How to show registration error within popup window? How to show registration error within popup window?
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

How to show registration error within popup window?

Started by matheso, January 01, 2015, 11:41:07 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

matheso

Hello, I've created a custom sign-up form which pops up on the index page (it can be accessed directly via taskbasket.net/gallery/registration.html

but when a user doesn't fill the form correctly (no password given, or taken username, etc), the popup window redirects to the original register.php and shows an error. I've attached 3 screenshots. Screenshot #1 shows the pop-up registration form, #2 shows the error I'm talking about and #3 shows how I want the error to be displayed.

I'd like it shown in real-time, within the pop-up window. Can you help? I'm struggling.

Thank you

matheso


matheso


allvip

#3
Sorry. I did not read the topic with attention and I gived a wrong answer. I must edit.
I do not know the answer.

Αndré

I suggest to check for potential errors in your custom form before you submit the values to register.php.

matheso

Cool, I'll give it a shot. Except I don't understand how I'll include portions of register.PHP into my custom registration.html file.

I know how to include entire php files, but not only sections. I'm assuming I need to add the following php to my custom html file, but we'll see what happens!

/**

* Check the posted data
*
* @param array $var
* @return array $var
**/
function get_post_var($var)
{
    global $lang_errors;

    $superCage = Inspekt::makeSuperCage();

    if (!$superCage->post->keyExists($var) || !trim($superCage->post->getEscaped($var))) {
        cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'] . " ($var)", __FILE__, __LINE__);
    }

    return $superCage->post->getEscaped($var);
}

function check_user_info(&$error)
{
    global $CONFIG;
    global $lang_register_php, $lang_common, $lang_register_approve_email;
    global $lang_register_user_login, $lang_errors;

    $superCage = Inspekt::makeSuperCage();

    $user_name = trim(get_post_var('email'));
    $password = trim(get_post_var('password'));
    $password_again = trim(get_post_var('password_verification'));
    $email = trim(get_post_var('email'));
   /* $profile1 = trim(get_post_var('user_profile1'));
$profile2 = trim(get_post_var('user_profile2'));
$profile3 = trim(get_post_var('user_profile3'));*/

    $profile4 = $superCage->post->getEscaped('user_profile1');
    $profile5 = $superCage->post->getEscaped('user_profile2');
    $profile6 = $superCage->post->getEscaped('user_profile3');
    $agree_disclaimer = $superCage->post->getEscaped('agree');
    $captcha_confirmation = $superCage->post->getEscaped('confirmCode');

    $sql = "SELECT null FROM {$CONFIG['TABLE_USERS']} WHERE user_name = '$user_name'";
    $result = cpg_db_query($sql);

    if (mysql_num_rows($result)) {
        $error = '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_user_exists'] . '</li>';
        return false;
    }

    mysql_free_result($result);

    if (utf_strlen($user_name) < 2) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['username_warning2'] . '</li>';
    }

    if (!empty($CONFIG['global_registration_pw'])) {

        $global_registration_pw = get_post_var('global_registration_pw');

        if ($global_registration_pw != $CONFIG['global_registration_pw']) {
            $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_global_pw'] . '</li>';
        } elseif ($password == $CONFIG['global_registration_pw']) {
            $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_global_pass_same'] . '</li>';
        }
    }

    if (utf_strlen($password) < 2) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['password_warning1'] . '</li>';
    }

    if ($password == $user_name) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['password_warning2'] . '</li>';
    }

    if ($password != $password_again) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['password_verification_warning1'] . '</li>';
    }

    if (!Inspekt::isEmail($email)) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['email_warning2'] . '</li>';
    }

    if ($CONFIG['user_registration_disclaimer'] == 2 && $agree_disclaimer != 1) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_disclaimer'] . '</li>';
    }

    // Perform the ban check against email address and username
    $result = cpg_db_query("SELECT null FROM {$CONFIG['TABLE_BANNED']} WHERE user_name = '$user_name' AND brute_force = 0 LIMIT 1");

    if (mysql_num_rows($result)) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['user_name_banned'] . '</li>';
    }

    mysql_free_result($result);

    $result = cpg_db_query("SELECT null FROM {$CONFIG['TABLE_BANNED']} WHERE email = '$email' AND brute_force = 0 LIMIT 1");

    if (mysql_num_rows($result)) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['email_address_banned'] . '</li>';
    }

    mysql_free_result($result);

    // check captcha
    if ($CONFIG['registration_captcha'] != 0) {

        if (!captcha_plugin_enabled('register')) {
            require("include/captcha.inc.php");
            if (!PhpCaptcha::Validate($captcha_confirmation)) {
                $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_errors['captcha_error'] . '</li>';
            }
        } else {
            $error = CPGPluginAPI::filter('captcha_register_validate', $error);
        }
    }

    if (!$CONFIG['allow_duplicate_emails_addr']) {

        $sql = "SELECT null FROM {$CONFIG['TABLE_USERS']} WHERE user_email = '$email'";
        $result = cpg_db_query($sql);

        if (mysql_num_rows($result)) {
            $error = '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_duplicate_email'] . '</li>';
        }

        mysql_free_result($result);
    }

    $error = CPGPluginAPI::filter('register_form_validate', $error);

    if ($error != '') {
        return false;
    }

    if ($CONFIG['reg_requires_valid_email'] || $CONFIG['admin_activation']) {
        $active = 'NO';
        list($usec, $sec) = explode(' ', microtime());
        $seed = (float) $sec + ((float) $usec * 100000);
        srand($seed);
        $act_key = md5(uniqid(rand(), 1));
    } else {
        $active = 'YES';
        $act_key = '';
    }

    $encpassword = md5($password);

    $user_language = $CONFIG['lang'];

    $sql = "INSERT INTO {$CONFIG['TABLE_USERS']} (user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6, user_language) VALUES (NOW(), '$active', '$act_key', '$user_name', '$encpassword', '$email', '$profile1', '$profile2', '$profile3', '$profile4', '$profile5', '$profile6', '$user_language')";
    $result = cpg_db_query($sql);
    $user_array = array();
    $user_array['user_id'] = mysql_insert_id();
    $user_array['user_name'] = $user_name;
    $user_array['user_email'] = $email;
    $user_array['user_active'] = $active;
    CPGPluginAPI::action('register_form_submit', $user_array);

    if ($CONFIG['log_mode']) {
        log_write('New user "'.$user_name.'" registered', CPG_ACCESS_LOG);
    }

    // Create a personal album if corresponding option is enabled
    if ($CONFIG['personal_album_on_registration'] == 1) {
        $user_id = mysql_insert_id();
        $catid = $user_id + FIRST_USER_CAT;
        cpg_db_query("INSERT INTO {$CONFIG['TABLE_ALBUMS']} (`title`, `category`, `owner`) VALUES ('$user_name', $catid, $user_id)");
    }

    // Registrations must be activated/verified by the user clicking a link in an email
    if ($CONFIG['reg_requires_valid_email']) {
        // Mail the user the activation/verification link
        $act_link = rtrim($CONFIG['site_url'], '/') . '/register.php?activate=' . $act_key;

        $template_vars = array(
            '{SITE_NAME}' => $CONFIG['gallery_name'],
            '{USER_NAME}' => $user_name,
            '{ACT_LINK}'  => $act_link,
        );

        if (!cpg_mail($email, sprintf($lang_register_php['confirm_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_php['confirm_email'], $template_vars)))) {
            cpg_die(CRITICAL_ERROR, $lang_register_php['failed_sending_email'], __FILE__, __LINE__);
        }
        msg_box($lang_register_php['information'], $lang_register_php['thank_you'], $lang_common['continue'], 'index.php');
    } else {
        if ($CONFIG['admin_activation']) {
            // We need admin activation only
            msg_box($lang_register_php['information'], $lang_register_php['thank_you_admin_activation'], $lang_common['continue'], 'index.php');
        } else {
            // No activation required, account is ready for login
            msg_box($lang_register_php['information'], $lang_register_php['acct_active'], $lang_common['continue'], 'index.php');
        }
    }

    // email notification or actication link to admin
    if ($CONFIG['reg_notify_admin_email'] || ($CONFIG['admin_activation'] && !$CONFIG['reg_requires_valid_email'])) {
        if (UDB_INTEGRATION == 'coppermine') {
            // get default language in which to inform the admins
            $result = cpg_db_query("SELECT user_id, user_email, user_language FROM {$CONFIG['TABLE_USERS']} WHERE user_group = 1");
            while ( ($row = mysql_fetch_assoc($result)) ) {
                if (!empty($row['user_email'])) {
                    $admins[$row['user_id']] = array('email' => $row['user_email'], 'lang' => $row['user_language']);
                }
            }
        } else {
            //@todo: is it possible to get the language from bridged installs?
            $admins[] = array('email' => $CONFIG['gallery_admin_email'], 'lang' => 'english');
        }
        foreach($admins as $admin) {
            //check if the admin language is available
            if (file_exists("lang/{$admin['lang']}.php")) {
                $lang_register_php_def = cpg_get_default_lang_var('lang_register_php', $admin['lang']);
                $lang_register_approve_email_def = cpg_get_default_lang_var('lang_register_approve_email', $admin['lang']);
            } else {
                $lang_register_php_def = cpg_get_default_lang_var('lang_register_php');
                $lang_register_approve_email_def = cpg_get_default_lang_var('lang_register_approve_email');
            }


            // if the admin has to activate the login, give them the link to do so; but only if users don't have to verify their email address
            if ($CONFIG['admin_activation'] && !$CONFIG['reg_requires_valid_email']) {

                $act_link = rtrim($CONFIG['site_url'], '/') . '/register.php?activate=' . $act_key;

                $template_vars = array(
                    '{SITE_NAME}' => $CONFIG['gallery_name'],
                    '{USER_NAME}' => $user_name,
                    '{ACT_LINK}' => $act_link,
                );

                cpg_mail($admin['email'], sprintf($lang_register_php_def['notify_admin_request_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_approve_email_def, $template_vars)));

            } elseif ($CONFIG['reg_notify_admin_email']) {

                // otherwise, email is for information only
                cpg_mail($admin['email'], sprintf($lang_register_php_def['notify_admin_email_subject'], $CONFIG['gallery_name']), sprintf($lang_register_php_def['notify_admin_email_body'], $user_name));
            }
        }
    }

    return true;
}



matheso

Wait, it seems more logical to change my html to a php. Will report back

matheso

It doesn't seem to work with the php I posted above.

I changed my custom registration page from html to php and included the php code shown above. I wrote the code within proper php tags, right below this html form code:

<input type="submit" name="submit" class="action-button" value="Submit" />

But upon submit, it doesn't show the error in real-time within the form (instead it reverts me to register.php to see the error).

Thoughts?

Αndré

You don't need to copy code from register.php. If you want to show potential issues in real time, you need to add some JavaScript code that performs checks even before anything is submitted anywhere. Have a look at js/register.js to get an idea what should be checked.

matheso

I was able to solve this problem, you can take a look here:  http://taskbasket.net/gallery/      and click "Sign-up" in the top-right corner. It checks for bad email/password before allowing you to click next. Any feedback on the design is welcome (positive or negative).


allvip

#10
Forum rules: say how you made it and then click topic solved.

Resolve your threads: http://forum.coppermine-gallery.net/index.php/topic,55415.msg270631.html#msg270631