From 69c0dd651b176ff74ee45610b2a731b2449d4203 Mon Sep 17 00:00:00 2001
From: flashwave <me@flash.moe>
Date: Sun, 19 Apr 2015 13:00:32 +0000
Subject: [PATCH] Registration and activation works

---
 _developer_data/structure.sql                 |  61 +++++--
 _sakura/components/Main.php                   |  61 ++++++-
 _sakura/components/Users.php                  | 106 ++++++++++-
 _sakura/templates/yuuno/main/authenticate.tpl | 164 +++++++++++-------
 content/data/yuuno/css/yuuno.css              |  10 +-
 main/.htaccess                                |   2 +-
 main/authenticate.php                         | 118 ++++++++++---
 main/index.php                                |   2 +-
 8 files changed, 405 insertions(+), 119 deletions(-)

diff --git a/_developer_data/structure.sql b/_developer_data/structure.sql
index 5991643..e960d29 100644
--- a/_developer_data/structure.sql
+++ b/_developer_data/structure.sql
@@ -5,9 +5,20 @@ SET time_zone = '+00:00';
 SET foreign_key_checks = 0;
 SET sql_mode = 'NO_AUTO_VALUE_ON_ZERO';
 
-DROP DATABASE IF EXISTS `flashiidev`;
-CREATE DATABASE `flashiidev` /*!40100 DEFAULT CHARACTER SET utf8 COLLATE utf8_bin */;
-USE `flashiidev`;
+DROP DATABASE IF EXISTS `sakura`;
+CREATE DATABASE `sakura` /*!40100 DEFAULT CHARACTER SET utf8 COLLATE utf8_bin */;
+USE `sakura`;
+
+DROP TABLE IF EXISTS `fii_actioncodes`;
+CREATE TABLE `fii_actioncodes` (
+  `id` bigint(255) NOT NULL AUTO_INCREMENT COMMENT 'Automatically generated ID by MySQL for management.',
+  `action` varchar(255) COLLATE utf8_bin NOT NULL COMMENT 'Action identifier so the backend knows what to do.',
+  `userid` bigint(255) NOT NULL COMMENT 'ID of the user that would be affected by this action',
+  `actkey` varchar(255) COLLATE utf8_bin NOT NULL COMMENT 'The URL key for using this code.',
+  `instruction` varchar(255) COLLATE utf8_bin NOT NULL COMMENT 'Things the backend should do upon using this code',
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+
 
 DROP TABLE IF EXISTS `fii_apikeys`;
 CREATE TABLE `fii_apikeys` (
@@ -39,6 +50,34 @@ CREATE TABLE `fii_config` (
   `config_value` varchar(255) COLLATE utf8_bin NOT NULL COMMENT 'The value, obviously.'
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
 
+TRUNCATE `fii_config`;
+INSERT INTO `fii_config` (`config_name`, `config_value`) VALUES
+('recaptcha_public',	''),
+('recaptcha_private',	''),
+('charset',	'utf-8'),
+('cookie_prefix',	''),
+('cookie_domain',	''),
+('cookie_path',	'/'),
+('site_style',	'yuuno'),
+('manage_style',	'Manage'),
+('allow_registration',	'0'),
+('smtp_server',	''),
+('smtp_auth',	''),
+('smtp_secure',	''),
+('smtp_port',	''),
+('smtp_username',	''),
+('smtp_password',	''),
+('smtp_replyto_mail',	''),
+('smtp_replyto_name',	''),
+('smtp_from_email',	''),
+('smtp_from_name',	'Sakura Noreply'),
+('sitename',	'Sakura'),
+('recaptcha',	'1'),
+('require_activation',	'1'),
+('require_registration_code',	'0'),
+('disable_registration',	'1'),
+('max_reg_keys',	'5'),
+('mail_signature',	'Team Flashii');
 
 DROP TABLE IF EXISTS `fii_infopages`;
 CREATE TABLE `fii_infopages` (
@@ -83,6 +122,7 @@ CREATE TABLE `fii_profilefields` (
   PRIMARY KEY (`id`)
 ) ENGINE=InnoDB AUTO_INCREMENT=12 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
 
