Пример #1
0
 public function sendEmail($emailbody, $time, $value, $options)
 {
     global $user, $session;
     $timeformated = DateTime::createFromFormat("U", (int) $time);
     $timeformated->setTimezone(new DateTimeZone($this->parentProcessModel->timezone));
     $timeformated = $timeformated->format("Y-m-d H:i:s");
     $tag = array("{id}", "{type}", "{time}", "{value}");
     $replace = array($options['sourceid'], $options['sourcetype'], $timeformated, $value);
     $emailbody = str_replace($tag, $replace, $emailbody);
     if ($options['sourcetype'] == "INPUT") {
         $inputdetails = $this->parentProcessModel->input->get_details($options['sourceid']);
         $tag = array("{key}", "{name}", "{node}");
         $replace = array($inputdetails['name'], $inputdetails['description'], $inputdetails['nodeid']);
         $emailbody = str_replace($tag, $replace, $emailbody);
     } else {
         if ($options['sourcetype'] == "VIRTUALFEED") {
             // Not suported for VIRTUAL FEEDS
         }
     }
     $emailto = $user->get_email($session['userid']);
     require_once "Lib/email.php";
     $email = new Email();
     //$email->from(from);
     $email->to($emailto);
     $email->subject('Emoncms event alert');
     $email->body($emailbody);
     $result = $email->send();
     if (!$result['success']) {
         $this->log->error("Email send returned error. message='" . $result['message'] . "'");
     } else {
         $this->log->info("Email sent to {$emailto}");
     }
 }
Пример #2
0
 function _sendPasswordTo($email)
 {
     $user = User::findBy('email', $email);
     if ($user) {
         use_helper('Email');
         $new_pass = '******' . dechex(rand(100000000, 4294967295)) . 'K';
         $user->password = sha1($new_pass);
         $user->save();
         $email = new Email();
         $email->from('*****@*****.**', 'Frog CMS');
         $email->to($user->email);
         $email->subject('Your new password from Frog CMS');
         $email->message('username: '******'success', 'An email has been send with your new password!');
         redirect(get_url('login'));
     } else {
         Flash::set('email', $email);
         Flash::set('error', 'No user found!');
         redirect(get_url('login/forgot'));
     }
 }
Пример #3
0
 public function passwordreset($username, $emailto)
 {
     $username_out = preg_replace('/[^\\p{N}\\p{L}_\\s-]/u', '', $username);
     if (!filter_var($emailto, FILTER_VALIDATE_EMAIL)) {
         return array('success' => false, 'message' => _("Email address format error"));
     }
     $result = $this->mysqli->query("SELECT * FROM users WHERE `username`='{$username_out}' AND `email`='{$emailto}'");
     if ($result->num_rows == 1) {
         $row = $result->fetch_array();
         $userid = $row['id'];
         if ($userid > 0) {
             // Generate new random password
             $newpass = hash('sha256', md5(uniqid(rand(), true)));
             $newpass = substr($newpass, 0, 10);
             // Hash and salt
             $hash = hash('sha256', $newpass);
             $salt = md5(uniqid(rand(), true));
             $password = hash('sha256', $salt . $hash);
             // Save password and salt
             $this->mysqli->query("UPDATE users SET password = '******', salt = '{$salt}' WHERE id = '{$userid}'");
             //------------------------------------------------------------------------------
             global $enable_password_reset;
             if ($enable_password_reset == true) {
                 require "Lib/email.php";
                 $email = new Email();
                 //$email->from(from);
                 $email->to($emailto);
                 $email->subject('Emoncms password reset');
                 $email->body("<p>A password reset was requested for your emoncms account.</p><p>Your can now login with password: {$newpass} </p>");
                 $result = $email->send();
                 if (!$result['success']) {
                     $this->log->error("Email send returned error. emailto=" + $emailto . " message='" . $result['message'] . "'");
                 } else {
                     $this->log->info("Email sent to {$emailto}");
                 }
             }
             //------------------------------------------------------------------------------
             // Sent email with $newpass to $email
             return array('success' => true, 'message' => "Password recovery email sent!");
         }
     }
     return array('success' => false, 'message' => "An error occured");
 }
Пример #4
0
 public function sendMail($sendTo, $title, $msg)
 {
     $Email = new Email();
     $config['protocol'] = 'sendmail';
     $Email->initialize($config);
     $Email->from('*****@*****.**');
     $Email->to($sendTo);
     //$Email->bcc('*****@*****.**');
     $Email->subject($title);
     $Email->message($msg);
     $Email->send();
 }
Пример #5
0
                        $dataline[$feedid] = "";
                    }
                }
            }
            if (!$firstline) {
                $time = $helperclass->getTimeZoneFormated($time, $usertimezone);
            }
            fputcsv($fh, array($time) + $dataline, $csv_field_separator);
            $firstline = false;
        }
        fclose($fh);
        if ($firstline == false) {
            $emailbody = "Attached is CSV for '" . $tag . "' tag.";
            $emailbody .= "\nTime range: " . $startText . " to " . $endText;
            require_once "Lib/email.php";
            $email = new Email();
            //$email->from(from);
            $email->to($emailto);
            $email->subject('Emoncms CSV Export ' . $tag . " (" . $startText . "-" . $endText . ")");
            $email->body($emailbody);
            $email->attach($filename);
            $result = $email->send();
            if (!$result['success']) {
                echo "Email send returned error. message='" . $result['message'] . "'";
                $log->error("Email send returned error. message='" . $result['message'] . "'");
            } else {
                $log->info("Email sent to {$emailto}");
            }
        }
    }
}
Пример #6
0
 /**
  * Send the error page by e-mail
  * 
  * @param string $message
  * @param string $error
  */
 private function _sendErrorByEmail($message, $error)
 {
     $email = Config::get('debug.notification_email');
     if ($email === false || $email === '' || !String::checkEmail($email)) {
         return;
     }
     $sender = Config::get('debug.notification_sender', 'noreply@' . $_SERVER['HTTP_HOST']);
     Email::to($email)->from($sender)->subject($message)->bodyHtml($error)->bodyText(strip_tags($error))->send();
 }
Пример #7
0
	public static function UpdateHandler(\Form $form){

