[ Index ] |
PHP Cross Reference of phpwcms V1.4.7 _r403 (01.11.10) |
[Summary view] [Print] [Text view]
1 <?php 2 3 /** 4 * FE User frontend render script 5 * Use this to customize your frontend user registration form 6 * 7 * Frontend User Registration key can be found in constant FEUSER_REGKEY. 8 * The default value of FEUSER_REGKEY is "FEUSER". It can be changed by 9 * setting $phpwcms['feuser_regkey'] in conf.inc.php 10 */ 11 12 $fe_defaults = array( 13 14 'field-open' => '<p>', 15 'field-close' => '</p>', 16 17 'label-class' => 'label', 18 19 ); 20 21 22 // first check what to do 23 if(_getFeUserLoginStatus() && strpos($content['all'], '{FE_USER_MANAGE}')) { 24 25 $fe_action = '{FE_USER_MANAGE}'; 26 27 if( $_SESSION[ $_loginData['session_key'].'_userdata']['source'] == 'BACKEND' ) { 28 29 $fe_action = false; 30 } 31 32 33 } elseif(strpos($content['all'], '{FE_USER_REGISTER}')) { 34 35 $fe_action = '{FE_USER_REGISTER}'; 36 37 } else { 38 39 $fe_action = false; 40 41 } 42 43 44 // fe user register 45 if($fe_action) { 46 47 /** 48 * Define fields to be used - fields are named like in phpwcms_userdetail 49 * 'fieldname' => 'TYPE' (can be STRING, TEXT, CHECKBOX, RADIO, INT, FLOAT, TEL, COUNTRY, EMAIL) 50 * or 51 * 'fieldname' => array('type'=>'TYPE', 'value'=>default value, 'required'=>true|false) 52 * use array for multiple selections 53 * Use 'FIELDSET-X' => 'label', '/FIELDSET-X' => '' to enable fieldsets 54 */ 55 $fe_fields = array( 56 57 'FIELDSET-1' => 'label-fieldset-1', 58 59 'detail_login' => 'STRING', 60 'detail_password' => 'STRING', 61 62 '/FIELDSET-1' => '', 63 'FIELDSET-2' => 'label-fieldset-2', 64 65 'detail_title' => 'STRING', 66 'detail_salutation' => array( 'type'=>'RADIO', 'value'=>array('@@Mr@@', '@@Ms@@') ), 67 'detail_firstname' => 'STRING', 68 'detail_lastname' => 'STRING', 69 'detail_company' => 'STRING', 70 'detail_street' => 'STRING', 71 'detail_add' => 'STRING', 72 'detail_city' => 'STRING', 73 'detail_zip' => 'STRING', 74 'detail_region' => 'STRING', 75 'detail_country' => 'COUNTRY', 76 'detail_fon' => 'STRING', 77 'detail_fax' => 'STRING', 78 'detail_mobile' => 'STRING', 79 'detail_signature' => 'TEXT', 80 'detail_prof' => 'STRING', 81 'detail_notes' => 'TEXT', 82 'detail_email' => 'EMAIL', 83 84 '/FIELDSET-2' => '', 85 'FIELDSET-3' => 'label-fieldset-3', 86 87 'detail_website' => 'STRING', 88 'detail_userimage' => 'STRING', 89 'detail_gender' => 'STRING', 90 'detail_birthday' => 'STRING', 91 92 '/FIELDSET-3' => '', 93 'FIELDSET-4' => 'label-fieldset-4', 94 95 'detail_varchar1' => 'STRING', 96 'detail_varchar2' => 'STRING', 97 'detail_varchar3' => 'STRING', 98 'detail_varchar4' => 'STRING', 99 'detail_varchar5' => 'STRING', 100 101 'detail_text1' => 'TEXT', 102 'detail_text2' => 'TEXT', 103 'detail_text3' => 'TEXT', 104 'detail_text4' => 'TEXT', 105 'detail_text5' => 'TEXT', 106 107 'detail_int1' => 'INT', 108 'detail_int2' => 'INT', 109 'detail_int3' => 'INT', 110 'detail_int4' => 'INT', 111 'detail_int5' => 'INT', 112 113 'detail_float1' => 'FLOAT', 114 'detail_float2' => 'FLOAT', 115 'detail_float3' => 