diff -bwN -ur --exclude=data --exclude=pub 01261115/bin/register working/bin/register
--- 01261115/bin/register Fri Jan 25 19:50:18 2002
+++ working/bin/register Sun Jan 27 00:16:56 2002
@@ -3,6 +3,7 @@
# TWiki WikiClone (see wiki.pm for $wikiversion and other info)
#
# Copyright (C) 1999 Peter Thoeny, peter@thoeny.com
+# Copyright (C) 2001 Kevin Atkinson, kevin twiki at atkinson dhs org
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -15,6 +16,11 @@
# GNU General Public License for more details, published at
# http://www.gnu.org/copyleft/gpl.html
+# Possible FIXME: The Way it figures out what web to store the user
+# info in is downright sick. It should really be passed in as a
+# hidden parameter and should we stored in the variable "userWeb"
+# rather than "webName". Kevin Atkinson
+
use CGI::Carp qw(fatalsToBrowser);
use CGI;
use lib ( '.' );
@@ -22,125 +28,186 @@
use TWiki;
use TWiki::Net;
+use strict;
+
+use Storable;
+
if( $TWiki::OS eq "WINDOWS" ) {
require MIME::Base64;
require Digest::SHA1;
}
-$query = new CGI;
+my $query = new CGI;
##### for debug only: Remove next 3 comments (but redirect does not work)
#open(STDERR,'>&STDOUT'); # redirect error to browser
#$| = 1; # no buffering
#TWiki::writeHeader( $query );
-&main();
+if (defined $query->param( 'code' )) {
+ &finish;
+} else {
+ &main;
+}
sub main
{
# get all parameters from the form
- my @paramNames = $query->param();
- my @formDataName = ();
- my @formDataValue = ();
- my @formDataRequired = ();
my $name = "";
my $value = "";
- my $emailAddress = "";
- my $firstLastName = "";
- my $wikiName = "";
- my $remoteUser = "";
+ my %formData;
+ my %data = ();
+
my $passwordA = "";
my $passwordB = "";
- foreach( @paramNames ) {
+ foreach( $query->param() ) {
if( /^(Twk)([0-9])(.*)/ ) {
+ %formData = ();
$value = $query->param( "$1$2$3" );
- $formDataRequired[@formDataRequired] = $2;
+ $formData{required} = $2;
$name = $3;
$name =~ s/([a-z0-9])([A-Z0-9])/$1 $2/go; # Space the names
$name =~ s/(AIM)(Screen)/$1 $2/go; # Horrible hack to space AIMScreen
- $formDataName[@formDataName] = $name;
- $formDataValue[@formDataValue] = $value;
+ $formData{name} = $name;
+ $formData{value} = $value;
if( $name eq "Name" ) {
- $firstLastName = $value;
+ $data{firstLastName} = $value;
} elsif( $name eq "Wiki Name" ) {
- $wikiName = $value;
+ $data{wikiName} = $value;
} elsif( $name eq "Login Name" ) {
- $remoteUser = $value;
+ $data{remoteUser} = $value;
} elsif( $name eq "Email" ) {
- $emailAddress = $value;
+ $data{emailAddress} = $value;
} elsif( $name eq "Password" ) {
$passwordA = $value;
} elsif( $name eq "Confirm" ) {
$passwordB = $value;
}
+ push @{$data{form}}, {%formData} unless ($name eq "Password" ||
+ $name eq "Confirm");
}
}
- my $formLen = @formDataValue;
my $topicName = $query->param( 'TopicName' );
my $thePathInfo = $query->path_info();
my $theUrl = $query->url;
- ( $topic, $webName ) =
- &TWiki::initialize( $thePathInfo, $wikiName, $topicName, $theUrl, $query );
+ my $topic;
+ ( $topic, $data{webName} ) =
+ &TWiki::initialize( $thePathInfo, $data{wikiName}, $topicName, $theUrl, $query );
my $text = "";
my $url = "";
# check if user entry already exists
- if( ( $wikiName )
- && ( ( &TWiki::Store::topicExists( $webName, $wikiName ) )
- || ( htpasswdExistUser( $wikiName ) )
+ if( ( $data{wikiName} )
+ && ( ( &TWiki::Store::topicExists( $data{webName}, $data{wikiName} ) )
