Gitiles
Code Review Sign In
korap.ids-mannheim.de / ids-kl / ldap-signup / 04b9621e7fb0fbfe19e0e3dad7ccc60a00fc0e39 / . / index.php
blob: 60ce7957cfe7df6e0dda5cef6139f9ca69d6aac4 [file] [log] [blame]
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]1<?php
2require_once 'vendor/autoload.php';
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]3include 'config.php';
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]4include_once 'redis.php';
5include_once 'utils.php';
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]6include_once 'mail.php';
7include_once 'ldap.php';
Marc Kupietz145f5b92023-03-09 20:39:31 +0100[diff] [blame]8include_once 'db_backend.php';
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]9include_once 'validators.php';
Marc Kupietz0215a442023-03-05 18:34:16 +0100[diff] [blame]10include_once 'User.php';
Marc Kupietz49f677c2023-03-10 08:29:41 +0100[diff] [blame]11include_once 'invoice.php';
Marc Kupietz0215a442023-03-05 18:34:16 +0100[diff] [blame]12require __DIR__ . '/vendor/autoload.php';
13use Monolog\Level;
14use Monolog\Logger as Logger;
15use Monolog\Handler\StreamHandler;
16use Monolog\Handler\RotatingFileHandler;
17use \User as User;
Marc Kupietz145f5b92023-03-09 20:39:31 +0100[diff] [blame]18use \DB as DB;
Marc Kupietza7074402023-03-06 07:04:59 +0100[diff] [blame]19include $TEMPLATE . "strings.php";
Marc Kupietz0215a442023-03-05 18:34:16 +0100[diff] [blame]20$log = new Logger('signup');
21$log->pushHandler(new RotatingFileHandler(__DIR__ . '/logs/signup.log', 0, Logger::DEBUG));
Marc Kupietz3c9672c2023-04-15 16:21:03 +0200[diff] [blame]22if ($CONFERENCE_REGISTRATION) {
23 $dinners_left = $MAX_DINNERS - (new DB($log))->dinner_count();
24}
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]25
26if (!$DEBUG) error_reporting(0);
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]27else error_reporting(1);
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]28session_start();
29
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]30use Gregwar\Captcha\PhraseBuilder;
31
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]32$URI = array_slice(explode("/", explode('?', $_SERVER['REQUEST_URI'], 2)[0]), -1)[0];
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]33if (strlen($URI) == 2) {
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]34 $GLOBALS["cc"] = $URI;
35 $_SESSION["cc"] = $URI;
36}
37
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]38if (isset($_GET["lang"])) {
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]39 $GLOBALS["cc"] = $_GET["lang"];
40 $_SESSION["cc"] = $_GET["lang"];
41}
42
43$TEMPLATE = template_path();
44
45
Marc Kupietza7074402023-03-06 07:04:59 +0100[diff] [blame]46function send_welcome_email(User $user)
47{
48 global $SMTP, $SERVICE_ACRONYM, $WELCOME_TEMPLATE, $TEMPLATE;
49 $TEMPLATE = template_path();
50 include $TEMPLATE . "email.php";
51 $url = "";
52
53 send_mail($user->email, $SMTP, (object) [
54 "subject" => $WELCOME_TEMPLATE->subject,
55 "text" => replace_all_user_variables($WELCOME_TEMPLATE->text, $user, $url),
56 "html" => replace_all_user_variables($WELCOME_TEMPLATE->html, $user, $url)
Marc Kupietz49f677c2023-03-10 08:29:41 +0100[diff] [blame]57 ], $user);
Marc Kupietza7074402023-03-06 07:04:59 +0100[diff] [blame]58}
59
Marc Kupietza3f3fdb2023-03-04 18:13:26 +0100[diff] [blame]60function send_confirmation_email(string $mail, object $smtp, string $url, User $user)
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]61{
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]62 include 'config.php';
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]63 $TEMPLATE = template_path();
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]64 include $TEMPLATE . "email.php";
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]65
66 send_mail($mail, $smtp, (object) [
67 "subject" => $MAIL_TEMPLATE->subject,
Marc Kupietza3f3fdb2023-03-04 18:13:26 +0100[diff] [blame]68 "text" => replace_all_user_variables($MAIL_TEMPLATE->text, $user, $url),
69 "html" => replace_all_user_variables($MAIL_TEMPLATE->html, $user, $url)
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]70 ]);
71}
72
73function send_recovery_email(string $mail, object $smtp, string $url)
74{
75 include 'config.php';
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]76 $TEMPLATE = template_path();
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]77 include $TEMPLATE . "email.php";
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]78
79 send_mail($mail, $smtp, (object) [