+TRUNCATE `fii_profilefields`;
 INSERT INTO `fii_profilefields` (`id`, `name`, `formtype`, `description`, `additional`) VALUES
 (1,	'Website',	'url',	'URL to your website',	''),
 (2,	'Twitter',	'text',	'Your @twitter Username',	''),
@@ -94,8 +134,7 @@ INSERT INTO `fii_profilefields` (`id`, `name`, `formtype`, `description`, `addit
 (8,	'osu!',	'text',	'Your osu! Username',	''),
 (9,	'Origin',	'text',	'Your Origin User ID',	''),
 (10,	'Xbox Live',	'text',	'Your Xbox User ID',	''),
-(11,	'PSN',	'text',	'Your PSN User ID',	'')
-ON DUPLICATE KEY UPDATE `id` = VALUES(`id`), `name` = VALUES(`name`), `formtype` = VALUES(`formtype`), `description` = VALUES(`description`), `additional` = VALUES(`additional`);
+(11,	'PSN',	'text',	'Your PSN User ID',	'');
 
 DROP TABLE IF EXISTS `fii_ranks`;
 CREATE TABLE `fii_ranks` (
@@ -108,6 +147,7 @@ CREATE TABLE `fii_ranks` (
   PRIMARY KEY (`id`)
 ) ENGINE=InnoDB AUTO_INCREMENT=10 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
 
+TRUNCATE `fii_ranks`;
 INSERT INTO `fii_ranks` (`id`, `name`, `multi`, `colour`, `description`, `title`) VALUES
 (1,	'Deactivated',	0,	'#555',	'Users that are yet to be activated or that deactivated their own account.',	'Deactivated'),
 (2,	'Regular user',	1,	'inherit',	'Regular users with regular permissions.',	'Regular user'),
@@ -117,8 +157,7 @@ INSERT INTO `fii_ranks` (`id`, `name`, `multi`, `colour`, `description`, `title`
 (6,	'Bot',	1,	'#9E8DA7',	'Reserved user accounts for services.',	'Bot'),
 (7,	'Chat moderator',	1,	'#09F',	'Moderators of the chat room.',	'Staff'),
 (8,	'Tenshi',	0,	'#EE9400',	'Users that donated $5.00 or more in order to keep the site and it\'s services alive!',	'Tenshi'),
-(9,	'Alumnii',	0,	'#FF69B4',	'People who have contributed to the community but have moved on or resigned.',	'Alumnii')
-ON DUPLICATE KEY UPDATE `id` = VALUES(`id`), `name` = VALUES(`name`), `multi` = VALUES(`multi`), `colour` = VALUES(`colour`), `description` = VALUES(`description`), `title` = VALUES(`title`);
+(9,	'Alumnii',	0,	'#FF69B4',	'People who have contributed to the community but have moved on or resigned.',	'Alumnii');
 
 DROP TABLE IF EXISTS `fii_regcodes`;
 CREATE TABLE `fii_regcodes` (
@@ -128,7 +167,7 @@ CREATE TABLE `fii_regcodes` (
   `used_by` bigint(128) unsigned NOT NULL COMMENT 'ID of user who used this code.',
   `key_used` tinyint(1) unsigned NOT NULL COMMENT 'Boolean for setting this key as used.',
   PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
 
 
 DROP TABLE IF EXISTS `fii_sessions`;
@@ -142,7 +181,7 @@ CREATE TABLE `fii_sessions` (
   `expire` int(64) unsigned NOT NULL COMMENT 'The timestamp for when this session should end, -1 for permanent. ',
   `remember` tinyint(1) unsigned NOT NULL DEFAULT '0' COMMENT 'If set to 1 session will be extended each time a page is loaded.',
   PRIMARY KEY (`id`)
-) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=InnoDB AUTO_INCREMENT=18 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
 
 
 DROP TABLE IF EXISTS `fii_tenshi`;
@@ -184,7 +223,7 @@ CREATE TABLE `fii_users` (
   `profile_data` text COLLATE utf8_bin NOT NULL COMMENT 'Modular array containing profile data.',
   PRIMARY KEY (`id`),
   UNIQUE KEY `username_clean` (`username_clean`)
-) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
+) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
 
 
 DROP TABLE IF EXISTS `fii_warnings`;
@@ -199,4 +238,4 @@ CREATE TABLE `fii_warnings` (
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
 
 
--- 2015-04-13 10:06:13
+-- 2015-04-19 12:58:09
diff --git a/_sakura/components/Main.php b/_sakura/components/Main.php
index c6e43e7..8390a41 100644
--- a/_sakura/components/Main.php
+++ b/_sakura/components/Main.php
@@ -243,8 +243,8 @@ class Main {
     // Validate MX records
     public static function checkMXRecord($email) {
 
