X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Flibs%2Fregister_functions.php;h=667b83c0f78252f5da6a9d782ca7c1cbc1cbd491;hp=4ae9dba3bad6d038bcc9b84e5f716009e6f525e3;hb=63f159414369b5ea19a8ca75d8cd8033c45d8341;hpb=f01652b7b8efac92d97889e312402c4a845c2f14 diff --git a/inc/libs/register_functions.php b/inc/libs/register_functions.php index 4ae9dba3ba..667b83c0f7 100644 --- a/inc/libs/register_functions.php +++ b/inc/libs/register_functions.php @@ -1,7 +1,7 @@  (*)"; - $eval = "define('MUST_".strtoupper($name)."', \"".$value."\");"; - eval($eval); - } +if (!defined('__SECURITY')) { + die(); +} // END - if - // Free memory - SQL_FREERESULT($result); - - // Also fill other constants - define('MUST_GENDER', " (*)"); - define('MUST_ADDY' , " (*)"); - define('MUST_BIRTH' , " (*)"); - define('MUST_MARKER', " (*)"); -} -// -function REGISTER_CHECK_REQUIRED_FIELDS(&$array) -{ - $ret = false; - foreach ($array as $key => $value) - { - $result = SQL_QUERY("SELECT field_required FROM "._MYSQL_PREFIX."_must_register WHERE field_name='".$key."' LIMIT 1", __FILE__, __LINE__); - if (SQL_NUMROWS($result) == 1) - { - // "Must-line" found - list($chk) = SQL_FETCHROW($result); - SQL_FREERESULT($result); +// Checks whether all required registration fields are set +function ifRequiredRegisterFieldsAreSet (&$array) { + // By default all is fine + $ret = true; + foreach ($array as $key => $value) { + // Check all fields that must register + $result = SQL_QUERY_ESC("SELECT `id` FROM `{?_MYSQL_PREFIX?}_must_register` WHERE `field_name`='%s' AND `field_required`='Y' LIMIT 1", + array($key), __FUNCTION__, __LINE__); + // Entry found? + if (SQL_NUMROWS($result) == 1) { // Check if extension country is not found (you have to enter the 2-chars long country code) or // if extensions is present check if country code was selected // 01 2 21 12 3 32 234 5 54 4 43 34 4 4 5 5432 2 3 3210 - $country = ((!EXT_IS_ACTIVE("country")) || ((EXT_IS_ACTIVE("country")) && (((empty($value)) && ($key == "cntry")) || (($key == "country_code") && (!empty($value)))) && (!empty($array['country_code'])))); - if ((empty($value)) && ($chk == "Y") && (!$country)) - { + $country = ((!isExtensionActive('country')) || ((isExtensionActive('country')) && (((empty($value)) && ($key == 'cntry')) || (($key == 'country_code') && (!empty($value)))) && (!empty($array['country_code'])))); + if ((empty($value)) && ($country === false)) { // Required field not set - $array[$key] = "!"; - $ret = true; - } - } - } + $array[$key] = '!'; + $ret = false; + } // END - if + } // END - if + + // Free result + SQL_FREERESULT($result); + } // END - foreach + + // Return result return $ret; } -// -function REGISTER_OUTPUT_REQUIRE_CHECK(&$array) -{ - $result = SQL_QUERY("SELECT field_name, field_required FROM "._MYSQL_PREFIX."_must_register ORDER BY id", __FILE__, __LINE__); - while(list($name, $required) = SQL_FETCHROW($result)) - { - if (($array[$name] == "!") && ($required == "Y")) - { - // Empty entry found - $array[$name] = ""; - $eval = "\$OUT = REGISTER_".strtoupper($name)."_REQUIRED;"; - eval($eval); - OUTPUT_HTML("".$OUT."

