Ejemplo n.º 1
0
 public function save()
 {
     // TODO: use a remote API to save to external sources if we have permission to
     // return false;
     // BUT for now, we still need to save some stub information in case we've just followed them
     return parent::save();
 }
Ejemplo n.º 2
0
 function registerEventHooks()
 {
     \Idno\Core\site()->template()->extendTemplate('account/settings/notifications/methods', 'subscriptions/settings');
     \Idno\Core\site()->addEventHook('saved', function (\Idno\Core\Event $event) {
         if (!empty($event->data()['object'])) {
             $object = $event->data()['object'];
             if (!$object instanceof ActivityStreamPost) {
                 /* @var Idno\Common\Entity $object ; */
                 $owner = $object->getOwner();
                 if ($users = User::get([], [], 9999)) {
                     //$email = new Email();
                     //$email->setSubject($object->getTitle());
                     //$email->setHTMLBodyFromTemplate('subscriptions/email', ['object' => $object, 'owner' => $owner]);
                     $title = implode(' ', array_slice(explode(' ', $object->getTitle()), 0, 10));
                     foreach ($users as $user) {
                         if (!empty($user->email) && $user->email != $owner->email && $user->notifications['subscriptions'] != 'none') {
                             $email = new Email();
                             $email->setSubject($title);
                             $email->setHTMLBodyFromTemplate('subscriptions/email', ['object' => $object, 'owner' => $owner]);
                             $email->addTo($user->email);
                             $email->send();
                         }
                     }
                 }
             }
         }
     });
 }
Ejemplo n.º 3
0
 function postContent()
 {
     $fwd = $this->getInput('fwd');
     // Forward to a new page?
     if (empty($fwd)) {
         $fwd = \Idno\Core\site()->config()->url;
     }
     if ($user = \Idno\Entities\User::getByHandle($this->getInput('email'))) {
     } else {
         if ($user = \Idno\Entities\User::getByEmail($this->getInput('email'))) {
         } else {
             \Idno\Core\site()->triggerEvent('login/failure/nouser', array('method' => 'password', 'credentials' => array('email' => $this->getInput('email'))));
             $this->setResponse(401);
         }
     }
     if ($user instanceof \Idno\Entities\User) {
         if ($user->checkPassword(trim($this->getInput('password')))) {
             \Idno\Core\site()->triggerEvent('login/success', array('user' => $user));
             // Trigger an event for auditing
             \Idno\Core\site()->session()->logUserOn($user);
             $this->forward($fwd);
         } else {
             \Idno\Core\site()->session()->addErrorMessage("Oops! It looks like your password isn't correct. Please try again.");
             \Idno\Core\site()->triggerEvent('login/failure', array('user' => $user));
             $this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'session/login/?fwd=' . urlencode($fwd));
         }
     } else {
         \Idno\Core\site()->session()->addErrorMessage("Oops! We couldn't find your username or email address. Please check you typed it correctly and try again.");
         $this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'session/login/?fwd=' . urlencode($fwd));
     }
 }
Ejemplo n.º 4
0
 function postContent()
 {
     $this->createGatekeeper();
     // Logged-in only please
     $user = \Idno\Core\site()->session()->currentUser();
     $name = $this->getInput('name');
     $email = $this->getInput('email');
     $password = trim($this->getInput('password'));
     $username = trim($this->getInput('handle'));
     if (!empty($name)) {
         $user->setTitle($name);
     }
     if (!empty($username) && $username != $user->getHandle()) {
         $user->setHandle($username);
     }
     if (!empty($email) && $email != $user->email && filter_var($email, FILTER_VALIDATE_EMAIL)) {
         if (!\Idno\Entities\User::getByEmail($email)) {
             $user->email = $email;
         } else {
             \Idno\Core\site()->session()->addMessage('Someone is already using ' . $email . ' as their email address.', 'alert-error');
         }
     }
     if (!empty($password)) {
         $user->setPassword($password);
     }
     if ($user->save()) {
         \Idno\Core\site()->session()->refreshSessionUser($user);
         \Idno\Core\site()->session()->addMessage("Your details were saved.");
     }
     $this->forward($_SERVER['HTTP_REFERER']);
 }
