Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- * Made by Samerton
- * http://worldscapemc.co.uk
- *
- * License: MIT
- */
- if(!isset($registration_enabled)){
- // Registration is disabled
- Redirect::to('/');
- die();
- }
- // Registration page
- require('core/integration/uuid.php'); // For UUID stuff
- require('core/includes/password.php'); // For password hashing
- require('core/includes/validate_date.php'); // For date validation
- // Are custom usernames enabled?
- $custom_usernames = $queries->getWhere("settings", array("name", "=", "displaynames"));
- $custom_usernames = $custom_usernames[0]->value;
- // Is UUID linking enabled?
- $uuid_linking = $queries->getWhere('settings', array('name', '=', 'uuid_linking'));
- $uuid_linking = $uuid_linking[0]->value;
- // Is mcassoc enabled?
- $account_association = $queries->getWhere('settings', array('name', '=', 'use_mcassoc'));
- $account_association = $account_association[0]->value;
- if(isset($_GET['step']) && isset($_SESSION['mcassoc'])){
- // Get site ID
- $mcassoc_site_id = $queries->getWhere('settings', array('name', '=', 'sitename'));
- $mcassoc_site_id = $mcassoc_site_id[0]->value;
- $mcassoc_shared_secret = $queries->getWhere('settings', array('name', '=', 'mcassoc_key'));
- $mcassoc_shared_secret = $mcassoc_shared_secret[0]->value;
- $mcassoc_instance_secret = $queries->getWhere('settings', array('name', '=', 'mcassoc_instance'));
- $mcassoc_instance_secret = $mcassoc_instance_secret[0]->value;
- // Initialise
- define('MCASSOC', true);
- $mcassoc = new MCAssoc($mcassoc_shared_secret, $mcassoc_site_id, $mcassoc_instance_secret);
- $mcassoc->enableInsecureMode();
- require('core/integration/run_mcassoc.php');
- die();
- }
- // Use recaptcha?
- $recaptcha = $queries->getWhere("settings", array("name", "=", "recaptcha"));
- $recaptcha = $recaptcha[0]->value;
- $recaptcha_key = $queries->getWhere("settings", array("name", "=", "recaptcha_key"));
- $recaptcha_secret = $queries->getWhere('settings', array('name', '=', 'recaptcha_secret'));
- // Is email verification enabled?
- $email_verification = $queries->getWhere('settings', array('name', '=', 'email_verification'));
- $email_verification = $email_verification[0]->value;
- // Deal with any input
- if(Input::exists()){
- if(Token::check(Input::get('token'))){
- // Valid token
- if($recaptcha == 'true'){
- // Check reCAPCTHA
- $url = 'https://www.google.com/recaptcha/api/siteverify';
- $post_data = 'secret=' . $recaptcha_secret[0]->value . '&response=' . Input::get('g-recaptcha-response');
- $ch = curl_init($url);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $result = curl_exec($ch);
- $result = json_decode($result, true);
- } else {
- // reCAPTCHA is disabled
- $result = array(
- 'success' => 'true'
- );
- }
- if(isset($result['success']) && $result['success'] == 'true'){
- // Validate
- $validate = new Validate();
- $to_validation = array( // Base field validation
- 'password' => array(
- 'required' => true,
- 'min' => 6,
- 'max' => 30
- ),
- 'password_again' => array(
- 'matches' => 'password'
- ),
- 'email' => array(
- 'required' => true,
- 'min' => 4,
- 'max' => 64,
- 'unique' => 'users'
- ),
- 't_and_c' => array(
- 'required' => true,
- 'agree' => true
- ),
- 'location' => array(
- 'max' => 128
- )
- );
- if($recaptcha === "true"){ // check Recaptcha response
- $to_validation['g-recaptcha-response'] = array(
- 'required' => true
