[geeklog-cvs] geeklog-1.3/public_html users.php,1.94,1.95
dhaun at iowaoutdoors.org
dhaun at iowaoutdoors.org
Sat Jan 15 14:14:31 EST 2005
Update of /var/cvs/geeklog-1.3/public_html
In directory www:/tmp/cvs-serv13460
Modified Files:
users.php
Log Message:
Added support for a custom_usercheck function that lets custom registration code abort the creation of the user account, e.g. when required information is missing.
Index: users.php
===================================================================
RCS file: /var/cvs/geeklog-1.3/public_html/users.php,v
retrieving revision 1.94
retrieving revision 1.95
diff -C2 -d -r1.94 -r1.95
*** users.php 6 Jan 2005 10:01:11 -0000 1.94
--- users.php 15 Jan 2005 19:14:29 -0000 1.95
***************
*** 9,18 ****
// | User authentication module. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2000-2004 by the following authors: |
// | |
! // | Authors: Tony Bibbs - tony at tonybibbs.com |
! // | Mark Limburg - mlimburg at users.sourceforge.net |
! // | Jason Whittenburg - jwhitten at securitygeeks.com |
! // | Dirk Haun - dirk at haun-online.de |
// +---------------------------------------------------------------------------+
// | |
--- 9,18 ----
// | User authentication module. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2000-2005 by the following authors: |
// | |
! // | Authors: Tony Bibbs - tony AT tonybibbs DOT com |
! // | Mark Limburg - mlimburg AT users DOT sourceforge DOT net |
! // | Jason Whittenburg - jwhitten AT securitygeeks DOT com |
! // | Dirk Haun - dirk AT haun-online DOT de |
// +---------------------------------------------------------------------------+
// | |
***************
*** 56,60 ****
// the data being passed in a POST operation
! // echo COM_debug($HTTP_POST_VARS);
/**
--- 56,60 ----
// the data being passed in a POST operation
! // echo COM_debug($_POST);
/**
***************
*** 443,447 ****
*
*/
! function createuser($username,$email)
{
global $_CONF, $_TABLES, $LANG01, $LANG04;
--- 443,447 ----
*
*/
! function createuser ($username, $email)
{
global $_CONF, $_TABLES, $LANG01, $LANG04;
***************
*** 457,460 ****
--- 457,476 ----
if ($ucount == 0 AND $ecount == 0) {
+
+ // For Geeklog, it would be okay to create this user now. But check
+ // with a custom userform first, if one exists.
+ if ($_CONF['custom_registration'] &&
+ function_exists ('custom_usercheck')) {
+ $msg = custom_usercheck ($username, $email);
+ if (!empty ($msg)) {
+ // no, it's not okay with the custom userform
+ $retval = COM_siteHeader ('menu')
+ . custom_userform ($msg)
+ . COM_siteFooter ();
+
+ return $retval;
+ }
+ }
+
$uid = USER_createAccount ($username, $email);
***************
*** 482,486 ****
$retval .= COM_siteFooter ();
}
! } else {
if (empty ($username)) {
$msg = $LANG01[32]; // invalid username
--- 498,504 ----
$retval .= COM_siteFooter ();
}
!
! } else { // invalid username or email address
!
