Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: How to show registration error within popup window?  (Read 5300 times)

0 Members and 1 Guest are viewing this topic.

matheso

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 91
How to show registration error within popup window?
« on: January 01, 2015, 11:41:07 pm »

Hello, I've created a custom sign-up form which pops up on the index page (it can be accessed directly via taskbasket.net/gallery/registration.html

but when a user doesn't fill the form correctly (no password given, or taken username, etc), the popup window redirects to the original register.php and shows an error. I've attached 3 screenshots. Screenshot #1 shows the pop-up registration form, #2 shows the error I'm talking about and #3 shows how I want the error to be displayed.

I'd like it shown in real-time, within the pop-up window. Can you help? I'm struggling.

Thank you
Logged

matheso

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 91
Re: How to show registration error within popup window?
« Reply #1 on: January 01, 2015, 11:41:36 pm »

Screenshot #2
Logged

matheso

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 91
Re: How to show registration error within popup window?
« Reply #2 on: January 01, 2015, 11:42:17 pm »

Screenshot #3 (1.3 MB)
Logged

allvip

  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Posts: 1362
Re: How to show registration error within popup window?
« Reply #3 on: January 02, 2015, 10:08:33 am »

Sorry. I did not read the topic with attention and I gived a wrong answer. I must edit.
I do not know the answer.
« Last Edit: January 02, 2015, 10:14:20 am by allvip »
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
Re: How to show registration error within popup window?
« Reply #4 on: January 02, 2015, 02:30:29 pm »

I suggest to check for potential errors in your custom form before you submit the values to register.php.
Logged

matheso

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 91
Re: How to show registration error within popup window?
« Reply #5 on: January 02, 2015, 05:20:39 pm »

Cool, I'll give it a shot. Except I don't understand how I'll include portions of register.PHP into my custom registration.html file.

I know how to include entire php files, but not only sections. I'm assuming I need to add the following php to my custom html file, but we'll see what happens!

Code: [Select]
/**

* Check the posted data
*
* @param array $var
* @return array $var
**/
function get_post_var($var)
{
    global $lang_errors;

    $superCage = Inspekt::makeSuperCage();

    if (!$superCage->post->keyExists($var) || !trim($superCage->post->getEscaped($var))) {
        cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'] . " ($var)", __FILE__, __LINE__);
    }

    return $superCage->post->getEscaped($var);
}

function check_user_info(&$error)
{
    global $CONFIG;
    global $lang_register_php, $lang_common, $lang_register_approve_email;
    global $lang_register_user_login, $lang_errors;

    $superCage = Inspekt::makeSuperCage();

    $user_name = trim(get_post_var('email'));
    $password = trim(get_post_var('password'));
    $password_again = trim(get_post_var('password_verification'));
    $email = trim(get_post_var('email'));
   /* $profile1 = trim(get_post_var('user_profile1'));
$profile2 = trim(get_post_var('user_profile2'));
$profile3 = trim(get_post_var('user_profile3'));*/

    $profile4 = $superCage->post->getEscaped('user_profile1');
    $profile5 = $superCage->post->getEscaped('user_profile2');
    $profile6 = $superCage->post->getEscaped('user_profile3');
    $agree_disclaimer = $superCage->post->getEscaped('agree');
    $captcha_confirmation = $superCage->post->getEscaped('confirmCode');

    $sql = "SELECT null FROM {$CONFIG['TABLE_USERS']} WHERE user_name = '$user_name'";
    $result = cpg_db_query($sql);

    if (mysql_num_rows($result)) {
        $error = '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_user_exists'] . '</li>';
        return false;
    }

    mysql_free_result($result);

    if (utf_strlen($user_name) < 2) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['username_warning2'] . '</li>';
    }

    if (!empty($CONFIG['global_registration_pw'])) {

        $global_registration_pw = get_post_var('global_registration_pw');

        if ($global_registration_pw != $CONFIG['global_registration_pw']) {
            $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_global_pw'] . '</li>';
        } elseif ($password == $CONFIG['global_registration_pw']) {
            $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_global_pass_same'] . '</li>';
        }
    }

    if (utf_strlen($password) < 2) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['password_warning1'] . '</li>';
    }

    if ($password == $user_name) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['password_warning2'] . '</li>';
    }

    if ($password != $password_again) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['password_verification_warning1'] . '</li>';
    }

    if (!Inspekt::isEmail($email)) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['email_warning2'] . '</li>';
    }

    if ($CONFIG['user_registration_disclaimer'] == 2 && $agree_disclaimer != 1) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_disclaimer'] . '</li>';
    }

