Example #1
0
require_once "../models/config.php";
set_error_handler('logAllErrors');
// Request method: GET
// Parameters: [token or user_id]
$validator = new Validator();
$token = $validator->optionalGetVar('token');
$user_id = $validator->optionalGetVar('user_id');
// Call appropriate function based on type of input
if ($user_id) {
    if (!userIdExists($user_id)) {
        addAlert("danger", lang("ACCOUNT_INVALID_USER_ID"));
        echo json_encode(array("errors" => 1, "successes" => 0));
        exit;
    }
    //Activate account
    if (activateUser($user_id)) {
        $details = fetchUserAuthById($user_id);
        $display_name = $details['display_name'];
        addAlert("success", lang("ACCOUNT_MANUALLY_ACTIVATED", array($display_name)));
    } else {
        echo json_encode(array("errors" => 1, "successes" => 0));
        exit;
    }
} else {
    if ($token) {
        if (!validateActivationToken($token)) {
            //Check for a valid token. Must exist and active must be = 0
            addAlert("danger", lang("ACCOUNT_TOKEN_NOT_FOUND"));
            echo json_encode(array("errors" => 1, "successes" => 0));
            exit;
        } else {
Example #2
0
/**
 * @param string $option
 */
function saveRegistrationNOCHECKSLOL($option)
{
    global $_CB_framework, $_CB_database, $ueConfig, $_POST, $_PLUGINS;
    // Check rights to access:
    if ($_CB_framework->getCfg('allowUserRegistration') == '0' && (!isset($ueConfig['reg_admin_allowcbregistration']) || $ueConfig['reg_admin_allowcbregistration'] != '1') || $_CB_framework->myId()) {
        cbNotAuth();
        return;
    }
    if (!isset($ueConfig['emailpass'])) {
        $ueConfig['emailpass'] = '******';
    }
    $userComplete = new moscomprofilerUser($_CB_database);
    // Pre-registration trigger:
    $_PLUGINS->loadPluginGroup('user');
    $_PLUGINS->trigger('onStartSaveUserRegistration', array());
    if ($_PLUGINS->is_errors()) {
        echo "<script type=\"text/javascript\">alert('" . addslashes($_PLUGINS->getErrorMSG()) . "'); </script>\n";
        $oldUserComplete = new moscomprofilerUser($_CB_database);
        $userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete);
        HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $_PLUGINS->getErrorMSG("<br />"));
        return;
    }
    // Check if this user already registered with exactly this username and password:
    $username = cbGetParam($_POST, 'username', '');
    $usernameExists = $userComplete->loadByUsername($username);
    if ($usernameExists) {
        $password = cbGetParam($_POST, 'password', '', _CB_ALLOWRAW);
        if ($userComplete->verifyPassword($password)) {
            $pwd_md5 = $userComplete->password;
            $userComplete->password = $password;
            $messagesToUser = activateUser($userComplete, 1, 'SameUserRegistrationAgain');
            $userComplete->password = $pwd_md5;
            echo "\n<div>" . implode("</div>\n<div>", $messagesToUser) . "</div>\n";
            return;
        } else {
            $msg = sprintf(_UE_USERNAME_ALREADY_EXISTS, $username);
            echo "<script type=\"text/javascript\">alert('" . addslashes($msg) . "'); </script>\n";
            $oldUserComplete = new moscomprofilerUser($_CB_database);
            $userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete);
            HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, htmlspecialchars($msg));
            return;
        }
    }
    // Store and check terms and conditions accepted (not a field yet !!!!):
    if (isset($_POST['acceptedterms'])) {
        $userComplete->acceptedterms = (int) cbGetParam($_POST, 'acceptedterms', 0) == 1 ? 1 : 0;
    } else {
        $userComplete->acceptedterms = null;
    }
    if ($ueConfig['reg_enable_toc']) {
        if ($userComplete->acceptedterms != 1) {
            echo "<script type=\"text/javascript\">alert('" . addslashes(cbUnHtmlspecialchars(_UE_TOC_REQUIRED)) . "'); </script>\n";
            $oldUserComplete = new moscomprofilerUser($_CB_database);
            $userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete);
            HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, _UE_TOC_REQUIRED . '<br />');
            return;
        }
    }
    // Set id to 0 for autoincrement and store IP address used for registration:
    $userComplete->id = 0;
    $userComplete->registeripaddr = cbGetIPlist();
    // Store new user state:
    $saveResult = $userComplete->saveSafely($_POST, $_CB_framework->getUi(), 'register');
    if ($saveResult === false) {
        echo "<script type=\"text/javascript\">alert('" . str_replace('\\\\n', '\\n', addslashes(strip_tags(str_replace('<br />', '\\n', $userComplete->getError())))) . "'); </script>\n";
        HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $userComplete->getError());
        return;
    }
    if ($saveResult['ok'] === true) {
        $messagesToUser = activateUser($userComplete, 1, "UserRegistration");
    }
    foreach ($saveResult['tabs'] as $res) {
        if ($res) {
            $messagesToUser[] = $res;
        }
    }
    if ($saveResult['ok'] === false) {
        echo "<script type=\"text/javascript\">alert('" . str_replace('\\\\n', '\\n', addslashes(strip_tags(str_replace('<br />', '\\n', $userComplete->getError())))) . "'); </script>\n";
        HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $userComplete->getError());
        return;
    }
    $_PLUGINS->trigger('onAfterUserRegistrationMailsSent', array(&$userComplete, &$userComplete, &$messagesToUser, $ueConfig['reg_confirmation'], $ueConfig['reg_admin_approval'], true));
    foreach ($saveResult['after'] as $res) {
        if ($res) {
            echo "\n<div>" . $res . "</div>\n";
        }
    }
    if ($_PLUGINS->is_errors()) {
        echo $_PLUGINS->getErrorMSG();
        HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $_PLUGINS->getErrorMSG());
        return;
    }
    echo "\n<div>" . implode("</div>\n<div>", $messagesToUser) . "</div>\n";
}
	/**
	 * Registers a new user
	 *
	 * @param UserTable           $user
	 * @param Hybrid_User_Profile $profile
	 * @return bool
	 */
	private function register( $user, $profile )
	{
		global $_CB_framework, $_PLUGINS, $ueConfig;