+ || ( htpasswdExistUser( $data{wikiName} ) )
) ) {
# PTh 20 Jun 2000: changed to getOopsUrl
- $url = &TWiki::getOopsUrl( $webName, $topic, "oopsregexist", $wikiName );
+ $url = &TWiki::getOopsUrl( $data{webName}, $topic, "oopsregexist", $data{wikiName} );
TWiki::redirect( $query, $url );
return;
}
# check if required fields are filled in
- my $x;
- for( $x = 0; $x < $formLen; $x++ ) {
- if( ( $formDataRequired[$x] ) && ( ! $formDataValue[$x] ) ) {
- $url = &TWiki::getOopsUrl( $webName, $topic, "oopsregrequ", );
+ foreach my $fd (@{$data{form}}) {
+ if( ( $fd->{required} ) && ( ! $fd->{value} ) ) {
+ $url = &TWiki::getOopsUrl( $data{webName}, $topic, "oopsregrequ", );
TWiki::redirect( $query, $url );
return;
}
}
+ # a WikiName is safe, so untaint variable
+ $data{wikiName} =~ /(.*)/;
+ $data{wikiName} = $1;
+
# check if wikiName is a WikiName
- if( ! &TWiki::isWikiName( $wikiName ) ) {
- $url = &TWiki::getOopsUrl( $webName, $topic, "oopsregwiki" );
+ if( ! &TWiki::isWikiName( $data{wikiName} ) ) {
+ $url = &TWiki::getOopsUrl( $data{webName}, $topic, "oopsregwiki" );
TWiki::redirect( $query, $url );
return;
}
- # a WikiName is safe, so untaint variable
- $wikiName =~ /(.*)/;
- $wikiName = $1;
# check if passwords are identical
if( $passwordA ne $passwordB ) {
- $url = &TWiki::getOopsUrl( $webName, $topic, "oopsregpasswd" );
+ $url = &TWiki::getOopsUrl( $data{webName}, $topic, "oopsregpasswd" );
TWiki::redirect( $query, $url );
return;
}
- # everything OK
+ # everything OK finish up
- # generate user entry and add to .htpasswd file
- if( ! $remoteUser ) {
- htpasswdAddUser( htpasswdGeneratePasswd( $wikiName, $passwordA ) );
+ $data{htpasswdEntry} = htpasswdGeneratePasswd( $data{wikiName}, $passwordA )
+ unless $data{remoteUser};
+
+ my $tmpuserDir = &TWiki::gettmpuserDir;
+ if (defined $tmpuserDir) {
+
+ $data{activationCode} = "$data{wikiName}.".int(rand(9999));
+
+ # write tmpuser file
+ store \%data, "$tmpuserDir/$data{activationCode}" or die;
+
+ # send email
+ my $text;
+ $text = &TWiki::Store::readTemplate( "registerconfirm" );
+ $text =~ s/%FIRSTLASTNAME%/$data{firstLastName}/go;
+ $text =~ s/%WIKINAME%/$data{wikiName}/go;
+ $text =~ s/%EMAILADDRESS%/$data{emailAddress}/go;
+ $text =~ s/%ACTIVATIONCODE%/$data{activationCode}/go;
+ $text = &TWiki::handleCommonTags( $text, $data{wikiName} );
+
+ my $senderr = &TWiki::Net::sendEmail( $text );
+
+ my $url = &TWiki::getOopsUrl( $data{webName}, $topic, "oopsregconfirm", $data{emailAddress} );
+ TWiki::redirect( $query, $url );
+
+ } else {
+
+ &finish(\%data);
+
+ }
+
+}
+
+sub finish
+{
+ my %data;
+ if (defined $_[0]) {
+ %data = %{$_[0]};
+ } else {
+ my $tmpuserDir = &TWiki::gettmpuserDir;
+ my $code = $query->param( 'code' );
+ my $theUrl = $query->url;
+ &TWiki::initialize( "", $data{wikiName}, "", $theUrl, $query);
+ if (! -r "$tmpuserDir/$code") {
+ my $url;
+ $url = &TWiki::getOopsUrl("", "RegistrationActivation",
+ # ^^ for lack of something better
+ "oopsregcode", $code);
+ TWiki::redirect( $query, $url );
+ }
+ my $ref = retrieve "$tmpuserDir/$code" or die;
+ %data = %{$ref};
+ die unless $code eq $data{activationCode};
+ my ($name) = $code =~ /^([^.]+)\./;
+ die unless $name eq $data{wikiName};
+ foreach (<$tmpuserDir/$name.*>) {/(.+)/; $_ = $1; unlink $_}
+ # ^^ In case a user registered twise, etc...
