From e5ecfa7c34631155932265ccadd130f7c9debde4 Mon Sep 17 00:00:00 2001
From: Michael <heluecht@pirati.ca>
Date: Fri, 17 Jan 2020 07:02:59 +0000
Subject: [PATCH] Additional accounts can now be created easily

---
 src/Module/Register.php                | 61 +++++++++++++++++++++++---
 view/theme/frio/templates/register.tpl | 36 +++++++++------
 2 files changed, 78 insertions(+), 19 deletions(-)

diff --git a/src/Module/Register.php b/src/Module/Register.php
index bd0858ee3b..a154989737 100644
--- a/src/Module/Register.php
+++ b/src/Module/Register.php
@@ -43,12 +43,20 @@ class Register extends BaseModule
 		// 'block_extended_register' blocks all registrations, period.
 		$block = Config::get('system', 'block_extended_register');
 
-		if (local_user() && ($block)) {
+		if (local_user() && $block) {
 			notice('Permission denied.' . EOL);
 			return '';
 		}
 
-		if ((!local_user()) && (intval(Config::get('config', 'register_policy')) === self::CLOSED)) {
+		if (local_user()) {
+			$user = DBA::selectFirst('user', ['parent-uid'], ['uid' => local_user()]);
+			if (!empty($user['parent-uid'])) {
+				notice('Only parent users can create additional profiles.');
+				return '';
+			}
+		}
+
+		if (!local_user() && (intval(Config::get('config', 'register_policy')) === self::CLOSED)) {
 			notice('Permission denied.' . EOL);
 			return '';
 		}
@@ -70,7 +78,7 @@ class Register extends BaseModule
 		$photo      = $_REQUEST['photo']      ?? '';
 		$invite_id  = $_REQUEST['invite_id']  ?? '';
 
-		if (Config::get('system', 'no_openid')) {
+		if (local_user() || Config::get('system', 'no_openid')) {
 			$fillwith = '';
 			$fillext  = '';
 			$oidlabel = '';
@@ -94,7 +102,7 @@ class Register extends BaseModule
 			]);
 		}
 
-		$ask_password = ! DBA::count('contact');
+		$ask_password = !DBA::count('contact');
 
 		$tpl = Renderer::getMarkupTemplate('register.tpl');
 
@@ -142,7 +150,10 @@ class Register extends BaseModule
 			'$privstatement'=> $tos->privacy_complete,
 			'$form_security_token' => BaseModule::getFormSecurityToken('register'),
 			'$explicit_content' => Config::get('system', 'explicit_content', false),
-			'$explicit_content_note' => L10n::t('Note: This node explicitly contains adult content')
+			'$explicit_content_note' => L10n::t('Note: This node explicitly contains adult content'),
+			'$additional'   => !empty(local_user()),
+			'$parent_password' => ['parent_password', L10n::t('Parent Password:'), '', L10n::t('Please enter the password of the parent account to legitimize your request.')]
+
 		]);
 
 		return $o;
@@ -163,6 +174,26 @@ class Register extends BaseModule
 		$arr = ['post' => $_POST];
 		Hook::callAll('register_post', $arr);
 
+		$additional_account = false;
+
+		if (!local_user() && !empty($arr['post']['parent_password'])) {
+			notice(L10n::t('Permission denied.') . EOL);
+			return;
+		} elseif (local_user() && !empty($arr['post']['parent_password'])) {
+			try {
+				Model\User::getIdFromPasswordAuthentication(local_user(), $arr['post']['parent_password']);
+			} catch (\Exception $ex) {
+				notice(L10n::t("Password doesn't match"));
+				$regdata = ['nickname' => $arr['post']['nickname'], 'username' => $arr['post']['username']];
+				DI::baseUrl()->redirect('register?' . http_build_query($regdata));
+			}
+			$additional_account = true;
+		} elseif (local_user()) {
+			notice(L10n::t('Please enter your password'));
+			$regdata = ['nickname' => $arr['post']['nickname'], 'username' => $arr['post']['username']];
+			DI::baseUrl()->redirect('register?' . http_build_query($regdata));
+		}
+
 		$max_dailies = intval(Config::get('system', 'max_daily_registrations'));
 		if ($max_dailies) {
 			$count = DBA::count('user', ['`register_date` > UTC_TIMESTAMP - INTERVAL 1 day']);
@@ -208,6 +239,20 @@ class Register extends BaseModule
 		// Overwriting the "tar pit" field with the real one
 		$arr['email'] = $arr['field1'];
 
