Admin User Registration
Working for 1.1.6.2 (maybe earlier versions too) to 1.1.6.4 (latest).
See Also
- Need link to original action by DarTar here.
What
- Allows User in UserAdmins Group to register users Requires Group ACL update
- Does NOT login to the new registered user account
Since I was using Wikka as a content management system and did not want the general public to be able to register, I needed to have a method to register users under administrator control. I hack up the user registration action from DarTar. The main function is it allows you to register a user but does NOT log you in after doing so. So it allows you to add a new user to the database with all the validations but will not log you in to that user. It also checks to make sure you have 'write' access to the page the action is defined on as a basic permission trigger to allow you to register users.
Use
- Create a page with the {{userreg}} action
Installation
- Put following code into the userreg.php file in actions directory
Code
Action: userreg.php (Or name it what you like)<?php
/**
* Display a form for user registration.
*
* This action allows new users to register an account, if user registration is enabled.
* All the required fields are validated before the new user is created.
*
* @package Actions
* @name Register
*
* @author {@link http://wikka.jsnx.com/DarTar Dario Taraborelli}
* @version 0.3
* @since Wikka 1.1.X.X
* @output form for user registration
*
* @todo
* - CSS to style form;
* - (optionally) drop WikiName restriction on usernames;
* - use core functions to validate fields;
* - use central error handler for printing error messages;
* - decide best strategy to link hardcoded login/logout page;
* - define welcome page where new users must be redirected;
* - (optionally) add option for email-confirmation of registered users.
*/
// constants
define('MIN_PASSW_LENGTH', '5');
print $this->Format('===== New User Registration page ===== ----');
if ($user = $this->GetUser() && ($this->isGroupMember($this->GetUser(),"UserAdmins") || $this->isAdmin())) {
// user is logged in
// initializing variables
$name = '';
$email = '';
$password = '';
$confpassword = '';
$error = '';
$message = '';
// Is this the result from a signup
if ((isset($_GET['reg'])) && ($_GET['reg'] == '1')) {
// print first login welcome screen
$message = '--- **Registration successful!** ---';
}
// is user trying to register?
if ($_POST) {
// get POST values
if (isset($_POST['name'])) $name = trim($_POST['name']);
if (isset($_POST['email'])) $email = trim($_POST['email']);
if (isset($_POST['password'])) $password = $_POST['password'];
if (isset($_POST['confpassword'])) $confpassword = $_POST['confpassword'];
// validate fields
// note: all these validation checks should use core functions to preserve consistency
if ($this->LoadUser($name))
{
$error = 'Sorry, this username already exists. Please choose a different name.';
$validname = $this->Action('failed');
} elseif ($this->ExistsPage($name))
{
$error = 'Sorry, this username is reserved for a page. Please choose a different name.';
$validname = $this->Action('failed');
} elseif (!$this->IsWikiName($name))
{
$error = 'Please fill in a valid username (formatted as a ##""WikiName""##).';
$validname = $this->Action('failed');
} elseif (!$email)
{
$error = 'Please specify an email address.';
$validname = $this->Action('done');
$validemail = $this->Action('failed');
} elseif (!preg_match("/^.+?\@.+?\..+$/", $email))
{
$error = 'That does not quite look like an email address.';
$validname = $this->Action('done');
$validemail = $this->Action('failed');
} elseif (!$password)
{
$error = 'Please choose a password.';
$validname = $this->Action('done');
$validemail = $this->Action('done');
$validpassword = $this->Action('failed');
} elseif (strlen($password) < MIN_PASSW_LENGTH)
{
$error = 'Sorry, password too short (min. '.MIN_PASSW_LENGTH.' chars).';
$validname = $this->Action('done');
$validemail = $this->Action('done');
$validpassword = $this->Action('failed');
} elseif (preg_match("/ /", $password)) {
$error = 'Sorry, spaces are not allowed in passwords.';
$validname = $this->Action('done');
$validemail = $this->Action('done');
$validpassword = $this->Action('failed');
} elseif (!$confpassword)
{
$error = 'You need to confirm password.';
$validname = $this->Action('done');
$validemail = $this->Action('done');
$validpassword = $this->Action('failed');
$validconfpassword = $this->Action('failed');
} elseif ($confpassword != $password)
{
$error = 'Sorry, passwords do not match.';
$validname = $this->Action('done');
$validemail = $this->Action('done');
$validpassword = $this->Action('failed');
$validconfpassword = $this->Action('failed');
} else
{
// all required fields are valid and non-empty
// create user
$this->Query("insert into ".$this->config["table_prefix"]."users set ".
"signuptime = now(), ".
"name = '".mysql_real_escape_string($name)."', ".
"email = '".mysql_real_escape_string($email)."', ".
"password = md5('".mysql_real_escape_string($password)."')");
// log in
if($dologin=="Y") {
$this->SetUser($this->LoadUser($name));
$this->Redirect($this->href('','','reg=1'));
} else {
// forward
$this->Redirect('','User ' . $name . ' Registration successful');
}
}
}
$intro = $this->Format(' --- To register, the following fields are required:
~-a **username** (it must be formatted like a ##""WikiName""##, for example: ##""JuliusCaesar""##);
~-a **valid email address** (this will only be used to retrieve your password in case you lose it);
~-a **valid password** (min. '.MIN_PASSW_LENGTH.' characters, no space allowed).
--- ---');
// build registration form
$form = $this->FormOpen();
$form .= ' <table summary="Form to provide registration data: username, email and password">';
$form .= ' <caption>Registration form</caption>';
$form .= ' <tbody>';
if (isset($error))
{
$form .= '<tr><td colspan="3" align="center"><em class="error">'.$this->Format($error).'</em></td></tr>';
}
if (isset($message))
{
$form .= '<tr><td colspan="3" align="center"><em class="error">'.$this->Format($message).'</em></td></tr>';
}
$form .= ' <tr>';
$form .= ' <th align="right" scope="row"><label for="name">Username:</label></th>';
$form .= ' <td><input name="name" id="name" size="40" value="'.$name.'" title="Choose a valid username (formatted as a WikiName)" /></td>';
$form .= ' <td>'.$validname.'</td>';
$form .= ' </tr>';
$form .= ' <tr>';
$form .= ' <th align="right" scope="row"><label for="email">User email address:</label></th>';
$form .= ' <td><input name="email" id="email" size="40" value="'.$email.'" title="Fill in a valid email address"/></td>';
$form .= ' <td align="left">'.$validemail.'</td>';
$form .= ' </tr>';
$form .= ' <tr>';
$form .= ' <th align="right" scope="row"><label for="password">Password:</label></th>';
$form .= ' <td><input type="password" name="password" id="password" size="40" title="Choose a valid password (min. '.MIN_PASSW_LENGTH.' chars, no space)" /></td>';
$form .= ' <td align="left">'.$validpassword.'</td>';
$form .= ' </tr>';
$form .= ' <tr>';
$form .= ' <th align="right" scope="row"><label for="confpassword">Confirm password:</label></th>';
$form .= ' <td><input type="password" name="confpassword" id="confpassword" size="40" title="Type again your password for confirmation" /></td>';
$form .= ' <td align="left">'.$validconfpassword.'</td>';
$form .= ' </tr>';
$form .= ' <tr>';
$form .= ' <td></td>';
$form .= ' <td><input type="submit" value="Register" title="Register" /></td>';
$form .= ' </tr>';
$form .= ' </tbody>';
$form .= ' </table>';
$form .= $this->FormClose();
// output intro and form
print $intro.$form;
} else {
print $this->Format('--- ===You do not have authority to add users=== ---');
}
?>
/**
* Display a form for user registration.
*
* This action allows new users to register an account, if user registration is enabled.
* All the required fields are validated before the new user is created.
*
* @package Actions
* @name Register
*
* @author {@link http://wikka.jsnx.com/DarTar Dario Taraborelli}
* @version 0.3
* @since Wikka 1.1.X.X
* @output form for user registration
*
* @todo
* - CSS to style form;
* - (optionally) drop WikiName restriction on usernames;
* - use core functions to validate fields;
* - use central error handler for printing error messages;
* - decide best strategy to link hardcoded login/logout page;
* - define welcome page where new users must be redirected;
* - (optionally) add option for email-confirmation of registered users.
*/
// constants
define('MIN_PASSW_LENGTH', '5');
print $this->Format('===== New User Registration page ===== ----');
if ($user = $this->GetUser() && ($this->isGroupMember($this->GetUser(),"UserAdmins") || $this->isAdmin())) {
// user is logged in
// initializing variables
$name = '';
$email = '';
$password = '';
$confpassword = '';
$error = '';
$message = '';
// Is this the result from a signup
if ((isset($_GET['reg'])) && ($_GET['reg'] == '1')) {
// print first login welcome screen
$message = '--- **Registration successful!** ---';
}
// is user trying to register?
if ($_POST) {
// get POST values
if (isset($_POST['name'])) $name = trim($_POST['name']);
if (isset($_POST['email'])) $email = trim($_POST['email']);
if (isset($_POST['password'])) $password = $_POST['password'];
if (isset($_POST['confpassword'])) $confpassword = $_POST['confpassword'];
// validate fields
// note: all these validation checks should use core functions to preserve consistency
if ($this->LoadUser($name))
{
$error = 'Sorry, this username already exists. Please choose a different name.';
$validname = $this->Action('failed');
} elseif ($this->ExistsPage($name))
{
$error = 'Sorry, this username is reserved for a page. Please choose a different name.';
$validname = $this->Action('failed');
} elseif (!$this->IsWikiName($name))
{
$error = 'Please fill in a valid username (formatted as a ##""WikiName""##).';
$validname = $this->Action('failed');
} elseif (!$email)
{
$error = 'Please specify an email address.';
$validname = $this->Action('done');
$validemail = $this->Action('failed');
} elseif (!preg_match("/^.+?\@.+?\..+$/", $email))
{
$error = 'That does not quite look like an email address.';
$validname = $this->Action('done');
$validemail = $this->Action('failed');
} elseif (!$password)
{
$error = 'Please choose a password.';
$validname = $this->Action('done');
$validemail = $this->Action('done');
$validpassword = $this->Action('failed');
} elseif (strlen($password) < MIN_PASSW_LENGTH)
{
$error = 'Sorry, password too short (min. '.MIN_PASSW_LENGTH.' chars).';
$validname = $this->Action('done');
$validemail = $this->Action('done');
$validpassword = $this->Action('failed');
} elseif (preg_match("/ /", $password)) {
$error = 'Sorry, spaces are not allowed in passwords.';
$validname = $this->Action('done');
$validemail = $this->Action('done');
$validpassword = $this->Action('failed');
} elseif (!$confpassword)
{
$error = 'You need to confirm password.';
$validname = $this->Action('done');
$validemail = $this->Action('done');
$validpassword = $this->Action('failed');
$validconfpassword = $this->Action('failed');
} elseif ($confpassword != $password)
{
$error = 'Sorry, passwords do not match.';
$validname = $this->Action('done');
$validemail = $this->Action('done');
$validpassword = $this->Action('failed');
$validconfpassword = $this->Action('failed');
} else
{
// all required fields are valid and non-empty
// create user
$this->Query("insert into ".$this->config["table_prefix"]."users set ".
"signuptime = now(), ".
"name = '".mysql_real_escape_string($name)."', ".
"email = '".mysql_real_escape_string($email)."', ".
"password = md5('".mysql_real_escape_string($password)."')");
// log in
if($dologin=="Y") {
$this->SetUser($this->LoadUser($name));
$this->Redirect($this->href('','','reg=1'));
} else {
// forward
$this->Redirect('','User ' . $name . ' Registration successful');
}
}
}
$intro = $this->Format(' --- To register, the following fields are required:
~-a **username** (it must be formatted like a ##""WikiName""##, for example: ##""JuliusCaesar""##);
~-a **valid email address** (this will only be used to retrieve your password in case you lose it);
~-a **valid password** (min. '.MIN_PASSW_LENGTH.' characters, no space allowed).
--- ---');
// build registration form
$form = $this->FormOpen();
$form .= ' <table summary="Form to provide registration data: username, email and password">';
$form .= ' <caption>Registration form</caption>';
$form .= ' <tbody>';
if (isset($error))
{
$form .= '<tr><td colspan="3" align="center"><em class="error">'.$this->Format($error).'</em></td></tr>';
}
if (isset($message))
{
$form .= '<tr><td colspan="3" align="center"><em class="error">'.$this->Format($message).'</em></td></tr>';
}
$form .= ' <tr>';
$form .= ' <th align="right" scope="row"><label for="name">Username:</label></th>';
$form .= ' <td><input name="name" id="name" size="40" value="'.$name.'" title="Choose a valid username (formatted as a WikiName)" /></td>';
$form .= ' <td>'.$validname.'</td>';
$form .= ' </tr>';
$form .= ' <tr>';
$form .= ' <th align="right" scope="row"><label for="email">User email address:</label></th>';
$form .= ' <td><input name="email" id="email" size="40" value="'.$email.'" title="Fill in a valid email address"/></td>';
$form .= ' <td align="left">'.$validemail.'</td>';
$form .= ' </tr>';
$form .= ' <tr>';
$form .= ' <th align="right" scope="row"><label for="password">Password:</label></th>';
$form .= ' <td><input type="password" name="password" id="password" size="40" title="Choose a valid password (min. '.MIN_PASSW_LENGTH.' chars, no space)" /></td>';
$form .= ' <td align="left">'.$validpassword.'</td>';
$form .= ' </tr>';
$form .= ' <tr>';
$form .= ' <th align="right" scope="row"><label for="confpassword">Confirm password:</label></th>';
$form .= ' <td><input type="password" name="confpassword" id="confpassword" size="40" title="Type again your password for confirmation" /></td>';
$form .= ' <td align="left">'.$validconfpassword.'</td>';
$form .= ' </tr>';
$form .= ' <tr>';
$form .= ' <td></td>';
$form .= ' <td><input type="submit" value="Register" title="Register" /></td>';
$form .= ' </tr>';
$form .= ' </tbody>';
$form .= ' </table>';
$form .= $this->FormClose();
// output intro and form
print $intro.$form;
} else {
print $this->Format('--- ===You do not have authority to add users=== ---');
}
?>
To Do
- Clean up
CategoryUserContributions