/*-------------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright (C) 2002 - 2010 Nick Jones
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: register.php
| Author: Nick Jones (Digitanium)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "maincore.php";
require_once THEMES."templates/header.php";
include LOCALE.LOCALESET."register.php";
include LOCALE.LOCALESET."user_fields.php";

if (iMEMBER || !$settings['enable_registration']) { redirect("index.php"); }

if (isset($_GET['activate'])) {
if (!preg_check("/^[0-9a-z]{32}$/", $_GET['activate'])) { redirect("index.php"); }
$result = dbquery("SELECT user_info FROM ".DB_NEW_USERS." WHERE user_code='".$_GET['activate']."'");
if (dbrows($result)) {
$data = dbarray($result);
$user_info = unserialize($data['user_info']);
$user_status = $settings['admin_activation'] == "1" ? "2" : "0";

$profile_method = "validate_insert"; $db_fields = ""; $db_values = "";
$result = dbquery(
"SELECT * FROM ".DB_USER_FIELDS." tuf
INNER JOIN ".DB_USER_FIELD_CATS." tufc ON tuf.field_cat = tufc.field_cat_id
ORDER BY field_cat_order, field_order"
);
if (dbrows($result)) {
while($data = dbarray($result)) {
if (file_exists(LOCALE.LOCALESET."user_fields/".$data['field_name'].".php")) {
include LOCALE.LOCALESET."user_fields/".$data['field_name'].".php";
}
if (file_exists(INCLUDES."user_fields/".$data['field_name']."_include.php")) {
include INCLUDES."user_fields/".$data['field_name']."_include.php";
}
}
}

$result = dbquery("INSERT INTO ".DB_USERS." (user_name, user_password, user_admin_password, user_email, user_hide_email, user_avatar, user_posts, user_threads, user_joined, user_lastvisit, user_ip, user_rights, user_groups, user_level, user_status".$db_fields.") VALUES('".$user_info['user_name']."', '".$user_info['user_password']."', '', '".$user_info['user_email']."', '".$user_info['user_hide_email']."', '', '0', '0', '".time()."', '0', '".USER_IP."', '', '', '101', '$user_status'".$db_values.")");
$result = dbquery("DELETE FROM ".DB_NEW_USERS." WHERE user_code='".$_GET['activate']."'");
add_to_title($locale['global_200'].$locale['401']);
opentable($locale['401']);
if ($settings['admin_activation'] == "1") {
echo "\n";
} else {
echo "\n";
}
closetable();
} else {
redirect("index.php");
}
} elseif (isset($_POST['register'])) {
if ($settings['display_validation'] == "1") {
include_once INCLUDES."securimage/securimage.php";
}
$error = ""; $db_fields = ""; $db_values = "";
$username = stripinput(trim(preg_replace("/ +/i", " ", $_POST['username'])));
$email = stripinput(trim(preg_replace("/ +/i", "", $_POST['email'])));
$password1 = stripinput(trim(preg_replace("/ +/i", "", $_POST['password1'])));

if ($username == "" || $password1 == "" || $email == "") {
$error .= $locale['402']."
\n";
}

if (!preg_match("/^[-0-9A-Z_@\s]+$/i", $username)) {
$error .= $locale['403']."
\n";
}

if (preg_match("/^[0-9A-Z@]{6,20}$/i", $password1)) {
if ($password1 != $_POST['password2']) $error .= $locale['404']."
\n";
} else {
$error .= $locale['405']."
\n";
}

if (!preg_match("/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i", $email)) {
$error .= $locale['406']."
\n";
}

$email_domain = substr(strrchr($email, "@"), 1);
if (dbcount("(blacklist_id)", DB_BLACKLIST, "blacklist_email='$email' OR blacklist_email='$email_domain'") != 0) { $error = $locale['411']."
\n";}
if (dbcount("(user_id)", DB_USERS, "user_name='$username'") != 0) { $error = $locale['407']."
\n";}
if (dbcount("(user_id)", DB_USERS, "user_email='$email'") != 0) { $error = $locale['408']."
\n";}

if ($settings['email_verification'] == "1") {
$result = dbquery("SELECT user_email, user_info FROM ".DB_NEW_USERS);
while ($new_users = dbarray($result)) {
$user_info = unserialize($new_users['user_info']);
if ($new_users['user_email'] == $email) { $error = $locale['409']."
\n"; }
if ($user_info['user_name'] == $username) { $error = $locale['407']."
\n"; break; }
}
}

if ($settings['display_validation'] == "1") {
$securimage = new Securimage();
if (!isset($_POST['captcha_code']) || $securimage->check($_POST['captcha_code']) == false) {
$error .= $locale['410']."
\n";
}
}

