API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 22nd, 2017
99
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.44 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /* $Id: register.php,v 1.36.2.4 2007/11/12 15:44:55 umcesrjones Exp $ */
  3. require_once 'includes/classes/WebCalendar.class';
  4.  
  5. $WebCalendar =& new WebCalendar ( __FILE__ );
  6.  
  7. include 'includes/translate.php';
  8. include 'includes/config.php';
  9. include 'includes/dbi4php.php';
  10. include 'includes/formvars.php';
  11. include 'includes/functions.php';
  12.  
  13. $WebCalendar->initializeFirstPhase ();
  14.  
  15. include 'includes/' . $user_inc;
  16. include_once 'includes/access.php';
  17. include 'includes/gradient.php';
  18.  
  19. $WebCalendar->initializeSecondPhase ();
  20.  
  21. load_global_settings ();
  22.  
  23. // TODO make this an option for external users.
  24. $htmlmail = false;
  25.  
  26. load_user_preferences ( 'guest' );
  27.  
  28. $WebCalendar->setLanguage ();
  29.  
  30. require ( 'includes/classes/WebCalMailer.class' );
  31. $mail = &new WebCalMailer;
  32.  
  33. $appStr = generate_application_name ();
  34.  
  35. $error = ( empty ( $ALLOW_SELF_REGISTRATION ) || $ALLOW_SELF_REGISTRATION != 'Y'
  36. ? print_not_auth (26) : '' );
  37.  
  38. if ( empty ( $SELF_REGISTRATION_FULL ) || $SELF_REGISTRATION_FULL != 'Y' )
  39. $SELF_REGISTRATION_FULL = 'N';
  40.  
  41. $form_control = ( $SELF_REGISTRATION_FULL == 'Y' ? 'email' : 'full' );
  42.  
  43. /* See if new username is unique.
  44. *
  45. * Return true if all is OK.
  46. */
  47. function check_username ( $user ) {
  48. global $control, $error;
  49.  
  50. if ( strlen ( $user ) == 0 ) {
  51. $error = translate ( 'Username cannot be blank.' );
  52. return false;
  53. }
  54. $res = dbi_execute ( 'SELECT cal_login FROM webcal_user WHERE cal_login = ?',
  55. array ( $user ) );
  56. if ( $res ) {
  57. $row = dbi_fetch_row ( $res );
  58. if ( $row[0] == $user ) {
  59. $control = '';
  60. $error = translate ( 'Username already exists.' );
  61. return false;
  62. }
  63. }
  64. return true;
  65. }
  66.  
  67. /* See if email is unique.
  68. *
  69. * Return true if all is OK.
  70. */
  71. function check_email ( $uemail ) {
  72. global $control, $error;
  73.  
  74. if ( ! strlen ( $uemail ) ) {
  75. $error = translate ( 'Email address cannot be blank.' );
  76. return false;
  77. }
  78. $res = dbi_execute ( 'SELECT cal_email FROM webcal_user WHERE cal_email = ?',
  79. array ( $uemail ) );
  80. if ( $res ) {
  81. $row = dbi_fetch_row ( $res );
  82. if ( $row[0] == $uemail ) {
  83. $control = '';
  84. $error = translate ( 'Email address already exists.' );
  85. return false;
  86. }
  87. }
  88. return true;
  89. }
  90.  
  91. /* Generate unique password.
  92. */
  93. function generate_password () {
  94. $pass = '';
  95. $pass_length = 8;
  96. $salt = 'abchefghjkmnpqrstuvwxyz0123456789';
  97. srand ( ( double ) microtime () * 1000000 );
  98. $i = 0;
  99. while ( $i < $pass_length ) {
  100. $pass .= substr ( $salt, rand () % 33, 1 );
  101. $i++;
  102. }
  103. return $pass;
  104. }
  105.  
  106. $uemail = $ufirstname = $ulastname = $upassword1 = $upassword2 = $user = '';
  107.  
  108. // We can limit what domain is allowed to self register.
