public function log_in($uid, $remember_me, $login_source) { $user_type = Network::get_user_type(PA::$network_info->network_id, $uid); if ($user_type == DISABLED_MEMBER) { throw new PAException(USER_ACCESS_DENIED, 'Your account has been temporarily disabled by the administrator.'); } $logged_user = new User(); // load user $logged_user->load((int) $uid); $logged_user->set_last_login(); PA::$login_user = $logged_user; register_session($logged_user->login_name, $logged_user->user_id, $logged_user->role, $logged_user->first_name, $logged_user->last_name, $logged_user->email, $logged_user->picture); if ($remember_me) { // set login cookie if ($this->login_cookie->is_new()) { $this->login_cookie->new_session($uid); } $cookie_value = $this->login_cookie->get_cookie(); $cookie_expiry = time() + LoginCookie::$cookie_lifetime; // update tracking info $this->login_cookie->update_tracking_info($_SERVER['HTTP_USER_AGENT'], $_SERVER['REMOTE_ADDR']); } else { // clear login cookie $cookie_value = ""; $cookie_expiry = 0; } // remember series ID, so we can destroy session on logout $_SESSION['login_series'] = $this->login_cookie->get_series(); // remember login source, so we know if it's safe to let user change password, etc $_SESSION['login_source'] = $login_source; // set new cookie for next login! (or delete cookie, if not remembering login) setcookie(PA_Login::$cookie_name, $cookie_value, $cookie_expiry, PA::$local_url, "." . PA::$domain_suffix); }
case "ping": ping(); die("pinged"); break; case "disconnect": delete_session($_SESSION["name"]); die("disconnected"); break; case "new_session": $_SESSION["name"] = $req_mess["name"]; $_SESSION["id"] = rand(100000, 999999); $_SESSION["enemy_connected"] = false; $_SESSION["turn"] = false; switch (check_session($_SESSION["name"])) { case "no_session": register_session($req_mess["name"]); fill_users_file($_SESSION["id"], false, $req_mess["want_side"]); die("session created"); break; case "good_session": fill_users_file($_SESSION["id"], false, $req_mess["want_side"]); die("entered to session"); break; case "too_many_users": die("too_many_users"); break; default: die("switch default"); } break; case "get_sessions":
$inv_error = "{$e->message}"; } $redirect_url = "group.php?gid={$gid}&action=join&GInvID={$group_invitation_id}"; } else { //else redirect registered user to its page. $redirect_url = "user.php?msg_id=7014"; } // end of if group invitation is valid } else { $redirect_url = "user.php?msg_id=7014"; } } header("Location: {$base_url}/{$redirect_url}"); exit; } else { register_session($newuser->login_name, $newuser->user_id, $newuser->role, $newuser->first_name, $newuser->last_name, $newuser->email, $newuser->picture); if ($_GET['gid']) { //if gid is available, redirect to group home page header("Location: {$base_url}/group.php?gid=" . $_GET['gid']); exit; } if ($_GET['aid']) { //if gid is available, redirect to group home page header("Location: {$base_url}/network_announcement.php?aid=" . $_GET['aid']); exit; } if ($user->user_id) { //if uid is set, then look for action if ($_GET['action'] == 'user') { //redirect user to user's private page header("Location: {$base_url}/user.php?uid=" . $user->user_id);
function handle_join() { $error_inv = false; $invitation_id = isset($_REQUEST['InvID']) ? $_REQUEST['InvID'] : null; $group_invitation_id = isset($_REQUEST['GInvID']) ? $_REQUEST['GInvID'] : null; $mother_network_info = Network::get_mothership_info(); $extra = unserialize($mother_network_info->extra); if (!$this->reg_user->register($_POST, PA::$network_info)) { // registration failed return; } // If the user is joining a network other than the if ($mother_network_info->network_id != PA::$network_info->network_id) { Network::join(1, $this->reg_user->newuser->user_id, NETWORK_MEMBER); } if ($extra['email_validation'] == NET_NO || $this->silent) { // silent registration - no email validation! // Success! if (!$this->silent) { register_session($this->reg_user->newuser->login_name, $this->reg_user->newuser->user_id, $this->reg_user->newuser->role, $this->reg_user->newuser->first_name, $this->reg_user->newuser->last_name, $this->reg_user->newuser->email, $this->reg_user->newuser->picture); $_SESSION['login_source'] = 'password'; // password recently entered, so enable access to edit profile PANotify::send("new_user_registered", PA::$network_info, $this->reg_user->newuser, array()); } if ($invitation_id) { // if an invitation to join a network $this->inv_error = ""; $is_valid = Invitation::validate_invitation_id($invitation_id); if (!