<?php
/************************************************************************
 * Mailer v0.2.1-FINAL                                Start: 07/10/2004 *
 * ===================                          Last change: 07/10/2004 *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * File              : register_functions.php                           *
 * -------------------------------------------------------------------- *
 * Short description : Special functions for register extension         *
 * -------------------------------------------------------------------- *
 * Kurzbeschreibung  : Spezielle Funktion fuer register-Erweiterung     *
 * -------------------------------------------------------------------- *
 * $Revision::                                                        $ *
 * $Date::                                                            $ *
 * $Tag:: 0.2.1-FINAL                                                 $ *
 * $Author::                                                          $ *
 * Needs to be in all Files and every File needs "svn propset           *
 * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
 * -------------------------------------------------------------------- *
 * Copyright (c) 2003 - 2009 by Roland Haeder                           *
 * Copyright (c) 2009, 2010 by Mailer Developer Team                    *
 * For more information visit: http://www.mxchange.org                  *
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 * This program is distributed in the hope that it will be useful,      *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
 * GNU General Public License for more details.                         *
 *                                                                      *
 * You should have received a copy of the GNU General Public License    *
 * along with this program; if not, write to the Free Software          *
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
 * MA  02110-1301  USA                                                  *
 ************************************************************************/

// Some security stuff...
if (!defined('__SECURITY')) {
	die();
}

//
function ifRequiredRegisterFieldsAreSet (&$array) {
	// By default all is fine
	$ret = true;
	foreach ($array as $key => $value) {
		// Check all fields that must register
		$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_must_register` WHERE `field_name`='%s' AND `field_required`='Y' LIMIT 1",
			array($key), __FUNCTION__, __LINE__);

		// Entry found?
		if (SQL_NUMROWS($result) == 1) {
			// Check if extension country is not found (you have to enter the 2-chars long country code) or
			// if extensions is present check if country code was selected
			//         01              2         21    12             3         32    234     5      54    4               43    34                      4    4      5      5432    2      3                      3210
			$country = ((!isExtensionActive('country')) || ((isExtensionActive('country')) && (((empty($value)) && ($key == 'cntry')) || (($key == 'country_code') && (!empty($value)))) && (!empty($array['country_code']))));
			if ((empty($value)) && ($country === false)) {
				// Required field not set
				$array[$key] = '!';
				$ret = false;
			} // END - if
		} // END - if

		// Free result
		SQL_FREERESULT($result);
	} // END - foreach

	// Return result
	return $ret;
}

// Generates a 'category table' for the registration form
function registerGenerateCategoryTable ($mode, $return=false) {
	$OUT = '';

	// Guests are mostly not interested in how many members has
	// choosen an individual category
	$AND = "WHERE `visible`='Y' ";

	// Admins are allowed to see every category...
	if (isAdmin()) $AND = '';

	// Look for categories
	$result = SQL_QUERY("SELECT `id`, `cat`, `visible` FROM `{?_MYSQL_PREFIX?}_cats` ".$AND." ORDER BY `sort` ASC",
		__FUNCTION__, __LINE__);

	if (SQL_NUMROWS($result) > 0) {
		// List alle visible modules (or all to the admin)
		$OUT .= '<table border="0" cellspacing="0" cellpadding="0" width="100%">';
		while ($content = SQL_FETCHARRAY($result)) {
			// Prepare array for the template
			$content = array(
				'cat'   => $content['cat'],
				'def_y' => '',
				'def_n' => '',
				'id'    => $content['id'],
			);

			// Mark categories
			if ((postRequestParameter('cat', $content['id']) == 'Y') || ((getConfig('register_default') == 'Y') && (!isPostRequestParameterSet('cat', $content['id'])))) {
				$content['def_y'] = ' checked="checked"';
			} else {
				$content['def_n'] = ' checked="checked"';
			}

			// Load template and switch color
			$OUT .= loadTemplate('guest_cat_row', true, $content);
		} // END - while
		$OUT .= '</table>';

