UserRegistration:Wikka

Revision [13955]

This is an old revision of UserRegistration made by JavaWoman on 2006-04-27 06:59:59.

UserRegistration

See also:

UserAccountModules

RegisterAction

Is there an easy way to not allow registration? I would like to have it so that I can control the registration process, not let just anyone sign-up.
--BooYa

A nice contribution Nils. If you want to go further with fiddling with the code for registration, I've thought it would be useful if there was a feature that required a password from an administrator to be able to register so that if you were going to register you put in your user info (as now) and a password you've obtained from the admin that allows you to register....for instance, in this way a teacher could set up a wikki with registration "on" and send a note to all of the parents with the registration password so that they could register....outsiders couldn't register, only those with the registration key. Possibly a quite useful feature to many potential user groups. -- GmBowen

Last edited by JavaWoman:
Updated code - see comment below it
Thu, 27 Apr 2006 06:59 UTC [diff]

Additions to the config

additions to wikkaconfig.php

'allow_registration' => '2',
'registercode' => 'helloWorld',

allow_registration sets the mode:
0 - no registration possible
1 - registration "without limits"
2 - password required

registercode takes the password

changes in usersettings

A) If you haven't modified your usersettings.php, you can replace it with the following version:

<?php
if (isset($_REQUEST["action"]) && ($_REQUEST["action"] == "logout"))
{
$this->LogoutUser();
$this->Redirect($this->href(), "You are now logged out.");
}
else if ($user = $this->GetUser())
{
// is user trying to update?
if (isset($_REQUEST["action"]) && ($_REQUEST["action"] == "update"))
{
$this->Query("update ".$this->config["table_prefix"]."users set ".
"email = '".mysql_real_escape_string($_POST["email"])."', ".
"doubleclickedit = '".mysql_real_escape_string($_POST["doubleclickedit"])."', ".
"show_comments = '".mysql_real_escape_string($_POST["show_comments"])."', ".
"revisioncount = '".mysql_real_escape_string($_POST["revisioncount"])."', ".
"changescount = '".mysql_real_escape_string($_POST["changescount"])."' ".
"where name = '".$user["name"]."' limit 1");
$this->SetUser($this->LoadUser($user["name"]));
// forward
$this->Redirect($this->href(), "User settings stored!");
}
if (isset($_REQUEST["action"]) && ($_REQUEST["action"] == "changepass"))
{
// check password
$password = $_POST["password"];
if (preg_match("/ /", $password)) $passerror = "Sorry, blanks are not permitted in the password.";
else if (strlen($password) < 5) $passerror = "Tsk tsk, the password is much too short...";
else if (($user["password"] == md5($_POST["oldpass"])) || ($user["password"] == $_POST["oldpass"]))
{
$this->Query("update ".$this->config["table_prefix"]."users set "."password = md5('".mysql_real_escape_string($password)."') "."where name = '".$user["name"]."'");
$user["password"]=md5($password);
$this->SetUser($user);
$this->Redirect($this->href(), "Password changed.");
}
else
{
$passerror = "The old password you entered is wrong.";
}
}
print "<script type=\"text/javascript\">\n</script>\n";
// user is logged in; display config form
print($this->FormOpen());
?>
<input type="hidden" name="action" value="update" />
<table>
<tr>
<td align="right"></td>
<td>Hello, <?php echo $this->Link($user["name"]) ?>!</td>
</tr>
<tr>
<td align="right">Your email address:</td>
<td><input name="email" value="<?php echo $this->htmlspecialchars_ent($user["email"]) ?>" size="40" /></td>
</tr>
<tr>
<td align="right">Doubleclick Editing:</td>
<td><input type="hidden" name="doubleclickedit" value="N"><input type="checkbox" name="doubleclickedit" value="Y" <?php echo $user["doubleclickedit"] == "Y" ? "checked=\"checked\"" : "" ?> /></td>
</tr>
<tr>
<td align="right">Show comments by default:</td>
<td><input type="hidden" name="show_comments" value="N"><input type="checkbox" name="show_comments" value="Y" <?php echo $user["show_comments"] == "Y" ? "checked=\"checked\"" : "" ?> /></td>
</tr>
<tr>
<td align="right">RecentChanges display limit:</td>
<td><input name="changescount" value="<?php echo $this->htmlspecialchars_ent($user["changescount"]) ?>" size="40" /></td>
</tr>
<tr>
<td align="right">Page revisions list limit:</td>
<td><input name="revisioncount" value="<?php echo $this->htmlspecialchars_ent($user["revisioncount"]) ?>" size="40" /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Update Settings" /> <input type="button" value="Logout" onclick="document.location='<?php echo $this->href("", "", "&action=logout"); ?>'" /></td>
</tr>
</table>
<?php
print($this->FormClose());
print($this->FormOpen());
?>
<input type="hidden" name="action" value="changepass" />
<table>
<tr>
<td align="left"><b>Change your password:</b></td>
<td><br /><br /> </td>
</tr>
<?php
if (isset($passerror))
{
print("<tr><td></td><td><div class=\"error\">".$this->Format($passerror)."</div></td></tr>\n");
}
?>
<tr>
<td align="left">Your current password:</td>
<td><input type="password" name="oldpass" size="40" /></td>
</tr>
<tr>
<td align="left">Your new password:</td>
<td><input type="password" name="password" size="40" /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Change" size="40" /></td>
