Tip: Click lines to highlight, hold ctrl/cmd to multi-select
includes/ucp/ucp_register.php (26-Jan @ 13:04)
Stop spambot registations on phpBB3.04 by replacing your old file with this one. Does not work on phpBB3.0. It adds a required, What is 5+2 question on your registration form.
Syntax Highlighted Code
- <?php
- /**
- *
- * @package ucp
- * @version $Id: ucp_register.php 8782 2008-08-23 17:20:55Z acydburn $
- * @copyright (c) 2005 phpBB Group
- * @license http://opensource.org/licenses/gpl-license.php GNU Public License
- *
- */
- /**
- * @ignore
- */
- {
- exit;
- }
- /**
- * ucp_register
- * Board registration
- * @package ucp
- */
- class ucp_register
- {
- var $u_action;
- function main($id, $mode)
- {
- //
- if ($config['require_activation'] == USER_ACTIVATION_DISABLE)
- {
- }
- include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
- $confirm_id = request_var('confirm_id', '');
- $change_lang = request_var('change_lang', '');
- $user_lang = request_var('lang', $user->lang_name);
- if ($agreed)
- {
- add_form_key('ucp_register');
- }
- else
- {
- add_form_key('ucp_register_terms');
- }
- if ($change_lang || $user_lang != $config['default_lang'])
- {
- {
- if ($change_lang)
- {
- $submit = false;
- // Setting back agreed to let the user view the agreement in his/her language
- }
- $user->lang_name = $lang = $use_lang;
- }
- else
- {
- $change_lang = '';
- $user_lang = $user->lang_name;
- }
- }
- $cp = new custom_profile();
- if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable']))
- {
- $add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : '';
- // If we change the language, we want to pass on some more possible parameter.
- if ($change_lang)
- {
- // We do not include the password
- 'username' => utf8_normalize_nfc(request_var('username', '', true)),
- 'confirm_code' => request_var('confirm_code', ''),
- 'confirm_id' => request_var('confirm_id', ''),
- 'lang' => $user->lang_name,
- 'tz' => request_var('tz', (float) $config['board_timezone']),
- ));
- }
- if ($coppa === false && $config['coppa_enable'])
- {
- $coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']);
- 'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=0' . $add_lang),
- 'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=1' . $add_lang),
- 'S_SHOW_COPPA' => true,
- 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
- 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang),
- ));
- }
- else
- {
- 'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()),
- 'S_SHOW_COPPA' => false,
- 'S_REGISTRATION' => true,
- 'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
- 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa),
- )
- );
- }
- $this->tpl_name = 'ucp_agreement';
- return;
- }
- // Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1
- if ($config['board_timezone'] == $timezone || $config['board_timezone'] == ($timezone - 1))
- {
- $timezone = ($is_dst) ? $timezone - 1 : $timezone;
- {
- $timezone = $config['board_timezone'];
- }
- }
- else
- {
- $is_dst = $config['board_dst'];
- $timezone = $config['board_timezone'];
- }
- //desbest edit: (look for math_question as that is the added edit)
- 'username' => utf8_normalize_nfc(request_var('username', '', true)),
- 'math_question' => request_var('math_question', '', true),
- 'new_password' => request_var('new_password', '', true),
- 'password_confirm' => request_var('password_confirm', '', true),
- 'confirm_code' => request_var('confirm_code', ''),
- 'tz' => request_var('tz', (float) $timezone),
- );
- // Check and initialize some variables if needed
- if ($submit)
- {
- ));
- if (!check_form_key('ucp_register'))
- {
- $error[] = $user->lang['FORM_INVALID'];
- }
- //desbest edit starts
- if ($data['math_question'] != "7")
- {
- $error[] = "You silly spambot failed to get the question right";
- //echo "<h1>".$data['math_question']."question is wrong</h1>";
- //$error[] = $user->lang['MATH_QUESTION_ERROR'];
- }
- //desbest edit ends
- // Replace "error" strings with their real, localised form
- $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
- // DNSBL check
- if ($config['check_dnsbl'])
- {
- if (($dnsbl = $user->check_dnsbl('register')) !== false)
- {
- }
- }
- // validate custom profile fields
- $cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error);
- }
- //desbest edit: validation begins
- // Visual Confirmation handling
- $wrong_confirm = false;
- if ($config['enable_confirm'])
- {
- if (!$confirm_id)
- {
- $error[] = $user->lang['CONFIRM_CODE_WRONG'];
