mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-19 23:55:19 +00:00
327 lines
12 KiB
PHP
327 lines
12 KiB
PHP
<?php
|
|
|
|
namespace Code\Module;
|
|
|
|
use Code\Lib\Account;
|
|
use Code\Web\Controller;
|
|
use Code\Lib\Channel;
|
|
use Code\Lib\Config;
|
|
use Code\Access\PermissionRoles;
|
|
use Code\Render\Theme;
|
|
use Gregwar\Captcha\PhraseBuilder;
|
|
|
|
|
|
require_once('include/security.php');
|
|
|
|
class Register extends Controller
|
|
{
|
|
|
|
public function init()
|
|
{
|
|
|
|
$result = null;
|
|
$cmd = ((argc() > 1) ? argv(1) : '');
|
|
|
|
// Provide a stored request for somebody desiring a connection
|
|
// when they first need to register someplace. Once they've
|
|
// created a channel, we'll try to revive the connection request
|
|
// and process it.
|
|
|
|
if ($_REQUEST['connect']) {
|
|
$_SESSION['connect'] = $_REQUEST['connect'];
|
|
}
|
|
|
|
switch ($cmd) {
|
|
case 'invite_check.json':
|
|
$result = Account::check_invite($_REQUEST['invite_code']);
|
|
break;
|
|
case 'email_check.json':
|
|
$result = Account::check_email($_REQUEST['email'], $_SERVER['REMOTE_ADDR'] ?? '');
|
|
break;
|
|
case 'password_check.json':
|
|
$result = Account::check_password($_REQUEST['password1']);
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
if ($result) {
|
|
json_return_and_die($result);
|
|
}
|
|
}
|
|
|
|
|
|
public function post()
|
|
{
|
|
|
|
// security token is session_id() based, and we have a transient session, so we can't use it here.
|
|
//check_form_security_token_redirectOnErr('/register', 'register');
|
|
|
|
if (isset($_SESSION['phrase']) && ! PhraseBuilder::comparePhrases($_SESSION['phrase'], $_POST['phrase'])) {
|
|
notice(t('Invalid security response') . EOL);
|
|
unset($_SESSION['phrase']);
|
|
return;
|
|
}
|
|
|
|
unset($_SESSION['phrase']);
|
|
$max_dailies = intval(get_config('system', 'max_daily_registrations'));
|
|
if ($max_dailies) {
|
|
$r = q(
|
|
"select count(account_id) as total from account where account_created > %s - INTERVAL %s",
|
|
db_utcnow(),
|
|
db_quoteinterval('1 day')
|
|
);
|
|
if ($r && intval($r[0]['total']) >= $max_dailies) {
|
|
notice(t('Maximum daily site registrations exceeded. Please try again tomorrow.') . EOL);
|
|
return;
|
|
}
|
|
}
|
|
|
|
if (Config::Get('system','tos_required') && !(isset($_POST['tos']) && intval($_POST['tos']))) {
|
|
notice(t('Please indicate acceptance of the Terms of Service. Registration failed.') . EOL);
|
|
return;
|
|
}
|
|
|
|
$policy = get_config('system', 'register_policy');
|
|
|
|
$email_verify = get_config('system', 'verify_email');
|
|
|
|
|
|
switch ($policy) {
|
|
case REGISTER_OPEN:
|
|
$flags = ACCOUNT_OK;
|
|
break;
|
|
|
|
case REGISTER_APPROVE:
|
|
$flags = ACCOUNT_BLOCKED | ACCOUNT_PENDING;
|
|
break;
|
|
|
|
default:
|
|
case REGISTER_CLOSED:
|
|
if (!is_site_admin()) {
|
|
notice(t('Permission denied.') . EOL);
|
|
return;
|
|
}
|
|
$flags = ACCOUNT_BLOCKED;
|
|
break;
|
|
}
|
|
|
|
if ($email_verify && $policy == REGISTER_OPEN) {
|
|
$flags = $flags | ACCOUNT_UNVERIFIED;
|
|
}
|
|
|
|
|
|
if ((!$_POST['password']) || ($_POST['password'] !== $_POST['password2'])) {
|
|
notice(t('Passwords do not match.') . EOL);
|
|
return;
|
|
}
|
|
|
|
$arr = $_POST;
|
|
$arr['account_flags'] = $flags;
|
|
|
|
$result = Account::create($arr);
|
|
|
|
if (!$result['success']) {
|
|
notice($result['message']);
|
|
return;
|
|
}
|
|
|
|
require_once('include/security.php');
|
|
|
|
|
|
if ($_REQUEST['name']) {
|
|
set_aconfig($result['account']['account_id'], 'register', 'channel_name', $_REQUEST['name']);
|
|
}
|
|
if ($_REQUEST['nickname']) {
|
|
set_aconfig($result['account']['account_id'], 'register', 'channel_address', $_REQUEST['nickname']);
|
|
}
|
|
if ($_REQUEST['permissions_role']) {
|
|
set_aconfig($result['account']['account_id'], 'register', 'permissions_role', $_REQUEST['permissions_role']);
|
|
}
|
|
if ($_REQUEST['reason']) {
|
|
set_aconfig($result['account']['account_id'], 'register', 'reason', trim(escape_tags($_REQUEST['reason'])));
|
|
}
|
|
|
|
// At this point the account has been created without error. Purge any error messages from prior failed registration
|
|
// attempts which haven't yet been delivered to the browser and start fresh. If you're willing to figure out why they
|
|
// weren't delivered to the browser please adopt zap issue 34.
