Mercurial > hg > fapweb
view register.inc.php @ 191:988e0ab2b77e
Improve registration process by adding information verification phase.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Sun, 10 Nov 2013 14:55:31 +0200 |
parents | a49c5f15a273 |
children | e65b2392fc0e |
line wrap: on
line source
<? // // FAPWeb Simple Demoparty System // Attendee registration page // (C) Copyright 2012-2013 Tecnic Software productions (TNSP) // $mode = stGetRequestItem("mode", "start"); // Settings for robot check hash generator $botCheckIDs = "aBcdefghIjklmnopqrsTuvxyz0123456"; $botCheckOPs = "bit"; $botCheckROPs = "+-*"; $formFields = array( "name" => "Name", "groups" => "Group(s)", "email" => "E-mail", "oneliner" => "Oneliner", "hash" => FALSE, "botcheck" => FALSE, ); function stPrintFormData($button, $mode = "start", $exclude = array()) { global $formFields; echo stGetFormStart("register"). " ".stGetFormSubmitInput("continue", $button)."\n"; stPrintFormHiddenInput("mode", $mode); foreach ($formFields as $name => $title) { if (!in_array($name, $exclude)) stPrintFormHiddenInput($name, stGetRequestItem($name)); } echo "</form>\n"; } // Convert integer value to hash code function intValueToHash($val) { global $botCheckIDs; $str = ""; do { $str = $botCheckIDs[$val & 31].$str; $val >>= 5; } while ($val > 0); return $str; } // Convert integer hash to integer value function intHashToValue($hash) { global $botCheckIDs; for ($val = 0, $i = 0; $i < strlen($hash); $i++) { $val *= 32; $n = strpos($botCheckIDs, $hash[$i]); if ($n !== FALSE) $val += $n; else return -2; } return $val; } // Split hash into parts function splitHash($hash) { global $botCheckOPs; return preg_split("/([".$botCheckOPs."])/", $hash, -1, PREG_SPLIT_DELIM_CAPTURE); } function hashToCheckStr($hash) { global $botCheckOPs, $botCheckROPs; $out = ""; foreach (splitHash($hash) as $val) { $i = strpos($botCheckOPs, $val); if ($i !== FALSE) $out .= " ".$botCheckROPs[$i]." "; else $out .= intHashToValue($val); } return $out; } function hashToAnswer($hash) { eval("\$res = ".hashToCheckStr($hash).";"); return $res; } // Check if user registration is available stCheckRegistrationAvailable(); // Check if registration is enabled if (!stChkSetting("allowRegister")) { echo stGetSetting("registerNotEnabled"); } else if ($maxAttendeesHard > 0 && $numAttendees >= $maxAttendeesHard) { echo stGetSetting("registerLimitExceeded"); } else if ($mode == "start") { // // Show registration form // // Generate bot-check $botCheckHash = intValueToHash(rand(1,5)). $botCheckOPs[rand(0,2)]. intValueToHash(rand(1,5)). $botCheckOPs[rand(0,2)]. intValueToHash(5 * rand(1,5)); echo "<h1>Registration</h1>\n". stGetFormStart("register"). " ".stGetFormHiddenInput("mode", "check")."\n". " ".stGetFormHiddenInput("hash", $botCheckHash)."\n". " <table class=\"register\">\n"; stPrintFormTextInput("Handle:", "(elite)", 20, SET_LEN_USERNAME, "name"); stPrintFormTextInput("Group(s):", "(elite crew^supahmen)", 30, SET_LEN_GROUPS, "groups"); stPrintFormTextInput("E-mail:", "(to be informed of location etc)", 30, SET_LEN_EMAIL, "email"); stPrintFormTextInput("Oneliner:", "(whatever)", 30, SET_LEN_ONELINER, "oneliner"); stPrintFormTextInput(hashToCheckStr($botCheckHash)." = ", "(I.Q. / robot check". //" [".hashToAnswer($botCheckHash)."]". ")", 20, 20, "botcheck", "autocomplete=\"off\""); echo " <tr><td colspan=\"2\"></td><td>".stGetFormSubmitInput("register", "Register")."</td></tr>\n". " </table>\n". "</form>\n"; echo stGetSetting("registerInfoText"); } else if ($mode == "check" || $mode == "register") { // // Check the registrant's details // stChkRequestItem("name", $fake, array(CHK_ISGT, VT_STR, 0, "Handle / name not given."), array(CHK_ISLT, VT_STR, SET_LEN_USERNAME, "Handle / name is too long, should be less than ".SET_LEN_USERNAME." characters.")); stChkRequestItem("groups", $fake, array(CHK_ISLT, VT_STR, SET_LEN_GROUPS, "Groups are too long, should be less than ".SET_LEN_GROUPS." characters.")); stChkRequestItem("oneliner", $fake, array(CHK_ISLT, VT_STR, SET_LEN_ONELINER, "Oneliner is too long, should be less than ".SET_LEN_ONELINER." characters.")); stChkRequestItem("hash", $hash, array(CHK_GTEQ, VT_STR, 0, "Invalid data.")); $email = stGetRequestItem("email"); if (stGetSetting("requireEMail") && strlen($email) < 4) stError("E-mail address not given, or it is too short."); if (strlen($email) > 0 && (strpos($email, "@") === FALSE || strpos($email, ".") === FALSE)) stError("E-mail address not in proper format."); if (strlen($email) > SET_LEN_EMAIL) stError("E-mail address too long, max ".SET_LEN_EMAIL." characters."); $answer = stGetRequestItem("botcheck"); if (hashToAnswer($hash) != intval($answer)) stError("Incorrect answer to I.Q. / bot check."); if ($errorSet) { echo "<p>Following errors occured:</p>\n". "<ul>\n".$errorMsg."</ul>\n"; stPrintFormData("Go back", "start", array("botcheck")); } else if ($mode == "register") { $sql = stPrepareSQL( "INSERT INTO attendees (regtime,name,groups,oneliner,email) VALUES (%d,%S,%S,%S,%S)", time(), "name", "groups", "oneliner", "email"); if (stExecSQL($sql) !== FALSE) { echo stGetSetting("registerPostText"); if (strlen($email) < 4) echo stGetSetting("registerPostNoEmail"); } else { echo "<h1>An error occured.</h1>\n". "<p>Oh noes! SQL error happenstance!</p>"; } } else { echo "<h1>Verify your information</h1>\n". "<p>Is the following information correct?</p>\n". "<table class=\"register\">\n"; foreach ($formFields as $name => $title) { if ($title !== FALSE) { echo " <tr><td class=\"".$name."\">".chentities($title).":</td>". "<td>".chentities(stGetRequestItem($name))."</td></tr>\n"; } } echo "</table>\n"; stPrintFormData("Go back", "start", array("botcheck")); stPrintFormData("Register", "register"); } } ?>