+		if ($additional_account) {
+			$user = DBA::selectFirst('user', ['email'], ['uid' => local_user()]);
+			if (!DBA::isResult($user)) {
+				notice(L10n::t('User not found'));
+				DI::baseUrl()->redirect('register');
+			}
+
+			$blocked = 0;
+			$verified = 1;
+
+			$arr['password1'] = $arr['confirm'] = $arr['parent_password'];
+			$arr['repeat'] = $arr['email'] = $user['email'];
+		}
+
 		if ($arr['email'] != $arr['repeat']) {
 			Logger::info('Mail mismatch', $arr);
 			notice(L10n::t('Please enter the identical mail address in the second field.'));
@@ -235,6 +280,12 @@ class Register extends BaseModule
 			Worker::add(PRIORITY_LOW, 'Directory', $url);
 		}
 
+		if ($additional_account) {
+			DBA::update('user', ['parent-uid' => local_user()], ['uid' => $user['uid']]);
+			info(L10n::t('The additional account was created.'));
+			DI::baseUrl()->redirect('delegation');
+		}
+
 		$using_invites = Config::get('system', 'invitation_only');
 		$num_invites   = Config::get('system', 'number_invites');
 		$invite_id = (!empty($_POST['invite_id']) ? Strings::escapeTags(trim($_POST['invite_id'])) : '');
diff --git a/view/theme/frio/templates/register.tpl b/view/theme/frio/templates/register.tpl
index 3bc6c83787..c2ac174361 100644
--- a/view/theme/frio/templates/register.tpl
+++ b/view/theme/frio/templates/register.tpl
@@ -36,17 +36,19 @@
 		<div id="register-name-end" ></div>
 
 
-		<div id="register-email-wrapper" class="form-group">
-			<label for="register-email" id="label-register-email" >{{$addrlabel}}</label>
-			<input type="text" maxlength="60" size="32" name="field1" id="register-email" class="form-control" value="{{$email}}" required>
-		</div>
-		<div id="register-email-end" ></div>
+		{{if !$additional}}
+			<div id="register-email-wrapper" class="form-group">
+				<label for="register-email" id="label-register-email" >{{$addrlabel}}</label>
+				<input type="text" maxlength="60" size="32" name="field1" id="register-email" class="form-control" value="{{$email}}" required>
+			</div>
+			<div id="register-email-end" ></div>
 
-		<div id="register-repeat-wrapper" class="form-group">
-			<label for="register-repeat" id="label-register-repeat" >{{$addrlabel2}}</label>
-			<input type="text" maxlength="60" size="32" name="repeat" id="register-repeat" class="form-control" value="" required>
-		</div>
-		<div id="register-repeat-end" ></div>
+			<div id="register-repeat-wrapper" class="form-group">
+				<label for="register-repeat" id="label-register-repeat" >{{$addrlabel2}}</label>
+				<input type="text" maxlength="60" size="32" name="repeat" id="register-repeat" class="form-control" value="" required>
+			</div>
+			<div id="register-repeat-end" ></div>
+		{{/if}}
 
 		{{if $ask_password}}
 		{{include file="field_password.tpl" field=$password1}}
@@ -60,6 +62,10 @@
 		</div>
 		<div id="register-nickname-end" ></div>
 
+		{{if $additional}}
+			{{include file="field_password.tpl" field=$parent_password}}
+		{{/if}}
+
 		<input type="input" id=tarpit" name="email" style="display: none;" placeholder="Don't enter anything here"/>
 
 		{{if $permonly}}
@@ -83,9 +89,11 @@
 		</div>
 		<div id="register-submit-end" class="clear"></div>
 
-		<h3>{{$importh}}</h3>
-		<div id ="import-profile">
-			<a href="uimport">{{$importt}}</a>
-		</div>
+		{{if !$additional}}
+			<h3>{{$importh}}</h3>
+			<div id ="import-profile">
+				<a href="uimport">{{$importt}}</a>
+			</div>
+		{{/if}}
 	</form>
 </div>