sreg/sreg.php


Home Back
<?php

include ('captcha/base.php');
require ('conf.php');



$rand_captcha = array_rand($captcha, 1);


function sbonFullName($input)
{
    $allowed = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz 1234567890';
    $ret=true;
 
     for($i=0; $i<strlen($input); $i++) 
     {
 
        if (strpos($allowed, $input[$i]) === false) 
        {
            $ret=false;
        }
 
 
     }
    return $ret;    
 
}

function sbonPassword($input)
{
    $allowed = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890@#<>!?*$%&£';
    $ret=true;
 
     for($i=0; $i<strlen($input); $i++) 
     {
 
        if (strpos($allowed, $input[$i]) === false) 
        {
            $ret=false;
        }
 
 
     }
    return $ret;    
 
}




class reg 
{
    
    //--Edit to fit your needs
    
     
    //---Location credentials in db
    var $DBTABLE   = 'users';                    // name table containing users
    var $FIELDUSER = 'username';                    // name field containing the username
    var $FIELDPASS = 'password';                    // name field containing the password (cripted with md5sum)
    var $FIELDID   = 'id';                        // name field containing the id
    
    
    var $sendMail=true;
    var $registered_OK = '<h2>Successfully registered</h2><p>check your email to complete the procedure.</p>';
    var $activate_OK = '<h2>Successfully activate</h2><p>your account is now active.</p>';
    
    var $registered_ERROR = '<h2>Error</h2><p>account creation procedure failed</p>';
    var $activate_ERROR = '<h2>Error</h2><p>account activation procedure failed.</p>';
    
    var $userExists_ERROR='<h2>Error</h2><p>choose another username please</p>';
    
    var $name_ERROR='<h2>Error</h2><p>error in your name</p>';
    var $user_ERROR='<h2>Error</h2><p>error in your email</p>';
    var $pass_ERROR='<h2>Error</h2><p>error in your password</p>';
    var $captcha_ERROR='<h2>Error</h2><p>error in your captcha</p>';
    
    var $emailSubject="Completa la tua registrazione";
    var $emailBody="Clicca sul link sottostante per completare la registrazione.";
    var $urlActivation='https://fml.ns0.it/index.php?regcode=';
    
    
    
    // DO NOT EDIT
    protected  $checkFields_ERROR='';
    protected $DSN ;    
    protected $DBUSER;
    protected $DBPASS ;
    protected $emailFrom; 
    
    public function __construct()
    {
        global $DSN ;    
        global    $DBUSER;
        global $DBPASS ;
        global $emailFrom;
        
        $this->DSN=$DSN;
        $this->DBUSER=$DBUSER;
        $this->DBPASS=$DBPASS;
        $this->emailFrom=$emailFrom;
    }
    
    public function do($h='',$b='',$f='')
    {
        $this->header($h);
        $this->body($b);
        $this->footer($f);
    }
    
    public function header($m='')
    {
        
        if ($m=='')
        {
            echo "<!DOCTYPE html>
            <html>
            <head>
                <title>Register</title>
            </head>
            <body>
            ";
        }else{
            echo $m;
        }
        
    }
    public function footer($m='')
    {
        if ($m=='')
        {
            echo "</body><html>";
        }else{
            echo $m;
        }    
    }
    
    public function body($m='')
    {
        
        if (isset($_GET["regcode"]))
        {
            if (!ctype_alnum($_GET["regcode"]))
            { 
                echo "<p>Invalid registration code!</p>";
                return ;
            }
            $REGCODE=$_GET["regcode"];
            $table=$this->DBTABLE;
            
            $sql =  " UPDATE $table set    enable = 1    where regcode = :regcode ; " ;                                             
                
            $db = new PDO($this->DSN, $this->DBUSER, $this->DBPASS);
            $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
            $stmt = $db->prepare($sql);
            $stmt->bindParam(":regcode",$REGCODE);
         
            if (!$stmt->execute())
            { 
                echo $this->activate_ERROR;
            }else{
                echo $this->activate_OK;    
            }
            return ;
        }
        
        
        
        
        
        if (isset($_POST["btnRegister"]))
        {
            if ($this->userExists($_POST["user"])==true)
            {
                echo $this->userExists_ERROR;
                return;
            }
            
            if ($this->checkFields($_POST["name"],$_POST["user"],$_POST["password"],$_POST["user_captcha"], $_POST["captchaid"] )==false)
            {
                echo $this->checkFields_ERROR;
                return ;    
            }
            
            
            try
            {
                $USER=$_POST["user"];
                $PASSWORD=md5($_POST["password"]);
                $str=rand();
                $REGCODE=sha1(date("F j, Y, g:i:s a").$str);
                $SECRETKEY=md5(date("F j, Y, g:i:s a").$str);
                $NAME=$_POST["name"];
                $table=$this->DBTABLE;
                $DATE=date("Y-m-d");
                
                $dbh = new PDO($this->DSN, $this->DBUSER, $this->DBPASS);
                $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
                $sql="INSERT INTO $table (name,username,password,regcode,enable,date,secretkey)VALUES 
                (:NAME,:USER,:PASSWORD,:REGCODE,0,:DATE,:SECRETKEY); ";
                
                $stmt = $dbh->prepare($sql);
                $stmt->bindParam(":NAME",$NAME);
                $stmt->bindParam(":USER",$USER);
                $stmt->bindParam(":PASSWORD",$PASSWORD);
                $stmt->bindParam(":REGCODE",$REGCODE);
                $stmt->bindParam(":DATE",$DATE);
                $stmt->bindParam(":SECRETKEY",$SECRETKEY);
                
                if (! $stmt->execute() )
                { 
                    echo $this->registered_ERROR;
                }else{
                    echo $this->registered_OK;
                    $this-> sendMail($USER,$REGCODE);
                }
            }
         
            catch (PDOException $myerror)
            {
                print "Database error: <br>" . $myerror->getMessage() . "<br/>";
            }
            
            
            return ;
        
        }
        
        
        
        if ($m=='')
        {
            global $rand_captcha;
            
            echo '<form class="mx-1 mx-md-4" method="post" action="'.$_SERVER['SCRIPT_NAME'].'">

                  <div class="d-flex flex-row align-items-center mb-4">
                    <i class="fas fa-user fa-lg me-3 fa-fw"></i>
                    <div class="form-outline flex-fill mb-0">
                      <input type="text" id="name" name="name" class="form-control" />
                      <label class="form-label" for="name">Your Name</label>
                    </div>
                  </div>
                  
                  <div class="d-flex flex-row align-items-center mb-4">
                    <i class="fas fa-envelope fa-lg me-3 fa-fw"></i>
                    <div class="form-outline flex-fill mb-0">
                      <input type="email" id="user"  name="user" class="form-control" />
                      <label class="form-label" for="user">Your Email</label>
                    </div>
                  </div>

                  <div class="d-flex flex-row align-items-center mb-4">
                    <i class="fas fa-lock fa-lg me-3 fa-fw"></i>
                    <div class="form-outline flex-fill mb-0">
                      <input type="password" id="password" name="password" class="form-control" />
                      <label class="form-label" for="password">Password</label>
                    </div>
                  </div>

                  <div class="d-flex flex-row align-items-center mb-4">
                    <i class="fas fa-key fa-lg me-3 fa-fw"></i>
                    <div class="form-outline flex-fill mb-0">
                      <input type="password" id="repassword" name="repassword" class="form-control" />
                      <label class="form-label" for="repassword">Repeat your password</label>
                    </div>
                  </div>
                  
                  
                  <div class="d-flex flex-row align-items-center mb-4">
                    <i class="fas fa-user fa-lg me-3 fa-fw"></i>
                    <div class="form-outline flex-fill mb-0">
                        <input type="hidden"  name="captchaid" value="'.$rand_captcha.'">
                        <img src="captcha/image.php?id='.$rand_captcha .'" />
                      <input type="text" id="user_captcha" name="user_captcha" class="form-control" />
                      <label class="form-label" for="name">i\'m not a robot</label>
                    </div>
                  </div>
                  
                  
                  

                  <div class="d-flex justify-content-center mx-4 mb-3 mb-lg-4">
                    <button type="submit" class="btn btn-primary btn-lg" name="btnRegister" id="btnRegister" >Register</button>
                  </div>
                </form>';
        }else{
            echo $m;
        }        
    }


    protected function sendMail($email,$regcode)
    {
        
        $from=$this->emailFrom;
        if ($this->sendMail)
        {
            
            $header = "From:$from \r\n";
            $header .= "MIME-Version: 1.0\r\n";
            $header .= "Content-type: text/html\r\n";
            
            
            $message=$this->emailBody . '<br><br><a href="'. $this->urlActivation . $regcode .'">'.$this->urlActivation . $regcode.'</a>' ;
            mail($email, $this->emailSubject, $message,$header);
        }
    }
    
    
    protected function checkEmail($str) 
    {
        if (filter_var($str, FILTER_VALIDATE_EMAIL)) 
        {
          return true;
        }else{
          return false;
       }
   
   }
   
   protected function checkName($name)
    {
        if (sbonFullName($name)) {
           return true;
        }else{
            return false;
        }
    }
    
    protected function checkPassword($password)
    {
        if (sbonPassword($password)) {
           return true;
        }else{
            return false;
        }
    }
    
    protected function checkCaptcha($user_captcha, $captchaid)
    {
        global $captcha;
        
        if (!ctype_alnum($user_captcha ) || !ctype_alnum($captchaid ) ) {
           return false;
        }else{
            if ($user_captcha==$captcha[$captchaid])
            {
                return true;
            }else{
                return false;
            }    
        
        }
    
    }
    
    protected function checkFields($name, $user, $pass, $captcha, $captchaid)
    {
        
        if (!$this->checkEmail($user))
        {
            $this->checkFields_ERROR=$this->checkFields_ERROR . $this->user_ERROR;
            return false;
        }
        
        if (!$this->checkName($name) || strlen($name)<=4)
        {
            $this->checkFields_ERROR=$this->checkFields_ERROR . $this->name_ERROR;
            return false;
        }
        
        
        
        
        if (!$this->checkPassword($pass) || strlen($pass)<=5)
        {
            $this->checkFields_ERROR=$this->checkFields_ERROR . $this->pass_ERROR;
            return false;
        }
        
        if (!$this->checkCaptcha($captcha,$captchaid))
        {
            $this->checkFields_ERROR=$this->checkFields_ERROR . $this->captcha_ERROR;
            return false;
        }
            
        return true;
    }
    
    protected function userExists($user)
    {
        $table=$this->DBTABLE;
        $sql =  " Select $this->FIELDUSER from $table where $this->FIELDUSER = :USER ; " ; 
            
        $db = new PDO($this->DSN, $this->DBUSER, $this->DBPASS);
        $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
        $stmt = $db->prepare($sql);
        $stmt->bindParam(":USER", $user);
        $stmt->execute();
        
        $row = $stmt->fetch(PDO::FETCH_ASSOC);

        if( ! $row)
        {
            return false; 
        }
            return true;
        }

}


?>

Powered by Code, a simple repository browser by Fabio Di Matteo