		// Free memory
		SQL_FREERESULT($result);
	} else {
		// No categories setted up so far...
		$OUT .= loadTemplate('admin_settings_saved', true, '{--NO_CATEGORIES_VISIBLE--}');
	}

	if ($return === true) {
		// Return generated HTML code
		return $OUT;
	} else {
		// Output directly (default)
		outputHtml($OUT);
	}
}

// Outputs a 'failed message'
function registerOutputFailedMessage ($messageId, $extra='') {
	if (empty($messageId)) {
		outputHtml('<div class="register_failed">' . $extra . '</div>');
	} else {
		outputHtml('<div class="register_failed">{--' . $messageId . '--}' . $extra . '</div>');
	}
}

// Run a filter for must-fillout fields
function FILTER_REGISTER_MUST_FILLOUT ($content) {
	// Get all fields for output
	$result = SQL_QUERY("SELECT `field_name`, `field_required` FROM `{?_MYSQL_PREFIX?}_must_register` ORDER BY `id` ASC",
		__FUNCTION__, __LINE__);

	// Walk through all entries
	while ($row = SQL_FETCHARRAY($result)) {
		// Must the user fill out this element?
		$value = '';
		if ($row['field_required'] == 'Y') $value = '<span class="guest_failed">(*)</span>';

		// Add it
		$content['must_fillout_'.strtolower($row['field_name']).''] = $value;
	} // END - while

	// Free memory
	SQL_FREERESULT($result);

	// Return it
	return $content;
}

// Checks wether the registration data is complete
function isRegistrationDataComplete () {
	// Init elements
	$GLOBALS['registration_ip_timeout']     = false;
	$GLOBALS['registration_short_password'] = false;
	$GLOBALS['register_selected_cats']      = '0';

	// Default is okay
	$isOkay = true;

	// First we only check the submitted data then we continue... :)
	//
	// Did he agree to our Terms Of Usage?
	if (postRequestParameter('agree') != 'Y') {
		setPostRequestParameter('agree', '!');
		$isOkay = false;
	} // END - if

	// Did he enter a valid email address? (we really don't care about
	// that, he has to click on a confirmation link :P )
	if ((!isPostRequestParameterSet('email')) || (!isEmailValid(postRequestParameter('email')))) {
		setPostRequestParameter('email', '!');
		$isOkay = false;
	} // END - if

	// And what about surname and family's name?
	if (!isPostRequestParameterSet('surname')) {
		setPostRequestParameter('surname', '!');
		$isOkay = false;
	} // END - if
	if (!isPostRequestParameterSet('family')) {
		setPostRequestParameter('family', '!');
		$isOkay = false;
	} // END - if

	// Get temporary array for modification
	$postArray = postRequestArray();

	// Check for required fields
	$isOkay = ($isOkay && ifRequiredRegisterFieldsAreSet($postArray));

	// Set it back in request
	setPostRequestArray($postArray);

	// Did he enter his password twice?
	if (((!isPostRequestParameterSet('pass1')) || (!isPostRequestParameterSet('pass2'))) || ((postRequestParameter('pass1') != postRequestParameter('pass2')) && (isPostRequestParameterSet('pass1')) && (isPostRequestParameterSet('pass2')))) {
		if ((postRequestParameter('pass1') != postRequestParameter('pass2')) && (isPostRequestParameterSet('pass1')) && (isPostRequestParameterSet('pass2'))) {
			setPostRequestParameter('pass1', '!');
			setPostRequestParameter('pass2', '!');
		} else {
			if (!isPostRequestParameterSet('pass1')) { setPostRequestParameter('pass1', '!'); } else { setPostRequestParameter('pass1', ''); }
			if (!isPostRequestParameterSet('pass2')) { setPostRequestParameter('pass2', '!'); } else { setPostRequestParameter('pass2', ''); }
		}
		$isOkay = false;
	} // END - if

