• Main Page
  • Related Pages
  • Namespaces
  • Data Structures
  • Files
  • Examples
  • File List
  • Globals

cms/registration.lib.php

Go to the documentation of this file.
00001 <?php
00002 if(!defined('__PRAGYAN_CMS'))
00003 { 
00004         header($_SERVER['SERVER_PROTOCOL'].' 403 Forbidden');
00005         echo "<h1>403 Forbidden<h1><h4>You are not authorized to access the page.</h4>";
00006         echo '<hr/>'.$_SERVER['SERVER_SIGNATURE'];
00007         exit(1);
00008 }
00023 function getRegistrationForm() {
00024         global $urlRequestRoot, $moduleFolder, $cmsFolder,$sourceFolder, $templateFolder;
00025         require_once("$sourceFolder/$moduleFolder/form/registrationformsubmit.php");
00026         require_once("$sourceFolder/$moduleFolder/form/registrationformgenerate.php");
00027         $jsPath2 = "$urlRequestRoot/$cmsFolder/$moduleFolder/form/validation.js";//validation.js
00028         $jsPath = "$urlRequestRoot/$cmsFolder/templates/common/scripts/formValidator.js";//validation.js
00029         $calpath = "$urlRequestRoot/$cmsFolder/$moduleFolder";
00030         $jsPathMooTools = "$urlRequestRoot/$cmsFolder/templates/common/scripts/mootools-1.11-allCompressed.js";
00031         $body = '<script language="javascript" type="text/javascript" src="'.$jsPath2.'"></script>';
00032         $body .= '<link rel="stylesheet" type="text/css" media="all" href="'.$calpath.'/form/calendar/calendar.css" title="Aqua" />' .
00033                                                  '<script type="text/javascript" src="'.$calpath.'/form/calendar/calendar.js"></script>';
00035         $captchaHtml = getCaptchaHtml();
00036         $jsValidationFunctions = array();
00037         $containsFileUploadFields = false;
00039         $dynamicFields = getFormElementsHtmlAsArray(0, 0, $jsValidationFunctions, $containsFileUploadFields);
00040         $dynamicFields = join($dynamicFields, "</tr>\n<tr>");
00041         if($dynamicFields != '') {
00042                 $dynamicFields = "<tr>$dynamicFields</tr>";
00043         }
00044         $jsValidationFunctions = join($jsValidationFunctions, ' && ');
00045         $email_val = "";
00046         $name_val = "";
00047         $fullname_val = "";
00048         if(isset($_POST['user_email']))
00049                 $email_val = escape($_POST['user_email']);
00050         if(isset($_POST['user_name']))
00051                 $name_val = escape($_POST['user_name']);
00052         if(isset($_POST['user_email']))
00053                 $fullname_val = escape($_POST['user_fullname']);
00054         $reg_str =<<<REG
00055 <script language="javascript">
00056                         function checkPassword(inputhandler2) {
00057                                 inputhandler1=inputhandler2.form.user_password;
00058                                 if(inputhandler1.value!=inputhandler2.value) {
00059                                         alert("Passwords do not match");
00060                                         inputhandler2.value="";
00061                                         inputhandler1.value="";
00062                                         inputhandler1.focus();
00063                                         return false;
00064                                 }
00065                                 return true;
00066                         }
00067                         function checkRegistrationForm(inputhandler) {
00068                                 if(inputhandler.user_password.value.length==0) {
00069                                         alert("Blank password not allowed.");
00070                                         return false;
00071                                 }
00072                                 if(inputhandler.user_name.value.length==0) {
00073                                         alert("Blank 'User name' not allowed.");
00074                                         return false;
00075                                 }
00076                                 if(inputhandler.user_fullname.value.length==0) {
00077                                         alert("Blank 'Full name' not allowed.");
00078                                         return false;
00079                                 }
00080                                 return (checkEmail(this.user_email)&&checkPassword(this.user_repassword));
00081                         }
00082 </script>
00083 <form class="cms-registrationform"  method="POST" name="user_reg_usrFrm" onsubmit="return checkRegistrationForm(this)" action="./+login&subaction=register" enctype="multipart/form-data">
00084         <fieldset>
00085         <legend> Sign Up</legend>
00086                 <table border="0" cellspacing="0" cellpadding="0">
00087                <tr>     <td><label for="user_email" class="labelrequired">Email *</label></td>
00088                                 <td><input name="user_email" id="user_email" class="required" value='{$email_val}' onchange="if(this.length!=0) return checkEmail(this);" type="text"></td>
00089            </tr>
00090            <tr> <td><label for="user_password" class="labelrequired">Password *</label></td>
00091                         <td>  <input name="user_password" id="user_password" class="required" type="password"></td>
