5 files changed, 121 insertions, 30 deletions

diff --git a/actions/register.php b/actions/register.php
index 43a653b3f..17b6fa169 100644
--- a/actions/register.php
+++ b/actions/register.php
@@ -29,27 +29,40 @@
 		
 		if (!$CONFIG->disable_registration)
 		{

-	// For now, just try and register the user

-			if (
-				(
-					(trim($password)!="") &&
-					(strcmp($password, $password2)==0) 
-				) &&
-				($guid = register_user($username, $password, $name, $email))
-			) {
-				if (($guid) && ($admin))
-				{
-					admin_gatekeeper(); // Only admins can make someone an admin
-					$new_user = get_entity($guid);
-					$new_user->admin = 'yes';
+	// For now, just try and register the user
+	
+			try {

+				if (
+					(
+						(trim($password)!="") &&
+						(strcmp($password, $password2)==0) 
+					) &&
+					($guid = register_user($username, $password, $name, $email))
+				) {
+					if (($guid) && ($admin))
+					{
+						admin_gatekeeper(); // Only admins can make someone an admin
+						$new_user = get_entity($guid);
+						$new_user->admin = 'yes';
+					}
+					

+					system_message(sprintf(elgg_echo("registerok"),$CONFIG->sitename));
+					
+					forward(); // Forward on success, assume everything else is an error...

+				} else {

+					register_error(elgg_echo("registerbad"));

 				}
-				

-				system_message(sprintf(elgg_echo("registerok"),$CONFIG->sitename));

-			} else {

-				register_error(elgg_echo("registerbad"));

+			} catch (RegistrationException $r) {
+				register_error($r->getMessage());
 			}
 		}
 		else
-			register_error(elgg_echo('registerdisabled'));

+			register_error(elgg_echo('registerdisabled'));
+			
+		$qs = explode('?',$_SERVER['HTTP_REFERER']);
+		$qs = $qs[0];
+		$qs .= "?u=" . urlencode($username) . "&e=" . urlencode($email) . "&n=" . urlencode($name);
+		
+		forward($qs);

 

 ?>
\ No newline at end of file
diff --git a/engine/lib/exceptions.php b/engine/lib/exceptions.php
index 23b24eec1..faccf5ca4 100644
--- a/engine/lib/exceptions.php
+++ b/engine/lib/exceptions.php
@@ -149,4 +149,16 @@
 	 * @subpackage Exceptions
 	 */
 	class InvalidParameterException extends CallException {}
+	
+	// Installation exception /////////////////////////////////////////////////////////////////
+	
+	/**
+	 * RegistrationException
+	 * Could not register a new user for whatever reason.
+	 * 
+	 * @author Curverider Ltd <info@elgg.com>
+	 * @package Elgg
+	 * @subpackage Exceptions
+	 */
+	class RegistrationException extends InstallationException {}
 ?>
\ No newline at end of file
diff --git a/engine/lib/users.php b/engine/lib/users.php
index 4939cc7fb..b221779dc 100644
--- a/engine/lib/users.php
+++ b/engine/lib/users.php
@@ -690,6 +690,23 @@
 	}

 	
 	/**
+	 * Get an array of users from their
+	 *
+	 * @param string $email Email address.
+	 * @return Array of users
+	 */
+	function get_user_by_email($email)
+	{
+		global $CONFIG;
+		
+		$email = sanitise_string($email);
+		
+		$query = "SELECT e.* from {$CONFIG->dbprefix}entities e join {$CONFIG->dbprefix}users_entity u on e.guid=u.guid where email='$email'";
+		
+		return get_data($query, 'entity_row_to_elggstar');
+	}
+	
+	/**
 	 * Searches for a user based on a complete or partial name or username using full text searching.
 	 * 
 	 * IMPORTANT NOTE: With MySQL's default setup:
@@ -937,6 +954,25 @@
 	}
 	
 	/**
+	 * Validates an email address.
+	 *
+	 * @param string $address Email address.
+	 * @return bool
+	 */
+	function is_email_address($address)
+	{
+		// TODO: Make this better!
+		
+		if (strpos($address, '@')=== false) 
+			return false;
+		
+		if (strpos($address, '.')=== false)
+			return false;
+			
+		return true;
+	}
+	
+	/**
 	 * Simple function that will generate a random clear text password suitable for feeding into generate_user_password().
 	 *
 	 * @see generate_user_password
@@ -966,13 +1002,19 @@
 	 * @param string $username The username of the new user

 	 * @param string $password The password

 	 * @param string $name The user's display name

-	 * @param string $email Their email address

+	 * @param string $email Their email address
+	 * @param bool $allow_multiple_emails Allow the same email address to be registered multiple times?

 	 * @return int|false The new user's GUID; false on failure

 	 */

-	function register_user($username, $password, $name, $email) {

+	function register_user($username, $password, $name, $email, $allow_multiple_emails = false) {

 		

 		// Load the configuration

-			global $CONFIG;

+			global $CONFIG;
+			
+			$username = sanitise_string($username);
+			$password = sanitise_string($password);
+			$name = sanitise_string($name);
+			$email = sanitise_string($email);

 			

 		// A little sanity checking

 			if (empty($username)

@@ -981,11 +1023,25 @@
 				|| empty($email)) {

 					return false;

 				}	

-			

+			
+			if (!is_email_address($email)) throw new RegistrationException(elgg_echo('registration:notemail'));
+			
+			if (strlen($username)<4) throw new RegistrationException(elgg_echo('registration:usernametooshort'));
+			
+			if (strlen($password)<6) throw new RegistrationException(elgg_echo('registration:passwordtooshort'));
+				

 		// Check to see if $username exists already

 			if ($user = get_user_by_username($username)) {

-				return false;

-			}

+				//return false;
+				throw new RegistrationException(elgg_echo('registration:userexists'));

+			}
+			
+		// If we're not allowed multiple emails then see if this address has been used before
+			if ((!$allow_multiple_emails) && (get_user_by_email($email)))
+			{
+				throw new RegistrationException(elgg_echo('registration:dupeemail'));
+			}
+			

 			

 		// Check to see if we've registered the first admin yet.

 		// If not, this is the first admin user!

diff --git a/languages/en.php b/languages/en.php
index 6fd0d30f4..35441bed9 100644
--- a/languages/en.php
+++ b/languages/en.php
@@ -370,8 +370,14 @@ To remove a widget drag it back to the <b>Widget gallery</b>.",
 	

 			'register' => "Register",

 			'registerok' => "You have successfully registered for %s. To activate your account, please confirm your email address by clicking on the link we sent you.",

-			'registerbad' => "Your registration was unsuccessful. The username may already exist, or your passwords might not match.",

-			'registerdisabled' => "Registration has been disabled by the system administrator",

+			'registerbad' => "Your registration was unsuccessful. The username may already exist, your passwords might not match, or your username or password may be too short.",

+			'registerdisabled' => "Registration has been disabled by the system administrator",
+	
+			'registration:notemail' => 'The email address you provided does not appear to be a valid email address.',
+			'registration:userexists' => 'That username already exists',
+			'registration:usernametooshort' => 'Your username must be a minimum of 4 characters long.',
+			'registration:passwordtooshort' => 'The password must be a minimum of 6 characters long.',
+			'registration:dupeemail' => 'This email address has already been registered.',

 	

 			'adduser' => "Add User",

 			'adduser:ok' => "You have successfully added a new user.",

diff --git a/views/default/account/forms/register.php b/views/default/account/forms/register.php
index f8c9ffe5b..1352212b8 100644
--- a/views/default/account/forms/register.php
+++ b/views/default/account/forms/register.php
@@ -10,15 +10,19 @@
 	 * @copyright Curverider Ltd 2008

 	 * @link http://elgg.org/

 	 */

-	 

+	 
+	$username = get_input('u');
+	$email = get_input('e');
+	$name = get_input('n');
+

 	$admin_option = false;

 	if (($_SESSION['user']->admin) && ($vars['show_admin'])) 

 		$admin_option = true;
 		
-	$form_body = "<p><label>" . elgg_echo('name') . "<br />" . elgg_view('input/text' , array('internalname' => 'name', 'class' => "general-textarea")) . "</label><br />";
+	$form_body = "<p><label>" . elgg_echo('name') . "<br />" . elgg_view('input/text' , array('internalname' => 'name', 'class' => "general-textarea", 'value' => $name)) . "</label><br />";
 	
-	$form_body .= "<label>" . elgg_echo('email') . "<br />" . elgg_view('input/text' , array('internalname' => 'email', 'class' => "general-textarea")) . "</label><br />";
-	$form_body .= "<label>" . elgg_echo('username') . "<br />" . elgg_view('input/text' , array('internalname' => 'username', 'class' => "general-textarea")) . "</label><br />";
+	$form_body .= "<label>" . elgg_echo('email') . "<br />" . elgg_view('input/text' , array('internalname' => 'email', 'class' => "general-textarea", 'value' => $email)) . "</label><br />";
+	$form_body .= "<label>" . elgg_echo('username') . "<br />" . elgg_view('input/text' , array('internalname' => 'username', 'class' => "general-textarea", 'value' => $username)) . "</label><br />";
 	$form_body .= "<label>" . elgg_echo('password') . "<br />" . elgg_view('input/password' , array('internalname' => 'password', 'class' => "general-textarea")) . "</label><br />";
 	$form_body .= "<label>" . elgg_echo('passwordagain') . "<br />" . elgg_view('input/password' , array('internalname' => 'password2', 'class' => "general-textarea")) . "</label><br />";