$is_valid) { $msg = 7017; // invalid network invitation } if (empty($msg)) { try { // try to except invitation $new_invite = new Invitation(); $new_invite->inv_id = $invitation_id; $new_invite->inv_user_id = $this->reg_user->newuser->user_id; $new_invite->accept(); $inv_obj = Invitation::load($invitation_id); $user_obj = new User(); $user_obj->load((int) $inv_obj->user_id); //if invitation is for private network if (PA::$network_info->type == PRIVATE_NETWORK_TYPE) { $user_type = NULL; if (PA::$network_info->owner_id == $inv_obj->user_id) { $user_type = NETWORK_MEMBER; } Network::join(PA::$network_info->network_id, $this->reg_user->newuser->user_id, $user_type); } $msg = 7016; $relation_type = null; $relationship_level = 2; //default relation level id is 2 for friend try { $relation_type_id = Relation::get_relation((int) $inv_obj->user_id, (int) $this->reg_user->newuser->user_id, PA::$network_info->network_id); } catch (PAException $e) { Relation::add_relation((int) $inv_obj->user_id, (int) $this->reg_user->newuser->user_id, $relationship_level, PA::$network_info->address, PA::$network_info->network_id, NULL, NULL, NULL, true, APPROVED); $relation_type = Relation::lookup_relation_type($relation_type_id); } $new_invite->inv_relation_type = $relation_type; if (!$this->silent) { PANotify::send("invitation_accept", $user_obj, $this->reg_user->newuser, $new_invite); } } catch (PAException $e) { $this->inv_error = $e->message; $this->reg_user->msg = "{$e->message}"; $error_inv = TRUE; } if ($error_inv == TRUE) { // if invitation fails, then do login again header("Location: " . PA::$url . "/login.php?msg=" . $this->reg_user->msg . "&return={$return_url}"); exit; } } $redirect_url = PA_ROUTE_HOME_PAGE . '/msg=' . $msg; } else { if ($group_invitation_id) { // if an invitation to join a group // User registration is in response to a group invitation, so // now that the user is registered, handle the group invitation. try { $is_valid_ginv = Invitation::validate_group_invitation_id($group_invitation_id); if (!$is_valid_ginv) { $msg = 3001; } } catch (PAException $e) { $this->inv_error = "{$e->message}"; } if (empty($msg)) { //if group invitation is valid, and no error yet try { $new_invite = new Invitation(); $new_invite->inv_id = $group_invitation_id; $new_invite->inv_user_id = $this->reg_user->newuser->user_id; $new_invite->accept(); //get collection_id $Ginv = Invitation::load($group_invitation_id); $gid = $Ginv->inv_collection_id; $relationship_level = 2; //default relation level id is 2 for friend try { $relation_type_id = Relation::get_relation((int) $Ginv->user_id, (int) $this->reg_user->newuser->user_id, PA::$network_info->network_id); } catch (PAException $e) { Relation::add_relation((int) $Ginv->user_id, (int) $this->reg_user->newuser->user_id, $relationship_level, PA::$network_info->address, PA::$network_info->network_id, NULL, NULL, NULL, true, APPROVED); Relation::add_relation((int) $this->reg_user->newuser->user_id, (int) $Ginv->user_id, $relationship_level, PA::$network_info->address, PA::$network_info->network_id, NULL, NULL, NULL, true, APPROVED); } } catch (PAException $e) { $this->reg_user->msg = "{$e->message}"; $this->reg_user->error = TRUE; print $this->reg_user->msg; } $redirect_url = PA_ROUTE_GROUP . "/gid={$gid}&action=join&GInvID={$group_invitation_id}"; } else { //else redirect registered user to its page. $redirect_url = PA_ROUTE_USER_PRIVATE . '/' . "msg_id={$msg}"; } // end of if group invitation is valid } } if (empty($redirect_url)) { // if no url is set yet // not a group invitation, so redirect to private user page when done $msg = 5003; $redirect_url = PA_ROUTE_USER_PRIVATE . '/' . "msg_id={$msg}"; } header("Location: " . PA::$url . $redirect_url); exit; } else { $expires = LONG_EXPIRES; // for 15 days $user = new User(); $user->login_name = $this->reg_user->newuser->login_name; $user->password = $this->reg_user->newuser->password; $token = $user->get_auth_token($expires); if (!empty($invitation_id)) { $invitation = '&InvID=' . $invitation_id; } else { if (!empty($group_invitation_id)) { $invitation = '&GInvID=' . $group_invitation_id; } else { $invitation = NULL; } } $user_type = NETWORK_WAITING_MEMBER; Network::join(PA::$network_info->network_id, $this->reg_user->newuser->user_id, $user_type); if (!$this->silent) { $activation_url = PA::$url . '/mail_action.php?action=activate&token=' . $token . $invitation; PAMail::send("activate_account", $this->reg_user->newuser, PA::$network_info, array('account.activation_url' => $activation_url)); } global $app; $er_msg = urlencode("Check your email for activation code."); $app->redirect(PA::$url . PA_ROUTE_SYSTEM_MESSAGE . "?show_msg=7013&msg_type=info&redirect_url=" . urlencode(PA::$url . '/' . FILE_LOGIN)); } //end if email validation is set }
