$hash = trim($http->hasPostVariable('Hash') ? $http->postVariable('Hash') : $Params['Hash']); $mainNodeID = (int) $http->hasPostVariable('MainNodeID') ? $http->postVariable('MainNodeID') : $Params['MainNodeID']; // Prepend or append the hash string with a salt, and md5 the resulting hash // Example: use is login name as salt, and a 'secret password' as hash sent to the user if ($http->hasPostVariable('HashSaltPrepend')) { $hash = md5(trim($http->postVariable('HashSaltPrepend')) . $hash); } else { if ($http->hasPostVariable('HashSaltAppend')) { $hash = md5($hash . trim($http->postVariable('HashSaltAppend'))); } } // Check if key exists $accountActivated = false; $alreadyActive = false; $isPending = false; $accountKey = $hash ? eZUserAccountKey::fetchByKey($hash) : false; if ($accountKey) { $accountActivated = true; $userID = $accountKey->attribute('user_id'); $userContentObject = eZContentObject::fetch($userID); if (!$userContentObject instanceof eZContentObject) { return $Module->handleError(eZError::KERNEL_NOT_FOUND, 'kernel'); } if ($userContentObject->attribute('main_node_id') != $mainNodeID) { return $Module->handleError(eZError::KERNEL_ACCESS_DENIED, 'kernel'); } // Enable user account if (eZOperationHandler::operationIsAvailable('user_activation')) { $operationResult = eZOperationHandler::execute('user', 'activation', array('user_id' => $userID, 'user_hash' => $hash, 'is_enabled' => true)); } else { eZUserOperationCollection::activation($userID, $hash, true);