Only show signup_form if a signup_group was defined

- check if a signup_group was defined via backend - only show signup_form if user is not already logged in
WBCE · Apr 7, 2017 · e0e9d80 · e0e9d80
1 parent 0a1a112
commit e0e9d80
Showing 1 changed file with 43 additions and 47 deletions.
diff --git a/wbce/account/signup.php b/wbce/account/signup.php
@@ -1,56 +1,52 @@
 <?php
 /**
+ * WebsiteBaker Community Edition (WBCE)
+ * Way Better Content Editing.
+ * Visit http://wbce.org to learn more and to join the community.
  *
- * @category        frontend
- * @package         account
- * @author          WebsiteBaker Project
- * @copyright       Ryan Djurovich
- * @copyright       WebsiteBaker Org. e.V.
- * @link            http://websitebaker.org/
- * @license         http://www.gnu.org/licenses/gpl.html
- * @platform        WebsiteBaker 2.8.3
- * @requirements    PHP 5.6.3 and higher
- * @version         $Id: signup.php 1599 2012-02-06 15:59:24Z Luisehahne $
- * @filesource		$HeadURL: svn://isteam.dynxs.de/wb_svn/wb280/tags/2.8.3/wb/account/signup.php $
- * @lastmodified    $Date: 2012-02-06 16:59:24 +0100 (Mo, 06. Feb 2012) $
- *
+ * @copyright Ryan Djurovich (2004-2009)
+ * @copyright WebsiteBaker Org. e.V. (2009-2015)
+ * @copyright WBCE Project (2015-)
+ * @license GNU GPL2 (or any later version)
  */
 
-require_once('../config.php');
+require_once '../config.php';
+
+// check if frontend signup_group and user_id is defined
+$signup_group = defined('FRONTEND_SIGNUP') ? (int) FRONTEND_SIGNUP : 0;
+$user_id = isset($_SESSION['USER_ID']) ? (int) $_SESSION['USER_ID'] : 0;
 
-if(!( intval(FRONTEND_SIGNUP) && (  0 == (isset($_SESSION['USER_ID']) ? intval($_SESSION['USER_ID']) : 0) )))
-{
-	if(INTRO_PAGE) {
-		header('Location: '.WB_URL.PAGES_DIRECTORY.'/index.php');
-		exit(0);
-	} else {
-		header('Location: '.WB_URL.'/index.php');
-		exit(0);
-	}
+// work out redirect_url (either root index.php or intro page in pages/index.php)
+$redirect_url = WB_URL . ((INTRO_PAGE) ? PAGES_DIRECTORY : '') . '/index.php';
+
+// do not show signup form if no signup_group was defined or user is already logged in
+if ($signup_group === 0 || $user_id != 0) {
+	die(header('Location: ' . $redirect_url));
 }
 
-if(ENABLED_ASP && isset($_POST['username']) && ( // form faked? Check the honeypot-fields.
-	(!isset($_POST['submitted_when']) OR !isset($_SESSION['submitted_when'])) OR 
-	($_POST['submitted_when'] != $_SESSION['submitted_when']) OR
-	(!isset($_POST['email-address']) OR $_POST['email-address']) OR
-	(!isset($_POST['name']) OR $_POST['name']) OR
-	(!isset($_POST['full_name']) OR $_POST['full_name'])
-)) {
-	exit(header("Location: ".WB_URL.PAGES_DIRECTORY.""));
+// check if form honeypot fields were filled out
+if (ENABLED_ASP && isset($_POST['username']) && (
+		(!isset($_POST['submitted_when']) OR !isset($_SESSION['submitted_when'])) OR
+		($_POST['submitted_when'] != $_SESSION['submitted_when']) OR
+		(!isset($_POST['email-address']) OR $_POST['email-address']) OR
+		(!isset($_POST['name']) OR $_POST['name']) OR
+		(!isset($_POST['full_name']) OR $_POST['full_name'])
+		)
+	) {
+	die(header('Location: ' . $redirect_url));
 }
 
-// Load the language file
-if(!file_exists(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php')) {
-	exit('Error loading language file '.DEFAULT_LANGUAGE.', please check configuration');
-} else {
-	require_once(WB_PATH.'/languages/'.DEFAULT_LANGUAGE.'.php');
-	$load_language = false;
+// check if default langauge file exists
+if (! is_readable(WB_PATH . '/languages/' . DEFAULT_LANGUAGE . '.php')) {
+	die(header('Location: ' . $redirect_url));
 }
 
-$page_id = (isset($_SESSION['PAGE_ID']) && ($_SESSION['PAGE_ID']!='') ? $_SESSION['PAGE_ID'] : 0);
+// include default language file
+require_once WB_PATH . '/languages/' . DEFAULT_LANGUAGE . '.php';
+$load_language = false;
 
-// Required page details
-// $page_id = 0;
+// set required page details
+$page_id = (isset($_SESSION['PAGE_ID']) && ($_SESSION['PAGE_ID'] != '') ? $_SESSION['PAGE_ID'] : 0);
 $page_description = '';
 $page_keywords = '';
 define('PAGE_ID', $page_id);
@@ -62,15 +58,15 @@
 define('MODULE', '');
 define('VISIBILITY', 'public');
 
-// Set the page content include file
-if(isset($_POST['username'])) {
-	define('PAGE_CONTENT', WB_PATH.'/account/signup2.php');
+// set the page content include file
+if (isset($_POST['username'])) {
+	define('PAGE_CONTENT', WB_PATH . '/account/signup2.php');
 } else {
-	define('PAGE_CONTENT', WB_PATH.'/account/signup_form.php');
+	define('PAGE_CONTENT', WB_PATH . '/account/signup_form.php');
 }
 
-// Set auto authentication to false
+// disable auto authentication
 $auto_auth = false;
 
-// Include the index (wrapper) file
-require(WB_PATH.'/index.php');
+// include index wrapper file
+require WB_PATH . '/index.php';