search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Codechange: Gruppierung der Ausgabe der Benutzerliste, Tabellen mit <thead> und ...
[wmmkf.git] / register.php
blob86980fa918f04b2049056d48e484b02a715f1c17
1 <?php
2 ###############################################################################
3 # my little forum #
4 # Copyright (C) 2004 Alex #
5 # http://www.mylittlehomepage.net/ #
6 # #
7 # This program is free software; you can redistribute it and/or #
8 # modify it under the terms of the GNU General Public License #
9 # as published by the Free Software Foundation; either version 2 #
10 # of the License, or (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program; if not, write to the Free Software #
19 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. #
20 ###############################################################################
21
22 include("inc.php");
23 include_once("functions/include.prepare.php");
24
25 if(empty($_SESSION[$settings['session_prefix'].'user_id']) && $settings['captcha_register']==1)
26 {
27 require('captcha/captcha.php');
28 $captcha = new captcha();
29 }
30
31 # remove not activated user accounts:
32 @mysql_query("DELETE FROM ".$db_settings['userdata_table']." WHERE registered < (NOW() - INTERVAL 24 HOUR) AND activate_code != '' AND logins=0", $connid);
33
34 if (isset($_POST['action'])) $action = $_POST['action'];
35 if (isset($_GET['action'])) $action = $_GET['action'];
36
37 unset($errors);
38
39 if (isset($_GET['id']) && isset($_GET['key']) && trim($_GET['key'])!='')
40 {
41 $user_id = intval($_GET['id']);
42 $key = trim($_GET['key']);
43 if($user_id==0) $errors[] = true;
44 if($key=='') $errors[] = true;
45
46 if (empty($errors))
47 {
48 $result = mysql_query("SELECT user_name, user_email, activate_code FROM ".$db_settings['userdata_table']." WHERE user_id = ".$user_id." LIMIT 1", $connid);
49 if (!$result) die($lang['db_error']);
50 if (mysql_num_rows($result) != 1) $errors[] = true;
51 $data = mysql_fetch_assoc($result);
52 mysql_free_result($result);
53 }
54 if (empty($errors))
55 {
56 if (trim($data['activate_code']) == '') $errors[] = true;
57 }
58 if (empty($errors))
59 {
60 if ($data['activate_code'] == $key)
61 {
62 @mysql_query("UPDATE ".$db_settings['userdata_table']." SET activate_code = '' WHERE user_id=".$user_id, $connid) or die('x');
63
64 # E-Mail-Benachrichtigung an Admins und Moderatoren:
65 # E-Mail erstellen:
66 $emailbody = strip_tags($lang['new_user_notif_txt']);
67 $emailbody = str_replace("[name]", $data['user_name'], $emailbody);
68 $emailbody = str_replace("[email]", $data['user_email'], $emailbody);
69 $emailbody = str_replace("[user_link]", $settings['forum_address']."user.php?id=".$user_id, $emailbody);
70 $subject = strip_tags($lang['new_user_notif_sj']);
71 # Schauen, wer eine E-Mail-Benachrichtigung will:
72 $admin_result = mysql_query("SELECT user_name, user_email FROM ".$db_settings['userdata_table']." WHERE new_user_notify='1'", $connid);
73 if (!$admin_result) die($lang['db_error']);
74 while ($admin_array = mysql_fetch_assoc($admin_result))
75 {
76 $ind_emailbody = str_replace("[admin]", $admin_array['user_name'], $emailbody);
77 $admin_an = mb_encode_mimeheader($admin_array['user_name'], 'UTF-8')." <".$admin_array['user_email'].">";
78 $sent1[] = processEmail($admin_an, $subject, $ind_emailbody);
79 unset($ind_emailbody);
80 unset($admin_an);
81 }
82 unset($subject);
83 header("location: ".$settings['forum_address']."login.php?msg=user_activated");
84 exit();
85 }
86 else
87 {
88 $errors[] = true;
89 }
90 }
91 if (isset($errors))
92 {
93 header("location: ".$settings['forum_address']."register.php?action=activation_failed");
94 die();
95 }
96 }
97
98 if (isset($_POST['register_submit']))
99 {
100 if($settings['register_by_admin_only'] == 0
101 || isset($_SESSION[$settings['session_prefix'].'user_type'])
102 && $_SESSION[$settings['session_prefix'].'user_type'] == "admin")
103 {
104 $new_user_name = (!empty($_POST['new_user_name'])) ? trim($_POST['new_user_name']) : "";
105 $new_user_email = (!empty($_POST['new_user_email'])) ? trim($_POST['new_user_email']) : "";
106 $reg_pw = (!empty($_POST['reg_pw'])) ? $_POST['reg_pw'] : "";
107 $reg_pw_conf = (!empty($_POST['reg_pw_conf'])) ? $_POST['reg_pw_conf'] : "";
108
109 # form complete?