		if ( ! $profile->identifier ) {
			cbRedirect( $this->_returnUrl, CBTxt::T( 'PROVIDER_PROFILE_MISSING', '[provider] profile could not be found.', array( '[provider]' => $this->_providerName ) ), 'error' );
			return false;
		}

		$mode						=	$this->params->get( $this->_provider . '_mode', 1, GetterInterface::INT );
		$approve					=	$this->params->get( $this->_provider . '_approve', 0, GetterInterface::INT );
		$confirm					=	$this->params->get( $this->_provider . '_confirm', 0, GetterInterface::INT );
		$usergroup					=	$this->params->get( $this->_provider . '_usergroup', null, GetterInterface::STRING );
		$approval					=	( $approve == 2 ? $ueConfig['reg_admin_approval'] : $approve );
		$confirmation				=	( $confirm == 2 ? $ueConfig['reg_confirmation'] : $confirm );
		$usernameFormat				=	$this->params->get( $this->_provider . '_username', null, GetterInterface::STRING );
		$username					=	null;
		$dummyUser					=	new UserTable();

		if ( $usernameFormat ) {
			$extras					=	array( 'provider' => $this->_provider, 'provider_id' => $this->_providerId, 'provider_name' => $this->_providerName );

			foreach ( (array) $profile as $k => $v ) {
				if ( ( ! is_array( $v ) ) && ( ! is_object( $v ) ) ) {
					$k				=	'profile_' . $k;

					$extras[$k]		=	$v;
				}
			}

			$username				=	preg_replace( '/[<>\\\\"%();&\']+/', '', trim( cbReplaceVars( $usernameFormat, $user, true, false, $extras, false ) ) );
		} else {
			if ( isset( $profile->username ) ) {
				$username			=	preg_replace( '/[<>\\\\"%();&\']+/', '', trim( $profile->username ) );
			}

			if ( ( ! $username ) || ( $username && $dummyUser->loadByUsername( $username ) ) ) {
				$username			=	preg_replace( '/[<>\\\\"%();&\']+/', '', trim( $profile->displayName ) );
			}
		}

		if ( ( ! $username ) || ( $username && $dummyUser->loadByUsername( $username ) ) ) {
			$username				=	(string) $profile->identifier;
		}

		if ( $mode == 2 ) {
			$user->set( 'email', $profile->email );
		} else {
			if ( $dummyUser->loadByUsername( $username ) ) {
				cbRedirect( $this->_returnUrl, CBTxt::T( 'UE_USERNAME_NOT_AVAILABLE', "The username '[username]' is already in use.", array( '[username]' =>  htmlspecialchars( $username ) ) ), 'error' );
				return false;
			}

			if ( ! $this->email( $user, $profile ) ) {
				return false;
			}

			if ( $dummyUser->loadByEmail( $user->get( 'email' ) ) ) {
				cbRedirect( $this->_returnUrl, CBTxt::T( 'UE_EMAIL_NOT_AVAILABLE', "The email '[email]' is already in use.", array( '[email]' =>  htmlspecialchars( $user->get( 'email' ) ) ) ), 'error' );
				return false;
			}

			$this->avatar( $user, $profile, $mode );

			if ( ! $usergroup ) {
				$gids				=	array( (int) $_CB_framework->getCfg( 'new_usertype' ) );
			} else {
				$gids				=	cbToArrayOfInt( explode( '|*|', $usergroup ) );
			}

			$user->set( 'gids', $gids );
			$user->set( 'sendEmail', 0 );
			$user->set( 'registerDate', $_CB_framework->getUTCDate() );
			$user->set( 'password', $user->hashAndSaltPassword( $user->getRandomPassword() ) );
			$user->set( 'registeripaddr', cbGetIPlist() );

			if ( $approval == 0 ) {
				$user->set( 'approved', 1 );
			} else {
				$user->set( 'approved', 0 );
			}

			if ( $confirmation == 0 ) {
				$user->set( 'confirmed', 1 );
			} else {
				$user->set( 'confirmed', 0 );
			}

			if ( ( $user->get( 'confirmed' ) == 1 ) && ( $user->get( 'approved' ) == 1 ) ) {
				$user->set( 'block', 0 );
			} else {
				$user->set( 'block', 1 );
			}
		}