Ejemplo n.º 5
0
Archivo: User.php Proyecto: hank/Known
 function post()
 {
     $this->flushBrowser();
     \Idno\Core\site()->logging->log("Loading the user registration callback", LOGLEVEL_DEBUG);
     $contents = $this->getInput('content');
     $auth_token = $this->getInput('auth_token');
     $time = $this->getInput('time');
     $signature = $this->getInput('signature');
     $secret = \Idno\Core\site()->hub()->secret;
     $hmac = hash_hmac('sha1', $contents . $time . $auth_token, $secret);
     if ($hmac == $signature) {
         if ($contents = json_decode($contents)) {
             if (!empty($contents->user)) {
                 if ($user = \Idno\Entities\User::getByUUID($contents->user)) {
                     $user->hub_settings = array('token' => $contents->auth_token, 'secret' => $contents->secret);
                     $user->save();
                     $result = array('status' => 'ok', 'message' => 'Credentials were stored.');
                 } else {
                     $result = array('status' => 'fail', 'message' => 'Couldn\'t find user: '******'status' => 'fail', 'message' => 'No user was sent');
             }
         } else {
             $result = array('status' => 'fail', 'message' => 'Contents were invalid');
         }
     }
     if (empty($result)) {
         $result = array('status' => 'fail', 'message' => 'Signature does not match: ' . $signature . ', ' . $hmac);
     }
     echo json_encode($result);
     exit;
 }
Ejemplo n.º 6
0
 function postContent()
 {
     $this->reverseGatekeeper();
     $name = $this->getInput('name');
     $handle = trim($this->getInput('handle'));
     $password = trim($this->getInput('password'));
     $email = trim($this->getInput('email'));
     if (empty($handle) && empty($email)) {
         \Idno\Core\site()->session()->addErrorMessage("Please enter a username and email address.");
     } else {
         if (!empty($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
             if (!($emailuser = \Idno\Entities\User::getByEmail($email)) && !($handleuser = \Idno\Entities\User::getByHandle($handle)) && !empty($handle) && strlen($handle) <= 32 && !substr_count($handle, '/') && \Idno\Entities\User::checkNewPasswordStrength($password)) {
                 $user = new Application();
                 $user->email = $email;
                 $user->handle = strtolower(trim($handle));
                 // Trim the handle and set it to lowercase
                 $user->setPassword($password);
                 $user->notifications['email'] = 'all';
                 if (empty($name)) {
                     $name = $user->handle;
                 }
                 $user->setTitle($name);
                 if ($user->save()) {
                     $t = clone \Idno\Core\site()->template();
                     $t->setTemplateType('email');
                     foreach (\Idno\Core\site()->getAdmins() as $admin) {
                         $email_message = new Email();
                         $email_message->setSubject("You have a new membership application!");
                         $email_message->addTo($admin->email);
                         $email_message->setHTMLBodyFromTemplate('applytojoin/new', ['user' => $user]);
                         $email_message->send();
                     }
                     $this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'account/join/thanks/');
                 } else {
                     var_export(\Idno\Core\site()->session()->messages);
                 }
             } else {
                 if (empty($handle)) {
                     \Idno\Core\site()->session()->addErrorMessage("Please create a username.");
                 }
                 if (strlen($handle) > 32) {
                     \Idno\Core\site()->session()->addErrorMessage("Your username is too long.");
                 }
                 if (substr_count($handle, '/')) {
                     \Idno\Core\site()->session()->addErrorMessage("Usernames can't contain a slash ('/') character.");
                 }
                 if (!empty($handleuser)) {
                     \Idno\Core\site()->session()->addErrorMessage("Unfortunately, someone is already using that username. Please choose another.");
                 }
                 if (!empty($emailuser)) {
                     \Idno\Core\site()->session()->addErrorMessage("Hey, it looks like there's already an account with that email address. Did you forget your login?");
                 }
                 if (!\Idno\Entities\User::checkNewPasswordStrength($password)) {
