Mercurial > hg > vamp-website

annotate forum/Sources/ManageRegistration.php @ 76:e3e11437ecea website

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add forum code
author Chris Cannam
date Sun, 07 Jul 2013 11:25:48 +0200
parents
children
rev   line source
Chris@76 1 <?php
Chris@76 2
Chris@76 3 /**
Chris@76 4 * Simple Machines Forum (SMF)
Chris@76 5 *
Chris@76 6 * @package SMF
Chris@76 7 * @author Simple Machines http://www.simplemachines.org
Chris@76 8 * @copyright 2011 Simple Machines
Chris@76 9 * @license http://www.simplemachines.org/about/smf/license.php BSD
Chris@76 10 *
Chris@76 11 * @version 2.0
Chris@76 12 */
Chris@76 13
Chris@76 14 if (!defined('SMF'))
Chris@76 15 die('Hacking attempt...');
Chris@76 16
Chris@76 17 /* This file helps the administrator setting registration settings and policy
Chris@76 18 as well as allow the administrator to register new members themselves.
Chris@76 19
Chris@76 20 void RegCenter()
Chris@76 21 - entrance point for the registration center.
Chris@76 22 - accessed by ?action=admin;area=regcenter.
Chris@76 23 - requires either the moderate_forum or the admin_forum permission.
Chris@76 24 - loads the Login language file and the Register template.
Chris@76 25 - calls the right function based on the subaction.
Chris@76 26
Chris@76 27 void AdminRegister()
Chris@76 28 - a function to register a new member from the admin center.
Chris@76 29 - accessed by ?action=admin;area=regcenter;sa=register
Chris@76 30 - requires the moderate_forum permission.
Chris@76 31 - uses the admin_register sub template of the Register template.
Chris@76 32 - allows assigning a primary group to the member being registered.
Chris@76 33
Chris@76 34 void EditAgreement()
Chris@76 35 - allows the administrator to edit the registration agreement, and
Chris@76 36 choose whether it should be shown or not.
Chris@76 37 - accessed by ?action=admin;area=regcenter;sa=agreement.
Chris@76 38 - uses the Admin template and the edit_agreement sub template.
Chris@76 39 - requires the admin_forum permission.
Chris@76 40 - uses the edit_agreement administration area.
Chris@76 41 - writes and saves the agreement to the agreement.txt file.
Chris@76 42
Chris@76 43 void SetReserve()
Chris@76 44 - set the names under which users are not allowed to register.
Chris@76 45 - accessed by ?action=admin;area=regcenter;sa=reservednames.
Chris@76 46 - requires the admin_forum permission.
Chris@76 47 - uses the reserved_words sub template of the Register template.
Chris@76 48
Chris@76 49 void ModifyRegistrationSettings()
Chris@76 50 - set general registration settings and Coppa compliance settings.
Chris@76 51 - accessed by ?action=admin;area=regcenter;sa=settings.
Chris@76 52 - requires the admin_forum permission.
Chris@76 53 */
Chris@76 54
Chris@76 55 // Main handling function for the admin approval center
Chris@76 56 function RegCenter()
Chris@76 57 {
Chris@76 58 global $modSettings, $context, $txt, $scripturl;
Chris@76 59
Chris@76 60 // Old templates might still request this.
Chris@76 61 if (isset($_REQUEST['sa']) && $_REQUEST['sa'] == 'browse')
Chris@76 62 redirectexit('action=admin;area=viewmembers;sa=browse' . (isset($_REQUEST['type']) ? ';type=' . $_REQUEST['type'] : ''));
Chris@76 63
Chris@76 64 $subActions = array(
Chris@76 65 'register' => array('AdminRegister', 'moderate_forum'),
Chris@76 66 'agreement' => array('EditAgreement', 'admin_forum'),
Chris@76 67 'reservednames' => array('SetReserve', 'admin_forum'),
Chris@76 68 'settings' => array('ModifyRegistrationSettings', 'admin_forum'),
Chris@76 69 );
Chris@76 70
Chris@76 71 // Work out which to call...
Chris@76 72 $context['sub_action'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : (allowedTo('moderate_forum') ? 'register' : 'settings');
Chris@76 73
Chris@76 74 // Must have sufficient permissions.
Chris@76 75 isAllowedTo($subActions[$context['sub_action']][1]);
Chris@76 76
Chris@76 77 // Loading, always loading.
Chris@76 78 loadLanguage('Login');
Chris@76 79 loadTemplate('Register');
Chris@76 80
Chris@76 81 // Next create the tabs for the template.
