phpnuxbill/system/controllers/register.php

155 lines
6.2 KiB
PHP
Raw Normal View History

<?php
/**
2023-10-12 16:55:42 +08:00
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
* by https://t.me/ibnux
2022-08-23 17:33:21 +08:00
**/
if (isset($routes['1'])) {
$do = $routes['1'];
} else {
$do = 'register-display';
}
2022-08-23 17:33:21 +08:00
2022-09-18 01:00:40 +08:00
$otpPath = 'system/cache/sms/';
2022-09-07 15:44:04 +08:00
2022-08-23 17:33:21 +08:00
switch ($do) {
case 'post':
2022-09-07 15:44:04 +08:00
$otp_code = _post('otp_code');
2023-06-08 15:46:00 +08:00
$username = alphanumeric(_post('username'),"+_.");
2023-07-18 10:51:43 +08:00
$email = _post('email');
$fullname = _post('fullname');
$password = _post('password');
$cpassword = _post('cpassword');
$address = _post('address');
if(!empty($config['sms_url'])){
2023-08-09 15:54:38 +08:00
$phonenumber = Lang::phoneFormat($username);
$username = $phonenumber;
2023-07-18 10:51:43 +08:00
}else if(strlen($username)<21){
$phonenumber = $username;
}
2022-09-01 15:52:32 +08:00
$msg = '';
if (Validator::Length($username, 35, 2) == false) {
$msg .= 'Username should be between 3 to 55 characters' . '<br>';
}
if (Validator::Length($fullname, 36, 2) == false) {
$msg .= 'Full Name should be between 3 to 25 characters' . '<br>';
}
if (!Validator::Length($password, 35, 2)) {
$msg .= 'Password should be between 3 to 35 characters' . '<br>';
}
2023-07-18 10:51:43 +08:00
if (!Validator::Email($email)) {
$msg .= 'Email is not Valid<br>';
}
2022-09-01 15:52:32 +08:00
if ($password != $cpassword) {
2024-02-13 14:54:01 +08:00
$msg .= Lang::T('Passwords does not match') . '<br>';
2022-09-01 15:52:32 +08:00
}
2022-08-23 17:33:21 +08:00
2022-09-21 15:15:00 +08:00
if(!empty($config['sms_url'])){
2022-09-07 15:44:04 +08:00
$otpPath .= sha1($username.$db_password).".txt";
2022-09-18 01:00:40 +08:00
run_hook('validate_otp'); #HOOK
2023-10-12 15:53:29 +08:00
//expired 10 minutes
if(file_exists($otpPath) && time()-filemtime($otpPath)>1200){
2022-09-07 15:44:04 +08:00
unlink($otpPath);
r2(U . 'register', 's', 'Verification code expired');
}else if(file_exists($otpPath)){
$code = file_get_contents($otpPath);
if($code!=$otp_code){
$ui->assign('username', $username);
$ui->assign('fullname', $fullname);
$ui->assign('address', $address);
2023-07-18 10:51:43 +08:00
$ui->assign('email', $email);
2022-09-07 15:44:04 +08:00
$ui->assign('phonenumber', $phonenumber);
2023-10-24 10:27:51 +08:00
$ui->assign('notify', 'Wrong Verification code');
$ui->assign('notify_t', 'd');
2022-09-07 15:44:04 +08:00
$ui->display('register-otp.tpl');
exit();
}else{
unlink($otpPath);
}
}else{
r2(U . 'register', 's', 'No Verification code');
}
}
2022-09-01 15:52:32 +08:00
$d = ORM::for_table('tbl_customers')->where('username', $username)->find_one();
if ($d) {
2024-02-13 14:54:01 +08:00
$msg .= Lang::T('Account already axist') . '<br>';
2022-09-01 15:52:32 +08:00
}
if ($msg == '') {
2022-09-18 01:00:40 +08:00
run_hook('register_user'); #HOOK
2022-09-01 15:52:32 +08:00
$d = ORM::for_table('tbl_customers')->create();
