diff options
Diffstat (limited to 'web/account-create.php')
| -rw-r--r-- | web/account-create.php | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/web/account-create.php b/web/account-create.php new file mode 100644 index 0000000..f56273f --- /dev/null +++ b/web/account-create.php @@ -0,0 +1,106 @@ +<? +require_once("../include/Namespace.inc"); +require_once("../include/Tools.inc"); +require_once("../include/Template.inc"); + +$namespace = new Namespace( + array( have_database => 1, + have_session => 1, + have_user => 1 ) +) or + die("Nobody loves me. I don't even have space for a name."); + +$rules = Array(); +$rules['commit']['username'] = array(type => 'string'); +$rules['commit']['name'] = array(type => 'string', optional => 1); +$rules['commit']['address'] = array(type => 'string'); +$rules['commit']['goto'] = array(type => 'string', optional => 1); +$rules['ask']['goto'] = array(type => 'string', optional => 1); +$rules['ask']['username'] = array(type => 'string', optional => 1); +$rules['ask']['name'] = array(type => 'string', optional => 1); +$rules['ask']['address'] = array(type => 'string', optional => 1); +$arguments = param_check($GLOBALS, $rules, array(params_required=>false)); + +$message = ''; +$created = 0; + +if ( $arguments['form_id']=='commit' ) { + $namespace->session->set_id(); + $username = $arguments['username']; + $address = $arguments['address']; + $name = $arguments['name']; + + if (! preg_match('/^[a-zA-Z][a-zA-Z0-9]+$/', $username) ) + error("Username '$username' does not match ^[a-zA-Z][a-zA-Z0-9]+"); + if (! preg_match('/^[a-zA-Z0-9+=_.-]+@[a-zA-Z0-9+=_.-]+$/', $address) ) + error("Address '$address' does not match ^[a-zA-Z0-9+=_.-]+@[a-zA-Z0-9+=_.-]+$"); + + $password = md5($_SERVER["UNIQUE_ID"].time.rand(0,1000000)); + $password = substr($password, 0, 8); + + $account = array(); + $account['username'] = $username; + $account['name'] = $name; + $account['password'] = $password; + + $result = $namespace->database->insert('account', $account); + if ($result) { + $account = $namespace->database->query_row('SELECT account.ref FROM account WHERE account.username=?', array($username)); + assert($account); + assert(isset($account['ref'])); + $addr = array(); + $addr['address'] = $address; + $addr['verified'] = 'T'; + $addr['enabled'] = 'T'; + $addr['account_ref'] = $account['ref']; + $result = $namespace->database->insert('address', $addr); + assert($result); + + $created = 1; + $message = "Someone, probably you, has requested the following Account on www.noreply.org:\n". + "\n". + "Username: $username\n". + "Name: $name\n". + "Address: $address\n". + "\n". + "Your Password is »".$password."«\n". + "\n". + "You can log in at\n". + "http://www.noreply.org/login.php?form_id=login&username=$username\n\n". + "\n". + "Should you have problems please contact ".$namespace->config->mail_operator.".\n"; + mail($address, "Your Noreply Account", $message, + "From: ".$namespace->config->mail_from."\n". + "Sender: ".$namespace->config->mail_sender."\n". + "Reply-To: ".$namespace->config->mail_replyto."\n". + "Mime-Version: 1.0\n". + "Content-Type: text/plain; charset=iso-8859-1\n". + "Content-Disposition: inline" + ); + } else + $message = 'Error (perhaps the username already exists).'; +} + +if (! $created ) { + $data = array(); + $data['goto'] = $arguments['goto']; + $data['message'] = $message; + $data['username'] = $namespace->session->data['user']['username']; + $data['username_field'] = $arguments['username']; + $data['name_field'] = $arguments['name']; + $data['username_field'] = $arguments['username']; + $data['address_field'] = $arguments['address']; + + $template = new Template('account-create.html', $namespace->config->template_path); + $template->parse($data); + print $template->output(); +} else { + redirect($namespace, './login.php?form_id=login&goto='.$arguments['goto'].'&username='.$username.'&message=Account+Created.+Password+will+be+sent+via+email.'); +} + +$namespace->stop(); + + +# vim:set ts=4: +# vim:set shiftwidth=4: +?> |