matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 1 | <?php |
| 2 | require_once 'vendor/autoload.php'; |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 3 | include 'config.php'; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 4 | include_once 'redis.php'; |
| 5 | include_once 'utils.php'; |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 6 | include_once 'mail.php'; |
| 7 | include_once 'ldap.php'; |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 8 | include_once 'db_backend.php'; |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 9 | include_once 'validators.php'; |
Marc Kupietz | 0215a44 | 2023-03-05 18:34:16 +0100 | [diff] [blame] | 10 | include_once 'User.php'; |
Marc Kupietz | 49f677c | 2023-03-10 08:29:41 +0100 | [diff] [blame] | 11 | include_once 'invoice.php'; |
Marc Kupietz | 0215a44 | 2023-03-05 18:34:16 +0100 | [diff] [blame] | 12 | require __DIR__ . '/vendor/autoload.php'; |
| 13 | use Monolog\Level; |
| 14 | use Monolog\Logger as Logger; |
| 15 | use Monolog\Handler\StreamHandler; |
| 16 | use Monolog\Handler\RotatingFileHandler; |
| 17 | use \User as User; |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 18 | use \DB as DB; |
Marc Kupietz | a707440 | 2023-03-06 07:04:59 +0100 | [diff] [blame] | 19 | include $TEMPLATE . "strings.php"; |
Marc Kupietz | 0215a44 | 2023-03-05 18:34:16 +0100 | [diff] [blame] | 20 | $log = new Logger('signup'); |
| 21 | $log->pushHandler(new RotatingFileHandler(__DIR__ . '/logs/signup.log', 0, Logger::DEBUG)); |
Marc Kupietz | 3c9672c | 2023-04-15 16:21:03 +0200 | [diff] [blame] | 22 | if ($CONFERENCE_REGISTRATION) { |
| 23 | $dinners_left = $MAX_DINNERS - (new DB($log))->dinner_count(); |
| 24 | } |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 25 | |
| 26 | if (!$DEBUG) error_reporting(0); |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 27 | else error_reporting(1); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 28 | session_start(); |
| 29 | |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 30 | use Gregwar\Captcha\PhraseBuilder; |
| 31 | |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 32 | $URI = array_slice(explode("/", explode('?', $_SERVER['REQUEST_URI'], 2)[0]), -1)[0]; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 33 | if (strlen($URI) == 2) { |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 34 | $GLOBALS["cc"] = $URI; |
| 35 | $_SESSION["cc"] = $URI; |
| 36 | } |
| 37 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 38 | if (isset($_GET["lang"])) { |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 39 | $GLOBALS["cc"] = $_GET["lang"]; |
| 40 | $_SESSION["cc"] = $_GET["lang"]; |
| 41 | } |
| 42 | |
| 43 | $TEMPLATE = template_path(); |
| 44 | |
| 45 | |
Marc Kupietz | a707440 | 2023-03-06 07:04:59 +0100 | [diff] [blame] | 46 | function send_welcome_email(User $user) |
| 47 | { |
| 48 | global $SMTP, $SERVICE_ACRONYM, $WELCOME_TEMPLATE, $TEMPLATE; |
| 49 | $TEMPLATE = template_path(); |
| 50 | include $TEMPLATE . "email.php"; |
| 51 | $url = ""; |
| 52 | |
| 53 | send_mail($user->email, $SMTP, (object) [ |
| 54 | "subject" => $WELCOME_TEMPLATE->subject, |
| 55 | "text" => replace_all_user_variables($WELCOME_TEMPLATE->text, $user, $url), |
| 56 | "html" => replace_all_user_variables($WELCOME_TEMPLATE->html, $user, $url) |
Marc Kupietz | 49f677c | 2023-03-10 08:29:41 +0100 | [diff] [blame] | 57 | ], $user); |
Marc Kupietz | a707440 | 2023-03-06 07:04:59 +0100 | [diff] [blame] | 58 | } |
| 59 | |
Marc Kupietz | a3f3fdb | 2023-03-04 18:13:26 +0100 | [diff] [blame] | 60 | function send_confirmation_email(string $mail, object $smtp, string $url, User $user) |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 61 | { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 62 | include 'config.php'; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 63 | $TEMPLATE = template_path(); |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 64 | include $TEMPLATE . "email.php"; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 65 | |
| 66 | send_mail($mail, $smtp, (object) [ |
| 67 | "subject" => $MAIL_TEMPLATE->subject, |