2023-06-08 15:46:00 +08:00
$d->username = alphanumeric($username,"+_.");
2022-09-01 15:52:32 +08:00
$d->password = $password;
$d->fullname = $fullname;
$d->address = $address;
2023-07-18 10:51:43 +08:00
$d->email = $email;
2022-09-01 15:52:32 +08:00
$d->phonenumber = $phonenumber;
if ($d->save()) {
$user = $d->id();
2024-02-13 14:54:01 +08:00
r2(U . 'login', 's', Lang::T('Register Success! You can login now'));
2022-08-23 17:33:21 +08:00
} else {
$ui->assign('username', $username);
$ui->assign('fullname', $fullname);
$ui->assign('address', $address);
2023-07-18 10:51:43 +08:00
$ui->assign('email', $email);
2022-08-23 17:33:21 +08:00
$ui->assign('phonenumber', $phonenumber);
2023-10-24 10:27:51 +08:00
$ui->assign('notify', 'Failed to register');
$ui->assign('notify_t', 'd');
2022-09-18 01:00:40 +08:00
run_hook('view_otp_register'); #HOOK
$ui->display('register-rotp.tpl');
2022-08-23 17:33:21 +08:00
}
} else {
$ui->assign('username', $username);
$ui->assign('fullname', $fullname);
$ui->assign('address', $address);
2023-07-18 10:51:43 +08:00
$ui->assign('email', $email);
2022-08-23 17:33:21 +08:00
$ui->assign('phonenumber', $phonenumber);
2023-10-24 10:27:51 +08:00
$ui->assign('notify', $msg);
$ui->assign('notify_t', 'd');
2022-08-23 17:33:21 +08:00
$ui->display('register.tpl');
}
break;
default:
2022-09-21 15:15:00 +08:00
if(!empty($config['sms_url'])){
2022-09-07 15:44:04 +08:00
$username = _post('username');
if(!empty($username)){
$d = ORM::for_table('tbl_customers')->where('username', $username)->find_one();
if ($d) {
2024-02-13 14:54:01 +08:00
r2(U . 'register', 's', Lang::T('Account already axist'));
2022-09-07 15:44:04 +08:00
}
if(!file_exists($otpPath)){
mkdir($otpPath);
touch($otpPath.'index.html');
}
$otpPath .= sha1($username.$db_password).".txt";
2023-10-12 15:53:29 +08:00
//expired 10 minutes
if(file_exists($otpPath) && time()-filemtime($otpPath)<1200){
2022-09-07 15:44:04 +08:00
$ui->assign('username', $username);
2023-10-24 10:27:51 +08:00
$ui->assign('notify', 'Please wait '.(1200-(time()-filemtime($otpPath))).' seconds before sending another SMS');
$ui->assign('notify_t', 'd');
2022-09-07 15:44:04 +08:00
$ui->display('register-otp.tpl');
}else{
$otp = rand(100000,999999);
file_put_contents($otpPath, $otp);
2023-03-06 15:51:36 +08:00
Message::sendSMS($username,$config['CompanyName']."\nYour Verification code are: $otp");
2022-09-07 15:44:04 +08:00
$ui->assign('username', $username);
2023-10-24 10:27:51 +08:00
$ui->assign('notify', 'Verification code has been sent to your phone');
$ui->assign('notify_t', 's');
2022-09-07 15:44:04 +08:00
$ui->display('register-otp.tpl');
}
}else{
2022-09-18 01:00:40 +08:00
run_hook('view_otp_register'); #HOOK
2022-09-07 15:44:04 +08:00
$ui->display('register-rotp.tpl');
}
}else{
$ui->assign('username', "");
$ui->assign('fullname', "");
$ui->assign('address', "");
2023-07-18 10:51:43 +08:00
$ui->assign('email', "");
2022-09-07 15:44:04 +08:00
$ui->assign('otp', false);
2022-09-18 01:00:40 +08:00
run_hook('view_register'); #HOOK
2022-09-07 15:44:04 +08:00
$ui->display('register.tpl');
}
break;
}