|
1
|
|
|
<?php declare(strict_types=1); |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* Extended User Profile |
|
5
|
|
|
* |
|
6
|
|
|
* You may not change or alter any portion of this comment or credits |
|
7
|
|
|
* of supporting developers from this source code or any supporting source code |
|
8
|
|
|
* which is considered copyrighted (c) material of the original comment or credit authors. |
|
9
|
|
|
* This program is distributed in the hope that it will be useful, |
|
10
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
|
12
|
|
|
* |
|
13
|
|
|
* @copyright (c) 2000-2016 XOOPS Project (www.xoops.org) |
|
14
|
|
|
* @license GNU GPL 2.0 or later (https://www.gnu.org/licenses/gpl-2.0.html) |
|
15
|
|
|
* @since 2.3.0 |
|
16
|
|
|
* @author Taiwen Jiang <[email protected]> |
|
17
|
|
|
* @author Jan Pedersen |
|
18
|
|
|
* @author trabis <[email protected]> |
|
19
|
|
|
*/ |
|
20
|
|
|
|
|
21
|
|
|
use Xmf\Request; |
|
|
|
|
|
|
22
|
|
|
|
|
23
|
|
|
$GLOBALS['xoopsOption']['template_main'] = 'suico_register.tpl'; |
|
24
|
|
|
require __DIR__ . '/header.php'; |
|
25
|
|
|
if ($GLOBALS['xoopsUser']) { |
|
26
|
|
|
header('location: index.php?uid= ' . $GLOBALS['xoopsUser']->getVar('uid')); |
|
27
|
|
|
exit(); |
|
28
|
|
|
} |
|
29
|
|
|
if (!empty($_GET['op']) && in_array($_GET['op'], ['actv', 'activate'], true)) { |
|
30
|
|
|
header('location: ./activate.php' . (Request::getString('QUERY_STRING', '', 'SERVER'))); |
|
31
|
|
|
exit(); |
|
32
|
|
|
} |
|
33
|
|
|
xoops_load('XoopsUserUtility'); |
|
34
|
|
|
$myts = \MyTextSanitizer::getInstance(); |
|
35
|
|
|
/** @var XoopsConfigHandler $configHandler */ |
|
36
|
|
|
$configHandler = xoops_getHandler('config'); |
|
37
|
|
|
$GLOBALS['xoopsConfigUser'] = $configHandler->getConfigsByCat(XOOPS_CONF_USER); |
|
38
|
|
|
if (empty($GLOBALS['xoopsConfigUser']['allow_register'])) { |
|
39
|
|
|
redirect_header('index.php', 6, _US_NOREGISTER); |
|
40
|
|
|
} |
|
41
|
|
|
// get the key we need to access our 'op' in $_POST |
|
42
|
|
|
// if this key is not set, empty $_POST since this is a new registration and |
|
43
|
|
|
// no legitimate data would be there. |
|
44
|
|
|
$opkey = 'profile_opname'; |
|
45
|
|
|
if (isset($_SESSION[$opkey])) { |
|
46
|
|
|
$current_opname = $_SESSION[$opkey]; |
|
47
|
|
|
unset($_SESSION[$opkey]); |
|
48
|
|
|
if (!isset($_POST[$current_opname])) { |
|
49
|
|
|
$_POST = []; |
|
50
|
|
|
} |
|
51
|
|
|
} else { |
|
52
|
|
|
$_POST = []; |
|
53
|
|
|
$current_opname = 'op'; // does not matter, it isn't there |
|
54
|
|
|
} |
|
55
|
|
|
$op = $_POST[$current_opname] ?? 'register'; |
|
56
|
|
|
$current_step = isset($_POST['step']) ? (int)$_POST['step'] : 0; |
|
57
|
|
|
// The newly introduced variable $_SESSION['profile_post'] is contaminated by $_POST, thus we use an old vaiable to hold uid parameter |
|
58
|
|
|
$uid = !empty($_SESSION['profile_register_uid']) ? (int)$_SESSION['profile_register_uid'] : 0; |
