static function saveNew($user, $address, $addressType, $extra = null)
{
$ca = new Confirm_address();
if (!empty($user)) {
$ca->user_id = $user->id;
}
$ca->address = $address;
$ca->address_type = $addressType;
$ca->address_extra = $extra;
$ca->code = common_confirmation_code(64);
$ca->insert();
return $ca;
}
/**
* Accept a confirmation code
*
* Checks the code and confirms the address in the
* user record
*
* @param args $args $_REQUEST array
*
* @return void
*/
function handle($args)
{
parent::handle($args);
if (!common_logged_in()) {
common_set_returnto($this->selfUrl());
common_redirect(common_local_url('login'));
return;
}
$code = $this->trimmed('code');
if (!$code) {
$this->clientError(_('No confirmation code.'));
return;
}
$confirm = Confirm_address::staticGet('code', $code);
if (!$confirm) {
$this->clientError(_('Confirmation code not found.'));
return;
}
$cur = common_current_user();
if ($cur->id != $confirm->user_id) {
$this->clientError(_('That confirmation code is not for you!'));
return;
}
$type = $confirm->address_type;
if (!in_array($type, array('email', 'jabber', 'sms'))) {
$this->serverError(sprintf(_('Unrecognized address type %s'), $type));
return;
}
if ($cur->{$type} == $confirm->address) {
$this->clientError(_('That address has already been confirmed.'));
return;
}
$cur->query('BEGIN');
$orig_user = clone $cur;
$cur->{$type} = $confirm->address;
if ($type == 'sms') {
$cur->carrier = $confirm->address_extra + 0;
$carrier = Sms_carrier::staticGet($cur->carrier);
$cur->smsemail = $carrier->toEmailAddress($cur->sms);
}
$result = $cur->updateKeys($orig_user);
if (!$result) {
common_log_db_error($cur, 'UPDATE', __FILE__);
$this->serverError(_('Couldn\'t update user.'));
return;
}
if ($type == 'email') {
$cur->emailChanged();
}
$result = $confirm->delete();
if (!$result) {
common_log_db_error($confirm, 'DELETE', __FILE__);
$this->serverError(_('Couldn\'t delete email confirmation.'));
return;
}
$cur->query('COMMIT');
$this->type = $type;
$this->showPage();
}
/**
* Handle the site
*
* @param array $remitem type of reminder to send and any special options
* @return boolean true on success, false on failure
*/
function handle($remitem)
{
list($type, $opts) = $remitem;
$qm = QueueManager::get();
try {
switch ($type) {
case UserConfirmRegReminderHandler::REGISTER_REMINDER:
$confirm = new Confirm_address();
$confirm->address_type = $type;
$confirm->find();
while ($confirm->fetch()) {
try {
$qm->enqueue(array($confirm, $opts), 'uregrem');
} catch (Exception $e) {
common_log(LOG_WARNING, $e->getMessage());
continue;
}
}
break;
case UserInviteReminderHandler::INVITE_REMINDER:
$invitation = new Invitation();
// Only send one reminder (the latest one), regardless of how many invitations a user has
$sql = 'SELECT * FROM (SELECT * FROM invitation WHERE registered_user_id IS NULL ORDER BY created DESC) invitees GROUP BY invitees.address';
$invitation->query($sql);
while ($invitation->fetch()) {
try {
$qm->enqueue(array($invitation, $opts), 'uinvrem');
} catch (Exception $e) {
common_log(LOG_WARNING, $e->getMessage());
continue;
}
}
break;
default:
// WTF?
common_log(LOG_ERR, "Received unknown confirmation address type", __FILE__);
}
} catch (Exception $e) {
common_log(LOG_ERR, $e->getMessage());
return false;
}
return true;
}
function checkCode()
{
$code = $this->trimmed('code');
$confirm = Confirm_address::staticGet('code', $code);
if (!$confirm) {
// TRANS: Client error displayed when password recovery code is not correct.
$this->clientError(_('No such recovery code.'));
return;
}
if ($confirm->address_type != 'recover') {
// TRANS: Client error displayed when no proper password recovery code was submitted.
$this->clientError(_('Not a recovery code.'));
return;
}
$user = User::staticGet($confirm->user_id);
if (!$user) {
// TRANS: Server error displayed trying to recover password without providing a user.
$this->serverError(_('Recovery code for unknown user.'));
return;
}
$touched = strtotime($confirm->modified);
$email = $confirm->address;
// Burn this code
$result = $confirm->delete();
if (!$result) {
common_log_db_error($confirm, 'DELETE', __FILE__);
// TRANS: Server error displayed removing a password recovery code from the database.
