Newer
Older
//ob_start();
//include("../member/signup.php");
//$output = ob_get_contents();
//ob_end_clean();
Tim Clark
committed
//
// -------------------------------------------------------------
// TODO: CHANGE THIS TO "sudo /usr/local/sbin/" DEFORE DEPLOYING
// -------------------------------------------------------------
$script_path="/home/member/eclipse/signuptests/";
$override_permission="staff";
// is the validation (mostly) overridable
$overridable=isset($session->groups[$permission]);
//set defaults
$mode = 'login';
//login
if(isset($_REQUEST['signupid'])&&isset($_REQUEST['signuppw'])){
//set signup details
$signupid = $_REQUEST['signupid'];
$signuppw = $_REQUEST['signuppw'];
// connect to sucs database
$sucsDB = NewADOConnection('postgres8');
// -------------------------------------------------
// TODO: CHANGE THIS TO dbname=sucs BEFORE DEPLOYING
// -------------------------------------------------
$sucsDB->Connect('dbname=eclipse');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
// get row(s)
$query = "SELECT * FROM signup WHERE id=? AND password=?";
$array = array($signupid,$signuppw);
$data = $sucsDB->GetAll($query,$array);
// if data was returned and it was exactly 1 row
if(is_array($data)&&sizeof($data)==1){
$row=$data[0];
// if the id hasnt already been used
if(!(isset($row[activated])&&isset($row[username]))){
// pass on the id and passwd and id the validation is overridable
$smarty->assign("signupid",$signupid);
$smarty->assign("signuppw",$signuppw);
$smarty->assign("overridable",$overridable);
$smarty->assign("usertype",$row[type]);
// if accepting the form
if(isset($_REQUEST['username']) && isset($_REQUEST['realname']) && isset($_REQUEST['email']) && isset($_REQUEST['phone'])){
require_once("../lib/validation.php");
$override = $overridable && (isset($_POST['override']) && $_POST['override']=="on");
$valid=true;
$errors=array();
$fields=array();
if(!validUsername($_REQUEST['username'])){
$valid=false;
$errors['username']=$error;
}
$fields['username']=$_REQUEST['username'];
if(!(validSignupEmail($_REQUEST['email']) || $override)){
$valid=false;
$errors['email']=$error;
}
$fields['email']=$_REQUEST['email'];
if(!(validPhone($_REQUEST['phone']) || $override)){
$valid=false;
$errors['phone']=$error;
}
$fields['phone']=$_REQUEST['phone'];
if($row[type]!=2){
if(!(validAddress($_REQUEST['address']) || $override)){
$valid=false;
$errors['address']=$error;
}
$fields['address']=$_POST['address'];
if(!validRealName($_REQUEST['realname'],$override)){
$valid=false;
$errors['realname']=$error;
}
$fields['realname']=$_REQUEST['realname'];
}
else{
if(!(validRealName($_REQUEST['contact'],false) || $override)){
$valid=false;
$errors['contact']=$error;
}
$fields['contact']=$_REQUEST['contact'];
if(!validSocName($_REQUEST['realname'], $override)){
$valid=false;
$errors['realname']=$error;
}
$fields['realname']=$_REQUEST['realname'];
}
if($row[type]==1){
if(!validSID($_REQUEST['studentid'],$override)){
$valid=false;
$errors['studentid']=$error;
}
$fields['studentid']=$_REQUEST['studentid'];
}
if($valid){
Tim Clark
committed
// include membership adding functions
require_once("../lib/member_functions.php");
$mode='result';
Tim Clark
committed
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
// determine the uid range
if($row[type]==2){
$baseuid=8;
}
else{
$baseuid=28;
}
$minuid=$baseuid*1000;
$maxuid=$minuid+999;
//get the new uid
$uid=findUid($minuid,$maxuid);
// make a password
$password=make_password();
// make the ldif
$ldif=generateLdif($uid,$password,$row[type],$_POST['realname'],$_POST['username']);
// write ldif file
file_put_contents('/tmp/useradd.'.$_POST['username'].'.ldif',$ldif);
system(
$script_path.'useradd.apache '.
sh_escape($_POST['username']).' '.
sh_escape($_POST['studentid']).' '.
sh_escape($_POST['email'])
);
$addtolist ="".$_POST['email']."\n".$_POST['studentid']."@swan.ac.uk";
file_put_contents('/tmp/listadd.'.$_POST['username'],$addtolist);
system(
$script_path.'listadd.apache '.
sh_escape($_POST['username'])
);
//TODO: add membership add code here
Tim Clark
committed
$_POST[uid]=$uid;
$_POST[password]=$password;
$_POST[ldif]=$ldif;
$smarty->assign("post",$_POST);
Tim Clark
committed
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
}
else{
//re-show form
$script = "<script language='javascript' type='text/javascript' src='".$baseurl."/js/jquery.js'></script>\n";
$script .= "<script language='javascript' type='text/javascript' src='$baseurl/js/signup.js'></script>\n";
$smarty->assign("fields",$fields);
$smarty->assign("errors",$errors);
$smarty->append('extra_scripts', $script);
$mode='re-form';
}
}
else{
// display the form
$script = "<script language='javascript' type='text/javascript' src='".$baseurl."/js/jquery.js'></script>\n";
$script .= "<script language='javascript' type='text/javascript' src='$baseurl/js/signup.js'></script>\n";
$smarty->append('extra_scripts', $script);
$mode='form';
}
}
else trigger_error("Signup ID already used",E_USER_WARNING);
}
else trigger_error("Invalid ID or Password", E_USER_WARNING);
}
//Set smarty Variables
$smarty->assign("mode", $mode);
$output = $smarty->fetch("signup.tpl");
$smarty->assign("title", "Sign Up");
$smarty->assign("body", $output);
?>