From 16ca00ee6293371fbc778e7e569cc14a5c787ebc Mon Sep 17 00:00:00 2001 From: Sader Fawall Date: Sat, 16 Nov 2019 22:48:58 +0200 Subject: [PATCH 1/2] Initialize --- config/application.php | 1 + lang/en_us.php | 1 + lib/Flux/LoginServer.php | 15 +++++++++++++-- lib/Flux/RegisterError.php | 1 + modules/account/create.php | 3 +++ 5 files changed, 19 insertions(+), 2 deletions(-) diff --git a/config/application.php b/config/application.php index 5daed0b8f..078fddb62 100644 --- a/config/application.php +++ b/config/application.php @@ -55,6 +55,7 @@ 'RequireEmailConfirm' => false, // Require e-mail confirmation during registration. 'RequireChangeConfirm' => false, // Require confirmation when changing e-mail addresses. 'EmailConfirmExpire' => 48, // E-mail confirmations expire hours. Unconfirmed accounts will expire after this period of time. + 'AntiRegesterationSpam' => false, // Work only when 'RequireEmailConfirm' is active , if the ip have an unconfirmed account , it would privent the user from registering new account. 'PincodeEnabled' => true, // Whether or not the pincode system is enabled in your server. (Check your char_athena.conf file. Enabled by default.) 'MailerFromAddress' => 'noreply@localhost', // The e-mail address displayed in the From field. 'MailerFromName' => 'MailerName', // The name displayed with the From e-mail address. diff --git a/lang/en_us.php b/lang/en_us.php index 09ca3ef04..d549fcbeb 100755 --- a/lang/en_us.php +++ b/lang/en_us.php @@ -210,6 +210,7 @@ 'InvalidSecurityCode' => 'Please enter the security code correctly.', 'InvalidPassword' => 'Your password contains invalid characters.', 'InvalidBirthdate' => 'Invalid birthdate input.', + 'AntiRegesterationSpam' => 'Anti Registeration Spam System is Active , Contact the Admin to Complete your registeration.', 'CriticalRegisterError' => 'Something bad happened. Report to an administrator ASAP.', // - account/edit 'AccountEditTitle' => 'Modify Account', diff --git a/lib/Flux/LoginServer.php b/lib/Flux/LoginServer.php index 2998710ea..52c5a225b 100644 --- a/lib/Flux/LoginServer.php +++ b/lib/Flux/LoginServer.php @@ -189,14 +189,25 @@ public function register($username, $password, $confirmPassword, $email,$email2, throw new Flux_RegisterError('E-mail address is already in use', Flux_RegisterError::EMAIL_ADDRESS_IN_USE); } } + + if (Flux::config('RequireEmailConfirm') && Flux::config('AntiRegesterationSpam')) { + $sql = "SELECT state FROM {$this->loginDatabase}.login WHERE last_ip = ? And state = 5 LIMIT 1"; + $sth = $this->connection->getStatement($sql); + $sth->execute(array($_SERVER['REMOTE_ADDR'])); + + $res = $sth->fetch(); + if ($res) { + throw new Flux_RegisterError('Anti Regesteration Spam System Detect a Spam', Flux_RegisterError::ANTI_REGESTERATION_SPAM); + } + } if ($this->config->getUseMD5()) { $password = Flux::hashPassword($password); } - $sql = "INSERT INTO {$this->loginDatabase}.login (userid, user_pass, email, sex, group_id, birthdate) VALUES (?, ?, ?, ?, ?, ?)"; + $sql = "INSERT INTO {$this->loginDatabase}.login (userid, user_pass, email, sex, group_id, birthdate, last_ip) VALUES (?, ?, ?, ?, ?, ?, ?)"; $sth = $this->connection->getStatement($sql); - $res = $sth->execute(array($username, $password, $email, $gender, (int)$this->config->getGroupID(), date('Y-m-d', $birthdatestamp))); + $res = $sth->execute(array($username, $password, $email, $gender, (int)$this->config->getGroupID(), date('Y-m-d', $birthdatestamp), $_SERVER['REMOTE_ADDR'])); if ($res) { $idsth = $this->connection->getStatement("SELECT LAST_INSERT_ID() AS account_id"); diff --git a/lib/Flux/RegisterError.php b/lib/Flux/RegisterError.php index dcf05974a..b073a91a6 100644 --- a/lib/Flux/RegisterError.php +++ b/lib/Flux/RegisterError.php @@ -23,5 +23,6 @@ class Flux_RegisterError extends Flux_Error { const INVALID_PASSWORD = 18; const INVALID_BIRTHDATE = 19; const INVALID_EMAIL_CONF = 20; + const ANTI_REGESTERATION_SPAM= 21; } ?