Chris@76 82 $context[$context['admin_menu_name']]['tab_data'] = array(
Chris@76 83 'title' => $txt['registration_center'],
Chris@76 84 'help' => 'registrations',
Chris@76 85 'description' => $txt['admin_settings_desc'],
Chris@76 86 'tabs' => array(
Chris@76 87 'register' => array(
Chris@76 88 'description' => $txt['admin_register_desc'],
Chris@76 89 ),
Chris@76 90 'agreement' => array(
Chris@76 91 'description' => $txt['registration_agreement_desc'],
Chris@76 92 ),
Chris@76 93 'reservednames' => array(
Chris@76 94 'description' => $txt['admin_reserved_desc'],
Chris@76 95 ),
Chris@76 96 'settings' => array(
Chris@76 97 'description' => $txt['admin_settings_desc'],
Chris@76 98 )
Chris@76 99 )
Chris@76 100 );
Chris@76 101
Chris@76 102 // Finally, get around to calling the function...
Chris@76 103 $subActions[$context['sub_action']][0]();
Chris@76 104 }
Chris@76 105
Chris@76 106 // This function allows the admin to register a new member by hand.
Chris@76 107 function AdminRegister()
Chris@76 108 {
Chris@76 109 global $txt, $context, $sourcedir, $scripturl, $smcFunc;
Chris@76 110
Chris@76 111 if (!empty($_POST['regSubmit']))
Chris@76 112 {
Chris@76 113 checkSession();
Chris@76 114
Chris@76 115 foreach ($_POST as $key => $value)
Chris@76 116 if (!is_array($_POST[$key]))
Chris@76 117 $_POST[$key] = htmltrim__recursive(str_replace(array("\n", "\r"), '', $_POST[$key]));
Chris@76 118
Chris@76 119 $regOptions = array(
Chris@76 120 'interface' => 'admin',
Chris@76 121 'username' => $_POST['user'],
Chris@76 122 'email' => $_POST['email'],
Chris@76 123 'password' => $_POST['password'],
Chris@76 124 'password_check' => $_POST['password'],
Chris@76 125 'check_reserved_name' => true,
Chris@76 126 'check_password_strength' => false,
Chris@76 127 'check_email_ban' => false,
Chris@76 128 'send_welcome_email' => isset($_POST['emailPassword']) || empty($_POST['password']),
Chris@76 129 'require' => isset($_POST['emailActivate']) ? 'activation' : 'nothing',
Chris@76 130 'memberGroup' => empty($_POST['group']) || !allowedTo('manage_membergroups') ? 0 : (int) $_POST['group'],
Chris@76 131 );
Chris@76 132
Chris@76 133 require_once($sourcedir . '/Subs-Members.php');
Chris@76 134 $memberID = registerMember($regOptions);
Chris@76 135 if (!empty($memberID))
Chris@76 136 {
Chris@76 137 $context['new_member'] = array(
Chris@76 138 'id' => $memberID,
Chris@76 139 'name' => $_POST['user'],
Chris@76 140 'href' => $scripturl . '?action=profile;u=' . $memberID,
Chris@76 141 'link' => '<a href="' . $scripturl . '?action=profile;u=' . $memberID . '">' . $_POST['user'] . '</a>',
Chris@76 142 );
Chris@76 143 $context['registration_done'] = sprintf($txt['admin_register_done'], $context['new_member']['link']);
Chris@76 144 }
Chris@76 145 }
Chris@76 146
Chris@76 147 // Basic stuff.
Chris@76 148 $context['sub_template'] = 'admin_register';
Chris@76 149 $context['page_title'] = $txt['registration_center'];
Chris@76 150
Chris@76 151 // Load the assignable member groups.
Chris@76 152 if (allowedTo('manage_membergroups'))
Chris@76 153 {
Chris@76 154 $request = $smcFunc['db_query']('', '
Chris@76 155 SELECT group_name, id_group
Chris@76 156 FROM {db_prefix}membergroups
Chris@76 157 WHERE id_group != {int:moderator_group}
Chris@76 158 AND min_posts = {int:min_posts}' . (allowedTo('admin_forum') ? '' : '
Chris@76 159 AND id_group != {int:admin_group}
Chris@76 160 AND group_type != {int:is_protected}') . '
Chris@76 161 AND hidden != {int:hidden_group}
Chris@76 162 ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
Chris@76 163 array(
Chris@76 164 'moderator_group' => 3,
Chris@76 165 'min_posts' => -1,
Chris@76 166 'admin_group' => 1,
Chris@76 167 'is_protected' => 1,
Chris@76 168 'hidden_group' => 2,
Chris@76 169 'newbie_group' => 4,
Chris@76 170 )
Chris@76 171 );
Chris@76 172 $context['member_groups'] = array(0 => $txt['admin_register_group_none']);
Chris@76 173 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76 174 $context['member_groups'][$row['id_group']] = $row['group_name'];
Chris@76 175 $smcFunc['db_free_result']($request);
Chris@76 176 }
Chris@76 177 else
Chris@76 178 $context['member_groups'] = array();
Chris@76 179 }
Chris@76 180
Chris@76 181 // I hereby agree not to be a lazy bum.
