Verzeichnisstruktur phpBB-3.0.0
- Veröffentlicht
- 12.12.2007
So funktioniert es
|
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
ucp_register.php
001 <?php
002 /**
003 *
004 * @package ucp
005 * @version $Id$
006 * @copyright (c) 2005 phpBB Group
007 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
008 *
009 */
010
011 /**
012 * @ignore
013 */
014 if (!defined('IN_PHPBB'))
015 {
016 exit;
017 }
018
019 /**
020 * ucp_register
021 * Board registration
022 * @package ucp
023 */
024 class ucp_register
025 {
026 var $u_action;
027
028 function main($id, $mode)
029 {
030 global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;
031
032 //
033 if ($config['require_activation'] == USER_ACTIVATION_DISABLE)
034 {
035 trigger_error('UCP_REGISTER_DISABLE');
036 }
037
038 include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
039
040 $confirm_id = request_var('confirm_id', '');
041 $coppa = (isset($_REQUEST['coppa'])) ? ((!empty($_REQUEST['coppa'])) ? 1 : 0) : false;
042 $agreed = (!empty($_POST['agreed'])) ? 1 : 0;
043 $submit = (isset($_POST['submit'])) ? true : false;
044 $change_lang = request_var('change_lang', '');
045 $user_lang = request_var('lang', $user->lang_name);
046
047
048 // not so fast, buddy
049 if (($submit && !check_form_key('ucp_register', false, '', false, $config['min_time_reg']))
050 || (!$submit && !check_form_key('ucp_register_terms', false, '', false, $config['min_time_terms'])))
051 {
052 $agreed = false;
053 }
054
055 if ($agreed)
056 {
057 add_form_key('ucp_register');
058 }
059 else
060 {
061 add_form_key('ucp_register_terms');
062 }
063
064
065 if ($change_lang || $user_lang != $config['default_lang'])
066 {
067 $use_lang = ($change_lang) ? basename($change_lang) : basename($user_lang);
068
069 if (file_exists($phpbb_root_path . 'language/' . $use_lang . '/'))
070 {
071 if ($change_lang)
072 {
073 $submit = false;
074
075 // Setting back agreed to let the user view the agreement in his/her language
076 $agreed = (empty($_GET['change_lang'])) ? 0 : $agreed;
077 }
078
079 $user->lang_name = $lang = $use_lang;
080 $user->lang_path = $phpbb_root_path . 'language/' . $lang . '/';
081 $user->lang = array();
082 $user->add_lang(array('common', 'ucp'));
083 }
084 else
085 {
086 $change_lang = '';
087 $user_lang = $user->lang_name;
088 }
089 }
090
091 $cp = new custom_profile();
092
093 $error = $cp_data = $cp_error = array();
094
095 //
096 if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable']))
097 {
098 $add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : '';
099 $add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : '';
100
101 $s_hidden_fields = ($confirm_id) ? array('confirm_id' => $confirm_id) : array();
102
103 // If we change the language, we want to pass on some more possible parameter.
104 if ($change_lang)
105 {
106 // We do not include the password!
107 $s_hidden_fields = array_merge($s_hidden_fields, array(
108 'username' => utf8_normalize_nfc(request_var('username', '', true)),
109 'email' => strtolower(request_var('email', '')),
110 'email_confirm' => strtolower(request_var('email_confirm', '')),
111 'confirm_code' => request_var('confirm_code', ''),
112 'lang' => $user->lang_name,
113 'tz' => request_var('tz', (float) $config['board_timezone']),
114 ));
115 }
116
117 if ($coppa === false && $config['coppa_enable'])
118 {
119 $now = getdate();
120 $coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']);
121 unset($now);
122
123 $template->assign_vars(array(
124 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday),
125 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday),
126
127 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=0' . $add_lang),
128 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=1' . $add_lang),
129
130 'S_SHOW_COPPA' => true,
131 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
132 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang),
133 ));
134 }
135 else
136 {
137 $template->assign_vars(array(
138 'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()),
139
140 'S_SHOW_COPPA' => false,
141 'S_REGISTRATION' => true,
142 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
143 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa),
144 'S_TIME' => 1000 * ((int) $config['min_time_terms']),
145 )
146 );
147 }
148
149 $this->tpl_name = 'ucp_agreement';
150 return;
151 }
152
153
154 // Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1
155 $timezone = date('Z') / 3600;
156 $is_dst = date('I');
157
158 if ($config['board_timezone'] == $timezone || $config['board_timezone'] == ($timezone - 1))
159 {
160 $timezone = ($is_dst) ? $timezone - 1 : $timezone;
161
162 if (!isset($user->lang['tz_zones'][(string) $timezone]))
163 {
164 $timezone = $config['board_timezone'];
165 }
166 }
167 else
168 {
169 $is_dst = $config['board_dst'];
170 $timezone = $config['board_timezone'];
171 }
172
173 $data = array(
174 'username' => utf8_normalize_nfc(request_var('username', '', true)),
175 'new_password' => request_var('new_password', '', true),
176 'password_confirm' => request_var('password_confirm', '', true),
177 'email' => strtolower(request_var('email', '')),
178 'email_confirm' => strtolower(request_var('email_confirm', '')),
179 'confirm_code' => request_var('confirm_code', ''),
180 'lang' => basename(request_var('lang', $user->lang_name)),
181 'tz' => request_var('tz', (float) $timezone),
182 );
183
184 // Check and initialize some variables if needed
185 if ($submit)
186 {
187 $error = validate_data($data, array(
188 'username' => array(
189 array('string', false, $config['min_name_chars'], $config['max_name_chars']),
190 array('username', '')),
191 'new_password' => array(
192 array('string', false, $config['min_pass_chars'], $config['max_pass_chars']),
193 array('password')),
194 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']),
195 'email' => array(
196 array('string', false, 6, 60),
197 array('email')),
198 'email_confirm' => array('string', false, 6, 60),
199 'confirm_code' => array('string', !$config['enable_confirm'], 5, 8),
200 'tz' => array('num', false, -14, 14),
201 'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
202 ));
203
204 // Replace "error" strings with their real, localised form
205 $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
206
207 // DNSBL check
208 if ($config['check_dnsbl'])
209 {
210 if (($dnsbl = $user->check_dnsbl('register')) !== false)
211 {
212 $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
213 }
214 }
215
216 // validate custom profile fields
217 $cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error);
218
219 // Visual Confirmation handling
220 $wrong_confirm = false;
221 if ($config['enable_confirm'])
222 {
223 if (!$confirm_id)
224 {
225 $error[] = $user->lang['CONFIRM_CODE_WRONG'];
226 $wrong_confirm = true;
227 }
228 else
229 {
230 $sql = 'SELECT code
231 FROM ' . CONFIRM_TABLE . "
232 WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
233 AND session_id = '" . $db->sql_escape($user->session_id) . "'
234 AND confirm_type = " . CONFIRM_REG;
235 $result = $db->sql_query($sql);
236 $row = $db->sql_fetchrow($result);
237 $db->sql_freeresult($result);
238
239 if ($row)
240 {
241 if (strcasecmp($row['code'], $data['confirm_code']) === 0)
242 {
243 $sql = 'DELETE FROM ' . CONFIRM_TABLE . "
244 WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
245 AND session_id = '" . $db->sql_escape($user->session_id) . "'
246 AND confirm_type = " . CONFIRM_REG;
247 $db->sql_query($sql);
248 }
249 else
250 {
251 $error[] = $user->lang['CONFIRM_CODE_WRONG'];
252 $wrong_confirm = true;
253 }
254 }
255 else
256 {
257 $error[] = $user->lang['CONFIRM_CODE_WRONG'];
258 $wrong_confirm = true;
259 }
260 }
261 }
262
263 if (!sizeof($error))
264 {
265 if ($data['new_password'] != $data['password_confirm'])
266 {
267 $error[] = $user->lang['NEW_PASSWORD_ERROR'];
268 }
269
270 if ($data['email'] != $data['email_confirm'])
271 {
272 $error[] = $user->lang['NEW_EMAIL_ERROR'];
273 }
274 }
275
276 if (!sizeof($error))
277 {
278 $server_url = generate_board_url();
279
280 // Which group by default?
