/** * Send an HTTP GET to the notification handler with a * challenge string to see if it repsonds correctly. * * @param string $endpoint URL of the notification handler * @param string $feed the feed being subscribed to * * @return boolean success */ function challenge($endpoint, $feed) { $code = common_confirmation_code(128); $params = array('url' => $feed, 'challenge' => $code); $url = $endpoint . '?' . http_build_query($params); try { $client = new HTTPClient(); $response = $client->get($url); } catch (HTTP_Request2_Exception $e) { common_log(LOG_INFO, 'RSSCloud plugin - failure testing notify handler ' . $endpoint . ' - ' . $e->getMessage()); return false; } // Check response is betweet 200 and 299 and body contains challenge data $status = $response->getStatus(); $body = $response->getBody(); if ($status >= 200 && $status < 300) { // NOTE: the spec says that the body must contain the string // challenge. It doesn't say that the body must contain the // challenge string ONLY, although that seems to be the way // the other implementors have interpreted it. if (strpos($body, $code) !== false) { common_log(LOG_INFO, 'RSSCloud plugin - ' . "success testing notify handler: {$endpoint}"); return true; } else { common_log(LOG_INFO, 'RSSCloud plugin - ' . 'challenge/repsonse failed for notify handler ' . $endpoint); common_debug('body = ' . var_export($body, true)); return false; } } else { common_log(LOG_INFO, 'RSSCloud plugin - ' . "failure testing notify handler: {$endpoint} " . ' - got HTTP ' . $status); common_debug('body = ' . var_export($body, true)); return false; } }
static function saveNew($user, $address, $addressType, $extra = null) { $ca = new Confirm_address(); if (!empty($user)) { $ca->user_id = $user->id; } $ca->address = $address; $ca->address_type = $addressType; $ca->address_extra = $extra; $ca->code = common_confirmation_code(64); $ca->insert(); return $ca; }
/** * Sends a confirmation to the address given * * Stores a confirmation record and sends out a * Jabber message with the confirmation info. * * @return void */ function addAddress() { $user = common_current_user(); $jabber = $this->trimmed('jabber'); // Some validation if (!$jabber) { // TRANS: Message given saving IM address without having provided one. $this->showForm(_('No Jabber ID.')); return; } $jabber = jabber_normalize_jid($jabber); if (!$jabber) { // TRANS: Message given saving IM address that cannot be normalised. $this->showForm(_('Cannot normalize that Jabber ID')); return; } if (!jabber_valid_base_jid($jabber, common_config('email', 'domain_check'))) { // TRANS: Message given saving IM address that not valid. $this->showForm(_('Not a valid Jabber ID')); return; } else { if ($user->jabber == $jabber) { // TRANS: Message given saving IM address that is already set. $this->showForm(_('That is already your Jabber ID.')); return; } else { if ($this->jabberExists($jabber)) { // TRANS: Message given saving IM address that is already set for another user. $this->showForm(_('Jabber ID already belongs to another user.')); return; } } } $confirm = new Confirm_address(); $confirm->address = $jabber; $confirm->address_type = 'jabber'; $confirm->user_id = $user->id; $confirm->code = common_confirmation_code(64); $confirm->sent = common_sql_now(); $confirm->claimed = common_sql_now(); $result = $confirm->insert(); if ($result === false) { common_log_db_error($confirm, 'INSERT', __FILE__); // TRANS: Server error thrown on database error adding IM confirmation code. $this->serverError(_('Couldn\'t insert confirmation code.')); return; } jabber_confirm_address($confirm->code, $user->nickname, $jabber); // TRANS: Message given saving valid IM address that is to be confirmed. // TRANS: %s is the IM address set for the site. $msg = sprintf(_('A confirmation code was sent ' . 'to the IM address you added. ' . 'You must approve %s for ' . 'sending messages to you.'), jabber_daemon_address()); $this->showForm($msg, true); }
/** * Add the address passed in by the user * * @return void */ function addAddress() { $user = common_current_user(); $email = $this->trimmed('email'); // Some validation if (!$email) { // TRANS: Message given saving e-mail address without having provided one. $this->showForm(_('No email address.')); return; } $email = common_canonical_email($email); if (!$email) { // TRANS: Message given saving e-mail address that cannot be normalised. $this->showForm(_('Cannot normalize that email address')); return; } if (!Validate::email($email, common_config('email', 'check_domain'))) { // TRANS: Message given saving e-mail address that not valid. $this->showForm(_('Not a valid email address.')); return; } else { if ($user->email == $email) { // TRANS: Message given saving e-mail address that is already set. $this->showForm(_('That is already your email address.')); return; } else { if ($this->emailExists($email)) { // TRANS: Message given saving e-mail address that is already set for another user. $this->showForm(_('That email address already belongs ' . 'to another user.')); return; } } } $confirm = new Confirm_address(); $confirm->address = $email; $confirm->address_type = 'email'; $confirm->user_id = $user->id; $confirm->code = common_confirmation_code(64); $result = $confirm->insert(); if ($result === false) { common_log_db_error($confirm, 'INSERT', __FILE__); // TRANS: Server error thrown on database error adding e-mail confirmation code. $this->serverError(_('Couldn\'t insert confirmation code.')); return; } mail_confirm_address($user, $confirm->code, $user->nickname, $email); // TRANS: Message given saving valid e-mail address that is to be confirmed. $msg = _('A confirmation code was sent to the email address you added. ' . 'Check your inbox (and spam box!) for the code and instructions ' . 'on how to use it.'); $this->showForm($msg, true); }
