104 lines
3.6 KiB
PHP
104 lines
3.6 KiB
PHP
<?php
|
|
namespace Misuzu;
|
|
|
|
use RuntimeException;
|
|
use Misuzu\Users\{User,UserPasswordsData};
|
|
|
|
if(!isset($msz) || !($msz instanceof \Misuzu\MisuzuContext))
|
|
die('Script must be called through the Misuzu route dispatcher.');
|
|
|
|
if($msz->authInfo->loggedIn) {
|
|
Tools::redirect($msz->urls->format('index'));
|
|
return;
|
|
}
|
|
|
|
$notices = [];
|
|
$ipAddress = $_SERVER['REMOTE_ADDR'];
|
|
$countryCode = $_SERVER['COUNTRY_CODE'] ?? 'XX';
|
|
|
|
$remainingAttempts = $msz->authCtx->loginAttempts->countRemainingAttempts($ipAddress);
|
|
|
|
while($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
if(!CSRF::validateRequest()) {
|
|
$notices[] = 'Was unable to verify the request, please try again!';
|
|
break;
|
|
}
|
|
|
|
if($remainingAttempts < 1) {
|
|
$notices[] = "There are too many failed login attempts from your IP address, you may not create an account right now.";
|
|
break;
|
|
}
|
|
|
|
if(empty($_POST['username']) || empty($_POST['password']) || empty($_POST['email']) || empty($_POST['question'])
|
|
|| !is_scalar($_POST['username']) || !is_scalar($_POST['password']) || !is_scalar($_POST['email']) || !is_scalar($_POST['question'])) {
|
|
$notices[] = "You haven't filled in all fields.";
|
|
break;
|
|
}
|
|
|
|
$checkSpamBot = mb_strtolower($_POST['question']);
|
|
$spamBotValid = [
|
|
'21', 'twentyone', 'twenty-one', 'twenty one',
|
|
];
|
|
$spamBotHint = [
|
|
'19', 'nineteen', 'nine-teen', 'nine teen',
|
|
];
|
|
|
|
if(!in_array($checkSpamBot, $spamBotValid)) {
|
|
if(in_array($checkSpamBot, $spamBotHint))
|
|
$notices[] = '_play_hint';
|
|
|
|
$notices[] = 'Human only cool club, robots begone.';
|
|
break;
|
|
}
|
|
|
|
$usernameValidation = $msz->usersCtx->users->validateName($_POST['username']);
|
|
if($usernameValidation !== '')
|
|
$notices[] = $msz->usersCtx->users->validateNameText($usernameValidation);
|
|
|
|
$emailValidation = $msz->usersCtx->users->validateEMailAddress($_POST['email']);
|
|
if($emailValidation !== '')
|
|
$notices[] = $msz->usersCtx->users->validateEMailAddressText($emailValidation);
|
|
|
|
if($_POST['password_confirm'] !== $_POST['password'])
|
|
$notices[] = "The given passwords don't match.";
|
|
|
|
$passwordValidation = UserPasswordsData::validateUserPassword($_POST['password']);
|
|
if($passwordValidation !== '')
|
|
$notices[] = UserPasswordsData::validateUserPasswordText($passwordValidation);
|
|
|
|
if(!empty($notices))
|
|
break;
|
|
|
|
$defaultRoleInfo = $msz->usersCtx->roles->getDefaultRole();
|
|
|
|
try {
|
|
$userInfo = $msz->usersCtx->users->createUser(
|
|
$_POST['username'],
|
|
$_POST['email'],
|
|
$ipAddress,
|
|
$countryCode,
|
|
$defaultRoleInfo
|
|
);
|
|
$msz->usersCtx->passwords->updateUserPassword($userInfo, $_POST['password']);
|
|
} catch(RuntimeException $ex) {
|
|
$notices[] = 'Something went wrong while creating your account, please alert an administrator or a developer about this!';
|
|
break;
|
|
}
|
|
|
|
$msz->usersCtx->users->addRoles($userInfo, $defaultRoleInfo);
|
|
$msz->config->setString('users.newest', $userInfo->id);
|
|
$msz->perms->precalculatePermissions(
|
|
$msz->forumCtx->categories,
|
|
[$userInfo->id]
|
|
);
|
|
|
|
Tools::redirect($msz->urls->format('auth-login-welcome', ['username' => $userInfo->name]));
|
|
return;
|
|
}
|
|
|
|
Template::render('auth.register', [
|
|
'register_notices' => $notices,
|
|
'register_username' => !empty($_POST['username']) && is_scalar($_POST['username']) ? (string)$_POST['username'] : '',
|
|
'register_email' => !empty($_POST['email']) && is_scalar($_POST['email']) ? (string)$_POST['email'] : '',
|
|
'register_restricted' => '',
|
|
]);
|