281 $group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED';
282
283 $sql = 'SELECT group_id
284 FROM ' . GROUPS_TABLE . "
285 WHERE group_name = '" . $db->sql_escape($group_name) . "'
286 AND group_type = " . GROUP_SPECIAL;
287 $result = $db->sql_query($sql);
288 $row = $db->sql_fetchrow($result);
289 $db->sql_freeresult($result);
290
291 if (!$row)
292 {
293 trigger_error('NO_GROUP');
294 }
295
296 $group_id = $row['group_id'];
297
298 if (($coppa ||
299 $config['require_activation'] == USER_ACTIVATION_SELF ||
300 $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable'])
301 {
302 $user_actkey = gen_rand_string(10);
303 $key_len = 54 - (strlen($server_url));
304 $key_len = ($key_len < 6) ? 6 : $key_len;
305 $user_actkey = substr($user_actkey, 0, $key_len);
306
307 $user_type = USER_INACTIVE;
308 $user_inactive_reason = INACTIVE_REGISTER;
309 $user_inactive_time = time();
310 }
311 else
312 {
313 $user_type = USER_NORMAL;
314 $user_actkey = '';
315 $user_inactive_reason = 0;
316 $user_inactive_time = 0;
317 }
318
319 $user_row = array(
320 'username' => $data['username'],
321 'user_password' => phpbb_hash($data['new_password']),
322 'user_email' => $data['email'],
323 'group_id' => (int) $group_id,
324 'user_timezone' => (float) $data['tz'],
325 'user_dst' => $is_dst,
326 'user_lang' => $data['lang'],
327 'user_type' => $user_type,
328 'user_actkey' => $user_actkey,
329 'user_ip' => $user->ip,
330 'user_regdate' => time(),
331 'user_inactive_reason' => $user_inactive_reason,
332 'user_inactive_time' => $user_inactive_time,
333 );
334
335 // Register user...
336 $user_id = user_add($user_row, $cp_data);
337
338 // This should not happen, because the required variables are listed above...
339 if ($user_id === false)
340 {
341 trigger_error('NO_USER', E_USER_ERROR);
342 }
343
344 if ($coppa && $config['email_enable'])
345 {
346 $message = $user->lang['ACCOUNT_COPPA'];
347 $email_template = 'coppa_welcome_inactive';
348 }
349 else if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable'])
350 {
351 $message = $user->lang['ACCOUNT_INACTIVE'];
352 $email_template = 'user_welcome_inactive';
353 }
354 else if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable'])
355 {
356 $message = $user->lang['ACCOUNT_INACTIVE_ADMIN'];
357 $email_template = 'admin_welcome_inactive';
358 }
359 else
360 {
361 $message = $user->lang['ACCOUNT_ADDED'];
362 $email_template = 'user_welcome';
363 }
364
365 if ($config['email_enable'])
366 {
367 include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
368
369 $messenger = new messenger(false);
370
371 $messenger->template($email_template, $data['lang']);
372
373 $messenger->to($data['email'], $data['username']);
374
375 $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
376 $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
377 $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
378 $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
379
380 $messenger->assign_vars(array(
381 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
382 'USERNAME' => htmlspecialchars_decode($data['username']),
383 'PASSWORD' => htmlspecialchars_decode($data['new_password']),
384 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
385 );
386
387 if ($coppa)
388 {
389 $messenger->assign_vars(array(
390 'FAX_INFO' => $config['coppa_fax'],
391 'MAIL_INFO' => $config['coppa_mail'],
392 'EMAIL_ADDRESS' => $data['email'])
393 );
394 }
395
396 $messenger->send(NOTIFY_EMAIL);
397
398 if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
399 {
400 // Grab an array of user_id's with a_user permissions ... these users can activate a user
401 $admin_ary = $auth->acl_get_list(false, 'a_user', false);
402 $admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array();
403
404 // Also include founders
405 $where_sql = ' WHERE user_type = ' . USER_FOUNDER;
406
407 if (sizeof($admin_ary))
408 {
409 $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary);
