Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Not a member yet? Click here to register.
Forgot Password?

Registration Question

Asked Modified Viewed 2,929 times
A
afoster
A
  • Senior Member, joined since
  • Contributed 725 posts on the community forums.
  • Started 128 threads in the forums
  • Started this discussions
asked
Senior Member

I am setting up a high school alumni page and want to have the registrant checked against a list of eligible registrants before the registration is allowed to proceed. This will prevent anyone other than a graduate of the school to be able to register for the site. Yes, I can set it to have the admin approve all registrations, but this way it will be done automatically.

I have set up the user fields needed to make this work but I can't seem to figure out how to check against the eligible registrants list. The new user fields have been added to the users table, there is another table that contains the eligible registrants and I have the code that will check against the eligible code, but don't know where to place it so that it will work. Can anyone help point me in the right direction? Here is the code I want to use...BTW this code works with a stand alone registration project I am using on another site and will likely need to be tweaked to work with fusion.

$stmt = $con->prepare('SELECT * FROM fusion_eligible_registrants WHERE user_last = ?');
$stmt->bind_param('s', $_POST['user_last']);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0) {
   // continue to process registration
} else {
   exit('Last Name not on eligible to register list!');
}
0 replies

46 posts

G
Grimloch
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Answered 2 questions
answered
Senior Member

If you look at register.php ... lines 59, 60, and 61 you see this:
$user_info = unserialize(base64_decode(($data['user_info'])));

$result = dbquery("INSERT INTO ".DB_USERS." (".$user_info['user_field_fields'].") VALUES (".$user_info['user_field_inputs'].")");

I think your code will have to be at line #60 which is a blank line. Line# 61 actually writes to the database for a new registrant.
I myself don't know what the data looks like after it is unserialized however the registrants last name should be part of it. Would you go with $user_info['user_last'] ??? I don't know but it looks like to me that this is the place in register.php where your code needs to be executed. Hope this helps. Maybe someone here can tell us what the data looks like after it's unserialized and base64 decoded?
0 replies
A
afoster
A
  • Senior Member, joined since
  • Contributed 725 posts on the community forums.
  • Started 128 threads in the forums
  • Started this discussions
answered
Senior Member

Just adding my code between the line:
$user_info = unserialize(base64_decode(($data['user_info'])));


And

$result = dbquery("INSERT INTO ".DB_USERS." (".$user_info['user_field_fields'].") VALUES (".$user_info['user_field_inputs'].")");


dose not work because it will let someone register that is not on the eligible list.

Perhaps I misread your post? Thanks by the way for your help.
0 replies
G
Grimloch
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Answered 2 questions
answered
Senior Member

This was just a stab in the dark Fred because that is where the new registrants info gets posted to the db. Of course it'll take more additional code that I don't know how to do.
0 replies
A
afoster
A
  • Senior Member, joined since
  • Contributed 725 posts on the community forums.
  • Started 128 threads in the forums
  • Started this discussions
answered
Senior Member

Thanks Grim...I'll keep on trying or maybe one of the gurus on the forum here will come up with the answer.
0 replies
G
Grimloch
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Answered 2 questions
answered
Senior Member

Morning Fred. There's no way I can check this myself cause I don't have your extra db table. Now; assuming that your db table is in your fusion db tables try this and see what happens. Like I said UNTESTED-CAUTION !!
 $user_info = unserialize(base64_decode(($data['user_info'])));
// code for checking users last name against other data table
 $name_check = $user_info['user_last'];
      $stuff = dbquery("SELECT * FROM ".DB_FUSION_ELIGIBLE_REGISTRANTS." WHERE user_last='$name_check'");
         if (dbrows($stuff)) {
 $result = dbquery("INSERT INTO ".DB_USERS." (".$user_info['user_field_fields'].") VALUES (".$user_info['user_field_inputs'].")");
 $result = dbquery("DELETE FROM ".DB_NEW_USERS." WHERE user_code='".$_GET['code']."' LIMIT 1");

 opentable($locale['u155']);
 if ($settings['admin_activation'] == "1") {
 echo "<div style='text-align:center'><br />n".$locale['u171']."<br /><br />n".$locale['u162']."<br /><br />n</div>n";
 } else {
 echo "<div style='text-align:center'><br />n".$locale['u171']."<br /><br />n".$locale['u161']."<br /><br />n</div>n";
 }
 closetable();
   } else {
      exit('Last Name not on eligible to register list!');
// end code for checking users last name
      redirect("index.php");
   }
 } else if (isset($_POST['register'])) {
0 replies
M
MathiasHU
M
https://fusion.bltfm.hu/
  • Junior Member, joined since
  • Contributed 48 posts on the community forums.
  • Started 3 threads in the forums
  • Answered 1 question
answered
Junior Member

