root/trunk/actions/register.action.php

Revision 33, 5.3 KB (checked in by alexx, 6 years ago)
  • Auth: Remove MySQL PASSWORD hashing method to hash password, replace by MD5 hashing, add code to make a smooth transition between hashing method
  • XML engine: Fix a trivial recent bug in dotnode-xml.php
  • Robots: fix a bug in crontab script robots/launch_robots.sh (add cd dirname $0)
  • CSS: Add max_width to image in blog (work on Mozilla/*, Opera but not good on Safari (no proportional resizing), of course, that doesn't work on IE)
  • DB: changing DB structure !!! 
    ALTER TABLE `user` ADD `passwd_md5` CHAR( 32 ) NOT NULL AFTER `passwd` ;
ALTER TABLE `user` CHANGE `passwd` `passwd` VARCHAR( 42 ) NULL ;
ALTER TABLE `dntp_translator` ADD `passwd_md5` CHAR( 32 ) NOT NULL AFTER `passwd` ;
ALTER TABLE `dntp_translator` CHANGE `passwd` `passwd` VARCHAR( 42 ) NULL ;
Line 
1<?php
2/****************************************************** Open .node ***
3 * Description:   
4 * Status:        Stable.
5 * Author:        Alexandre Dath <alexandre@dotnode.com>
6 * $Id$
7 *
8 * Copyright (C) 2005 Alexandre Dath <alexandre@dotnode.com>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software Foundation,
22 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
23 ******************** http://opensource.ikse.net/projects/dotnode ***/
24
25
26$login = trim(label2name($_POST['login']));
27$passwd = trim($_POST['passwd']);
28$passwd2 = trim($_POST['passwd2']);
29
30
31if($login && $passwd && valid_login($login) && isset($_POST['accept']))
32{
33
34    if($passwd == $passwd2)
35    {
36        if(strtoupper($_POST['code']).'.jpeg' == $_SESSION['pix_code'])
37        {
38            $user_values = array(
39                'id'        => $_SESSION['my_id'],
40                'login'        => $login,
41                'passwd_md5'    => md5($_POST['passwd']),
42                'fname'        => $_SESSION['my_fname'],
43                'lname'        => $_SESSION['my_lname'],
44                'id_parent'    => $_SESSION['my_id_invit'],
45                'join_date'    => time(),
46                'last_visite'    => time(),
47                'invite_date'    => $_SESSION['invitation_date'],
48                'lang'        => $lang,
49                'status'    => 'waiting'
50                );
51            $res = $db->autoExecute('user', $user_values);
52            if(DB::isError($res))
53            {
54                error_log(__FILE__.' '.$res->getUserInfo());
55
56                $header = "From: error@dotnode.net";
57                $to = "debug@dotnode.net";
58                $body = "SESSION: ".print_r($_SESSION, true)."\n\nPOST: ".print_r($_POST, true)."\n\nGLOBALS: ".print_r($GLOBALS, true);
59                mail($to, "ERROR !!!!!!!!!!!!!!!!!!!", $body);
60
61                $_SESSION['error']['title'] = 'Erreur inconnu';
62                $_SESSION['error']['msg'] = 'Une erreur inconnu est survenu. Merci de recommencer';
63                header('Location: /new');
64
65                exit();
66            }
67
68            $db->query('INSERT INTO cache_user SET id=?, login=?, fname=?, lname=?, fname_sndex=SOUNDEX(?), lname_sndex=SOUNDEX(?), nb_friends=?, friends_id=?, join_date=?', array($_SESSION['my_id'], $login, $_SESSION['my_fname'], $_SESSION['my_lname'], $_SESSION['my_fname'], $_SESSION['my_lname'], 1, $_SESSION['my_id_invit'], time()));
69            $db->query('INSERT INTO user_contact SET id=?, email=?', array($_SESSION['my_id'], $_SESSION['my_email']));
70
71            $db->query('INSERT INTO user_professional SET id=?', array($_SESSION['my_id']));
72            $db->query('INSERT INTO user_personal SET id=?', array($_SESSION['my_id']));
73            $db->query('INSERT INTO user_general SET id=?', array($_SESSION['my_id']));
74            $db->query('INSERT INTO user_interests SET id=?', array($_SESSION['my_id']));
75
76            $db->query('INSERT INTO relation SET id=?, id_friend=?', array($_SESSION['my_id'], $_SESSION['my_id_invit']));
77            $db->query('INSERT INTO relation SET id_friend=?, id=?', array($_SESSION['my_id'], $_SESSION['my_id_invit']));
78
79            $db->query('UPDATE invitation_email SET status=?, response=? WHERE id=?', array('done', 'accepted', $_SESSION['my_id']));
80
81            $friend_friends_id = $db->getCol('SELECT id FROM relation WHERE id_friend=? ORDER BY last_visit DESC',0,$_SESSION['my_id_invit']);
82            $db->query('UPDATE cache_user SET friends_id=?, nb_friends=? WHERE id=?', array(implode(',',$friend_friends_id), count($friend_friends_id), $_SESSION['my_id_invit'] ));
83
84
85            $message_values = array(
86                'id' => $_SESSION['my_id_invit'],
87                'id_from' => $_SESSION['my_id'],
88                'from_str' => $_SESSION['my_fname'],
89                'type' => 'friend_invitation_accepted',
90                'dest' => 'one',
91                'subject' => $_SESSION['my_fname'].' has accepted your invitation',
92                'message' => 'Thanks',
93                'box' => 'inbox',
94                'date' => time());
95
96            $db->autoExecute("message", $message_values);
97
98
99            $_SESSION['my_login'] = $login;
100            $_SESSION['my_status'] = 'waiting';
101            $_SESSION['my_ip'] = $_SERVER['REMOTE_ADDR'];
102            $_SESSION['my_photo'] = build_image_url($_SESSION['my_id']);
103
104            $nb_nodians = $db->getOne('SELECT COUNT(id) FROM user');
105            $db->query('UPDATE global_data SET value=? WHERE name=?', array($nb_nodians, 'nb_nodians'));
106
107            header('Location: /new/profile');
108        }
109        else
110        {
111            $_SESSION['error']['msg'] = _('The code in not the same than image');
112                    header('Location: /new');
113        }
114    }
115    else
116    {
117        $_SESSION['error']['msg'] = _('The password and his confirmation are different');
118        header('Location: /new');
119    }
120}
121elseif(isset($_POST['refuse']))
122{
123    session_destroy();
124    $db->query('UPDATE invitation_email SET status=?, response=?, failure_notice=? WHERE id=?', array('stop', 'rejected', stripslashes($_POST['refuse_motif']), $_SESSION['my_id']));
125    header('Location: /pub');
126}
127elseif(isset($_POST['blacklist']))
128{
129    session_destroy();
130    $db->query('UPDATE invitation_email SET status=?, response=?, failure_notice=? WHERE id=?', array('stop', 'blacklist', stripslashes($_POST['bl_motif']), $_SESSION['my_id']));
131    header('Location: /pub');
132}
133else
134{               
135    $_SESSION['error']['msg'] = _('Invalid login (less than 3 characters or login already exist)');
136    header('Location: /new');
137}
138
139?>
Note: See TracBrowser for help on using the browser.