                     \Idno\Core\site()->session()->addErrorMessage("Please check that your password is at least 7 characters long.");
                 }
             }
         }
     }
     $this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'account/join/');
 }
Ejemplo n.º 7
0
 function getActor()
 {
     if (is_string($this->actor)) {
         return User::getByUUID($this->actor);
     }
     return $this->actor;
 }
Ejemplo n.º 8
0
 function postContent()
 {
     // TODO: change this to actual basic login, of course
     if ($user = \Idno\Entities\User::getByHandle($this->getInput('email'))) {
     } else {
         if ($user = \Idno\Entities\User::getByEmail($this->getInput('email'))) {
         } else {
             \Idno\Core\site()->triggerEvent('login/failure/nouser', ['method' => 'password', 'credentials' => ['email' => $this->getInput('email')]]);
             $this->setResponse(401);
             $this->forward('/session/login');
         }
     }
     if ($user instanceof \Idno\Entities\User) {
         if ($user->checkPassword($this->getInput('password'))) {
             \Idno\Core\site()->triggerEvent('login/success', ['user' => $user]);
             // Trigger an event for auditing
             \Idno\Core\site()->session()->logUserOn($user);
             \Idno\Core\site()->session()->addMessage("You've signed in as {$user->getTitle()}.");
             $this->forward();
         } else {
             \Idno\Core\site()->session()->addMessage("Oops! It looks like your password isn't correct. Please try again.");
             \Idno\Core\site()->triggerEvent('login/failure', ['user' => $user]);
         }
     } else {
         \Idno\Core\site()->session()->addMessage("Oops! We couldn't find your username or email address. Please check you typed it correctly and try again.");
     }
 }
Ejemplo n.º 9
0
 function postContent()
 {
     $this->adminGatekeeper();
     // Admins only
     $action = $this->getInput('action');
     switch ($action) {
         case 'add_rights':
             $uuid = $this->getInput('user');
             if ($user = User::getByUUID($uuid)) {
                 $user->setAdmin(true);
                 $user->save();
                 \Idno\Core\site()->session()->addMessage($user->getTitle() . " was given administration rights.");
             }
             break;
         case 'remove_rights':
             $uuid = $this->getInput('user');
             if ($user = User::getByUUID($uuid)) {
                 $user->setAdmin(false);
                 $user->save();
                 \Idno\Core\site()->session()->addMessage($user->getTitle() . " was stripped of their administration rights.");
             }
             break;
         case 'delete':
             $uuid = $this->getInput('user');
             if ($user = User::getByUUID($uuid)) {
                 if ($user->delete()) {
                     \Idno\Core\site()->session()->addMessage($user->getTitle() . " was removed from your site.");
                 }
             }
             break;
         case 'invite_users':
             $emails = $this->getInput('invitation_emails');
             preg_match_all('/[a-z\\d._%+-]+@[a-z\\d.-]+\\.[a-z]{2,4}\\b/i', $emails, $matches);
             $invitation_count = 0;
             if (!empty($matches[0])) {
                 if (is_array($matches[0])) {
                     foreach ($matches[0] as $email) {
                         if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
                             if (!($user = User::getByEmail($email))) {
                                 if ((new Invitation())->sendToEmail($email) !== 0) {
                                     $invitation_count++;
                                 }
                             }
                         }
                     }
                 }
             }
             if ($invitation_count > 1) {
                 \Idno\Core\site()->session()->addMessage("{$invitation_count} invitations were sent.");
             } else {
                 if ($invitation_count == 1) {
                     \Idno\Core\site()->session()->addMessage("Your invitation was sent.");
                 } else {
                     \Idno\Core\site()->session()->addMessage("No email addresses were found or all the people you invited are already members of this site.");
                 }
             }
             break;
     }
     $this->forward(\Idno\Core\site()->config()->getURL() . 'admin/users');
 }
Ejemplo n.º 10
0
 /**
  * Check that this token is either a user token or the
  * site's API token, and auth the current request for that user if so.