"); - } - } - // Free memory - SQL_FREERESULT($result); -} -// -function REGISTER_ADD_CATEGORY_TABLE ($MODE, $return=false) -{ - global $_POST, $_CONFIG; - $OUT = ""; - - // Guests are mostly not interested in how many members has - // choosen an individual category - $AND = "WHERE visible='Y' "; +// Generates a 'category table' for the registration form +function registerGenerateCategoryTable ($mode, $configEntry = 'register_default') { + // Init output + $OUT = ''; + + /* + * Guests are mostly not interested in how many members has choosen an + * individual category. + */ + $whereStatement = "WHERE `visible`='Y' "; + // Admins are allowed to see every category... - if (IS_ADMIN()) $AND = ""; - $result = SQL_QUERY("SELECT id, cat, visible FROM "._MYSQL_PREFIX."_cats ".$AND." ORDER BY sort", __FILE__, __LINE__); - if (SQL_NUMROWS($result) > 0) - { + if (isAdmin()) { + $whereStatement = ''; + } // END - if + + // Look for categories + $result = SQL_QUERY('SELECT + `id`, + `cat`, + `visible` +FROM + `{?_MYSQL_PREFIX?}_cats` +' . $whereStatement . ' +ORDER BY + `sort` ASC', + __FUNCTION__, __LINE__); + + if (!SQL_HASZERONUMS($result)) { // List alle visible modules (or all to the admin) - $SW = 2; - $OUT .= "\n"; - while (list($id, $cat, $visible) = SQL_FETCHROW($result)) - { - if (empty($_POST['cat'][$id])) $_POST['cat'][$id] = ""; + $OUT .= '
'; + while ($content = SQL_FETCHARRAY($result)) { // Prepare array for the template - $content = array( - 'sw' => $SW, - 'cat' => $cat, - 'def_y' => "", - 'def_n' => "", - 'id' => $id, - ); - - if (($_POST['cat'][$id] == "Y") || (($_CONFIG['register_default'] == "Y") && (empty($_POST['cat'][$id])))) - { - $content['def_y'] = ' checked'; - } - else - { - $content['def_n'] = ' checked'; + $content['default_yes'] = ''; + $content['default_no'] = ''; + + // Mark categories + if ((postRequestElement('cat', $content['id']) == 'Y') || ((getConfig($configEntry) == 'Y') && (!isPostRequestElementSet('cat', $content['id'])))) { + $content['default_yes'] = ' checked="checked"'; + } else { + $content['default_no'] = ' checked="checked"'; } // Load template and switch color - $OUT .= LOAD_TEMPLATE("guest_cat_row", true, $content); - $SW = 3 - $SW; - } - $OUT .= "
\n"; + $OUT .= loadTemplate('guest_cat_row', true, $content); + } // END - while + $OUT .= ''; // Free memory SQL_FREERESULT($result); - } - else - { + } else { // No categories setted up so far... - $OUT .= LOAD_TEMPLATE("admin_settings_saved", true, NO_CATEGORIES_VISIBLE); + $OUT .= displayMessage('{--NO_CATEGORIES_VISIBLE--}', true); } - if ($return) - { - // Return generated HTML code - return $OUT; + // Return generated HTML code + return $OUT; +} + +// Outputs a 'failed message' +function registerOutputFailedMessage ($messageId, $extra='') { + if (empty($messageId)) { + outputHtml('
' . $extra . '
'); + } else { + outputHtml('
{--' . $messageId . '--}' . $extra . '
'); } - else - { - // Output directly (default) - OUTPUT_HTML($OUT); +} + +// Checks whether the registration data is complete +function isRegistrationDataComplete () { + // Init elements + $GLOBALS['registration_ip_timeout'] = false; + $GLOBALS['registration_short_password'] = false; + $GLOBALS['registration_selected_cats'] = '0'; + + // Default is okay + $isOkay = true; + + // First we only check the submitted data then we continue... :) + // + // Did he agree to the terms of usage? + if (postRequestElement('agree') != 'Y') { + setPostRequestElement('agree', '!'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'agree=N - User did not agree with terms of usage.'); + $isOkay = false; + } // END - if + + // Did he enter a valid email address? (we really don't care about + // that, he has to click on a confirmation link :P ) + if ((!isPostRequestElementSet('email')) || (!isEmailValid(postRequestElement('email')))) { + setPostRequestElement('email', '!'