Mercurial > xmpp-web-registration / file diff

diff: index.php

index.php

changeset 0
472198dc918e
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/index.php	Thu May 13 09:31:01 2010 -0500
@@ -0,0 +1,206 @@
+<?php
+
+require_once('recaptchalib.php');
+require_once('config.php');
+
+if(!array_key_exists('backend', $config))
+	die("Please specify a backend in config.php!");
+
+if($config['debug'])
+	include('backend_'.$config['backend'].'.php');
+else
+	@include('backend_'.$config['backend'].'.php');
+
+if(class_exists("RegistrationBackend"))
+{
+	$registration_backend = new RegistrationBackend();
+}
+else
+{
+	echo('Failed to initialize backend "'.$config['backend'].'": ');
+	
+	if(!$config['debug'])
+		echo('enable debug in the config for more info.');
+	else
+		include('backend_'.$config['backend'].'.php');
+	die();
+}
+
+header( 'Content-type: text/html; charset=utf-8' );
+
+?>
+<html>
+<head>
+	<link rel='stylesheet' href='themes/<?php echo $config['theme']; ?>/style.css' />
+</head>
+<body>
+
+<?php @include('themes/'.$config['theme'].'/header.php'); ?>
+
+<div id="box">
+
+<?php
+if (!$_POST["submit"])
+{
+?>
+
+<h2>Register a <?php echo ucfirst($config['host']); ?> account</h2>
+<p>Use the form below to create an account.</p>
+<form method="post">
+	<table>
+	<tr><td class="label">Username:</td><td><input type="text" class="edit username" name="username" size="10" />@<?php echo $config['host']; ?></td></tr>
+	<tr><td class="label">Password:</td><td><input type="password" class="edit" name="password" size="15"/></td></tr>
+	<tr><td class="label">Re-type password:</td><td><input type="password" class="edit" name="password2" size="15"/></td></tr>
+	<tr><td colspan="2" style="text-align:center; margin-left:auto; margin-right:auto;" align="center">
+		<center>
+			<div id="captcha">
+				<?php echo recaptcha_get_html($config['recaptchaPublicKey'], null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'); ?>
+			</div>
+		</center>
+	</td></tr>
+	<tr><td colspan="2" style="text-align:center;">
+		<input type="submit" name="submit" value="Register" />
+	</td></tr>
+</form>
+
+<?php
+}
+else
+{
+	// Process submission
+	$resp = recaptcha_check_answer ($config['recaptchaPrivateKey'],
+                                $_SERVER["REMOTE_ADDR"],
+                                $_POST["recaptcha_challenge_field"],
+                                $_POST["recaptcha_response_field"]);
+	if ($resp->is_valid)
+	{
+		$registration_backend->init($config);
+		$user = $_POST['username'];
+		$pass = $_POST['password'];
+		$pass2 = $_POST['password2'];
+
+		$ok = true;
+		
+		if (!$user)
+		{
+			echo '<p>Sorry, you didn\'t tell us which username you want! Please <a href="./">go back</a> and try again.</p>';
+			$ok = false;
+		}
+			
+		if($pass !== $pass2)
+		{
+			echo '<p>The two passwords you typed are not the same, please <a href="./">go back</a> and try more carefully! :-)</p>';
+			$ok = false;
+		}
+
+		if($ok)
+		{
+			if(!mb_check_encoding($user, 'UTF-8') || !mb_check_encoding($pass, 'UTF-8'))
+			{
+				echo '<p>Sorry, your browser sent an invalid form entry. Try removing special characters from your username/password.</p>';
+				echo '<p>Alternatively please try a different browser and re-submit <a href="./">the form</a>.</p>';
+				$ok = false;
+			}
+			else
+			{
+				$user = mb_strtolower($user, 'UTF-8');
+			}
+		}
+		
+		// Check that username is valid for a JID
+		if ($ok && strlen($user) > 255)
+		{
+			echo '<p>Sorry, the username you entered is waaaaay too long. <a href="./">Please try</a> something shorter!</p>';
+			$ok = false;
+		}
+		
+		if ($ok)
+		{
+			if (strcspn($user, "\"&'/:<>@".chr(127)) !== strlen($user))
+			{
+				echo '<p>Sorry, that username contains invalid characters (such as &, <, >, / etc.). Please remove them and <a href="./">try again</a>.</p>';
+				echo strcspn($user, "\"&'/:<>@".chr(127))." vs ".strlen($user);
+				$ok = false;
+			}
+			else if (strpos($user, chr(255).chr(254)) || strpos($user, chr(255.255)))
+			{
+				echo '<p>Sorry, that username contains invalid characters. Please remove them and <a href="./">try again</a>.</p>';
+				$ok = false;				
+			}
+			else
+			{
+				$charfreq = array_keys(count_chars($user, 1));
+				if (min($charfreq) <= 32)
+				{
+					echo '<p>Sorry, that username contains invalid characters. For example you cannot use spaces in a username. Please <a href="./">go back</a>, remove them, and try again.</p>';
+					$ok = false;
+				}
+			}
+			
+		}
+
+		if ($ok && (strlen($pass) < 6))
+		{
+			echo '<p>Your password isn\'t long enough. It needs to be at least 6 characters long, to make sure that it can\'t be easily guessed. <a href="./">Go back</a> and try again.</p>';
+			$ok = false;
+		}
+
+		if ($ok)
+		{
+			$backend_message = $registration_backend->validate($user, $pass);
+			if($backend_message)
+			{
+				echo "<p>".htmlentities($backend_message)." Please <a href='./'>go back</a> and try again.</p>";
+				$ok = false;
+			}
+		}
+
+		// Check that username does not already exist
+		if ($ok)
+		{
+			if($registration_backend->exists($user))
+			{
+				echo '<p>A user with that name already exists, please <a href="./">go back</a> and choose a different username.</p>';
+				$ok = false;
+			}				
+		}
+		
+		if ($ok)
+		{
+			$result = $registration_backend->create($user, $pass);
+			if ($result)
+			{
+				echo '<p>You successfully registered the Jabber ID<br/><b>'.$_POST["username"].'@'.$config['host'].'</b></p>';
+				echo "<div style='text-align:left;'>";
+				echo "<p>If you haven't already, now is a good time to ";
+				echo "<a href='http://www.jabber.org/index.php/download-a-client/'>download a client</a> which you can ";
+				echo 'use to log into your new account.</p>';
+				echo '<p>Wondering what you can do with your new <a href="'.$config['website'].'">'.$config['host'].'</a> account? ';
+				echo 'Here are some services at which you can use your Jabber ID:</p>';
+				echo '<ul>';
+				echo '<li><a href="http://identi.ca/">identi.ca</a> - Open microblogging service</li>';
+				echo '<li><a href="http://speeqe.com/">Speeqe</a> - Web-based Jabber chatrooms</li>';
+				echo '</ul>';
+				echo '<p><b>Did you know?</b> <a href="http://www.google.com/talk/">Google Talk</a> is one of the many other ';
+				echo '<a href="http://xmpp.org/services/">Jabber-compatible services</a>, which ';
+				echo 'means you can add your Gmail and Google Apps friends directly to your '.ucfirst($config['host']).' contact list!</p>';
+				echo '</div>';
+			}
+			else
+				echo '<p>There was a problem creating your account. If the problem persists, please <a href="http://speeqe.com/room/jabber@conference.jabber.org/">contact us</a>.</p>';
+		}
+		$registration_backend->close();
+	}
+	else
+	{
+		echo '<p>Sorry, the CAPTCHA text you entered was incorrect, please <a href="./">go back</a> and try again.</p>';
+		if($config['debug'])
+			echo '('.$resp->error.')';
+	}                          
+}
+?>
+
+</div>
+<?php @include('themes/'.$config['theme'].'/footer.php'); ?>
+</body>
+</html>

Mercurial Repository: xmpp-web-registration

mercurial