$admin) {
if (empty($admin['email'])) {
continue;
}
$admin_cc[] = $admin['email'];
serendipity_sendMail($admin['email'], $subject, $message, $email, null, $serendipity['blogTitle']);
}
}
if ($approve_only) {
// Only Admin-Mails, done in the foreach-loop above already.
$mail = true;
} else {
// Send out Mails to the actual receiver.
$mail = serendipity_sendMail($email, $subject, $message, $email, null, $serendipity['blogTitle']);
}
return $mail;
}
static function checkuser($usergroups = array()) {
global $serendipity;
static $debug = false;
if (!empty($serendipity['GET']['adduser_activation']) && !empty($_GET['r'])) {
$string = $serendipity['GET']['adduser_activation'];
$q = "SELECT * FROM {$serendipity['dbPrefix']}pending_authors WHERE hash = '" . serendipity_db_escape_string($string) . "' LIMIT 1";
if ($debug) {
echo "[debug] QUERY: $q
\n";
}
$author = serendipity_db_query($q, true);
serendipity_common_adduser::sendMail($author['username'], (function_exists('serendipity_specialchars') ? serendipity_specialchars($string) : htmlspecialchars($string, ENT_COMPAT, LANG_CHARSET)), $author['email'], false, false);
echo PLUGIN_ADDUSER_SENTMAIL_APPROVE_ADMIN;
return true;
}
if (!empty($serendipity['GET']['adduser_activation'])) {
$string = $serendipity['GET']['adduser_activation'];
unset($serendipity['GET']['adduser_activation']);
if (strlen($string) != 32) {
echo PLUGIN_ADDUSER_WRONG_ACTIVATION . '
';
return false;
}
$q = "SELECT * FROM {$serendipity['dbPrefix']}pending_authors WHERE hash = '" . serendipity_db_escape_string($string) . "' LIMIT 1";
if ($debug) {
echo "[debug] QUERY: $q
\n";
}
$author = serendipity_db_query($q, true);
if ($debug) {
echo "[debug] RESULT: " . print_r($author,true) . "
\n";
}
if (is_array($author)) {
$user = serendipity_db_query("SELECT authorid FROM {$serendipity['dbPrefix']}authors WHERE username = '" . serendipity_db_escape_string($author['username']) . "'", true);
if (is_array($user) && !empty($user['authorid'])) {
printf(PLUGIN_ADDUSER_EXISTS . '
', (function_exists('serendipity_specialchars') ? serendipity_specialchars($author['username']) : htmlspecialchars($author['username'], ENT_COMPAT, LANG_CHARSET)));
return false;
}
$newID = serendipity_addAuthor($author['username'], '', $author['username'], $author['email'], $author['userlevel']);
if ($debug) {
echo "[debug] serendipity_addAuthor: $newID
\n";
}
if ($newID) {
serendipity_db_query("UPDATE {$serendipity['dbPrefix']}authors
SET right_publish = '" . ($author['right_publish'] ? '1' : '0') . "',
password = '" . $author['password'] . "'
WHERE authorid = " . (int)$newID);
serendipity_set_config_var('no_create', $author['no_create'], $newID);
serendipity_set_config_var('lang', $serendipity['lang'], $newID);
// Fetch default properties for new authors as configured.
// Only set values for the keys that are supported (all booleans currently!)
$config = serendipity_db_query("SELECT name, value FROM {$serendipity['dbPrefix']}config WHERE name LIKE 'serendipity_plugin_adduser:%'");
$pair_config = array(
'wysiwyg' => '',
'simpleFilters' => '',
'enableBackendPopup' => '',
'moderateCommentsDefault' => '',
'allowCommentsDefault' => '',
'showMediaToolbar' => '',
'use_autosave' => ''
);
if (is_array($config)) {
foreach($config AS $conf) {
$names = explode('/', $conf['name']);
if (isset($pair_config[$names[1]])) {
$pair_config[$names[1]] = serendipity_get_bool($conf['value']);
serendipity_set_config_var($names[1], $pair_config['wysiwyg'], $newID);
}
}
}
if (is_array($usergroups) && function_exists('serendipity_updateGroups')) {
if ($debug) echo "[debug] update groups: " . print_r($usergroups, true) . "
\n";
serendipity_updateGroups($usergroups, $newID, false);
} elseif ($debug) {
echo "[debug] no group addition: " . print_r($usergroups, true) . "
\n";
}
} elseif ($debug) {
echo "[debug] serendipity_addAuthor() failed!
