X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fregister.php;h=89f561642af36a329c8908372fafafaec72d163c;hb=1f074cb44c5deda5b480f5ff814ff3640ec843d0;hp=7aaf747925216a14777f81a3fc3ec7c20ab28aef;hpb=4e7a5dc56ebb8d99ed06b0b303c4ee24460ae6a8;p=friendica.git

diff --git a/mod/register.php b/mod/register.php
old mode 100644
new mode 100755
index 7aaf747925..89f561642a
--- a/mod/register.php
+++ b/mod/register.php
@@ -8,6 +8,15 @@ function register_post(&$a) {
 	$verified = 0;
 	$blocked  = 1;
 
+
+	$max_dailies = intval(get_config('system','max_daily_registrations'));
+	if($max_dailes) {
+		$r = q("select count(*) as total from user where register_date > UTC_TIMESTAMP - INTERVAL 1 day");
+		if($r && $r[0]['total'] >= $max_dailies) {
+			return;
+		}
+	}
+
 	switch($a->config['register_policy']) {
 
 	
@@ -32,7 +41,11 @@ function register_post(&$a) {
 		break;
 	}
 
+	$using_invites = get_config('system','invitation_only');
+	$num_invites = get_config('system','number_invites');
+
 
+	$invite_id  = ((x($_POST,'invite_id'))  ? notags(trim($_POST['invite_id']))  : '');
 	$username   = ((x($_POST,'username'))   ? notags(trim($_POST['username']))   : '');
 	$nickname   = ((x($_POST,'nickname'))   ? notags(trim($_POST['nickname']))   : '');
 	$email      = ((x($_POST,'email'))      ? notags(trim($_POST['email']))      : '');
@@ -43,6 +56,19 @@ function register_post(&$a) {
 	$netpublish = ((strlen(get_config('system','directory_submit_url'))) ? $publish : 0);
 		
 	$tmp_str = $openid_url;
+
+	if($using_invites) {
+		if(! $invite_id) {
+			notice( t('An invitation is required.') . EOL);
+			return;
+		}
+		$r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_id));
+		if(! results($r)) {
+			notice( t('Invitation could not be verified.') . EOL);
+			return;
+		}
+	} 
+
 	if((! x($username)) || (! x($email)) || (! x($nickname))) {
 		if($openid_url) {
 			if(! validate_url($tmp_str)) {
@@ -103,10 +129,15 @@ function register_post(&$a) {
 		$err .= t('Not a valid email address.') . EOL;
 
 	// Disallow somebody creating an account using openid that uses the admin email address,
-	// since openid bypasses email verification.
+	// since openid bypasses email verification. We'll allow it if there is not yet an admin account.
 
-	if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url))
-		$err .= t('Cannot use that email.') . EOL;
+	if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) {
+		$r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1",
+			dbesc($email)
+		);
+		if(count($r))
+			$err .= t('Cannot use that email.') . EOL;
+	}
 
 	$nickname = $_POST['nickname'] = strtolower($nickname);
 
@@ -176,9 +207,10 @@ function register_post(&$a) {
 	$spkey = openssl_pkey_get_details($sres);
 	$spubkey = $spkey["key"];
 
-	$r = q("INSERT INTO `user` ( `username`, `password`, `email`, `openid`, `nickname`,
+	$r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,
 		`pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked` )
-		VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )",
+		VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )",
+		dbesc(generate_user_guid()),
 		dbesc($username),
 		dbesc($new_password_encoded),
 		dbesc($email),
@@ -245,9 +277,9 @@ function register_post(&$a) {
 				intval($newuid));
 			return;
 		}
-		$r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`,
-			`request`, `notify`, `poll`, `confirm`, `name-date`, `uri-date`, `avatar-date` )
-			VALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
+		$r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`, `nurl`,
+			`request`, `notify`, `poll`, `confirm`, `poco`, `name-date`, `uri-date`, `avatar-date` )
+			VALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ",
 			intval($newuid),
 			datetime_convert(),
 			dbesc($username),
@@ -256,10 +288,12 @@ function register_post(&$a) {
 			dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"),
 			dbesc($a->get_baseurl() . "/photo/micro/{$newuid}.jpg"),
 			dbesc($a->get_baseurl() . "/profile/$nickname"),
+			dbesc(normalise_link($a->get_baseurl() . "/profile/$nickname")),
 			dbesc($a->get_baseurl() . "/dfrn_request/$nickname"),
 			dbesc($a->get_baseurl() . "/dfrn_notify/$nickname"),
 			dbesc($a->get_baseurl() . "/dfrn_poll/$nickname"),
 			dbesc($a->get_baseurl() . "/dfrn_confirm/$nickname"),
+			dbesc($a->get_baseurl() . "/poco/$nickname"),
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert())
@@ -323,7 +357,15 @@ function register_post(&$a) {
 	}
 
