$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), '/inc') + 4) . '/security.php';
require($INC);
} elseif ((!EXT_IS_ACTIVE('register'))) {
- addFatalMessage(__FILE__, __LINE__, sprintf(getMessage('EXTENSION_PROBLEM_EXT_INACTIVE'), 'register'));
+ addFatalMessage(__FILE__, __LINE__, generateExtensionInactiveNotInstalledMessage('register'));
return;
}
global $DATA;
// Initialize variables
-$FAILED = false; $SHORT_PASS = false; $cats = 0; $IP_TIMEOUT = false;
+$isFailed = false;
+$shortPass = false;
+$cats = 0;
+$ipTimedOut = false;
-if (!IS_FORM_SENT()) REQUEST_UNSET_POST('ok');
+if (!isFormSent()) REQUEST_UNSET_POST('ok');
if (!REQUEST_ISSET_POST(('agree'))) REQUEST_SET_POST('agree' , '');
if (!REQUEST_ISSET_POST(('addy'))) REQUEST_SET_POST('addy' , '');
if (!REQUEST_ISSET_POST(('surname'))) REQUEST_SET_POST('surname' , '');
if (!REQUEST_ISSET_POST(('family'))) REQUEST_SET_POST('family' , '');
-if (!REQUEST_ISSET_POST(('pass1'))) REQUEST_SET_POST('pass1' , '');
-if (!REQUEST_ISSET_POST(('pass2'))) REQUEST_SET_POST('pass2' , '');
+if (!REQUEST_ISSET_POST('pass1')) REQUEST_SET_POST('pass1' , '');
+if (!REQUEST_ISSET_POST('pass2')) REQUEST_SET_POST('pass2' , '');
if (!REQUEST_ISSET_POST(('day'))) REQUEST_SET_POST('day' , '');
if (!REQUEST_ISSET_POST(('month'))) REQUEST_SET_POST('month' , '');
if (!REQUEST_ISSET_POST(('year'))) REQUEST_SET_POST('year' , '');
if (!REQUEST_ISSET_POST('zip')) REQUEST_SET_POST('zip' , '');
if (!REQUEST_ISSET_POST(('city'))) REQUEST_SET_POST('city' , '');
if (!REQUEST_ISSET_POST(('cntry'))) REQUEST_SET_POST('cntry' , '');
-if (!REQUEST_ISSET_POST(('country_code'))) REQUEST_SET_POST('country_code', "1");
+if (!REQUEST_ISSET_POST(('country_code'))) REQUEST_SET_POST('country_code', '1');
// Default refid is zero
REQUEST_SET_POST('refid', 0);
if ($GLOBALS['refid'] > 0) {
// Test if the refid is valid
$result = SQL_QUERY_ESC("SELECT userid FROM `{!_MYSQL_PREFIX!}_user_data` WHERE userid=%s LIMIT 1",
- array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
+ array(bigintval($GLOBALS['refid'])), __FILE__, __LINE__);
// Userid found?
//* DEBUG: */ die("refid={$GLOBALS['refid']}/numRows=".SQL_NUMROWS($result)."");
}
} // END - if
-if (IS_FORM_SENT()) {
+if (isFormSent()) {
// First we only check the submitted data then we continue... :)
//
// Did he agree to our Terms Of Usage?
if (REQUEST_POST('agree') != 'Y') {
REQUEST_SET_POST('agree', '!');
- $FAILED = true;
+ $isFailed = true;
} // END - if
// Did he enter a valid email address? (we really don't care about
// that, he has to click on a confirmation link :P )
- if ((!REQUEST_ISSET_POST(('addy'))) || (!VALIDATE_EMAIL(REQUEST_POST('addy')))) {
+ if ((!REQUEST_ISSET_POST(('addy'))) || (!isEmailValid(REQUEST_POST('addy')))) {
REQUEST_SET_POST('addy', '!');
- $FAILED = true;
+ $isFailed = true;
} // END - if
// And what about surname and family's name?
if (!REQUEST_ISSET_POST(('surname'))) {
REQUEST_SET_POST('surname', '!');
- $FAILED = true;
+ $isFailed = true;
} // END - if
if (!REQUEST_ISSET_POST(('family'))) {
REQUEST_SET_POST('family', '!');
- $FAILED = true;
+ $isFailed = true;
} // END - if
+ // Get temporary array for modification
+ $postArray = REQUEST_POST_ARRAY();
+
// Check for required fields
- if (!$FAILED) $FAILED = REGISTER_CHECK_REQUIRED_FIELDS(REQUEST_POST_ARRAY());
+ if ($isFailed === false) $isFailed = ifRequiredRegisterFieldsAreSet($postArray);
+
+ // Set it back in request
+ REQUEST_SET_POST_ARRAY($postArray);
// Did he enter his password twice?