|
59
|
|
|
// First step is already secured by with the captcha Token so lets check the others |
|
60
|
|
|
if ($current_step > 0 && !$GLOBALS['xoopsSecurity']->check()) { |
|
61
|
|
|
redirect_header('user.php', 5, _PROFILE_MA_EXPIRED); |
|
62
|
|
|
} |
|
63
|
|
|
$criteria = new CriteriaCompo(); |
|
64
|
|
|
$criteria->setSort('step_order'); |
|
65
|
|
|
$regstepHandler = $helper->getHandler('Regstep'); |
|
66
|
|
|
if (!$steps = $regstepHandler->getAll($criteria, null, false, false)) { |
|
67
|
|
|
redirect_header(XOOPS_URL . '/', 6, _PROFILE_MA_NOSTEPSAVAILABLE); |
|
68
|
|
|
} |
|
69
|
|
|
foreach (array_keys($steps) as $key) { |
|
70
|
|
|
$steps[$key]['step_no'] = $key + 1; |
|
71
|
|
|
} |
|
72
|
|
|
$GLOBALS['xoopsTpl']->assign('steps', $steps); |
|
73
|
|
|
$GLOBALS['xoopsTpl']->assign('lang_register_steps', _PROFILE_MA_REGISTER_STEPS); |
|
74
|
|
|
$xoBreadcrumbs[] = [ |
|
75
|
|
|
'link' => XOOPS_URL . '/modules/' . $GLOBALS['xoopsModule']->getVar('dirname', 'n') . '/register.php', |
|
76
|
|
|
'title' => _PROFILE_MA_REGISTER, |
|
77
|
|
|
]; |
|
78
|
|
|
if (isset($steps[$current_step])) { |
|
79
|
|
|
$xoBreadcrumbs[] = ['title' => $steps[$current_step]['step_name']]; |
|
80
|
|
|
} |
|
81
|
|
|
/** @var XoopsMemberHandler $memberHandler */ |
|
82
|
|
|
$memberHandler = xoops_getHandler('member'); |
|
83
|
|
|
$profileHandler = $helper->getHandler('Profile'); |
|
84
|
|
|
$fields = $profileHandler->loadFields(); |
|
85
|
|
|
$userfields = $profileHandler->getUserVars(); |
|
86
|
|
|
if (0 == $uid) { |
|
87
|
|
|
// No user yet? Create one and set default values. |
|
88
|
|
|
$newuser = $memberHandler->createUser(); |
|
89
|
|
|
$profile = $profileHandler->create(); |
|
90
|
|
|
if (count($fields) > 0) { |
|
91
|
|
|
foreach (array_keys($fields) as $i) { |
|
92
|
|
|
$fieldname = $fields[$i]->getVar('field_name'); |
|
93
|
|
|
if (in_array($fieldname, $userfields, true)) { |
|
94
|
|
|
$default = $fields[$i]->getVar('field_default'); |
|
95
|
|
|
if ('' === $default || null === $default) { |
|
96
|
|
|
continue; |
|
97
|
|
|
} |
|
98
|
|
|
$newuser->setVar($fieldname, $default); |
|
99
|
|
|
} |
|
100
|
|
|
} |
|
101
|
|
|
} |
|
102
|
|
|
} else { |
|
103
|
|
|
// We already have a user? Just load it! Security is handled by token so there is no fake uid here. |
|
104
|
|
|
$newuser = $memberHandler->getUser($uid); |
|
105
|
|
|
$profile = $profileHandler->get($uid); |
|
106
|
|
|
} |
|
107
|
|
|
// Lets merge current $_POST with $_SESSION['profile_post'] so we can have access to info submited in previous steps |
|
108
|
|
|
// Get all fields that we can expect from a $_POST inlcuding our private '_message_' |
|
109
|
|
|
$fieldnames = []; |
|
110
|
|
|
foreach (array_keys($fields) as $i) { |
|
111
|
|
|
$fieldnames[] = $fields[$i]->getVar('field_name'); |
|
112
|
|
|
} |
|
113
|
|
|
$fieldnames = array_merge($fieldnames, $userfields); |
|
114
|
|
|
$fieldnames[] = '_message_'; |