Chris@76 182 function EditAgreement()
Chris@76 183 {
Chris@76 184 global $txt, $boarddir, $context, $modSettings, $smcFunc, $settings;
Chris@76 185
Chris@76 186 // By default we look at agreement.txt.
Chris@76 187 $context['current_agreement'] = '';
Chris@76 188
Chris@76 189 // Is there more than one to edit?
Chris@76 190 $context['editable_agreements'] = array(
Chris@76 191 '' => $txt['admin_agreement_default'],
Chris@76 192 );
Chris@76 193
Chris@76 194 // Get our languages.
Chris@76 195 getLanguages();
Chris@76 196
Chris@76 197 // Try to figure out if we have more agreements.
Chris@76 198 foreach ($context['languages'] as $lang)
Chris@76 199 {
Chris@76 200 if (file_exists($boarddir . '/agreement.' . $lang['filename'] . '.txt'))
Chris@76 201 {
Chris@76 202 $context['editable_agreements']['.' . $lang['filename']] = $lang['name'];
Chris@76 203 // Are we editing this?
Chris@76 204 if (isset($_POST['agree_lang']) && $_POST['agree_lang'] == '.' . $lang['filename'])
Chris@76 205 $context['current_agreement'] = '.' . $lang['filename'];
Chris@76 206 }
Chris@76 207 }
Chris@76 208
Chris@76 209 if (isset($_POST['agreement']))
Chris@76 210 {
Chris@76 211 checkSession();
Chris@76 212
Chris@76 213 // Off it goes to the agreement file.
Chris@76 214 $fp = fopen($boarddir . '/agreement' . $context['current_agreement'] . '.txt', 'w');
Chris@76 215 fwrite($fp, str_replace("\r", '', $_POST['agreement']));
Chris@76 216 fclose($fp);
Chris@76 217
Chris@76 218 updateSettings(array('requireAgreement' => !empty($_POST['requireAgreement'])));
Chris@76 219 }
Chris@76 220
Chris@76 221 $context['agreement'] = file_exists($boarddir . '/agreement' . $context['current_agreement'] . '.txt') ? htmlspecialchars(file_get_contents($boarddir . '/agreement' . $context['current_agreement'] . '.txt')) : '';
Chris@76 222 $context['warning'] = is_writable($boarddir . '/agreement' . $context['current_agreement'] . '.txt') ? '' : $txt['agreement_not_writable'];
Chris@76 223 $context['require_agreement'] = !empty($modSettings['requireAgreement']);
Chris@76 224
Chris@76 225 $context['sub_template'] = 'edit_agreement';
Chris@76 226 $context['page_title'] = $txt['registration_agreement'];
Chris@76 227 }
Chris@76 228
Chris@76 229 // Set reserved names/words....
Chris@76 230 function SetReserve()
Chris@76 231 {
Chris@76 232 global $txt, $context, $modSettings;
Chris@76 233
Chris@76 234 // Submitting new reserved words.
Chris@76 235 if (!empty($_POST['save_reserved_names']))
Chris@76 236 {
Chris@76 237 checkSession();
Chris@76 238
Chris@76 239 // Set all the options....
Chris@76 240 updateSettings(array(
Chris@76 241 'reserveWord' => (isset($_POST['matchword']) ? '1' : '0'),
Chris@76 242 'reserveCase' => (isset($_POST['matchcase']) ? '1' : '0'),
Chris@76 243 'reserveUser' => (isset($_POST['matchuser']) ? '1' : '0'),
Chris@76 244 'reserveName' => (isset($_POST['matchname']) ? '1' : '0'),
Chris@76 245 'reserveNames' => str_replace("\r", '', $_POST['reserved'])
Chris@76 246 ));
Chris@76 247 }
Chris@76 248
Chris@76 249 // Get the reserved word options and words.
Chris@76 250 $modSettings['reserveNames'] = str_replace('\n', "\n", $modSettings['reserveNames']);
Chris@76 251 $context['reserved_words'] = explode("\n", $modSettings['reserveNames']);
Chris@76 252 $context['reserved_word_options'] = array();
Chris@76 253 $context['reserved_word_options']['match_word'] = $modSettings['reserveWord'] == '1';
Chris@76 254 $context['reserved_word_options']['match_case'] = $modSettings['reserveCase'] == '1';
Chris@76 255 $context['reserved_word_options']['match_user'] = $modSettings['reserveUser'] == '1';
Chris@76 256 $context['reserved_word_options']['match_name'] = $modSettings['reserveName'] == '1';
Chris@76 257
Chris@76 258 // Ready the template......