		/** @var \UserModel $user */
		$user        = $form->getElement('user')->get('value');
		$userid      = $user->get('id');
		$usermanager = \Core\user()->checkAccess('p:/user/users/manage');

		// Only allow this if the user is either the same user or has the user manage permission.
		if(!($userid == \Core\user()->get('id') || $usermanager)){
			\Core\set_message('t:MESSAGE_ERROR_INSUFFICIENT_ACCESS_PERMISSIONS');
			return false;
		}

		if(!$user->exists()){
			\Core\set_message('t:MESSAGE_ERROR_REQUESTED_RESOURCE_NOT_FOUND');
			return false;
		}

		$userisactive = $user->get('active');

		$user->setFromForm($form);

		if($userisactive == 1 && $user->get('active') == 0){
			// User was set from active to inactive.
			// Instead of setting to a new account, set to deactivated.
			$user->set('active', '-1');
		}
		elseif($userisactive == -1 && $user->get('active') == 0){
			// User was deactivated before, reset back to that.
			// This is because the active form element is simply an on/off checkbox.
			$user->set('active', '-1');
		}

		$user->save();


		if($userisactive == 0 && $user->get('active') == 1){
			// If the user wasn't active before, but is now....
			// Send an activation notice email to the user.
			try{
				$email = new \Email();
				$email->templatename = 'emails/user/activation.tpl';
				$email->assign('user', $user);
				$email->assign('sitename', SITENAME);
				$email->assign('rooturl', ROOT_URL);
				$email->assign('loginurl', \Core\resolve_link('/user/login'));
				$email->setSubject('Welcome to ' . SITENAME);
				$email->to($user->get('email'));

				// TESTING
				//error_log($email->renderBody());
				$email->send();
			}
			catch(\Exception $e){
				\Core\ErrorManagement\exception_handler($e);
			}
		}


		// If this was the current user, update the session data too!
		if($user->get('id') == \core\user()->get('id')){
			Session::SetUser($user);

			if(\ConfigHandler::Get('/user/profileedits/requireapproval') && \Core::IsComponentAvailable('model-audit')){
				\Core\set_message('t:MESSAGE_SUCCESS_UPDATED_OWN_USER_ACCOUNT_PENDING_APPROVAL');
			}
			else{
				\Core\set_message('t:MESSAGE_SUCCESS_UPDATED_OWN_USER_ACCOUNT');
			}
		}
		else{
			\Core\set_message('t:MESSAGE_SUCCESS_UPDATED_USER_ACCOUNT');
		}


		return true;
	}
Пример #8
0
 private function _writeMail($title, $message, $user = array(), $paw = NULL)
 {
     if (!$this->_validateObject($user, false)) {
         return false;
     }
     // GET LOGIN URL
     $url = $this->config["account_pages"]["login"];
     if (defined("CMS_BACKEND") && CMS_BACKEND == true && startsWith($url, ADMIN_DIR . "/")) {
         $url = str_replace(ADMIN_DIR . "/", "", $url);
     }
     if (!startsWith($url, "http") && !startsWith($url, "www")) {
         $url = get_url($url);
     }
     $url = endsWith($url, "/") ? substr($url, 0, -1) : $url;
     // DEFAULT REPLACEMENTS
     $replacements = array("{{USR_USERNAME}}" => $user->username, "{{USR_NAME}}" => $user->name, "{{USR_EMAIL}}" => $user->email, "{{WEB_TITLE}}" => Setting::get("admin_title"), "{{WEB_LINK}}" => "<a href='" . URL_PUBLIC . "'>" . Setting::get("admin_title") . "</a>", "{{WEB_URL}}" => URL_PUBLIC, "{{WEB_EMAIL}}" => Setting::get("admin_email"), "{{WEB_LOGIN}}" => "<a href='" . $url . "'>" . __("Login") . "</a>", "{{WEB_LOGIN_URL}}" => $url);
     // PAW-ACTION REPLACEMENTS
     if (is_array($paw)) {
         if (!isset($paw["code"]) || !isset($paw["link"]) || !isset($paw["url"])) {
             return false;
         }
         $replacements["{{PAW_CODE}}"] = $paw["code"];
         $replacements["{{PAW_LINK}}"] = $paw["link"];
         $replacements["{{PAW_URL}}"] = $paw["url"];
     }
     // eMAIL
     $message = str_replace(array_keys($replacements), array_values($replacements), nl2br($message));
     use_helper("Email");
     $email = new Email();
     $email->to($user->email);
     $email->from($this->config["message_from"], Setting::get("admin_title"));
     $email->replyto($this->config["message_replyto"], Setting::get("admin_title"));
     $email->setMailtype($this->config["message_type"]);
     $email->subject($title);
     $email->message($message);
     if (@$email->send()) {
         return true;
     }
     return false;
 }
	/**
	 * Form Handler for logging in.
	 *
	 * @static
	 *
	 * @param \Form $form
	 *
	 * @return bool|null|string
	 */
	public static function LoginHandler(\Form $form){
		/** @var \FormElement $e */
		$e = $form->getElement('email');
		/** @var \FormElement $p */
		$p = $form->getElement('pass');


		/** @var \UserModel $u */
		$u = \UserModel::Find(array('email' => $e->get('value')), 1);

		if(!$u){
			// Log this as a login attempt!
			$logmsg = 'Failed Login. Email not registered' . "\n" . 'Email: ' . $e->get('value') . "\n";
			\SystemLogModel::LogSecurityEvent('/user/login', $logmsg);
			$e->setError('t:MESSAGE_ERROR_USER_LOGIN_EMAIL_NOT_FOUND');
			return false;
		}

