BUGFIX: fixed some html validation errors
[e-DoKo.git] / include / register.php
1 <?php
2 /* Copyright 2006, 2007, 2008, 2009, 2010 Arun Persaud <arun@nubati.net>
3  *
4  *   This file is part of e-DoKo.
5  *
6  *   e-DoKo is free software: you can redistribute it and/or modify
7  *   it under the terms of the GNU General Public License as published by
8  *   the Free Software Foundation, either version 3 of the License, or
9  *   (at your option) any later version.
10  *
11  *   e-DoKo is distributed in the hope that it will be useful,
12  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *   GNU General Public License for more details.
15  *
16  *   You should have received a copy of the GNU General Public License
17  *   along with e-DoKo.  If not, see <http://www.gnu.org/licenses/>.
18  *
19  */
20
21 /* make sure that we are not called from outside the scripts,
22  * use a variable defined in config.php to check this
23  */
24 if(!isset($HOST))
25   exit;
26
27 /* new user wants to register */
28 if(myisset("Rfullname","Remail","Rtimezone") )
29   {
30     global $HOST,$INDEX;
31
32     /* is this name already in use/ */
33     $ok=1;
34     if(DB_get_userid('name',$_REQUEST['Rfullname']))
35       {
36         echo "please chose another name<br />";
37         $ok=0;
38       }
39     /* check if email address is already used */
40     if(DB_get_userid('email',$_REQUEST['Remail']))
41       {
42         echo "this email address is already used ?!<br />";
43         $ok=0;
44       }
45     /* need either openid or password */
46     if(!myisset('Rpassword')  &&  !myisset('Ropenid'))
47       {
48         echo "I need either a Password or an Openid url.<br />";
49         $ok=0;
50       }
51
52     /* check against robots */
53     $robots=0; /* at least one anti-robot question needs to be answered */
54     if(myisset('Robotproof0'))
55       {
56         if($_REQUEST['Robotproof0']!=42)
57           $ok=0;
58         else
59           $robot=1;
60       }
61     else if(myisset('Robotproof1'))
62       {
63         if($_REQUEST['Robotproof1']!=35)
64           $ok=0;
65         else
66           $robot=1;
67       }
68     else if(myisset('Robotproof2'))
69       {
70         if($_REQUEST['Robotproof2']!=28)
71           $ok=0;
72         else
73           $robot=1;
74       }
75     else if(myisset('Robotproof3'))
76       {
77         if($_REQUEST['Robotproof3']!=21)
78           $ok=0;
79         else
80           $robot=1;
81       }
82     else if(myisset('Robotproof4'))
83       {
84         if($_REQUEST['Robotproof4']!=14)
85           $ok=0;
86         else
87           $robot=1;
88       }
89     if($robot==0)
90       {
91         echo "You answered the math question wrong. <br />\n";
92         $ok=0;
93       }
94     /* everything ok, go ahead and create user */
95     if($ok)
96       {
97         if(myisset('Rpassword'))
98           {
99             $r=DB_query("INSERT INTO User VALUES(NULL,".DB_quote_smart($_REQUEST["Rfullname"]).
100                         ",".DB_quote_smart($_REQUEST["Remail"]).
101                         ",".DB_quote_smart(md5($_REQUEST["Rpassword"])).
102                         ",".DB_quote_smart($_REQUEST["Rtimezone"]).",NULL,NULL)");
103           }
104         else if(myisset('Ropenid'))
105           {
106             $password = $_REQUEST["Rfullname"].preg_replace('/([ ])/e', 'chr(rand(33,122))', '               ');
107             $r=DB_query("INSERT INTO User VALUES(NULL,".DB_quote_smart($_REQUEST["Rfullname"]).
108                         ",".DB_quote_smart($_REQUEST["Remail"]).
109                         ",".DB_quote_smart(md5($password)).