00092                 </tr>
00093                         <tr> <td><label for="user_repassword" class="labelrequired">Re-enter Password *</label></td>
00094                                 <td> <input name="user_repassword" id="user_repassword" class="required" onchange="if(this.length!=0) return checkPassword(this);" type="password"></td>
00095                         </tr>
00096                         <tr>
00097                                 <td><label for="user_name" class="labelrequired">User name *</label></td>
00098                                 <td><input name="user_name" id="user_name" class="required" value='{$name_val}' type="text"></td>
00099                         </tr>
00100                         <tr>
00101                                 <td><label for="user_fullname" class="labelrequired">Full Name *</label></td>
00102                                 <td><input name="user_fullname" id="user_fullname" class="required" value='{$fullname_val}' type="text"></td>
00103                         </tr>
00104                         $dynamicFields
00105                         $captchaHtml
00106                         <tr>
00107                                 <td colspan="2">* - Required Fields&nbsp;</td>
00108                         </tr>
00109 
00110                         <tr>
00111                                 <td><input type="submit" id="submitbutton" value="Sign Up"></td>
00112                                 <td><a href="./+login&subaction=register&reSendKey=1">Resend Activation link?</a> <a href="./+login">Login?</a></td>
00113                         </tr>
00114                 </table>
00115         </fieldset>
00116 </form>
00117 REG;
00118         $body .= $reg_str;
00119         $body .= <<<SCRIPT
00120                         <script language="javascript" type="text/javascript">
00121                         <!--
00122                                 function validate_form(thisform) {
00123                                         return ($jsValidationFunctions);
00124                                 }
00125                         -->
00126                         </script>
00127 SCRIPT;
00128         return $body;
00129 }
00130 
00131 function register() {
00133         global $uploadFolder,$sourceFolder,$moduleFolder,$urlRequestRoot;
00134         require("$sourceFolder/$moduleFolder/form/registrationformgenerate.php");
00135         require("$sourceFolder/$moduleFolder/form/registrationformsubmit.php");
00136         if ((!isset ($_GET['key'])) && (!isset ($_GET['reSendKey'])) && (!isset ($_POST['user_email']))) {      
00137                 return getRegistrationForm();           
00138         }
00140         elseif ((isset ($_GET['reSendKey'])) && (!isset ($_POST['resend_key_email'])) && SEND_MAIL_ON_REGISTRATION) {
00141 
00142                 $reSendForm =<<<FORM
00143 <form  class="cms-registrationform" method="POST" name="user_resend_key" onsubmit="return checkForm(this)" action="./+login&subaction=register&reSendKey">
00144    <fieldset>
00145    <legend>Resend Activation Link</legend>
00146    <table>
00147                 <tr>
00148                         <td><label for="resend_key_email"  class="labelrequired">Email</label></td>
00149                         <td><input type="text" name="resend_key_email" id="resend_key_email" class="required" onchange="if(this.length!=0) return checkEmail(this);"/><br /></td>
00150                 </tr>
00151                 <tr>
00152                         <td colspan="2">&nbsp;</td>
00153                 </tr>
00154                 <tr>
00155                         <td><input type="submit" id="submitbutton" value="Submit"></td>
00156                         <td><a href="./+login&subaction=register">Sign Up</a> <a href="./+login">Login?</a></td>
00157                 </tr>
00158         </table>
00159         </fieldset>
00160 </form>
00161 FORM;
00162                 return $reSendForm;
00163         }
00165         elseif (isset ($_POST['resend_key_email'])) {
00166                 $email = escape($_POST['resend_key_email']);
00167                 $query = "SELECT * FROM  `" . MYSQL_DATABASE_PREFIX . "users`  WHERE `user_email`='$email' ";
00168                 $result = mysql_query($query) or displayerror(mysql_error() . "registration L:131");
00169                 if (!mysql_num_rows($result))
00170                         displayinfo("This email-id has not yet been registered. Kindly <a href=\"./+login&subaction=register\">register</a>.");
00171                 else {
00172                         $temp = mysql_fetch_assoc($result);
00173                         if ($temp['user_activated'] == 1)
00174                                 displayinfo("E-mail $email has already been verified.<a href=\"./+login\"> Login</a> <a href=\"./+login&subaction=resetPasswd\">Forgot Password?</a>");
00175                         else {
00176                                 $key = getVerificationKey($email, $temp['user_password'], $temp['user_regdate']);
00177 
00178                                 // send mail code starts here - see common.lib.php for more
00179                                 $from = "from: ".CMS_TITLE." <".CMS_EMAIL.">";
