';
$thisusername = $username;
$username = strtolower($username);
$userFilename = $workpath.$username;
$keyFilename = $keypath.$username;
# Check all input
if (empty($_POST['username'])) {
echo "Please enter a Username\r\n";
echo ' Back';
exit(2);
}
if ($_POST['password'] !== $_POST['password2']) {
echo "Your passwords entered do not match\r\n";
echo ' Back';
exit(2);
}
/* Check for existing email address */
$users = scandir($config_dir."/userconfig");
foreach($users as $user) {
if(!is_file($config_dir."/userconfig/".$user)) {
continue;
}
if ($userFileHandle = @fopen($config_dir."/userconfig/".$user, 'r')) {
while (!feof($userFileHandle))
{
$buffer = fgets($userFileHandle);
if(strpos($buffer, 'email:') !== FALSE) {
if(stripos($buffer, $user_email) !== FALSE) {
fclose($userFileHandle);
echo "Email exists in database\r\n";
echo ' Back';
exit(2);
}
}
}
fclose($userFileHandle);
}
}
if (!preg_match("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$^",$user_email)) {
echo "Email must be in the form of an email address\r\n";
echo ' Back';
exit(2);
}
# Does user file already exist?
if ($userFileHandle = @fopen($userFilename, 'r'))
{
if ($command == "Create")
{
echo "User:".$thisusername." Already Exists\r\n";
echo ' Back';
exit(2);
}
$userFileInfo = fread($userFileHandle, filesize($userFilename));
fclose($userFileHandle);
# User/Pass is correct
if (password_verify ( $password , $userFileInfo))
{
touch($userFilename);
$ok = TRUE;
} else {
$ok = FALSE;
}
} else {
$ok = FALSE;
}
# Ok to log in. User authenticated.
if ($ok)
{
echo "User:".$thisusername."\r\n";
exit(0);
}
# Using external authentication
if ($external)
{
$mbox = @imap_open ( $hostname , $username , $password );
if ($mbox)
{
$ok = TRUE;
imap_close($mbox);
}
}
# User is authenticated or to be created. Either way, create the file
if ($ok || ($command == "Create") )
{
echo 'Create account: '.$_POST['username'].'
';
/* Generate email */
$no_verify=explode(' ', $CONFIG['no_verify']);
foreach($no_verify as $no) {
if (strlen($_SERVER['HTTP_HOST']) - strlen($no) === strrpos($_SERVER['HTTP_HOST'],$no)) {
$CONFIG['verify_email'] = false;
}
}
if($CONFIG['verify_email']) {
// Setup mailer
$mail = new PHPMailer();
$mail->SMTPOptions = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true
)
);
$mail->IsSMTP();
$mail->CharSet = 'UTF-8';
$mail->Host = $mailer['host'];
$mail->SMTPAuth = true;
$mail->Port = $mailer['port'];
$mail->Username = $mailer['username'];
$mail->Password = $mailer['password'];;
$mail->SMTPSecure = 'tls';
$mail->setFrom('no-reply@'.$mailer['host'], 'no-reply');
$mail->addAddress($user_email);
$mail->Subject = "Confirmation code for ".$_SERVER['HTTP_HOST'];
$mycode = create_code($username);
$msg="A request to create an account on ".$_SERVER['HTTP_HOST']." has been made using ".$user_email.".\n\nIf you did not request this, please ignore and the request will fail.\n\nThis is your account creation code: ".$mycode."\n\nNote: replies to this email address are not monitored";
$mail->Body = wordwrap($msg,70);
$mail->send();
echo 'An email has been sent to '.$user_email.' ';
echo 'Please enter the code from the email below: ';
}
echo '