"._('Register a free account with')." ".HOTSPOT_NETWORK_NAME."\n"; echo "
\n"; echo "

Your desired username:

\n"; echo "

Your email address: The email MUST be valid. You will have to click on the link you will receive by email before your account is validated.

\n"; echo "

Your password:

\n"; echo "

Your password(again):

\n"; echo "

\n"; echo "

\n"; echo "
\n"; } function display_validation_email_form() { if(!empty($_REQUEST['username'])) { $username = $_REQUEST['username']; } else { $username = ''; } echo "

"._('Re-send validation email')."

\n"; echo "
\n"; echo "Your username:
\n"; echo "
\n"; echo "\n"; echo "
\n"; } /** Send the email offering the link to validate a new account */ function send_validation_email($email) { global $db; $user_info=null; $db->ExecSqlUniqueRes("SELECT * FROM users WHERE email='$email'", $user_info, false); if($user_info==null) { echo "

send_validation_email(): Error: Unable to locate $email in the database

\n"; } else { if($user_info['account_status']!=ACCOUNT_STATUS_VALIDATION) { /* Note: Do not display the username here, for privacy reasons */ echo "

send_validation_email(): Error: The user account_status is $user_info[account_status] instead of ".ACCOUNT_STATUS_VALIDATION." (ACCOUNT_STATUS_VALIDATION)

"; } else { if(empty($user_info['validation_token'])) { echo "

send_validation_email(): Error: The validation_token is empty

\n"; } else { $subject = VALIDATION_EMAIL_SUBJECT; $url = "http://" . $_SERVER["HTTP_HOST"] . $_SERVER["PHP_SELF"] . "?action=validate&username=" . $_REQUEST["username"] . "&validation_token=" . $user_info["validation_token"]; $body = "Hello Please follow the link below to validate your account. $url Thank you, The Team"; $from = "From: ".VALIDATION_EMAIL_FROM_ADDRESS; mail($email, $subject, $body, $from); echo "

"._('An email with confirmation instructions was sent to your email address. Your account has been granted 15 minutes of access to retreive your email and validate your account. You may now open a browser window and go to any remote internet address to obtain the login page.')."

\n"; } } } } function display_change_password_form() { if(!empty($_REQUEST['username'])) { $username = $_REQUEST['username']; } else { $username = ''; } if(!empty($_REQUEST['pass'])) { $pass = $_REQUEST['pass']; } else { $pass = ''; } if(!empty($_REQUEST['new_pass'])) { $new_pass = $_REQUEST['new_pass']; } else { $new_pass = ''; } if(!empty($_REQUEST['new_pass_again'])) { $new_pass_again = $_REQUEST['new_pass_again']; } else { $new_pass_again = ''; } echo "

"._('Change password')."

\n"; echo "
\n"; echo "Your username:
\n"; echo "Your old password:
\n"; echo "Your new password:
\n"; echo "Your password(again):
\n"; echo "
\n"; echo "\n"; echo "
\n"; } function display_lost_username_form() { if(!empty($_REQUEST['email'])) { $email = $_REQUEST['email']; } else { $email = ''; } echo "

"._('Lost username')."

\n"; echo "
\n"; echo "

"._('Please enter your email address:')."

\n"; echo "\n"; echo "

\n"; echo "
\n"; } /** Send the email offering the link to validate a new account */ function send_lost_username_email($email) { global $db; $db->ExecSqlUniqueRes("SELECT user_id FROM users WHERE email='$email'", $user_info, false); if($user_info==null) { echo "

send_lost_username_email(): Error: Unable to locate $email in the database

\n"; } else { $subject = LOST_USERNAME_EMAIL_SUBJECT; $body = "Hello, You have requested that the authentication server send you your username: Username: $user_info[user_id] Have a nice day, The Team"; $from = "From: ".VALIDATION_EMAIL_FROM_ADDRESS; mail($email, $subject, $body, $from); echo "

"._('Your username has been mailed to you.')."

\n"; } } function display_lost_password_form() { if(!empty($_REQUEST['username'])) { $username = $_REQUEST['username']; } else { $username = ''; } if(!empty($_REQUEST['email'])) { $email = $_REQUEST['email']; } else { $email = ''; } echo "

"._('Lost password')."

\n"; echo "
\n"; echo "

"._('Please enter either your username or your email:')."

\n"; echo "

"._('Username:')."

\n"; echo "

"._('Email address:')."

\n"; echo "

"._('I realize that after this operation, my old password will be destroyed and the system will mail me a new one. Click here to confirm:')."