/includes/classes/UserFieldsInput.class.php

Core code

private function _settUserName() {
 global $locale;
 $this->_userName = isset($_POST['user_name']) ? stripinput(trim(preg_replace("/ +/i", " ", $_POST['user_name']))) : "";

 if ($this->_userName != "" && $this->_userName != $this->userData['user_name']) {
 if (!preg_match("/^[p{Latin}p{Arabic}p{Cyrillic}p{Han}p{Hebrew}a-zA-Zp{N}]+h?[p{N}p{Latin}p{Arabic}p{Cyrillic}p{Han}p{Hebrew}a-zA-Z]*$/um", $this->_userName)) {
 $this->_setError("user_name", $locale['u120']);
 } else {
 $name_active = dbcount("(user_id)", DB_USERS, "user_name='".$this->_userName."'");
 $name_inactive = dbcount("(user_code)", DB_NEW_USERS, "user_name='".$this->_userName."'");
 if ($name_active == 0 && $name_inactive == 0) {
 $this->_userLogFields[] = "user_name";
 $this->_setDBValue("user_name", $this->_userName);
 } else {
 $this->_setError("user_name", $locale['u121']);
 }
 }
 } else {
 $this->_setError("user_name", $locale['u122'], TRUE);
 }
 }


Mod code

....
$inf_newtable[1] = DB_ELIGIBLE_REGS." (
   er_id MEDIUMINT(8) UNSIGNED NOT NULL AUTO_INCREMENT,
   er_name VARCHAR(50) NOT NULL DEFAULT '',
   PRIMARY KEY (er_id)
) ENGINE=MyISAM;";

$inf_insertdbrow[1] = DB_ELIGIBLE_REGS." (er_name) VALUES ('Mathias')";
$inf_insertdbrow[2] = DB_ELIGIBLE_REGS." (er_name) VALUES ('Test')";
$inf_insertdbrow[3] = DB_ELIGIBLE_REGS." (er_name) VALUES ('afoster')";
...


private function _settUserName() {
 global $locale;
 $this->_userName = isset($_POST['user_name']) ? stripinput(trim(preg_replace("/ +/i", " ", $_POST['user_name']))) : "";

 if ($this->_userName != "" && $this->_userName != $this->userData['user_name']) {
 if (!preg_match("/^[p{Latin}p{Arabic}p{Cyrillic}p{Han}p{Hebrew}a-zA-Zp{N}]+h?[p{N}p{Latin}p{Arabic}p{Cyrillic}p{Han}p{Hebrew}a-zA-Z]*$/um", $this->_userName)) {
 $this->_setError("user_name", $locale['u120']);
 } else {
 $name_active = dbcount("(user_id)", DB_USERS, "user_name='".$this->_userName."'");
 $name_inactive = dbcount("(user_code)", DB_NEW_USERS, "user_name='".$this->_userName."'");
                include INFUSIONS."eligible_registrants/infusion_db.php";
                $name_eligible = dbcount("(er_id)", DB_ELIGIBLE_REGS, "er_name='".$this->_userName."'");
                if ($name_eligible == 1) {
 if ($name_active == 0 && $name_inactive == 0) {
 $this->_userLogFields[] = "user_name";
 $this->_setDBValue("user_name", $this->_userName);
 } else {
 $this->_setError("user_name", $locale['u121']);
 }
                } else {
 $this->_setError("user_name", "The selected username is not allowed.");
 }
 }
 } else {
 $this->_setError("user_name", $locale['u122'], TRUE);
 }
 }
0 replies
G
Grimloch
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Answered 2 questions
answered
Senior Member

This is great MathiasHU except you're not aware that we are using an additional user_field called user_last which is a required field. That's what he needs to check against NOT user_name.
0 replies
M
MathiasHU
M
https://fusion.bltfm.hu/
  • Junior Member, joined since
  • Contributed 48 posts on the community forums.
  • Started 3 threads in the forums
  • Answered 1 question
answered
Junior Member

Yes, I know that field has to be replaced.
0 replies
G
Grimloch
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Answered 2 questions
answered
Senior Member

I don't think you're getting it. We still have user_name(which can be whatever the person wants) but also user_first and user_last which are required fields. If the registrant is truthful about their real names then they are registered if not then they are rejected. afoster already has a db table with his alumni REAL NAMES.
0 replies
M
MathiasHU
M
https://fusion.bltfm.hu/
  • Junior Member, joined since
  • Contributed 48 posts on the community forums.
  • Started 3 threads in the forums
  • Answered 1 question
answered
Junior Member

I didn't want to write it all.
You can learn from that code

/includes/classes/UserFieldsInput.class.php

<?php
/*-------------------------------------------------------+
| PHPFusion Content Management System
| Copyright (C) PHP Fusion Inc
| https://phpfusion.com/
+--------------------------------------------------------+
| Filename: UserFieldsInput.class.php
| Author: Hans Kristian Flaatten (Starefossen)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
if (!defined("IN_FUSION")) {
 die("Access Denied");
}

require_once CLASSES."PasswordAuth.class.php";

class UserFieldsInput {
 public $adminActivation = 1;
 public $emailVerification = 1;
 public $isAdminPanel = FALSE;
 public $verifyNewEmail = FALSE;
 public $userData;
 public $validation = 0;
 public $registration = FALSE;

 // On insert or admin edit
 public $skipCurrentPass = FALSE;

 private $_completeMessage;
 private $_errorMessages = [];
 private $_fieldsRequired = [];
 private $_method;
 private $_noErrors = TRUE;
 private $_userEmail;
 private $_userHideEmail;
 private $_userName;
 private $_userNameLast;

