$hash = trim($http->hasPostVariable('Hash') ? $http->postVariable('Hash') : $Params['Hash']);
$mainNodeID = (int) $http->hasPostVariable('MainNodeID') ? $http->postVariable('MainNodeID') : $Params['MainNodeID'];
// Prepend or append the hash string with a salt, and md5 the resulting hash
// Example: use is login name as salt, and a 'secret password' as hash sent to the user
if ($http->hasPostVariable('HashSaltPrepend')) {
$hash = md5(trim($http->postVariable('HashSaltPrepend')) . $hash);
} else {
if ($http->hasPostVariable('HashSaltAppend')) {
$hash = md5($hash . trim($http->postVariable('HashSaltAppend')));
}
}
// Check if key exists
$accountActivated = false;
$alreadyActive = false;
$isPending = false;
$accountKey = $hash ? eZUserAccountKey::fetchByKey($hash) : false;
if ($accountKey) {
$accountActivated = true;
$userID = $accountKey->attribute('user_id');
$userContentObject = eZContentObject::fetch($userID);
if (!$userContentObject instanceof eZContentObject) {
return $Module->handleError(eZError::KERNEL_NOT_FOUND, 'kernel');
}
if ($userContentObject->attribute('main_node_id') != $mainNodeID) {
return $Module->handleError(eZError::KERNEL_ACCESS_DENIED, 'kernel');
}
// Enable user account
if (eZOperationHandler::operationIsAvailable('user_activation')) {
$operationResult = eZOperationHandler::execute('user', 'activation', array('user_id' => $userID, 'user_hash' => $hash, 'is_enabled' => true));
} else {
eZUserOperationCollection::activation($userID, $hash, true);
