/* * endpoint for validating an invitation. The user sends his new password */ $app->post('/account/invitation/:token', function ($token) use($app) { $data = json_decode($app->request()->getBody()); if (!empty($token)) { $users = UserQuery::create()->filterByActivateToken($token)->find(); if (count($users) != 1) { error("token-invalid", __("This activation token is invalid. Your email address is probably already activated.")); } elseif (empty($data->pwd1)) { error("password-missing", __("You must enter a password.")); } elseif ($data->pwd1 != $data->pwd2) { error("password-mismatch", __("Both passwords must be the same.")); } else { $user = $users[0]; $user->setActivateToken(''); $user->setPwd($data->pwd1); $user->save(); // NOTE: we don't need a confirmation. # send confirmation email // $name = $user->getEmail(); // $domain = $GLOBALS['dw_config']['domain']; // $from = $GLOBALS['dw_config']['email']; // $link = 'http://' . $domain; // include('../../lib/templates/confirmation-email.php'); // mail($name, __('Confirmation of account creation') . ' ' . $domain, $confirmation_email, 'From: ' . $from); DatawrapperSession::login($user); ok(); } } });