We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

register.php 5.91 KB
Newer Older
mattl's avatar
mattl committed
1 2
<?php

mattl's avatar
mattl committed
3 4
/* Libre.fm -- a free network service for sharing your music listening habits

5
   Copyright (C) 2009 Free Software Foundation, Inc
mattl's avatar
mattl committed
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

   This program is free software: you can redistribute it and/or modify
   it under the terms of the GNU Affero General Public License as published by
   the Free Software Foundation, either version 3 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU Affero General Public License for more details.

   You should have received a copy of the GNU Affero General Public License
   along with this program.  If not, see <http://www.gnu.org/licenses/>.

*/

22
require_once('database.php');
elleo's avatar
elleo committed
23 24
require_once('templating.php');
require_once('utils/EmailAddressValidator.php');
jurgbohn's avatar
jurgbohn committed
25

26
if($logged_in == true){
elleo's avatar
elleo committed
27
	header('Location: index.php');
28 29
} else {

jurgbohn's avatar
jurgbohn committed
30 31
// Moving to open alpha
/*$authcode = $_GET["authcode"];
elleo's avatar
elleo committed
32

33 34
$res = $adodb->GetRow('SELECT inviter FROM Invitations WHERE code = ' . $adodb->qstr($authcode));
if(!$res) {
elleo's avatar
elleo committed
35 36 37
	$invalid_authcode = true;
} else {
	$invalid_authcode = false;
jurgbohn's avatar
jurgbohn committed
38
}*/
jurgbohn's avatar
jurgbohn committed
39 40 41 42 43 44 45
function sendEmail($text, $email) {
        $headers = 'From: Libre.fm Account Activation <account@libre.fm>';
	$subject = 'Libre.fm Account Activation - Action needed!';
	mail($email, $subject, $text, $headers);
}
if(isset($_GET['auth'])) {
	$authcode = $_GET['auth'];
clint's avatar
clint committed
46 47 48 49 50
	$adodb->SetFetchMode(ADODB_FETCH_ASSOC);
	try {
	$row = $adodb->GetRow('SELECT * FROM AccountActivation WHERE authcode = ' . $adodb->qstr($authcode));
	}
	catch (exception $e) {
elleo's avatar
elleo committed
51
		$errors = 'Unknown activationcode.';
jurgbohn's avatar
jurgbohn committed
52 53 54 55 56
		$smarty->assign('errors', $errors);
		$smarty->display('error.tpl');
		die();
	}

57 58
	$sql_update = 'UPDATE Users SET active = 1 WHERE username = ' . $adodb->qstr($row['username']);
	$sql_delete = 'DELETE FROM AccountActivation WHERE authcode = ' . $adodb->qstr($authcode);
clint's avatar
clint committed
59
	try {
60 61
		$res = $adodb->Execute($sql_update);
		$res = $adodb->Execute($sql_delete);
clint's avatar
clint committed
62 63 64
	}
	catch (exception $e) {
	    $errors = 'Error: ' . $e->getMessage();
jurgbohn's avatar
jurgbohn committed
65 66 67 68
	    $smarty->assign('errors', $errors);
	    $smarty->display('error.tpl');
	    die();
	}
jurgbohn's avatar
jurgbohn committed
69 70
	$smarty->assign('activated', true);
}
elleo's avatar
elleo committed
71 72 73

if(isset($_POST['register'])) {

elleo's avatar
elleo committed
74
	$errors = '';
elleo's avatar
elleo committed
75 76 77 78 79 80 81 82 83 84
	$username = $_POST['username'];
	$password = $_POST['password'];
	$passwordrepeat = $_POST['password-repeat'];
	$fullname = $_POST['fullname'];
	$email = $_POST['email'];
	$location = $_POST['location'];
	$bio = $_POST['bio'];


	//Basic validation
85 86
	if(!preg_match('/^[a-zA-Z0-9][a-zA-Z0-9_]{1,14}[a-zA-Z0-9]$/', $username)) {
		$errors .= 'Your username must be at least 3 characters in length (max 16) and only consist of <i>a-z, A-Z, 0-9</i> and _ (underscore), and may not begin or end with an underscore.<br />';
elleo's avatar
elleo committed
87 88
	}
	if(empty($password)) {
elleo's avatar
elleo committed
89
		$errors .= 'You must enter a password.<br />';
elleo's avatar
elleo committed
90 91
	}
	if($password != $passwordrepeat) {
elleo's avatar
elleo committed
92
		$errors .= 'Your passwords do not match.<br />';
elleo's avatar
elleo committed
93 94
	}
	if(empty($email)) {
elleo's avatar
elleo committed
95
		$errors .= 'You must enter an e-mail address.<br />';
jurgbohn's avatar
jurgbohn committed
96 97 98
	} else {
	    $validator = new EmailAddressValidator();
	    if (!$validator->check_email_address($email)) {
elleo's avatar
elleo committed
99
		$errors .= 'You must provide a valid email address!<br />';
jurgbohn's avatar
jurgbohn committed
100
	    }
elleo's avatar
elleo committed
101 102 103
	}

