function Q_notice_delete()
{
if (!isset($_REQUEST['key'])) {
throw new Q_Exception_RequiredField(array('field' => 'key'), 'key');
}
Q::$cache['notice_deleted'] = Q_Response::removeNotice($_REQUEST['key']);
}
function Users_activate_post()
{
Q_Valid::nonce(true);
$email = $mobile = $type = $user = null;
extract(Users::$cache, EXTR_IF_EXISTS);
if (isset($_REQUEST['passphrase'])) {
if (empty($_REQUEST['passphrase'])) {
throw new Q_Exception("You can't set a blank passphrase.", 'passphrase');
}
$isHashed = !empty($_REQUEST['isHashed']);
if ($isHashed and $isHashed !== 'true' and intval($_REQUEST['isHashed']) > 1) {
// this will let us introduce other values for isHashed in the future
throw new Q_Exception("Please set isHashed to 0 or 1", 'isHashed');
}
// Save the pass phrase even if there may be a problem adding an email later.
// At least the user will be able to log in.
$user->passphraseHash = $user->computePassphraseHash($_REQUEST['passphrase'], $isHashed);
Q_Response::setNotice("Users/activate/passphrase", "Your pass phrase has been saved.", true);
// Log the user in, since they were able to set the passphrase
Users::setLoggedInUser($user);
// This also saves the user.
if (empty($user->passphraseHash)) {
throw new Q_Exception("Please set a pass phrase on your account", 'passphrase', true);
}
}
if ($type) {
if ($type == 'email address') {
$user->setEmailAddress($email->address);
// may throw exception
} else {
if ($type == 'mobile number') {
$user->setMobileNumber($mobile->number);
// may throw exception
}
}
// Log the user in, since they have just added an email to their account
Users::setLoggedInUser($user);
// This also saves the user.
Q_Response::removeNotice('Users/activate/objects');
Q_Response::setNotice("Users/activate/activated", "Your {$type} has been activated.", true);
}
Users::$cache['passphrase_set'] = true;
Users::$cache['success'] = true;
}
function Users_activate_objects_mobile($mobileNumber, &$mobile)
{
Q_Response::removeNotice('Users/activate/objects');
$mobile = new Users_Mobile();
if (!Q_Valid::phone($mobileNumber, $normalized)) {
return;
}
$mobile->number = $normalized;
if (!$mobile->retrieve()) {
throw new Q_Exception_MissingRow(array('table' => 'mobile phone', 'criteria' => "number {$normalized}"));
}
$user = Users::loggedInUser();
if ($user) {
if ($user->id != $mobile->userId) {
throw new Q_Exception("You are logged in as a different user. Please log out and click the link again.");
}
} else {
$user = new Users_User();
$user->id = $mobile->userId;
if (!$user->retrieve()) {
throw new Q_Exception_MissingRow(array('table' => 'user', 'criteria' => 'id = ' . $user->id));
}
}
if ($mobile->activationCode != $_REQUEST['code']) {
throw new Q_Exception("The activation code does not match. Did you get a newer message?", 'code');
}
$timestamp = Users_Mobile::db()->getCurrentTimestamp();
if ($timestamp > Users_Mobile::db()->fromDateTime($mobile->activationCodeExpires)) {
throw new Q_Exception("Activation code expired");
}
if (Q_Request::method() !== 'POST' and empty($_REQUEST['p']) and isset($user->mobileNumber) and $user->mobileNumber == $mobile->number) {
$displayName = Streams::displayName($user);
Q_Response::setNotice('Users/activate/objects', "{$normalized} has already been activated for {$displayName}", true);
return $user;
}
return $user;
}
/**
* Starts the process of adding a mobile to a saved user object.
* Also modifies and saves this user object back to the database.
* @method addMobile
* @param {string} $mobileNumber
* The mobile number to add.
* @param {string} [$activationMessageView=null]
* The view to use for the body of the activation message to send.
* @param {array} [$fields=array()]
* An array of additional fields to pass to the mobile view.
* @param {array} $options=array()
* Array of options. Can include:<br/>
* "delay" => A delay, in milliseconds, to wait until sending email. Only works if Node server is listening.
* @return {boolean}
* Returns true on success.
* Returns false if this mobile number is already verified for this user.
* @throws {Q_Exception_WrongValue}
* If the mobile number is in an invalid format, this is thrown.
* @throws {Users_Exception_AlreadyVerified}
* If the mobile number already exists and has been verified for
* another user, then this exception is thrown.
*/
function addMobile($mobileNumber, $activationMessageView = null, $fields = array(), $options = array())
{
if (!Q_Valid::phone($mobileNumber, $normalized)) {
throw new Q_Exception_WrongValue(array('field' => 'Mobile phone', 'range' => 'a valid number'), 'mobileNumber');
}
$mobile = new Users_Mobile();
$mobile->number = $normalized;
if ($mobile->retrieve('*', array('ignoreCache' => true)) and $mobile->state !== 'unverified') {
if ($mobile->userId === $this->id) {
$mobile->set('user', $this);
return $mobile;
}
// Otherwise, say it's verified for another user,
// even if it unsubscribed or was suspended.
throw new Users_Exception_AlreadyVerified(array('key' => 'mobile number', 'userId' => $mobile->userId), 'mobileNumber');
}
$user = $this;
// If we are here, then the mobile record either
// doesn't exist, or hasn't been verified yet.
// In either event, update the record in the database,
// and re-send the mobile.
$minutes = Q_Config::get('Users', 'activation', 'expires', 60 * 24 * 7);
$mobile->state = 'unverified';
$mobile->userId = $this->id;
$mobile->activationCode = strtolower(Q_Utils::unique(7));
$mobile->activationCodeExpires = new Db_Expression("CURRENT_TIMESTAMP + INTERVAL {$minutes} MINUTE");
$number = $mobile->number;
if (substr($number, 0, 2) == '+1') {
$number = substr($number, 2);
}
$mobile->authCode = md5(microtime() + mt_rand());
$link = 'Users/activate?code=' . urlencode($mobile->activationCode) . ' mobileNumber=' . urlencode($number);
/**
* @event Users/addIdentifier {before}
* @param {string} user
* @param {string} mobile
*/
Q::event('Users/addIdentifier', compact('user', 'mobile', 'link'), 'before');
$mobile->save();
$this->mobileNumberPending = $normalized;
$this->save();
if (!isset($activationMessageView)) {
$activationMessageView = Q_Config::get('Users', 'transactional', 'activation', 'sms', 'Users/sms/activation.php');
}
$fields2 = array_merge($fields, array('user' => $this, 'mobile' => $mobile, 'app' => Q_Config::expect('Q', 'app'), 'baseUrl' => Q_Request::baseUrl(), 'link' => $link));
$mobile->sendMessage($activationMessageView, $fields2, $options);
Q_Response::removeNotice('Users/mobile');
/**
* @event Users/addIdentifier {after}
* @param {string} user
* @param {string} mobile
*/
Q::event('Users/addIdentifier', compact('user', 'mobile', 'link'), 'after');
}