-        // Split up the address in two parts (user and domain)
-        list($user, $domain) = split('@', $email);
+        // Get the domain from the e-mail address
+        $domain = substr(strstr($email, '@'), 1);
 
         // Check the MX record
         $record = checkdnsrr($domain, 'MX');
@@ -407,4 +407,61 @@ class Main {
 
     }
 
+    // Create a new action code
+    public static function newActionCode($action, $userid, $instruct) {
+
+        // Make sure the user we're working with exists
+        if(Users::getUser($userid)['id'] == 0)
+            return false;
+
+        // Convert the instruction array to a JSON
+        $instruct = json_encode($instruct);
+
+        // Generate a key
+        $key = sha1(date("r") . time() . $userid . $action . rand(0, 9999));
+
+        // Insert the key into the database
+        Database::insert('actioncodes', [
+            'action'        => $action,
+            'userid'        => $userid,
+            'actkey'        => $key,
+            'instruction'   => $instruct
+        ]);
+
+        // Return the key
+        return $key;
+
+    }
+
+    // Use an action code
+    public static function useActionCode($action, $key, $uid = 0) {
+
+        // Retrieve the row from the database
+        $keyRow = Database::fetch('actioncodes', false, [
+            'actkey' => [$key,      '='],
+            'action' => [$action,   '=']
+        ]);
+
+        // Check if the code exists
+        if(count($keyRow) <= 1)
+            return [0, 'INVALID_CODE'];
+
+        // Check if the code was intended for the user that's using this code
+        if($keyRow['userid'] != 0) {
+
+            if($keyRow['userid'] != $uid)
+                return [0, 'INVALID_USER'];
+
+        }
+
+        // Remove the key from the database
+        Database::delete('actioncodes', [
+            'id' => [$keyRow['id'], '=']
+        ]);
+
+        // Return success
+        return [1, 'SUCCESS', $keyRow['instruction']];
+
+    }
+
 }
diff --git a/_sakura/components/Users.php b/_sakura/components/Users.php
index c9b1a66..e32e095 100644
--- a/_sakura/components/Users.php
+++ b/_sakura/components/Users.php
@@ -191,7 +191,7 @@ class Users {
             return [0, 'PASS_TOO_LONG'];
 
         // Passwords do not match
-        if($password != $confirmpassword)
+        if($password != $confirmpass)
             return [0, 'PASS_NOT_MATCH'];
 
         // Check if the given email address is formatted properly
@@ -254,7 +254,7 @@ class Users {
     }
 
     // Send the activation e-mail and do other required stuff
-    public static function sendActivationMail($uid) {
+    public static function sendActivationMail($uid, $customKey = null) {
 
         // Get the user data
         $user = Database::fetch('users', false, ['id' => [$uid, '=']]);
@@ -264,14 +264,18 @@ class Users {
             return false;
 
         // Generate activation key
-        // $activate = <interface with the shit for the activationkeys table here>;
-        $activate = 'null';
+        $activate = ($customKey ? $customKey : Main::newActionCode('ACTIVATE', $uid, [
+            'user' => [
+                'rank_main' => 1,
+                'ranks'     => json_encode([1])
+            ]
+        ]));
 
         // Build the e-mail
         $message  = "Welcome to ". Configuration::getConfig('sitename') ."!\r\n\r\n";
         $message .= "Please keep this e-mail for your records. Your account intormation is as follows:\r\n\r\n";
         $message .= "----------------------------\r\n\r\n";
-        $message .= "Username: ". $user['username'] ."\r\n";
+        $message .= "Username: ". $user['username'] ."\r\n\r\n";
         $message .= "Your profile: http://". Configuration::getLocalConfig('urls', 'main') ."/u/". $user['id'] ."\r\n\r\n";
         $message .= "----------------------------\r\n\r\n";
         $message .= "Please visit the following link in order to activate your account:\r\n\r\n";
@@ -289,6 +293,87 @@ class Users {
 
