summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--activate.php46
-rw-r--r--config/registration_agreement.php.dist1
-rw-r--r--lib/class/user.class.php21
-rw-r--r--lib/ui.lib.php18
-rw-r--r--register.php5
-rw-r--r--templates/show_user_registration.inc.php36
6 files changed, 76 insertions, 51 deletions
diff --git a/activate.php b/activate.php
index 8508b2c9..61d0d0d5 100644
--- a/activate.php
+++ b/activate.php
@@ -22,34 +22,34 @@
$no_session = true;
require_once( "modules/init.php" );
+
+/* Keep them out if they shouldn't be here */
if(!conf('allow_public_registration') || conf('demo_mode')) {
access_denied();
}
-// Access Control
-echo "<html><head>";
+?>
+<html><head>
show_template('style');
-echo "<head><body>";
-
-
-$username = $_GET['u'];
-$validation = $_GET['act_key'];
-$user = new User($username);
-$val1 = $GLOBALS['user']->get_user_validation($username,$validation);
-if (!$val1){
- $GLOBALS['error']->add_error('no_such_user',_("No user with this name registered"));
- $GLOBALS['error']->print_error('no_such_user');
- echo "</body></html>";
- break;
+<head><body>
+<?php
+
+$username = scrub_in($_GET['u']);
+$validation = scrub_in($_GET['act_key']);
+$val1 = $GLOBALS['user']->get_user_validation($username,$validation);
+
+if (!$val1) {
+ $GLOBALS['error']->add_error('no_such_user',_("No user with this name registered"));
+ $GLOBALS['error']->print_error('no_such_user');
}
-if ($val1 != $validation) {
- $GLOBALS['error']->add_error('validation_failed',_("The validation key used isn't correct."));
- $GLOBALS['error']->print_error('validation_failed');
- echo "</body></html>";
- break;
+elseif ($val1 != $validation) {
+ $GLOBALS['error']->add_error('validation_failed',_("The validation key used isn't correct."));
+ $GLOBALS['error']->print_error('validation_failed');
}
-$activate = $GLOBALS['user']->activate_user($username);
-show_confirmation('User activated','This User ID is activated and can be used','/login.php');
-echo "</body></html>";
-
+else {
+ $activate = $GLOBALS['user']->activate_user($username);
+ show_confirmation(_('User activated'),_('This User ID is activated and can be used'),'/login.php');
+}
?>
+</body>
+</html>
diff --git a/config/registration_agreement.php.dist b/config/registration_agreement.php.dist
new file mode 100644
index 00000000..de35973d
--- /dev/null
+++ b/config/registration_agreement.php.dist
@@ -0,0 +1 @@
+**This is the plain TXT document that is put at the top of the User Registration page**
diff --git a/lib/class/user.class.php b/lib/class/user.class.php
index 49f9f1a9..12c1f328 100644
--- a/lib/class/user.class.php
+++ b/lib/class/user.class.php
@@ -389,12 +389,12 @@ class User {
}
elseif ($new_access == 'disabled') {
- $new_access = sql_escape($new_access);
$sql = "UPDATE user SET disabled='1' WHERE username='$this->username'";
$db_results = mysql_query($sql, dbh());
$sql = "DELETE FROM session WHERE username='" . sql_escape($this->username) . "'";
$db_results = mysql_query($sql, dbh());
- } else {
+ }
+ else {
$new_access = sql_escape($new_access);
$sql = "UPDATE user SET access='$new_access' WHERE username='$this->username'";
$db_results = mysql_query($sql, dbh());
@@ -768,12 +768,18 @@ class User {
@function get_user_validation
@check if user exists before activation can be done.
*/
- function get_user_validation($username,$validation){
+ function get_user_validation($username,$validation) {
+
+ $usename = sql_escape($username);
+
$sql = "SELECT validation FROM user where username='$username'";
$db_results = mysql_query($sql, dbh());
- $row = mysql_fetch_array($db_results);
- $val = $row[validation];
+
+ $row = mysql_fetch_assoc($db_results);
+ $val = $row['validation'];
+
return $val;
+
} // get_user_validation
/*!
