| [ Index ] |
|
Code source de Joomla 1.0.13 |
1 <?php 2 /** 3 * @version $Id: registration.php 7813 2007-06-29 06:04:09Z louis $ 4 * @package Joomla 5 * @copyright Copyright (C) 2005 Open Source Matters. All rights reserved. 6 * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php 7 * Joomla! is free software. This version may have been modified pursuant 8 * to the GNU General Public License, and as distributed it includes or 9 * is derivative of works licensed under the GNU General Public License or 10 * other free or open source software licenses. 11 * See COPYRIGHT.php for copyright notices and details. 12 */ 13 14 // no direct access 15 defined( '_VALID_MOS' ) or die( 'Restricted access' ); 16 17 global $mosConfig_frontend_login; 18 19 require_once( $mainframe->getPath( 'front_html' ) ); 20 21 if ( $mosConfig_frontend_login != NULL && ($mosConfig_frontend_login === 0 || $mosConfig_frontend_login === '0')) { 22 echo _NOT_AUTH; 23 return; 24 } 25 26 switch( $task ) { 27 case 'lostPassword': 28 lostPassForm( $option ); 29 break; 30 31 case 'sendNewPass': 32 sendNewPass( $option ); 33 break; 34 35 case 'register': 36 registerForm( $option, $mosConfig_useractivation ); 37 break; 38 39 case 'saveRegistration': 40 saveRegistration(); 41 break; 42 43 case 'activate': 44 activate( $option ); 45 break; 46 } 47 48 function lostPassForm( $option ) { 49 global $mainframe; 50 51 $mainframe->SetPageTitle(_PROMPT_PASSWORD); 52 53 HTML_registration::lostPassForm($option); 54 } 55 56 function sendNewPass( $option ) { 57 global $database; 58 global $mosConfig_live_site, $mosConfig_sitename; 59 global $mosConfig_mailfrom, $mosConfig_fromname; 60 61 // simple spoof check security 62 josSpoofCheck(); 63 64 $_live_site = $mosConfig_live_site; 65 $_sitename = $mosConfig_sitename; 66 67 $checkusername = stripslashes( mosGetParam( $_POST, 'checkusername', '' ) ); 68 $confirmEmail = stripslashes( mosGetParam( $_POST, 'confirmEmail', '') ); 69 70 $query = "SELECT id" 71 . "\n FROM #__users" 72 . "\n WHERE username = " . $database->Quote( $checkusername ) 73 . "\n AND email = " . $database->Quote( $confirmEmail ) 74 ; 75 $database->setQuery( $query ); 76 if (!($user_id = $database->loadResult()) || !$checkusername || !$confirmEmail) { 77 mosRedirect( "index.php?option=$option&task=lostPassword&mosmsg="._ERROR_PASS ); 78 } 79 80 $newpass = mosMakePassword(); 81 $message = _NEWPASS_MSG; 82 eval ("\$message = \"$message\";"); 83 $subject = _NEWPASS_SUB; 84 eval ("\$subject = \"$subject\";"); 85 86 mosMail($mosConfig_mailfrom, $mosConfig_fromname, $confirmEmail, $subject, $message); 87 88 $salt = mosMakePassword(16); 89 $crypt = md5($newpass.$salt); 90 $newpass = $crypt.':'.$salt; 91 92 $sql = "UPDATE #__users" 93 . "\n SET password = " . $database->Quote( $newpass ) 94 . "\n WHERE id = " . (int) $user_id 95 ; 96 $database->setQuery( $sql ); 97 if (!$database->query()) { 98 die("SQL error" . $database->stderr(true)); 99 } 100 101 mosRedirect( 'index.php?option=com_registration&mosmsg='. _NEWPASS_SENT ); 102 } 103 104 function registerForm( $option, $useractivation ) { 105 global $mainframe; 106 107 if (!$mainframe->getCfg( 'allowUserRegistration' )) { 108 mosNotAuth(); 109 return; 110 } 111 112 $mainframe->SetPageTitle(_REGISTER_TITLE); 113 114 HTML_registration::registerForm($option, $useractivation); 115 } 116 117 function saveRegistration() { 118 global $database, $acl; 119 global $mosConfig_sitename, $mosConfig_live_site, $mosConfig_useractivation, $mosConfig_allowUserRegistration; 120 global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_mailfrom, $mosConfig_fromname; 121 122 if ( $mosConfig_allowUserRegistration == 0 ) { 123 mosNotAuth(); 124 return; 125 } 126 127 // simple spoof check security 128 josSpoofCheck(); 129 130 $row = new mosUser( $database ); 131 132 if (!$row->bind( $_POST, 'usertype' )) { 133 mosErrorAlert( $row->getError() ); 134 } 135 136 $row->name = trim( $row->name ); 137 $row->email = trim( $row->email ); 138 $row->username = trim( $row->username ); 139 $row->password = trim( $row->password ); 140 141 mosMakeHtmlSafe($row); 142 143 $row->id = 0; 144 $row->usertype = ''; 145 $row->gid = $acl->get_group_id( 'Registered', 'ARO' ); 146 147 if ( $mosConfig_useractivation == 1 ) { 148 $row->activation = md5( mosMakePassword() ); 149 $row->block = '1'; 150 } 151 152 if (!