diff --git a/config/application.php b/config/application.php index b3f73085..8a66c5af 100644 --- a/config/application.php +++ b/config/application.php @@ -57,6 +57,7 @@ 'RequireEmailConfirm' => false, // Require e-mail confirmation during registration. 'RequireChangeConfirm' => false, // Require confirmation when changing e-mail addresses. 'EmailConfirmExpire' => 48, // E-mail confirmations expire hours. Unconfirmed accounts will expire after this period of time. + 'PendingRegistration' => false, // Requires 'RequireEmailConfirm' to be true. Prevents new registration if ip address has a pending registration on selected mail. 'PincodeEnabled' => true, // Whether or not the pincode system is enabled in your server. (Check your char_athena.conf file. Enabled by default.) 'MailerFromAddress' => 'noreply@localhost', // The e-mail address displayed in the From field. 'MailerFromName' => 'MailerName', // The name displayed with the From e-mail address. diff --git a/lang/en_us.php b/lang/en_us.php index 44737a39..177488ae 100755 --- a/lang/en_us.php +++ b/lang/en_us.php @@ -211,6 +211,7 @@ 'InvalidSecurityCode' => 'Please enter the security code correctly.', 'InvalidPassword' => 'Your password contains invalid characters.', 'InvalidBirthdate' => 'Invalid birthdate input.', + 'PendingRegistration' => 'You already have a pending registration. Please check your mails and follow the confirmation process.', 'CriticalRegisterError' => 'Something bad happened. Report to an administrator ASAP.', // - account/edit 'AccountEditTitle' => 'Modify Account', diff --git a/lib/Flux/LoginServer.php b/lib/Flux/LoginServer.php index 843f6df7..b8ddf941 100644 --- a/lib/Flux/LoginServer.php +++ b/lib/Flux/LoginServer.php @@ -198,14 +198,25 @@ public function register($username, $password, $confirmPassword, $email,$email2, throw new Flux_RegisterError('E-mail address is already in use', Flux_RegisterError::EMAIL_ADDRESS_IN_USE); } } + + if (Flux::config('RequireEmailConfirm') && Flux::config('PendingRegistration')) { + $sql = "SELECT state FROM {$this->loginDatabase}.login WHERE last_ip = ? And state = 5 LIMIT 1"; + $sth = $this->connection->getStatement($sql); + $sth->execute(array($_SERVER['REMOTE_ADDR'])); + + $res = $sth->fetch(); + if ($res) { + throw new Flux_RegisterError('Detected pending registration. A new registration has been prevented.', Flux_RegisterError::PENDING_REGISTRATION); + } + } if ($this->config->getUseMD5()) { $password = Flux::hashPassword($password); } - $sql = "INSERT INTO {$this->loginDatabase}.login (userid, user_pass, email, sex, group_id, birthdate) VALUES (?, ?, ?, ?, ?, ?)"; + $sql = "INSERT INTO {$this->loginDatabase}.login (userid, user_pass, email, sex, group_id, birthdate, last_ip) VALUES (?, ?, ?, ?, ?, ?, ?)"; $sth = $this->connection->getStatement($sql); - $res = $sth->execute(array($username, $password, $email, $gender, (int)$this->config->getGroupID(), date('Y-m-d', $birthdatestamp))); + $res = $sth->execute(array($username, $password, $email, $gender, (int)$this->config->getGroupID(), date('Y-m-d', $birthdatestamp), $_SERVER['REMOTE_ADDR'])); if ($res) { $idsth = $this->connection->getStatement("SELECT LAST_INSERT_ID() AS account_id"); diff --git a/lib/Flux/RegisterError.php b/lib/Flux/RegisterError.php index b521ec49..4aa9aa97 100644 --- a/lib/Flux/RegisterError.php +++ b/lib/Flux/RegisterError.php @@ -22,5 +22,6 @@ class Flux_RegisterError extends Flux_Error { const INVALID_PASSWORD = 18; const INVALID_BIRTHDATE = 19; const INVALID_EMAIL_CONF = 20; + const PENDING_REGISTRATION = 21; } ?> diff --git a/modules/account/create.php b/modules/account/create.php index c0df7aa3..424afda0 100644 --- a/modules/account/create.php +++ b/modules/account/create.php @@ -150,6 +150,9 @@ case Flux_RegisterError::INVALID_BIRTHDATE: $errorMessage = Flux::message('InvalidBirthdate'); break; + case Flux_RegisterError::PENDING_REGISTRATION: + $errorMessage = Flux::message('PendingRegistration'); + break; default: $errorMessage = Flux::message('CriticalRegisterError'); break;