4 // Account registration and verification form. This form can be called
7 // 1. ?first_name=FIRST_NAME&last_name=LAST_NAME&email=EMAIL...
9 // Called by the form at the bottom of the page to register a new
10 // account. If any required fields are missing, AddPerson() will fault
11 // and the specified fields will be highlighted. Otherwise, the
12 // account is registered (but not enabled), and VerifyPerson() sends
13 // the user a link back to this page.
15 // 2. ?id=PERSON_ID&key=VERIFICATION_KEY...
17 // Sent to the specified user by VerifyPerson(). If the user receives
18 // the message, then the registered e-mail address is considered
19 // valid, and registration can continue. VerifyPerson() is called
20 // again, and sends the current PI(s) (and support if the user is
21 // requesting a PI role) a link to the user's Account Details page to
22 // enable the account.
24 // Mark Huang <mlhuang@cs.princeton.edu>
25 // Copyright (C) 2007 The Trustees of Princeton University
30 // Get session and API handles
31 require_once 'plc_session.php';
32 global $plc, $api, $adm;
35 require_once 'plc_drupal.php';
36 drupal_set_title('Account Registration');
37 include 'plc_header.php';
39 // Drupalish, but does not use Drupal itself to generate the form
41 $form['first_name'] = array('title' => 'First name', 'required' => TRUE,
42 'maxlength' => 60, 'size' => 15);
43 $form['last_name'] = array('title' => 'Last name', 'required' => TRUE,
44 'maxlength' => 60, 'size' => 15);
45 $form['title'] = array('title' => 'Title', 'required' => FALSE,
46 'maxlength' => 60, 'size' => 5);
47 $form['phone'] = array('title' => 'Telephone', 'required' => FALSE,
48 'maxlength' => 60, 'size' => 20);
49 $form['email'] = array('title' => 'E-mail', 'required' => TRUE,
50 'maxlength' => 60, 'size' => 30);
51 $form['password'] = array('title' => 'Password', 'required' => TRUE,
52 'maxlength' => 60, 'size' => 20);
53 $form['site_ids'] = array('title' => 'Site', 'required' => TRUE);
54 $form['roles'] = array('title' => 'Additional Roles', 'required' => FALSE);
56 //////////////////// additional messages
57 $form['email']['comment'] = <<< EOF
58 Your <b>E-mail</b> address must be able to receive e-mail and will be
59 used as your $PLC_NAME username
62 $form['site_ids']['comment'] = <<< EOF
63 Select the site where you belong
66 $form['roles']['comment'] = <<< EOF
67 Do not select the <b>Principal Investigator</b> or <b>Technical
68 Contact</b> roles unless you have spoken with the current PI of your
69 site, and you intend to assume either or both of these roles.
70 <br> Use Command-Clic to unselect or for multiple selection
76 foreach ($form as $name => $item) {
77 if (!empty($_REQUEST[$name])) {
78 $person[$name] = $_REQUEST[$name];
82 // Filter out "Select a site"
83 if (!empty($person['site_ids'])) {
84 $person['site_ids'] = array_filter($person['site_ids'],
85 create_function('$site_id', 'return intval($site_id) > 0;'));
88 if (!empty($person)) {
89 // Look for missing/blank entries
91 foreach ($form as $name => $item) {
92 if ($item['required'] && empty($person[$name])) {
93 $missing[] = $item['title'];
96 if (!empty($missing)) {
98 foreach ($missing as $field) {
99 $error .= "<li>$field field is required.</li>";
105 // N.B.: site_ids and roles are ignored by AddPerson()
106 $person_id = $adm->AddPerson($person);
107 $error = $adm->error();
113 // Add person to requested sites
114 foreach ($person['site_ids'] as $site_id) {
115 $adm->AddPersonToSite($person_id, intval($site_id));
116 $adm->SetPersonPrimarySite($person_id, intval($site_id));
119 // Add requested roles. Always add the user role.
120 $adm->AddRoleToPerson('user', $person_id);
121 if (!empty($person['roles'])) {
122 foreach ($person['roles'] as $role) {
123 $adm->AddRoleToPerson($role, $person_id);
127 // Send an e-mail containing a link back to this page, which will
128 // verify the given e-mail address as valid. PIs can still create
129 // and enable accounts on behalf of their users, they just have to
130 // find and enable the accounts manually after registering them.
131 $adm->VerifyPerson($person_id);
133 // Disable submit button
134 $person['person_id'] = $person_id;
137 $error = $adm->error();
140 if (!empty($error)) {
141 print '<div class="messages error">' . $error . '</div>';
143 print '<div class="messages status">Your registration request has been received. An e-mail has been sent to ';
144 print $person['email'];
145 print ' with further instructions.</div>';
149 $PLC_NAME = htmlspecialchars(PLC_NAME);
151 // E-mail address verified, go ahead and notify the PI (and possibly
152 // support if a PI role was requested) that a registration request was
154 if (!empty($_REQUEST['id']) && !empty($_REQUEST['key'])) {
155 $person_id = intval($_REQUEST['id']);
156 if ($adm->VerifyPerson($person_id, $_REQUEST['key']) != 1) {
157 print '<div class="messages error">' . $adm->error() . '.</div>';
159 $persons = $adm->GetPersons(array($person_id));
160 $person = $persons[0];
162 // Remove the password field from the form so that it is not
163 // highlighted as missing.