     }
 
+    // Activating a user
+    public static function activateUser($uid, $requireKey = false, $key = null) {
+
+        // Get the user data
+        $user = Database::fetch('users', false, ['id' => [$uid, '=']]);
+
+        // Check if user exists
+        if(!count($user) > 1)
+            return [0, 'USER_NOT_EXIST'];
+
+        // Check if user is already activated
+        if($user['rank_main'])
+            return [0, 'USER_ALREADY_ACTIVE'];
+
+        // Set default values for activation
+        $rank = 1;
+        $ranks = json_encode([1]);
+
+        // Check if a key is set (there's an option to not set one for user management reasons but you can't really get around this anyway)
+        if($requireKey) {
+
+            // Check the action code
+            $action = Main::useActionCode('ACTIVATE', $key, $uid);
+
+            // Check if we got a negative return
+            if(!$action[0])
+                return [0, $action[1]];
+
+            // Assign the special values
+            $instructionData    = json_decode($action[2], true);
+            $rank               = $instructionData['user']['rank_main'];
+            $ranks              = $instructionData['user']['ranks'];
+
+        }
+
+        // Activate the account
+        Database::update('users', [
+            [
+                'rank_main' => $rank,
+                'ranks'     => $ranks
+            ],
+            [
+                'id' => [$uid, '=']
+            ]
+        ]);
+
+        // Return success
+        return [1, 'SUCCESS'];
+
+    }
+
+    // Deactivating a user
+    public static function deactivateUser($uid) {
+
+        // Get the user data
+        $user = Database::fetch('users', false, ['id' => [$uid, '=']]);
+
+        // Check if user exists
+        if(!count($user) > 1)
+            return [0, 'USER_NOT_EXIST'];
+
+        // Check if user is already deactivated
+        if(!$user['rank_main'])
+            return [0, 'USER_ALREADY_DEACTIVE'];
+
+        // Deactivate the account
+        Database::update('users', [
+            [
+                'rank_main' => 0,
+                'ranks'     => json_encode([0])
+            ],
+            [
+                'id' => [$uid, '=']
+            ]
+        ]);
+
+        // Return success
+        return [1, 'SUCCESS'];
+
+    }
+
     // Check if registration code is valid
     public static function checkRegistrationCode($code) {
 
@@ -412,15 +497,22 @@ class Users {
     }
 
     // Get all users
-    public static function getAllUsers() {
+    public static function getAllUsers($includeInactive = true) {
 
         // Execute query
         $getUsers = Database::fetch('users', true);
 
         // Reorder shit
-        foreach($getUsers as $user)
+        foreach($getUsers as $user) {
+
+            // Skip if inactive and not include deactivated users
+            if(!$includeInactive && $user['rank_main'] == 0)
+                continue;
+
             $users[$user['id']] = $user;
 
+        }
+
         // and return an array with the users
         return $users;
 