	// Is the password long enouth?
	if ((strlen(postRequestParameter('pass1')) < getConfig('pass_len')) && ($isOkay === true)) {
		$GLOBALS['registration_short_password'] = true;
		$isOkay = false;
	} // END - if

	// Do this check only when no admin is logged in
	if (is_array(postRequestParameter('cat'))) {
		// Only continue with array
		foreach (postRequestParameter('cat') as $id => $answer) {
			// Is this category choosen?
			if ($answer == 'Y') {
				$GLOBALS['register_selected_cats']++;
			} // END - if
		} // END - foreach
	} // END - if

	// Enougth categories selected?
	//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay='.intval($isOkay).',selected='.$GLOBALS['register_selected_cats'].'/'.getConfig('least_cats'));
	$isOkay = (($isOkay) && ($GLOBALS['register_selected_cats'] >= getConfig('least_cats')));

	if ((postRequestParameter('email') != '!') && (getConfig('check_double_email') == 'Y')) {
		// Does the email address already exists in our database?
		if ((!isAdmin()) && (isEmailTaken(postRequestParameter('email')))) {
			setPostRequestParameter('email', '?');
			$isOkay = false;
		} // END - if
	} // END - if

	// Check for IP timeout?
	//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay='.intval($isOkay));
	if ((!isAdmin()) && (getConfig('ip_timeout') > 0)) {
		// Check his IP number
		$GLOBALS['registration_ip_timeout'] = (countSumTotalData(detectRemoteAddr()  , 'user_data', 'userid', 'REMOTE_ADDR', true, " AND ((UNIX_TIMESTAMP() - `joined`) < {?ip_timeout?} OR (UNIX_TIMESTAMP() - `last_update`) < {?ip_timeout?}) LIMIT 1") == 1);
		//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay='.intval($isOkay).',timeout='.intval($GLOBALS['registration_ip_timeout']));
		$isOkay = (($isOkay) && (!$GLOBALS['registration_ip_timeout']));
	} // END - if

	// Return result
	//* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay='.intval($isOkay));
	return $isOkay;
}

// Do the registration
function doRegistration () {
	// Prepapre month and day of birth
	if (strlen(postRequestParameter('day'))   == 1) setPostRequestParameter('day'  , '0' . postRequestParameter('day'));
	if (strlen(postRequestParameter('month')) == 1) setPostRequestParameter('month', '0' . postRequestParameter('month'));

	// Get total ...
	// ... confirmed, ...
	$confirmedUsers   = countSumTotalData('CONFIRMED'  , 'user_data', 'userid', 'status', true);
	// ... unconfirmed ...
	$unconfirmedUsers = countSumTotalData('UNCONFIRMED', 'user_data', 'userid', 'status', true);
	// ... and locked users!
	$lockedUsers      = countSumTotalData('LOCKED'     , 'user_data', 'userid', 'status', true);

	// Generate hash which will be inserted into confirmation mail
	$hash = generateHash(sha1(
		$confirmedUsers . getConfig('ENCRYPT_SEPERATOR') .
		$unconfirmedUsers . getConfig('ENCRYPT_SEPERATOR') .
		$lockedUsers . getConfig('ENCRYPT_SEPERATOR') .
		postRequestParameter('month') . '-' .
		postRequestParameter('day') . '-' .
		postRequestParameter('year') . getConfig('ENCRYPT_SEPERATOR') .
		detectServerName() . getConfig('ENCRYPT_SEPERATOR') .
		detectRemoteAddr() . getConfig('ENCRYPT_SEPERATOR') .
		detectUserAgent() . '/' .
		getConfig('SITE_KEY') . '/' .
		getConfig('DATE_KEY') . '/' .
		getConfig('CACHE_BUSTER')
	));

	// Old way with enterable two-char-code
	$countryRow = '`country`';
	$countryData = substr(postRequestParameter('cntry'), 0, 2);