		if($u->get('active') == 0){
			// The model provides a quick cut-off for active/inactive users.
			// This is the control managed with in the admin.
			$logmsg = 'Failed Login. User tried to login before account activation' . "\n" . 'User: '******'email') . "\n";
			\SystemLogModel::LogSecurityEvent('/user/login', $logmsg, null, $u->get('id'));
			$e->setError('t:MESSAGE_ERROR_USER_LOGIN_ACCOUNT_NOT_ACTIVE');
			return false;
		}
		elseif($u->get('active') == -1){
			// The model provides a quick cut-off for active/inactive users.
			// This is the control managed with in the admin.
			$logmsg = 'Failed Login. User tried to login after account deactivation.' . "\n" . 'User: '******'email') . "\n";
			\SystemLogModel::LogSecurityEvent('/user/login', $logmsg, null, $u->get('id'));
			$e->setError('t:MESSAGE_ERROR_USER_LOGIN_ACCOUNT_DEACTIVATED');
			return false;
		}

		try{
			/** @var \Core\User\AuthDrivers\datastore $auth */
			$auth = $u->getAuthDriver('datastore');
		}
		catch(Exception $e){
			$e->setError('t:MESSAGE_ERROR_USER_LOGIN_PASSWORD_AUTH_DISABLED');
			return false;
		}


		// This is a special case if the password isn't set yet.
		// It can happen with imported users or if a password is invalidated.
		if($u->get('password') == ''){
			// Use the Nonce system to generate a one-time key with this user's data.
			$nonce = \NonceModel::Generate(
				'20 minutes',
				['type' => 'password-reset', 'user' => $u->get('id')]
			);

			$link = '/datastoreauth/forgotpassword?e=' . urlencode($u->get('email')) . '&n=' . $nonce;

			$email = new \Email();
			$email->setSubject('Initial Password Request');
			$email->to($u->get('email'));
			$email->assign('link', \Core\resolve_link($link));
			$email->assign('ip', REMOTE_IP);
			$email->templatename = 'emails/user/initialpassword.tpl';
			try{
				$email->send();
				\SystemLogModel::LogSecurityEvent('/user/initialpassword/send', 'Initial password request sent successfully', null, $u->get('id'));

				\Core\set_message('t:MESSAGE_INFO_USER_LOGIN_MUST_SET_NEW_PASSWORD_INSTRUCTIONS_HAVE_BEEN_EMAILED');
				return true;
			}
			catch(\Exception $e){
				\Core\ErrorManagement\exception_handler($e);
				\Core\set_message('t:MESSAGE_ERROR_USER_LOGIN_MUST_SET_NEW_PASSWORD_UNABLE_TO_SEND_EMAIL');
				return false;
			}
		}


		if(!$auth->checkPassword($p->get('value'))){

			// Log this as a login attempt!
			$logmsg = 'Failed Login. Invalid password' . "\n" . 'Email: ' . $e->get('value') . "\n";
			\SystemLogModel::LogSecurityEvent('/user/login/failed_password', $logmsg, null, $u->get('id'));

			// Also, I want to look up and see how many login attempts there have been in the past couple minutes.
			// If there are too many, I need to start slowing the attempts.
			$time = new \CoreDateTime();
			$time->modify('-5 minutes');

			$securityfactory = new \ModelFactory('SystemLogModel');
			$securityfactory->where('code = /user/login/failed_password');
			$securityfactory->where('datetime > ' . $time->getFormatted(\Time::FORMAT_EPOCH, \Time::TIMEZONE_GMT));
			$securityfactory->where('ip_addr = ' . REMOTE_IP);

			$attempts = $securityfactory->count();
			if($attempts > 4){
				// Start slowing down the response.  This should help deter brute force attempts.
				// (x+((x-7)/4)^3)-4
				sleep( ($attempts+(($attempts-7)/4)^3)-4 );
				// This makes a nice little curve with the following delays:
				// 5th  attempt: 0.85
				// 6th  attempt: 2.05
				// 7th  attempt: 3.02
				// 8th  attempt: 4.05
				// 9th  attempt: 5.15
				// 10th attempt: 6.52
				// 11th attempt: 8.10
				// 12th attempt: 10.05
			}