  109. // $self_registration_domain should have this format "192.168.220.0:255.255.240.0";
  110. $valid_ip = validate_domain ();
  111. if ( empty ( $valid_ip ) )
  112. $error = print_not_auth (36);
  113.  
  114. // We could make $control a unique value if necessary.
  115. $control = getPostValue ( 'control' );
  116. if ( empty ( $error ) && ! empty ( $control ) ) {
  117. $uemail = getPostValue ( 'uemail' );
  118. $ufirstname = getPostValue ( 'ufirstname' );
  119. $uis_admin = 'N';
  120. $ulastname = getPostValue ( 'ulastname' );
  121. $user = trim ( getPostValue ( 'user' ) );
  122. // translate ( 'Illegal characters in login' )
  123. if ( $user != addslashes ( $user ) )
  124. $error = str_replace ( 'XXX', htmlentities ( $user ),
  125. translate ( 'Illegal characters in login XXX.' ) );
  126.  
  127. // Check to make sure user doesn't already exist.
  128. check_username ( $user );
  129.  
  130. // Check to make sure email address doesn't already exist.
  131. check_email ( $uemail );
  132. }
  133.  
  134. if ( empty ( $error ) && ! empty ( $control ) ) {
  135. if ( $control == 'full' ) {
  136. // Process full account addition.
  137. $upassword1 = getPostValue ( 'upassword1' );
  138. $upassword2 = getPostValue ( 'upassword2' );
  139. // Do some checking of user info.
  140. if ( ! empty ( $user ) && ! empty ( $upassword1 ) ) {
  141. if ( get_magic_quotes_gpc () ) {
  142. $upassword1 = stripslashes ( $upassword1 );
  143. $user = stripslashes ( $user );
  144. }
  145. $user = trim ( $user );
  146. if ( $user != addslashes ( $user ) )
  147. $error = str_replace ( 'XXX', htmlentities ( $user ),
  148. translate ( 'Illegal characters in login XXX.' ) );
  149. } else
  150. if ( $upassword1 != $upassword2 ) {
  151. $control = '';
  152. $error = translate ( 'The passwords were not identical.' );
  153. }
  154.  
  155. if ( empty ( $error ) ) {
  156. user_add_user ( $user, $upassword1, $ufirstname, $ulastname,
  157. $uemail, $uis_admin );
  158. activity_log ( 0, 'system', $user, LOG_NEWUSER_FULL,
  159. translate ( 'New user via self-registration.' ) );
  160. }
  161. } elseif ( $control == 'email' ) {
  162. // Process account info for email submission.
  163. // Need to generate unique passwords and email them to the new user.
  164. $new_pass = generate_password ();
  165. // TODO allow admin to approve account and emails prior to processing.
  166. user_add_user ( $user, $new_pass, $ufirstname, $ulastname,
  167. $uemail, $uis_admin );
  168.  
  169. $tempName = trim ( $ufirstname . ' ' . $ulastname );
  170. $msg = str_replace ( ', XXX.',
  171. ( strlen ( $tempName ) ? ', ' . $tempName . '.' : '.' ),
  172. translate ( 'Hello, XXX.' ) ) . "\n\n"
  173. . translate ( 'A new WebCalendar account has been set up for you.' )
  174. . "\n\n"
  175. // translate ( 'Your username is' )
  176. . str_replace ( 'XXX', $user, translate ( 'Your username is XXX.' ) )
  177. . "\n\n"
  178. // translate ( 'Your password is' )
  179. . str_replace ( 'XXX', $new_pass, translate ( 'Your password is XXX.' ) )
  180. . "\n\n"
  181. // translate ( 'Please visit' )
  182. // translate ( 'to log in and start using your account' )
  183. . str_replace ( 'XXX', $appStr,
  184. translate ( 'Please visit XXX to log in and start using your account!' ) )
  185. . "\n";
  186. // Add URL to event, if we can figure it out.
