From 3e2278d692143a6ed518a78cdbb92344858a1d31 Mon Sep 17 00:00:00 2001 From: Botanic Date: Fri, 7 Jun 2013 04:05:28 -0700 Subject: [PATCH] updated template for registration and setting up add_user functions --HG-- branch : rc-botanic-webdev --- .../ryzom_ams/ams_lib/autoload/helpers.php | 2 +- .../ryzom_ams/ams_lib/autoload/users.php | 404 ++++++++++-------- .../ams_lib/ingame_templates/register.tpl | 38 +- .../ryzom_ams/ams_lib/translations/en.ini | 16 +- .../tools/server/ryzom_ams/www/config.php | 8 +- .../ryzom_ams/www/html/inc/add_user.php | 6 +- .../tools/server/ryzom_ams/www/html/index.php | 26 +- 7 files changed, 280 insertions(+), 220 deletions(-) diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/helpers.php b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/helpers.php index 195b3e02c..4cf79e7b5 100644 --- a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/helpers.php +++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/helpers.php @@ -10,7 +10,7 @@ class Helpers{ $smarty = new Smarty; // turn smarty debugging on/off - $smarty -> debugging = false; + $smarty -> debugging = true; // caching must be disabled for multi-language support $smarty -> caching = false; $smarty -> cache_lifetime = 120; diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/users.php b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/users.php index 4a7b31891..d765fec82 100644 --- a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/users.php +++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/users.php @@ -1,180 +1,232 @@ 12) { - return "Username must be no more than 12 characters."; - } elseif (strlen($username) < 5) { - return "Username must be 5 or more characters."; - } elseif (!preg_match('/^[a-z0-9\.]*$/', $username)) { - return "Username can only contain numbers and letters."; - } elseif (sql::db_query("SELECT COUNT(*) FROM {users} WHERE name = :name", array( - ':name' => $username - ))->fetchField()) { - return "Username " . $username . " is in use."; - } else { - return "success"; - } - } else { - return "success"; - } - return "fail"; -} -/** - * - * Function checkPassword - * - * @takes $pass - * @return string - * - * Info: Returns a string based on if the password is valid, if valid then "success" is returned - * - */ -public function checkPassword($pass) -{ - if (isset($pass)) { - if (strlen($pass) > 20) { - return "Password must be no more than 20 characters."; - } elseif (strlen($pass) < 5) { - return "Password must be more than 5 characters."; - } else { - return "success"; - } - } - return "fail"; -} -/** - * - * Function confirmPassword - * - * @takes $pass - * @return string - * - * Info: Verify's $_POST["Password"] is the same as $_POST["ConfirmPass"] - * - */ -public function confirmPassword() -{ - if (($_POST["Password"]) != ($_POST["ConfirmPass"])) { - return "Passwords do not match."; - } else { - return "success"; - } - return "fail"; -} -/** - * - * Function checkEmail - * - * @takes $email - * @return - * - * - * - */ -public function checkEmail($email) -{ - if (isset($email)) { - if (!validEmail($email)) { - return "Email address is not valid."; - } elseif (db_query("SELECT COUNT(*) FROM {users} WHERE mail = :mail", array( - ':mail' => $email - ))->fetchField()) { - return "Email is in use."; - } else { - return "success"; - } - } else { - return "success"; - } - return "fail"; -} -public function validEmail($email) -{ - $isValid = true; - $atIndex = strrpos($email, "@"); - if (is_bool($atIndex) && !$atIndex) { - $isValid = false; - } else { - $domain = substr($email, $atIndex + 1); - $local = substr($email, 0, $atIndex); - $localLen = strlen($local); - $domainLen = strlen($domain); - if ($localLen < 1 || $localLen > 64) { - // local part length exceeded - $isValid = false; - } else if ($domainLen < 1 || $domainLen > 255) { - // domain part length exceeded - $isValid = false; - } else if ($local[0] == '.' || $local[$localLen - 1] == '.') { - // local part starts or ends with '.' - $isValid = false; - } else if (preg_match('/\\.\\./', $local)) { - // local part has two consecutive dots - $isValid = false; - } else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) { - // character not valid in domain part - $isValid = false; - } else if (preg_match('/\\.