80 "subject" => $RECOVERY_EMAIL_TEMPLATE->subject,
81 "text" => str_replace("{{url}}", $url, $RECOVERY_EMAIL_TEMPLATE->text),
82 "html" => str_replace("{{url}}", $url, $RECOVERY_EMAIL_TEMPLATE->html)
83 ]);
84}
85
86function reload_captcha_script()
87{
88 include 'config.php';
Marc Kupietza7074402023-03-06 07:04:59 +0100[diff] [blame]89
90 if ($CAPTCHA_LENGTH > 0) {
91 $TEMPLATE = template_path();
92 include $TEMPLATE . "strings.php";
93 echo '
94 <script>
95 const reload_captcha = async (e) => {
96 var cont = document.getElementById("reload_captcha");
97 cont.innerHTML = "<div class=\'spinner-border text-info\' role=\'status\'><span class=\'sr-only\'>' . $STRINGS->reloading_captcha . '</span></div>";
98 var img = document.getElementById("captcha")
99 var url = "' . $BASE_URL . '/captcha.php?token=' . $_SESSION["captcha_token"] . '"
100 await fetch(url, { cache: "reload", mode: "no-cors" })
101 .then(() => {
102 img.src = url+"&t=" + new Date().getTime();
103 setTimeout( () => {
104 cont.innerHTML = "<button id=\'reload\' class=\'btn btn-outline-info\' type=\'button\'> <span class=\'glyphicon glyphicon-refresh\' aria-hidden=\'true\'></span></button>";
105 bindButton()
106 }, 500);
107 })
108 }
109 function bindButton(){
110 var button = document.getElementById("reload");
111 button.addEventListener("click", reload_captcha)
112 }
113 bindButton()
114 </script>
115 ';
116 }
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]117}
118
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]119function register_page($error = false)
120{
Marc Kupietz9e5df242023-04-10 18:48:56 +0200[diff] [blame]121 global $log, $dinners_left;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]122 $TEMPLATE = template_path();
123 include 'config.php';
124 if ($error)
125 include $TEMPLATE . 'error.htm';
126 $_SESSION["captcha_token"] = generateRandomString(12);
127 include $TEMPLATE . "register.htm";
128 reload_captcha_script();
129}
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]130
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]131
Marc Kupietz0215a442023-03-05 18:34:16 +0100[diff] [blame]132function verify_request(User $user)
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]133{
Marc Kupietzd5513b12023-03-30 17:12:22 +0200[diff] [blame]134 global $log, $CONFERENCE_REGISTRATION, $CAPTCHA_LENGTH, $DEBUG;
Marc Kupietz145f5b92023-03-09 20:39:31 +0100[diff] [blame]135
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]136 $TEMPLATE = template_path();
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]137 unset($_SESSION['captcha_token']);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]138 include $TEMPLATE . 'strings.php';
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]139 $password = $_POST["password"];
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]140 $error = "";
141
Marc Kupietz145f5b92023-03-09 20:39:31 +0100[diff] [blame]142 if (!$CONFERENCE_REGISTRATION) {
143 $error .= validate_username($user->username);
144 $error .= validate_password($password);
145 }
146 $log->debug("validating request");
Marc Kupietz03146622023-03-07 12:03:21 +0100[diff] [blame]147 $error .= validate_name($user->first_name, $FIRST_NAME_VALIDATION_ERROR);
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]148 $error .= validate_name($user->last_name, $LAST_NAME_VALIDATION_ERROR);
Marc Kupietz145f5b92023-03-09 20:39:31 +0100[diff] [blame]149 $log->debug("request validated: $error");
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]150 $error .= validate_email($user->email);
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]151
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]152
Marc Kupietz493198f2023-03-04 14:59:16 +0100[diff] [blame]153 if ($CAPTCHA_LENGTH > 0 && !(isset($_SESSION['captcha']) && PhraseBuilder::comparePhrases($_SESSION['captcha'], $_POST['captcha']))) {
Marc Kupietzd5513b12023-03-30 17:12:22 +0200[diff] [blame]154 $error = $error . $STRINGS->wrong_captcha . ($DEBUG ? " expected: " . $_SESSION['captcha'] . " actual: " . $_POST['captcha'] : "");
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]155 }
156 unset($_SESSION["captcha"]);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]157
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]158 return $error;
159}
160
Marc Kupietza3f3fdb2023-03-04 18:13:26 +0100[diff] [blame]161
Marc Kupietz0215a442023-03-05 18:34:16 +0100[diff] [blame]162function approve_request(User $user)
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]163{
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]164 include 'config.php';