diff --git a/_sakura/templates/yuuno/main/authenticate.tpl b/_sakura/templates/yuuno/main/authenticate.tpl
index 57b7b8a..adbf2b6 100644
--- a/_sakura/templates/yuuno/main/authenticate.tpl
+++ b/_sakura/templates/yuuno/main/authenticate.tpl
@@ -60,78 +60,108 @@
                 </form>
             </div>
         </div>
-        <div class="registerForm">
-            <div class="head">
-                Register on Flashii
-            </div>
-            <form id="registerForm" method="post" action="http://{{ sakura.urls.main }}/authenticate" style="display:{% if auth.blockRegister.do %}none{% else %}block{% endif %};">
-                <input type="hidden" name="mode" value="register" />
-                <input type="hidden" name="session" value="{{ php.sessionid }}" />
-                <input type="hidden" name="time" value="{{ php.time }}" />
-                <div class="leftAlign">
-                    <label for="registerUserName">Username:</label>
+        <div class="registerCont">
+            <div class="registerForm">
+                <div class="head">
+                    Register on Flashii
                 </div>
-                <div class="centreAlign">
-                    <input class="inputStyling" type="text" id="registerUserName" name="username" placeholder="Any character" />
-                </div>
-                <div class="leftAlign">
-                    <label for="registerEmail">E-mail:</label>
-                </div>
-                <div class="centreAlign">
-                    <input class="inputStyling" type="text" id="registerEmail" name="email" placeholder="Used for e.g. password retrieval" />
-                </div>
-                <div class="leftAlign">
-                    <label for="registerPassword">Password:</label>
-                </div>
-                <div class="centreAlign">
-                    <input class="inputStyling" type="password" id="registerPassword" name="password" placeholder="Must be at least 5 characters." />
-                </div>
-                <div class="leftAlign">
-                    <label for="registerConfirmPassword">Confirm Password:</label>
-                </div>
-                <div class="centreAlign">
-                    <input class="inputStyling" type="password" id="registerConfirmPassword" name="confirmpassword" placeholder="Just to make sure" />
-                </div>
-                <div class="leftAlign">
-                    <label for="recaptcha_response_field">Verification:</label>
-                </div>
-                <div class="centreAlign">
-                    <script src="https://www.google.com/recaptcha/api.js" async defer></script>
-                    <div class="g-recaptcha" data-sitekey="{{ sakura.recaptcha_public }}" style="margin: auto; display: inline-block;"></div>
-                    <noscript>
-                        <div style="width: 302px; height: 352px; margin: auto; display: inline-block;">
-                            <div style="width: 302px; height: 352px; position: relative;">
-                                <div style="width: 302px; height: 352px; position: absolute;">
-                                    <iframe src="https://www.google.com/recaptcha/api/fallback?k={{ sakura.recaptcha_public }}" frameborder="0" scrolling="no" style="width: 302px; height:352px; border-style: none;"></iframe>
+                <form id="registerForm" method="post" action="http://{{ sakura.urls.main }}/authenticate" style="display:{% if auth.blockRegister.do %}none{% else %}block{% endif %};">
+                    <input type="hidden" name="mode" value="register" />
+                    <input type="hidden" name="session" value="{{ php.sessionid }}" />
+                    <input type="hidden" name="time" value="{{ php.time }}" />
+                    <div class="leftAlign">
+                        <label for="registerUserName">Username:</label>
+                    </div>
+                    <div class="centreAlign">
+                        <input class="inputStyling" type="text" id="registerUserName" name="username" placeholder="Any character" />
+                    </div>
+                    <div class="leftAlign">
+                        <label for="registerEmail">E-mail:</label>
+                    </div>
+                    <div class="centreAlign">
+                        <input class="inputStyling" type="text" id="registerEmail" name="email" placeholder="Used for e.g. password retrieval" />
+                    </div>
+                    <div class="leftAlign">
+                        <label for="registerPassword">Password:</label>
+                    </div>
+                    <div class="centreAlign">
+                        <input class="inputStyling" type="password" id="registerPassword" name="password" placeholder="Must be at least 8 characters." />
+                    </div>
+                    <div class="leftAlign">
+                        <label for="registerConfirmPassword">Confirm Password:</label>
+                    </div>
+                    <div class="centreAlign">
+                        <input class="inputStyling" type="password" id="registerConfirmPassword" name="confirmpassword" placeholder="Just to make sure" />
+                    </div>
+                    <div class="leftAlign">
+                        <label for="recaptcha_response_field">Verification:</label>
+                    </div>
+                    <div class="centreAlign">
+                        <script src="https://www.google.com/recaptcha/api.js" async defer></script>
+                        <div class="g-recaptcha" data-sitekey="{{ sakura.recaptcha_public }}" style="margin: auto; display: inline-block;"></div>
+                        <noscript>
+                            <div style="width: 302px; height: 352px; margin: auto; display: inline-block;">
+                                <div style="width: 302px; height: 352px; position: relative;">
+                                    <div style="width: 302px; height: 352px; position: absolute;">
+                                        <iframe src="https://www.google.com/recaptcha/api/fallback?k={{ sakura.recaptcha_public }}" frameborder="0" scrolling="no" style="width: 302px; height:352px; border-style: none;"></iframe>
+                                    </div>
+                                    <div style="width: 250px; height: 80px; position: absolute; border-style: none; bottom: 21px; left: 25px; margin: 0px; padding: 0px; right: 25px;">
+                                    <textarea id="g-recaptcha-response" name="g-recaptcha-response" class="g-recaptcha-response" style="width: 250px; height: 80px; border: 1px solid #c1c1c1; margin: 0px; padding: 0px; resize: none;" value=""></textarea>
                                 </div>
-                                <div style="width: 250px; height: 80px; position: absolute; border-style: none; bottom: 21px; left: 25px; margin: 0px; padding: 0px; right: 25px;">
-                                <textarea id="g-recaptcha-response" name="g-recaptcha-response" class="g-recaptcha-response" style="width: 250px; height: 80px; border: 1px solid #c1c1c1; margin: 0px; padding: 0px; resize: none;" value=""></textarea>
                             </div>
-                        </div>