110 if ($new_user_name=='' || $new_user_email=='' || $reg_pw=='' || $reg_pw_conf=='')
111 {
112 $errors[] = $lang['error_form_uncompl'];
113 }
114
115 if (empty($errors))
116 {
117 # password and repeatet Password equal?
118 if ($reg_pw != $reg_pw_conf)
119 {
120 $errors[] = $lang['reg_pw_conf_wrong'];
121 }
122 # name too long?
123 if (mb_strlen($new_user_name) > $settings['name_maxlength'])
124 {
125 $errors[] = $lang['name_marking'] . " " .$lang['error_input_too_long'];
126 }
127 # e-mail address too long?
128 if (mb_strlen($new_user_email) > $settings['email_maxlength'])
129 {
130 $errors[] = $lang['email_marking'] . " " .$lang['error_input_too_long'];
131 }
132 # word in username too long?
133 $text_arr = explode(" ",$new_user_name);
134 for ($i=0; $i<count($text_arr); $i++)
135 {
136 trim($text_arr[$i]);
137 $laenge = mb_strlen($text_arr[$i]);
138 if ($laenge > $settings['name_word_maxlength'])
139 {
140 $error_nwtl = str_replace("[word]", htmlspecialchars(mb_substr($text_arr[$i],0,$settings['name_word_maxlength']))."...", $lang['error_name_word_too_long']);
141 $errors[] = $error_nwtl;
142 }
143 }
144 # look if name already exists:
145 $name_result = mysql_query("SELECT user_name FROM ".$db_settings['userdata_table']." WHERE user_name = '".mysql_real_escape_string($new_user_name)."' LIMIT 1", $connid);
146 if (!$name_result) die($lang['db_error']);
147 $field = mysql_fetch_assoc($name_result);
148 mysql_free_result($name_result);
149 if (mb_strtolower($field["user_name"]) == mb_strtolower($new_user_name) && $new_user_name != "")
150 {
151 $lang['error_name_reserved'] = str_replace("[name]", htmlspecialchars($new_user_name), $lang['error_name_reserved']);
152 $errors[] = $lang['error_name_reserved'];
153 }
154 # look, if e-mail already exists:
155 $email_result = mysql_query("SELECT user_email FROM ".$db_settings['userdata_table']." WHERE user_email = '".mysql_real_escape_string($new_user_email)."'", $connid);
156 if (!$email_result) die($lang['db_error']);
157 $field = mysql_fetch_assoc($email_result);
158 mysql_free_result($email_result);
159 if (mb_strtolower($field["user_email"]) == mb_strtolower($new_user_email) && $new_user_email != "")
160 {
161 $errors[] = str_replace("[e-mail]", htmlspecialchars($new_user_email), $lang['error_email_reserved']);
162 }
163 # e-mail correct?
