bug3
[aidenligne_francais_universite.git] / fluxbb / register.php
1 <?php
2 /***********************************************************************
3
4 Copyright (C) 2002-2005 Rickard Andersson (rickard@punbb.org)
5
6 This file is part of PunBB.
7
8 PunBB is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published
10 by the Free Software Foundation; either version 2 of the License,
11 or (at your option) any later version.
12
13 PunBB is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 59 Temple Place, Suite 330, Boston,
21 MA 02111-1307 USA
22
23 ************************************************************************/
24
25
26 define('PUN_ROOT', './');
27 require PUN_ROOT.'include/common.php';
28
29
30 // If we are logged in, we shouldn't be here
31 if (!$pun_user['is_guest'])
32 {
33 header('Location: index.php');
34 exit;
35 }
36
37 // Load the register.php language file
38 require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php';
39
40 // Load the register.php/profile.php language file
41 require PUN_ROOT.'lang/'.$pun_user['language'].'/prof_reg.php';
42
43 if ($pun_config['o_regs_allow'] == '0')
44 message($lang_register['No new regs']);
45
46
47 // User pressed the cancel button
48 if (isset($_GET['cancel']))
49 redirect('index.php', $lang_register['Reg cancel redirect']);
50
51
52 else if ($pun_config['o_rules'] == '1' && !isset($_GET['agree']) && !isset($_POST['form_sent']))
53 {
54 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_register['Register'];
55 require PUN_ROOT.'header.php';
56
57 ?>
58 <div class="blockform">
59 <h2><span><?php echo $lang_register['Forum rules'] ?></span></h2>
60 <div class="box">
61 <form method="get" action="register.php">
62 <div class="inform">
63 <fieldset>
64 <legend><?php echo $lang_register['Rules legend'] ?></legend>
65 <div class="infldset">
66 <p><?php echo $pun_config['o_rules_message'] ?></p>
67 </div>
68 </fieldset>
69 </div>
70 <p><input type="submit" name="agree" value="<?php echo $lang_register['Agree'] ?>" /><input type="submit" name="cancel" value="<?php echo $lang_register['Cancel'] ?>" /></p>
71 </form>
72 </div>
73 </div>
74 <?php
75
76 require PUN_ROOT.'footer.php';
77 }
78
79
80 else if (isset($_POST['form_sent']))
81 {
82 // On vérifie s'il ne s'agit pas d'un robot
83 if($_POST['username'] != ""){die('Il semblerait que vous êtes un robot. Fin de la procédure.');}
84 // Fin de la vérification
85 // Check that someone from this IP didn't register a user within the last hour (DoS prevention)
86 $result = $db->query('SELECT 1 FROM '.$db->prefix.'users WHERE registration_ip=\''.get_remote_address().'\' AND registered>'.(time() - 3600)) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
87
88 if ($db->num_rows($result))
89 message($lang_register['User same IP']);
90
91 $username = pun_trim($_POST['req_username']);
92 $email1 = strtolower(trim($_POST['req_email1']));
93
94 if ($pun_config['o_regs_verify'] == '1')
95 {
96 $email2 = strtolower(trim($_POST['req_email2']));
97
98 $password1 = random_pass(8);
99 $password2 = $password1;
100 }
101 else
102 {
103 $password1 = trim($_POST['req_password1']);
104 $password2 = trim($_POST['req_password2']);
105 }
106
107 // Convert multiple whitespace characters into one (to prevent people from registering with indistinguishable usernames)
108 $username = preg_replace('#\s+#s', ' ', $username);
109
110 // Validate username and passwords
111 if (strlen($username) < 2)
112 message($lang_prof_reg['Username too short']);
113 else if (pun_strlen($username) > 25) // This usually doesn't happen since the form element only accepts 25 characters
114 message($lang_common['Bad request']);
115 else if (strlen($password1) < 4)
116 message($lang_prof_reg['Pass too short']);
117 else if ($password1 != $password2)
118 message($lang_prof_reg['Pass not match']);
119 else if (!strcasecmp($username, 'Guest') || !strcasecmp($username, 'invité') || !strcasecmp($username, $lang_common['Guest']))
120 message($lang_prof_reg['Username guest']);
121 else if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $username))
122 message($lang_prof_reg['Username IP']);
123 else if ((strpos($username, '[') !== false || strpos($username, ']') !== false) && strpos($username, '\'') !== false && strpos($username, '"') !== false)
124 message($lang_prof_reg['Username reserved chars']);
125 else if (preg_match('#\[b\]|\[/b\]|\[u\]|\[/u\]|\[i\]|\[/i\]|\[color|\[/color\]|\[quote\]|\[quote=|\[/quote\]|\[code\]|\[/code\]|\[img\]|\[/img\]|\[url|\[/url\]|\[email|\[/email\]#i', $username))
126 message($lang_prof_reg['Username BBCode']);