function handle_join() { global $network_info; $invitation_id = isset($_REQUEST['InvID']) ? $_REQUEST['InvID'] : null; $group_invitation_id = isset($_REQUEST['GInvID']) ? $_REQUEST['GInvID'] : null; $mother_network_info = Network::get_mothership_info(); $extra = unserialize($mother_network_info->extra); if (!$this->reg_user->register($_POST, $network_info)) { // registration failed return; } if ($extra['email_validation'] == NET_NO) { // Success! register_session($this->reg_user->newuser->login_name, $this->reg_user->newuser->user_id, $this->reg_user->newuser->role, $this->reg_user->newuser->first_name, $this->reg_user->newuser->last_name, $this->reg_user->newuser->email, $this->reg_user->newuser->picture); if ($invitation_id) { // if an invitation to join a network $this->inv_error = ""; $is_valid = Invitation::validate_invitation_id($invitation_id); if (!$is_valid) { $msg = 7017; // invalid network invitation } if (empty($msg)) { try { // try to except invitation $new_invite = new Invitation(); $new_invite->inv_id = $invitation_id; $new_invite->inv_user_id = $this->reg_user->newuser->user_id; $new_invite->accept(); $inv_obj = Invitation::load($invitation_id); $user_obj = new User(); $user_obj->load((int) $inv_obj->user_id); //if invitation is for private network if ($network_info->type == PRIVATE_NETWORK_TYPE) { $user_type = NULL; if ($network_info->owner_id == $inv_obj->user_id) { $user_type = NETWORK_MEMBER; } Network::join($network_info->network_id, $this->reg_user->newuser->user_id, $user_type); } $msg = 7016; $relation_type_id = Relation::get_relation((int) $inv_obj->user_id, (int) $this->reg_user->newuser->user_id); $relation_type = Relation::lookup_relation_type($relation_type_id); $invited_user_url = url_for('user_blog', array('login' => $this->reg_user->newuser->login_name)); // data for passing in common mail method $array_of_data = array('first_name' => $this->reg_user->newuser->first_name, 'last_name' => $this->reg_user->newuser->last_name, 'user_name' => $this->reg_user->newuser->login_name, 'user_id' => $this->reg_user->newuser->user_id, 'invited_user_id' => $inv_obj->user_id, 'invited_user_name' => $user_obj->login_name, 'mail_type' => 'invite_accept_pa', 'to' => $user_obj->email, 'network_name' => $network_info->name, 'relation_type' => $relation_type, 'config_site_name' => PA::$site_name, 'invited_user_url' => $invited_user_url); auto_email_notification_members('invitation_accept', $array_of_data); } catch (PAException $e) { $this->inv_error = $e->message; $this->reg_user->msg = "{$e->message}"; $error_inv = TRUE; } if ($error_inv == TRUE) { // if invitation fails, then do login again header("Location: " . PA::$url . "/login.php?msg=" . $this->reg_user->msg . "&return={$return_url}"); exit; } } $redirect_url = 'homepage.php?msg=' . $msg; } else { if ($group_invitation_id) { // if an invitation to join a group // User registration is in response to a group invitation, so // now that the user is registered, handle the group invitation. try { $is_valid_ginv = Invitation::validate_group_invitation_id($group_invitation_id); if (!$is_valid_ginv) { $msg = 3001; } } catch (PAException $e) { $this->inv_error = "{$e->message}"; } if (empty($msg)) { //if group invitation is valid, and no error yet try { $new_invite = new Invitation(); $new_invite->inv_id = $group_invitation_id; $new_invite->inv_user_id = $this->reg_user->newuser->user_id; $new_invite->accept(); //get collection_id $Ginv = Invitation::load($group_invitation_id); $gid = $Ginv->inv_collection_id; } catch (PAException $e) { $this->reg_user->msg = "{$e->message}"; $this->reg_user->error = TRUE; print $this->reg_user->msg; } $redirect_url = "group.php?gid={$gid}&action=join&GInvID={$group_invitation_id}"; } else { //else redirect registered user to its page. $redirect_url = "user.php?msg_id={$msg}"; } // end of if group invitation is valid } } if (empty($redirect_url)) { // if no url is set yet // not a group invitation, so redirect to private user page when done $redirect_url = "user.php"; } header("Location: " . PA::$url . "/{$redirect_url}"); exit; } else { $expires = LONG_EXPIRES; // for 15 days $user = new User(); $user->login_name = $this->reg_user->newuser->login_name; $user->password = $this->reg_user->newuser->password; $token = $user->get_auth_token($expires); if (!empty($invitation_id)) { $invitation = '&InvID=' . $invitation_id; } else { if (!empty($group_invitation_id)) { $invitation = '&GInvID=' . $group_invitation_id; } else { $invitation = NULL; } } $name = $user->login_name; $activation_url = PA::$url . '/mail_action.php?action=activate&token=' . $token . $invitation; $subject = 'Hi ' . $this->reg_user->newuser->login_name . '! Please activate your ' . PA::$site_name . ' account.'; $message = "Hi {$name} , \n Activate your people aggregator account by clicking the following link: \n {$activation_url}"; $to = $this->reg_user->newuser->email; $mail_type = 'activate_account'; $array_of_data = array('subject' => $subject, 'message' => $message); // send mail $check = pa_mail($to, $mail_type, $array_of_data); // redirect to home page. header("Location: " . PA::$url . "/homepage.php?msg=7013"); exit; } //end if email validation is set }