164 if (!preg_match("/^[^@]+@.+\.\D{2,5}$/", $new_user_email))
165 {
166 $errors[] = $lang['error_email_wrong'];
167 }
168
169 # CAPTCHA check:
170 if (empty($_SESSION[$settings['session_prefix'].'user_id']) && $settings['captcha_register']==1)
171 {
172 if (empty($_SESSION['captcha_session']))
173 {
174 $errors[] = $lang['captcha_code_invalid'];
175 }
176 if (empty($errors))
177 {
178 if ($settings['captcha_type']==1)
179 {
180 if ($captcha->check_captcha($_SESSION['captcha_session'],$_POST['captcha_code'])!=TRUE)
181 {
182 $errors[] = $lang['captcha_code_invalid'];
183 }
184 }
185 else
186 {
187 if ($captcha->check_math_captcha($_SESSION['captcha_session'][2],$_POST['captcha_code'])!=TRUE)
188 {
189 $errors[] = $lang['captcha_code_invalid'];
190 }
191 }
192 }
193 }
194 }
195
196 # check for not accepted words in name and e-mail:
197 $result = mysql_query("SELECT list FROM ".$db_settings['banlists_table']." WHERE name = 'words' LIMIT 1", $connid);
198 if (!$result) die($lang['db_error']);
199 $data = mysql_fetch_assoc($result);
200 mysql_free_result($result);
201 if (trim($data['list']) != '')
202 {
203 $not_accepted_words = explode(',',trim($data['list']));
204 foreach ($not_accepted_words as $not_accepted_word)
205 {
206 if ($not_accepted_word!=''
207 && (preg_match("/".$not_accepted_word."/i",$new_user_name)
208 || preg_match("/".$not_accepted_word."/i",$new_user_email)))
209 {
210 $errors[] = $lang['error_reg_not_accepted_word'];
211 break;
212 }
213 }
214 }
215
216 # save user if no errors:
217 if (empty($errors))
218 {
219 $new_user_type = "user";
220 $encoded_new_user_pw = md5($reg_pw);
221 $activate_code = md5(uniqid(rand()));
222 $newUserQuery = "INSERT INTO ".$db_settings['userdata_table']." SET
223 user_type = '".mysql_real_escape_string($new_user_type)."',
224 user_name = '".mysql_real_escape_string($new_user_name)."',
225 user_pw = '".mysql_real_escape_string($encoded_new_user_pw)."',
226 user_email = '".mysql_real_escape_string($new_user_email)."',
227 hide_email = '1',
228 profile = '',
229 last_login = NOW(),
230 last_logout = NOW(),
231 ip_addr = INET_ATON('". $_SERVER["REMOTE_ADDR"] ."'),
232 registered = NOW(),
233 user_view = '".mysql_real_escape_string($settings['standard'])."',
234 personal_messages = '1',
235 activate_code = '".mysql_real_escape_string($activate_code)."'";
236 @mysql_query($newUserQuery, $connid) or die($lang['db_error']);
237
238 # get new user ID:
239 $new_user_id_result = mysql_query("SELECT user_id FROM ".$db_settings['userdata_table']." WHERE user_name = '".mysql_real_escape_string($new_user_name)."' LIMIT 1", $connid);
240 if (!$new_user_id_result) die($lang['db_error']);
241 $field = mysql_fetch_assoc($new_user_id_result);
242 $new_user_id = $field['user_id'];
243 mysql_free_result($new_user_id_result);
244
245 # send e-mail with activation key to new user:
246 $emailbody = strip_tags($lang['new_user_email_txt']);
247 $emailbody = str_replace("[name]", $new_user_name, $emailbody);
248 $emailbody = str_replace("[activate_link]", $settings['forum_address']."register.php?id=".$new_user_id."&key=".$activate_code, $emailbody);
249 $subject = strip_tags($lang['new_user_email_sj']);
250 $an = mb_encode_mimeheader($new_user_name,'UTF-8')." <".$new_user_email.">";
251 $sent = processEmail($an, $subject, $emailbody);
252 unset($emailbody);
253 unset($subject);
254 unset($an);
255 # Bestätigung anzeigen:
256 $action = "registered";
257 }
258 else
259 {
260 unset($action);
261 }
262 }
263 }
264
265 $wo = strip_tags($lang['register_hl']);
266 $topnav = '<img src="img/where.png" alt="" width="11" height="8" /><b>'.$lang['register_hl'].'</b>';
267 parse_template();
268 echo $header;
269
270 if (empty($action))
271 {