410 }
411
412 $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type
413 FROM ' . USERS_TABLE . ' ' .
414 $where_sql;
415 $result = $db->sql_query($sql);
416
417 while ($row = $db->sql_fetchrow($result))
418 {
419 $messenger->template('admin_activate', $row['user_lang']);
420 $messenger->to($row['user_email'], $row['username']);
421 $messenger->im($row['user_jabber'], $row['username']);
422
423 $messenger->assign_vars(array(
424 'USERNAME' => htmlspecialchars_decode($data['username']),
425 'U_USER_DETAILS' => "$server_url/memberlist.$phpEx?mode=viewprofile&u=$user_id",
426 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
427 );
428
429 $messenger->send($row['user_notify_type']);
430 }
431 $db->sql_freeresult($result);
432 }
433 }
434
435 $message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
436 trigger_error($message);
437 }
438 }
439
440 $s_hidden_fields = array(
441 'agreed' => 'true',
442 'change_lang' => 0,
443 );
444
445 if ($config['coppa_enable'])
446 {
447 $s_hidden_fields['coppa'] = $coppa;
448 }
449 $s_hidden_fields = build_hidden_fields($s_hidden_fields);
450
451 $confirm_image = '';
452
453 // Visual Confirmation - Show images
454 if ($config['enable_confirm'])
455 {
456 $str = '';
457 if (!$change_lang)
458 {
459 $user->confirm_gc(CONFIRM_REG);
460
461 $sql = 'SELECT COUNT(session_id) AS attempts
462 FROM ' . CONFIRM_TABLE . "
463 WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
464 AND confirm_type = " . CONFIRM_REG;
465 $result = $db->sql_query($sql);
466 $attempts = (int) $db->sql_fetchfield('attempts');
467 $db->sql_freeresult($result);
468
469 if ($config['max_reg_attempts'] && $attempts > $config['max_reg_attempts'])
470 {
471 trigger_error('TOO_MANY_REGISTERS');
472 }
473
474 $code = gen_rand_string(mt_rand(5, 8));
475 $confirm_id = md5(unique_id($user->ip));
476 $seed = hexdec(substr(unique_id(), 4, 10));
477
478 // compute $seed % 0x7fffffff
479 $seed -= 0x7fffffff * floor($seed / 0x7fffffff);
480
481 $sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
482 'confirm_id' => (string) $confirm_id,
483 'session_id' => (string) $user->session_id,
484 'confirm_type' => (int) CONFIRM_REG,
485 'code' => (string) $code,
486 'seed' => (int) $seed)
487 );
488 $db->sql_query($sql);
489 }
490 else
491 {
492 $str .= '&change_lang=' . $change_lang;
493 }
494
495 $confirm_image = '<img src="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=confirm&id=' . $confirm_id . '&type=' . CONFIRM_REG . $str) . '" alt="" title="" />';
496 $s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />';
497 }
498
499 //
500 $l_reg_cond = '';
501 switch ($config['require_activation'])
502 {
503 case USER_ACTIVATION_SELF:
504 $l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE'];
505 break;
506
507 case USER_ACTIVATION_ADMIN:
508 $l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE'];
509 break;
510 }
511
512 $template->assign_vars(array(
513 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
514 'USERNAME' => $data['username'],
515 'PASSWORD' => $data['new_password'],
516 'PASSWORD_CONFIRM' => $data['password_confirm'],
517 'EMAIL' => $data['email'],
518 'EMAIL_CONFIRM' => $data['email_confirm'],
519 'CONFIRM_IMG' => $confirm_image,
520
521 'L_CONFIRM_EXPLAIN' => sprintf($user->lang['CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'),
522 'L_REG_COND' => $l_reg_cond,
523 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
524 'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
525
526 'S_LANG_OPTIONS' => language_select($data['lang']),
527 'S_TZ_OPTIONS' => tz_select($data['tz']),
528 'S_CONFIRM_CODE' => ($config['enable_confirm']) ? true : false,
529 'S_COPPA' => $coppa,
530 'S_HIDDEN_FIELDS' => $s_hidden_fields,
531 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),
532 'S_TIME' => 1000 * ((int) $config['min_time_reg']),
533 )
534 );
535
536 //
537 $user->profile_fields = array();
538
539 // Generate profile fields -> Template Block Variable profile_fields
540 $cp->generate_profile_fields('register', $user->get_iso_lang_id());
541
542 //
543 $this->tpl_name = 'ucp_register';
544 $this->page_title = 'UCP_REGISTRATION';
545 }
546 }
547
548 ?>