/** * Sends a confirmation to the address given * * Stores a confirmation record and sends out a * message with the confirmation info. * * @return void */ function addAddress() { $screenname = $this->trimmed('screenname'); $transport = $this->trimmed('transport'); // Some validation if (empty($screenname)) { // TRANS: Message given saving IM address without having provided one. throw new ClientException(_('No screenname.')); } if (empty($transport)) { // TRANS: Form validation error when no transport is available setting an IM address. throw new ClientException(_('No transport.')); } Event::handle('NormalizeImScreenname', array($transport, &$screenname)); if (empty($screenname)) { // TRANS: Message given saving IM address that cannot be normalised. throw new ClientException(_('Cannot normalize that screenname.')); } $valid = false; Event::handle('ValidateImScreenname', array($transport, $screenname, &$valid)); if (!$valid) { // TRANS: Message given saving IM address that not valid. throw new ClientException(_('Not a valid screenname.')); } else { if ($this->screennameExists($transport, $screenname)) { // TRANS: Message given saving IM address that is already set for another user. throw new ClientException(_('Screenname already belongs to another user.')); } } $confirm = new Confirm_address(); $confirm->address = $screenname; $confirm->address_type = $transport; $confirm->user_id = $this->scoped->getID(); $confirm->code = common_confirmation_code(64); $confirm->sent = common_sql_now(); $confirm->claimed = common_sql_now(); $result = $confirm->insert(); if ($result === false) { common_log_db_error($confirm, 'INSERT', __FILE__); // TRANS: Server error thrown on database error adding Instant Messaging confirmation code. $this->serverError(_('Could not insert confirmation code.')); } Event::handle('SendImConfirmationCode', array($transport, $screenname, $confirm->code, $this->scoped)); // TRANS: Message given saving valid IM address that is to be confirmed. return _('A confirmation code was sent to the IM address you added.'); }
static function filename(Profile $profile, $origname, $mimetype) { $ext = self::guessMimeExtension($mimetype); // Normalize and make the original filename more URL friendly. $origname = basename($origname, ".{$ext}"); if (class_exists('Normalizer')) { // http://php.net/manual/en/class.normalizer.php // http://www.unicode.org/reports/tr15/ $origname = Normalizer::normalize($origname, Normalizer::FORM_KC); } $origname = preg_replace('/[^A-Za-z0-9\\.\\_]/', '_', $origname); $nickname = $profile->getNickname(); $datestamp = strftime('%Y%m%d', time()); do { // generate new random strings until we don't run into a filename collision. $random = strtolower(common_confirmation_code(16)); $filename = "{$nickname}-{$datestamp}-{$origname}-{$random}.{$ext}"; } while (file_exists(self::path($filename))); return $filename; }
/** * Add the address passed in by the user * * @return void */ function addAddress() { $user = common_current_user(); $email = $this->trimmed('email'); // Some validation if (!$email) { $this->showForm(_('未填写邮箱地址')); return; } $email = common_canonical_email($email); if (!$email) { $this->showForm(_('邮件地址格式错误')); return; } if (!Validate::email($email, common_config('email', 'check_domain'))) { $this->showForm(_('邮件地址格式错误')); return; } else { if ($user->email == $email) { $this->showForm(_('新邮件地址与原邮件地址相同')); return; } else { if ($this->emailExists($email)) { $this->showForm(_('此邮件地址属于其他用户')); return; } } } $confirm = new Confirm_address(); $confirm->address = $email; $confirm->address_type = 'email'; $confirm->user_id = $user->id; $confirm->code = common_confirmation_code(64); $result = $confirm->insert(); if ($result === false) { common_log_db_error($confirm, 'INSERT', __FILE__); $this->serverError(_('生成验证邮件失败,请返回重试')); return; } mail_confirm_address($user, $confirm->code, $user->nickname, $email); $msg = _('验证邮件已经发送,请稍候查看邮箱以确认验证信息'); $this->showForm($msg, true); }
/** * generate a new address for incoming messages * * @todo check the database for uniqueness * * @return string new email address for incoming messages */ function mail_new_incoming_address() { $prefix = common_confirmation_code(64); $suffix = mail_domain(); return $prefix . '@' . $suffix; }