|
115
|
|
|
// Get $_POST that matches above criteria, we do not need to store step, tokens, etc |
|
116
|
|
|
$postfields = []; |
|
117
|
|
|
foreach ($fieldnames as $fieldname) { |
|
118
|
|
|
if (isset($_POST[$fieldname])) { |
|
119
|
|
|
$postfields[$fieldname] = $_POST[$fieldname]; |
|
120
|
|
|
} |
|
121
|
|
|
} |
|
122
|
|
|
if (0 == $current_step) { |
|
123
|
|
|
// Reset any previous session for first step |
|
124
|
|
|
$_SESSION['profile_post'] = []; |
|
125
|
|
|
$_SESSION['profile_register_uid'] = null; |
|
126
|
|
|
} else { |
|
127
|
|
|
// Merge current $_POST with $_SESSION['profile_post'] |
|
128
|
|
|
$_SESSION['profile_post'] = array_merge($_SESSION['profile_post'], $postfields); |
|
129
|
|
|
$_POST = array_merge($_SESSION['profile_post'], $_POST); |
|
130
|
|
|
} |
|
131
|
|
|
// Set vars from $_POST/$_SESSION['profile_post'] |
|
132
|
|
|
foreach (array_keys($fields) as $field) { |
|
133
|
|
|
if (!isset($_POST[$field])) { |
|
134
|
|
|
continue; |
|
135
|
|
|
} |
|
136
|
|
|
$value = $fields[$field]->getValueForSave($_POST[$field]); |
|
137
|
|
|
if (in_array($field, $userfields, true)) { |
|
138
|
|
|
$newuser->setVar($field, $value); |
|
139
|
|
|
} else { |
|
140
|
|
|
$profile->setVar($field, $value); |
|
141
|
|
|
} |
|
142
|
|
|
} |
|
143
|
|
|
$stop = ''; |
|
144
|
|
|
//Client side validation |
|
145
|
|
|
if (isset($_POST['step'], $_SESSION['profile_required'])) { |
|
146
|
|
|
foreach ($_SESSION['profile_required'] as $name => $title) { |
|
147
|
|
|
if (empty($_POST[$name])) { |
|
148
|
|
|
$stop .= sprintf(_FORM_ENTER, $title) . '<br>'; |
|
149
|
|
|
} |
|
150
|
|
|
} |
|
151
|
|
|
} |
|
152
|
|
|
// Check user data at first step |
|
153
|
|
|
if (1 == $current_step) { |
|
154
|
|
|
$uname = Request::getString('uname', '', 'POST'); |
|
155
|
|
|
$email = Request::getString('email', '', 'POST'); |
|
156
|
|
|
$url = Request::getString('url', '', 'POST'); |
|
157
|
|
|
$pass = Request::getString('pass', '', 'POST'); |
|
158
|
|
|
$vpass = Request::getString('pass', '', 'POST'); |
|
159
|
|
|
$agree_disc = (isset($_POST['agree_disc']) && (int)$_POST['agree_disc']) ? 1 : 0; |
|
160
|
|
|
if (0 != $GLOBALS['xoopsConfigUser']['reg_dispdsclmr'] && '' !== $GLOBALS['xoopsConfigUser']['reg_disclaimer']) { |
|
161
|
|
|
if (empty($agree_disc)) { |
|
162
|
|
|
$stop .= _US_UNEEDAGREE . '<br>'; |
|
163
|
|
|
} |
|
164
|
|
|
} |
|
165
|
|
|
$newuser->setVar('uname', $uname); |
|
166
|
|
|
$newuser->setVar('email', $email); |
|
167
|
|
|
$newuser->setVar('pass', $pass ? password_hash($pass, PASSWORD_DEFAULT) : ''); |
|
168
|
|
|
$stop .= XoopsUserUtility::validate($newuser, $pass, $vpass); |
|
169
|
|
|
xoops_load('XoopsCaptcha'); |
|
170
|
|
|
$xoopsCaptcha = XoopsCaptcha::getInstance(); |
|
171
|
|
|
if (!$xoopsCaptcha->verify()) { |
|
172
|
|
|
$stop .= $xoopsCaptcha->getMessage(); |
|
173
|
|
|
} |
|
174
|
|
|
} |
|
175
|
|
|
