1 <?php
2 $app_name = 'online clinic management system';
3 $currDir = dirname(__FILE__);
4 include("{$currDir}/defaultLang.php");
5 include("{$currDir}/language.php");
6 include("{$currDir}/lib.php");
7 include_once("{$currDir}/header.php");
8
9 $adminConfig = config('adminConfig');
10
11 if(!$cg = sqlValue("select count(1) from membership_groups where allowSignup=1")){
12 $noSignup = true;
13 echo error_message($Translation['sign up disabled']);
14 exit;
15 }
16
17 if($_POST['signUp'] != ''){
18 // receive data
19 $memberID = is_allowed_username($_POST['newUsername']);
20 $email = isEmail($_POST['email']);
21 $password = $_POST['password'];
22 $confirmPassword = $_POST['confirmPassword'];
23 $groupID = intval($_POST['groupID']);
24 $custom1 = makeSafe($_POST['custom1']);
25 $custom2 = makeSafe($_POST['custom2']);
26 $custom3 = makeSafe($_POST['custom3']);
27 $custom4 = makeSafe($_POST['custom4']);
28
29 // validate data
30 if(!$memberID){
31 echo error_message($Translation['username invalid']);
32 exit;
33 }
34 if(strlen($password) < 4 || trim($password) != $password){
35 echo error_message($Translation['password invalid']);
36 exit;
37 }
38 if($password != $confirmPassword){
39 echo error_message($Translation['password no match']);
40 exit;
41 }
42 if(!$email){
43 echo error_message($Translation['email invalid']);
44 exit;
45 }
46 if(!sqlValue("select count(1) from membership_groups where groupID='$groupID' and allowSignup=1")){
47 echo error_message($Translation['group invalid']);
48 exit;
49 }
50
51 // save member data
52 $needsApproval = sqlValue("select needsApproval from membership_groups where groupID='$groupID'");
53 sql("INSERT INTO `membership_users` set memberID='$memberID', passMD5='".md5($password)."', email='$email', signupDate='".@date('Y-m-d')."', groupID='$groupID', isBanned='0', isApproved='".($needsApproval==1 ? '0' : '1')."', custom1='$custom1', custom2='$custom2', custom3='$custom3', custom4='$custom4', comments='member signed up through the registration form.'", $eo);
54
55 // admin mail notification
56 /* ---- application name as provided in AppGini is used here ---- */
57 $message = nl2br(
58 "A new member has signed up for {$app_name}.\n\n" .
59 "Member name: {$memberID}\n" .
60 "Member group: " . sqlValue("select name from membership_groups where groupID='{$groupID}'") . "\n" .
61 "Member email: {$email}\n" .
62 "IP address: {$_SERVER['REMOTE_ADDR']}\n" .
63 "Custom fields:\n" .
64 ($adminConfig['custom1'] ? "{$adminConfig['custom1']}: {$custom1}\n" : '') .
65 ($adminConfig['custom2'] ? "{$adminConfig['custom2']}: {$custom2}\n" : '') .
66 ($adminConfig['custom3'] ? "{$adminConfig['custom3']}: {$custom3}\n" : '') .
