Mercurial > xmpp-web-registration / file revision

index.php@472198dc918e

index.php

Thu, 13 May 2010 09:31:01 -0500

author
Matthew Wild <mwild1@gmail.com>
date
Thu, 13 May 2010 09:31:01 -0500
changeset 0
472198dc918e
permissions
-rwxr-xr-x

Initial commit

<?php

require_once('recaptchalib.php');
require_once('config.php');

if(!array_key_exists('backend', $config))
	die("Please specify a backend in config.php!");

if($config['debug'])
	include('backend_'.$config['backend'].'.php');
else
	@include('backend_'.$config['backend'].'.php');

if(class_exists("RegistrationBackend"))
{
	$registration_backend = new RegistrationBackend();
}
else
{
	echo('Failed to initialize backend "'.$config['backend'].'": ');
	
	if(!$config['debug'])
		echo('enable debug in the config for more info.');
	else
		include('backend_'.$config['backend'].'.php');
	die();
}

header( 'Content-type: text/html; charset=utf-8' );

?>
<html>
<head>
	<link rel='stylesheet' href='themes/<?php echo $config['theme']; ?>/style.css' />
</head>
<body>

<?php @include('themes/'.$config['theme'].'/header.php'); ?>

<div id="box">

<?php
if (!$_POST["submit"])
{
?>

<h2>Register a <?php echo ucfirst($config['host']); ?> account</h2>
<p>Use the form below to create an account.</p>
<form method="post">
	<table>
	<tr><td class="label">Username:</td><td><input type="text" class="edit username" name="username" size="10" />@<?php echo $config['host']; ?></td></tr>
	<tr><td class="label">Password:</td><td><input type="password" class="edit" name="password" size="15"/></td></tr>
	<tr><td class="label">Re-type password:</td><td><input type="password" class="edit" name="password2" size="15"/></td></tr>
	<tr><td colspan="2" style="text-align:center; margin-left:auto; margin-right:auto;" align="center">
		<center>
			<div id="captcha">
				<?php echo recaptcha_get_html($config['recaptchaPublicKey'], null, !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'); ?>
			</div>
		</center>
	</td></tr>
	<tr><td colspan="2" style="text-align:center;">
		<input type="submit" name="submit" value="Register" />
	</td></tr>
</form>

<?php
}
else
{
	// Process submission
	$resp = recaptcha_check_answer ($config['recaptchaPrivateKey'],
                                $_SERVER["REMOTE_ADDR"],
                                $_POST["recaptcha_challenge_field"],
                                $_POST["recaptcha_response_field"]);
	if ($resp->is_valid)
	{
		$registration_backend->init($config);
		$user = $_POST['username'];
		$pass = $_POST['password'];
		$pass2 = $_POST['password2'];

		$ok = true;
		
		if (!$user)
		{
			echo '<p>Sorry, you didn\'t tell us which username you want! Please <a href="./">go back</a> and try again.</p>';
			$ok = false;
		}
			
		if($pass !== $pass2)
		{
			echo '<p>The two passwords you typed are not the same, please <a href="./">go back</a> and try more carefully! :-)</p>';
			$ok = false;
		}

		if($ok)
		{
			if(!mb_check_encoding($user, 'UTF-8') || !mb_check_encoding($pass, 'UTF-8'))
			{
				echo '<p>Sorry, your browser sent an invalid form entry. Try removing special characters from your username/password.</p>';
				echo '<p>Alternatively please try a different browser and re-submit <a href="./">the form</a>.</p>';
				$ok = false;
			}
			else
			{
				$user = mb_strtolower($user, 'UTF-8');
			}
		}
		
		// Check that username is valid for a JID
		if ($ok && strlen($user) > 255)
		{
			echo '<p>Sorry, the username you entered is waaaaay too long. <a href="./">Please try</a> something shorter!</p>';
			$ok = false;
		}
		
		if ($ok)
		{
			if (strcspn($user, "\"&'/:<>@".chr(127)) !== strlen($user))
			{
				echo '<p>Sorry, that username contains invalid characters (such as &, <, >, / etc.). Please remove them and <a href="./">try again</a>.</p>';
				echo strcspn($user, "\"&'/:<>@".chr(127))." vs ".strlen($user);
				$ok = false;
			}
			else if (strpos($user, chr(255).chr(254)) || strpos($user, chr(255.255)))
			{
				echo '<p>Sorry, that username contains invalid characters. Please remove them and <a href="./">try again</a>.</p>';
				$ok = false;				
			}
			else
			{
				$charfreq = array_keys(count_chars($user, 1));
				if (min($charfreq) <= 32)
				{
					echo '<p>Sorry, that username contains invalid characters. For example you cannot use spaces in a username. Please <a href="./">go back</a>, remove them, and try again.</p>';
					$ok = false;
				}
			}
			
		}

		if ($ok && (strlen($pass) < 6))
		{
			echo '<p>Your password isn\'t long enough. It needs to be at least 6 characters long, to make sure that it can\'t be easily guessed. <a href="./">Go back</a> and try again.</p>';
			$ok = false;
		}

		if ($ok)
		{
			$backend_message = $registration_backend->validate($user, $pass);
			if($backend_message)
			{
				echo "<p>".htmlentities($backend_message)." Please <a href='./'>go back</a> and try again.</p>";
				$ok = false;
			}
		}

		// Check that username does not already exist
		if ($ok)
		{
			if($registration_backend->exists($user))
			{
				echo '<p>A user with that name already exists, please <a href="./">go back</a> and choose a different username.</p>';
				$ok = false;
			}				
		}
		
		if ($ok)
		{
			$result = $registration_backend->create($user, $pass);
			if ($result)
			{
				echo '<p>You successfully registered the Jabber ID<br/><b>'.$_POST["username"].'@'.$config['host'].'</b></p>';
				echo "<div style='text-align:left;'>";
				echo "<p>If you haven't already, now is a good time to ";
				echo "<a href='http://www.jabber.org/index.php/download-a-client/'>download a client</a> which you can ";
				echo 'use to log into your new account.</p>';
				echo '<p>Wondering what you can do with your new <a href="'.$config['website'].'">'.$config['host'].'</a> account? ';
				echo 'Here are some services at which you can use your Jabber ID:</p>';
				echo '<ul>';
				echo '<li><a href="http://identi.ca/">identi.ca</a> - Open microblogging service</li>';
				echo '<li><a href="http://speeqe.com/">Speeqe</a> - Web-based Jabber chatrooms</li>';
				echo '</ul>';
				echo '<p><b>Did you know?</b> <a href="http://www.google.com/talk/">Google Talk</a> is one of the many other ';
				echo '<a href="http://xmpp.org/services/">Jabber-compatible services</a>, which ';
				echo 'means you can add your Gmail and Google Apps friends directly to your '.ucfirst($config['host']).' contact list!</p>';
				echo '</div>';
			}
			else
				echo '<p>There was a problem creating your account. If the problem persists, please <a href="http://speeqe.com/room/jabber@conference.jabber.org/">contact us</a>.</p>';
		}
		$registration_backend->close();
	}
	else
	{
		echo '<p>Sorry, the CAPTCHA text you entered was incorrect, please <a href="./">go back</a> and try again.</p>';
		if($config['debug'])
			echo '('.$resp->error.')';
	}                          
}
?>

</div>
<?php @include('themes/'.$config['theme'].'/footer.php'); ?>
</body>
</html>

Mercurial Repository: xmpp-web-registration

mercurial