// If the last step required SAVE or if we're on the last step then we will insert/update user on database |
|
176
|
|
|
if ($current_step > 0 && empty($stop) && (!empty($steps[$current_step - 1]['step_save']) || !isset($steps[$current_step]))) { |
|
177
|
|
|
if (1 == $GLOBALS['xoopsModuleConfig']['profileCaptchaAfterStep1'] && $current_step > 1) { |
|
178
|
|
|
xoops_load('XoopsCaptcha'); |
|
179
|
|
|
$xoopsCaptcha2 = XoopsCaptcha::getInstance(); |
|
180
|
|
|
if (!$xoopsCaptcha2->verify()) { |
|
181
|
|
|
$stop .= $xoopsCaptcha2->getMessage(); |
|
182
|
|
|
} |
|
183
|
|
|
} |
|
184
|
|
|
if (empty($stop)) { |
|
185
|
|
|
$isNew = $newuser->isNew(); |
|
186
|
|
|
//Did created an user already? If not then let us set some extra info |
|
187
|
|
|
if ($isNew) { |
|
188
|
|
|
$uname = Request::getString('uname', '', 'POST'); |
|
189
|
|
|
$email = Request::getString('email', '', 'POST'); |
|
190
|
|
|
$url = Request::getString('url', '', 'POST'); |
|
191
|
|
|
$pass = Request::getString('pass', '', 'POST'); |
|
192
|
|
|
$newuser->setVar('uname', $uname); |
|
193
|
|
|
$newuser->setVar('email', $email); |
|
194
|
|
|
$newuser->setVar('pass', $pass ? password_hash($pass, PASSWORD_DEFAULT) : ''); |
|
195
|
|
|
$actkey = bin2hex(random_bytes(4)); |
|
196
|
|
|
$newuser->setVar('actkey', $actkey, true); |
|
197
|
|
|
$newuser->setVar('user_regdate', time(), true); |
|
198
|
|
|
$newuser->setVar('uorder', $GLOBALS['xoopsConfig']['com_order'], true); |
|
199
|
|
|
$newuser->setVar('umode', $GLOBALS['xoopsConfig']['com_mode'], true); |
|
200
|
|
|
$newuser->setVar('theme', $GLOBALS['xoopsConfig']['theme_set'], true); |
|
201
|
|
|
$newuser->setVar('user_avatar', 'avatars/blank.gif', true); |
|
202
|
|
|
if (1 == $GLOBALS['xoopsConfigUser']['activation_type']) { |
|
203
|
|
|
$newuser->setVar('level', 1, true); |
|
204
|
|
|
} else { |
|
205
|
|
|
$newuser->setVar('level', 0, true); |
|
206
|
|
|
} |
|
207
|
|
|
} |
|
208
|
|
|
// Insert/update user and check if we have succeded |
|
209
|
|
|
if ($memberHandler->insertUser($newuser)) { |
|
210
|
|
|
// User inserted! Now insert custom profile fields |
|
211
|
|
|
$profile->setVar('profile_id', $newuser->getVar('uid')); |
|
212
|
|
|
$profileHandler->insert($profile); |
|
213
|
|
|
// We are good! If this is 'was' a new user then we handle notification |
|
214
|
|
|
if ($isNew) { |
|
215
|
|
|
if (1 == $GLOBALS['xoopsConfigUser']['new_user_notify'] && !empty($GLOBALS['xoopsConfigUser']['new_user_notify_group'])) { |
|
216
|
|
|
$xoopsMailer = xoops_getMailer(); |
|
217
|
|
|
$xoopsMailer->reset(); |
|
218
|
|
|
$xoopsMailer->useMail(); |
|
219
|
|
|
$xoopsMailer->setToGroups($memberHandler->getGroup($GLOBALS['xoopsConfigUser']['new_user_notify_group'])); |
|
220
|
|
|
$xoopsMailer->setFromEmail($GLOBALS['xoopsConfig']['adminmail']); |
|
221
|
|
|
$xoopsMailer->setFromName($GLOBALS['xoopsConfig']['sitename']); |
|
222
|
|
|
$xoopsMailer->setSubject(sprintf(_US_NEWUSERREGAT, $GLOBALS['xoopsConfig']['sitename'])); |