			$e->setError('t:MESSAGE_ERROR_USER_LOGIN_INCORRECT_PASSWORD');
			$p->set('value', '');
			return false;
		}


		if($form->getElementValue('redirect')){
			// The page was set via client-side javascript on the login page.
			// This is the most reliable option.
			$url = $form->getElementValue('redirect');
		}
		elseif(REL_REQUEST_PATH == '/user/login'){
			// If the user came from the registration page, get the page before that.
			$url = $form->referrer;
		}
		else{
			// else the registration link is now on the same page as the 403 handler.
			$url = REL_REQUEST_PATH;
		}

		// Well, record this too!
		\SystemLogModel::LogSecurityEvent('/user/login', 'Login successful (via password)', null, $u->get('id'));

		// yay...
		$u->set('last_login', \CoreDateTime::Now('U', \Time::TIMEZONE_GMT));
		$u->save();
		\Core\Session::SetUser($u);

		// Allow an external script to override the redirecting URL.
		$overrideurl = \HookHandler::DispatchHook('/user/postlogin/getredirecturl');
		if($overrideurl){
			$url = $overrideurl;
		}

		return $url;
	}
 /**
  * This method is used to send a newly generated password to a user.
  *
  * @param string $email The user's email adress.
  */
 private function _sendPasswordTo($email)
 {
     $user = User::findBy('email', $email);
     if ($user) {
         use_helper('Email');
         $new_pass = '******' . dechex(rand(100000000, 4294967295)) . 'K';
         $user->password = AuthUser::generateHashedPassword($new_pass . $user->salt);
         $user->save();
         $email = new Email();
         $email->from(Setting::get('admin_email'), Setting::get('admin_title'));
         $email->to($user->email);
         $email->subject(__('Your new password from ') . Setting::get('admin_title'));
         $email->message(__('Username') . ': ' . $user->username . "\n" . __('Password') . ': ' . $new_pass);
         $email->send();
         Flash::set('success', __('An email has been sent with your new password!'));
         redirect(get_url('login'));
     } else {
         Flash::set('email', $email);
         Flash::set('error', __('No user found!'));
         redirect(get_url('login/forgot'));
     }
 }
Пример #11
0
 /**
  * Page to enable Facebook logins for user accounts.
  *
  * @return int|null|string
  */
 public function enable()
 {
     $request = $this->getPageRequest();
     $auths = \Core\User\Helper::GetEnabledAuthDrivers();
     if (!isset($auths['facebook'])) {
         // Facebook isn't enabled, simply redirect to the home page.
         \Core\redirect('/');
     }
     if (!FACEBOOK_APP_ID) {
         \Core\redirect('/');
     }
     if (!FACEBOOK_APP_SECRET) {
         \Core\redirect('/');
     }
     // If it was a POST, then it should be the first page.
     if ($request->isPost()) {
         $facebook = new Facebook(['appId' => FACEBOOK_APP_ID, 'secret' => FACEBOOK_APP_SECRET]);
         // Did the user submit the facebook login request?
         if (isset($_POST['login-method']) && $_POST['login-method'] == 'facebook' && $_POST['access-token']) {
             try {
                 $facebook->setAccessToken($_POST['access-token']);
                 /** @var int $fbid The user ID from facebook */
                 $fbid = $facebook->getUser();
                 /** @var array $user_profile The array of user data from Facebook */
                 $user_profile = $facebook->api('/me');
             } catch (Exception $e) {
                 \Core\set_message($e->getMessage(), 'error');
                 \Core\go_back();
                 return null;
             }
             // If the user is logged in, then the verification logic is slightly different.
             if (\Core\user()->exists()) {
                 // Logged in users, the email must match.
                 if (\Core\user()->get('email') != $user_profile['email']) {
                     \Core\set_message('Your Facebook email is ' . $user_profile['email'] . ', which does not match your account email!  Unable to link accounts.', 'error');
                     \Core\go_back();
                     return null;
                 }
                 $user = \Core\user();
             } else {
                 /** @var \UserModel|null $user */
                 $user = UserModel::Find(['email' => $user_profile['email']], 1);