$this->serverError(_('Error with confirmation code.'));
return;
}
// These should be reaped, but for now we just check mod time
// Note: it's still deleted; let's avoid a second attempt!
if (time() - $touched > MAX_RECOVERY_TIME) {
common_log(LOG_WARNING, 'Attempted redemption on recovery code ' . 'that is ' . $touched . ' seconds old. ');
// TRANS: Client error displayed trying to recover password with too old a recovery code.
$this->clientError(_('This confirmation code is too old. ' . 'Please start again.'));
return;
}
// If we used an outstanding confirmation to send the email,
// it's been confirmed at this point.
if (!$user->email) {
$orig = clone $user;
$user->email = $email;
$result = $user->updateKeys($orig);
if (!$result) {
common_log_db_error($user, 'UPDATE', __FILE__);
// TRANS: Server error displayed when updating a user's e-mail address in the database fails while recovering a password.
$this->serverError(_('Could not update user with confirmed email address.'));
return;
}
}
// Success!
$this->setTempUser($user);
$this->showPasswordForm();
}
/**
* For initializing members of the class.
*
* @param array $argarray misc. arguments
*
* @return boolean true
*/
function prepare($argarray)
{
parent::prepare($argarray);
$user = common_current_user();
if (!empty($user)) {
// TRANS: Client exception thrown when trying to register while already logged in.
throw new ClientException(_m('You are already logged in.'));
}
$this->code = $this->trimmed('code');
$this->confirm = Confirm_address::getKV('code', $this->code);
if (empty($this->confirm)) {
// TRANS: Client exception thrown when trying to register with a non-existing confirmation code.
throw new ClientException(_m('Confirmation code not found.'));
return;
}
$this->user = User::getKV('id', $this->confirm->user_id);
if (empty($this->user)) {
// TRANS: Client exception thrown when trying to register with a confirmation code that is not connected with a user.
throw new ServerException(_m('No user for that confirmation code.'));
}
$type = $this->confirm->address_type;
if ($type != 'email') {
// TRANS: Client exception thrown when trying to register with a invalid e-mail address.
// TRANS: %s is the invalid e-mail address.
throw new ServerException(sprintf(_m('Unrecognized address type %s.'), $type));
}
if (!empty($this->user->email) && $this->user->email == $confirm->address) {
// TRANS: Client error for an already confirmed email/jabber/sms address.
throw new ClientException(_m('That address has already been confirmed.'));
}
if ($this->isPost()) {
$this->checkSessionToken();
$password = $this->trimmed('password');
$confirm = $this->trimmed('confirm');
if (strlen($password) < 6) {
// TRANS: Client exception thrown when trying to register with too short a password.
throw new ClientException(_m('Password too short.'));
return;
} else {
if (0 != strcmp($password, $confirm)) {
// TRANS: Client exception thrown when trying to register without providing the same password twice.
throw new ClientException(_m('Passwords do not match.'));
return;
}
}
$this->password = $password;
}
return true;
}
/**
* For initializing members of the class.
*
* @param array $argarray misc. arguments
*
* @return boolean true
*/
function prepare($argarray)
{
parent::prepare($argarray);
$user = common_current_user();
if (!empty($user)) {
throw new ClientException(_('You are already logged in.'));
}
$this->code = $this->trimmed('code');
$this->confirm = Confirm_address::staticGet('code', $this->code);
if (empty($this->confirm)) {
throw new ClientException(_('Confirmation code not found.'));
return;
}
$this->user = User::staticGet('id', $this->confirm->user_id);
if (empty($this->user)) {
throw new ServerException(_('No user for that confirmation code.'));
}
$type = $this->confirm->address_type;
if ($type != 'email') {
throw new ServerException(sprintf(_('Unrecognized address type %s.'), $type));
}
if (!empty($this->user->email) && $this->user->email == $confirm->address) {
// TRANS: Client error for an already confirmed email/jabber/sms address.
throw new ClientException(_('That address has already been confirmed.'));
}
if ($this->isPost()) {
$this->checkSessionToken();
$password = $this->trimmed('password');
$confirm = $this->trimmed('confirm');
if (strlen($password) < 6) {
throw new ClientException(_('Password too short.'));
return;
} else {
if (0 != strcmp($password, $confirm)) {
throw new ClientException(_("Passwords don't match."));
return;
}
}
$this->password = $password;
}
return true;
}
/**
* Add the address passed in by the user
*
* @return void
*/
function addAddress()
{
$user = common_current_user();
$email = $this->trimmed('email');
// Some validation
if (!$email) {
// TRANS: Message given saving e-mail address without having provided one.