- );
- }
- // Validate date of birth
- if(Input::get('birthday') && (!validateDate(Input::get('birthday')) || strtotime(Input::get('birthday')) > strtotime('now'))){
- // Invalid
- $error = '<div class="alert alert-danger">' . $user_language['invalid_date_of_birth'] . '</div>';
- } else {
- // Valid date of birth
- if($uuid_linking == '1'){
- if($custom_usernames == "true"){ // validate username and Minecraft name
- $to_validation['mcname'] = array(
- 'required' => true,
- //'isvalid' => true,
- 'min' => 3,
- 'max' => 20,
- 'unique' => 'users'
- );
- $to_validation['username'] = array(
- 'required' => true,
- 'min' => 3,
- 'max' => 20,
- 'unique' => 'users'
- );
- $mcname = htmlspecialchars(Input::get('mcname'));
- // Perform validation on Minecraft name
- $profile = ProfileUtils::getProfile(str_replace(' ', '%20', $mcname));
- $mcname_result = $profile->getProfileAsArray();
- if(isset($mcname_result['username']) && !empty($mcname_result['username'])){
- // Valid
- } else {
- // Invalid
- $invalid_mcname = true;
- }
- } else { // only validate Minecraft name
- $to_validation['username'] = array(
- 'required' => true,
- 'min' => 3,
- 'max' => 20,
- 'unique' => 'users'
- );
- $mcname = htmlspecialchars(Input::get('username'));
- // Perform validation on Minecraft name
- $profile = ProfileUtils::getProfile(str_replace(' ', '%20', $mcname));
- $mcname_result = $profile->getProfileAsArray();
- if(isset($mcname_result['username']) && !empty($mcname_result['username'])){
- // Valid
- } else {
- // Invalid
- $invalid_mcname = true;
- }
- }
- } else {
- if($custom_usernames == "true"){ // validate username and Minecraft name
- $to_validation['mcname'] = array(
- 'required' => true,
- 'min' => 3,
- 'max' => 20,
- 'unique' => 'users'
- );
- $to_validation['username'] = array(
- 'required' => true,
- 'min' => 3,
- 'max' => 20,
- 'unique' => 'users'
- );
- $mcname = htmlspecialchars(Input::get('mcname'));
- } else { // only validate Minecraft name
- $to_validation['username'] = array(
- 'required' => true,
- 'min' => 3,
- 'max' => 20,
- 'unique' => 'users'
- );
- $mcname = htmlspecialchars(Input::get('username'));
- }
- }
- // Check to see if the Minecraft username was valid
- if(!isset($invalid_mcname)){
- // Valid, continue with validation
- $validation = $validate->check($_POST, $to_validation); // Execute validation
- if($validation->passed()){
- if($uuid_linking == '1'){
- if(!isset($mcname_result)){
- $profile = ProfileUtils::getProfile(str_replace(' ', '%20', $mcname));
- $mcname_result = $profile->getProfileAsArray();
- }
- if(isset($mcname_result["uuid"]) && !empty($mcname_result['uuid'])){
- $uuid = $mcname_result['uuid'];
- } else {
- $uuid = '';
- }
- } else {
- $uuid = '';
- }
- // Minecraft user account association
- if(isset($account_association) && $account_association == '1'){
- // MCAssoc enabled
- // Get data from database
- $mcassoc_site_id = $queries->getWhere('settings', array('name', '=', 'sitename'));
- $mcassoc_site_id = $mcassoc_site_id[0]->value;
- $mcassoc_shared_secret = $queries->getWhere('settings', array('name', '=', 'mcassoc_key'));
- $mcassoc_shared_secret = $mcassoc_shared_secret[0]->value;
- $mcassoc_instance_secret = $queries->getWhere('settings', array('name', '=', 'mcassoc_instance'));
- $mcassoc_instance_secret = $mcassoc_instance_secret[0]->value;
- // Initialise
- define('MCASSOC', true);
