https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r81: - Removed sanitize() call [register.php]
[bugdar.git] / register.php
1 <?php
2 /*=====================================================================*\
3 || ################################################################### ||
4 || # BugStrike [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
7 || # This file may not be reproduced in any way without permission. # ||
8 || # --------------------------------------------------------------- # ||
9 || # User License Agreement at http://www.iris-studios.com/license/ # ||
10 || ################################################################### ||
11 \*=====================================================================*/
12
13 $fetchtemplates = array(
14 'register'
15 );
16
17 require_once('./global.php');
18
19 // ###################################################################
20
21 if ($bugsys->userinfo['userid'])
22 {
23 echo 'Sorry, you are already registered!';
24 exit;
25 }
26
27 if (!$bugsys->options['allownewreg'])
28 {
29 echo 'Sorry, we don\'t allow new registrations!';
30 exit;
31 }
32
33 // ###################################################################
34
35 if (empty($_REQUEST['do']))
36 {
37 foreach ($bugsys->datastore['language'] AS $value => $temp)
38 {
39 $label = $temp['title'];
40 eval('$opts .= "' . $template->fetch('selectoption') . '";');
41 }
42
43 eval('$template->flush("' . $template->fetch('register') . '");');
44 }
45
46 // ###################################################################
47
48 if ($_POST['do'] == 'insert')
49 {
50 if ($bugsys->in['email'] != $bugsys->in['confirmemail'])
51 {
52 $errors[] = 'The emails you entered do not match.';
53 }
54
55 if (!$bugsys->in['email'])
56 {
57 $errors[] = 'The password you specified was blank.';
58 }
59
60 if ($bugsys->in['password'] != $bugsys->in['confirmpassword'])
61 {
62 $errors[] = 'The passwords you entered did not match.';
63 }
64
65 if (!$bugsys->in['password'])
66 {
67 $errors[] = 'The password you specified was blank.';
68 }
69
70 if (!$funct->is_valid_email($bugsys->in['email']))
71 {
72 $errors[] = 'The specified email is invalid.';
73 }
74
75 if (is_array($db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $bugsys->in['email'] . "'")))
76 {
77 $errors[] = 'The specified email is already in use.';
78 }
79
80 if (is_array($errors))
81 {
82 echo implode('<br />', $errors);
83 exit;
84 }
85
86 $salt = $funct->rand(15);
87
88 if ($bugsys->options['verifyemail'])
89 {
90 $usergroupid = 3;
91 }
92 else
93 {
94 if ($bugsys->options['moderatenewusers'])
95 {
96 $usergroupid = 4;
97 }
98 else
99 {
100 $usergroupid = 2;
101 }
102 }
103
104 $db->query("
105 INSERT INTO " . TABLE_PREFIX . "user
106 (email, displayname, password, salt, authkey, showemail, languageid, usergroupid)
107 VALUES
108 ('" . $bugsys->in['email'] . "',
109 '" . $bugsys->in['displayname'] . "',
110 '" . md5(md5($bugsys->in['password']) . md5($salt)) . "',
111 '$salt',
112 '" . fetch_random_chars() . "',
113 " . intval($bugsys->in['showemail']) . ",
114 " . intval($bugsys->in['languageid']) . ",
115 $usergroupid
116 )"
117 );
118
119 $userid = $db->insert_id();
120
121 // Verify email address
122 if ($usergroupid == 3)
123 {
124 $activationid = $funct->rand(25);
125
126 $db->query("INSERT INTO " . TABLE_PREFIX . "useractivation (userid, activator, dateline, usergroupid) VALUES ($userid, '$activationid', " . NOW . ", 2)");
127
128 $mail->to = $bugsys->in['email'];
129 $mail->subject = 'Welcome to ' . $bugsys->options['trackertitle'];
130 $mail->body = "Hi " . $bugsys->in['displayname'] . " you need to activate your account: http://devbox/bugtraq/register.php?do=activate&userid=" . $userid . "&activator=" . $activationid;
131 $mail->send();
132
133 echo 'You now need to activate your account via email.';
134 }
135 else if ($usergroupid == 4 OR $usergroupid == 2)
136 {
137 if ($bugsys->options['sendwelcomemail'])
138 {
139 $mail->to = $bugsys->in['email'];
140 $mail->subject = 'Welcome to ' . $bugsys->options['trackertitle'];
141 $mail->body = "Hi " . $bugsys->in['displayname'] . " and welcome to the " . $bugsys->options['trackertitle'] . " bug tracker! Thanks for registering.";
142 }
143
144 if ($usergroupid == 4)
145 {
146 echo 'Your account is pending approval.';
147 }
148 else
149 {
150 echo 'Registration complete!';
151 }
152 }
153 }
154
155 // ###################################################################
156
157 if ($_REQUEST['do'] == 'activate')
158 {
159 if ($useractivation = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . intval($bugsys->in['userid']) . " AND activator = '" . $bugsys->in['activator'] . "'"))
160 {
161 $db->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = $useractivation[usergroupid] WHERE userid = " . intval($bugsys->in['userid']));
162 $db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . intval($bugsys->in['userid']));
163 echo 'your account is now activated and you can now login';
164 }
165 else
166 {
167 echo 'we could not match your registration string. please make sure you entered the correct url';
168 }
169 }
170
171 /*=====================================================================*\
172 || ###################################################################
173 || # $HeadURL$
174 || # $Id$
175 || ###################################################################
176 \*=====================================================================*/
177 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.