source: branches/2.5/register.php @ 27558

Last change on this file since 27558 was 25149, checked in by flop25, 10 years ago

bug:2948 The registration can be done without typing a password
hotfix for 2.5.3

  • Property svn:eol-style set to LF
File size: 5.3 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2013 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24//----------------------------------------------------------- include
25define('PHPWG_ROOT_PATH','./');
26include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
27
28// +-----------------------------------------------------------------------+
29// | Check Access and exit when user status is not ok                      |
30// +-----------------------------------------------------------------------+
31check_status(ACCESS_FREE);
32
33//----------------------------------------------------------- user registration
34
35if (!$conf['allow_user_registration'])
36{
37  page_forbidden('User registration closed');
38}
39
40trigger_action('loc_begin_register');
41
42if (isset($_POST['submit']))
43{
44  if (!verify_ephemeral_key(@$_POST['key']))
45  {
46                set_status_header(403);
47    array_push($page['errors'], 'Invalid/expired form key');
48  }
49
50  if ($_POST['password'] != $_POST['password_conf'] or empty($_POST['password']))
51  {
52    array_push($page['errors'], l10n('please enter your password again'));
53  }
54
55  $page['errors'] =
56      register_user($_POST['login'],
57                    $_POST['password'],
58                    $_POST['mail_address'],
59                    true,
60                    $page['errors']);
61
62  if (count($page['errors']) == 0)
63  {
64    // email notification
65    if (isset($_POST['send_password_by_mail']) and isset($_POST['mail_address']))
66    {
67      include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
68           
69      $keyargs_content = array(
70        get_l10n_args('Hello %s,', $_POST['login']),
71        get_l10n_args('Thank you for registering at %s!', $conf['gallery_title']),
72        get_l10n_args('', ''),
73        get_l10n_args('Here are your connection settings', ''),
74        get_l10n_args('Username: %s', $_POST['login']),
75        get_l10n_args('Password: %s', $_POST['password']),
76        get_l10n_args('Email: %s', $_POST['mail_address']),
77        get_l10n_args('', ''),
78        get_l10n_args('If you think you\'ve received this email in error, please contact us at %s', get_webmaster_mail_address()),
79        );
80       
81      pwg_mail(
82        $_POST['mail_address'],
83        array(
84          'subject' => '['.$conf['gallery_title'].'] '.l10n('Registration'),
85          'content' => l10n_args($keyargs_content),
86          'content_format' => 'text/plain',
87          )
88        );
89       
90      $_SESSION['page_infos'][] = l10n('Successfully registered, you will soon receive an email with your connection settings. Welcome!');
91    }
92   
93    // log user and redirect
94    $user_id = get_userid($_POST['login']);
95    log_user($user_id, false);
96    redirect(make_index_url());
97  }
98        $registration_post_key = get_ephemeral_key(2);
99}
100else
101{
102        $registration_post_key = get_ephemeral_key(6);
103}
104
105$login = !empty($_POST['login'])?htmlspecialchars(stripslashes($_POST['login'])):'';
106$email = !empty($_POST['mail_address'])?htmlspecialchars(stripslashes($_POST['mail_address'])):'';
107
108//----------------------------------------------------- template initialization
109//
110// Start output of page
111//
112$title= l10n('Registration');
113$page['body_id'] = 'theRegisterPage';
114
115$template->set_filenames( array('register'=>'register.tpl') );
116$template->assign(array(
117  'U_HOME' => make_index_url(),
118        'F_KEY' => $registration_post_key,
119  'F_ACTION' => 'register.php',
120  'F_LOGIN' => $login,
121  'F_EMAIL' => $email,
122  'obligatory_user_mail_address' => $conf['obligatory_user_mail_address'],
123  ));
124
125// include menubar
126$themeconf = $template->get_template_vars('themeconf');
127if (!isset($themeconf['hide_menu_on']) OR !in_array('theRegisterPage', $themeconf['hide_menu_on']))
128{
129  include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
130}
131
132include(PHPWG_ROOT_PATH.'include/page_header.php');
133trigger_action('loc_end_register');
134flush_page_messages();
135$template->parse('register');
136include(PHPWG_ROOT_PATH.'include/page_tail.php');
137?>
Note: See TracBrowser for help on using the repository browser.