diff options
author | friendica <info@friendica.com> | 2014-07-09 21:10:56 -0700 |
---|---|---|
committer | friendica <info@friendica.com> | 2014-07-09 21:10:56 -0700 |
commit | fa706c8e860d4057f401b3ca0dff04fb8aa47363 (patch) | |
tree | 780ae79755a79d2bc33ca3b042884b4eac30296c /include | |
parent | c59cd91836ce4f487b84fbfb2d155385de63791e (diff) | |
download | volse-hubzilla-fa706c8e860d4057f401b3ca0dff04fb8aa47363.tar.gz volse-hubzilla-fa706c8e860d4057f401b3ca0dff04fb8aa47363.tar.bz2 volse-hubzilla-fa706c8e860d4057f401b3ca0dff04fb8aa47363.zip |
finish implementing email verification. Currently it only applies if REGISTER_OPEN is in effect.
Diffstat (limited to 'include')
-rw-r--r-- | include/account.php | 9 | ||||
-rw-r--r-- | include/auth.php | 7 |
2 files changed, 14 insertions, 2 deletions
diff --git a/include/account.php b/include/account.php index edfd1bf05..138db3290 100644 --- a/include/account.php +++ b/include/account.php @@ -254,6 +254,7 @@ function verify_email_address($arr) { else logger('send_reg_approval_email: failed to ' . $admin['email'] . 'account_id: ' . $arr['account']['account_id']); + return $res; } @@ -476,8 +477,14 @@ function user_approve($hash) { intval(ACCOUNT_PENDING), intval($register[0]['uid']) ); + $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1", + intval(ACCOUNT_UNVERIFIED), + intval(ACCOUNT_UNVERIFIED), + intval($register[0]['uid']) + ); - info( t('Account approved.') . EOL ); + info( t('Account verified. Please login.') . EOL ); + return true; } diff --git a/include/auth.php b/include/auth.php index e8f13d0fb..0baa80c2a 100644 --- a/include/auth.php +++ b/include/auth.php @@ -35,13 +35,18 @@ function nuke_session() { function account_verify_password($email,$pass) { + $email_verify = get_config('system','verify_email'); + + if($email_verify && $record['account_flags'] & ACCOUNT_UNVERIFIED) + return null; + $r = q("select * from account where account_email = '%s'", dbesc($email) ); if(! ($r && count($r))) return null; foreach($r as $record) { - if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED) + if(($record['account_flags'] == ACCOUNT_OK) && (hash('whirlpool',$record['account_salt'] . $pass) === $record['account_password'])) { logger('password verified for ' . $email); return $record; |