body<= " unless LJ::text_in(\%POST); my $mode = $POST{mode} || 'getinfo'; my $remote = LJ::get_remote(); return "" if !$remote; return "" if $remote->{journaltype} ne 'P'; return "" unless $remote->{statusvis} eq 'V'; if ($remote->underage) { return BML::redirect("$LJ::SITEROOT/agecheck/?s=1"); } # fix up the incoming data (is used in getinfo mode and submit mode so it's here) $POST{membership} = 'open' unless $POST{membership} =~ m/^(?:open|moderated|closed)$/; $POST{postlevel} = 'members' unless $POST{postlevel} =~ m/^(?:members|select)$/; $POST{nonmember_posting} = '0' unless $POST{nonmember_posting} =~ m/^[01]$/; $POST{moderated} = '0' unless $POST{moderated} =~ m/^[01]$/; # MODE: submit - try to create an account. might change mode # if there are errors, we'll populate $error and # return to "getinfo" mode below my $error; SUBMIT: while ($mode eq 'submit') # using while instead of if so we can 'last' out of it { return "$ML{'Error'}: $ML{'.error.postrequired'}" unless LJ::did_post(); my $user = LJ::canonical_username($POST{user}); my $title = $POST{title} || $user; # reject this email? return LJ::sysban_block(0, "Create user blocked based on email", { new_user => $user, email => $remote->{email}, name => $user }) if LJ::sysban_check('email', $remote->{email}); $error = "$ML{'error.usernamelong'}" if length($user) > 15; $error = "$ML{'error.usernameinvalid'}" if $POST{user} && !$user; $error = "$ML{'.error.username.mustenter'}" unless $POST{user}; foreach my $re ("^system\$", @LJ::PROTECTED_USERNAMES) { next unless $user =~ /$re/; # you can give people sharedjournal priv ahead of time to create # reserved communities: next if LJ::check_priv($remote, "sharedjournal", $user); $error = "$ML{'.error.username.reserved'}"; } my $u = LJ::load_user($user); my $second_submit = 0; if ($u) { my $in_use = 1; if ($u->{email} eq $remote->{email}) { if (LJ::login_ip_banned($u)) { # brute-force possible going on } else { if ($u->{password} eq $remote->{password}) { # oh, they double-clicked the submit button $second_submit = 1; # if we found a comm and everything matches, they double hit. if # we found a person/etc, then they tried to recreate their community, # which isn't allowed anymore $in_use = $u->{journaltype} eq 'C' ? 0 : 1; } else { LJ::handle_bad_login($u); } } } if ($in_use) { $error = "$ML{'.error.username.inuse'}"; } } last SUBMIT if $error; my $qclusterid = LJ::new_account_cluster() + 0; die "Cluster 0 not supported" unless $qclusterid; my $userid = ref $u ? $u->{userid} : 0; unless ($second_submit) { my $dbh = LJ::get_db_writer(); $dbh->do("INSERT INTO user (user, email, status, caps, name, clusterid, dversion, journaltype) ". "VALUES (?, ?, ?, ?, ?, ?, $LJ::MAX_DVERSION, 'C')", undef, $user, $remote->{email}, $remote->{status}, int($LJ::NEWUSER_CAPS), $title, $qclusterid); if ($dbh->err) { return "" . $dbh->errstr . " p?>"; } $userid = $dbh->{'mysql_insertid'}; $dbh->do("REPLACE INTO useridmap (userid, user) VALUES (?, ?)", undef, $userid, $user); $dbh->do("REPLACE INTO userusage (userid, timecreate) VALUES (?, NOW())", undef, $userid); # set any properties that get set in new users $u = LJ::load_userid($userid); while (my ($name, $val) = each %LJ::USERPROP_INIT) { LJ::set_userprop($u, $name, $val); } # since they're a community, let's do more setup $dbh->do("REPLACE INTO community (userid, membership, postlevel) VALUES (?, ?, ?)", undef, $userid, $POST{membership}, $POST{postlevel}); LJ::set_userprop($u, 'nonmember_posting', $POST{nonmember_posting} + 0); LJ::set_userprop($u, 'moderated', $POST{moderated} + 0); LJ::set_rel($userid, $remote->{userid}, 'M') if $POST{moderated}; # moderator if moderated LJ::set_rel($userid, $remote->{userid}, 'A'); # maintainer LJ::join_community($remote, $u, 0, 1); # make them a member of the community LJ::run_hooks("post_create", { 'userid' => $userid, 'user' => $user, }); } my $nu = LJ::load_userid($userid, "force"); # log creation $nu->log_event('account_create', { remote => $remote }); # local sites may want to override what happens at this point my $ret; my $redirect; my $stop_output; LJ::run_hooks("create.bml_postsession", { post => \%POST, u => $nu, type => 'community', redirect => \$redirect, ret => \$ret, stop_output => \$stop_output, }); return BML::redirect($redirect) if $redirect; return $ret if $stop_output; $ret = ""; my $uri = LJ::journal_base($nu); $ret .= "\n"; $ret .= "$uri/ standout?>\n"; $ret .= "\n"; $ret .= "
\n"; return $ret; } if ($mode eq "getinfo" || $error) { my $ret; if ($error) { $ret .= "$ML{'.errors.label'}