Marc Kupietz8e6a8df2023-03-07 13:05:23 +0100[diff] [blame]165 global $log, $_SESSION;
Marc Kupietz0215a442023-03-05 18:34:16 +0100[diff] [blame]166
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]167 $token = generateRandomString();
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]168 redis_set($token, $user, $MAIL_CONFIRMATION_AWAIT_DELAY);
169 $pending = redis_get("pending");
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]170 if ($pending) {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]171 $maillist = $pending->mails;
Marc Kupietz145f5b92023-03-09 20:39:31 +0100[diff] [blame]172 if(is_array($maillist))
173 array_push($maillist, $user->email);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]174 } else
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]175 $maillist = [$user->email];
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]176 redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY);
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]177
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]178 $url = $BASE_URL . "?type=confirmation&token=" . $token;
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]179 if (in_array(explode("@", $user->email)[1], $MAIL_HOST_DIRECT_FALLBACK))
180 $smtp = $FALLBACK_SMTP;
181 else
182 $smtp = $SMTP;
Marc Kupietza3f3fdb2023-03-04 18:13:26 +0100[diff] [blame]183 send_confirmation_email($user->email, $smtp, $url, $user);
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]184 $_SESSION['resend'] = generateRandomString(12);
185 $_SESSION['token'] = $token;
Marc Kupietz03146622023-03-07 12:03:21 +0100[diff] [blame]186 $user->backup_in_session();
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]187 $TEMPLATE = template_path();
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]188 include $TEMPLATE . "confirm_your_email.htm";
Marc Kupietz03146622023-03-07 12:03:21 +0100[diff] [blame]189 $log->info("Registration process started for " . $user->to_string());
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]190}
191
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]192function recover_form($error = null)
193{
194 $TEMPLATE = template_path();
195 include 'config.php';
196 $_SESSION["captcha_token"] = generateRandomString(12);
197 if ($error)
198 include $TEMPLATE . 'error.htm';
199 include $TEMPLATE . "recover_email_form.htm";
200 reload_captcha_script();
201}
202
203function new_password_form($error = null)
204{
205 $TEMPLATE = template_path();
206 if ($error)
207 include $TEMPLATE . 'error.htm';
208 include $TEMPLATE . "recover_new_password_form.htm";
209}
210
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]211
212// PAGE
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]213include $TEMPLATE . "header.htm";
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]214
215if ($_SERVER["REQUEST_METHOD"] == "POST") {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]216 if (isset($_POST['type'])) {
217 switch ($_POST['type']) {
218 case "register":
Marc Kupietz03146622023-03-07 12:03:21 +0100[diff] [blame]219 $log->info("Registration request from " . array_to_string($_POST));
220 $user = new User();
221 $user->init_from_array($_POST);
222 $log->info("Registration request from " . $user->to_string());
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]223 if (redis_inc_ipdata(getClientIP(), "register", true) > $HOURLY_REGISTRATIONS) {
224 include $TEMPLATE . "registration_limit.htm";
225 } else {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]226 $error = verify_request($user);
227 if ($error)
228 register_page($error);
229 else
230 approve_request($user);
231 }
232 break;
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]233 case "recover":
Marc Kupietz145f5b92023-03-09 20:39:31 +0100[diff] [blame]234 if ($CONFERENCE_REGISTRATION)
235 break;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]236 $TEMPLATE = template_path();
237 unset($_SESSION['captcha_token']);
238 include $TEMPLATE . 'strings.php';
239
240 $email = $_POST["email"];
Marc Kupietz5ade52f2023-04-24 14:41:09 +0200[diff] [blame]241 if (($CONFERENCE_REGISTRATION && ! (new DB($log))->mail_count($email)) || !ldap_mail_count($email)) {
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]242 unset($_POST['email']);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]243 $error = $error . $STRINGS->recover_email_not_registered;
244 }
245
Marc Kupietz493198f2023-03-04 14:59:16 +0100[diff] [blame]246 if ($CAPTCHA_LENGTH > 0 && !(isset($_SESSION['captcha']) && PhraseBuilder::comparePhrases($_SESSION['captcha'], $_POST['captcha']))) {