-                      </div>
-                    </noscript>
-                </div>
-                <div class="subLinks centreAlign">
-                    <input class="inputStyling" name="tos" type="checkbox" class="ignore-css" id="registerToS" /><label for="registerToS">I agree to the <a class="default" href="/r/terms" target="_blank">Terms of Service</a>.
-                </div>
-                <div class="centreAlign">
-                    <input class="inputStyling" type="submit" name="submit" value="Register" />
-                </div>
-            </form>
-            {% if auth.blockRegister.do %}
-            <div class="registerForm" id="registerWarn" style="display: block;">
-                <div class="centreAlign">
-                    <div class="fa fa-warning fa-5x" style="display: block; margin: 10px 0 0;"></div>
-                    <h1>Are you {{ auth.blockRegister.username }}?</h1>
-                    <p>Making more than one account is not permitted.</p>
-                    <p>If you lost your password please use the form on the bottom left but if you don't already have an account you can go ahead and click the link below to show the registration form this check is based on your IP so in some cases someone may have registered/used the site on this IP already.</p>
-                    <p>If we find out that you already have an account we may question you about it, if you can give a good reason we'll let it slide otherwise we may issue a temporary ban.</p>
-                </div>
-                <div class="subLinks centreAlign">
-                    <a href="javascript:;" class="default" onclick="document.getElementById('registerWarn').style.display='none';document.getElementById('registerForm').style.display='block';">Register anyway</a>.
+                          </div>
+                        </noscript>
+                    </div>
+                    <div class="subLinks centreAlign">
+                        <input class="inputStyling" name="tos" type="checkbox" class="ignore-css" id="registerToS" /><label for="registerToS">I agree to the <a class="default" href="/r/terms" target="_blank">Terms of Service</a>.
+                    </div>
+                    <div class="centreAlign">
+                        <input class="inputStyling" type="submit" name="submit" value="Register" />
+                    </div>
+                </form>
+                {% if auth.blockRegister.do %}
+                <div class="registerForm" id="registerWarn" style="display: block;">
+                    <div class="centreAlign">
+                        <div class="fa fa-warning fa-5x" style="display: block; margin: 10px 0 0;"></div>
+                        <h1>Are you {{ auth.blockRegister.username }}?</h1>
+                        <p>Making more than one account is not permitted.</p>
+                        <p>If you lost your password please use the form on the bottom left but if you don't already have an account you can go ahead and click the link below to show the registration form this check is based on your IP so in some cases someone may have registered/used the site on this IP already.</p>
+                        <p>If we find out that you already have an account we may question you about it, if you can give a good reason we'll let it slide otherwise we may issue a temporary ban.</p>
+                    </div>
+                    <div class="subLinks centreAlign">
+                        <a href="javascript:;" class="default" onclick="document.getElementById('registerWarn').style.display='none';document.getElementById('registerForm').style.display='block';">Register anyway</a>.
+                    </div>
                 </div>
+                {% endif %}
+            </div>
+            <div class="passwordForm">
+                <div class="head">
+                    Resend Activation E-mail
+                </div>
+                <form method="post" action="http://{{ sakura.urls.main }}/authenticate">
+                    <input type="hidden" name="mode" value="resendactivemail" />
+                    <input type="hidden" name="session" value="{{ php.sessionid }}" />
+                    <input type="hidden" name="time" value="{{ php.time }}" />
+                    <div class="leftAlign">
+                        <label for="activeUserName">Username:</label>
+                    </div>
+                    <div class="centreAlign">
+                        <input class="inputStyling" type="text" id="activeUserName" name="username" />
+                    </div>
+                    <div class="leftAlign">
+                        <label for="activeEmail">E-mail:</label>
+                    </div>
+                    <div class="centreAlign">
+                        <input class="inputStyling" type="text" id="activeEmail" name="email" />
+                    </div>
+                    <div class="centreAlign">
+                        <input class="inputStyling" type="submit" name="submit" value="Request Activation" />
+                    </div>
+                    <div class="subLinks centreAlign">
+                        If you lost access to your e-mail address please <a href="/contact" class="default" target="_blank">contact us</a>.
+                    </div>
+                </form>
             </div>
-            {% endif %}
         </div>
         <div class="clear"></div>
     </div>
diff --git a/content/data/yuuno/css/yuuno.css b/content/data/yuuno/css/yuuno.css
index 565ad9e..4546ff5 100644
--- a/content/data/yuuno/css/yuuno.css
+++ b/content/data/yuuno/css/yuuno.css
@@ -532,7 +532,7 @@ a.gotop:active {
     border-radius: 2px;
 }
 .content-right .head,
-.loginPage > .registerForm .head {
+.loginPage > .registerCont .head {
     margin: -1px -2px -1px;
     padding: 4px 5px 5px;
     font-weight: 700;
@@ -1100,7 +1100,7 @@ textarea.inputStyling {
     margin: 0 auto;
     max-width: 825px;
 }
-.loginPage > .registerForm,
+.loginPage > .registerCont > *,
 .loginPage > .loginCont > * {
     text-align: center;
     border: 1px solid #9475B2;
@@ -1113,7 +1113,7 @@ textarea.inputStyling {
     background: #D3BFFF;
 }
 @media (max-width: 430px) {
-    .loginPage > .registerForm,
+    .loginPage > .registerCont > *,
     .loginPage > .loginCont > * {
         width: 300px;
     }
@@ -1121,14 +1121,14 @@ textarea.inputStyling {
 .loginPage > .loginCont {
     float: left;
 }
-.loginPage > .registerForm {
+.loginPage > .registerCont {
     float: right;
 }
 @media (max-width: 820px) {
     .loginPage > .loginCont {
         float: none;
     }
-    .loginPage > .registerForm {
+    .loginPage > .registerCont {
         float: none;
     }
 }
diff --git a/main/.htaccess b/main/.htaccess
index 5f41034..7116606 100644
--- a/main/.htaccess
+++ b/main/.htaccess
@@ -17,7 +17,7 @@ Options +FollowSymLinks -Indexes
 RewriteRule ^feedback?/?$ http://forum.flash.moe/viewforum.php?f=22
 RewriteRule ^credits?/?$ credits.php
 RewriteRule ^index?/?$ index.php
-RewriteRule ^login?/?$|logout?/?$|register?/?$|forgotpassword?/?|authenticate?/?$ authenticate.php
+RewriteRule ^login?/?$|logout?/?$|activate?/?$|register?/?$|forgotpassword?/?|authenticate?/?$ authenticate.php
 RewriteRule ^donate?/?$ donate.php
 RewriteRule ^contact?/?$ contact.php
 
