From 67db1c6e9bc474c34cb10029794b64be8c85a393 Mon Sep 17 00:00:00 2001 From: Hilmar R Date: Sat, 23 Jan 2021 15:24:24 +0100 Subject: melt diff prod fork 4.6.2 air onto 5.2.1 to 5.2.2 DB 1241 --- Zotlabs/Module/Regate.php | 347 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 347 insertions(+) create mode 100644 Zotlabs/Module/Regate.php (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php new file mode 100644 index 000000000..8ec559332 --- /dev/null +++ b/Zotlabs/Module/Regate.php @@ -0,0 +1,347 @@ + 1 ) { + $did2 = hex2bin( substr( argv(1), 0, -1) ); + $didx = substr( argv(1), -1 ); + } + + $msg = ''; + $nextpage = ''; + + if ($did2) { + + $nowhhmm = date('Hi'); + $day = date('N'); + $now = date('Y-m-d H:i:s'); + $ip = $_SERVER['REMOTE_ADDR']; + + $isduty = zar_register_dutystate(); + if ($isduty['isduty'] !== false && $isduty['isduty'] != 1) { + // normally, that should never happen here + // log suitable for fail2ban also + $logmsg = 'ZAR1230S Unexpected registration verification request for ' + . get_config('system','sitename') . ' arrived from § ' . $ip . ' §'; + zar_log($logmsg); + goaway(z_root() . '/'); + } + + // do we have a valid dId2 ? + if ( ($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) + || ($didx == 'e') ) { + // check startup and expiration via [=[register + $r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_did2 = '%s' ", dbesc($did2) ); + if ( $r && count($r) == 1 ) { + $r = $r[0]; + // check timeframe + if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now ) { + + if ( isset($_POST['resend']) && $didx == 'e' ) { + $re = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = 'e' AND reg_did2 = '%s' ", dbesc($r['reg_did2']) ); + if ( $re && count($re) == 1 ) { + $re = $re[0]; + $reonar = json_decode($re['reg_stuff'],true); + $reonar['subject'] = 'Re,Fwd,' . $reonar['subject']; + if ($reonar) { + $zm = zar_reg_mail($reonar); + $msg = ($zm) ? 'ZAR1238I ' . t('Email resent') + : 'ZAR1238E ' . t('Resent failed'); + zar_log($msg . ' ' . $r['reg_did2']); + info($msg); + goaway(z_root() . '/' . $nextpage); + } + } + } + + // check hash + if ( $didx == 'a' ) + $acpin = (preg_match('/^[0-9]{6,6}$/', $_POST['acpin']) ? $_POST['acpin'] : false); + elseif ( $didx == 'e' ) + $acpin = (preg_match('/^[0-9a-f]{24,24}$/', $_POST['acpin']) ? $_POST['acpin'] : false); + else $acpin = false; + + if ( $acpin && ($r['reg_hash'] == $acpin )) { + + $flags = $r['reg_flags']; + if ( ($flags & ACCOUNT_UNVERIFIED ) == ACCOUNT_UNVERIFIED) { + + // verification success + $msg = 'ZAR1237I' . ' ' . t('Verify successfull'); + $reonar = json_decode( $r['reg_stuff'], true); + $reonar['valid'] = $now . ',' . $ip . ' ' . $did2 . ' ' . $msg; + // clear flag + $flags &= $flags ^ ACCOUNT_UNVERIFIED; + // sth todo? + $vital = $flags == 0 ? 0 : 1; + // set flag + $flags |= REGISTER_AGREED; + zar_log($msg . ' ' . $did2 . ':flags' . $flags . ',rid' . $r['reg_id']); + + q("START TRANSACTION"); + + $qu = q("UPDATE register SET reg_stuff = '%s', reg_vital = %d, reg_flags = %d " + ." WHERE reg_id = %d ", + dbesc(json_encode($reonar)), + intval($vital), + intval($flags), + intval($r['reg_id']) + ); + + if ( ($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING ) { + $msg .= "\n".t('Last step will be by an instance admin to agree your account request'); + q("COMMIT"); + } + elseif ( ($flags ^ REGISTER_AGREED) == 0) { + + $cra = create_account_from_register([ 'reg_id' => $r['reg_id'] ]); + + if ($cra['success']) { + + q("COMMIT"); + $msg = 'ZAR1238I' . t('Account successfull created'); + zar_log($msg . ':' . print_r($cra, true)); + $nextpage = '~'; + $auto_create = (get_config('system','auto_channel_create') ? true : false); + + if($auto_create) { + if($reonar['chan.name']) + set_aconfig($cra['account']['account_id'], + 'register','channel_name',$reonar['chan.name']); + if($reonar['chan.did1']) + set_aconfig($cra['account']['account_id'], + 'register','channel_address',$reonar['chan.did1']); + } + + authenticate_success($cra['account'],null,true,false,true); + + if($auto_create) { + $new_channel = auto_channel_create($cra['account']['account_id']); + if($new_channel['success']) { + $channel_id = $new_channel['channel']['channel_id']; + change_channel($channel_id); + $nextpage = 'profiles/' . $channel_id; + } + else { + zar_log($new_channel['message'] + . ', ' . $reonar['chan.did1'] + . ', ' . $reonar['chan.name'] + ); + } + } + unset($_SESSION['login_return_url']); + } + else { + q("ROLLBACK"); + $msg = 'ZAR1239E ' . t('Account creation error'); + zar_log($msg . ':' . print_r($cra, true)); + } + } + else { + // new flags implemented and not recognized or sth like + zar_log('ZAR1237D unexpected,' . $flags); + } + } + else { + // nothing to confirm + $msg = 'ZAR1236E' . ' ' . t('Verify failed'); + } + } + else { + $msg = 'ZAR1235E' . ' ' . t('Token verification failed'); + } + } + else { + $msg = 'ZAR1234W' . ' ' . t('Request not inside time frame'); + //info($r[0]['reg_startup'] . EOL . $r[0]['reg_expire'] ); + } + } + else { + $msg = 'ZAR1232E' . ' ' . t('Identity unknown'); + zar_log($msg . ':' . $did2 . $didx); + } + } + else { + $msg = 'ZAR1231E' . t('dId2 mistaken'); + } + + } + + if ($msg > '') info($msg); + goaway( z_root() . '/' . $nextpage ); + } + + + function get() { + + if ( argc() > 1 ) { + $did2 = hex2bin( substr( argv(1), 0, -1) ); + $didx = substr( argv(1), -1 ); + $deny = argc() > 2 ? argv(2) : ''; + $deny = preg_match('/^[0-9a-f]{8,8}$/', $deny) ? hex2bin($deny) : false; + } + + if ($_SESSION['zar']['msg']) { + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$title' => t('Your Registration'), + '$now' => '', + '$infos' => $_SESSION['zar']['msg'] . EOL, + ]); + unset($_SESSION['zar']['msg']); + return $o; + } + + $now = date('Y-m-d H:i:s'); + $ip = $_SERVER['REMOTE_ADDR']; + + $isduty = zar_register_dutystate(); + $nowfmt = $isduty['nowfmt']; + $atform = $isduty['atform']; + + $title = t('Register Verification'); + + // do we have a valid dId2 ? + if ( ($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) + || ($didx == 'e') ) { + + $r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = '%s' AND reg_did2 = '%s'", + dbesc($didx), + dbesc($did2) + ); + + if ( $r && count($r) == 1 && $r[0]['reg_flags'] &= (ACCOUNT_UNVERIFIED | ACCOUNT_PENDING)) { + $r = $r[0]; + + // provide a button in case + $resend = ($r['reg_didx'] == 'e') ? t('Resend') : false; + + // is still only instance admins intervention required? + if ( $r['reg_flags'] == ACCOUNT_PENDING ) { + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$title' => t('Register Verification Status'), + '$now' => $nowfmt, + '$infos' => t('Soon all is well.') . EOL + . t('Only one instance admin has still to agree your account request.') . EOL + . t('Please be patient') . EOL . EOL . 