2018-01-16 07:26:29 +00:00
|
|
|
<?php
|
2018-09-27 22:27:30 +00:00
|
|
|
$isSubmission = !empty($_POST['auth']) && is_array($_POST['auth']);
|
|
|
|
|
$authMode = $isSubmission ? ($_POST['auth']['mode'] ?? '') : ($_GET['m'] ?? 'login');
|
|
|
|
|
$misuzuBypassLockdown = $authMode === 'login' || $authMode === 'get_user';
|
|
|
|
|
|
2018-10-04 20:30:55 +00:00
|
|
|
require_once '../misuzu.php';
|
2018-03-14 01:39:02 +00:00
|
|
|
|
2018-05-27 00:20:35 +00:00
|
|
|
$usernameValidationErrors = [
|
2018-03-14 01:39:02 +00:00
|
|
|
'trim' => 'Your username may not start or end with spaces!',
|
2018-05-27 00:20:35 +00:00
|
|
|
'short' => sprintf('Your username is too short, it has to be at least %d characters!', MSZ_USERNAME_MIN_LENGTH),
|
|
|
|
|
'long' => sprintf("Your username is too long, it can't be longer than %d characters!", MSZ_USERNAME_MAX_LENGTH),
|
2018-03-14 01:39:02 +00:00
|
|
|
'invalid' => 'Your username contains invalid characters.',
|
2018-03-23 00:01:42 +00:00
|
|
|
'in-use' => 'This username is already taken!',
|
2018-03-14 01:39:02 +00:00
|
|
|
];
|
|
|
|
|
|
2018-10-05 07:33:26 +00:00
|
|
|
$siteIsPrivate = boolval(config_get_default(false, 'Private', 'enabled'));
|
|
|
|
|
$loginPermission = $siteIsPrivate ? intval(config_get_default(0, 'Private', 'permission')) : 0;
|
|
|
|
|
$canResetPassword = $siteIsPrivate ? boolval(config_get_default(false, 'Private', 'password_reset')) : true;
|
2018-10-05 07:36:16 +00:00
|
|
|
$canCreateAccount = !$siteIsPrivate && !boolval(config_get_default(false, 'Auth', 'lockdown'));
|
2018-03-22 02:56:41 +00:00
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
$authUsername = $isSubmission ? ($_POST['auth']['username'] ?? '') : ($_GET['username'] ?? '');
|
|
|
|
|
$authEmail = $isSubmission ? ($_POST['auth']['email'] ?? '') : ($_GET['email'] ?? '');
|
|
|
|
|
$authPassword = $_POST['auth']['password'] ?? '';
|
|
|
|
|
$authVerification = $_POST['auth']['verification'] ?? '';
|
|
|
|
|
|
2018-08-15 01:12:58 +00:00
|
|
|
tpl_vars([
|
2018-10-05 07:33:26 +00:00
|
|
|
'can_create_account' => $canCreateAccount,
|
|
|
|
|
'can_reset_password' => $canResetPassword,
|
2018-05-27 00:20:35 +00:00
|
|
|
'auth_mode' => $authMode,
|
2018-09-23 01:32:18 +00:00
|
|
|
'auth_username' => $authUsername,
|
|
|
|
|
'auth_email' => $authEmail,
|
2018-05-27 00:20:35 +00:00
|
|
|
]);
|
2018-02-22 16:37:10 +00:00
|
|
|
|
2018-05-27 00:20:35 +00:00
|
|
|
switch ($authMode) {
|
2018-09-23 01:32:18 +00:00
|
|
|
case 'get_user':
|
|
|
|
|
echo user_id_from_username($_GET['u'] ?? '');
|
|
|
|
|
break;
|
|
|
|
|
|
2018-03-14 01:39:02 +00:00
|
|
|
case 'logout':
|
2018-10-02 22:34:05 +00:00
|
|
|
if (!user_session_active()) {
|
2018-03-22 02:56:41 +00:00
|
|
|
header('Location: /');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-02 19:16:42 +00:00
