+ if (!count($errors)) {
+ // Put user into the DB
+ if (!$user['id']) {
+ $newHash = $utils->pwdHash($_POST['pwd']);
+ $vcode = $utils->createVerificationCode();
+ $result = $db->prepare('INSERT INTO `auth_users` (`email`, `pwdhash`, `status`, `verify_hash`) VALUES (:email, :pwdhash, \'unverified\', :vcode);');
+ if (!$result->execute(array(':email' => $_POST['email'], ':pwdhash' => $newHash, ':vcode' => $vcode))) {
+ $utils->log('user_insert_failure', 'email: '.$_POST['email']);
+ $errors[] = _('Could not add user. Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+ }
+ $user = array('id' => $db->lastInsertId(),
+ 'email' => $_POST['email'],
+ 'pwdhash' => $newHash,
+ 'status' => 'unverified',
+ 'verify_hash' => $vcode);
+ $utils->log('new_user', 'user: '.$user['id'].', email: '.$user['email']);
+ }
+ if ($user['status'] == 'unverified') {
+ // Send email for verification and show message to point to it.
+ $mail = new email();
+ $mail->setCharset('utf-8');
+ $mail->addHeader('X-KAIRO-AUTH', 'email_verification');
+ $mail->addRecipient($user['email']);
+ $mail->setSender('noreply@auth.kairo.at', _('KaiRo.at Authentication Service'));
+ $mail->setSubject('Email Verification for KaiRo.at Authentication');
+ $mail->addMailText(_('Welcome!')."\n\n");
+ $mail->addMailText(sprintf(_('This email address, %s, has been used for registration on "%s".'),
+ $user['email'], _('KaiRo.at Authentication Service'))."\n\n");
+ $mail->addMailText(_('Please confirm that registration by clicking the following link (or calling it up in your browser):')."\n");
+ $mail->addMailText(($running_on_localhost?'http':'https').'://'.$_SERVER['SERVER_NAME'].strstr($_SERVER['REQUEST_URI'], '?', true)
+ .'?email='.rawurlencode($user['email']).'&verification_code='.rawurlencode($user['verify_hash'])."\n\n");
+ $mail->addMailText(_('With this confirmation, you accept that we handle your data for the purpose of logging you into other websites when you request that.')."\n");
+ $mail->addMailText(_('Those websites will get to know your email address but not your password, which we store securely.')."\n");
+ $mail->addMailText(_('If you do not call this confirmation link within 72 hours, your data will be deleted from our database.')."\n\n");
+ $mail->addMailText(sprintf(_('The %s team'), 'KaiRo.at'));
+ //$mail->setDebugAddress("robert@localhost");
+ $mailsent = $mail->send();
+ if ($mailsent) {
+ $pagetype = 'verification_sent';
+ }
+ else {
+ $utils->log('verify_mail_failure', 'user: '.$user['id'].', email: '.$user['email']);
+ $errors[] = _('The confirmation email could not be sent to you. Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+ }
+ }
+ else {
+ // Password reset requested with "Password forgotten?" function.
+ $vcode = $utils->createVerificationCode();
+ $result = $db->prepare('UPDATE `auth_users` SET `verify_hash` = :vcode WHERE `id` = :userid;');
+ if (!$result->execute(array(':vcode' => $vcode, ':userid' => $user['id']))) {
+ $utils->log('vhash_set_failure', 'user: '.$user['id']);
+ $errors[] = _('Could not initiate reset request. Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+ }
+ else {
+ $utils->log('pwd_reset_request', 'user: '.$user['id'].', email: '.$user['email']);
+ $resetcode = $vcode.dechex($user['id'] + $session['id']).'_'.$utils->createTimeCode($session, null, 60);
+ // Send email with instructions for resetting the password.
+ $mail = new email();
+ $mail->setCharset('utf-8');
+ $mail->addHeader('X-KAIRO-AUTH', 'password_reset');
+ $mail->addRecipient($user['email']);
+ $mail->setSender('noreply@auth.kairo.at', _('KaiRo.at Authentication Service'));
+ $mail->setSubject('How to reset your password for KaiRo.at Authentication');
+ $mail->addMailText(_('Hi,')."\n\n");
+ $mail->addMailText(sprintf(_('A request for setting a new password for this email address, %s, has been submitted on "%s".'),
+ $user['email'], _('KaiRo.at Authentication Service'))."\n\n");
+ $mail->addMailText(_('You can set a new password by clicking the following link (or calling it up in your browser):')."\n");
+ $mail->addMailText(($running_on_localhost?'http':'https').'://'.$_SERVER['SERVER_NAME'].strstr($_SERVER['REQUEST_URI'], '?', true)
+ .'?email='.rawurlencode($user['email']).'&reset_code='.rawurlencode($resetcode)."\n\n");
+ $mail->addMailText(_('If you do not call this confirmation link within 1 hour, this link expires and the existing password is being kept in place.')."\n\n");
+ $mail->addMailText(sprintf(_('The %s team'), 'KaiRo.at'));
+ //$mail->setDebugAddress("robert@localhost");
+ $mailsent = $mail->send();
+ if ($mailsent) {
+ $pagetype = 'resetmail_sent';
+ }
+ else {
+ $utils->log('pwd_reset_mail_failure', 'user: '.$user['id'].', email: '.$user['email']);
+ $errors[] = _('The email with password reset instructions could not be sent to you. Please <a href="https://www.kairo.at/contact">contact KaiRo.at</a> and tell the team about this.');
+ }
+ }
+ }