aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--include/functions.inc.php27
-rw-r--r--include/functions_user.inc.php129
-rw-r--r--register.php17
3 files changed, 116 insertions, 57 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php
index adbbce358..bb3979ae9 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -85,6 +85,31 @@ function get_boolean( $string )
return $boolean;
}
+/**
+ * returns boolean string 'true' or 'false' if the given var is boolean
+ *
+ * @param mixed $var
+ * @return mixed
+ */
+function boolean_to_string($var)
+{
+ if (is_bool($var))
+ {
+ if ($var)
+ {
+ return 'true';
+ }
+ else
+ {
+ return 'false';
+ }
+ }
+ else
+ {
+ return $var;
+ }
+}
+
// array_remove removes a value from the given array if the value existed in
// this array.
function array_remove( $array, $value )
@@ -512,7 +537,7 @@ function redirect( $url )
// $refresh, $url_link and $title are required for creating an automated
// refresh page in header.tpl
- $refresh = 1;
+ $refresh = 2;
$url_link = $url;
$title = 'redirection';
include( PHPWG_ROOT_PATH.'include/page_header.php' );
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index f8b47083b..750f4602f 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -45,79 +45,106 @@ function validate_mail_address( $mail_address )
}
}
-function register_user( $login, $password, $password_conf,
- $mail_address, $status = 'guest' )
+function register_user($login, $password, $password_conf,
+ $mail_address, $status = 'guest')
{
- global $lang;
+ global $lang, $conf;
- $error = array();
- $i = 0;
+ $errors = array();
// login must not
// 1. be empty
// 2. start ou end with space character
// 3. include ' or " characters
// 4. be already used
- if ( $login == '' ) $error[$i++] = $lang['reg_err_login1'];
- if ( ereg( "^.* $", $login) ) $error[$i++] = $lang['reg_err_login2'];
- if ( ereg( "^ .*$", $login ) ) $error[$i++] = $lang['reg_err_login3'];
+ if ($login == '')
+ {
+ array_push($errors, $lang['reg_err_login1']);
+ }
+ if (ereg("^.* $", $login))
+ {
+ array_push($errors, $lang['reg_err_login2']);
+ }
+ if (ereg("^ .*$", $login))
+ {
+ array_push($errors, $lang['reg_err_login3']);
+ }
- if ( ereg( "'", $login ) or ereg( "\"", $login ) )
- $error[$i++] = $lang['reg_err_login4'];
+ if (ereg("'", $login) or ereg("\"", $login))
+ {
+ array_push($errors, $lang['reg_err_login4']);
+ }
else
{
- $query = 'SELECT id';
- $query.= ' FROM '.USERS_TABLE;
- $query.= " WHERE username = '".$login."'";
- $query.= ';';
- $result = pwg_query( $query );
- if ( mysql_num_rows($result) > 0 ) $error[$i++] = $lang['reg_err_login5'];
+ $query = '
+SELECT id
+ FROM '.USERS_TABLE.'