- $wrong_confirm = true;
- }
- else
- {
- $sql = 'SELECT code
- FROM ' . CONFIRM_TABLE . "
- WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
- AND session_id = '" . $db->sql_escape($user->session_id) . "'
- AND confirm_type = " . CONFIRM_REG;
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $db->sql_freeresult($result);
- if ($row)
- {
- {
- $sql = 'DELETE FROM ' . CONFIRM_TABLE . "
- WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
- AND session_id = '" . $db->sql_escape($user->session_id) . "'
- AND confirm_type = " . CONFIRM_REG;
- $db->sql_query($sql);
- }
- else
- {
- $error[] = $user->lang['CONFIRM_CODE_WRONG'];
- $wrong_confirm = true;
- }
- }
- else
- {
- $error[] = $user->lang['CONFIRM_CODE_WRONG'];
- $wrong_confirm = true;
- }
- }
- }
- //desbest edit
- //$damath = $user->lang['MATH_QUESTION_ERROR']; /* print_r($user->lang); */ exit();
- {
- if ($data['new_password'] != $data['password_confirm'])
- {
- $error[] = $user->lang['NEW_PASSWORD_ERROR'];
- }
- if ($data['email'] != $data['email_confirm'])
- {
- $error[] = $user->lang['NEW_EMAIL_ERROR'];
- }
- {
- $server_url = generate_board_url();
- // Which group by default?
- $group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED';
- $sql = 'SELECT group_id
- FROM ' . GROUPS_TABLE . "
- WHERE group_name = '" . $db->sql_escape($group_name) . "'
- AND group_type = " . GROUP_SPECIAL;
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $db->sql_freeresult($result);
- if (!$row)
- {
- }
- $group_id = $row['group_id'];
- if (($coppa ||
- $config['require_activation'] == USER_ACTIVATION_SELF ||
- $config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable'])
- {
- $user_actkey = gen_rand_string(10);
- $key_len = ($key_len < 6) ? 6 : $key_len;
- $user_type = USER_INACTIVE;
- $user_inactive_reason = INACTIVE_REGISTER;
- }
- else
- {
- $user_type = USER_NORMAL;
- $user_actkey = '';
- $user_inactive_reason = 0;
- $user_inactive_time = 0;
- }
- 'username' => $data['username'],
- 'user_password' => phpbb_hash($data['new_password']),
- 'user_email' => $data['email'],
- 'group_id' => (int) $group_id,
- 'user_timezone' => (float) $data['tz'],
- 'user_dst' => $is_dst,
- 'user_lang' => $data['lang'],
- 'user_type' => $user_type,
- 'user_actkey' => $user_actkey,
- 'user_ip' => $user->ip,
- 'user_inactive_reason' => $user_inactive_reason,
- 'user_inactive_time' => $user_inactive_time,
- );
- // Register user...
- $user_id = user_add($user_row, $cp_data);
- // This should not happen, because the required variables are listed above...
- if ($user_id === false)
- {
- }
- if ($coppa && $config['email_enable'])
- {
- $message = $user->lang['ACCOUNT_COPPA'];
- $email_template = 'coppa_welcome_inactive';
- }
- else if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable'])
- {
- $message = $user->lang['ACCOUNT_INACTIVE'];
- $email_template = 'user_welcome_inactive';
- }
- else if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable'])
- {
- $message = $user->lang['ACCOUNT_INACTIVE_ADMIN'];
- $email_template = 'admin_welcome_inactive';
- }
- else
- {
- $message = $user->lang['ACCOUNT_ADDED'];
- $email_template = 'user_welcome';
- }
- if ($config['email_enable'])
- {
- include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
- $messenger = new messenger(false);
- $messenger->template($email_template, $data['lang']);
- $messenger->to($data['email'], $data['username']);
- $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
- $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
- $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
- $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
- 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
- 'USERNAME' => htmlspecialchars_decode($data['username']),
- 'PASSWORD' => htmlspecialchars_decode($data['new_password']),
- 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
- );
- if ($coppa)
- {
- 'FAX_INFO' => $config['coppa_fax'],
- 'MAIL_INFO' => $config['coppa_mail'],
- 'EMAIL_ADDRESS' => $data['email'])
- );
- }
- $messenger->send(NOTIFY_EMAIL);
- if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
- {
- // Grab an array of user_id's with a_user permissions ... these users can activate a user
- $admin_ary = $auth->acl_get_list(false, 'a_user', false);
- // Also include founders
- $where_sql = ' WHERE user_type = ' . USER_FOUNDER;
- {
- $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary);
- }
- $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type
- FROM ' . USERS_TABLE . ' ' .
