<?php
//@TODO Refactor code, possibly...
//setup vars
list('email'=>$email,
'confirmEmail'=>$confirm,
'name'=>$name
) = $_POST;
$email = trim(strtolower($email));
$confirm = trim(strtolower($confirm));
$name = trim($name);
$core = $package->compo('Core');
$lia->gotoWithContent($package->url('/register/'));
$messageOfFailedSend = 'Due to an internal error, the registration email could not be sent. Try again or contact support.';
// build email message for internal errors:
$date = date("F j, Y @ g:i a");
$internalErrorEmail = "";
$url = $package->get('Site.url');
$name = $package->get('Site.name');
if ($name==null)throw new \Exception("You must set `Site.name` config on your package.");
$internalErrorEmail = "On {$date}, someone tried to register an account on <a href=\"{$url}\">{$name}</a> with your email address, but there was an internal error setting up your account.";
$registerUrl = $url.$package->url('/register/');
$supportName = $package->get('Support.name');
$supportEmail = $package->get('Support.email');
$internalErrorEmail .=
"\n<br>\nYou can try again at <a href=\"{$registerUrl}\">{$registerUrl}</a> or contact "
."{$supportName} at <a href=\"mailto:{$supportEmail}\">{$supportEmail}</a> for help.";
//validate input
if ($name==''&&$package->get('Register.requireName')){
//@TODO pass email & confirmemail along to register page
echo "Please enter a name.";
return;
} else if ($email!==$confirm){
//@TODO pass $name back to register page
echo 'The email addresses you entered do not match. Please try again.';
return;
} else if (!$core->isEmailValid($email)){
//@TODO pass $name back to register page
echo 'The email you entered was invalid. Please try again.';
return;
}
// One message, regardless of success/fail, as it prevents a malicious user from finding out if someone else's email is registered
$message = "Please check your email to complete registration.";
$lia->gotoWithMessage($package->url('/login/'), $message);
//check for existing user
$existingUser = $core->userFromEmail($email);
if ($existingUser!=null){
// send email notifying the user:
// 1. Someone tried to register an account with their email
// 2. They are already registered
// 3. They can reset their password at ...url...
$date = date("F j, Y @ g:i a");
//@TODO use derived full url for the site we're sending from, instead of requiring a config be set.
$url = $package->get('Site.url');
if ($url==null)throw new \Exception("You must set `Site.url` config on your package. Include `https://full-url.com`");
$name = $package->get('Site.name');
if ($name==null)throw new \Exception("You must set `Site.name` config on your package.");
$message = "On {$date}, someone tried to register an account on <a href=\"{$url}\">{$name}</a> with your email address, but you already have an account.";
$reset = $url.$package->url('/password/reset/');
$message .= "\n<br>\nIf this was you and you forgot your password, you can reset your password at <a href=\"{$reset}\">{$reset}</a>";
$sent = $core->sendEmail(
[
'to'=>$existingUser->email,
'to.name'=>$existingUser->name,
'message'=>$message,
'subject'=>'Registration Attempt',
]
);
if (!$sent){
$lia->gotoWithMessage($package->url('/register/', $messageOfFailedSend));
}
return;
}
//register user
try {
$user = $core->register($email, $name);
} catch (\Exception $e){
if ($package->get('Debug.throwErrors'))throw $e;
//@TODO LOG the error
$user = null;
//Reasons for exception:
// - Issue with the database connection
// - Unknown problem
}
//Check that registration completed successfully
$didSend = false;
if ($user==null||$user->isGuest()){
$didSend = $core->sendEmail(
[
'to'=>$email,
'to.name'=>$name,
'message'=>$internalErrorEmail,
'subject'=>'Registration Attempt',
]
);
} else {
$didSend = $core->sendRegisterEmail($user);
}
//report if email failed to send
if (!$didSend){
$lia->gotoWithMessage($package->url('/register/'), $messageOfFailedSend);
}