static function getAddress($address, $addressType)
{
$ca = new Confirm_address();
$ca->address = $address;
$ca->address_type = $addressType;
if ($ca->find(true)) {
return $ca;
}
return null;
}
/**
* Handle the site
*
* @param array $remitem type of reminder to send and any special options
* @return boolean true on success, false on failure
*/
function handle($remitem)
{
list($type, $opts) = $remitem;
$qm = QueueManager::get();
try {
switch ($type) {
case UserConfirmRegReminderHandler::REGISTER_REMINDER:
$confirm = new Confirm_address();
$confirm->address_type = $type;
$confirm->find();
while ($confirm->fetch()) {
try {
$qm->enqueue(array($confirm, $opts), 'uregrem');
} catch (Exception $e) {
common_log(LOG_WARNING, $e->getMessage());
continue;
}
}
break;
case UserInviteReminderHandler::INVITE_REMINDER:
$invitation = new Invitation();
// Only send one reminder (the latest one), regardless of how many invitations a user has
$sql = 'SELECT * FROM (SELECT * FROM invitation WHERE registered_user_id IS NULL ORDER BY created DESC) invitees GROUP BY invitees.address';
$invitation->query($sql);
while ($invitation->fetch()) {
try {
$qm->enqueue(array($invitation, $opts), 'uinvrem');
} catch (Exception $e) {
common_log(LOG_WARNING, $e->getMessage());
continue;
}
}
break;
default:
// WTF?
common_log(LOG_ERR, "Received unknown confirmation address type", __FILE__);
}
} catch (Exception $e) {
common_log(LOG_ERR, $e->getMessage());
return false;
}
return true;
}
function recoverPassword()
{
$nore = $this->trimmed('nicknameoremail');
if (!$nore) {
// TRANS: Form instructions for password recovery form.
$this->showForm(_('Enter a nickname or email address.'));
return;
}
$user = User::staticGet('email', common_canonical_email($nore));
if (!$user) {
try {
$user = User::staticGet('nickname', common_canonical_nickname($nore));
} catch (NicknameException $e) {
// invalid
}
}
# See if it's an unconfirmed email address
if (!$user) {
// Warning: it may actually be legit to have multiple folks
// who have claimed, but not yet confirmed, the same address.
// We'll only send to the first one that comes up.
$confirm_email = new Confirm_address();
$confirm_email->address = common_canonical_email($nore);
$confirm_email->address_type = 'email';
$confirm_email->find();
if ($confirm_email->fetch()) {
$user = User::staticGet($confirm_email->user_id);
} else {
$confirm_email = null;
}
} else {
$confirm_email = null;
}
if (!$user) {
// TRANS: Information on password recovery form if no known username or e-mail address was specified.
$this->showForm(_('No user with that email address or username.'));
return;
}
# Try to get an unconfirmed email address if they used a user name
if (!$user->email && !$confirm_email) {
$confirm_email = new Confirm_address();
$confirm_email->user_id = $user->id;
$confirm_email->address_type = 'email';
$confirm_email->find();
if (!$confirm_email->fetch()) {
$confirm_email = null;
}
}
if (!$user->email && !$confirm_email) {
// TRANS: Client error displayed on password recovery form if a user does not have a registered e-mail address.
$this->clientError(_('No registered email address for that user.'));
return;
}
# Success! We have a valid user and a confirmed or unconfirmed email address
$confirm = new Confirm_address();
$confirm->code = common_confirmation_code(128);
$confirm->address_type = 'recover';
$confirm->user_id = $user->id;
$confirm->address = !empty($user->email) ? $user->email : $confirm_email->address;
if (!$confirm->insert()) {
common_log_db_error($confirm, 'INSERT', __FILE__);
// TRANS: Server error displayed if e-mail address confirmation fails in the database on the password recovery form.
$this->serverError(_('Error saving address confirmation.'));
return;
}
// @todo FIXME: needs i18n.