- $mcassoc = new MCAssoc($mcassoc_shared_secret, $mcassoc_site_id, $mcassoc_instance_secret);
- $mcassoc->enableInsecureMode();
- require('core/integration/run_mcassoc.php');
- die();
- } else {
- // MCAssoc disabled
- $user = new User();
- $ip = $user->getIP();
- if(filter_var($ip, FILTER_VALIDATE_IP)){
- // Valid IP
- } else {
- // TODO: Invalid IP, do something else
- }
- $password = password_hash(Input::get('password'), PASSWORD_BCRYPT, array("cost" => 13));
- // Get current unix time
- $date = new DateTime();
- $date = $date->getTimestamp();
- try {
- $code = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 60);
- $user->create(array(
- 'username' => htmlspecialchars(Input::get('username')),
- 'mcname' => $mcname,
- 'uuid' => $uuid,
- 'password' => $password,
- 'pass_method' => 'default',
- 'joined' => $date,
- 'group_id' => 1,
- 'email' => htmlspecialchars(Input::get('email')),
- 'reset_code' => $code,
- 'lastip' => htmlspecialchars($ip),
- 'last_online' => $date,
- 'birthday' => date('Y-m-d', strtotime(str_replace('-', '/', htmlspecialchars(Input::get('birthday'))))),
- 'location' => htmlspecialchars(Input::get('location'))
- ));
- if($email_verification == '1'){
- $php_mailer = $queries->getWhere('settings', array('name', '=', 'phpmailer'));
- $php_mailer = $php_mailer[0]->value;
- if($php_mailer == '1'){
- // PHP Mailer
- require('core/includes/phpmailer/PHPMailerAutoload.php');
- require('core/email.php');
- $mail = new PHPMailer;
- $mail->IsSMTP();
- $mail->SMTPDebug = 0;
- $mail->Debugoutput = 'html';
- $mail->Host = $GLOBALS['email']['host'];
- $mail->Port = $GLOBALS['email']['port'];
- $mail->SMTPSecure = $GLOBALS['email']['secure'];
- $mail->SMTPAuth = $GLOBALS['email']['smtp_auth'];
- $mail->Username = $GLOBALS['email']['username'];
- $mail->Password = $GLOBALS['email']['password'];
- $mail->setFrom($GLOBALS['email']['username'], $GLOBALS['email']['name']);
- $mail->From = $GLOBALS['email']['username'];
- $mail->FromName = $GLOBALS['email']['name'];
- $mail->addAddress(htmlspecialchars(Input::get('email')), htmlspecialchars(Input::get('username')));
- $mail->Subject = $sitename . ' - ' . $user_language['register'];
- // HTML to display in message
- $path = join(DIRECTORY_SEPARATOR, array(ROOT_PATH, 'styles', 'templates', $template, 'email', 'register.html'));
- $html = file_get_contents($path);
- $link = 'http://' . $_SERVER['SERVER_NAME'] . '/validate/?c=' . $code;
- $html = str_replace(array('[Sitename]', '[Register]', '[Greeting]', '[Message]', '[Link]', '[Thanks]'), array($sitename, $user_language['register'], $email_language['greeting'], $email_language['message'], $link, $email_language['thanks']), $html);
- $mail->msgHTML($html);
- $mail->IsHTML(true);
- $mail->Body = $html;
- if(!$mail->send()) {
- echo "Mailer Error: " . $mail->ErrorInfo;
- die();
- } else {
- echo "Message sent!";
- }
- } else {
- // PHP mail function
- $siteemail = $queries->getWhere('settings', array('name', '=', 'outgoing_email'));
- $siteemail = $siteemail[0]->value;
- $to = Input::get('email');
- $subject = $sitename . ' - ' . $user_language['register'];
- $message = $email_language['greeting'] . PHP_EOL .
- $email_language['message'] . PHP_EOL . PHP_EOL .
- 'http://' . $_SERVER['SERVER_NAME'] . '/validate/?c=' . $code . PHP_EOL . PHP_EOL .
- $email_language['thanks'] . PHP_EOL .
- $sitename;
- $headers = 'From: ' . $siteemail . "\r\n" .
- 'Reply-To: ' . $siteemail . "\r\n" .