00180                                 $to = "$email";
00181                                 $mailtype = "activation_mail";
00182                                 
00183                                 
00184                                 $messenger = new messenger(false);
00185                                 global $onlineSiteUrl;
00186                                 $messenger->assign_vars(array('ACTIVATE_URL'=>"$onlineSiteUrl/+login&subaction=register&verify=$to&key=$key",'NAME'=>"$temp[user_fullname]",'WEBSITE'=>CMS_TITLE,'DOMAIN'=>$onlineSiteUrl));
00187 
00188                                 if ($messenger->mailer($to,$mailtype,$key,$from))
00189                                         displayinfo("Activation link resent. Kindly check your e-mail for activation link.");
00190                                 else 
00191                                         displayerror("Activation link resending failure. Kindly contact administrator");
00192                                 // send mail code ends here
00193                                                         
00194                         }
00195                 }
00196         }
00198         elseif (isset ($_GET['key'])) {
00199                 $emailId = escape($_GET['verify']);
00200                 $query = "SELECT * FROM  `" . MYSQL_DATABASE_PREFIX . "users`  WHERE `user_email`='{$emailId}'";
00201                 $result = mysql_query($query) or displayerror(mysql_error() . "registration L:76");
00202                 $temp = mysql_fetch_assoc($result);
00203                 if ($temp['user_activated'] == 1)
00204                         displayinfo("E-mail ".escape($_GET[verify])." has already been verified");
00205                 else {
00206                         if ($_GET['key'] == getVerificationKey($_GET['verify'], $temp['user_password'], $temp['user_regdate'])) {
00207                                 $query = "UPDATE `" . MYSQL_DATABASE_PREFIX . "users` SET `user_activated`=1  WHERE `user_email`='$emailId'";
00208                                 mysql_query($query) or die(mysql_error());
00209                                 if (mysql_affected_rows() > 0)
00210                                         displayinfo("Your e-mail ".escape($_GET[verify])." has been verified. Now you can fill your profile information by clicking <a href=\"./+profile\">here</a> or by clicking on the preferences link in the action bar any time you are logged in.");
00211                                 else
00212                                         displayerror("Verification error for ".escape($_GET[verify]).". Please contact administrator");
00213                         } else
00214                                 displayerror("Verification error for ".escape($_GET[verify]).". Please contact administrator");
00215                 }
00216         }
00218         else {
00219 
00220                 if ((($_POST['user_email']) == "") || (($_POST['user_password']) == "")) {
00221                         displayerror("Blank e-mail/password NOT allowed");
00222                         return getRegistrationForm();
00223                 }
00224 
00225                 if ((($_POST['user_name']) == "") || (($_POST['user_fullname']) == "")) {
00226                         displayerror("Please fill in your user name and Full name");
00227                         return getRegistrationForm();
00228                 }
00229 
00230                 if (!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i", $_POST['user_email'])) {
00231                         displayerror("Invalid Email Id");
00232                         return getRegistrationForm();
00233                 }
00234                 if (($_POST['user_password']) != ($_POST['user_repassword'])) {
00235                         displayerror("Passwords are not same");
00236                         return getRegistrationForm();
00237                 }
00238                 if (submitCaptcha()==false) {
00239                         return getRegistrationForm();
00240                 }
00241                 /*For new registrations*/
00242 
00243                 $umail = escape($_POST['user_email']);
00244                 $umail = trim($umail);
00245                 $isValid = check_email($umail);
00246                 if(!$isValid)
00247                         {
00248                         displayerror("Your E-Mail Provoider has been blackilisted. Please Use another email id or contact the website administrator");
00249                         return getRegistrationForm();
00250                         }
00251                 $query = "SELECT * FROM `" . MYSQL_DATABASE_PREFIX . "users` WHERE `user_email`='" . $umail . "'";
00252                 $result = mysql_query($query) or displayerror(mysql_error() . "in registration L:115");
00253                 if (mysql_num_rows($result)) {
00254                         displaywarning("Email already exists in database. Please use a different e-mail.");
00255                         return getRegistrationForm();
00256                 } else {
00257                         $passwd = md5($_POST['user_password']);
00258                         $query = "INSERT INTO `" . MYSQL_DATABASE_PREFIX . "users` " .