$body = "Hey, {$user->nickname}.";
$body .= "\n\n";
$body .= 'Someone just asked for a new password ' . 'for this account on ' . common_config('site', 'name') . '.';
$body .= "\n\n";
$body .= 'If it was you, and you want to confirm, use the URL below:';
$body .= "\n\n";
$body .= "\t" . common_local_url('recoverpassword', array('code' => $confirm->code));
$body .= "\n\n";
$body .= 'If not, just ignore this message.';
$body .= "\n\n";
$body .= 'Thanks for your time, ';
$body .= "\n";
$body .= common_config('site', 'name');
$body .= "\n";
$headers = _mail_prepare_headers('recoverpassword', $user->nickname, $user->nickname);
// TRANS: Subject for password recovery e-mail.
mail_to_user($user, _('Password recovery requested'), $body, $headers, $confirm->address);
$this->mode = 'sent';
// TRANS: User notification after an e-mail with instructions was sent from the password recovery form.
$this->msg = _('Instructions for recovering your password ' . 'have been sent to the email address registered to your ' . 'account.');
$this->success = true;
$this->showPage();
}
/**
* Gets any existing email address confirmations we're waiting for
*
* @return Confirm_address Email address confirmation for user, or null
*/
function getConfirmation()
{
$user = common_current_user();
$confirm = new Confirm_address();
$confirm->user_id = $user->id;
$confirm->address_type = 'email';
if ($confirm->find(true)) {
return $confirm;
} else {
return null;
}
}
function next_confirm()
{
$confirm = new Confirm_address();
$confirm->whereAdd('claimed IS null');
$confirm->whereAdd('sent IS null');
# XXX: eventually we could do other confirmations in the queue, too
$confirm->address_type = 'jabber';
$confirm->orderBy('modified DESC');
$confirm->limit(1);
if ($confirm->find(true)) {
$this->log(LOG_INFO, 'Claiming confirmation for ' . $confirm->address);
# working around some weird DB_DataObject behaviour
$confirm->whereAdd('');
# clears where stuff
$original = clone $confirm;
$confirm->claimed = common_sql_now();
$result = $confirm->update($original);
if ($result) {
$this->log(LOG_INFO, 'Succeeded in claim! ' . $result);
return $confirm;
} else {
$this->log(LOG_INFO, 'Failed in claim!');
return false;
}
}
return null;
}
/**
* Called via a callback when NickServ responds to
* the bots query asking if a nick is registered
*
* @param array $data Data
* @return void
*/
public function handle_reg_response($data)
{
// Retrieve data
$screenname = $data['screenname'];
$nickdata = $this->regChecks[$screenname];
$usernick = $nickdata['user']->nickname;
if (isset($this->regChecksLookup[$usernick])) {
if ($data['registered']) {
// Send message
$this->plugin->sendConfirmationCode($screenname, $nickdata['code'], $nickdata['user'], true);
} else {
// TRANS: Message given when using an unregistered IRC nickname.
$this->plugin->sendMessage($screenname, _m('Your nickname is not registered so IRC connectivity cannot be enabled.'));
$confirm = new Confirm_address();
$confirm->user_id = $user->id;
$confirm->address_type = $this->plugin->transport;
if ($confirm->find(true)) {
$result = $confirm->delete();
if (!$result) {
common_log_db_error($confirm, 'DELETE', __FILE__);
// TRANS: Server error thrown on database error when deleting IRC nickname confirmation.