$row->check()) { 153 echo "<script> alert('".html_entity_decode($row->getError())."'); window.history.go(-1); </script>\n"; 154 exit(); 155 } 156 157 $pwd = $row->password; 158 159 $salt = mosMakePassword(16); 160 $crypt = md5($row->password.$salt); 161 $row->password = $crypt.':'.$salt; 162 163 $row->registerDate = date( 'Y-m-d H:i:s' ); 164 165 if (!$row->store()) { 166 echo "<script> alert('".html_entity_decode($row->getError())."'); window.history.go(-1); </script>\n"; 167 exit(); 168 } 169 $row->checkin(); 170 171 $name = trim($row->name); 172 $email = trim($row->email); 173 $username = trim($row->username); 174 175 $subject = sprintf (_SEND_SUB, $name, $mosConfig_sitename); 176 $subject = html_entity_decode($subject, ENT_QUOTES); 177 178 if ($mosConfig_useractivation == 1){ 179 $message = sprintf (_USEND_MSG_ACTIVATE, $name, $mosConfig_sitename, $mosConfig_live_site."/index.php?option=com_registration&task=activate&activation=".$row->activation, $mosConfig_live_site, $username, $pwd); 180 } else { 181 $message = sprintf (_USEND_MSG, $name, $mosConfig_sitename, $mosConfig_live_site); 182 } 183 184 $message = html_entity_decode($message, ENT_QUOTES); 185 186 // check if Global Config `mailfrom` and `fromname` values exist 187 if ($mosConfig_mailfrom != '' && $mosConfig_fromname != '') { 188 $adminName2 = $mosConfig_fromname; 189 $adminEmail2 = $mosConfig_mailfrom; 190 } else { 191 // use email address and name of first superadmin for use in email sent to user 192 $query = "SELECT name, email" 193 . "\n FROM #__users" 194 . "\n WHERE LOWER( usertype ) = 'superadministrator'" 195 . "\n OR LOWER( usertype ) = 'super administrator'" 196 ; 197 $database->setQuery( $query ); 198 $rows = $database->loadObjectList(); 199 $row2 = $rows[0]; 200 201 $adminName2 = $row2->name; 202 $adminEmail2 = $row2->email; 203 } 204 205 // Send email to user 206 mosMail($adminEmail2, $adminName2, $email, $subject, $message); 207 208 // Send notification to all administrators 209 $subject2 = sprintf (_SEND_SUB, $name, $mosConfig_sitename); 210 $message2 = sprintf (_ASEND_MSG, $adminName2, $mosConfig_sitename, $row->name, $email, $username); 211 $subject2 = html_entity_decode($subject2, ENT_QUOTES); 212 $message2 = html_entity_decode($message2, ENT_QUOTES); 213 214 // get email addresses of all admins and superadmins set to recieve system emails 215 $query = "SELECT email, sendEmail" 216 . "\n FROM #__users" 217 . "\n WHERE ( gid = 24 OR gid = 25 )" 218 . "\n AND sendEmail = 1" 219 . "\n AND block = 0" 220 ; 221 $database->setQuery( $query ); 222 $admins = $database->loadObjectList(); 223 224 foreach ( $admins as $admin ) { 225 // send email to admin & super admin set to recieve system emails 226 mosMail($adminEmail2, $adminName2, $admin->email, $subject2, $message2); 227 } 228 229 if ( $mosConfig_useractivation == 1 ){ 230 echo _REG_COMPLETE_ACTIVATE; 231 } else { 232 echo _REG_COMPLETE; 233 } 234 } 235 236 function activate( $option ) { 237 global $database, $my; 238 global $mosConfig_useractivation, $mosConfig_allowUserRegistration; 239 240 if($my->id) { 241 // They're already logged in, so redirect them to the home page 242 mosRedirect( 'index.php' ); 243 } 244 245 246 if ($mosConfig_allowUserRegistration == '0' || $mosConfig_useractivation == '0') { 247 mosNotAuth(); 248 return; 249 } 250 251 $activation = stripslashes( mosGetParam( $_REQUEST, 'activation', '' ) ); 252 253 if (empty( $activation )) { 254 echo _REG_ACTIVATE_NOT_FOUND; 255 return; 256 } 257 258 $query = "SELECT id" 259 . "\n FROM #__users" 260 . "\n WHERE activation = " . $database->Quote( $activation ) 261 . "\n AND block = 1" 262 ; 263 $database->setQuery( $query ); 264 $result = $database->loadResult(); 265 266 if ($result) { 267 $query = "UPDATE #__users" 268 . "\n SET block = 0, activation = ''" 269 . "\n WHERE activation = " . $database->Quote( $activation ) 270 . "\n AND block = 1" 271 ; 272 $database->setQuery( $query ); 273 if (!$database->query()) { 274 if(!defined(_REG_ACTIVATE_FAILURE)) { 275 DEFINE('_REG_ACTIVATE_FAILURE', '<div class="componentheading">Activation Failed!</div><br />The system was unable to activate your account, please contact the site administrator.'); 276 } 277 echo _REG_ACTIVATE_FAILURE; 278 } else { 279 echo _REG_ACTIVATE_COMPLETE; 280 } 281 } else { 282 echo _REG_ACTIVATE_NOT_FOUND; 283 } 284 } 285 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Wed Nov 21 14:43:32 2007 | par Balluche grâce à PHPXref 0.7 |
|
|