This commit is contained in:
Joey Kimsey
2025-02-25 13:38:08 -05:00
parent 20f2f059a1
commit 15875d1fa3
6 changed files with 48 additions and 8 deletions

View File

@ -47,7 +47,8 @@ class Register extends Controller {
public function index() {
self::$title = '{SITENAME} Sign Up';
self::$pageDescription = 'Many features of {SITENAME} are disabled or hidden from unregistered users. On this page you can sign up for an account to access all the app has to offer.';
Components::append( 'TEMPLATE_JS_INCLUDES', '<script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>' );
Components::set( 'TURNSTILE_API_KEY', '0x4AAAAAAA1yKVCfYqpnMbvA' );
if ( ! Config::getValue( 'main/registrationEnabled' ) ) {
return Issues::add( 'notice', 'The site administrator has disable the ability to register a new account.' );
}
@ -59,10 +60,41 @@ class Register extends Controller {
if ( !Input::exists() ) {
return Views::view( 'auth.register' );
}
if ( Input::exists( 'userEmail' ) ) {
// for the really bad AI / headless bots
Session::flash( 'success', 'Thank you for registering! Please check your email to confirm your account.' );
Redirect::to( 'home/index' );
}
if ( !Forms::check( 'register' ) ) {
Issues::add( 'error', [ 'There was an error with your registration.' => Check::userErrors() ] );
return Views::view( 'auth.register' );
}
if ( ! Input::exists('cf-turnstile-response') ) {
Issues::add( 'notice', 'Turnstile verification failed. Please try again.' );
return Views::view( 'auth.register' );
}
// Verify Turnstile response with Cloudflare API
$secret_key = "0x4AAAAAAA1yKZdXiv9_JrXXhF9Iw2tvQTE";
$verify_url = "https://challenges.cloudflare.com/turnstile/v0/siteverify";
$data = [
"secret" => $secret_key,
"response" => Input::post('cf-turnstile-response'),
"remoteip" => $_SERVER["REMOTE_ADDR"] // Optional, helps detect abuse
];
$options = [
"http" => [
"header" => "Content-Type: application/x-www-form-urlencoded",
"method" => "POST",
"content" => http_build_query($data)
]
];
$context = stream_context_create($options);
$response = file_get_contents($verify_url, false, $context);
$result = json_decode($response, true);
if ( ! $result["success"]) {
Issues::add( 'notice', 'Turnstile verification failed. Please try again. If the issue persists, please contact the site administrator.' );
return Views::view( 'auth.register' );
}
self::$user->create( [
'username' => Input::post( 'username' ),
'password' => Hash::make( Input::post( 'password' ) ),