'ZAR1138I', + ]); + } + else { + + if ($deny) { + + if (substr($r['reg_hash'],0,4) == $deny) { + + zar_log('ZAR1134S email verfication denied ' . $did2); + + $msg = 'ZAR1133A' . ' ' . t('Sorry for any inconvience. Thank you for your response.'); + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$title' => t('Registration request denied'), + '$now' => $nowf, + '$infos' => $msg . EOL, + ]); + + $reonar = json_decode( $r['reg_stuff'], true); + $reonar['deny'] = $now . ',' . $ip . ' ' . $did2 . ' ' . $msg; + $flags = ( $r['reg_flags'] &= ( $r['reg_flags'] ^ ACCOUNT_UNVERIFIED) ) + | ( $r['reg_flags'] |= REGISTER_DENIED); + $rd = q("UPDATE register SET reg_stuff='%s', reg_vital=0, reg_flags=%d WHERE reg_id = %d ", + dbesc(json_encode($reonar)), + intval($flags), + intval($r['reg_id']) + ); + } + else { + zar_log('ZAR1135E not awaited url parameter received'); + goaway(z_root); + } + } + else { + + if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now) { + $o = replace_macros(get_markup_template('regate.tpl'), [ + '$form_security_token' => get_form_security_token("regate"), + '$title' => $title, + '$desc' => t('You were given a validation token. Please enter that token here to continue the register verification step and allow some delay for proccessing.'), + '$did2' => bin2hex($did2) . $didx, + '$now' => $nowfmt, + '$atform' => $atform, + '$resend' => $resend, + '$submit' => t('Submit'), + '$acpin' => [ 'acpin', t('Validation token'),'','' ], + ]); + } + else { + // expired ? + if ( $now > $r['reg_expires'] ) { + $rd = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d ", + intval($r['reg_id']) + ); + } + + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$title' => $title, + '$now' => $nowf, + '$infos' => 'ZAR1132W' . ' ' . t('Request not inside time frame') . EOL, + ]); + } + } + } + } + else { + $msg = 'ZAR1132E' . ' ' . t('Identity unknown'); + zar_log($msg . ':' . $did2 . ',' . $didx); + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$title' => $title, + '$now' => $nowf, + '$infos' => $msg . EOL, + ]); + } + + } + else { + $msg = 'ZAR1131E ' . t('dId2 mistaken'); + // $log = ' from § ' . $ip . ' §' . ' (' . dbesc($did2) . ')'; + zar_log($msg); + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$title' => $title, + '$now' => $nowf, + '$infos' => ($msg) . EOL, + ]); + } + + return $o; + } +} + -- cgit v1.2.3 From 0a16674f6e6b96b99b1bc004a62684b7cc2a4694 Mon Sep 17 00:00:00 2001 From: Hilmar R Date: Sun, 24 Jan 2021 16:44:58 +0100 Subject: auto channel create adjustments, zar log reg msgs --- Zotlabs/Module/Regate.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 8ec559332..eabc1459e 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -131,9 +131,13 @@ class Regate extends \Zotlabs\Web\Controller { if ($cra['success']) { q("COMMIT"); - $msg = 'ZAR1238I' . t('Account successfull created'); - zar_log($msg . ':' . print_r($cra, true)); - $nextpage = '~'; + $msg = 'ZAR1238I ' . t('Account successfull created'); + // zar_log($msg . ':' . print_r($cra, true)); + zar_log($msg . ' ' . $cra['account']['account_email'] + . ' ' . $cra['account']['account_language']); + $nextpage = 'new_channel'; + + /* oops, ffu perhaps $auto_create = (get_config('system','auto_channel_create') ? true : false); if($auto_create) { @@ -144,9 +148,10 @@ class Regate extends \Zotlabs\Web\Controller { set_aconfig($cra['account']['account_id'], 'register','channel_address',$reonar['chan.did1']); } - + */ authenticate_success($cra['account'],null,true,false,true); + /* oops, ffu perhaps if($auto_create) { $new_channel = auto_channel_create($cra['account']['account_id']); if($new_channel['success']) { @@ -161,6 +166,7 @@ class Regate extends \Zotlabs\Web\Controller { ); } } + */ unset($_SESSION['login_return_url']); } else { -- cgit v1.2.3 From 3f031399cb900650b6a59b9d2b5706b1c5c1afde Mon Sep 17 00:00:00 2001 From: Hilmar R Date: Sun, 24 Jan 2021 20:59:11 +0100 Subject: auto channel create adjustments --- Zotlabs/Module/Regate.php | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index eabc1459e..f96796e8a 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -137,10 +137,10 @@ class Regate extends \Zotlabs\Web\Controller { . ' ' . $cra['account']['account_language']); $nextpage = 'new_channel'; - /* oops, ffu perhaps $auto_create = (get_config('system','auto_channel_create') ? true : false); if($auto_create) { + // prepare channel creation if($reonar['chan.name']) set_aconfig($cra['account']['account_id'], 'register','channel_name',$reonar['chan.name']); @@ -148,30 +148,29 @@ class Regate extends \Zotlabs\Web\Controller { set_aconfig($cra['account']['account_id'], 'register','channel_address',$reonar['chan.did1']); } - */ + authenticate_success($cra['account'],null,true,false,true); - /* oops, ffu perhaps if($auto_create) { + // create channel $new_channel = auto_channel_create($cra['account']['account_id']); + if($new_channel['success']) { $channel_id = $new_channel['channel']['channel_id']; change_channel($channel_id); $nextpage = 'profiles/' . $channel_id; + $msg = 'ZAR1239I ' . t('Channel successfull created') . ' ' . $did2; } else { - zar_log($new_channel['message'] - . ', ' . $reonar['chan.did1'] - . ', ' . $reonar['chan.name'] - ); + $msg = 'ZAR1239E ' . $new_channel['message'] . ' ' . $did2; } + zar_log($msg . ' ' . $reonar['chan.did1'] . ' (' . $reonar['chan.name'] . ')'); } - */ unset($_SESSION['login_return_url']); } else { q("ROLLBACK"); - $msg = 'ZAR1239E ' . t('Account creation error'); + $msg = 'ZAR1238E ' . t('Account creation error'); zar_log($msg . ':' . print_r($cra, true)); } } -- cgit v1.2.3 From 4ecb4189b8787d57c601ebf467ecd94fa706d1ca Mon Sep 17 00:00:00 2001 From: Hilmar R Date: Thu, 28 Jan 2021 22:08:38 +0100 Subject: Register panel interaction consistence usage --- Zotlabs/Module/Regate.