source: trunk/register.php @ 1004

Last change on this file since 1004 was 1004, checked in by nikrou, 19 years ago

Improve security of sessions:

  • use only cookies to store session id on client side
  • use default php session system with database handler to store sessions on server side
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 3.7 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | branch        : BSF (Best So Far)
8// | file          : $RCSfile$
9// | last update   : $Date: 2006-01-15 13:45:42 +0000 (Sun, 15 Jan 2006) $
10// | last modifier : $Author: nikrou $
11// | revision      : $Revision: 1004 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27
28//----------------------------------------------------------- include
29define('PHPWG_ROOT_PATH','./');
30include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
31//----------------------------------------------------------- user registration
32$errors = array();
33if (isset($_POST['submit']))
34{
35  if ($_POST['password'] != $_POST['password_conf'])
36  {
37    array_push($errors, $lang['reg_err_pass']);
38  }
39 
40  $errors =
41    array_merge(
42      $errors,
43      register_user($_POST['login'],
44                    $_POST['password'],
45                    $_POST['mail_address'])
46      );
47 
48  if (count($errors) == 0)
49  {
50    $user_id = get_userid($_POST['login']);
51    $session_id = session_create($user_id, $conf['session_length']);
52    $url = 'category.php?id='.$session_id;
53    redirect($url);
54  }
55}
56
57$login = !empty($_POST['login'])?$_POST['login']:'';
58$email = !empty($_POST['mail_address'])?$_POST['mail_address']:'';
59
60//----------------------------------------------------- template initialization
61//
62// Start output of page
63//
64$title= $lang['register_page_title'];
65$page['body_id'] = 'theRegisterPage';
66include(PHPWG_ROOT_PATH.'include/page_header.php');
67
68$template->set_filenames( array('register'=>'register.tpl') );
69$template->assign_vars(array(
70  'L_TITLE' => $lang['register_title'],
71  'L_GUEST' => $lang['ident_guest_visit'],
72  'L_SUBMIT' => $lang['submit'],
73  'L_USERNAME' => $lang['login'],
74  'L_PASSWORD' => $lang['password'],
75  'L_CONFIRM_PASSWORD' => $lang['reg_confirm'],
76  'L_EMAIL' => $lang['mail_address'],
77
78  'U_HOME' => PHPWG_ROOT_PATH.'category.php',
79 
80  'F_ACTION' => 'register.php',
81  'F_LOGIN' => $login,
82  'F_EMAIL' => $email
83  ));
84
85//-------------------------------------------------------------- errors display
86if ( sizeof( $errors ) != 0 )
87{
88  $template->assign_block_vars('errors',array());
89  for ( $i = 0; $i < sizeof( $errors ); $i++ )
90  {
91    $template->assign_block_vars('errors.error',array('ERROR'=>$errors[$i]));
92  }
93}
94
95$template->parse('register');
96include(PHPWG_ROOT_PATH.'include/page_tail.php');
97?>
Note: See TracBrowser for help on using the repository browser.