diff -r c8fc1493eacd -r 032ca892b9a2 plugins/yubikey/usercp.php
--- a/plugins/yubikey/usercp.php	Sun Mar 01 21:44:08 2009 -0500
+++ b/plugins/yubikey/usercp.php	Sun Mar 01 21:45:44 2009 -0500
@@ -6,6 +6,9 @@
 $plugins->attachHook("userprefs_jbox", "yubikey_ucp_setup();");
 $plugins->attachHook("userprefs_body", "return yubikey_user_cp(\$section);");
 $plugins->attachHook("login_form_html", "yubikey_inject_html_login();");
+$plugins->attachHook("ucp_register_form", "yubikey_inject_registration_form();");
+$plugins->attachHook("ucp_register_validate", "yubikey_register_validate(\$error);");
+$plugins->attachHook("user_registered", "yubikey_register_insert_key(\$user_id);");
 
 function yubikey_ucp_setup()
 {
@@ -268,3 +271,76 @@
   <?php
 }
 
+function yubikey_inject_registration_form()
+{
+  global $lang;
+  
+  $preset_otp = isset($_POST['yubikey_otp']) ? $_POST['yubikey_otp'] : false;
+  ?>
+  <tr>
+    <td class="row1">
+      <?php echo $lang->get('yubiucp_reg_field_otp'); ?><br />
+      <small><?php
+        if ( getConfig('yubikey_reg_require_otp', '0') == '1' )
+          echo $lang->get('yubiucp_reg_field_otp_hint_required');
+        else
+          echo $lang->get('yubiucp_reg_field_otp_hint_optional');
+      ?></small>
+    </td>
+    <td class="row1">
+      <?php
+      echo generate_yubikey_field('yubikey_otp', $preset_otp);
+      ?>
+    </td>
+    <td class="row1">
+    </td>
+  </tr>
+  <?php
+}
+
+function yubikey_register_validate(&$error)
+{
+  global $db, $session, $paths, $template, $plugins; // Common objects
+  global $lang;
+  
+  $otp_required = getConfig('yubikey_reg_require_otp', '0') == '1';
+  $have_otp = !empty($_POST['yubikey_otp']);
+  if ( $otp_required && !$have_otp )
+  {
+    $error = $lang->get('yubiucp_reg_err_otp_required');
+    return false;
+  }
+  if ( $have_otp )
+  {
+    $result = yubikey_validate_otp($_POST['yubikey_otp']);
+    if ( !$result['success'] )
+    {
+      $error = '<b>' . $lang->get('yubiucp_reg_err_otp_invalid') . '</b><br />' . $lang->get("yubiauth_err_{$result['error']}");
+      return false;
+    }
+    // check for double enrollment
+    $yubi_uid = substr($_POST['yubikey_otp'], 0, 12);
+    // Note on SQL injection: yubikey_validate_otp() has already ensured that this is safe
+    $q = $db->sql_query('SELECT 1 FROM ' . table_prefix . "yubikey WHERE yubi_uid = '$yubi_uid';");
+    if ( !$q )
+      $db->_die();
+    if ( $db->numrows() > 0 )
+    {
+      $error = '<b>' . $lang->get('yubiucp_reg_err_otp_invalid') . '</b><br />' . $lang->get('yubiucp_err_double_enrollment_single');
+      return false;
+    }
+    $db->free_result();
+  }
+}
+
+function yubikey_register_insert_key($user_id)
+{
+  global $db, $session, $paths, $template, $plugins; // Common objects
+  if ( !empty($_POST['yubikey_otp']) )
+  {
+    $yubi_uid = $db->escape(substr($_POST['yubikey_otp'], 0, 12));
+    $q = $db->sql_query('INSERT INTO ' . table_prefix . "yubikey ( user_id, yubi_uid ) VALUES ( $user_id, '$yubi_uid' );");
+    if ( !$q )
+      $db->_die();
+  }
+}