Newer
Older
//ob_start();
//include("../member/signup.php");
//$output = ob_get_contents();
//ob_end_clean();
Tim Clark
committed
//
// -------------------------------------------------------------
Tim Clark
committed
// -------------------------------------------------------------
//$script_path="/home/member/eclipse/signuptests/";
$script_path="sudo /usr/local/sbin/";
// DEV: CHNAGE THIS FOR DEV MODE
//$error_email="eclipse@sucs.org";
$error_email="admin@sucs.org";
Tim Clark
committed
$override_permission="staff";
// is the validation (mostly) overridable
$overridable=isset($session->groups[$permission]);
Tim Clark
committed
// ------------------------------------------------
Tim Clark
committed
// ------------------------------------------------
Tim Clark
committed
//set defaults
$mode = 'login';
//login
if(isset($_REQUEST['signupid'])&&isset($_REQUEST['signuppw'])){
//set signup details
$signupid = $_REQUEST['signupid'];
$signuppw = $_REQUEST['signuppw'];
// connect to sucs database
$sucsDB = NewADOConnection('postgres8');
Tim Clark
committed
//$sucsDB->debug = true;
// -------------------------------------------------
// -------------------------------------------------
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
// get row(s)
$query = "SELECT * FROM signup WHERE id=? AND password=?";
$array = array($signupid,$signuppw);
$data = $sucsDB->GetAll($query,$array);
// if data was returned and it was exactly 1 row
if(is_array($data)&&sizeof($data)==1){
$row=$data[0];
// if the id hasnt already been used
if(!(isset($row[activated])&&isset($row[username]))){
// pass on the id and passwd and id the validation is overridable
$smarty->assign("signupid",$signupid);
$smarty->assign("signuppw",$signuppw);
$smarty->assign("overridable",$overridable);
$smarty->assign("usertype",$row[type]);
// if accepting the form
if(isset($_REQUEST['username']) && isset($_REQUEST['realname']) && isset($_REQUEST['email']) && isset($_REQUEST['phone'])){
require_once("../lib/validation.php");
$override = $overridable && (isset($_POST['override']) && $_POST['override']=="on");
$valid=true;
$errors=array();
$fields=array();
if(!validUsername($_REQUEST['username'])){
$valid=false;
$errors['username']=$error;
}
$fields['username']=$_REQUEST['username'];
if(!(validSignupEmail($_REQUEST['email']) || $override)){
$valid=false;
$errors['email']=$error;
}
$fields['email']=$_REQUEST['email'];
if(!(validPhone($_REQUEST['phone']) || $override)){
$valid=false;
$errors['phone']=$error;
}
Tim Clark
committed
$fields['phone']=sanitizePhone($_REQUEST['phone']);
if($row[type]!=2){
if(!(validAddress($_REQUEST['address']) || $override)){
$valid=false;
$errors['address']=$error;
}
Tim Clark
committed
$fields['address']=sanitizeAddress($_POST['address']);
if(!validRealName($_REQUEST['realname'],$override)){
$valid=false;
$errors['realname']=$error;
}
$fields['realname']=$_REQUEST['realname'];
}
else{
if(!(validRealName($_REQUEST['contact'],false) || $override)){
$valid=false;
$errors['contact']=$error;
}
$fields['contact']=$_REQUEST['contact'];
if(!validSocName($_REQUEST['realname'], $override)){
$valid=false;
$errors['realname']=$error;
}
$fields['realname']=$_REQUEST['realname'];
}
if($row[type]==1){
if(!validSID($_REQUEST['studentid'],$override)){
$valid=false;
$errors['studentid']=$error;
}
$fields['studentid']=$_REQUEST['studentid'];
}
if($valid){
Tim Clark
committed
// include membership adding functions
require_once("../lib/member_functions.php");
$mode='result';
Tim Clark
committed
$failed=false;
// invalidate signup slip
$query = "UPDATE signup SET sid=?, username=?, activated=now() WHERE id=?";
unset($atribs);
Tim Clark
committed
$atribs[0]=$fields['studentid'];
$atribs[1]=$fields['username'];
$atribs[2]=$signupid;
$responce = $sucsDB->Execute($query,$atribs);
if(!$responce){
mail(
$error_email,
"Signup Error",
"Unable to invalidate signup slip: ".$signupid."\nAborting\nError message:\n".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$failed=true;
Tim Clark
committed
}
Tim Clark
committed
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
else{
// determine the uid range
if($row[type]==2){
$baseuid=8;
}
else{
$baseuid=28;
}
$minuid=$baseuid*1000;
$maxuid=$minuid+999;
//get the new uid
$uid=findUid($minuid,$maxuid);
// make a password
$password=make_password();
// make the ldif
$ldif=generateLdif($uid,$password,$row[type],$fields['realname'],$fields['username']);
// write ldif file
file_put_contents('/tmp/useradd.'.$fields['username'].'.ldif',$ldif);
exec(
$script_path.'useradd.apache '.