diff --git a/main/authenticate.php b/main/authenticate.php
index 350cd3d..15366ca 100644
--- a/main/authenticate.php
+++ b/main/authenticate.php
@@ -11,39 +11,42 @@ require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sak
 
 // Page actions
 if(
-    isset($_REQUEST['mode']) &&
-    isset($_REQUEST['time']) &&
-    isset($_REQUEST['session'])
+    isset($_REQUEST['mode'])
 ) {
 
     // Continue
     $continue = true;
 
-    // Compare time and session so we know the link isn't forged
-    if($_REQUEST['time'] < time() - 1000) {
+    // Make sure we're not in activate mode since adding a timestamp and accessing the PHP session id is kind of hard when you're in an e-mail client
+    if(!isset($_REQUEST['mode']) || $_REQUEST['mode'] != 'activate') {
 
-        $renderData['page'] = [
-            'title'     => 'Action failed',
-            'redirect'  => '/authenticate',
-            'message'   => 'Timestamps differ too much, please try again.'
-        ];
+        // Compare time and session so we know the link isn't forged
+        if($_REQUEST['time'] < time() - 1000) {
 
-        // Prevent
-        $continue = false;
+            $renderData['page'] = [
+                'title'     => 'Action failed',
+                'redirect'  => '/authenticate',
+                'message'   => 'Timestamps differ too much, please try again.'
+            ];
 
-    }
+            // Prevent
+            $continue = false;
 
-    // Match session ids for the same reason
-    if($_REQUEST['session'] != session_id()) {
+        }
 
-        $renderData['page'] = [
-            'title'     => 'Action failed',
-            'redirect'  => '/authenticate',
-            'message'   => 'Session IDs do not match.'
-        ];
+        // Match session ids for the same reason
+        if(!isset($_REQUEST['session']) || $_REQUEST['session'] != session_id()) {
 
-        // Prevent
-        $continue = false;
+            $renderData['page'] = [
+                'title'     => 'Action failed',
+                'redirect'  => '/authenticate',
+                'message'   => 'Session IDs do not match.'
+            ];
+
+            // Prevent
+            $continue = false;
+
+        }
 
     }
 
@@ -54,7 +57,6 @@ if(
             $continue = false;
 
     }
-        
 
     if($continue) {
         switch($_REQUEST['mode']) {
@@ -73,6 +75,35 @@ if(
 
                 break;
 