$this->showForm(_('No email address.'));
return;
}
$email = common_canonical_email($email);
if (!$email) {
// TRANS: Message given saving e-mail address that cannot be normalised.
$this->showForm(_('Cannot normalize that email address'));
return;
}
if (!Validate::email($email, common_config('email', 'check_domain'))) {
// TRANS: Message given saving e-mail address that not valid.
$this->showForm(_('Not a valid email address.'));
return;
} else {
if ($user->email == $email) {
// TRANS: Message given saving e-mail address that is already set.
$this->showForm(_('That is already your email address.'));
return;
} else {
if ($this->emailExists($email)) {
// TRANS: Message given saving e-mail address that is already set for another user.
$this->showForm(_('That email address already belongs ' . 'to another user.'));
return;
}
}
}
$confirm = new Confirm_address();
$confirm->address = $email;
$confirm->address_type = 'email';
$confirm->user_id = $user->id;
$confirm->code = common_confirmation_code(64);
$result = $confirm->insert();
if ($result === false) {
common_log_db_error($confirm, 'INSERT', __FILE__);
// TRANS: Server error thrown on database error adding e-mail confirmation code.
$this->serverError(_('Couldn\'t insert confirmation code.'));
return;
}
mail_confirm_address($user, $confirm->code, $user->nickname, $email);
// TRANS: Message given saving valid e-mail address that is to be confirmed.
$msg = _('A confirmation code was sent to the email address you added. ' . 'Check your inbox (and spam box!) for the code and instructions ' . 'on how to use it.');
$this->showForm($msg, true);
}
/**
* Sends a confirmation to the address given
*
* Stores a confirmation record and sends out a
* message with the confirmation info.
*
* @return void
*/
function addAddress()
{
$screenname = $this->trimmed('screenname');
$transport = $this->trimmed('transport');
// Some validation
if (empty($screenname)) {
// TRANS: Message given saving IM address without having provided one.
throw new ClientException(_('No screenname.'));
}
if (empty($transport)) {
// TRANS: Form validation error when no transport is available setting an IM address.
throw new ClientException(_('No transport.'));
}
Event::handle('NormalizeImScreenname', array($transport, &$screenname));
if (empty($screenname)) {
// TRANS: Message given saving IM address that cannot be normalised.
throw new ClientException(_('Cannot normalize that screenname.'));
}
$valid = false;
Event::handle('ValidateImScreenname', array($transport, $screenname, &$valid));
if (!$valid) {
// TRANS: Message given saving IM address that not valid.
throw new ClientException(_('Not a valid screenname.'));
} else {
if ($this->screennameExists($transport, $screenname)) {
// TRANS: Message given saving IM address that is already set for another user.
throw new ClientException(_('Screenname already belongs to another user.'));
}
}
$confirm = new Confirm_address();
$confirm->address = $screenname;
$confirm->address_type = $transport;
$confirm->user_id = $this->scoped->getID();
$confirm->code = common_confirmation_code(64);
$confirm->sent = common_sql_now();
$confirm->claimed = common_sql_now();
$result = $confirm->insert();
if ($result === false) {
common_log_db_error($confirm, 'INSERT', __FILE__);
// TRANS: Server error thrown on database error adding Instant Messaging confirmation code.
$this->serverError(_('Could not insert confirmation code.'));
}
Event::handle('SendImConfirmationCode', array($transport, $screenname, $confirm->code, $this->scoped));
// TRANS: Message given saving valid IM address that is to be confirmed.