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did not enter proper email address.'); + $isOkay = false; + } // END - if + + // And what about surname and family's name? + if (!isPostRequestElementSet('surname')) { + setPostRequestElement('surname', '!'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did not enter surname.'); + $isOkay = false; + } // END - if + if (!isPostRequestElementSet('family')) { + setPostRequestElement('family', '!'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did not enter family name.'); + $isOkay = false; + } // END - if + + // Get temporary array for modification + $postArray = postRequestArray(); + + // Check for required fields + $isOkay = ($isOkay && ifRequiredRegisterFieldsAreSet($postArray)); + + // Set it back in request + setPostRequestArray($postArray); + + // Are both passwords zero length? + if ((strlen(postRequestElement('pass1')) == 0) && (strlen(postRequestElement('pass2')) == 0) && ($isOkay === true)) { + // Is the extension 'register' newer or equal 0.5.5? + if ((isExtensionInstalledAndNewer('register', '0.5.5')) && (isRegisterGeneratePasswordEmptyEnabled())) { + // Generate a random password + $randomPassword = generatePassword(); + + // Set it in both entries + setPostRequestElement('pass1', $randomPassword); + setPostRequestElement('pass2', $randomPassword); + } else { + // Not allowed or no recent extension version + setPostRequestElement('pass1', '!'); + setPostRequestElement('pass2', '!'); + + // ... which is both not okay + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'Random password generation not possible, isExtensionInstalledAndNewer(register, 0.5.5)=' . intval(isExtensionInstalledAndNewer('register', '0.5.5')) . ',isRegisterGeneratePasswordEmptyEnabled()=' . intval(isRegisterGeneratePasswordEmptyEnabled())); + $isOkay = false; + } + } // END - if + + // Did he enter his password twice? + if (((!isPostRequestElementSet('pass1')) || (!isPostRequestElementSet('pass2'))) || ((postRequestElement('pass1') != postRequestElement('pass2')) && (isPostRequestElementSet('pass1')) && (isPostRequestElementSet('pass2')))) { + if ((postRequestElement('pass1') != postRequestElement('pass2')) && (isPostRequestElementSet('pass1')) && (isPostRequestElementSet('pass2'))) { + // Both passwords did not match + setPostRequestElement('pass1', '!'); + setPostRequestElement('pass2', '!'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did not enter same passwords.'); + } else { + if (!isPostRequestElementSet('pass1')) { + // Password 1 is empty + setPostRequestElement('pass1', '!'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did not enter pass1.'); + } else { + // Password 2 is empty + setPostRequestElement('pass1', ''); + } + if (!isPostRequestElementSet('pass2')) { + // Password 2 is empty + setPostRequestElement('pass2', '!'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did not enter pass2.'); + } else { + // Password 1 is empty + setPostRequestElement('pass2', ''); + } + } + $isOkay = false; + } // END - if + + // Is the password long enouth? + if ((strlen(postRequestElement('pass1')) < getPassLen()) && ($isOkay === true)) { + $GLOBALS['registration_short_password'] = true; + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did enter a short password.'); + $isOkay = false; + } // END - if + + // Do this check only when no admin is logged in + if (ifPostContainsSelections('cat')) { + // Only continue with array + foreach (postRequestElement('cat') as $id => $answer) { + // Is this category choosen? + if ($answer == 'Y') { + $GLOBALS['registration_selected_cats']++; + } // END - if + } // END - foreach + } // END - if + + // Enougth categories selected? + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay='.intval($isOkay).',selected='.