|
|
|
|
$_SESSION['sysmsg'] = [];
|
|
|
|
$using_invites = intval(get_config('system', 'invitation_only'));
|
|
$num_invites = intval(get_config('system', 'number_invites'));
|
|
$invite_code = ((x($_POST, 'invite_code')) ? notags(trim($_POST['invite_code'])) : '');
|
|
|
|
if ($using_invites && $invite_code && defined('INVITE_WORKING')) {
|
|
q("delete from register where hash = '%s'", dbesc($invite_code));
|
|
// @FIXME - this also needs to be considered when using 'invites_remaining' in mod/invite.php
|
|
set_aconfig($result['account']['account_id'], 'system', 'invites_remaining', $num_invites);
|
|
}
|
|
|
|
if ($policy == REGISTER_OPEN) {
|
|
if ($email_verify) {
|
|
$res = Account::verify_email_address($result);
|
|
} else {
|
|
$res = Account::send_register_success_email($result['email'], $result['password']);
|
|
}
|
|
if ($res) {
|
|
if ($invite_code) {
|
|
info(t('Registration successful. Continue to create your first channel...') . EOL);
|
|
} else {
|
|
info(t('Registration successful. Please check your email for validation instructions.') . EOL);
|
|
}
|
|
}
|
|
} elseif ($policy == REGISTER_APPROVE) {
|
|
$res = Account::send_reg_approval_email($result);
|
|
if ($res) {
|
|
info(t('Your registration is pending approval by the site owner.') . EOL);
|
|
} else {
|
|
notice(t('Your registration can not be processed.') . EOL);
|
|
}
|
|
goaway(z_root());
|
|
}
|
|
|
|
if ($email_verify) {
|
|
goaway(z_root() . '/email_validation/' . bin2hex($result['email']));
|
|
}
|
|
|
|
// fall through and authenticate if no approvals or verifications were required.
|
|
|
|
authenticate_success($result['account'], false, true, false, true);
|
|
|
|
$new_channel = false;
|
|
$next_page = 'new_channel';
|
|
|
|
if (get_config('system', 'auto_channel_create')) {
|
|
$new_channel = Channel::auto_create($result['account']['account_id']);
|
|
if ($new_channel['success']) {
|
|
$channel_id = $new_channel['channel']['channel_id'];
|
|
change_channel($channel_id);
|
|
$next_page = '~';
|
|
} else {
|
|
$new_channel = false;
|
|
}
|
|
}
|
|
|
|
$x = get_config('system', 'workflow_register_next');
|
|
if ($x) {
|
|
$next_page = $x;
|
|
$_SESSION['workflow'] = true;
|
|
}
|
|
|
|
unset($_SESSION['login_return_url']);
|
|
goaway(z_root() . '/' . $next_page);
|
|
}
|
|
|
|
|
|
public function get()
|
|
{
|
|
|
|
$registration_is = EMPTY_STR;
|
|
$other_sites = false;
|
|
|
|
if (intval(get_config('system', 'register_policy')) === REGISTER_CLOSED) {
|
|
notice(t('Registration on this website is disabled.') . EOL);
|
|
$other_sites = true;
|
|
}
|
|
|
|
if (intval(get_config('system', 'register_policy')) == REGISTER_APPROVE) {
|
|
$registration_is = t('Registration on this website is by approval only.');
|
|
$other_sites = true;
|
|
}
|
|
|
|
$invitations = false;
|
|
|
|
if (intval(get_config('system', 'invitation_only')) && defined('INVITE_WORKING')) {
|
|
$invitations = true;
|
|
$registration_is = t('Registration on this site is by invitation only.');
|
|
$other_sites = true;
|
|
}
|
|
|
|
$max_dailies = intval(get_config('system', 'max_daily_registrations'));
|
|
if ($max_dailies) {
|
|
$r = q(
|
|
"select count(account_id) as total from account where account_created > %s - INTERVAL %s",
|
|
db_utcnow(),
|
|
db_quoteinterval('1 day')
|
|
);
|
|
if ($r && $r[0]['total'] >= $max_dailies) {
|
|
logger('max daily registrations exceeded.');
|
|
notice(t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.') . EOL);
|
|
return '';
|
|
}
|
|
}
|
|
|
|
$privacy_role = ((x($_REQUEST, 'permissions_role')) ? $_REQUEST['permissions_role'] : "");
