register.php 25 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646
  1. <?php
  2. /**
  3. * StatusNet, the distributed open-source microblogging tool
  4. *
  5. * Register a new user account
  6. *
  7. * PHP version 5
  8. *
  9. * LICENCE: This program is free software: you can redistribute it and/or modify
  10. * it under the terms of the GNU Affero General Public License as published by
  11. * the Free Software Foundation, either version 3 of the License, or
  12. * (at your option) any later version.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU Affero General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU Affero General Public License
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  21. *
  22. * @category Login
  23. * @package StatusNet
  24. * @author Evan Prodromou <evan@status.net>
  25. * @copyright 2008-2009 StatusNet, Inc.
  26. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  27. * @link http://status.net/
  28. */
  29. if (!defined('GNUSOCIAL') && !defined('STATUSNET')) { exit(1); }
  30. /**
  31. * An action for registering a new user account
  32. *
  33. * @category Login
  34. * @package StatusNet
  35. * @author Evan Prodromou <evan@status.net>
  36. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  37. * @link http://status.net/
  38. */
  39. class RegisterAction extends Action
  40. {
  41. /**
  42. * Has there been an error?
  43. */
  44. var $error = null;
  45. /**
  46. * Have we registered?
  47. */
  48. var $registered = false;
  49. /**
  50. * Are we processing an invite?
  51. */
  52. var $invite = null;
  53. /**
  54. * Prepare page to run
  55. *
  56. *
  57. * @param $args
  58. * @return string title
  59. */
  60. protected function prepare(array $args=array())
  61. {
  62. parent::prepare($args);
  63. $this->code = $this->trimmed('code');
  64. if (empty($this->code)) {
  65. common_ensure_session();
  66. if (array_key_exists('invitecode', $_SESSION)) {
  67. $this->code = $_SESSION['invitecode'];
  68. }
  69. }
  70. if (common_config('site', 'inviteonly') && empty($this->code)) {
  71. // TRANS: Client error displayed when trying to register to an invite-only site without an invitation.
  72. $this->clientError(_('Sorry, only invited people can register.'));
  73. }
  74. if (!empty($this->code)) {
  75. $this->invite = Invitation::getKV('code', $this->code);
  76. if (!$this->invite instanceof Invitation) {
  77. // TRANS: Client error displayed when trying to register to an invite-only site without a valid invitation.
  78. $this->clientError(_('Sorry, invalid invitation code.'));
  79. }
  80. // Store this in case we need it
  81. common_ensure_session();
  82. $_SESSION['invitecode'] = $this->code;
  83. }
  84. return true;
  85. }
  86. /**
  87. * Title of the page
  88. *
  89. * @return string title
  90. */
  91. function title()
  92. {
  93. if ($this->registered) {
  94. // TRANS: Title for registration page after a succesful registration.
  95. return _('Registration successful');
  96. } else {
  97. // TRANS: Title for registration page.
  98. return _m('TITLE','Register');
  99. }
  100. }
  101. /**
  102. * Handle input, produce output
  103. *
  104. * Switches on request method; either shows the form or handles its input.
  105. *
  106. * Checks if registration is closed and shows an error if so.
  107. *
  108. * @param array $args $_REQUEST data
  109. *
  110. * @return void
  111. */
  112. function handle()
  113. {
  114. parent::handle();
  115. if (common_config('site', 'closed')) {
  116. // TRANS: Client error displayed when trying to register to a closed site.
  117. $this->clientError(_('Registration not allowed.'));
  118. } else if (common_logged_in()) {
  119. // TRANS: Client error displayed when trying to register while already logged in.
  120. $this->clientError(_('Already logged in.'));
  121. } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
  122. try {
  123. $this->tryRegister();
  124. } catch (ClientException $e) {
  125. $this->showForm($e->getMessage());
  126. }
  127. } else {
  128. $this->showForm();
  129. }
  130. }
  131. function showScripts()
  132. {
  133. parent::showScripts();
  134. $this->autofocus('nickname');
  135. }
  136. /**
  137. * Try to register a user
  138. *
  139. * Validates the input and tries to save a new user and profile
  140. * record. On success, shows an instructions page.
  141. *
  142. * @return void
  143. */
  144. function tryRegister()
  145. {
  146. if (Event::handle('StartRegistrationTry', array($this))) {
  147. $token = $this->trimmed('token');
  148. if (!$token || $token != common_session_token()) {
  149. // TRANS: Client error displayed when the session token does not match or is not given.
