function emailEmailToken() { global $websiteUrl, $websiteName; $mail = new userPieMail(); //Build the activation message $activation_message = lang("ACTIVATION_MESSAGE", array($websiteUrl, $this->email_act_token, $this->user_id)); //Define more if you want to build larger structures $hooks = array("searchStrs" => array("#ACTIVATION-MESSAGE", "#ACTIVATION-KEY", "#USERNAME#"), "subjectStrs" => array($activation_message, $this->email_act_token, $this->firstname)); //logIt("Hooks: " . print_r($hooks,true), "DEBUG"); // Build the template - Optional, you can just use the sendMail function to message if (!$mail->newTemplateMsg("new-registration.txt", $hooks)) { logIt("Error building rew-registration email template", "ERROR"); $this->mail_failure = true; } else { // Send the mail. Specify users email here and subject. // SendMail can have a third parementer for message if you do not wish to build a template. if (!$mail->sendMail($this->email, "{$websiteName} Email Verification")) { logIt("Error sending email: " . print_r($mail, true), "ERROR"); $this->mail_failure = true; } else { // Update email_act_sent_ts $this->log_entry[] = "Verification email sent."; self::updateUser(array(getRF('email_act_sent_ts') => date('Y-m-d H:i:s'))); } } }
public function userPieAddUser() { global $db, $emailActivation, $websiteUrl, $db_table_prefix; //Prevent this function being called if there were construction errors if ($this->status) { //Construct a secure hash for the plain text password $secure_pass = generateHash($this->clean_password); //Construct a unique activation token $this->activation_token = generateactivationtoken(); //Do we need to send out an activation email? if ($emailActivation) { //User must activate their account first $this->user_active = 0; $mail = new userPieMail(); //Build the activation message $activation_message = lang("ACTIVATION_MESSAGE", array($websiteUrl, $this->activation_token)); //Define more if you want to build larger structures $hooks = array("searchStrs" => array("#ACTIVATION-MESSAGE", "#ACTIVATION-KEY", "#USERNAME#"), "subjectStrs" => array($activation_message, $this->activation_token, $this->unclean_username)); /* Build the template - Optional, you can just use the sendMail function Instead to pass a message. */ if (!$mail->newTemplateMsg("new-registration.txt", $hooks)) { $this->mail_failure = true; } else { //Send the mail. Specify users email here and subject. //SendMail can have a third parementer for message if you do not wish to build a template. if (!$mail->sendMail($this->clean_email, "New User")) { $this->mail_failure = true; } } } else { //Instant account activation $this->user_active = 1; } if (!$this->mail_failure) { //Insert the user into the database providing no errors have been found. $sql = "INSERT INTO `" . $db_table_prefix . "users` (\n\t\t\t\t\t\t\t`username`,\n\t\t\t\t\t\t\t`username_clean`,\n\t\t\t\t\t\t\t`password`,\n\t\t\t\t\t\t\t`email`,\n\t\t\t\t\t\t\t`activationtoken`,\n\t\t\t\t\t\t\t`last_activation_request`,\n\t\t\t\t\t\t\t`LostpasswordRequest`, \n\t\t\t\t\t\t\t`active`,\n\t\t\t\t\t\t\t`group_id`,\n\t\t\t\t\t\t\t`sign_up_date`,\n\t\t\t\t\t\t\t`last_sign_in`\n\t\t\t\t\t\t\t)\n\t\t\t\t\t \t\tVALUES (\n\t\t\t\t\t\t\t'" . $db->sql_escape($this->unclean_username) . "',\n\t\t\t\t\t\t\t'" . $db->sql_escape($this->clean_username) . "',\n\t\t\t\t\t\t\t'" . $secure_pass . "',\n\t\t\t\t\t\t\t'" . $db->sql_escape($this->clean_email) . "',\n\t\t\t\t\t\t\t'" . $this->activation_token . "',\n\t\t\t\t\t\t\t'" . time() . "',\n\t\t\t\t\t\t\t'0',\n\t\t\t\t\t\t\t'" . $this->user_active . "',\n\t\t\t\t\t\t\t'1',\n\t\t\t\t\t\t\t'" . time() . "',\n\t\t\t\t\t\t\t'0'\n\t\t\t\t\t\t\t)"; return $db->sql_query($sql); } } }
} else { $userdetails = fetchUserDetails($username); //See if the user's account is activation if ($userdetails["active"] == 1) { $errors[] = lang("ACCOUNT_ALREADY_ACTIVE"); } else { $hours_diff = round((time() - $userdetails["last_activation_request"]) / (3600 * $resend_activation_threshold), 0); if ($resend_activation_threshold != 0 && $hours_diff <= $resend_activation_threshold) { $errors[] = lang("ACCOUNT_LINK_ALREADY_SENT", array($resend_activation_threshold)); } else { //For security create a new activation url; $new_activation_token = generateactivationtoken(); if (!updatelast_activation_request($new_activation_token, $username, $email)) { $errors[] = lang("SQL_ERROR"); } else { $mail = new userPieMail(); $activation_url = $websiteUrl . "activate-account.php?token=" . $new_activation_token; //Setup our custom hooks $hooks = array("searchStrs" => array("#ACTIVATION-URL", "#USERNAME#"), "subjectStrs" => array($activation_url, $userdetails["username"])); if (!$mail->newTemplateMsg("resend-activation.txt", $hooks)) { $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR"); } else { if (!$mail->sendMail($userdetails["email"], "Activate your UserPie Account")) { $errors[] = lang("MAIL_ERROR"); } else { //Success, user details have been updated in the db now mail this information out. $success_message = lang("ACCOUNT_NEW_ACTIVATION_SENT"); } } } }
} } if (count($errors) == 0) { //Check that the username / email are associated to the same account if (!emailusernameLinked($email, $username)) { $errors[] = lang("ACCOUNT_USER_OR_EMAIL_INVALID"); } else { //Check if the user has any outstanding lost password requests $userdetails = fetchUserDetails($username); if ($userdetails["LostpasswordRequest"] == 1) { $errors[] = lang("FORGOTPASS_REQUEST_EXISTS"); } else { //email the user asking to confirm this change password request //We can use the template builder here //We use the activation token again for the url key it gets regenerated everytime it's used. $mail = new userPieMail(); $confirm_url = lang("CONFIRM") . "\n" . $websiteUrl . "forgot-password.php?confirm=" . $userdetails["activationtoken"]; $deny_url = "DENY" . "\n" . $websiteUrl . "forgot-password.php?deny=" . $userdetails["activationtoken"]; //Setup our custom hooks $hooks = array("searchStrs" => array("#CONFIRM-URL#", "#DENY-URL#", "#USERNAME#"), "subjectStrs" => array($confirm_url, $deny_url, $userdetails["username"])); if (!$mail->newTemplateMsg("lost-password-request.txt", $hooks)) { $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR"); } else { if (!$mail->sendMail($userdetails["email"], "Lost password request")) { $errors[] = lang("MAIL_ERROR"); } else { //Update the DB to show this account has an outstanding request flagLostpasswordRequest($username, 1); $success_message = lang("FORGOTPASS_REQUEST_SUCCESS"); } }