We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

register.php 5.46 KB
Newer Older
mattl's avatar
mattl committed
1 2
<?php

mattl's avatar
mattl committed
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
/* Libre.fm -- a free network service for sharing your music listening habits

   Copyright (C) 2009 Libre.fm Project

   This program is free software: you can redistribute it and/or modify
   it under the terms of the GNU Affero General Public License as published by
   the Free Software Foundation, either version 3 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU Affero General Public License for more details.

   You should have received a copy of the GNU Affero General Public License
   along with this program.  If not, see <http://www.gnu.org/licenses/>.

*/

elleo's avatar
elleo committed
22 23
require_once("database.php");
require_once("templating.php");
jurgbohn's avatar
jurgbohn committed
24
require_once("utils/EmailAddressValidator.php");
jurgbohn's avatar
jurgbohn committed
25 26 27

// Moving to open alpha
/*$authcode = $_GET["authcode"];
elleo's avatar
elleo committed
28 29 30 31 32 33

$res = $mdb2->query("SELECT inviter FROM Invitations WHERE code = " . $mdb2->quote($authcode, "text"));
if(!$res->numRows()) {
	$invalid_authcode = true;
} else {
	$invalid_authcode = false;
jurgbohn's avatar
jurgbohn committed
34
}*/
jurgbohn's avatar
jurgbohn committed
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51
function sendEmail($text, $email) {
        $headers = 'From: Libre.fm Account Activation <account@libre.fm>';
	$subject = 'Libre.fm Account Activation - Action needed!';
	mail($email, $subject, $text, $headers);
}
if(isset($_GET['auth'])) {
	$authcode = $_GET['auth'];
	$res = $mdb2->query("SELECT * FROM AccountActivation WHERE authcode = " . $mdb2->quote($authcode, 'text'));
	if (PEAR::isError($res) || !$res->numRows()) {
		$errors = "Unknown activationcode.";
		$smarty->assign('errors', $errors);
		$smarty->display('error.tpl');
		die();
	}

	$row = $res->fetchRow(MDB2_FETCHMODE_ASSOC);

jurgbohn's avatar
jurgbohn committed
52
	$sql = "UPDATE Users SET active = 1 WHERE username = " . $mdb2->quote($row['username'], 'text');
jurgbohn's avatar
jurgbohn committed
53
	$res = $mdb2->exec($sql);
jurgbohn's avatar
jurgbohn committed
54
	if (PEAR::isError($res)) {
jurgbohn's avatar
jurgbohn committed
55
	    $errors = "Error: " . $res->getUserInfo();
jurgbohn's avatar
jurgbohn committed
56 57 58 59
	    $smarty->assign('errors', $errors);
	    $smarty->display('error.tpl');
	    die();
	}
jurgbohn's avatar
jurgbohn committed
60 61
	$smarty->assign('activated', true);
}
elleo's avatar
elleo committed
62 63 64 65 66 67 68 69 70 71 72 73 74 75

if(isset($_POST['register'])) {

	$errors = "";
	$username = $_POST['username'];
	$password = $_POST['password'];
	$passwordrepeat = $_POST['password-repeat'];
	$fullname = $_POST['fullname'];
	$email = $_POST['email'];
	$location = $_POST['location'];
	$bio = $_POST['bio'];


	//Basic validation
jurgbohn's avatar
jurgbohn committed
76
	if(!preg_match("/^[a-zA-Z0-9_]{3,16}$/", $username)) {
jurgbohn's avatar
jurgbohn committed
77
		$errors .= "Your username must be atleast 3 characters in length (max 16) and only consist of <i>a-z, A-Z, 0-9</i> and _ (underscore).<br />";
elleo's avatar
elleo committed
78 79 80 81 82 83 84 85 86
	}
	if(empty($password)) {
		$errors .= "You must enter a password.<br />";
	}
	if($password != $passwordrepeat) {
		$errors .= "Your passwords do not match.<br />";
	}
	if(empty($email)) {
		$errors .= "You must enter an e-mail address.<br />";
jurgbohn's avatar
jurgbohn committed
87 88 89
	} else {
	    $validator = new EmailAddressValidator();
	    if (!$validator->check_email_address($email)) {
jurgbohn's avatar
jurgbohn committed
90
		$errors .= "You must provide a valid email address!<br />";
jurgbohn's avatar
jurgbohn committed
91
	    }
elleo's avatar
elleo committed
92 93 94
	}