00259                                         "(`user_name`, `user_email`, `user_fullname`, `user_password`, `user_activated`) " .
00260                                         "VALUES ('".escape($_POST['user_name'])."', '".escape($_POST['user_email'])."', '".escape($_POST['user_fullname'])."', '$passwd', ".ACTIVATE_USER_ON_REG.")";
00261                         $result = mysql_query($query);
00262                         $query1 = "SELECT `user_id` FROM `". MYSQL_DATABASE_PREFIX . "users` WHERE `user_email` ='".escape($_POST['user_email'])."' LIMIT 1";
00263                         $result1 = mysql_query($query1);
00264                         $result1 = mysql_fetch_array($result1);
00265                         $form_result = submitRegistrationForm(0, $result1[0], true, true); 
00266                         if(!$form_result)
00267                                 {
00268                                         $query1 = "DELETE FROM `" . MYSQL_DATABASE_PREFIX . "users` WHERE `user_id` = ".$result1[0];
00269                                         $result = mysql_query($query1); 
00270                                         return getRegistrationForm();
00271                                 }                       
00272                         if ($result)
00273                         {
00274                                 if(ACTIVATE_USER_ON_REG)
00275                                         displayinfo("You have been successfully registered. You can now <a href=\"./+login\">log in</a>.");
00276                                 else displayinfo("Your registration was successful but your account is not activated yet. Kindly check your email, or wait for the website administrator to activate you.");
00277                         }
00278                         if(SEND_MAIL_ON_REGISTRATION)
00279                         {
00280                                 $email = $umail;
00281                                 $query = "SELECT * FROM  `" . MYSQL_DATABASE_PREFIX . "users`  WHERE `user_email`='$email' ";
00282                                 $result = mysql_query($query) or displayerror(mysql_error() . "registration L:211");
00283                         
00284                                 $temp = mysql_fetch_assoc($result);
00285                                 $key = getVerificationKey($email, $temp['user_password'], $temp['user_regdate']);
00286 
00287                                 // send mail code starts here - see common.lib.php for more
00288                                 $from = "from: ".CMS_TITLE." <".CMS_EMAIL.">";
00289                                 $to = "$email";
00290                                 $mailtype = "activation_mail";
00291                 
00292                 
00293                                 $messenger = new messenger(false);
00294                                 global $onlineSiteUrl;
00295                                 $messenger->assign_vars(array('ACTIVATE_URL'=>"$onlineSiteUrl/+login&subaction=register&verify=$to&key=$key",'NAME'=>"$temp[user_fullname]",'WEBSITE'=>CMS_TITLE, 'DOMAIN'=>$onlineSiteUrl));
00296 
00297                                 if ($messenger->mailer($to,$mailtype,$key,$from))
00298                                         displayinfo("Kindly check your e-mail for activation link.");
00299                                 else 
00300                                         displayerror("Activation link sending failure. Kindly contact administrator");
00301                                 // send mail code ends here
00302                                         
00303                         }
00304                         
00305                 }
00306         }
00307 }
00308 
00309 function getVerificationKey($userEmail, $userPassword, $userRegistrationTime) {
00310         return md5(substr($userEmail, 0, 6) . substr(md5($userPassword), -17) . $userRegistrationTime . $userPassword);
00311 }
00312 
00313 
00314 
00315 
00316 

Generated on Mon Mar 14 2011 05:35:30 for Pragyan CMS by  doxygen 1.7.1