67 ($adminConfig['custom4'] ? "{$adminConfig['custom4']}: {$custom4}\n" : '')
68 );
69
70 if($adminConfig['notifyAdminNewMembers'] == 2 && !$needsApproval){
71 sendmail(array(
72 'to' => $adminConfig['senderEmail'],
73 'subject' => "[{$app_name}] New member signup",
74 'message' => $message
75 ));
76 }elseif($adminConfig['notifyAdminNewMembers'] >= 1 && $needsApproval){
77 sendmail(array(
78 'to' => $adminConfig['senderEmail'],
79 'subject' => "[{$app_name}] New member awaiting approval",
80 'message' => $message
81 ));
82 }
83
84 // hook: member_activity
85 if(function_exists('member_activity')){
86 $args = array();
87 member_activity(getMemberInfo($memberID), ($needsApproval ? 'pending' : 'automatic'), $args);
88 }
89
90 // redirect to thanks page
91 $redirect = ($needsApproval ? '' : '?redir=1');
92 redirect("membership_thankyou.php$redirect");
93
94 exit;
95 }
96
97 // drop-down of groups allowing self-signup
98 $groupsDropDown = preg_replace('/<option.*?value="".*?><\/option>/i', '', htmlSQLSelect('groupID', "select groupID, concat(name, if(needsApproval=1, ' *', ' ')) from membership_groups where allowSignup=1 order by name", ($cg == 1 ? sqlValue("select groupID from membership_groups where allowSignup=1 order by name limit 1") : 0 )));
99 $groupsDropDown = str_replace('<select ', '<select class="form-control" ', $groupsDropDown);
100 ?>
101
102 <?php if(!$noSignup){ ?>
103 <div class="row">
104 <div class="hidden-xs col-sm-4 col-md-6 col-lg-8" id="signup_splash">
105 <!-- customized splash content here -->
106 </div>
107
108 <div class="col-sm-8 col-md-6 col-lg-4">
109 <div class="panel panel-success">
110
111 <div class="panel-heading">
112 <h1 class="panel-title"><strong><?php echo $Translation['sign up here']; ?></strong></h1>
113 </div>
114
115 <div class="panel-body">
116 <form method="post" action="membership_signup.php">
117 <div class="form-group">
118 <label for="username" class="control-label"><?php echo $Translation['username']; ?></label>
119 <input class="form-control input-lg" type="text" required="" placeholder="<?php echo $Translation['username']; ?>" id="username" name="newUsername">
120 <span id="usernameAvailable" class="help-block hidden pull-left"><i class="glyphicon glyphicon-ok"></i> <?php echo str_ireplace(array("'", '"', '<memberid>'), '', $Translation['user available']); ?></span>
121 <span id="usernameNotAvailable" class="help-block hidden pull-left"><i class="glyphicon glyphicon-remove"></i> <?php echo str_ireplace(array("'", '"', '<memberid>'), '', $Translation['username invalid']); ?></span>
122 <div class="clearfix"></div>
123 </div>
124
125 <div class="row">
126 <div class="col-sm-6">
127 <div class="form-group">
128 <label for="password" class="control-label"><?php echo $Translation['password']; ?></label>
129 <input class="form-control" type="password" required="" placeholder="<?php echo $Translation['password']; ?>" id="password" name="password">
130 </div>
131 </div>
132 <div class="col-sm-6">
133 <div class="form-group">
134 <label for="confirmPassword" class="control-label"><?php echo $Translation['confirm password']; ?></label>
135 <input class="form-control" type="password" required="" placeholder="<?php echo $Translation['confirm password']; ?>" id="confirmPassword" name="confirmPassword">
136 </div>
137 </div>
138 </div>
139
140 <div class="form-group">
141 <label for="email" class="control-label"><?php echo $Translation['email']; ?></label>
142 <input class="form-control" type="text" required="" placeholder="<?php echo $Translation['email']; ?>" id="email" name="email">
143 </div>
144
145 <div class="form-group">
146 <label for="group" class="control-label"><?php echo $Translation['group']; ?></label>
147 <?php echo $groupsDropDown; ?>
148 <span class="help-block"><?php echo $Translation['groups *']; ?></span>
149 </div>
150
151 <?php
152 if(!$adminConfig['hide_custom_user_fields_during_signup']){
153 for($cf = 1; $cf <= 4; $cf++){
154 if($adminConfig['custom'.$cf] != ''){
155 ?>
156 <div class="row form-group">
157 <div class="col-sm-3"><label class="control-label" for="custom<?php echo $cf; ?>"><?php echo $adminConfig['custom'.$cf]; ?></label></div>
158 <div class="col-sm-9"><input class="form-control" type="text" placeholder="<?php echo $adminConfig['custom'.$cf]; ?>" id="custom<?php echo $cf; ?>" name="custom<?php echo $cf; ?>"></div>
159 </div>
160 <?php
161 }
162 }
163 }
164 ?>
165
166 <div class="row">
167 <div class="col-sm-offset-3 col-sm-6">
168 <button class="btn btn-primary btn-lg btn-block" value="signUp" id="submit" type="submit" name="signUp"><?php echo $Translation['sign up']; ?></button>
