cleanup the rest of the new register logic

2024-09-20 06:15:11 +00:00 · 2012-08-22 19:39:12 -07:00 · 2012-08-22 19:39:12 -07:00 · 136380fede
commit 136380fede
parent 2140c2ea37
3 changed files with 96 additions and 92 deletions
--- a/include/account.php
+++ b/include/account.php
@ -121,9 +121,8 @@ function create_account($arr) {
 	$password_encoded = hash('whirlpool', $salt . $password);

 	$r = q("INSERT INTO account 
-			( account_parent,  account_salt, account_password, account_email, account_language, 
-			  account_created, account_flags,    account_roles, account_expires, 
-			  account_service_class )
+			( account_parent,  account_salt,  account_password, account_email,   account_language, 
+			  account_created, account_flags, account_roles,    account_expires, account_service_class )
 		VALUES ( %d, '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s' )",
 		intval($parent),
 		dbesc($salt),
@ -184,3 +183,79 @@ function account_verify_password($email,$pass) {
 }


+function send_reg_approval_email($arr) {
+
+	$r = q("select * from account where account_roles & " . intval(ACCOUNT_ROLE_ADMIN));
+	if(! ($r && count($r)))
+		return false;
+
+	$admins = array();
+
+	foreach($r as $rr) {
+		if(strlen($rr['account_email'])) {
+			$admins[] = array('email' => $rr['account_email'], 'lang' => $rr['account_lang']);
+		}
+	}
+
+	if(! count($admins))
+		return false;
+
+	$hash = random_string();
+
+	$r = q("INSERT INTO register ( hash, created, uid, password, language ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
+		dbesc($hash),
+		dbesc(datetime_convert()),
+		intval($arr['account']['account_id']),
+		dbesc($arr['password']),
+		dbesc($arr['account']['account_language'])
+	);
+
+	$delivered = 0;
+
+	foreach($admins as $admin) {
+		if(strlen($admin['lang']))
+			push_lang($admin['lang']);
+		else
+			push_lang('en');
+
+
+		$email_msg = replace_macros(get_intltext_template('register_verify_email.tpl'), array(
+			'$sitename' => get_config('config','sitename'),
+			'$siteurl'  =>  z_root(),
+			'$email'    => $arr['email'],
+			'$uid'      => $arr['account']['account_id'],
+			'$hash'     => $hash
+		 ));
+
+		$res = mail($admin['email'], sprintf( t('Registration request at %s'), get_config('config','sitename')),
+			$email_msg,
+			'From: ' . t('Administrator') . '@' . get_app()->get_hostname() . "\n"
+			. 'Content-type: text/plain; charset=UTF-8' . "\n"
+			. 'Content-transfer-encoding: 8bit' 
+		);
+
+		if($res)
+			$delivered ++;
+		pop_lang();
+	}
+
+	return($delivered ? true : false);
+}
+
+function send_verification_email($email,$password) {
+
+	$email_msg = replace_macros(get_intltext_template('register_open_eml.tpl'), array(
+		'$sitename' => $get_config('config','sitename'),
+		'$siteurl' =>  z_root(),
+		'$email'    => $email,
+		'$password' => $password,
+	));
+
+	$res = mail($email, sprintf( t('Registration details for %s'), get_config('config','sitename')),
+		$email_msg, 
+		'From: ' . t('Administrator') . '@' . get_app()->get_hostname() . "\n"
+		. 'Content-type: text/plain; charset=UTF-8' . "\n"
+		. 'Content-transfer-encoding: 8bit' 
+	);
+	return($res ? true : false);
+}
--- a/mod/zregister.php
+++ b/mod/zregister.php
@ -57,11 +57,10 @@ function zregister_post(&$a) {

 		default:
 		case REGISTER_CLOSED:
-			// TODO check against service class and fix this line
-			//		if((! x($_SESSION,'authenticated') && (! x($_SESSION,'administrator')))) {
-			//			notice( t('Permission denied.') . EOL );
-			//			return;
-			//		}
+			if(! is_site_admin()) {
+				notice( t('Permission denied.') . EOL );
+				return;
+			}
 			$flags = ACCOUNT_UNVERIFIED | ACCOUNT_BLOCKED;
 			break;
 	}
@ -79,102 +78,32 @@ function zregister_post(&$a) {

 	authenticate_success($result['account'],true,true);