@@ -781,9 +787,14 @@ class User {
@activates the user from public_registration
*/
function activate_user($username) {
+
+ $username = sql_escape($username);
+
$sql = "UPDATE user SET disabled='0' WHERE username='$username'";
$db_results = mysql_query($sql, dbh());
+
} // activate_user
+
} //end class
?>
diff --git a/lib/ui.lib.php b/lib/ui.lib.php
index c5db1a16..6862ce57 100644
--- a/lib/ui.lib.php
+++ b/lib/ui.lib.php
@@ -1192,7 +1192,25 @@ mail($email, "Welcome to $title" , $body, $from);
} //send_confirmation
+/**
+ * show_registration_agreement
+ * This function reads in /config/registration_agreement.php
+ * Plaintext Only
+ */
+function show_registration_agreement() {
+
+ $filename = conf('prefix') . '/config/registration_agreement.php';
+ /* Check for existance */
+ $fp = fopen($filename,'r');
+ if (!$fp) { return false; }
+
+ $data = fread($fp,filesize($filename));
+
+ /* Scrub and show */
+ echo scrub_out($data);
+
+} // show_registration_agreement
?>
diff --git a/register.php b/register.php
index f51e9cdf..a29330c4 100644
--- a/register.php
+++ b/register.php
@@ -142,7 +142,7 @@ switch ($action) {
}
/* Attempt to create the new user */
- $access = '0';
+ $access = 'disabled';
if (conf('auto_user')) { $access = '5'; }
$new_user = $GLOBALS['user']->create($username,$fullname,$email,$pass1,$access);
@@ -163,9 +163,6 @@ switch ($action) {
show_template('style');
show_confirmation(_('Registration Complete'),$message,'/login.php');
break;
- case 'new_user':
- include("templates/show_new_user.inc");
- break;
case 'show_add_user':
default:
$values = array('type'=>"new_user");
diff --git a/templates/show_user_registration.inc.php b/templates/show_user_registration.inc.php
index 4b637e58..d5c0da45 100644
--- a/templates/show_user_registration.inc.php
+++ b/templates/show_user_registration.inc.php
@@ -1,7 +1,7 @@
<?php
/*
- Copyright (c) 2001 - 2005 Ampache.org
+ Copyright (c) 2001 - 2006 Ampache.org
All rights reserved.
This program is free software; you can redistribute it and/or
@@ -49,10 +49,6 @@ $action = scrub_in($_REQUEST['action']);
$fullname = scrub_in($_REQUEST['fullname']);
$username = scrub_in($_REQUEST['username']);
$email = scrub_in($_REQUEST['email']);
-/*
-$password = scrub_in($_REQUEST['password']);
-echo "$password";
-*/
?>
<div align="center">
@@ -60,12 +56,12 @@ echo "$password";
<table class="border" width='700' cellpadding='0' cellspacing='0' border='0'>
<tr class="table-header">
<td>
- <font size="2"><b><u>Ampache New User Registration</u></b></font>
+ <font size="2"><b><u><?php echo _("Ampache New User Registration"); ?></u></b></font>
</td>
</tr>
<?php
- // USER AGREEMENT
- if(conf('user_agreement')==true){ ?>
+ /* If we should show the user agreement */
+ if(conf('user_agreement')){ ?>
<tr>
<td height='15' bgcolor="<?php print conf('base_color2'); ?>">
</td>
@@ -75,17 +71,17 @@ echo "$password";
<table width='100%' border='0' cellpadding='0' cellspacing='0'>
<tr class="table-header">
<td align='center'>
- <font size="1"><b><u>User Agreement</u></b></font>
+ <font size="1"><b><u><?php echo _('User Agreement'); ?></u></b></font>
</td>
</tr>
<tr>
<td>
- <?php include("templates/user_agreement.php"); ?>
+ <?php show_registration_agreement(); ?>
</td>
</tr>
<tr>
<td align='center' height='35' valign='center'>
- <input type='checkbox' name='accept_agreement'> I Accept
+ <input type='checkbox' name='accept_agreement'> <?php echo _('I Accept'); ?>
<?php $GLOBALS['error']->print_error('user_agreement'); ?>
</td>
</tr>
@@ -98,11 +94,11 @@ echo "$password";
</td>
</tr>
<tr>
- <td bgcolor="<?php print conf('base_color2'); ?>" align='center' valign='top'>
- <table width='100%' cellpadding='0' cellspacing='0' border='0'>
+ <td bgcolor="<?php print conf('base_color2'); ?>" align="center" valign="top">
+ <table width="100%" cellpadding="0" cellspacing="0" border="0">
<tr class="table-header">
<td align='center'>
- <font size="1"><b><u>User Information</u></b></font>
+ <font size="1"><b><u><?php echo _('User Information'); ?></u></b></font>
</td>
</tr>
</table>
@@ -113,7 +109,7 @@ echo "$password";
<?php echo _("Username"); ?>:
</td>
<td>
- <font color='red'>*</font> <input type='text' name='username' id='username' value='<?php echo "$username"; ?>' />
+ <font color='red'>*</font> <input type='text' name='username' id='username' value='<?php echo scrub_out($username); ?>' />
<?php $GLOBALS['error']->print_error('username'); ?>
<?php $GLOBALS['error']->print_error('duplicate_user'); ?>
</td>
@@ -123,7 +119,7 @@ echo "$password";
<?php echo _("Full Name"); ?>:
</td>
<td>
- <font color='red'>*</font> <input type='text' name='fullname' id='fullname' value='<?php echo "$fullname"; ?>' />
+ <font color='red'>*</font> <input type='text' name='fullname' id='fullname' value='<?php echo scrub_out($fullname); ?>' />
<?php $GLOBALS['error']->print_error('fullname'); ?>
</td>
</tr>
@@ -132,7 +128,7 @@ echo "$password";
<?php echo _("E-mail"); ?>:
</td>
<td>
- <font color='red'>*</font> <input type='text' name='email' id='email' value='<?php echo "$email"; ?>' />
+ <font color='red'>*</font> <input type='text' name='email' id='email' value='<?php echo scrub_out($email); ?>' />
<?php $GLOBALS['error']->print_error('email'); ?>
</td>
</tr>
@@ -153,10 +149,12 @@ echo "$password";
<font color='red'>*</font> <input type='password' name='password_2' id='password_2' />
</td>
</tr>
+ <?php if (conf('captcha_public_reg')) { ?>
<tr>
<?php echo captcha::form(); ?>
<?php $GLOBALS['error']->print_error('captcha'); ?>
</tr>
+ <?php } ?>
<tr>
<td colspan='2' bgcolor="<?php print conf('base_color2'); ?>" align='center' height='20'>
<font color='red'>*</font>Required fields
@@ -165,7 +163,7 @@ echo "$password";
<tr>
<td colspan='2' bgcolor="<?php print conf('base_color2'); ?>" align='center' height='50'>
<input type="hidden" name="action" value="add_user" />
- <input type='reset' name='clear_info' id='clear_info' value='Clear Info' />
+ <input type='reset' name='clear_info' id='clear_info' value='<?php echo _('Clear Info'); ?>' />
<input type='submit' name='submit_registration' id='submit_registration' value='<?php echo _("Register User"); ?>' />
</td>
</tr>
@@ -177,4 +175,4 @@ echo "$password";
</div>
</div><!--end <div>id="maincontainer-->
</body>
-</html> \ No newline at end of file
+</html>
generated by cgit (git 2.34.1) at 2025-08-13 19:51:26 +0000