</tr>
</table>
<br />
See a list of pages you own (<a href="<?php echo $this->href("", "MyPages"); ?>">MyPages</a>) and pages you've edited (<a href="<?php echo $this->href("", "MyChanges"); ?>">MyChanges</a>).<br />
<?php
print($this->FormClose());
}
else
{
// user is not logged in
print "<script type=\"text/javascript\">\n</script>\n";
// is user trying to log in or register?
$register = $this->GetConfigValue('allow_registration');
if (isset($_REQUEST["action"]) && ($_REQUEST["action"] == "login"))
{
// if user name already exists, check password
if ($existingUser = $this->LoadUser($_POST["name"]))
{
// check password
if ($existingUser["password"] == md5($_POST["password"]))
{
$this->SetUser($existingUser);
$this->Redirect($this->href());
}
else
{
$error = "Wrong password!";
}
}
// otherwise, create new account when registration is possible without limits (1) or the password matches (2)
elseif ($register == '1' || ($register == '2' && $_REQUEST['code_input'] == $this->GetConfigValue('registercode')))
{
$name = trim($_POST["name"]);
$email = trim($_POST["email"]);
$password = $_POST["password"];
$confpassword = $_POST["confpassword"];
// check if name is WikiName style
if ($this->ExistsPage($name)) $error = 'Sorry, this ""WikiName"" is reserved for a page. Please choose a different name.';
elseif (!$this->IsWikiName($name)) $error = "User name must be WikiName formatted!";
elseif (!$email) $error = "You must specify an email address.";
elseif (!preg_match("/^.+?\@.+?\..+$/", $email)) $error = "That doesn't quite look like an email address.";
elseif ($confpassword != $password) $error = "Passwords didn't match.";
elseif (preg_match("/ /", $password)) $error = "Spaces aren't allowed in passwords.";
elseif (strlen($password) < 5) $error = "Password too short.";
else
{
$this->Query("insert into ".$this->config["table_prefix"]."users set ".
"signuptime = now(), ".
"name = '".mysql_real_escape_string($name)."', ".
"email = '".mysql_real_escape_string($email)."', ".
"password = md5('".mysql_real_escape_string($_POST["password"])."')");
// log in
$this->SetUser($this->LoadUser($name));
// forward
$this->Redirect($this->href());
}
}
else
{
$error = "Sorry, the register-code you entered was not correct!";
}
}
elseif (isset($_REQUEST["action"]) && ($_REQUEST["action"] == "updatepass"))
{
// check if name is WikkiName style
$name = trim($_POST["yourname"]);
if (!$this->IsWikiName($name)) $newerror = "You have entered an incorrect or non-existent wikiname. The wikiname must be written in wikistyle, e.g: \"\"WikkaName.\"\"";
// if user name already exists, check password
elseif ($existingUser = $this->LoadUser($_POST["yourname"]))
{
if ($existingUser["password"] == $_POST["temppassword"])
{
// update password
$this->SetUser($existingUser, $_POST["remember"]);
$this->Redirect($this->href());
}
else
{
$newerror = "Sorry, you entered the wrong password.";
}
}
}
print($this->FormOpen());
?>
<input type="hidden" name="action" value="login" />
<table>
<tr>
<td align="right"></td>
<td><?php echo $this->Format("If you're already a registered user, log in here!"); ?></td>
</tr>
<?php
if (isset($error))
{
print("<tr><td></td><td><div class=\"error\">".$this->Format($error)."</div></td></tr>\n");
}
?>
<tr>
<td align="right">Your WikiName:</td>
<td><input name="name" size="40" value="<?php if (isset($name)) echo $name; ?>" /></td>
</tr>
<tr>
<td align="right">Password (5+ chars):</td>
<td><input type="password" name="password" size="40" /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Login" size="40" /></td>
</tr>
<?php
$register = $this->GetConfigValue('allow_registration');
if ($register == '1' || $register == '2')
{
?>
<tr>
<td align="right"></td>
<td width="500">Stuff you only need to fill in when you are logging in for the first time (and thus signing up as a new user on this site)</td>
</tr>
<tr>
<td align='right'>Confirm password:</td>
<td><input type='password' name='confpassword' size='40' /></td>
</tr>
<tr>
<td align='right'>Email address:</td>
<td><input name='email' size='40' /></td>
</tr>
<?php
if ($register == '2')
{
?>
<tr>
<td align='right'>Register Code:</td>
<td><input type='text' size='20' name='code_input' /></td>
</tr>
<?php
}
?>
<tr>
<td></td>
<td><input type='submit' value='Register' size='40' /></td>
</tr>
<?php
}
?>
</table>
<?php
print($this->FormClose());
print($this->FormOpen());
?>
<input type="hidden" name="action" value="updatepass" />
<table>
<tr>
<td colspan="2"><br /><hr /><h4>Forget your password?</h4></td><td></td>
</tr>
<tr>
<td align="left"></td>
<td>Log in here with the temporary password. <br />If you need a temporary password, click <?php echo $this->Format("[[PasswordForgotten here]]") ?></td>
</tr>
<?php
if (isset($newerror))
{
print("<tr><td></td><td><div class=\"error\">".$this->Format($newerror)."</div></td></tr>\n");
}
?>
<tr>
<td align="left">Your WikiName:</td>
<td><input name="yourname" value="<?php if (isset($_POST["yourname"])) echo $_POST["yourname"]; ?>" size="40" /></td>
</tr>
<tr>
<td align="left">Your temp password:</td>
<td><input name="temppassword" size="40" /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Login" size="40" /></td>
</tr>
</table>
<?php
print($this->FormClose());
}
?>

