198,10 @@ function register_post(&$a) {
 	$spkey = openssl_pkey_get_details($sres);
 	$spubkey = $spkey["key"];
 
-	$r = q("INSERT INTO `user` ( `username`, `password`, `email`, `openid`, `nickname`,
+	$r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,
 		`pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked` )
-		VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )",
+		VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )",
+		dbesc(generate_user_guid()),
 		dbesc($username),
 		dbesc($new_password_encoded),
 		dbesc($email),
@@ -323,7 +346,15 @@ function register_post(&$a) {
 	}
 
 
+	call_hooks('register_account', $newuid);
+
 	if( $a->config['register_policy'] == REGISTER_OPEN ) {
+
+		if($using_invites && $invite_id) {
+			q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
+			set_pconfig($newuid,'system','invites_remaining',$num_invites);
+		}
+
 		$email_tpl = get_intltext_template("register_open_eml.tpl");
 		$email_tpl = replace_macros($email_tpl, array(
 				'$sitename' => $a->config['sitename'],
@@ -342,7 +373,7 @@ function register_post(&$a) {
 
 		if($res) {
 			info( t('Registration successful. Please check your email for further instructions.') . EOL ) ;
-			goaway($a->get_baseurl());
+			goaway(z_root());
 		}
 		else {
 			notice( t('Failed to send email message. Here is the message that failed.') . $email_tpl . EOL );
@@ -351,7 +382,7 @@ function register_post(&$a) {
 	elseif($a->config['register_policy'] == REGISTER_APPROVE) {
 		if(! strlen($a->config['admin_email'])) {
 			notice( t('Your registration can not be processed.') . EOL);
-			goaway($a->get_baseurl());
+			goaway(z_root());
 		}
 
 		$hash = random_string();
@@ -371,6 +402,10 @@ function register_post(&$a) {
 		else
 			push_lang('en');
 
+		if($using_invites && $invite_id) {
+			q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
+			set_pconfig($newuid,'system','invites_remaining',$num_invites);
+		}
 
 		$email_tpl = get_intltext_template("register_verify_eml.tpl");
 		$email_tpl = replace_macros($email_tpl, array(
@@ -393,7 +428,7 @@ function register_post(&$a) {
 
 		if($res) {
 			info( t('Your registration is pending approval by the site owner.') . EOL ) ;
-			goaway($a->get_baseurl());
+			goaway(z_root());
 		}
 
 	}
@@ -429,6 +464,7 @@ function register_content(&$a) {
 	$openid_url   = ((x($_POST,'openid_url'))   ? $_POST['openid_url']   : ((x($_GET,'openid_url'))   ? $_GET['openid_url']            : ''));
 	$nickname     = ((x($_POST,'nickname'))     ? $_POST['nickname']     : ((x($_GET,'nickname'))     ? $_GET['nickname']              : ''));
 	$photo        = ((x($_POST,'photo'))        ? $_POST['photo']        : ((x($_GET,'photo'))        ? hex2bin($_GET['photo'])        : ''));
+	$invite_id    = ((x($_POST,'invite_id'))    ? $_POST['invite_id']    : ((x($_GET,'invite_id'))    ? $_GET['invite_id']             : ''));
 
 	$noid = get_config('system','no_openid');
 
@@ -471,6 +507,10 @@ function register_content(&$a) {
 	$o = get_markup_template("register.tpl");
 	$o = replace_macros($o, array(
 		'$oidhtml' => $oidhtml,
+		'$invitations' => get_config('system','invitation_only'),
+		'$invite_desc' => t('Membership on this site is by invitation only.'),
+		'$invite_label' => t('Your invitation ID: '),
+		'$invite_id' => $invite_id,
 		'$realpeople' => $realpeople,
 		'$regtitle'  => t('Registration'),
 		'$registertext' =>((x($a->config,'register_text'))