1
|
|
|
<?php |
2
|
|
|
/** |
3
|
|
|
* Elgg registration action |
4
|
|
|
* |
5
|
|
|
* @package Elgg.Core |
6
|
|
|
* @subpackage User.Account |
7
|
|
|
*/ |
8
|
|
|
|
9
|
|
|
elgg_make_sticky_form('register'); |
10
|
|
|
|
11
|
|
|
// Get variables |
12
|
|
|
$username = get_input('username'); |
13
|
|
|
$password = get_input('password', null, false); |
14
|
|
|
$password2 = get_input('password2', null, false); |
15
|
|
|
$email = get_input('email'); |
16
|
|
|
$name = get_input('name'); |
17
|
|
|
$friend_guid = (int) get_input('friend_guid', 0); |
18
|
|
|
$invitecode = get_input('invitecode'); |
19
|
|
|
|
20
|
|
|
if (elgg_get_config('allow_registration')) { |
21
|
|
|
try { |
22
|
|
|
if (trim($password) == "" || trim($password2) == "") { |
23
|
|
|
throw new RegistrationException(elgg_echo('RegistrationException:EmptyPassword')); |
24
|
|
|
} |
25
|
|
|
|
26
|
|
|
if (strcmp($password, $password2) != 0) { |
27
|
|
|
throw new RegistrationException(elgg_echo('RegistrationException:PasswordMismatch')); |
28
|
|
|
} |
29
|
|
|
|
30
|
|
|
$guid = register_user($username, $password, $name, $email); |
31
|
|
|
|
32
|
|
|
if ($guid) { |
33
|
|
|
$new_user = get_entity($guid); |
34
|
|
|
|
35
|
|
|
// allow plugins to respond to self registration |
36
|
|
|
// note: To catch all new users, even those created by an admin, |
37
|
|
|
// register for the create, user event instead. |
38
|
|
|
// only passing vars that aren't in ElggUser. |
39
|
|
|
$params = array( |
40
|
|
|
'user' => $new_user, |
41
|
|
|
'password' => $password, |
42
|
|
|
'friend_guid' => $friend_guid, |
43
|
|
|
'invitecode' => $invitecode |
44
|
|
|
); |
45
|
|
|
|
46
|
|
|
// @todo should registration be allowed no matter what the plugins return? |
47
|
|
View Code Duplication |
if (!elgg_trigger_plugin_hook('register', 'user', $params, TRUE)) { |
48
|
|
|
$ia = elgg_set_ignore_access(true); |
49
|
|
|
$new_user->delete(); |
50
|
|
|
elgg_set_ignore_access($ia); |
51
|
|
|
// @todo this is a generic messages. We could have plugins |
52
|
|
|
// throw a RegistrationException, but that is very odd |
53
|
|
|
// for the plugin hooks system. |
54
|
|
|
throw new RegistrationException(elgg_echo('registerbad')); |
55
|
|
|
} |
56
|
|
|
|
57
|
|
|
elgg_clear_sticky_form('register'); |
58
|
|
|
|
59
|
|
|
if ($new_user->enabled == "yes") { |
60
|
|
|
system_message(elgg_echo("registerok", array(elgg_get_site_entity()->name))); |
61
|
|
|
|
62
|
|
|
// if exception thrown, this probably means there is a validation |
63
|
|
|
// plugin that has disabled the user |
64
|
|
|
try { |
65
|
|
|
login($new_user); |
|
|
|
|
66
|
|
|
// set forward url |
67
|
|
|
$session = elgg_get_session(); |
68
|
|
View Code Duplication |
if ($session->has('last_forward_from')) { |
69
|
|
|
$forward_url = $session->get('last_forward_from'); |
70
|
|
|
$forward_source = 'last_forward_from'; |
71
|
|
|
} else { |
72
|
|
|
// forward to main index page |
73
|
|
|
$forward_url = ''; |
74
|
|
|
$forward_source = null; |
75
|
|
|
} |
76
|
|
|
$params = array('user' => $new_user, 'source' => $forward_source); |
77
|
|
|
$forward_url = elgg_trigger_plugin_hook('login:forward', 'user', $params, $forward_url); |
78
|
|
|
forward($forward_url); |
79
|
|
|
} catch (LoginException $e) { |
80
|
|
|
register_error($e->getMessage()); |
81
|
|
|
forward(REFERER); |
82
|
|
|
} |
83
|
|
|
} |
84
|
|
|
|
85
|
|
|
// Forward on success, assume everything else is an error... |
86
|
|
|
forward(); |
87
|
|
|
} else { |
88
|
|
|
register_error(elgg_echo("registerbad")); |
89
|
|
|
} |
90
|
|
|
} catch (RegistrationException $r) { |
91
|
|
|
register_error($r->getMessage()); |
92
|
|
|
} |
93
|
|
|
} else { |
94
|
|
|
register_error(elgg_echo('registerdisabled')); |
95
|
|
|
} |
96
|
|
|
|
97
|
|
|
forward(REFERER); |
98
|
|
|
|
This check looks for parameters that are defined as one type in their type hint or doc comment but seem to be used as a narrower type, i.e an implementation of an interface or a subclass.
Consider changing the type of the parameter or doing an instanceof check before assuming your parameter is of the expected type.