169 </div>
170 </div>
171
172 </form>
173 </div> <!-- /div class="panel-body" -->
174 </div> <!-- /div class="panel ..." -->
175 </div> <!-- /div class="col..." -->
176 </div> <!-- /div class="row" -->
177
178 <script>
179 $j(function() {
180 $j('#username').focus();
181
182 $j('#usernameAvailable, #usernameNotAvailable').click(function(){ $j('#username').focus(); });
183 $j('#username').on('keyup blur', checkUser);
184
185 /* password strength feedback */
186 $j('#password').on('keyup blur', function(){
187 var ps = passwordStrength($j('#password').val(), $j('#username').val());
188
189 if(ps == 'strong'){
190 $j('#password').parents('.form-group').removeClass('has-error has-warning').addClass('has-success');
191 $j('#password').attr('title', '<?php echo html_attr($Translation['Password strength: strong']); ?>');
192 }else if(ps == 'good'){
193 $j('#password').parents('.form-group').removeClass('has-success has-error').addClass('has-warning');
194 $j('#password').attr('title', '<?php echo html_attr($Translation['Password strength: good']); ?>');
195 }else{
196 $j('#password').parents('.form-group').removeClass('has-success has-warning').addClass('has-error');
197 $j('#password').attr('title', '<?php echo html_attr($Translation['Password strength: weak']); ?>');
198 }
199 });
200
201 /* inline feedback of confirm password */
202 $j('#confirmPassword').on('keyup blur', function(){
203 if($j('#confirmPassword').val() != $j('#password').val() || !$j('#confirmPassword').val().length){
204 $j('#confirmPassword').parents('.form-group').removeClass('has-success').addClass('has-error');
205 }else{
206 $j('#confirmPassword').parents('.form-group').removeClass('has-error').addClass('has-success');
207 }
208 });
209
210 /* inline feedback of email */
211 $j('#email').on('change', function(){
212 if(validateEmail($j('#email').val())){
213 $j('#email').parents('.form-group').removeClass('has-error').addClass('has-success');
214 }else{
215 $j('#email').parents('.form-group').removeClass('has-success').addClass('has-error');
216 }
217 });
218
219 /* validate form before submitting */
220 $j('#submit').click(function(e){ if(!jsValidateSignup()) e.preventDefault(); })
221 });
222
223 var uaro; // user availability request object
224 function checkUser(){
225 // abort previous request, if any
226 if(uaro != undefined) uaro.abort();
227
228 reset_username_status();
229
230 uaro = $j.ajax({
231 url: 'checkMemberID.php',
232 type: 'GET',
233 data: { 'memberID': $j('#username').val() },
234 success: function(resp){
235 var ua=resp;
236 if(ua.match(/\<!-- AVAILABLE --\>/)){
237 reset_username_status('success');
238 }else{
239 reset_username_status('error');
240 }
241 }
242 });
243 }
244
245 function reset_username_status(status){
246 $j('#usernameNotAvailable, #usernameAvailable')
247 .addClass('hidden')
248 .parents('.form-group')
249 .removeClass('has-error has-success');
250
251 if(status == undefined) return;
252 if(status == 'success'){
253 $j('#usernameAvailable')
254 .removeClass('hidden')
255 .parents('.form-group')
256 .addClass('has-success');
257 }
258 if(status == 'error'){
259 $j('#usernameNotAvailable')
260 .removeClass('hidden')
261 .parents('.form-group')
262 .addClass('has-error');
263 }
264 }
265
266 /* validate data before submitting */
267 function jsValidateSignup(){
268 var p1 = $j('#password').val();
269 var p2 = $j('#confirmPassword').val();
270 var email = $j('#email').val();
271
272 /* user exists? */
273 if(!$j('#username').parents('.form-group').hasClass('has-success')){
274 modal_window({ message: '<div class="alert alert-danger"><?php echo html_attr($Translation['username invalid']); ?></div>', title: "<?php echo html_attr($Translation['error:']); ?>", close: function(){ $j('#username').focus(); } });
275 return false;
276 }
277
278 /* passwords not matching? */
279 if(p1 != p2){
280 modal_window({ message: '<div class="alert alert-danger"><?php echo html_attr($Translation['password no match']); ?></div>', title: "<?php echo html_attr($Translation['error:']); ?>", close: function(){ $j('#confirmPassword').focus(); } });
281 return false;
282 }
283
284 if(!validateEmail(email)){
285 modal_window({ message: '<div class="alert alert-danger"><?php echo html_attr($Translation['email invalid']); ?></div>', title: "<?php echo html_attr($Translation['error:']); ?>", close: function(){ $j('#email').focus(); } });
286 return false;
287 }
288
289 return true;
290 }
291 </script>
292
293 <style>
294 #usernameAvailable,#usernameNotAvailable{ cursor: pointer; }
295 </style>
296
297 <?php } ?>
298
299 <?php include_once("{$currDir}/footer.php"); ?>