|
|
|
if (csrf_verify('logout', $_GET['s'] ?? '')) {
|
2018-03-14 01:39:02 +00:00
|
|
|
set_cookie_m('uid', '', -3600);
|
|
|
|
|
set_cookie_m('sid', '', -3600);
|
2018-10-02 22:34:05 +00:00
|
|
|
user_session_stop(true);
|
2018-03-22 02:56:41 +00:00
|
|
|
header('Location: /');
|
|
|
|
|
return;
|
2018-03-14 01:39:02 +00:00
|
|
|
}
|
|
|
|
|
|
2018-08-15 01:12:58 +00:00
|
|
|
echo tpl_render('auth.logout');
|
2018-07-21 23:54:12 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'reset':
|
2018-10-02 22:34:05 +00:00
|
|
|
if (user_session_active()) {
|
2018-07-21 23:54:12 +00:00
|
|
|
header('Location: /settings.php');
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-05 07:33:26 +00:00
|
|
|
if (!$canResetPassword) {
|
2018-09-27 22:27:30 +00:00
|
|
|
header('Location: /');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2018-07-21 23:54:12 +00:00
|
|
|
$resetUser = (int)($_POST['user'] ?? $_GET['u'] ?? 0);
|
2018-10-06 23:30:48 +00:00
|
|
|
$getResetUser = db_prepare('
|
2018-07-21 23:54:12 +00:00
|
|
|
SELECT `user_id`, `username`
|
|
|
|
|
FROM `msz_users`
|
|
|
|
|
WHERE `user_id` = :user_id
|
|
|
|
|
');
|
|
|
|
|
$getResetUser->bindValue('user_id', $resetUser);
|
|
|
|
|
$resetUser = $getResetUser->execute() ? $getResetUser->fetch(PDO::FETCH_ASSOC) : [];
|
|
|
|
|
|
|
|
|
|
if (empty($resetUser)) {
|
|
|
|
|
header('Location: ?m=forgot');
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
tpl_var('auth_reset_message', "A verification code should've been sent to your e-mail address.");
|
2018-07-21 23:54:12 +00:00
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
while ($isSubmission) {
|
2018-10-08 12:59:58 +00:00
|
|
|
if (!user_recovery_token_validate($resetUser['user_id'], $authVerification)) {
|
2018-08-15 01:12:58 +00:00
|
|
|
tpl_var('auth_reset_error', 'Invalid verification code!');
|
2018-07-21 23:54:12 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
tpl_var('reset_verify', $authVerification);
|
2018-07-21 23:54:12 +00:00
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
if (empty($authPassword['new'])
|
|
|
|
|
|| empty($authPassword['confirm'])
|
|
|
|
|
|| $authPassword['new'] !== $authPassword['confirm']) {
|
2018-08-15 01:12:58 +00:00
|
|
|
tpl_var('auth_reset_error', 'Your passwords didn\'t match!');
|
2018-07-21 23:54:12 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
if (user_validate_password($authPassword['new']) !== '') {
|
2018-08-15 01:12:58 +00:00
|
|
|
tpl_var('auth_reset_error', 'Your password is too weak!');
|
2018-07-21 23:54:12 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-08 12:59:58 +00:00
|
|
|
if (user_password_set($resetUser['user_id'], $authPassword['new'])) {
|
2018-07-21 23:54:12 +00:00
|
|
|
audit_log('PASSWORD_RESET', $resetUser['user_id']);
|
|
|
|
|
} else {
|
|
|
|
|
throw new UnexpectedValueException('Password reset failed.');
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-08 12:59:58 +00:00
|
|
|
user_recovery_token_invalidate($resetUser['user_id'], $authVerification);
|
2018-07-21 23:54:12 +00:00
|
|
|
|
2018-10-07 18:46:18 +00:00
|
|
|
header('Location: /auth.php?m=login&u=' . $resetUser['user_id']);
|
2018-07-21 23:54:12 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-15 01:12:58 +00:00
|
|
|
echo tpl_render('auth.password', [
|
2018-07-21 23:54:12 +00:00
|
|
|
'reset_user' => $resetUser,
|
|
|
|
|
]);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'forgot':
|
2018-10-05 07:33:26 +00:00
|
|
|
if (user_session_active() || !$canResetPassword) {
|
2018-07-21 23:54:12 +00:00
|
|
|
header('Location: /');
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
while ($isSubmission) {
|
2018-10-02 19:16:42 +00:00
|
|
|
if (!csrf_verify('passforgot', $_POST['csrf'] ?? '')) {
|
|
|
|
|
tpl_var('auth_forgot_error', 'Possible request forgery detected, refresh and try again.');
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
if (empty($authEmail)) {
|
2018-08-15 01:12:58 +00:00
|
|
|
tpl_var('auth_forgot_error', 'Please enter an e-mail address.');
|
2018-07-21 23:54:12 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-06 23:30:48 +00:00
|
|
|
$forgotUser = db_prepare('
|
2018-07-21 23:54:12 +00:00
|
|
|
SELECT `user_id`, `username`, `email`
|
|
|
|
|
FROM `msz_users`
|
|
|
|
|
WHERE LOWER(`email`) = LOWER(:email)
|
|
|
|
|
');
|
2018-09-23 01:32:18 +00:00
|
|
|
$forgotUser->bindValue('email', $authEmail);
|
2018-07-21 23:54:12 +00:00
|
|
|
$forgotUser = $forgotUser->execute() ? $forgotUser->fetch(PDO::FETCH_ASSOC) : [];
|
|
|
|
|
|
|
|
|
|
if (empty($forgotUser)) {
|
2018-09-23 01:32:18 +00:00
|
|
|
tpl_var('auth_forgot_error', 'This user is not registered with us.');
|
2018-07-21 23:54:12 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-27 08:32:43 +00:00
|
|
|
$ipAddress = ip_remote_address();
|
2018-10-08 12:59:58 +00:00
|
|
|
|
2018-10-08 13:07:48 +00:00
|
|
|
if (!user_recovery_token_sent($forgotUser['user_id'], $ipAddress)) {
|
2018-10-08 12:59:58 +00:00
|
|
|
$verificationCode = user_recovery_token_create($forgotUser['user_id'], $ipAddress);
|
|
|
|
|
|
|
|
|
|
if (empty($verificationCode)) {
|
2018-07-21 23:54:12 +00:00
|
|
|
throw new UnexpectedValueException('A verification code failed to insert.');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$messageBody = <<<MSG
|
|
|
|
|
Hey {$forgotUser['username']},
|
|
|
|
|
|
|
|
|
|
You, or someone pretending to be you, has requested a password reset for your account.
|
|
|
|
|
|
|
|
|
|
Your verification code is: {$verificationCode}
|
|
|
|
|
|
|
|
|
|
If you weren't the person who requested this reset, please send a reply to this e-mail.
|
|
|
|
|
MSG;
|
|
|
|
|
|
2018-10-04 21:53:37 +00:00
|
|
|
$message = mail_compose(
|
|
|
|
|
[$forgotUser['email'] => $forgotUser['username']],
|
|
|
|
|
'Flashii Password Reset',
|
|
|
|
|
$messageBody
|
|
|
|
|
);
|
2018-07-21 23:54:12 +00:00
|
|
|
|
2018-10-04 21:53:37 +00:00
|
|
|
if (!mail_send($message)) {
|
|
|
|
|
tpl_var('auth_forgot_error', 'Failed to send reset email, please contact the administrator.');
|
2018-10-08 12:59:58 +00:00
|
|
|
user_recovery_token_invalidate($forgotUser['user_id'], $verificationCode);
|
2018-10-04 21:53:37 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2018-07-21 23:54:12 +00:00
|
|
|
}
|
|
|
|
|
|
2018-10-04 21:53:37 +00:00
|
|
|
header("Location: ?m=reset&u={$forgotUser['user_id']}");
|
2018-07-21 23:54:12 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-15 01:12:58 +00:00
|
|
|
echo tpl_render('auth.auth');
|
2018-03-14 01:39:02 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'login':
|
2018-10-02 22:34:05 +00:00
|
|
|
if (user_session_active()) {
|
2018-03-22 02:56:41 +00:00
|
|
|
header('Location: /');
|
2018-03-14 01:39:02 +00:00
|
|
|
break;
|
2018-02-22 16:37:10 +00:00
|
|
|
}
|
|
|
|
|
|
2018-05-27 00:20:35 +00:00
|
|
|
$userAgent = $_SERVER['HTTP_USER_AGENT'] ?? '';
|
|
|
|
|
$authLoginError = '';
|
2018-01-16 07:26:29 +00:00
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
while ($isSubmission) {
|
2018-09-27 08:32:43 +00:00
|
|
|
$ipAddress = ip_remote_address();
|
2018-03-22 03:45:59 +00:00
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
if (!isset($authUsername, $authPassword)) {
|
2018-05-27 00:20:35 +00:00
|
|
|
$authLoginError = "You didn't fill all the forms!";
|
2018-03-22 02:56:41 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2018-01-16 07:26:29 +00:00
|
|
|
|
2018-05-27 00:20:35 +00:00
|
|
|
$remainingAttempts = user_login_attempts_remaining($ipAddress);
|
2018-05-16 02:58:21 +00:00
|
|
|
|
|
|
|
|
if ($remainingAttempts < 1) {
|
2018-05-27 00:20:35 +00:00
|
|
|
$authLoginError = 'Too many failed login attempts, try again later.';
|
2018-03-22 03:45:59 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-02 19:16:42 +00:00
|
|
|
if (!csrf_verify('login', $_POST['csrf'] ?? '')) {
|
|
|
|
|
$authLoginError = 'Possible request forgery detected, refresh and try again.';
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-06 23:30:48 +00:00
|
|
|
$getUser = db_prepare('
|
2018-05-16 02:58:21 +00:00
|
|
|
SELECT `user_id`, `password`
|
|
|
|
|
FROM `msz_users`
|
|
|
|
|
WHERE LOWER(`email`) = LOWER(:email)
|
|
|
|
|
OR LOWER(`username`) = LOWER(:username)
|
|
|
|
|
');
|
2018-09-23 01:32:18 +00:00
|
|
|
$getUser->bindValue('email', $authUsername);
|
|
|
|
|
$getUser->bindValue('username', $authUsername);
|
2018-05-16 02:58:21 +00:00
|
|
|
$userData = $getUser->execute() ? $getUser->fetch() : [];
|
|
|
|
|
$userId = (int)($userData['user_id'] ?? 0);
|
|
|
|
|
|
2018-05-27 00:20:35 +00:00
|
|
|
$loginFailedError = sprintf(
|
|
|
|
|
"Invalid username or password, %d attempt%s remaining.",
|
|
|
|
|
$remainingAttempts - 1,
|
|
|
|
|
$remainingAttempts === 2 ? '' : 's'
|
|
|
|
|
);
|
2018-05-16 02:58:21 +00:00
|
|
|
|
|
|
|
|
if ($userId < 1) {
|
2018-05-27 00:20:35 +00:00
|
|
|
user_login_attempt_record(false, null, $ipAddress, $userAgent);
|
|
|
|
|
$authLoginError = $loginFailedError;
|
2018-03-22 02:56:41 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2018-01-16 07:26:29 +00:00
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
if (!password_verify($authPassword, $userData['password'])) {
|
2018-05-27 00:20:35 +00:00
|
|
|
user_login_attempt_record(false, $userId, $ipAddress, $userAgent);
|
|
|
|
|
$authLoginError = $loginFailedError;
|
2018-03-22 02:56:41 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2018-02-10 23:18:49 +00:00
|
|
|
|
2018-05-27 00:20:35 +00:00
|
|
|
user_login_attempt_record(true, $userId, $ipAddress, $userAgent);
|
2018-09-28 07:56:55 +00:00
|
|
|
|
2018-10-05 07:33:26 +00:00
|
|
|
if ($loginPermission > 0) {
|
2018-09-28 07:56:55 +00:00
|
|
|
$generalPerms = perms_get_user(MSZ_PERMS_GENERAL, $userId);
|
|
|
|
|
|
2018-10-05 07:33:26 +00:00
|
|
|
if (!perms_check($generalPerms, $loginPermission)) {
|
2018-09-28 07:56:55 +00:00
|
|
|
$authLoginError = 'Your credentials were correct, but your account lacks the proper permissions to use this website.';
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-05-27 00:20:35 +00:00
|
|
|
$sessionKey = user_session_create($userId, $ipAddress, $userAgent);
|
|
|
|
|
|
|
|
|
|
if ($sessionKey === '') {
|
|
|
|
|
$authLoginError = 'Unable to create new session, contact an administrator ASAP.';
|
2018-05-16 02:58:21 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2018-03-22 03:45:59 +00:00
|
|
|
|
2018-10-02 22:34:05 +00:00
|
|
|
user_session_start($userId, $sessionKey);
|
2018-10-02 22:43:04 +00:00
|
|
|
$cookieLife = strtotime(user_session_current('expires_on'));
|
2018-05-16 02:58:21 +00:00
|
|
|
set_cookie_m('uid', $userId, $cookieLife);
|
|
|
|
|
set_cookie_m('sid', $sessionKey, $cookieLife);
|
2018-03-22 02:56:41 +00:00
|
|
|
|
|
|
|
|
header('Location: /');
|
|
|
|
|
return;
|
|
|
|
|
}
|
2018-01-16 07:26:29 +00:00
|
|
|
|
2018-05-27 00:20:35 +00:00
|
|
|
if (!empty($authLoginError)) {
|
2018-08-15 01:12:58 +00:00
|
|
|
tpl_var('auth_login_error', $authLoginError);
|
2018-10-05 07:33:26 +00:00
|
|
|
} elseif ($siteIsPrivate) {
|
|
|
|
|
tpl_var('auth_register_message', config_get_default('', 'Private', 'message'));
|
2018-03-22 02:56:41 +00:00
|
|
|
}
|
2018-01-16 07:26:29 +00:00
|
|
|
|
2018-08-15 01:12:58 +00:00
|
|
|
echo tpl_render('auth.auth');
|
2018-03-14 01:39:02 +00:00
|
|
|
break;
|
2018-01-28 03:32:28 +00:00
|
|
|
|
2018-03-14 01:39:02 +00:00
|
|
|
case 'register':
|
2018-10-02 22:34:05 +00:00
|
|
|
if (user_session_active()) {
|
2018-03-22 02:56:41 +00:00
|
|
|
header('Location: /');
|
2018-02-22 16:37:10 +00:00
|
|
|
}
|
|
|
|
|
|
2018-05-27 00:20:35 +00:00
|
|
|
$authRegistrationError = '';
|
2018-03-14 01:39:02 +00:00
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
while ($isSubmission) {
|
2018-10-05 07:33:26 +00:00
|
|
|
if (!$canCreateAccount) {
|
|
|
|
|
$authRegistrationError = 'You may not create an account right now.';
|
2018-03-22 02:56:41 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2018-03-13 22:04:01 +00:00
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
if (!isset($authUsername, $authPassword, $authEmail)) {
|
2018-05-27 00:20:35 +00:00
|
|
|
$authRegistrationError = "You didn't fill all the forms!";
|
2018-03-22 02:56:41 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2018-01-16 07:26:29 +00:00
|
|
|
|
2018-10-02 19:16:42 +00:00
|
|
|
if (!csrf_verify('register', $_POST['csrf'] ?? '')) {
|
|
|
|
|
$authRegistrationError = 'Possible request forgery detected, refresh and try again.';
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-30 21:24:15 +00:00
|
|
|
$checkSpamBot = mb_strtolower($_POST['auth']['meow'] ?? '');
|
|
|
|
|
$spamBotValid = [
|
|
|
|
|
'19', '21', 'nineteen', 'nine-teen', 'nine teen', 'twentyone', 'twenty-one', 'twenty one',
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
if (!in_array($checkSpamBot, $spamBotValid)) {
|
|
|
|
|
$authRegistrationError = 'Human only cool club, robots begone.';
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
$usernameValidation = user_validate_username($authUsername, true);
|
2018-05-27 00:20:35 +00:00
|
|
|
if ($usernameValidation !== '') {
|
|
|
|
|
$authRegistrationError = $usernameValidationErrors[$usernameValidation];
|
2018-03-22 02:56:41 +00:00
|
|
|
break;
|
|
|
|
|
}
|
2018-01-16 07:26:29 +00:00
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
$emailValidation = user_validate_email($authEmail, true);
|
2018-05-27 00:20:35 +00:00
|
|
|
if ($emailValidation !== '') {
|
|
|
|
|
$authRegistrationError = $emailValidation === 'in-use'
|
2018-03-23 00:01:42 +00:00
|
|
|
? 'This e-mail address has already been used!'
|
|
|
|
|
: 'The e-mail address you entered is invalid!';
|
2018-03-14 01:39:02 +00:00
|
|
|
break;
|
2018-01-16 07:26:29 +00:00
|
|
|
}
|
|
|
|
|
|
2018-09-23 01:32:18 +00:00
|
|
|
if (user_validate_password($authPassword) !== '') {
|
2018-05-27 00:20:35 +00:00
|
|
|
$authRegistrationError = 'Your password is too weak!';
|
2018-03-14 01:39:02 +00:00
|
|
|
break;
|
2018-01-16 07:26:29 +00:00
|
|
|
}
|
|
|
|
|
|
2018-05-27 00:20:35 +00:00
|
|
|
$createUser = user_create(
|
2018-09-23 01:32:18 +00:00
|
|
|
$authUsername,
|
|
|
|
|
$authPassword,
|
|
|
|
|
$authEmail,
|
2018-09-27 08:32:43 +00:00
|
|
|
ip_remote_address()
|
2018-05-27 00:20:35 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if ($createUser < 1) {
|
|
|
|
|
$authRegistrationError = 'Something happened?';
|
2018-05-16 02:58:21 +00:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
2018-05-27 00:20:35 +00:00
|
|
|
user_role_add($createUser, MSZ_ROLE_MAIN);
|
2018-05-16 02:58:21 +00:00
|
|
|
|
2018-08-15 01:12:58 +00:00
|
|
|
tpl_var('auth_register_message', 'Welcome to Flashii! You may now log in.');
|
2018-03-14 01:39:02 +00:00
|
|
|
break;
|
2018-01-16 07:26:29 +00:00
|
|
|
}
|
|
|
|
|
|
2018-05-27 00:20:35 +00:00
|
|
|
if (!empty($authRegistrationError)) {
|
2018-08-15 01:12:58 +00:00
|
|
|
tpl_var('auth_register_error', $authRegistrationError);
|
2018-03-22 02:56:41 +00:00
|
|
|
}
|
2018-01-16 07:26:29 +00:00
|
|
|
|
2018-08-15 01:12:58 +00:00
|
|
|
echo tpl_render('auth.auth');
|
2018-03-14 01:39:02 +00:00
|
|
|
break;
|
2018-01-16 07:26:29 +00:00
|
|
|
}
|