 // Passwords
 private $_isValidCurrentPassword = FALSE;
 private $_isValidCurrentAdminPassword = FALSE;

 private $_userHash = FALSE;
 private $_userPassword = FALSE;
 private $_newUserPassword = FALSE;
 private $_newUserPassword2 = FALSE;

 private $_newUserPasswordHash = FALSE;
 private $_newUserPasswordSalt = FALSE;
 private $_newUserPasswordAlgo = FALSE;

 private $_userAdminPassword = FALSE;
 private $_newUserAdminPassword = FALSE;
 private $_newUserAdminPassword2 = FALSE;

 // Database inputs
 private $_dbFields;
 private $_dbValues;

 // User Log System
 private $_userLogData = [];
 private $_userLogFields = [];

 // Settings
 private $_userNameChange = TRUE;

 // Flags
 private $_themeChanged = FALSE;

 public function saveInsert() {
 $this->_method = "validate_insert";
 $this->_fieldsRequired = [
 "user_name" => TRUE,
 "user_password" => TRUE,
 "user_email" => TRUE,
 "user_captcha" => TRUE,
 "email_activation" => TRUE,
          "user_namelast" => TRUE,
 ];


 $this->userData = [
 "user_password" => "", "user_algo" => "", "user_salt" => "",
 "user_admin_password" => "", "user_admin_algo" => "", "user_admin_salt" => "",
 "user_name" => "", "user_email" => ""
 ];

 if ($this->_userNameChange) {
 $this->_settUserName();
 }
 $this->_setNewUserPassword();
 $this->_setUserEmail();
 if ($this->validation == 1) {
 $this->_setValidationError();
 }
 $this->_setEmptyFields();
 $this->_setCustomUserFieldsData();
 if ($this->_noErrors) {
 if ($this->emailVerification) {
 $this->_setEmailVerification();
 } else {
 $this->_setUserDataInput();
 }
 }
       $this->_settUserNameLast();
 }

 public function saveUpdate() {
 $this->_method = "validate_update";

 $this->_settUserName();
 $this->_setNewUserPassword();
 $this->_setNewAdminPassword();
 $this->_setUserEmail();
 if ($this->validation == 1) {
 $this->_setValidationError();
 }
 $this->_setEmptyFields();
 $this->_setUserAvatar();
 $this->_setCustomUserFieldsData();
 if ($this->_noErrors) {
 $this->_setUserDataUpdate();
 }
 }

 public function getErrorsArray() {
 return $this->_errorMessages;
 }

 public function displayMessages() {
 global $locale;

 if ($this->_noErrors) {
 if ($this->_method == "validate_insert") {
 $title = $locale['u170'];
 $message = "<br />n".$this->_completeMessage."<br /><br />n";
 } else {
 $title = $locale['u169'];
 $message = "<br />n".$this->_completeMessage."<br /><br />n";
 }
 } else {
 $title = $this->_method == "validate_insert" ? $locale['u165'] : $locale['u164'];
 $message = $title." ".$locale['u167']."<br /><br />n";
 foreach ($this->_errorMessages as $err => $msg) {
 $message .= $msg."<br />n";
 }
 $message .= "n".$locale['u168'];
 }
 opentable($title);
 echo "<div style='text-align:center'>".$message."</div>n";
 closetable();
 }

 public function setUserNameChange($value) {
 $this->_userNameChange = $value;
 }

 public function verifyCode($value) {
 global $locale, $userdata;
 if (!preg_check("/^[0-9a-z]{32}$/i", $value))
 redirect("index.php");
 $result = dbquery("SELECT * FROM ".DB_EMAIL_VERIFY." WHERE user_code='".$value."'");
 if (dbrows($result)) {
 $data = dbarray($result);
 if ($data['user_id'] == $userdata['user_id']) {
 if ($data['user_email'] != $userdata['user_email']) {
 $result = dbquery("SELECT user_email FROM ".DB_USERS." WHERE user_email='".$data['user_email']."'");
 if (dbrows($result)) {
 $this->_noErrors = FALSE;
 $this->_errorMessages[0] = $locale['u164']."<br />n".$locale['u121'];
 } else {
 $this->_completeMessage = $locale['u169'];
 }
 $result = dbquery("UPDATE ".DB_USERS." SET user_email='".$data['user_email']."' WHERE user_id='".$data['user_id']."'");
 $result = dbquery("DELETE FROM ".DB_EMAIL_VERIFY." WHERE user_id='".$data['user_id']."'");
 }
 } else {
 redirect("index.php");
 }
 } else {
 redirect("index.php");
 }
 }

 public function themeChanged() {
 return $this->_themeChanged;
 }

 private function _settUserName() {
 global $locale;
 $this->_userName = isset($_POST['user_name']) ? stripinput(trim(preg_replace("/ +/i", " ", $_POST['user_name']))) : "";

 if ($this->_userName != "" && $this->_userName != $this->userData['user_name']) {
 if (!preg_match("/^[p{Latin}p{Arabic}p{Cyrillic}p{Han}p{Hebrew}a-zA-Zp{N}]+h?[p{N}p{Latin}p{Arabic}p{Cyrillic}p{Han}p{Hebrew}a-zA-Z]*$/um", $this->_userName)) {
 $this->_setError("user_name", $locale['u120']);
 } else {
 $name_active = dbcount("(user_id)", DB_USERS, "user_name='".$this->_userName."'");
 $name_inactive = dbcount("(user_code)", DB_NEW_USERS, "user_name='".$this->_userName."'");
 if ($name_active == 0 && $name_inactive == 0) {
 $this->_userLogFields[] = "user_name";
 $this->_setDBValue("user_name", $this->_userName);
 } else {
 $this->_setError("user_name", $locale['u121']);
 }
 }
 } else {
 $this->_setError("user_name", $locale['u122'], TRUE);
 }
 }

