00001 <?php
00002 if(!defined('__PRAGYAN_CMS'))
00003 {
00004 header($_SERVER['SERVER_PROTOCOL'].' 403 Forbidden');
00005 echo "<h1>403 Forbidden<h1><h4>You are not authorized to access the page.</h4>";
00006 echo '<hr/>'.$_SERVER['SERVER_SIGNATURE'];
00007 exit(1);
00008 }
00016 function getRegistrationForm() {
00017 global $urlRequestRoot, $moduleFolder, $cmsFolder,$sourceFolder, $templateFolder;
00018 require_once("$sourceFolder/$moduleFolder/form/registrationformsubmit.php");
00019 require_once("$sourceFolder/$moduleFolder/form/registrationformgenerate.php");
00020 $jsPath2 = "$urlRequestRoot/$cmsFolder/$moduleFolder/form/validation.js";
00021 $jsPath = "$urlRequestRoot/$cmsFolder/templates/common/scripts/formValidator.js";
00022 $calpath = "$urlRequestRoot/$cmsFolder/$moduleFolder";
00023 $jsPathMooTools = "$urlRequestRoot/$cmsFolder/templates/common/scripts/mootools-1.11-allCompressed.js";
00024 $body = '<script language="javascript" type="text/javascript" src="'.$jsPath2.'"></script>';
00025 $body .= '<link rel="stylesheet" type="text/css" media="all" href="'.$calpath.'/form/calendar/calendar.css" title="Aqua" />' .
00026 '<script type="text/javascript" src="'.$calpath.'/form/calendar/calendar.js"></script>';
00027
00028 $captchaHtml = getCaptchaHtml();
00029 $jsValidationFunctions = array();
00030 $containsFileUploadFields = false;
00031 $dynamicFields = getFormElementsHtmlAsArray(0, 0, $jsValidationFunctions, $containsFileUploadFields);
00032 $dynamicFields = join($dynamicFields, "</tr>\n<tr>");
00033 if($dynamicFields != '') {
00034 $dynamicFields = "<tr>$dynamicFields</tr>";
00035 }
00036 $jsValidationFunctions = join($jsValidationFunctions, ' && ');
00037 $reg_str =<<<REG
00038 <script language="javascript">
00039 function checkPassword(inputhandler2) {
00040 inputhandler1=inputhandler2.form.user_password;
00041 if(inputhandler1.value!=inputhandler2.value) {
00042 alert("Passwords do not match");
00043 inputhandler2.value="";
00044 inputhandler1.value="";
00045 inputhandler1.focus();
00046 return false;
00047 }
00048 return true;
00049 }
00050 function checkRegistrationForm(inputhandler) {
00051 if(inputhandler.user_password.value.length==0) {
00052 alert("Blank password not allowed.");
00053 return false;
00054 }
00055 if(inputhandler.user_name.value.length==0) {
00056 alert("Blank 'User name' not allowed.");
00057 return false;
00058 }
00059 if(inputhandler.user_fullname.value.length==0) {
00060 alert("Blank 'Full name' not allowed.");
00061 return false;
00062 }
00063 return (checkEmail(this.user_email)&&checkPassword(this.user_repassword));
00064 }
00065 </script>
00066 <form class="cms-registrationform" method="POST" name="user_reg_usrFrm" onsubmit="return checkRegistrationForm(this)" action="./+login&subaction=register" enctype="multipart/form-data">
00067 <fieldset>
00068 <legend> Sign Up</legend>
00069 <table border="0" cellspacing="0" cellpadding="0">
00070 <tr> <td><label for="user_email" class="labelrequired">Email *</label></td>
00071 <td><input name="user_email" id="user_email" class="required" onchange="if(this.length!=0) return checkEmail(this);" type="text"></td>
00072 </tr>
00073 <tr> <td><label for="user_password" class="labelrequired">Password *</label></td>
00074 <td> <input name="user_password" id="user_password" class="required" type="password"></td>
00075 </tr>
00076 <tr> <td><label for="user_repassword" class="labelrequired">Re-enter Password *</label></td>
00077 <td> <input name="user_repassword" id="user_repassword" class="required" onchange="if(this.length!=0) return checkPassword(this);" type="password"></td>
00078 </tr>
00079 <tr>
00080 <td><label for="user_name" class="labelrequired">User name *</label></td>
00081 <td><input name="user_name" id="user_name" class="required" type="text"></td>
00082 </tr>
00083 <tr>
00084 <td><label for="user_fullname" class="labelrequired">Full Name *</label></td>
00085 <td><input name="user_fullname" id="user_fullname" class="required" type="text"></td>
00086 </tr>
00087 $dynamicFields
00088 $captchaHtml
00089 <tr>
00090 <td colspan="2">* - Required Fields </td>
00091 </tr>
00092
00093 <tr>
00094 <td><input type="submit" id="submitbutton" value="Sign Up"></td>
00095 <td><a href="./+login&subaction=register&reSendKey=1">Resend Activation link?</a> <a href="./+login">Login?</a></td>
00096 </tr>
00097 </table>
00098 </fieldset>
00099 </form>
00100 REG;
00101 $body .= $reg_str;
00102 $body .= <<<SCRIPT
00103 <script language="javascript" type="text/javascript">
00104 <!--
00105 function validate_form(thisform) {
00106 return ($jsValidationFunctions);
00107 }
00108 -->
00109 </script>
00110 SCRIPT;
00111 return $body;
00112 }
00113
00114 function register() {
00116 global $uploadFolder,$sourceFolder,$moduleFolder,$urlRequestRoot;
00117 require("$sourceFolder/$moduleFolder/form/registrationformgenerate.php");
00118 require("$sourceFolder/$moduleFolder/form/registrationformsubmit.php");
00119 if ((!isset ($_GET['key'])) && (!isset ($_GET['reSendKey'])) && (!isset ($_POST['user_email']))) {
00120 return getRegistrationForm();
00121 }
00123 elseif ((isset ($_GET['reSendKey'])) && (!isset ($_POST['resend_key_email'])) && SEND_MAIL_ON_REGISTRATION) {
00124
00125 $reSendForm =<<<FORM
00126 <form class="cms-registrationform" method="POST" name="user_resend_key" onsubmit="return checkForm(this)" action="./+login&subaction=register&reSendKey">
00127 <fieldset>
00128 <legend>Resend Activation Link</legend>
00129 <table>
00130 <tr>
00131 <td><label for="resend_key_email" class="labelrequired">Email</label></td>
00132 <td><input type="text" name="resend_key_email" id="resend_key_email" class="required" onchange="if(this.length!=0) return checkEmail(this);"/><br /></td>
00133 </tr>
00134 <tr>
00135 <td colspan="2"> </td>
00136 </tr>
00137 <tr>
00138 <td><input type="submit" id="submitbutton" value="Submit"></td>
00139 <td><a href="./+login&subaction=register">Sign Up</a> <a href="./+login">Login?</a></td>
00140 </tr>
00141 </table>
00142 </fieldset>
00143 </form>
00144 FORM;
00145 return $reSendForm;
00146 }
00148 elseif (isset ($_POST['resend_key_email'])) {
00149 $email = escape($_POST['resend_key_email']);
00150 $query = "SELECT * FROM `" . MYSQL_DATABASE_PREFIX . "users` WHERE `user_email`='$email' ";
00151 $result = mysql_query($query) or displayerror(mysql_error() . "registration L:131");
00152 if (!mysql_num_rows($result))
00153 displayinfo("This email-id has not yet been registered. Kindly <a href=\"./+login&subaction=register\">register</a>.");
00154 else {
00155 $temp = mysql_fetch_assoc($result);
00156 if ($temp['user_activated'] == 1)
00157 displayinfo("E-mail $email has already been verified.<a href=\"./+login\"> Login</a> <a href=\"./+login&subaction=resetPasswd\">Forgot Password?</a>");
00158 else {
00159 $key = getVerificationKey($email, $temp['user_password'], $temp['user_regdate']);
00160
00161
00162 $from = "from: ".CMS_TITLE." <".CMS_EMAIL.">";
00163 $to = "$email";
00164 $mailtype = "activation_mail";
00165
00166
00167 $messenger = new messenger(false);
00168 global $onlineSiteUrl;
00169 $messenger->assign_vars(array('ACTIVATE_URL'=>"$onlineSiteUrl/+login&subaction=register&verify=$to&key=$key",'NAME'=>"$temp[user_fullname]",'WEBSITE'=>CMS_TITLE,'DOMAIN'=>$onlineSiteUrl));
00170
00171 if ($messenger->mailer($to,$mailtype,$key,$from))
00172 displayinfo("Activation link resent. Kindly check your e-mail for activation link.");
00173 else
00174 displayerror("Activation link resending failure. Kindly contact administrator");
00175
00176
00177 }
00178 }
00179 }
00181 elseif (isset ($_GET['key'])) {
00182 $emailId = escape($_GET['verify']);
00183 $query = "SELECT * FROM `" . MYSQL_DATABASE_PREFIX . "users` WHERE `user_email`='{$emailId}'";
00184 $result = mysql_query($query) or displayerror(mysql_error() . "registration L:76");
00185 $temp = mysql_fetch_assoc($result);
00186 if ($temp['user_activated'] == 1)
00187 displayinfo("E-mail ".escape($_GET[verify])." has already been verified");
00188 else {
00189 if ($_GET['key'] == getVerificationKey($_GET['verify'], $temp['user_password'], $temp['user_regdate'])) {
00190 $query = "UPDATE `" . MYSQL_DATABASE_PREFIX . "users` SET `user_activated`=1 WHERE `user_email`='$emailId'";
00191 mysql_query($query) or die(mysql_error());
00192 if (mysql_affected_rows() > 0)
00193 displayinfo("Your e-mail ".escape($_GET[verify])." has been verified. Now you can fill your profile information by clicking <a href=\"./+profile\">here</a> or by clicking on the preferences link in the action bar any time you are logged in.");
00194 else
00195 displayerror("Verification error for ".escape($_GET[verify]).". Please contact administrator");
00196 } else
00197 displayerror("Verification error for ".escape($_GET[verify]).". Please contact administrator");
00198 }
00199 }
00201 else {
00202
00203 if ((($_POST['user_email']) == "") || (($_POST['user_password']) == "")) {
00204 displayerror("Blank e-mail/password NOT allowed");
00205 return getRegistrationForm();
00206 }
00207
00208 if ((($_POST['user_name']) == "") || (($_POST['user_fullname']) == "")) {
00209 displayerror("Please fill in your user name and Full name");
00210 return getRegistrationForm();
00211 }
00212
00213 if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $_POST['user_email'])) {
00214 displayerror("Invalid Email Id");
00215 return getRegistrationForm();
00216 }
00217 if (($_POST['user_password']) != ($_POST['user_repassword'])) {
00218 displayerror("Passwords are not same");
00219 return getRegistrationForm();
00220 }
00221 if (submitCaptcha()==false) {
00222 return getRegistrationForm();
00223 }
00224
00225
00226 $umail = escape($_POST['user_email']);
00227 $umail = trim($umail);
00228
00229 $query = "SELECT * FROM `" . MYSQL_DATABASE_PREFIX . "users` WHERE `user_email`='" . $umail . "'";
00230 $result = mysql_query($query) or displayerror(mysql_error() . "in registration L:115");
00231 if (mysql_num_rows($result)) {
00232 displaywarning("Email already exists in database. Please use a different e-mail.");
00233 return getRegistrationForm();
00234 } else {
00235 $passwd = md5($_POST['user_password']);
00236 $query = "INSERT INTO `" . MYSQL_DATABASE_PREFIX . "users` " .
00237 "(`user_name`, `user_email`, `user_fullname`, `user_password`, `user_activated`) " .
00238 "VALUES ('".escape($_POST['user_name'])."', '".escape($_POST['user_email'])."', '".escape($_POST['user_fullname'])."', '$passwd', ".ACTIVATE_USER_ON_REG.")";
00239 $result = mysql_query($query);
00240 $query1 = "SELECT `user_id` FROM `". MYSQL_DATABASE_PREFIX . "users` WHERE `user_email` ='".escape($_POST['user_email'])."' LIMIT 1";
00241 $result1 = mysql_query($query1);
00242 $result1 = mysql_fetch_array($result1);
00243 $form_result = submitRegistrationForm(0, $result1[0], true, true);
00244 if(!$form_result)
00245 {
00246 $query1 = "DELETE FROM `" . MYSQL_DATABASE_PREFIX . "users` WHERE `user_id` = ".$result1[0];
00247 $result = mysql_query($query1);
00248 return getRegistrationForm();
00249 }
00250 if ($result)
00251 {
00252 if(ACTIVATE_USER_ON_REG)
00253 displayinfo("You have been successfully registered. You can now <a href=\"./+login\">log in</a>.");
00254 else displayinfo("Your registration was successful but your account is not activated yet. Kindly check your email, or wait for the website administrator to activate you.");
00255 }
00256 if(SEND_MAIL_ON_REGISTRATION)
00257 {
00258 $email = $umail;
00259 $query = "SELECT * FROM `" . MYSQL_DATABASE_PREFIX . "users` WHERE `user_email`='$email' ";
00260 $result = mysql_query($query) or displayerror(mysql_error() . "registration L:211");
00261
00262 $temp = mysql_fetch_assoc($result);
00263 $key = getVerificationKey($email, $temp['user_password'], $temp['user_regdate']);
00264
00265
00266 $from = "from: ".CMS_TITLE." <".CMS_EMAIL.">";
00267 $to = "$email";
00268 $mailtype = "activation_mail";
00269
00270
00271 $messenger = new messenger(false);
00272 global $onlineSiteUrl;
00273 $messenger->assign_vars(array('ACTIVATE_URL'=>"$onlineSiteUrl/+login&subaction=register&verify=$to&key=$key",'NAME'=>"$temp[user_fullname]",'WEBSITE'=>CMS_TITLE, 'DOMAIN'=>$onlineSiteUrl));
00274
00275 if ($messenger->mailer($to,$mailtype,$key,$from))
00276 displayinfo("Kindly check your e-mail for activation link.");
00277 else
00278 displayerror("Activation link sending failure. Kindly contact administrator");
00279
00280
00281 }
00282
00283 }
00284 }
00285 }
00286
00287 function getVerificationKey($userEmail, $userPassword, $userRegistrationTime) {
00288 return md5(substr($userEmail, 0, 6) . substr(md5($userPassword), -17) . $userRegistrationTime . $userPassword);
00289 }
00290
00291
00292
00293
00294