2009-01-19 07:13:36 +00:00
< ? php
2009-01-20 05:52:10 +00:00
// This file uses two additional include files:
2009-01-19 07:13:36 +00:00
//
2009-01-20 05:52:10 +00:00
// 1) templates/register_notice.txt - displayed above the registration form
// 2) register_expire_do.php - contains user expiration queries when necessary
2009-01-19 07:13:36 +00:00
2011-12-11 19:59:25 +00:00
set_include_path ( get_include_path () . PATH_SEPARATOR . " include " );
2011-12-11 19:10:51 +00:00
require_once 'lib/phpmailer/class.phpmailer.php' ;
2009-01-19 07:13:36 +00:00
$action = $_REQUEST [ " action " ];
2010-11-10 10:14:44 +00:00
require_once " functions.php " ;
2009-01-19 07:13:36 +00:00
require_once " sessions.php " ;
require_once " sanity_check.php " ;
require_once " config.php " ;
require_once " db.php " ;
2011-04-14 13:48:26 +00:00
$link = db_connect ( DB_HOST , DB_USER , DB_PASS , DB_NAME );
2011-12-13 10:49:11 +00:00
if ( ! init_connection ( $link )) return ;
2009-01-19 07:13:36 +00:00
2011-11-07 13:06:18 +00:00
if ( $_REQUEST [ " format " ] == " feed " ) {
header ( " Content-Type: text/xml " );
print '<?xml version="1.0" encoding="utf-8"?>' ;
print " <feed xmlns= \" http://www.w3.org/2005/Atom \" >
< id > " .htmlspecialchars(SELF_URL_PATH . " / register . php " ). " </ id >
< title > Tiny Tiny RSS registration slots </ title >
< link rel = \ " self \" href= \" " . htmlspecialchars ( SELF_URL_PATH . " /register.php?format=feed " ) . " \" />
< link rel = \ " alternate \" href= \" " . htmlspecialchars ( SELF_URL_PATH ) . " \" /> " ;
if ( ENABLE_REGISTRATION ) {
$result = db_query ( $link , " SELECT COUNT(*) AS cu FROM ttrss_users " );
$num_users = db_fetch_result ( $result , 0 , " cu " );
2011-11-09 14:28:54 +00:00
$num_users = REG_MAX_USERS - $num_users ;
2011-11-07 13:06:18 +00:00
if ( $num_users < 0 ) $num_users = 0 ;
$reg_suffix = " enabled " ;
} else {
$num_users = 0 ;
$reg_suffix = " disabled " ;
}
print " <entry>
< id > " .htmlspecialchars(SELF_URL_PATH). " / register . php ? $num_users " . " </ id >
< link rel = \ " alternate \" href= \" " . htmlspecialchars ( SELF_URL_PATH . " /register.php " ) . " \" /> " ;
print " <title> $num_users slots are currently available, registration $reg_suffix </title> " ;
print " <summary> $num_users slots are currently available, registration $reg_suffix </summary> " ;
print " </entry> " ;
print " </feed> " ;
return ;
}
2009-01-19 07:13:36 +00:00
/* Remove users which didn't login after receiving their registration information */
if ( DB_TYPE == " pgsql " ) {
2011-04-14 13:48:26 +00:00
db_query ( $link , " DELETE FROM ttrss_users WHERE last_login IS NULL
2009-01-19 07:13:36 +00:00
AND created < NOW () - INTERVAL '1 day' AND access_level = 0 " );
} else {
2011-04-14 13:48:26 +00:00
db_query ( $link , " DELETE FROM ttrss_users WHERE last_login IS NULL
2009-01-19 07:13:36 +00:00
AND created < DATE_SUB ( NOW (), INTERVAL 1 DAY ) AND access_level = 0 " );
}
2009-01-20 05:52:10 +00:00
if ( file_exists ( " register_expire_do.php " )) {
require_once " register_expire_do.php " ;
}
2009-01-19 07:13:36 +00:00
if ( $action == " check " ) {
header ( " Content-Type: application/xml " );
$login = trim ( db_escape_string ( $_REQUEST [ 'login' ]));
$result = db_query ( $link , " SELECT id FROM ttrss_users WHERE
LOWER ( login ) = LOWER ( '$login' ) " );
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$is_registered = db_num_rows ( $result ) > 0 ;
print " <result> " ;
printf ( " %d " , $is_registered );
print " </result> " ;
return ;
}
?>
< html >
< head >
< title > Create new account </ title >
< meta http - equiv = " Content-Type " content = " text/html; charset=utf-8 " >
< link rel = " stylesheet " type = " text/css " href = " utility.css " >
2011-12-11 19:59:25 +00:00
< script type = " text/javascript " src = " js/functions.js " ></ script >
2009-01-22 13:41:34 +00:00
