* @link https://TheTempusProject.com * @license https://opensource.org/licenses/MIT [MIT LICENSE] */ namespace TheTempusProject\Controllers; use TheTempusProject\Houdini\Classes\Template; use TheTempusProject\Classes\Email; use TheTempusProject\Bedrock\Functions\Check; use TheTempusProject\Bedrock\Functions\Session; use TheTempusProject\Bedrock\Functions\Input; use TheTempusProject\Bedrock\Functions\Hash; use TheTempusProject\Hermes\Functions\Redirect; use TheTempusProject\Houdini\Classes\Issues; use TheTempusProject\Houdini\Classes\Components; use TheTempusProject\Houdini\Classes\Views; use TheTempusProject\TheTempusProject as App; use TheTempusProject\Classes\Controller; use TheTempusProject\Classes\Forms; use TheTempusProject\Bedrock\Classes\Config; class Register extends Controller { public function confirm( $code = null ) { Template::noIndex(); self::$title = 'Confirm Email'; if ( !isset( $code ) && !Input::exists( 'confirmationCode' ) ) { return Views::view( 'auth.confirmation' ); } if ( Forms::check( 'emailConfirmation' ) ) { $code = Input::post( 'confirmationCode' ); } if ( !self::$user->confirm( $code ) ) { Issues::add( 'error', 'There was an error confirming your account, please try again.' ); return Views::view( 'auth.confirmation' ); } Session::flash( 'success', 'You have successfully confirmed your email address.' ); Redirect::to( 'home/index' ); } public function index() { self::$title = '{SITENAME} Sign Up'; self::$pageDescription = 'Many features of {SITENAME} are disabled or hidden from unregistered users. On this page you can sign up for an account to access all the app has to offer.'; Components::append( 'TEMPLATE_JS_INCLUDES', '' ); Components::set( 'TURNSTILE_API_KEY', '0x4AAAAAAA1yKVCfYqpnMbvA' ); if ( ! Config::getValue( 'main/registrationEnabled' ) ) { return Issues::add( 'notice', 'The site administrator has disable the ability to register a new account.' ); } Components::set( 'TERMS', Views::simpleView( 'auth.terms' ) ); if ( App::$isLoggedIn ) { return Issues::add( 'notice', 'You are currently logged in.' ); } if ( !Input::exists() ) { return Views::view( 'auth.register' ); } if ( Input::exists( 'userEmail' ) ) { // for the really bad AI / headless bots Session::flash( 'success', 'Thank you for registering! Please check your email to confirm your account.' ); Redirect::to( 'home/index' ); } if ( !Forms::check( 'register' ) ) { Issues::add( 'error', [ 'There was an error with your registration.' => Check::userErrors() ] ); return Views::view( 'auth.register' ); } if ( ! Input::exists('cf-turnstile-response') ) { Issues::add( 'notice', 'Turnstile verification failed. Please try again.' ); return Views::view( 'auth.register' ); } // Verify Turnstile response with Cloudflare API $secret_key = "0x4AAAAAAA1yKZdXiv9_JrXXhF9Iw2tvQTE"; $verify_url = "https://challenges.cloudflare.com/turnstile/v0/siteverify"; $data = [ "secret" => $secret_key, "response" => Input::post('cf-turnstile-response'), "remoteip" => $_SERVER["REMOTE_ADDR"] // Optional, helps detect abuse ]; $options = [ "http" => [ "header" => "Content-Type: application/x-www-form-urlencoded", "method" => "POST", "content" => http_build_query($data) ] ]; $context = stream_context_create($options); $response = file_get_contents($verify_url, false, $context); $result = json_decode($response, true); if ( ! $result["success"]) { Issues::add( 'notice', 'Turnstile verification failed. Please try again. If the issue persists, please contact the site administrator.' ); return Views::view( 'auth.register' ); } self::$user->create( [ 'username' => Input::post( 'username' ), 'password' => Hash::make( Input::post( 'password' ) ), 'email' => Input::post( 'email' ), 'terms' => 1, ] ); Session::flash( 'success', 'Thank you for registering! Please check your email to confirm your account.' ); Redirect::to( 'home/index' ); } /** * @todo Come back and separate this into multiple forms because this is gross. */ public function recover() { self::$title = 'Recover Account - {SITENAME}'; Template::noIndex(); if ( !Input::exists() ) { return Views::view( 'auth.forgot' ); } if ( Check::email( Input::post( 'entry' ) ) && self::$user->findByEmail( Input::post( 'entry' ) ) ) { $userData = self::$user->data(); Email::send( $userData->email, 'forgotUsername', $userData->username, [ 'template' => true ] ); Session::flash( 'notice', 'Your Username has been sent to your registered email address.' ); Redirect::to( 'home/login' ); } elseif ( self::$user->get( Input::post( 'entry' ) ) ) { self::$user->newCode( self::$user->data()->ID ); self::$user->get( Input::post( 'entry' ) ); $userData = self::$user->data(); Email::send( $userData->email, 'forgotPassword', $userData->confirmationCode, [ 'template' => true ] ); Session::flash( 'notice', 'Details for resetting your password have been sent to your registered email address' ); Redirect::to( 'home/login' ); } Issues::add( 'error', 'User not found.' ); Views::view( 'auth.forgot' ); } public function resend() { self::$title = 'Resend Confirmation'; Template::noIndex(); if ( !App::$isLoggedIn ) { return Issues::add( 'notice', 'Please log in to resend your confirmation email.' ); } if ( App::$activeUser->confirmed == '1' ) { return Issues::add( 'notice', 'Your account has already been confirmed.' ); } if ( !Forms::check( 'confirmationResend' ) ) { return Views::view( 'auth.confirmation_resend' ); } Email::send( App::$activeUser->email, 'confirmation', App::$activeUser->confirmationCode, [ 'template' => true ] ); Session::flash( 'success', 'Your confirmation email has been sent to the email for your account.' ); Redirect::to( 'home/index' ); } public function reset( $code = null ) { self::$title = 'Password Reset'; Template::noIndex(); if ( !isset( $code ) && !Input::exists( 'resetCode' ) ) { Issues::add( 'info', 'Please provide a reset code.' ); return Views::view( 'auth.password_reset_code' ); } if ( Input::exists( 'resetCode' ) ) { if ( Forms::check( 'passwordResetCode' ) ) { $code = Input::post( 'resetCode' ); } } if ( ! self::$user->checkCode( $code ) ) { Issues::add( 'error', 'There was an error with your reset code. Please try again.' ); return Views::view( 'auth.password_reset_code' ); } Components::set( 'resetCode', $code ); if ( ! Input::exists('password') ) { return Views::view( 'auth.password_reset' ); } if ( ! Forms::check( 'passwordReset' ) ) { Issues::add( 'error', [ 'There was an error with your request.' => Check::userErrors() ] ); return Views::view( 'auth.password_reset' ); } self::$user->changePassword( $code, Input::post( 'password' ) ); Email::send( self::$user->data()->email, 'passwordChange', null, [ 'template' => true ] ); Session::flash( 'success', 'Your Password has been changed, please use your new password to log in.' ); Redirect::to( 'home/login' ); } }