include/register.php

   1 <?php
   2 /* Copyright 2006, 2007, 2008, 2009, 2010 Arun Persaud <arun@nubati.net>
   3  *
   4  *   This file is part of e-DoKo.
   5  *
   6  *   e-DoKo is free software: you can redistribute it and/or modify
   7  *   it under the terms of the GNU General Public License as published by
   8  *   the Free Software Foundation, either version 3 of the License, or
   9  *   (at your option) any later version.
  10  *
  11  *   e-DoKo is distributed in the hope that it will be useful,
  12  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *   GNU General Public License for more details.
  15  *
  16  *   You should have received a copy of the GNU General Public License
  17  *   along with e-DoKo.  If not, see <http://www.gnu.org/licenses/>.
  18  *
  19  */
  20
  21 /* make sure that we are not called from outside the scripts,
  22  * use a variable defined in config.php to check this
  23  */
  24 if(!isset($HOST))
  25   exit;
  26
  27 /* new user wants to register */
  28 if(myisset("Rfullname","Remail","Rtimezone") )
  29   {
  30     global $HOST,$INDEX;
  31
  32     /* is this name already in use/ */
  33     $ok=1;
  34     if(DB_get_userid('name',$_REQUEST['Rfullname']))
  35       {
  36         echo "please chose another name<br />";
  37         $ok=0;
  38       }
  39     /* check if email address is already used */
  40     if(DB_get_userid('email',$_REQUEST['Remail']))
  41       {
  42         echo "this email address is already used ?!<br />";
  43         $ok=0;
  44       }
  45     /* need either openid or password */
  46     if(!myisset('Rpassword')  &&  !myisset('Ropenid'))
  47       {
  48         echo "I need either a Password or an Openid url.<br />";
  49         $ok=0;
  50       }
  51
  52     /* check against robots */
  53     $robots=0; /* at least one anti-robot question needs to be answered */
  54     if(myisset('Robotproof0'))
  55       {
  56         if($_REQUEST['Robotproof0']!=42)
  57           $ok=0;
  58         else
  59           $robot=1;
  60       }
  61     else if(myisset('Robotproof1'))
  62       {
  63         if($_REQUEST['Robotproof1']!=35)
  64           $ok=0;
  65         else
  66           $robot=1;
  67       }
  68     else if(myisset('Robotproof2'))
  69       {
  70         if($_REQUEST['Robotproof2']!=28)
  71           $ok=0;
  72         else
  73           $robot=1;
  74       }
  75     else if(myisset('Robotproof3'))
  76       {
  77         if($_REQUEST['Robotproof3']!=21)
  78           $ok=0;
  79         else
  80           $robot=1;
  81       }
  82     else if(myisset('Robotproof4'))
  83       {
  84         if($_REQUEST['Robotproof4']!=14)
  85           $ok=0;
  86         else
  87           $robot=1;
  88       }
  89     if($robot==0)
  90       {
  91         echo "You answered the math question wrong. <br />\n";
  92         $ok=0;
  93       }
  94     /* everything ok, go ahead and create user */
  95     if($ok)
  96       {
  97         if(myisset('Rpassword'))
  98           {
  99             $r=DB_query("INSERT INTO User VALUES(NULL,".DB_quote_smart($_REQUEST["Rfullname"]).
 100                         ",".DB_quote_smart($_REQUEST["Remail"]).
 101                         ",".DB_quote_smart(md5($_REQUEST["Rpassword"])).
 102                         ",".DB_quote_smart($_REQUEST["Rtimezone"]).",NULL,NULL)");
 103           }
 104         else if(myisset('Ropenid'))
 105           {
 106             $password = $_REQUEST["Rfullname"].preg_replace('/([ ])/e', 'chr(rand(33,122))', '               ');
 107             $r=DB_query("INSERT INTO User VALUES(NULL,".DB_quote_smart($_REQUEST["Rfullname"]).
 108                         ",".DB_quote_smart($_REQUEST["Remail"]).
 109                         ",".DB_quote_smart(md5($password)).
 110                         ",".DB_quote_smart($_REQUEST["Rtimezone"]).",NULL,NULL)");
 111             if($r)
 112               {
 113                 include_once('openid.php');
 114                 $myid = DB_get_userid('email',$_REQUEST['Remail']);
 115                 DB_AttachOpenID($_REQUEST['Ropenid'], $myid);
 116               }
 117           }
 118         else
 119           {
 120             echo 'Error during registration, please contact '.$ADMIN_NAME.' at '.$ADMIN_EMAIL;
 121           }
 122         if($r)
 123           {
 124             /* Set session, so that new user doesn't need to log in */
 125             $myname = DB_get_name('email',$_REQUEST['Remail']);
 126             $_SESSION["name"] = $myname;
 127
 128             echo " Welcome to e-DoKo, you are now registered, please visit the".
 129               " <a href=\"".$HOST.$INDEX."\">homepage</a> to continue.";
 130           }
 131         else
 132           echo " something went wrong, couldn't add you to the database, please contact $ADMIN_NAME at $ADMIN_EMAIL.";
 133       }
 134     else
 135       {
 136         echo "Couldn't register you. Please <a href=\"index.php?action=register\">try again</a>! </br />\n";
 137       }
 138   }
 139  else
 140    {
 141      /* No information for new user given, ouput a page for registration */
 142
 143      /* check for openid information */
 144      $openid_url = '';
 145      $name       = '';
 146      $email      = '';
 147      if(myisset('openid_url'))
 148        $openid_url = $_REQUEST['openid_url'];
 149      if(myisset('openidname'))
 150        $name       = $_REQUEST['openidname'];
 151      if(myisset('openidemail'))
 152        $email      = $_REQUEST['openidemail'];
 153
 154      if($openid_url=='')
 155        echo "<p><br /><strong> IMPORTANT: passwords are going over the net as clear text, so pick an easy password. ".
 156          "No need to pick anything complicated here ;)<br />";
 157      echo "N.B. Your email address will be exposed to other players whom you play games with. ";
 158      echo "<br /><br /></strong></p>";
 159      echo '        <form action="index.php?action=register" method="post">';
 160      echo '          <fieldset>';
 161      echo '            <legend>Register</legend>';
 162      echo '             <table>';
 163      echo '              <tr>';
 164      echo '               <td><label for="Rfullname">Full name:</label></td>';
 165      echo "            <td><input type=\"text\" id=\"Rfullname\" name=\"Rfullname\" size=\"20\" maxlength=\"30\" value=\"$name\" /> </td>";
 166      echo '              </tr><tr>';
 167      echo '               <td><label for="Remail">Email:</label></td>';
 168      echo "            <td><input type=\"text\" id=\"Remail\" name=\"Remail\" size=\"20\" maxlength=\"30\" value=\"$email\" /></td>";
 169      echo '              </tr><tr>';
 170      if($openid_url=='')
 171        {
 172          echo '        <td><label for="Rpassword">Password(will be displayed in cleartext on the next page):</label></td>';
 173          echo '               <td><input type="password" id="Rpassword" name="Rpassword" size="20" maxlength="30" /></td>';
 174          echo '              </tr><tr>';
 175        }
 176      else
 177        {
 178          echo '        <td><label for="Ropenid">OpenId:</label></td>';
 179          echo '               <td><input type="text" id="Ropenid" name="Ropenid" size="20" maxlength="50" value="'.htmlentities($openid_url).'" /></td>';
 180          echo '              </tr><tr>';
 181        }
 182      echo '            <td><label for="Rtimezone">Timezone:</label></td>';
 183      echo '               <td>';
 184
 185      output_select_timezone("Rtimezone");
 186 ?>
 187                </td>
 188               </tr><tr>
 189               </tr><tr>
 190 <?php
 191               /* random number to select robotproof question */
 192               $rand_number = mt_rand(0,3); /* to get numbers between 0 and 4  */
 193               $Robotproof = "Robotproof".$rand_number;
 194 ?>
 195                 <td><label for="Robotproof">Please answer this question: <?php echo output_robotproof($rand_number); ?></label></td>
 196 <?php
 197          echo "<td><input type=\"text\" id=\"$Robotproof\" name=\"$Robotproof\" size=\"20\" maxlength=\"30\" /></td>\n";
 198 ?>
 199               </tr><tr>
 200                <td colspan="2"> <input type="submit" value="register" /></td>
 201               </tr>
 202              </table>
 203           </fieldset>
 204         </form>
 205 <?php
 206    }
 207 ?>