-//???
-	// in fact we need the sponsor, not the user
-	$user = $result['user'];
-///
- 
-	$using_invites = get_config('system','invitation_only');
-	$num_invites   = get_config('system','number_invites');
-	$invite_id  = ((x($_POST,'invite_id'))  ? notags(trim($_POST['invite_id']))  : '');
+ 	$using_invites = intval(get_config('system','invitation_only'));
+	$num_invites   = intval(get_config('system','number_invites'));
+	$invite_code   = ((x($_POST,'invite_code'))  ? notags(trim($_POST['invite_code']))  : '');

+	if($using_invites && $invite_code) {
+		q("delete * from register where hash = '%s' limit 1", dbesc($invite_code));
+		set_pconfig($result['account']['account_id'],'system','invites_remaining',$num_invites);
+	}

 	if($policy == REGISTER_OPEN ) {
-
-		if($using_invites && $invite_code) {
-			q("delete * from register where hash = '%s' limit 1", dbesc($invite_code));
-// set $sponsor
-			set_pconfig($sponsor['uid'],'system','invites_remaining',$num_invites);
-		}
-
-		$email_tpl = get_intltext_template("register_open_eml.tpl");
-		$email_tpl = replace_macros($email_tpl, array(
-			'$sitename' => $a->config['sitename'],
-			'$siteurl' =>  $a->get_baseurl(),
-			'$email'    => $user['email'],
-			'$password' => $result['password'],
-		));
-
-		$res = mail($user['email'], sprintf(t('Registration details for %s'), $a->config['sitename']),
-			$email_tpl, 
-				'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
-				. 'Content-type: text/plain; charset=UTF-8' . "\n"
-				. 'Content-transfer-encoding: 8bit' );
-
+		$res = send_verification_email($result['email'],$result['password']);
 		if($res) {
 			info( t('Registration successful. Please check your email for validation instructions.') . EOL ) ;
-			
-
-
-
 			goaway(z_root());
 		}
 	}
 	elseif($policy == REGISTER_APPROVE) {
-
-		if(! strlen($a->config['admin_email'])) {
-			notice( t('Your registration can not be processed.') . EOL);
-			goaway(z_root());
-		}
-
-		$hash = random_string();
-		$r = q("INSERT INTO `register` ( `hash`, `created`, `uid`, `password`, `language` ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
-			dbesc($hash),
-			dbesc(datetime_convert()),
-			intval($user['uid']),
-			dbesc($result['password']),
-			dbesc($a->language)
-		);
-
-		$r = q("SELECT `language` FROM `user` WHERE `email` = '%s' LIMIT 1",
-			dbesc($a->config['admin_email'])
-		);
-		if(count($r))
-			push_lang($r[0]['language']);
-		else
-			push_lang('en');
-
-		if($using_invites && $invite_id) {
-			q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
-			set_pconfig($sponsor['uid'],'system','invites_remaining',$num_invites);
-		}
-
-		$email_tpl = get_intltext_template("register_verify_eml.tpl");
-		$email_tpl = replace_macros($email_tpl, array(
-				'$sitename' => $a->config['sitename'],
-				'$siteurl' =>  $a->get_baseurl(),
-				'$username' => $user['username'],
-				'$email' => $user['email'],
-				'$password' => $result['password'],
-				'$uid' => $user['uid'],
-				'$hash' => $hash
-		 ));
-
-		$res = mail($a->config['admin_email'], sprintf(t('Registration request at %s'), $a->config['sitename']),
-			$email_tpl,
-				'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
-				. 'Content-type: text/plain; charset=UTF-8' . "\n"
-				. 'Content-transfer-encoding: 8bit' );
-
-		pop_lang();
-
+		$res = send_reg_approval_email($result);
 		if($res) {
 			info( t('Your registration is pending approval by the site owner.') . EOL ) ;
-			goaway(z_root());
 		}
-
+		else {
+			notice( t('Your registration can not be processed.') . EOL);
+		}
+		goaway(z_root());
 	}
-
 	return;
 }

--- a/version.inc
+++ b/version.inc
@ -1 +1 @@
-2012-08-21.53
+2012-08-22.54