X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fregister.php;h=aacc4fa7b4e3e532f441d29cfa53d71fce7f45bc;hb=4a4ab2bdbfc9dad60cc94dc903462195c3a0e669;hp=753c79ecb6dbde364f2b48091b3ad4dfcfc32674;hpb=b6cfd2dffeeb733f07818db5f4ce11d4b3d51771;p=quix0rs-gnu-social.git diff --git a/actions/register.php b/actions/register.php index 753c79ecb6..aacc4fa7b4 100644 --- a/actions/register.php +++ b/actions/register.php @@ -1,32 +1,32 @@ . */ -if (!defined('LACONICA')) { exit(1) } +if (!defined('LACONICA')) { exit(1); } class RegisterAction extends Action { - + function handle($args) { parent::handle($args); - + if (common_logged_in()) { - common_user_error(_t('Already logged in.')); - } else if ($this->arg('METHOD') == 'POST') { + common_user_error(_('Already logged in.')); + } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->try_register(); } else { $this->show_form(); @@ -34,101 +34,168 @@ class RegisterAction extends Action { } function try_register() { - $nickname = $this->arg('nickname'); + $nickname = $this->trimmed('nickname'); + $email = $this->trimmed('email'); + + # We don't trim these... whitespace is OK in a password! + $password = $this->arg('password'); $confirm = $this->arg('confirm'); - $email = $this->arg('email'); - + # Input scrubbing - + $nickname = common_canonical_nickname($nickname); $email = common_canonical_email($email); - - if ($this->nickname_exists($nickname)) { - $this->show_form(_t('Username already exists.')); + + if (!$this->boolean('license')) { + $this->show_form(_('You can\'t register if you don\'t agree to the license.')); + } else if ($email && !Validate::email($email, true)) { + $this->show_form(_('Not a valid email address.')); + } else if (!Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { + $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.')); + } else if ($this->nickname_exists($nickname)) { + $this->show_form(_('Nickname already exists.')); + } else if (!User::allowed_nickname($nickname)) { + $this->show_form(_('Not a valid nickname.')); } else if ($this->email_exists($email)) { - $this->show_form(_t('Email address already exists.')); + $this->show_form(_('Email address already exists.')); } else if ($password != $confirm) { - $this->show_form(_t('Passwords don\'t match.')); + $this->show_form(_('Passwords don\'t match.')); } else if ($this->register_user($nickname, $password, $email)) { - common_set_user($nickname); - common_redirect(common_local_url('settings')); + $user = $this->register_user($nickname, $password, $email); + if (!$user) { + $this->show_form(_('Invalid username or password.')); + return; + } + # success! + if (!common_set_user($user)) { + common_server_error(_('Error setting user.')); + return; + } + # this is a real login + common_real_login(true); + if ($this->boolean('rememberme')) { + common_debug('Adding rememberme cookie for ' . $nickname); + common_rememberme($user); + } + common_redirect(common_local_url('profilesettings')); } else { - $this->show_form(_t('Invalid username or password.')); + $this->show_form(_('Invalid username or password.')); } } # checks if *CANONICAL* nickname exists - + function nickname_exists($nickname) { $user = User::staticGet('nickname', $nickname); return ($user !== false); } # checks if *CANONICAL* email exists - + function email_exists($email) { - $email = common_canonicalize_email($email); + $email = common_canonical_email($email); $user = User::staticGet('email', $email); return ($user !== false); } function register_user($nickname, $password, $email) { - # TODO: wrap this in a transaction! + $profile = new Profile(); + + $profile->query('BEGIN'); + $profile->nickname = $nickname; - $profile->created = time(); + $profile->profileurl = common_profile_url($nickname); + $profile->created = DB_DataObject_Cast::dateTime(); # current time + $id = $profile->insert(); + if (!$id) { - return FALSE; + common_log_db_error($profile, 'INSERT', __FILE__); + return FALSE; } $user = new User(); $user->id = $id; $user->nickname = $nickname; $user->password = common_munge_password($password, $id); - $user->email = $email; - $user->created = time(); + $user->created = DB_DataObject_Cast::dateTime(); # current time + $user->uri = common_user_uri($user); + $result = $user->insert(); + if (!$result) { - # Try to clean up... - $profile->delete(); + common_log_db_error($user, 'INSERT', __FILE__); + return FALSE; + } + + if ($email) { + + $confirm = new Confirm_address(); + $confirm->code = common_confirmation_code(128); + $confirm->user_id = $user->id; + $confirm->address = $email; + $confirm->address_type = 'email'; + + $result = $confirm->insert(); + if (!$result) { + common_log_db_error($confirm, 'INSERT', __FILE__); + return FALSE; + } + } + + $profile->query('COMMIT'); + + if ($email) { + mail_confirm_address($confirm->code, + $profile->nickname, + $email); + } + + return $user; + } + + function show_top($error=NULL) { + if ($error) { + common_element('p', 'error', $error); + } else { + common_element('div', 'instructions', + _('You can create a new account to start posting notices.')); } - return $result; } - + function show_form($error=NULL) { - - common_show_header(_t('Login')); - common_start_element('form', array('method' => 'POST', + global $config; + + common_show_header(_('Register'), NULL, $error, array($this, 'show_top')); + common_element_start('form', array('method' => 'post', 'id' => 'login', - 'action' => common_local_url('login'))); - common_element('label', array('for' => 'username'), - _t('Name')); - common_element('input', array('name' => 'username', - 'type' => 'text', - 'id' => 'username')); - common_element('label', array('for' => 'password'), - _t('Password')); - common_element('input', array('name' => 'password', - 'type' => 'password', - 'id' => 'password')); - common_element('label', array('for' => 'confirm'), - _t('Confirm')); - common_element('input', array('name' => 'confirm', - 'type' => 'password', - 'id' => 'confirm')); - common_element('label', array('for' => 'email'), - _t('Email')); - common_element('input', array('name' => 'email', - 'type' => 'text', - 'id' => 'email')); - common_element('input', array('name' => 'submit', - 'type' => 'submit', - 'id' => 'submit'), - _t('Login')); - common_element('input', array('name' => 'cancel', - 'type' => 'button', - 'id' => 'cancel'), - _t('Cancel')); + 'action' => common_local_url('register'))); + common_input('nickname', _('Nickname'), NULL, + _('1-64 lowercase letters or numbers, no punctuation or spaces')); + common_password('password', _('Password'), + _('6 or more characters')); + common_password('confirm', _('Confirm'), + _('Same as password above')); + common_input('email', _('Email'), NULL, + _('Used only for updates, announcements, and password recovery')); + common_checkbox('rememberme', _('Remember me'), false, + _('Automatically login in the future; ' . + 'not for shared computers!')); + common_element_start('p'); + common_element('input', array('type' => 'checkbox', + 'id' => 'license', + 'name' => 'license', + 'value' => 'true')); + common_text(_('My text and files are available under ')); + common_element('a', array(href => $config['license']['url']), + $config['license']['title']); + common_text(_(' except this private data: password, email address, IM address, phone number.')); + common_element_end('p'); + common_submit('submit', _('Register')); + common_element_end('form'); + common_show_footer(); } }