escapeshellarg($fields['username']).' '.
escapeshellarg($fields['studentid']).' '.
escapeshellarg($fields['email']),
$execoutputarr,
$execreturn
);
if($execreturn!=0){
$execoutputstr=implode("\n",$execoutputarr);
mail(
$error_email,
"Error creating user for signup id: ".$signupid,
$execoutputstr,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$failed=true;
}
// DEV: STICK THIS FOR DEV
if(posix_getpwnam($fields['username'])){
Tim Clark
committed
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
$query="SELECT count(*) from members where username = ?";
$data = $sucsDB->GetAll($query,array($fields['username']));
if($data[0]['count']!=0){
mail(
$error_email,
"Signup Error",
"User ".$fields['username']." already exsists in the databse, THIS SHOULD NEVER HAPPERN\n Love the signup system.\n\nP.S. the signup id is: ".$signupid,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$failed=true;
}
else{
$query = "INSERT INTO members (";
$query .= "uid, username, realname, email, address, phone, sid, type, paid, lastedit, comments";
$query .= ") values (";
$query .= "?, ?, ?, ?";
// if its a soc then it has no address
if($row[type]!=2){
$query .= ", ?"; //address
}
else{
$query .= ", DEFAULT"; //address
}
$query .= ", ?"; //phone
// only student had a sid
if($row[type]==1){
$query .= ", ?"; //sid
}
else{
$query .= ", DEFAULT";
}
$query .= ", ?, ?, ?";
// socienty add a default comment
if($row[type]==2){
$query .= ", ?";// comment
}
else{
$query .= ", DEFAULT";
}
$query .= ");";
unset($atribs);
$atribs[]=$uid;
$atribs[]=$fields['username'];
$atribs[]=$fields['realname'];
$atribs[]=$fields['email'];
if($row[type]!=2){
$atribs[]=$fields['address'];
}
$atribs[]=$fields['phone'];
if($row[type]==1){
$atribs[]=$fields['studentid'];
}
$atribs[]=$row[type];
include_once("../lib/date.php");
$atribs[]=paidUntil(time());
$atribs[]=$uid;
if($row[type]==2){
$atribs[]="Contact name: ".$fields['contact'];
}
$responce = $sucsDB->Execute($query,$atribs);
// if somthing broke then email
if(!$responce){
mail(
$error_email,
"Signup Error",
"Database problems for signup id: ".$signupid."\nError message:\n".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$failed=true;
}
else{
// if door card is connected to the signup slip move it to its proper home
if($row[card] != ''){
$query="INSERT INTO doorcards (uid,cardnumber) VALUES (?, ?);";
unset($atribs);
$atribs[0]=$uid;
$atribs[1]=$row[card];
$responce=$sucsDB->Execute($query,$atribs);
if(!$responce){
mail(
$error_email,
"Signup Error",
"Failed to migrate card details for signup id: ".$signupid."\nError message:\n".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
}
}
$logsmessage = "New user '".$fields['username']." has been created on SUCS\n";
$logsmessage .= "at: ".date("H:i ",mktime())." on ".date("l F jS Y", mktime())."\n";
$logsmessage .= "From: ".$_SERVER['REMOTE_ADDR']."\n";
$logsmessage .= "Useing signup id: ".$signupid."\n";
if($override){
$logsmessage .= "User ".$session->username." overrode validation.\n";
}
$logsmessage .= "Love The Signup System";
Tim Clark
committed
mail(
Tim Clark
committed
"User '".$fields['username']."' Created on SUCS",
$logsmessage,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$usermessage = "Welcome to the Swansea University Computer Society!\n\n";
$usermessage .= "Your account details are:\n\n";
$usermessage .= "Username: ".$fields['username']."\n";
$usermessage .= "Password: ".$password."\n\n";