}
# send email confirmation
+ my $text;
$text = &TWiki::Store::readTemplate( "registernotify" );
- $text =~ s/%FIRSTLASTNAME%/$firstLastName/go;
- $text =~ s/%WIKINAME%/$wikiName/go;
- $text =~ s/%EMAILADDRESS%/$emailAddress/go;
- ( $before, $after) = split( /%FORMDATA%/, $text );
- for( $x = 0; $x < $formLen; $x++ ) {
- $name = $formDataName[$x];
- $value = $formDataValue[$x];
+ $text =~ s/%FIRSTLASTNAME%/$data{firstLastName}/go;
+ $text =~ s/%WIKINAME%/$data{wikiName}/go;
+ $text =~ s/%EMAILADDRESS%/$data{emailAddress}/go;
+ my ( $before, $after) = split( /%FORMDATA%/, $text );
+ foreach my $fd (@{$data{form}}) {
+ my $name = $fd->{name};
+ my $value = $fd->{value};
if( ( $name eq "Password" ) && ( $TWiki::doHidePasswdInRegistration ) ) {
$value = "*******";
}
@@ -149,17 +216,20 @@
}
}
$text = "$before$after";
- $text = &TWiki::handleCommonTags( $text, $wikiName );
+ $text = &TWiki::handleCommonTags( $text, $data{wikiName} );
my $senderr = &TWiki::Net::sendEmail( $text );
+ # generate user entry and add to .htpasswd file
+ htpasswdAddUser( $data{htpasswdEntry} ) unless $data{remoteUser};
+
# create user topic if not exist
- if( ! &TWiki::Store::topicExists( $TWiki::userWebname, $wikiName ) ) {
+ if( ! &TWiki::Store::topicExists( $TWiki::userWebname, $data{wikiName} ) ) {
$text = &TWiki::Store::readTemplate( "register" );
- ( $before, $after) = split( /%FORMDATA%/, $text );
- for( $x = 0; $x < $formLen; $x++ ) {
- $name = $formDataName[$x];
- $value = $formDataValue[$x];
+ my ( $before, $after) = split( /%FORMDATA%/, $text );
+ foreach my $fd (@{$data{form}}) {
+ my $name = $fd->{name};
+ my $value = $fd->{value};
$value =~ s/[\n\r]/ /go;
if( ! ( ( $name eq "Wiki Name" )
|| ( $name eq "Password" )
@@ -170,24 +240,24 @@
$text = "$before$after";
$text =~ s/ {3}/\t/go;
my $meta = TWiki::Meta->new();
- &TWiki::Store::saveTopic( $webName, $wikiName, $text, $meta, "", 1 );
+ &TWiki::Store::saveTopic( $data{webName}, $data{wikiName}, $text, $meta, "", 1 );
}
# add user to TWikiUsers topic
- my $userTopic = addUserToTWikiUsersTopic( $wikiName, $remoteUser );
+ my $userTopic = addUserToTWikiUsersTopic( $data{wikiName}, $data{remoteUser} );
# write log entry
if( $TWiki::doLogRegistration ) {
- &TWiki::Store::writeLog( "register", "$webName.$userTopic", $emailAddress, $wikiName );
+ &TWiki::Store::writeLog( "register", "$data{webName}.$userTopic", $data{emailAddress}, $data{wikiName} );
}
if( $senderr ) {
- my $url = &TWiki::getOopsUrl( $webName, $wikiName, "oopssendmailerr", $senderr );
+ my $url = &TWiki::getOopsUrl( $data{webName}, $data{wikiName}, "oopssendmailerr", $senderr );
TWiki::redirect( $query, $url );
}
# and finally display thank you page
- $url = &TWiki::getOopsUrl( $webName, $wikiName, "oopsregthanks", $emailAddress );
+ my $url = &TWiki::getOopsUrl( $data{webName}, $data{wikiName}, "oopsregthanks", $data{emailAddress} );
TWiki::redirect( $query, $url );
}
diff -bwN -ur --exclude=data --exclude=pub 01261115/lib/TWiki.cfg working/lib/TWiki.cfg
--- 01261115/lib/TWiki.cfg Fri Jan 25 22:54:46 2002
+++ working/lib/TWiki.cfg Sun Jan 27 00:21:14 2002
@@ -69,6 +69,11 @@
$templateDir = "/aux/twiki/working/templates";
# Data (topic files) root directory :
$dataDir = "/aux/twiki/working/data";
+# Where to store user data for users waiting to be approved