	// Add design when extension sql_patches is v0.2.7 or greater
	// @TODO Rewrite these all to a single filter
	$GLOBALS['register_sql_columns'] = '';
	$GLOBALS['register_sql_data'] = '';
	if (isExtensionInstalledAndNewer('theme', '0.0.8')) {
		// Okay, add design here
		$GLOBALS['register_sql_columns'] = ', `curr_theme`';
		$GLOBALS['register_sql_data'] = ", '" . getCurrentTheme() . "'";
	} // END - if

	// Check if I shall disable sending mail to newly registered members out about active/begging rallye
	//
	// First comes first: begging rallye
	if (isExtensionInstalledAndNewer('beg', '0.2.8')) {
		// Okay, shall I disable now?
		if (getConfig('beg_new_member_notify') != 'Y') {
			$GLOBALS['register_sql_columns'] .= ', `beg_rallye_notify`, `beg_rallye_enable_notify`';
			$GLOBALS['register_sql_data']    .= ', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()';
		} // END - if
	} // END - if

	// Second: active rallye
	if (isExtensionInstalledAndNewer('bonus', '0.9.2')) {
		// Okay, shall I disable now?
		if (getConfig('bonus_new_member_notify') != 'Y') {
			$GLOBALS['register_sql_columns'] .= ', `bonus_rallye_notify`, `bonus_rallye_enable_notify`';
			$GLOBALS['register_sql_data']    .= ', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()';
		} // END - if
	} // END - if

	// Write user data to table
	if (isExtensionActive('country')) {
		// Save with new selectable country code
		$countryRow = '`country_code`';
		$countryData = bigintval(postRequestParameter('country_code'));
	} // END - if

	//////////////////////////////
	// Create user's account... //
	//////////////////////////////
	//
	SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_data` (gender, surname, family, street_nr,%s, zip, city, email, birth_day, birth_month, birth_year, password, max_mails, receive_mails, refid, status, user_hash, REMOTE_ADDR, joined, last_update".$GLOBALS['register_sql_columns'].")
VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$GLOBALS['register_sql_data'].")",
	array(
		$countryRow,
		substr(postRequestParameter('gender'), 0, 1),
		postRequestParameter('surname'),
		postRequestParameter('family'),
		postRequestParameter('street_nr'),
		$countryData,
		bigintval(postRequestParameter('zip')),
		postRequestParameter('city'),
		postRequestParameter('email'),
		bigintval(postRequestParameter('day')),
		bigintval(postRequestParameter('month')),
		bigintval(postRequestParameter('year')),
		generateHash(postRequestParameter('pass1')),
		bigintval(postRequestParameter('max_mails')),
		bigintval(postRequestParameter('max_mails')),
		bigintval(postRequestParameter('refid')),
		$hash,
		detectRemoteAddr(),
	), __FUNCTION__, __LINE__);

	// Get his userid
	$userid = bigintval(SQL_INSERTID());

	// Did this work?
	if ($userid == '0') {
		// Something bad happened!
		loadTemplate('admin_settings_saved', false, '{--USER_NOT_REGISTERED--}');

		// Stop here
		return;
	} // END - if

	// Is the refback extension there?
	// @TODO Rewrite this to a filter
	if (isExtensionActive('refback')) {
		// Update refback table
		updateRefbackTable($userid);
	} // END - if

	// Write his welcome-points
	// @TODO Rewrite this whole if() block to addPointsThroughReferalSystem(). This will also make following if() block obsolete
	// @TODO Wether the registration bonus should only be added to user directly or through referal system should be configurable
	$result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_user_points` WHERE `userid`=%s AND `ref_depth`=0 LIMIT 1",
		array($userid), __FUNCTION__, __LINE__);
	if (SQL_HASZERONUMS($result)) {
		// Add only when the line was not found (maybe some more secure?)
		$locked = 'points';