    private function _settUserNameLast() {
 global $locale;
 $this->_userNameLast = isset($_POST['user_namelast']) ? stripinput(trim(preg_replace("/ +/i", " ", $_POST['user_namelast']))) : "";

 if ($this->_userNameLast != "" && $this->_userNameLast != $this->userData['user_namelast']) {
 if (!preg_match("/^[p{Latin}p{Arabic}p{Cyrillic}p{Han}p{Hebrew}a-zA-Zp{N}]+h?[p{N}p{Latin}p{Arabic}p{Cyrillic}p{Han}p{Hebrew}a-zA-Z]*$/um", $this->_userNameLast)) {
 $this->_setError("user_namelast", $locale['u120']);
 } else {
                include INFUSIONS."eligible_registrants/infusion_db.php";
                $name_eligible = dbcount("(er_id)", DB_ELIGIBLE_REGS, "er_name='".$this->_userNameLast."'");
                if ($name_eligible == 1) {
 $this->_userLogFields[] = "user_namelast";
 $this->_setDBValue("user_namelast", $this->_userNameLast);
                } else {
 $this->_setError("user_namelast", "The selected username is not allowed.");
 }
 }
 } else {
 $this->_setError("user_namelast", $locale['u122'], TRUE);
 }
 }

 private function _isValidCurrentPassword($loginPass = TRUE, $skipCurrentPass = FALSE) {
 if ($loginPass && !$skipCurrentPass) {
 $this->_userHash = $this->_getPasswordInput("user_hash");
 $this->_userPassword = $this->_getPasswordInput("user_password");
 $password = $this->_userPassword;
 $hash = $this->userData['user_password'];
 $salt = $this->userData['user_salt'];
 $algo = $this->userData['user_algo'];
 } else if ($loginPass == FALSE && !$skipCurrentPass) {
 $this->_userAdminPassword = $this->_getPasswordInput("user_admin_password");
 $password = $this->_userAdminPassword;
 $hash = $this->userData['user_admin_password'];
 $salt = $this->userData['user_admin_salt'];
 $algo = $this->userData['user_admin_algo'];
 }

 if ($skipCurrentPass == FALSE) {
 // Check user auth
 if ($loginPass && $this->_userHash != $hash) {
 redirect(BASEDIR."index.php");
 }

 // Intialize password auth
 $passAuth = new PasswordAuth();
 $passAuth->inputPassword = $password;
 $passAuth->currentAlgo = $algo;
 $passAuth->currentSalt = $salt;
 $passAuth->currentPasswordHash = $hash;

 // Check if password is correct
 if ($passAuth->isValidCurrentPassword(FALSE)) {
 return TRUE;
 } else {
 return FALSE;
 }
 } else {
 return TRUE;
 }
 }

 // Set New User Password
 private function _setNewUserPassword() {
 global $locale;

 $this->_isValidCurrentPassword = $this->_isValidCurrentPassword(TRUE, $this->skipCurrentPass);
 $this->_newUserPassword = $this->_getPasswordInput("user_new_password");
 $this->_newUserPassword2 = $this->_getPasswordInput("user_new_password2");

 if ($this->_newUserPassword) {
 // Set new password
 if ($this->_isValidCurrentPassword) {
 // Intialize password auth
 $passAuth = new PasswordAuth();
 $passAuth->inputPassword = $this->_userPassword;
 $passAuth->inputNewPassword = $this->_newUserPassword;
 $passAuth->inputNewPassword2 = $this->_newUserPassword2;

 // Check new password
 $_isValidNewPassword = $passAuth->isValidNewPassword();

 if ($_isValidNewPassword === 0) {
 // New password is valid
 $this->_newUserPasswordHash = $passAuth->getNewHash();
 $this->_newUserPasswordAlgo = $passAuth->getNewAlgo();
 $this->_newUserPasswordSalt = $passAuth->getNewSalt();

 $this->_setDBValue("user_algo", $this->_newUserPasswordAlgo);
 $this->_setDBValue("user_salt", $this->_newUserPasswordSalt);
 $this->_setDBValue("user_password", $this->_newUserPasswordHash);
 if (!$this->isAdminPanel && !$this->skipCurrentPass) {
 Authenticate::setUserCookie($this->userData['user_id'], $passAuth->getNewSalt(),
 $passAuth->getNewAlgo(), FALSE);
 }
 } else {
 if ($_isValidNewPassword === 1) {
 // New Password equal old password
 $this->_setError("user_password", $locale['u134'].$locale['u146'].$locale['u133'].".");
 } else if ($_isValidNewPassword === 2) {
 // The two new passwords are not identical
 $this->_setError("user_password", $locale['u148']);
 } else if ($_isValidNewPassword === 3) {
 // New password contains invalid chars / symbols
 $this->_setError("user_password", $locale['u134'].$locale['u142']."<br />".$locale['u147']);
 }
 }
 } else {
 // Current user password is invalid
 $this->_setError("user_password", $locale['u149']);
 }
 } else {
 // New user password is empty
 $this->_setError("user_password", $locale['u134'].$locale['u143a'], TRUE);
 }
 }