- 'X-Mailer: PHP/' . phpversion();
- mail($to, $subject, $message, $headers);
- }
- } else {
- // Email verification disabled
- // Redirect straight to verification link
- echo '<script>window.location.replace("/validate/?c=' . $code . '");</script>';
- die();
- }
- Session::flash('home', '<div class="alert alert-info alert-dismissible"> <button type="button" class="close" data-dismiss="alert"><span aria-hidden="true">×</span></button>' . $user_language['registration_check_email'] . '</div>');
- Redirect::to('/');
- die();
- } catch(Exception $e){
- die($e->getMessage());
- }
- }
- } else {
- // Errors
- $error = '<div class="alert alert-danger">';
- foreach($validation->errors() as $validation_error){
- if(strpos($validation_error, 'is required') !== false){
- // x is required
- switch($validation_error){
- case (strpos($validation_error, 'username') !== false):
- $error .= $user_language['username_required'] . '<br />';
- break;
- case (strpos($validation_error, 'email') !== false):
- $error .= $user_language['email_required'] . '<br />';
- break;
- case (strpos($validation_error, 'password') !== false):
- $error .= $user_language['password_required'] . '<br />';
- break;
- case (strpos($validation_error, 'mcname') !== false):
- $error .= $user_language['mcname_required'] . '<br />';
- break;
- case (strpos($validation_error, 't_and_c') !== false):
- $error .= $user_language['accept_terms'] . '<br />';
- break;
- case (strpos($validation_error, 'location') !== false):
- $error .= $user_language['location_required'] . '<br />';
- break;
- }
- } else if(strpos($validation_error, 'minimum') !== false){
- // x must be a minimum of y characters long
- switch($validation_error){
- case (strpos($validation_error, 'username') !== false):
- $error .= $user_language['username_minimum_3'] . '<br />';
- break;
- case (strpos($validation_error, 'mcname') !== false):
- $error .= $user_language['mcname_minimum_3'] . '<br />';
- break;
- case (strpos($validation_error, 'password') !== false):
- $error .= $user_language['password_minimum_6'] . '<br />';
- break;
- case (strpos($validation_error, 'location') !== false):
- $error .= $user_language['location_minimum_2'] . '<br />';
- break;
- }
- } else if(strpos($validation_error, 'maximum') !== false){
- // x must be a maximum of y characters long
- switch($validation_error){
- case (strpos($validation_error, 'username') !== false):
- $error .= $user_language['username_maximum_20'] . '<br />';
- break;
- case (strpos($validation_error, 'mcname') !== false):
- $error .= $user_language['mcname_maximum_20'] . '<br />';
- break;
- case (strpos($validation_error, 'password') !== false):
- $error .= $user_language['password_maximum_30'] . '<br />';
- break;
- case (strpos($validation_error, 'location') !== false):
- $error .= $user_language['location_maximum_128'] . '<br />';
- break;
- }
- } else if(strpos($validation_error, 'must match') !== false){
- // password must match password again
- $error .= $user_language['passwords_dont_match'] . '<br />';
- } else if(strpos($validation_error, 'already exists') !== false){
- // already exists
- $error .= $user_language['username_mcname_email_exists'] . '<br />';
- } else if(strpos($validation_error, 'not a valid Minecraft account') !== false){
- // Invalid Minecraft username
- $error .= $user_language['invalid_mcname'] . '<br />';
- } else if(strpos($validation_error, 'Mojang communication error') !== false){
- // Mojang server error
- $error .= $user_language['mcname_lookup_error'] . '<br />';
- }
- }
- $error .= '</div>';
- //$error = '<div class="alert alert-danger">' . $user_language['registration_error'] . '</div>';
- }
- } else {
- // Invalid Minecraft name
- $error = '<div class="alert alert-danger">' . $user_language['invalid_mcname'] . '</div>';
- }
- }
- } else {
- // reCAPTCHA failed
- $error = '<div class="alert alert-danger">' . $user_language['invalid_recaptcha'] . '</div>';
- }
- } else {
- // Invalid token
- Session::flash('register', '<div class="alert alert-danger">' . $admin_language['invalid_token'] . '</div>');
- }
- }
- if(isset($error)){
- $smarty->assign('REGISTRATION_ERROR', $error);
- } else {
- $smarty->assign('REGISTRATION_ERROR', '');
- }
- // Generate code for page
- $form_content = '
- <div class="form-group">
- <input type="text" name="username" id="username" autocomplete="off" value="' . escape(Input::get('username')) . '" class="form-control input-lg" placeholder="';
- if($custom_usernames == "false"){ $form_content .= $user_language['minecraft_username']; } else { $form_content .= $user_language['username']; }
- $form_content .= '" tabindex="1">
- </div>
- ';
- // Custom usernames?