127
128 // Check username for any censored words
129 if ($pun_config['o_censoring'] == '1')
130 {
131 // If the censored username differs from the username
132 if (censor_words($username) != $username)
133 message($lang_register['Username censor']);
134 }
135
136 // Check that the username (or a too similar username) is not already registered
137 $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE UPPER(username)=UPPER(\''.$db->escape($username).'\') OR UPPER(username)=UPPER(\''.$db->escape(preg_replace('/[^\w]/', '', $username)).'\')') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
138
139 if ($db->num_rows($result))
140 {
141 $busy = $db->result($result);
142 message($lang_register['Username dupe 1'].' '.pun_htmlspecialchars($busy).'. '.$lang_register['Username dupe 2']);
143 }
144
145
146 // Validate e-mail
147 require PUN_ROOT.'include/email.php';
148
149 if (!is_valid_email($email1))
150 message($lang_common['Invalid e-mail']);
151 else if ($pun_config['o_regs_verify'] == '1' && $email1 != $email2)
152 message($lang_register['E-mail not match']);
153
154 // Check it it's a banned e-mail address
155 if (is_banned_email($email1))
156 {
157 if ($pun_config['p_allow_banned_email'] == '0')
158 message($lang_prof_reg['Banned e-mail']);
159
160 $banned_email = true; // Used later when we send an alert e-mail
161 }
162 else
163 $banned_email = false;
164
165 // Check if someone else already has registered with that e-mail address
166 $dupe_list = array();
167
168 $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE email=\''.$db->escape($email1).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
169 if ($db->num_rows($result))
170 {
171 if ($pun_config['p_allow_dupe_email'] == '0')
172 message($lang_prof_reg['Dupe e-mail']);
173
174 while ($cur_dupe = $db->fetch_assoc($result))
175 $dupe_list[] = $cur_dupe['username'];
176 }
177
178 // Make sure we got a valid language string
179 if (isset($_POST['language']))
180 {
181 $language = preg_replace('#[\.\\\/]#', '', $_POST['language']);
182 if (!file_exists(PUN_ROOT.'lang/'.$language.'/common.php'))
183 message($lang_common['Bad request']);
184 }
185 else
186 $language = $pun_config['o_default_lang'];
187
188 $timezone = round($_POST['timezone'], 1);
189 $save_pass = (!isset($_POST['save_pass']) || $_POST['save_pass'] != '1') ? '0' : '1';
190
191 $email_setting = intval($_POST['email_setting']);
192 if ($email_setting < 0 || $email_setting > 2) $email_setting = 1;
193
194 // Insert the new user into the database. We do this now to get the last inserted id for later use.
195 $now = time();
196
197 $intial_group_id = ($pun_config['o_regs_verify'] == '0') ? $pun_config['o_default_user_group'] : PUN_UNVERIFIED;
198 $password_hash = pun_hash($password1);
199
200 // Add the user
201 $db->query('INSERT INTO '.$db->prefix.'users (username, group_id, password, email, email_setting, save_pass, timezone, language, style, registered, registration_ip, last_visit) VALUES(\''.$db->escape($username).'\', '.$intial_group_id.', \''.$password_hash.'\', \''.$db->escape($email1).'\', '.$email_setting.', '.$save_pass.', '.$timezone.' , \''.$db->escape($language).'\', \''.$pun_config['o_default_style'].'\', '.$now.', \''.get_remote_address().'\', '.$now.')') or error('Unable to create user', __FILE__, __LINE__, $db->error());
202 $new_uid = $db->insert_id();
203
204
205 // If we previously found out that the e-mail was banned
206 if ($banned_email && $pun_config['o_mailing_list'] != '')
207 {
208 $mail_subject = 'Alerte - Adresse e-mail bannie détectée';
209 $mail_message = 'L\'utilisateur \''.$username.'\' s\'est inscrit avec l\'adresse e-mail bannie : '.$email1."\n\n".'Profil utilisateur : '.$pun_config['o_base_url'].'/profile.php?id='.$new_uid."\n\n".'-- '."\n".'E-mail automatique'."\n".'(Ne répondez pas à ce message)';
210
211 pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
212 }
213
214 // If we previously found out that the e-mail was a dupe
215 if (!empty($dupe_list) && $pun_config['o_mailing_list'] != '')
216 {
217 $mail_subject = 'Alerte - Adresse e-mail en doublon détéctée';
218 $mail_message = 'L\'utilisateur \''.$username.'\' s\'est inscrit avec l\'adresse qui appartient également à : '.implode(', ', $dupe_list)."\n\n".'User profile: '.$pun_config['o_base_url'].'/profile.php?id='.$new_uid."\n\n".'-- '."\n".'E-mail automatique'."\n".'(Ne répondez pas à ce message)';
219
220 pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
221 }
222
223 // Should we alert people on the admin mailing list that a new user has registered?
224 if ($pun_config['o_regs_report'] == '1')
225 {
226 $mail_subject = 'Alerte - Nouvelle inscription';
227 $mail_message = 'L\'utilisateur \''.$username.'\' s\'est inscrit au forum '.$pun_config['o_base_url']."\n\n".'Profil utilisateur : '.$pun_config['o_base_url'].'/profile.php?id='.$new_uid."\n\n".'-- '."\n".'E-mail automatique'."\n".'(Ne répondez pas à ce message)';
228
229 pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
230 }
231
232 // Must the user verify the registration or do we log him/her in right now?
233 if ($pun_config['o_regs_verify'] == '1')
234 {
235 // Load the "welcome" template
236 $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/welcome.tpl'));
237
238 // The first row contains the subject
239 $first_crlf = strpos($mail_tpl, "\n");
240 $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
241 $mail_message = trim(substr($mail_tpl, $first_crlf));
242
243 $mail_subject = str_replace('<board_title>', $pun_config['o_board_title'], $mail_subject);
244 $mail_message = str_replace('<base_url>', $pun_config['o_base_url'].'/', $mail_message);
245 $mail_message = str_replace('<username>', $username, $mail_message);
246 $mail_message = str_replace('<password>', $password1, $mail_message);
247 $mail_message = str_replace('<login_url>', $pun_config['o_base_url'].'/login.php', $mail_message);
248 $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message);
249
250 pun_mail($email1, $mail_subject, $mail_message);
251
252 message($lang_register['Reg e-mail'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true);
253 }
254
255 pun_setcookie($new_uid, $password_hash, ($save_pass != '0') ? $now + 31536000 : 0);
256
257 redirect('index.php', $lang_register['Reg complete']);
258 }
259
260
261 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_register['Register'];
262 $required_fields = array('req_username' => $lang_common['Username'], 'req_password1' => $lang_common['Password'], 'req_password2' => $lang_prof_reg['Confirm pass'], 'req_email1' => $lang_common['E-mail'], 'req_email2' => $lang_common['E-mail'].' 2');
263 $focus_element = array('register', 'req_username');
264 require PUN_ROOT.'header.php';
265
266 ?>
267 <div class="blockform">
268 <h2><span><?php echo $lang_register['Register'] ?></span></h2>
269 <div class="box">
270 <form id="register" method="post" action="register.php?action=register" onsubmit="this.register.disabled=true;if(process_form(this)){return true;}else{this.register.disabled=false;return false;}">
271 <div class="inform">
272 <div class="forminfo">
273 <h3><?php echo $lang_common['Important information'] ?></h3>
274 <p><?php echo $lang_register['Desc 1'] ?></p>
275 <p><?php echo $lang_register['Desc 2'] ?></p>
276 </div>
277 <fieldset>
278 <legend><?php echo $lang_register['Username legend'] ?></legend>
279 <div class="infldset">
280 <input type="hidden" name="form_sent" value="1" />
281 <label><strong><?php echo $lang_common['Username'] ?></strong><br /><input type="text" name="req_username" size="25" maxlength="25" /><br /></label>
282 </div>
283 </fieldset>
284 </div>
285 <?php if ($pun_config['o_regs_verify'] == '0'): ?> <div class="inform">
286 <fieldset>
287 <legend><?php echo $lang_register['Pass legend 1'] ?></legend>
288 <div class="infldset">
289 <label class="conl"><strong><?php echo $lang_common['Password'] ?></strong><br /><input type="password" name="req_password1" size="16" maxlength="16" /><br /></label>
290 <label class="conl"><strong><?php echo $lang_prof_reg['Confirm pass'] ?></strong><br /><input type="password" name="req_password2" size="16" maxlength="16" /><br /></label>
291 <p class="clearb"><?php echo $lang_register['Pass info'] ?></p>
292 </div>
293 </fieldset>
294 </div>
295 <?php endif; ?> <div class="inform">
296 <fieldset>
297 <legend><?php echo ($pun_config['o_regs_verify'] == '1') ? $lang_prof_reg['E-mail legend 2'] : $lang_prof_reg['E-mail legend'] ?></legend>
298 <div class="infldset">
299 <?php if ($pun_config['o_regs_verify'] == '1'): ?> <p><?php echo $lang_register['E-mail info'] ?></p>
300 <?php endif; ?> <label><strong><?php echo $lang_common['E-mail'] ?></strong><br />
301 <input type="text" name="req_email1" size="50" maxlength="50" /><br /></label>
302 <?php if ($pun_config['o_regs_verify'] == '1'): ?> <label><strong><?php echo $lang_register['Confirm e-mail'] ?></strong><br />
303 <input type="text" name="req_email2" size="50" maxlength="50" /><br /></label>
304 <?php endif; ?> </div>
305 </fieldset>
306 </div>
307 <div class="inform">
308 <fieldset>
309 <legend><?php echo $lang_prof_reg['Localisation legend'] ?></legend>
310 <div class="infldset">
311 <label><?php echo $lang_prof_reg['Timezone'] ?>: <?php echo $lang_prof_reg['Timezone info'] ?>
312 <br /><select id="time_zone" name="timezone">
313 <option value="-12"<?php if ($pun_config['o_server_timezone'] == -12 ) echo ' selected="selected"' ?>>-12</option>
314 <option value="-11"<?php if ($pun_config['o_server_timezone'] == -11) echo ' selected="selected"' ?>>-11</option>
315 <option value="-10"<?php if ($pun_config['o_server_timezone'] == -10) echo ' selected="selected"' ?>>-10</option>
316 <option value="-9.5"<?php if ($pun_config['o_server_timezone'] == -9.5) echo ' selected="selected"' ?>>-9.5</option>
317 <option value="-9"<?php if ($pun_config['o_server_timezone'] == -9 ) echo ' selected="selected"' ?>>-09</option>
318 <option value="-8.5"<?php if ($pun_config['o_server_timezone'] == -8.5) echo ' selected="selected"' ?>>-8.5</option>
319 <option value="-8"<?php if ($pun_config['o_server_timezone'] == -8 ) echo ' selected="selected"' ?>>-08 PST</option>
320 <option value="-7"<?php if ($pun_config['o_server_timezone'] == -7 ) echo ' selected="selected"' ?>>-07 MST</option>
321 <option value="-6"<?php if ($pun_config['o_server_timezone'] == -6 ) echo ' selected="selected"' ?>>-06 CST</option>
322 <option value="-5"<?php if ($pun_config['o_server_timezone'] == -5 ) echo ' selected="selected"' ?>>-05 EST</option>
323 <option value="-4"<?php if ($pun_config['o_server_timezone'] == -4 ) echo ' selected="selected"' ?>>-04 AST</option>
324 <option value="-3.5"<?php if ($pun_config['o_server_timezone'] == -3.5) echo ' selected="selected"' ?>>-3.5</option>
325 <option value="-3"<?php if ($pun_config['o_server_timezone'] == -3 ) echo ' selected="selected"' ?>>-03 ADT</option>
326 <option value="-2"<?php if ($pun_config['o_server_timezone'] == -2 ) echo ' selected="selected"' ?>>-02</option>
327 <option value="-1"<?php if ($pun_config['o_server_timezone'] == -1) echo ' selected="selected"' ?>>-01</option>
328 <option value="0"<?php if ($pun_config['o_server_timezone'] == 0) echo ' selected="selected"' ?>>00 GMT</option>
329 <option value="1"<?php if ($pun_config['o_server_timezone'] == 1) echo ' selected="selected"' ?>>+01 CET</option>
330 <option value="2"<?php if ($pun_config['o_server_timezone'] == 2 ) echo ' selected="selected"' ?>>+02</option>
331 <option value="3"<?php if ($pun_config['o_server_timezone'] == 3 ) echo ' selected="selected"' ?>>+03</option>
332 <option value="3.5"<?php if ($pun_config['o_server_timezone'] == 3.5 ) echo ' selected="selected"' ?>>+03.5</option>
333 <option value="4"<?php if ($pun_config['o_server_timezone'] == 4 ) echo ' selected="selected"' ?>>+04</option>
334 <option value="4.5"<?php if ($pun_config['o_server_timezone'] == 4.5 ) echo ' selected="selected"' ?>>+04.5</option>
335 <option value="5"<?php if ($pun_config['o_server_timezone'] == 5 ) echo ' selected="selected"' ?>>+05</option>
336 <option value="5.5"<?php if ($pun_config['o_server_timezone'] == 5.5 ) echo ' selected="selected"' ?>>+05.5</option>
337 <option value="6"<?php if ($pun_config['o_server_timezone'] == 6 ) echo ' selected="selected"' ?>>+06</option>
338 <option value="6.5"<?php if ($pun_config['o_server_timezone'] == 6.5 ) echo ' selected="selected"' ?>>+06.5</option>
339 <option value="7"<?php if ($pun_config['o_server_timezone'] == 7 ) echo ' selected="selected"' ?>>+07</option>
340 <option value="8"<?php if ($pun_config['o_server_timezone'] == 8 ) echo ' selected="selected"' ?>>+08</option>
341 <option value="9"<?php if ($pun_config['o_server_timezone'] == 9 ) echo ' selected="selected"' ?>>+09</option>
342 <option value="9.5"<?php if ($pun_config['o_server_timezone'] == 9.5 ) echo ' selected="selected"' ?>>+09.5</option>
343 <option value="10"<?php if ($pun_config['o_server_timezone'] == 10) echo ' selected="selected"' ?>>+10</option>
344 <option value="10.5"<?php if ($pun_config['o_server_timezone'] == 10.5 ) echo ' selected="selected"' ?>>+10.5</option>
345 <option value="11"<?php if ($pun_config['o_server_timezone'] == 11) echo ' selected="selected"' ?>>+11</option>
346 <option value="11.5"<?php if ($pun_config['o_server_timezone'] == 11.5 ) echo ' selected="selected"' ?>>+11.5</option>
347 <option value="12"<?php if ($pun_config['o_server_timezone'] == 12 ) echo ' selected="selected"' ?>>+12</option>
348 <option value="13"<?php if ($pun_config['o_server_timezone'] == 13 ) echo ' selected="selected"' ?>>+13</option>
349 <option value="14"<?php if ($pun_config['o_server_timezone'] == 14 ) echo ' selected="selected"' ?>>+14</option>
350 </select>
351 <br /></label>
352 <?php
353
354 $languages = array();
355 $d = dir(PUN_ROOT.'lang');
356 while (($entry = $d->read()) !== false)
357 {
358 if ($entry != '.' && $entry != '..' && is_dir(PUN_ROOT.'lang/'.$entry) && file_exists(PUN_ROOT.'lang/'.$entry.'/common.php'))
359 $languages[] = $entry;
360 }
361 $d->close();
362
363 // Only display the language selection box if there's more than one language available
364 if (count($languages) > 1)
365 {
366
367 ?>
368 <label><?php echo $lang_prof_reg['Language'] ?>: <?php echo $lang_prof_reg['Language info'] ?>
369 <br /><select name="language">
370 <?php
371
372 while (list(, $temp) = @each($languages))
373 {
374 if ($pun_config['o_default_lang'] == $temp)
375 echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'" selected="selected">'.$temp.'</option>'."\n";
376 else
377 echo "\t\t\t\t\t\t\t\t".'<option value="'.$temp.'">'.$temp.'</option>'."\n";
378 }
379
380 ?>
381 </select>
382 <br /></label>
383 <?php
384
385 }
386 ?>
387 </div>
388 </fieldset>
389 </div>
390 <div class="inform">
391 <fieldset>
392 <legend><?php echo $lang_prof_reg['Privacy options legend'] ?></legend>
393 <div class="infldset">
394 <p><?php echo $lang_prof_reg['E-mail setting info'] ?></p>
395 <div class="rbox">
396 <label><input type="radio" name="email_setting" value="0" /><?php echo $lang_prof_reg['E-mail setting 1'] ?><br /></label>
397 <label><input type="radio" name="email_setting" value="1" checked="checked" /><?php echo $lang_prof_reg['E-mail setting 2'] ?><br /></label>
398 <label><input type="radio" name="email_setting" value="2" /><?php echo $lang_prof_reg['E-mail setting 3'] ?><br /></label>
399 </div>
400 <p><?php echo $lang_prof_reg['Save user/pass info'] ?></p>
401 <div class="rbox">
402 <label><input type="checkbox" name="save_pass" value="1" checked="checked" /><?php echo $lang_prof_reg['Save user/pass'] ?><br /></label>
403 </div>
404 </div>
405 </fieldset>
406 </div>
407 <div class="nom_de_class" style="display: none">
408 <label><strong>Username</strong><br /><input type="text" name="username" size="60" maxlength="60" /><br /></label>
409 </div>
410 <p><input type="submit" name="register" value="<?php echo $lang_register['Register'] ?>" /></p>
411 </form>
412 </div>
413 </div>
414 <?php
415
416 require PUN_ROOT.'footer.php';