diff options
author | friendica <info@friendica.com> | 2013-01-27 01:19:24 -0800 |
---|---|---|
committer | friendica <info@friendica.com> | 2013-01-27 01:19:24 -0800 |
commit | 28ab6d5bf508120956d575e260ed2fa2b8417e59 (patch) | |
tree | 2bb7a313ecfa5d900cd6a53dfe6fe926c4b7c8e4 | |
parent | 22bde9b2b797f17841f0ee12df1d12ea9616216f (diff) | |
download | volse-hubzilla-28ab6d5bf508120956d575e260ed2fa2b8417e59.tar.gz volse-hubzilla-28ab6d5bf508120956d575e260ed2fa2b8417e59.tar.bz2 volse-hubzilla-28ab6d5bf508120956d575e260ed2fa2b8417e59.zip |
lostpass fixes and login/logout flow if authenticated but no default channel exists
-rw-r--r-- | boot.php | 2 | ||||
-rw-r--r-- | done | 2 | ||||
-rw-r--r-- | include/auth.php | 2 | ||||
-rw-r--r-- | include/nav.php | 7 | ||||
-rw-r--r-- | install/database.sql | 18 | ||||
-rw-r--r-- | install/update.php | 13 | ||||
-rw-r--r-- | mod/home.php | 4 | ||||
-rw-r--r-- | mod/lostpass.php | 18 | ||||
-rw-r--r-- | view/tpl/nav.tpl | 1 |
9 files changed, 45 insertions, 22 deletions
@@ -16,7 +16,7 @@ require_once('include/features.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica Red'); define ( 'FRIENDICA_VERSION', trim(file_get_contents('version.inc')) . 'R'); define ( 'ZOT_REVISION', 1 ); -define ( 'DB_UPDATE_VERSION', 1021 ); +define ( 'DB_UPDATE_VERSION', 1022 ); define ( 'EOL', '<br />' . "\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); @@ -113,7 +113,7 @@ mod/ + like.php + lockview.php + login.php - lostpass.php ++ lostpass.php ? magic.php + manage.php match.php diff --git a/include/auth.php b/include/auth.php index 68dc9308f..14751f5a2 100644 --- a/include/auth.php +++ b/include/auth.php @@ -39,9 +39,11 @@ function account_verify_password($email,$pass) { foreach($r as $record) { if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED) && (hash('whirlpool',$record['account_salt'] . $pass) === $record['account_password'])) { + logger('password verified for ' . $email); return $record; } } + logger('password failed for ' . $email); return null; } diff --git a/include/nav.php b/include/nav.php index 3a565af55..73421beab 100644 --- a/include/nav.php +++ b/include/nav.php @@ -80,7 +80,12 @@ EOT; } else { - $nav['login'] = Array('login',t('Login'), ($a->module == 'login'?'selected':''), t('Sign in')); + if(! get_account_id()) + $nav['login'] = Array('login',t('Login'), ($a->module == 'login'?'selected':''), t('Sign in')); + else + $nav['alogout'] = Array('logout',t('Logout'), "", t('End this session')); + + } if($observer) { diff --git a/install/database.sql b/install/database.sql index 2d8475741..aee87c119 100644 --- a/install/database.sql +++ b/install/database.sql @@ -16,7 +16,7 @@ CREATE TABLE IF NOT EXISTS `abook` ( `abook_closeness` tinyint(3) unsigned NOT NULL DEFAULT '99', `abook_created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `abook_updated` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', - `abook_connnected` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', + `abook_connected` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `abook_dob` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `abook_flags` int(11) NOT NULL DEFAULT '0', `abook_profile` char(64) NOT NULL DEFAULT '', @@ -29,10 +29,10 @@ CREATE TABLE IF NOT EXISTS `abook` ( KEY `abook_closeness` (`abook_closeness`), KEY `abook_created` (`abook_created`), KEY `abook_updated` (`abook_updated`), - KEY `abook_connnected` (`abook_connnected`), KEY `abook_flags` (`abook_flags`), KEY `abook_profile` (`abook_profile`), - KEY `abook_dob` (`abook_dob`) + KEY `abook_dob` (`abook_dob`), + KEY `abook_connected` (`abook_connected`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE IF NOT EXISTS `account` ( @@ -241,7 +241,6 @@ CREATE TABLE IF NOT EXISTS `event` ( `deny_gid` mediumtext NOT NULL, PRIMARY KEY (`id`), KEY `uid` (`uid`), - KEY `event_xchan` (`event_xchan`), KEY `type` (`type`), KEY `start` (`start`), KEY `finish` (`finish`), @@ -249,8 +248,9 @@ CREATE TABLE IF NOT EXISTS `event` ( KEY `nofinish` (`nofinish`), KEY `ignore` (`ignore`), KEY `aid` (`aid`), - KEY `event_hash` (`event_hash`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8; + KEY `event_hash` (`event_hash`), + KEY `event_xchan` (`event_xchan`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE IF NOT EXISTS `fcontact` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, @@ -649,14 +649,14 @@ CREATE TABLE IF NOT EXISTS `photo` ( `deny_gid` mediumtext NOT NULL, PRIMARY KEY (`id`), KEY `uid` (`uid`), - KEY `resource_id` (`resource_id`), KEY `album` (`album`), KEY `scale` (`scale`), KEY `profile` (`profile`), KEY `type` (`type`), KEY `aid` (`aid`), KEY `xchan` (`xchan`), - KEY `size` (`size`) + KEY `size` (`size`), + KEY `resource_id` (`resource_id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE IF NOT EXISTS `profile` ( @@ -842,7 +842,7 @@ CREATE TABLE IF NOT EXISTS `verify` ( KEY `token` (`token`), KEY `meta` (`meta`), KEY `created` (`created`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8; +) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE IF NOT EXISTS `xchan` ( `xchan_hash` char(255) NOT NULL, diff --git a/install/update.php b/install/update.php index 8decfc133..41c6a7565 100644 --- a/install/update.php +++ b/install/update.php @@ -1,6 +1,6 @@ <?php -define( 'UPDATE_VERSION' , 1021 ); +define( 'UPDATE_VERSION' , 1022 ); /** * @@ -292,3 +292,14 @@ function update_r1020() { return UPDATE_SUCCESS; return UPDATE_FAILED; } + +function update_r1021() { + + $r = q("ALTER TABLE `abook` CHANGE `abook_connnected` `abook_connected` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00', + drop index `abook_connnected`, add index ( `abook_connected` ) "); + + if($r) + return UPDATE_SUCCESS; + return UPDATE_FAILED; +} + diff --git a/mod/home.php b/mod/home.php index f70ff1d02..1bb0148d2 100644 --- a/mod/home.php +++ b/mod/home.php @@ -11,6 +11,10 @@ function home_init(&$a) { if(local_user() && $channel && $channel['xchan_url']) goaway( $channel['xchan_url']); + if(get_account_id()) { + goaway('new_channel'); + } + }} diff --git a/mod/lostpass.php b/mod/lostpass.php index ca93457aa..dd7c7a7d5 100644 --- a/mod/lostpass.php +++ b/mod/lostpass.php @@ -30,15 +30,14 @@ function lostpass_post(&$a) { $email_tpl = get_intltext_template("lostpass_eml.tpl"); $message = replace_macros($email_tpl, array( - '$sitename' => $a->config['sitename'], + '$sitename' => get_config('system','sitename'), '$siteurl' => $a->get_baseurl(), - '$username' => $email, + '$username' => sprintf( t('Site Member (%s)'), $email), '$email' => $email, '$reset_link' => $a->get_baseurl() . '/lostpass?verify=' . $hash )); - require_once('include/email.php'); - $subject = email_header_encode(sprintf( t('Password reset requested at %s'),$a->config['sitename']), 'UTF-8'); + $subject = email_header_encode(sprintf( t('Password reset requested at %s'),get_config('system','sitename')), 'UTF-8'); $res = mail($email, $subject , $message, @@ -65,19 +64,21 @@ function lostpass_content(&$a) { goaway(z_root()); return; } + $aid = $r[0]['account_id']; $email = $r[0]['account_email']; - $password = autoname(6) . mt_rand(100,9999); + $new_password = autoname(6) . mt_rand(100,9999); $salt = random_string(32); - $password_encoded = hash('whirlpool', $salt . $password); + $password_encoded = hash('whirlpool', $salt . $new_password); $r = q("UPDATE account SET account_salt = '%s', account_password = '%s', account_reset = '' where account_id = %d limit 1", dbesc($salt), dbesc($password_encoded), intval($aid) ); + if($r) { $tpl = get_markup_template('pwdreset.tpl'); $o .= replace_macros($tpl,array( @@ -98,12 +99,11 @@ function lostpass_content(&$a) { $message = replace_macros($email_tpl, array( '$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), - '$username' => $email, + '$username' => sprintf( t('Site Member (%s)'), $email), '$email' => $email, - '$new_password' => $password, + '$new_password' => $new_password, '$uid' => $newuid )); - require_once('include/email.php'); $subject = email_header_encode( sprintf( t('Your password has changed at %s'), get_config('system','sitename')), 'UTF-8'); $res = mail($email,$subject,$message, diff --git a/view/tpl/nav.tpl b/view/tpl/nav.tpl index 3b997e215..d17040db1 100644 --- a/view/tpl/nav.tpl +++ b/view/tpl/nav.tpl @@ -112,6 +112,7 @@ {{ endif }} {{ if $nav.login }}<li id="nav-login-link" class="nav-menu $nav.login.2"><a href="$nav.login.0" title="$nav.login.3" >$nav.login.1</a><li>{{ endif }} + {{ if $nav.alogout }}<li id=nav-alogout-link" class="nav-menu $nav-alogout.2"><a href="$nav.alogout.0" title="$nav.alogout.3" >$nav.alogout.1</a></li>{{ endif }} {{ if $nav.help }} <li id="nav-help-link" class="nav-menu $sel.help"> <a class="$nav.help.2" target="friendika-help" href="$nav.help.0" title="$nav.help.3" >$nav.help.1</a> |