1<?php
2// This file is part of BOINC.
3// http://boinc.berkeley.edu
4// Copyright (C) 2008 University of California
5//
6// BOINC is free software; you can redistribute it and/or modify it
7// under the terms of the GNU Lesser General Public License
8// as published by the Free Software Foundation,
9// either version 3 of the License, or (at your option) any later version.
10//
11// BOINC is distributed in the hope that it will be useful,
12// but WITHOUT ANY WARRANTY; without even the implied warranty of
13// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
14// See the GNU Lesser General Public License for more details.
15//
16// You should have received a copy of the GNU Lesser General Public License
17// along with BOINC.  If not, see <http://www.gnu.org/licenses/>.
18
19include_once("../inc/boinc_db.inc");
20include_once("../inc/util.inc");
21include_once("../inc/email.inc");
22include_once("../inc/user.inc");
23include_once("../inc/recaptchalib.php");
24
25function show_error($str) {
26    page_head(tra("Can't create account"));
27    echo "$str<br>\n";
28    echo BoincDb::error();
29    echo "<p>".tra("Click your browser's <b>Back</b> button to try again.")."\n</p>\n";
30    page_tail();
31    exit();
32}
33
34$config = get_config();
35if (parse_bool($config, "disable_account_creation")
36    || parse_bool($config, "no_web_account_creation")
37) {
38    error_page("Account creation is disabled");
39}
40
41if ($recaptcha_private_key) {
42    if (!boinc_recaptcha_isValidated($recaptcha_private_key)) {
43        show_error(
44            tra("Your reCAPTCHA response was not correct. Please try again.")
45        );
46    }
47}
48
49// see whether the new account should be pre-enrolled in a team,
50// and initialized with its founder's project prefs
51//
52$teamid = post_int("teamid", true);
53if ($teamid) {
54    $team = BoincTeam::lookup_id($teamid);
55    $clone_user = BoincUser::lookup_id($team->userid);
56    if (!$clone_user) {
57        error_page("User $userid not found");
58    }
59    $project_prefs = $clone_user->project_prefs;
60} else {
61    $teamid = 0;
62    $project_prefs = "";
63}
64
65if(defined('INVITE_CODES')) {
66    $invite_code = post_str("invite_code");
67    if (strlen($invite_code)==0) {
68        show_error(tra("You must supply an invitation code to create an account."));
69    }
70    if (!preg_match(INVITE_CODES, $invite_code)) {
71        show_error(tra("The invitation code you gave is not valid."));
72    }
73}
74
75$new_name = post_str("new_name");
76if (!is_valid_user_name($new_name, $reason)) {
77    show_error($reason);
78}
79
80$new_email_addr = strtolower(post_str("new_email_addr"));
81if (!is_valid_email_addr($new_email_addr)) {
82    show_error(tra("Invalid email address: you must enter a valid address of the form name@domain"));
83}
84$user = BoincUser::lookup_email_addr($new_email_addr);
85if ($user) {
86    show_error(tra("There's already an account with that email address."));
87}
88
89$passwd = post_str("passwd");
90$passwd2 = post_str("passwd2");
91if ($passwd != $passwd2) {
92    show_error(tra("New passwords are different"));
93}
94
95$min_passwd_length = parse_config($config, "<min_passwd_length>");
96if (!$min_passwd_length) $min_passwd_length = 6;
97
98if (!is_ascii($passwd)) {
99    show_error(tra("Passwords may only include ASCII characters."));
100}
101
102if (strlen($passwd)<$min_passwd_length) {
103    show_error(
104        tra("New password is too short: minimum password length is %1 characters.", $min_passwd_length)
105    );
106}
107
108$passwd_hash = md5($passwd.$new_email_addr);
109
110$country = post_str("country");
111if ($country == "") {
112    $country = "International";
113}
114if (!is_valid_country($country)) {
115    error_page("bad country");
116}
117
118if (POSTAL_CODE) {
119    $postal_code = sanitize_tags(post_str("postal_code", true));
120} else {
121    $postal_code = '';
122}
123
124$user = make_user(
125    $new_email_addr, $new_name, $passwd_hash,
126    $country, $postal_code, $project_prefs, $teamid
127);
128if (!$user) {
129    show_error(tra("Couldn't create account"));
130}
131
132if(defined('INVITE_CODES')) {
133    error_log("Account '$new_email_addr' created using invitation code '$invite_code'");
134}
135
136// In success case, redirect to a fixed page so that user can
137// return to it without getting "Repost form data" stuff
138
139$next_url = post_str('next_url', true);
140$next_url = sanitize_local_url($next_url);
141if ($next_url) {
142    Header("Location: ".url_base()."$next_url");
143} else {
144    Header("Location: ".url_base()."home.php");
145    send_cookie('init', "1", true);
146    send_cookie('via_web', "1", true);
147}
148send_cookie('auth', $user->authenticator, true);
149
150?>
151