$this->serverError(_m('Could not delete confirmation.'));
return;
}
}
}
// Unset lookup value
unset($this->regChecksLookup[$usernick]);
// Unset data
unset($this->regChecks[$screename]);
}
}
/**
* Get a confirmation code for this user
*
* @return Confirm_address address object for this user
*/
function getConfirmation($transport)
{
$confirm = new Confirm_address();
$confirm->user_id = $this->scoped->getID();
$confirm->address_type = $transport;
if ($confirm->find(true)) {
return $confirm;
}
throw new NoResultException($confirm);
}
USAGE: registerbyemail.php
Registers a new user by email address and sends a confirmation email
-e email Email to register
END_OF_REGISTERBYEMAIL_HELP;
require_once INSTALLDIR . '/scripts/commandline.inc';
$email = get_option_value('e', 'email');
$parts = explode('@', $email);
$nickname = common_nicknamize($parts[0]);
$user = User::getKV('nickname', $nickname);
if (!empty($user)) {
$confirm = new Confirm_address();
$confirm->user_id = $user->id;
$confirm->address_type = 'email';
if ($confirm->find(true)) {
$url = common_local_url('confirmfirstemail', array('code' => $confirm->code));
print "{$url}\n";
} else {
print "User not waiting for confirmation.\n";
}
exit;
}
$user = User::register(array('nickname' => $nickname, 'password' => null));
$confirm = new Confirm_address();
$confirm->code = common_confirmation_code(128);
$confirm->user_id = $user->id;
$confirm->address = $email;
$confirm->address_type = 'email';
$confirm->insert();
$url = common_local_url('confirmfirstemail', array('code' => $confirm->code));
static function recoverPassword($nore)
{
$user = User::staticGet('email', common_canonical_email($nore));
if (!$user) {
try {
$user = User::staticGet('nickname', common_canonical_nickname($nore));
} catch (NicknameException $e) {
// invalid
}
}
// See if it's an unconfirmed email address
if (!$user) {
// Warning: it may actually be legit to have multiple folks
// who have claimed, but not yet confirmed, the same address.
// We'll only send to the first one that comes up.
$confirm_email = new Confirm_address();
$confirm_email->address = common_canonical_email($nore);
$confirm_email->address_type = 'email';
$confirm_email->find();
if ($confirm_email->fetch()) {
$user = User::staticGet($confirm_email->user_id);
} else {
$confirm_email = null;
}
} else {
$confirm_email = null;
}
if (!$user) {
// TRANS: Information on password recovery form if no known username or e-mail address was specified.
throw new ClientException(_('No user with that email address or username.'));
return;
}
// Try to get an unconfirmed email address if they used a user name
if (!$user->email && !$confirm_email) {
$confirm_email = new Confirm_address();
$confirm_email->user_id = $user->id;
$confirm_email->address_type = 'email';
$confirm_email->find();
if (!$confirm_email->fetch()) {
$confirm_email = null;
}
}
if (!$user->email && !$confirm_email) {
// TRANS: Client error displayed on password recovery form if a user does not have a registered e-mail address.
throw new ClientException(_('No registered email address for that user.'));
return;
}
// Success! We have a valid user and a confirmed or unconfirmed email address
$confirm = new Confirm_address();
$confirm->code = common_confirmation_code(128);
$confirm->address_type = 'recover';
$confirm->user_id = $user->id;
$confirm->address = !empty($user->email) ? $user->email : $confirm_email->address;
if (!$confirm->insert()) {
common_log_db_error($confirm, 'INSERT', __FILE__);
// TRANS: Server error displayed if e-mail address confirmation fails in the database on the password recovery form.
throw new ServerException(_('Error saving address confirmation.'));
return;
}
// @todo FIXME: needs i18n.
$body = "Hola, {$user->nickname}.";
$body .= "\n\n";
$body .= 'Alguien ha solicitado una nueva contraseña ' . 'para esta cuenta en ' . common_config('site', 'name') . '.';
$body .= "\n\n";
$body .= 'Si has sido tú, y quieres modificarla, pulsa en el enlace de abajo:';
$body .= "\n\n";
$body .= "\t" . common_local_url('recoverpassword', array('code' => $confirm->code));
$body .= "\n\n";
$body .= 'Si no, puedes ignorar y eliminar este mensaje.';
$body .= "\n\n";
$body .= 'Gracias por tu tiempo, ';
$body .= "\n";
$body .= common_config('site', 'name');
$body .= "\n";
$headers = _mail_prepare_headers('recoverpassword', $user->nickname, $user->nickname);
// TRANS: Subject for password recovery e-mail.
