public function registerForm($request) { if (isset($_POST['XSRF'])) { if (Kingboard_Form::getXSRFToken() == $_POST['XSRF']) { if (!isset($_POST['passwd']) || !isset($_POST['passwd2']) || !isset($_POST['login'])) { $this->_context['registration_failed'] = 'Please fill in all fields'; } elseif ($_POST['passwd'] != $_POST['passwd2']) { $this->_context['registration_failed'] = 'both Password fields need to have the same value'; } elseif (!is_null(Kingboard_User::findOne(array('username' => $_POST['login'])))) { $this->_context['registration_failed'] = 'email/login allready in use'; } elseif (!Kingboard_Form::isEmail($_POST['login'])) { $this->_context['registration_failed'] = 'not a valid email adresse'; } else { $validationCode = sha1(mktime() . $_POST['login']); $user = new Kingboard_User(); $user->username = $_POST['login']; $user->password = $_POST['passwd']; $user->status = Kingboard_User::STATUS_NEW; $user->validationCode = $validationCode; $user->save(); $body = King23_Registry::getInstance()->sith->cachedGet('mails/verify_email.html')->render(array('username' => $_POST['login'], 'hostname' => $_SERVER['SERVER_NAME'], 'activationkey' => $validationCode), King23_Registry::getInstance()->sith); mail($_POST['login'], "Kingboard Activation", $body); $this->redirect('/'); } } else { $this->_context['registration_failed'] = 'XSRF Token Invalid.'; } } $this->render('user/registration.html', $_POST); }
public function myKingboard(array $parameters) { $user = Kingboard_Auth::getUser(); $activeKeys = false; $pendingKeys = false; $context = array(); if (isset($_POST['XSRF']) && Kingboard_Form::getXSRFToken() == $_POST['XSRF']) { try { $pheal = new Pheal($_POST['apiuserid'], $_POST['apikey']); $pheal->accountScope->AccountStatus(); if (!isset($user['keys'])) { $keys = array(); } else { $keys = $user['keys']; } // ensure to remove existing activation keys if this is an update if ($activationkey = Kingboard_ApiActivationToken::findOneByUseridAndApiUserid($user->_id, $_POST['apiuserid'])) { $activationkey->delete(); } $activationkey = Kingboard_ApiActivationToken::create($user->_id, $_POST['apiuserid']); $keys[$_POST['apiuserid']] = array('apiuserid' => $_POST['apiuserid'], 'apikey' => $_POST['apikey'], 'active' => false); $user['keys'] = $keys; $user->save(); // ensure user is refreshed in session Kingboard_Auth::getUser(); } catch (PhealApiException $e) { $context = $_POST; $context['error'] = "the key could not be validated as a full apikey"; } } elseif (isset($_POST['XSRF'])) { die('XSRF detected'); } if (isset($user['keys'])) { foreach ($user['keys'] as $key) { if ($key['active']) { if (!is_array($activeKeys)) { $activeKeys = array(); } $activeKeys[] = $key; } else { if (!is_array($pendingKeys)) { $pendingKeys = array(); } $key['activationkey'] = (string) Kingboard_ApiActivationToken::findOneByUseridAndApiUserid($user->_id, $key['apiuserid']); $pendingKeys[] = $key; } } } $charkeylist = array(); foreach ($activeKeys as $key) { $pheal = new Pheal($key['apiuserid'], $key['apikey']); $chars = $pheal->accountScope->Characters()->characters->toArray(); foreach ($chars as $char) { $charkeylist[$key['apiuserid'] . "|" . $char['characterID']] = $char['name']; } } $context = array_merge($context, array('active_keys' => $activeKeys, 'pending_keys' => $pendingKeys, 'apimailreceiver' => King23_Registry::getInstance()->apimailreceiver, 'active_characters' => $charkeylist)); $this->render('user/index.html', $context); }
public function __construct($loginrequired = false) { if ($loginrequired && !Kingboard_Auth::isLoggedIn()) { $this->redirect("/login"); } parent::__construct(); $reg = King23_Registry::getInstance(); $this->_context['images'] = $reg->imagePaths; $this->_context['baseHost'] = $reg->baseHost; // ownerID, if this is an owned board, this should be filled, for public boards this doesn't matter $this->_context['ownerID'] = $reg->ownerID; // when user is logged in we provide user object to all pages, false otherwise $this->_context['user'] = Kingboard_Auth::getUser(); // make sure all views have the XSRF Token available $this->_context['XSRF'] = Kingboard_Form::getXSRFToken(); }