- $where_sql;
- $result = $db->sql_query($sql);
- while ($row = $db->sql_fetchrow($result))
- {
- $messenger->template('admin_activate', $row['user_lang']);
- $messenger->to($row['user_email'], $row['username']);
- $messenger->im($row['user_jabber'], $row['username']);
- 'USERNAME' => htmlspecialchars_decode($data['username']),
- 'U_USER_DETAILS' => "$server_url/memberlist.$phpEx?mode=viewprofile&u=$user_id",
- 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
- );
- $messenger->send($row['user_notify_type']);
- }
- $db->sql_freeresult($result);
- }
- }
- $message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
- }
- }
- 'agreed' => 'true',
- 'change_lang' => 0,
- );
- if ($config['coppa_enable'])
- {
- $s_hidden_fields['coppa'] = $coppa;
- }
- $s_hidden_fields = build_hidden_fields($s_hidden_fields);
- $confirm_image = '';
- // Visual Confirmation - Show images
- if ($config['enable_confirm'])
- {
- if ($change_lang)
- {
- $str = '&change_lang=' . $change_lang;
- $sql = 'SELECT code
- FROM ' . CONFIRM_TABLE . "
- WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
- AND session_id = '" . $db->sql_escape($user->session_id) . "'
- AND confirm_type = " . CONFIRM_REG;
- $result = $db->sql_query($sql);
- if (!$row = $db->sql_fetchrow($result))
- {
- $confirm_id = '';
- }
- $db->sql_freeresult($result);
- }
- else
- {
- $str = '';
- }
- if (!$change_lang || !$confirm_id)
- {
- $user->confirm_gc(CONFIRM_REG);
- $sql = 'SELECT COUNT(session_id) AS attempts
- FROM ' . CONFIRM_TABLE . "
- WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
- AND confirm_type = " . CONFIRM_REG;
- $result = $db->sql_query($sql);
- $attempts = (int) $db->sql_fetchfield('attempts');
- $db->sql_freeresult($result);
- if ($config['max_reg_attempts'] && $attempts > $config['max_reg_attempts'])
- {
- }
- // compute $seed % 0x7fffffff
- 'confirm_id' => (string) $confirm_id,
- 'session_id' => (string) $user->session_id,
- 'confirm_type' => (int) CONFIRM_REG,
- 'code' => (string) $code,
- 'seed' => (int) $seed)
- );
- $db->sql_query($sql);
- }
- $confirm_image = '<img src="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=confirm&id=' . $confirm_id . '&type=' . CONFIRM_REG . $str) . '" alt="" title="" />';
- $s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />';
- }
- //
- $l_reg_cond = '';
- switch ($config['require_activation'])
- {
- case USER_ACTIVATION_SELF:
- $l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE'];
- break;
- case USER_ACTIVATION_ADMIN:
- $l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE'];
- break;
- }
- 'USERNAME' => $data['username'],
- 'PASSWORD' => $data['new_password'],
- 'MATH_QUESTION' => $data['math_question'],
- 'PASSWORD_CONFIRM' => $data['password_confirm'],
- 'EMAIL' => $data['email'],
- 'EMAIL_CONFIRM' => $data['email_confirm'],
