lostpass fixes and login/logout flow if authenticated but no default channel exists

2013-01-27 01:19:24 -08:00 · 2013-01-27 01:19:24 -08:00 · 28ab6d5bf5
commit 28ab6d5bf5
parent 22bde9b2b7
9 changed files with 45 additions and 22 deletions
--- a/boot.php
+++ b/boot.php
@ -16,7 +16,7 @@ require_once('include/features.php');
 define ( 'FRIENDICA_PLATFORM',     'Friendica Red');
 define ( 'FRIENDICA_VERSION',      trim(file_get_contents('version.inc')) . 'R');
 define ( 'ZOT_REVISION',               1     ); 
-define ( 'DB_UPDATE_VERSION',       1021     );
+define ( 'DB_UPDATE_VERSION',       1022     );

 define ( 'EOL',                    '<br />' . "\r\n"     );
 define ( 'ATOM_TIME',              'Y-m-d\TH:i:s\Z' );
--- a/2
+++ b/2
@ -113,7 +113,7 @@ mod/
 + like.php
 + lockview.php
 + login.php
-  lostpass.php
+ lostpass.php
 ? magic.php
 + manage.php
  match.php
--- a/include/auth.php
+++ b/include/auth.php
@ -39,9 +39,11 @@ function account_verify_password($email,$pass) {
 	foreach($r as $record) {
 		if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)
 			&& (hash('whirlpool',$record['account_salt'] . $pass) === $record['account_password'])) {
+			logger('password verified for ' . $email);
 			return $record;
 		}
 	}
+	logger('password failed for ' . $email);
 	return null;
 }

--- a/include/nav.php
+++ b/include/nav.php
@ -80,7 +80,12 @@ EOT;
 		
 	}
 	else {
-		$nav['login'] = Array('login',t('Login'), ($a->module == 'login'?'selected':''), t('Sign in'));
+		if(! get_account_id()) 
+			$nav['login'] = Array('login',t('Login'), ($a->module == 'login'?'selected':''), t('Sign in'));
+		else
+			$nav['alogout'] = Array('logout',t('Logout'), "", t('End this session'));
+
+
 	}

 	if($observer) {
--- a/install/database.sql
+++ b/install/database.sql
@ -16,7 +16,7 @@ CREATE TABLE IF NOT EXISTS `abook` (
  `abook_closeness` tinyint(3) unsigned NOT NULL DEFAULT '99',
  `abook_created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
  `abook_updated` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
-  `abook_connnected` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `abook_connected` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
  `abook_dob` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
  `abook_flags` int(11) NOT NULL DEFAULT '0',
  `abook_profile` char(64) NOT NULL DEFAULT '',
@ -29,10 +29,10 @@ CREATE TABLE IF NOT EXISTS `abook` (
  KEY `abook_closeness` (`abook_closeness`),
  KEY `abook_created` (`abook_created`),
  KEY `abook_updated` (`abook_updated`),
-  KEY `abook_connnected` (`abook_connnected`),
  KEY `abook_flags` (`abook_flags`),
  KEY `abook_profile` (`abook_profile`),
-  KEY `abook_dob` (`abook_dob`)
+  KEY `abook_dob` (`abook_dob`),
+  KEY `abook_connected` (`abook_connected`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8;

 CREATE TABLE IF NOT EXISTS `account` (
@ -241,7 +241,6 @@ CREATE TABLE IF NOT EXISTS `event` (
  `deny_gid` mediumtext NOT NULL,
  PRIMARY KEY (`id`),
  KEY `uid` (`uid`),
-  KEY `event_xchan` (`event_xchan`),
  KEY `type` (`type`),
  KEY `start` (`start`),
  KEY `finish` (`finish`),
@ -249,8 +248,9 @@ CREATE TABLE IF NOT EXISTS `event` (
  KEY `nofinish` (`nofinish`),
  KEY `ignore` (`ignore`),
  KEY `aid` (`aid`),
-  KEY `event_hash` (`event_hash`)
-) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+  KEY `event_hash` (`event_hash`),
+  KEY `event_xchan` (`event_xchan`)
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8;

 CREATE TABLE IF NOT EXISTS `fcontact` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
@ -649,14 +649,14 @@ CREATE TABLE IF NOT EXISTS `photo` (
  `deny_gid` mediumtext NOT NULL,
  PRIMARY KEY (`id`),
  KEY `uid` (`uid`),
-  KEY `resource_id` (`resource_id`),
  KEY `album` (`album`),
  KEY `scale` (`scale`),
  KEY `profile` (`profile`),
  KEY `type` (`type`),
  KEY `aid` (`aid`),
  KEY `xchan` (`xchan`),
-  KEY `size` (`size`)
+  KEY `size` (`size`),
+  KEY `resource_id` (`resource_id`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8;

 CREATE TABLE IF NOT EXISTS `profile` (
@ -842,7 +842,7 @@ CREATE TABLE IF NOT EXISTS `verify` (
  KEY `token` (`token`),
  KEY `meta` (`meta`),
  KEY `created` (`created`)
-) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8;

 CREATE TABLE IF NOT EXISTS `xchan` (
  `xchan_hash` char(255) NOT NULL,
--- a/install/update.php
+++ b/install/update.php
@ -1,6 +1,6 @@
 <?php

-define( 'UPDATE_VERSION' , 1021 );
+define( 'UPDATE_VERSION' , 1022 );

 /**
 *
@ -292,3 +292,14 @@ function update_r1020() {
 		return UPDATE_SUCCESS;
 	return UPDATE_FAILED;
 }
+
+function update_r1021() {
+
+	$r = q("ALTER TABLE `abook` CHANGE `abook_connnected` `abook_connected` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
+		drop index `abook_connnected`, add index ( `abook_connected` ) ");
+	
+	if($r)
+		return UPDATE_SUCCESS;
+	return UPDATE_FAILED;
+}
+
--- a/mod/home.php
+++ b/mod/home.php
@ -11,6 +11,10 @@ function home_init(&$a) {
 	if(local_user() && $channel && $channel['xchan_url'])
 		goaway( $channel['xchan_url']);

+	if(get_account_id()) {
+		goaway('new_channel');
+	}
+
 }}


--- a/mod/lostpass.php
+++ b/mod/lostpass.php
@ -30,15 +30,14 @@ function lostpass_post(&$a) {

 	$email_tpl = get_intltext_template("lostpass_eml.tpl");
 	$message = replace_macros($email_tpl, array(
-			'$sitename' => $a->config['sitename'],
+			'$sitename' => get_config('system','sitename'),
 			'$siteurl' =>  $a->get_baseurl(),
-			'$username' => $email,
+			'$username' => sprintf( t('Site Member (%s)'), $email),
 			'$email' => $email,
 			'$reset_link' => $a->get_baseurl() . '/lostpass?verify=' . $hash
 	));

-	require_once('include/email.php');
-	$subject = email_header_encode(sprintf( t('Password reset requested at %s'),$a->config['sitename']), 'UTF-8');
+	$subject = email_header_encode(sprintf( t('Password reset requested at %s'),get_config('system','sitename')), 'UTF-8');

 	$res = mail($email, $subject ,
 			$message,
@ -65,19 +64,21 @@ function lostpass_content(&$a) {
 			goaway(z_root());
 			return;
 		}
+
 		$aid = $r[0]['account_id'];
 		$email = $r[0]['account_email'];

-		$password = autoname(6) . mt_rand(100,9999);
+		$new_password = autoname(6) . mt_rand(100,9999);

 		$salt = random_string(32);
-		$password_encoded = hash('whirlpool', $salt . $password);
+		$password_encoded = hash('whirlpool', $salt . $new_password);

 		$r = q("UPDATE account SET account_salt = '%s', account_password = '%s', account_reset = '' where account_id = %d limit 1",
 			dbesc($salt),
 			dbesc($password_encoded),
 			intval($aid)
 		);
+
 		if($r) {
 			$tpl = get_markup_template('pwdreset.tpl');
 			$o .= replace_macros($tpl,array(
@ -98,12 +99,11 @@ function lostpass_content(&$a) {
 			$message = replace_macros($email_tpl, array(
 			'$sitename' => $a->config['sitename'],
 			'$siteurl' =>  $a->get_baseurl(),
-			'$username' => $email,
+			'$username' => sprintf( t('Site Member (%s)'), $email),
 			'$email' => $email,
-			'$new_password' => $password,
+			'$new_password' => $new_password,
 			'$uid' => $newuid ));

-			require_once('include/email.php');
 			$subject = email_header_encode( sprintf( t('Your password has changed at %s'), get_config('system','sitename')), 'UTF-8');

 			$res = mail($email,$subject,$message,
--- a/view/tpl/nav.tpl
+++ b/view/tpl/nav.tpl
@ -112,6 +112,7 @@
 	{{ endif }}
 	
 	{{ if $nav.login }}<li id="nav-login-link" class="nav-menu $nav.login.2"><a href="$nav.login.0" title="$nav.login.3" >$nav.login.1</a><li>{{ endif }}
+	{{ if $nav.alogout }}<li id=nav-alogout-link" class="nav-menu $nav-alogout.2"><a href="$nav.alogout.0" title="$nav.alogout.3" >$nav.alogout.1</a></li>{{ endif }}
 	{{ if $nav.help }} 
 		<li id="nav-help-link" class="nav-menu $sel.help">
 			<a class="$nav.help.2" target="friendika-help" href="$nav.help.0" title="$nav.help.3" >$nav.help.1</a>