Updated code to hopefully fix 'unexpected T_ELSE' bug reported by 68.191.5.12 - but untested as I don't have a version running where I can just implement it. Please test! -JavaWoman

B) Or apply the following changes to actions/usersettings.php:

line 123

// is user trying to log in or register?
$register = $this->GetConfigValue('allow_registration');
if (isset($_REQUEST["action"]) && ($_REQUEST["action"] == "login"))

line 140

// otherwise, create new account when registration is possible without limits (1) or the password matches (2)
else if ($register == '1' || ($register == '2' && $_REQUEST['code_input'] == $this->GetConfigValue('registercode')))

line 169

else
{
$error = "Sorry, the register-code you entered was not correct!";
}

lines 218-233

<?php
$register = $this->GetConfigValue('allow_registration');
if ($register == '1' || $register == '2')
{
?>
<tr>
<td align="right"></td>
<td width="500">Stuff you only need to fill in when you are logging in for the first time (and thus signing up as a new user on this site)</td>
</tr>
<tr>
<td align='right'>Confirm password:</td>
<td><input type='password' name='confpassword' size='40' /></td>
</tr>
<tr>
<td align='right'>Email address:</td>
<td><input name='email' size='40' /></td>
</tr>
<?php
if ($register == '2')
{
?>
<tr>
<td align='right'>Register Code:</td><td><input type='text' size='20' name='code_input' /></td>
</tr>
<?php
}
?>
<tr>
<td></td>
<td><input type='submit' value='Register' size='40' /></td>
</tr>
<?php
}
?>

CategoryDevelopmentActions CategoryDevelopmentUserAccount

Wikka : UserRegistration

Revision [13955]