110                         ",".DB_quote_smart($_REQUEST["Rtimezone"]).",NULL,NULL)");
111             if($r)
112               {
113                 include_once('openid.php');
114                 $myid = DB_get_userid('email',$_REQUEST['Remail']);
115                 DB_AttachOpenID($_REQUEST['Ropenid'], $myid);
116               }
117           }
118         else
119           {
120             echo 'Error during registration, please contact '.$ADMIN_NAME.' at '.$ADMIN_EMAIL;
121           }
122         if($r)
123           {
124             /* Set session, so that new user doesn't need to log in */
125             $myname = DB_get_name('email',$_REQUEST['Remail']);
126             $_SESSION["name"] = $myname;
127
128             echo " Welcome to e-DoKo, you are now registered, please visit the".
129               " <a href=\"".$HOST.$INDEX."\">homepage</a> to continue.";
130           }
131         else
132           echo " something went wrong, couldn't add you to the database, please contact $ADMIN_NAME at $ADMIN_EMAIL.";
133       }
134     else
135       {
136         echo "Couldn't register you. Please <a href=\"index.php?action=register\">try again</a>! </br />\n";
137       }
138   }
139  else
140    {
141      /* No information for new user given, ouput a page for registration */
142
143      /* check for openid information */
144      $openid_url = '';
145      $name       = '';
146      $email      = '';
147      if(myisset('openid_url'))
148        $openid_url = $_REQUEST['openid_url'];
149      if(myisset('openidname'))
150        $name       = $_REQUEST['openidname'];
151      if(myisset('openidemail'))
152        $email      = $_REQUEST['openidemail'];
153
154      if($openid_url=='')
155        echo "<p><br /><strong> IMPORTANT: passwords are going over the net as clear text, so pick an easy password. ".
156          "No need to pick anything complicated here ;)<br />";
157      echo "N.B. Your email address will be exposed to other players whom you play games with. ";
158      echo "<br /><br /></strong></p>";
159      echo '        <form action="index.php?action=register" method="post">';
160      echo '          <fieldset>';
161      echo '            <legend>Register</legend>';
162      echo '             <table>';
163      echo '              <tr>';
164      echo '               <td><label for="Rfullname">Full name:</label></td>';
165      echo "            <td><input type=\"text\" id=\"Rfullname\" name=\"Rfullname\" size=\"20\" maxlength=\"30\" value=\"$name\" /> </td>";
166      echo '              </tr><tr>';
167      echo '               <td><label for="Remail">Email:</label></td>';
168      echo "            <td><input type=\"text\" id=\"Remail\" name=\"Remail\" size=\"20\" maxlength=\"30\" value=\"$email\" /></td>";
169      echo '              </tr><tr>';
170      if($openid_url=='')
171        {
172          echo '        <td><label for="Rpassword">Password(will be displayed in cleartext on the next page):</label></td>';
173          echo '               <td><input type="password" id="Rpassword" name="Rpassword" size="20" maxlength="30" /></td>';
174          echo '              </tr><tr>';
175        }
176      else
177        {
178          echo '        <td><label for="Ropenid">OpenId:</label></td>';
179          echo '               <td><input type="text" id="Ropenid" name="Ropenid" size="20" maxlength="50" value="'.htmlentities($openid_url).'" /></td>';
180          echo '              </tr><tr>';
181        }
182      echo '            <td><label for="Rtimezone">Timezone:</label></td>';
183      echo '               <td>';
184
185      output_select_timezone("Rtimezone");
186 ?>
187                </td>
188               </tr><tr>
189               </tr><tr>
190 <?php
191               /* random number to select robotproof question */
192               $rand_number = mt_rand(0,3); /* to get numbers between 0 and 4  */
193               $Robotproof = "Robotproof".$rand_number;
194 ?>
195                 <td><label for="Robotproof">Please answer this question: <?php echo output_robotproof($rand_number); ?></label></td>
196 <?php
197          echo "<td><input type=\"text\" id=\"$Robotproof\" name=\"$Robotproof\" size=\"20\" maxlength=\"30\" /></td>\n";
198 ?>
199               </tr><tr>
200                <td colspan="2"> <input type="submit" value="register" /></td>
201               </tr>
202              </table>
203           </fieldset>
204         </form>
205 <?php
206    }
207 ?>