Line 37 | Line 37 |
---|
include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
|
include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
|
$confirm_id = request_var('confirm_id', '');
| |
$coppa = (isset($_REQUEST['coppa'])) ? ((!empty($_REQUEST['coppa'])) ? 1 : 0) : false; $agreed = (!empty($_POST['agreed'])) ? 1 : 0; $submit = (isset($_POST['submit'])) ? true : false; $change_lang = request_var('change_lang', ''); $user_lang = request_var('lang', $user->lang_name);
|
$coppa = (isset($_REQUEST['coppa'])) ? ((!empty($_REQUEST['coppa'])) ? 1 : 0) : false; $agreed = (!empty($_POST['agreed'])) ? 1 : 0; $submit = (isset($_POST['submit'])) ? true : false; $change_lang = request_var('change_lang', ''); $user_lang = request_var('lang', $user->lang_name);
|
// not so fast, buddy if (($submit && !check_form_key('ucp_register', false, '', false, $config['min_time_reg'])) || (!$submit && !check_form_key('ucp_register_terms', false, '', false, $config['min_time_terms']))) { $agreed = false; }
| |
if ($agreed) {
| if ($agreed) {
|
Line 60 | Line 51 |
---|
{ add_form_key('ucp_register_terms'); }
|
{ add_form_key('ucp_register_terms'); }
|
| |
if ($change_lang || $user_lang != $config['default_lang']) { $use_lang = ($change_lang) ? basename($change_lang) : basename($user_lang);
|
if ($change_lang || $user_lang != $config['default_lang']) { $use_lang = ($change_lang) ? basename($change_lang) : basename($user_lang);
|
if (file_exists($phpbb_root_path . 'language/' . $use_lang . '/'))
| if (!validate_language_iso_name($use_lang))
|
{ if ($change_lang) {
| { if ($change_lang) {
|
Line 76 | Line 66 |
---|
$agreed = (empty($_GET['change_lang'])) ? 0 : $agreed; }
|
$agreed = (empty($_GET['change_lang'])) ? 0 : $agreed; }
|
$user->lang_name = $lang = $use_lang; $user->lang_path = $phpbb_root_path . 'language/' . $lang . '/';
| $user->lang_name = $user_lang = $use_lang;
|
$user->lang = array();
|
$user->lang = array();
|
| $user->data['user_lang'] = $user->lang_name;
|
$user->add_lang(array('common', 'ucp')); } else
| $user->add_lang(array('common', 'ucp')); } else
|
Line 87 | Line 77 |
---|
$user_lang = $user->lang_name; } }
|
$user_lang = $user->lang_name; } }
|
|
|
$cp = new custom_profile();
$error = $cp_data = $cp_error = array();
|
$cp = new custom_profile();
$error = $cp_data = $cp_error = array();
|
//
| |
if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable'])) { $add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : ''; $add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : '';
|
if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable'])) { $add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : ''; $add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : '';
|
$s_hidden_fields = ($confirm_id) ? array('confirm_id' => $confirm_id) : array();
| $s_hidden_fields = array( 'change_lang' => $change_lang, );
|
// If we change the language, we want to pass on some more possible parameter. if ($change_lang) {
|
// If we change the language, we want to pass on some more possible parameter. if ($change_lang) {
|
// We do not include the password!
| // We do not include the password
|
$s_hidden_fields = array_merge($s_hidden_fields, array( 'username' => utf8_normalize_nfc(request_var('username', '', true)), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')),
|
$s_hidden_fields = array_merge($s_hidden_fields, array( 'username' => utf8_normalize_nfc(request_var('username', '', true)), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')),
|
'confirm_code' => request_var('confirm_code', ''),
| |
'lang' => $user->lang_name, 'tz' => request_var('tz', (float) $config['board_timezone']), ));
|
'lang' => $user->lang_name, 'tz' => request_var('tz', (float) $config['board_timezone']), ));
|
|
|
}
|
}
|
| // Checking amount of available languages $sql = 'SELECT lang_id FROM ' . LANG_TABLE; $result = $db->sql_query($sql);
$lang_row = array(); while ($row = $db->sql_fetchrow($result)) { $lang_row[] = $row; } $db->sql_freeresult($result);
|
if ($coppa === false && $config['coppa_enable']) {
| if ($coppa === false && $config['coppa_enable']) {
|
Line 121 | Line 125 |
---|
unset($now);
$template->assign_vars(array(
|
unset($now);
$template->assign_vars(array(
|
| 'S_LANG_OPTIONS' => (sizeof($lang_row) > 1) ? language_select($user_lang) : '',
|
'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday),
| 'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday), 'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday),
|
Line 135 | Line 140 |
---|
else { $template->assign_vars(array(
|
else { $template->assign_vars(array(
|
| 'S_LANG_OPTIONS' => (sizeof($lang_row) > 1) ? language_select($user_lang) : '',
|
'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()),
'S_SHOW_COPPA' => false, 'S_REGISTRATION' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa),
|