                 if (!$user) {
                     \Core\set_message('No local account found with the email ' . $user_profile['email'] . ', please <a href="' . \Core\resolve_link('/user/register') . '"create an account</a> instead.', 'error');
                     \Core\go_back();
                     return null;
                 }
             }
             // Send an email with a nonce link that will do the actual activation.
             // This is a security feature so just anyone can't link another user's account.
             $nonce = NonceModel::Generate('20 minutes', null, ['user' => $user, 'access_token' => $_POST['access-token']]);
             $email = new Email();
             $email->to($user->get('email'));
             $email->setSubject('Facebook Activation Request');
             $email->templatename = 'emails/facebook/enable_confirmation.tpl';
             $email->assign('link', \Core\resolve_link('/facebook/enable/' . $nonce));
             if ($email->send()) {
                 \Core\set_message('An email has been sent to your account with a link enclosed.  Please click on that to complete activation within twenty minutes.', 'success');
                 \Core\go_back();
                 return null;
             } else {
                 \Core\set_message('Unable to send a confirmation email, please try again later.', 'error');
                 \Core\go_back();
                 return null;
             }
         }
     }
     // If there is a nonce enclosed, then it should be the second confirmation page.
     // This is the one that actually performs the action.
     if ($request->getParameter(0)) {
         /** @var NonceModel $nonce */
         $nonce = NonceModel::Construct($request->getParameter(0));
         if (!$nonce->isValid()) {
             \Core\set_message('Invalid key requested.', 'error');
             \Core\redirect('/');
             return null;
         }
         $nonce->decryptData();
         $data = $nonce->get('data');
         /** @var UserModel $user */
         $user = $data['user'];
         try {
             $facebook = new Facebook(['appId' => FACEBOOK_APP_ID, 'secret' => FACEBOOK_APP_SECRET]);
             $facebook->setAccessToken($data['access_token']);
             $facebook->getUser();
             $facebook->api('/me');
         } catch (Exception $e) {
             \Core\set_message($e->getMessage(), 'error');
             \Core\redirect('/');
             return null;
         }
         $user->enableAuthDriver('facebook');
         /** @var \Facebook\UserAuth $auth */
         $auth = $user->getAuthDriver('facebook');
         $auth->syncUser($data['access_token']);
         \Core\set_message('Linked Facebook successfully!', 'success');
         // And log the user in!
         if (!\Core\user()->exists()) {
             $user->set('last_login', \CoreDateTime::Now('U', \Time::TIMEZONE_GMT));
             $user->save();
             \Core\Session::SetUser($user);
         }
         \Core\redirect('/');
         return null;
     }
 }
Пример #12
0
 /**
  * Add a receiver
  *
  * @param \Email $mailer
  * @param        $email
  * @param null   $name
  */
 protected function addReceiver(Email $mailer, $email, $name = null)
 {
     if (!is_string($email)) {
         $email = $name;
         $name = null;
     }
     if (Valid::email($email)) {
         Kohana::$log->add(Log::INFO, '-----> Recipient: ' . $email . ' (' . $name . ')');
         $mailer->to($email, $name);
     }
 }
Пример #13
0
	/**
	 * Simple controller to activate a user account.
	 * Meant to be called with json only.
	 */
	public function activate(){
		$req    = $this->getPageRequest();
		$view   = $this->getView();
		$userid = $req->getPost('user') ? $req->getPost('user') : $req->getParameter('user');
		$active = ($req->getPost('status') !== null) ? $req->getPost('status') : $req->getParameter('status');
		if($active === '') $active = 1; // default.


		if(!\Core\user()->checkAccess('p:/user/users/manage')){
			return View::ERROR_ACCESSDENIED;
		}

		if(!$req->isPost()){
			return View::ERROR_BADREQUEST;
		}

		if(!$userid){
			return View::ERROR_BADREQUEST;
		}


		$user = UserModel::Construct($userid);

		if(!$user->exists()){
			return View::ERROR_NOTFOUND;
		}

		$user->set('active', $active);
		$user->save();