164 unset($form['password']);
166 print '<div class="messages status">';
167 print 'Your e-mail address has been verified. ';
168 print 'The PI(s) at your site have been notified of your account registration ';
170 if (in_array('pi', $person['roles'])) {
171 $support = PLC_MAIL_SUPPORT_ADDRESS;
172 print " and should contact <a href=\"mailto:$support\">$PLC_NAME Support <$support></a>. ";
173 print " $PLC_NAME Support will enable your account if authorized by your PI(s).";
175 print ' and are responsible for enabling your account.';
182 $self = $_SERVER['PHP_SELF'];
183 if (!empty($_SERVER['QUERY_STRING'])) {
184 $self .= "?" . $_SERVER['QUERY_STRING'];
190 // cannot register with foreign site
191 $adm->GetSites(array('is_public' => TRUE, 'peer_id' => NULL), array('site_id', 'name','enabled','peer_id'));
195 list($sites, $roles) = $adm->commit();
197 // Prepend invalid site to beginning of list to force user to select a site
198 $sites = array_merge(array(array('site_id' => -1, 'name' => 'Select a site', 'enabled' => TRUE)), $sites);
200 // Drop down selection box for each site
201 function site_option($site) {
204 $site_id = $site['site_id'];
206 if (!empty($person['site_ids']) && in_array($site_id, $person['site_ids'])) {
207 $selected = 'selected="selected"';
212 $option = "<option value=\"$site_id\" $selected";
213 if ( ! $site['enabled'] )
214 $option .= " disabled='disabled'";
216 $option .= htmlspecialchars($site['name']);
217 # Safari/IE do not implement disabled correctly
218 if ( ! $site['enabled'] )
219 $option .= " (pending registration)";
220 $option .= "</option>";
223 $site_options = implode("\n", array_map('site_option', $sites));
225 // Do not tempt users to register for the admin role. Administrators
226 // should register normally, then be granted the admin role by another
227 // admin. Also, all accounts should have the user role (see above).
228 foreach ($roles as $i => $role) {
229 if ($role['name'] == 'admin' || $role['name'] == 'user') {
235 global $standard_roles;
236 $standard_roles = array('user' => 'User',
237 'pi' => 'Principal Investigator',
238 'tech' => 'Technical Contact',
239 'admin' => 'Administrator');
241 // Drop down selection box for each role
242 function role_option($role) {
243 global $standard_roles, $selected_roles;
245 $name = $role['name'];
247 if (!empty($person['roles']) && in_array($name, $person['roles'])) {
248 $selected = 'selected="selected"';
253 $display = array_key_exists($name, $standard_roles) ? $standard_roles[$name] : $name;
255 $option = "<option value=\"$name\" $selected>";
256 $option .= htmlspecialchars($display);
257 $option .= "</option>";
260 $role_options = implode("\n", array_map('role_option', $roles));
262 $self = $_SERVER['PHP_SELF'];
263 if (!empty($_SERVER['QUERY_STRING'])) {
264 $self .= "?" . $_SERVER['QUERY_STRING'];
268 <div class="content">
270 <form action="$self" method="post">
272 <table border="0" cellpadding="5" cellspacing="0">
275 foreach ($form as $name => $item) {
277 if ( ! empty($item['comment'])) {
278 $comment=$item['comment'];
279 print "<tr><td colspan='2'> </td></tr>";
280 print "<tr><td colspan='2'> $comment: </td></tr>";
283 $title = $item['title'];
284 $required = $item['required'] ? '<span class="form-required" title="This field is required.">*</span>' : "";
285 $class = $item['required'] ? "required" : "";
286 if ($item['required'] && !empty($person) && empty($person[$name])) {
293 <td><label class="$class" for="edit-$name">$title: $required</label></td>\n
301 <td><select name="site_ids[]" id="edit-site_ids" class="form-select $class">
309 <td><select name="roles[]" multiple="multiple" id="edit-roles" class="form-select $class">
316 $maxlength = $item['maxlength'];
317 $size = $item['size'];
318 $value = !empty($person[$name]) ? $person[$name] : "";
319 $type = $name == 'password' ? "password" : "text";
321 <td><input type="$type" maxlength="$maxlength" name="$name" id="edit-$name" size="$size" value="$value" class="form-text $class"></td>\n
329 // Do not allow resubmits
330 if (empty($person['person_id'])) {
331 print '<tr><td colspan='2'><input type="submit" name="op" value="Register" class="form-submit" /></td></tr>';
341 include 'plc_footer.php';