272 $action = 'main';
273 }
274
275 switch($action)
276 {
277 case 'main':
278 if ($settings['register_by_admin_only'] == 0 ||
279 isset($_SESSION[$settings['session_prefix'].'user_type'])
280 && $_SESSION[$settings['session_prefix'].'user_type'] == "admin")
281 {
282 if (empty($_SESSION[$settings['session_prefix'].'user_id']) && $settings['captcha_register']==1)
283 {
284 if ($settings['captcha_type']==1) $_SESSION['captcha_session'] = $captcha->generate_code();
285 else $_SESSION['captcha_session'] = $captcha->generate_math_captcha();
286 }
287 echo '<p class="normal">'.$lang['register_exp'].'</p>'."\n";
288 # Wenn Fehler, dann Fehlermeldungen ausgeben:
289 if (isset($errors))
290 {
291 echo errorMessages($errors);
292 }
293 echo '<form action="register.php" method="post"><div>'."\n";
294 if (empty($_SESSION[$settings['session_prefix'].'user_id'])
295 && $settings['captcha_register']==1)
296 {
297 echo '<input type="hidden" name="'.session_name().'" value="'.session_id().'" />';
298 }
299 echo "\n".'<p><b>'.$lang['username_marking'].'</b><br />';
300 echo '<input type="text" size="25" name="new_user_name" value="';
301 echo (isset($new_user_name)) ? htmlspecialchars($new_user_name) : '';
302 echo '" maxlength="'.$settings['name_maxlength'].'" /></p>'."\n";
303 echo '<p><b>'.$lang['user_email_marking'].'</b><br />';
304 echo '<input type="text" size="25" name="new_user_email" value="';
305 echo (isset($new_user_email)) ? htmlspecialchars($new_user_email) : '';
306 echo '" maxlength="'.$settings['email_maxlength'].'" /></p>'."\n";
307 echo '<p><b>'.$lang['reg_pw'].'</b><br />';
308 echo '<input type="password" size="25" name="reg_pw" /></p>'."\n";
309 echo '<p><b>'.$lang['reg_pw_conf'].'</b><br />';
310 echo '<input type="password" size="25" name="reg_pw_conf" /></p>'."\n";
311
312 # CAPTCHA:
313 if (empty($_SESSION[$settings['session_prefix'].'user_id'])
314 && $settings['captcha_register']==1)
315 {
316 echo '<p><b>'.$lang['captcha_marking'].'</b></p>'."\n";
317 if ($settings['captcha_type']==1)
318 {
319 echo '<p><img class="captcha" src="captcha/captcha_image.php?'.SID;
320 echo '" alt="'.outputLangDebugInAttributes($lang['captcha_image_alt']).'" width="180" height="40"/></p>'."\n";
321 echo '<p>'.$lang['captcha_expl_image'].'<br />';
322 echo '<input type="text" name="captcha_code" value="" size="10" /></p>'."\n";
323 }
324 else
325 {
326 echo '<p>'.$lang['captcha_expl_math'].'<br />';
327 echo $_SESSION['captcha_session'][0].' + '.$_SESSION['captcha_session'][1];
328 echo ' = <input type="text" name="captcha_code" value="" size="5" /></p>'."\n";
329 }
330 }
331 echo '<p><input type="submit" name="register_submit" value="';
332 echo outputLangDebugInAttributes($lang['reg_subm_button']).'" /></p>'."\n".'</div>'."\n".'</form>'."\n";
333 }
334 else
335 {
336 $lang['reg_only_via_admin'] = str_replace("[forum-email]", '<a class="textlink" href="contact.php?forum_contact=true">'.$lang['contact_linkname'].'</a>', $lang['reg_only_via_admin']);
337 echo '<p>'.$lang['reg_only_via_admin'].'</p>'."\n";
338 }
339 break;
340 case 'registered':
341 if ($sent === true)
342 {
343 $lang['registered_ok'] = str_replace("[name]", htmlspecialchars(stripslashes($new_user_name)), $lang['registered_ok']);
344 $lang['registered_ok'] = str_replace("[email]", htmlspecialchars(stripslashes($new_user_email)), $lang['registered_ok']);
345 echo '<p class="normal">'.$lang['registered_ok'].'</p>'."\n";
346 }
347 else
348 {
349 echo '<p class="normal">'.$lang['reg_ok_but_mail_prob'].'</p>'."\n";
350 }
351 break;
352 case 'activation_failed';
353 echo '<p class="normal">'.$lang['activation_failed'].'</p>'."\n";
354 break;
355 }
356
357 echo $footer;
358 ?>
a fork of mylittleforum version 1