'FLOAT', 116 'detail_float4' => 'FLOAT', 117 'detail_float5' => 'FLOAT', 118 119 '/FIELDSET-4' => '' 120 ); 121 122 // init error array and error status set to false 123 $fe_error = array('status' => false); 124 125 // init fe data array 126 $fe_data = array(); 127 128 foreach($fe_fields as $fe_field => $fe_field_value) { 129 130 if( substr(ltrim($fe_field , '/'), 0, 8) === 'FIELDSET' ) { 131 $fe_fields[ $fe_field ] = array('type' => 'FIELDSET', 'label' => $fe_field_value, 'value'=>substr($fe_field, 0, 1)); 132 continue; 133 } 134 135 $fe_error[ $fe_field ] = ''; 136 137 if( is_array($fe_field_value) && isset($fe_field_value['type']) ) { 138 $fe_field_type = $fe_field_value['type']; 139 if(!isset($fe_field_value['value'])) { 140 $fe_fields[ $fe_field ]['value'] = ''; 141 } 142 $fe_fields[ $fe_field ]['required'] = empty( $fe_field_value['required'] ) ? false : true; 143 } else { 144 $fe_field_type = is_string($fe_field_value) ? $fe_field_value : 'STRING'; 145 $fe_fields[ $fe_field ] = array('type' => $fe_field_type, 'value' => '', 'required' => false); 146 } 147 148 if( $fe_field_type == 'INT' || $fe_field_type == 'FLOAT' ) { 149 $fe_data[ $fe_field ] = 0; 150 } else { 151 $fe_data[ $fe_field ] = ''; 152 } 153 154 } 155 156 dumpVar($fe_fields); 157 158 if($content['cat_id'] == 0) { 159 if($aktion[1]) { 160 $_uri_alias = 'aid='.$aktion[1]; 161 } elseif($content['struct'][0]['acat_alias']) { 162 $_uri_alias = $content['struct'][0]['acat_alias']; 163 } else { 164 $_uri_alias = 'id='.$content['cat_id']; 165 } 166 } else { 167 $_uri_alias = ''; 168 } 169 170 switch($fe_action) { 171 172 case '{FE_USER_MANAGE}': $_uri = rel_url( array('profile_manage'=>'edit'), array('profile_register', 'profile_reminder'), $_uri_alias ); 173 174 // at the moment it is only possible to edit user data of "real" FRONTEND users 175 // all BACKEND users should login to backend and edit their data there 176 $result = _dbGet( 177 'phpwcms_userdetail', '*', 178 "detail_filter='" . aporeplace(FEUSER_REGKEY) . "' AND detail_id=" . intval($_SESSION[ $_loginData['session_key'].'_userdata' ]['id']), 179 '', '', '1' ); 180 if(isset($result[0])) { 181 $fe_data = $result[0]; 182 $fe_data['detail_password'] = ''; 183 } 184 185 break; 186 187 case '{FE_USER_REGISTER}': $_uri = rel_url( array('profile_register'=>'create'), array('profile_manage', 'profile_reminder'), $_uri_alias ); 188 189 break; 190 191 } 192 193 194 if(isset($_POST['detail_login'])) { 195 196 $udata['user_login'] = clean_slweg($_POST['user_login']); 197 $udata['user_password'] = slweg($_POST['user_password']); 198 $udata['user_password2'] = slweg($_POST['user_password2']); 199 200 $udata['user_company'] = clean_slweg($_POST['user_company']); 201 $udata['user_title'] = clean_slweg($_POST['user_title']); 202 $udata['user_name'] = clean_slweg($_POST['user_name']); 203 $udata['user_firstname'] = clean_slweg($_POST['user_firstname']); 204 $udata['user_street'] = clean_slweg($_POST['user_street']); 205 $udata['user_zip'] = clean_slweg($_POST['user_zip']); 206 $udata['user_city'] = clean_slweg($_POST['user_city']); 207 $udata['user_tel'] = preg_replace('/[^0-9\+\-\(\) ]/', '', clean_slweg($_POST['user_tel']) ); 208 $udata['user_email'] = clean_slweg($_POST['user_email']); 209 210 211 if($fe_action == '{FE_USER_REGISTER}') { 212 213 214 $sql = 'SELECT COUNT(*) FROM '.DB_PREPEND."phpwcms_userdetail WHERE "; 215 $sql .