Marc Kupietz | a3f3fdb | 2023-03-04 18:13:26 +0100 | [diff] [blame] | 68 | "text" => replace_all_user_variables($MAIL_TEMPLATE->text, $user, $url), |
| 69 | "html" => replace_all_user_variables($MAIL_TEMPLATE->html, $user, $url) |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 70 | ]); |
| 71 | } |
| 72 | |
| 73 | function send_recovery_email(string $mail, object $smtp, string $url) |
| 74 | { |
| 75 | include 'config.php'; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 76 | $TEMPLATE = template_path(); |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 77 | include $TEMPLATE . "email.php"; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 78 | |
| 79 | send_mail($mail, $smtp, (object) [ |
| 80 | "subject" => $RECOVERY_EMAIL_TEMPLATE->subject, |
| 81 | "text" => str_replace("{{url}}", $url, $RECOVERY_EMAIL_TEMPLATE->text), |
| 82 | "html" => str_replace("{{url}}", $url, $RECOVERY_EMAIL_TEMPLATE->html) |
| 83 | ]); |
| 84 | } |
| 85 | |
| 86 | function reload_captcha_script() |
| 87 | { |
| 88 | include 'config.php'; |
Marc Kupietz | a707440 | 2023-03-06 07:04:59 +0100 | [diff] [blame] | 89 | |
| 90 | if ($CAPTCHA_LENGTH > 0) { |
| 91 | $TEMPLATE = template_path(); |
| 92 | include $TEMPLATE . "strings.php"; |
| 93 | echo ' |
| 94 | <script> |
| 95 | const reload_captcha = async (e) => { |
| 96 | var cont = document.getElementById("reload_captcha"); |
| 97 | cont.innerHTML = "<div class=\'spinner-border text-info\' role=\'status\'><span class=\'sr-only\'>' . $STRINGS->reloading_captcha . '</span></div>"; |
| 98 | var img = document.getElementById("captcha") |
| 99 | var url = "' . $BASE_URL . '/captcha.php?token=' . $_SESSION["captcha_token"] . '" |
| 100 | await fetch(url, { cache: "reload", mode: "no-cors" }) |
| 101 | .then(() => { |
| 102 | img.src = url+"&t=" + new Date().getTime(); |
| 103 | setTimeout( () => { |
| 104 | cont.innerHTML = "<button id=\'reload\' class=\'btn btn-outline-info\' type=\'button\'> <span class=\'glyphicon glyphicon-refresh\' aria-hidden=\'true\'></span></button>"; |
| 105 | bindButton() |
| 106 | }, 500); |
| 107 | }) |
| 108 | } |
| 109 | function bindButton(){ |
| 110 | var button = document.getElementById("reload"); |
| 111 | button.addEventListener("click", reload_captcha) |
| 112 | } |
| 113 | bindButton() |
| 114 | </script> |
| 115 | '; |
| 116 | } |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 117 | } |
| 118 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 119 | function register_page($error = false) |
| 120 | { |
Marc Kupietz | 9e5df24 | 2023-04-10 18:48:56 +0200 | [diff] [blame] | 121 | global $log, $dinners_left; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 122 | $TEMPLATE = template_path(); |
| 123 | include 'config.php'; |
| 124 | if ($error) |
| 125 | include $TEMPLATE . 'error.htm'; |
| 126 | $_SESSION["captcha_token"] = generateRandomString(12); |
| 127 | include $TEMPLATE . "register.htm"; |
| 128 | reload_captcha_script(); |
| 129 | } |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 130 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 131 | |
Marc Kupietz | 0215a44 | 2023-03-05 18:34:16 +0100 | [diff] [blame] | 132 | function verify_request(User $user) |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 133 | { |
Marc Kupietz | d5513b1 | 2023-03-30 17:12:22 +0200 | [diff] [blame] | 134 | global $log, $CONFERENCE_REGISTRATION, $CAPTCHA_LENGTH, $DEBUG; |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 135 | |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 136 | $TEMPLATE = template_path(); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 137 | unset($_SESSION['captcha_token']); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 138 | include $TEMPLATE . 'strings.php'; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 139 | $password = $_POST["password"]; |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 140 | $error = ""; |
| 141 | |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 142 | if (!$CONFERENCE_REGISTRATION) { |
| 143 | $error .= validate_username($user->username); |
| 144 | $error .= validate_password($password); |
