.
*/
/**
* @package Base
* @subpackage Forms
*/
require('header.php');
// The user must be guest to register a new account
if( $User->type['User'] )
{
libHTML::error("You're attempting to create a
new user account when you already have one. Please use
your existing user account.");
}
libHTML::starthtml();
if ( isset($_REQUEST['userForm']) )
{
$formOutput = '';
try
{
if (isset($_REQUEST['confirm_code']))
{
if ( isset($_COOKIE['Captcha']) )
{
list($Hash, $Time) = explode('.', $_COOKIE['Captcha']);
if ( md5(Config::$secret.$_REQUEST['confirm_code'].$_SERVER['REMOTE_ADDR'].$Time) != $Hash )
{
throw new Exception("Confirm code is wrong");
}
elseif( (time() - 5*60) > $Time)
{
throw new Exception("Confirm code is only valid for 5 minutes");
}
}
else
{
throw new Exception("No confirm code cookie given. Make sure cookies are enabled");
}
}
$SQLVars = User::processForm($_REQUEST['userForm']);
//TODO: Allow e-mail changes
$required = array('Username' => 'username', 'E-mail' => 'email',
'E-mail hiding' => 'hideEmail', 'Timezone' => 'gmtOffset', 'Locale'=>'locale');
$allowed = array('Homepage'=>'homepage','Comment'=>'comment');
$set = '';
foreach( $required as $name=>$SQLName )
{
if ( ! isset($SQLVars[$SQLName]) )
{
throw new Exception($name.' required, but not given');
}
if ( $set != '' ) $set .= ', ';
// This will insert the data back into the form so it doesn't have to be re-entered
$User->{$SQLName} = $SQLVars[$SQLName];
$set .= $SQLName." = '".$SQLVars[$SQLName]."'";
}
if ( isset($SQLVars['password']) )
{
$set .= ', password = '.$SQLVars['password'];
}
else
{
throw new Exception('Password required, but not given');
}
foreach( $allowed as $name=>$SQLName )
{
if ( ! isset($SQLVars[$SQLName]) )
continue;
$set .= ', ';
$User->{$SQLName} = $SQLVars[$SQLName];
$set .= $SQLName." = '".$SQLVars[$SQLName]."'";
}
$set .= ', timeJoined = '.time().', timeLastSessionEnded = '.time();
unset($id);
list($id) = $DB->sql_row("SELECT id FROM pD_Users WHERE username = '".$SQLVars['username']."'");
if ( isset($id) and $id )
{
throw new Exception("The username '".$SQLVars['username']."' has already been taken. Please choose another.");
}
$DB->sql_put("INSERT INTO pD_Users SET ".$set);
// Re-authenticate with the new password, to create a new session ID
$key = libAuth::authenticate($SQLVars['username'], $_REQUEST['userForm']['password']);
$User = libAuth::key_logon($key);
header('refresh: 3; url=index.php');
$username = $User->username;
// libHTML does not like letting registered users access the registration page
$User = new User(GUESTID);
libHTML::notice('Registration sucessful',
"Thank you for registering ".$username.", you're being redirected to the forum.
");
}
catch(Exception $e)
{
$formOutput .= $e->getMessage();
}
$User->load(); // Reload in case of a change
print ''.$formOutput.'
';
libHTML::pagebreak();
}
print 'Welcome to phpDiplomacy