		if ( $profile->firstName || $profile->lastName ) {
			$user->set( 'name', trim( $profile->firstName . ' ' . $profile->lastName ) );
		} elseif ( $profile->displayName ) {
			$user->set( 'name', trim( $profile->displayName ) );
		} else {
			$user->set( 'name', $username );
		}

		switch ( $ueConfig['name_style'] ) {
			case 2:
				$lastName			=	strrpos( $user->get( 'name' ), ' ' );

				if ( $lastName !== false ) {
					$user->set( 'firstname', substr( $user->get( 'name' ), 0, $lastName ) );
					$user->set( 'lastname', substr( $user->get( 'name' ), ( $lastName + 1 ) ) );
				} else {
					$user->set( 'firstname', '' );
					$user->set( 'lastname', $user->get( 'name' ) );
				}
				break;
			case 3:
				$middleName			=	strpos( $user->get( 'name' ), ' ' );
				$lastName			=	strrpos( $user->get( 'name' ), ' ' );

				if ( $lastName !== false ) {
					$user->set( 'firstname', substr( $user->get( 'name' ), 0, $middleName ) );
					$user->set( 'lastname', substr( $user->get( 'name' ), ( $lastName + 1 ) ) );

					if ( $middleName !== $lastName ) {
						$user->set( 'middlename', substr( $user->get( 'name' ), ( $middleName + 1 ), ( $lastName - $middleName - 1 ) ) );
					} else {
						$user->set( 'middlename', '' );
					}
				} else {
					$user->set( 'firstname', '' );
					$user->set( 'lastname', $user->get( 'name' ) );
				}
				break;
		}

		$user->set( 'username', $username );
		$user->set( $this->_providerField, $profile->identifier );

		$this->fields( $user, $profile, $mode );

		if ( $mode == 2 ) {
			foreach ( $user as $k => $v ) {
				$_POST[$k]			=	$v;
			}

			$emailPass				=	( isset( $ueConfig['emailpass'] ) ? $ueConfig['emailpass'] : '******' );
			$regErrorMSG			=	null;

			if ( ( ( $_CB_framework->getCfg( 'allowUserRegistration' ) == '0' ) && ( ( ! isset( $ueConfig['reg_admin_allowcbregistration'] ) ) || $ueConfig['reg_admin_allowcbregistration'] != '1' ) ) ) {
				$msg				=	CBTxt::T( 'UE_NOT_AUTHORIZED', 'You are not authorized to view this page!' );
			} else {
				$msg				=	null;
			}

			$_PLUGINS->loadPluginGroup( 'user' );

			$_PLUGINS->trigger( 'onBeforeRegisterFormRequest', array( &$msg, $emailPass, &$regErrorMSG ) );

			if ( $msg ) {
				$_CB_framework->enqueueMessage( $msg, 'error' );
				return false;
			}

			$fieldsQuery			=	null;
			$results				=	$_PLUGINS->trigger( 'onBeforeRegisterForm', array( 'com_comprofiler', $emailPass, &$regErrorMSG, $fieldsQuery ) );

			if ( $_PLUGINS->is_errors() ) {
				$_CB_framework->enqueueMessage( $_PLUGINS->getErrorMSG( '<br />' ), 'error' );
				return false;
			}

			if ( implode( '', $results ) != '' ) {
				$return				=		'<div class="cb_template cb_template_' . selectTemplate( 'dir' ) . '">'
									.			'<div>' . implode( '</div><div>', $results ) . '</div>'
									.		'</div>';

				echo $return;
				return false;
			}

			$_CB_framework->enqueueMessage( CBTxt::T( 'PROVIDER_SIGN_UP_INCOMPLETE', 'Your [provider] sign up is incomplete. Please complete the following.', array( '[provider]' => $this->_providerName ) ) );

			HTML_comprofiler::registerForm( 'com_comprofiler', $emailPass, $user, $_POST, $regErrorMSG );
			return false;
		} else {
			$_PLUGINS->trigger( 'onBeforeUserRegistration', array( &$user, &$user ) );

			if ( $user->store() ) {
				if ( $user->get( 'confirmed' ) == 0 ) {
					$user->store();
				}

				$messagesToUser		=	activateUser( $user, 1, 'UserRegistration' );

				$_PLUGINS->trigger( 'onAfterUserRegistration', array( &$user, &$user, true ) );

				if ( $user->get( 'block' ) == 1 ) {
					$return			=		'<div class="cb_template cb_template_' . selectTemplate( 'dir' ) . '">'
									.			'<div>' . implode( '</div><div>', $messagesToUser ) . '</div>'
									.		'</div>';

