BUGFIX: some email messages had newlines missing before the footer
[e-DoKo.git] / include / register.php
1 <?php
2 /* make sure that we are not called from outside the scripts,
3  * use a variable defined in config.php to check this
4  */
5 if(!isset($HOST))
6   exit;
7
8 /* new user wants to register */
9 if(myisset("Rfullname","Remail","Rtimezone") )
10   {
11     global $HOST,$INDEX;
12
13     /* is this name already in use/ */
14     $ok=1;
15     if(DB_get_userid('name',$_REQUEST['Rfullname']))
16       {
17         echo "please chose another name<br />";
18         $ok=0;
19       }
20     /* check if email address is already used */
21     if(DB_get_userid('email',$_REQUEST['Remail']))
22       {
23         echo "this email address is already used ?!<br />";
24         $ok=0;
25       }
26     /* need either openid or password */
27     if(!myisset('Rpassword')  &&  !myisset('Ropenid'))
28       {
29         echo "I need either a Password or an Openid url.<br />";
30         $ok=0;
31       }
32
33     /* check against robots */
34     $robots=0; /* at least one anti-robot question needs to be answered */
35     if(myisset('Robotproof0'))
36       {
37         if($_REQUEST['Robotproof0']!=42)
38           $ok=0;
39         else
40           $robot=1;
41       }
42     else if(myisset('Robotproof1'))
43       {
44         if($_REQUEST['Robotproof1']!=35)
45           $ok=0;
46         else
47           $robot=1;
48       }
49     else if(myisset('Robotproof2'))
50       {
51         if($_REQUEST['Robotproof2']!=28)
52           $ok=0;
53         else
54           $robot=1;
55       }
56     else if(myisset('Robotproof3'))
57       {
58         if($_REQUEST['Robotproof3']!=21)
59           $ok=0;
60         else
61           $robot=1;
62       }
63     else if(myisset('Robotproof4'))
64       {
65         if($_REQUEST['Robotproof4']!=14)
66           $ok=0;
67         else
68           $robot=1;
69       }
70     if($robot==0)
71       {
72         echo "You answered the math question wrong. <br />\n";
73         $ok=0;
74       }
75     /* everything ok, go ahead and create user */
76     if($ok)
77       {
78         if(myisset('Rpassword'))
79           {
80             $r=DB_query("INSERT INTO User VALUES(NULL,".DB_quote_smart($_REQUEST["Rfullname"]).
81                         ",".DB_quote_smart($_REQUEST["Remail"]).
82                         ",".DB_quote_smart(md5($_REQUEST["Rpassword"])).
83                         ",".DB_quote_smart($_REQUEST["Rtimezone"]).",NULL,NULL)");
84           }
85         else if(myisset('Ropenid'))
86           {
87             $password = $_REQUEST["Rfullname"].preg_replace('/([ ])/e', 'chr(rand(33,122))', '               ');
88             $r=DB_query("INSERT INTO User VALUES(NULL,".DB_quote_smart($_REQUEST["Rfullname"]).
89                         ",".DB_quote_smart($_REQUEST["Remail"]).
90                         ",".DB_quote_smart(md5($password)).
91                         ",".DB_quote_smart($_REQUEST["Rtimezone"]).",NULL,NULL)");
92             if($r)
93               {
94                 include_once('openid.php');
95                 $myid = DB_get_userid('email',$_REQUEST['Remail']);
96                 DB_AttachOpenID($_REQUEST['Ropenid'], $myid);
97               }
98           }
99         else
100           {
101             echo 'Error during registration, please contact '.$ADMIN_NAME.' at '.$ADMIN_EMAIL;
102           }
103         if($r)
104           {
105             /* Set session, so that new user doesn't need to log in */
106             $myname = DB_get_name('email',$_REQUEST['Remail']);
107             $_SESSION["name"] = $myname;
108
109             echo " Welcome to e-DoKo, you are now registered, please visit the".
110               " <a href=\"".$HOST.$INDEX."\">homepage</a> to continue.";
111           }
112         else
113           echo " something went wrong, couldn't add you to the database, please contact $ADMIN_NAME at $ADMIN_EMAIL.";
114       }
115     else
116       {
117         echo "Couldn't register you. Please <a href=\"index.php?action=register\">try again</a>! </br />\n";
118       }
119   }
120  else
121    {
122      /* No information for new user given, ouput a page for registration */
123
124      /* check for openid information */
125      $openid_url = '';
126      $name       = '';
127      $email      = '';
128      if(myisset('openid_url'))
129        $openid_url = $_REQUEST['openid_url'];
130      if(myisset('openidname'))
131        $name       = $_REQUEST['openidname'];
132      if(myisset('openidemail'))
133        $email      = $_REQUEST['openidemail'];
134
135      if($openid_url=='')
136        echo "<p><br /><strong> IMPORTANT: passwords are going over the net as clear text, so pick an easy password. ".
137          "No need to pick anything complicated here ;)<br />";
138      echo "N.B. Your email address will be exposed to other players whom you play games with. ";
139      echo "<br /><br /></strong></p>";
140      echo '        <form action="index.php?action=register" method="post">';
141      echo '          <fieldset>';
142      echo '            <legend>Register</legend>';
143      echo '             <table>';
144      echo '              <tr>';
145      echo '               <td><label for="Rfullname">Full name:</label></td>';
146      echo "            <td><input type=\"text\" id=\"Rfullname\" name=\"Rfullname\" size=\"20\" maxlength=\"30\" value=\"$name\" /> </td>";
147      echo '              </tr><tr>';
148      echo '               <td><label for="Remail">Email:</label></td>';
149      echo "            <td><input type=\"text\" id=\"Remail\" name=\"Remail\" size=\"20\" maxlength=\"30\" value=\"$email\" /></td>";
150      echo '              </tr><tr>';
151      if($openid_url=='')
152        {
153          echo '        <td><label for="Rpassword">Password(will be displayed in cleartext on the next page):</label></td>';
154          echo '               <td><input type="password" id="Rpassword" name="Rpassword" size="20" maxlength="30" /></td>';
155          echo '              </tr><tr>';
156        }
157      else
158        {
159          echo '        <td><label for="Ropenid">OpenId:</label></td>';
160          echo '               <td><input type="text" id="Ropenid" name="Ropenid" size="20" maxlength="50" value="'.htmlentities($openid_url).'" /></td>';
161          echo '              </tr><tr>';
162        }
163      echo '            <td><label for="Rtimezone">Timezone:</label></td>';
164      echo '               <td>';
165
166      output_select_timezone("Rtimezone");
167 ?>
168                </td>
169               </tr><tr>
170               </tr><tr>
171 <?php
172               /* random number to select robotproof question */
173               $rand_number = mt_rand(0,3); /* to get numbers between 0 and 4  */
174               $Robotproof = "Robotproof".$rand_number;
175 ?>
176                 <td><label for="Robotproof">Please answer this question: <?php echo output_robotproof($rand_number); ?></label></td>
177 <?php
178          echo "<td><input type=\"text\" id=\"$Robotproof\" name=\"$Robotproof\" size=\"20\" maxlength=\"30\" /></td>\n";
179 ?>
180               </tr><tr>
181                <td colspan="2"> <input type="submit" value="register" /></td>
182               </tr>
183              </table>
184           </fieldset>
185         </form>
186 <?php
187    }
188 ?>