\n"; echo "\n"; echo "

\n"; echo "
\n"; } /** Generate a random, eay to type and dictate password. */ function randompass() { $rand_pass = ''; // makes sure the $pass var is empty. for( $j = 0; $j < 3; $j++ ) { $startnend = array( 'b','c','d','f','g','h','j','k','l','m','n', 'p','q','r','s','t','v','w','x','y','z', ); $mid = array( 'a','e','i','o','u','y', ); $count1 = count( $startnend ) - 1; $count2 = count( $mid ) - 1; for( $i = 0; $i < 3; $i++) { if( $i != 1 ) { $rand_pass .= $startnend[rand( 0, $count1 )]; } else { $rand_pass .= $mid[rand( 0, $count2 )]; } } } return $rand_pass; } /** Send the email with the new password @param $new_passord the new password that was set */ function send_lost_password_email($email, $new_passord) { global $db; $db->ExecSqlUniqueRes("SELECT * FROM users WHERE email='$email'", $user_info, false); if($user_info==null) { echo "

send_lost_password_email(): Error: Unable to locate $email in the database

\n"; } else { $subject = LOST_PASSWORD_EMAIL_SUBJECT; $body = "Hello, You have requested that the authentication server send you a new password: Username: $user_info[user_id] Password: $new_passord Have a nice day, The Team"; $from = "From: ".VALIDATION_EMAIL_FROM_ADDRESS; mail($email, $subject, $body, $from); echo "

"._('A new password has been mailed to you.')."

\n"; } } $style = new Style(); echo $style->GetHeader(HOTSPOT_NETWORK_NAME.' user management'); $showform=true; echo "\n"; echo "\n"; echo "
\n"; if(empty($_REQUEST['action'])) { echo _("

Inscription

Pour vous connecter aux points d'accès ".HOTSPOT_NETWORK_NAME.", vous devez utiliser un nom d'utilisateur et un mot de passe.

Les comptes sont totalement gratuits pour tous ceux qui en font la demande.

Pour faire la demande d'un compte gratuit, veuillez choisir 'Create new account' dans le menu de gauche.

Sign up

".HOTSPOT_NETWORK_NAME." hotspots require you have a login and a password to utilize them.

Accounts are given absolutely free to anyone who requests them.

To request a free account, please choose 'Create new account' in the left menu.

"); } else { if(!empty($_REQUEST['username'])) { $username = $db->EscapeString(trim($_REQUEST['username'])); } else { $username = ''; } if(!empty($_REQUEST['email'])) { $email = $email = $db->EscapeString(trim($_REQUEST['email'])); } else { $email = ''; } /* Lost username */ if ($_REQUEST['action']=='lost_username_form') { display_lost_username_form(); }//End action==lost_info_form else if ($_REQUEST['action']=='mail_lost_username') { $user_info=null; if($email) { $db->ExecSqlUniqueRes("SELECT * FROM users WHERE email='$email'", $user_info, false); if($user_info==null) { echo "

"._("Unable to find $email in the database.")."

\n"; } } else { echo "

"._('You must specify your email address.')."

\n"; } if($user_info==null) { display_lost_username_form(); } else { send_lost_username_email($user_info['email']); } }//End action==mail_lost_username /* Lost password */ else if ($_REQUEST['action']=='lost_password_form') { display_lost_password_form(); }//End action==lost_info_form else if ($_REQUEST['action']=='mail_new_password') { $user_info=null; if(empty($_REQUEST['confirm_new_password']) || $_REQUEST['confirm_new_password']!='true') { echo "

"._("This will destroy your previous password, you must confirm this operation.")."

\n"; } else { if($username) { $db->ExecSqlUniqueRes("SELECT * FROM users WHERE user_id='$username'", $user_info, false); if($user_info==null) { echo "

"._("Unable to find $username in the database.")."

\n"; } } else if($email) { $db->ExecSqlUniqueRes("SELECT * FROM users WHERE email='$email'", $user_info, false); if($user_info==null) { echo "

"._("Unable to find $email in the database.")."

\n"; } } else { echo "

"._('Your must specify either your username or your email.')."

\n"; } } if($user_info==null) { display_lost_password_form(); } else { $new_password=randompass(); $password_hash = get_password_hash($new_password); $update_successful = $db->ExecSqlUpdate("UPDATE users SET pass='$password_hash' WHERE user_id='$user_info[user_id]'"); if ($update_successful) { send_lost_password_email($user_info['email'], $new_password); $showform=false; } else { echo "

"._('Internal error.')."