< script type = " text/javascript " src = " lib/prototype.js " ></ script >
2009-01-22 13:36:04 +00:00
< script type = " text/javascript " src = " lib/scriptaculous/scriptaculous.js?load=effects,dragdrop,controls " ></ script >
2009-01-19 07:13:36 +00:00
</ head >
< script type = " text/javascript " >
function checkUsername () {
try {
var f = document . forms [ 'register_form' ];
var login = f . login . value ;
if ( login == " " ) {
new Effect . Highlight ( f . login );
f . sub_btn . disabled = true ;
return false ;
}
2011-04-14 13:48:26 +00:00
var query = " register.php?action=check&login= " +
2009-01-19 07:13:36 +00:00
param_escape ( login );
new Ajax . Request ( query , {
2011-04-14 13:48:26 +00:00
onComplete : function ( transport ) {
2009-01-19 07:13:36 +00:00
try {
var reply = transport . responseXML ;
var result = reply . getElementsByTagName ( 'result' )[ 0 ];
var result_code = result . firstChild . nodeValue ;
if ( result_code == 0 ) {
new Effect . Highlight ( f . login , { startcolor : '#00ff00' });
f . sub_btn . disabled = false ;
} else {
new Effect . Highlight ( f . login , { startcolor : '#ff0000' });
f . sub_btn . disabled = true ;
2011-04-14 13:48:26 +00:00
}
2009-01-19 07:13:36 +00:00
} catch ( e ) {
exception_error ( " checkUsername_callback " , e );
}
} });
} catch ( e ) {
exception_error ( " checkUsername " , e );
}
return false ;
}
function validateRegForm () {
try {
var f = document . forms [ 'register_form' ];
if ( f . login . value . length == 0 ) {
new Effect . Highlight ( f . login );
return false ;
}
if ( f . email . value . length == 0 ) {
new Effect . Highlight ( f . email );
return false ;
}
if ( f . turing_test . value . length == 0 ) {
new Effect . Highlight ( f . turing_test );
return false ;
}
return true ;
} catch ( e ) {
exception_error ( " validateRegForm " , e );
return false ;
}
}
</ script >
< body >
2011-04-20 07:52:17 +00:00
< div class = " floatingLogo " >< img src = " images/logo_wide.png " ></ div >
2009-01-19 07:13:36 +00:00
< h1 >< ? php echo __ ( " Create new account " ) ?> </h1>
< ? php
if ( ! ENABLE_REGISTRATION ) {
print_error ( __ ( " New user registrations are administratively disabled. " ));
2011-04-20 07:46:16 +00:00
print " <p><form method= \" GET \" action= \" backend.php \" >
< input type = \ " hidden \" name= \" op \" value= \" logout \" >
2009-01-19 07:13:36 +00:00
< input type = \ " submit \" value= \" " . __ ( " Return to Tiny Tiny RSS " ) . " \" >
</ form > " ;
return ;
}
?>
< ? php if ( REG_MAX_USERS > 0 ) {
$result = db_query ( $link , " SELECT COUNT(*) AS cu FROM ttrss_users " );
$num_users = db_fetch_result ( $result , 0 , " cu " );
} ?>
2009-12-24 12:46:57 +00:00
< ? php if ( ! REG_MAX_USERS || $num_users < REG_MAX_USERS ) { ?>
2009-01-19 07:13:36 +00:00
2009-01-20 05:59:49 +00:00
<!-- If you have any rules or ToS you ' d like to display , enter them here -->
< ? php if ( file_exists ( " templates/register_notice.txt " )) {
require_once " templates/register_notice.txt " ;
} ?>
2009-12-24 12:46:57 +00:00
< ? php if ( ! $action ) { ?>
2011-04-14 13:48:26 +00:00
< p >< ? php echo __ ( 'Your temporary password will be sent to the specified email. Accounts, which were not logged in once, are erased automatically 24 hours after temporary password is sent.' ) ?> </p>
2009-01-19 07:13:36 +00:00
< form action = " register.php " method = " POST " name = " register_form " >
< input type = " hidden " name = " action " value = " do_register " >
< table >
< tr >
< td >< ? php echo __ ( 'Desired login:' ) ?> </td><td>
< input name = " login " >
</ td >< td >
< input type = " submit " value = " <?php echo __('Check availability') ?> " onclick = 'return checkUsername()' >
</ td ></ tr >
2011-12-10 17:26:59 +00:00
< tr >< td >< ? php echo __ ( 'Email:' ) ?> </td><td>
2009-01-19 07:13:36 +00:00
< input name = " email " >
</ td ></ tr >
2011-12-10 17:26:59 +00:00