  187. if ( ! empty ( $SERVER_URL ) ) {
  188. $url = $SERVER_URL . 'login.php';
  189. if ( $htmlmail == 'Y' )
  190. $url = activate_urls ( $url );
  191.  
  192. $msg .= "\n\n" . $url;
  193. }
  194. $msg .= "\n\n"
  195. . translate ( 'You may change your password after logging in the first time.' )
  196. . "\n\n" . translate ( 'If you received this email in error' ) . "\n\n";
  197. $adminStr = translate ( 'Administrator', true );
  198. $name = $appStr . ' ' . translate ( 'Welcome' ) . ': ' . $ufirstname;
  199. // Send via WebCalMailer class.
  200. $mail->WC_Send ( $adminStr, $uemail, $ufirstname . ' '
  201. . $ulastname, $name, $msg, $htmlmail, $EMAIL_FALLBACK_FROM );
  202. activity_log ( 0, 'system', $user, LOG_NEWUSER_EMAIL,
  203. translate ( 'New user via email.' ) );
  204. }
  205. }
  206.  
  207. echo send_doctype ( $appStr );
  208. echo '
  209. <script type="text/javascript" src="includes/js/prototype.js"></script>
  210. <script type="text/javascript">
  211. var validform = false;
  212.  
  213. function valid_form () {
  214. if ( document.selfreg.upassword1.value.length == 0 ) {
  215. alert ( "'
  216. . translate ( 'You have not entered a password.', true ) . '" );
  217. return false;
  218. }
  219. if ( document.selfreg.user.value.length == 0 ) {
  220. alert ( "' . translate ( 'Username cannot be blank.', true ) . '" );
  221. return false;
  222. }
  223. if ( document.selfreg.upassword1.value != document.selfreg.upassword2.value ) {
  224. alert ( "'
  225. . translate ( 'The passwords were not identical.', true ) . '" );
  226. return false;
  227. }
  228.  
  229. checkers ( \'user\', \'register\' );
  230. checkers ( \'uemail\', \'email\' );
  231.  
  232. return validform;
  233. }
  234.  
  235. function checkers ( formfield, params ) {
  236. var ajax = new Ajax.Request ( \'ajax.php\',
  237. {method: \'post\',
  238. parameters: \'page=\' + params + \'&name=\' + $F ( formfield ),
  239. onComplete: showResponse} );
  240. }
  241.  
  242. function showResponse ( originalRequest ) {
  243. if ( originalRequest.responseText ) {
  244. text = originalRequest.responseText;
  245. '// This causes javascript errors in Firefox, but these can be ignored.
  246. . 'alert ( text );
  247. if ( formfield == \'user\' )
  248. document.selfreg.user.focus ();
  249.  
  250. if ( formfield == \'uemail\' )
  251. document.selfreg.uemail.focus ();
  252.  
  253. validform = false;
  254. } else {
  255. validform = true;
  256. }
  257. }
  258. </script>
  259. <link rel="stylesheet" type="text/css" href="css_cacher.php?login=__public__" />'
  260.  
  261. // Print custom header (since we do not call print_header function).
