You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
81 lines
2.9 KiB
PHP
81 lines
2.9 KiB
PHP
<?php
|
|
/*
|
|
* Box is more free software. It is licensed under the WTFPL, which
|
|
* allows you to do pretty much anything with it, without having to
|
|
* ask permission. Commercial use is allowed, and no attribution is
|
|
* required. We do politely request that you share your modifications
|
|
* to benefit other developers, but you are under no enforced
|
|
* obligation to do so :)
|
|
*
|
|
* Please read the accompanying LICENSE document for the full WTFPL
|
|
* licensing text.
|
|
*/
|
|
|
|
if(!isset($_APP)) { die("Unauthorized."); }
|
|
|
|
if(!empty($_SESSION['user_id']))
|
|
{
|
|
flash_notice("You are already logged in.");
|
|
redirect("/");
|
|
}
|
|
|
|
if(strtolower($_SERVER['REQUEST_METHOD']) == "post")
|
|
{
|
|
if(empty($_POST['username']) || !preg_match("/^[a-zA-Z0-9-.]+$/", $_POST['username']))
|
|
{
|
|
flash_error("You did not enter a valid username. Your username can only contain a-z, A-Z, 0-9, dots, and dashes.");
|
|
}
|
|
elseif(User::CheckIfUsernameExists($_POST['username']))
|
|
{
|
|
flash_error("The username you entered is already in use. Please pick a different username.");
|
|
}
|
|
|
|
if(empty($_POST['email']) || !filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
|
|
{
|
|
flash_error("You did not enter a valid e-mail address.");
|
|
}
|
|
elseif(User::CheckIfEmailExists($_POST['email']))
|
|
{
|
|
flash_error("The e-mail address you entered is already in use. Did you <a href=\"/forgot-password\">forget your password</a>?");
|
|
}
|
|
|
|
if(empty($_POST['password']) || strlen($_POST['password']) < 8)
|
|
{
|
|
flash_error("You did not enter a valid password. Your password has to be at least 8 characters.");
|
|
}
|
|
elseif(empty($_POST['password2']) || $_POST['password'] != $_POST['password2'])
|
|
{
|
|
flash_error("The passwords you entered did not match.");
|
|
}
|
|
|
|
if(count(get_errors(false)) == 0)
|
|
{
|
|
$sUser = new User(0);
|
|
$sUser->uUsername = $_POST['username'];
|
|
$sUser->uPassword = $_POST['password'];
|
|
$sUser->uEmailAddress = $_POST['email'];
|
|
$sUser->uActivationKey = random_string(16);
|
|
$sUser->GenerateSalt();
|
|
$sUser->GenerateHash();
|
|
$sUser->InsertIntoDatabase();
|
|
|
|
send_mail($_POST['email'], "Please confirm your registration at BoxOnABudget.",
|
|
NewTemplater::Render("email/signup.txt", $locale->strings, array(
|
|
"confirmation-url" => "http://boxonabudget.com/account/confirm/{$sUser->sEmailAddress}/{$sUser->sActivationKey}/",
|
|
"name" => $sUser->uUsername)), /* we don't want a HTML-entities-encoded version here */
|
|
NewTemplater::Render("email/layout.html", $locale->strings, array(
|
|
"contents" => NewTemplater::Render("email/signup.html", $locale->strings, array(
|
|
"confirmation-url" => "http://boxonabudget.com/account/confirm/{$sUser->sEmailAddress}/{$sUser->sActivationKey}/",
|
|
"name" => $sUser->sUsername))
|
|
))
|
|
);
|
|
|
|
$sPageContents = NewTemplater::Render("signup/success", $locale->strings, array());
|
|
$sPageTitle = "Thanks for signing up!";
|
|
return;
|
|
}
|
|
}
|
|
|
|
$sPageContents = NewTemplater::Render("signup/form", $locale->strings, array());
|
|
$sPageTitle = "Sign up";
|