< tr >< td >< ? php echo __ ( 'How much is two plus two:' ) ?> </td><td>
2009-01-19 07:13:36 +00:00
< input name = " turing_test " ></ td ></ tr >
< tr >< td colspan = " 2 " align = " right " >
2009-01-25 17:19:09 +00:00
< input type = " submit " name = " sub_btn " value = " <?php echo __('Submit registration') ?> "
2011-12-10 18:21:54 +00:00
disabled = " disabled " onclick = 'return validateRegForm()' >
2009-01-19 07:13:36 +00:00
</ td ></ tr >
</ table >
</ form >
2009-01-19 07:15:15 +00:00
2011-12-11 19:59:25 +00:00
< ? php print " <p><form method= \" GET \" action= \" index.php \" >
2009-01-19 07:15:15 +00:00
< input type = \ " submit \" value= \" " . __ ( " Return to Tiny Tiny RSS " ) . " \" >
</ form > " ; ?>
2009-12-24 12:46:57 +00:00
< ? php } else if ( $action == " do_register " ) { ?>
2011-04-14 13:48:26 +00:00
2009-12-24 12:46:57 +00:00
< ? php
2009-01-19 07:13:36 +00:00
$login = mb_strtolower ( trim ( db_escape_string ( $_REQUEST [ " login " ])));
$email = trim ( db_escape_string ( $_REQUEST [ " email " ]));
$test = trim ( db_escape_string ( $_REQUEST [ " turing_test " ]));
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
if ( ! $login || ! $email || ! $test ) {
2009-01-19 07:19:05 +00:00
print_error ( __ ( " Your registration information is incomplete. " ));
2011-12-11 19:59:25 +00:00
print " <p><form method= \" GET \" action= \" index.php \" >
2009-01-19 07:19:05 +00:00
< input type = \ " submit \" value= \" " . __ ( " Return to Tiny Tiny RSS " ) . " \" >
</ form > " ;
2009-01-19 07:13:36 +00:00
return ;
}
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
if ( $test == " four " || $test == " 4 " ) {
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$result = db_query ( $link , " SELECT id FROM ttrss_users WHERE
login = '$login' " );
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$is_registered = db_num_rows ( $result ) > 0 ;
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
if ( $is_registered ) {
print_error ( __ ( 'Sorry, this username is already taken.' ));
2011-12-11 19:59:25 +00:00
print " <p><form method= \" GET \" action= \" index.php \" >
2009-01-19 07:13:36 +00:00
< input type = \ " submit \" value= \" " . __ ( " Return to Tiny Tiny RSS " ) . " \" >
</ form > " ;
} else {
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$password = make_password ();
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$pwd_hash = encrypt_password ( $password , $login );
2011-04-14 13:48:26 +00:00
db_query ( $link , " INSERT INTO ttrss_users
2009-01-19 07:13:36 +00:00
( login , pwd_hash , access_level , last_login , email , created )
VALUES ( '$login' , '$pwd_hash' , 0 , null , '$email' , NOW ()) " );
2011-04-14 13:48:26 +00:00
$result = db_query ( $link , " SELECT id FROM ttrss_users WHERE
2009-01-19 07:13:36 +00:00
login = '$login' AND pwd_hash = '$pwd_hash' " );
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
if ( db_num_rows ( $result ) != 1 ) {
print_error ( __ ( 'Registration failed.' ));
2011-12-11 19:59:25 +00:00
print " <p><form method= \" GET \" action= \" index.php \" >
2009-01-19 07:13:36 +00:00
< input type = \ " submit \" value= \" " . __ ( " Return to Tiny Tiny RSS " ) . " \" >
</ form > " ;
} else {
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$new_uid = db_fetch_result ( $result , 0 , " id " );
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
initialize_user ( $link , $new_uid );
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$reg_text = " Hi! \n " .
" \n " .
" You are receiving this message, because you (or somebody else) have opened \n " .
" an account at Tiny Tiny RSS. \n " .
" \n " .
" Your login information is as follows: \n " .
" \n " .
" Login: $login\n " .
" Password: $password\n " .
" \n " .
" Don't forget to login at least once to your new account, otherwise \n " .
" it will be deleted in 24 hours. \n " .
" \n " .
" If that wasn't you, just ignore this message. Thanks. " ;
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$mail = new PHPMailer ();
2011-04-14 13:48:26 +00:00
2009-01-22 13:28:15 +00:00
$mail -> PluginDir = " lib/phpmailer/ " ;
$mail -> SetLanguage ( " en " , " lib/phpmailer/language/ " );
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$mail -> CharSet = " UTF-8 " ;
2011-04-14 13:48:26 +00:00
2011-12-13 15:20:26 +00:00
$mail -> From = SMTP_FROM_ADDRESS ;
$mail -> FromName = SMTP_FROM_NAME ;
2009-01-19 07:13:36 +00:00
$mail -> AddAddress ( $email );
2011-04-14 13:48:26 +00:00
2011-12-13 15:20:26 +00:00
if ( SMTP_HOST ) {
$mail -> Host = SMTP_HOST ;
2009-01-19 07:13:36 +00:00
$mail -> Mailer = " smtp " ;
2011-12-13 15:20:26 +00:00
$mail -> Username = SMTP_LOGIN ;
$mail -> Password = SMTP_PASSWORD ;
2009-01-19 07:13:36 +00:00
}
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
// $mail->IsHTML(true);
$mail -> Subject = " Registration information for Tiny Tiny RSS " ;
$mail -> Body = $reg_text ;
// $mail->AltBody = $digest_text;
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$rc = $mail -> Send ();
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
if ( ! $rc ) print_error ( $mail -> ErrorInfo );
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$reg_text = " Hi! \n " .
" \n " .
" New user had registered at your Tiny Tiny RSS installation. \n " .
" \n " .
" Login: $login\n " .
" Email: $email\n " ;
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$mail = new PHPMailer ();
2011-04-14 13:48:26 +00:00
2009-01-22 13:28:15 +00:00
$mail -> PluginDir = " lib/phpmailer/ " ;
$mail -> SetLanguage ( " en " , " lib/phpmailer/language/ " );
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$mail -> CharSet = " UTF-8 " ;
2011-04-14 13:48:26 +00:00
2011-12-13 15:20:26 +00:00
$mail -> From = SMTP_FROM_ADDRESS ;
$mail -> FromName = SMTP_FROM_NAME ;
2009-01-19 07:13:36 +00:00
$mail -> AddAddress ( REG_NOTIFY_ADDRESS );
2011-04-14 13:48:26 +00:00
2011-12-13 15:20:26 +00:00
if ( SMTP_HOST ) {
$mail -> Host = SMTP_HOST ;
2009-01-19 07:13:36 +00:00
$mail -> Mailer = " smtp " ;
2011-12-13 15:20:26 +00:00
$mail -> Username = SMTP_LOGIN ;
$mail -> Password = SMTP_PASSWORD ;
2009-01-19 07:13:36 +00:00
}
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
// $mail->IsHTML(true);
$mail -> Subject = " Registration notice for Tiny Tiny RSS " ;
$mail -> Body = $reg_text ;
// $mail->AltBody = $digest_text;
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
$rc = $mail -> Send ();
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
print_notice ( __ ( " Account created successfully. " ));
2011-04-14 13:48:26 +00:00
2011-12-11 19:59:25 +00:00
print " <p><form method= \" GET \" action= \" index.php \" >
2009-01-19 07:13:36 +00:00
< input type = \ " submit \" value= \" " . __ ( " Return to Tiny Tiny RSS " ) . " \" >
</ form > " ;
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
}
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
}
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
} else {
print_error ( 'Plese check the form again, you have failed the robot test.' );
2011-12-11 19:59:25 +00:00
print " <p><form method= \" GET \" action= \" index.php \" >
2009-01-19 07:13:36 +00:00
< input type = \ " submit \" value= \" " . __ ( " Return to Tiny Tiny RSS " ) . " \" >
</ form > " ;
2011-04-14 13:48:26 +00:00
2009-01-19 07:13:36 +00:00
}
}
?>
2009-12-24 12:46:57 +00:00
< ? php } else { ?>
2009-01-19 07:13:36 +00:00
< ? php print_notice ( __ ( 'New user registrations are currently closed.' )) ?>
2011-12-11 19:59:25 +00:00
< ? php print " <p><form method= \" GET \" action= \" index.php \" >
2009-01-19 07:13:36 +00:00
< input type = \ " submit \" value= \" " . __ ( " Return to Tiny Tiny RSS " ) . " \" >
</ form > " ; ?>
2009-12-24 12:46:57 +00:00
< ? php } ?>
2009-01-19 07:13:36 +00:00
</ body >
</ html >