  150. $this->showForm(_('There was a problem with your session token. '.
  151. 'Try again, please.'));
  152. return;
  153. }
  154. $nickname = $this->trimmed('nickname');
  155. $email = $this->trimmed('email');
  156. $fullname = $this->trimmed('fullname');
  157. $homepage = $this->trimmed('homepage');
  158. $bio = $this->trimmed('bio');
  159. $location = $this->trimmed('location');
  160. // We don't trim these... whitespace is OK in a password!
  161. $password = $this->arg('password');
  162. $confirm = $this->arg('confirm');
  163. // invitation code, if any
  164. $code = $this->trimmed('code');
  165. if ($code) {
  166. $invite = Invitation::getKV($code);
  167. }
  168. if (common_config('site', 'inviteonly') && !($code && $invite)) {
  169. // TRANS: Client error displayed when trying to register to an invite-only site without an invitation.
  170. $this->clientError(_('Sorry, only invited people can register.'));
  171. }
  172. // Input scrubbing
  173. try {
  174. $nickname = Nickname::normalize($nickname, true);
  175. } catch (NicknameException $e) {
  176. $this->showForm($e->getMessage());
  177. return;
  178. }
  179. $email = common_canonical_email($email);
  180. if (!$this->boolean('license')) {
  181. // TRANS: Form validation error displayed when trying to register without agreeing to the site license.
  182. $this->showForm(_('You cannot register if you do not '.
  183. 'agree to the license.'));
  184. } else if ($email && !Validate::email($email, common_config('email', 'check_domain'))) {
  185. // TRANS: Form validation error displayed when trying to register without a valid e-mail address.
  186. $this->showForm(_('Not a valid email address.'));
  187. } else if ($this->emailExists($email)) {
  188. // TRANS: Form validation error displayed when trying to register with an already registered e-mail address.
  189. $this->showForm(_('Email address already exists.'));
  190. } else if (!is_null($homepage) && (strlen($homepage) > 0) &&
  191. !common_valid_http_url($homepage)) {
  192. // TRANS: Form validation error displayed when trying to register with an invalid homepage URL.
  193. $this->showForm(_('Homepage is not a valid URL.'));
  194. } else if (Profile::bioTooLong($bio)) {
  195. // TRANS: Form validation error on registration page when providing too long a bio text.
  196. // TRANS: %d is the maximum number of characters for bio; used for plural.
  197. $this->showForm(sprintf(_m('Bio is too long (maximum %d character).',
  198. 'Bio is too long (maximum %d characters).',
  199. Profile::maxBio()),
  200. Profile::maxBio()));
  201. } else if (strlen($password) < 6) {
  202. // TRANS: Form validation error displayed when trying to register with too short a password.
  203. $this->showForm(_('Password must be 6 or more characters.'));
  204. } else if ($password != $confirm) {
  205. // TRANS: Form validation error displayed when trying to register with non-matching passwords.
  206. $this->showForm(_('Passwords do not match.'));
  207. } else {
  208. try {
  209. $user = User::register(array('nickname' => $nickname,
  210. 'password' => $password,
  211. 'email' => $email,
  212. 'fullname' => $fullname,
  213. 'homepage' => $homepage,
  214. 'bio' => $bio,
  215. 'location' => $location,
  216. 'code' => $code));
  217. // success!
  218. if (!common_set_user($user)) {
  219. // TRANS: Server error displayed when saving fails during user registration.
  220. $this->serverError(_('Error setting user.'));
  221. }
  222. // this is a real login
  223. common_real_login(true);
  224. if ($this->boolean('rememberme')) {
  225. common_debug('Adding rememberme cookie for ' . $nickname);
  226. common_rememberme($user);
  227. }
  228. // Re-init language env in case it changed (not yet, but soon)
  229. common_init_language();
  230. Event::handle('EndRegistrationTry', array($this));
  231. $this->showSuccess();
  232. } catch (Exception $e) {
  233. // TRANS: Form validation error displayed when trying to register with an invalid username or password.
  234. $this->showForm($e->getMessage());
  235. }
  236. }
  237. }
  238. }
  239. /**
  240. * Does the given email address already exist?
  241. *
  242. * Checks a canonical email address against the database.