+$tmpuserDir = "/aux/twiki/working/tmpuser";
+# Set to 1 to require email confirmation when
+# registering as a new user:
+$requireConfirmation = 0;
# FIGURE OUT THE OS WE'RE RUNNING UNDER - from CGI.pm
# ==================================================================
# Some systems support the $^O variable. If not
diff -bwN -ur --exclude=data --exclude=pub 01261115/lib/TWiki.pm working/lib/TWiki.pm
--- 01261115/lib/TWiki.pm Fri Jan 25 18:56:47 2002
+++ working/lib/TWiki.pm Sat Jan 26 23:15:30 2002
@@ -50,6 +50,7 @@
$wikiHomeUrl $defaultUrlHost $urlHost
$scriptUrlPath $pubUrlPath $viewScript
$pubDir $templateDir $dataDir $twikiLibDir
+ $tmpuserDir $requireConfirmation
$siteWebTopicName $wikiToolName $securityFilter $uploadFilter
$debugFilename $warningFilename $htpasswdFilename
$logFilename $remoteUserFilename $wikiUsersTopicname
@@ -482,6 +483,13 @@
}
# =========================
+sub gettmpuserDir
+{
+ return $requireConfirmation ? $tmpuserDir : undef;
+}
+
+# =========================
+
sub getPubDir
{
return $pubDir;
diff -bwN -ur --exclude=data --exclude=pub 01261115/templates/oopsregcode.tmpl working/templates/oopsregcode.tmpl
--- 01261115/templates/oopsregcode.tmpl Wed Dec 31 19:00:00 1969
+++ working/templates/oopsregcode.tmpl Sat Jan 26 23:36:26 2002
@@ -0,0 +1,12 @@
+%TMPL:INCLUDE{"twiki"}%
+%TMPL:DEF{"titleaction"}%(oops)%TMPL:END%
+%TMPL:DEF{"webaction"}% *Attention* %TMPL:END%
+%TMPL:DEF{"heading"}%Invalid Activation Code%TMPL:END%
+%TMPL:DEF{"message"}%
+The activation code ==%PARAM1%== is invalid. Please try again.
+
+Please contact
+%WIKIWEBMASTER%
+if you have any questions. %TMPL:END%
+%TMPL:DEF{"topicaction"}% %TMPL:END%
+%TMPL:P{"oops"}%
diff -bwN -ur --exclude=data --exclude=pub 01261115/templates/oopsregconfirm.tmpl working/templates/oopsregconfirm.tmpl
--- 01261115/templates/oopsregconfirm.tmpl Wed Dec 31 19:00:00 1969
+++ working/templates/oopsregconfirm.tmpl Sat Jan 26 23:09:17 2002
@@ -0,0 +1,19 @@
+%TMPL:INCLUDE{"twiki"}%
+%TMPL:DEF{"titleaction"}%(note)%TMPL:END%
+%TMPL:DEF{"webaction"}% *Note* %TMPL:END%
+%TMPL:DEF{"heading"}%Thank you for registering%TMPL:END%
+%TMPL:DEF{"message"}%
+
+Your activation code hase been sent to %PARAM1%. Enter it below to
+activate your membership.
+
+
+
+%TMPL:END%
+
+%TMPL:DEF{"topicaction"}% %MAINWEB%.%HOMETOPIC% %TMPL:END%
+
+%TMPL:P{"oops"}%
diff -bwN -ur --exclude=data --exclude=pub 01261115/templates/registerconfirm.tmpl working/templates/registerconfirm.tmpl
--- 01261115/templates/registerconfirm.tmpl Wed Dec 31 19:00:00 1969
+++ working/templates/registerconfirm.tmpl Sat Jan 26 22:46:37 2002
@@ -0,0 +1,19 @@
+From: %WIKIWEBMASTER%
+To: %EMAILADDRESS%
+BCC: %WIKIWEBMASTER%
+Subject: %WIKITOOLNAME% - Activation Code for %WIKINAME%
+MIME-Version: 1.0
+Content-Type: text/plain; charset=iso-8859-1
+Content-Transfer-Encoding: 7bit
+
+Thank you for registering in the %WIKITOOLNAME% collaboration
+tool. Your activation code is %ACTIVATIONCODE%.
+
+You can activate your membership by entering the above code in the
+form presnted to you when this email was send or by going to
+%SCRIPTURL%/register%SCRIPTSUFFIX%?code=%ACTIVATIONCODE%.
+
+Note:
+In case you got this email by mistake: Somebody (%FIRSTLASTNAME%)
+registered at the %WIKITOOLNAME% site using your mail address
+%EMAILADDRESS% . Contact %WIKIWEBMASTER% if needed.