Mercurial > hg > fapweb
view pages/register.inc.php @ 1114:51f24cb35fc8
s/SET_LEN_/SQL_LEN_/g
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Mon, 14 Oct 2019 10:31:39 +0300 |
parents | bbc0a3d0b51e |
children | b2bca5f6d0ff |
line wrap: on
line source
<?php // // FAPWeb - Simple Web-based Demoparty Management System // Attendee registration page // (C) Copyright 2012-2015 Tecnic Software productions (TNSP) // $mode = stGetRequestItem("mode", "start"); // Settings for robot check hash generator $botCheckIDs = "aBcdefghIjklmnopqrsTuvxyz0123456"; $botCheckOPs = "bit"; $botCheckROPs = "+-*"; $registerFormFields = [ "name" => "Name", "groups" => "Group(s)", "email" => "E-mail", "oneliner" => "Oneliner", "hash" => FALSE, "botcheck" => FALSE, ]; function stPrintFormTextInput($text1, $text2, $size, $len, $name, $extra="") { echo " <tr><th>".chentities($text1)."</th><td>". stGetFormTextInput($size, $len, $name, "", "", stGetRequestItem($name), $extra). "</td><td>".chentities($text2)."</td></tr>\n"; } function stPrintFormHiddenInput($name, $value) { echo " ".stGetFormHiddenInput($name, $value)."\n"; } function stPrintFormData($button, $mode = "start", $exclude = array()) { global $registerFormFields; echo stGetFormStart("register", "register"). " ".stGetFormSubmitInput("continue", $button)."\n"; stPrintFormHiddenInput("mode", $mode); foreach ($registerFormFields as $name => $title) { if (!in_array($name, $exclude)) stPrintFormHiddenInput($name, stGetRequestItem($name)); } echo "</form>\n"; } function stPrintRegistrationErrors() { global $errorMsgs; echo "<h1>Following errors occured:</h1>\n". "<ul>\n"; foreach ($errorMsgs as $msg) echo " <li>".$msg."</li>\n"; echo "</ul>\n"; stPrintFormData("Go back", "start", array("botcheck")); } // Convert integer value to hash code function intValueToHash($val) { global $botCheckIDs; $str = ""; do { $str = $botCheckIDs[$val & 31].$str; $val >>= 5; } while ($val > 0); return $str; } // Convert integer hash to integer value function intHashToValue($hash) { global $botCheckIDs; for ($val = 0, $i = 0; $i < strlen($hash); $i++) { $val *= 32; $n = strpos($botCheckIDs, $hash[$i]); if ($n !== FALSE) $val += $n; else return -2; } return $val; } // Split hash into parts function splitHash($hash) { global $botCheckOPs; return preg_split("/([".$botCheckOPs."])/", $hash, -1, PREG_SPLIT_DELIM_CAPTURE); } function hashToCheckStr($hash) { global $botCheckOPs, $botCheckROPs; $out = ""; foreach (splitHash($hash) as $val) { $i = strpos($botCheckOPs, $val); if ($i !== FALSE) $out .= " ".$botCheckROPs[$i]." "; else $out .= intHashToValue($val); } return $out; } function hashToAnswer($hash) { eval("\$res = ".hashToCheckStr($hash).";"); return $res; } // Check if user registration is available stCheckRegistrationAvailable(); // Check if registration is enabled if (!stChkSetting("allowRegister")) { echo stGetSetting("msgRegisterNotEnabled"); } else if ($maxAttendeesHard > 0 && $numAttendees >= $maxAttendeesHard) { echo stGetSetting("msgRegisterLimitExceeded"); } else if ($mode == "start") { // // Show registration form // // Generate bot-check $botCheckHash = intValueToHash(rand(1,5)). $botCheckOPs[rand(0,2)]. intValueToHash(rand(1,5)). $botCheckOPs[rand(0,2)]. intValueToHash(5 * rand(1,5)); echo stGetSetting("msgRegisterPageBlurb")."\n". stGetFormStart("register", "register"). " ".stGetFormHiddenInput("mode", "check")."\n". " ".stGetFormHiddenInput("hash", $botCheckHash)."\n". " <table class=\"register\">\n"; stPrintFormTextInput("Handle:", "(who you are)", 20, SQL_LEN_USERNAME, "name"); stPrintFormTextInput("Group(s):", "(duh)", 30, SQL_LEN_GROUPS, "groups"); stPrintFormTextInput("E-mail:", stCheckRequireEmail() ? "(required)" : "", 30, SQL_LEN_EMAIL, "email"); stPrintFormTextInput("Oneliner:", "(leave a message here)", 30, SQL_LEN_ONELINER, "oneliner"); stPrintFormTextInput(hashToCheckStr($botCheckHash)." = ", "(I.Q. / robot check". //" [".hashToAnswer($botCheckHash)."]". ")", 20, 20, "botcheck", "autocomplete=\"off\""); echo " <tr><td colspan=\"2\"></td><td>".stGetFormSubmitInput("register", "Continue")."</td></tr>\n". " </table>\n". "</form>\n"; echo stGetSetting("msgRegisterInfoText"); } else if ($mode == "check" || $mode == "register") { // // Check the registrant's details // stChkRequestItem("hash", $hash, array(CHK_GTEQ, VT_STR, 0, "Invalid data.")); stValidateRequestUserData(FALSE, FALSE); $answer = stGetRequestItem("botcheck"); if (hashToAnswer($hash) != intval($answer)) stError("Incorrect answer to I.Q. / bot check."); if ($errorSet) { // There were errors or missing data stPrintRegistrationErrors(); $errorSet = FALSE; } else if ($mode == "register") { // Data ok, registration mode $sql = stGetAttendeeRegistrationSQL(); if (stExecSQL($sql) !== FALSE) { echo stGetSetting("msgRegisterPostText"); if (strlen(stGetRequestItem("email")) < 4) echo stGetSetting("msgRegisterPostNoEmail"); } else { stError("Oh noes! SQL error happenstance!"); } } else { // Data ok, verify echo "<h1>Verify your information</h1>\n". "<p>Is the following information correct?</p>\n". "<table class=\"register\">\n"; foreach ($registerFormFields as $name => $title) { if ($title !== FALSE) { echo " <tr><th class=\"".$name."\">".chentities($title).":</th>". "<td>".chentities(stGetRequestItem($name))."</td></tr>\n"; } } echo "</table>\n"; stPrintFormData("Go back", "start", array("botcheck")); stPrintFormData("Register", "register"); } } else stError("Invalid operation registration mode."); if ($errorSet) stPrintRegistrationErrors(); ?>