    // Perform the ban check against email address and username
    $result = cpg_db_query("SELECT null FROM {$CONFIG['TABLE_BANNED']} WHERE user_name = '$user_name' AND brute_force = 0 LIMIT 1");

    if (mysql_num_rows($result)) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['user_name_banned'] . '</li>';
    }

    mysql_free_result($result);

    $result = cpg_db_query("SELECT null FROM {$CONFIG['TABLE_BANNED']} WHERE email = '$email' AND brute_force = 0 LIMIT 1");

    if (mysql_num_rows($result)) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['email_address_banned'] . '</li>';
    }

    mysql_free_result($result);

    // check captcha
    if ($CONFIG['registration_captcha'] != 0) {

        if (!captcha_plugin_enabled('register')) {
            require("include/captcha.inc.php");
            if (!PhpCaptcha::Validate($captcha_confirmation)) {
                $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_errors['captcha_error'] . '</li>';
            }
        } else {
            $error = CPGPluginAPI::filter('captcha_register_validate', $error);
        }
    }

    if (!$CONFIG['allow_duplicate_emails_addr']) {

        $sql = "SELECT null FROM {$CONFIG['TABLE_USERS']} WHERE user_email = '$email'";
        $result = cpg_db_query($sql);

        if (mysql_num_rows($result)) {
            $error = '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_duplicate_email'] . '</li>';
        }

        mysql_free_result($result);
    }

    $error = CPGPluginAPI::filter('register_form_validate', $error);

    if ($error != '') {
        return false;
    }

    if ($CONFIG['reg_requires_valid_email'] || $CONFIG['admin_activation']) {
        $active = 'NO';
        list($usec, $sec) = explode(' ', microtime());
        $seed = (float) $sec + ((float) $usec * 100000);
        srand($seed);
        $act_key = md5(uniqid(rand(), 1));
    } else {
        $active = 'YES';
        $act_key = '';
    }

    $encpassword = md5($password);

    $user_language = $CONFIG['lang'];

    $sql = "INSERT INTO {$CONFIG['TABLE_USERS']} (user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6, user_language) VALUES (NOW(), '$active', '$act_key', '$user_name', '$encpassword', '$email', '$profile1', '$profile2', '$profile3', '$profile4', '$profile5', '$profile6', '$user_language')";
    $result = cpg_db_query($sql);
    $user_array = array();
    $user_array['user_id'] = mysql_insert_id();
    $user_array['user_name'] = $user_name;
    $user_array['user_email'] = $email;
    $user_array['user_active'] = $active;
    CPGPluginAPI::action('register_form_submit', $user_array);

    if ($CONFIG['log_mode']) {
        log_write('New user "'.$user_name.'" registered', CPG_ACCESS_LOG);
    }

    // Create a personal album if corresponding option is enabled
    if ($CONFIG['personal_album_on_registration'] == 1) {
        $user_id = mysql_insert_id();
        $catid = $user_id + FIRST_USER_CAT;
        cpg_db_query("INSERT INTO {$CONFIG['TABLE_ALBUMS']} (`title`, `category`, `owner`) VALUES ('$user_name', $catid, $user_id)");
    }

    // Registrations must be activated/verified by the user clicking a link in an email
    if ($CONFIG['reg_requires_valid_email']) {
        // Mail the user the activation/verification link
        $act_link = rtrim($CONFIG['site_url'], '/') . '/register.php?activate=' . $act_key;

        $template_vars = array(
            '{SITE_NAME}' => $CONFIG['gallery_name'],
            '{USER_NAME}' => $user_name,
            '{ACT_LINK}'  => $act_link,
        );

        if (!cpg_mail($email, sprintf($lang_register_php['confirm_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_php['confirm_email'], $template_vars)))) {
            cpg_die(CRITICAL_ERROR, $lang_register_php['failed_sending_email'], __FILE__, __LINE__);
        }
        msg_box($lang_register_php['information'], $lang_register_php['thank_you'], $lang_common['continue'], 'index.php');
    } else {
        if ($CONFIG['admin_activation']) {
            // We need admin activation only
            msg_box($lang_register_php['information'], $lang_register_php['thank_you_admin_activation'], $lang_common['continue'], 'index.php');
        } else {
            // No activation required, account is ready for login
            msg_box($lang_register_php['information'], $lang_register_php['acct_active'], $lang_common['continue'], 'index.php');
        }
    }

    // email notification or actication link to admin
    if ($CONFIG['reg_notify_admin_email'] || ($CONFIG['admin_activation'] && !$CONFIG['reg_requires_valid_email'])) {
        if (UDB_INTEGRATION == 'coppermine') {
            // get default language in which to inform the admins
            $result = cpg_db_query("SELECT user_id, user_email, user_language FROM {$CONFIG['TABLE_USERS']} WHERE user_group = 1");
            while ( ($row = mysql_fetch_assoc($result)) ) {
                if (!empty($row['user_email'])) {
                    $admins[$row['user_id']] = array('email' => $row['user_email'], 'lang' => $row['user_language']);
                }
            }
        } else {
            //@todo: is it possible to get the language from bridged installs?
            $admins[] = array('email' => $CONFIG['gallery_admin_email'], 'lang' => 'english');
        }
        foreach($admins as $admin) {
            //check if the admin language is available
            if (file_exists("lang/{$admin['lang']}.php")) {
                $lang_register_php_def = cpg_get_default_lang_var('lang_register_php', $admin['lang']);
                $lang_register_approve_email_def = cpg_get_default_lang_var('lang_register_approve_email', $admin['lang']);
            } else {
                $lang_register_php_def = cpg_get_default_lang_var('lang_register_php');
                $lang_register_approve_email_def = cpg_get_default_lang_var('lang_register_approve_email');
            }


            // if the admin has to activate the login, give them the link to do so; but only if users don't have to verify their email address
            if ($CONFIG['admin_activation'] && !$CONFIG['reg_requires_valid_email']) {

                $act_link = rtrim($CONFIG['site_url'], '/') . '/register.php?activate=' . $act_key;

                $template_vars = array(
                    '{SITE_NAME}' => $CONFIG['gallery_name'],
                    '{USER_NAME}' => $user_name,
                    '{ACT_LINK}' => $act_link,
                );

                cpg_mail($admin['email'], sprintf($lang_register_php_def['notify_admin_request_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_approve_email_def, $template_vars)));

            } elseif ($CONFIG['reg_notify_admin_email']) {

                // otherwise, email is for information only
                cpg_mail($admin['email'], sprintf($lang_register_php_def['notify_admin_email_subject'], $CONFIG['gallery_name']), sprintf($lang_register_php_def['notify_admin_email_body'], $user_name));
            }
        }
    }

    return true;
}

Logged

matheso

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 91
Re: How to show registration error within popup window?
« Reply #6 on: January 02, 2015, 05:25:40 pm »

Wait, it seems more logical to change my html to a php. Will report back
Logged

matheso

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 91
Re: How to show registration error within popup window?
« Reply #7 on: January 02, 2015, 09:07:50 pm »

It doesn't seem to work with the php I posted above.

I changed my custom registration page from html to php and included the php code shown above. I wrote the code within proper php tags, right below this html form code:

Code: [Select]
<input type="submit" name="submit" class="action-button" value="Submit" />
But upon submit, it doesn't show the error in real-time within the form (instead it reverts me to register.php to see the error).

Thoughts?
Logged

Αndré

  • Administrator
  • Coppermine addict
  • *****
  • Country: de
  • Offline Offline
  • Gender: Male
  • Posts: 15764
Re: How to show registration error within popup window?
« Reply #8 on: January 02, 2015, 09:36:25 pm »

You don't need to copy code from register.php. If you want to show potential issues in real time, you need to add some JavaScript code that performs checks even before anything is submitted anywhere. Have a look at js/register.js to get an idea what should be checked.
Logged

matheso

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 91
Re: How to show registration error within popup window?
« Reply #9 on: January 03, 2015, 05:56:53 am »

I was able to solve this problem, you can take a look here:  http://taskbasket.net/gallery/      and click "Sign-up" in the top-right corner. It checks for bad email/password before allowing you to click next. Any feedback on the design is welcome (positive or negative).

Logged

allvip

  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Posts: 1362
Re: How to show registration error within popup window?
« Reply #10 on: January 08, 2015, 01:41:53 pm »

Forum rules: say how you made it and then click topic solved.

Resolve your threads: http://forum.coppermine-gallery.net/index.php/topic,55415.msg270631.html#msg270631
« Last Edit: January 08, 2015, 02:00:05 pm by allvip »
Logged
Pages: [1]   Go Up
 

Page created in 0.036 seconds with 19 queries.