= "detail_login LIKE '" . aporeplace($udata['user_login'])."'"; 216 217 if( empty($udata['user_login']) ) { 218 $uerror['user_login'] = '@@Login is required@@'; 219 } elseif( strlen($udata['user_login']) < 4 ) { 220 $uerror['user_login'] = '@@Login is too short (more than 3 chars)@@'; 221 } elseif( _dbCount( $sql ) ) { 222 $uerror['user_login'] = '@@Login not allowed@@'; 223 } 224 225 if( empty($udata['user_password']) ) { 226 $uerror['user_password'] = '@@Password is required@@'; 227 } elseif( strlen($udata['user_password']) < 4 ) { 228 $uerror['user_password'] = '@@Password is too short (more than 3 chars)@@'; 229 } elseif( $udata['user_password'] !== $udata['user_password2'] ) { 230 $uerror['user_password'] = '@@Password and repeat password are not equal@@'; 231 } 232 233 234 235 } else { 236 237 $udata['user_login'] = $_SESSION[ $_loginData['session_key'].'_userdata']['login']; 238 239 if( !empty($udata['user_password']) && strlen($udata['user_password']) < 4 ) { 240 $uerror['user_password'] = '@@Password is too short (more than 3 chars)@@'; 241 } elseif( $udata['user_password'] !== $udata['user_password2'] ) { 242 $uerror['user_password'] = '@@Password and repeat password are not equal@@'; 243 } 244 245 } 246 247 $sql = 'SELECT COUNT(*) FROM '.DB_PREPEND."phpwcms_userdetail WHERE "; 248 $sql .= "detail_login != '" . aporeplace($udata['user_login']) . "' AND "; 249 $sql .= "detail_email = '" . aporeplace(strtolower($udata['user_email']))."'"; 250 251 if( empty($udata['user_email']) ) { 252 $uerror['user_email'] = 'E-Mail muss ausgefüllt werden'; 253 } elseif( !is_valid_email($udata['user_email']) ) { 254 $uerror['user_email'] = 'E-Mail muss valide sein'; 255 } elseif( _dbCount( $sql ) ) { 256 $uerror['user_email'] = 'E-Mail bereits registriert'; 257 } 258 259 if( empty($udata['user_tel']) ) { 260 $uerror['user_tel'] = '@@Phone is required@@'; 261 } elseif( preg_match('/[^0-9\+\-\(\) ]/', $udata['user_tel']) ) { 262 $uerror['user_tel'] = '@@Only integers, spaces, parentheses, + or - are allowed@@'; 263 } 264 265 if( empty($udata['user_name']) ) { 266 $uerror['user_name'] = '@@Name is required@@'; 267 } 268 if( empty($udata['user_firstname']) ) { 269 $uerror['user_firstname'] = '@@First name is required@@'; 270 } 271 if( empty($udata['user_street']) ) { 272 $uerror['user_street'] = '@@Street is required@@'; 273 } 274 if( empty($udata['user_zip']) || empty($udata['user_city']) ) { 275 $uerror['user_zip'] = '@@Post code and city are required@@'; 276 } 277 278 279 } 280 281 $fe_reg = array(); 282 283 if($fe_action == '{FE_USER_REGISTER}') { 284 285 $fe_reg[] = '<p>Register Text</p>'; 286 287 } else { 288 289 $fe_reg[] = '<p>Edit Text</p>'; 290 291 } 292 293 $fe_reg[] = '<form action="' .