	//Check this username is available
95
	$res = $mdb2->query("SELECT username FROM Users WHERE lower(username) = " . $mdb2->quote(strtolower($username)));
elleo's avatar
elleo committed
96 97 98 99
	if($res->numRows()) {
		$errors .= "Sorry, that username is already registered.<br />";
	}

jurgbohn's avatar
jurgbohn committed
100
	if(empty($errors)) {
elleo's avatar
elleo committed
101
		// Create the user
jurgbohn's avatar
jurgbohn committed
102
		$sql = "INSERT INTO Users (username, password, email, fullname, bio, location, created, active) VALUES ("
elleo's avatar
elleo committed
103 104 105 106 107 108
			. $mdb2->quote($username, "text") . ", "
			. $mdb2->quote(md5($password), "text") . ", "
			. $mdb2->quote($email, "text") . ", "
			. $mdb2->quote($fullname, "text") . ", "
			. $mdb2->quote($bio, "text") . ", "
			. $mdb2->quote($location, "text") . ", "
jurgbohn's avatar
jurgbohn committed
109
			. time() . ", 0)";
jurgbohn's avatar
jurgbohn committed
110 111
		$insert = $mdb2->exec($sql);
		if (PEAR::isError($insert)) {
jurgbohn's avatar
jurgbohn committed
112
		    reportError("Create user, insert, register.php", $res->getUserInfo());
jurgbohn's avatar
jurgbohn committed
113
		    $errors .= "An error occurred.";
jurgbohn's avatar
Testfix  
jurgbohn committed
114
		    $smarty->assign('errors', $errors);
jurgbohn's avatar
jurgbohn committed
115 116 117
		    $smarty->display('error.tpl');
		    die();
		}
jurgbohn's avatar
jurgbohn committed
118 119 120 121 122 123 124 125

		$code = md5($username . time());
		$sql = "INSERT INTO AccountActivation (username, authcode) VALUES("
			. $mdb2->quote($username, 'text') . ", "
			. $mdb2->quote($code, 'text') . ")";
		$res = $mdb2->exec($sql);

		if (PEAR::isError($res)) {
jurgbohn's avatar
jurgbohn committed
126
		    reportError("AccountActivation, insert, register.php", $res->getUserInfo());
jurgbohn's avatar
jurgbohn committed
127
		    $errors .= "An error occurred.";
jurgbohn's avatar
Testfix  
jurgbohn committed
128
		    $smarty->assign('errors', $errors);
jurgbohn's avatar
jurgbohn committed
129 130 131 132 133 134 135 136 137 138
		    $smarty->display('error.tpl');
		    die();
		}

		$url = $base_url . "/register.php?auth=" . $code;
		$content = "Hi!\n\nSomeone from the IP-address " . $_SERVER['REMOTE_ADDR'] . " registered an account "
		    . "@ http://alpha.libre.fm. If this was you, please visit the webpage specified below to activate "
		    . "your account. If not, please disregard this email.\n\n" . $url . "\n\n- The Libre.fm Team";
		sendEmail($content, $email);

elleo's avatar
elleo committed
139
		// Remove auth code and set their username as the invitee
jurgbohn's avatar
jurgbohn committed
140 141 142
		//$mdb2->query("UPDATE Invitations SET code = NULL, invitee = " . $mdb2->quote($username, "text") . " WHERE code = " . $mdb2->quote($authcode, "text"));
		//$removesql = "DELETE FROM Invitation_Request WHERE email=" . $mdb2->quote($email, 'text');
		//$mdb2->exec($removesql);
elleo's avatar
elleo committed
143 144 145 146 147 148 149
		$smarty->assign("registered", true);
	} else {
		$smarty->assign("username", $username);
		$smarty->assign("fullname", $fullname);
		$smarty->assign("email", $email);
		$smarty->assign("location", $location);
		$smarty->assign("bio", $bio);
jurgbohn's avatar
jurgbohn committed
150
		$smarty->assign("errors", $errors);
elleo's avatar
elleo committed
151 152
	}
}
jurgbohn's avatar
jurgbohn committed
153 154
//$smarty->assign("invalid_authcode", $invalid_authcode);
//$smarty->assign("authcode", $authcode);
elleo's avatar
elleo committed
155 156 157

$smarty->display("register.tpl");
?>