mail_to_user($user, _('Solicitud de recuperación de contraseña'), $body, $headers, $confirm->address);
}
}
} else {
print "{$user->email}\n";
}
exit(0);
}
if (have_option('e', 'email')) {
$user = new User();
$user->email = get_option_value('e', 'email');
$user->find(false);
if (!$user->fetch()) {
// Check unconfirmed emails
$unconfirmed_email = new Confirm_address();
$unconfirmed_email->address = $user->email;
$unconfirmed_email->address_type = 'email';
$unconfirmed_email->find(true);
if (empty($unconfirmed_email->user_id)) {
print "No users with email {$user->email}\n";
} else {
$user = User::getKV('id', $unconfirmed_email->user_id);
print "Unconfirmed Address: {$user->id} {$user->nickname}\n";
}
exit(0);
}
do {
print "{$user->id} {$user->nickname}\n";
} while ($user->fetch());
} else {
print "You must provide either an ID, email, or a nickname.\n";
exit(1);
}
static function recoverPassword($nore)
{
// $confirm_email will be used as a fallback if our user doesn't have a confirmed email
$confirm_email = null;
if (common_is_email($nore)) {
$user = User::getKV('email', common_canonical_email($nore));
// See if it's an unconfirmed email address
if (!$user instanceof User) {
// Warning: it may actually be legit to have multiple folks
// who have claimed, but not yet confirmed, the same address.
// We'll only send to the first one that comes up.
$confirm_email = new Confirm_address();
$confirm_email->address = common_canonical_email($nore);
$confirm_email->address_type = 'email';
if ($confirm_email->find(true)) {
$user = User::getKV('id', $confirm_email->user_id);
}
}
// No luck finding anyone by that email address.
if (!$user instanceof User) {
if (common_config('site', 'fakeaddressrecovery')) {
// Return without actually doing anything! We fake address recovery
// to avoid revealing which email addresses are registered with the site.
return;
}
// TRANS: Information on password recovery form if no known e-mail address was specified.
throw new ClientException(_('No user with that email address exists here.'));
}
} else {
// This might throw a NicknameException on bad nicknames
$user = User::getKV('nickname', common_canonical_nickname($nore));
if (!$user instanceof User) {
// TRANS: Information on password recovery form if no known username was specified.
throw new ClientException(_('No user with that nickname exists here.'));
}
}
// Try to get an unconfirmed email address if they used a user name
if (empty($user->email) && $confirm_email === null) {
$confirm_email = new Confirm_address();
$confirm_email->user_id = $user->id;
$confirm_email->address_type = 'email';
$confirm_email->find();
if (!$confirm_email->fetch()) {
// Nothing found, so let's reset it to null
$confirm_email = null;
}
}
if (empty($user->email) && !$confirm_email instanceof Confirm_address) {
// TRANS: Client error displayed on password recovery form if a user does not have a registered e-mail address.
throw new ClientException(_('No registered email address for that user.'));
}
// Success! We have a valid user and a confirmed or unconfirmed email address
$confirm = new Confirm_address();
$confirm->code = common_confirmation_code(128);
$confirm->address_type = 'recover';
$confirm->user_id = $user->id;
$confirm->address = $user->email ?: $confirm_email->address;
if (!$confirm->insert()) {
common_log_db_error($confirm, 'INSERT', __FILE__);
// TRANS: Server error displayed if e-mail address confirmation fails in the database on the password recovery form.
throw new ServerException(_('Error saving address confirmation.'));
}
// @todo FIXME: needs i18n.
$body = "Hey, {$user->nickname}.";
$body .= "\n\n";
$body .= 'Someone just asked for a new password ' . 'for this account on ' . common_config('site', 'name') . '.';
$body .= "\n\n";
$body .= 'If it was you, and you want to confirm, use the URL below:';
$body .= "\n\n";
$body .= "\t" . common_local_url('recoverpassword', array('code' => $confirm->code));
$body .= "\n\n";
$body .= 'If not, just ignore this message.';
$body .= "\n\n";
$body .= 'Thanks for your time, ';
$body .= "\n";
$body .= common_config('site', 'name');
$body .= "\n";
$headers = _mail_prepare_headers('recoverpassword', $user->nickname, $user->nickname);
// TRANS: Subject for password recovery e-mail.
mail_to_user($user, _('Password recovery requested'), $body, $headers, $confirm->address);
}