$_uri. '" method="post">'; 294 295 foreach($fe_fields as $fe_field) { 296 297 switch($fe_field['type']) { 298 299 case 'TEXT': 300 break; 301 302 case 'EMAIL': 303 break; 304 305 case 'INT': 306 break; 307 308 case 'FLOAT': 309 break; 310 311 case 'RADIO': 312 break; 313 314 case 'CHECKBOX': 315 break; 316 317 case 'FIELDSET': 318 break; 319 320 case 'STRING': 321 default: 322 323 } 324 325 } 326 327 /* 328 $fe_reg[] = '<fieldset>'; 329 $fe_reg[] = '<legend> @@Login Data@@ </legend>'; 330 331 $fe_reg[] = is_fe_error('detail_login'); 332 $fe_reg[] = '<p>'; 333 $fe_reg[] = '<label class="labelpos" for="user_login">@@Login@@</label>'; 334 if($fe_action == '{FE_USER_REGISTER}') { 335 $fe_reg[] = '<input type="text" name="user_login" id="user_login" value="' .html_specialchars($udata['user_login']). '" class="textfield" maxlength="200" size="30" />'; 336 } else { 337 $fe_reg[] = '<strong>' .html_specialchars($udata['user_login']). '</strong>'; 338 $fe_reg[] = '<input type="hidden" name="user_login" value="' .html_specialchars($udata['user_login']). '" />'; 339 } 340 $fe_reg[] = '</p>'; 341 */ 342 343 344 345 // Submit Button Line 346 $fe_reg[] = '<p>'; 347 $fe_reg[] = ' <input type="submit" value="@@Submit@@" class="button" />'; 348 $fe_reg[] = '</p>'; 349 350 351 $fe_reg[] = '</form>'; 352 353 $fe_reg = implode(LF, $fe_reg); 354 355 356 if(isset($_POST['user_login']) && $fe_action == '{FE_USER_REGISTER}') { 357 if($uerror['status']) { 358 359 $fe_reg = '<p class="error">Es sind Fehler bei der Verarbeitung des Formulars aufgetreten. Bitte prüfen Sie Ihre Angaben.</p>' . LF . $fe_reg; 360 361 } else { 362 363 $profile_data = $udata; 364 unset($profile_data['user_password'], $profile_data['user_password2']); 365 366 $sql = 'INSERT INTO '.DB_PREPEND.'phpwcms_userdetail ('; 367 $sql .= 'detail_title, detail_firstname, detail_lastname, detail_company, detail_street, detail_city, detail_zip, '; 368 $sql .= 'detail_fon, detail_notes, detail_aktiv, detail_newsletter, detail_varchar1, detail_email, detail_login, detail_password) VALUES ('; 369 $sql .= "'" . aporeplace($udata['user_title']) . "', "; 370 $sql .= "'" . aporeplace($udata['user_firstname']) . "', "; 371 $sql .= "'" . aporeplace($udata['user_name']) . "', "; 372 $sql .= "'" . aporeplace($udata['user_company']) . "', "; 373 $sql .= "'" . aporeplace($udata['user_street']) . "', "; 374 $sql .= "'" . aporeplace($udata['user_city']) . "', "; 375 $sql .= "'" . aporeplace($udata['user_zip']) . "', "; 376 $sql .= "'" . aporeplace($udata['user_tel']) . "', "; 377 $sql .= "'" . aporeplace(serialize($profile_data)) . "', "; 378 $sql .= "'0', "; 379 $sql .= "'" . ( empty($udata['user_profile_7'][3]) ? '' : 1 ) . "', "; 380 $sql .= "'fereg', "; 381 $sql .= "'" . aporeplace(strtolower($udata['user_email'])) . "', "; 382 $sql .= "'" . aporeplace($udata['user_login']) . "', "; 383 $sql .= "'" . aporeplace(md5($udata['user_password'])) . "')"; 384 385 $queryResult = _dbQuery($sql, 'INSERT'); 386 if(!empty($queryResult['INSERT_ID'])) { 387 $fe_reg = '<p class="success">Vielen Dank '.html_specialchars($udata['user_firstname'].' '.