 
+	call_hooks('register_account', $newuid);
+
 	if( $a->config['register_policy'] == REGISTER_OPEN ) {
+
+		if($using_invites && $invite_id) {
+			q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
+			set_pconfig($newuid,'system','invites_remaining',$num_invites);
+		}
+
 		$email_tpl = get_intltext_template("register_open_eml.tpl");
 		$email_tpl = replace_macros($email_tpl, array(
 				'$sitename' => $a->config['sitename'],
@@ -342,7 +384,7 @@ function register_post(&$a) {
 
 		if($res) {
 			info( t('Registration successful. Please check your email for further instructions.') . EOL ) ;
-			goaway($a->get_baseurl());
+			goaway(z_root());
 		}
 		else {
 			notice( t('Failed to send email message. Here is the message that failed.') . $email_tpl . EOL );
@@ -351,7 +393,7 @@ function register_post(&$a) {
 	elseif($a->config['register_policy'] == REGISTER_APPROVE) {
 		if(! strlen($a->config['admin_email'])) {
 			notice( t('Your registration can not be processed.') . EOL);
-			goaway($a->get_baseurl());
+			goaway(z_root());
 		}
 
 		$hash = random_string();
@@ -371,6 +413,10 @@ function register_post(&$a) {
 		else
 			push_lang('en');
 
+		if($using_invites && $invite_id) {
+			q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
+			set_pconfig($newuid,'system','invites_remaining',$num_invites);
+		}
 
 		$email_tpl = get_intltext_template("register_verify_eml.tpl");
 		$email_tpl = replace_macros($email_tpl, array(
@@ -393,7 +439,7 @@ function register_post(&$a) {
 
 		if($res) {
 			info( t('Your registration is pending approval by the site owner.') . EOL ) ;
-			goaway($a->get_baseurl());
+			goaway(z_root());
 		}
 
 	}
@@ -415,11 +461,26 @@ function register_content(&$a) {
 
 	$block = get_config('system','block_extended_register');
 
-	if((($a->config['register_policy'] == REGISTER_CLOSED) && (! local_user())) || ($block)) {
+	if(local_user() && ($block)) {
+		notice("Permission denied." . EOL);
+		return;
+	}
+
+	if((! local_user()) && ($a->config['register_policy'] == REGISTER_CLOSED)) {
 		notice("Permission denied." . EOL);
 		return;
 	}
 
+	$max_dailies = intval(get_config('system','max_daily_registrations'));
+	if($max_dailes) {
+		$r = q("select count(*) as total from user where register_date > UTC_TIMESTAMP - INTERVAL 1 day");
+		if($r && $r[0]['total'] >= $max_dailies) {
+			logger('max daily registrations exceeded.');
+			notice( t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.') . EOL);
+			return;
+		}
+	}
+
 	if(x($_SESSION,'theme'))
 		unset($_SESSION['theme']);
 
@@ -429,6 +490,7 @@ function register_content(&$a) {
 	$openid_url   = ((x($_POST,'openid_url'))   ? $_POST['openid_url']   : ((x($_GET,'openid_url'))   ? $_GET['openid_url']            : ''));
 	$nickname     = ((x($_POST,'nickname'))     ? $_POST['nickname']     : ((x($_GET,'nickname'))     ? $_GET['nickname']              : ''));
 	$photo        = ((x($_POST,'photo'))        ? $_POST['photo']        : ((x($_GET,'photo'))        ? hex2bin($_GET['photo'])        : ''));
+	$invite_id    = ((x($_POST,'invite_id'))    ? $_POST['invite_id']    : ((x($_GET,'invite_id'))    ? $_GET['invite_id']             : ''));
 
 	$noid = get_config('system','no_openid');
 
@@ -465,12 +527,15 @@ function register_content(&$a) {
 	}
 
 
-	$license = t('Shared content is covered by the <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a> license.');
-
+	$license = '';
 
 	$o = get_markup_template("register.tpl");
 	$o = replace_macros($o, array(
 		'$oidhtml' => $oidhtml,
+		'$invitations' => get_config('system','invitation_only'),
+		'$invite_desc' => t('Membership on this site is by invitation only.'),
+		'$invite_label' => t('Your invitation ID: '),
+		'$invite_id' => $invite_id,
 		'$realpeople' => $realpeople,
 		'$regtitle'  => t('Registration'),
 		'$registertext' =>((x($a->config,'register_text'))