1294 * Registers a user. This does not perform any type of login. |
1294 * Registers a user. This does not perform any type of login. |
1295 * @param string $username |
1295 * @param string $username |
1296 * @param string $password This should be unencrypted. |
1296 * @param string $password This should be unencrypted. |
1297 * @param string $email |
1297 * @param string $email |
1298 * @param string $real_name Optional, defaults to ''. |
1298 * @param string $real_name Optional, defaults to ''. |
1299 */ |
1299 * @param bool $coppa Optional. If true, the account is not activated initially and an admin activation request is sent. The caller is responsible for sending the address info and notice. |
1300 |
1300 */ |
1301 function create_user($username, $password, $email, $real_name = '') |
1301 |
|
1302 function create_user($username, $password, $email, $real_name = '', $coppa = false) |
1302 { |
1303 { |
1303 global $db, $session, $paths, $template, $plugins; // Common objects |
1304 global $db, $session, $paths, $template, $plugins; // Common objects |
1304 |
1305 |
1305 // Initialize AES |
1306 // Initialize AES |
1306 $aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE); |
1307 $aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE); |
1339 break; |
1340 break; |
1340 case 'admin': |
1341 case 'admin': |
1341 $active = '0'; |
1342 $active = '0'; |
1342 break; |
1343 break; |
1343 } |
1344 } |
|
1345 if ( $coppa ) |
|
1346 $active = '0'; |
|
1347 |
|
1348 $coppa_col = ( $coppa ) ? '1' : '0'; |
1344 |
1349 |
1345 // Generate a totally random activation key |
1350 // Generate a totally random activation key |
1346 $actkey = sha1 ( microtime() . mt_rand() ); |
1351 $actkey = sha1 ( microtime() . mt_rand() ); |
1347 |
1352 |
1348 // We good, create the user |
1353 // We good, create the user |
1349 $this->sql('INSERT INTO '.table_prefix.'users ( username, password, email, real_name, theme, style, reg_time, account_active, activation_key, user_level ) VALUES ( \''.$username.'\', \''.$password.'\', \''.$email.'\', \''.$real_name.'\', \''.$template->default_theme.'\', \''.$template->default_style.'\', '.time().', '.$active.', \''.$actkey.'\', '.USER_LEVEL_CHPREF.' )'); |
1354 $this->sql('INSERT INTO '.table_prefix.'users ( username, password, email, real_name, theme, style, reg_time, account_active, activation_key, user_level, user_coppa ) VALUES ( \''.$username.'\', \''.$password.'\', \''.$email.'\', \''.$real_name.'\', \''.$template->default_theme.'\', \''.$template->default_style.'\', '.time().', '.$active.', \''.$actkey.'\', '.USER_LEVEL_CHPREF.', ' . $coppa_col . ' );'); |
1350 |
1355 |
1351 // Require the account to be activated? |
1356 // Require the account to be activated? |
1352 switch(getConfig('account_activation')) |
1357 if ( $coppa ) |
1353 { |
1358 { |
1354 case 'none': |
1359 $this->admin_activation_request($username); |
1355 default: |
1360 $this->send_coppa_mail($username,$email); |
1356 break; |
1361 } |
1357 case 'user': |
1362 else |
1358 $a = $this->send_activation_mail($username); |
1363 { |
1359 if(!$a) |
1364 switch(getConfig('account_activation')) |
1360 { |
1365 { |
|
1366 case 'none': |
|
1367 default: |
|
1368 break; |
|
1369 case 'user': |
|
1370 $a = $this->send_activation_mail($username); |
|
1371 if(!$a) |
|
1372 { |
|
1373 $this->admin_activation_request($username); |
|
1374 return 'The activation e-mail could not be sent due to an internal error. This could possibly be due to an incorrect SMTP configuration. A request has been sent to the administrator to activate your account for you. ' . $a; |
|
1375 } |
|
1376 break; |
|
1377 case 'admin': |
1361 $this->admin_activation_request($username); |
1378 $this->admin_activation_request($username); |
1362 return 'The activation e-mail could not be sent due to an internal error. This could possibly be due to an incorrect SMTP configuration. A request has been sent to the administrator to activate your account for you. ' . $a; |
1379 break; |
1363 } |
1380 } |
1364 break; |
|
1365 case 'admin': |
|
1366 $this->admin_activation_request($username); |
|
1367 break; |
|
1368 } |
1381 } |
1369 |
1382 |
1370 // Leave some data behind for the hook |
1383 // Leave some data behind for the hook |
1371 $code = $plugins->setHook('user_registered'); // , Array('username'=>$username)); |
1384 $code = $plugins->setHook('user_registered'); // , Array('username'=>$username)); |
1372 foreach ( $code as $cmd ) |
1385 foreach ( $code as $cmd ) |
1418 { |
1431 { |
1419 $result = smtp_send_email($r['email'], getConfig('site_name').' website account activation', preg_replace("#(?<!\r)\n#s", "\n", $message), getConfig('contact_email')); |
1432 $result = smtp_send_email($r['email'], getConfig('site_name').' website account activation', preg_replace("#(?<!\r)\n#s", "\n", $message), getConfig('contact_email')); |
1420 if($result == 'success') $result = true; |
1433 if($result == 'success') $result = true; |
1421 else { echo $result; $result = false; } |