\n";
}
}
$q = "SELECT authorid FROM {$serendipity['dbPrefix']}authors
WHERE username = '" . $author['username'] . "'
AND password = '" . $author['password'] . "'
LIMIT 1";
$newauthor = serendipity_db_query($q, true);
if (is_array($newauthor) && $newauthor['authorid'] > 0) {
echo PLUGIN_ADDUSER_SUCCEED . '
';
serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}pending_authors WHERE hash = '" . serendipity_db_escape_string($string) . "'");
return true;
} else {
if ($debug) {
echo "[debug] QUERY: $q
\n";
echo "[debug] RESULT: " . print_r($newauthor, true) . "
\n";
}
echo PLUGIN_ADDUSER_FAILED . '
';
return false;
}
}
return false;
}
static function addAuthor($username, $password, $email, $userlevel, $right_publish, $no_create) {
global $serendipity;
if (!is_array(serendipity_db_query("SELECT username FROM {$serendipity['dbPrefix']}pending_authors LIMIT 1", true, 'both', false, false, false, true))) {
serendipity_db_schema_import("CREATE TABLE {$serendipity['dbPrefix']}pending_authors (
username varchar(20) default null,
password varchar(128) default null,
email varchar(128) not null default '',
userlevel int(4) {UNSIGNED} not null default '0',
right_publish int(1) default '1',
no_create int(1) default '0',
hash varchar(32) default null
);");
}
$hash = md5(time());
if (function_exists('serendipity_hash')) {
// Serendipity 1.5 style
$hashpw = serendipity_hash($password);
} else {
$hashpw = md5($password);
}
serendipity_db_insert('pending_authors', array(
'username' => $username,
'password' => $hashpw,
'email' => $email,
'userlevel' => $userlevel,
'right_publish' => (serendipity_db_bool($right_publish) ? '1' : '0'),
'no_create' => (serendipity_db_bool($no_create) ? '1' : '0'),
'hash' => $hash
));
return $hash;
}
static function adduser(&$username, &$password, &$email, $userlevel, $usergroups = array(), $no_create = false, $right_publish = true, $straight_insert = false, $approve = false, $use_captcha = false) {
global $serendipity;
if (serendipity_common_adduser::checkuser($usergroups)) {
return true;
}
if (!empty($serendipity['POST']['adduser_action'])) {
if (empty($username) || empty($password) || empty($email)) {
echo PLUGIN_ADDUSER_MISSING . '
';
return false;
}
if ($use_captcha) {
// Fake call to spamblock/captcha and other comment plugins.
$ca = array(
'id' => 0,
'allow_comments' => 'true',
'moderate_comments' => false,
'last_modified' => 1,
'timestamp' => 1
);
$commentInfo = array(
'type' => 'NORMAL',
'source' => 'commentform',
'name' => $username,
'url' => '',
'comment' => 'A new user ' . md5(time()) . ' is registered.',
'email' => $email,
'source2' => 'adduser'
);
serendipity_plugin_api::hook_event('frontend_saveComment', $ca, $commentInfo);
if ($ca['allow_comments'] === false) {
echo PLUGIN_ADDUSER_ANTISPAM . '
';
return false;
}
// End of fake call.
}
$user = serendipity_db_query("SELECT authorid FROM {$serendipity['dbPrefix']}authors WHERE username = '" . serendipity_db_escape_string($username) . "'", true);
if (is_array($user) && !empty($user['authorid'])) {
printf(PLUGIN_ADDUSER_EXISTS . '
', (function_exists('serendipity_specialchars') ? serendipity_specialchars($username) : htmlspecialchars($username, ENT_COMPAT, LANG_CHARSET)));
return false;
}
$hash = serendipity_common_adduser::addAuthor($username, $password, $email, $userlevel, $right_publish, $no_create);
if ($approve) {
serendipity_common_adduser::sendMail($username, $hash, $email, true);
echo PLUGIN_ADDUSER_SENTMAIL_APPROVE;
} elseif ($straight_insert) {
$serendipity['GET']['adduser_activation'] = $hash;
serendipity_common_adduser::checkuser($usergroups);
} elseif (serendipity_common_adduser::sendMail($username, $hash, $email)) {
echo PLUGIN_ADDUSER_SENTMAIL;
} else {
echo ERROR;
}
unset($serendipity['POST']['adduser_action']); // Ensure the plugin is not called twice
return true;
}
return false;
}
static function loginform($url, $hidden = array(), $instructions = '', $username = '', $password = '', $email = '', $use_captcha = false) {
global $serendipity;
if (!is_object($serendpity['smarty'])) {
serendipity_smarty_init();
}
$serendipity['smarty']->assign(array(
'registerbox_url' => $url,
'registerbox_hidden' => $hidden,
'registerbox_instructions' => $instructions,
'registerbox_username' => $username,
'registerbox_password' => $password,
'registerbox_email' => $email,
'registerbox_captcha' => $use_captcha,
));
$filename = 'registerbox.tpl';
$tfile = serendipity_getTemplateFile($filename, 'serendipityPath');
if (!$tfile || $tfile == $filename) {
$tfile = dirname(__FILE__) . '/' . $filename;
}
$inclusion = $serendipity['smarty']->security_settings['INCLUDE_ANY'];
$serendipity['smarty']->security_settings['INCLUDE_ANY'] = true;
$serendipity['smarty']->display($tfile);
}
}