$GLOBALS['registration_selected_cats'].'/'.getLeastCats()); + $isOkay = (($isOkay) && ($GLOBALS['registration_selected_cats'] >= getLeastCats())); + + if ((postRequestElement('email') != '!') && (isCheckDoubleEmailEnabled())) { + // Does the email address already exists in our database? + if ((isEmailTaken(postRequestElement('email'))) && (!isAdmin())) { + setPostRequestElement('email', '?'); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'User did enter a already used email address.'); + $isOkay = false; + } // END - if + } // END - if + + // Check for IP timeout? + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay='.intval($isOkay)); + if ((!isAdmin()) && (getIpTimeout() > 0)) { + // Check his IP number + $GLOBALS['registration_ip_timeout'] = (countSumTotalData(detectRemoteAddr() , 'user_data', 'userid', 'REMOTE_ADDR', true, ' AND ((UNIX_TIMESTAMP() - `joined`) < {?ip_timeout?} OR (UNIX_TIMESTAMP() - `last_update`) < {?ip_timeout?})') == 1); + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay='.intval($isOkay).',timeout='.intval($GLOBALS['registration_ip_timeout'])); + $isOkay = (($isOkay) && (!$GLOBALS['registration_ip_timeout'])); + } // END - if + + // Return result + //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'isOkay='.intval($isOkay)); + return $isOkay; +} + +// Do the registration +function doUserRegistration () { + // Do not register an account on absent ext-user + if (!isExtensionInstalled('user')) { + // Please report this + reportBug(__FUNCTION__, __LINE__, 'Tried to register a user account without ext-user installed.'); + } // END - if + + // Init filter data + $filterData = array( + // Initialization not done by default + 'init_done' => false + ); + + // Run the pre-registration chain + $filterData = runFilterChain('pre_user_registration', $filterData); + + // Did the initialization work? + if ($filterData['init_done'] === false) { + // Something bad happened! + displayMessage('{--PRE_USER_REGISTRATION_FAILED--}'); + + // Stop here + return false; + } // END - if + + // Create user's account... + SQL_QUERY_ESC("INSERT INTO + `{?_MYSQL_PREFIX?}_user_data` +( + `gender`, + `surname`, + `family`, + `street_nr`, + %s, + `zip`, + `city`, + `email`, + `birth_day`, + `birth_month`, + `birth_year`, + `password`, + `max_mails`, + `receive_mails`, + `refid`, + `status`, + `user_hash`, + `REMOTE_ADDR`, + `joined`, + `last_update`, + `ref_payout` + " . $GLOBALS['register_sql_columns'] . " +) VALUES ( + '%s', + '%s', + '%s', + '%s', + '%s', + %s, + '%s', + '%s', + %s, + %s, + %s, + '%s', + %s, + %s, + %s, + '%s', + '%s', + '{%%pipe,detectRemoteAddr%%}', + UNIX_TIMESTAMP(), + UNIX_TIMESTAMP(), + {?ref_payout?} + " . $GLOBALS['register_sql_data'] . " +)", + array( + $GLOBALS['register_country_row'], + substr(postRequestElement('gender'), 0, 1), + postRequestElement('surname'), + postRequestElement('family'), + postRequestElement('street_nr'), + $GLOBALS['register_country_data'], + bigintval(postRequestElement('zip')), + postRequestElement('city'), + postRequestElement('email'), + bigintval(postRequestElement('day')), + bigintval(postRequestElement('month')), + bigintval(postRequestElement('year')), + generateHash(postRequestElement('pass1')), + bigintval(postRequestElement('max_mails')), + bigintval(postRequestElement('max_mails')), + convertZeroToNull(postRequestElement('refid')), + postRequestElement('status'), + $GLOBALS['register_confirm_hash'] + ), __FUNCTION__, __LINE__); + + // Get