  243. *
  244. * @param string $email email address to check
  245. *
  246. * @return boolean true if the address already exists
  247. */
  248. function emailExists($email)
  249. {
  250. $email = common_canonical_email($email);
  251. if (!$email || strlen($email) == 0) {
  252. return false;
  253. }
  254. $user = User::getKV('email', $email);
  255. return is_object($user);
  256. }
  257. // overrrided to add entry-title class
  258. function showPageTitle() {
  259. if (Event::handle('StartShowPageTitle', array($this))) {
  260. $this->element('h1', array('class' => 'entry-title'), $this->title());
  261. }
  262. }
  263. // overrided to add h-entry, and content-inner class
  264. function showContentBlock()
  265. {
  266. $this->elementStart('div', array('id' => 'content', 'class' => 'h-entry'));
  267. $this->showPageTitle();
  268. $this->showPageNoticeBlock();
  269. $this->elementStart('div', array('id' => 'content_inner',
  270. 'class' => 'e-content'));
  271. // show the actual content (forms, lists, whatever)
  272. $this->showContent();
  273. $this->elementEnd('div');
  274. $this->elementEnd('div');
  275. }
  276. /**
  277. * Instructions or a notice for the page
  278. *
  279. * Shows the error, if any, or instructions for registration.
  280. *
  281. * @return void
  282. */
  283. function showPageNotice()
  284. {
  285. if ($this->registered) {
  286. return;
  287. } else if ($this->error) {
  288. $this->element('p', 'error', $this->error);
  289. } else {
  290. $instr =
  291. // TRANS: Page notice on registration page.
  292. common_markup_to_html(_('With this form you can create '.
  293. 'a new account. ' .
  294. 'You can then post notices and '.
  295. 'link up to friends and colleagues.'));
  296. $this->elementStart('div', 'instructions');
  297. $this->raw($instr);
  298. $this->elementEnd('div');
  299. }
  300. }
  301. /**
  302. * Wrapper for showing a page
  303. *
  304. * Stores an error and shows the page
  305. *
  306. * @param string $error Error, if any
  307. *
  308. * @return void
  309. */
  310. function showForm($error=null)
  311. {
  312. $this->error = $error;
  313. $this->showPage();
  314. }
  315. /**
  316. * Show the page content
  317. *
  318. * Either shows the registration form or, if registration was successful,
  319. * instructions for using the site.
  320. *
  321. * @return void
  322. */
  323. function showContent()
  324. {
  325. if ($this->registered) {
  326. $this->showSuccessContent();
  327. } else {
  328. $this->showFormContent();
  329. }
  330. }
  331. /**
  332. * Show the registration form
  333. *
  334. * @return void
  335. */
  336. function showFormContent()
  337. {
  338. $code = $this->trimmed('code');
  339. $invite = null;
  340. if ($code) {
  341. $invite = Invitation::getKV($code);
  342. }
  343. if (common_config('site', 'inviteonly') && !($code && $invite)) {
  344. // TRANS: Client error displayed when trying to register to an invite-only site without an invitation.
  345. $this->clientError(_('Sorry, only invited people can register.'));
  346. }
  347. $this->elementStart('form', array('method' => 'post',
  348. 'id' => 'form_register',
  349. 'class' => 'form_settings',
  350. 'action' => common_local_url('register')));
  351. $this->elementStart('fieldset');
  352. // TRANS: Fieldset legend on accout registration page.
  353. $this->element('legend', null, 'Account settings');
  354. $this->hidden('token', common_session_token());
  355. if ($this->code) {
  356. $this->hidden('code', $this->code);
  357. }
  358. $this->elementStart('ul', 'form_data');
  359. if (Event::handle('StartRegistrationFormData', array($this))) {
  360. $this->elementStart('li');
  361. // TRANS: Field label on account registration page.
  362. $this->input('nickname', _('Nickname'), $this->trimmed('nickname'),
  363. // TRANS: Field title on account registration page.
  364. _('1-64 lowercase letters or numbers, no punctuation or spaces.'));
  365. $this->elementEnd('li');
  366. $this->elementStart('li');
  367. // TRANS: Field label on account registration page.
  368. $this->password('password', _('Password'),
  369. // TRANS: Field title on account registration page.
  370. _('6 or more characters.'));
  371. $this->elementEnd('li');
  372. $this->elementStart('li');
  373. // TRANS: Field label on account registration page. In this field the password has to be entered a second time.
  374. $this->password('confirm', _m('PASSWORD','Confirm'),
  375. // TRANS: Field title on account registration page.
  376. _('Same as password above.'));
  377. $this->elementEnd('li');
  378. $this->elementStart('li');
  379. if ($this->invite && $this->invite->address_type == 'email') {
  380. // TRANS: Field label on account registration page.
  381. $this->input('email', _m('LABEL','Email'), $this->invite->address,
  382. // TRANS: Field title on account registration page.
  383. _('Used only for updates, announcements, '.
  384. 'and password recovery.'));
  385. } else {
  386. // TRANS: Field label on account registration page.
  387. $this->input('email', _m('LABEL','Email'), $this->trimmed('email'),
  388. // TRANS: Field title on account registration page.
  389. _('Used only for updates, announcements, '.
  390. 'and password recovery.'));
  391. }
  392. $this->elementEnd('li');
  393. $this->elementStart('li');
  394. // TRANS: Field label on account registration page.
  395. $this->input('fullname', _('Full name'),
  396. $this->trimmed('fullname'),
  397. // TRANS: Field title on account registration page.
  398. _('Longer name, preferably your "real" name.'));
  399. $this->elementEnd('li');
  400. $this->elementStart('li');
  401. // TRANS: Field label on account registration page.
  402. $this->input('homepage', _('Homepage'),
  403. $this->trimmed('homepage'),
  404. // TRANS: Field title on account registration page.
  405. _('URL of your homepage, blog, '.
  406. 'or profile on another site.'));
  407. $this->elementEnd('li');
  408. $this->elementStart('li');
  409. $maxBio = Profile::maxBio();
  410. if ($maxBio > 0) {
  411. // TRANS: Text area title in form for account registration. Plural
  412. // TRANS: is decided by the number of characters available for the
  413. // TRANS: biography (%d).
  414. $bioInstr = sprintf(_m('Describe yourself and your interests in %d character.',
  415. 'Describe yourself and your interests in %d characters.',
  416. $maxBio),
  417. $maxBio);
  418. } else {
  419. // TRANS: Text area title on account registration page.
  420. $bioInstr = _('Describe yourself and your interests.');
  421. }
  422. // TRANS: Text area label on account registration page.
  423. $this->textarea('bio', _('Bio'),
  424. $this->trimmed('bio'),
  425. $bioInstr);
  426. $this->elementEnd('li');
  427. $this->elementStart('li');
  428. // TRANS: Field label on account registration page.
  429. $this->input('location', _('Location'),
  430. $this->trimmed('location'),
  431. // TRANS: Field title on account registration page.
  432. _('Where you are, like "City, '.
  433. 'State (or Region), Country".'));
  434. $this->elementEnd('li');
  435. Event::handle('EndRegistrationFormData', array($this));
  436. $this->elementStart('li', array('id' => 'settings_rememberme'));
  437. // TRANS: Checkbox label on account registration page.
  438. $this->checkbox('rememberme', _('Remember me'),
  439. $this->boolean('rememberme'),
  440. // TRANS: Checkbox title on account registration page.
  441. _('Automatically login in the future; '.
  442. 'not for shared computers!'));
  443. $this->elementEnd('li');
  444. $attrs = array('type' => 'checkbox',
  445. 'id' => 'license',
  446. 'class' => 'checkbox',
  447. 'name' => 'license',
  448. 'required' => 'true',
  449. 'value' => 'true');
  450. if ($this->boolean('license')) {
  451. $attrs['checked'] = 'checked';
  452. }
  453. $this->elementStart('li');
  454. $this->element('input', $attrs);
  455. $this->elementStart('label', array('class' => 'checkbox', 'for' => 'license'));
  456. $this->raw($this->licenseCheckbox());
  457. $this->elementEnd('label');
  458. $this->elementEnd('li');
  459. }
  460. $this->elementEnd('ul');
  461. // TRANS: Button text to register a user on account registration page.
  462. $this->submit('submit', _m('BUTTON','Register'));
  463. $this->elementEnd('fieldset');
  464. $this->elementEnd('form');
  465. }
  466. function licenseCheckbox()
  467. {
  468. $out = '';
  469. switch (common_config('license', 'type')) {
  470. case 'private':
  471. $out .= htmlspecialchars(sprintf(
  472. // TRANS: Copyright checkbox label in registration dialog, for private sites.
  473. // TRANS: %1$s is the StatusNet sitename.
  474. _('I understand that content and data of %1$s are private and confidential.'),
  475. common_config('site', 'name')));
  476. // fall through
  477. case 'allrightsreserved':
  478. if ($out != '') {
  479. $out .= ' ';
  480. }
  481. if (common_config('license', 'owner')) {
  482. $out .= htmlspecialchars(sprintf(
  483. // TRANS: Copyright checkbox label in registration dialog, for all rights reserved with a specified copyright owner.
