// ############################### start add member ###########################

1.  
2. // ############################### start add member ###############################
3. if ($_POST['do'] == 'addmember')
4. {
5. $vbulletin->input->clean_array_gpc('p', array(
6. 'options' => TYPE_ARRAY_BOOL,
7. 'username' => TYPE_STR,
8. 'email' => TYPE_STR,
9. 'emailconfirm' => TYPE_STR,
10. 'parentemail' => TYPE_STR,
11. 'password' => TYPE_STR,
12. 'password_md5' => TYPE_STR,
13. 'passwordconfirm' => TYPE_STR,
14. 'passwordconfirm_md5' => TYPE_STR,
15. 'referrername' => TYPE_NOHTML,
16. 'coppauser' => TYPE_BOOL,
17. 'day' => TYPE_UINT,
18. 'month' => TYPE_UINT,
19. 'year' => TYPE_UINT,
20. 'timezoneoffset' => TYPE_NUM,
21. 'dst' => TYPE_UINT,
22. 'userfield' => TYPE_ARRAY,
23. 'showbirthday' => TYPE_UINT,
24. 'humanverify' => TYPE_ARRAY,
25. ));
26.  
27. if (!$vbulletin->options['allowregistration'])
28. {
29. eval(standard_error(fetch_error('noregister')));
30. }
31.  
32. // check for multireg
33. if ($vbulletin->userinfo['userid'] AND !$vbulletin->options['allowmultiregs'])
34. {
35. eval(standard_error(fetch_error('alreadyregistered', $vbulletin->userinfo['username'], $vbulletin->session->vars['sessionurl'])));
36. }
37.  
38. // init user datamanager class
39. $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY);
40.  
41. // coppa option
42. if ($vbulletin->options['usecoppa'])
43. {
44. $current['year'] = date('Y');
45. $current['month'] = date('m');
46. $current['day'] = date('d');
47.  
48. $month = $vbulletin->GPC['month'];
49. $year = $vbulletin->GPC['year'];
50. $day = $vbulletin->GPC['day'];
51.  
52. if ($year > 1970 AND mktime(0, 0, 0, $month, $day, $year) > mktime(0, 0, 0, $current['month'], $current['day'], $current['year'] - 13))
53. {
54. if ($vbulletin->options['checkcoppa'])
55. {
56. vbsetcookie('coppaage', $month . '-' . $day . '-' . $year, 1);
57. }
58.  
59. if ($vbulletin->options['usecoppa'] == 2)
60. {
61. standard_error(fetch_error('under_thirteen_registration_denied'));
62. }
63.  
64. $vbulletin->GPC['coppauser'] = true;
65.  
66. }
67. else
68. {
69. $vbulletin->GPC['coppauser'] = false;
70. }
71. }
72. else
73. {
74. $vbulletin->GPC['coppauser'] = false;
75. }
76.  
77. $userdata->set_info('coppauser', $vbulletin->GPC['coppauser']);
78. $userdata->set_info('coppapassword', $vbulletin->GPC['password']);
79. $userdata->set_bitfield('options', 'coppauser', $vbulletin->GPC['coppauser']);
80. $userdata->set('parentemail', $vbulletin->GPC['parentemail']);
81.  
82. // check for missing fields
83. if (empty($vbulletin->GPC['username'])
84. OR empty($vbulletin->GPC['email'])
85. OR empty($vbulletin->GPC['emailconfirm'])
86. OR ($vbulletin->GPC['coppauser'] AND empty($vbulletin->GPC['parentemail']))
87. OR (empty($vbulletin->GPC['password']) AND empty($vbulletin->GPC['password_md5']))
88. OR (empty($vbulletin->GPC['passwordconfirm']) AND empty($vbulletin->GPC['passwordconfirm_md5']))
89. )
90. {
91. $userdata->error('fieldmissing');
92. }
93.  
94. // check for matching passwords
95. if ($vbulletin->GPC['password'] != $vbulletin->GPC['passwordconfirm'] OR (strlen($vbulletin->GPC['password_md5']) == 32 AND $vbulletin->GPC['password_md5'] != $v
96. bulletin->GPC['passwordconfirm_md5']))
97. {
98. $userdata->error('passwordmismatch');
99. }
100.  
101. // check for matching email addresses
102. if ($vbulletin->GPC['email'] != $vbulletin->GPC['emailconfirm'])
103. {
104. $userdata->error('emailmismatch');
105. }
106. $userdata->set('email', $vbulletin->GPC['email']);
107.  
108. $userdata->set('username', $vbulletin->GPC['username']);
109.  
110. // set password
111. $userdata->set('password', ($vbulletin->GPC['password_md5'] ? $vbulletin->GPC['password_md5'] : $vbulletin->GPC['password']));
112.  
113. // check referrer
114. if ($vbulletin->GPC['referrername'] AND !$vbulletin->userinfo['userid'])
115. {
116. $userdata->set('referrerid', $vbulletin->GPC['referrername']);
117. }
118.  
119. // Human Verification
120. if (fetch_require_hvcheck('register'))
121. {
122. require_once(DIR . '/includes/class_humanverify.php');
123. $verify =& vB_HumanVerify::fetch_library($vbulletin);
124. if (!$verify->verify_token($vbulletin->GPC['humanverify']))
125. {
126. $userdata->error($verify->fetch_error());
127. }
128. }
129. // Set specified options
130. if (!empty($vbulletin->GPC['options']))
131. {
132. foreach ($vbulletin->GPC['options'] AS $optionname => $onoff)
133. {
134. $userdata->set_bitfield('options', $optionname, $onoff);
135. }
136. }
137.  
