public function action_delete($id = null, $key = null) { $this->_views['method_title'] = _i('Delete'); if ($id !== null && $key !== null) { if (!$this->getAuth()->hasAccess('maccess.user')) { $this->notices->set('warning', _i('You must log in to delete your account with this verification link.')); return new Response($this->builder->build()); } try { $this->getAuth()->deleteAccount($id, $key); $this->notices->set('success', _i('Your account has been deleted from the system.')); } catch (Auth\WrongKeyException $e) { $this->notices->set('warning', _i('It appears that you are accessing an invalid link or your activation key has expired.')); } return new Response($this->builder->build()); } else { if (!$this->getAuth()->hasAccess('maccess.user')) { return $this->redirect('admin/account/login'); } if ($this->getPost() && !$this->security->checkCsrfToken($this->getRequest())) { $this->notices->set('warning', _i('The security token wasn\'t found. Try resubmitting.')); } elseif ($this->getPost()) { $validator = new Validator(); $validator->add('password', _i('Password'), [new Assert\NotBlank()])->validate($this->getPost()); if (!$validator->getViolations()->count()) { $input = $validator->getFinalValues(); try { $account_deletion_key = $this->getAuth()->createAccountDeletionKey($input['password']); } catch (Auth\WrongPasswordException $e) { $this->notices->setFlash('error', _i('The password entered was incorrect.')); return $this->redirect('admin/account/delete'); } $user = $this->getAuth()->getUser(); $from = 'no-reply@' . (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'no-email-assigned'); $title = $this->preferences->get('foolframe.gen.website_title') . ' ' . _i('Account Deletion'); $this->builder->createLayout('email'); $this->builder->getProps()->setTitle([$title]); $this->builder->createPartial('body', 'account/email/delete_account')->getParamManager()->setParams(['title' => $title, 'site' => $this->preferences->get('foolframe.gen.website_title'), 'username' => $user->username, 'link' => $this->uri->create('admin/account/delete/' . $user->id . '/' . $account_deletion_key)]); $message = $this->mailer->create()->setFrom([$from => $this->preferences->get('foolframe.gen.website_title')])->setTo($user->email)->setSubject($title)->setBody($this->builder->build(), 'text/html'); if ($this->mailer->send($message) === 1) { $this->notices->setFlash('success', _i('An email has been sent to verify the deletion of your account. The verification link will only work for 15 minutes.')); } else { // the email driver was unable to send the email. the account will not be deleted. $this->notices->setFlash('error', _i('An error was encountered and the system was unable to send the verification email. Please try again later.')); $this->getContext()->getService('logger')->error('The system was unable to send a verification email to ' . $user->username . '. This user was attempting to delete their account.'); } return $this->redirect('admin/account/delete'); } else { $this->notices->set('error', $validator->getViolations()->getText()); } } $this->builder->createPartial('body', 'account/request_delete'); return new Response($this->builder->build()); } }
public function radix_appeal() { try { /** @var BanFactory $ban_factory */ $ban_factory = $this->getContext()->getService('foolfuuka.ban_factory'); $bans = $ban_factory->getByIp(Inet::ptod($this->getRequest()->getClientIp())); } catch (\Foolz\Foolfuuka\Model\BanException $e) { return $this->error(_i('It doesn\'t look like you\'re banned.')); } // check for a global ban if (isset($bans[0])) { $title = _i('Appealing to a global ban.'); $ban = $bans[0]; } elseif (isset($bans[$this->radix->id])) { $title = _i('Appealing to a ban on %s', '/' . $this->radix->shortname . '/'); $ban = $bans[$this->radix->id]; } else { return $this->error(_i('It doesn\'t look like you\'re banned on this board.')); } if ($ban->appeal_status === Ban::APPEAL_PENDING) { return $this->message('success', _i('Your appeal is pending administrator review. Check again later.')); } if ($ban->appeal_status === Ban::APPEAL_REJECTED) { return $this->message('error', _i('Your appeal has been rejected.')); } if ($this->getPost('appeal')) { if (!$this->checkCsrfToken()) { return $this->error(_i('The security token wasn\'t found. Try resubmitting.')); } else { $validator = new Validator(); $validator->add('appeal', _i('Appeal'), [new Trim(), new Assert\NotBlank(), new Assert\Length(['min' => 3, 'max' => 4096])])->validate($this->getPost()); if (!$validator->getViolations()->count()) { $ban->appeal($validator->getFinalValues()['appeal']); return $this->message('success', _i('Your appeal has been submitted!')); } } } $this->builder->createPartial('body', 'appeal')->getParamManager()->setParam('title', $title); return $this->response->setContent($this->builder->build()); }
public function action_create_admin() { // if an admin account exists, lock down this step and redirect to the next step instead /** @var Users $users */ $users = $this->getContext()->getService('users'); $check_users = $users->getAll(); if ($check_users['count'] > 0) { return new RedirectResponse($this->uri->create('install/modules')); } if ($this->getPost()) { $validator = new Validator(); $validator->add('username', _i('Username'), [new Trim(), new Assert\NotBlank(), new Assert\Length(['min' => 4, 'max' => 32])])->add('email', _i('Email'), [new Trim(), new Assert\NotBlank(), new Assert\Email()])->add('password', _i('Password'), [new Trim(), new Assert\NotBlank(), new Assert\Length(['min' => 4, 'max' => 64])])->add('confirm_password', _i('Confirm Password'), [new EqualsField(['field' => _i('Password'), 'value' => $this->getPost('password')])]); $validator->validate($this->getPost()); if (!$validator->getViolations()->count()) { $input = $validator->getFinalValues(); $auth = new Auth($this->getContext()); list($id, $activation_key) = $auth->createUser($input['username'], $input['password'], $input['email']); $auth->activateUser($id, $activation_key); $auth->authenticateWithId($id); $user = $auth->getUser(); $user->save(['group_id' => 100]); // leave the module installation later in case we must do something with users $this->install->install_modules(); return new RedirectResponse($this->uri->create('install/complete')); } else { $this->notices->set('warning', $validator->getViolations()->getText()); } } $this->process('create_admin'); $this->param_manager->setParam('method_title', _i('Admin Account')); $this->builder->createPartial('body', 'install/create_admin'); return new Response($this->builder->build()); }