1<?php
2/**
3 * Copyright 2009-2017 Horde LLC (http://www.horde.org/)
4 *
5 * See the enclosed file COPYING for license information (LGPL-2). If you
6 * did not receive this file, see http://www.horde.org/licenses/lgpl.
7 *
8 * @author   Jan Schneider <jan@horde.org>
9 * @category Horde
10 * @license  http://www.horde.org/licenses/lgpl LGPL-2
11 * @package  Horde
12 */
13
14require_once __DIR__ . '/../lib/Application.php';
15Horde_Registry::appInit('horde', array('authentication' => 'none'));
16
17$vars = $injector->getInstance('Horde_Variables');
18
19// Make sure signups are enabled before proceeding
20$auth = $injector->getInstance('Horde_Core_Factory_Auth')->create();
21if ($conf['signup']['allow'] !== true ||
22    !$auth->hasCapability('add')) {
23    throw new Horde_Exception(_("User Registration has been disabled for this site."));
24}
25
26try {
27    $signup = $injector->getInstance('Horde_Core_Auth_Signup');
28} catch (Horde_Exception $e) {
29    Horde::log($e, 'ERR');
30    throw new Horde_Exception(_("User Registration is not properly configured for this site."));
31}
32
33// Verify hash.
34if (hash_hmac('sha1', $vars->u, $conf['secret_key']) != $vars->h) {
35    throw new Horde_Exception(_("Invalid hash."));
36}
37
38// Deny signup.
39if ($vars->a == 'deny') {
40    $signup->removeQueuedSignup($vars->u);
41    printf(_("The signup request for user \"%s\" has been removed."), $vars->u);
42    exit;
43}
44if ($vars->a != 'approve') {
45    throw new Horde_Exception(sprintf(_("Invalid action %s"), $vars->a));
46}
47
48// Read and verify user data.
49$thisSignup = $signup->getQueuedSignup($vars->u);
50$info = $thisSignup->getData();
51
52if (empty($info['user_name']) && isset($info['extra']['user_name'])) {
53    $info['user_name'] = $info['extra']['user_name'];
54}
55if (empty($info['password']) && isset($info['extra']['password'])) {
56    $info['password'] = $info['extra']['password'];
57}
58if (empty($info['user_name'])) {
59    throw new Horde_Exception(_("No username specified."));
60}
61if ($auth->exists($info['user_name'])) {
62    throw new Horde_Exception(sprintf(_("The user \"%s\" already exists."), $info['user_name']));
63}
64
65$credentials = array('password' => $info['password']);
66if (isset($info['extra'])) {
67    foreach ($info['extra'] as $field => $value) {
68        $credentials[$field] = $value;
69    }
70}
71
72// Add user.
73try {
74     $auth->addUser($info['user_name'], $credentials);
75} catch (Horde_Auth_Exception $e) {
76    throw new Horde_Exception(sprintf(_("There was a problem adding \"%s\" to the system: %s"), $info['user_name'], $e->getMessage()));
77}
78if (isset($info['extra'])) {
79    try {
80        $injector->getInstance('Horde_Core_Hooks')->callHook('signup_addextra', 'horde', array($info['user_name'], $info['extra']));
81    } catch (Horde_Exception $e) {
82        throw new Horde_Exception(sprintf(_("Added \"%s\" to the system, but could not add additional signup information: %s."), $info['user_name'], $e->getMessage()));
83    } catch (Horde_Exception_HookNotSet $e) {}
84}
85$signup->removeQueuedSignup($vars->u);
86
87echo sprintf(_("Successfully added \"%s\" to the system."), $info['user_name']);
88