- if (((!REQUEST_ISSET_POST(('pass1'))) || (!REQUEST_ISSET_POST(('pass2')))) || ((REQUEST_POST('pass1') != REQUEST_POST('pass2')) && (REQUEST_ISSET_POST(('pass1'))) && (REQUEST_ISSET_POST(('pass2'))))) {
- if ((REQUEST_POST('pass1') != REQUEST_POST('pass2')) && (REQUEST_ISSET_POST(('pass1'))) && (REQUEST_ISSET_POST(('pass2')))) {
+ if (((!REQUEST_ISSET_POST('pass1')) || (!REQUEST_ISSET_POST('pass2'))) || ((REQUEST_POST('pass1') != REQUEST_POST('pass2')) && (REQUEST_ISSET_POST('pass1')) && (REQUEST_ISSET_POST('pass2')))) {
+ if ((REQUEST_POST('pass1') != REQUEST_POST('pass2')) && (REQUEST_ISSET_POST('pass1')) && (REQUEST_ISSET_POST('pass2'))) {
REQUEST_SET_POST('pass1', '!');
REQUEST_SET_POST('pass2', '!');
} else {
- if (!REQUEST_ISSET_POST(('pass1'))) { REQUEST_SET_POST('pass1', '!'); } else { REQUEST_SET_POST('pass1', ''); }
- if (!REQUEST_ISSET_POST(('pass2'))) { REQUEST_SET_POST('pass2', '!'); } else { REQUEST_SET_POST('pass2', ''); }
+ if (!REQUEST_ISSET_POST('pass1')) { REQUEST_SET_POST('pass1', '!'); } else { REQUEST_SET_POST('pass1', ''); }
+ if (!REQUEST_ISSET_POST('pass2')) { REQUEST_SET_POST('pass2', '!'); } else { REQUEST_SET_POST('pass2', ''); }
}
- $FAILED = true;
+ $isFailed = true;
} // END - if
// Is the password long enouth?
- if ((strlen(REQUEST_POST('pass1')) < getConfig('pass_len')) && (!$FAILED)) {
- $SHORT_PASS = true;
- $FAILED = true;
+ if ((strlen(REQUEST_POST('pass1')) < getConfig('pass_len')) && ($isFailed === false)) {
+ $shortPass = true;
+ $isFailed = true;
} // END - if
// No admin? Admins can always register!
if ($cats < getConfig('least_cats')) {
// ... nope!
- $FAILED = true;
+ $isFailed = true;
} // END - if
} // END - if
$CHK = isEmailTaken(REQUEST_POST('addy'));
if ($CHK === true) {
REQUEST_SET_POST('addy', '?');
- $FAILED = true;
+ $isFailed = true;
} // END - if
} // END - if
if (getConfig('ip_timeout') > 0) {
// Check his IP number
$result = SQL_QUERY_ESC("SELECT joined, last_update FROM `{!_MYSQL_PREFIX!}_user_data` WHERE REMOTE_ADDR='%s' AND (joined > (UNIX_TIMESTAMP() - %s) OR last_update > (UNIX_TIMESTAMP() - %s)) LIMIT 1",
- array(detectRemoteAddr(), getConfig('ip_timeout'), getConfig('ip_timeout')), __FILE__, __LINE__);
+ array(detectRemoteAddr(), getConfig('ip_timeout'), getConfig('ip_timeout')), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 1) {
// Same IP in timeout range and different email address entered... Eat this, faker! ;-)
// But admins are allowed to fake their own exchange service.
- $IP_TIMEOUT = true;
- $FAILED = true;
+ $ipTimedOut = true;
+ $isFailed = true;
} // END - if
} // END - if
SQL_FREERESULT($result);
}
-if ((IS_FORM_SENT()) && ((!$FAILED) || (IS_ADMIN()))) {
+if ((isFormSent()) && (($isFailed === false) || (IS_ADMIN()))) {
// Prepapre month and day of birth
if (strlen(REQUEST_POST('day')) == 1) REQUEST_SET_POST('day' , '0'.REQUEST_POST('day'));
if (strlen(REQUEST_POST('month')) == 1) REQUEST_SET_POST('month', '0'.REQUEST_POST('month'));
// Get total ...
// ... confirmed, ...
- $confirmedUsers = GET_TOTAL_DATA('CONFIRMED', 'user_data', 'userid', 'status', true);
+ $confirmedUsers = GET_TOTAL_DATA('CONFIRMED' , 'user_data', 'userid', 'status', true);
// ... unconfirmed ...
$unconfirmedUsers = GET_TOTAL_DATA('UNCONFIRMED', 'user_data', 'userid', 'status', true);
// ... and locked users!
- $lockedUsers = GET_TOTAL_DATA('LOCKED', 'user_data', 'userid', 'status', true);
+ $lockedUsers = GET_TOTAL_DATA('LOCKED' , 'user_data', 'userid', 'status', true);
// Generate hash which will be inserted into confirmation mail
- $hash = generateHash(sha1($confirmedUsers.constant('ENCRYPT_SEPERATOR').$unconfirmedUsers.constant('ENCRYPT_SEPERATOR').$lockedUsers.constant('ENCRYPT_SEPERATOR').REQUEST_POST('month').'-'.REQUEST_POST('day').'-'.REQUEST_POST('year').constant('ENCRYPT_SEPERATOR').getenv('SERVER_NAME').constant('ENCRYPT_SEPERATOR').detectRemoteAddr().constant('ENCRYPT_SEPERATOR').detectUserAgent().'/'.constant('SITE_KEY').'/'.constant('DATE_KEY').'/'.constant('RAND_NUMBER')));
+ $hash = generateHash(sha1($confirmedUsers.getConfig('ENCRYPT_SEPERATOR').$unconfirmedUsers.getConfig('ENCRYPT_SEPERATOR').$lockedUsers.getConfig('ENCRYPT_SEPERATOR').REQUEST_POST('month') . '-'.REQUEST_POST('day') . '-'.REQUEST_POST('year').getConfig('ENCRYPT_SEPERATOR').getenv('SERVER_NAME').getConfig('ENCRYPT_SEPERATOR').detectRemoteAddr().getConfig('ENCRYPT_SEPERATOR').detectUserAgent() . '/' . getConfig('SITE_KEY') . '/' . getConfig('DATE_KEY') . '/'. constant('RAND_NUMBER')));
// Add design when extension sql_patches is v0.2.7 or greater
// @TODO Rewrite these all to a single filter
- $ADD1 = ''; $ADD2 = '';
- if (GET_EXT_VERSION('sql_patches') >= '0.2.7') {
+ $ADD1 = '';
+ $ADD2 = '';
+ if (GET_EXT_VERSION('theme') >= '0.0.8') {
// Okay, add design here
$ADD1 = ", `curr_theme`";
$ADD2 = ", '".getCurrentTheme()."'";
// Write his welcome-points
$result = SQL_QUERY_ESC("SELECT `id` FROM `{!_MYSQL_PREFIX!}_user_points` WHERE userid=%s AND ref_depth=0 LIMIT 1",
- array(bigintval($userid)), __FILE__, __LINE__);
+ array(bigintval($userid)), __FILE__, __LINE__);
if (SQL_NUMROWS($result) == 0) {
// Add only when the line was not found (maybe some more secure?)
$locked = "points";
if (getConfig('ref_payout') > 0) $locked = "locked_points"; // Pay him later. First he has to confirm some mails!
SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_points` (userid, ref_depth, ".$locked.") VALUES (%s,0,'%s')",
- array(bigintval($userid), getConfig('points_register')), __FILE__, __LINE__);
+ array(bigintval($userid), getConfig('points_register')), __FILE__, __LINE__);
// Update mediadata as well
if ((GET_EXT_VERSION('mediadata') >= '0.0.4') && ($locked == "points")) {
if ($joined == 'Y') {
// Insert category entry
SQL_QUERY_ESC("INSERT INTO `{!_MYSQL_PREFIX!}_user_cats` (userid, cat_id) VALUES (%s, %s)",
- array(bigintval($userid), bigintval($cat)), __FILE__, __LINE__);
+ array(bigintval($userid), bigintval($cat)), __FILE__, __LINE__);
} // END - if
} // END - foreach
} // END - if
}
// Continue with birthday...