+ WHERE username = \''.$login.'\'
+;';
+ $result = pwg_query($query);
+ if (mysql_num_rows($result) > 0)
+ {
+ array_push($errors, $lang['reg_err_login5']);
+ }
}
// given password must be the same as the confirmation
- if ( $password != $password_conf ) $error[$i++] = $lang['reg_err_pass'];
+ if ($password != $password_conf)
+ {
+ array_push($errors, $lang['reg_err_pass']);
+ }
- $error_mail_address = validate_mail_address( $mail_address );
- if ( $error_mail_address != '' ) $error[$i++] = $error_mail_address;
+ $error_mail_address = validate_mail_address($mail_address);
+ if ($error_mail_address != '')
+ {
+ array_push($errors, $error_mail_address);
+ }
// if no error until here, registration of the user
- if ( sizeof( $error ) == 0 )
+ if (count($errors) == 0)
{
- // 1. retrieving default values, the ones of the user "guest"
- $infos = array( 'nb_image_line', 'nb_line_page', 'language',
- 'maxwidth', 'maxheight', 'expand', 'show_nb_comments',
- 'recent_period', 'template', 'forbidden_categories' );
- $query = 'SELECT ';
- for ( $i = 0; $i < sizeof( $infos ); $i++ )
+ $insert = array();
+ $insert['username'] = $login;
+ $insert['password'] = md5($password);
+ $insert['status'] = $status;
+ $insert['template'] = $conf['default_template'];
+ $insert['nb_image_line'] = $conf['nb_image_line'];
+ $insert['nb_line_page'] = $conf['nb_line_page'];
+ $insert['language'] = $conf['default_language'];
+ $insert['recent_period'] = $conf['recent_period'];
+ $insert['expand'] = boolean_to_string($conf['auto_expand']);
+ $insert['show_nb_comments'] = boolean_to_string($conf['show_nb_comments']);
+ if ( $mail_address != '' )
{
- if ( $i > 0 ) $query.= ',';
- $query.= $infos[$i];
+ $insert['mail_address'] = $mail_address;
}
- $query.= ' FROM '.USERS_TABLE;
- $query.= " WHERE username = 'guest'";
- $query.= ';';
- $row = mysql_fetch_array( pwg_query( $query ) );
- // 2. adding new user
- $query = 'INSERT INTO '.USERS_TABLE;
- $query.= ' (';
- $query.= ' username,password,mail_address,status';
- for ( $i = 0; $i < sizeof( $infos ); $i++ )
+ if ($conf['default_maxwidth'] != '')
{
- $query.= ','.$infos[$i];
+ $insert['maxwidth'] = $conf['default_maxwidth'];
}
- $query.= ') values (';
- $query.= " '".$login."'";
- $query.= ",'".md5( $password )."'";
- if ( $mail_address != '' ) $query.= ",'".$mail_address."'";
- else $query.= ',NULL';
- $query.= ",'".$status."'";
- foreach ( $infos as $info ) {
- $query.= ',';
- if ( !isset( $row[$info] ) ) $query.= 'NULL';
- else $query.= "'".$row[$info]."'";
+ if ($conf['default_maxheight'] != '')
+ {
+ $insert['maxheight'] = $conf['default_maxheight'];
}
- $query.= ');';
- pwg_query( $query );
+
+ $query = '
+INSERT INTO '.USERS_TABLE.'
+ ('.implode(',', array_keys($insert)).')
+ VALUES
+ (';
+ $is_first = true;
+ foreach (array_keys($insert) as $field)
+ {
+ if (!$is_first)
+ {
+ $query.= ',';
+ }
+ $query.= "'".$insert[$field]."'";
+ $is_first = false;
+ }
+ $query.= ')
+;';
+ pwg_query($query);
}
- return $error;
+ return $errors;
}
function update_user( $user_id, $mail_address, $status,
diff --git a/register.php b/register.php
index f939ff3e9..ad44745a3 100644
--- a/register.php
+++ b/register.php
@@ -30,14 +30,21 @@ define('PHPWG_ROOT_PATH','./');
include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
//----------------------------------------------------------- user registration
$errors = array();
-if ( isset( $_POST['submit'] ) )
+if (isset($_POST['submit']))
{
- $errors = register_user( $_POST['login'], $_POST['password'],
- $_POST['password_conf'], $_POST['mail_address'] );
- if ( sizeof( $errors ) == 0 )
+ $errors = register_user($_POST['login'], $_POST['password'],
+ $_POST['password_conf'], $_POST['mail_address']);
+ if (count($errors) == 0)
{
+ $query = '
+SELECT id
+ FROM '.USERS_TABLE.'
+ WHERE username = \''.$_POST['login'].'\'
+;';
+ list($user_id) = mysql_fetch_array(pwg_query($query));
+ $session_id = session_create($user_id, $conf['session_length']);
$url = 'category.php?id='.$session_id;
- redirect( $url );
+ redirect($url);
}
}