#The Registration page View#--------------------------<h1 class="headingMi

1. #The Registration page View
2. #--------------------------
3.  
4. <h1 class="headingMiddleColumn">Register</h1>
5. <div class="middleContent" style="margin-left: 15px; margin-right: 15px;">
6. <% if flash[:notice] %>
7. <span style="margin-top: 50px; clear: left; color: #ff0000;"><br /><%= flash[:notice] %></span><br />
8. <% end %>
9.  
10. <%= flash[:errors] %>
11.  
12. <%= start_form_tag :action => 'register_user' %><br />
13. <p>Please provide the information below and click on 'Submit' to become a registered user.</p><br />
14. <p><label for="user_username">Preferred username:</label><br/>
15. <%= text_field 'user', 'username' %></p><br />
16.  
17. <p><label for="user_email">Email:</label><br/>
18. <%= text_field 'user', 'email' %></p><br />
19.  
20. <p><label for="user_firstname">Firstname:</label><br/>
21. <%= text_field 'user', 'firstname' %></p><br />
22.  
23. <p><label for="user_surname">Surname:</label><br/>
24. <%= text_field 'user', 'surname' %></p><br />
25.  
26. <p><label for="user_password">Password:</label><br/>
27. <%= password_field 'user', 'password' %></p><br />
28.  
29. <p><label for="user_password">Re-enter password:</label><br/>
30. <%= password_field 'user', 'password_conf' %></p><br />
31.  
32. <%= submit_tag "Submit" %>
33. <%= end_form_tag %>
34. <br /><br />
35.  
36. <h1 class="headingMiddleColumn">Forgotten Password</h1>
37. <br />
38. <p>Please enter your username and a new password will be emailed to you.</p>
39. <%= start_form_tag :action => 'lost_pass'%><br />
40.  
41. <p><label for="user_username">Username:</label><br/>
42. <%= text_field_tag 'username' %></p>
43. <br />
44. <%= submit_tag "Submit" %>
45. <%= end_form_tag %>
46.  
47.  
48. #The controller action
49. #---------------------
50. def register_user
51. if(params[:user][:password] == nil || params[:user][:password_conf] == nil)
52. flash[:notice] = "Passwords cannot be empty"
53.  
54. redirect_to :action => "register"
55. elsif(params[:user][:email] == nil )
56. flash[:notice] = "Email Address Cannot be empty"
57. redirect_to :action => "register"
58. elsif(params[:user][:firstname] == nil || params[:user][:surname] == nil)
59. flash[:notice] = "Both Firstname and Surname cannot be empty"
60. redirect_ro :action => "register"
61. else
62. if(params[:user][:password] == params[:user][:password_conf])
63. @user = User.create(:username => params[:user][:username])
64. @user.email = params[:user][:email]
65. @user.firstname = params[:user][:firstname]
66. @user.surname = params[:user][:surname]
67. @user.password = params[:user][:password]
68. role = Role.find_by_name("Forum User")
69. @user.roles << role
70. if @user.save
71. flash[:notice] = "Registration successful, please login using your username and password."
72. redirect_to :action => "register"
73. else
74. redirect_to :action => "register"
75. end
76.  
77. else
78. flash[:notice] = "Error passwords do not match."
79. redirect_to :action => "register"
80. end
81. end
82. end
83.  
84. #The Model
85. #---------
86.  
87. require 'digest/sha2'
88. class User < ActiveRecord::Base
89. has_and_belongs_to_many :roles
90. validates_uniqueness_of :username
91. validates_presence_of :email, :firstname, :surname
92.  
93.  
94.  
95. def password=(pass)
96. salt = [Array.new(6){rand(256).chr}.join].pack("m").chomp
97. self.password_salt, self.password_hash = salt, Digest::SHA256.hexdigest(pass + salt)
98. end
99.  
100. def self.authenticate(username, password)
101. user = User.find(:first, :conditions => ['username = ?', username])
102. if user.blank? || Digest::SHA256.hexdigest(password + user.password_salt) != user.password_hash
103. return false
104. end
105. user
106. end
107.  
108. def self.random_string(limit)
109. Array.new(limit, "").collect{(("a".."z").to_a + ("A".."Z").to_a + ("1".."9").to_a)[rand(61)]}.join
110. end
111.  
112. end