1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
<?php
namespace mcoop;
require_once("recaptcha/autoload.php");
require_once("vendor/autoload.php");
require_once("common/config.php");
// TODO: this should probably check if the user's already logged in and prompt to logout first
//var_dump($_POST);
$danger_alerts = array();
$success_alerts = array();
$reg_attempted = false;
if (isset($_POST["username"], $_POST["email"], $_POST["passwd"], $_POST["g-recaptcha-response"])) {
$reg_attempted = true;
$recaptcha = new \ReCaptcha\ReCaptcha($config->recaptcha_secret);
$username = $_POST["username"];
$email = $_POST["email"];
$password = $_POST["passwd"];
if (isset($_POST["fullname"])) {
$full_name = $_POST["fullname"];
} else {
$full_name = null;
}
// TODO: we should really filter/validate g-recaptcha-response (still need to do)
$recaptcha_resp = $_POST["g-recaptcha-response"];
// XXX: one downside of this is it checks the captcha before validating all the other fields, might want to move captcha validation to register()
$resp = $recaptcha->verify($recaptcha_resp);
$captcha_valid = $resp->isSuccess();
$reg_successful = false;
if ($captcha_valid) {
try {
// TODO: validate_email (5th arg)
$db->register($username, $email, $password, $full_name, true, $twig);
$reg_successful = true;
$success_alerts[] = 'Registration successful, <a href="/">Click here to return to the webapp</a>';
} catch (RegistrationError $re) {
$reg_successful = false;
$error_text = $re->reason;
$danger_alerts[] = $error_text;
if ($db->conn->inTransaction())
$db->conn->rollBack();
}
} else {
$danger_alerts[] = "Captcha Invalid, please try again.";
}
}
// TODO: move into a util file
echo $twig->render("register.tmpl", array(
"danger_alerts" => $danger_alerts,
"success_alerts" => $success_alerts,
"sess_info" => $sess_info
));
?>
|