$udata['user_name']).'! Ihre Registrierungsanfrage wurden erfolgreich übertragen.</p>'; 388 $fe_reg .= '<p>Ihnen wird in wenigen Augenblicken eine Bestätigung an die E-Mail <b>'.html_specialchars($udata['user_email']).'</b> zugesendet.</p>'; 389 390 $fe_text = 'Hallo '.trim($udata['user_title'] . ' ' . trim( $udata['user_firstname'].' '.$udata['user_name']) ) . LF . LF; 391 $fe_text .= 'Ihre Registrierung haben wir erhalten.' . LF; 392 $fe_text .= 'Wir prüfen Ihre Daten und melden uns umgehend bei Ihnen.' . LF . LF; 393 394 if(empty($udata['user_profile_7'][4])) { 395 $fe_text .= 'Sie möchten keinen Zugriff auf unser Partnerbackend. ' .LF . 'Allerdings haben wir folgende Zugangsdaten für Sie hinterlegt:' . LF; 396 } else { 397 $fe_text .= 'Sie möchten Zugriff auf unser Partnerbackend. ' .LF . 'Folgende Zugangsdaten sind von Ihnen gesendet worden:' . LF; 398 } 399 $fe_text .= ' Login: ' . $udata['user_login'] . LF; 400 $fe_text .= ' Passwort: ' . $udata['user_password'] . LF . LF; 401 $fe_text .= 'Ihr Passwort ist nicht reproduizierbar verschlüsselt in unserem System abgelegt worden.' . LF . LF . LF; 402 $fe_text .= 'Mit besten Grüßen' . LF; 403 $fe_text .= 'phpwcms, Oliver' . LF; 404 405 $fe_text1 = 'Neue Benutzerregistrierung' . LF; 406 $fe_text1 .= '--------------------------' . LF . LF; 407 408 $fe_text1 .= 'Die Benutzerdaten können im Backend eingesehen werden.' . LF; 409 410 if(!empty($udata['user_profile_7'][4])) { 411 $fe_text1 .= 'Der Benutzer wünscht die Freischaltung für den Partnerbereich!' .LF; 412 $fe_text1 .= ' Login: ' . $udata['user_login'] . LF; 413 } 414 415 $fe_text1 .= LF; 416 $fe_text1 .= 'Benutzerangaben:' . LF; 417 $fe_text1 .= '================' . LF . LF; 418 419 $fe_text1 .= 'Firma: ' . $udata['user_company'] . LF; 420 $fe_text1 .= 'Anrede: ' . $udata['user_title'] . LF; 421 $fe_text1 .= 'Vorname: ' . $udata['user_firstname'] . LF; 422 $fe_text1 .= 'Name: ' . $udata['user_name'] . LF; 423 $fe_text1 .= 'Straße: ' . $udata['user_street'] . LF; 424 $fe_text1 .= 'PLZ: ' . $udata['user_zip'] . LF; 425 $fe_text1 .= 'Ort: ' . $udata['user_city'] . LF; 426 $fe_text1 .= 'Telefon: ' . $udata['user_tel'] . LF; 427 $fe_text1 .= 'E-Mail: ' . $udata['user_email'] . LF; 428 429 $fe_text1 .= LF . '-----------------------------------------------------------' . LF; 430 $fe_text1 .= 'IP: '. getRemoteIP(); 431 432 $fe_csv_attach = implode(';', array_keys($fe_csv) ); 433 $fe_csv_attach .= LF; 434 $fe_csv_attach .= implode(';', $fe_csv ); 435 436 $fe_csv = array(); 437 438 $fe_csv['filename'] = date('Y-m-d_H-i-s') . '_' . preg_replace('/[^a-zA-Z0-9\-_]/', '', $udata['user_login']).'.csv'; 439 $fe_csv['mime'] = 'text/csv'; 440 $fe_csv['data'] = $fe_csv_attach; 441 442 sendEmail(array( 443 'recipient' => strtolower($udata['user_email']), 444 'toName' => trim($udata['user_firstname'].' '.$udata['user_name']), 445 'subject' => 'phpwcms Registration', 446 'text' => $fe_text, 447 'from' => 'oliver@phpwcms.de', 448 'fromName' => 'phpwcms', 449 'sender' => 'oliver@phpwcms.de' )); 450 451 sendEmail(array( 452 'recipient' => 'slackero+phpwcms-registration@gmail.com', 453 'subject' => 'New registration', 454 'text' => $fe_text1, 455 'from' => strtolower($udata['user_email']), 456 'fromName' => trim($udata['user_firstname'].' '.