/**
* Re-validates user's e-mail via ticket.
* @param string $path the script (which we ignore)
* @return string
*/
static function reverify($path)
{
//process any verifications posted
if (isset($_GET['user_expiry_reverify'])) {
$params = unserialize(pack("H*", trim(sanitize($_GET['user_expiry_reverify']), '.')));
if (time() - $params['date'] < 2592000) {
$userobj = Zenphoto_Authority::getAnAdmin(array('`user`=' => $params['user'], '`email`=' => $params['email'], '`valid`>' => 0));
if ($userobj) {
$credentials = $userobj->getCredentials();
$credentials[] = 'expiry';
$credentials[] = 'email';
$credentials = array_unique($credentials);
}
$userobj->setCredentials($credentials);
$userobj->setValid(1);
$userobj->set('loggedin', date('Y-m-d H:i:s'));
$userobj->save();
Zenphoto_Authority::logUser($userobj);
header("Location: " . FULLWEBPATH . '/' . ZENFOLDER . '/admin.php');
exitZP();
}
}
if (user_expiry::checkPasswordRenew()) {
header("Location: " . FULLWEBPATH . '/' . ZENFOLDER . '/admin-users.php?page=users&tab=users');
exitZP();
}
return $path;
}
/**
* Processes the verification POST tickets
* @param string $script (we do not use this)
* @return string
*/
static function verify($script)
{
//process any verifications posted
if (isset($_GET['verify_federated_user'])) {
$params = unserialize(pack("H*", trim(sanitize($_GET['verify_federated_user']), '.')));
if (time() - $params['date'] < 2592000) {
$userobj = Zenphoto_Authority::getAnAdmin(array('`user`=' => $params['user'], '`email`=' => $params['email'], '`valid`>' => 0));
if ($userobj) {
$groupname = getOption('federated_login_group');
$groupobj = Zenphoto_Authority::getAnAdmin(array('`user`=' => $groupname, '`valid`=' => 0));
if ($groupobj) {
$userobj->setRights($groupobj->getRights());
$userobj->setGroup($groupname);
$userobj->setObjects($groupobj->getObjects());
if (getOption('register_user_create_album')) {
$userobj->createPrimealbum();
}
$userobj->save();
}
zp_apply_filter('register_user_verified', $userobj);
if (getOption('register_logon_user_notify')) {
zp_mail(gettext('Zenphoto Gallery registration'), sprintf(gettext('%1$s (%2$s) has registered for the zenphoto gallery providing an e-mail address of %3$s.'), $userobj->getName(), $userobj->getUser(), $userobj->getEmail()));
}
Zenphoto_Authority::logUser($userobj);
header("Location: " . FULLWEBPATH . '/' . ZENFOLDER . '/admin.php');
exitZP();
}
}
}
return $script;
}
}
}
} else {
// no login form, check the cookie
if (isset($_GET['ticket'])) {
// password reset query
$_zp_authority->validateTicket(sanitize($_GET['ticket']), sanitize(@$_GET['user']));
} else {
$_zp_loggedin = $_zp_authority->checkCookieCredentials();
$cloneid = bin2hex(FULLWEBPATH);
if (!$_zp_loggedin && isset($_SESSION['admin'][$cloneid])) {
// "passed" login
$user = unserialize($_SESSION['admin'][$cloneid]);
$user2 = $_zp_authority->getAnAdmin(array('`user`=' => $user->getUser(), '`valid`=' => 1));
if ($user2 && $user->getPass() == $user2->getPass()) {
Zenphoto_Authority::logUser($user2);
$_zp_current_admin_obj = $user2;
$_zp_loggedin = $_zp_current_admin_obj->getRights();
}
}
unset($cloneid);
}
if ($_zp_loggedin) {
$locale = $_zp_current_admin_obj->getLanguage();
if (!empty($locale)) {
// set his prefered language
setupCurrentLocale($locale);
}
}
}
if (!$_zp_loggedin) {
