3 files changed, 116 insertions, 57 deletions

diff --git a/include/functions.inc.php b/include/functions.inc.php
index adbbce358..bb3979ae9 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -85,6 +85,31 @@ function get_boolean( $string )
   return $boolean;
 }
 
+/**
+ * returns boolean string 'true' or 'false' if the given var is boolean
+ *
+ * @param mixed $var
+ * @return mixed
+ */
+function boolean_to_string($var)
+{
+  if (is_bool($var))
+  {
+    if ($var)
+    {
+      return 'true';
+    }
+    else
+    {
+      return 'false';
+    }
+  }
+  else
+  {
+    return $var;
+  }
+}
+
 // array_remove removes a value from the given array if the value existed in
 // this array.
 function array_remove( $array, $value )
@@ -512,7 +537,7 @@ function redirect( $url )
 
   // $refresh, $url_link and $title are required for creating an automated
   // refresh page in header.tpl
-  $refresh = 1;
+  $refresh = 2;
   $url_link = $url;
   $title = 'redirection';
   include( PHPWG_ROOT_PATH.'include/page_header.php' );
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index f8b47083b..750f4602f 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -45,79 +45,106 @@ function validate_mail_address( $mail_address )
   }
 }
 
-function register_user( $login, $password, $password_conf,
-                        $mail_address, $status = 'guest' )
+function register_user($login, $password, $password_conf,
+                       $mail_address, $status = 'guest')
 {
-  global $lang;
+  global $lang, $conf;
 
-  $error = array();
-  $i = 0;
+  $errors = array();
   // login must not
   //      1. be empty
   //      2. start ou end with space character
   //      3. include ' or " characters
   //      4. be already used
-  if ( $login == '' )            $error[$i++] = $lang['reg_err_login1'];
-  if ( ereg( "^.* $", $login) )  $error[$i++] = $lang['reg_err_login2'];
-  if ( ereg( "^ .*$", $login ) ) $error[$i++] = $lang['reg_err_login3'];
+  if ($login == '')
+  {
+    array_push($errors, $lang['reg_err_login1']);
+  }
+  if (ereg("^.* $", $login))
+  {
+    array_push($errors, $lang['reg_err_login2']);
+  }
+  if (ereg("^ .*$", $login))
+  {
+    array_push($errors, $lang['reg_err_login3']);
+  }
 
-  if ( ereg( "'", $login ) or ereg( "\"", $login ) )
-    $error[$i++] = $lang['reg_err_login4'];
+  if (ereg("'", $login) or ereg("\"", $login))
+  {
+    array_push($errors, $lang['reg_err_login4']);
+  }
   else
   {
-    $query = 'SELECT id';
-    $query.= ' FROM '.USERS_TABLE;
-    $query.= " WHERE username = '".$login."'";
-    $query.= ';';
-    $result = pwg_query( $query );
-    if ( mysql_num_rows($result) > 0 ) $error[$i++] = $lang['reg_err_login5'];
+    $query = '
+SELECT id
+  FROM '.USERS_TABLE.'
+  WHERE username = \''.$login.'\'
+;';
+    $result = pwg_query($query);
+    if (mysql_num_rows($result) > 0)
+    {
+      array_push($errors, $lang['reg_err_login5']);
+    }
   }
   // given password must be the same as the confirmation
-  if ( $password != $password_conf ) $error[$i++] = $lang['reg_err_pass'];
+  if ($password != $password_conf)
+  {
+    array_push($errors, $lang['reg_err_pass']);
+  }
 
-  $error_mail_address = validate_mail_address( $mail_address );
-  if ( $error_mail_address != '' ) $error[$i++] = $error_mail_address;
+  $error_mail_address = validate_mail_address($mail_address);
+  if ($error_mail_address != '')
+  {
+    array_push($errors, $error_mail_address);
+  }
 
