-(* COCANWIKI scripts.
+(* COCANWIKI - a wiki written in Objective CAML.
* Written by Richard W.M. Jones <rich@merjis.com>.
* Copyright (C) 2004 Merjis Ltd.
- * $Id: signup.ml,v 1.1 2004/09/07 16:58:03 rich Exp $
+ * $Id: signup.ml,v 1.12 2006/12/06 09:46:57 rich Exp $
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; see the file COPYING. If not, write to
+ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 02111-1307, USA.
*)
open Apache
open Cocanwiki_ok
open Cocanwiki_strings
-let run r (q : cgi) (dbh : Dbi.connection) (hostid, _, _) _ =
+let run r (q : cgi) dbh hostid _ _ =
(* Verify that we're allowed to create accounts anonymously
* on this host.
*)
- let sth = dbh#prepare_cached "select create_account_anon from hosts
- where id = ?" in
- sth#execute [`Int hostid];
-
- let create_account_anon =
- match sth#fetch1 () with
- [ `Bool true ] -> ()
- | _ -> assert false in
+ let create_account_anon = List.hd (
+ PGSQL(dbh) "select create_account_anon from hosts
+ where id = $hostid"
+ ) in
+
+ if not create_account_anon then (
+ error ~title:"Not allowed to create accounts"
+ r dbh hostid q
+ ("To get an account on this service, please contact the " ^
+ "administrator.");
+ return ()
+ );
let username = trim (q#param "username") in
let password1 = trim (q#param "password1") in
if username = "" || password1 = "" || password2 = "" then (
error ~back_button:true ~title:"Bad username or password"
- q "The username or password you gave is empty.";
- raise CgiExit
+ r dbh hostid q "The username or password you gave is empty.";
+ return ()
);
if password1 <> password2 then (
error ~back_button:true ~title:"Passwords don't match"
- q "The two passwords you gave aren't identical.";
- raise CgiExit
+ r dbh hostid q "The two passwords you gave aren't identical.";
+ return ()
);
let password = password1 in
+ if UTF8.length username > 32 || UTF8.length password > 128 then (
+ error ~back_button:true ~title:"Username or password too long"
+ r dbh hostid q "Usernames should be less than 32 characters long. For passwords we let you have a generous 128 characters.";
+ return ()
+ );
+
let email = trim (q#param "email") in
- let email = if string_is_whitespace email then `Null else `String email in
+ let email = if string_is_whitespace email then None else Some email in
(* Not a duplicate? *)
- let sth = dbh#prepare_cached "select id from users where name = ?" in
- sth#execute [`String username];
-
- (try
- sth#fetch1 ();
- error ~back_button:true ~title:"Username already taken"
- q ("Someone, possibly you, has already taken that username. " ^
- "If you think you have forgotten your password, try going back " ^
- "and clicking on the 'Forgotten your password?' link.");
- raise CgiExit
- with
- Not_found -> ());
+ let rows = PGSQL(dbh)
+ "select id from users where hostid = $hostid and name = $username" in
+
+ (match rows with
+ | [_] ->
+ error ~back_button:true ~title:"Username already taken"
+ r dbh hostid q
+ ("Someone, possibly you, has already taken that username. " ^
+ "If you think you have forgotten your password, try going back " ^
+ "and clicking on the 'Forgotten your password?' link.");
+ return ()
+ | [] -> ()
+ | _ -> assert false
+ );
(* Create the user account. *)
- let sth = dbh#prepare_cached "insert into users (name, password, email,
- hostid)
- values (?, ?, ?, ?)" in
- sth#execute [`String username; `String password; email; `Int hostid];
+ PGSQL(dbh) "insert into users (name, password, email, hostid)
+ values ($username, $password, $?email, $hostid)";
- let userid = sth#serial "users_id_seq" in
+ let userid = PGOCaml.serial4 dbh "users_id_seq" in
(* Create a cookie. *)
let cookie = random_sessionid () in
- let sth = dbh#prepare_cached "insert into usercookies (userid, cookie)
- values (?, ?)" in
- sth#execute [`Int userid; `String cookie];
+ PGSQL(dbh) "insert into usercookies (userid, cookie)
+ values ($userid, $cookie)";
- dbh#commit ();
+ PGOCaml.commit dbh;
let buttons = [ ok_button "/" ] in
- let cookie = Cookie.cookie ~name:"auth" ~value:cookie ~path:"/" () in
+ let cookie = Cookie.cookie "auth" cookie ~path:"/" in
ok ~title:"Account created"
~buttons
~cookie
- q ("An account was created for you, " ^ username ^ ". " ^
- "We hope you enjoy using this service.")
+ r dbh hostid q
+ ("An account was created for you, " ^ username ^ ". " ^
+ "We hope you enjoy using this service.")
let () =
register_script run
git.annexia.org / cocanwiki.git / blobdiff