$udata['user_name']), 457 'sender' => strtolower($udata['user_email']), 458 'stringAttach' => array($fe_csv) )); 459 460 461 } else { 462 $fe_reg = '<p class="error">Beim Speichern Ihrer Daten ist ein Fehler aufgetreten. Bitte versuchen Sie es erneut oder wenden Sie sich an den Webmaster.</p>' . LF . $fe_reg; 463 } 464 } 465 } 466 467 if(isset($_POST['user_login']) && $fe_action == '{FE_USER_MANAGE}') { 468 469 if($uerror['status']) { 470 471 $fe_reg = '<p class="error">Es sind Fehler bei der Verarbeitung des Formulars aufgetreten. Bitte prüfen Sie Ihre Angaben.</p>' . LF . $fe_reg; 472 473 } else { 474 475 $profile_data = $udata; 476 unset($profile_data['user_password'], $profile_data['user_password2']); 477 478 $sql = 'UPDATE '.DB_PREPEND.'phpwcms_userdetail SET '; 479 $sql .= "detail_title = '".aporeplace($udata['user_title'])."', "; 480 $sql .= "detail_firstname = '".aporeplace($udata['user_firstname'])."', "; 481 $sql .= "detail_lastname = '".aporeplace($udata['user_name'])."', "; 482 $sql .= "detail_company = '".aporeplace($udata['user_company'])."', "; 483 $sql .= "detail_street = '".aporeplace($udata['user_street'])."', "; 484 $sql .= "detail_city = '".aporeplace($udata['user_city'])."', "; 485 $sql .= "detail_zip = '".aporeplace($udata['user_zip'])."', "; 486 $sql .= "detail_fon = '".aporeplace($udata['user_tel'])."', "; 487 $sql .= "detail_notes = '".aporeplace(serialize($profile_data))."', "; 488 $sql .= "detail_newsletter = '".( empty($udata['user_profile_7'][3]) ? '' : 1 )."', "; 489 if($udata['user_password']) { 490 $sql .= "detail_password = '".aporeplace(md5($udata['user_password']))."', "; 491 } 492 $sql .= "detail_email = '".aporeplace(strtolower($udata['user_email']))."' "; 493 $sql .= 'WHERE detail_id=' . intval($_SESSION[ $_loginData['session_key'].'_userdata']['id']).' LIMIT 1'; 494 495 $queryResult = _dbQuery($sql, 'UPDATE'); 496 if(isset($queryResult['AFFECTED_ROWS'])) { 497 498 $fe_reg = '<p>Ihre Profildaten wurden erfolgreich aktualisiert</p>' . LF . $fe_reg; 499 500 } else { 501 502 $fe_reg = '<p class="error">Leider konnten Ihre Anfgaben nicht in der Datenbank gesichert werden. Bitte prüfen Sie Ihre Angaben oder wenden Sie sich an den Systemadministrator.</p>' . LF . $fe_reg; 503 504 } 505 506 } 507 508 } 509 510 $content['all'] = str_replace($fe_action, $fe_reg, $content['all']); 511 512 } else { 513 514 $content['all'] = str_replace('{FE_USER_MANAGE}', '<p class="error">Diese Aktion ist leider nicht zulässig</p>', $content['all']); 515 516 } 517 518 519 function is_fe_error($field='') { 520 global $fe_error; 521 if(!empty($fe_error[$field])) { 522 $fe_error['status'] = true; 523 return '<p class="error">' . $fe_error[$field] . '</p>'; 524 } 525 return ''; 526 } 527 528 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Tue Nov 16 22:51:00 2010 | Cross-referenced by PHPXref 0.7 |