> diff --git a/modules/account/create.php b/modules/account/create.php index c262eebe0..e166d9f15 100644 --- a/modules/account/create.php +++ b/modules/account/create.php @@ -150,6 +150,9 @@ case Flux_RegisterError::INVALID_BIRTHDATE: $errorMessage = Flux::message('InvalidBirthdate'); break; + case Flux_RegisterError::ANTI_REGESTERATION_SPAM: + $errorMessage = Flux::message('AntiRegesterationSpam'); + break; default: $errorMessage = Flux::message('CriticalRegisterError'); break; From 77efc5412bd396be54e87ce8835179d0a759326e Mon Sep 17 00:00:00 2001 From: Sader Fawall Date: Sat, 16 Mar 2024 20:48:27 +0200 Subject: [PATCH 2/2] Changing the language from "AntiRegesterationSpam" to "PendingRegistration" Co-Authored-By: Everade <12261601+everade@users.noreply.github.com> --- config/application.php | 2 +- lang/en_us.php | 2 +- lib/Flux/LoginServer.php | 4 ++-- lib/Flux/RegisterError.php | 2 +- modules/account/create.php | 4 ++-- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/config/application.php b/config/application.php index 078fddb62..3c8a59f06 100644 --- a/config/application.php +++ b/config/application.php @@ -55,7 +55,7 @@ 'RequireEmailConfirm' => false, // Require e-mail confirmation during registration. 'RequireChangeConfirm' => false, // Require confirmation when changing e-mail addresses. 'EmailConfirmExpire' => 48, // E-mail confirmations expire hours. Unconfirmed accounts will expire after this period of time. - 'AntiRegesterationSpam' => false, // Work only when 'RequireEmailConfirm' is active , if the ip have an unconfirmed account , it would privent the user from registering new account. + 'PendingRegistration' => false, // Requires 'RequireEmailConfirm' to be true. Prevents new registration if ip address has a pending registration on selected mail. 'PincodeEnabled' => true, // Whether or not the pincode system is enabled in your server. (Check your char_athena.conf file. Enabled by default.) 'MailerFromAddress' => 'noreply@localhost', // The e-mail address displayed in the From field. 'MailerFromName' => 'MailerName', // The name displayed with the From e-mail address. diff --git a/lang/en_us.php b/lang/en_us.php index d549fcbeb..f9a33c9df 100755 --- a/lang/en_us.php +++ b/lang/en_us.php @@ -210,7 +210,7 @@ 'InvalidSecurityCode' => 'Please enter the security code correctly.', 'InvalidPassword' => 'Your password contains invalid characters.', 'InvalidBirthdate' => 'Invalid birthdate input.', - 'AntiRegesterationSpam' => 'Anti Registeration Spam System is Active , Contact the Admin to Complete your registeration.', + 'PendingRegistration' => 'You already have a pending registration. Please check your mails and follow the confirmation process.', 'CriticalRegisterError' => 'Something bad happened. Report to an administrator ASAP.', // - account/edit 'AccountEditTitle' => 'Modify Account', diff --git a/lib/Flux/LoginServer.php b/lib/Flux/LoginServer.php index 52c5a225b..189281337 100644 --- a/lib/Flux/LoginServer.php +++ b/lib/Flux/LoginServer.php @@ -190,14 +190,14 @@ public function register($username, $password, $confirmPassword, $email,$email2, } } - if (Flux::config('RequireEmailConfirm') && Flux::config('AntiRegesterationSpam')) { + if (Flux::config('RequireEmailConfirm') && Flux::config('PendingRegistration')) { $sql = "SELECT state FROM {$this->loginDatabase}.login WHERE last_ip = ? And state = 5 LIMIT 1"; $sth = $this->connection->getStatement($sql); $sth->execute(array($_SERVER['REMOTE_ADDR'])); $res = $sth->fetch(); if ($res) { - throw new Flux_RegisterError('Anti Regesteration Spam System Detect a Spam', Flux_RegisterError::ANTI_REGESTERATION_SPAM); + throw new Flux_RegisterError('Detected pending registration. A new registration has been prevented.', Flux_RegisterError::PENDING_REGISTRATION); } } diff --git a/lib/Flux/RegisterError.php b/lib/Flux/RegisterError.php index b073a91a6..637c72a18 100644 --- a/lib/Flux/RegisterError.php +++ b/lib/Flux/RegisterError.php @@ -23,6 +23,6 @@ class Flux_RegisterError extends Flux_Error { const INVALID_PASSWORD = 18; const INVALID_BIRTHDATE = 19; const INVALID_EMAIL_CONF = 20; - const ANTI_REGESTERATION_SPAM= 21; + const PENDING_REGISTRATION = 21; } ?> diff --git a/modules/account/create.php b/modules/account/create.php index e166d9f15..71d9c52a3 100644 --- a/modules/account/create.php +++ b/modules/account/create.php @@ -150,8 +150,8 @@ case Flux_RegisterError::INVALID_BIRTHDATE: $errorMessage = Flux::message('InvalidBirthdate'); break; - case Flux_RegisterError::ANTI_REGESTERATION_SPAM: - $errorMessage = Flux::message('AntiRegesterationSpam'); + case Flux_RegisterError::PENDING_REGISTRATION: + $errorMessage = Flux::message('PendingRegistration'); break; default: $errorMessage = Flux::message('CriticalRegisterError');