- 'CONFIRM_IMG' => $confirm_image,
- 'L_CONFIRM_EXPLAIN' => sprintf($user->lang['CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'),
- 'L_REG_COND' => $l_reg_cond,
- 'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
- 'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
- 'S_LANG_OPTIONS' => language_select($data['lang']),
- 'S_TZ_OPTIONS' => tz_select($data['tz']),
- 'S_CONFIRM_CODE' => ($config['enable_confirm']) ? true : false,
- 'S_COPPA' => $coppa,
- 'S_HIDDEN_FIELDS' => $s_hidden_fields,
- 'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),
- )
- );
- //
- // Generate profile fields -> Template Block Variable profile_fields
- $cp->generate_profile_fields('register', $user->get_iso_lang_id());
- //
- $this->tpl_name = 'ucp_register';
- $this->page_title = 'UCP_REGISTRATION';
- }
- }
- ?>
Plain Code
<?php
/**
*
* @package ucp
* @version $Id: ucp_register.php 8782 2008-08-23 17:20:55Z acydburn $
* @copyright (c) 2005 phpBB Group
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
/**
* @ignore
*/
if (!defined('IN_PHPBB'))
{
exit;
}
/**
* ucp_register
* Board registration
* @package ucp
*/
class ucp_register
{
var $u_action;
function main($id, $mode)
{
global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;
//
if ($config['require_activation'] == USER_ACTIVATION_DISABLE)
{
trigger_error('UCP_REGISTER_DISABLE');
}
include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
$confirm_id = request_var('confirm_id', '');
$coppa = (isset($_REQUEST['coppa'])) ? ((!empty($_REQUEST['coppa'])) ? 1 : 0) : false;
$agreed = (!empty($_POST['agreed'])) ? 1 : 0;
$submit = (isset($_POST['submit'])) ? true : false;
$change_lang = request_var('change_lang', '');
$user_lang = request_var('lang', $user->lang_name);
if ($agreed)
{
add_form_key('ucp_register');
}
else
{
add_form_key('ucp_register_terms');
}
if ($change_lang || $user_lang != $config['default_lang'])
{
$use_lang = ($change_lang) ? basename($change_lang) : basename($user_lang);
if (file_exists($user->lang_path . $use_lang . '/'))
{
if ($change_lang)
{
$submit = false;
// Setting back agreed to let the user view the agreement in his/her language
$agreed = (empty($_GET['change_lang'])) ? 0 : $agreed;
}
$user->lang_name = $lang = $use_lang;
$user->lang = array();
$user->add_lang(array('common', 'ucp'));
}
else
{
$change_lang = '';
$user_lang = $user->lang_name;
}
}
$cp = new custom_profile();
$error = $cp_data = $cp_error = array();
if (!$agreed || ($coppa === false && $config['coppa_enable']) || ($coppa && !$config['coppa_enable']))
{
$add_lang = ($change_lang) ? '&change_lang=' . urlencode($change_lang) : '';
$add_coppa = ($coppa !== false) ? '&coppa=' . $coppa : '';
$s_hidden_fields = ($confirm_id) ? array('confirm_id' => $confirm_id) : array();
// If we change the language, we want to pass on some more possible parameter.
