Passed
Push — master ( c0a3a7...3b84a4 )
by Jeroen
58:51
created

actions/register.php (1 issue)

Checks if the types of the passed arguments in a function/method call are compatible.

Bug Minor
1
<?php
2
/**
3
 * Elgg registration action
4
 */
5
6
elgg_make_sticky_form('register');
7
8
if (!elgg_get_config('allow_registration')) {
9
	return elgg_error_response(elgg_echo('registerdisabled'));
10
}
11
12
// Get variables
13
$username = get_input('username');
14
$password = get_input('password', null, false);
15
$password2 = get_input('password2', null, false);
16
$email = get_input('email');
17
$name = get_input('name');
18
$friend_guid = (int) get_input('friend_guid', 0);
19
$invitecode = get_input('invitecode');
20
21
try {
22
	if (trim($password) == "" || trim($password2) == "") {
23
		throw new RegistrationException(elgg_echo('RegistrationException:EmptyPassword'));
24
	}
25
26
	if (strcmp($password, $password2) != 0) {
27
		throw new RegistrationException(elgg_echo('RegistrationException:PasswordMismatch'));
28
	}
29
30
	$guid = register_user($username, $password, $name, $email);
31
	if (!$guid) {
32
		return elgg_error_response(elgg_echo('registerbad'));
33
	}
34
35
	$new_user = get_user($guid);
36
37
	// allow plugins to respond to self registration
38
	// note: To catch all new users, even those created by an admin,
39
	// register for the create, user event instead.
40
	// only passing vars that aren't in ElggUser.
41
	$params = [
42
		'user' => $new_user,
43
		'password' => $password,
44
		'friend_guid' => $friend_guid,
45
		'invitecode' => $invitecode
46
	];
47
48
	// @todo should registration be allowed no matter what the plugins return?
49
	if (!elgg_trigger_plugin_hook('register', 'user', $params, true)) {
50
		$ia = elgg_set_ignore_access(true);
51
		$new_user->delete();
52
		elgg_set_ignore_access($ia);
53
		// @todo this is a generic messages. We could have plugins
54
		// throw a RegistrationException, but that is very odd
55
		// for the plugin hooks system.
56
		throw new RegistrationException(elgg_echo('registerbad'));
57
	}
58
59
	elgg_clear_sticky_form('register');
60
61
	if ($new_user->isEnabled()) {
62
		// if exception thrown, this probably means there is a validation
63
		// plugin that has disabled the user
64
		try {
65
			login($new_user);
0 ignored issues
show
$new_user of type false is incompatible with the type ElggUser expected by parameter $user of login(). ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-type  annotation

65
			login(/** @scrutinizer ignore-type */ $new_user);
Loading history...
66
			// set forward url
67
			$session = elgg_get_session();
68
			if ($session->has('last_forward_from')) {
69
				$forward_url = $session->get('last_forward_from');
70
				$forward_source = 'last_forward_from';
71
			} else {
72
				// forward to main index page
73
				$forward_url = '';
74
				$forward_source = null;
75
			}
76
			$params = [
77
				'user' => $new_user,
78
				'source' => $forward_source,
79
			];
80
			$forward_url = elgg_trigger_plugin_hook('login:forward', 'user', $params, $forward_url);
81
			return elgg_ok_response('', elgg_echo('registerok', [elgg_get_site_entity()->name]), $forward_url);
82
		} catch (LoginException $e) {
83
			return elgg_error_response($e->getMessage());
84
		}
85
	}
86
87
	return elgg_ok_response();
88
} catch (RegistrationException $r) {
89
	return elgg_error_response($r->getMessage());
90
}
91
92
return elgg_ok_response();
93