$usermessage .= "Wondering what to do next? Check out our Getting Started page: http://sucs.org/Getting%20Started or go right ahead and post on our forum at http://sucs.org/Community/Forum or join in the discussion on our chat system, Milliways: http://sucs.org/Community/Milliways\n\n";
$usermessage .= "Our weekly social is held in the coffee end JC's at 1:00 PM every Friday\n\n";
Tim Clark
committed
$usermessage .= "Before you use the SUCS computers or the computer room, please make sure you are familiar with the conditions of use and room rules at http://sucs.org/About/Regulations\n\n";
$usermessage .= "If you require help using the system, introductory guides are available at http://sucs.org/Knowledge\n\n";
$usermessage .= "If you have any trouble using the system, reply to this e-mail describing the nature of the problem and we'll look into it.\n\n";
$usermessage .= "We hope you enjoy your SUCS membership.\n\n";
$usermessage .= "Regards,\n\n";
$usermessage .= "Swansea University Computer Society";
if($fields['email']!=''){
$user_email=$fields['email'];
}
elseif($fields['studentid']!=''){
Tim Clark
committed
$user_email=$fields['studentid']."@swan.ac.uk";
}
else{
$user_email=FALSE;
Tim Clark
committed
}
if($user_email){
mail(
Tim Clark
committed
$user_email,
"Your SUCS Account has been created!",
$usermessage,
"From: \"SUCS Admin\" <admin@sucs.org>"
Tim Clark
committed
}
}
}
$addtolist ="".$fields['email']."\n".$fields['studentid']."@swan.ac.uk";
file_put_contents('/tmp/listadd.'.$fields['username'],$addtolist);
unset($execoutputarr);
exec(
Tim Clark
committed
$script_path.'listadd.apache '.
escapeshellarg($fields['username']).' '.
escapeshellarg($row[type]),
$execoutputarr,
$ececreturn
Tim Clark
committed
);
if($execreturn!=0){
$execoutputstr=implode("\n",$execoutputarr);
mail(
$error_email,
"Error adding user to mailing lists from signup id: ".$signupid,
$execoutputstr,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$failed=true;
}
Tim Clark
committed
}
$smarty->assign("failed",$failed);
if($failed){
$errorreparray=$_POST;
unset($errorroparray[signuppw]);
$errorreparray[uid]=$uid;
$errorreport = "User inputed detailes:\n\n";
foreach ($errorreparray as $key => $value){
$errorreport .= $key.": ".$value."\n";
}
$errorreport .= "\nLove from the Signup System";
mail(
$error_email,
"Signup system error report",
$errorreport,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
}
else{
$smarty->assign("username", $fields['username']);
$smarty->assign("password", $password);
$smarty->assign("email", $user_email);
}
Tim Clark
committed
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
}
else{
//re-show form
$script = "<script language='javascript' type='text/javascript' src='".$baseurl."/js/jquery.js'></script>\n";
$script .= "<script language='javascript' type='text/javascript' src='$baseurl/js/signup.js'></script>\n";
$smarty->assign("fields",$fields);
$smarty->assign("errors",$errors);
$smarty->append('extra_scripts', $script);
$mode='re-form';
}
}
else{
// display the form
$script = "<script language='javascript' type='text/javascript' src='".$baseurl."/js/jquery.js'></script>\n";
$script .= "<script language='javascript' type='text/javascript' src='$baseurl/js/signup.js'></script>\n";
$smarty->append('extra_scripts', $script);
$mode='form';
}
}
else trigger_error("Signup ID already used",E_USER_WARNING);
}
else trigger_error("Invalid ID or Password", E_USER_WARNING);
}
//Set smarty Variables
$smarty->assign("mode", $mode);
$output = $smarty->fetch("signup.tpl");
$smarty->assign("title", "Sign Up");
$smarty->assign("body", $output);
?>