- if($custom_usernames !== "false"){
- $form_content .= '
- <div class="form-group">
- <input type="text" name="mcname" id="mcname" autocomplete="off" class="form-control input-lg" placeholder="' . $user_language['minecraft_username'] . '" tabindex="2">
- </div>';
- }
- // Continue
- $form_content .= '
- <div class="form-group">
- <input type="email" name="email" id="email" value="' . escape(Input::get('email')) . '" class="form-control input-lg" placeholder="' . $user_language['email_address'] . '" tabindex="3">
- </div>
- <div class="form-group">
- <input type="text" name="location" id="location" class="form-control input-lg" placeholder="' . $user_language['location'] . '" tabindex="5">
- </div>
- <div class="row">
- <div class="col-xs-12 col-sm-6 col-md-6">
- <div class="form-group">
- <input type="password" name="password" id="password" class="form-control input-lg" placeholder="' . $user_language['password'] . '" tabindex="6">
- </div>
- </div>
- <div class="col-xs-12 col-sm-6 col-md-6">
- <div class="form-group">
- <input type="password" name="password_again" id="password_again" class="form-control input-lg" placeholder="' . $user_language['confirm_password'] . '" tabindex="7">
- </div>
- </div>
- </div>
- ';
- // Recaptcha
- if($recaptcha === "true"){
- $form_content .= '
- <center>
- <div class="g-recaptcha" data-sitekey="' . htmlspecialchars($recaptcha_key[0]->value) . '"></div>
- </center>
- <br />
- ';
- }
- // Continue
- $form_content .= '
- <div class="row">
- <div class="col-xs-4 col-sm-3 col-md-3">
- <span class="button-checkbox">
- <button type="button" class="btn" data-color="info" tabindex="7"> ' . $user_language['i_agree'] . '</button>
- <input type="checkbox" name="t_and_c" id="t_and_c" class="hidden" value="1">
- </span>
- </div>
- <div class="col-xs-8 col-sm-9 col-md-9">
- ' . $user_language['agree_t_and_c'] . '
- </div>
- </div>
- ';
- $form_submit = '
- <div class="row">
- <input type="hidden" name="token" value="' . Token::generate() . '">
- <div class="col-xs-12 col-md-6">
- <button type="submit" class="btn btn-primary btn-block btn-lg">
- ' . $user_language['register'] . '
- </button>
- </div>
- <div class="col-xs-12 col-md-6"><a href="/signin" class="btn btn-success btn-block btn-lg">' . $user_language['sign_in'] . '</a></div>
- </div>
- ';
- // Session messages
- if(Session::exists('register')){
- $smarty->assign('SESSION_FLASH', Session::flash('register'));
- } else {
- $smarty->assign('SESSION_FLASH', '');
- }
- $smarty->assign('CREATE_AN_ACCOUNT', $user_language['create_an_account']);
- $smarty->assign('FORM_CONTENT', $form_content);
- $smarty->assign('FORM_SUBMIT', $form_submit);
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
- <meta name="viewport" content="width=device-width, initial-scale=1">
- <meta name="description" content="<?php echo $sitename; ?> registration form">
- <meta name="author" content="<?php echo $sitename; ?>">
- <meta name="theme-color" content="#454545" />
- <?php if(isset($custom_meta)){ echo $custom_meta; } ?>
- <?php
- // Generate header and navbar content
- // Page title
- $title = $user_language['register'];
- require('core/includes/template/generate.php');
- ?>
- <link href="/core/assets/plugins/bootstrap-datepicker/css/bootstrap-datepicker3.min.css" rel="stylesheet">
- <!-- Custom style -->
- <style>
- html {
- overflow-y: scroll;
- }
- </style>
- </head>
- <body>
- <?php
- // Navbar
- $smarty->display('styles/templates/' . $template . '/navbar.tpl');
- // Registration template