		// Pay him later. First he has to confirm some mails!
		if (getConfig('ref_payout') > 0) $locked = 'locked_points';

		SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_points` (`userid`, `ref_depth`, `%s`) VALUES (%s,0,'{?points_register?}')",
			array($locked, $userid), __FUNCTION__, __LINE__);

		// Update mediadata as well
		if ((isExtensionInstalledAndNewer('mediadata', '0.0.4')) && ($locked == 'points')) {
			// Update database
			updateMediadataEntry(array('total_points'), 'add', getConfig('points_register'));
		} // END - if
	} // END - if

	// Write catgories
	if ((is_array(postRequestParameter('cat'))) && (count(postRequestParameter('cat')))) {
		foreach (postRequestParameter('cat') as $cat => $joined) {
			if ($joined == 'Y') {
				// Insert category entry
				SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_cats` (`userid`, `cat_id`) VALUES (%s, %s)",
					array($userid, bigintval($cat)), __FUNCTION__, __LINE__);
			} // END - if
		} // END - foreach
	} // END - if

	// ... rewrite a zero referal id to the main title
	if (postRequestParameter('refid') == '0') setPostRequestParameter('refid', getConfig('MAIN_TITLE'));

	// Is ZIP code set?
	if (isPostRequestParameterSet('zip')) {
		// Prepare data array for the email template
		// Start with the gender...
		$content = array(
			'hash'    => $hash,
			'userid'  => $userid,
			'gender'  => SQL_ESCAPE(postRequestParameter('gender')),
			'surname' => SQL_ESCAPE(postRequestParameter('surname')),
			'family'  => SQL_ESCAPE(postRequestParameter('family')),
			'email'   => SQL_ESCAPE(postRequestParameter('email')),
			'street'  => SQL_ESCAPE(postRequestParameter('street_nr')),
			'city'    => SQL_ESCAPE(postRequestParameter('city')),
			'zip'     => bigintval(postRequestParameter('zip')),
			'country' => $countryData,
			'refid'   => SQL_ESCAPE(postRequestParameter('refid')),
			'pass'    => SQL_ESCAPE(postRequestParameter('pass1')),
		);
	} else {
		// No ZIP code entered
		$content = array(
			'hash'    => $hash,
			'userid'  => $userid,
			'gender'  => SQL_ESCAPE(postRequestParameter('gender')),
			'surname' => SQL_ESCAPE(postRequestParameter('surname')),
			'family'  => SQL_ESCAPE(postRequestParameter('family')),
			'email'   => SQL_ESCAPE(postRequestParameter('email')),
			'street'  => SQL_ESCAPE(postRequestParameter('street_nr')),
			'city'    => SQL_ESCAPE(postRequestParameter('city')),
			'zip'     => '',
			'country' => $countryData,
			'refid'   => SQL_ESCAPE(postRequestParameter('refid')),
			'pass'    => SQL_ESCAPE(postRequestParameter('pass1')),
		);
	}

	// Continue with birthday...
	switch (getLanguage()) {
		case 'de':
			$content['birthday'] = bigintval(postRequestParameter('day')) . '.' . bigintval(postRequestParameter('month')) . '.' . bigintval(postRequestParameter('year'));
			break;

		default:
			$content['birthday'] = bigintval(postRequestParameter('month')) . '/' . bigintval(postRequestParameter('day')) . '/' . bigintval(postRequestParameter('year'));
			break;
	} // END - switch

	// Display information to the user that he got mail and send it away
	$messageGuest = loadEmailTemplate('register-member', $content, $userid);

	// Send mail to user (confirmation link!)
	$email = $content['email'];
	sendEmail($content['email'], '{--GUEST_CONFIRM_LINK_SUBJECT--}', $messageGuest);
	$content['email'] = $email;

	// Send mail to admin
	sendAdminNotification('{--ADMIN_NEW_ACCOUNT_SUBJECT--}', 'register-admin', $content, $userid);
}

// [EOF]
?>