'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()),
'S_SHOW_COPPA' => false, 'S_REGISTRATION' => true, 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields), 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa),
|
'S_TIME' => 1000 * ((int) $config['min_time_terms']),
| |
) ); }
|
) ); }
|
| unset($lang_row);
|
$this->tpl_name = 'ucp_agreement'; return; }
|
$this->tpl_name = 'ucp_agreement'; return; }
|
// Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1 $timezone = date('Z') / 3600; $is_dst = date('I');
if ($config['board_timezone'] == $timezone || $config['board_timezone'] == ($timezone - 1))
| // The CAPTCHA kicks in here. We can't help that the information gets lost on language change. if ($config['enable_confirm'])
|
{
|
{
|
$timezone = ($is_dst) ? $timezone - 1 : $timezone;
| include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx); $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_REG); }
|
|
|
if (!isset($user->lang['tz_zones'][(string) $timezone])) { $timezone = $config['board_timezone']; } } else {
| |
$is_dst = $config['board_dst']; $timezone = $config['board_timezone'];
|
$is_dst = $config['board_dst']; $timezone = $config['board_timezone'];
|
}
| |
$data = array( 'username' => utf8_normalize_nfc(request_var('username', '', true)),
| $data = array( 'username' => utf8_normalize_nfc(request_var('username', '', true)),
|
Line 176 | Line 174 |
---|
'password_confirm' => request_var('password_confirm', '', true), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')),
|
'password_confirm' => request_var('password_confirm', '', true), 'email' => strtolower(request_var('email', '')), 'email_confirm' => strtolower(request_var('email_confirm', '')),
|
'confirm_code' => request_var('confirm_code', ''),
| |
'lang' => basename(request_var('lang', $user->lang_name)), 'tz' => request_var('tz', (float) $timezone), );
| 'lang' => basename(request_var('lang', $user->lang_name)), 'tz' => request_var('tz', (float) $timezone), );
|
Line 196 | Line 193 |
---|
array('string', false, 6, 60), array('email')), 'email_confirm' => array('string', false, 6, 60),
|
array('string', false, 6, 60), array('email')), 'email_confirm' => array('string', false, 6, 60),
|
'confirm_code' => array('string', !$config['enable_confirm'], 5, 8),
| |
'tz' => array('num', false, -14, 14),
|
'tz' => array('num', false, -14, 14),
|
'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
| 'lang' => array('language_iso_name'),
|
));
|
));
|
// Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
// DNSBL check if ($config['check_dnsbl'])
| if (!check_form_key('ucp_register'))
|
{
|
{
|
if (($dnsbl = $user->check_dnsbl('register')) !== false) { $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]); }
| $error[] = $user->lang['FORM_INVALID'];
|
}
|
}
|
// validate custom profile fields $cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error);
| // Replace "error" strings with their real, localised form $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
|
|
|
// Visual Confirmation handling $wrong_confirm = false;
| |
if ($config['enable_confirm']) {
|
if ($config['enable_confirm']) {
|
if (!$confirm_id)
| $vc_response = $captcha->validate($data); if ($vc_response !== false)
|
{
|
{
|
$error[] = $user->lang['CONFIRM_CODE_WRONG']; $wrong_confirm = true;
| $error[] = $vc_response;
|
}
|
}
|
else { $sql = 'SELECT code FROM ' . CONFIRM_TABLE . " WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "' AND session_id = '" . $db->sql_escape($user->session_id) . "' AND confirm_type = " . CONFIRM_REG; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result);
| |
|
|
if ($row)
| if ($config['max_reg_attempts'] && $captcha->get_attempt_count() > $config['max_reg_attempts'])
|
{
|
{
|
if (strcasecmp($row['code'], $data['confirm_code']) === 0) { $sql = 'DELETE FROM ' . CONFIRM_TABLE . " WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "' AND session_id = '" . $db->sql_escape($user->session_id) . "' AND confirm_type = " . CONFIRM_REG; $db->sql_query($sql);
| $error[] = $user->lang['TOO_MANY_REGISTERS'];
|
}
|
}
|
else { $error[] = $user->lang['CONFIRM_CODE_WRONG']; $wrong_confirm = true;
| |
}
|
}
|
} else
| // DNSBL check if ($config['check_dnsbl'])
|
{
|
{
|
$error[] = $user->lang['CONFIRM_CODE_WRONG']; $wrong_confirm = true; }
| if (($dnsbl = $user->check_dnsbl('register')) !== false) { $error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
|
} }
|
} }
|
| // validate custom profile fields $cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error);
|
if (!sizeof($error)) {
| if (!sizeof($error)) {
|
Line 299 | Line 270 |
---|
$config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) {
|
$config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable']) {
|
$user_actkey = gen_rand_string(10); $key_len = 54 - (strlen($server_url)); $key_len = ($key_len < 6) ? 6 : $key_len; $user_actkey = substr($user_actkey, 0, $key_len);
| $user_actkey = gen_rand_string(mt_rand(6, 10));
|
$user_type = USER_INACTIVE; $user_inactive_reason = INACTIVE_REGISTER; $user_inactive_time = time();
| $user_type = USER_INACTIVE; $user_inactive_reason = INACTIVE_REGISTER; $user_inactive_time = time();
|
Line 331 | Line 298 |
---|
'user_inactive_reason' => $user_inactive_reason, 'user_inactive_time' => $user_inactive_time, );
|
'user_inactive_reason' => $user_inactive_reason, 'user_inactive_time' => $user_inactive_time, );
|
| if ($config['new_member_post_limit']) { $user_row['user_new'] = 1; }
|
// Register user... $user_id = user_add($user_row, $cp_data);
| // Register user... $user_id = user_add($user_row, $cp_data);
|
Line 339 | Line 311 |
---|
if ($user_id === false) { trigger_error('NO_USER', E_USER_ERROR);
|
if ($user_id === false) { trigger_error('NO_USER', E_USER_ERROR);
|
| }
// Okay, captcha, your job is done. if ($config['enable_confirm'] && isset($captcha)) { $captcha->reset();
|
}
if ($coppa && $config['email_enable'])
| }
if ($coppa && $config['email_enable'])
|
Line 372 | Line 350 |
---|
$messenger->to($data['email'], $data['username']);
|
$messenger->to($data['email'], $data['username']);
|
$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']); $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']); $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']); $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
| $messenger->anti_abuse_headers($config, $user);
|
$messenger->assign_vars(array( 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
| $messenger->assign_vars(array( 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
|
Line 446 | Line 421 |
---|
{ $s_hidden_fields['coppa'] = $coppa; }
|
{ $s_hidden_fields['coppa'] = $coppa; }
|
$s_hidden_fields = build_hidden_fields($s_hidden_fields);
| |
|
|
| if ($config['enable_confirm']) { $s_hidden_fields = array_merge($s_hidden_fields, $captcha->get_hidden_fields()); } $s_hidden_fields = build_hidden_fields($s_hidden_fields);
|
$confirm_image = '';
// Visual Confirmation - Show images if ($config['enable_confirm']) {
|
$confirm_image = '';
// Visual Confirmation - Show images if ($config['enable_confirm']) {
|
$str = ''; if (!$change_lang) { $user->confirm_gc(CONFIRM_REG); $sql = 'SELECT COUNT(session_id) AS attempts FROM ' . CONFIRM_TABLE . " WHERE session_id = '" . $db->sql_escape($user->session_id) . "' AND confirm_type = " . CONFIRM_REG; $result = $db->sql_query($sql); $attempts = (int) $db->sql_fetchfield('attempts'); $db->sql_freeresult($result);
if ($config['max_reg_attempts'] && $attempts > $config['max_reg_attempts']) { trigger_error('TOO_MANY_REGISTERS'); }
$code = gen_rand_string(mt_rand(5, 8)); $confirm_id = md5(unique_id($user->ip)); $seed = hexdec(substr(unique_id(), 4, 10));
// compute $seed % 0x7fffffff $seed -= 0x7fffffff * floor($seed / 0x7fffffff);
$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array( 'confirm_id' => (string) $confirm_id, 'session_id' => (string) $user->session_id, 'confirm_type' => (int) CONFIRM_REG, 'code' => (string) $code, 'seed' => (int) $seed) ); $db->sql_query($sql); } else { $str .= '&change_lang=' . $change_lang; }
$confirm_image = '<img src="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=confirm&id=' . $confirm_id . '&type=' . CONFIRM_REG . $str) . '" alt="" title="" />'; $s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />';
| $template->assign_vars(array( 'CAPTCHA_TEMPLATE' => $captcha->get_template(), ));
|
}
//
| }
//
|
Line 516 | Line 457 |
---|
'PASSWORD_CONFIRM' => $data['password_confirm'], 'EMAIL' => $data['email'], 'EMAIL_CONFIRM' => $data['email_confirm'],
|
'PASSWORD_CONFIRM' => $data['password_confirm'], 'EMAIL' => $data['email'], 'EMAIL_CONFIRM' => $data['email_confirm'],
|
'CONFIRM_IMG' => $confirm_image,
| |
|
|
'L_CONFIRM_EXPLAIN' => sprintf($user->lang['CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'),
| |
'L_REG_COND' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), 'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
'S_LANG_OPTIONS' => language_select($data['lang']), 'S_TZ_OPTIONS' => tz_select($data['tz']),
|
'L_REG_COND' => $l_reg_cond, 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']), 'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
'S_LANG_OPTIONS' => language_select($data['lang']), 'S_TZ_OPTIONS' => tz_select($data['tz']),
|
'S_CONFIRM_CODE' => ($config['enable_confirm']) ? true : false,
| 'S_CONFIRM_REFRESH' => ($config['enable_confirm'] && $config['confirm_refresh']) ? true : false, 'S_REGISTRATION' => true,
|
'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),
|
'S_COPPA' => $coppa, 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),
|
'S_TIME' => 1000 * ((int) $config['min_time_reg']), ) );
| ));
|
// $user->profile_fields = array();
| // $user->profile_fields = array();
|