Chris@76 259 $context['sub_template'] = 'edit_reserved_words';
Chris@76 260 $context['page_title'] = $txt['admin_reserved_set'];
Chris@76 261 }
Chris@76 262
Chris@76 263 // This function handles registration settings, and provides a few pretty stats too while it's at it.
Chris@76 264 function ModifyRegistrationSettings($return_config = false)
Chris@76 265 {
Chris@76 266 global $txt, $context, $scripturl, $modSettings, $sourcedir;
Chris@76 267
Chris@76 268 // This is really quite wanting.
Chris@76 269 require_once($sourcedir . '/ManageServer.php');
Chris@76 270
Chris@76 271 $config_vars = array(
Chris@76 272 array('select', 'registration_method', array($txt['setting_registration_standard'], $txt['setting_registration_activate'], $txt['setting_registration_approval'], $txt['setting_registration_disabled'])),
Chris@76 273 array('check', 'enableOpenID'),
Chris@76 274 array('check', 'notify_new_registration'),
Chris@76 275 array('check', 'send_welcomeEmail'),
Chris@76 276 '',
Chris@76 277 array('int', 'coppaAge', 'subtext' => $txt['setting_coppaAge_desc'], 'onchange' => 'checkCoppa();'),
Chris@76 278 array('select', 'coppaType', array($txt['setting_coppaType_reject'], $txt['setting_coppaType_approval']), 'onchange' => 'checkCoppa();'),
Chris@76 279 array('large_text', 'coppaPost', 'subtext' => $txt['setting_coppaPost_desc']),
Chris@76 280 array('text', 'coppaFax'),
Chris@76 281 array('text', 'coppaPhone'),
Chris@76 282 );
Chris@76 283
Chris@76 284 if ($return_config)
Chris@76 285 return $config_vars;
Chris@76 286
Chris@76 287 // Setup the template
Chris@76 288 $context['sub_template'] = 'show_settings';
Chris@76 289 $context['page_title'] = $txt['registration_center'];
Chris@76 290
Chris@76 291 if (isset($_GET['save']))
Chris@76 292 {
Chris@76 293 checkSession();
Chris@76 294
Chris@76 295 // Are there some contacts missing?
Chris@76 296 if (!empty($_POST['coppaAge']) && !empty($_POST['coppaType']) && empty($_POST['coppaPost']) && empty($_POST['coppaFax']))
Chris@76 297 fatal_lang_error('admin_setting_coppa_require_contact');
Chris@76 298
Chris@76 299 // Post needs to take into account line breaks.
Chris@76 300 $_POST['coppaPost'] = str_replace("\n", '<br />', empty($_POST['coppaPost']) ? '' : $_POST['coppaPost']);
Chris@76 301
Chris@76 302 saveDBSettings($config_vars);
Chris@76 303
Chris@76 304 redirectexit('action=admin;area=regcenter;sa=settings');
Chris@76 305 }
Chris@76 306
Chris@76 307 $context['post_url'] = $scripturl . '?action=admin;area=regcenter;save;sa=settings';
Chris@76 308 $context['settings_title'] = $txt['settings'];
Chris@76 309
Chris@76 310 // Define some javascript for COPPA.
Chris@76 311 $context['settings_post_javascript'] = '
Chris@76 312 function checkCoppa()
Chris@76 313 {
Chris@76 314 var coppaDisabled = document.getElementById(\'coppaAge\').value == 0;
Chris@76 315 document.getElementById(\'coppaType\').disabled = coppaDisabled;
Chris@76 316
Chris@76 317 var disableContacts = coppaDisabled || document.getElementById(\'coppaType\').options[document.getElementById(\'coppaType\').selectedIndex].value != 1;
Chris@76 318 document.getElementById(\'coppaPost\').disabled = disableContacts;
Chris@76 319 document.getElementById(\'coppaFax\').disabled = disableContacts;
Chris@76 320 document.getElementById(\'coppaPhone\').disabled = disableContacts;
Chris@76 321 }
Chris@76 322 checkCoppa();';
Chris@76 323
Chris@76 324 // Turn the postal address into something suitable for a textbox.
Chris@76 325 $modSettings['coppaPost'] = !empty($modSettings['coppaPost']) ? preg_replace('~<br ?/?' . '>~', "\n", $modSettings['coppaPost']) : '';
Chris@76 326
Chris@76 327 prepareDBSettingContext($config_vars);
Chris@76 328 }
Chris@76 329
Chris@76 330 ?>