\n"; } } }//End action==mail_new_password /* Change password */ else if ($_REQUEST['action']=='change_password_form') { display_change_password_form(); } else if ($_REQUEST['action']=='change_password') { $pass = $db->EscapeString(trim($_REQUEST['pass'])); $new_pass = $db->EscapeString(trim($_REQUEST['new_pass'])); $preconditions_ok = false; $db->ExecSqlUniqueRes("SELECT * FROM users WHERE user_id='$username'", $user_info, false); if($user_info==null) { echo "

"._("Unable to find $username in the database.")."

\n"; } else { $user_info=null; $password_hash = get_password_hash($pass); $db->ExecSqlUniqueRes("SELECT * FROM users WHERE user_id='$username' AND pass='$password_hash'", $user_info, false); if($user_info==null) { echo "

"._("Wrong password for $username.")."

\n"; } else { if ($_REQUEST['new_pass'] != $_REQUEST['new_pass_again']) { echo "

"._('The two passwords do not match.')."

\n"; } else { if (empty($new_pass)) { echo "

"._('Sorry, empty passwords are not allowed.')."

\n"; } else { $preconditions_ok = true; } } } } if( $preconditions_ok == true) { $password_hash = get_password_hash($new_pass); $update_successful = $db->ExecSqlUpdate("UPDATE users SET pass='$password_hash' WHERE user_id='$user_info[user_id]'"); if ($update_successful) { echo "

"._('Your password was successfully changed.')."

\n"; } else { echo "

"._('Internal error.')."

\n"; } } else { display_change_password_form(); } }//End action==change_password /*********** New account and validation ********/ else if ($_REQUEST['action']=='register_new_account_form') { display_register_form(); } else if ($_REQUEST['action']=='create_new_account') { $pass = $db->EscapeString(trim($_REQUEST['pass'])); /* Check for dublicate email in the database */ $preconditions_ok = false; $db->ExecSqlUniqueRes("SELECT * FROM users WHERE user_id='$username'", $user_info_username, false); if($user_info_username!=null) { echo "

"._('Sorry, a user account is already associated to this username. You will have to chose another.')."

\n"; } else { $db->ExecSqlUniqueRes("SELECT * FROM users WHERE email='$email'", $user_info_email, false); if($user_info_email!=null) { echo "

"._('Sorry, a user account is already associated to the email adress: ')."

\n"; echo "

"._('If it really is your email, I can'); echo " " . _('send you your username by email')."\n"; echo _(', or even ')."\n"; echo " " . _('send you a new password by email').""."

\n"; } else { if ($_REQUEST['pass'] != $_REQUEST['pass_again']) { echo "

"._('The two passwords do not match.')."

\n"; } else { if (empty($_REQUEST['pass'])) { echo "

"._('Sorry, empty passwords are not allowed.')."

\n"; } else { $preconditions_ok = true; } } } } if( $preconditions_ok == true) { $status = ACCOUNT_STATUS_VALIDATION; $token = gentoken(); $password_hash = get_password_hash($pass); $update_successful = $db->ExecSqlUpdate("INSERT INTO users (user_id,email,pass,account_status,validation_token,reg_date) VALUES ('$username','$email','$password_hash','{$status}','{$token}',NOW())"); if ($update_successful) { send_validation_email($email); $showform=false; } else { echo "

"._('Internal error.')."

\n"; } } if($showform==true) { //No action was performed successfully display_register_form(); } }//End action==create_new_account elseif ($_REQUEST['action']=='validate') { $validation_token = $db->EscapeString($_REQUEST['validation_token']); $db->ExecSqlUniqueRes("SELECT * FROM users WHERE user_id='$username' AND validation_token='$validation_token'", $user_info); if ($user_info!=null) { if($user_info['account_status']==ACCOUNT_STATUS_ALLOWED) { echo "

"._('Your account was already activated.')."

\n"; } else { $status = $db->EscapeString(ACCOUNT_STATUS_ALLOWED); $update_successful = $db->ExecSqlUpdate("UPDATE users SET account_status='{$status}' WHERE user_id='$username' AND validation_token='$validation_token'"); if ($update_successful) { echo "

"._('Your account has succesfully activated! Enjoy!')."

\n"; $showform=false; } else { echo "

"._('Internal error.')."

\n"; } } } else { echo "

"._("Sorry, validation token $validation_token is not valid!")."

\n"; } }//End action==validate else if ($_REQUEST['action']=='validation_email_form') { display_validation_email_form(); }//end action==validation_email_form else if ($_REQUEST['action']=='send_validation_email') { $db->ExecSqlUniqueRes("SELECT * FROM users WHERE user_id='$username'", $user_info, false); if($user_info==null) { echo "

"._("Unable to find $username in the database.")."

\n"; } else { send_validation_email($user_info['email']); } }//end action==send_validation_email } echo "
\n"; echo $style->GetFooter(); ?>