Initial commit — Rosary Presenter App
Full source for loveandrosary.com: slide-based Rosary/novena/Divine Mercy Chaplet presentation tool with multi-user roles, SVG bead ring, audio uploads, donate strip, and public session profiles. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
+177
@@ -0,0 +1,177 @@
|
||||
<?php
|
||||
require_once __DIR__ . '/config/db.php';
|
||||
require_once __DIR__ . '/includes/auth.php';
|
||||
require_once __DIR__ . '/includes/mailer.php';
|
||||
|
||||
_auth_start();
|
||||
|
||||
// Already logged in
|
||||
if (!empty($_SESSION['user_id'])) {
|
||||
header('Location: ' . BASE_URL . '/admin/');
|
||||
exit;
|
||||
}
|
||||
|
||||
$errors = [];
|
||||
$success = false;
|
||||
$fields = ['username' => '', 'display_name' => '', 'email' => ''];
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
$username = trim($_POST['username'] ?? '');
|
||||
$display_name = trim($_POST['display_name'] ?? '');
|
||||
$email = trim($_POST['email'] ?? '');
|
||||
$password = $_POST['password'] ?? '';
|
||||
$password_confirm = $_POST['password_confirm'] ?? '';
|
||||
|
||||
$fields = compact('username', 'display_name', 'email');
|
||||
|
||||
// Validate username
|
||||
if (!preg_match('/^[a-zA-Z0-9_]{3,30}$/', $username)) {
|
||||
$errors[] = 'Username must be 3-30 characters and contain only letters, numbers, and underscores.';
|
||||
}
|
||||
// Validate email
|
||||
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
$errors[] = 'Please enter a valid email address.';
|
||||
}
|
||||
// Validate password
|
||||
if (strlen($password) < 8) {
|
||||
$errors[] = 'Password must be at least 8 characters.';
|
||||
}
|
||||
if ($password !== $password_confirm) {
|
||||
$errors[] = 'Passwords do not match.';
|
||||
}
|
||||
|
||||
if (empty($errors)) {
|
||||
$pdo = get_pdo();
|
||||
|
||||
// Check uniqueness
|
||||
$chk = $pdo->prepare('SELECT id FROM users WHERE username = ? OR email = ?');
|
||||
$chk->execute([$username, $email]);
|
||||
$existing = $chk->fetchAll();
|
||||
foreach ($existing as $row) {
|
||||
// Re-check which field conflicts
|
||||
}
|
||||
if (!empty($existing)) {
|
||||
$chk_u = $pdo->prepare('SELECT id FROM users WHERE username = ?');
|
||||
$chk_u->execute([$username]);
|
||||
if ($chk_u->fetch()) $errors[] = 'That username is already taken.';
|
||||
|
||||
$chk_e = $pdo->prepare('SELECT id FROM users WHERE email = ?');
|
||||
$chk_e->execute([$email]);
|
||||
if ($chk_e->fetch()) $errors[] = 'That email address is already registered.';
|
||||
}
|
||||
}
|
||||
|
||||
if (empty($errors)) {
|
||||
$pdo = get_pdo();
|
||||
$smtp_host = get_setting('smtp_host');
|
||||
$auto_confirm = ($smtp_host === ''); // No SMTP = skip email confirmation
|
||||
|
||||
$hash = password_hash($password, PASSWORD_BCRYPT);
|
||||
$token = $auto_confirm ? null : bin2hex(random_bytes(32));
|
||||
|
||||
$pdo->prepare("
|
||||
INSERT INTO users (username, email, password_hash, display_name, role, rosary_limit, email_confirmed, confirm_token)
|
||||
VALUES (?, ?, ?, ?, 'user', 1, ?, ?)
|
||||
")->execute([$username, $email, $hash, $display_name ?: $username, $auto_confirm ? 1 : 0, $token]);
|
||||
|
||||
if (!$auto_confirm && $token) {
|
||||
$site_url = rtrim(get_setting('site_url'), '/');
|
||||
$link = $site_url . '/confirm?token=' . urlencode($token);
|
||||
$site_name = get_setting('site_name', APP_NAME);
|
||||
$body_html = "
|
||||
<h2 style='margin-top:0;color:#1e3a5f'>Confirm your email</h2>
|
||||
<p>Hello, <strong>" . htmlspecialchars($display_name ?: $username) . "</strong>!</p>
|
||||
<p>Thank you for registering with {$site_name}. Click the button below to confirm your email address:</p>
|
||||
<p style='text-align:center;margin:28px 0'>
|
||||
<a href='" . htmlspecialchars($link) . "' style='display:inline-block;background:#1e3a5f;color:#fff;padding:12px 28px;border-radius:6px;text-decoration:none;font-weight:600'>Confirm Email</a>
|
||||
</p>
|
||||
<p style='color:#6b7280;font-size:13px'>Or copy this link: " . htmlspecialchars($link) . "</p>
|
||||
<p style='color:#6b7280;font-size:13px'>If you did not register, ignore this email.</p>
|
||||
";
|
||||
$html = email_template('Confirm your email — ' . $site_name, $body_html);
|
||||
send_email($email, $display_name ?: $username, 'Confirm your email — ' . $site_name, $html);
|
||||
}
|
||||
|
||||
$success = true;
|
||||
$auto_confirmed = $auto_confirm;
|
||||
}
|
||||
}
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<link rel="icon" type="image/svg+xml" href="<?= BASE_URL ?>/favicon.svg">
|
||||
<title>Register — <?= htmlspecialchars(get_setting('site_name', APP_NAME)) ?></title>
|
||||
<link rel="stylesheet" href="<?= BASE_URL ?>/assets/css/setup.css">
|
||||
</head>
|
||||
<body class="login-page">
|
||||
<div class="login-box" style="max-width:460px">
|
||||
<h1>✝ <?= htmlspecialchars(get_setting('site_name', APP_NAME)) ?></h1>
|
||||
<h2>Create Account</h2>
|
||||
|
||||
<?php if ($success): ?>
|
||||
<?php if ($auto_confirmed ?? false): ?>
|
||||
<div class="alert alert-success">
|
||||
Account created! <a href="<?= BASE_URL ?>/login">Sign in now</a>.
|
||||
</div>
|
||||
<?php else: ?>
|
||||
<div class="alert alert-success">
|
||||
Account created! Please check your email to confirm your address before logging in.
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
<?php else: ?>
|
||||
|
||||
<?php if (!empty($errors)): ?>
|
||||
<div class="alert alert-error">
|
||||
<?php foreach ($errors as $err): ?>
|
||||
<div><?= htmlspecialchars($err) ?></div>
|
||||
<?php endforeach; ?>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
|
||||
<form method="post" action="<?= BASE_URL ?>/register">
|
||||
<div class="form-group">
|
||||
<label for="username">Username <span class="required">*</span></label>
|
||||
<input type="text" id="username" name="username"
|
||||
value="<?= htmlspecialchars($fields['username']) ?>"
|
||||
pattern="[a-zA-Z0-9_]{3,30}" title="3-30 letters, numbers, or underscores"
|
||||
autocomplete="username" autofocus required>
|
||||
<p class="help-text">3-30 characters. Letters, numbers, underscores only.</p>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="display_name">Display Name</label>
|
||||
<input type="text" id="display_name" name="display_name"
|
||||
value="<?= htmlspecialchars($fields['display_name']) ?>"
|
||||
maxlength="100" autocomplete="name">
|
||||
<p class="help-text">Optional. Shown publicly.</p>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="email">Email <span class="required">*</span></label>
|
||||
<input type="email" id="email" name="email"
|
||||
value="<?= htmlspecialchars($fields['email']) ?>"
|
||||
autocomplete="email" required>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="password">Password <span class="required">*</span></label>
|
||||
<input type="password" id="password" name="password"
|
||||
minlength="8" autocomplete="new-password" required>
|
||||
<p class="help-text">At least 8 characters.</p>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="password_confirm">Confirm Password <span class="required">*</span></label>
|
||||
<input type="password" id="password_confirm" name="password_confirm"
|
||||
minlength="8" autocomplete="new-password" required>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary btn-full">Create Account</button>
|
||||
</form>
|
||||
|
||||
<div style="margin-top:20px;text-align:center;font-size:14px;color:#6b7280">
|
||||
Already have an account? <a href="<?= BASE_URL ?>/login" style="color:#1e3a5f">Sign in</a>
|
||||
</div>
|
||||
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
Reference in New Issue
Block a user