- $smarty->display('styles/templates/' . $template . '/register.tpl');
- // HTML Purifier
- require_once('core/includes/htmlpurifier/HTMLPurifier.standalone.php');
- $config = HTMLPurifier_Config::createDefault();
- $config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
- $config->set('URI.DisableExternalResources', false);
- $config->set('URI.DisableResources', false);
- $config->set('HTML.Allowed', 'u,p,b,i,a,s');
- $config->set('HTML.AllowedAttributes', 'target, href');
- $config->set('Attr.AllowedFrameTargets', array('_blank', '_self', '_parent', '_top'));
- $purifier = new HTMLPurifier($config);
- ?>
- <!-- Modal -->
- <div class="modal fade" id="t_and_c_m" tabindex="-1" role="dialog" aria-labelledby="t_and_c_m_Label" aria-hidden="true">
- <div class="modal-dialog modal-lg">
- <div class="modal-content">
- <div class="modal-header">
- <h4 class="modal-title" id="t_and_c_m_Label"><?php echo $user_language['terms_and_conditions']; ?></h4>
- </div>
- <div class="modal-body">
- <?php
- $t_and_c = $queries->getWhere("settings", array("name", "=", "t_and_c"));
- echo $purifier->purify(htmlspecialchars_decode($t_and_c[0]->value));
- $t_and_c = $queries->getWhere("settings", array("name", "=", "t_and_c_site"));
- echo $purifier->purify(htmlspecialchars_decode($t_and_c[0]->value));
- ?>
- </div>
- <div class="modal-footer">
- <button type="button" class="btn btn-primary" data-dismiss="modal"><?php echo $general_language['close']; ?></button>
- </div>
- </div><!-- /.modal-content -->
- </div><!-- /.modal-dialog -->
- </div><!-- /.modal -->
- <?php
- // Footer
- require('core/includes/template/footer.php');
- $smarty->display('styles/templates/' . $template . '/footer.tpl');
- // Scripts
- require('core/includes/template/scripts.php');
- if($recaptcha === "true"){
- ?>
- <script src="https://www.google.com/recaptcha/api.js"></script>
- <?php
- }
- ?>
- <script src="/core/assets/plugins/bootstrap-datepicker/js/bootstrap-datepicker.min.js"></script>
- <script>
- $('.datepicker').datepicker({
- orientation: 'bottom'
- });
- $(function () {
- $('.button-checkbox').each(function () {
- // Settings
- var $widget = $(this),
- $button = $widget.find('button'),
- $checkbox = $widget.find('input:checkbox'),
- color = $button.data('color'),
- settings = {
- on: {
- icon: 'glyphicon glyphicon-check'
- },
- off: {
- icon: 'glyphicon glyphicon-unchecked'
- }
- };
- // Event Handlers
- $button.on('click', function () {
- $checkbox.prop('checked', !$checkbox.is(':checked'));
- $checkbox.triggerHandler('change');
- updateDisplay();
- });
- $checkbox.on('change', function () {
- updateDisplay();
- });
- // Actions
- function updateDisplay() {
- var isChecked = $checkbox.is(':checked');
- // Set the button's state
- $button.data('state', (isChecked) ? "on" : "off");
- // Set the button's icon
- $button.find('.state-icon')
- .removeClass()
- .addClass('state-icon ' + settings[$button.data('state')].icon);
- // Update the button's color
- if (isChecked) {
- $button
- .removeClass('btn-default')
- .addClass('btn-' + color + ' active');
- }
- else {
- $button
- .removeClass('btn-' + color + ' active')
- .addClass('btn-default');
- }
- }
- // Initialisation
- function init() {
- updateDisplay();
- // Inject the icon if applicable
- if ($button.find('.state-icon').length == 0) {
- $button.prepend('<i class="state-icon ' + settings[$button.data('state')].icon + '"></i>');
- }
- }
- init();
- });
- });
- </script>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement