2002-11-11 19:40:22 +00:00
|
|
|
<?php
|
|
|
|
|
2003-08-22 05:36:25 +00:00
|
|
|
include_once("db.inc");
|
2002-11-11 19:40:22 +00:00
|
|
|
include_once("util.inc");
|
|
|
|
|
|
|
|
function show_error($str) {
|
|
|
|
page_head("Create account: error");
|
2003-02-19 20:34:33 +00:00
|
|
|
echo "$str<br>\n";
|
2002-11-11 19:40:22 +00:00
|
|
|
echo mysql_error();
|
2002-11-26 00:39:58 +00:00
|
|
|
echo "<p>Click your browser's <b>Back</b> button to try again.\n<p>\n";
|
2002-11-11 19:40:22 +00:00
|
|
|
page_tail();
|
|
|
|
exit();
|
|
|
|
}
|
|
|
|
|
2003-03-26 00:48:56 +00:00
|
|
|
if (parse_config("<disable_account_creation/>")) {
|
|
|
|
page_head("Account creation is disabled");
|
|
|
|
echo "
|
|
|
|
<h3>Account creation is disabled</h3>
|
|
|
|
Sorry, this project has disabled the creation of new accounts.
|
|
|
|
Please try again later.
|
|
|
|
";
|
|
|
|
exit();
|
|
|
|
}
|
|
|
|
|
2003-03-19 21:01:32 +00:00
|
|
|
init_session();
|
2002-11-11 19:40:22 +00:00
|
|
|
db_init();
|
|
|
|
|
2003-07-04 00:02:53 +00:00
|
|
|
$userid = $_POST["userid"];
|
|
|
|
if ($userid) {
|
|
|
|
$result = mysql_query("select * from user where id=$userid");
|
|
|
|
$clone_user = mysql_fetch_object($result);
|
|
|
|
mysql_free_result($result);
|
|
|
|
if (!$clone_user) {
|
|
|
|
echo "User $userid not found";
|
|
|
|
exit();
|
|
|
|
}
|
|
|
|
$teamid = $clone_user->teamid;
|
|
|
|
$project_prefs = $clone_user->project_prefs;
|
|
|
|
} else {
|
|
|
|
$teamid = 0;
|
|
|
|
$project_prefs = "";
|
|
|
|
}
|
|
|
|
|
|
|
|
$new_name = $_POST["new_name"];
|
2003-03-06 17:42:49 +00:00
|
|
|
if (strlen($new_name)==0) {
|
|
|
|
show_error("You must supply a name for your account");
|
|
|
|
}
|
|
|
|
|
2003-08-31 00:18:45 +00:00
|
|
|
$new_email_addr = trim($HTTP_POST_VARS["new_email_addr"]);
|
2003-02-19 20:34:33 +00:00
|
|
|
if (!is_valid_email_addr($new_email_addr)) {
|
2003-03-06 17:42:49 +00:00
|
|
|
show_error("Invalid email address:
|
|
|
|
you must enter a valid address of the form
|
|
|
|
name@domain"
|
|
|
|
);
|
2002-11-11 19:40:22 +00:00
|
|
|
}
|
|
|
|
$query = "select * from user where email_addr='$new_email_addr'";
|
|
|
|
$result = mysql_query($query);
|
|
|
|
if ($result) {
|
|
|
|
$user = mysql_fetch_object($result);
|
|
|
|
mysql_free_result($result);
|
|
|
|
if ($user) {
|
|
|
|
show_error("There's already an account with that email address");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$authenticator = random_string();
|
2003-02-19 20:34:33 +00:00
|
|
|
$munged_email_addr = munge_email_addr($new_email_addr, $authenticator);
|
2003-07-04 00:02:53 +00:00
|
|
|
$query = sprintf(
|
|
|
|
"insert into user (create_time, email_addr, name, authenticator, country, postal_code, total_credit, expavg_credit, expavg_time, project_prefs, teamid, venue, url, send_email, show_hosts) values(%d, '%s', '%s', '%s', '%s', '%s', 0, 0, 0, '$project_prefs', $teamid, 'home', '', 1, 1)",
|
|
|
|
time(),
|
|
|
|
$munged_email_addr,
|
|
|
|
$new_name,
|
|
|
|
$authenticator,
|
|
|
|
$_POST["country"],
|
|
|
|
$_POST["postal_code"]
|
|
|
|
);
|
2002-11-11 19:40:22 +00:00
|
|
|
$result = mysql_query($query);
|
|
|
|
if (!$result) {
|
|
|
|
show_error("Couldn't create account");
|
|
|
|
}
|
|
|
|
|
2002-12-19 05:11:25 +00:00
|
|
|
// In success case, redirect to a fixed page so that user can
|
|
|
|
// return to it without getting "Repost form data" stuff
|
2002-12-06 21:37:30 +00:00
|
|
|
|
2002-12-19 18:08:43 +00:00
|
|
|
send_auth_email($new_email_addr, $authenticator);
|
2003-02-07 09:00:35 +00:00
|
|
|
Header("Location: account_created.php?email_addr=$new_email_addr");
|