		// Send an activation notice email to the user if the active flag is set to true.
		if($active){
			try{
				$email = new Email();

				if(!$user->get('password')){
					// Generate a Nonce for this user with the password reset.
					// Use the Nonce system to generate a one-time key with this user's data.
					$nonce = NonceModel::Generate(
						'1 week',
						['type' => 'password-reset', 'user' => $user->get('id')]
					);
					$setpasswordlink = \Core\resolve_link('/datastoreauth/forgotpassword?e=' . urlencode($user->get('email')) . '&n=' . $nonce);
				}
				else{
					$setpasswordlink = null;
				}

				$email->templatename = 'emails/user/activation.tpl';
				$email->assign('user', $user);
				$email->assign('sitename', SITENAME);
				$email->assign('rooturl', ROOT_URL);
				$email->assign('loginurl', \Core\resolve_link('/user/login'));
				$email->assign('setpasswordlink', $setpasswordlink);
				$email->setSubject('Welcome to ' . SITENAME);
				$email->to($user->get('email'));

				// TESTING
				//error_log($email->renderBody());
				$email->send();
			}
			catch(\Exception $e){
				\Core\ErrorManagement\exception_handler($e);
			}
		}

		if($req->isJSON()){
			$view->mode = View::MODE_AJAX;
			$view->contenttype = View::CTYPE_JSON;

			$view->jsondata = array(
				'userid' => $user->get('id'),
				'active' => $user->get('active'),
			);
		}
		else{
			\Core\go_back();
		}
	}
Пример #14
0
	/**
	 * Send the commands to a user to verify they have access to the provided GPG key.
	 *
	 * @param \UserModel $user
	 * @param string     $fingerprint
	 * @param boolean    $cli         Set to false to send non-CLI instructions.
	 *
	 * @return false|string
	 */
	public static function SendVerificationEmail(\UserModel $user, $fingerprint, $cli = true){
		$sentence = trim(\BaconIpsumGenerator::Make_a_Sentence());

		$nonce = \NonceModel::Generate(
			'30 minutes',
			null,
			[
				'sentence' => $sentence,
				'key' => $fingerprint,
				'user' => $user->get('id'),
			]
		);

		$key = $user->get('apikey');
		$url = \Core\resolve_link('/gpgauth/rawverify');
		if($cli){
			$cmd = <<<EOD
echo -n "{$sentence}" \\
| gpg -b -a --default-key $fingerprint \\
| curl --data-binary @- \\
--header "X-Core-Nonce-Key: $nonce" \\
$url

EOD;
		}
		else{
			$cmd = <<<EOD
echo -n "{$sentence}" | gpg -b -a
EOD;
		}


		$email = new \Email();
		$email->templatename = 'emails/user/gpgauth_key_verification.tpl';
		$email->setSubject('GPG Key Change Request');
		$email->assign('key', $fingerprint);
		$email->assign('sentence', $sentence);
		$email->assign('user', $user);
		$email->assign('cmd', $cmd);
		$email->to($user->get('email'));
		$email->setEncryption($fingerprint);

		\SystemLogModel::LogSecurityEvent('/user/gpg/submit', 'Verification requested for key ' . $fingerprint, null, $user->get('id'));

		if(!$email->send()){
			return false;
		}
		else{
			return $nonce;
		}
	}
Пример #15
0
	/**
	 * Send the user's welcome email
	 * 
	 * @throw \Exception
	 */
	public function sendWelcomeEmail(){
		$email = new \Email();
		$email->templatename = 'emails/user/registration.tpl';
		$email->assign('user', $this);
		$email->assign('sitename', SITENAME);
		$email->assign('rooturl', ROOT_URL);
		$email->assign('loginurl', \Core\resolve_link('/user/login'));
		$email->setSubject('Welcome to ' . SITENAME);
		$email->to($this->get('email'));

		// TESTING
		//error_log($email->renderBody());
		$email->send();
	}