Topic: Souped Up Register.php
*UPDATE*
choose to generate passwords and send them in emails to users or ask them for passwords
requires the following two (2) hacks:
make random password
https://cutephp.com/forum/index.php?showtopic=4319cute mail
https://cutephp.com/forum/index.php?showtopic=4318
<?PHP
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
register.php - Build 004a - Configuration
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
// With what level to be registered member.
// 4 = Commenter
// 3 = Journalist
// 2 = Editor
// 1 = Administrator
$register_level = "4";
// Allow multiple users to use same Email Address?
// yes
// no
$email_multiple = "no";
// Send password in an email (if no the script will ask for password)
// yes
// no
$email_password = "yes";
// Send an email to the admin when a new user signs up?
// yes
// no
$email_admin = "no";
// Username Filter
// These characters will not be allowed in usernames or passwords
$filter = array(" ", "<", ">", "\n", "\r", "|", "'", "\"");
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
END - END - END - END - END -- Do Not Edit Below
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
if ($register_level=="4") $level_mail="Commenter";
if ($register_level=="3") $level_mail="Journalist";
if ($register_level=="2") $level_mail="Editor";
if ($register_level=="1") $level_mail="Administrator";
error_reporting (E_ALL ^E_NOTICE);
require_once("./inc/functions.inc.php");
require_once("./data/config.php");
require_once("./skins/${config_skin}.skin.php");
if($action != "doregister"){
echoheader("user", "$level_mail Registration");
if ($email_password == "no") {
$prompt_password = <<<HTML
<tr>
<td width=80>Password: </td>
<td><input tabindex=3 type=text name=regpassword style="width:134" size="20"></td>
</tr>
<tr>
<td width=80>Confirm Password: </td>
<td><input tabindex=4 type=text name=confpassword style="width:134" size="20"></td>
</tr>
HTML;
} else { $prompt_password = ""; }
echo<<<HTML
<table leftmargin=0 marginheight=0 marginwidth=0 topmargin=0 border=0 height=100% cellspacing=0>
<form name=login action="$PHP_SELF" method=post>
<tr>
<td width=80>
Username: </td>
<td>
<input tabindex=1 type=text name=regusername style="width:134" size="20"></td>
</tr>
$prompt_password
<tr>
<td width=80>Email: </td>
<td><input tabindex=3 type=text name=regemail style="width:134" size="20"></td>
</tr>
<tr>
<td width=80>Confirm Email: </td>
<td><input tabindex=4 type=text name=confemail style="width:134" size="20"></td>
</tr>
<tr>
<td width=80>Hide Email: </td>
<td><input type=checkbox name=reghide></td>
</tr>
<tr>
<td></td>
<td ><input accesskey="s" type=submit style="background-color: #F3F3F3;" value='Register'></td>
</tr>
<input type=hidden name=action value=doregister>
</form>
</table>
HTML;
echofooter();
}else{
if($email_password == "yes"){ $regpassword = makeRandomPassword(); $confpassword = $regpassword; }
if(!$regusername){ msg("error","Error !!!", "Username can not be blank"); }
if(!$regpassword || !$confpassword || $regpassword != $confpassword) { msg("error","Error !!!", "Password can not be blank, both fields must match"); }
if(!$regemail || !$confemail || $regemail != $confemail) { msg("error","Error !!!", "Email can not be blank, both fields must match"); }
if(!preg_match("/^[\.A-z0-9_\-]+[@][A-z0-9_\-]+([.][A-z0-9_\-]+)+[A-z]{1,4}$/", $regemail)){ msg("error","Error !!!", "Invalid Email."); }
for ($f = 0; $f <= sizeof($filter); $f++) { if (stristr($regusername, $filter[$f])) { msg("error","Error !!!", "Invalid Username."); } }
for ($f = 0; $f <= sizeof($filter); $f++) { if (stristr($regpassword, $filter[$f])) { msg("error","Error !!!", "Invalid Password."); } }
$add_time = time()+($config_date_adjust*60);
if ($reghide=="on") { $hidemail="1"; } else { $hidemail="0"; }
$all_users = file("./data/users.db.php");
foreach($all_users as $null => $user_line) {
$user_arr = explode("|", $user_line);
if(stristr("|".$user_arr[2]."|", "|".$regusername."|")){ msg("error", "Error", "This username is already taken"); }
if($email_multiple=="no" && stristr("|".$user_arr[5]."|", "|".$regemail."|")){ msg("error", "Error", "This email address is registered to another user!"); }
}
$users_file = fopen("./data/users.db.php", "a");
fwrite($users_file, "$add_time|$register_level|$regusername|".md5($regpassword)."||$regemail|0|$hidemail||||||\n");
fclose($users_file);
if ($email_password == "yes"){ cute_mail($regemail, "Registration at $SERVER_NAME", "$regusername, you have registered successfully. \n ---------- \n Your User Level is: $level_mail \n Your Password is: $regpassword \n You can change this once you login. \n ---------- \n You can login here: $config_http_script_dir/ \n Thank You for Registering!"); }
if ($email_admin == "yes") { cute_mail($config_mail_admin_address, "New User: $regusername", "$regusername has registered on your CuteNews system. \n The address used to register was: $regemail \n To delete this user go to the following address: $config_http_script_dir/index.php?mod=editusers&action=dodeleteuser&id=$add_time"); }
if (!isset($config_mail_admin_address) || $config_mail_admin_address == "") { $problem_contact = "our staff"; }
else { $problem_contact = "[url=]".$email_admin_address."[/url]"; }
if ($email_password == "yes"){ msg("user", "$level_mail Added", "You have successfully registered as [b]\"$regusername\"[/b].
Your password has been emailed to [b]\"$regemail\"[/b].
If this information is wrong or you do not recieve your password please contact $problem_contact."); }
else { msg("user", "$level_mail Added", "You have successfully registered as [b]\"$regusername\"[/b].
Your password is [b]\"$regpassword\"[/b].
Your email address is [b]\"$regemail\"[/b].
If this information is wrong please contact $problem_contact."); }
}
?>
credits:
vallgard/VienoZ: send e-mail to successfully registered users
chonz0: confirm password (used to make confirm e-mail)
changes i made:
confirm e-mail instead of confirm password (password isnt asked for anymore)
password is randomly generated, and e-mailed to the user as a way of confirmation (enable/disable this option at top)
usernames can not match existing usernames ( CASE INSENSITIVE )
e-mail address can only be used by one user (enable/disable this option at top)
send mail to admin when user registers (enable/disable this option at top)
if anyone has any other suggestions let me know :-)