if (empty ($username)) {
$msg = $LANG01[32]; // invalid username
***************
*** 627,638 ****
// MAIN
! if (isset ($HTTP_POST_VARS['mode'])) {
! $mode = $HTTP_POST_VARS['mode'];
! }
! elseif (isset ($HTTP_GET_VARS['mode'])) {
! $mode = $HTTP_GET_VARS['mode'];
! }
! else {
! $mode = "";
}
--- 645,652 ----
// MAIN
! if (isset ($_REQUEST['mode'])) {
! $mode = $_REQUEST['mode'];
! } else {
! $mode = '';
}
***************
*** 654,660 ****
case 'profile':
! $uid = COM_applyFilter ($HTTP_GET_VARS['uid'], true);
if (is_numeric ($uid) && ($uid > 0)) {
! $msg = COM_applyFilter ($HTTP_GET_VARS['msg'], true);
$display .= userprofile ($uid, $msg);
} else {
--- 668,674 ----
case 'profile':
! $uid = COM_applyFilter ($_GET['uid'], true);
if (is_numeric ($uid) && ($uid > 0)) {
! $msg = COM_applyFilter ($_GET['msg'], true);
$display .= userprofile ($uid, $msg);
} else {
***************
*** 664,668 ****
case 'user':
! $username = COM_applyFilter ($HTTP_GET_VARS['username']);
if (!empty ($username)) {
$username = addslashes ($username);
--- 678,682 ----
case 'user':
! $username = COM_applyFilter ($_GET['username']);
if (!empty ($username)) {
$username = addslashes ($username);
***************
*** 679,684 ****
case 'create':
! $display .= createuser (COM_applyFilter ($HTTP_POST_VARS['username']),
! COM_applyFilter ($HTTP_POST_VARS['email']));
break;
--- 693,698 ----
case 'create':
! $display .= createuser (COM_applyFilter ($_POST['username']),
! COM_applyFilter ($_POST['email']));
break;
***************
*** 702,707 ****
case 'newpwd':
! $uid = COM_applyFilter ($HTTP_GET_VARS['uid'], true);
! $reqid = COM_applyFilter ($HTTP_GET_VARS['rid']);
if (!empty ($uid) && is_numeric ($uid) && ($uid > 0) &&
!empty ($reqid) && (strlen ($reqid) == 16)) {
--- 716,721 ----
case 'newpwd':
! $uid = COM_applyFilter ($_GET['uid'], true);
! $reqid = COM_applyFilter ($_GET['rid']);
if (!empty ($uid) && is_numeric ($uid) && ($uid > 0) &&
!empty ($reqid) && (strlen ($reqid) == 16)) {
***************
*** 725,735 ****
case 'setnewpwd':
! if (empty ($HTTP_POST_VARS['passwd'])) {
$display = COM_refresh ($_CONF['site_url']
! . '/users.php?mode=newpwd&uid=' . $HTTP_POST_VARS['uid']
! . '&rid=' . $HTTP_POST_VARS['rid']);
} else {
! $uid = COM_applyFilter ($HTTP_POST_VARS['uid'], true);
! $reqid = COM_applyFilter ($HTTP_POST_VARS['rid']);
if (!empty ($uid) && is_numeric ($uid) && ($uid > 0) &&
!empty ($reqid) && (strlen ($reqid) == 16)) {
--- 739,749 ----
case 'setnewpwd':
! if (empty ($_POST['passwd'])) {
$display = COM_refresh ($_CONF['site_url']
! . '/users.php?mode=newpwd&uid=' . $_POST['uid']
! . '&rid=' . $_POST['rid']);
} else {
! $uid = COM_applyFilter ($_POST['uid'], true);
! $reqid = COM_applyFilter ($_POST['rid']);
if (!empty ($uid) && is_numeric ($uid) && ($uid > 0) &&
!empty ($reqid) && (strlen ($reqid) == 16)) {
***************
*** 737,741 ****
array ($uid, $reqid));
if ($valid == 1) {
! $passwd = md5 ($HTTP_POST_VARS['passwd']);
DB_change ($_TABLES['users'], 'passwd', "$passwd",
"uid", $uid);
--- 751,755 ----
array ($uid, $reqid));
if ($valid == 1) {
! $passwd = md5 ($_POST['passwd']);
DB_change ($_TABLES['users'], 'passwd', "$passwd",
"uid", $uid);
***************
*** 771,776 ****
. COM_siteFooter ();
} else {
! $username = COM_applyFilter ($HTTP_POST_VARS['username']);
! $email = COM_applyFilter ($HTTP_POST_VARS['email']);
if (empty ($username) && !empty ($email)) {
