forked from jegelstaff/formulize
-
Notifications
You must be signed in to change notification settings - Fork 0
/
new_user.php
148 lines (125 loc) · 6.84 KB
/
new_user.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
<?php
include "mainfile.php";
include "header.php";
include_once ICMS_ROOT_PATH .'/include/functions.php';
include_once ICMS_ROOT_PATH .'/modules/profile/include/forms.php';
include_once ICMS_ROOT_PATH . '/modules/formulize/include/functions.php';
include ICMS_ROOT_PATH .'/include/registerform.php';
include_once ICMS_ROOT_PATH . '/modules/profile/language/english/main.php';
include_once ICMS_ROOT_PATH .'/language/english/user.php';
include_once(XOOPS_ROOT_PATH.'/integration_api.php');
//protect against an attempt to directly enter the url into the browser for this page. Don't want it to be too public.
if (isset($_GET['newuser']) && ($_GET['newuser'] == $_SESSION['newuser'])) {
//on first transition to the page we want to render the form, after submission deal with validation of values and attempt to create new user
if (!isset($_POST["token"])){
renderRegForm();
}else{
//the condition where we know that we have submitted the form on this page and redirected
//need to validate the token aka fetch others and see if it matches any
$submittedToken =$_POST["token"];
$tokenHandler = xoops_getmodulehandler('token', 'formulize');
$token = $tokenHandler->get($submittedToken);
//attempt to get this token may have returned false
if($token){
//if we have uses left and can increment the number of uses that this token has seen
if($tokenHandler->incrementUses($token)){
$login_name = $_POST["login_name"];
//parse the space out of the name
$login_name = str_replace(' ', '', $login_name);
$uname = $_POST["uname"];
$email = $_POST["email"];
//make a random but fake password here since we anticipate the user to only need google login, unless they change it later
$pass = bin2hex(openssl_random_pseudo_bytes(32));
$vpass = $pass;
$timezone_offset = $_POST["timezone_offset"];
$member_handler = icms::handler('icms_member');
$user_handler = icms::handler('icms_member_user');
//perform a chek for if the password and verified one seem ok
$stop = $user_handler->userCheck($login_name, $uname, $email, $pass, $vpass);
if (empty($stop)) {
//setup password info
$icmspass = new icms_core_Password();
$salt = $icmspass->createSalt();
$enc_type = $icmsConfigUser['enc_type'];
$pass1 = $icmspass->encryptPass($pass, $salt, $enc_type);
$newuser =& $member_handler->createUser();
//attempt to create the user
$newuser->setVar('login_name', $login_name, TRUE);
$newuser->setVar('uname', $uname, TRUE);
$newuser->setVar('email', $email, TRUE);
$newuser->setVar('name', $login_name, TRUE);
$newuser->setVar('timezone_offset', $timezone_offset, TRUE);
$newuser->setVar('user_avatar', 'blank.gif', TRUE);
$newuser->setVar( 'theme', 'impresstheme', TRUE);
$newuser->setVar('level', 1, TRUE);
$newuser->setVar('pass', $pass1, TRUE);
$newuser->setVar('salt', $salt, TRUE);
$newuser->setVar('enc_type', $enc_type, TRUE);
if ($member_handler->insertUser($newuser)) {
//assign the user basic registered users group at the very least, and maybe other groups if those were selected
$newid = (int) $newuser->getVar('uid');
if (!$member_handler->addUserToGroup(XOOPS_GROUP_USERS, $newid)) {
echo _US_REGISTERNG;
include 'footer.php';
exit();
}
//see if there are other groups to add the user to
$tokenGroupsString = $token->getVar('groups');
$tokenGroups = explode(" ", $tokenGroupsString);
foreach($tokenGroups as $groupid) {
//check in case there were no groups at all stored
if($groupid != ""){
$member_handler->addUserToGroup(intval($groupid), $newid);
}
}
Formulize::init();
if(Formulize::createResourceMapping(Formulize::USER_RESOURCE, $_SESSION['email'], $newid)){
header("Location: ".XOOPS_URL."/?code=".$_GET['newuser']."&newcode=".$_GET['newuser']);
exit();
}
}
}
else {
//parse this back into an array so that we can display multiple errors
$icmsConfigUser["stop_error"] = explode("<br />", $stop);
renderRegForm();
}
}else{
//token was used too many times
$icmsConfigUser['token_error'] = 1;
renderRegForm();
}
}else{
//token was not same in this case
$icmsConfigUser['token_error'] = 1;
renderRegForm();
}
}
}else{
redirect_header(ICMS_URL.'/', 6, "Sorry, you don't have permission to access this area.");
}
include "footer.php";
function renderRegForm(){
global $icmsTpl, $icmsConfigUser;
$xoopsOption['template_main'] = 'profile_register.html';
$member_handler = icms::handler('icms_member');
$newuser = isset($_SESSION['profile']['uid']) ? $member_handler->getUser($_SESSION['profile']['uid']) : $member_handler->createUser();
$profile_handler = icms_getmodulehandler('profile', 'profile', 'profile');
$profile = $profile_handler->get($newuser->getVar('uid'));
$criteria = new icms_db_criteria_Compo();
$criteria->setSort('step_order');
$regstep_handler = icms_getmodulehandler('regstep', 'profile', 'profile');
$steps = $regstep_handler->getObjects($criteria);
if (count($steps) == 0) redirect_header(ICMS_URL.'/', 6, _MD_PROFILE_NOSTEPSAVAILABLE);
//set some of the inputs with the info we get from google
$newuser->setVar('login_name', str_replace(" ","",$_SESSION['name']));
$newuser->setVar('uname', $_SESSION['name']);
$newuser->setVar('email', $_SESSION['email']);
//set config to not use captcha but manual auth token from admin instead
$icmsConfigUser['use_captcha'] = 0;
$icmsConfigUser['use_token'] = 1;
$icmsConfigUser['exclude_pass'] = 1;
$reg_form = getRegisterForm($newuser, $profile, 0, $steps[0]);
$reg_form->assign($icmsTpl);
$reg_form->display();
}