$user_hide_email = isnum($_POST['user_hide_email']) ? $_POST['user_hide_email'] : "1";

if ($settings['email_verification'] == "0") {
$user_offset = isset($_POST['user_offset']) ? is_numeric($_POST['user_offset']) ? $_POST['user_offset'] : "0" : "0";
$profile_method = "validate_insert"; $db_fields = ""; $db_values = "";
$result = dbquery(
"SELECT * FROM ".DB_USER_FIELDS." tuf
INNER JOIN ".DB_USER_FIELD_CATS." tufc ON tuf.field_cat = tufc.field_cat_id
ORDER BY field_cat_order, field_order"
);
if (dbrows($result)) {
while($data = dbarray($result)) {
if (file_exists(LOCALE.LOCALESET."user_fields/".$data['field_name'].".php")) {
include LOCALE.LOCALESET."user_fields/".$data['field_name'].".php";
}
if (file_exists(INCLUDES."user_fields/".$data['field_name']."_include.php")) {
include INCLUDES."user_fields/".$data['field_name']."_include.php";
}
}
}
}

if ($error == "") {
if ($settings['email_verification'] == "1") {
require_once INCLUDES."sendmail_include.php";
mt_srand((double)microtime()*1000000); $salt = "";
for ($i = 0; $i <= 7; $i++) { $salt .= chr(rand(97, 122)); }
$user_code = md5($email.$salt);
$activation_url = $settings['siteurl']."register.php?activate=".$user_code;
if (sendemail($username,$email,$settings['siteusername'], $settings['siteemail'], $locale['449'], $locale['450'].$activation_url)) {
$user_info = serialize(array(
"user_name" => $username,
"user_password" => md5(md5($password1)),
"user_email" => $email,
"user_hide_email" => isnum($_POST['user_hide_email']) ? $_POST['user_hide_email'] : "1"
));
$result = dbquery("INSERT INTO ".DB_NEW_USERS." (user_code, user_email, user_datestamp, user_info) VALUES('$user_code', '".$email."', '".time()."', '$user_info')");
opentable($locale['400']);
echo "\n";
closetable();
} else {
opentable($locale['456']);
echo "\n";
closetable();
}
} else {
$user_status = $settings['admin_activation'] == "1" ? "2" : "0";
$result = dbquery("INSERT INTO ".DB_USERS." (user_name, user_password, user_admin_password, user_email, user_hide_email, user_avatar, user_posts, user_threads, user_joined, user_lastvisit, user_ip, user_rights, user_groups, user_level, user_status".$db_fields.") VALUES('$username', '".md5(md5($password1))."', '', '".$email."', '$user_hide_email', '', '0', '0', '".time()."', '0', '".USER_IP."', '', '', '101', '$user_status'".$db_values.")");
opentable($locale['400']);
if ($settings['admin_activation'] == "1") {
echo "\n";
} else {
echo "\n";
}
closetable();
}
} else {
opentable($locale['456']);
echo "
\n";
closetable();
}
} else {
if ($settings['email_verification'] == "0") {
$offset_list = "";
for ($i = -13; $i < 17; $i++) {
if ($i > 0) { $offset = "+".$i; } else { $offset = $i; }
$offset_list .= "".$offset."\n";
}
}
opentable($locale['400']);
echo "

".$locale['500']."\n";
if ($settings['email_verification'] == "1") echo $locale['501']."\n";
echo $locale['502'];
if ($settings['email_verification'] == "1") echo "\n".$locale['503'];
echo "

\n";
echo "

\n";
echo "\n\n";
echo "\n";
echo "\n";
echo "\n\n";
echo "\n";
echo "\n";
echo "\n\n";
echo "\n";
echo "\n";
echo "\n\n";
echo "\n";
echo "\n";
echo "\n\n";
echo "\n";
echo "\n";
echo "\n";
if ($settings['display_validation'] == "1") {
echo "\n\n\n\n";
echo "\n";
echo "\n";
echo "\n";
}
if ($settings['email_verification'] == "0") {
$profile_method = "input"; $i = 0; $user_cats = array(); $user_fields = array(); $ob_active = false;
$result2 = dbquery(
"SELECT * FROM ".DB_USER_FIELDS." tuf
INNER JOIN ".DB_USER_FIELD_CATS." tufc ON tuf.field_cat = tufc.field_cat_id
ORDER BY field_cat_order, field_order"
);
if (dbrows($result2)) {
while($data2 = dbarray($result2)) {
if ($i != $data2['field_cat']) {
if ($ob_active) {
$user_fields[$i] = ob_get_contents();
ob_end_clean();
$ob_active = false;
}
$i = $data2['field_cat'];
$user_cats[] = array(
"field_cat_name" => $data2['field_cat_name'],
"field_cat" => $data2['field_cat']
);
}
if (!$ob_active) {
ob_start();
$ob_active = true;
}
if (file_exists(LOCALE.LOCALESET."user_fields/".$data2['field_name'].".php")) {
include LOCALE.LOCALESET."user_fields/".$data2['field_name'].".php";
}
if (file_exists(INCLUDES."user_fields/".$data2['field_name']."_include.php")) {
include INCLUDES."user_fields/".$data2['field_name']."_include.php";
}
}
}
if ($ob_active) {
$user_fields[$i] = ob_get_contents();
ob_end_clean();
}
foreach ($user_cats as $category) {
if (array_key_exists($category['field_cat'], $user_fields) && $user_fields[$category['field_cat']]) {
echo "\n";
echo "\n";
echo "\n".$user_fields[$category['field_cat']];
}
}
}

if ($settings['enable_terms'] == 1) {
echo "\n\n";
echo "\n";
echo "\n";
}
echo "\n\n\n

".$locale['u001']."*
".$locale['u002']."*
".$locale['u004']."*
".$locale['u005']."*
".$locale['u006']."	".$locale['u007']."\n"; echo "".$locale['u008']."
".$locale['504']."	"; echo "\n"; echo " \n"; echo ">\n"; echo "
".$locale['505']."*
".$category['field_cat_name']."
".$locale['508'] ."*	> ".$locale['509'] ."
\n"; echo "\n"; echo "

\n

\n";
closetable();
echo "\n";

if ($settings['enable_terms'] == 1) {
echo "";
}
}

require_once THEMES."templates/footer.php";
?>