static function filename($profile, $basename, $mimetype) { require_once 'MIME/Type/Extension.php'; // We have to temporarily disable auto handling of PEAR errors... PEAR::staticPushErrorHandling(PEAR_ERROR_RETURN); $mte = new MIME_Type_Extension(); $ext = $mte->getExtension($mimetype); if (PEAR::isError($ext)) { $ext = strtolower(preg_replace('/\\W/', '', $mimetype)); } // Restore error handling. PEAR::staticPopErrorHandling(); $nickname = $profile->nickname; $datestamp = strftime('%Y%m%dT%H%M%S', time()); $random = strtolower(common_confirmation_code(32)); return "{$nickname}-{$datestamp}-{$random}.{$ext}"; }
function recoverPassword() { $nore = $this->trimmed('nicknameoremail'); if (!$nore) { $this->showForm(_('Enter a nickname or email address.')); return; } $user = User::staticGet('email', common_canonical_email($nore)); if (!$user) { $user = User::staticGet('nickname', common_canonical_nickname($nore)); } # See if it's an unconfirmed email address if (!$user) { $confirm_email = Confirm_address::staticGet('address', common_canonical_email($nore)); if ($confirm_email && $confirm_email->address_type == 'email') { $user = User::staticGet($confirm_email->user_id); } } if (!$user) { $this->showForm(_('No user with that email address or username.')); return; } # Try to get an unconfirmed email address if they used a user name if (!$user->email && !$confirm_email) { $confirm_email = Confirm_address::staticGet('user_id', $user->id); if ($confirm_email && $confirm_email->address_type != 'email') { # Skip non-email confirmations $confirm_email = null; } } if (!$user->email && !$confirm_email) { $this->clientError(_('No registered email address for that user.')); return; } # Success! We have a valid user and a confirmed or unconfirmed email address $confirm = new Confirm_address(); $confirm->code = common_confirmation_code(128); $confirm->address_type = 'recover'; $confirm->user_id = $user->id; $confirm->address = isset($user->email) ? $user->email : $confirm_email->address; if (!$confirm->insert()) { common_log_db_error($confirm, 'INSERT', __FILE__); $this->serverError(_('Error saving address confirmation.')); return; } $body = "Hey, {$user->nickname}."; $body .= "\n\n"; $body .= 'Someone just asked for a new password ' . 'for this account on ' . common_config('site', 'name') . '.'; $body .= "\n\n"; $body .= 'If it was you, and you want to confirm, use the URL below:'; $body .= "\n\n"; $body .= "\t" . common_local_url('recoverpassword', array('code' => $confirm->code)); $body .= "\n\n"; $body .= 'If not, just ignore this message.'; $body .= "\n\n"; $body .= 'Thanks for your time, '; $body .= "\n"; $body .= common_config('site', 'name'); $body .= "\n"; mail_to_user($user, _('Password recovery requested'), $body, $confirm->address); $this->mode = 'sent'; $this->msg = _('Instructions for recovering your password ' . 'have been sent to the email address registered to your ' . 'account.'); $this->success = true; $this->showPage(); }
function sendInvitation($email, $user, $personal) { $profile = $user->getProfile(); $bestname = $profile->getBestName(); $sitename = common_config('site', 'name'); $invite = new Invitation(); $invite->address = $email; $invite->address_type = 'email'; $invite->code = common_confirmation_code(128); $invite->user_id = $user->id; $invite->created = common_sql_now(); if (!$invite->insert()) { common_log_db_error($invite, 'INSERT', __FILE__); return false; } $recipients = array($email); $headers['From'] = mail_notify_from(); $headers['To'] = trim($email); $headers['Subject'] = sprintf(_('%1$s has invited you to join them on %2$s'), $bestname, $sitename); $body = sprintf(_("%1\$s has invited you to join them on %2\$s (%3\$s).\n\n" . "%2\$s is a micro-blogging service that lets you keep up-to-date with people you know and people who interest you.\n\n" . "You can also share news about yourself, your thoughts, or your life online with people who know about you. " . "It's also great for meeting new people who share your interests.\n\n" . "%1\$s said:\n\n%4\$s\n\n" . "You can see %1\$s's profile page on %2\$s here:\n\n" . "%5\$s\n\n" . "If you'd like to try the service, click on the link below to accept the invitation.\n\n" . "%6\$s\n\n" . "If not, you can ignore this message. Thanks for your patience and your time.\n\n" . "Sincerely, %2\$s\n"), $bestname, $sitename, common_root_url(), $personal, common_local_url('showstream', array('nickname' => $user->nickname)), common_local_url('register', array('code' => $invite->code))); mail_send($recipients, $headers, $body); }
/** * Add the address passed in by the user * * @return void */ function addAddress() { $user = $this->scoped->getUser(); $email = $this->trimmed('email'); // Some validation if (empty($email)) { // TRANS: Message given saving e-mail address without having provided one. throw new ClientException(_('No email address.')); } $email = common_canonical_email($email); if (empty($email)) { // TRANS: Message given saving e-mail address that cannot be normalised. throw new ClientException(_('Cannot normalize that email address.')); } if (!Validate::email($email, common_config('email', 'check_domain'))) { // TRANS: Message given saving e-mail address that not valid. throw new ClientException(_('Not a valid email address.')); } else { if ($user->email == $email) { // TRANS: Message given saving e-mail address that is already set. throw new ClientException(_('That is already your email