From 864e7e690fd08106bd514c8899faa6c4a77bfbee Mon Sep 17 00:00:00 2001 From: Mike Macgirvin Date: Wed, 28 Jul 2010 23:15:10 -0700 Subject: [PATCH] verified registrations working --- database.sql | 10 +++++ mod/register.php | 50 +++++++++++++++++---- mod/regmod.php | 85 ++++++++++++++++++++++++++++++++++++ view/register_verify_eml.tpl | 26 +++++++++++ 4 files changed, 163 insertions(+), 8 deletions(-) create mode 100644 mod/regmod.php create mode 100644 view/register_verify_eml.tpl diff --git a/database.sql b/database.sql index 55dcaeb131..ca94857775 100644 --- a/database.sql +++ b/database.sql @@ -316,3 +316,13 @@ CREATE TABLE IF NOT EXISTS `user` ( `pwdreset` char(255) NOT NULL, PRIMARY KEY (`uid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; + + +CREATE TABLE IF NOT EXISTS `register` ( + `id` INT(11) UNSIGNED NOT NULL AUTO_INCREMENT, + `hash` CHAR( 255 ) NOT NULL , + `created` DATETIME NOT NULL , + `uid` INT(11) UNSIGNED NOT NULL, + `password` CHAR(255) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE = MYISAM DEFAULT CHARSET=utf8; \ No newline at end of file diff --git a/mod/register.php b/mod/register.php index 5e132d5840..f74f571463 100644 --- a/mod/register.php +++ b/mod/register.php @@ -14,9 +14,9 @@ function register_post(&$a) { $verified = 1; break; - case REGISTER_VERIFY: + case REGISTER_APPROVE: $blocked = 1; - $verify = 0; + $verified = 0; break; default: @@ -168,14 +168,48 @@ function register_post(&$a) { $res = mail($email,"Registration details for {$a->config['sitename']}",$email_tpl,"From: Administrator@{$_SERVER[SERVER_NAME]}"); - } - if($res) { - notice( "Registration successful. Please check your email for further instructions." . EOL ) ; - goaway($a->get_baseurl()); + if($res) { + notice( "Registration successful. Please check your email for further instructions." . EOL ) ; + goaway($a->get_baseurl()); + } + else { + notice( "Failed to send email message. Here is the message that failed. $email_tpl " . EOL ); + } } - else { - notice( "Failed to send email message. Here is the message that failed. $email_tpl " . EOL ); + elseif($a->config['register_policy'] == REGISTER_APPROVE) { + if(! strlen($a->config['admin_email'])) { + notice( t('Your registration can not be processed.') . EOL); + goaway($a->get_baseurl()); + } + + $hash = random_string(); + $r = q("INSERT INTO `register` ( `hash`, `created`, `uid`, `password` ) VALUES ( '%s', '%s', %d, '%s' ) ", + dbesc($hash), + dbesc(datetime_convert()), + intval($newuid), + dbesc($new_password) + ); + + $email_tpl = file_get_contents("view/register_verify_eml.tpl"); + $email_tpl = replace_macros($email_tpl, array( + '$sitename' => $a->config['sitename'], + '$siteurl' => $a->get_baseurl(), + '$username' => $username, + '$email' => $email, + '$password' => $new_password, + '$uid' => $newuid, + '$hash' => $hash + )); + + $res = mail($a->config['admin_email'],"Registration request at {$a->config['sitename']}", + $email_tpl,"From: Administrator@{$_SERVER[SERVER_NAME]}"); + + if($res) { + notice( "Your registration is pending approval by the site owner." . EOL ) ; + goaway($a->get_baseurl()); + } + } return; diff --git a/mod/regmod.php b/mod/regmod.php new file mode 100644 index 0000000000..f2c3cb8079 --- /dev/null +++ b/mod/regmod.php @@ -0,0 +1,85 @@ +config['register_policy'] == REGISTER_CLOSED) ? 0 : 1); + return $o; + } + + if($a->argc != 3) + killme(); + + $cmd = $a->argv[1]; + $hash = $a->argv[2]; + + + $register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1", + dbesc($hash) + ); + + + if(! count($register)) + killme(); + + if($cmd == 'deny') { + + $r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1", + intval($register[0]['uid']) + ); + $r = q("DELETE FROM `contact` WHERE `uid` = %d", + intval($register[0]['uid']) + ); + $r = q("DELETE FROM `profile` WHERE `uid` = %d", + intval($register[0]['uid']) + ); + + $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1", + dbesc($register[0]['hash']) + ); + notice( t('Registration revoked.') . EOL); + return; + + } + + if($cmd == 'allow') { + + $user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", + intval($register[0]['uid']) + ); + if(! count($user)) + killme(); + + $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1", + dbesc($register[0]['hash']) + ); + + + $r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1", + intval($register[0]['uid']) + ); + + $email_tpl = file_get_contents("view/register_open_eml.tpl"); + $email_tpl = replace_macros($email_tpl, array( + '$sitename' => $a->config['sitename'], + '$siteurl' => $a->get_baseurl(), + '$username' => $user[0]['username'], + '$email' => $user[0]['email'], + '$password' => $register[0]['password'], + '$uid' => $user[0]['uid'] + )); + + $res = mail($user[0]['email'], t('Registration details for '). $a->config['sitename'], + $email_tpl,'From: ' . t('Administrator@') . $_SERVER[SERVER_NAME] ); + + + if($res) { + notice( t('Account approved.') . EOL ); + return; + } + + } +} \ No newline at end of file diff --git a/view/register_verify_eml.tpl b/view/register_verify_eml.tpl new file mode 100644 index 0000000000..60c38d8000 --- /dev/null +++ b/view/register_verify_eml.tpl @@ -0,0 +1,26 @@ + +A new user registration request was received at $sitename which requires +your approval. + + +The login details are as follows: + +Full Name: $username +Site Location: $siteurl +Login Name: $email + + +To approve this request please visit the following link: + + +$siteurl/regmod/allow/$hash + + +To deny the request and remove the account, please visit: + + +$siteurl/regmod/deny/$hash + + +Thank you. +