 // Set New Admin Password
 private function _setNewAdminPassword() {
 global $locale;

 // Only accept if user is admin, updating his profile (not admin panel)
 if (iADMIN && $this->_method == "validate_update" && !$this->isAdminPanel) {

 if ($this->_getPasswordInput("user_admin_password") == "") {
 if ($this->userData['user_admin_password'] == "") {
 $this->_isValidCurrentAdminPassword = TRUE;
 $showError = FALSE;
 } else {
 $this->_isValidCurrentAdminPassword = FALSE;
 $showError = TRUE;
 }
 } else {
 $this->_isValidCurrentAdminPassword = $this->_isValidCurrentPassword(FALSE, FALSE);
 $showError = TRUE;
 }

 //$this->_isValidCurrentAdminPassword            = $this->_isValidCurrentPassword(false, false);

 $this->_newUserAdminPassword = $this->_getPasswordInput("user_new_admin_password");
 $this->_newUserAdminPassword2 = $this->_getPasswordInput("user_new_admin_password2");

 // Require current password
 if ($this->_isValidCurrentAdminPassword) {
 // Require current admin password
 if ($this->_isValidCurrentPassword) {
 if ($this->_userAdminPassword != $this->_userPassword) {
 // Intialize password auth
 $passAuth = new PasswordAuth();
 $passAuth->inputPassword = $this->_userAdminPassword;
 $passAuth->inputNewPassword = $this->_newUserAdminPassword;
 $passAuth->inputNewPassword2 = $this->_newUserAdminPassword2;

 // Check admin new password
 $_isValidNewPassword = $passAuth->isValidNewPassword();

 if ($_isValidNewPassword === 0) {
 // New password is valid
 $this->_setDBValue("user_admin_algo", $passAuth->getNewAlgo());
 $this->_setDBValue("user_admin_salt", $passAuth->getNewSalt());
 $this->_setDBValue("user_admin_password", $passAuth->getNewHash());
 } else {
 if ($_isValidNewPassword === 1) {
 // New Password equal old password
 $this->_setError("user_password", $locale['u144'].$locale['u146'].$locale['u131']);
 } else if ($_isValidNewPassword === 2) {
 // The two new passwords are not identical
 $this->_setError("user_password", $locale['u148a']);
 } else if ($_isValidNewPassword === 3) {
 // New password contains invalid chars / symbols
 $this->_setError("user_password", $locale['u144'].$locale['u142']."<br />".$locale['u147']);
 }
 }
 } else {
 // New admin password equal Login password
 $this->_setError("user_admin_password", $locale['u144'].$locale['u146'].$locale['u133']);
 }
 } else {
 // Current login password is invalid
 $this->_setError("user_admin_password", $locale['u149b']);
 }
 } else {
 // Current admin password is invalid
 $this->_setError("user_admin_password", $locale['u149a'], $showError);
 }
 }
 }

 // Set New User Email
 private function _setUserEmail() {
 global $locale, $settings;

 $this->_userEmail = (isset($_POST['user_email']) ? stripinput(trim(preg_replace("/ +/i", " ", $_POST['user_email']))) : "");

 if ($this->_userEmail != "" && $this->_userEmail != $this->userData['user_email']) {
 // Require user password for email change
 if ($this->_isValidCurrentPassword) {
 // Require a valid email account
 if (preg_check("/^[-0-9A-Z_.]{1,50}@([-0-9A-Z_.]+.){1,50}([0-9A-Z]){2,4}$/i", $this->_userEmail)) {
 $email_domain = substr(strrchr($this->_userEmail, "@"), 1);
 if (dbcount("(blacklist_id)", DB_BLACKLIST, "blacklist_email='".$this->_userEmail."' OR blacklist_email='".$email_domain."'") != 0) {
 $this->_setError("user_email", $locale['u124']);
 } else {
 $email_active = dbcount("(user_id)", DB_USERS, "user_email='".$this->_userEmail."'");
 $email_inactive = dbcount("(user_code)", DB_NEW_USERS, "user_email='".$this->_userEmail."'");
 if ($email_active == 0 && $email_inactive == 0) {
 if ($this->verifyNewEmail && $settings['email_verification'] == "1") {
 $this->_verifyNewEmail();
 } else {
 $this->_userLogFields[] = "user_email";
 $this->_setDBValue("user_email", $this->_userEmail);
 }
 } else {
 $this->_setError("user_email", $locale['u125']);
 }
 }
 } else {
 $this->_setError("user_email", $locale['u123']);
 }
 } else {
 $this->_setError("user_email", $locale['u156']);
 }
 } else {
 $this->_setError("user_email", $locale['u126'], TRUE);
 }
 }

