From 28ab6d5bf508120956d575e260ed2fa2b8417e59 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Sun, 27 Jan 2013 01:19:24 -0800
Subject: lostpass fixes and login/logout flow if authenticated but no default
 channel exists

---
 boot.php             |  2 +-
 done                 |  2 +-
 include/auth.php     |  2 ++
 include/nav.php      |  7 ++++++-
 install/database.sql | 18 +++++++++---------
 install/update.php   | 13 ++++++++++++-
 mod/home.php         |  4 ++++
 mod/lostpass.php     | 18 +++++++++---------
 view/tpl/nav.tpl     |  1 +
 9 files changed, 45 insertions(+), 22 deletions(-)

diff --git a/boot.php b/boot.php
index e561ec6c2..22f6ed721 100644
--- a/boot.php
+++ b/boot.php
@@ -16,7 +16,7 @@ require_once('include/features.php');
 define ( 'FRIENDICA_PLATFORM',     'Friendica Red');
 define ( 'FRIENDICA_VERSION',      trim(file_get_contents('version.inc')) . 'R');
 define ( 'ZOT_REVISION',               1     ); 
-define ( 'DB_UPDATE_VERSION',       1021     );
+define ( 'DB_UPDATE_VERSION',       1022     );
 
 define ( 'EOL',                    '<br />' . "\r\n"     );
 define ( 'ATOM_TIME',              'Y-m-d\TH:i:s\Z' );
diff --git a/done b/done
index 69ee6fe9a..fafcf93b1 100644
--- a/done
+++ b/done
@@ -113,7 +113,7 @@ mod/
 + like.php
 + lockview.php
 + login.php
-  lostpass.php
++ lostpass.php
 ? magic.php
 + manage.php
   match.php
diff --git a/include/auth.php b/include/auth.php
index 68dc9308f..14751f5a2 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -39,9 +39,11 @@ function account_verify_password($email,$pass) {
 	foreach($r as $record) {
 		if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)
 			&& (hash('whirlpool',$record['account_salt'] . $pass) === $record['account_password'])) {
+			logger('password verified for ' . $email);
 			return $record;
 		}
 	}
+	logger('password failed for ' . $email);
 	return null;
 }
 
diff --git a/include/nav.php b/include/nav.php
index 3a565af55..73421beab 100644
--- a/include/nav.php
+++ b/include/nav.php
@@ -80,7 +80,12 @@ EOT;
 		
 	}
 	else {
-		$nav['login'] = Array('login',t('Login'), ($a->module == 'login'?'selected':''), t('Sign in'));
+		if(! get_account_id()) 
+			$nav['login'] = Array('login',t('Login'), ($a->module == 'login'?'selected':''), t('Sign in'));
+		else
+			$nav['alogout'] = Array('logout',t('Logout'), "", t('End this session'));
+
+
 	}
 
 	if($observer) {
diff --git a/install/database.sql b/install/database.sql
index 2d8475741..aee87c119 100644
--- a/install/database.sql
+++ b/install/database.sql
@@ -16,7 +16,7 @@ CREATE TABLE IF NOT EXISTS `abook` (
   `abook_closeness` tinyint(3) unsigned NOT NULL DEFAULT '99',
   `abook_created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
   `abook_updated` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
-  `abook_connnected` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `abook_connected` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
   `abook_dob` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
   `abook_flags` int(11) NOT NULL DEFAULT '0',
   `abook_profile` char(64) NOT NULL DEFAULT '',
@@ -29,10 +29,10 @@ CREATE TABLE IF NOT EXISTS `abook` (
   KEY `abook_closeness` (`abook_closeness`),
   KEY `abook_created` (`abook_created`),
   KEY `abook_updated` (`abook_updated`),
-  KEY `abook_connnected` (`abook_connnected`),
   KEY `abook_flags` (`abook_flags`),
   KEY `abook_profile` (`abook_profile`),
-  KEY `abook_dob` (`abook_dob`)
+  KEY `abook_dob` (`abook_dob`),
+  KEY `abook_connected` (`abook_connected`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8;
 
 CREATE TABLE IF NOT EXISTS `account` (
@@ -241,7 +241,6 @@ CREATE TABLE IF NOT EXISTS `event` (
   `deny_gid` mediumtext NOT NULL,
   PRIMARY KEY (`id`),
   KEY `uid` (`uid`),
-  KEY `event_xchan` (`event_xchan`),
   KEY `type` (`type`),
   KEY `start` (`start`),
   KEY `finish` (`finish`),
@@ -249,8 +248,9 @@ CREATE TABLE IF NOT EXISTS `event` (
   KEY `nofinish` (`nofinish`),
   KEY `ignore` (`ignore`),
   KEY `aid` (`aid`),
-  KEY `event_hash` (`event_hash`)
-) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+  KEY `event_hash` (`event_hash`),
+  KEY `event_xchan` (`event_xchan`)
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8;
 
 CREATE TABLE IF NOT EXISTS `fcontact` (
   `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
@@ -649,14 +649,14 @@ CREATE TABLE IF NOT EXISTS `photo` (
   `deny_gid` mediumtext NOT NULL,
   PRIMARY KEY (`id`),
   KEY `uid` (`uid`),
-  KEY `resource_id` (`resource_id`),
   KEY `album` (`album`),
   KEY `scale` (`scale`),
   KEY `profile` (`profile`),
   KEY `type` (`type`),
   KEY `aid` (`aid`),
   KEY `xchan` (`xchan`),
-  KEY `size` (`size`)
+  KEY `size` (`size`),
+  KEY `resource_id` (`resource_id`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8;
 
 CREATE TABLE IF NOT EXISTS `profile` (
@@ -842,7 +842,7 @@ CREATE TABLE IF NOT EXISTS `verify` (
   KEY `token` (`token`),
   KEY `meta` (`meta`),
   KEY `created` (`created`)
-) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8;
 
 CREATE TABLE IF NOT EXISTS `xchan` (
   `xchan_hash` char(255) NOT NULL,
diff --git a/install/update.php b/install/update.php
index 8decfc133..41c6a7565 100644
--- a/install/update.php
+++ b/install/update.php
@@ -1,6 +1,6 @@
 <?php
 
-define( 'UPDATE_VERSION' , 1021 );
+define( 'UPDATE_VERSION' , 1022 );
 
 /**
  *
@@ -292,3 +292,14 @@ function update_r1020() {
 		return UPDATE_SUCCESS;
 	return UPDATE_FAILED;
 }
+
+function update_r1021() {
+
+	$r = q("ALTER TABLE `abook` CHANGE `abook_connnected` `abook_connected` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
+		drop index `abook_connnected`, add index ( `abook_connected` ) ");
+	
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
diff --git a/mod/home.php b/mod/home.php
index f70ff1d02..1bb0148d2 100644
--- a/mod/home.php
+++ b/mod/home.php
@@ -11,6 +11,10 @@ function home_init(&$a) {
 	if(local_user() && $channel && $channel['xchan_url'])
 		goaway( $channel['xchan_url']);
 
+	if(get_account_id()) {
+		goaway('new_channel');
+	}
+
 }}
 
 
diff --git a/mod/lostpass.php b/mod/lostpass.php
index ca93457aa..dd7c7a7d5 100644
--- a/mod/lostpass.php
+++ b/mod/lostpass.php
@@ -30,15 +30,14 @@ function lostpass_post(&$a) {
 
 	$email_tpl = get_intltext_template("lostpass_eml.tpl");
 	$message = replace_macros($email_tpl, array(
-			'$sitename' => $a->config['sitename'],
+			'$sitename' => get_config('system','sitename'),
 			'$siteurl' =>  $a->get_baseurl(),
-			'$username' => $email,
+			'$username' => sprintf( t('Site Member (%s)'), $email),
 			'$email' => $email,
 			'$reset_link' => $a->get_baseurl() . '/lostpass?verify=' . $hash
 	));
 
-	require_once('include/email.php');
-	$subject = email_header_encode(sprintf( t('Password reset requested at %s'),$a->config['sitename']), 'UTF-8');
+	$subject = email_header_encode(sprintf( t('Password reset requested at %s'),get_config('system','sitename')), 'UTF-8');
 
 	$res = mail($email, $subject ,
 			$message,
@@ -65,19 +64,21 @@ function lostpass_content(&$a) {
 			goaway(z_root());
 			return;
 		}
+
 		$aid = $r[0]['account_id'];
 		$email = $r[0]['account_email'];
 
-		$password = autoname(6) . mt_rand(100,9999);
+		$new_password = autoname(6) . mt_rand(100,9999);
 
 		$salt = random_string(32);
-		$password_encoded = hash('whirlpool', $salt . $password);
+		$password_encoded = hash('whirlpool', $salt . $new_password);
 
 		$r = q("UPDATE account SET account_salt = '%s', account_password = '%s', account_reset = '' where account_id = %d limit 1",
 			dbesc($salt),
 			dbesc($password_encoded),
 			intval($aid)
 		);
+
 		if($r) {
 			$tpl = get_markup_template('pwdreset.tpl');
 			$o .= replace_macros($tpl,array(
@@ -98,12 +99,11 @@ function lostpass_content(&$a) {
 			$message = replace_macros($email_tpl, array(
 			'$sitename' => $a->config['sitename'],
 			'$siteurl' =>  $a->get_baseurl(),
-			'$username' => $email,
+			'$username' => sprintf( t('Site Member (%s)'), $email),
 			'$email' => $email,
-			'$new_password' => $password,
+			'$new_password' => $new_password,
 			'$uid' => $newuid ));
 
-			require_once('include/email.php');
 			$subject = email_header_encode( sprintf( t('Your password has changed at %s'), get_config('system','sitename')), 'UTF-8');
 
 			$res = mail($email,$subject,$message,
diff --git a/view/tpl/nav.tpl b/view/tpl/nav.tpl
index 3b997e215..d17040db1 100644
--- a/view/tpl/nav.tpl
+++ b/view/tpl/nav.tpl
@@ -112,6 +112,7 @@
 	{{ endif }}
 	
 	{{ if $nav.login }}<li id="nav-login-link" class="nav-menu $nav.login.2"><a href="$nav.login.0" title="$nav.login.3" >$nav.login.1</a><li>{{ endif }}
+	{{ if $nav.alogout }}<li id=nav-alogout-link" class="nav-menu $nav-alogout.2"><a href="$nav.alogout.0" title="$nav.alogout.3" >$nav.alogout.1</a></li>{{ endif }}
 	{{ if $nav.help }} 
 		<li id="nav-help-link" class="nav-menu $sel.help">
 			<a class="$nav.help.2" target="friendika-help" href="$nav.help.0" title="$nav.help.3" >$nav.help.1</a>
-- 
cgit v1.2.3