address.')); } else { if ($this->emailExists($email)) { // TRANS: Message given saving e-mail address that is already set for another user. throw new ClientException(_('That email address already belongs to another user.')); } } } if (Event::handle('StartAddEmailAddress', array($user, $email))) { $confirm = new Confirm_address(); $confirm->address = $email; $confirm->address_type = 'email'; $confirm->user_id = $user->getID(); $confirm->code = common_confirmation_code(64); $result = $confirm->insert(); if ($result === false) { common_log_db_error($confirm, 'INSERT', __FILE__); // TRANS: Server error thrown on database error adding e-mail confirmation code. throw new ServerException(_('Could not insert confirmation code.')); } common_debug('Sending confirmation address for user ' . $user->getID() . ' to email ' . $email); mail_confirm_address($user, $confirm->code, $user->getNickname(), $email); Event::handle('EndAddEmailAddress', array($user, $email)); } // TRANS: Message given saving valid e-mail address that is to be confirmed. return _('A confirmation code was sent to the email address you added. ' . 'Check your inbox (and spam box!) for the code and instructions ' . 'on how to use it.'); }
static function recoverPassword($nore) { // $confirm_email will be used as a fallback if our user doesn't have a confirmed email $confirm_email = null; if (common_is_email($nore)) { $user = User::getKV('email', common_canonical_email($nore)); // See if it's an unconfirmed email address if (!$user instanceof User) { // Warning: it may actually be legit to have multiple folks // who have claimed, but not yet confirmed, the same address. // We'll only send to the first one that comes up. $confirm_email = new Confirm_address(); $confirm_email->address = common_canonical_email($nore); $confirm_email->address_type = 'email'; if ($confirm_email->find(true)) { $user = User::getKV('id', $confirm_email->user_id); } } // No luck finding anyone by that email address. if (!$user instanceof User) { if (common_config('site', 'fakeaddressrecovery')) { // Return without actually doing anything! We fake address recovery // to avoid revealing which email addresses are registered with the site. return; } // TRANS: Information on password recovery form if no known e-mail address was specified. throw new ClientException(_('No user with that email address exists here.')); } } else { // This might throw a NicknameException on bad nicknames $user = User::getKV('nickname', common_canonical_nickname($nore)); if (!$user instanceof User) { // TRANS: Information on password recovery form if no known username was specified. throw new ClientException(_('No user with that nickname exists here.')); } } // Try to get an unconfirmed email address if they used a user name if (empty($user->email) && $confirm_email === null) { $confirm_email = new Confirm_address(); $confirm_email->user_id = $user->id; $confirm_email->address_type = 'email'; $confirm_email->find(); if (!$confirm_email->fetch()) { // Nothing found, so let's reset it to null $confirm_email = null; } } if (empty($user->email) && !$confirm_email instanceof Confirm_address) { // TRANS: Client error displayed on password recovery form if a user does not have a registered e-mail address. throw new ClientException(_('No registered email address for that user.')); } // Success! We have a valid user and a confirmed or unconfirmed email address $confirm = new Confirm_address(); $confirm->code = common_confirmation_code(128); $confirm->address_type = 'recover'; $confirm->user_id = $user->id; $confirm->address = $user->email ?: $confirm_email->address; if (!$confirm->insert()) { common_log_db_error($confirm, 'INSERT', __FILE__); // TRANS: Server error displayed if e-mail address confirmation fails in the database on the password recovery form. throw new ServerException(_('Error saving address confirmation.')); } // @todo FIXME: needs i18n. $body = "Hey, {$user->nickname}."; $body .= "\n\n"; $body .= 'Someone just asked for a new password ' . 'for this account on ' . common_config('site', 'name') . '.'; $body .= "\n\n"; $body .= 'If it was you, and you want to confirm, use the URL below:'; $body .= "\n\n"; $body .= "\t" . common_local_url('recoverpassword', array('code' => $confirm->code)); $body .= "\n\n"; $body .= 'If not, just ignore this message.'; $body .= "\n\n"; $body .= 'Thanks for your time, '; $body .= "\n"; $body .= common_config('site', 'name'); $body .= "\n"; $headers = _mail_prepare_headers('recoverpassword', $user->nickname, $user->nickname); // TRANS: Subject for password recovery e-mail. mail_to_user($user, _('Password recovery requested'), $body, $headers, $confirm->address); }
