-
Notifications
You must be signed in to change notification settings - Fork 28
/
register.php
executable file
·118 lines (103 loc) · 4.33 KB
/
register.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<?php
/**
* Copyright 2009 Lucas Baudin <[email protected]>
* 2012-2014 Stephen Just <[email protected]>
* 2014-2016 Daniel Butum <danibutum at gmail dot com>
* This file is part of stk-addons.
*
* stk-addons is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* stk-addons is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with stk-addons. If not, see <http://www.gnu.org/licenses/>.
*/
require_once(__DIR__ . DIRECTORY_SEPARATOR . "config.php");
Util::validateCaptchaKeysSet();
$username = empty($_POST['username']) ? null : $_POST['username'];
$realname = empty($_POST['realname']) ? null : $_POST['realname'];
$email = empty($_POST['email']) ? null : $_POST['email'];
$action = empty($_GET['action']) ? null : $_GET['action'];
$tpl = StkTemplate::get('register.tpl')
->assignTitle(_h('Register'))
->addBootstrapValidatorLibrary()
->setMinify(false)
->addScriptIncludeWeb('https://www.google.com/recaptcha/api.js');
$register = [
'captcha_site_key' => CAPTCHA_SITE_KEY,
'display' => false,
'username' => ['min' => User::MIN_USERNAME, 'max' => User::MAX_USERNAME, 'value' => h($username)],
'password' => ['min' => User::MIN_PASSWORD, 'max' => User::MAX_PASSWORD],
'realname' => ['min' => User::MIN_REALNAME, 'max' => User::MAX_USERNAME, 'value' => h($realname)],
'email' => ['max' => User::MAX_EMAIL, 'value' => h($email)]
];
// define possibly undefined variables
switch ($action)
{
case 'register': // register new account
try
{
// validate
$errors = Validate::ensureNotEmpty($_POST, ["username", "password", "password_confirm", "email", "terms"]);
if ($errors)
throw new UserException(implode("<br>", $errors));
if (Validate::ensureNotEmpty($_POST, ['g-recaptcha-response']))
throw new UserException(_h('You did not complete the reCAPTCHA field'));
// Check CAPTCHA
$captcha = new \ReCaptcha\ReCaptcha(CAPTCHA_SECRET);
$response = $captcha->verify($_POST['g-recaptcha-response'], Util::getClientIp());
if (!$response->isSuccess())
{
// codes reference https://developers.google.com/recaptcha/docs/verify#error-code-reference
// $error_codes = $response->getErrorCodes();
throw new UserException(_h("The reCAPTCHA wasn't entered correctly. Go back and try it again."));
}
User::register(
$username,
$_POST['password'],
$_POST['password_confirm'],
$email,
empty(trim($realname)) ? $username : $realname,
$_POST['terms']
);
$tpl->assign(
'success',
_h("Account creation was successful. Please activate your account using the link emailed to you.")
);
}
catch (UserException $e)
{
$tpl->assign('errors', $e->getMessage());
$register['display'] = true;
}
break;
case 'valid': // activation link
try
{
// validate
$errors = Validate::ensureNotEmpty($_GET, ["num", "user"]);
if ($errors) throw new UserException(implode("<br>", $errors));
User::activate($_GET['user'] /* user id */, $_GET["num"] /* verification code */);
$tpl->assign('success', _h('Your account has been activated.'));
$tpl->setMetaRefresh("login.php", 10);
}
catch (UserException $e)
{
$tpl->assign(
'errors',
$e->getMessage() . ". " . _h('Could not validate your account. The link you followed is not valid.')
);
}
break;
default:
$register['display'] = true;
break;
}
$tpl->assign('register', $register);
echo $tpl;