if ($change_lang)
{
// We do not include the password
$s_hidden_fields = array_merge($s_hidden_fields, array(
'username' => utf8_normalize_nfc(request_var('username', '', true)),
'email' => strtolower(request_var('email', '')),
'email_confirm' => strtolower(request_var('email_confirm', '')),
'confirm_code' => request_var('confirm_code', ''),
'confirm_id' => request_var('confirm_id', ''),
'lang' => $user->lang_name,
'tz' => request_var('tz', (float) $config['board_timezone']),
));
}
if ($coppa === false && $config['coppa_enable'])
{
$now = getdate();
$coppa_birthday = $user->format_date(mktime($now['hours'] + $user->data['user_dst'], $now['minutes'], $now['seconds'], $now['mon'], $now['mday'] - 1, $now['year'] - 13), $user->lang['DATE_FORMAT']);
unset($now);
$template->assign_vars(array(
'L_COPPA_NO' => sprintf($user->lang['UCP_COPPA_BEFORE'], $coppa_birthday),
'L_COPPA_YES' => sprintf($user->lang['UCP_COPPA_ON_AFTER'], $coppa_birthday),
'U_COPPA_NO' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=0' . $add_lang),
'U_COPPA_YES' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register&coppa=1' . $add_lang),
'S_SHOW_COPPA' => true,
'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang),
));
}
else
{
$template->assign_vars(array(
'L_TERMS_OF_USE' => sprintf($user->lang['TERMS_OF_USE_CONTENT'], $config['sitename'], generate_board_url()),
'S_SHOW_COPPA' => false,
'S_REGISTRATION' => true,
'S_HIDDEN_FIELDS' => build_hidden_fields($s_hidden_fields),
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register' . $add_lang . $add_coppa),
)
);
}
$this->tpl_name = 'ucp_agreement';
return;
}
// Try to manually determine the timezone and adjust the dst if the server date/time complies with the default setting +/- 1
$timezone = date('Z') / 3600;
$is_dst = date('I');
if ($config['board_timezone'] == $timezone || $config['board_timezone'] == ($timezone - 1))
{
$timezone = ($is_dst) ? $timezone - 1 : $timezone;
if (!isset($user->lang['tz_zones'][(string) $timezone]))
{
$timezone = $config['board_timezone'];
}
}
else
{
$is_dst = $config['board_dst'];
$timezone = $config['board_timezone'];
}
//desbest edit: (look for math_question as that is the added edit)
$data = array(
'username' => utf8_normalize_nfc(request_var('username', '', true)),
'math_question' => request_var('math_question', '', true),
'new_password' => request_var('new_password', '', true),
'password_confirm' => request_var('password_confirm', '', true),
'email' => strtolower(request_var('email', '')),
'email_confirm' => strtolower(request_var('email_confirm', '')),
'confirm_code' => request_var('confirm_code', ''),
'lang' => basename(request_var('lang', $user->lang_name)),
'tz' => request_var('tz', (float) $timezone),
);
// Check and initialize some variables if needed
if ($submit)
{
$error = validate_data($data, array(
'username' => array(
array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('username', '')),
'new_password' => array(
array('string', false, $config['min_pass_chars'], $config['max_pass_chars']),
array('password')),
'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']),
'email' => array(
array('string', false, 6, 60),
array('email')),
'email_confirm' => array('string', false, 6, 60),
'confirm_code' => array('string', !$config['enable_confirm'], 5, 8),
'tz' => array('num', false, -14, 14),
'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
));
if (!check_form_key('ucp_register'))
{
$error[] = $user->lang['FORM_INVALID'];
}
//desbest edit starts
if ($data['math_question'] != "7")
{
$error[] = "You silly spambot failed to get the question right";
//echo "<h1>".$data['math_question']."question is wrong</h1>";
//$error[] = $user->lang['MATH_QUESTION_ERROR'];
}
//desbest edit ends
// Replace "error" strings with their real, localised form
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
// DNSBL check
if ($config['check_dnsbl'])
{
if (($dnsbl = $user->check_dnsbl('register')) !== false)
{
$error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
}
}
// validate custom profile fields
$cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error);
}
//desbest edit: validation begins
// Visual Confirmation handling
$wrong_confirm = false;
if ($config['enable_confirm'])
{
if (!$confirm_id)
{
$error[] = $user->lang['CONFIRM_CODE_WRONG'];
$wrong_confirm = true;
}
else
{
$sql = 'SELECT code
FROM ' . CONFIRM_TABLE . "
WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
AND session_id = '" . $db->sql_escape($user->session_id) . "'
AND confirm_type = " . CONFIRM_REG;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row)
{
if (strcasecmp($row['code'], $data['confirm_code']) === 0)
{
$sql = 'DELETE FROM ' . CONFIRM_TABLE . "
WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
AND session_id = '" . $db->sql_escape($user->session_id) . "'
AND confirm_type = " . CONFIRM_REG;
$db->sql_query($sql);
}
else
{
$error[] = $user->lang['CONFIRM_CODE_WRONG'];
$wrong_confirm = true;
}
}
else
{
$error[] = $user->lang['CONFIRM_CODE_WRONG'];
$wrong_confirm = true;
}
}
}
//desbest edit
//$damath = $user->lang['MATH_QUESTION_ERROR']; /* print_r($user->lang); */ exit();
if (!sizeof($error))
{
if ($data['new_password'] != $data['password_confirm'])
{
$error[] = $user->lang['NEW_PASSWORD_ERROR'];
}
if ($data['email'] != $data['email_confirm'])
{
$error[] = $user->lang['NEW_EMAIL_ERROR'];
}
if (!sizeof($error))
{
$server_url = generate_board_url();
// Which group by default?
