<?php
/*=====================================================================*\
|| ###################################################################
|| # Bugdar
|| # Copyright (c)2002-2007 Blue Static
|| #
|| # This program is free software; you can redistribute it and/or modify
|| # it under the terms of the GNU General Public License as published by
|| # the Free Software Foundation; version 2 of the License.
|| #
|| # This program is distributed in the hope that it will be useful, but
|| # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|| # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
|| # more details.
|| #
|| # You should have received a copy of the GNU General Public License along
|| # with this program; if not, write to the Free Software Foundation, Inc.,
|| # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|| ###################################################################
\*=====================================================================*/

$fetchtemplates = array(
	'register'
);


$focus['user'] = 'focus';

require_once('./global.php');
require_once('./includes/api_user.php');

require_once('./includes/class_api_error.php');
APIError(array(new API_Error_Handler($message), 'user_cumulative'));

// ###################################################################

if ($_POST['do'] == 'insert')
{
	if ($bugsys->userinfo['userid'])
	{
		$message->error(T('Sorry, you are already registered.'));
	}

	if (!$bugsys->options['allownewreg'])
	{
		$message->error(T('Sorry, we don\'t allow new registrations.'));
	}

	if ($bugsys->in['email'] != $bugsys->in['confirmemail'])
	{
		$message->addError(T('The emails you entered do not match.'));
	}

	if ($bugsys->in['password'] != $bugsys->in['confirmpassword'])
	{
		$message->addError(T('The passwords you entered did not match.'));
	}

	if ($bugsys->options['recaptchasitekey'] && $bugsys->options['recaptchasecretkey'])
	{
		if ($bugsys->in['g-recaptcha-response'])
		{
			$request = http_build_query([
				'secret' => $bugsys->options['recaptchasecretkey'],
				'response' => $bugsys->in['g-recaptcha-response'],
				'remoteip' => $_SERVER['REMOTE_ADDR'],
			]);
			$context = stream_context_create([
				'http' => [
					'method' => 'POST',
					'header' => 'Content-type: application/x-www-form-urlencoded',
					'content' => $request,
				]
			]);
			$response = @file_get_contents('https://www.google.com/recaptcha/api/siteverify', false, $context);
			$response_object = json_decode($response);
			if (!$response_object || !$response_object->success)
			{
				$message->addError(T('Sorry, you do not appear to be human.'));
			}
		}
		else
		{
			$message->addError(T('Please verify you are a human.'));
		}
	}

	if ($bugsys->options['verifyemail'])
	{
		$usergroupid = 3;
	}
	else
	{
		if ($bugsys->options['moderatenewusers'])
		{
			$usergroupid = 4;
		}
		else
		{
			$usergroupid = 2;
		}
	}

	$user = new UserAPI($bugsys);
	$user->set('email',			$bugsys->in['email']);
	$user->set('displayname',	$bugsys->in['displayname']);
	$user->set('password',		$bugsys->in['password']);
	$user->set('showemail',		$bugsys->in['showemail']);
	$user->set('showcolors',	1);
	$user->set('languageid',	$bugsys->in['languageid']);
	$user->set('timezone',		$bugsys->options['defaulttimezone']);
	$user->set('usergroupid',	$usergroupid);

	if (!$message->hasErrors())
	{
		$user->insert();

		$userid = $user->insertid;

		// Verify email address
		if ($usergroupid == 3)
		{
			$activationid = $funct->rand(25);

			$db->query("INSERT INTO " . TABLE_PREFIX . "useractivation (userid, activator, dateline, usergroupid) VALUES ($userid, '$activationid', " . TIMENOW . ", 2)");

			eval('$email = "' . $template->fetch(FetchEmailPath('activateaccount.xml', bugdar::$datastore['language'][$bugsys->in['languageid']]['langcode'])) . '";');
			$email = $bugsys->xml->parse($email);
			$mail->setSubject($email['email']['subject']['value']);
			$mail->setBodyText($email['email']['bodyText']['value']);

			$mail->send($bugsys->in['email'], $bugsys->in['displayname']);

			$message->message(T('You now need to activate your account via email.'));
		}
		else if ($usergroupid == 4 OR $usergroupid == 2)
		{
			if ($bugsys->options['sendwelcomemail'])
			{
				$displayName = $bugsys->in['displayname'];
				eval('$email = "' . $template->fetch(FetchEmailPath('welcome.xml', bugdar::$datastore['language'][$bugsys->in['languageid']]['langcode'])) . '";');
				$email = $bugsys->xml->parse($email);
				$mail->setSubject($email['email']['subject']['value']);
				$mail->setBodyText($email['email']['bodyText']['value']);
				$mail->send($bugsys->in['email'], $bugsys->in['displayname']);
			}

			if ($usergroupid == 4)
			{
				$message->message(T('Your account is pending approval.'));
			}
			else
			{
				$message->message(T('Thank you for registering. You may now use your account.'));
			}
		}
	}
	else
	{
		$_REQUEST['do'] = '';
		$show['errors'] = true;
	}
}

// ###################################################################

if (empty($_REQUEST['do']))
{
	if ($bugsys->userinfo['userid'])
	{
		$message->error(T('Sorry, you are already registered.'));
	}

	if (!$bugsys->options['allownewreg'])
	{
		$message->error(T('Sorry, we don\'t allow new registrations.'));
	}

	foreach (bugdar::$datastore['language'] AS $value => $temp)
	{
		$label = $temp['title'];
		$selected = ($value == $bugsys->in['languageid']);
		eval('$opts .= "' . $template->fetch('selectoption') . '";');
	}

	eval('$template->flush("' . $template->fetch('register') . '");');
}

// ###################################################################

if ($_REQUEST['do'] == 'activate')
{
	$bugsys->input_clean('userid', TYPE_UINT);
	if ($useractivation = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . $bugsys->in['userid'] . " AND activator = '" . $bugsys->input_escape('activator') . "'"))
	{
		$user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . $bugsys->in['userid']);
		$db->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = $useractivation[usergroupid] WHERE userid = " . $bugsys->in['userid']);
		$db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = " . $bugsys->in['userid']);

		if ($bugsys->options['sendwelcomemail'])
		{
			$displayName = $user['displayname'];
			eval('$email = "' . $template->fetch(FetchEmailPath('welcome.xml', bugdar::$datastore['language'][$user['languageid']]['langcode'])) . '";');
			$email = $bugsys->xml->parse($email);
			$mail->setSubject($email['email']['subject']['value']);
			$mail->setBodyText($email['email']['bodyText']['value']);
			$mail->send($user['email'], $user['displayname']);
		}

		$message->message(T('Your account is now activated and you can now login.'));
	}
	else
	{
		$message->error(T('Sorry, we could not match your registration string. Please make sure you entered the correct URL.'));
	}
}