function sendInvitation($email, $user, $personal) { $profile = $user->getProfile(); $bestname = $profile->getBestName(); $sitename = common_config('site', 'name'); $invite = new Invitation(); $invite->address = $email; $invite->address_type = 'email'; $invite->code = common_confirmation_code(128); $invite->user_id = $user->id; $invite->created = common_sql_now(); if (!$invite->insert()) { common_log_db_error($invite, 'INSERT', __FILE__); return false; } $confirmUrl = common_local_url('register', array('code' => $invite->code)); $recipients = array($email); $headers['From'] = mail_notify_from(); $headers['To'] = trim($email); $headers['Content-Type'] = 'text/html; charset=UTF-8'; // TRANS: Subject for invitation email. Note that 'them' is correct as a gender-neutral // TRANS: singular 3rd-person pronoun in English. %1$s is the inviting user, $2$s is // TRANS: the StatusNet sitename. $headers['Subject'] = sprintf(_('%1$s has invited you to join them on %2$s'), $bestname, $sitename); $title = empty($personal) ? 'invite' : 'invitepersonal'; // @todo FIXME: i18n issue. $inviteTemplate = DocFile::forTitle($title, DocFile::mailPaths()); $body = $inviteTemplate->toHTML(array('inviter' => $bestname, 'inviterurl' => $profile->profileurl, 'confirmurl' => $confirmUrl, 'personal' => $personal)); common_debug('Confirm URL is ' . common_local_url('register', array('code' => $invite->code))); mail_send($recipients, $headers, $body); }
/** * Add a new SMS number for confirmation * * When the user requests a new SMS number, sends a confirmation * message. * * @return void */ function addAddress() { $user = common_current_user(); $sms = $this->trimmed('sms'); $carrier_id = $this->trimmed('carrier'); // Some validation if (!$sms) { // TRANS: Message given saving SMS phone number without having provided one. $this->showForm(_('No phone number.')); return; } if (!$carrier_id) { // TRANS: Message given saving SMS phone number without having selected a carrier. $this->showForm(_('No carrier selected.')); return; } $sms = common_canonical_sms($sms); if ($user->sms == $sms) { // TRANS: Message given saving SMS phone number that is already set. $this->showForm(_('That is already your phone number.')); return; } else { if ($this->smsExists($sms)) { // TRANS: Message given saving SMS phone number that is already set for another user. $this->showForm(_('That phone number already belongs to another user.')); return; } } $confirm = new Confirm_address(); $confirm->address = $sms; $confirm->address_extra = $carrier_id; $confirm->address_type = 'sms'; $confirm->user_id = $user->id; $confirm->code = common_confirmation_code(40); $result = $confirm->insert(); if ($result === false) { common_log_db_error($confirm, 'INSERT', __FILE__); // TRANS: Server error thrown on database error adding SMS confirmation code. $this->serverError(_('Could not insert confirmation code.')); return; } $carrier = Sms_carrier::staticGet($carrier_id); mail_confirm_sms($confirm->code, $user->nickname, $carrier->toEmailAddress($sms)); // TRANS: Message given saving valid SMS phone number that is to be confirmed. $msg = _('A confirmation code was sent to the phone number you added. ' . 'Check your phone for the code and instructions ' . 'on how to use it.'); $this->showForm($msg, true); }
} } } else { print "Faltan parámetros\n"; exit(1); } } } // Si hemos llegado aquí es que hay usuario o grupo válido. foreach ($members as $member) { $user = $member->getUser(); if (empty($user->email)) { print "El usuario '{$user->nickname}' no tiene email registrado.\n"; } else { $confirm = new Confirm_address(); $confirm->code = common_confirmation_code(128); $confirm->address_type = 'recover'; $confirm->user_id = $user->id; $confirm->address = !empty($user->email) ? $user->email : $confirm_email->address; if (!$confirm->insert()) { common_log_db_error($confirm, 'INSERT', __FILE__); // TRANS: Server error displayed if e-mail address confirmation fails in the database on the password recovery form. throw new ServerException(_('Error saving address confirmation.')); return; } //Creamos el correo $subject = "¡Bienvenido a " . common_config('site', 'name') . "!"; $body = crearEmail($user, $confirm); print "Enviando correo a {$user->nickname}..."; if (mail_to_user($user, $subject, $body)) { print " Enviado.\n";
/** * Add the address passed in by the user * * @return void */ function addAddress() { $user = common_current_user(); $email = $this->trimmed('email'); // Some validation if (!$email) { $this->showForm(_('No email address.')); return; } $email = common_canonical_email($email); if (!$email) { $this->showForm(_('Cannot normalize that email address')); return; } if (!Validate::email($email, true)) { $this->showForm(_('Not a valid email address')); return; } else { if ($user->email == $email) { $this->showForm(_('That is already your email address.')); return; } else { if ($this->emailExists($email)) { $this->showForm(_('That email address already belongs ' . 'to another user.')); return; } } } $confirm = new Confirm_address(); $confirm->address = $email; $confirm->address_type = 'email'; $confirm->user_id = $user->id; $confirm->code = common_confirmation_code(64); $result = $confirm->insert(); if ($result === false) { common_log_db_error($confirm, 'INSERT', __FILE__); $this->serverError(_('Couldn\'t insert confirmation code.')); return; } mail_confirm_address($user, $confirm->code, $user->nickname, $email); $msg = _('A confirmation code was sent to the email address you added. ' . 'Check your inbox (and spam box!) for the code and instructions ' . 'on how to use it.'); $this->showForm($msg, true); }
/** * Sends a confirmation to the address given * * Stores a confirmation record and sends out a * Jabber message with the confirmation info. * * @return void */ function addAddress() { $user = common_current_user(); $jabber = $this->trimmed('jabber'); // Some validation if (!$jabber) { $this->showForm(_('No Jabber ID.')); return; } $jabber = jabber_normalize_jid($jabber); if (!$jabber) { $this->showForm(_('Cannot normalize that Jabber ID')); return; } if (!jabber_valid_base_jid($jabber)) { $this->showForm(_('Not a valid Jabber ID')); return; } else { if ($user->jabber == $jabber) { $this->showForm(_('That is already your Jabber ID.')); return; } else { if ($this->jabberExists($jabber)) { $this->showForm(_('Jabber ID already belongs to another user.')); return; } } } $confirm = new Confirm_address(); $confirm->address = $jabber; $confirm->address_type = 'jabber'; $confirm->user_id = $user->id; $confirm->code = common_confirmation_code(64); $result = $confirm->insert(); if ($result === false) { common_log_db_error($confirm, 'INSERT', __FILE__); $this->serverError(_('Couldn\'t insert confirmation code.')); return; } if (!common_config('queue', 'enabled')) { jabber_confirm_address($confirm->code, $user->nickname, $jabber); } $msg = sprintf(_('A confirmation code was sent ' . 'to the IM address you added. ' . 'You must approve %s for ' . 'sending messages to you.'), jabber_daemon_address()); $this->showForm($msg, true); }
static function recoverPassword($nore) { $user = User::staticGet('email', common_canonical_email($nore)); if (!$user) { try { $user = User::staticGet('nickname', common_canonical_nickname($nore)); } catch (NicknameException $e) { // invalid } } // See if it's an unconfirmed email address if (!$user) { // Warning: it may actually be legit to have multiple folks // who have claimed, but not yet confirmed, the same address. // We'll only send to the first one that comes up. $confirm_email = new Confirm_address(); $confirm_email->address = common_canonical_email($nore); $confirm_email->address_type = 'email'; $confirm_email->find(); if ($confirm_email->fetch()) { $user = User::staticGet($confirm_email->user_id); } else { $confirm_email = null; } } else { $confirm_email = null; } if (!$user) { // TRANS: Information on password recovery form if no known username or e-mail address was specified. throw new ClientException(_('No user with that email address or username.')); return; } // Try to get an unconfirmed email address if they used a user name if (!$user->email && !$confirm_email) { $confirm_email = new Confirm_address(); $confirm_email->user_id = $user->id; $confirm_email->address_type = 'email'; $confirm_email->find(); if (!$confirm_email->fetch()) { $confirm_email = null; } } if (!$user->email && !$confirm_email) { // TRANS: Client error displayed on password recovery form if a user does not have a registered e-mail address. throw new ClientException(_('No registered email address for that user.')); return; } // Success! We have a valid user and a confirmed or unconfirmed email address $confirm = new Confirm_address(); $confirm->code = common_confirmation_code(128); $confirm->address_type = 'recover'; $confirm->user_id = $user->id; $confirm->address = !empty($user->email) ? $user->email : $confirm_email->address; if (!$confirm->insert()) { common_log_db_error($confirm, 'INSERT', __FILE__); // TRANS: Server error displayed if e-mail address confirmation fails in the database on the password recovery form. throw new ServerException(_('Error saving address confirmation.')); return; } // @todo FIXME: needs i18n. $body = "Hola, {$user->nickname}."; $body .= "\n\n"; $body .= 'Alguien ha solicitado una nueva contraseña ' . 'para esta cuenta en ' . common_config('site', 'name') . '.'; $body .= "\n\n"; $body .= 'Si has sido tú, y quieres modificarla, pulsa en el enlace de abajo:'; $body .= "\n\n"; $body .= "\t" . common_local_url('recoverpassword', array('code' => $confirm->code)); $body .= "\n\n"; $body .= 'Si no, puedes ignorar y eliminar este mensaje.'; $body .= "\n\n"; $body .= 'Gracias por tu tiempo, '; $body .= "\n"; $body .= common_config('site', 'name'); $body .= "\n"; $headers = _mail_prepare_headers('recoverpassword', $user->nickname, $user->nickname); // TRANS: Subject for password recovery e-mail. mail_to_user($user, _('Solicitud de recuperación de contraseña'), $body, $headers, $confirm->address); }
static function filename($profile, $basename, $mimetype) { require_once 'MIME/Type/Extension.php'; $mte = new MIME_Type_Extension(); try { $ext = $mte->getExtension($mimetype); } catch (Exception $e) { $ext = strtolower(preg_replace('/\\W/', '', $mimetype)); } $nickname = $profile->nickname; $datestamp = strftime('%Y%m%dT%H%M%S', time()); $random = strtolower(common_confirmation_code(32)); return "{$nickname}-{$datestamp}-{$random}.{$ext}"; }