  *
  * @return \Idno\Entities\User user on success
  */
 private static function authenticate()
 {
     $access_token = \Idno\Core\Input::getInput('access_token');
     $headers = \Idno\Common\Page::getallheaders();
     if (!empty($headers['Authorization'])) {
         $token = $headers['Authorization'];
         $token = trim(str_replace('Bearer', '', $token));
     } else {
         if ($token = \Idno\Core\Input::getInput('access_token')) {
             $token = trim($token);
         }
     }
     if (!empty($token)) {
         $found = Token::findUserForToken($token);
         if (!empty($found)) {
             \Idno\Core\Idno::site()->session()->setIsAPIRequest(true);
             $user = $found['user'];
             \Idno\Core\Idno::site()->session()->refreshSessionUser($user);
             return $user;
         }
         $user = \Idno\Entities\User::getOne(array('admin' => true));
         if ($token == $user->getAPIkey()) {
             \Idno\Core\Idno::site()->session()->setIsAPIRequest(true);
             \Idno\Core\Idno::site()->session()->refreshSessionUser($user);
             return $user;
         }
     }
     return false;
 }
Ejemplo n.º 11
0
 /**
  * Sets the page owner on the homepage
  */
 function init()
 {
     \Idno\Core\Idno::site()->events()->addListener('page/get', function (\Idno\Core\Event $event) {
         if ($event->data()['page_class'] == 'Idno\\Pages\\Homepage') {
             \Idno\Core\Idno::site()->currentPage()->setOwner(\Idno\Entities\User::getOne(['admin' => 1]));
         }
     });
 }
Ejemplo n.º 12
0
 /**
  * Sets the page owner on the homepage
  */
 function init()
 {
     \Idno\Core\site()->events()->addListener('page/get', function (\Idno\Core\Event $event) {
         if ($event->data()['page_class'] == 'Idno\\Pages\\Homepage') {
             \Idno\Core\site()->currentPage()->setOwner(\Idno\Entities\User::getOne(['admin' => true]));
         }
     });
     \Idno\Core\site()->addPageHandler('/admin/cherwell/?', 'Themes\\Cherwell\\Pages\\Admin');
 }
Ejemplo n.º 13
0
 function getContent()
 {
     $this->adminGatekeeper();
     // Admins only
     $users = User::get(array('admin' => true));
     $t = \Idno\Core\Idno::site()->template();
     $t->body = $t->__(array('users' => $users))->draw('admin/cherwell');
     $t->title = 'Theme Settings';
     $t->drawPage();
 }
Ejemplo n.º 14
0
 function getContent()
 {
     if (!empty($this->arguments[0])) {
         $user = \Idno\Entities\User::getByHandle($this->arguments[0]);
     }
     if (empty($user)) {
         $this->forward();
     }
     // TODO: 404
     $t = \Idno\Core\site()->template();
     $t->__(array('title' => 'Edit profile: ' . $user->getTitle(), 'body' => $t->__(array('user' => $user))->draw('entity/User/edit')))->drawPage();
 }
Ejemplo n.º 15
0
 function getContent()
 {
     $results = [];
     $username = $this->getInput('username');
     if ($users = User::get([], [], 9999)) {
         //User::getByHandle($username)) {
         foreach ($users as $user) {
             /* @var \Idno\Entities\User $user */
             $results[] = ['username' => $user->getHandle(), 'name' => $user->getTitle(), 'image' => $user->getIcon()];
         }
     }
     header('Content-type: text/json');
     echo json_encode($results);
 }
Ejemplo n.º 16
0
 function canEdit($user_id = '')
 {
     if (empty($user_id)) {
         $user = \Idno\Core\site()->session()->currentUser();
     } else {
         $user = User::getByUUID($user_id);
     }
     if (!$user instanceof User) {
         return false;
     }
     if (!$user->isAdmin()) {
         return false;
     }
     return true;
 }
Ejemplo n.º 17
0
 function getContent()
 {
     $acct = $this->getInput('resource');
     if (!empty($acct)) {
         if (substr($acct, 0, 5) == 'acct:' && strlen($acct) > 8) {
             $handle = str_replace('@' . \Idno\Core\site()->config()->host, '', substr($acct, 5));
             if ($user = \Idno\Entities\User::getByHandle($handle)) {
                 $links = \Idno\Core\site()->triggerEvent('webfinger', array('object' => $user));
             }
         }
     }
     $t = \Idno\Core\site()->template();
     $t->setTemplateType('json');
     $t->__(array('subject' => $acct, 'links' => $links))->drawPage();
 }
Ejemplo n.º 18
0
 function postContent()
 {
     if (!empty($this->arguments[0])) {
         $user = \Idno\Entities\User::getByHandle($this->arguments[0]);
     }
     if (empty($user)) {
         $this->forward();
     }
     // TODO: 404
     if ($user->saveDataFromInput($this)) {
         \Idno\Core\site()->session()->addMessage($user->getTitle() . ' was saved.');
         $this->forward($user->getURL());
     }
     $this->forward($_SERVER['HTTP_REFERER']);
 }
Ejemplo n.º 19
0
 /**
  * Sets the page owner on the homepage
  */
 function init()
 {
     \Idno\Core\Idno::site()->events()->addListener('page/get', function (\Idno\Core\Event $event) {
         if ($event->data()['page_class'] == 'Idno\\Pages\\Homepage') {
             if (!empty(\Idno\Core\Idno::site()->config()->cherwell['profile_user'])) {
                 if ($profile_user = User::getByHandle(\Idno\Core\Idno::site()->config()->cherwell['profile_user'])) {
                     \Idno\Core\Idno::site()->currentPage()->setOwner($profile_user);
                 }
             }
             if (empty($profile_user)) {
                 \Idno\Core\Idno::site()->currentPage()->setOwner(\Idno\Entities\User::getOne(['admin' => true]));
             }
         }
     });
     \Idno\Core\Idno::site()->addPageHandler('/admin/cherwell/?', 'Themes\\Cherwell\\Pages\\Admin');
 }
Ejemplo n.º 20
0
 static function findUserForToken($token)
 {
     // find a user by their code
     for ($offset = 0;; $offset += 10) {
         $users = \Idno\Entities\User::get(array(), array(), 10, $offset);
         if (empty($users)) {
             break;
         }
         foreach ($users as $user) {
             $indieauth_tokens = $user->indieauth_tokens;
             if (!empty($indieauth_tokens) && isset($indieauth_tokens[$token])) {
                 return array('user' => $user, 'data' => $indieauth_tokens[$token]);
             }
         }
     }
     return array();
 }
Ejemplo n.º 21
0
 function postContent()
 {
     $name = $this->getInput('name');
     $handle = $this->getInput('handle');
     $password = $this->getInput('password');
     $password2 = $this->getInput('password2');
     $email = $this->getInput('email');
     $user = new \Idno\Entities\User();
     if (!empty($email) && filter_var($email, FILTER_VALIDATE_EMAIL)) {
         if (!($emailuser = \Idno\Entities\User::getByEmail($email)) && !($handleuser = \Idno\Entities\User::getByHandle($handle)) && !empty($handle) && $password == $password2 && strlen($password) > 4 && !empty($name)) {
             $user = new \Idno\Entities\User();
             $user->email = $email;
             $user->handle = $handle;
             $user->setPassword($password);
             $user->setTitle($name);
             if (!\Idno\Entities\User::get()) {
                 $user->setAdmin(true);
             }
             $user->save();
         } else {
             if (empty($handle)) {
                 \Idno\Core\site()->session()->addMessage("You can't have an empty handle.");
             } else {
                 if (!empty($handleuser)) {
                     \Idno\Core\site()->session()->addMessage("Unfortunately, a user is already using that handle. Please choose another.");
                 }
             }
             if (!empty($emailuser)) {
                 \Idno\Core\site()->session()->addMessage("Unfortunately, a user is already using that email address. Please choose another.");
             }
             if ($password != $password2 || strlen($password) <= 4) {
                 \Idno\Core\site()->session()->addMessage("Please check that your passwords match and that your password is over four characters long.");
             }
         }
     } else {
         \Idno\Core\site()->session()->addMessage("That doesn't seem to be a valid email address.");
     }
     if (!empty($user->_id)) {
         \Idno\Core\site()->session()->addMessage("You've registered! Well done.");
         \Idno\Core\site()->session()->logUserOn($user);
     } else {
         \Idno\Core\site()->session()->addMessage("We couldn't register you.");
         $this->forward($_SERVER['HTTP_REFERER']);
     }
 }
Ejemplo n.º 22
0
 static function findUserForCode($code)
 {
     // TODO encode user id in the auth code? or otherwise do a reverse lookup
     // to avoid checking every user
     for ($offset = 0;; $offset += 10) {
         $users = \Idno\Entities\User::get(array(), array(), 10, $offset);
         if (empty($users)) {
             break;
         }
         foreach ($users as $user) {
             $indieauth_codes = $user->indieauth_codes;
             if (!empty($indieauth_codes) && isset($indieauth_codes[$code])) {
                 return array('user' => $user, 'data' => $indieauth_codes[$code]);
             }
         }
     }
     return array();
 }
Ejemplo n.º 23
0
 function postContent()
 {
     $this->gatekeeper();
     // Logged-in only please
     $user = \Idno\Core\site()->session()->currentUser();
     $name = $this->getInput('name');
     //$handle = $this->getInput('handle');
     $email = $this->getInput('email');
     $password = $this->getInput('password');
     $password2 = $this->getInput('password2');
     if (!empty($name)) {
         $user->setTitle($name);
     }
     if (!empty($email) && $email != $user->email && filter_var($email, FILTER_VALIDATE_EMAIL)) {
         if (!\Idno\Entities\User::getByEmail($email)) {
             $user->email = $email;
         } else {
             \Idno\Core\site()->session()->addMessage('Someone is already using ' . $email . ' as their email address.', 'alert-error');
         }
     }
     if (!empty($password) && $password == $password2) {
         $user->setPassword($password);
     }
     if (!empty($_FILES['avatar'])) {
         if (in_array($_FILES['avatar']['type'], array('image/png', 'image/jpg', 'image/jpeg', 'image/gif'))) {
             if (getimagesize($_FILES['avatar']['tmp_name'])) {
                 if ($icon = \Idno\Entities\File::createThumbnailFromFile($_FILES['avatar']['tmp_name'], $_FILES['avatar']['name'], 300)) {
                     $user->icon = (string) $icon;
                 } else {
                     if ($icon = \Idno\Entities\File::createFromFile($_FILES['avatar']['tmp_name'], $_FILES['avatar']['name'])) {
                         $user->icon = (string) $icon;
                     }
                 }
             }
         }
     }
     if ($user->save()) {
         \Idno\Core\site()->session()->addMessage("Your details were saved.");
     }
     $this->forward($_SERVER['HTTP_REFERER']);
 }
Ejemplo n.º 24
0
 function postContent()
 {
     $this->adminGatekeeper();
     $user_uuid = $this->getInput('user');
     $action = $this->getInput('action');
     $user = Application::getByUUID($user_uuid);
     if ($user instanceof Application) {
         $name = $user->getTitle();
         $handle = $user->handle;
         $email = $user->email;
         switch ($action) {
             case 'approve':
                 if (!($emailuser = \Idno\Entities\User::getByEmail($email)) && !($handleuser = \Idno\Entities\User::getByHandle($handle)) && !empty($handle) && strlen($handle) <= 32 && !substr_count($handle, '/')) {
                     $real_user = new \Idno\Entities\User();
                     $real_user->setHandle($user->handle);
                     $real_user->email = $user->email;
                     $real_user->password = $user->password;
                     $real_user->setTitle($user->getTitle());
                     if ($real_user->save()) {
                         $user->delete();
                         $email_message = new Email();
                         $email_message->setSubject("Your membership was approved!");
                         $email_message->addTo($real_user->email);
                         $email_message->setHTMLBodyFromTemplate('applytojoin/approved', ['user' => $real_user]);
                         $email_message->send();
                         \Idno\Core\site()->session()->addMessage("{$name}'s membership application was approved. They can now log into the site.");
                     } else {
                         \Idno\Core\site()->session()->addMessage("Something went wrong and we weren't able to approve {$name}'s membership application.");
                     }
                 } else {
                     \Idno\Core\site()->session()->addMessage("We couldn't approve {$name}'s application. Either their handle or their email was invalid or in use.");
                 }
                 break;
             case 'delete':
                 $user->delete();
                 \Idno\Core\site()->session()->addMessage("{$name}'s membership application was deleted.");
                 break;
         }
     }
     $this->forward(\Idno\Core\site()->config()->getDisplayURL() . 'admin/applytojoin/');
 }
Ejemplo n.º 25
0
 function postContent()
 {
     $this->reverseGatekeeper();
     $code = $this->getInput('code');
     $email = $this->getInput('email');
     $password = trim($this->getInput('password'));
     $password2 = trim($this->getInput('password2'));
     if ($password == $password2 && !empty($password2)) {
         if ($user = \Idno\Entities\User::getByEmail($email)) {
             if ($code = $user->getPasswordRecoveryCode()) {
                 /* @var \Idno\Entities\User $user */
                 $user->setPassword($password);
                 $user->save();
                 \Idno\Core\site()->session()->addMessage("Your password was reset!");
             }
         }
     } else {
         \Idno\Core\site()->session()->addMessage("Your passwords need to match!");
         $this->forward($_SERVER['HTTP_REFERER']);
     }
 }
Ejemplo n.º 26
0
 function postContent()
 {
     $this->reverseGatekeeper();
     $email_address = $this->getInput('email');
     if ($user = User::getByEmail($email_address)) {
         if ($auth_code = $user->addPasswordRecoveryCode()) {
             $user->save();
             // Save the recovery code to the user
             $t = clone \Idno\Core\site()->template();
             $t->setTemplateType('email');
             $email = new Email();
             $email->setSubject("Password reset");
             $email->addTo($user->email);
             $email->setHTMLBody($t->__(array('email' => $email_address, 'code' => $auth_code))->draw('account/password'));
             $email->send();
             $this->forward(\Idno\Core\site()->config()->getURL() . 'account/password/?sent=true');
         }
     }
     \Idno\Core\site()->session()->addErrorMessage("Oh no! We couldn't find an account associated with that email address.");
     $this->forward(\Idno\Core\site()->config()->getURL() . 'account/password');
 }
Ejemplo n.º 27
0
 function postContent()
 {
     $this->reverseGatekeeper();
     $code = $this->getInput('code');
     $email = $this->getInput('email');
     $password = trim($this->getInput('password'));
     $password2 = trim($this->getInput('password2'));
     if (\Idno\Entities\User::checkNewPasswordStrength($password) && $password == $password2) {
         if ($user = \Idno\Entities\User::getByEmail($email)) {
             if ($code = $user->getPasswordRecoveryCode()) {
                 /* @var \Idno\Entities\User $user */
                 $user->setPassword($password);
                 $user->clearPasswordRecoveryCode();
                 $user->save();
                 \Idno\Core\site()->session()->addMessage("Your password was reset!");
             }
         }
     } else {
         \Idno\Core\site()->session()->addErrorMessage('Sorry, your passwords either don\'t match, or are too weak', 'alert-error');
         $this->forward($_SERVER['HTTP_REFERER']);
     }
 }
Ejemplo n.º 28
0
Archivo: View.php Proyecto: hank/Known
 function postContent()
 {
     if (!empty($this->arguments[0])) {
         $user = \Idno\Entities\User::getByHandle($this->arguments[0]);
     }
     if (empty($user)) {
         $this->forward();
     }
     // TODO: 404
     if ($user->saveDataFromInput($this)) {
         if ($onboarding = $this->getInput('onboarding')) {
             $services = \Idno\Core\site()->syndication()->getServices();
             if (!empty($services) || !empty(\Idno\Core\site()->config->force_onboarding_connect)) {
                 $this->forward(\Idno\Core\site()->config()->getURL() . 'begin/connect');
             } else {
                 $this->forward(\Idno\Core\site()->config()->getURL() . 'begin/publish');
             }
         }
         $this->forward($user->getURL());
     }
     $this->forward($_SERVER['HTTP_REFERER']);
 }
Ejemplo n.º 29
0
 function postContent()
 {
     $this->createGatekeeper();
     // Logged-in only please
     $user = \Idno\Core\site()->session()->currentUser();
     $name = $this->getInput('name');
     $email = $this->getInput('email');
     $password = trim($this->getInput('password'));
     $username = trim($this->getInput('handle'));
     /*if (!\Idno\Common\Page::isSSL() && !\Idno\Core\site()->config()->disable_cleartext_warning) {
           \Idno\Core\site()->session()->addErrorMessage("Warning: Access credentials were sent over a non-secured connection! To disable this warning set disable_cleartext_warning in your config.ini");
       }*/
     if (!empty($name)) {
         $user->setTitle($name);
     }
     if (!empty($username) && $username != $user->getHandle()) {
         $user->setHandle($username);
     }
     if (!empty($email) && $email != $user->email && filter_var($email, FILTER_VALIDATE_EMAIL)) {
         if (!\Idno\Entities\User::getByEmail($email)) {
             $user->email = $email;
         } else {
             \Idno\Core\site()->session()->addErrorMessage('Someone is already using ' . $email . ' as their email address.');
         }
     }
     if (!empty($password)) {
         if (\Idno\Entities\User::checkNewPasswordStrength($password)) {
             \Idno\Core\site()->session()->addMessage("Your password has been updated.");
             $user->setPassword($password);
         } else {
             \Idno\Core\site()->session()->addErrorMessage('Sorry, your password is too weak');
         }
     }
     if ($user->save()) {
         \Idno\Core\site()->session()->addMessage("Your details were saved.");
     }
     $this->forward($_SERVER['HTTP_REFERER']);
 }
Ejemplo n.º 30
0
Archivo: Token.php Proyecto: hank/Known
 function post()
 {
     // Get parameters
     $code = $this->getInput('code');
     $me = $this->getInput('me');
     $redirect_uri = $this->getInput('redirect_uri');
     $state = $this->getInput('state');
     $client_id = $this->getInput('client_id');
     // Verify code
     $response = Webservice::post('https://indieauth.com/auth', array('me' => $me, 'code' => $code, 'redirect_uri' => $redirect_uri, 'state' => $state, 'client_id' => $client_id));
     if ($response['response'] == 200) {
         parse_str($response['content'], $content);
         if (!empty($content['me']) && (parse_url($content['me'], PHP_URL_HOST) == parse_url(\Idno\Core\site()->config()->getURL(), PHP_URL_HOST) || 'www.' . parse_url($content['me'], PHP_URL_HOST) == parse_url(\Idno\Core\site()->config()->getURL(), PHP_URL_HOST))) {
             // Get user & existing tokens
             $user = \Idno\Entities\User::getOne(array('admin' => true));
             $indieauth_tokens = $user->indieauth_tokens;
             if (empty($indieauth_tokens)) {
                 $indieauth_tokens = array();
             }
             // Generate access token and save it to the user
             $token = md5(rand(0, 99999) . time() . $user->getUUID() . $client_id . $state . rand(0, 999999));
             $indieauth_tokens[$token] = array('me' => $me, 'redirect_uri' => $redirect_uri, 'scope' => 'post', 'client_id' => $client_id, 'issued_at' => time(), 'nonce' => mt_rand(1000000, pow(2, 30)));
             $user->indieauth_tokens = $indieauth_tokens;
             $user->save();
             if (\Idno\Core\site()->session()->isLoggedOn() && $user->getUUID() == \Idno\Core\site()->session()->currentUser()->getUUID()) {
                 \Idno\Core\site()->session()->refreshSessionUser($user);
             }
             // Output to the browser
             $this->setResponse(200);
             header('Content-Type: application/x-www-form-urlencoded');
             echo http_build_query(array('access_token' => $token, 'scope' => 'post', 'me' => $me));
             exit;
         } else {
             $this->setResponse(404);
             echo "Client mismatch.";
         }
     }
 }