$group_name = ($coppa) ? 'REGISTERED_COPPA' : 'REGISTERED';
$sql = 'SELECT group_id
FROM ' . GROUPS_TABLE . "
WHERE group_name = '" . $db->sql_escape($group_name) . "'
AND group_type = " . GROUP_SPECIAL;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$row)
{
trigger_error('NO_GROUP');
}
$group_id = $row['group_id'];
if (($coppa ||
$config['require_activation'] == USER_ACTIVATION_SELF ||
$config['require_activation'] == USER_ACTIVATION_ADMIN) && $config['email_enable'])
{
$user_actkey = gen_rand_string(10);
$key_len = 54 - (strlen($server_url));
$key_len = ($key_len < 6) ? 6 : $key_len;
$user_actkey = substr($user_actkey, 0, $key_len);
$user_type = USER_INACTIVE;
$user_inactive_reason = INACTIVE_REGISTER;
$user_inactive_time = time();
}
else
{
$user_type = USER_NORMAL;
$user_actkey = '';
$user_inactive_reason = 0;
$user_inactive_time = 0;
}
$user_row = array(
'username' => $data['username'],
'user_password' => phpbb_hash($data['new_password']),
'user_email' => $data['email'],
'group_id' => (int) $group_id,
'user_timezone' => (float) $data['tz'],
'user_dst' => $is_dst,
'user_lang' => $data['lang'],
'user_type' => $user_type,
'user_actkey' => $user_actkey,
'user_ip' => $user->ip,
'user_regdate' => time(),
'user_inactive_reason' => $user_inactive_reason,
'user_inactive_time' => $user_inactive_time,
);
// Register user...
$user_id = user_add($user_row, $cp_data);
// This should not happen, because the required variables are listed above...
if ($user_id === false)
{
trigger_error('NO_USER', E_USER_ERROR);
}
if ($coppa && $config['email_enable'])
{
$message = $user->lang['ACCOUNT_COPPA'];
$email_template = 'coppa_welcome_inactive';
}
else if ($config['require_activation'] == USER_ACTIVATION_SELF && $config['email_enable'])
{
$message = $user->lang['ACCOUNT_INACTIVE'];
$email_template = 'user_welcome_inactive';
}
else if ($config['require_activation'] == USER_ACTIVATION_ADMIN && $config['email_enable'])
{
$message = $user->lang['ACCOUNT_INACTIVE_ADMIN'];
$email_template = 'admin_welcome_inactive';
}
else
{
$message = $user->lang['ACCOUNT_ADDED'];
$email_template = 'user_welcome';
}
if ($config['email_enable'])
{
include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
$messenger = new messenger(false);
$messenger->template($email_template, $data['lang']);
$messenger->to($data['email'], $data['username']);
$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
$messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
$messenger->assign_vars(array(
'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
'USERNAME' => htmlspecialchars_decode($data['username']),
'PASSWORD' => htmlspecialchars_decode($data['new_password']),
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
);
if ($coppa)
{
$messenger->assign_vars(array(
'FAX_INFO' => $config['coppa_fax'],
'MAIL_INFO' => $config['coppa_mail'],
'EMAIL_ADDRESS' => $data['email'])
);
}
$messenger->send(NOTIFY_EMAIL);
if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
{
// Grab an array of user_id's with a_user permissions ... these users can activate a user
$admin_ary = $auth->acl_get_list(false, 'a_user', false);
$admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array();
// Also include founders
$where_sql = ' WHERE user_type = ' . USER_FOUNDER;
if (sizeof($admin_ary))
{
$where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary);
}
$sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type
FROM ' . USERS_TABLE . ' ' .