/** * Register a new user account and profile and set up default subscriptions. * If a new-user welcome message is configured, this will be sent. * * @param array $fields associative array of optional properties * string 'bio' * string 'email' * bool 'email_confirmed' pass true to mark email as pre-confirmed * string 'fullname' * string 'homepage' * string 'location' informal string description of geolocation * float 'lat' decimal latitude for geolocation * float 'lon' decimal longitude for geolocation * int 'location_id' geoname identifier * int 'location_ns' geoname namespace to interpret location_id * string 'nickname' REQUIRED * string 'password' (may be missing for eg OpenID registrations) * string 'code' invite code * ?string 'uri' permalink to notice; defaults to local notice URL * @return mixed User object or false on failure */ static function register($fields) { // MAGICALLY put fields into current scope extract($fields); $profile = new Profile(); if (!empty($email)) { $email = common_canonical_email($email); } $nickname = common_canonical_nickname($nickname); $profile->nickname = $nickname; if (!User::allowed_nickname($nickname)) { common_log(LOG_WARNING, sprintf("Attempted to register a nickname that is not allowed: %s", $profile->nickname), __FILE__); return false; } $profile->profileurl = common_profile_url($nickname); if (!empty($fullname)) { $profile->fullname = $fullname; } if (!empty($homepage)) { $profile->homepage = $homepage; } if (!empty($bio)) { $profile->bio = $bio; } if (!empty($location)) { $profile->location = $location; $loc = Location::fromName($location); if (!empty($loc)) { $profile->lat = $loc->lat; $profile->lon = $loc->lon; $profile->location_id = $loc->location_id; $profile->location_ns = $loc->location_ns; } } $profile->created = common_sql_now(); $user = new User(); $user->nickname = $nickname; // Users who respond to invite email have proven their ownership of that address if (!empty($code)) { $invite = Invitation::staticGet($code); if ($invite && $invite->address && $invite->address_type == 'email' && $invite->address == $email) { $user->email = $invite->address; } } if (isset($email_confirmed) && $email_confirmed) { $user->email = $email; } // This flag is ignored but still set to 1 $user->inboxed = 1; // Set default-on options here, otherwise they'll be disabled // initially for sites using caching, since the initial encache // doesn't know about the defaults in the database. $user->emailnotifysub = 1; $user->emailnotifyfav = 1; $user->emailnotifynudge = 1; $user->emailnotifymsg = 1; $user->emailnotifyattn = 1; $user->emailmicroid = 1; $user->emailpost = 1; $user->jabbermicroid = 1; $user->viewdesigns = 1; $user->created = common_sql_now(); if (Event::handle('StartUserRegister', array(&$user, &$profile))) { $profile->query('BEGIN'); $id = $profile->insert(); if (empty($id)) { common_log_db_error($profile, 'INSERT', __FILE__); return false; } $user->id = $id; if (!empty($uri)) { $user->uri = $uri; } else { $user->uri = common_user_uri($user); } if (!empty($password)) { // may not have a password for OpenID users $user->password = common_munge_password($password, $id); } $result = $user->insert(); if (!$result) { common_log_db_error($user, 'INSERT', __FILE__); return false; } // Everyone gets an inbox $inbox = new Inbox(); $inbox->user_id = $user->id; $inbox->notice_ids = ''; $result = $inbox->insert(); if (!$result) { common_log_db_error($inbox, 'INSERT', __FILE__); return false; } // Everyone is subscribed to themself $subscription = new Subscription(); $subscription->subscriber = $user->id; $subscription->subscribed = $user->id; $subscription->created = $user->created; $result = $subscription->insert(); if (!$result) { common_log_db_error($subscription, 'INSERT', __FILE__); return false; } if (!empty($email) && !$user->email) { $confirm = new Confirm_address(); $confirm->code = common_confirmation_code(128); $confirm->user_id = $user->id; $confirm->address = $email; $confirm->address_type = 'email'; $result = $confirm->insert(); if (!$result) { common_log_db_error($confirm, 'INSERT', __FILE__); return false; } } if (!empty($code) && $user->email) { $user->emailChanged(); } // Default system subscription $defnick = common_config('newuser', 'default'); if (!empty($defnick)) { $defuser = User::staticGet('nickname', $defnick); if (empty($defuser)) { common_log(LOG_WARNING, sprintf("Default user %s does not exist.", $defnick), __FILE__); } else { Subscription::start($user, $defuser); } } $profile->query('COMMIT'); if (!empty($email) && !$user->email) { mail_confirm_address($user, $confirm->code, $profile->nickname, $email); } // Welcome message $welcome = common_config('newuser', 'welcome'); if (!empty($welcome)) { $welcomeuser = User::staticGet('nickname', $welcome); if (empty($welcomeuser)) { common_log(LOG_WARNING, sprintf("Welcome user %s does not exist.", $defnick), __FILE__); } else { $notice = Notice::saveNew($welcomeuser->id, sprintf(_('Welcome to %1$s, @%2$s!'), common_config('site', 'name'), $user->nickname), 'system'); } } Event::handle('EndUserRegister', array(&$profile, &$user)); } return $user; }
