gusucode.com > weenCompany闻名企业网站系统 4.0.0 繁体中英文 UTF8源码程序 > modules/m12_registration/register.php
<?php
// +---------------------------------------------+
// | Copyright 2006 - 2008 weenCompany |
// | http://www.weentech.com |
// | This file may not be redistributed. |
// +---------------------------------------------+
if(!defined('IN_WEENCOMPANY'))
{
die("File not found!");
}
// ######################### FORGOT PASSWORD FORM ########################
function m12_ForgotPasswordForm($errors)
{
global $categoryid, $inputsize, $m12_language;
if($errors)
{
foreach($errors as $key => $value)
{
echo $value . '<br /><br />';
}
}
echo '<form name="resetpwform" method="post" action="' . RewriteLink('index.php?categoryid='.$categoryid.'&m12_forgotpwd=1') . '">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td colspan="2"><input name="thisisweencompany" width="0" hight="0" size="0" style="visibility: hidden"></td>
</tr>
<tr>
<td>' . $m12_language['email'] . '</td>
<td><input name="m12_email" type="text" size="' . $inputsize . '" /> <input type="submit" name="m12_pwdreset" value="' . strip_tags($m12_language['pwd_reset']) . '" /></td>
</tr>
</table>
</form>';
}
// ########################## REGISTER USER ##########################
function m12_ResetPassword()
{
global $DB, $mainsettings, $categoryid, $m12_language, $rootpath;
// check to see if email address exists
if($user = $DB->query_first("SELECT userid, username, password, email FROM " . TABLE_PREFIX . "users WHERE email = '$_POST[m12_email]'"))
{
$verification_code = md5($user['password'].$user['userid']) . '-' . $user['userid'];
$verification_code_url = str_replace('&', '&', RewriteLink('index.php?categoryid=' . $categoryid . '&m12_verification_code=' . $verification_code));
// send email
$fromname = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $mainsettings['websitetitle']))).'?=';
$fromemail = $mainsettings['technicalemail'];
$subject = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $m12_language['email_subject']))).'?=';
$headers = "From: $fromname <$fromemail>" . EMAIL_CRLF;
$headers .= "Reply-To: \"$fromname\" <$fromemail>" . EMAIL_CRLF;
$headers .= "Content-type: text/plain; charset=utf-8" . EMAIL_CRLF;
$message = $user['username'] . "," . EMAIL_CRLF . EMAIL_CRLF . $m12_language['email_message_resetpassword'] . EMAIL_CRLF . EMAIL_CRLF . $verification_code_url;
if( $mainsettings['email_use_smtp'] == "1" ) {
require_once $rootpath . "/includes/mail/class.phpmailer.php";
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->Host = $mainsettings['email_smtp_host'];
$mail->Port = $mainsettings['email_smtp_port'];
$mail->CharSet = "utf8";
$mail->Encoding = "base64";
if( $mainsettings['email_smtp_require_auth'] == "1" ) {
$mail->SMTPAuth = true;
$mail->Username = $mainsettings['email_smtp_user'];
$mail->Password = $mainsettings['email_smtp_pass'];
}
$mail->From = $fromemail;
$mail->FromName = $mainsettings['websitetitle'];
$mail->AddAddress($user['email']);
$mail->Subject = $m12_language['email_subject'];
$mail->Body = $message;
if(!$mail->Send())
{
echo $mail->ErrorInfo;
return;
}
}else{
@mail($user['email'], $subject, $message, $headers);
}
echo $m12_language['password_reset_confirm'];
}
else
{
$errors[] = $m12_language['email_not_found'] . ' ' . $_POST['m12_email'];
m12_ForgotPasswordForm($errors);
}
}
function m12_ResetPasswordFinished($verification_code)
{
global $DB, $mainsettings, $m12_language, $rootpath;
$id = explode("-", $verification_code);
$thisuserid = $id[1];
// check to see if email address exists
if($user = $DB->query_first("SELECT userid, username, password, email FROM " . TABLE_PREFIX . "users WHERE userid = '$thisuserid'"))
{
$verification_code_this = md5($user['password'].$user['userid']) . '-' . $user['userid'];
if($verification_code == $verification_code_this){
// generate new password
$newpass = 'PWD' . str_pad(rand(1,999999), 6, '0');
