1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
<?
require_once("../include/Namespace.inc");
require_once("../include/Tools.inc");
require_once("../include/Template.inc");
$namespace = new Namespace(
array( have_database => 1,
have_session => 1,
have_user => 1 )
) or
die("Nobody loves me. I don't even have space for a name.");
$rules = Array();
$rules['commit']['username'] = array(type => 'string');
$rules['commit']['name'] = array(type => 'string', optional => 1);
$rules['commit']['address'] = array(type => 'string');
$rules['commit']['goto'] = array(type => 'string', optional => 1);
$rules['ask']['goto'] = array(type => 'string', optional => 1);
$rules['ask']['username'] = array(type => 'string', optional => 1);
$rules['ask']['name'] = array(type => 'string', optional => 1);
$rules['ask']['address'] = array(type => 'string', optional => 1);
$arguments = param_check($GLOBALS, $rules, array(params_required=>false));
$message = '';
$created = 0;
if ( $arguments['form_id']=='commit' ) {
$namespace->session->set_id();
$username = $arguments['username'];
$address = $arguments['address'];
$name = $arguments['name'];
if (! preg_match('/^[a-zA-Z][a-zA-Z0-9]+$/', $username) )
error("Username '$username' does not match ^[a-zA-Z][a-zA-Z0-9]+");
if (! preg_match('/^[a-zA-Z0-9+=_.-]+@[a-zA-Z0-9+=_.-]+$/', $address) )
error("Address '$address' does not match ^[a-zA-Z0-9+=_.-]+@[a-zA-Z0-9+=_.-]+$");
$password = md5($_SERVER["UNIQUE_ID"].time.rand(0,1000000));
$password = substr($password, 0, 8);
$account = array();
$account['username'] = $username;
$account['name'] = $name;
$account['password'] = $password;
$result = $namespace->database->insert('account', $account);
if ($result) {
$account = $namespace->database->query_row('SELECT account.ref FROM account WHERE account.username=?', array($username));
assert($account);
assert(isset($account['ref']));
$addr = array();
$addr['address'] = $address;
$addr['verified'] = 'T';
$addr['enabled'] = 'T';
$addr['account_ref'] = $account['ref'];
$result = $namespace->database->insert('address', $addr);
assert($result);
$created = 1;
$message = "Someone, probably you, has requested the following Account on www.noreply.org:\n".
"\n".
"Username: $username\n".
"Name: $name\n".
"Address: $address\n".
"\n".
"Your Password is �".$password."�\n".
"\n".
"You can log in at\n".
"http://www.noreply.org/login.php?form_id=login&username=$username\n\n".
"\n".
"Should you have problems please contact ".$namespace->config->mail_operator.".\n";
mail($address, "Your Noreply Account", $message,
"From: ".$namespace->config->mail_from."\n".
"Sender: ".$namespace->config->mail_sender."\n".
"Reply-To: ".$namespace->config->mail_replyto."\n".
"Mime-Version: 1.0\n".
"Content-Type: text/plain; charset=iso-8859-1\n".
"Content-Disposition: inline"
);
} else
$message = 'Error (perhaps the username already exists).';
}
if (! $created ) {
$data = array();
$data['goto'] = $arguments['goto'];
$data['message'] = $message;
$data['username'] = $namespace->session->data['user']['username'];
$data['username_field'] = $arguments['username'];
$data['name_field'] = $arguments['name'];
$data['username_field'] = $arguments['username'];
$data['address_field'] = $arguments['address'];
$template = new Template('account-create.html', $namespace->config->template_path);
$template->parse($data);
print $template->output();
} else {
redirect($namespace, './login.php?form_id=login&goto='.$arguments['goto'].'&username='.$username.'&message=Account+Created.+Password+will+be+sent+via+email.');
}
$namespace->stop();
# vim:set ts=4:
# vim:set shiftwidth=4:
?>
|