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index f96796e8a..cf6b76bfa 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -162,7 +162,7 @@ class Regate extends \Zotlabs\Web\Controller { $msg = 'ZAR1239I ' . t('Channel successfull created') . ' ' . $did2; } else { - $msg = 'ZAR1239E ' . $new_channel['message'] . ' ' . $did2; + $msg = 'ZAR1239E ' . t('Channel still not created') . ' ' . $did2; } zar_log($msg . ' ' . $reonar['chan.did1'] . ' (' . $reonar['chan.name'] . ')'); } -- cgit v1.2.3 From 4581abb6d126097e4f6cb7f23e0fb68c0e9237b2 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 17 Mar 2021 12:14:55 +0100 Subject: air: some work on ui/ux --- Zotlabs/Module/Regate.php | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index cf6b76bfa..b9b1c0d56 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -5,7 +5,7 @@ namespace Zotlabs\Module; require_once('include/security.php'); /** - * + * * @version 2.0.0 * @author hilmar runge * @since 2020-03-03 @@ -43,7 +43,7 @@ class Regate extends \Zotlabs\Web\Controller { $nextpage = ''; if ($did2) { - + $nowhhmm = date('Hi'); $day = date('N'); $now = date('Y-m-d H:i:s'); @@ -53,7 +53,7 @@ class Regate extends \Zotlabs\Web\Controller { if ($isduty['isduty'] !== false && $isduty['isduty'] != 1) { // normally, that should never happen here // log suitable for fail2ban also - $logmsg = 'ZAR1230S Unexpected registration verification request for ' + $logmsg = 'ZAR1230S Unexpected registration verification request for ' . get_config('system','sitename') . ' arrived from § ' . $ip . ' §'; zar_log($logmsg); goaway(z_root() . '/'); @@ -148,7 +148,7 @@ class Regate extends \Zotlabs\Web\Controller { set_aconfig($cra['account']['account_id'], 'register','channel_address',$reonar['chan.did1']); } - + authenticate_success($cra['account'],null,true,false,true); if($auto_create) { @@ -160,20 +160,20 @@ class Regate extends \Zotlabs\Web\Controller { change_channel($channel_id); $nextpage = 'profiles/' . $channel_id; $msg = 'ZAR1239I ' . t('Channel successfull created') . ' ' . $did2; - } + } else { $msg = 'ZAR1239E ' . t('Channel still not created') . ' ' . $did2; } zar_log($msg . ' ' . $reonar['chan.did1'] . ' (' . $reonar['chan.name'] . ')'); } unset($_SESSION['login_return_url']); - } + } else { q("ROLLBACK"); $msg = 'ZAR1238E ' . t('Account creation error'); zar_log($msg . ':' . print_r($cra, true)); } - } + } else { // new flags implemented and not recognized or sth like zar_log('ZAR1237D unexpected,' . $flags); @@ -187,17 +187,17 @@ class Regate extends \Zotlabs\Web\Controller { else { $msg = 'ZAR1235E' . ' ' . t('Token verification failed'); } - } + } else { $msg = 'ZAR1234W' . ' ' . t('Request not inside time frame'); //info($r[0]['reg_startup'] . EOL . $r[0]['reg_expire'] ); } - } + } else { $msg = 'ZAR1232E' . ' ' . t('Identity unknown'); zar_log($msg . ':' . $did2 . $didx); } - } + } else { $msg = 'ZAR1231E' . t('dId2 mistaken'); } @@ -241,7 +241,7 @@ class Regate extends \Zotlabs\Web\Controller { if ( ($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) || ($didx == 'e') ) { - $r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = '%s' AND reg_did2 = '%s'", + $r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = '%s' AND reg_did2 = '%s'", dbesc($didx), dbesc($did2) ); @@ -261,7 +261,7 @@ class Regate extends \Zotlabs\Web\Controller { . t('Only one instance admin has still to agree your account request.') . EOL . t('Please be patient') . EOL . EOL . 'ZAR1138I', ]); - } + } else { if ($deny) { @@ -279,7 +279,7 @@ class Regate extends \Zotlabs\Web\Controller { $reonar = json_decode( $r['reg_stuff'], true); $reonar['deny'] = $now . ',' . $ip . ' ' . $did2 . ' ' . $msg; - $flags = ( $r['reg_flags'] &= ( $r['reg_flags'] ^ ACCOUNT_UNVERIFIED) ) + $flags = ( $r['reg_flags'] &= ( $r['reg_flags'] ^ ACCOUNT_UNVERIFIED) ) | ( $r['reg_flags'] |= REGISTER_DENIED); $rd = q("UPDATE register SET reg_stuff='%s', reg_vital=0, reg_flags=%d WHERE reg_id = %d ", dbesc(json_encode($reonar)), @@ -291,7 +291,7 @@ class Regate extends \Zotlabs\Web\Controller { zar_log('ZAR1135E not awaited url parameter received'); goaway(z_root); } - } + } else { if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now) { @@ -334,7 +334,7 @@ class Regate extends \Zotlabs\Web\Controller { ]); } - } + } else { $msg = 'ZAR1131E ' . t('dId2 mistaken'); // $log = ' from § ' . $ip . ' §' . ' (' . dbesc($did2) . ')'; -- cgit v1.2.3 From febf766be0ecd2a50aa8842a90a23dc23763e373 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 17 Mar 2021 14:37:16 +0100 Subject: air: make sure we always save date_time in UTC - issue #1544 --- Zotlabs/Module/Regate.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index b9b1c0d56..2b46d7452 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -46,7 +46,7 @@ class Regate extends \Zotlabs\Web\Controller { $nowhhmm = date('Hi'); $day = date('N'); - $now = date('Y-m-d H:i:s'); + $now = datetime_convert(); $ip = $_SERVER['REMOTE_ADDR']; $isduty = zar_register_dutystate(); @@ -228,7 +228,7 @@ class Regate extends \Zotlabs\Web\Controller { return $o; } - $now = date('Y-m-d H:i:s'); + $now = datetime_convert(); $ip = $_SERVER['REMOTE_ADDR']; $isduty = zar_register_dutystate(); -- cgit v1.2.3 From 9f26b7aa9c6e3ba50de5a0780c917cabad7367f6 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 17 Mar 2021 17:49:13 +0100 Subject: air: convert utc to local in browser (we do not have a client timezone othervise at this point) - issue #1544 --- Zotlabs/Module/Regate.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 2b46d7452..7379a6662 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -232,8 +232,8 @@ class Regate extends \Zotlabs\Web\Controller { $ip = $_SERVER['REMOTE_ADDR']; $isduty = zar_register_dutystate(); - $nowfmt = $isduty['nowfmt']; - $atform = $isduty['atform']; + $nowfmt = $isduty['nowfmt']; + $atform = $isduty['atform']; $title = t('Register Verification'); -- cgit v1.2.3 From 06d47deef80d19230ee6c801c97c3e8913012671 Mon Sep 17 00:00:00 2001 From: Mario Date: Fri, 19 Mar 2021 11:43:48 +0100 Subject: air: improved UX by changing the registration workflow so that it is not required to go back to registration and post the DID. If no registration delay is configured proceed directly to verification. fixes #1540 --- Zotlabs/Module/Regate.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 7379a6662..077e5fd54 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -122,6 +122,7 @@ class Regate extends \Zotlabs\Web\Controller { if ( ($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING ) { $msg .= "\n".t('Last step will be by an instance admin to agree your account request'); + $nextpage = 'regapr/' . bin2hex($did2); q("COMMIT"); } elseif ( ($flags ^ REGISTER_AGREED) == 0) { @@ -235,6 +236,10 @@ class Regate extends \Zotlabs\Web\Controller { $nowfmt = $isduty['nowfmt']; $atform = $isduty['atform']; + $pin = $_SESSION['zar']['pin'] ?? ''; + unset($_SESSION['zar']['pin']); + + $title = t('Register Verification'); // do we have a valid dId2 ? @@ -298,7 +303,7 @@ class Regate extends \Zotlabs\Web\Controller { $o = replace_macros(get_markup_template('regate.tpl'), [ '$form_security_token' => get_form_security_token("regate"), '$title' => $title, - '$desc' => t('You were given a validation token. Please enter that token here to continue the register verification step and allow some delay for proccessing.'), + '$desc' => $pin ? t('Please enter your validation token') . '' . $pin . '' : t('You were given a validation token. Please enter that token here to verify your registration.'), '$did2' => bin2hex($did2) . $didx, '$now' => $nowfmt, '$atform' => $atform, -- cgit v1.2.3 From 554745a25a9146a83d5deaaa067b3a8cb4858438 Mon Sep 17 00:00:00 2001 From: Mario Date: Sat, 20 Mar 2021 16:57:11 +0100 Subject: air: do not require to verify emailaddress once more after invite code got verified - fixes #1546 but probably still requires some finetuning. --- Zotlabs/Module/Regate.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 077e5fd54..0d430d68c 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -61,14 +61,13 @@ class Regate extends \Zotlabs\Web\Controller { // do we have a valid dId2 ? if ( ($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) - || ($didx == 'e') ) { + || ($didx == 'e') || ($didx == 'i')) { // check startup and expiration via [=[register $r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_did2 = '%s' ", dbesc($did2) ); if ( $r && count($r) == 1 ) { $r = $r[0]; // check timeframe if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now ) { - if ( isset($_POST['resend']) && $didx == 'e' ) { $re = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = 'e' AND reg_did2 = '%s' ", dbesc($r['reg_did2']) ); if ( $re && count($re) == 1 ) { @@ -91,6 +90,8 @@ class Regate extends \Zotlabs\Web\Controller { $acpin = (preg_match('/^[0-9]{6,6}$/', $_POST['acpin']) ? $_POST['acpin'] : false); elseif ( $didx == 'e' ) $acpin = (preg_match('/^[0-9a-f]{24,24}$/', $_POST['acpin']) ? $_POST['acpin'] : false); + elseif ( $didx == 'i' ) + $acpin = $r['reg_hash']; else $acpin = false; if ( $acpin && ($r['reg_hash'] == $acpin )) { -- cgit v1.2.3 From bc1cc65ff20c97db0323d02ab652b239b4c60eb6 Mon Sep 17 00:00:00 2001 From: Mario Date: Thu, 25 Mar 2021 14:00:25 +0100 Subject: air: currently it is allowed to register with non-unique did2 (should this be allowed?) - anyway, for now sort them by reg_created to make sure we always match the latest attempt --- Zotlabs/Module/Regate.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 0d430d68c..4cd902f7b 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -60,11 +60,12 @@ class Regate extends \Zotlabs\Web\Controller { } // do we have a valid dId2 ? - if ( ($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) - || ($didx == 'e') || ($didx == 'i')) { + if (($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) || ($didx == 'e') || ($didx == 'i')) { // check startup and expiration via [=[register - $r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_did2 = '%s' ", dbesc($did2) ); - if ( $r && count($r) == 1 ) { + $r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_did2 = '%s' ORDER BY reg_created DESC ", + dbesc($did2) + ); + if ($r && count($r)) { $r = $r[0]; // check timeframe if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now ) { @@ -244,15 +245,14 @@ class Regate extends \Zotlabs\Web\Controller { $title = t('Register Verification'); // do we have a valid dId2 ? - if ( ($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) - || ($didx == 'e') ) { + if (($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) || ($didx == 'e')) { - $r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = '%s' AND reg_did2 = '%s'", - dbesc($didx), - dbesc($did2) + $r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = '%s' AND reg_did2 = '%s' ORDER BY reg_created DESC", + dbesc($didx), + dbesc($did2) ); - if ( $r && count($r) == 1 && $r[0]['reg_flags'] &= (ACCOUNT_UNVERIFIED | ACCOUNT_PENDING)) { + if ($r && count($r) && $r[0]['reg_flags'] &= (ACCOUNT_UNVERIFIED | ACCOUNT_PENDING)) { $r = $r[0]; // provide a button in case -- cgit v1.2.3 From 725e57a27a41c8780c08fe598ec6c7b24a633cf4 Mon Sep 17 00:00:00 2001 From: Mario Date: Fri, 26 Mar 2021 20:54:48 +0100 Subject: air: more work on UX during register --- Zotlabs/Module/Regate.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 4cd902f7b..4fcae83e4 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -310,7 +310,7 @@ class Regate extends \Zotlabs\Web\Controller { '$atform' => $atform, '$resend' => $resend, '$submit' => t('Submit'), - '$acpin' => [ 'acpin', t('Validation token'),'','' ], + '$acpin' => [ 'acpin', t('Validation token'),'','' ] ]); } else { @@ -324,6 +324,7 @@ class Regate extends \Zotlabs\Web\Controller { $o = replace_macros(get_markup_template('plain.tpl'), [ '$title' => $title, '$now' => $nowf, + '$countdown' => datetime_convert('UTC', 'UTC', $r['reg_startup'], 'c'), '$infos' => 'ZAR1132W' . ' ' . t('Request not inside time frame') . EOL, ]); } -- cgit v1.2.3 From 85b6e352d41580918c84298790916786f384f8b5 Mon Sep 17 00:00:00 2001 From: Mario Date: Sun, 28 Mar 2021 10:17:54 +0000 Subject: air: fixes --- Zotlabs/Module/Regate.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 4fcae83e4..f6faff811 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -70,8 +70,8 @@ class Regate extends \Zotlabs\Web\Controller { // check timeframe if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now ) { if ( isset($_POST['resend']) && $didx == 'e' ) { - $re = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = 'e' AND reg_did2 = '%s' ", dbesc($r['reg_did2']) ); - if ( $re && count($re) == 1 ) { + $re = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = 'e' AND reg_did2 = '%s' ORDER BY reg_created DESC ", dbesc($r['reg_did2']) ); + if ( $re ) { $re = $re[0]; $reonar = json_decode($re['reg_stuff'],true); $reonar['subject'] = 'Re,Fwd,' . $reonar['subject']; @@ -93,7 +93,8 @@ class Regate extends \Zotlabs\Web\Controller { $acpin = (preg_match('/^[0-9a-f]{24,24}$/', $_POST['acpin']) ? $_POST['acpin'] : false); elseif ( $didx == 'i' ) $acpin = $r['reg_hash']; - else $acpin = false; + else + $acpin = false; if ( $acpin && ($r['reg_hash'] == $acpin )) { @@ -124,7 +125,7 @@ class Regate extends \Zotlabs\Web\Controller { if ( ($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING ) { $msg .= "\n".t('Last step will be by an instance admin to agree your account request'); - $nextpage = 'regapr/' . bin2hex($did2); + $nextpage = 'regate/' . bin2hex($did2) . $didx; q("COMMIT"); } elseif ( ($flags ^ REGISTER_AGREED) == 0) { @@ -263,9 +264,10 @@ class Regate extends \Zotlabs\Web\Controller { $o = replace_macros(get_markup_template('plain.tpl'), [ '$title' => t('Register Verification Status'), '$now' => $nowfmt, - '$infos' => t('Soon all is well.') . EOL - . t('Only one instance admin has still to agree your account request.') . EOL - . t('Please be patient') . EOL . EOL . 'ZAR1138I', + '$infos' => t('Verification successful!') . EOL + . t('After your account has been approved by our administrator you will be able to login with your ID') . EOL + . $did2 . EOL + . t('and your provided password.') ]); } else { -- cgit v1.2.3 From 18d990a03468420136c3383fce9860c09f42251c Mon Sep 17 00:00:00 2001 From: Mario Date: Sun, 28 Mar 2021 20:40:26 +0000 Subject: air: more ui/ux and provide a possibility to lookup your registration id in mod regate (raw and unfinished) --- Zotlabs/Module/Regate.php | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index f6faff811..d51927de1 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -215,6 +215,27 @@ class Regate extends \Zotlabs\Web\Controller { function get() { + if (argc() == 1) { + if(isset($_GET['reg_id'])) { + if ( preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $_GET['reg_id'] ) ) { + // dId2 E email + goaway(z_root() . '/regate/' . bin2hex($_GET['reg_id']) . 'e' ); + } + if ( preg_match('/^d{1,1}[0-9]{5,10}$/', $_GET['reg_id'] ) ) { + // dId2 A artifical & anonymous + goaway(z_root() . '/regate/' . bin2hex($_GET['reg_id']) . 'a' ); + } + notice(t('Identity unknown') . EOL); + } + + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$title' => t('Your Registration ID'), + '$now' => '
' + ]); + + return $o; + } + if ( argc() > 1 ) { $did2 = hex2bin( substr( argv(1), 0, -1) ); $didx = substr( argv(1), -1 ); @@ -306,7 +327,7 @@ class Regate extends \Zotlabs\Web\Controller { $o = replace_macros(get_markup_template('regate.tpl'), [ '$form_security_token' => get_form_security_token("regate"), '$title' => $title, - '$desc' => $pin ? t('Please enter your validation token') . '' . $pin . '' : t('You were given a validation token. Please enter that token here to verify your registration.'), + '$desc' => $pin ? t('Please enter your validation token') . ' ' . $pin . '' : t('Please enter your validation token'), '$did2' => bin2hex($did2) . $didx, '$now' => $nowfmt, '$atform' => $atform, -- cgit v1.2.3 From cf62e07bec8ffe6b9e5c92d56c13ee3cbe06b5bf Mon Sep 17 00:00:00 2001 From: Mario Date: Thu, 8 Apr 2021 12:38:38 +0000 Subject: register: default to auto-create channel and fix auto create channel if register approval is configured --- Zotlabs/Module/Regate.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index d51927de1..6d9d5dc28 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -139,18 +139,22 @@ class Regate extends \Zotlabs\Web\Controller { // zar_log($msg . ':' . print_r($cra, true)); zar_log($msg . ' ' . $cra['account']['account_email'] . ' ' . $cra['account']['account_language']); + $nextpage = 'new_channel'; - $auto_create = (get_config('system','auto_channel_create') ? true : false); + $auto_create = get_config('system','auto_channel_create',1); if($auto_create) { // prepare channel creation if($reonar['chan.name']) - set_aconfig($cra['account']['account_id'], - 'register','channel_name',$reonar['chan.name']); + set_aconfig($cra['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']); + if($reonar['chan.did1']) - set_aconfig($cra['account']['account_id'], - 'register','channel_address',$reonar['chan.did1']); + set_aconfig($cra['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']); + + $permissions_role = get_config('system','default_permissions_role'); + if($permissions_role) + set_aconfig($cra['account']['account_id'], 'register', 'permissions_role', $permissions_role); } authenticate_success($cra['account'],null,true,false,true); -- cgit v1.2.3 From f3fa09fc91fe4ca2a44ee4f60d11c5ee70fcefad Mon Sep 17 00:00:00 2001 From: Mario Date: Thu, 8 Apr 2021 16:06:43 +0000 Subject: register: more ui/ux --- Zotlabs/Module/Regate.php | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 6d9d5dc28..24139ed06 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -68,20 +68,19 @@ class Regate extends \Zotlabs\Web\Controller { if ($r && count($r)) { $r = $r[0]; // check timeframe - if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now ) { - if ( isset($_POST['resend']) && $didx == 'e' ) { + if ($r['reg_startup'] <= $now && $r['reg_expires'] >= $now) { + if (isset($_POST['resend']) && $didx == 'e') { $re = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = 'e' AND reg_did2 = '%s' ORDER BY reg_created DESC ", dbesc($r['reg_did2']) ); - if ( $re ) { + if ($re) { $re = $re[0]; - $reonar = json_decode($re['reg_stuff'],true); - $reonar['subject'] = 'Re,Fwd,' . $reonar['subject']; + $reonar = json_decode($re['reg_stuff'], true); if ($reonar) { + $reonar['subject'] = 'Re,Fwd,' . $reonar['subject']; $zm = zar_reg_mail($reonar); - $msg = ($zm) ? 'ZAR1238I ' . t('Email resent') - : 'ZAR1238E ' . t('Resent failed'); - zar_log($msg . ' ' . $r['reg_did2']); + $msg = (($zm) ? t('Email resent') : t('Email resend failed')); + zar_log((($zm) ? 'ZAR1238I' : 'ZAR1238E') . ' ' . $msg . ' ' . $r['reg_did2']); info($msg); - goaway(z_root() . '/' . $nextpage); + return; } } } @@ -352,15 +351,15 @@ class Regate extends \Zotlabs\Web\Controller { '$title' => $title, '$now' => $nowf, '$countdown' => datetime_convert('UTC', 'UTC', $r['reg_startup'], 'c'), - '$infos' => 'ZAR1132W' . ' ' . t('Request not inside time frame') . EOL, + '$infos' => t('Hold on, you can start verification in') . EOL, ]); } } } } else { - $msg = 'ZAR1132E' . ' ' . t('Identity unknown'); - zar_log($msg . ':' . $did2 . ',' . $didx); + $msg = t('Identity unknown'); + zar_log('ZAR1132E ' . $msg . ':' . $did2 . ',' . $didx); $o = replace_macros(get_markup_template('plain.tpl'), [ '$title' => $title, '$now' => $nowf, -- cgit v1.2.3 From 18b6d48944be414acc179fb82f458f996810e5a3 Mon Sep 17 00:00:00 2001 From: Mario Date: Thu, 8 Apr 2021 19:55:53 +0000 Subject: rgister: fixes for registering with invitecode outside of open hours --- Zotlabs/Module/Regate.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 24139ed06..0c32ebd25 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -50,13 +50,14 @@ class Regate extends \Zotlabs\Web\Controller { $ip = $_SERVER['REMOTE_ADDR']; $isduty = zar_register_dutystate(); - if ($isduty['isduty'] !== false && $isduty['isduty'] != 1) { + + if (!$_SESSION['zar']['invite_in_progress'] && ($isduty['isduty'] !== false && $isduty['isduty'] != 1)) { // normally, that should never happen here // log suitable for fail2ban also $logmsg = 'ZAR1230S Unexpected registration verification request for ' . get_config('system','sitename') . ' arrived from § ' . $ip . ' §'; zar_log($logmsg); - goaway(z_root() . '/'); + goaway(z_root()); } // do we have a valid dId2 ? @@ -123,6 +124,7 @@ class Regate extends \Zotlabs\Web\Controller { ); if ( ($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING ) { + $msg .= "\n".t('Last step will be by an instance admin to agree your account request'); $nextpage = 'regate/' . bin2hex($did2) . $didx; q("COMMIT"); @@ -270,7 +272,7 @@ class Regate extends \Zotlabs\Web\Controller { $title = t('Register Verification'); // do we have a valid dId2 ? - if (($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) || ($didx == 'e')) { + if (($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) || ($didx == 'e') || ($didx == 'i')) { $r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = '%s' AND reg_did2 = '%s' ORDER BY reg_created DESC", dbesc($didx), -- cgit v1.2.3 From 01b081d809d128e0922fb404921f452c51c2ddb2 Mon Sep 17 00:00:00 2001 From: Mario Date: Fri, 9 Apr 2021 09:49:36 +0000 Subject: register: only return verified registrations in get_pending_accounts(), more invite handling fixes --- Zotlabs/Module/Regate.php | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 0c32ebd25..0bca68a0b 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -99,16 +99,28 @@ class Regate extends \Zotlabs\Web\Controller { if ( $acpin && ($r['reg_hash'] == $acpin )) { $flags = $r['reg_flags']; - if ( ($flags & ACCOUNT_UNVERIFIED ) == ACCOUNT_UNVERIFIED) { + if (($flags & ACCOUNT_UNVERIFIED) == ACCOUNT_UNVERIFIED) { // verification success $msg = 'ZAR1237I' . ' ' . t('Verify successfull'); $reonar = json_decode( $r['reg_stuff'], true); $reonar['valid'] = $now . ',' . $ip . ' ' . $did2 . ' ' . $msg; + // clear flag $flags &= $flags ^ ACCOUNT_UNVERIFIED; + + // are we invited by the admin? + $isa = get_account_by_id($r['reg_uid']); + $isa = ($isa && ($isa['account_roles'] && ACCOUNT_ROLE_ADMIN)); + + // approve contra invite by admin + if ($isa && get_config('system','register_policy') == REGISTER_APPROVE) { + $flags &= $flags ^ ACCOUNT_PENDING; + } + // sth todo? $vital = $flags == 0 ? 0 : 1; + // set flag $flags |= REGISTER_AGREED; zar_log($msg . ' ' . $did2 . ':flags' . $flags . ',rid' . $r['reg_id']); @@ -123,8 +135,8 @@ class Regate extends \Zotlabs\Web\Controller { intval($r['reg_id']) ); - if ( ($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING ) { + if ( ($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING ) { $msg .= "\n".t('Last step will be by an instance admin to agree your account request'); $nextpage = 'regate/' . bin2hex($did2) . $didx; q("COMMIT"); -- cgit v1.2.3 From 684245f24df8d0f25638170a5c8c0739df80b45a Mon Sep 17 00:00:00 2001 From: Mario Date: Fri, 9 Apr 2021 09:57:22 +0000 Subject: whitespace --- Zotlabs/Module/Regate.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 0bca68a0b..9a3be1e1c 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -135,13 +135,12 @@ class Regate extends \Zotlabs\Web\Controller { intval($r['reg_id']) ); - - if ( ($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING ) { + if (($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING) { $msg .= "\n".t('Last step will be by an instance admin to agree your account request'); $nextpage = 'regate/' . bin2hex($did2) . $didx; q("COMMIT"); } - elseif ( ($flags ^ REGISTER_AGREED) == 0) { + elseif (($flags ^ REGISTER_AGREED) == 0) { $cra = create_account_from_register([ 'reg_id' => $r['reg_id'] ]); -- cgit v1.2.3 From df6f2abfbe283a25cdfe3c8fae848abda35cedaf Mon Sep 17 00:00:00 2001 From: Mario Date: Fri, 9 Apr 2021 19:06:36 +0000 Subject: register: if auto create is configured do some more tests against the provided name and nick so it will not fail later in create_identity(); --- Zotlabs/Module/Regate.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 9a3be1e1c..4c7c96284 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -147,9 +147,9 @@ class Regate extends \Zotlabs\Web\Controller { if ($cra['success']) { q("COMMIT"); - $msg = 'ZAR1238I ' . t('Account successfull created'); + $msg = t('Account successfull created'); // zar_log($msg . ':' . print_r($cra, true)); - zar_log($msg . ' ' . $cra['account']['account_email'] + zar_log('ZAR1238I ' . $msg . ' ' . $cra['account']['account_email'] . ' ' . $cra['account']['account_language']); $nextpage = 'new_channel'; -- cgit v1.2.3 From ea721d380be15d06a9f0974dc98487523fcdfb58 Mon Sep 17 00:00:00 2001 From: Mario Date: Sat, 10 Apr 2021 10:53:27 +0000 Subject: register: move some html out of the code and provide a basic template --- Zotlabs/Module/Regate.php | 55 ++++++++++++++++++++++++++++------------------- 1 file changed, 33 insertions(+), 22 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 4c7c96284..16b669dfc 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -252,35 +252,46 @@ class Regate extends \Zotlabs\Web\Controller { return $o; } - if ( argc() > 1 ) { - $did2 = hex2bin( substr( argv(1), 0, -1) ); - $didx = substr( argv(1), -1 ); - $deny = argc() > 2 ? argv(2) : ''; - $deny = preg_match('/^[0-9a-f]{8,8}$/', $deny) ? hex2bin($deny) : false; - } - - if ($_SESSION['zar']['msg']) { - $o = replace_macros(get_markup_template('plain.tpl'), [ - '$title' => t('Your Registration'), - '$now' => '', - '$infos' => $_SESSION['zar']['msg'] . EOL, + if ($_SESSION['zar']['delayed']) { + $o = replace_macros(get_markup_template('regate_pre.tpl'), [ + '$title' => t('Register Verification'), + '$id' => $_SESSION['zar']['id'], + '$pin' => $_SESSION['zar']['pin'], + '$regdelay' => $_SESSION['zar']['regdelay'], + '$regexpire' => $_SESSION['zar']['regexpire'], + '$desc' => [ + t('Please remember your validation token and ID'), + t('Your ID'), + t('Your token') + ], + '$delay_desc' => [ + t('Hold on, you can start verification in'), + t('Token validity') + ] ]); - unset($_SESSION['zar']['msg']); + unset($_SESSION['zar']['delayed']); return $o; } - $now = datetime_convert(); - $ip = $_SERVER['REMOTE_ADDR']; + if (argc() < 2) + return; + + $did2 = hex2bin( substr( argv(1), 0, -1) ); + $didx = substr( argv(1), -1 ); + $deny = argc() > 2 ? argv(2) : ''; + $deny = preg_match('/^[0-9a-f]{8,8}$/', $deny) ? hex2bin($deny) : false; + $now = datetime_convert(); + $ip = $_SERVER['REMOTE_ADDR']; $isduty = zar_register_dutystate(); $nowfmt = $isduty['nowfmt']; $atform = $isduty['atform']; + $pin = ''; - $pin = $_SESSION['zar']['pin'] ?? ''; - unset($_SESSION['zar']['pin']); - - - $title = t('Register Verification'); + if(isset($_SESSION['zar']['pin'])) { + $pin = $_SESSION['zar']['pin']; + unset($_SESSION['zar']['pin']); + } // do we have a valid dId2 ? if (($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) || ($didx == 'e') || ($didx == 'i')) { @@ -342,7 +353,7 @@ class Regate extends \Zotlabs\Web\Controller { if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now) { $o = replace_macros(get_markup_template('regate.tpl'), [ '$form_security_token' => get_form_security_token("regate"), - '$title' => $title, + '$title' => t('Register Verification'), '$desc' => $pin ? t('Please enter your validation token') . ' ' . $pin . '' : t('Please enter your validation token'), '$did2' => bin2hex($did2) . $didx, '$now' => $nowfmt, @@ -361,7 +372,7 @@ class Regate extends \Zotlabs\Web\Controller { } $o = replace_macros(get_markup_template('plain.tpl'), [ - '$title' => $title, + '$title' => t('Register Verification'), '$now' => $nowf, '$countdown' => datetime_convert('UTC', 'UTC', $r['reg_startup'], 'c'), '$infos' => t('Hold on, you can start verification in') . EOL, -- cgit v1.2.3 From f0e5ce7fd1dae13cc257a8a860fccbc294530776 Mon Sep 17 00:00:00 2001 From: Mario Date: Sat, 10 Apr 2021 20:44:04 +0000 Subject: register: more work on ui/ux --- Zotlabs/Module/Regate.php | 82 +++++++++++++++++++++++++---------------------- 1 file changed, 44 insertions(+), 38 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 16b669dfc..bc2e578b6 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -252,20 +252,21 @@ class Regate extends \Zotlabs\Web\Controller { return $o; } + $isduty = zar_register_dutystate(); + $nowfmt = $isduty['nowfmt']; + $atform = $isduty['atform']; + if ($_SESSION['zar']['delayed']) { $o = replace_macros(get_markup_template('regate_pre.tpl'), [ - '$title' => t('Register Verification'), - '$id' => $_SESSION['zar']['id'], - '$pin' => $_SESSION['zar']['pin'], - '$regdelay' => $_SESSION['zar']['regdelay'], - '$regexpire' => $_SESSION['zar']['regexpire'], - '$desc' => [ - t('Please remember your validation token and ID'), - t('Your ID'), - t('Your token') - ], - '$delay_desc' => [ + '$title' => t('Registration validation'), + '$now' => $nowfmt, + '$id' => $_SESSION['zar']['id'], + '$pin' => $_SESSION['zar']['pin'], + '$regdelay' => $_SESSION['zar']['regdelay'], + '$regexpire' => $_SESSION['zar']['regexpire'], + '$strings' => [ t('Hold on, you can start verification in'), + t('Please remember your validation token for ID'), t('Token validity') ] ]); @@ -280,12 +281,9 @@ class Regate extends \Zotlabs\Web\Controller { $didx = substr( argv(1), -1 ); $deny = argc() > 2 ? argv(2) : ''; $deny = preg_match('/^[0-9a-f]{8,8}$/', $deny) ? hex2bin($deny) : false; - $now = datetime_convert(); $ip = $_SERVER['REMOTE_ADDR']; - $isduty = zar_register_dutystate(); - $nowfmt = $isduty['nowfmt']; - $atform = $isduty['atform']; + $pin = ''; if(isset($_SESSION['zar']['pin'])) { @@ -309,13 +307,14 @@ class Regate extends \Zotlabs\Web\Controller { // is still only instance admins intervention required? if ( $r['reg_flags'] == ACCOUNT_PENDING ) { - $o = replace_macros(get_markup_template('plain.tpl'), [ - '$title' => t('Register Verification Status'), - '$now' => $nowfmt, - '$infos' => t('Verification successful!') . EOL - . t('After your account has been approved by our administrator you will be able to login with your ID') . EOL - . $did2 . EOL - . t('and your provided password.') + $o = replace_macros(get_markup_template('regate_post.tpl'), [ + '$title' => t('Registration status'), + '$pin' => $did2, + '$infos' => [ + t('Verification successful!'), + t('Your login ID'), + t('After your account has been approved by our admin you will be able to login with your ID and your provided password.') + ] ]); } else { @@ -329,7 +328,7 @@ class Regate extends \Zotlabs\Web\Controller { $msg = 'ZAR1133A' . ' ' . t('Sorry for any inconvience. Thank you for your response.'); $o = replace_macros(get_markup_template('plain.tpl'), [ '$title' => t('Registration request denied'), - '$now' => $nowf, + '$now' => $nowfmt, '$infos' => $msg . EOL, ]); @@ -353,14 +352,18 @@ class Regate extends \Zotlabs\Web\Controller { if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now) { $o = replace_macros(get_markup_template('regate.tpl'), [ '$form_security_token' => get_form_security_token("regate"), - '$title' => t('Register Verification'), - '$desc' => $pin ? t('Please enter your validation token') . ' ' . $pin . '' : t('Please enter your validation token'), - '$did2' => bin2hex($did2) . $didx, - '$now' => $nowfmt, - '$atform' => $atform, - '$resend' => $resend, - '$submit' => t('Submit'), - '$acpin' => [ 'acpin', t('Validation token'),'','' ] + '$title' => t('Registration validation'), + '$desc' => t('Please enter your validation token for ID'), + '$id' => $did2, + // we might consider to not provide $pin if a registration delay is configured + // and the pin turns out to be readable by bots + '$pin' => $pin, + '$did2' => bin2hex($did2) . $didx, + '$now' => $nowfmt, + '$atform' => $atform, + '$resend' => $resend, + '$submit' => t('Submit'), + '$acpin' => [ 'acpin', t('Validation token'),'','' ] ]); } else { @@ -371,12 +374,15 @@ class Regate extends \Zotlabs\Web\Controller { ); } - $o = replace_macros(get_markup_template('plain.tpl'), [ - '$title' => t('Register Verification'), - '$now' => $nowf, + $o = replace_macros(get_markup_template('regate_pre.tpl'), [ + '$title' => t('Registration validation'), + '$now' => $nowfmt, + '$id' => $did2, '$countdown' => datetime_convert('UTC', 'UTC', $r['reg_startup'], 'c'), - '$infos' => t('Hold on, you can start verification in') . EOL, - ]); + '$strings' => [ + t('Hold on, you can start verification in'), + t('You will require the validation token for ID') + ] ]); } } } @@ -386,7 +392,7 @@ class Regate extends \Zotlabs\Web\Controller { zar_log('ZAR1132E ' . $msg . ':' . $did2 . ',' . $didx); $o = replace_macros(get_markup_template('plain.tpl'), [ '$title' => $title, - '$now' => $nowf, + '$now' => $nowfmt, '$infos' => $msg . EOL, ]); } @@ -398,7 +404,7 @@ class Regate extends \Zotlabs\Web\Controller { zar_log($msg); $o = replace_macros(get_markup_template('plain.tpl'), [ '$title' => $title, - '$now' => $nowf, + '$now' => $nowfmt, '$infos' => ($msg) . EOL, ]); } -- cgit v1.2.3 From d9245566f538711b8692e53a9fa0b59bb2c394d1 Mon Sep 17 00:00:00 2001 From: Mario Date: Sun, 11 Apr 2021 17:46:06 +0000 Subject: register: change some strings and some whitespace fixes --- Zotlabs/Module/Regate.php | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index bc2e578b6..84f78e066 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -265,7 +265,7 @@ class Regate extends \Zotlabs\Web\Controller { '$regdelay' => $_SESSION['zar']['regdelay'], '$regexpire' => $_SESSION['zar']['regexpire'], '$strings' => [ - t('Hold on, you can start verification in'), + t('Hold on, you can start validation in'), t('Please remember your validation token for ID'), t('Token validity') ] @@ -322,14 +322,11 @@ class Regate extends \Zotlabs\Web\Controller { if ($deny) { if (substr($r['reg_hash'],0,4) == $deny) { - zar_log('ZAR1134S email verfication denied ' . $did2); - $msg = 'ZAR1133A' . ' ' . t('Sorry for any inconvience. Thank you for your response.'); $o = replace_macros(get_markup_template('plain.tpl'), [ - '$title' => t('Registration request denied'), - '$now' => $nowfmt, - '$infos' => $msg . EOL, + '$title' => t('Registration request revoked'), + '$infos' => t('Sorry for any inconvience. Thank you for your response.') ]); $reonar = json_decode( $r['reg_stuff'], true); @@ -372,6 +369,12 @@ class Regate extends \Zotlabs\Web\Controller { $rd = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d ", intval($r['reg_id']) ); + + $o = replace_macros(get_markup_template('plain.tpl'), [ + '$infos' => t('ID expired'), + ]); + + return $o; } $o = replace_macros(get_markup_template('regate_pre.tpl'), [ @@ -380,33 +383,34 @@ class Regate extends \Zotlabs\Web\Controller { '$id' => $did2, '$countdown' => datetime_convert('UTC', 'UTC', $r['reg_startup'], 'c'), '$strings' => [ - t('Hold on, you can start verification in'), + t('Hold on, you can start validation in'), t('You will require the validation token for ID') - ] ]); + ] + ]); } } } } else { - $msg = t('Identity unknown'); + $msg = t('Unknown or expired ID'); zar_log('ZAR1132E ' . $msg . ':' . $did2 . ',' . $didx); $o = replace_macros(get_markup_template('plain.tpl'), [ '$title' => $title, '$now' => $nowfmt, - '$infos' => $msg . EOL, + '$infos' => $msg ]); } } else { - $msg = 'ZAR1131E ' . t('dId2 mistaken'); + $msg = 'ZAR1131E ' . t('dId2 malformed'); // $log = ' from § ' . $ip . ' §' . ' (' . dbesc($did2) . ')'; zar_log($msg); $o = replace_macros(get_markup_template('plain.tpl'), [ '$title' => $title, '$now' => $nowfmt, - '$infos' => ($msg) . EOL, - ]); + '$infos' => $msg + ]); } return $o; -- cgit v1.2.3 From b899ed3d6407e7219bf5eb025e76caeb6b39e50d Mon Sep 17 00:00:00 2001 From: Mario Date: Tue, 13 Apr 2021 13:04:43 +0000 Subject: register: change some strings and add new template --- Zotlabs/Module/Regate.php | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 84f78e066..99e20c719 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -258,15 +258,15 @@ class Regate extends \Zotlabs\Web\Controller { if ($_SESSION['zar']['delayed']) { $o = replace_macros(get_markup_template('regate_pre.tpl'), [ - '$title' => t('Registration validation'), + '$title' => t('Registration verification'), '$now' => $nowfmt, '$id' => $_SESSION['zar']['id'], '$pin' => $_SESSION['zar']['pin'], '$regdelay' => $_SESSION['zar']['regdelay'], '$regexpire' => $_SESSION['zar']['regexpire'], '$strings' => [ - t('Hold on, you can start validation in'), - t('Please remember your validation token for ID'), + t('Hold on, you can start verification in'), + t('Please remember your verification token for ID'), t('Token validity') ] ]); @@ -306,14 +306,14 @@ class Regate extends \Zotlabs\Web\Controller { $resend = ($r['reg_didx'] == 'e') ? t('Resend') : false; // is still only instance admins intervention required? - if ( $r['reg_flags'] == ACCOUNT_PENDING ) { + if ($r['reg_flags'] == ACCOUNT_PENDING) { $o = replace_macros(get_markup_template('regate_post.tpl'), [ '$title' => t('Registration status'), - '$pin' => $did2, - '$infos' => [ + '$id' => $did2, + '$strings' => [ t('Verification successful!'), - t('Your login ID'), - t('After your account has been approved by our admin you will be able to login with your ID and your provided password.') + t('Your login ID is'), + t('After your account has been approved by our administrator you will be able to login with your login ID and your provided password.') ] ]); } @@ -349,8 +349,8 @@ class Regate extends \Zotlabs\Web\Controller { if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now) { $o = replace_macros(get_markup_template('regate.tpl'), [ '$form_security_token' => get_form_security_token("regate"), - '$title' => t('Registration validation'), - '$desc' => t('Please enter your validation token for ID'), + '$title' => t('Registration verification'), + '$desc' => t('Please enter your verification token for ID'), '$id' => $did2, // we might consider to not provide $pin if a registration delay is configured // and the pin turns out to be readable by bots @@ -360,7 +360,7 @@ class Regate extends \Zotlabs\Web\Controller { '$atform' => $atform, '$resend' => $resend, '$submit' => t('Submit'), - '$acpin' => [ 'acpin', t('Validation token'),'','' ] + '$acpin' => [ 'acpin', t('Verification token'),'','' ] ]); } else { @@ -378,13 +378,13 @@ class Regate extends \Zotlabs\Web\Controller { } $o = replace_macros(get_markup_template('regate_pre.tpl'), [ - '$title' => t('Registration validation'), + '$title' => t('Registration verification'), '$now' => $nowfmt, '$id' => $did2, '$countdown' => datetime_convert('UTC', 'UTC', $r['reg_startup'], 'c'), '$strings' => [ - t('Hold on, you can start validation in'), - t('You will require the validation token for ID') + t('Hold on, you can start verification in'), + t('You will require the verification token for ID') ] ]); } -- cgit v1.2.3 From e35ab97b7ecbd96e11883bc194bfe9fb5a72e7f2 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 14 Apr 2021 19:40:51 +0000 Subject: register: provide a possibility to leave a message id registration is by approval --- Zotlabs/Module/Regate.php | 1 - 1 file changed, 1 deletion(-) (limited to 'Zotlabs/Module/Regate.php') diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 99e20c719..372b65433 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -136,7 +136,6 @@ class Regate extends \Zotlabs\Web\Controller { ); if (($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING) { - $msg .= "\n".t('Last step will be by an instance admin to agree your account request'); $nextpage = 'regate/' . bin2hex($did2) . $didx; q("COMMIT"); } -- cgit v1.2.3