diff options
author | Mario Vavti <mario@mariovavti.com> | 2018-01-27 22:25:46 +0100 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2018-01-27 22:25:46 +0100 |
commit | 843d6311112c9174a1731c42a9d257f3f3a0bd0a (patch) | |
tree | ebb275fd10c7010a86667e083b2389a9b4407745 | |
parent | 2e4e56f7cc696b2c52014f0050294826caa74d7d (diff) | |
parent | bd0f63980ba0d0e606f2dd7a65313f7e150d330a (diff) | |
download | volse-hubzilla-843d6311112c9174a1731c42a9d257f3f3a0bd0a.tar.gz volse-hubzilla-843d6311112c9174a1731c42a9d257f3f3a0bd0a.tar.bz2 volse-hubzilla-843d6311112c9174a1731c42a9d257f3f3a0bd0a.zip |
Merge remote-tracking branch 'mike/master' into dev
-rw-r--r-- | Zotlabs/Module/Email_resend.php | 48 | ||||
-rw-r--r-- | Zotlabs/Module/Email_validation.php | 38 | ||||
-rw-r--r-- | Zotlabs/Module/Register.php | 20 | ||||
-rw-r--r-- | include/account.php | 44 | ||||
-rw-r--r-- | include/text.php | 9 | ||||
-rw-r--r-- | view/en/register_verify_member.tpl | 7 | ||||
-rw-r--r-- | view/tpl/email_validation.tpl | 16 |
7 files changed, 163 insertions, 19 deletions
diff --git a/Zotlabs/Module/Email_resend.php b/Zotlabs/Module/Email_resend.php new file mode 100644 index 000000000..367593b55 --- /dev/null +++ b/Zotlabs/Module/Email_resend.php @@ -0,0 +1,48 @@ +<?php + +namespace Zotlabs\Module; + + +class Email_resend extends \Zotlabs\Web\Controller { + + function post() { + + + + if($_POST['token']) { + if(! account_approve(trim($_POST['token']))) { + notice('Token verification failed.') + } + } + + } + + + function get() { + + if(argc() > 1) { + $result = false; + $email = hex2bin(argv(1)); + + if($email) { + $result = verify_email_address( [ 'resend' => true, 'email' => $email ] ); + } + + if($result) { + notice(t('Email verification resent')); + } + else { + notice(t('Unable to resend email verification message.')); + } + + return; + + } + + // @todo - one can provide a form here to resend the mail + // after directing to here if a succesful login was attempted from an unverified address. + + + } + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Email_validation.php b/Zotlabs/Module/Email_validation.php new file mode 100644 index 000000000..4cc016847 --- /dev/null +++ b/Zotlabs/Module/Email_validation.php @@ -0,0 +1,38 @@ +<?php + +namespace Zotlabs\Module; + + +class Email_validation extends \Zotlabs\Web\Controller { + + function post() { + + if($_POST['token']) { + if(! account_approve(trim($_POST['token']))) { + notice('Token verification failed.'); + } + } + + } + + + function get() { + + if(argc() > 1) { + $email = hex2bin(argv(1)); + } + + $o = replace_macros(get_markup_template('email_validation.tpl'), [ + '$title' => t('Email Verification Required'), + '$desc' => sprintf( t('A verification token was sent to your email address [%s]. Enter that token here to complete the account verification step. Please allow a few minutes for delivery, and check your spam folder if you do not see the message.'),$email), + '$resend' => t('Resend Email'), + '$email' => bin2hex($email), + '$submit' => t('Submit'), + '$token' => [ 'token', t('Validation token'),'','' ], + ]); + + return $o; + + } + +}
\ No newline at end of file diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index deaee31bf..c7fa1cee8 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -150,9 +150,11 @@ class Register extends \Zotlabs\Web\Controller { } if($email_verify) { - goaway(z_root()); + goaway(z_root() . '/email_validation/' . bin2hex($result['email'])); } - + + // fall through and authenticate if no approvals or verifications were required. + authenticate_success($result['account'],null,true,false,true); $new_channel = false; @@ -217,6 +219,9 @@ class Register extends \Zotlabs\Web\Controller { $privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : ""); $perm_roles = \Zotlabs\Access\PermissionRoles::roles(); + + // A new account will not have a techlevel, but accounts can also be created by the administrator. + if((get_account_techlevel() < 4) && $privacy_role !== 'custom') unset($perm_roles[t('Other')]); @@ -231,15 +236,17 @@ class Register extends \Zotlabs\Web\Controller { // Configurable whether to restrict age or not - default is based on international legal requirements // This can be relaxed if you are on a restricted server that does not share with public servers - if(get_config('system','no_age_restriction')) + if(get_config('system','no_age_restriction')) { $label_tos = sprintf( t('I accept the %s for this website'), $toslink); - else + } + else { $age = get_config('system','minimum_age'); if(!$age) { $age = 13; } $label_tos = sprintf( t('I am over %s years of age and accept the %s for this website'), $age, $toslink); - + } + $enable_tos = 1 - intval(get_config('system','no_termsofservice')); $email = array('email', t('Your email address'), ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : "")); @@ -255,6 +262,7 @@ class Register extends \Zotlabs\Web\Controller { $auto_create = (get_config('system','auto_channel_create') ? true : false); $default_role = get_config('system','default_permissions_role'); + $email_verify = get_config('system','verify_email'); require_once('include/bbcode.php'); @@ -278,7 +286,7 @@ class Register extends \Zotlabs\Web\Controller { '$pass1' => $password, '$pass2' => $password2, '$submit' => t('Register'), - '$verify_note' => t('This site may require email verification after submitting this form. If you are returned to a login page, please check your email for instructions.') + '$verify_note' => (($email_verify) ? t('This site requires email verification. After completing this form, please check your email for further instructions.') : ''), )); return $o; diff --git a/include/account.php b/include/account.php index 6c6fdece4..3ac485974 100644 --- a/include/account.php +++ b/include/account.php @@ -262,24 +262,46 @@ function create_account($arr) { function verify_email_address($arr) { - $hash = random_string(); - - $r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", - dbesc($hash), - dbesc(datetime_convert()), - intval($arr['account']['account_id']), - dbesc('verify'), - dbesc($arr['account']['account_language']) - ); + if(array_key_exists('resend',$arr)) { + $email = $arr['email']; + $a = q("select * from account where account_email = '%s' limit 1", + dbesc($arr['email']) + ); + if(! ($a && ($a[0]['account_flags'] & ACCOUNT_UNVERIFIED))) { + return false; + } + $account = $a[0]; + $v = q("select * from register where uid = %d and password = 'verify' limit 1", + intval($account['account_id']) + ); + if($v) { + $hash = $v[0]['hash']; + } + else { + return false; + } + } + else { + $hash = random_string(24); + + $r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", + dbesc($hash), + dbesc(datetime_convert()), + intval($arr['account']['account_id']), + dbesc('verify'), + dbesc($arr['account']['account_language']) + ); + $account = $arr['account']; + } - push_lang(($arr['account']['account_language']) ? $arr['account']['account_language'] : 'en'); + push_lang(($account['account_language']) ? $account['account_language'] : 'en'); $email_msg = replace_macros(get_intltext_template('register_verify_member.tpl'), [ '$sitename' => get_config('system','sitename'), '$siteurl' => z_root(), '$email' => $arr['email'], - '$uid' => $arr['account']['account_id'], + '$uid' => $account['account_id'], '$hash' => $hash, '$details' => $details ] diff --git a/include/text.php b/include/text.php index 956f42f7d..8ec6ebace 100644 --- a/include/text.php +++ b/include/text.php @@ -973,7 +973,14 @@ function contact_block() { $contacts = t('Connections'); $micropro = Array(); foreach($r as $rr) { - $rr['archived'] = (intval($rr['abook_archived']) ? true : false); + + // There is no setting to discover if you are bi-directionally connected + // Use the ability to post comments as an indication that this relationship is more + // than wishful thinking; even though soapbox channels and feeds will disable it. + + if(! intval(get_abconfig(App::$profile['uid'],$rr['xchan_hash'],'their_perms','post_comments'))) { + $rr['archived'] = true; + } $micropro[] = micropro($rr,true,'mpfriend'); } } diff --git a/view/en/register_verify_member.tpl b/view/en/register_verify_member.tpl index 71f0964d4..9bdd7fa51 100644 --- a/view/en/register_verify_member.tpl +++ b/view/en/register_verify_member.tpl @@ -10,7 +10,12 @@ Login with the password you chose at registration. We need to verify your email address in order to give you full access. -If you registered this account, please visit the following link: +Your validation code is + +{{$hash}} + + +If you registered this account, please enter the validation code when requested or visit the following link: {{$siteurl}}/regver/allow/{{$hash}} diff --git a/view/tpl/email_validation.tpl b/view/tpl/email_validation.tpl new file mode 100644 index 000000000..f049a040f --- /dev/null +++ b/view/tpl/email_validation.tpl @@ -0,0 +1,16 @@ +<h2>{{$title}}</h2> + +<div class="descriptive-paragraph" style="font-size: 1.2em;"><p>{{$desc}}</p></div> + +<form action="email_validation" method="post"> +{{include file="field_input.tpl" field=$token}} + +<div class="pull-right"> + <a href="email_resend/{{$email}}" class="btn btn-warning">{{$resend}}</a> +</div> +<div class="submit-wrapper" > + <button type="submit" name="submit" class="btn btn-primary">{{$submit}}</button> +</div> +</form> +<div class="clear"></div> + |