138. // assign user to usergroup 3 if email needs verification
139. if ($vbulletin->options['verifyemail'])
140. {
141. $newusergroupid = 3;
142. }
143. else if ($vbulletin->options['moderatenewmembers'] OR $vbulletin->GPC['coppauser'])
144. {
145. $newusergroupid = 4;
146. }
147. else
148. {
149. $newusergroupid = 2;
150. }
151. // set usergroupid
152. $userdata->set('usergroupid', $newusergroupid);
153.  
154. // set languageid
155. $userdata->set('languageid', $vbulletin->userinfo['languageid']);
156.  
157. // set user title
158. $userdata->set_usertitle('', false, $vbulletin->usergroupcache["$newusergroupid"], false, false);
159.  
160. // set profile fields
161. $customfields = $userdata->set_userfields($vbulletin->GPC['userfield'], true, 'register');
162.  
163. // set birthday
164. $userdata->set('showbirthday', $vbulletin->GPC['showbirthday']);
165. $userdata->set('birthday', array(
166. 'day' => $vbulletin->GPC['day'],
167. 'month' => $vbulletin->GPC['month'],
168. 'year' => $vbulletin->GPC['year']
169. ));
170.  
171. // set time options
172. $userdata->set_dst($vbulletin->GPC['dst']);
173. $userdata->set('timezoneoffset', $vbulletin->GPC['timezoneoffset']);
174.  
175. // register IP address
176. $userdata->set('ipaddress', IPADDRESS);
177.  
178. ($hook = vBulletinHook::fetch_hook('register_addmember_process')) ? eval($hook) : false;
179.  
180. $userdata->pre_save();
181.  
182. // check for errors
183. if (!empty($userdata->errors))
184. {
185. $_REQUEST['do'] = 'register';
186.  
187. $errorlist = '';
188. foreach ($userdata->errors AS $index => $error)
189. {
190. $errorlist .= "<li>$error</li>";
191. }
192.  
193. $username = htmlspecialchars_uni($vbulletin->GPC['username']);
194. $email = htmlspecialchars_uni($vbulletin->GPC['email']);
195. $emailconfirm = htmlspecialchars_uni($vbulletin->GPC['emailconfirm']);
196. $parentemail = htmlspecialchars_uni($vbulletin->GPC['parentemail']);
197. $selectdst = array($vbulletin->GPC['dst'] => 'selected="selected"');
198. $sbselected = array($vbulletin->GPC['showbirthday'] => 'selected="selected"');
199. $show['errors'] = true;
200. }
201. else
202. {
203. $show['errors'] = false;
204.  
205. // save the data
206. $vbulletin->userinfo['userid']
207. = $userid
208. = $userdata->save();
209.  
210. if ($userid)
211. {
212. $userinfo = fetch_userinfo($userid);
213. $userdata_rank =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
214. $userdata_rank->set_existing($userinfo);
215. $userdata_rank->set('posts', 0);
216. $userdata_rank->save();
217.  
218. // force a new session to prevent potential issues with guests from the same IP, see bug #2459
219. require_once(DIR . '/includes/functions_login.php');
220. $vbulletin->session->created = false;
221. process_new_login('', false, '');
222.  
223. // send new user email
224. if ($vbulletin->options['newuseremail'] != '')
225. {
226. $username = $vbulletin->GPC['username'];
227. $email = $vbulletin->GPC['email'];
228.  
229. if ($birthday = $userdata->fetch_field('birthday'))
230. {
231. $bday = explode('-', $birthday);
232. $year = vbdate('Y', TIMENOW, false, false);
233. $month = vbdate('n', TIMENOW, false, false);
234. $day = vbdate('j', TIMENOW, false, false);
235. if ($year > $bday[2] AND $bday[2] > 1901 AND $bday[2] != '0000')
236. {
237. require_once(DIR . '/includes/functions_misc.php');
238. $vbulletin->options['calformat1'] = mktimefix($vbulletin->options['calformat1'], $bday[2]);
239. if ($bday[2] >= 1970)
240. {
241. $yearpass = $bday[2];
242. }
243. else
244. {
245. // day of the week patterns repeat every 28 years, so
246. // find the first year >= 1970 that has this pattern
247. $yearpass = $bday[2] + 28 * ceil((1970 - $bday[2]) / 28);
248. }
249. $birthday = vbdate($vbulletin->options['calformat1'], mktime(0, 0, 0, $bday[0], $bday[1], $yearpass), false, true, false)
250. ;
251. }
252. else
253. {
254. // lets send a valid year as some PHP3 don't like year to be 0
255. $birthday = vbdate($vbulletin->options['calformat2'], mktime(0, 0, 0, $bday[0], $bday[1], 1992), false, true, false);
256. }
257.  
258. if ($birthday == '')
259. {
260. // Should not happen; fallback for win32 bug regarding mktime and dates < 1970
261. if ($bday[2] == '0000')
262. {
263. $birthday = "$bday[0]-$bday[1]";
264. }
265. else
266. {
267. $birthday = "$bday[0]-$bday[1]-$bday[2]";
268. }
269. }
270. }
271.  
272. if ($userdata->fetch_field('referrerid') AND $vbulletin->GPC['referrername'])
273. {
274. $referrer = unhtmlspecialchars($vbulletin->GPC['referrername']);
275. }
276. else
277. {
278. $referrer = $vbphrase['n_a'];
279. }
280. $ipaddress = IPADDRESS;
281.  
282. eval(fetch_email_phrases('newuser', 0));
283.  
284. $newemails = explode(' ', $vbulletin->options['newuseremail']);
285. foreach ($newemails AS $toemail)
286. {
287. if (trim($toemail))
288. {
289. vbmail($toemail, $subject, $message);
290. }
291. }
292. }
293.  
294. $username = htmlspecialchars_uni($vbulletin->GPC['username'])