| 145 | } |
| 146 | $log->debug("validating request"); |
Marc Kupietz | 0314662 | 2023-03-07 12:03:21 +0100 | [diff] [blame] | 147 | $error .= validate_name($user->first_name, $FIRST_NAME_VALIDATION_ERROR); |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 148 | $error .= validate_name($user->last_name, $LAST_NAME_VALIDATION_ERROR); |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 149 | $log->debug("request validated: $error"); |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 150 | $error .= validate_email($user->email); |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 151 | |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 152 | |
Marc Kupietz | 493198f | 2023-03-04 14:59:16 +0100 | [diff] [blame] | 153 | if ($CAPTCHA_LENGTH > 0 && !(isset($_SESSION['captcha']) && PhraseBuilder::comparePhrases($_SESSION['captcha'], $_POST['captcha']))) { |
Marc Kupietz | d5513b1 | 2023-03-30 17:12:22 +0200 | [diff] [blame] | 154 | $error = $error . $STRINGS->wrong_captcha . ($DEBUG ? " expected: " . $_SESSION['captcha'] . " actual: " . $_POST['captcha'] : ""); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 155 | } |
| 156 | unset($_SESSION["captcha"]); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 157 | |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 158 | return $error; |
| 159 | } |
| 160 | |
Marc Kupietz | a3f3fdb | 2023-03-04 18:13:26 +0100 | [diff] [blame] | 161 | |
Marc Kupietz | 0215a44 | 2023-03-05 18:34:16 +0100 | [diff] [blame] | 162 | function approve_request(User $user) |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 163 | { |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 164 | include 'config.php'; |
Marc Kupietz | 8e6a8df | 2023-03-07 13:05:23 +0100 | [diff] [blame] | 165 | global $log, $_SESSION; |
Marc Kupietz | 0215a44 | 2023-03-05 18:34:16 +0100 | [diff] [blame] | 166 | |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 167 | $token = generateRandomString(); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 168 | redis_set($token, $user, $MAIL_CONFIRMATION_AWAIT_DELAY); |
| 169 | $pending = redis_get("pending"); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 170 | if ($pending) { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 171 | $maillist = $pending->mails; |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 172 | if(is_array($maillist)) |
| 173 | array_push($maillist, $user->email); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 174 | } else |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 175 | $maillist = [$user->email]; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 176 | redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 177 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 178 | $url = $BASE_URL . "?type=confirmation&token=" . $token; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 179 | if (in_array(explode("@", $user->email)[1], $MAIL_HOST_DIRECT_FALLBACK)) |
| 180 | $smtp = $FALLBACK_SMTP; |
| 181 | else |
| 182 | $smtp = $SMTP; |
Marc Kupietz | a3f3fdb | 2023-03-04 18:13:26 +0100 | [diff] [blame] | 183 | send_confirmation_email($user->email, $smtp, $url, $user); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 184 | $_SESSION['resend'] = generateRandomString(12); |
| 185 | $_SESSION['token'] = $token; |
Marc Kupietz | 0314662 | 2023-03-07 12:03:21 +0100 | [diff] [blame] | 186 | $user->backup_in_session(); |
matheusfillipe | c0ce7fa | 2021-05-13 05:15:37 -0300 | [diff] [blame] | 187 | $TEMPLATE = template_path(); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 188 | include $TEMPLATE . "confirm_your_email.htm"; |
Marc Kupietz | 0314662 | 2023-03-07 12:03:21 +0100 | [diff] [blame] | 189 | $log->info("Registration process started for " . $user->to_string()); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 190 | } |
| 191 | |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 192 | function recover_form($error = null) |
| 193 | { |
| 194 | $TEMPLATE = template_path(); |
| 195 | include 'config.php'; |
| 196 | $_SESSION["captcha_token"] = generateRandomString(12); |
| 197 | if ($error) |
| 198 | include $TEMPLATE . 'error.htm'; |
| 199 | include $TEMPLATE . "recover_email_form.htm"; |
| 200 | reload_captcha_script(); |
| 201 | } |
| 202 | |
| 203 | function new_password_form($error = null) |
| 204 | { |
| 205 | $TEMPLATE = template_path(); |
| 206 | if ($error) |
| 207 | include $TEMPLATE . 'error.htm'; |
| 208 | include $TEMPLATE . "recover_new_password_form.htm"; |
| 209 | } |
| 210 | |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 211 | |
| 212 | // PAGE |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 213 | include $TEMPLATE . "header.htm"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 214 | |
| 215 | if ($_SERVER["REQUEST_METHOD"] == "POST") { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 216 | if (isset($_POST['type'])) { |
| 217 | switch ($_POST['type']) { |
| 218 | case "register": |
Marc Kupietz | 0314662 | 2023-03-07 12:03:21 +0100 | [diff] [blame] | 219 | $log->info("Registration request from " . array_to_string($_POST)); |
| 220 | $user = new User(); |
| 221 | $user->init_from_array($_POST); |
| 222 | $log->info("Registration request from " . $user->to_string()); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 223 | if (redis_inc_ipdata(getClientIP(), "register", true) > $HOURLY_REGISTRATIONS) { |
| 224 | include $TEMPLATE . "registration_limit.htm"; |
| 225 | } else { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 226 | $error = verify_request($user); |
| 227 | if ($error) |
| 228 | register_page($error); |
| 229 | else |
| 230 | approve_request($user); |
| 231 | } |
| 232 | break; |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 233 | case "recover": |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 234 | if ($CONFERENCE_REGISTRATION) |
| 235 | break; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 236 | $TEMPLATE = template_path(); |
| 237 | unset($_SESSION['captcha_token']); |
| 238 | include $TEMPLATE . 'strings.php'; |
| 239 | |
| 240 | $email = $_POST["email"]; |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 241 | if (($CONFERENCE_REGISTRATION & ! (new DB($log))->mail_count($email)) || !ldap_mail_count($email)) { |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 242 | unset($_POST['email']); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 243 | $error = $error . $STRINGS->recover_email_not_registered; |
| 244 | } |
| 245 | |
Marc Kupietz | 493198f | 2023-03-04 14:59:16 +0100 | [diff] [blame] | 246 | if ($CAPTCHA_LENGTH > 0 && !(isset($_SESSION['captcha']) && PhraseBuilder::comparePhrases($_SESSION['captcha'], $_POST['captcha']))) { |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 247 | $error = $error . $STRINGS->wrong_captcha; |
| 248 | } |
| 249 | |
| 250 | unset($_SESSION["captcha"]); |
| 251 | if (redis_inc_ipdata(getClientIP(), "register", true) > $HOURLY_REGISTRATIONS) { |
| 252 | include $TEMPLATE . "registration_limit.htm"; |
| 253 | } else { |
| 254 | if ($error) { |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 255 | recover_form($error); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 256 | } else { |
| 257 | include $TEMPLATE . 'strings.php'; |
| 258 | $token = generateRandomString(); |
| 259 | redis_set($token, $email, $MAIL_CONFIRMATION_AWAIT_DELAY); |
| 260 | |
| 261 | $url = $BASE_URL . "?type=password_change&token=" . $token; |
| 262 | if (in_array(explode("@", $email)[1], $MAIL_HOST_DIRECT_FALLBACK)) |
| 263 | $smtp = $FALLBACK_SMTP; |
| 264 | else |
| 265 | $smtp = $SMTP; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 266 | $_SESSION['resend'] = generateRandomString(12); |
| 267 | $_SESSION['token'] = $token; |
| 268 | $_SESSION['email'] = $email; |
| 269 | $_SESSION['recover'] = $email; |
| 270 | $TEMPLATE = template_path(); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 271 | send_recovery_email($email, $smtp, $url); |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 272 | include $TEMPLATE . "confirm_your_email.htm"; |
Marc Kupietz | 0215a44 | 2023-03-05 18:34:16 +0100 | [diff] [blame] | 273 | $log->info("Password recovery email sent to " . $email); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 274 | } |
| 275 | } |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 276 | break; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 277 | |
| 278 | case "password_change": |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 279 | if ($CONFERENCE_REGISTRATION) |
| 280 | break; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 281 | $password = $_POST['password']; |
| 282 | $error = validate_password($password); |
| 283 | if ($error) { |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 284 | new_password_form($error); |
| 285 | } else { |
| 286 | $TEMPLATE = template_path(); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 287 | include $TEMPLATE . "recover_success.htm"; |
| 288 | include $TEMPLATE . "email.php"; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 289 | $email = $_SESSION["email_change"]; |
| 290 | if (change_password($email, $password)) { |
| 291 | if (in_array(explode("@", $email)[1], $MAIL_HOST_DIRECT_FALLBACK)) |
| 292 | $smtp = $FALLBACK_SMTP; |
| 293 | else |
| 294 | $smtp = $SMTP; |
| 295 | send_mail($email, $smtp, $PASSWORD_CHANGED_EMAIL_TEMPLATE); |
Marc Kupietz | 0215a44 | 2023-03-05 18:34:16 +0100 | [diff] [blame] | 296 | $log->info("Password changed for " . $email); |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 297 | } else { |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 298 | include $TEMPLATE . "strings.php"; |
| 299 | echo $STRINGS->change_password_ldap_error; |
| 300 | } |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 301 | unset($_SESSION["email_change"]); |
| 302 | redis_delete($_SESSION['token']); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 303 | } |
| 304 | break; |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 305 | } |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 306 | } |
| 307 | } elseif (isset($_GET['type'])) { |
| 308 | switch ($_GET['type']) { |
| 309 | case "confirmation": |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 310 | if (!isset($_GET["token"])) { |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 311 | echo $RUNTIME_ERROR->user_trying_invalid_get; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 312 | } else { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 313 | $token = $_GET["token"]; |
Marc Kupietz | 0215a44 | 2023-03-05 18:34:16 +0100 | [diff] [blame] | 314 | $user = redis_get_user($token); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 315 | if ($user && gettype($user) == "object") { |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 316 | if (($CONFERENCE_REGISTRATION && (new DB($log))->add_user($user)) || (!$CONFERENCE_REGISTRATION && ldap_add_user($user))) { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 317 | if ($REDIRECT_TO) |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 318 | header("refresh:5;url=" . $REDIRECT_TO); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 319 | |
| 320 | $pending = redis_get("pending"); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 321 | if ($pending) { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 322 | $maillist = $pending->mails; |
Marc Kupietz | 49f677c | 2023-03-10 08:29:41 +0100 | [diff] [blame] | 323 | if (is_array($maillist) && in_array($user->email, $maillist)) { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 324 | unset($maillist[array_search($user->email, $maillist)]); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 325 | redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 326 | } |
| 327 | } |
| 328 | redis_inc_ipdata(getClientIP(), "register"); |
Marc Kupietz | 145f5b9 | 2023-03-09 20:39:31 +0100 | [diff] [blame] | 329 | $log->info("User registration completed: " . $user->to_string()); |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 330 | echo $STRINGS->email_confirmation; |
Matheus Fillipe | 5ad0cd5 | 2022-05-05 06:10:41 +0300 | [diff] [blame] | 331 | if (isset($POST_REGISTER_HOOK)) $POST_REGISTER_HOOK($user); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 332 | include $TEMPLATE . "mail_confirmed.htm"; |
| 333 | } else { |
Marc Kupietz | 0314662 | 2023-03-07 12:03:21 +0100 | [diff] [blame] | 334 | $log->error("User registration failed for: " . $user->to_string()); |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 335 | echo $STRINGS->email_confirmation; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 336 | include $TEMPLATE . "registration_error.htm"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 337 | } |
| 338 | redis_delete($token); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 339 | } else { |
| 340 | include $TEMPLATE . "token_expired.htm"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 341 | } |
| 342 | } |
| 343 | break; |
| 344 | case "resend": |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 345 | if (isset($_GET['token']) && isset($_SESSION['resend']) && $_GET['token'] == $_SESSION['resend']) { |
Marc Kupietz | 8e6a8df | 2023-03-07 13:05:23 +0100 | [diff] [blame] | 346 | $log->info("Resending confirmation email to " . $_SESSION['email']); |
| 347 | $user = new User(); |
| 348 | $user->init_from_array($_SESSION); |
| 349 | $log->info("Resending confirmation email to " . $user->to_string()); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 350 | $token = $_SESSION['token']; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 351 | $url = $BASE_URL . "?type=confirmation&token=" . $token; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 352 | $smtp = $FALLBACK_SMTP; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 353 | $address = $_SESSION["email"]; |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 354 | if (isset($_SESSION['recover'])) { |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 355 | $url = $BASE_URL . "?type=password_change&token=" . $token; |
Marc Kupietz | a3f3fdb | 2023-03-04 18:13:26 +0100 | [diff] [blame] | 356 | send_recovery_email($address, $smtp, $url, $user); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 357 | unset($_SESSION['recover']); |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 358 | } else |
Marc Kupietz | a3f3fdb | 2023-03-04 18:13:26 +0100 | [diff] [blame] | 359 | send_confirmation_email($address, $smtp, $url, $user); |
Marc Kupietz | 8e6a8df | 2023-03-07 13:05:23 +0100 | [diff] [blame] | 360 | echo "<div class='alert alert-info' role='alert'> Another email has been sent to ". $_SESSION['email']. " </div>"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 361 | unset($_SESSION['resend']); |
| 362 | unset($_SESSION['token']); |
Marc Kupietz | a3f3fdb | 2023-03-04 18:13:26 +0100 | [diff] [blame] | 363 | # unset($_SESSION['email']); |
| 364 | } else { |
Marc Kupietz | 8e6a8df | 2023-03-07 13:05:23 +0100 | [diff] [blame] | 365 | echo "<div class='alert alert-warning' role='alert'>A second email has already been sent.</div>"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 366 | } |
| 367 | break; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 368 | |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 369 | case "recover": |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 370 | recover_form(); |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 371 | break; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 372 | |
| 373 | case "password_change": |
| 374 | $TEMPLATE = template_path(); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 375 | $token = $_GET["token"]; |
| 376 | $email = redis_get($token); |
| 377 | $_SESSION["email_change"] = $email; |
Matheus Fillipe | 301684b | 2021-05-14 09:09:43 +0300 | [diff] [blame] | 378 | $_SESSION["token"] = $token; |
| 379 | if ($email && gettype($email) == "string") { |
| 380 | new_password_form(); |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 381 | } else { |
| 382 | include $TEMPLATE . "token_expired.htm"; |
| 383 | } |
matheusfillipe | 47cf90b | 2021-05-13 03:36:21 -0300 | [diff] [blame] | 384 | break; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 385 | } |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 386 | } else { |
| 387 | unset($_SESSION['captcha_token']); |
| 388 | register_page(); |
| 389 | } |
| 390 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 391 | include $TEMPLATE . "bottom.htm"; |