|
223
|
|
|
$xoopsMailer->setBody(sprintf(_US_HASJUSTREG, $newuser->getVar('uname'))); |
|
|
|
|
|
|
224
|
|
|
$xoopsMailer->send(true); |
|
225
|
|
|
} |
|
226
|
|
|
$message = ''; |
|
227
|
|
|
if (!$memberHandler->addUserToGroup(XOOPS_GROUP_USERS, $newuser->getVar('uid'))) { |
|
|
|
|
|
|
228
|
|
|
$message = _PROFILE_MA_REGISTER_NOTGROUP . '<br>'; |
|
229
|
|
|
} elseif (1 == $GLOBALS['xoopsConfigUser']['activation_type']) { |
|
230
|
|
|
XoopsUserUtility::sendWelcome($newuser); |
|
231
|
|
|
} elseif (0 == $GLOBALS['xoopsConfigUser']['activation_type']) { |
|
232
|
|
|
$xoopsMailer = xoops_getMailer(); |
|
233
|
|
|
$xoopsMailer->reset(); |
|
234
|
|
|
$xoopsMailer->useMail(); |
|
235
|
|
|
$xoopsMailer->setTemplate('register.tpl'); |
|
236
|
|
|
$xoopsMailer->assign('SITENAME', $GLOBALS['xoopsConfig']['sitename']); |
|
237
|
|
|
$xoopsMailer->assign('ADMINMAIL', $GLOBALS['xoopsConfig']['adminmail']); |
|
238
|
|
|
$xoopsMailer->assign('SITEURL', XOOPS_URL . '/'); |
|
239
|
|
|
$xoopsMailer->assign('X_UPASS', $_POST['vpass']); |
|
240
|
|
|
$xoopsMailer->setToUsers($newuser); |
|
241
|
|
|
$xoopsMailer->setFromEmail($GLOBALS['xoopsConfig']['adminmail']); |
|
242
|
|
|
$xoopsMailer->setFromName($GLOBALS['xoopsConfig']['sitename']); |
|
243
|
|
|
$xoopsMailer->setSubject(sprintf(_US_USERKEYFOR, $newuser->getVar('uname'))); |
|
244
|
|
|
if ($xoopsMailer->send(true)) { |
|
245
|
|
|
$_SESSION['profile_post']['_message_'] = 1; |
|
246
|
|
|
} else { |
|
247
|
|
|
$_SESSION['profile_post']['_message_'] = 0; |
|
248
|
|
|
} |
|
249
|
|
|
} elseif (2 == $GLOBALS['xoopsConfigUser']['activation_type']) { |
|
250
|
|
|
$xoopsMailer = xoops_getMailer(); |
|
251
|
|
|
$xoopsMailer->reset(); |
|
252
|
|
|
$xoopsMailer->useMail(); |
|
253
|
|
|
$xoopsMailer->setTemplate('adminactivate.tpl'); |
|
254
|
|
|
$xoopsMailer->assign('USERNAME', $newuser->getVar('uname')); |
|
255
|
|
|
$xoopsMailer->assign('USEREMAIL', $newuser->getVar('email')); |
|
256
|
|
|
$xoopsMailer->assign('USERACTLINK', XOOPS_URL . '/modules/' . $GLOBALS['xoopsModule']->getVar('dirname', 'n') . '/activate.php?id=' . $newuser->getVar('uid') . '&actkey=' . $newuser->getVar('actkey', 'n')); |
|
257
|
|
|
$xoopsMailer->assign('SITENAME', $GLOBALS['xoopsConfig']['sitename']); |
|
258
|
|
|
$xoopsMailer->assign('ADMINMAIL', $GLOBALS['xoopsConfig']['adminmail']); |
|
259
|
|
|
$xoopsMailer->assign('SITEURL', XOOPS_URL . '/'); |
|
260
|
|
|
$xoopsMailer->setToGroups($memberHandler->getGroup($GLOBALS['xoopsConfigUser']['activation_group'])); |
|
261
|
|
|
$xoopsMailer->setFromEmail($GLOBALS['xoopsConfig']['adminmail']); |
|
262
|
|
|
$xoopsMailer->setFromName($GLOBALS['xoopsConfig']['sitename']); |
|
263
|
|
|
$xoopsMailer->setSubject(sprintf(_US_USERKEYFOR, $newuser->getVar('uname'))); |
|
264
|
|
|
if ($xoopsMailer->send()) { |
|
265
|
|
|
$_SESSION['profile_post']['_message_'] = 3; |
|
266
|
|
|
} else { |
|
