Same name and namespace in other branches
  1. 4.7.x modules/user.module \user_register_submit()
  2. 5.x modules/user/user.module \user_register_submit()
  3. 7.x modules/user/user.module \user_register_submit()

Submit handler for the user registration form.

This function is shared by the installation form and the normal registration form, which is why it can't be in the user.pages.inc file.

File

modules/user/user.module, line 2381
Enables the user registration and login system.

Code

function user_register_submit($form, &$form_state) {
  global $base_url;
  $admin = user_access('administer users');
  $mail = $form_state['values']['mail'];
  $name = $form_state['values']['name'];
  if (!variable_get('user_email_verification', TRUE) || $admin) {
    $pass = $form_state['values']['pass'];
  }
  else {
    $pass = user_password();
  }
  $notify = isset($form_state['values']['notify']) ? $form_state['values']['notify'] : NULL;
  $from = variable_get('site_mail', ini_get('sendmail_from'));
  if (isset($form_state['values']['roles'])) {

    // Remove unset roles.
    $roles = array_filter($form_state['values']['roles']);
  }
  else {
    $roles = array();
  }
  if (!$admin && array_intersect(array_keys($form_state['values']), array(
    'uid',
    'roles',
    'init',
    'session',
    'status',
  ))) {
    watchdog('security', 'Detected malicious attempt to alter protected user fields.', array(), WATCHDOG_WARNING);
    $form_state['redirect'] = 'user/register';
    return;
  }

  // The unset below is needed to prevent these form values from being saved as
  // user data.
  unset($form_state['values']['form_token'], $form_state['values']['submit'], $form_state['values']['op'], $form_state['values']['notify'], $form_state['values']['form_id'], $form_state['values']['affiliates'], $form_state['values']['destination']);
  $merge_data = array(
    'pass' => $pass,
    'init' => $mail,
    'roles' => $roles,
  );
  if (!$admin) {

    // Set the user's status because it was not displayed in the form.
    $merge_data['status'] = variable_get('user_register', 1) == 1;
  }
  $account = user_save('', array_merge($form_state['values'], $merge_data));

  // Terminate if an error occured during user_save().
  if (!$account) {
    drupal_set_message(t("Error saving user account."), 'error');
    $form_state['redirect'] = '';
    return;
  }
  $form_state['user'] = $account;
  watchdog('user', 'New user: %name (%email).', array(
    '%name' => $name,
    '%email' => $mail,
  ), WATCHDOG_NOTICE, l(t('edit'), 'user/' . $account->uid . '/edit'));

  // The first user may login immediately, and receives a customized welcome e-mail.
  if ($account->uid == 1) {
    drupal_set_message(t('Welcome to Drupal. You are now logged in as user #1, which gives you full control over your website.'));
    if (variable_get('user_email_verification', TRUE)) {
      drupal_set_message(t('</p><p> Your password is <strong>%pass</strong>. You may change your password below.</p>', array(
        '%pass' => $pass,
      )));
    }
    user_authenticate(array_merge($form_state['values'], $merge_data));
    $form_state['redirect'] = 'user/1/edit';
    return;
  }
  else {

    // Add plain text password into user account to generate mail tokens.
    $account->password = $pass;
    if ($admin && !$notify) {
      drupal_set_message(t('Created a new user account for <a href="@url">%name</a>. No e-mail has been sent.', array(
        '@url' => url("user/{$account->uid}"),
        '%name' => $account->name,
      )));
    }
    else {
      if (!variable_get('user_email_verification', TRUE) && $account->status && !$admin) {

        // No e-mail verification is required, create new user account, and login
        // user immediately.
        _user_mail_notify('register_no_approval_required', $account);
        if (user_authenticate(array_merge($form_state['values'], $merge_data))) {
          drupal_set_message(t('Registration successful. You are now logged in.'));
        }
        $form_state['redirect'] = '';
        return;
      }
      else {
        if ($account->status || $notify) {

          // Create new user account, no administrator approval required.
          $op = $notify ? 'register_admin_created' : 'register_no_approval_required';
          _user_mail_notify($op, $account);
          if ($notify) {
            drupal_set_message(t('Password and further instructions have been e-mailed to the new user <a href="@url">%name</a>.', array(
              '@url' => url("user/{$account->uid}"),
              '%name' => $account->name,
            )));
          }
          else {
            drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.'));
            $form_state['redirect'] = '';
            return;
          }
        }
        else {

          // Create new user account, administrator approval required.
          _user_mail_notify('register_pending_approval', $account);
          drupal_set_message(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.<br />In the meantime, a welcome message with further instructions has been sent to your e-mail address.'));
          $form_state['redirect'] = '';
          return;
        }
      }
    }
  }
}