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]247 $error = $error . $STRINGS->wrong_captcha;
248 }
249
250 unset($_SESSION["captcha"]);
251 if (redis_inc_ipdata(getClientIP(), "register", true) > $HOURLY_REGISTRATIONS) {
252 include $TEMPLATE . "registration_limit.htm";
253 } else {
254 if ($error) {
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]255 recover_form($error);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]256 } else {
257 include $TEMPLATE . 'strings.php';
258 $token = generateRandomString();
259 redis_set($token, $email, $MAIL_CONFIRMATION_AWAIT_DELAY);
260
261 $url = $BASE_URL . "?type=password_change&token=" . $token;
262 if (in_array(explode("@", $email)[1], $MAIL_HOST_DIRECT_FALLBACK))
263 $smtp = $FALLBACK_SMTP;
264 else
265 $smtp = $SMTP;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]266 $_SESSION['resend'] = generateRandomString(12);
267 $_SESSION['token'] = $token;
268 $_SESSION['email'] = $email;
269 $_SESSION['recover'] = $email;
270 $TEMPLATE = template_path();
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]271 send_recovery_email($email, $smtp, $url);
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]272 include $TEMPLATE . "confirm_your_email.htm";
Marc Kupietz0215a442023-03-05 18:34:16 +0100[diff] [blame]273 $log->info("Password recovery email sent to " . $email);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]274 }
275 }
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]276 break;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]277
278 case "password_change":
Marc Kupietz145f5b92023-03-09 20:39:31 +0100[diff] [blame]279 if ($CONFERENCE_REGISTRATION)
280 break;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]281 $password = $_POST['password'];
282 $error = validate_password($password);
283 if ($error) {
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]284 new_password_form($error);
285 } else {
286 $TEMPLATE = template_path();
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]287 include $TEMPLATE . "recover_success.htm";
288 include $TEMPLATE . "email.php";
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]289 $email = $_SESSION["email_change"];
290 if (change_password($email, $password)) {
291 if (in_array(explode("@", $email)[1], $MAIL_HOST_DIRECT_FALLBACK))
292 $smtp = $FALLBACK_SMTP;
293 else
294 $smtp = $SMTP;
295 send_mail($email, $smtp, $PASSWORD_CHANGED_EMAIL_TEMPLATE);
Marc Kupietz0215a442023-03-05 18:34:16 +0100[diff] [blame]296 $log->info("Password changed for " . $email);
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]297 } else {
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]298 include $TEMPLATE . "strings.php";
299 echo $STRINGS->change_password_ldap_error;
300 }
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]301 unset($_SESSION["email_change"]);
302 redis_delete($_SESSION['token']);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]303 }
304 break;
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]305 }
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]306 }
307} elseif (isset($_GET['type'])) {
308 switch ($_GET['type']) {
309 case "confirmation":
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]310 if (!isset($_GET["token"])) {
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]311 echo $RUNTIME_ERROR->user_trying_invalid_get;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]312 } else {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]313 $token = $_GET["token"];
Marc Kupietz0215a442023-03-05 18:34:16 +0100[diff] [blame]314 $user = redis_get_user($token);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]315 if ($user && gettype($user) == "object") {
Marc Kupietz145f5b92023-03-09 20:39:31 +0100[diff] [blame]316 if (($CONFERENCE_REGISTRATION && (new DB($log))->add_user($user)) || (!$CONFERENCE_REGISTRATION && ldap_add_user($user))) {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]317 if ($REDIRECT_TO)
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]318 header("refresh:5;url=" . $REDIRECT_TO);
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]319
320 $pending = redis_get("pending");
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]321 if ($pending) {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]322 $maillist = $pending->mails;
Marc Kupietz49f677c2023-03-10 08:29:41 +0100[diff] [blame]323 if (is_array($maillist) && in_array($user->email, $maillist)) {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]324 unset($maillist[array_search($user->email, $maillist)]);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]325 redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY);