 private function _verifyNewEmail() {
 global $locale, $settings, $userdata;
 require_once INCLUDES."sendmail_include.php";
 mt_srand((double)microtime() * 1000000);
 $salt = "";
 for ($i = 0; $i <= 10; $i++) {
 $salt .= chr(rand(97, 122));
 }
 $user_code = md5($this->_userEmail.$salt);
 $email_verify_link = $settings['siteurl']."edit_profile.php?code=".$user_code;
 $mailbody = str_replace(
 ["[USER_NAME]", "[EMAIL_VERIFY_LINK]", '[SITEUSERNAME]', '[SITENAME]'],
 [$userdata['user_name'], $email_verify_link, $settings['siteusername'], $settings['sitename']],
 $locale['u203']
 );
 sendemail($this->_userName, $this->_userEmail, $settings['siteusername'], $settings['siteemail'], str_replace('[SITENAME]', $settings['sitename'], $locale['u202']), $mailbody);
 $result = dbquery("DELETE FROM ".DB_EMAIL_VERIFY." WHERE user_id='".$this->userData['user_id']."'");
 $result = dbquery("INSERT INTO ".DB_EMAIL_VERIFY." (user_id, user_code, user_email, user_datestamp) VALUES('".$this->userData['user_id']."', '$user_code', '".$this->_userEmail."', '".time()."')");
 }

 private function _setValidationError() {
 global $locale, $settings;

 $_CAPTCHA_IS_VALID = FALSE;
 include INCLUDES."captchas/".$settings['captcha']."/captcha_check.php";
 if ($_CAPTCHA_IS_VALID == FALSE) {
 $this->_setError("user_captcha", $locale['u194']);
 }
 }

 private function _setUserAvatar() {
 global $locale, $settings;

 if (isset($_POST['delAvatar'])) {
 if ($this->userData['user_avatar'] != "" && file_exists(IMAGES."avatars/".$this->userData['user_avatar']) &&
 is_file(IMAGES."avatars/".$this->userData['user_avatar'])) {
 unlink(IMAGES."avatars/".$this->userData['user_avatar']);
 }
 $this->_setDBValue("user_avatar", "");
 }

 if (isset($_FILES['user_avatar']) && $_FILES['user_avatar']['name'] != "") {
 require_once INCLUDES."infusions_include.php";
 $avatarUpload = upload_image(
 "user_avatar", "", IMAGES."avatars/", "2000", "2000", $settings['avatar_filesize'], TRUE, TRUE, FALSE,
 $settings['avatar_ratio'], IMAGES."avatars/", "[".$this->userData['user_id']."]", $settings['avatar_width'], $settings['avatar_height']
 );
 if ($avatarUpload['error'] == 0) {
 if ($this->userData['user_avatar'] != "" && file_exists(IMAGES."avatars/".$this->userData['user_avatar']) &&
 is_file(IMAGES."avatars/".$this->userData['user_avatar'])) {
 unlink(IMAGES."avatars/".$this->userData['user_avatar']);
 }
 $this->_setDBValue("user_avatar", $avatarUpload['thumb1_name']);
 } else if ($avatarUpload['error'] == 1) {
 $this->_setError("user_avatar", str_replace('[LIMIT]', parsebytesize($settings['avatar_filesize']), $locale['u180']));
 } else if ($avatarUpload['error'] == 2) {
 $this->_setError("user_avatar", $locale['u181']);
 } else if ($avatarUpload['error'] == 3) {
 $this->_setError("user_avatar", str_replace(['[WIDTH]', '[HEIGHT]'], [$settings['avatar_width'], $settings['avatar_height']], $locale['u182']));
 } else if ($avatarUpload['error'] == 4) {
 // Invalid query string
 } else if ($avatarUpload['error'] == 5) {
 $this->_setError("user_avatar", $locale['u183']);
 }
 }
 }

 private function _setEmptyFields() {
 $this->_userHideEmail = isset($_POST['user_hide_email']) && $_POST['user_hide_email'] == 1 ? 1 : 0;

 $userStatus = $this->adminActivation == 1 ? 2 : 0;

 if ($this->_method == "validate_insert") {
 $this->_setDBValue("user_hide_email", $this->_userHideEmail);
 $this->_setDBValue("user_avatar", "");
 $this->_setDBValue("user_posts", 0);
 $this->_setDBValue("user_threads", 0);
 $this->_setDBValue("user_joined", time());
 $this->_setDBValue("user_lastvisit", 0);
 $this->_setDBValue("user_ip", USER_IP);
 $this->_setDBValue("user_ip_type", USER_IP_TYPE);
 $this->_setDBValue("user_rights", "");
 $this->_setDBValue("user_groups", "");
 $this->_setDBValue("user_level", 101);
 $this->_setDBValue("user_status", $userStatus);
 } else {
 $this->_setDBValue("user_hide_email", $this->_userHideEmail);
 }
 }

 private function _setCustomUserFieldsData() {
 global $locale, $settings;

 $profile_method = $this->_method;

 if ($this->registration) {
 $where = "WHERE field_registration='1'";
 } else {
 $where = "";
 }

 $result = dbquery(
 "SELECT * FROM ".DB_USER_FIELDS." tuf
         INNER JOIN ".DB_USER_FIELD_CATS." tufc ON tuf.field_cat = tufc.field_cat_id
         ".$where."
         ORDER BY field_cat_order, field_order"
 );

 if (dbrows($result)) {
 while ($data = dbarray($result)) {
 $db_fields = "";
 $db_values = "";
 if ($data['field_required'] == 1) {
 $this->_fieldsRequired[$data['field_name']] = TRUE;
 }

 if ($data['field_log'] == 1) {
 $this->_userLogFields[] = $data['field_name'];
 }

 if (file_exists(LOCALE.LOCALESET."user_fields/".$data['field_name'].".php")) {
 include LOCALE.LOCALESET."user_fields/".$data['field_name'].".php";
 }
 if (file_exists(INCLUDES."user_fields/".$data['field_name']."_include.php")) {
 include INCLUDES."user_fields/".$data['field_name']."_include.php";
 }
 $this->_dbFields .= $db_fields;
 $this->_dbValues .= $db_values;
 }
 }
 }

 private function _setDBValue($field, $value) {
 if ($this->_method == "validate_insert") {
 $this->_dbFields .= ($this->_dbFields != "" ? ", " : "").$field;
 $this->_dbValues .= ($this->_dbValues != "" ? ", " : "")."'".$value."'";
 } else {
 if (in_array($field, $this->_userLogFields)) {
 $this->_userLogData[$field] = $value;
 }
 $this->_dbValues .= ($this->_dbValues != "" ? ", " : "").$field."='".$value."'";
 }
 }

 private function _setError($field, $message, $empty = FALSE) {
 if (!$empty || (isset($this->_fieldsRequired[$field]) && $this->_fieldsRequired[$field] == TRUE)) {
 $this->_noErrors = FALSE;
 $this->_errorMessages[$field] = $message;
 }
 }

 private function _isNotRequired($field) {
 if (isset($this->_fieldsRequired[$field])) {
 return FALSE;
 } else {
 return TRUE;
 }
 }

 // Get Password Input - if empty return false
 private function _getPasswordInput($field) {
 return isset($_POST[$field]) && $_POST[$field] != "" ? $_POST[$field] : FALSE;
 }

 private function _setEmailVerification() {
 global $settings, $locale, $userCode;

 require_once INCLUDES."sendmail_include.php";

 $userCode = hash_hmac("sha1", PasswordAuth::getNewPassword(), $this->_userEmail);
 $activationUrl = $settings['siteurl']."register.php?email=".$this->_userEmail."&code=".$userCode;

 $message = str_replace(
 ["ACTIVATION_LINK", "USER_NAME", "USER_PASSWORD", 'SITENAME', 'SITEUSERNAME'],
 [$activationUrl, $this->_userName, $this->_newUserPassword, $settings['sitename'], $settings['siteusername']],
 $locale['u152']
 );

 $template_result = dbquery(" SELECT * FROM ".DB_EMAIL_TEMPLATES." WHERE template_key='ACTIVATION' LIMIT 1");

 if (dbrows($template_result)) {
 $template_data = dbarray($template_result);
 if ($template_data['template_active'] == "1") {
 $tpl_message = strtr($template_data['template_content'], [
 "ACTIVATION_LINK" => $activationUrl,
 "USER_NAME" => $this->_userName,
 "USER_PASSWORD" => $this->_newUserPassword,
 'SITENAME' => $settings['sitename'],
 'SITEUSERNAME' => $settings['siteusername']
 ]);

 if (sendemail_template("ACTIVATION", str_replace('[SITENAME]', $settings['sitename'], $template_data['template_subject']), '', "", $template_data['template_sender_name'], "", $template_data['template_sender_email'], $this->_userName, $this->_userEmail, $tpl_message)) {
 $this->newUserData();
 } else {
 $message = strtr($locale['u154'], [
 '[LINK]' => "<a href='".BASEDIR."contact.php'><strong>",
 '[/LINK]' => "</strong></a>"
 ]);
 $this->_setError("email_activation", $locale['u153']."<br />".$message);
 }
 } else {
 if (sendemail($this->_userName, $this->_userEmail, $settings['siteusername'], $settings['siteemail'], str_replace('[SITENAME]', $settings['sitename'], $locale['u151']), $message)) {
 $this->newUserData();
 } else {
 $message = strtr($locale['u154'], [
 '[LINK]' => "<a href='".BASEDIR."contact.php'><strong>",
 '[/LINK]' => "</strong></a>"
 ]);
 $this->_setError("email_activation", $locale['u153']."<br />".$message);
 }
 }
 } else {
 if (sendemail($this->_userName, $this->_userEmail, $settings['siteusername'], $settings['siteemail'], str_replace('[SITENAME]', $settings['sitename'], $locale['u151']), $message)) {
 $this->newUserData();
 } else {
 $message = strtr($locale['u154'], [
 '[LINK]' => "<a href='".BASEDIR."contact.php'><strong>",
 '[/LINK]' => "</strong></a>"
 ]);
 $this->_setError("email_activation", $locale['u153']."<br />".$message);
 }
 }
 }

 private function newUserData() {
 global $locale, $userCode;

 $userInfo = serialize([
 "user_name" => $this->_userName,
 "user_password" => $this->_newUserPasswordHash,
 "user_salt" => $this->_newUserPasswordSalt,
 "user_algo" => $this->_newUserPasswordAlgo,
 "user_email" => $this->_userEmail,
 "user_field_fields" => $this->_dbFields,
 "user_field_inputs" => $this->_dbValues
 ]);
 $userInfo = base64_encode($userInfo);

 $result = dbquery(
 "INSERT INTO ".DB_NEW_USERS." (
               user_code, user_name, user_email, user_datestamp, user_info
            ) VALUES(
               '".$userCode."', '".$this->_userName."', '".$this->_userEmail."', '".time()."', '".$userInfo."'
            )"
 );
 $this->_completeMessage = $locale['u150'];
 }

 private function _setUserDataInput() {
 global $locale, $settings, $userdata, $aidlink;

