+ if ($this->err->yes()) return false; // There are errors, do not proceed.
+
+ global $i18n;
+ global $user;
+
+ // Protection from too many recent bot registrations from user IP.
+ if (!$this->created_by_id) { // No problems for logged in user (site admin).
+ if ($this->registeredRecently()) {
+ $this->err->add($i18n->get('error.access_denied'));
+ return false;
+ }
+ }
+
+ import('ttUserHelper');
+ if (ttUserHelper::getUserByLogin($this->login)) {
+ // User login already exists.
+ $this->err->add($i18n->get('error.user_exists'));
+ return false;
+ }
+
+ // Create a new group.
+ $this->group_id = $this->createGroup();
+ $this->org_id = $this->group_id;
+ if (!$this->group_id) {
+ $this->err->add($i18n->get('error.db'));
+ return false;
+ }
+
+ import('ttRoleHelper');
+ if (!ttRoleHelper::createPredefinedRoles($this->group_id, $this->lang)) {
+ $err->add($i18n->get('error.db'));
+ return false;
+ }
+ $this->role_id = ttRoleHelper::getTopManagerRoleID();
+ $this->user_id = $this->createUser();
+
+ if (!$this->user_id) {
+ $err->add($i18n->get('error.db'));
+ return false;
+ }
+
+ // Set created_by appropriately.
+ $created_by = $this->created_by_id ? $this->created_by_id : $this->user_id;
+ if (!$this->setCreatedBy($created_by))
+ return false;
+
+ return true;
+ }
+
+ // The createGroup function creates a group in Time Tracker as part
+ // of user registration process. This is a top group for user as top manager.
+ function createGroup() {
+ $mdb2 = getConnection();
+
+ $name = $mdb2->quote($this->group_name);
+ $currency = $mdb2->quote($this->currency);
+ $lang = $mdb2->quote($this->lang);
+ $created = 'now()';
+ $created_ip = $mdb2->quote($_SERVER['REMOTE_ADDR']);
+
+ $sql = "insert into tt_groups (name, currency, lang, created, created_ip) values($name, $currency, $lang, $created, $created_ip)";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error')) return false;
+
+ $group_id = $mdb2->lastInsertID('tt_groups', 'id');
+
+ // Update org_id with group_id.
+ $sql = "update tt_groups set org_id = $group_id where org_id is NULL and id = $group_id";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error')) return false;
+
+ return $group_id;
+ }
+
+ // The createUser creates a user in database as part of registration process.
+ function createUser() {
+ $mdb2 = getConnection();
+
+ $login = $mdb2->quote($this->login);
+ $password = 'md5('.$mdb2->quote($this->password1).')';
+ $name = $mdb2->quote($this->user_name);
+ $email = $mdb2->quote($this->email);
+ $created = 'now()';
+ $created_ip = $mdb2->quote($_SERVER['REMOTE_ADDR']);
+ $values = "values($login, $password, $name, $this->group_id, $this->org_id, $this->role_id, $email, $created, $created_ip)";
+
+ $sql = 'insert into tt_users (login, password, name, group_id, org_id, role_id, email, created, created_ip) '.$values;
+ $affected = $mdb2->exec($sql);
+ if (!is_a($affected, 'PEAR_Error')) {
+ $user_id = $mdb2->lastInsertID('tt_users', 'id');
+ return $user_id;
+ }
+ return false;
+ }
+
+ // The setCreatedBy sets created_by field for both group and user to passed in user_id.
+ private function setCreatedBy($user_id) {
+ if ($this->err->yes()) return false; // There are errors, do not proceed.
+
+ global $i18n;
+ $mdb2 = getConnection();
+
+ // Update group.
+ $sql = "update tt_groups set created_by = $user_id where id = $this->group_id and org_id = $this->org_id";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error')) {
+ $this->err->add($i18n->get('error.db'));
+ return false;
+ }
+
+ // Update top manager.
+ $sql = "update tt_users set created_by = $user_id where id = $this->user_id and group_id = $this->group_id and org_id = $this->org_id";
+ $affected = $mdb2->exec($sql);
+ if (is_a($affected, 'PEAR_Error')) {
+ $this->err->add($i18n->get('error.db'));
+ return false;
+ }
+
+ return true;
+ }
+
+ // registeredRecently determines if we already have a successful recent registration from user IP.
+ // "recent" means "within the last minute" and is set in a query by the following condition:
+ // "and created > now() - interval 1 minute". Change if necessary.
+ function registeredRecently() {
+ $mdb2 = getConnection();
+
+ $ip_part = ' created_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']);
+ $sql = 'select created from tt_groups where '.$ip_part.' and created > now() - interval 1 minute';
+ $res = $mdb2->query($sql);
+ if (is_a($res, 'PEAR_Error'))
+ return false;
+ $val = $res->fetchRow();
+ if ($val)
+ return true;
+
+ return false;