	//Check this username is available
clint's avatar
clint committed
104 105 106 107 108 109 110
	try {
		$res = $adodb->GetOne('SELECT username FROM Users WHERE lower(username) = ' . $adodb->qstr(strtolower($username)));
	}
	catch (exception $e) {
		$errors .= 'Database error.<br />';
	}
	if($res) {
elleo's avatar
elleo committed
111
		$errors .= 'Sorry, that username is already registered.<br />';
elleo's avatar
elleo committed
112 113
	}

jurgbohn's avatar
jurgbohn committed
114
	if(empty($errors)) {
elleo's avatar
elleo committed
115
		// Create the user
116
		$sql = 'INSERT INTO Users (username, password, email, fullname, bio, location, active) VALUES ('
clint's avatar
clint committed
117 118 119 120 121
			. $adodb->qstr($username) . ', '
			. $adodb->qstr(md5($password)) . ', '
			. $adodb->qstr($email) . ', '
			. $adodb->qstr($fullname) . ', '
			. $adodb->qstr($bio) . ', '
122
			. $adodb->qstr($location) . ', 0)';
clint's avatar
clint committed
123 124 125 126 127
		try {
		$insert = $adodb->Execute($sql);
		}
		catch (exception $e) {
		    reportError('Create user, insert, register.php', $e->getMessage());
elleo's avatar
elleo committed
128
		    $errors .= 'An error occurred.';
jurgbohn's avatar
Testfix  
jurgbohn committed
129
		    $smarty->assign('errors', $errors);
jurgbohn's avatar
jurgbohn committed
130 131 132
		    $smarty->display('error.tpl');
		    die();
		}
jurgbohn's avatar
jurgbohn committed
133 134

		$code = md5($username . time());
135
		$sql = 'INSERT INTO AccountActivation (username, authcode, expires) VALUES('
clint's avatar
clint committed
136
			. $adodb->qstr($username) . ', '
137 138
			. $adodb->qstr($code) . ', '
			. (time()+(86400*2)) . ')';
clint's avatar
clint committed
139
		try {
140
			$res = $adodb->Execute($sql);
clint's avatar
clint committed
141 142 143
		}
		catch (exception $e) {
		    reportError('AccountActivation, insert, register.php', $e->getMessage());
elleo's avatar
elleo committed
144
		    $errors .= 'An error occurred.';
145
		    $errors .) "\n" . $e->getMessage();
jurgbohn's avatar
Testfix  
jurgbohn committed
146
		    $smarty->assign('errors', $errors);
jurgbohn's avatar
jurgbohn committed
147 148 149 150
		    $smarty->display('error.tpl');
		    die();
		}

elleo's avatar
elleo committed
151
		$url = $base_url . '/register.php?auth=' . $code;
152
		$content = "Hi!\n\nSomeone registered an account "
elleo's avatar
elleo committed
153
		    . "at http://alpha.libre.fm. If this was you, please visit the webpage specified below to activate "
154 155 156
		    . "your account within 48 hours, after which time all information provided by you and "
		    . "your activation code will be permanently deleted from our database. If you do not want to activate your account, "
		    . "please disregard this email.\n\n" . $url . "\n\n- The Libre.fm Team";
jurgbohn's avatar
jurgbohn committed
157 158
		sendEmail($content, $email);

elleo's avatar
elleo committed
159
		// Remove auth code and set their username as the invitee
160 161 162
		//$adodb->Execute("UPDATE Invitations SET code = NULL, invitee = " . $adodb->qstr($username) . " WHERE code = " . $adodb->qstr($authcode));
		//$removesql = "DELETE FROM Invitation_Request WHERE email=" . $adodb->qstr($email);
		//$adodb->Execute($removesql);
elleo's avatar
elleo committed
163
		$smarty->assign('registered', true);
elleo's avatar
elleo committed
164
	} else {
elleo's avatar
elleo committed
165 166 167 168 169 170
		$smarty->assign('username', $username);
		$smarty->assign('fullname', $fullname);
		$smarty->assign('email', $email);
		$smarty->assign('location', $location);
		$smarty->assign('bio', $bio);
		$smarty->assign('errors', $errors);
elleo's avatar
elleo committed
171 172
	}
}
jurgbohn's avatar
jurgbohn committed
173 174
//$smarty->assign("invalid_authcode", $invalid_authcode);
//$smarty->assign("authcode", $authcode);
elleo's avatar
elleo committed
175

elleo's avatar
elleo committed
176
$smarty->display('register.tpl');
177
}
elleo's avatar
elleo committed
178
?>