 $result = dbquery("INSERT INTO ".DB_USERS." (".$this->_dbFields.") VALUES(".$this->_dbValues.")");
 if ($this->adminActivation) {
 $this->_completeMessage = $locale['u160']."<br /><br />n".$locale['u162'];
 } else {
 if (!$this->isAdminPanel) {
 $this->_completeMessage = $locale['u160']."<br /><br />n".$locale['u161'];
 } else {
 require_once LOCALE.LOCALESET."admin/members_email.php";
 require_once INCLUDES."sendmail_include.php";

 $subject = $locale['email_create_subject'].$settings['sitename'];
 $replace_this = ["[USER_NAME]", "[PASSWORD]", "[SITENAME]", "[SITEUSERNAME]"];
 $replace_with = [$this->_userName, $this->_newUserPassword, $settings['sitename'], $settings['siteusername']];
 $message = str_replace($replace_this, $replace_with, $locale['email_create_message']);
 sendemail($this->_userName, $this->_userEmail, $settings['siteusername'], $settings['siteemail'], $subject, $message);

 $this->_completeMessage = $locale['u172']."<br /><br />n<a href='members.php".$aidlink."'>".$locale['u173']."</a>";
 $this->_completeMessage .= "<br /><br /><a href='members.php".$aidlink."&amp;step=add'>".$locale['u174']."</a>";
 }
 }
 }

 private function _setUserDataUpdate() {
 global $locale;

 $this->_saveUserLog();

 $result = dbquery("UPDATE ".DB_USERS." SET ".$this->_dbValues." WHERE user_id='".$this->userData['user_id']."'");
 $this->_completeMessage = $locale['u163'];
 }

 private function _saveUserLog() {
 $i = 0;
 $sql = "";

 foreach ($this->_userLogData as $field => $value) {
 if ($this->userData[$field] != $value) {
 if ($i == 0) {
 $sql = "INSERT INTO ".DB_USER_LOG." (userlog_user_id, userlog_field, userlog_value_new, userlog_value_old, userlog_timestamp) VALUES ";
 }
 $sql .= ($i > 0 ? ", " : "")."(".$this->userData['user_id'].", '".$field."', '".$value."', '".$this->userData[$field]."', ".time().")";
 $i++;
 }
 }

 if ($sql != "") {
 $result = dbquery($sql);
 }
 }
}
0 replies
G
Grimloch
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Answered 2 questions
answered
Senior Member

Well; cut my nose off and call me "Shorty"; that's exactly what I did; added the new function into "/includes/classes/UserFieldsInput.class.php"
I'll check my changes against yours MathiasHU to make sure I didn't miss anything. Thanks man.
0 replies
A
afoster
A
  • Senior Member, joined since
  • Contributed 725 posts on the community forums.
  • Started 128 threads in the forums
  • Started this discussions
answered
Senior Member

Thank you MathiasHU for your willingness to help me with this. While I am the first to acknowledge that the code you posted is way over my head, I wonder if it is needed considering all I am trying to do is confirm that the last name being used by the registrant exists in another mysql table before the registration continues. Perhaps I am oversimplifying the issue.
0 replies
G
Grimloch
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Answered 2 questions
answered
Senior Member

Fred. I am currently working on this code to make it work for you. My main question is whether or not your alumni table is within the main db and how you added it. If you could please send me that table so I can complete this code.
0 replies
A
afoster
A
  • Senior Member, joined since
  • Contributed 725 posts on the community forums.
  • Started 128 threads in the forums
  • Started this discussions
answered
Senior Member

Just sent you an email with the sql for the table, and yes it is in the fusion db
0 replies
G
Grimloch
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Answered 2 questions
answered
Senior Member

Help me out here Fred. Is your table named "fusion_eligible_registrants" or is it "fusion6S71B_hphs64_reg" ?
0 replies
A
afoster
A
  • Senior Member, joined since
  • Contributed 725 posts on the community forums.
  • Started 128 threads in the forums
  • Started this discussions
answered
Senior Member

It is called fusion6S71B_hphs64_reg
0 replies
G
Grimloch
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Answered 2 questions
answered
Senior Member

OK Fred I completed the code. Try it out and see if it works for you.
You do not have access to view attachments
0 replies
M
MathiasHU
M
https://fusion.bltfm.hu/
  • Junior Member, joined since
  • Contributed 48 posts on the community forums.
  • Started 3 threads in the forums
  • Answered 1 question
answered
Junior Member

Before registration?
I think it would be better to create form and check it there, and then continue to the registration interface if it is included in the database
1 reply
A
afoster
A
  • Senior Member, joined since
  • Contributed 725 posts on the community forums.
  • Started 128 threads in the forums
  • Started this discussions
answered
Senior Member

It seems to be stopping the registration, but I am getting an error message at the top of the page. This is the error message:

Error: Table 'fredsweb_proloco.DB_FUSION6S71B_HPHS64_REG' doesn't exist
Edited by afoster on 13-11-2022 18:15,
You do not have access to view attachments
0 replies

Category Forum

Settings - 8

Labels

Statistics

  • Views 0 views
  • Posts 46 posts
  • Votes 0 votes
  • Topic users 3 members

0 participants

Notifications

Track thread

You are not receiving notifications from this thread.

Related Questions

Not yet