$where_sql;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$messenger->template('admin_activate', $row['user_lang']);
$messenger->to($row['user_email'], $row['username']);
$messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array(
'USERNAME' => htmlspecialchars_decode($data['username']),
'U_USER_DETAILS' => "$server_url/memberlist.$phpEx?mode=viewprofile&u=$user_id",
'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
);
$messenger->send($row['user_notify_type']);
}
$db->sql_freeresult($result);
}
}
$message = $message . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
trigger_error($message);
}
}
$s_hidden_fields = array(
'agreed' => 'true',
'change_lang' => 0,
);
if ($config['coppa_enable'])
{
$s_hidden_fields['coppa'] = $coppa;
}
$s_hidden_fields = build_hidden_fields($s_hidden_fields);
$confirm_image = '';
// Visual Confirmation - Show images
if ($config['enable_confirm'])
{
if ($change_lang)
{
$str = '&change_lang=' . $change_lang;
$sql = 'SELECT code
FROM ' . CONFIRM_TABLE . "
WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
AND session_id = '" . $db->sql_escape($user->session_id) . "'
AND confirm_type = " . CONFIRM_REG;
$result = $db->sql_query($sql);
if (!$row = $db->sql_fetchrow($result))
{
$confirm_id = '';
}
$db->sql_freeresult($result);
}
else
{
$str = '';
}
if (!$change_lang || !$confirm_id)
{
$user->confirm_gc(CONFIRM_REG);
$sql = 'SELECT COUNT(session_id) AS attempts
FROM ' . CONFIRM_TABLE . "
WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
AND confirm_type = " . CONFIRM_REG;
$result = $db->sql_query($sql);
$attempts = (int) $db->sql_fetchfield('attempts');
$db->sql_freeresult($result);
if ($config['max_reg_attempts'] && $attempts > $config['max_reg_attempts'])
{
trigger_error('TOO_MANY_REGISTERS');
}
$code = gen_rand_string(mt_rand(5, 8));
$confirm_id = md5(unique_id($user->ip));
$seed = hexdec(substr(unique_id(), 4, 10));
// compute $seed % 0x7fffffff
$seed -= 0x7fffffff * floor($seed / 0x7fffffff);
$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'confirm_id' => (string) $confirm_id,
'session_id' => (string) $user->session_id,
'confirm_type' => (int) CONFIRM_REG,
'code' => (string) $code,
'seed' => (int) $seed)
);
$db->sql_query($sql);
}
$confirm_image = '<img src="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=confirm&id=' . $confirm_id . '&type=' . CONFIRM_REG . $str) . '" alt="" title="" />';
$s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />';
}
//
$l_reg_cond = '';
switch ($config['require_activation'])
{
case USER_ACTIVATION_SELF:
$l_reg_cond = $user->lang['UCP_EMAIL_ACTIVATE'];
break;
case USER_ACTIVATION_ADMIN:
$l_reg_cond = $user->lang['UCP_ADMIN_ACTIVATE'];
break;
}
$template->assign_vars(array(
'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
'USERNAME' => $data['username'],
'PASSWORD' => $data['new_password'],
'MATH_QUESTION' => $data['math_question'],
'PASSWORD_CONFIRM' => $data['password_confirm'],
'EMAIL' => $data['email'],
'EMAIL_CONFIRM' => $data['email_confirm'],
'CONFIRM_IMG' => $confirm_image,
'L_CONFIRM_EXPLAIN' => sprintf($user->lang['CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'),
'L_REG_COND' => $l_reg_cond,
'L_USERNAME_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
'L_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
'S_LANG_OPTIONS' => language_select($data['lang']),
'S_TZ_OPTIONS' => tz_select($data['tz']),
'S_CONFIRM_CODE' => ($config['enable_confirm']) ? true : false,
'S_COPPA' => $coppa,
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_UCP_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),
)
);
//
$user->profile_fields = array();
// Generate profile fields -> Template Block Variable profile_fields
$cp->generate_profile_fields('register', $user->get_iso_lang_id());
//
$this->tpl_name = 'ucp_register';
$this->page_title = 'UCP_REGISTRATION';
}
}
?>