$DB->query("UPDATE " . TABLE_PREFIX . "users SET password = '" . md5($newpass) . "' WHERE userid = " . $user['userid']);
// send email
$fromname = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $mainsettings['websitetitle']))).'?=';
$fromemail = $mainsettings['technicalemail'];
$subject = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $m12_language['email_subject']))).'?=';
$headers = "From: $fromname <$fromemail>" . EMAIL_CRLF;
$headers .= "Reply-To: \"$fromname\" <$fromemail>" . EMAIL_CRLF;
$headers .= "Content-type: text/plain; charset=utf-8" . EMAIL_CRLF;
$message = $user['username'] . "," . EMAIL_CRLF . EMAIL_CRLF . $m12_language['email_message'] . EMAIL_CRLF . EMAIL_CRLF . $newpass;
if( $mainsettings['email_use_smtp'] == "1" ) {
require_once $rootpath . "/includes/mail/class.phpmailer.php";
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->Host = $mainsettings['email_smtp_host'];
$mail->Port = $mainsettings['email_smtp_port'];
$mail->CharSet = "utf8";
$mail->Encoding = "base64";
if( $mainsettings['email_smtp_require_auth'] == "1" ) {
$mail->SMTPAuth = true;
$mail->Username = $mainsettings['email_smtp_user'];
$mail->Password = $mainsettings['email_smtp_pass'];
}
$mail->From = $fromemail;
$mail->FromName = $mainsettings['websitetitle'];
$mail->AddAddress($user['email']);
$mail->Subject = $m12_language['email_subject'];
$mail->Body = $message;
if(!$mail->Send())
{
echo $mail->ErrorInfo;
return;
}
}else{
@mail($user['email'], $subject, $message, $headers);
}
echo $m12_language['password_reset_success'];
}else{
$errors[] = $m12_language['invalid_link'];
m12_ForgotPasswordForm($errors);
}
}
else
{
$errors[] = $m12_language['invalid_link'];
m12_ForgotPasswordForm($errors);
}
}
// ########################## REGISTER USER ##########################
function m12_Validation($validationKey)
{
global $DB, $mainsettings, $m12_language;
// Regular expression to validate guid
$regex = "{########-####-####-####-############}";
$regex = str_replace('#', '[0-9,A-F]', $regex);
// check to see if validation key exists
if(preg_match($regex, $validationKey) && $user = $DB->query_first("SELECT * FROM " . TABLE_PREFIX . "users WHERE validationkey = '$validationKey'"))
{
if($user['activated'] == 0)
{
$DB->query("UPDATE " . TABLE_PREFIX . "users SET activated = 1 WHERE userid = " . $user['userid']);
echo $m12_language['validation_success'];
}
else
{
echo $m12_language['already_validated'];
}
}
else
{
echo $m12_language['validation_key_not_found'];
}
} // end validation process
// ########################## EMAIL VALIDATION ##########################
function m12_PrintForm($errors)
{
global $DB, $categoryid, $rootpath, $inputsize, $m12_language, $m12_settings, $sdlanguage;
$enablejavascript = $m12_settings['校驗方式'];
$maxusername = $m12_settings['用戶名長度'];
$maxpassword = $m12_settings['密碼長度'];
if($m12_settings['關閉註冊'] == 1){
echo '<br />' . $m12_language['registration_turnoff'] . '<br /><br />';
}else{
if($enablejavascript == 1)
{
include($rootpath . 'modules/m12_registration/javascript.php');
$javascript = 'onsubmit="return CheckData()"';
}
else
{
$javascript = '';
}
if($errors)
{
foreach($errors as $key => $value)
{
echo $value . '<br /><br />';
}
}
echo '<form name="form" method="post" action="' . RewriteLink('index.php?categoryid=' . $categoryid) . '" '.$javascript.'>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="120">' . $m12_language['user_name'] . '<font color=red> * </font></td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_username" type="text" maxlength="'.$maxusername.'" size="'.$inputsize.'" /></td>
</tr>
<tr>
<td width="120">' . $m12_language['password'] . '<font color=red> * </font></td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_password" type="password" maxlength="'.$maxpassword.'" size="'.$inputsize.'" /></td>
</tr>
<tr>
<td nowrap="nowrap">' . $m12_language['password_again'] . '<font color=red> * </font></td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_passwordconfirm" type="password" maxlength="'.$maxpassword.'" size="'.$inputsize.'" /></td>
</tr>
<tr>
<td width="120">' . $m12_language['email'] . '<font color=red> * </font></td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_email" type="text" maxlength="58" size="'.$inputsize.'" /></td>
</tr>
<tr>
<td nowrap="nowrap">' . $m12_language['email_again'] . '<font color=red> * </font></td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_emailconfirm" type="text" maxlength="58" size="'.$inputsize.'" /></td>
</tr>';
if($m12_settings['顯示姓名']){
echo '
<tr>
<td width="120">' . $m12_language['user_fullname'] . '</td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_userfullname" type="text" maxlength="58" size="'.$inputsize.'" /></td>
</tr>';
}
if($m12_settings['顯示單位']){
echo '
<tr>
<td width="120">' . $m12_language['user_company'] . '</td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_usercompany" type="text" maxlength="58" size="'.$inputsize.'" /></td>
</tr>';
}
if($m12_settings['顯示地址']){
echo '
<tr>
<td width="120">' . $m12_language['user_add'] . '</td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_useradd" type="text" maxlength="58" size="'.$inputsize.'" /></td>
</tr>';
}
if($m12_settings['顯示郵編']){
echo '
<tr>
<td width="120">' . $m12_language['user_postcode'] . '</td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_userpostcode" type="text" maxlength="58" size="'.$inputsize.'" /></td>
</tr>';
}
if($m12_settings['顯示電話']){
echo '
<tr>
<td width="120">' . $m12_language['user_tel'] . '</td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_usertel" type="text" maxlength="58" size="'.$inputsize.'" /></td>
</tr>';
}
if($m12_settings['顯示傳真']){
echo '
<tr>
<td width="120">' . $m12_language['user_fax'] . '</td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_userfax" type="text" maxlength="58" size="'.$inputsize.'" /></td>
</tr>';
}
if($m12_settings['顯示在線聯繫']){
echo '
<tr>
<td width="120">' . $m12_language['user_online'] . '</td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_useronline" type="text" maxlength="58" size="'.$inputsize.'" /></td>
</tr>';
}
if($m12_settings['顯示網址']){
echo '
<tr>
<td width="120">' . $m12_language['user_website'] . '</td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input name="m12_userwebsite" type="text" maxlength="58" size="'.$inputsize.'" /></td>
</tr>';
}
if($m12_settings['驗證碼'] == 1)
{
$vvcid = CreateVisualVerifyCode();
echo '<tr>
<td width="120"></td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input type="hidden" name="m12_vvcid" value="' . $vvcid . '"/>
<img src="includes/vvc.php?vvcid=' . $vvcid . '"/></td>
</tr>
<tr>
<td colspan="2">' . $sdlanguage['enter_verify_code'] . '</td>
</tr>
<tr>
<td width="120"></td>
<td style="padding-left: 10px; padding-bottom: 10px;"><input type="text" size="'.$inputsize.'" name="m12_verifycode"/></td>
</tr>';
}
echo '<tr>
<td colspan="2"><hr noshade="noshade" /></td>
</tr>
<tr>
<td width="120"></td>
<td style="padding-left: 10px; padding-bottom: 10px;">
<input type="submit" name="m12_register" value="' . strip_tags($m12_language['register']) . '" />
<input type="reset" value="' . strip_tags($m12_language['reset_form']) . '" />
</td>
</tr>
</table>
</form>';
}
}
// ########################## REGISTER USER ##########################
function m12_RegisterUser()
{
global $DB, $mainsettings, $categoryid, $m12_language, $m12_settings, $sdlanguage, $rootpath;
if($m12_settings['驗證碼'] == 1)
{
$vvcid = $_POST['m12_vvcid'];
$code = $_POST['m12_verifycode'];
if(!ValidVisualVerifyCode($vvcid, $code))
{
$errors[] = $sdlanguage['incorrect_vvc_code'];
}
}
// check the username
if(!eregi("^[[:alnum:]]+$", $_POST['m12_username']))
{
$errors[] = $m12_language['enter_alnum_username'];
}
// check to make sure the password is long enough and of the right format
if(!eregi("^[[:alnum:]]+$", $_POST['m12_password']))
{
$errors[] = $m12_language['enter_alnum_password'];
}
// check to make sure that the password matches the confirmed password.
if($_POST['m12_password'] != $_POST['m12_passwordconfirm'])
{
$errors[] = $m12_language['password_unmatched'];
}
// check to make sure they entered a valid email address
if(!ereg("^(([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$", $_POST['m12_email']))
{
$errors[] = $m12_language['unvalid_email'];
}
// check to make sure that the email matches the confirmed email.
if($_POST['m12_email'] != $_POST['m12_emailconfirm'])
{
$errors[] = $m12_language['email_unmatched'];
}
// check to see if username already exists
if($DB->query_first("SELECT username FROM " . TABLE_PREFIX . "users WHERE username = '$_POST[m12_username]'"))
{
$errors[] = $_POST['m12_username'] . ' ' . $m12_language['username_exists'];
}
// check to see if email already exists
if($DB->query_first("SELECT email FROM " . TABLE_PREFIX . "users WHERE email = '$_POST[m12_email]'"))
{
$errors[] = $_POST['m12_email'] . ' ' . $m12_language['email_exists'];
}
// check to see if the email address is banned
if(m12_EmailBanned($_POST['m12_email']))
{
$errors[] = $_POST['m12_email'] . ' ' . $m12_language['email_banned'];
}
// register if there are no errors
if(!$errors)
{
if($m12_settings['人工審核'] > 0){
$DB->query("INSERT INTO " . TABLE_PREFIX . "users (usergroupid, username, password, email, activated, joindate, userfullname, usercompany, useradd, userpostcode, usertel, userfax, useronline, userwebsite)
VALUES (3, '".$_POST['m12_username']."','".md5($_POST['m12_password'])."','".$_POST['m12_email']."',0,'".time()."', '".$_POST['m12_userfullname']."', '".$_POST['m12_usercompany']."', '".$_POST['m12_useradd']."', '".$_POST['m12_userpostcode']."', '".$_POST['m12_usertel']."', '".$_POST['m12_userfax']."', '".$_POST['m12_useronline']."', '".$_POST['m12_userwebsite']."')");
echo $m12_language['activation_required_manual'];
}else if($m12_settings['郵件驗證'] > 0)
{
$key = CreateGuid();
$validateurl = str_replace('&', '&', RewriteLink('index.php?categoryid=' . $categoryid . '&m12_val=' . $key));
$DB->query("INSERT INTO " . TABLE_PREFIX . "users (usergroupid, username, password, email, activated, validationkey, joindate, userfullname, usercompany, useradd, userpostcode, usertel, userfax, useronline, userwebsite)
VALUES (3, '".$_POST['m12_username']."','".md5($_POST['m12_password'])."','".$_POST['m12_email']."', 0, '$key','".time()."', '".$_POST['m12_userfullname']."', '".$_POST['m12_usercompany']."', '".$_POST['m12_useradd']."', '".$_POST['m12_userpostcode']."', '".$_POST['m12_usertel']."', '".$_POST['m12_userfax']."', '".$_POST['m12_useronline']."', '".$_POST['m12_userwebsite']."')");
// send email
$fromname = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $mainsettings['websitetitle']))).'?=';
$fromemail = $mainsettings['technicalemail'];
$subject = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $m12_language['email_subject_activation']))).'?=';
$headers = "From: $fromname <$fromemail>" . EMAIL_CRLF;
$headers .= "Reply-To: \"$fromname\" <$fromemail>" . EMAIL_CRLF;
$headers .= "Content-type: text/plain; charset=utf-8" . EMAIL_CRLF;
$message = $_POST['m12_username'] . "," . EMAIL_CRLF . EMAIL_CRLF . $m12_language['email_message_activation'] . EMAIL_CRLF . EMAIL_CRLF . $validateurl;
if( $mainsettings['email_use_smtp'] == "1" ) {
require_once $rootpath . "/includes/mail/class.phpmailer.php";
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->Host = $mainsettings['email_smtp_host'];
$mail->Port = $mainsettings['email_smtp_port'];
$mail->CharSet = "utf8";
$mail->Encoding = "base64";
if( $mainsettings['email_smtp_require_auth'] == "1" ) {
$mail->SMTPAuth = true;
$mail->Username = $mainsettings['email_smtp_user'];
$mail->Password = $mainsettings['email_smtp_pass'];
}
$mail->From = $fromemail;
$mail->FromName = $mainsettings['websitetitle'];
$mail->AddAddress($_POST['m12_email']);
$mail->Subject = $m12_language['email_subject_activation'];
$mail->Body = $message;
if(!$mail->Send())
{
echo $mail->ErrorInfo;
return;
}
}else{
@mail($_POST['m12_email'], $subject, $message, $headers);
}
echo $m12_language['activation_required'];
}
else
{
$DB->query("INSERT INTO " . TABLE_PREFIX . "users (usergroupid, username, password, email, activated, joindate, userfullname, usercompany, useradd, userpostcode, usertel, userfax, useronline, userwebsite)
VALUES (3, '".$_POST['m12_username']."','".md5($_POST['m12_password'])."','".$_POST['m12_email']."',1,'".time()."', '".$_POST['m12_userfullname']."', '".$_POST['m12_usercompany']."', '".$_POST['m12_useradd']."', '".$_POST['m12_userpostcode']."', '".$_POST['m12_usertel']."', '".$_POST['m12_userfax']."', '".$_POST['m12_useronline']."', '".$_POST['m12_userwebsite']."')");
// registration successfull
echo $m12_language['register_success'];
}
}
else
{
m12_PrintForm($errors);
}
} // end registration proccess
function m12_EmailBanned($newEmail)
{
global $DB, $m12_settings;
$newEmail = trim(strtolower($newEmail));
$addresses = explode(' ', preg_replace("/[[:space:]]+/", " ", trim($m12_settings['禁止Email地址'])) );
if(count($addresses) > 0)
{
foreach ( $addresses as $email )
{
$email = trim(strtolower(ereg_replace('\.', '\\.', $email)));
if(strstr($email, "@"))
{
if(ereg('^@', $email))
{ // Any user @host?
// Expand the match expression to catch hosts and
// sub-domains
$email = ereg_replace('^@', '[@\\.]', $email);
if(ereg("$email$", $newEmail))
return true;
}
}
elseif(ereg('@$', $email))
{ // User at any host?
if(ereg("^$email", $newEmail))
return true;
}
else
{ // User@host
if(strtolower($email) == $newEmail)
return true;
}
}
}
return false;
}
// ########################## CALL FUNCTIONS ##########################
$m12_language = GetLanguage(12);
// get settings
$getsettings = $DB->query("SELECT title, value FROM " . TABLE_PREFIX . "modulesettings WHERE moduleid = 12 ORDER BY displayorder");
while($settings = $DB->fetch_array($getsettings))
{
$m12_settings[$settings['title']] = $settings['value'];
}
$m12_usersystem = $DB->query_first("SELECT name FROM " . TABLE_PREFIX . "usersystems WHERE activated = '1'");
if($userinfo['loggedin'] != 1)
{
if($m12_usersystem['name'] == 'weenCompany')
{
if(isset($_GET['m12_val']))
{
m12_Validation($_GET['m12_val']);
}
else if(isset($_GET['m12_verification_code']))
{
m12_ResetPasswordFinished($_GET['m12_verification_code']);
}
else if(isset($_POST['m12_register']))
{
m12_RegisterUser();
}
else if(isset($_POST['m12_pwdreset']))
{
m12_ResetPassword();
}
else if(isset($_GET['m12_forgotpwd']))
{
m12_ForgotPasswordForm(NULL);
}
else
{
m12_PrintForm(NULL);
}
}
else
{
// $regpath already has been through RewriteLink in the integration file (or $weenurl added)
echo '<a href="' . ForumLink(1) . '">' . $m12_language['register_now'] . '</a>';
}
}
else
{
echo $m12_language['already_logged_in'] . ' ' . $userinfo['username'] . '<br />
<a href="' . RewriteLink('index.php?categoryid=' . $categoryid . '&logout=1') . '">' . $m12_language['logout'] . '</a>';
}
unset($m12_language, $m12_usersystem, $m12_settings);
?>