					echo $return;
				} else {
					return true;
				}
			}

			cbRedirect( $this->_returnUrl, CBTxt::T( 'SIGN_UP_WITH_PROVIDER_FAILED', 'Sign up with [provider] failed. Error: [error]', array( '[provider]' => $this->_providerName, '[error]' => $user->getError() ) ), 'error' );
			return false;
		}
	}
 /**
  * Adjusts user's ACL and block user if no subscriptions left.
  *
  * @param  UserTable  $user
  * @param  string     $cause          cause of the change
  * @param  int        $block          1: block user, 0: don't block
  * @param  int[]      $gids           new ACL gids (in Joomla < 1.6: only 1 entry)
  * @param  int[]      $removeGids     old ACL gids from plans that just expired
  * @param  array      $oldChldGids    old ACL gids and children
  * @param  string     $reason         reason of change: 'N'=new subscription (default), 'R'=renewal, 'U'=update + 'X'=expiries
  */
 protected function _adjustUserAclBlock($user, $cause, $block, $gids, $removeGids, $oldChldGids, $reason)
 {
     global $_CB_framework;
     if ($user && $user->id) {
         if (self::_anyValueOfArrayInArray((array) $user->gids, $oldChldGids)) {
             // test above is to not degrade higher-level users !
             $wasBlocked = $user->block;
             $gidsUniqueSorted = array_unique($gids);
             sort($gidsUniqueSorted, SORT_NUMERIC);
             $userGids = array_unique((array) $user->gids);
             sort($userGids, SORT_NUMERIC);
             if ($block != $wasBlocked || $userGids != $gidsUniqueSorted) {
                 $superadministratorgid = $_CB_framework->acl->mapGroupNamesToValues('Superadministrator');
                 $k_SA = array_search($superadministratorgid, $removeGids);
                 if ($k_SA !== false) {
                     unset($removeGids[$k_SA]);
                 }
                 $user->gids = array_unique(array_merge(array_diff($userGids, $removeGids), $gidsUniqueSorted));
                 sort($user->gids, SORT_NUMERIC);
                 if ($block && !in_array($superadministratorgid, (array) $user->gids)) {
                     $user->block = 1;
                 }
                 $oldPwd = $user->password;
                 $user->password = null;
                 // don't update cleartext password in case of registration
                 $user->store();
                 // takes care of Mambo/Joomla ACL tables and many other stuff
                 $user->password = $oldPwd;
                 if (checkJversion() == 2) {
                     // This is needed for instant adding of groups to logged-in user (fixing bug #3581): Can be removed once CB 1.9 is released:
                     $session = JFactory::getSession();
                     $jUser = $session->get('user');
                     if ($jUser && $jUser->id == $user->id) {
                         JAccess::clearStatics();
                         $session->set('user', new JUser((int) $user->id));
                     }
                 }
                 if ($block == 0 && $wasBlocked == 1) {
                     $messagesToUser = $reason == 'N' && (!$user->lastvisitDate || $user->lastvisitDate == '0000-00-00 00:00:00');
                     activateUser($user, 0, 'PaidSubscription', $messagesToUser, $messagesToUser);
                     //TBD:	//FIXME		Don't ACTIVATE user 2nd time if this function is called from subscription->activate as a result of onUserActivate?
                 }
             }
         }
     } else {
         user_error(sprintf('AdjustUserAclBlock: user id %d not found in users table.', $user->id), E_USER_NOTICE);
     }
 }
Example #5
0
function approveUser($uids) {
	global $_CB_framework, $_CB_database, $ueConfig, $_PLUGINS, $Itemid;

	$andItemid = getCBprofileItemid();

	// simple spoof check security
	cbSpoofCheck( 'pendingApprovalUsers' );

	if($ueConfig['allowModUserApproval']==0) {
			echo _UE_FUNCTIONALITY_DISABLED;
			exit();
	}

	$isModerator=isModerator( $_CB_framework->myId() );
	if (!$isModerator){
		cbNotAuth();
		return;
	}

	$_PLUGINS->loadPluginGroup('user');

	if ( ! isset( $ueConfig['emailpass'] ) ) {
		$ueConfig['emailpass']	=	'******';
	}

	foreach($uids AS $uid) {
		$cbUser				=	CBuser::getInstance( (int) $uid );
		$user				=	$cbUser->getUserData();
		if ( $user->approved != 1 ) {
			if ( $ueConfig['emailpass'] == "1" ) {
				$user->setRandomPassword();
			}
			$_PLUGINS->trigger( 'onBeforeUserApproval', array( $user, true ) );
			if($_PLUGINS->is_errors()) {
				cbRedirect( cbSef("index.php?option=com_comprofiler&amp;task=pendingApprovalUser".($Itemid ? "&amp;Itemid=". (int) $Itemid : ""), false ), $_PLUGINS->getErrorMSG(), 'error' );
				return;
			}
			$user->approved		=	1;
			$user->storeApproved();
			if ( $ueConfig['emailpass'] == "1" ) {
				$user->storePassword();
			}
			$_PLUGINS->trigger( 'onAfterUserApproval', array( $user, true, true ) );
			activateUser($user, 1, "UserApproval", false);
		}
	}
	cbRedirect( cbSef( 'index.php?option=com_comprofiler&amp;task=pendingApprovalUser' . $andItemid, false ), ( count( $uids ) ) ? count( $uids ) . ' ' . _UE_USERAPPROVAL_SUCCESSFUL : '' );

}
<?php

require_once '/home/octaaron/aaron/modeles/modele_baseadmin.php';
if ($_GET['idvalidation']) {
    try {
        $stmt1 = getAccountByIdValidation($_GET['idvalidation']);
        $result1 = $stmt1->fetch(PDO::FETCH_OBJ);
        $identifiant = $result1->identifiant;
        $stmt2 = activateUser($identifiant);
        if (!$stmt2) {
            header('Location: ../vues/vue_validation.php?validation=erreur');
        }
    } catch (PDOException $e) {
        header('Location: ../vues/vue_validation.php?validation=erreur&lien=' + $_GET['idvalidation']);
        exit;
    }
    header('Location: ../vues/vue_validation.php?validation=valide');
} else {
    header('Location : ../index.php');
}
/**
 * Change users status
 *
 * @param array of int $cid
 * @param string       $action   ( Approve, Reject, block, unblock )
 * @param int          $actionValue
 * @param string       $option
 */
function changeUsersStatus($cid = null, $action, $actionValue, $option)
{
    global $_CB_framework, $_CB_database, $ueConfig, $_PLUGINS;
    if (count($cid) < 1) {
        echo "<script type=\"text/javascript\"> alert('" . addslashes(sprintf(CBTxt::T('Select an item to %s'), $action)) . "'); window.history.go(-1);</script>\n";
        exit;
    }
    $msg = checkCBpermissions($cid, $action, false);
    if ($msg) {
        echo "<script type=\"text/javascript\"> alert('" . $msg . "'); window.history.go(-1);</script>\n";
        exit;
    }
    cbArrayToInts($cid);
    $cids = implode(',', $cid);
    $_PLUGINS->loadPluginGroup('user');
    $query = "SELECT * FROM #__comprofiler c, #__users u WHERE c.id=u.id AND c.id IN ( " . $cids . " )";
    $_CB_database->setQuery($query);
    $users = $_CB_database->loadObjectList(null, 'moscomprofilerUser', array(&$_CB_database));
    foreach ($users as $row) {
        switch ($action) {
            case 'Approve':
            case 'Reject':
                if ($actionValue == 0) {
                    $approved = 2;
                    // "rejected"
                } else {
                    $approved = $actionValue;
                }
                $_PLUGINS->trigger('onBeforeUserApproval', array($row, $approved));
                $_CB_database->setQuery("UPDATE #__comprofiler SET approved=" . (int) $approved . " WHERE id = " . (int) $row->id);
                if ($_CB_database->query()) {
                    if ($approved == 1) {
                        if (isset($ueConfig['emailpass']) && $ueConfig['emailpass'] == "1" && $row->approved == 0) {
                            // if we need to generate a random password to be emailed with confirmation, set new random password only at first approval:
                            $row->setRandomPassword();
                            $row->storePassword(false);
                        }
                        if ($row->approved == 0 && $approved == 1 && $row->confirmed == 1) {
                            $row->approved = 1;
                            activateUser($row, 2, "UserApproval", false);
                        }
                    }
                    $_PLUGINS->trigger('onAfterUserApproval', array($row, $approved, true));
                }
                break;
            case 'block':
            case 'unblock':
                $_PLUGINS->trigger('onBeforeUserBlocking', array($row, $actionValue));
                $row->block = (int) $actionValue;
                if ($row->storeBlock(false)) {
                    // if action is to block a user, delete user acounts active sessions
                    if ($actionValue == 1) {
                        $query = "DELETE FROM #__session" . "\n WHERE userid = " . (int) $row->id;
                        $_CB_database->setQuery($query);
                        $_CB_database->query();
                    }
                }
                break;
            default:
                echo "<script type=\"text/javascript\"> alert('" . addslashes(sprintf(CBTxt::T('unknown action %s')), $action) . "'); window.history.go(-1);</script>\n";
                exit;
                break;
        }
    }
    cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showusers"));
}
$msgBody = "";
// check if username and activationCode were passed in as GET params
// and are non-empty
if (isset($_GET['user']) && !empty($_GET['user']) && isset($_GET['code']) && !empty($_GET['code'])) {
    $username = $_GET['user'];
    $activationCode = $_GET['code'];
    // let's lookup the activation state of the user
    $state = getUserState($username, $activationCode);
    if ("A" == $state) {
        // active user ... shouldn't be activated a second time
        $msgHeading = "Duplicate activation request";
        $msgBody = "This account is already active.  It cannot be activated a second time.  Please log in from the Welcome Page.";
    } else {
        if ("U" == $state) {
            // unverified user ... so we'll activate
            if (activateUser($username, $activationCode)) {
                $msgHeading = "Congratulations {$username}.";
                $msgBody = "Your account is now active.  Please follow the link below back to the Welcome Page to log in.";
            } else {
                // activation failed
                $msgHeading = "Error while activating your account.";
                $msgBody = "An error occurred while activating your account.  Please contact an administrator for assistance.";
            }
        } else {
            if ("D" == $state) {
                // disabled user ... shouldn't be activated. should be handled by
                // the administrator
                $msgHeading = "Request to activate a disabled account";
                $msgBody = "This account has been disabled.  It cannot be reactivated without action by the administrators.  Please contact an administrator for assistance.";
            } else {
                if ("N" == $state) {
 /**
  * confirms user to make $this->confirmed = 1 and stored in database.
  *
  * @param  array    $messagesToUser  RETURNS: array of messages to user.
  * @return boolean                   TRUE: the user has been (or is already) confirmed, FALSE: wrong confirmation code or integrations do not agree
  */
 function confirmUser(&$messagesToUser)
 {
     global $ueConfig, $_PLUGINS;
     if ($this->confirmed == 0) {
         if ($ueConfig['emailpass'] == '1' && $this->approved == 1) {
             $this->setRandomPassword();
         }
         $_PLUGINS->loadPluginGroup('user');
         $_PLUGINS->trigger('onBeforeUserConfirm', array($this));
         if ($_PLUGINS->is_errors()) {
             $messagesToUser = $_PLUGINS->getErrorMSG(false);
             return false;
         }
         $this->confirmed = 1;
         $this->storeConfirmed(false);
         if ($ueConfig['emailpass'] == '1' && $this->approved == 1) {
             $this->storePassword(false);
         }
         $messagesToUser = activateUser($this, 1, 'UserConfirmation');
         $_PLUGINS->trigger('onAfterUserConfirm', array($this, true));
     }
     return true;
 }
Example #10
0
<?php

require_once dirname(__FILE__) . "/../include/master.inc.php";
if (activateUser($_GET['key'])) {
    $_SESSION['response']['login']['success'] = "Your account is activated!";
    redirect("login.php");
} else {
    redirect("404.php");
}
Example #11
0
function saveRegistration($option)
{
    global $_CB_framework, $ueConfig, $_POST, $_PLUGINS;
    // simple spoof check security
    checkCBPostIsHTTPS();
    cbSpoofCheck('registerForm');
    cbRegAntiSpamCheck();
    // Check rights to access:
    if ($_CB_framework->getCfg('allowUserRegistration') == '0' && (!isset($ueConfig['reg_admin_allowcbregistration']) || $ueConfig['reg_admin_allowcbregistration'] != '1') || $_CB_framework->myId()) {
        $msg = CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!');
    } else {
        $msg = null;
    }
    $_PLUGINS->loadPluginGroup('user');
    $_PLUGINS->trigger('onBeforeSaveUserRegistrationRequest', array(&$msg));
    if ($msg) {
        $_CB_framework->enqueueMessage($msg, 'error');
        return;
    }
    if (!isset($ueConfig['emailpass'])) {
        $ueConfig['emailpass'] = '******';
    }
    $userComplete = new UserTable();
    // Pre-registration trigger:
    $_PLUGINS->trigger('onStartSaveUserRegistration', array());
    if ($_PLUGINS->is_errors()) {
        $oldUserComplete = new UserTable();
        $userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete);
        HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $_PLUGINS->getErrorMSG('<br />'));
        return;
    }
    // Check if this user already registered with exactly this username and password:
    $username = cbGetParam($_POST, 'username', '');
    $usernameExists = $userComplete->loadByUsername($username);
    if ($usernameExists) {
        $password = cbGetParam($_POST, 'password', '', _CB_ALLOWRAW);
        if ($userComplete->verifyPassword($password)) {
            $pwd_md5 = $userComplete->password;
            $userComplete->password = $password;
            $messagesToUser = activateUser($userComplete, 1, 'SameUserRegistrationAgain');
            $userComplete->password = $pwd_md5;
            $return = '<div class="cb_template cb_template_' . selectTemplate('dir') . '">' . '<div>' . implode('</div><div>', $messagesToUser) . '</div>' . '</div>';
            echo $return;
            return;
        } else {
            $oldUserComplete = new UserTable();
            $userComplete->bindSafely($_POST, $_CB_framework->getUi(), 'register', $oldUserComplete);
            HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, CBTxt::Th('UE_USERNAME_NOT_AVAILABLE', "The username '[username]' is already in use.", array('[username]' => htmlspecialchars($username))));
            return;
        }
    }
    // Set id to 0 for autoincrement and store IP address used for registration:
    $userComplete->id = 0;
    $userComplete->registeripaddr = cbGetIPlist();
    // Store new user state:
    $saveResult = $userComplete->saveSafely($_POST, $_CB_framework->getUi(), 'register');
    if ($saveResult === false) {
        $regErrorMSG = $userComplete->getError();
        $_PLUGINS->trigger('onAfterUserRegistrationSaveFailed', array(&$userComplete, &$regErrorMSG, 1));
        HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $regErrorMSG);
        return;
    }
    if ($saveResult['ok'] === true) {
        $messagesToUser = activateUser($userComplete, 1, 'UserRegistration');
    } else {
        $messagesToUser = array();
    }
    foreach ($saveResult['tabs'] as $res) {
        if ($res) {
            $messagesToUser[] = $res;
        }
    }
    if ($saveResult['ok'] === false) {
        HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $userComplete->getError());
        return;
    }
    $_PLUGINS->trigger('onAfterUserRegistrationMailsSent', array(&$userComplete, &$userComplete, &$messagesToUser, $ueConfig['reg_confirmation'], $ueConfig['reg_admin_approval'], true));
    foreach ($saveResult['after'] as $res) {
        if ($res) {
            $messagesToUser[] = $res;
        }
    }
    if ($_PLUGINS->is_errors()) {
        HTML_comprofiler::registerForm($option, $ueConfig['emailpass'], $userComplete, $_POST, $_PLUGINS->getErrorMSG());
        return;
    }
    $_PLUGINS->trigger('onAfterSaveUserRegistration', array(&$userComplete, &$messagesToUser, 1));
    $return = '<div class="cb_template cb_template_' . selectTemplate('dir') . '">' . '<div>' . implode('</div><div>', $messagesToUser) . '</div>' . '</div>';
    echo $return;
}
Example #12
0
<html>
<head>
<title>Email confirmation tutorial</title>
</head>
<body>

	<?php 
include 'core/init.php';
$username = $_GET['username'];
$code = $_GET['code'];
$db_code = confirmcode_from_username($username);
if ($code == $db_code) {
    activateUser($username);
    echo "Thank you. Your email has been confirmed";
} else {
    echo "Username and code don't match";
}
/* /////////////////////////////////////////////////////////////////////
		$username = $_GET['username'];
		$code = $_GET['code'];

		$query = "SELECT * FROM users WHERE username = '******'";
		$queryResults = mysql_query($query);

		 //echo "<p>query results = $queryResults</p>";//testing
		
		$numRows = mysql_num_rows($queryResults);
		 // echo "<p>".$numRows."</p>";//testing
		for($iter = 0; $iter < $numRows; $iter++)
		{
			$row = mysql_fetch_assoc($queryResults);
Example #13
0
 /**
  * Changes the approval state of a user
  *
  * @param  int     $state     0: Pending, 1: Approved, 2: Rejected
  * @param  string  $messages  The messages returned by activateUser when approved or reason for approval rejection
  * @return bool
  */
 public function approveUser($state, &$messages = null)
 {
     global $_CB_framework, $ueConfig, $_PLUGINS;
     if ($this->approved == $state) {
         return true;
     }
     if (isset($ueConfig['emailpass']) && $ueConfig['emailpass'] == 1 && $state == 1) {
         $this->setRandomPassword();
     }
     $_PLUGINS->trigger('onBeforeUserApproval', array(&$this, &$state));
     if ($_PLUGINS->is_errors()) {
         $this->setError($_PLUGINS->getErrorMSG(false));
         return false;
     }
     $this->approved = (int) $state;
     if ($this->storeApproved(false)) {
         if (isset($ueConfig['emailpass']) && $ueConfig['emailpass'] == 1 && $state == 1) {
             $this->storePassword(false);
         }
         $_PLUGINS->trigger('onAfterUserApproval', array($this, $state));
         if ($state == 1) {
             $messages = activateUser($this, $_CB_framework->getUi(), 'UserApproval', false);
         } elseif ($state == 2) {
             $cbNotification = new cbNotification();
             $savedLanguage = CBTxt::setLanguage($this->getUserLanguage());
             $cbNotification->sendFromSystem((int) $this->id, CBTxt::T('UE_REG_REJECT_SUB', 'Your sign up request has been rejected!'), CBTxt::T('UE_USERREJECT_MSG', 'Your sign up at [sitename] has been rejected for the following reason: [reason]', array('[sitename]' => $_CB_framework->getCfg('sitename'), '[reason]' => $messages)));
             CBTxt::setLanguage($savedLanguage);
         }
         return true;
     }
     return false;
 }
Example #14
0
	/**
	 * @param cbautoactionsActionTable $trigger
	 * @param UserTable $user
	 */
	public function execute( $trigger, $user )
	{
		global $_CB_framework, $_PLUGINS, $ueConfig;

		$params						=	$trigger->getParams()->subTree( 'registration' );

		$approve					=	(int) $params->get( 'approve', null, GetterInterface::INT );
		$confirm					=	(int) $params->get( 'confirm', null, GetterInterface::INT );
		$approval					=	( $approve == 2 ? $ueConfig['reg_admin_approval'] : $approve );
		$confirmation				=	( $confirm == 2 ? $ueConfig['reg_confirmation'] : $confirm );
		$usergroup					=	$params->get( 'usergroup', null, GetterInterface::STRING );
		$password					=	$trigger->getSubstituteString( $params->get( 'password', null, GetterInterface::STRING ) );
		$name						=	array();

		if ( ! $usergroup ) {
			$gids					=	array( $_CB_framework->getCfg( 'new_usertype' ) );
		} else {
			$gids					=	explode( '|*|', $usergroup );
		}

		cbArrayToInts( $gids );

		$newUser					=	new UserTable();

		$newUser->set( 'gids', $gids );
		$newUser->set( 'sendEmail', 0 );
		$newUser->set( 'registerDate', $_CB_framework->getUTCDate() );
		$newUser->set( 'username', $trigger->getSubstituteString( $params->get( 'username', null, GetterInterface::STRING ) ) );
		$newUser->set( 'firstname', $trigger->getSubstituteString( $params->get( 'firstname', null, GetterInterface::STRING ) ) );
		$newUser->set( 'middlename', $trigger->getSubstituteString( $params->get( 'middlename', null, GetterInterface::STRING ) ) );
		$newUser->set( 'lastname', $trigger->getSubstituteString( $params->get( 'lastname', null, GetterInterface::STRING ) ) );

		if ( $newUser->get( 'firstname' ) ) {
			$name[]					=	$newUser->get( 'firstname' );
		}

		if ( $newUser->get( 'middlename' ) ) {
			$name[]					=	$newUser->get( 'middlename' );
		}

		if ( $newUser->get( 'lastname' ) ) {
			$name[]					=	$newUser->get( 'lastname' );
		}

		$newUser->set( 'name', implode( ' ', $name ) );
		$newUser->set( 'email', $trigger->getSubstituteString( $params->get( 'email', null, GetterInterface::STRING ) ) );

		if ( $password ) {
			$newUser->set( 'password', $newUser->hashAndSaltPassword( $password ) );
		} else {
			$newUser->setRandomPassword();

			$newUser->set( 'password', $newUser->hashAndSaltPassword( $newUser->get( 'password' ) ) );
		}

		$newUser->set( 'registeripaddr', cbGetIPlist() );

		if ( $approval == 0 ) {
			$newUser->set( 'approved', 1 );
		} else {
			$newUser->set( 'approved', 0 );
		}

		if ( $confirmation == 0 ) {
			$newUser->set( 'confirmed', 1 );
		} else {
			$newUser->set( 'confirmed', 0 );
		}

		if ( ( $newUser->get( 'confirmed' ) == 1 ) && ( $newUser->get( 'approved' ) == 1 ) ) {
			$newUser->set( 'block', 0 );
		} else {
			$newUser->set( 'block', 1 );
		}

		foreach ( $params->subTree( 'fields' ) as $row ) {
			/** @var ParamsInterface $row */
			$field					=	$row->get( 'field', null, GetterInterface::STRING );

			if ( $field ) {
				$newUser->set( $field, $trigger->getSubstituteString( $row->get( 'value', null, GetterInterface::RAW ), false, $row->get( 'translate', false, GetterInterface::BOOLEAN ) ) );
			}
		}

		$_PLUGINS->trigger( 'onBeforeUserRegistration', array( &$newUser, &$newUser ) );

		if ( ! $newUser->store() ) {
			if ( $trigger->getParams()->get( 'debug', false, GetterInterface::BOOLEAN ) ) {
				var_dump( CBTxt::T( 'AUTO_ACTION_REGISTRATION_FAILED', ':: Action [action] :: Registration failed to save. Error: [error]', array( '[action]' => (int) $trigger->get( 'id' ), '[error]' => $newUser->getError() ) ) );
			}

			return;
		}

		if ( ( $newUser->get( 'confirmed' ) == 0 ) && ( $confirmation != 0 ) ) {
			if ( ! $newUser->store() ) {
				if ( $trigger->getParams()->get( 'debug', false, GetterInterface::BOOLEAN ) ) {
					var_dump( CBTxt::T( 'AUTO_ACTION_REGISTRATION_FAILED', ':: Action [action] :: Registration failed to save. Error: [error]', array( '[action]' => (int) $trigger->get( 'id' ), '[error]' => $newUser->getError() ) ) );
				}

				return;
			}
		}

		if ( $params->get( 'supress', 1, GetterInterface::BOOLEAN ) ) {
			$emails					=	false;
		} else {
			$emails					=	true;
		}

		activateUser( $newUser, 1, 'UserRegistration', $emails, $emails );

		$_PLUGINS->trigger( 'onAfterUserRegistration', array( &$newUser, &$newUser, true ) );
	}
Example #15
0
<?php

require_once "header.php";
$uid = (int) htmlentities(strip_tags($_GET['uid']));
$actcode = htmlentities(strip_tags($_GET['actcode']));
if (activateUser($uid, $actcode) == true) {
    echo "Thank you for activating your account, You can now login.\n\t\t<a href='./index.php'>Click here to login.</a>";
} else {
    echo "Activation failed! Please try again.";
    echo "If problem presists please contact the webmaster.";
}
require_once "footer.php";
Example #16
0
        return 0;
    } else {
        return $result[0]['id'];
    }
}
function activateUser($id)
{
    global $code;
    $db = new PDO('sqlite:database.db');
    $stmt = $db->prepare('SELECT active FROM users WHERE id=?');
    $stmt->execute(array($id));
    $result = $stmt->fetchAll();
    if ($result[0]['active'] == 1) {
        return 1;
    } else {
        $stmt = $db->prepare("UPDATE users\n\t\t\t\t\t\tSET active=1\n\t\t\t\t\t\tWHERE id=?");
        $stmt->execute(array($id));
        $result = $stmt->fetchAll();
        return 0;
    }
}
$id = verifyCode();
if ($id == 0) {
    echo "<script type='text/javascript'>alert('Code is not valid. Returning to main page.');window.location.href = 'main.php';</script>";
} else {
    if (activateUser($id) == 1) {
        echo "<script type='text/javascript'>alert('User already activated. You can log in.');window.location.href = 'main.php';</script>";
    } else {
        echo "<script type='text/javascript'>alert('User succesfully activated. You can log in.');window.location.href = 'main.php';</script>";
    }
}
Example #17
0
$rank = getRank($users);
$ledger = getLedger($webid, $conn);
$project = getProject($ledger);
$main = 'http://gitpay.org/' . $user['login'] . '#this';
$githubaccount = 'http://github.com/' . $user['login'];
if ($webid && $webid['bitcoin']) {
    $bitcoin = $webid['bitcoin'];
}
if ($webid && $webid['preferredURI']) {
    $preferredURI = $webid['preferredURI'];
}
$turtle = getTurtle($user, $webid, $users, $keys);
insertKeys($keys, $nick, $conn);
writeTurtle($turtle);
if (!empty($_SESSION['login'])) {
    activateUser('https://gitpay.org/' . $_SESSION['login'] . '#this', $conn);
}
$active = getActive('https://gitpay.org/' . $nick . '#this', $conn);
?>



<!doctype html>
<!--
Material Design Lite
Copyright 2015 Google Inc. All rights reserved.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
<?php

chdir("../database");
require_once "users.php";
if (isset($_GET["key"])) {
    $key = (string) $_GET["key"];
    if (!confirmationKeyIsValid($key)) {
        header('Location: ../index.php?welcome=0');
    } else {
        if (!userIsActive($key)) {
            activateUser($key);
            header('Location: ../index.php?welcome=1');
        } else {
            header('Location: ../index.php?welcome=2');
        }
    }
}