I'm trying to create a custom form for user registration and I'm stuck. I appreciate if anyone could help me out a bit. I'm not an expert coder but I try to read and put pieces together.
Here is the code that I have but it is not working. I'm not sure what I'm doing wrong here.

// Path to vBulletin installation
$vbpath = 'forum';

// Start script
require_once($vbpath . '/includes/vb5/autoloader.php');
vB5_Autoloader::register($vbpath);

//init the vBulletin system
require_once($vbpath . '/core/vb/vb.php');
vB::init();

//get user info
$user ['username'] = $_POST['username'];
$user ['email'] = $_POST['email'];

//Create new user
$userApi = vB_Api::instance('user');
$userId = $userApi->save(0, $_POST['password'], $user, array(), array(), array());

Not that easy!

Perhaps you need humanverification .... Look whats your $userId return.

The human verification is disabled in the setting. Now, can someone please look at this and tell my why this is not writing the user to the database? Nothing is being saved to the database.
<?php
//init the vBulletin system
require_once( '/forum/core/vb/vb.php' );
vB::init();

// Connection
$admin = 'superadmin';
$api = init_api( $admin );

function init_api( $admin ) {

define( "CSRF_PROTECTION", false );
require_once( '/forum/includes/vb5/autoloader.php' );
vB5_Autoloader::register( '/forum' );
vB5_Frontend_Application::init( 'config.php' );
vB::getDbAssertor()->delete( "session", array( "sessionhash" => vB::getCurrentSession()->get( "dbsessionhash" ) ) );

$username = vB_String::htmlSpecialCharsUni( $admin );
$userinfo = vB::getDbAssertor()->getRow( "user", array( "username" => $username ) );
$auth = array_intersect_key( $userinfo, array_flip( [ "userid", "secret", "lastvisit", "lastactivity" ] ) );
$loginInfo = vB_User::processNewLogin( $auth );
vB5_Auth::setLoginCookies( $loginInfo, "", false );
$api = Api_InterfaceAbstract::instance();

return $api;
}

//get user info
$username = $_POST[ 'form' ][ 'username' ];
$email = $_POST[ 'form' ][ 'email' ];
$password = $_POST[ 'form' ][ 'password' ];
$data = array(
'userid' => 0,
'password' => $password,
'user' => array( 'username' => $username, 'email' => $email ),
array(),
array(),
'userfield' => false,
array(),
'',
array( 'registration' => true )
);

$response = $api->callApi( 'user', 'save', $data, false, true );
?>

If you use var_dump to dump all the variables to the screen, it might show any errors that indicate why it's not working properly.

If you use var_dump to dump all the variables to the screen, it might show any errors that indicate why it's not working properly.

Thank you for your reply. Here is the result for var_dump($data);

array(9) { ["userid"]=> int(0) ["password"]=> string(9) "123456789" ["user"]=> array(2) { ["username"]=> string(7) "john123" ["email"]=> string(17) "john123@gmail.com" } [0]=> array(0) { } [1]=> array(0) { } ["userfield"]=> bool(false) [2]=> array(0) { } [3]=> string(0) "" [4]=> array(1) { ["registration"]=> bool(true) } } string(16)

Result of var_dump($response):

array(2) { ["errors"]=> array(1) { [0]=> array(3) { [0]=> string(38) "signing_up_but_currently_logged_in_msg" [1]=> string(16) "superadmin" [2]=> string(108) "https://mydomain.com/forum/auth/logout?logouthash=1566335006-fc429d00acee1ceab1c9ec1ee196d4569ce5f175" } } ["userid"]=> string(1) "1" }



It looks like it is giving an error about the admin being signed in. Not sure how to fix this.
Any thoughts?

Digging into the code, a $canadminusers variable is checked to bypass most of the registration checks. More specifically, this variable holds the return value of the permission check of "canadminusers". So the admin account you're logging in as does not have a true value for the "canadminusers" permission. You should set this to true in the admincp under > Usergroups > Administrator Permissions > Edit Permissions of the admin account > set Can Administer Users to Yes.

Digging into the code, a $canadminusers variable is checked to bypass most of the registration checks. More specifically, this variable holds the return value of the permission check of "canadminusers". So the admin account you're logging in as does not have a true value for the "canadminusers" permission. You should set this to true in the admincp under > Usergroups > Administrator Permissions > Edit Permissions of the admin account > set Can Administer Users to Yes.

Thanks again for your follow up.
I just checked the admincp administration setting for that user and also for the usergroup (administrators) and everything is set to yes.
Specifically the Can Administer Users is already YES.
I actually did set it to No and tested the form and I got the same error message. I set it back to YES again.

Anywhere else that you could think of?

No, based on the code that's the only reason why it could show that error. (canadminusers permission of the user "superadmin" not set to true)

No, based on the code that's the only reason why it could show that error. (canadminusers permission of the user "superadmin" not set to true)

But the error message is actually reading "signing_up_but_currently_logged_in_msg".
I'm not sure where you are seeing the canadminusers error message?

But the error message is actually reading "signing_up_but_currently_logged_in_msg".
I'm not sure where you are seeing the canadminusers error message?

Check the file /core/vb/api/user.php line 1999, 2069 and 2083 and you'll see what I'm talking about.

There is a check for $canadminusers that allows you to bypass several registration checks. However if $canadminusers is false then it will throw an exception "signing_up_but_currently_logged_in_msg" if the user is already logged in but does not have the canadminusers permission. It's the only line of code in the entire file that throws that specific exception.

Check the file /core/vb/api/user.php line 1999, 2069 and 2083 and you'll see what I'm talking about.

OMG!!!!!!!!!!!!!! Your observation was the best help.
You are correct. The error was coming from the $canadminuser. But it was due to the setting in the user registration: Allow Multiple Registrations Per User". This was set to off. I turned it on and the magic happened.

THANK YOU SO MUCH. :up:

No problem, glad you got it working now. :)

Here is another question.
If I turn off "Allow New User Registrations" in the Admin CP, this script will not work.
I need to make sure that my users don't register directly in the vBulletin and they go through my custom registration form.
Is there a way that I could disable the user registration in vBulletin without affecting this script?

Well again if $canadminusers variable is true then it should work because it skips that entire check. It is directly connected to "$this->hasAdminPermission('canadminusers')". If you edit that vBulletin script and add a var_dump($canadminusers); before line 2069 where the check is performed, does it show true or false? That way you can check if the admin user that is logged in is in fact allowed to alter users.

You can also assign the user the "super admin" role which you can assign in the /core/includes/config.php file in the $config['SpecialUsers']['superadmins'] variable. When it's in that variable, it will pass any kind of permission check.