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]326 }
327 }
328 redis_inc_ipdata(getClientIP(), "register");
Marc Kupietz145f5b92023-03-09 20:39:31 +0100[diff] [blame]329 $log->info("User registration completed: " . $user->to_string());
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]330 echo $STRINGS->email_confirmation;
Matheus Fillipe5ad0cd52022-05-05 06:10:41 +0300[diff] [blame]331 if (isset($POST_REGISTER_HOOK)) $POST_REGISTER_HOOK($user);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]332 include $TEMPLATE . "mail_confirmed.htm";
333 } else {
Marc Kupietz03146622023-03-07 12:03:21 +0100[diff] [blame]334 $log->error("User registration failed for: " . $user->to_string());
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]335 echo $STRINGS->email_confirmation;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]336 include $TEMPLATE . "registration_error.htm";
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]337 }
338 redis_delete($token);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]339 } else {
340 include $TEMPLATE . "token_expired.htm";
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]341 }
342 }
343 break;
344 case "resend":
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]345 if (isset($_GET['token']) && isset($_SESSION['resend']) && $_GET['token'] == $_SESSION['resend']) {
Marc Kupietz8e6a8df2023-03-07 13:05:23 +0100[diff] [blame]346 $log->info("Resending confirmation email to " . $_SESSION['email']);
347 $user = new User();
348 $user->init_from_array($_SESSION);
349 $log->info("Resending confirmation email to " . $user->to_string());
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]350 $token = $_SESSION['token'];
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]351 $url = $BASE_URL . "?type=confirmation&token=" . $token;
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]352 $smtp = $FALLBACK_SMTP;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]353 $address = $_SESSION["email"];
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]354 if (isset($_SESSION['recover'])) {
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]355 $url = $BASE_URL . "?type=password_change&token=" . $token;
Marc Kupietza3f3fdb2023-03-04 18:13:26 +0100[diff] [blame]356 send_recovery_email($address, $smtp, $url, $user);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]357 unset($_SESSION['recover']);
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]358 } else
Marc Kupietza3f3fdb2023-03-04 18:13:26 +0100[diff] [blame]359 send_confirmation_email($address, $smtp, $url, $user);
Marc Kupietz8e6a8df2023-03-07 13:05:23 +0100[diff] [blame]360 echo "<div class='alert alert-info' role='alert'> Another email has been sent to ". $_SESSION['email']. " </div>";
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]361 unset($_SESSION['resend']);
362 unset($_SESSION['token']);
Marc Kupietza3f3fdb2023-03-04 18:13:26 +0100[diff] [blame]363 # unset($_SESSION['email']);
364 } else {
Marc Kupietz8e6a8df2023-03-07 13:05:23 +0100[diff] [blame]365 echo "<div class='alert alert-warning' role='alert'>A second email has already been sent.</div>";
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]366 }
367 break;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]368
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]369 case "recover":
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]370 recover_form();
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]371 break;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]372
373 case "password_change":
374 $TEMPLATE = template_path();
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]375 $token = $_GET["token"];
376 $email = redis_get($token);
377 $_SESSION["email_change"] = $email;
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]378 $_SESSION["token"] = $token;
379 if ($email && gettype($email) == "string") {
380 new_password_form();
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]381 } else {
382 include $TEMPLATE . "token_expired.htm";
383 }
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]384 break;
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]385 }
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]386} else {
387 unset($_SESSION['captcha_token']);
388 register_page();
389}
390
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]391include $TEMPLATE . "bottom.htm";