|
|
|
|
$perm_roles = PermissionRoles::roles();
|
|
|
|
// Configurable terms of service link
|
|
|
|
$tosurl = get_config('system', 'tos_url');
|
|
if (!$tosurl) {
|
|
$tosurl = z_root() . '/legal';
|
|
}
|
|
|
|
$toslink = '<a href="' . $tosurl . '" target="_blank">' . t('Terms of Service') . '</a>';
|
|
|
|
// Configurable whether to restrict age or not - default is based on international legal requirements
|
|
// This can be relaxed if you are on a restricted server that does not share with public servers
|
|
|
|
if (get_config('system', 'no_age_restriction')) {
|
|
$label_tos = sprintf(t('I accept the %s for this website'), $toslink);
|
|
} else {
|
|
$age = get_config('system', 'minimum_age');
|
|
if (!$age) {
|
|
$age = 13;
|
|
}
|
|
$label_tos = sprintf(t('I am over %s years of age and accept the %s for this website'), $age, $toslink);
|
|
}
|
|
|
|
if (Config::Get('system','use_captcha', true)) {
|
|
$phrase = ['phrase', 'Please enter the text from the image', '', ''];
|
|
}
|
|
|
|
$enable_tos = Config::Get('system','tos_required');
|
|
|
|
$email = ['email', t('Your email address'), ((x($_REQUEST, 'email')) ? strip_tags(trim($_REQUEST['email'])) : ""), '', '', ' required '];
|
|
$password = ['password', t('Choose a password'), '', '', '', ' required '];
|
|
$password2 = ['password2', t('Please re-enter your password'), '', '', '', ' required '];
|
|
$invite_code = ['invite_code', t('Please enter your invitation code'), ((x($_REQUEST, 'invite_code')) ? strip_tags(trim($_REQUEST['invite_code'])) : "")];
|
|
$name = ['name', t('Your Name'), ((x($_REQUEST, 'name')) ? $_REQUEST['name'] : ''), t('Real names are preferred.')];
|
|
$nickhub = '@' . str_replace(['http://', 'https://', '/'], '', get_config('system', 'baseurl'));
|
|
$nickname = ['nickname', t('Choose a short nickname'), ((x($_REQUEST, 'nickname')) ? $_REQUEST['nickname'] : ''), sprintf(t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'), $nickhub)];
|
|
$role = ['permissions_role', t('Channel role and privacy'), ($privacy_role) ?: 'social', t('Select a channel permission role for your usage needs and privacy requirements.'), $perm_roles];
|
|
$tos = ['tos', $label_tos, '', '', [t('no'), t('yes')], ' required '];
|
|
|
|
|
|
$auto_create = (bool)get_config('system', 'auto_channel_create');
|
|
$default_role = get_config('system', 'default_permissions_role', 'social_restricted');
|
|
$email_verify = get_config('system', 'verify_email');
|
|
|
|
|
|
$o = replace_macros(Theme::get_template('register.tpl'), [
|
|
'$form_security_token' => get_form_security_token("register"),
|
|
'$title' => t('Registration'),
|
|
'$reg_is' => $registration_is,
|
|
'$registertext' => bbcode(get_config('system', 'register_text')),
|
|
'$other_sites' => (($other_sites) ? t('<a href="communities">Show affiliated sites - some of which may allow registration.</a>') : EMPTY_STR),
|
|
'$invitations' => $invitations,
|
|
'$invite_code' => $invite_code,
|
|
'$auto_create' => $auto_create,
|
|
'$name' => $name,
|
|
'$role' => $role,
|
|
'$default_role' => $default_role,
|
|
'$nickname' => $nickname,
|
|
'$enable_tos' => $enable_tos,
|
|
'$tos' => $tos,
|
|
'$phrase' => $phrase,
|
|
'$email' => $email,
|
|
'$pass1' => $password,
|
|
'$pass2' => $password2,
|
|
'$submit' => t('Register'),
|
|
'$verify_note' => (($email_verify) ? t('This site requires email verification. After completing this form, please check your email for further instructions.') : ''),
|
|
]);
|
|
|
|
return $o;
|
|
}
|
|
}
|