$username = DB_getItem ($_TABLES['users'], 'username',
--- 785,790 ----
. COM_siteFooter ();
} else {
! $username = COM_applyFilter ($_POST['username']);
! $email = COM_applyFilter ($_POST['email']);
if (empty ($username) && !empty ($email)) {
$username = DB_getItem ($_TABLES['users'], 'username',
***************
*** 799,809 ****
default:
! if (isset ($HTTP_POST_VARS['loginname'])) {
! $loginname = COM_applyFilter ($HTTP_POST_VARS['loginname']);
! } else {
! $loginname = COM_applyFilter ($HTTP_GET_VARS['loginname']);
! }
! if (isset ($HTTP_POST_VARS['passwd'])) {
! $passwd = COM_applyFilter ($HTTP_POST_VARS['passwd']);
}
if (!empty($loginname) && !empty($passwd)) {
--- 813,819 ----
default:
! $loginname = COM_applyFilter ($_REQUEST['loginname']);
! if (isset ($_POST['passwd'])) {
! $passwd = COM_applyFilter ($_POST['passwd']);
}
if (!empty($loginname) && !empty($passwd)) {
***************
*** 817,826 ****
$userdata = SESS_getUserData($loginname);
$_USER=$userdata;
! $sessid = SESS_newSession($_USER['uid'], $HTTP_SERVER_VARS['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
PLG_loginUser ($_USER['uid']);
// Now that we handled session cookies, handle longterm cookie
! if (!isset($HTTP_COOKIE_VARS[$_CONF['cookie_name']]) || !isset($HTTP_COOKIE_VARS['password'])) {
// Either their cookie expired or they are new
$cooktime = COM_getUserCookieTimeout();
--- 827,836 ----
$userdata = SESS_getUserData($loginname);
$_USER=$userdata;
! $sessid = SESS_newSession($_USER['uid'], $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
PLG_loginUser ($_USER['uid']);
// Now that we handled session cookies, handle longterm cookie
! if (!isset($_COOKIE[$_CONF['cookie_name']]) || !isset($_COOKIE['password'])) {
// Either their cookie expired or they are new
$cooktime = COM_getUserCookieTimeout();
***************
*** 841,845 ****
}
} else {
! $userid = $HTTP_COOKIE_VARS[$_CONF['cookie_name']];
if (empty ($userid) || ($userid == 'deleted')) {
unset ($userid);
--- 851,855 ----
}
} else {
! $userid = $_COOKIE[$_CONF['cookie_name']];
if (empty ($userid) || ($userid == 'deleted')) {
unset ($userid);
***************
*** 867,876 ****
$_CONF['cookiesecure']);
! if (!empty ($HTTP_SERVER_VARS['HTTP_REFERER']) && (strstr ($HTTP_SERVER_VARS['HTTP_REFERER'], '/users.php') === false)) {
$indexMsg = $_CONF['site_url'] . '/index.php?msg=';
! if (substr ($HTTP_SERVER_VARS['HTTP_REFERER'], 0, strlen ($indexMsg)) == $indexMsg) {
$display .= COM_refresh ($_CONF['site_url'] . '/index.php');
} else {
! $display .= COM_refresh ($HTTP_SERVER_VARS['HTTP_REFERER']);
}
} else {
--- 877,886 ----
$_CONF['cookiesecure']);
! if (!empty ($_SERVER['HTTP_REFERER']) && (strstr ($_SERVER['HTTP_REFERER'], '/users.php') === false)) {
$indexMsg = $_CONF['site_url'] . '/index.php?msg=';
! if (substr ($_SERVER['HTTP_REFERER'], 0, strlen ($indexMsg)) == $indexMsg) {
$display .= COM_refresh ($_CONF['site_url'] . '/index.php');
} else {
! $display .= COM_refresh ($_SERVER['HTTP_REFERER']);
}
} else {
***************
*** 880,887 ****
$display .= COM_siteHeader('menu');
! if (isset ($HTTP_POST_VARS['msg'])) {
! $msg = $HTTP_POST_VARS['msg'];
! } else if (isset ($HTTP_GET_VARS['msg'])) {
! $msg = $HTTP_GET_VARS['msg'];
} else {
$msg = 0;
--- 890,895 ----
$display .= COM_siteHeader('menu');
! if (isset ($_REQUEST['msg'])) {
! $msg = COM_applyFilter ($_REQUEST['msg'], true);
} else {
$msg = 0;
More information about the geeklog-cvs
mailing list