267
|
|
|
$_SESSION['profile_post']['_message_'] = 2; |
|
268
|
|
|
} |
|
269
|
|
|
} |
|
270
|
|
|
if ($message) { |
|
271
|
|
|
$GLOBALS['xoopsTpl']->append('confirm', $message); |
|
272
|
|
|
} |
|
273
|
|
|
$_SESSION['profile_register_uid'] = $newuser->getVar('uid'); |
|
274
|
|
|
} |
|
275
|
|
|
} else { |
|
276
|
|
|
$stop .= _US_REGISTERNG . '<br>'; |
|
277
|
|
|
$stop .= implode('<br>', $newuser->getErrors()); |
|
278
|
|
|
} |
|
279
|
|
|
} |
|
280
|
|
|
} |
|
281
|
|
|
if (!empty($stop) || isset($steps[$current_step])) { |
|
282
|
|
|
require_once __DIR__ . '/include/forms.php'; |
|
283
|
|
|
$current_step = empty($stop) ? $current_step : $current_step - 1; |
|
284
|
|
|
$reg_form = profile_getRegisterForm($newuser, $profile, $steps[$current_step]); |
|
285
|
|
|
$reg_form->assign($GLOBALS['xoopsTpl']); |
|
286
|
|
|
$GLOBALS['xoopsTpl']->assign('current_step', $current_step); |
|
287
|
|
|
$GLOBALS['xoopsTpl']->assign('stop', $stop); |
|
288
|
|
|
} else { |
|
289
|
|
|
// No errors and no more steps, finish |
|
290
|
|
|
$GLOBALS['xoopsTpl']->assign('finish', _PROFILE_MA_REGISTER_FINISH); |
|
291
|
|
|
$GLOBALS['xoopsTpl']->assign('current_step', -1); |
|
292
|
|
|
if (1 == $GLOBALS['xoopsConfigUser']['activation_type'] && !empty($_SESSION['profile_post']['pass'])) { |
|
293
|
|
|
$GLOBALS['xoopsTpl']->assign('finish_login', _PROFILE_MA_FINISH_LOGIN); |
|
294
|
|
|
$GLOBALS['xoopsTpl']->assign('finish_uname', $newuser->getVar('uname')); |
|
295
|
|
|
$GLOBALS['xoopsTpl']->assign('finish_pass', htmlspecialchars($_SESSION['profile_post']['pass'], ENT_QUOTES | ENT_HTML5)); |
|
296
|
|
|
} |
|
297
|
|
|
if (isset($_SESSION['profile_post']['_message_'])) { |
|
298
|
|
|
//todo, if user is activated by admin, then we should inform it along with error messages. _US_YOURREGMAILNG is not enough |
|
299
|
|
|
$messages = [_US_YOURREGMAILNG, _US_YOURREGISTERED, _US_YOURREGMAILNG, _US_YOURREGISTERED2]; |
|
300
|
|
|
$GLOBALS['xoopsTpl']->assign('finish_message', $messages[$_SESSION['profile_post']['_message_']]); |
|
301
|
|
|
} |
|
302
|
|
|
$_SESSION['profile_post'] = null; |
|
303
|
|
|
} |
|
304
|
|
|
require_once XOOPS_ROOT_PATH . '/footer.php'; |
|
305
|
|
|
|
XoopsModules25x /
suico
Lio
mambax7
Loading history...
Let?s assume that you have a directory layout like this:
. |-- OtherDir | |-- Bar.php | `-- Foo.php `-- SomeDir `-- Foo.phpand let?s assume the following content of
Bar.php:If both files
OtherDir/Foo.phpandSomeDir/Foo.phpare loaded in the same runtime, you will see a PHP error such as the following:PHP Fatal error: Cannot use SomeDir\Foo as Foo because the name is already in use in OtherDir/Foo.phpHowever, as
OtherDir/Foo.phpdoes not necessarily have to be loaded and the error is only triggered if it is loaded beforeOtherDir/Bar.php, this problem might go unnoticed for a while. In order to prevent this error from surfacing, you must import the namespace with a different alias: