Register Action

Last edited by JavaWoman:
Replaces old-style internal links with new pipe-split links.
Fri, 20 May 2016 07:38 UTC [diff]


See also:
  • Documentation: RegisterActionInfo
This is the development page for the Register action.
 


I've started working on a new version of an action for user registration. The motivation behind this is to replace the current usersetting action with three distinct actions:


[2005-02-25] action uploaded on this site as a beta feature: RegisterActionTest (you'll need to logout to test it)

The action

Current version: 0.3

Done:

To do:

The code


Save the following as ./actions/register.php and use it as {{register}}.

  1. <?php
  2. /**
  3.  * Display a form for user registration.
  4.  *
  5.  * This action allows new users to register an account, if user registration is enabled.
  6.  * All the required fields are validated before the new user is created.
  7.  *
  8.  * @package     Actions
  9.  * @name        Register
  10.  *
  11.  * @author      {@link http://wikka.jsnx.com/DarTar Dario Taraborelli}
  12.  * @version     0.3
  13.  * @since       Wikka 1.1.X.X
  14.  * @output      form for user registration
  15.  *
  16.  * @todo
  17.  *          - CSS to style form;
  18.  *          - (optionally) drop WikiName restriction on usernames;
  19.  *          - use core functions to validate fields;
  20.  *          - use central error handler for printing error messages;
  21.  *          - decide best strategy to link hardcoded login/logout page;
  22.  *          - define welcome page where new users must be redirected;
  23.  *          - (optionally) add option for email-confirmation of registered users.
  24.  */
  25.  
  26. // constants
  27. define('MIN_PASSW_LENGTH', '5');
  28. define('DEFAULT_REDIRECT_TO', 'WelcomeUser');
  29.  
  30. print $this->Format('===== Registration page =====');
  31.  
  32. if ($this->GetConfigValue('allow_new_users') == '0')
  33. {
  34.     // user registration is disabled
  35.     print $this->Format('//User registration is disabled on this wiki//');
  36. } else
  37. {
  38.     if ($user = $this->GetUser())
  39.     {
  40.  
  41.         // user is logged in
  42.  
  43.         // initializing variables
  44.         $name = '';
  45.         $email = '';
  46.         $password = '';
  47.         $confpassword = '';
  48.         $error = '';
  49.    
  50.         // is this the first time the user logs in?
  51.         if ((isset($_GET['reg'])) && ($_GET['reg'] == '1'))
  52.         {
  53.  
  54.             switch ($this->GetConfigValue('allow_new_users'))
  55.             {
  56.                 default:
  57.                 case 0:
  58.                 // print first login welcome screen
  59.                 print $this->Format('--- **Registration successful!** --- --- You are currently logged in as '.$this->GetUserName());
  60.                 break;
  61.    
  62.                 case 1:
  63.                 // redirect to welcome page
  64.                 $this->Redirect($this->href('', DEFAULT_REDIRECT_TO));
  65.                 break;
  66.    
  67.                 case 2:
  68.                 // redirect to referrer page
  69.                 $this->Redirect($this->href('', DEFAULT_REDIRECT_TO));
  70.                 break;
  71.             }
  72.  
  73.         } else
  74.         {
  75.             // user is already logged in: print user information
  76.             print $this->Format('--- You are currently logged in as '.$this->GetUserName());
  77.         }
  78.  
  79.     } else
  80.     {
  81.  
  82.         // user is not logged in
  83.    
  84.         // is user trying to register?
  85.         if ($_POST)
  86.         {
  87.  
  88.  
  89.             // get POST values
  90.             if (isset($_POST['name'])) $name = trim($_POST['name']);
  91.             if (isset($_POST['email'])) $email = trim($_POST['email']);
  92.             if (isset($_POST['password'])) $password = $_POST['password'];
  93.             if (isset($_POST['confpassword'])) $confpassword = $_POST['confpassword'];
  94.    
  95.             // validate fields
  96.             // note: all these validation checks should use core functions to preserve consistency
  97.  
  98.             if ($this->LoadUser($name))
  99.             {
  100.                 $error = 'Sorry, this username already exists. Please choose a different name.';
  101.                 $validname = $this->Action('failed');
  102.             } elseif ($this->ExistsPage($name))
  103.             {
  104.                 $error = 'Sorry, this username is reserved for a page. Please choose a different name.';
  105.                 $validname = $this->Action('failed');
  106.             } elseif (!$this->IsWikiName($name))
  107.             {
  108.                 $error = 'Please fill in a valid username (formatted as a ##""WikiName""##).';
  109.                 $validname = $this->Action('failed');
  110.             } elseif (!$email)  
  111.             {
  112.                 $error = 'Please specify an email address.';
  113.                 $validname = $this->Action('done');
  114.                 $validemail = $this->Action('failed');
  115.             } elseif (!preg_match("/^.+?\@.+?\..+$/", $email))
  116.             {
  117.                 $error = 'That does not quite look like an email address.';
  118.                 $validname = $this->Action('done');
  119.                 $validemail = $this->Action('failed');
  120.             } elseif (!$password)
  121.             {
  122.                 $error = 'Please choose your password.';
  123.                 $validname = $this->Action('done');
  124.                 $validemail = $this->Action('done');
  125.                 $validpassword = $this->Action('failed');
  126.             } elseif (strlen($password) < MIN_PASSW_LENGTH)
  127.             {
  128.                 $error = 'Sorry, password too short (min. '.MIN_PASSW_LENGTH.' chars).';
  129.                 $validname = $this->Action('done');
  130.                 $validemail = $this->Action('done');
  131.                 $validpassword = $this->Action('failed');
  132.             } elseif (preg_match("/ /", $password)) {
  133.                 $error = 'Sorry, spaces are not allowed in passwords.';
  134.                 $validname = $this->Action('done');
  135.                 $validemail = $this->Action('done');
  136.                 $validpassword = $this->Action('failed');
  137.             } elseif (!$confpassword)
  138.             {
  139.                 $error = 'You need to confirm your password.';
  140.                 $validname = $this->Action('done');
  141.                 $validemail = $this->Action('done');
  142.                 $validpassword = $this->Action('failed');
  143.                 $validconfpassword = $this->Action('failed');
  144.             } elseif ($confpassword != $password)
  145.             {
  146.                 $error = 'Sorry, passwords do not match.';
  147.                 $validname = $this->Action('done');
  148.                 $validemail = $this->Action('done');
  149.                 $validpassword = $this->Action('failed');
  150.                 $validconfpassword = $this->Action('failed');
  151.             } else
  152.             {
  153.                 // all required fields are valid and non-empty
  154.  
  155.                 // create user
  156.                 $this->Query("insert into ".$this->config["table_prefix"]."users set ".
  157.                     "signuptime = now(), ".
  158.                     "name = '".mysql_real_escape_string($name)."', ".
  159.                     "email = '".mysql_real_escape_string($email)."', ".
  160.                     "password = md5('".mysql_real_escape_string($password)."')");
  161.  
  162.                 // log in
  163.                 $this->SetUser($this->LoadUser($name));
  164.    
  165.                 // forward
  166.                 $this->Redirect($this->href('','','reg=1'));
  167.             }
  168.         }
  169.  
  170.  
  171.        
  172.         $intro = $this->Format(' --- If you are a **new user** you can register an account using this form (if you already have an account, please go to the [[UserSettings | login page]]). --- --- To register, the following fields are required:
  173. ~-your **username** (it must be formatted like a ##""WikiName""##, for example: ##""JuliusCaesar""##);
  174. ~-a **valid email address** (this will only be used to retrieve your password in case you lose it);
  175. ~-a **valid password** (min. '.MIN_PASSW_LENGTH.' characters, no space allowed).
  176. --- ---');
  177.  
  178.         // build registration form
  179.         $form  = $this->FormOpen();
  180.         $form .= '  <table summary="Form to provide registration data: username, email and password">';
  181.         $form .= '  <caption>Registration form</caption>';
  182.         $form .= '  <tbody>';
  183.    
  184.         if (isset($error))
  185.         {
  186.             $form .= '<tr><td colspan="3" align="center"><span class="error">'.$this->Format($error).'</span></td></tr>';
  187.         }
  188.         $form .= '      <tr>';
  189.         $form .= '          <th align="right" scope="row"><label for="name">Your username:</label></th>';
  190.         $form .= '          <td><input name="name" id="name" size="40" value="'.$name.'" title="Choose a valid username (formatted as a WikiName)" /></td>';
  191.         $form .= '          <td>'.$validname.'</td>';
  192.         $form .= '      </tr>';
  193.         $form .= '      <tr>';
  194.         $form .= '          <th align="right" scope="row"><label for="email">Your email address:</label></th>';
  195.         $form .= '          <td><input name="email" id="email" size="40" value="'.$email.'" title="Fill in a valid email address"/></td>';
  196.         $form .= '          <td align="left">'.$validemail.'</td>';
  197.         $form .= '      </tr>';
  198.         $form .= '      <tr>';
  199.         $form .= '          <th align="right" scope="row"><label for="password">Your password:</label></th>';
  200.         $form .= '          <td><input type="password" name="password" id="password" size="40" title="Choose a valid password (min. '.MIN_PASSW_LENGTH.' chars, no space)" /></td>';
  201.         $form .= '          <td align="left">'.$validpassword.'</td>';
  202.         $form .= '      </tr>';
  203.         $form .= '      <tr>';
  204.         $form .= '          <th align="right" scope="row"><label for="confpassword">Confirm password:</label></th>';
  205.         $form .= '          <td><input type="password" name="confpassword" id="confpassword" size="40" title="Type again your password for confirmation" /></td>';  
  206.         $form .= '          <td align="left">'.$validconfpassword.'</td>';
  207.         $form .= '      </tr>';
  208.         $form .= '      <tr>';
  209.         $form .= '          <td></td>';
  210.         $form .= '          <td><input type="submit" value="Register" title="Register" /></td>';  
  211.         $form .= '      </tr>';
  212.         $form .= '  </tbody>';
  213.         $form .= '  </table>';
  214.         $form .= $this->FormClose();
  215.  
  216.         // output intro and form
  217.         print $intro.$form;
  218.     }
  219. }
  220. ?>


See RegisterUserIpAddress for a small (security-related) modification. --JavaWoman



Discussion





Much better... a few more comments:
  1. The variables are still not being initialized. If a user does not provide a value when submitting the form, the variable won't be set - and then you're trying to use the unset variable(s) as parameters to functions and values for form fields. Try not excluding E_NOTICE in php's error reporting and submit an empty form - and see what you get...
  1. What's the mysterious JavaScript for? Do we even need it?
  1. I don't think the submit button can do anything with a size attribute (missed that the first time)
--JavaWoman


CategoryDevelopmentActions
Comments
Comment by JamesMcl
2005-04-16 16:24:33
DarTar
I tried this action on my site. If I use a new name e.g. James it does not allow registration. If I change the name to James2 it works. Obviously the script is checking against the database but finding an existing entry (in this case JamesMcl).

I think this action could be expanded to add whether the new user has admin priviliges and is even a group member of some kind, providing the users table was modified accordingly. Any thoughts on this idea.
Comment by DarTar
2005-04-16 21:52:23
Do you mean with "James" you get a message like the user already exists? If this is the case, then it's a problem in using the LoadUser() function to check if a user exists. I'll check the code to see how to fix this, I guess it depends on the SQL query's using a LIKE operator.

I don't understand your second suggestion. How can a *new* user be an Admin or a member of a given group?
Comment by JamesMcl
2005-04-17 16:36:05
DarTar, the error is,
Please fill in a valid username (formatted as a WikiName).
Unknown action "failed".
I think the problem lies in the sql code.

I was hoping that the admins could be inserted into a modified users table. The wikka code could then identify whether a user was an admin or ordinary user with read priviliges. The group idea was an alternative to AclsWithUserGroups.
Different users may only be interested in or have access to specific groups and subsequently, categories if you get what I mean. Wishful thinking.
Comment by YanB
2005-07-30 11:54:43
I guess my suggestion is best posted here (otherwise, please put it elsewhere): could it be possible to automatically "correct" inadequate wikinames for new users?
Example: John Smith registers with the name "John". This is not a wikiname, as it's not camel-cased. The system could propose any of the available and appropriate wikinames: "JohN" or "JoHn" and ask the user to validate either option. This feature would be very similar to what webmails propose when you choose your login. This would come in really handy for the thousands of users unfamiliar with the concept of a wiki and of wikinames.
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki