harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

finish implementing email verification. Currently it only applies if REGISTER_OPEN is in effect.

Browse Source
This commit is contained in:
friendica 2014-07-09 21:10:56 -07:00
parent c59cd91836
commit fa706c8e86
6 changed files with 44 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
boot.php
View File

@ -47,7 +47,7 @@ define ( 'RED_PLATFORM', 'Red Matrix' );
define ( 'RED_VERSION', trim(file_get_contents('version.inc')) . 'R'); define ( 'RED_VERSION', trim(file_get_contents('version.inc')) . 'R');
define ( 'ZOT_REVISION', 1 ); define ( 'ZOT_REVISION', 1 );
define ( 'DB_UPDATE_VERSION', 1115 ); define ( 'DB_UPDATE_VERSION', 1116 );
define ( 'EOL', '<br />' . "\r\n" ); define ( 'EOL', '<br />' . "\r\n" );
define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );

9
include/account.php
View File

@ -254,6 +254,7 @@ function verify_email_address($arr) {
else else
logger('send_reg_approval_email: failed to ' . $admin['email'] . 'account_id: ' . $arr['account']['account_id']); logger('send_reg_approval_email: failed to ' . $admin['email'] . 'account_id: ' . $arr['account']['account_id']);
return $res;
} }
@ -476,8 +477,14 @@ function user_approve($hash) {
intval(ACCOUNT_PENDING), intval(ACCOUNT_PENDING),
intval($register[0]['uid']) intval($register[0]['uid'])
); );
$r = q("update account set account_flags = (account_flags ^ %d) where (account_flags & %d) and account_id = %d limit 1",
intval(ACCOUNT_UNVERIFIED),
intval(ACCOUNT_UNVERIFIED),
intval($register[0]['uid'])
);
info( t('Account verified. Please login.') . EOL );
info( t('Account approved.') . EOL );
return true; return true;
} }

7
include/auth.php
View File

@ -35,13 +35,18 @@ function nuke_session() {
function account_verify_password($email,$pass) { function account_verify_password($email,$pass) {
$email_verify = get_config('system','verify_email');
if($email_verify && $record['account_flags'] & ACCOUNT_UNVERIFIED)
return null;
$r = q("select * from account where account_email = '%s'", $r = q("select * from account where account_email = '%s'",
dbesc($email) dbesc($email)
); );
if(! ($r && count($r))) if(! ($r && count($r)))
return null; return null;
foreach($r as $record) { foreach($r as $record) {
if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED) if(($record['account_flags'] == ACCOUNT_OK)
&& (hash('whirlpool',$record['account_salt'] . $pass) === $record['account_password'])) { && (hash('whirlpool',$record['account_salt'] . $pass) === $record['account_password'])) {
logger('password verified for ' . $email); logger('password verified for ' . $email);
return $record; return $record;

10
install/update.php
View File

@ -1,6 +1,6 @@
<?php <?php
define( 'UPDATE_VERSION' , 1115 ); define( 'UPDATE_VERSION' , 1116 );
/** /**
* *
@ -1291,3 +1291,11 @@ ADD INDEX ( `target_id` )");
return UPDATE_FAILED; return UPDATE_FAILED;
} }
function update_r1115() {
// Introducing email verification. Mark all existing accounts as verified or they
// won't be able to login.
$r = q("update account set account_flags = (account_flags ^ 1) where (account_flags & 1) ");
return UPDATE_SUCCESS;
}

21
mod/register.php
View File

@ -52,14 +52,17 @@ function register_post(&$a) {
$policy = get_config('system','register_policy'); $policy = get_config('system','register_policy');
$email_verify = get_config('system','verify_email');
switch($policy) { switch($policy) {
case REGISTER_OPEN: case REGISTER_OPEN:
$flags = ACCOUNT_UNVERIFIED; $flags = ACCOUNT_OK;
break; break;
case REGISTER_APPROVE: case REGISTER_APPROVE:
$flags = ACCOUNT_UNVERIFIED | ACCOUNT_BLOCKED | ACCOUNT_PENDING; $flags = ACCOUNT_BLOCKED | ACCOUNT_PENDING;
break; break;
default: default:
@ -68,10 +71,13 @@ function register_post(&$a) {
notice( t('Permission denied.') . EOL ); notice( t('Permission denied.') . EOL );
return; return;
} }
$flags = ACCOUNT_UNVERIFIED | ACCOUNT_BLOCKED; $flags = ACCOUNT_BLOCKED;
break; break;
} }
if($email_verify)
$flags = $flags | ACCOUNT_UNVERIFIED;
if((! $_POST['password']) || ($_POST['password'] !== $_POST['password2'])) { if((! $_POST['password']) || ($_POST['password'] !== $_POST['password2'])) {
notice( t('Passwords do not match.') . EOL); notice( t('Passwords do not match.') . EOL);
@ -100,7 +106,12 @@ function register_post(&$a) {
} }
if($policy == REGISTER_OPEN ) { if($policy == REGISTER_OPEN ) {
if($email_verify) {
$res = verify_email_address($result);
}
else {
$res = send_verification_email($result['email'],$result['password']); $res = send_verification_email($result['email'],$result['password']);
}
if($res) { if($res) {
info( t('Registration successful. Please check your email for validation instructions.') . EOL ) ; info( t('Registration successful. Please check your email for validation instructions.') . EOL ) ;
} }
@ -116,6 +127,10 @@ function register_post(&$a) {
goaway(z_root()); goaway(z_root());
} }
if($email_verify) {
goaway(z_root());
}
authenticate_success($result['account'],true,false,true); authenticate_success($result['account'],true,false,true);
if(! strlen($next_page = get_config('system','workflow_register_next'))) if(! strlen($next_page = get_config('system','workflow_register_next')))

2
version.inc
View File

@ -1 +1 @@
2014-07-07.729 2014-07-09.731