verified registrations working

database.sql

@@ -316,3 +316,13 @@ CREATE TABLE IF NOT EXISTS `user` (
   `pwdreset` char(255) NOT NULL,
   PRIMARY KEY (`uid`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8;
+
+
+CREATE TABLE IF NOT EXISTS `register` (
+  `id` INT(11) UNSIGNED NOT NULL AUTO_INCREMENT,
+  `hash` CHAR( 255 ) NOT NULL ,
+  `created` DATETIME NOT NULL ,
+  `uid` INT(11) UNSIGNED NOT NULL,
+  `password` CHAR(255) NOT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE = MYISAM DEFAULT CHARSET=utf8;

mod/register.php

@@ -14,9 +14,9 @@ function register_post(&$a) {
 		$verified = 1;
 		break;
 
-	case REGISTER_VERIFY:
+	case REGISTER_APPROVE:
 		$blocked = 1;
-		$verify = 0;
+		$verified = 0;
 		break;
 
 	default:
@@ -168,14 +168,48 @@ function register_post(&$a) {
 
 		$res = mail($email,"Registration details for {$a->config['sitename']}",$email_tpl,"From: Administrator@{$_SERVER[SERVER_NAME]}");
 
-	}
 
-	if($res) {
-		notice( "Registration successful. Please check your email for further instructions." . EOL ) ;
-		goaway($a->get_baseurl());
+		if($res) {
+			notice( "Registration successful. Please check your email for further instructions." . EOL ) ;
+			goaway($a->get_baseurl());
+		}
+		else {
+			notice( "Failed to send email message. Here is the message that failed. $email_tpl " . EOL );
+		}
 	}
-	else {
-		notice( "Failed to send email message. Here is the message that failed. $email_tpl " . EOL );
+	elseif($a->config['register_policy'] == REGISTER_APPROVE) {
+		if(! strlen($a->config['admin_email'])) {
+			notice( t('Your registration can not be processed.') . EOL);
+			goaway($a->get_baseurl());
+		}
+
+		$hash = random_string();
+		$r = q("INSERT INTO `register` ( `hash`, `created`, `uid`, `password` ) VALUES ( '%s', '%s', %d, '%s' ) ",
+			dbesc($hash),
+			dbesc(datetime_convert()),
+			intval($newuid),
+			dbesc($new_password)
+		);
+
+		$email_tpl = file_get_contents("view/register_verify_eml.tpl");
+		$email_tpl = replace_macros($email_tpl, array(
+				'$sitename' => $a->config['sitename'],
+				'$siteurl' =>  $a->get_baseurl(),
+				'$username' => $username,
+				'$email' => $email,
+				'$password' => $new_password,
+				'$uid' => $newuid,
+				'$hash' => $hash
+		 ));
+
+		$res = mail($a->config['admin_email'],"Registration request at {$a->config['sitename']}",
+			$email_tpl,"From: Administrator@{$_SERVER[SERVER_NAME]}");
+
+		if($res) {
+			notice( "Your registration is pending approval by the site owner." . EOL ) ;
+			goaway($a->get_baseurl());
+		}
+
 	}
 	
 	return;

mod/regmod.php

@@ -0,0 +1,85 @@
+<?php
+
+
+
+function regmod_content(&$a) {
+
+	if(! local_user()) {
+		notice( t('Please login.') . EOL);
+		$o = login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
+		return $o;
+	}
+
+	if($a->argc != 3)
+		killme();
+
+	$cmd = $a->argv[1];
+	$hash = $a->argv[2];
+
+
+	$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
+		dbesc($hash)
+	);
+
+
+	if(! count($register))
+		killme();
+
+	if($cmd == 'deny') {
+
+		$r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
+			intval($register[0]['uid'])
+		);
+		$r = q("DELETE FROM `contact` WHERE `uid` = %d",
+			intval($register[0]['uid'])
+		); 
+		$r = q("DELETE FROM `profile` WHERE `uid` = %d",
+			intval($register[0]['uid'])
+		); 
+
+		$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
+			dbesc($register[0]['hash'])
+		);
+		notice( t('Registration revoked.') . EOL);
+		return;
+
+	}
+
+	if($cmd == 'allow') {
+
+		$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
+			intval($register[0]['uid'])
+		);
+		if(! count($user))
+			killme();
+
+		$r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
+			dbesc($register[0]['hash'])
+		);
+
+
+		$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1",
+			intval($register[0]['uid'])
+		);
+		
+		$email_tpl = file_get_contents("view/register_open_eml.tpl");
+		$email_tpl = replace_macros($email_tpl, array(
+				'$sitename' => $a->config['sitename'],
+				'$siteurl' =>  $a->get_baseurl(),
+				'$username' => $user[0]['username'],
+				'$email' => $user[0]['email'],
+				'$password' => $register[0]['password'],
+				'$uid' => $user[0]['uid']
+		));
+
+		$res = mail($user[0]['email'], t('Registration details for '). $a->config['sitename'],
+			$email_tpl,'From: ' . t('Administrator@') . $_SERVER[SERVER_NAME] );
+
+
+		if($res) {
+			notice( t('Account approved.') . EOL );
+			return;
+		}
+
+	}
+}

view/register_verify_eml.tpl

@@ -0,0 +1,26 @@
+
+A new user registration request was received at $sitename which requires 
+your approval. 
+
+
+The login details are as follows:
+
+Full Name:	$username
+Site Location:	$siteurl
+Login Name:	$email
+
+
+To approve this request please visit the following link:
+
+
+$siteurl/regmod/allow/$hash 
+
+
+To deny the request and remove the account, please visit:
+
+
+$siteurl/regmod/deny/$hash
+
+
+Thank you.
+