1434 else { echo $result; $result = false; } |
1422 } else { |
1435 } else { |
|
1436 $result = mail($r['email'], getConfig('site_name').' website account activation', preg_replace("#(?<!\r)\n#s", "\n", $message), 'From: '.getConfig('contact_email')); |
|
1437 } |
|
1438 return $result; |
|
1439 } |
|
1440 |
|
1441 /** |
|
1442 * Attempts to send an e-mail to the specified user's e-mail address on file intended for the parents |
|
1443 * @param string $u The usernamd of the user requesting activation |
|
1444 * @return bool true on success, false on failure |
|
1445 */ |
|
1446 |
|
1447 function send_coppa_mail($u, $actkey = false) |
|
1448 { |
|
1449 |
|
1450 global $db, $session, $paths, $template, $plugins; // Common objects |
|
1451 |
|
1452 $q = $this->sql('SELECT username,email FROM '.table_prefix.'users WHERE user_id=2 OR user_level=' . USER_LEVEL_ADMIN . ' ORDER BY user_id ASC;'); |
|
1453 $un = $db->fetchrow(); |
|
1454 $admin_user = $un['username']; |
|
1455 |
|
1456 $q = $this->sql('SELECT username,activation_key,account_active,email FROM '.table_prefix.'users WHERE username=\''.$db->escape($u).'\';'); |
|
1457 $r = $db->fetchrow(); |
|
1458 if ( empty($r['email']) ) |
|
1459 $db->_die('BUG: $session->send_activation_mail(): no e-mail address in row'); |
|
1460 |
|
1461 if(isset($_SERVER['HTTPS'])) $prot = 'https'; |
|
1462 else $prot = 'http'; |
|
1463 if($_SERVER['SERVER_PORT'] == '80') $p = ''; |
|
1464 else $p = ':'.$_SERVER['SERVER_PORT']; |
|
1465 $sidbak = false; |
|
1466 if($this->sid_super) |
|
1467 $sidbak = $this->sid_super; |
|
1468 $this->sid_super = false; |
|
1469 if($sidbak) |
|
1470 $this->sid_super = $sidbak; |
|
1471 unset($sidbak); |
|
1472 $link = "$prot://".$_SERVER['HTTP_HOST'].scriptPath; |
|
1473 |
|
1474 $message = 'Dear parent or legal guardian, |
|
1475 A child under the username ' . $u . ' recently registered on our website. The child provided your e-mail address as the one of his or her authorized parent or legal guardian, and to comply with the United States Childrens\' Online Privacy Protection act, we ask that all parents of children ages 13 or under please mail us a written form authorizing their child\'s use of our website. |
|
1476 |
|
1477 If you wish for your child to be allowed access to our website, please print and fill out the form below, and mail it to this address: |
|
1478 |
|
1479 ' . getConfig('coppa_address') . ' |
|
1480 |
|
1481 If you do NOT wish for your child to be allowed access to our site, you do not need to do anything - your child will not be able to access our site as a registered user unless you authorize their account activation. |
|
1482 |
|
1483 Authorization form: |
|
1484 -------------------------------- Cut here -------------------------------- |
|
1485 |
|
1486 I, _______________________________________, the legal parent or guardian of the child registered on the website "' . getConfig('site_name') . '" as ' . $u . ', hereby give my authorization for the child\'s e-mail address, instant messaging information, location, and real name, to be collected and stored in a database owned and maintained by ' . getConfig('site_name') . ' at the child\'s option, and for the administrators of this website to use this information according to the privacy policy displayed on their website <' . $link . '>. |
|
1487 |
|
1488 Child\'s name: _____________________________________ |
|
1489 |
|
1490 Child\'s e-mail address: _____________________________________ |
|
1491 (optional - if you don\'t provide this, we\'ll just send site-related e-mails to your e-mail address) |
|
1492 |
|
1493 Signature of parent or guardian: |
|
1494 |
|
1495 ____________________________________________________ |
|
1496 |
|
1497 Date (YYYY-MM-DD): ______ / _____ / _____ |
|
1498 |
|
1499 -------------------------------- Cut here --------------------------------'; |
|
1500 $message .= "\n\nSincerely yours, \n$admin_user and the ".$_SERVER['HTTP_HOST']." administration team"; |
|
1501 |
|
1502 error_reporting(E_ALL); |
|
1503 |
|
1504 dc_dump($r, 'session: about to send COPPA e-mail to '.$r['email']); |
|
1505 if(getConfig('smtp_enabled') == '1') |
|
1506 { |
|
1507 $result = smtp_send_email($r['email'], getConfig('site_name').' website account activation', preg_replace("#(?<!\r)\n#s", "\n", $message), getConfig('contact_email')); |
|
1508 if($result == 'success') |
|
1509 { |
|
1510 $result = true; |
|
1511 } |
|
1512 else |
|
1513 { |
|
1514 echo $result; |
|
1515 $result = false; |
|
1516 } |
|
1517 } |
|
1518 else |
|
1519 { |
1423 $result = mail($r['email'], getConfig('site_name').' website account activation', preg_replace("#(?<!\r)\n#s", "\n", $message), 'From: '.getConfig('contact_email')); |
1520 $result = mail($r['email'], getConfig('site_name').' website account activation', preg_replace("#(?<!\r)\n#s", "\n", $message), 'From: '.getConfig('contact_email')); |
1424 } |
1521 } |
1425 return $result; |
1522 return $result; |
1426 } |
1523 } |
1427 |
1524 |