- switch (getLanguage())
- {
- case 'de':
- $DATA['birthday'] = bigintval(REQUEST_POST('day')).'.'.bigintval(REQUEST_POST('month')).'.'.bigintval(REQUEST_POST('year'));
- break;
-
- default:
- $DATA['birthday'] = bigintval(REQUEST_POST('month')).'/'.bigintval(REQUEST_POST('day')).'/'.bigintval(REQUEST_POST('year'));
- break;
- }
+ switch (getLanguage()) {
+ case 'de':
+ $DATA['birthday'] = bigintval(REQUEST_POST('day')) . '.' . bigintval(REQUEST_POST('month')) . '.' . bigintval(REQUEST_POST('year'));
+ break;
+
+ default:
+ $DATA['birthday'] = bigintval(REQUEST_POST('month')) . '/' . bigintval(REQUEST_POST('day')) . '/' . bigintval(REQUEST_POST('year'));
+ break;
+ } // END - switch
// Display information to the user that he got mail and send it away
- $msg_guest = LOAD_EMAIL_TEMPLATE('register-member', $DATA, $userid);
+ $messageGuest = LOAD_EMAIL_TEMPLATE('register-member', $DATA, $userid);
// Send mail to user (confirmation link!)
- $EMAIL = $DATA['email'];
- sendEmail ($DATA['email'], getMessage('GUEST_CONFIRM_LINK'), $msg_guest);
- $DATA['email'] = $EMAIL;
+ $email = $DATA['email'];
+ sendEmail($DATA['email'], getMessage('GUEST_CONFIRM_LINK'), $messageGuest);
+ $DATA['email'] = $email;
// Send mail to admin
sendAdminNotification(getMessage('ADMIN_NEW_ACCOUNT'), 'register-admin', $DATA, $userid);
registerOutputFailedMessage('ENTER_PASS2');
}
- if ($SHORT_PASS === true) {
+ if ($shortPass === true) {
registerOutputFailedMessage('SHORT_PASS', ": ".getConfig('pass_len'));
} // END - if
- if ($IP_TIMEOUT === true) {
+ if ($ipTimedOut === true) {
registerOutputFailedMessage('REMOTE_ADDR_TIMEOUT');
} // END - if
} // END - if
// Generate birthday selection
- switch (getLanguage())
- {
- case 'de': // German date format
- define('BIRTHDAY_SELECTION', ADD_SELECTION('day', REQUEST_POST('day')).ADD_SELECTION('month', REQUEST_POST('month')).ADD_SELECTION('year', REQUEST_POST('year')));
- break;
-
- default: // Default is the US date format... :)
- define('BIRTHDAY_SELECTION', ADD_SELECTION('month', REQUEST_POST('month')).ADD_SELECTION('day', REQUEST_POST('day')).ADD_SELECTION('year', REQUEST_POST('year')));
- break;
+ switch (getLanguage()) {
+ case 'de': // German date format
+ define('BIRTHDAY_SELECTION', ADD_SELECTION('day', REQUEST_POST('day')).ADD_SELECTION('month', REQUEST_POST('month')).ADD_SELECTION('year', REQUEST_POST('year')));
+ break;
+
+ default: // Default is the US date format... :)
+ define('BIRTHDAY_SELECTION', ADD_SELECTION('month', REQUEST_POST('month')).ADD_SELECTION('day', REQUEST_POST('day')).ADD_SELECTION('year', REQUEST_POST('year')));
+ break;
}
// Adds a table for the guests with all visible categories
define('__FAMILY', SQL_ESCAPE(REQUEST_POST('family')));
define('__STREET', SQL_ESCAPE(REQUEST_POST('street_nr')));
define('__COUNTRY', SQL_ESCAPE(REQUEST_POST('cntry')));
- if (REQUEST_ISSET_POST('zip')) {
+ if ((REQUEST_ISSET_POST('zip')) && (REQUEST_POST('zip') != '')) {
define('__ZIP', bigintval(REQUEST_POST('zip')));
} else {
define('__ZIP', '');
if (EXT_IS_ACTIVE('country')) {
// New variant, good!
$OUT = "<select name=\"country_code\" class=\"guest_select\" size=\"1\">\n";
- $whereStatement = "WHERE is_active='Y'";
+ $whereStatement = "WHERE `is_active`='Y'";
if (IS_ADMIN()) $whereStatement = '';
$OUT .= generateOptionList('countries', 'id', 'descr', REQUEST_POST('country_code'), 'code', $whereStatement);
$OUT .= "</select>";