+            // Activating accounts
+            case 'activate':
+
+                // Attempt activation
+                $activate = Users::activateUser($_REQUEST['u'], true, $_REQUEST['k']);
+
+                // Array containing "human understandable" messages
+                $messages = [
+                    'USER_NOT_EXIST'        => 'The user you tried to activate does not exist.',
+                    'USER_ALREADY_ACTIVE'   => 'The user you tried to activate is already active.',
+                    'INVALID_CODE'          => 'Invalid activation code, if you think this is an error contact the administrator.',
+                    'INVALID_USER'          => 'The used registration code is not designated for this user.',
+                    'SUCCESS'               => 'Successfully activated your account, you may now log in.'
+                ];
+
+                // Add page specific things
+                $renderData['page'] = [
+                    'title'     => 'Activate account',
+                    'redirect'  => '/authenticate',
+                    'message'   => $messages[$activate[1]]
+                ];
+
+                break;
+
+            // Resending the activation e-mail
+            case 'resendactivemail':
+                
+                break;
+
             // Login processing
             case 'login':
 
@@ -101,11 +132,48 @@ if(
             // Registration processing
             case 'register':
 
+                // Attempt registration
+                $register = Users::register(
+                    $_REQUEST['username'],
+                    $_REQUEST['password'],
+                    $_REQUEST['confirmpassword'],
+                    $_REQUEST['email'],
+                    isset($_REQUEST['tos']),
+                    (
+                        Configuration::getConfig('recaptcha') ?
+                        $_REQUEST['g-recaptcha-response'] :
+                        null
+                    ),
+                    (
+                        Configuration::getConfig('require_registration_code') ?
+                        $_REQUEST['registercode'] :
+                        null
+                    )
+                );
+
+                // Array containing "human understandable" messages
+                $messages = [
+                    'DISABLED'          => 'Registration is currently disabled.',
+                    'INVALID_REG_KEY'   => 'The given registration code was invalid.',
+                    'TOS'               => 'You are required to agree to the Terms of Service.',
+                    'CAPTCHA_FAIL'      => 'Captcha verification failed, please try again.',
+                    'USER_EXISTS'       => 'A user with this username already exists, if you lost your password try using the Lost Password form.',
+                    'NAME_TOO_SHORT'    => 'Your name must be at least 3 characters long.',
+                    'NAME_TOO_LONG'     => 'Your name can\'t be longer than 16 characters.',
+                    'PASS_TOO_SHORT'    => 'Your password is too short, it must be at least 8 characters.',
+                    'PASS_TOO_LONG'     => 'A password longer than 256 characters? Seriously?',
+                    'PASS_NOT_MATCH'    => 'Passwords do not match.',
+                    'INVALID_EMAIL'     => 'Your e-mail address is formatted incorrectly.',
+                    'INVALID_MX'        => 'No valid MX-Record found on the e-mail address you supplied.',
+                    'EMAILSENT'         => 'Your registration went through! An activation e-mail has been sent.',
+                    'SUCCESS'           => 'Your registration went through! Welcome to '. Configuration::getConfig('sitename') .'!'
+                ];
+
                 // Add page specific things
                 $renderData['page'] = [
                     'title'     => 'Register on Flashii',
-                    'redirect'  => $_SERVER['PHP_SELF'],
-                    'message'   => 'what'
+                    'redirect'  => ($register[0] ? '/' : '/authenticate'),
+                    'message'   => $messages[$register[1]]
                 ];
 
                 break;
diff --git a/main/index.php b/main/index.php
index e2286f3..763305f 100644
--- a/main/index.php
+++ b/main/index.php
@@ -16,7 +16,7 @@ $renderData['page'] = [
     'articleCount'  => count($renderData['newsPosts'])
 ];
 $renderData['stats'] = [
-    'userCount'     => ($userCount = count($users = Users::getAllUsers())) .' user'. ($userCount == 1 ? '' : 's'),
+    'userCount'     => ($userCount = count($users = Users::getAllUsers(false))) .' user'. ($userCount == 1 ? '' : 's'),
     'newestUser'    => max($users),
     'lastRegDate'   => ($lastRegDate = date_diff(date_create(date('Y-m-d', max($users)['regdate'])), date_create(date('Y-m-d')))->format('%a')) .' day'. ($lastRegDate == 1 ? '' : 's'),
     'chatOnline'    => ($chatOnline = 0) .' user'. ($chatOnline == 1 ? '' : 's')