root/tags/1.5.1.3/wp-register.php

Revision 2548, 6.4 kB (checked in by matt, 3 years ago)

Be sure about encoding. Fixes http://mosquito.wordpress.org/view.php?id=1222

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1 <?php
2 require('./wp-config.php');
3
4 $wpvarstoreset = array('action');
5 for ($i=0; $i<count($wpvarstoreset); $i += 1) {
6     $wpvar = $wpvarstoreset[$i];
7     if (!isset($$wpvar)) {
8         if (empty($_POST["$wpvar"])) {
9             if (empty($_GET["$wpvar"])) {
10                 $$wpvar = '';
11             } else {
12                 $$wpvar = $_GET["$wpvar"];
13             }
14         } else {
15             $$wpvar = $_POST["$wpvar"];
16         }
17     }
18 }
19
20 if ( !get_settings('users_can_register') )
21     $action = 'disabled';
22
23 header( 'Content-Type: ' . get_bloginfo('html_type') . '; charset=' . get_bloginfo('charset') );
24
25 switch($action) {
26
27 case 'register':
28
29     $user_login = $_POST['user_login'];
30     $user_email = $_POST['user_email'];
31         
32     /* checking that username has been typed */
33     if ($user_login == '') {
34         die (__('<strong>ERROR</strong>: Please enter a username.'));
35     }
36
37     /* checking e-mail address */
38     if ($user_email == '') {
39         die (__('<strong>ERROR</strong>: Please type your e-mail address.'));
40     } else if (!is_email($user_email)) {
41         die (__('<strong>ERROR</strong>: The email address isn&#8217;t correct.'));
42     }
43
44     /* checking the username isn't already used by another user */
45     $result = $wpdb->get_results("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'");
46     if (count($result) >= 1) {
47         die (__('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
48     }
49
50     $user_ip = $_SERVER['REMOTE_ADDR'] ;
51
52     $user_browser = $wpdb->escape($_SERVER['HTTP_USER_AGENT']);
53
54     $user_login = $wpdb->escape( preg_replace('|a-z0-9 _.-|i', '', $user_login) );
55     $user_nickname = $user_login;
56    $user_nicename = sanitize_title($user_nickname);
57     $now = gmdate('Y-m-d H:i:s');
58     $user_level = get_settings('new_users_can_blog');
59     $password = substr( md5( uniqid( microtime() ) ), 0, 7);
60
61     $result = $wpdb->query("INSERT INTO $wpdb->users
62         (user_login, user_pass, user_nickname, user_email, user_ip, user_browser, user_registered, user_level, user_idmode, user_nicename)
63     VALUES
64         ('$user_login', MD5('$password'), '$user_nickname', '$user_email', '$user_ip', '$user_browser', '$now', '$user_level', 'nickname', '$user_nicename')");
65
66     do_action('user_register', $wpdb->insert_id);
67
68     if ($result == false) {
69         die (sprintf(__('<strong>ERROR</strong>: Couldn&#8217;t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_settings('admin_email')));
70     }
71
72     $stars = '';
73     for ($i = 0; $i < strlen($pass1); $i = $i + 1) {
74         $stars .= '*';
75     }
76     
77     $message  = sprintf(__('Username: %s'), $user_login) . "\r\n";
78     $message .= sprintf(__('Password: %s'), $password) . "\r\n";
79     $message .= get_settings('siteurl') . "/wp-login.php\r\n";
80     
81     wp_mail($user_email, sprintf(__('[%s] Your username and password'), get_settings('blogname')), $message);
82
83     $message  = sprintf(__('New user registration on your blog %s:'), get_settings('blogname')) . "\r\n\r\n";
84     $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
85     $message .= sprintf(__('E-mail: %s'), $user_email) . "\r\n";
86
87     @wp_mail(get_settings('admin_email'), sprintf(__('[%s] New User Registration'), get_settings('blogname')), $message);
88
89     ?>
90 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
91 <html xmlns="http://www.w3.org/1999/xhtml">
92 <head>
93     <title>WordPress &raquo; <?php _e('Registration Complete') ?></title>
94     <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_settings('blog_charset'); ?>" />   
95     <link rel="stylesheet" href="wp-admin/wp-admin.css" type="text/css" />
96     <style type="text/css">
97     .submit {
98         font-size: 1.7em;
99     }
100     </style>
101 </head>
102 <body>
103
104 <div id="login">
105     <h2><?php _e('Registration Complete') ?></h2>
106     <p><?php printf(__('Username: %s'), "<strong>$user_login</strong>") ?><br />
107     <?php printf(__('Password: %s'), '<strong>' . __('emailed to you') . '</strong>') ?> <br />
108     <?php printf(__('E-mail: %s'), "<strong>$user_email</strong>") ?></p>
109     <p class="submit"><a href="wp-login.php"><?php _e('Login'); ?> &raquo;</a></p>
110 </div>
111 </body>
112 </html>
113
114     <?php
115 break;
116
117 case 'disabled':
118
119     ?>
120 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
121 <html xmlns="http://www.w3.org/1999/xhtml">
122 <head>
123     <title>WordPress &raquo; <?php _e('Registration Currently Disabled') ?></title>
124     <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_settings('blog_charset'); ?>">
125     <link rel="stylesheet" href="wp-admin/wp-admin.css" type="text/css">
126 </head>
127
128 <body>
129
130 <div id="login">
131     <h2><?php _e('Registration Disabled') ?></h2>
132     <p><?php _e('User registration is currently not allowed.') ?><br />
133     <a href="<?php echo get_settings('home') . '/'; ?>" title="<?php _e('Go back to the blog') ?>"><?php _e('Home') ?></a>
134     </p>
135 </div>
136
137 </body>
138 </html>
139
140     <?php
141 break;
142
143 default:
144
145 ?>
146 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
147 <html xmlns="http://www.w3.org/1999/xhtml">
148 <head>
149     <title>WordPress &raquo; <?php _e('Registration Form') ?></title>
150     <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_settings('blog_charset'); ?>" />
151     <link rel="stylesheet" href="wp-admin/wp-admin.css" type="text/css" />
152     <style type="text/css">
153     #user_email, #user_login, #submit {
154         font-size: 1.7em;
155     }
156     </style>
157 </head>
158
159 <body>
160 <div id="login">
161 <h1><a href="http://wordpress.org/">WordPress</a></h1>
162 <h2><?php _e('Register for this blog') ?></h2>
163
164 <form method="post" action="wp-register.php" id="registerform">
165     <p><input type="hidden" name="action" value="register" />
166     <label for="user_login"><?php _e('Username:') ?></label><br /> <input type="text" name="user_login" id="user_login" size="20" maxlength="20" /><br /></p>
167     <p><label for="user_email"><?php _e('E-mail:') ?></label><br /> <input type="text" name="user_email" id="user_email" size="25" maxlength="100" /></p>
168     <p>A password will be emailed to you.</p>
169     <p class="submit"><input type="submit" value="<?php _e('Register') ?> &raquo;" id="submit" name="submit" /></p>
170 </form>
171 <ul>
172     <li><a href="<?php bloginfo('home'); ?>" title="<?php _e('Are you lost?') ?>">&laquo; <?php _e('Back to blog') ?></a></li>
173     <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>
174     <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>
175 </ul>
176 </div>
177
178 </body>
179 </html>
180 <?php
181
182 break;
183 }
184 ?>
185
Note: See TracBrowser for help on using the browser.