   // if no error until here, registration of the user
-  if ( sizeof( $error ) == 0 )
+  if (count($errors) == 0)
   {
-    // 1. retrieving default values, the ones of the user "guest"
-    $infos = array( 'nb_image_line', 'nb_line_page', 'language',
-                    'maxwidth', 'maxheight', 'expand', 'show_nb_comments',
-                    'recent_period', 'template', 'forbidden_categories' );
-    $query = 'SELECT ';
-    for ( $i = 0; $i < sizeof( $infos ); $i++ )
+    $insert = array();
+    $insert['username'] = $login;
+    $insert['password'] = md5($password);
+    $insert['status'] = $status;
+    $insert['template'] = $conf['default_template'];
+    $insert['nb_image_line'] = $conf['nb_image_line'];
+    $insert['nb_line_page'] = $conf['nb_line_page'];
+    $insert['language'] = $conf['default_language'];
+    $insert['recent_period'] = $conf['recent_period'];
+    $insert['expand'] = boolean_to_string($conf['auto_expand']);
+    $insert['show_nb_comments'] = boolean_to_string($conf['show_nb_comments']);
+    if ( $mail_address != '' )
     {
-      if ( $i > 0 ) $query.= ',';
-      $query.= $infos[$i];
+      $insert['mail_address'] = $mail_address;
     }
-    $query.= ' FROM '.USERS_TABLE;
-    $query.= " WHERE username = 'guest'";
-    $query.= ';';
-    $row = mysql_fetch_array( pwg_query( $query ) );
-    // 2. adding new user
-    $query = 'INSERT INTO '.USERS_TABLE;
-    $query.= ' (';
-    $query.= ' username,password,mail_address,status';
-    for ( $i = 0; $i < sizeof( $infos ); $i++ )
+    if ($conf['default_maxwidth'] != '')
     {
-      $query.= ','.$infos[$i];
+      $insert['maxwidth'] = $conf['default_maxwidth'];
     }
-    $query.= ') values (';
-    $query.= " '".$login."'";
-    $query.= ",'".md5( $password )."'";
-    if ( $mail_address != '' ) $query.= ",'".$mail_address."'";
-    else                       $query.= ',NULL';
-    $query.= ",'".$status."'";
-    foreach ( $infos as $info ) {
-      $query.= ',';
-      if ( !isset( $row[$info] ) ) $query.= 'NULL';
-      else                         $query.= "'".$row[$info]."'";
+    if ($conf['default_maxheight'] != '')
+    {
+      $insert['maxheight'] = $conf['default_maxheight'];
     }
-    $query.= ');';
-    pwg_query( $query );
+
+    $query = '
+INSERT INTO '.USERS_TABLE.'
+  ('.implode(',', array_keys($insert)).')
+  VALUES
+  (';
+    $is_first = true;
+    foreach (array_keys($insert) as $field)
+    {
+      if (!$is_first)
+      {
+        $query.= ',';
+      }
+      $query.= "'".$insert[$field]."'";
+      $is_first = false;
+    }
+    $query.= ')
+;';
+    pwg_query($query);
   }
-  return $error;
+  return $errors;
 }
 
 function update_user( $user_id, $mail_address, $status,
diff --git a/register.php b/register.php
index f939ff3e9..ad44745a3 100644
--- a/register.php
+++ b/register.php
@@ -30,14 +30,21 @@ define('PHPWG_ROOT_PATH','./');
 include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
 //----------------------------------------------------------- user registration
 $errors = array();
-if ( isset( $_POST['submit'] ) )
+if (isset($_POST['submit']))
 {
-  $errors = register_user( $_POST['login'], $_POST['password'],
-                          $_POST['password_conf'], $_POST['mail_address'] );
-  if ( sizeof( $errors ) == 0 )
+  $errors = register_user($_POST['login'], $_POST['password'],
+                          $_POST['password_conf'], $_POST['mail_address']);
+  if (count($errors) == 0)
   {
+    $query = '
+SELECT id
+  FROM '.USERS_TABLE.'
+  WHERE username = \''.$_POST['login'].'\'
+;';
+    list($user_id) = mysql_fetch_array(pwg_query($query));
+    $session_id = session_create($user_id, $conf['session_length']);
     $url = 'category.php?id='.$session_id;
-    redirect( $url );
+    redirect($url);
   }
 }