his userid + $filterData['register_insert_id'] = bigintval(SQL_INSERTID()); + + // Did this work? + if (!isValidUserId($filterData['register_insert_id'])) { + // Something bad happened! + displayMessage('{--USER_NOT_REGISTERED--}'); + + // Stop here + return false; + } // END - if + + // Shall we reset random refid? Only possible with latest ext-user + if (isExtensionInstalledAndNewer('user', '0.3.4')) { + // Reset all accounts, registration is done + SQL_QUERY('UPDATE `{?_MYSQL_PREFIX?}_user_data` SET `rand_confirmed`=0', __FUNCTION__, __LINE__); + } // END - if + + // Update referral table + updateReferralCounter($filterData['register_insert_id']); + + // Write his welcome-points + initReferralSystem(); + addPointsThroughReferralSystem( + // Subject + 'register_welcome', + // New user's id + $filterData['register_insert_id'], + // Points + getPointsRegister(), + // Referral id (or NULL if none set) + convertZeroToNull(postRequestElement('refid')) + ); + + // Write catgories + if (ifPostContainsSelections('cat')) { + // Write all entries + foreach (postRequestElement('cat') as $categoryId => $joined) { + // "Join" this group? + if ($joined == 'Y') { + // Insert category entry + SQL_QUERY_ESC("INSERT INTO `{?_MYSQL_PREFIX?}_user_cats` (`userid`, `cat_id`) VALUES (%s, %s)", + array( + $filterData['register_insert_id'], + bigintval($categoryId) + ), __FUNCTION__, __LINE__); + } // END - if + } // END - foreach + } // END - if + + // Registration phase is done here, so for tester accounts we end here + if (((getExtensionVersion('user') >= '0.5.0')) && (isTesterUserName(postRequestElement('surname'))) && (ifTesterAccountsAllowed())) { + // All fine here + return true; + } // END - if + + // ... rewrite a zero referral id to the main title + if (!isValidUserId(postRequestElement('refid'))) { + setPostRequestElement('refid', getMainTitle()); + } // END - if + + // Is ZIP code set? + if (isPostRequestElementSet('zip')) { + // Prepare data array for the email template + // Start with the gender... + $content = array( + 'hash' => $GLOBALS['register_confirm_hash'], + 'userid' => $filterData['register_insert_id'], + 'gender' => SQL_ESCAPE(postRequestElement('gender')), + 'surname' => SQL_ESCAPE(postRequestElement('surname')), + 'family' => SQL_ESCAPE(postRequestElement('family')), + 'email' => SQL_ESCAPE(postRequestElement('email')), + 'street' => SQL_ESCAPE(postRequestElement('street_nr')), + 'city' => SQL_ESCAPE(postRequestElement('city')), + 'zip' => bigintval(postRequestElement('zip')), + 'country' => $GLOBALS['register_country_data'], + 'refid' => SQL_ESCAPE(postRequestElement('refid')), + 'password' => SQL_ESCAPE(postRequestElement('pass1')), + ); + } else { + // No ZIP code entered + $content = array( + 'hash' => $GLOBALS['register_confirm_hash'], + 'userid' => $filterData['register_insert_id'], + 'gender' => SQL_ESCAPE(postRequestElement('gender')), + 'surname' => SQL_ESCAPE(postRequestElement('surname')), + 'family' => SQL_ESCAPE(postRequestElement('family')), + 'email' => SQL_ESCAPE(postRequestElement('email')), + 'street' => SQL_ESCAPE(postRequestElement('street_nr')), + 'city' => SQL_ESCAPE(postRequestElement('city')), + 'zip' => '', + 'country' => $GLOBALS['register_country_data'], + 'refid' => SQL_ESCAPE(postRequestElement('refid')), + 'password' => SQL_ESCAPE(postRequestElement('pass1')), + ); } + + // Continue with birthday... + switch (getLanguage()) { + case 'de': + $content['birthday'] = bigintval(postRequestElement('day')) . '.' . bigintval(postRequestElement('month')) . '.' . bigintval(postRequestElement('year')); + break; + + default: + $content['birthday'] = bigintval(postRequestElement('month')) . '/' . bigintval(postRequestElement('day')) . '/' . bigintval(postRequestElement('year')); + break; + } // END - switch + + // Display information to the user that he got mail and send it away + $messageGuest = loadEmailTemplate('guest_register_done', $content, $filterData['register_insert_id'], false); + + // Send mail to user (confirmation link!) + sendEmail($filterData['register_insert_id'], '{--GUEST_CONFIRM_LINK_SUBJECT--}', $messageGuest); + + // Send mail to admin + sendAdminNotification('{--ADMIN_NEW_ACCOUNT_SUBJECT--}', 'admin_register_done', $content, $filterData['register_insert_id']); + + // All fine + return true; +} + +//----------------------------------------------------------------------------- +// Wrapper functions for ext-register +//----------------------------------------------------------------------------- + +// Getter for 'display_refid' +function getDisplayRefid () { + // Is the cache entry set? + if (!isset($GLOBALS[__FUNCTION__])) { + // No, so determine it + $GLOBALS[__FUNCTION__] = getConfig('display_refid'); + } // END - if + + // Return cached entry + return $GLOBALS[__FUNCTION__]; +} + +// Checks whether 'display_refid' is "YES" +function isDisplayRefidEnabled () { + // Is the cache entry set? + if (!isset($GLOBALS[__FUNCTION__])) { + // No, so determine it + $GLOBALS[__FUNCTION__] = (getDisplayRefid() == 'Y'); + } // END - if + + // Return cached entry + return $GLOBALS[__FUNCTION__]; +} + +// Getter for 'ip_timeout' +function getIpTimeout () { + // Is the cache entry set? + if (!isset($GLOBALS[__FUNCTION__])) { + // No, so determine it + $GLOBALS[__FUNCTION__] = getConfig('ip_timeout'); + } // END - if + + // Return cached entry + return $GLOBALS[__FUNCTION__]; +} + +// Getter for 'register_default' +function getRegisterDefault () { + // Is the cache entry set? + if (!isset($GLOBALS[__FUNCTION__])) { + // No, so determine it + $GLOBALS[__FUNCTION__] = getConfig('register_default'); + } // END - if + + // Return cached entry + return $GLOBALS[__FUNCTION__]; +} + +// Checks whether 'register_default' is "YES" +function isRegisterDefaultEnabled () { + // Is the cache entry set? + if (!isset($GLOBALS[__FUNCTION__])) { + // No, so determine it + $GLOBALS[__FUNCTION__] = (getRegisterDefault() == 'Y'); + } // END - if + + // Return cached entry + return $GLOBALS[__FUNCTION__]; +} + +// Getter for 'register_generate_password_empty' +function getRegisterGeneratePasswordEmpty () { + // Is the cache entry set? + if (!isset($GLOBALS[__FUNCTION__])) { + // No, so determine it + $GLOBALS[__FUNCTION__] = getConfig('register_generate_password_empty'); + } // END - if + + // Return cached entry + return $GLOBALS[__FUNCTION__]; +} + +// Checks whether 'register_generate_password_empty' is "YES" +function isRegisterGeneratePasswordEmptyEnabled () { + // Is the cache entry set? + if (!isset($GLOBALS[__FUNCTION__])) { + // No, so determine it + $GLOBALS[__FUNCTION__] = (getRegisterGeneratePasswordEmpty() == 'Y'); + } // END - if + + // Return cached entry + return $GLOBALS[__FUNCTION__]; +} + +// ---------------------------------------------------------------------------- +// Template helper functions +// ---------------------------------------------------------------------------- + +// Template helper for generating a category selection table for admin area with given configuration entry +function doTemplateAdminRegisterCategoryTable ($templateName, $clear = false, $configEntry) { + // Call the inner function + return registerGenerateCategoryTable('admin', $configEntry); } -// + +// [EOF] ?>