function recoverPassword() { $nore = $this->trimmed('nicknameoremail'); if (!$nore) { // TRANS: Form instructions for password recovery form. $this->showForm(_('Enter a nickname or email address.')); return; } $user = User::staticGet('email', common_canonical_email($nore)); if (!$user) { try { $user = User::staticGet('nickname', common_canonical_nickname($nore)); } catch (NicknameException $e) { // invalid } } # See if it's an unconfirmed email address if (!$user) { // Warning: it may actually be legit to have multiple folks // who have claimed, but not yet confirmed, the same address. // We'll only send to the first one that comes up. $confirm_email = new Confirm_address(); $confirm_email->address = common_canonical_email($nore); $confirm_email->address_type = 'email'; $confirm_email->find(); if ($confirm_email->fetch()) { $user = User::staticGet($confirm_email->user_id); } else { $confirm_email = null; } } else { $confirm_email = null; } if (!$user) { // TRANS: Information on password recovery form if no known username or e-mail address was specified. $this->showForm(_('No user with that email address or username.')); return; } # Try to get an unconfirmed email address if they used a user name if (!$user->email && !$confirm_email) { $confirm_email = new Confirm_address(); $confirm_email->user_id = $user->id; $confirm_email->address_type = 'email'; $confirm_email->find(); if (!$confirm_email->fetch()) { $confirm_email = null; } } if (!$user->email && !$confirm_email) { // TRANS: Client error displayed on password recovery form if a user does not have a registered e-mail address. $this->clientError(_('No registered email address for that user.')); return; } # Success! We have a valid user and a confirmed or unconfirmed email address $confirm = new Confirm_address(); $confirm->code = common_confirmation_code(128); $confirm->address_type = 'recover'; $confirm->user_id = $user->id; $confirm->address = !empty($user->email) ? $user->email : $confirm_email->address; if (!$confirm->insert()) { common_log_db_error($confirm, 'INSERT', __FILE__); // TRANS: Server error displayed if e-mail address confirmation fails in the database on the password recovery form. $this->serverError(_('Error saving address confirmation.')); return; } // @todo FIXME: needs i18n. $body = "Hey, {$user->nickname}."; $body .= "\n\n"; $body .= 'Someone just asked for a new password ' . 'for this account on ' . common_config('site', 'name') . '.'; $body .= "\n\n"; $body .= 'If it was you, and you want to confirm, use the URL below:'; $body .= "\n\n"; $body .= "\t" . common_local_url('recoverpassword', array('code' => $confirm->code)); $body .= "\n\n"; $body .= 'If not, just ignore this message.'; $body .= "\n\n"; $body .= 'Thanks for your time, '; $body .= "\n"; $body .= common_config('site', 'name'); $body .= "\n"; $headers = _mail_prepare_headers('recoverpassword', $user->nickname, $user->nickname); // TRANS: Subject for password recovery e-mail. mail_to_user($user, _('Password recovery requested'), $body, $headers, $confirm->address); $this->mode = 'sent'; // TRANS: User notification after an e-mail with instructions was sent from the password recovery form. $this->msg = _('Instructions for recovering your password ' . 'have been sent to the email address registered to your ' . 'account.'); $this->success = true; $this->showPage(); }
static function register($fields) { # MAGICALLY put fields into current scope extract($fields); $profile = new Profile(); $profile->query('BEGIN'); $profile->nickname = $nickname; $profile->profileurl = common_profile_url($nickname); if (!empty($fullname)) { $profile->fullname = $fullname; } if (!empty($homepage)) { $profile->homepage = $homepage; } if (!empty($bio)) { $profile->bio = $bio; } if (!empty($location)) { $profile->location = $location; } $profile->created = common_sql_now(); $id = $profile->insert(); if (empty($id)) { common_log_db_error($profile, 'INSERT', __FILE__); return false; } $user = new User(); $user->id = $id; $user->nickname = $nickname; if (!empty($password)) { # may not have a password for OpenID users $user->password = common_munge_password($password, $id); } # Users who respond to invite email have proven their ownership of that address if (!empty($code)) { $invite = Invitation::staticGet($code); if ($invite && $invite->address && $invite->address_type == 'email' && $invite->address == $email) { $user->email = $invite->address; } } $inboxes = common_config('inboxes', 'enabled'); if ($inboxes === true || $inboxes == 'transitional') { $user->inboxed = 1; } $user->created = common_sql_now(); $user->uri = common_user_uri($user); $result = $user->insert(); if (!$result) { common_log_db_error($user, 'INSERT', __FILE__); return false; } # Everyone is subscribed to themself $subscription = new Subscription(); $subscription->subscriber = $user->id; $subscription->subscribed = $user->id; $subscription->created = $user->created; $result = $subscription->insert(); if (!$result) { common_log_db_error($subscription, 'INSERT', __FILE__); return false; } if (!empty($email) && !$user->email) { $confirm = new Confirm_address(); $confirm->code = common_confirmation_code(128); $confirm->user_id = $user->id; $confirm->address = $email; $confirm->address_type = 'email'; $result = $confirm->insert(); if (!$result) { common_log_db_error($confirm, 'INSERT', __FILE__); return false; } } if (!empty($code) && $user->email) { $user->emailChanged(); } $profile->query('COMMIT'); if ($email && !$user->email) { mail_confirm_address($user, $confirm->code, $profile->nickname, $email); } return $user; }