diff options
-rwxr-xr-x | boot.php | 2 | ||||
-rw-r--r-- | include/account.php | 9 | ||||
-rw-r--r-- | include/auth.php | 13 | ||||
-rw-r--r-- | install/update.php | 10 | ||||
-rw-r--r-- | mod/register.php | 23 | ||||
-rw-r--r-- | version.inc | 2 |
6 files changed, 50 insertions, 9 deletions
@@ -47,7 +47,7 @@ define ( 'RED_PLATFORM', 'Red Matrix' ); define ( 'RED_VERSION', trim(file_get_contents('version.inc')) . 'R'); define ( 'ZOT_REVISION', 1 ); -define ( 'DB_UPDATE_VERSION', 1115 ); +define ( 'DB_UPDATE_VERSION', 1116 ); define ( 'EOL', '<br />' . "\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); diff --git a/include/account.php b/include/account.php index edfd1bf05..138db3290 100644 --- a/include/account.php +++ b/include/account.php @@ -254,6 +254,7 @@ function verify_email_address($arr) { else logger('send_reg_approval_email: failed to ' . $admin['email'] . 'account_id: ' . $arr['account']['account_id']); + return $res; } @@ -476,8 +477,14 @@ function user_approve($hash) { intval(ACCOUNT_PENDING), intval($register[0]['uid']) ); + $r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1", + intval(ACCOUNT_UNVERIFIED), + intval(ACCOUNT_UNVERIFIED), + intval($register[0]['uid']) + ); - info( t('Account approved.') . EOL ); + info( t('Account verified. Please login.') . EOL ); + return true; } diff --git a/include/auth.php b/include/auth.php index e8f13d0fb..8e02b7b4f 100644 --- a/include/auth.php +++ b/include/auth.php @@ -35,13 +35,24 @@ function nuke_session() { function account_verify_password($email,$pass) { + $email_verify = get_config('system','verify_email'); + $register_policy = get_config('system','register_policy'); + + // Currently we only verify email address if there is an open registration policy. + // This isn't because of any policy - it's because the workflow gets too complicated if + // you have to verify the email and then go through the account approval workflow before + // letting them login. + + if(($email_verify) && ($register_policy == REGISTER_OPEN) && ($record['account_flags'] & ACCOUNT_UNVERIFIED)) + return null; + $r = q("select * from account where account_email = '%s'", dbesc($email) ); if(! ($r && count($r))) return null; foreach($r as $record) { - if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED) + if(($record['account_flags'] == ACCOUNT_OK) && (hash('whirlpool',$record['account_salt'] . $pass) === $record['account_password'])) { logger('password verified for ' . $email); return $record; diff --git a/install/update.php b/install/update.php index bdf84144c..60e8497dc 100644 --- a/install/update.php +++ b/install/update.php @@ -1,6 +1,6 @@ <?php -define( 'UPDATE_VERSION' , 1115 ); +define( 'UPDATE_VERSION' , 1116 ); /** * @@ -1291,3 +1291,11 @@ ADD INDEX ( `target_id` )"); return UPDATE_FAILED; } +function update_r1115() { + + // Introducing email verification. Mark all existing accounts as verified or they + // won't be able to login. + + $r = q("update account set account_flags = (account_flags ^ 1) where (account_flags & 1) "); + return UPDATE_SUCCESS; +}
\ No newline at end of file diff --git a/mod/register.php b/mod/register.php index 990cce2ed..954a32fbf 100644 --- a/mod/register.php +++ b/mod/register.php @@ -52,14 +52,17 @@ function register_post(&$a) { $policy = get_config('system','register_policy'); + $email_verify = get_config('system','verify_email'); + + switch($policy) { case REGISTER_OPEN: - $flags = ACCOUNT_UNVERIFIED; + $flags = ACCOUNT_OK; break; case REGISTER_APPROVE: - $flags = ACCOUNT_UNVERIFIED | ACCOUNT_BLOCKED | ACCOUNT_PENDING; + $flags = ACCOUNT_BLOCKED | ACCOUNT_PENDING; break; default: @@ -68,10 +71,13 @@ function register_post(&$a) { notice( t('Permission denied.') . EOL ); return; } - $flags = ACCOUNT_UNVERIFIED | ACCOUNT_BLOCKED; + $flags = ACCOUNT_BLOCKED; break; } + if($email_verify && $policy == REGISTER_OPEN) + $flags = $flags | ACCOUNT_UNVERIFIED; + if((! $_POST['password']) || ($_POST['password'] !== $_POST['password2'])) { notice( t('Passwords do not match.') . EOL); @@ -100,7 +106,12 @@ function register_post(&$a) { } if($policy == REGISTER_OPEN ) { - $res = send_verification_email($result['email'],$result['password']); + if($email_verify) { + $res = verify_email_address($result); + } + else { + $res = send_verification_email($result['email'],$result['password']); + } if($res) { info( t('Registration successful. Please check your email for validation instructions.') . EOL ) ; } @@ -116,6 +127,10 @@ function register_post(&$a) { goaway(z_root()); } + if($email_verify) { + goaway(z_root()); + } + authenticate_success($result['account'],true,false,true); if(! strlen($next_page = get_config('system','workflow_register_next'))) diff --git a/version.inc b/version.inc index 17865e58f..f9ffd667f 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2014-07-07.729 +2014-07-10.732 |