Same name and namespace in other branches
  1. 5.x modules/user/user.module \user_register_submit()
  2. 6.x modules/user/user.module \user_register_submit()
  3. 7.x modules/user/user.module \user_register_submit()

File

modules/user.module, line 1232
Enables the user registration and login system.

Code

function user_register_submit($form_id, $form_values) {
  global $base_url;
  $admin = user_access('administer users');
  $mail = $form_values['mail'];
  $name = $form_values['name'];
  $pass = $admin ? $form_values['pass'] : user_password();
  $notify = $form_values['notify'];
  $from = variable_get('site_mail', ini_get('sendmail_from'));
  if (!$admin && array_intersect(array_keys($form_values), array(
    'uid',
    'roles',
    'init',
    'session',
    'status',
  ))) {
    watchdog('security', t('Detected malicious attempt to alter protected user fields.'), WATCHDOG_WARNING);
    return 'user/register';
  }

  //the unset below is needed to prevent these form values from being saved as user data
  unset($form_values['form_token'], $form_values['submit'], $form_values['op'], $form_values['notify'], $form_values['form_id'], $form_values['affiliates'], $form_values['destination']);
  $account = user_save('', array_merge($form_values, array(
    'pass' => $pass,
    'init' => $mail,
    'status' => $admin || variable_get('user_register', 1) == 1,
  )));
  watchdog('user', t('New user: %name %email.', array(
    '%name' => theme('placeholder', $name),
    '%email' => theme('placeholder', '<' . $mail . '>'),
  )), WATCHDOG_NOTICE, l(t('edit'), 'user/' . $account->uid . '/edit'));
  $variables = array(
    '%username' => $name,
    '%site' => variable_get('site_name', 'drupal'),
    '%password' => $pass,
    '%uri' => $base_url,
    '%uri_brief' => substr($base_url, strlen('http://')),
    '%mailto' => $mail,
    '%date' => format_date(time()),
    '%login_uri' => url('user', NULL, NULL, TRUE),
    '%edit_uri' => url('user/' . $account->uid . '/edit', NULL, NULL, TRUE),
    '%login_url' => user_pass_reset_url($account),
  );

  // The first user may login immediately, and receives a customized welcome e-mail.
  if ($account->uid == 1) {
    user_mail($mail, t('Drupal user account details for %s', array(
      '%s' => $name,
    )), strtr(t("%username,\n\nYou may now login to %uri using the following username and password:\n\n  username: %username\n  password: %password\n\n%edit_uri\n\n--drupal"), $variables), "From: {$from}\nReply-to: {$from}\nX-Mailer: Drupal\nReturn-path: {$from}\nErrors-to: {$from}");
    drupal_set_message(t('<p>Welcome to Drupal. You are user #1, which gives you full and immediate access.  All future registrants will receive their passwords via e-mail, so please make sure your website e-mail address is set properly under the general settings on the <a href="%settings">settings page</a>.</p><p> Your password is <strong>%pass</strong>. You may change your password below.</p>', array(
      '%pass' => $pass,
      '%settings' => url('admin/settings'),
    )));
    user_authenticate($account->name, trim($pass));

    // Set the installed schema version of the system module to the most recent version.
    include_once './includes/install.inc';
    drupal_set_installed_schema_version('system', max(drupal_get_schema_versions('system')));
    return 'user/1/edit';
  }
  else {
    if ($admin && !$notify) {
      drupal_set_message(t('Created a new user account. No e-mail has been sent.'));
      return 'admin/user';
    }
    else {
      if ($account->status || $notify) {

        // Create new user account, no administrator approval required.
        $subject = $notify ? _user_mail_text('admin_subject', $variables) : _user_mail_text('welcome_subject', $variables);
        $body = $notify ? _user_mail_text('admin_body', $variables) : _user_mail_text('welcome_body', $variables);
        user_mail($mail, $subject, $body, "From: {$from}\nReply-to: {$from}\nX-Mailer: Drupal\nReturn-path: {$from}\nErrors-to: {$from}");
        if ($notify) {
          drupal_set_message(t('Password and further instructions have been e-mailed to the new user %user.', array(
            '%user' => theme('placeholder', $name),
          )));
          return 'admin/user';
        }
        else {
          drupal_set_message(t('Your password and further instructions have been sent to your e-mail address.'));
          return '';
        }
      }
      else {

        // Create new user account, administrator approval required.
        $subject = _user_mail_text('approval_subject', $variables);
        $body = _user_mail_text('approval_body', $variables);
        user_mail($mail, $subject, $body, "From: {$from}\nReply-to: {$from}\nX-Mailer: Drupal\nReturn-path: {$from}\nErrors-to: {$from}");
        user_mail(variable_get('site_mail', ini_get('sendmail_from')), $subject, t("%u has applied for an account.\n\n%uri", array(
          '%u' => $account->name,
          '%uri' => url("user/{$account->uid}/edit", NULL, NULL, TRUE),
        )), "From: {$from}\nReply-to: {$from}\nX-Mailer: Drupal\nReturn-path: {$from}\nErrors-to: {$from}");
        drupal_set_message(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.<br />In the meantime, your password and further instructions have been sent to your e-mail address.'));
      }
    }
  }
}