\\./', $domain)) { - // domain part has two consecutive dots - $isValid = false; - } else if (!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace("\\\\", "", $local))) { - // character not valid in local part unless - // local part is quoted - if (!preg_match('/^"(\\\\"|[^"])+"$/', str_replace("\\\\", "", $local))) { - $isValid = false; + function add_user(){ + // check if values exist + if ( isset( $_POST["Username"] ) and isset( $_POST["Password"] ) and isset( $_POST["Email"] ) ) + { + // check values + $user = Users :: checkUser( $_POST["Username"] ); + $pass = Users :: checkPassword( $_POST["Password"] ); + $cpass = Users :: confirmPassword(); + $email = Users :: checkEmail( $_POST["Email"] ); + }else{ + $user = ""; + $pass = ""; + $cpass = ""; + $email = ""; + } + // if all are good then create user + if ( ( $user == "success" ) and ( $pass == "success" ) and ( $cpass == "success" ) and ( $email == "success" ) and ( isset( $_POST["TaC"] ) ) ){ + $edit = array( + 'name' => $_POST["Username"], + 'pass' => $_POST["Password"], + 'mail' => $_POST["Email"], + 'init' => $_POST["Email"], + 'unhashpass' => $_POST["Password"], + 'status' => 1, + 'access' => REQUEST_TIME + ); + user_save( NULL, $edit ); + header( 'Location: email_sent.php' ); + exit; + }else{ + $pageElements = array( + 'GAME_NAME' => variable_get( 'ryzommanage_game-name', '' ), + 'WELCOME_MESSAGE' => variable_get( 'ryzommanage_register-welcome', '' ), + 'USERNAME' => $user, + 'PASSWORD' => $pass, + 'CPASSWORD' => $cpass, + 'EMAIL' => $email + ); + if ( $user != "success" ){ + $pageElements['USERNAME_ERROR'] = 'TRUE'; + }else{ + $pageElements['USERNAME_ERROR'] = 'FALSE'; + } + + if ( $pass != "success" ){ + $pageElements['PASSWORD_ERROR'] = 'TRUE'; + }else{ + $pageElements['PASSWORD_ERROR'] = 'FALSE'; + } + if ( $cpass != "success" ){ + $pageElements['CPASSWORD_ERROR'] = 'TRUE'; + }else{ + $pageElements['CPASSWORD_ERROR'] = 'FALSE'; + } + if ( $email != "success" ){ + $pageElements['EMAIL_ERROR'] = 'TRUE'; + }else{ + $pageElements['EMAIL_ERROR'] = 'FALSE'; + } + if ( isset( $_POST["TaC"] ) ){ + $pageElements['TAC_ERROR'] = 'FALSE'; + }else{ + $pageElements['TAC_ERROR'] = 'TRUE'; + } + return $pageElements; + } + + /** + * Function checkUser + * + * @takes $username + * @return string Info: Returns a string based on if the username is valid, if valid then "success" is returned + */ + public function checkUser( $username ) + { + if ( isset( $username ) ){ + if ( strlen( $username ) > 12 ){ + return "Username must be no more than 12 characters."; + }elseif ( strlen( $username ) < 5 ){ + return "Username must be 5 or more characters."; + }elseif ( !preg_match( '/^[a-z0-9\.]*$/', $username ) ){ + return "Username can only contain numbers and letters."; + }elseif ( sql :: db_query( "SELECT COUNT(*) FROM {users} WHERE name = :name", array( + ':name' => $username + ) ) -> fetchField() ){ + return "Username " . $username . " is in use."; + }else{ + return "success"; + } + }else{ + return "success"; + } + return "fail"; + } + /** + * Function checkPassword + * + * @takes $pass + * @return string Info: Returns a string based on if the password is valid, if valid then "success" is returned + */ + public function checkPassword( $pass ) + { + if ( isset( $pass ) ){ + if ( strlen( $pass ) > 20 ){ + return "Password must be no more than 20 characters."; + }elseif ( strlen( $pass ) < 5 ){ + return "Password must be more than 5 characters."; + }else{ + return "success"; + } + } + return "fail"; + } + /** + * Function confirmPassword + * + * @takes $pass + * @return string Info: Verify's $_POST["Password"] is the same as $_POST["ConfirmPass"] + */ + public function confirmPassword() + { + if ( ( $_POST["Password"] ) != ( $_POST["ConfirmPass"] ) ){ + return "Passwords do not match."; + }else{ + return "success"; + } + return "fail"; + } + /** + * Function checkEmail + * + * @takes $email + * @return + */ + public function checkEmail( $email ) + { + if ( isset( $email ) ){ + if ( !validEmail( $email ) ){ + return "Email address is not valid."; + }elseif ( db_query( "SELECT COUNT(*) FROM {users} WHERE mail = :mail", array( + ':mail' => $email + ) ) -> fetchField() ){ + return "Email is in use."; + }else{ + return "success"; + } + }else{ + return "success"; + } + return "fail"; + } + public function validEmail( $email ) + { + $isValid = true; + $atIndex = strrpos( $email, "@" ); + if ( is_bool( $atIndex ) && !$atIndex ){ + $isValid = false; + }else{ + $domain = substr( $email, $atIndex + 1 ); + $local = substr( $email, 0, $atIndex ); + $localLen = strlen( $local ); + $domainLen = strlen( $domain ); + if ( $localLen < 1 || $localLen > 64 ){ + // local part length exceeded + $isValid = false; + }else if ( $domainLen < 1 || $domainLen > 255 ){ + // domain part length exceeded + $isValid = false; + }else if ( $local[0] == '.' || $local[$localLen - 1] == '.' ){ + // local part starts or ends with '.' + $isValid = false; + }else if ( preg_match( '/\\.\\./', $local ) ){ + // local part has two consecutive dots + $isValid = false; + }else if ( !preg_match( '/^[A-Za-z0-9\\-\\.]+$/', $domain ) ){ + // character not valid in domain part + $isValid = false; + }else if ( preg_match( '/\\.\\./', $domain ) ){ + // domain part has two consecutive dots + $isValid = false; + }else if ( !preg_match( '/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace( "\\\\", "", $local ) ) ){ + // character not valid in local part unless + // local part is quoted + if ( !preg_match( '/^"(\\\\"|[^"])+"$/', str_replace( "\\\\", "", $local ) ) ){ + $isValid = false; + } + } + if ( $isValid && !( checkdnsrr( $domain, "MX" ) || checkdnsrr( $domain, "A" ) ) ){ + // domain not found in DNS + $isValid = false; + } + } + return $isValid; + } + public function generateSALT( $length = 2 ) + { + // start with a blank salt + $salt = ""; + // define possible characters - any character in this string can be + // picked for use in the salt, so if you want to put vowels back in + // or add special characters such as exclamation marks, this is where + // you should do it + $possible = "2346789bcdfghjkmnpqrtvwxyzBCDFGHJKLMNPQRTVWXYZ"; + // we refer to the length of $possible a few times, so let's grab it now + $maxlength = strlen( $possible ); + // check for length overflow and truncate if necessary + if ( $length > $maxlength ){ + $length = $maxlength; + } + // set up a counter for how many characters are in the salt so far + $i = 0; + // add random characters to $salt until $length is reached + while ( $i < $length ){ + // pick a random character from the possible ones + $char = substr( $possible, mt_rand( 0, $maxlength - 1 ), 1 ); + // have we already used this character in $salt? + if ( !strstr( $salt, $char ) ){ + // no, so it's OK to add it onto the end of whatever we've already got... + $salt .= $char; + // ... and increase the counter by one + $i++; + } + } + // done! + return $salt; } } - if ($isValid && !(checkdnsrr($domain, "MX") || checkdnsrr($domain, "A"))) { - // domain not found in DNS - $isValid = false; - } - } - return $isValid; -} -public function generateSALT($length = 2) -{ - // start with a blank salt - $salt = ""; - // define possible characters - any character in this string can be - // picked for use in the salt, so if you want to put vowels back in - // or add special characters such as exclamation marks, this is where - // you should do it - $possible = "2346789bcdfghjkmnpqrtvwxyzBCDFGHJKLMNPQRTVWXYZ"; - // we refer to the length of $possible a few times, so let's grab it now - $maxlength = strlen($possible); - // check for length overflow and truncate if necessary - if ($length > $maxlength) { - $length = $maxlength; - } - // set up a counter for how many characters are in the salt so far - $i = 0; - // add random characters to $salt until $length is reached - while ($i < $length) { - // pick a random character from the possible ones - $char = substr($possible, mt_rand(0, $maxlength - 1), 1); - // have we already used this character in $salt? - if (!strstr($salt, $char)) { - // no, so it's OK to add it onto the end of whatever we've already got... - $salt .= $char; - // ... and increase the counter by one - $i++; - } - } - // done! - return $salt; -} -} - + + \ No newline at end of file diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/ingame_templates/register.tpl b/code/ryzom/tools/server/ryzom_ams/ams_lib/ingame_templates/register.tpl index fd3597f4d..17100d13d 100644 --- a/code/ryzom/tools/server/ryzom_ams/ams_lib/ingame_templates/register.tpl +++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/ingame_templates/register.tpl @@ -27,7 +27,7 @@ - id="caption-Password">Desired Password: + {$password_tag} + onfocus="javascript:showTooltip('{$password_message}', this);" /> - width="42%"> + {if isset($PASSWORD_ERROR) && $PASSWORD_ERROR eq "TRUE"}{$Password}{/if} - id="caption-ConfirmPass">Confirm Password: + {$cpassword_tag} + onfocus="javascript:showTooltip('{$cpassword_message}', this);" /> - width="42%"> + {if isset($CPASSWORD_ERROR) && $CPASSWORD_ERROR eq "TRUE"}{$ConfirmPass}{/if} - id="caption-Email">Email Address (to which a confirmation email will be sent): + {$email_tag} account.', this);" /> + "javascript:showTooltip('{$email_message}', this);" /> - width="42%"> + {if isset($EMAIL_ERROR) && $EMAIL_ERROR eq "TRUE"}{$Email}{/if} + "33%" {if isset($TAC_ERROR) && $TAC_ERROR eq "TRUE"}class="error"{/if} colspan="2">YES, I agree to the terms of - serviceYou must accept the Terms of Service';} - else { - echo '';}; ?> + "caption-TaC">{$tac_tag} + {$tac_message} + @@ -98,22 +96,20 @@ inset="">
- 5-12 lower-case characters and numbers. The login (username) you create here will be - your login name. The name of your game characters will be chosen later on. + {$username_tooltip}
- 5-20 characters. + {$password_message}
- Retype your Password + {$cpassword_message}
- Please verify that the e-mail address you enter here is valid and will remain valid - in the future. It will be used to manage your account. + {$email_message}
\ No newline at end of file diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/translations/en.ini b/code/ryzom/tools/server/ryzom_ams/ams_lib/translations/en.ini index 1b43e7ffc..abaa26747 100644 --- a/code/ryzom/tools/server/ryzom_ams/ams_lib/translations/en.ini +++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/translations/en.ini @@ -4,5 +4,19 @@ [register] title = "RYZOM CORE INGAME REGISTRATION" welcome_message = "Welcome! Please fill in the following fields to get your new Ryzom Core account:" + username_tag = "Desired Username:" -username_tooltip = "5-12 lower-case characters and numbers. The login (username) you create here will be your login name. The name of your game characters will be chosen later on." \ No newline at end of file +username_tooltip = "5-12 lower-case characters and numbers. The login (username) you create here will be your login name. The name of your game characters will be chosen later on." + +password_tag = "Desired Password:" +password_message = "Password must be 5-20 characters." + +cpassword_tag = "Confirm Password:" +cpassword_message = "Retype your Password" + +email_tag = "Email Address (to which a confirmation email will be sent):" +email_message = "Please verify that the e-mail address you enter here is valid and will remain valid in the future. It will only be used to manage your Ryzom Core account." + +tac_tag = "YES, I agree to the terms of service." +tac_message = "You must accept the Terms of Service." + diff --git a/code/ryzom/tools/server/ryzom_ams/www/config.php b/code/ryzom/tools/server/ryzom_ams/www/config.php index ce924369f..fe6f74b1d 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/config.php +++ b/code/ryzom/tools/server/ryzom_ams/www/config.php @@ -17,9 +17,7 @@ $DBHOST = 'localhost' ; $NTDBName = 'nel_tool' ; $NTUserName = 'shard' ; $NTPassword = '' ; - - $SITETITLE = 'Ryzom Core AMS' ; - + $LOGRELATIVEPATH = 'logs/' ; // If true= the server will add automatically unknown user in the database @@ -82,6 +80,4 @@ $NELDB_CONFIG_TABLE = $NELDB_PREFIX . 'config'; $LOCK_TIMEOUT = 1800 ; $BG_IMG = 'imgs/bg_live.png' ; - $DEFAULT_LANGUAGE = 'en'; - -$TEMPLATE_DIR = ""; \ No newline at end of file + $DEFAULT_LANGUAGE = 'en'; \ No newline at end of file diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/inc/add_user.php b/code/ryzom/tools/server/ryzom_ams/www/html/inc/add_user.php index 9b3441006..1675b285b 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/inc/add_user.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/inc/add_user.php @@ -1,6 +1,10 @@