  262. . ( ! empty ( $CUSTOM_SCRIPT ) && $CUSTOM_SCRIPT == 'Y'
  263. ? load_template ( $login, 'S' ) : '' ) . '
  264. </head>
  265. <body id="register">
  266. <h2>' . $appStr . ' ' . translate ( 'Registration' ) . '</h2>'
  267. . ( ! empty ( $error )
  268. ? '
  269. <span style="color:#FF0000; font-weight:bold;">' . translate ( 'Error' )
  270. . ": $error" . '</span><br />'
  271. : '<br /><br />' . ( empty ( $control ) ? '' : '
  272. <form action="login.php" method="post">
  273. <input type="hidden" name="login" value="' . $user . '" />
  274. <table align="center" cellspacing="10" cellpadding="10">
  275. <tr>
  276. <td rowspan="3"><img src="images/register.gif"></td>
  277. <td>' . translate ( 'Welcome to WebCalendar' ) . '</td>
  278. </tr>' . ( $SELF_REGISTRATION_FULL == 'Y' ? '
  279. <tr>
  280. <td colspan="3" align="center"><label>'
  281. . translate ( 'Your email should arrive shortly.' ) . '</label></td>
  282. </tr>' : '' ) . '
  283. <tr>
  284. <td colspan="3" align="center"><input type="submit" value="'
  285. . translate ( 'Return to Login screen' ) . '" /></td>
  286. </tr>
  287. </table>
  288. </form>' ) . '
  289. <form action="register.php" method="post" onSubmit="return valid_form()"
  290. name="selfreg">
  291. <input type="hidden" name="control" value="' . $form_control . '" />
  292. <table align="center" cellpadding="10" cellspacing="10">
  293. <tr>
  294. <td rowspan="3"><img src="images/register.gif" alt="" /></td>
  295. <td align="right"><label>' . translate ( 'Username' ) . ':</label></td>
  296. <td align="left"><input type="text" name="user" id="user" value="'
  297. . $user . '" size="20" maxlength="20" onChange="check_name();" /></td>
  298. </tr>
  299. <tr>
  300. <td align="right"><label>' . translate ( 'First Name' )
  301. . ':</label></td>
  302. <td align="left"><input type="text" name="ufirstname" value="'
  303. . $ufirstname . '" size="25" maxlength="25" /></td>
  304. </tr>
  305. <tr>
  306. <td align="right"><label>' . translate ( 'Last Name' ) . ':</label></td>
  307. <td align="left"><input type="text" name="ulastname" value="'
  308. . $ulastname . '" size="25" maxlength="25" /></td>
  309. </tr>
  310. <tr>
  311. <td align="right" colspan="2"><label>' . translate ( 'E-mail address' )
  312. . ':</label></td>
  313. <td align="left"><input type="text" name="uemail" id="uemail" value="'
  314. . $uemail . '" size="40" maxlength="75" onChange="check_uemail();" /></td>
  315. </tr>
  316. <tr>
  317. <td ' . ( $SELF_REGISTRATION_FULL != 'Y'
  318. ? 'align="right" colspan="2"><label>' . translate ( 'Password' )
  319. . ':</label></td>
  320. <td align="left"><input name="upassword1" value="' . $upassword1
  321. . '" size="15" type="password" /></td>
  322. </tr>
  323. <tr>
  324. <td align="right" colspan="2"><label>'
  325. . translate ( 'Password (again)' ) . ':</label></td>
  326. <td align="left"><input name="upassword2" value="' . $upassword2
  327. . '" size="15" type="password" />'
  328. : 'colspan="3" align="center"><label>'
  329. . translate ( 'Your account information will be emailed to you.' )
  330. . '</label>' ) . '</td>
  331. </tr>
  332. <tr>
  333. <td colspan="3" align="center"><input type="submit" value="'
  334. . translate ( 'Submit' ) . '" /></td>
  335. </tr>
  336. </table>
  337. </form>' ) . '<br /><br /><br /><br /><br /><br /><br /><br />
  338. <span class="cookies">' . translate ( 'cookies-note' )
  339. . '</span><br />
  340. <hr />
  341. <br /><br />
  342. <a href="' . $PROGRAM_URL . '" id="programname">' . $PROGRAM_NAME . '</a>';
  343. // Print custom trailer (since we do not call print_trailer function).
  344. if ( ! empty ( $CUSTOM_TRAILER ) && $CUSTOM_TRAILER == 'Y' ) {
  345. $res = dbi_execute ( 'SELECT cal_template_text FROM webcal_report_template
  346. WHERE cal_template_type = \'T\' and cal_report_id = 0' );
  347. if ( $res ) {
  348. if ( $row = dbi_fetch_row ( $res ) )
  349. echo $row[0];
  350.  
  351. dbi_free_result ( $res );
  352. }
  353. }
  354.  
  355. ?>
  356. </body>
  357. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!