  484. // TRANS: %1$s is the license owner.
  485. _('My text and files are copyright by %1$s.'),
  486. common_config('license', 'owner')));
  487. } else {
  488. // TRANS: Copyright checkbox label in registration dialog, for all rights reserved with ownership left to contributors.
  489. $out .= htmlspecialchars(_('My text and files remain under my own copyright.'));
  490. }
  491. // TRANS: Copyright checkbox label in registration dialog, for all rights reserved.
  492. $out .= ' ' . _('All rights reserved.');
  493. break;
  494. case 'cc': // fall through
  495. default:
  496. // TRANS: Copyright checkbox label in registration dialog, for Creative Commons-style licenses.
  497. $message = _('My text and files are available under %s ' .
  498. 'except this private data: password, ' .
  499. 'email address, IM address, and phone number.');
  500. $link = '<a href="' .
  501. htmlspecialchars(common_config('license', 'url')) .
  502. '">' .
  503. htmlspecialchars(common_config('license', 'title')) .
  504. '</a>';
  505. $out .= sprintf(htmlspecialchars($message), $link);
  506. }
  507. return $out;
  508. }
  509. /**
  510. * Show some information about registering for the site
  511. *
  512. * Save the registration flag, run showPage
  513. *
  514. * @return void
  515. */
  516. function showSuccess()
  517. {
  518. $this->registered = true;
  519. $this->showPage();
  520. }
  521. /**
  522. * Show some information about registering for the site
  523. *
  524. * Gives some information and options for new registrees.
  525. *
  526. * @return void
  527. */
  528. function showSuccessContent()
  529. {
  530. if (Event::handle('StartRegisterSuccess', array($this))) {
  531. $nickname = $this->arg('nickname');
  532. $profileurl = common_local_url('showstream',
  533. array('nickname' => $nickname));
  534. $this->elementStart('div', 'success');
  535. // TRANS: Text displayed after successful account registration.
  536. // TRANS: %1$s is the registered nickname, %2$s is the profile URL.
  537. // TRANS: This message contains Markdown links in the form [link text](link)
  538. // TRANS: and variables in the form %%%%variable%%%%. Please mind the syntax.
  539. $instr = sprintf(_('Congratulations, %1$s! And welcome to %%%%site.name%%%%. '.
  540. 'From here, you may want to...'. "\n\n" .
  541. '* Go to [your profile](%2$s) '.
  542. 'and post your first message.' . "\n" .
  543. '* Add a [Jabber/GTalk address]'.
  544. '(%%%%action.imsettings%%%%) '.
  545. 'so you can send notices '.
  546. 'through instant messages.' . "\n" .
  547. '* [Search for people](%%%%action.peoplesearch%%%%) '.
  548. 'that you may know or '.
  549. 'that share your interests. ' . "\n" .
  550. '* Update your [profile settings]'.
  551. '(%%%%action.profilesettings%%%%)'.
  552. ' to tell others more about you. ' . "\n" .
  553. '* Read over the [online docs](%%%%doc.help%%%%)'.
  554. ' for features you may have missed. ' . "\n\n" .
  555. 'Thanks for signing up and we hope '.
  556. 'you enjoy using this service.'),
  557. $nickname, $profileurl);
  558. $this->raw(common_markup_to_html($instr));
  559. $have_email = $this->trimmed('email');
  560. if ($have_email) {
  561. // TRANS: Instruction text on how to deal with the e-mail address confirmation e-mail.
  562. $emailinstr = _('(You should receive a message by email '.
  563. 'momentarily, with ' .
  564. 'instructions on how to confirm '.
  565. 'your email address.)');
  566. $this->raw(common_markup_to_html($emailinstr));
  567. }
  568. $this->elementEnd('div');
  569. Event::handle('EndRegisterSuccess', array($this));
  570. }
  571. }
  572. /**
  573. * Show the login group nav menu
  574. *
  575. * @return void
  576. */
  577. function showLocalNav()
  578. {
  579. if (common_logged_in()) {
  580. parent::showLocalNav();
  581. } else {
  582. $nav = new LoginGroupNav($this);
  583. $nav->show();
  584. }
  585. }
  586. /**
  587. * Show a bit of login context
  588. *
  589. * @return nothing
  590. */
  591. function showProfileBlock()
  592. {
  593. if (common_logged_in()) {
  594. parent::showProfileBlock();
  595. }
  596. }
  597. }