return _('A confirmation code was sent to the IM address you added.');
}
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
define('INSTALLDIR', realpath(dirname(__FILE__) . '/../../..'));
$shortoptions = 'd';
$longoptions = array('dryrun');
$helptext = <<<END_OF_REGISTEREMAILUSER_HELP
cancelemailregistration.php [options] <email address>
Options:
-d --dryrun Do not actually delete the email registration and confirmation code
Cancel an email registration code
END_OF_REGISTEREMAILUSER_HELP;
require_once INSTALLDIR . '/scripts/commandline.inc';
if (count($args) == 0) {
show_help();
}
$email = $args[0];
$confirm = Confirm_address::getAddress($email, EmailRegistrationPlugin::CONFIRMTYPE);
if (!empty($confirm)) {
if (have_option('d', 'dryrun')) {
print "[Dry run mode] Deleted confirmation code {$confirm->code} for {$confirm->address}.\n";
} else {
$confirm->delete();
print "Deleted confirmation code {$confirm->code} for {$confirm->address}.\n";
}
} else {
print "Couldn't find an email registration code for {$email}.\n";
}
/**
* Add the address passed in by the user
*
* @return void
*/
function addAddress()
{
$user = common_current_user();
$email = $this->trimmed('email');
// Some validation
if (!$email) {
$this->showForm(_('未填写邮箱地址'));
return;
}
$email = common_canonical_email($email);
if (!$email) {
$this->showForm(_('邮件地址格式错误'));
return;
}
if (!Validate::email($email, common_config('email', 'check_domain'))) {
$this->showForm(_('邮件地址格式错误'));
return;
} else {
if ($user->email == $email) {
$this->showForm(_('新邮件地址与原邮件地址相同'));
return;
} else {
if ($this->emailExists($email)) {
$this->showForm(_('此邮件地址属于其他用户'));
return;
}
}
}
$confirm = new Confirm_address();
$confirm->address = $email;
$confirm->address_type = 'email';
$confirm->user_id = $user->id;
$confirm->code = common_confirmation_code(64);
$result = $confirm->insert();
if ($result === false) {
common_log_db_error($confirm, 'INSERT', __FILE__);
$this->serverError(_('生成验证邮件失败,请返回重试'));
return;
}
mail_confirm_address($user, $confirm->code, $user->nickname, $email);
$msg = _('验证邮件已经发送,请稍候查看邮箱以确认验证信息');
$this->showForm($msg, true);
}
function next_confirm()
{
$confirm = new Confirm_address();
$confirm->whereAdd('claimed IS null');
$confirm->whereAdd('sent IS null');
# XXX: eventually we could do other confirmations in the queue, too
$confirm->address_type = 'jabber';
$confirm->orderBy('modified DESC');
$confirm->limit(1);
if ($confirm->find(true)) {
$this->log(LOG_INFO, 'Claiming confirmation for ' . $confirm->address);
# working around some weird DB_DataObject behaviour
$confirm->whereAdd('');
# clears where stuff
$original = clone $confirm;
$confirm->claimed = common_sql_now();
$result = $confirm->update($original);
if ($result) {
$this->log(LOG_INFO, 'Succeeded in claim! ' . $result);
return $confirm;
} else {
$this->log(LOG_INFO, 'Failed in claim!');
return false;
}
}
return null;
}
/**
* Add the address passed in by the user
*
* @return void
*/
function addAddress()
{
$user = $this->scoped->getUser();
$email = $this->trimmed('email');
// Some validation
if (empty($email)) {
// TRANS: Message given saving e-mail address without having provided one.
throw new ClientException(_('No email address.'));
}
$email = common_canonical_email($email);
if (empty($email)) {
// TRANS: Message given saving e-mail address that cannot be normalised.
throw new ClientException(_('Cannot normalize that email address.'));
}
if (!Validate::email($email, common_config('email', 'check_domain'))) {
// TRANS: Message given saving e-mail address that not valid.
throw new ClientException(_('Not a valid email address.'));
} else {
if ($user->email == $email) {
// TRANS: Message given saving e-mail address that is already set.
throw new ClientException(_('That is already your email address.'));
} else {
if ($this->emailExists($email)) {
// TRANS: Message given saving e-mail address that is already set for another user.
throw new ClientException(_('That email address already belongs to another user.'));
}
}
}
if (Event::handle('StartAddEmailAddress', array($user, $email))) {
$confirm = new Confirm_address();
$confirm->address = $email;
$confirm->address_type = 'email';
$confirm->user_id = $user->getID();
$confirm->code = common_confirmation_code(64);
$result = $confirm->insert();
if ($result === false) {
common_log_db_error($confirm, 'INSERT', __FILE__);
// TRANS: Server error thrown on database error adding e-mail confirmation code.
throw new ServerException(_('Could not insert confirmation code.'));
}
common_debug('Sending confirmation address for user ' . $user->getID() . ' to email ' . $email);
mail_confirm_address($user, $confirm->code, $user->getNickname(), $email);
Event::handle('EndAddEmailAddress', array($user, $email));
}
// TRANS: Message given saving valid e-mail address that is to be confirmed.
return _('A confirmation code was sent to the email address you added. ' . 'Check your inbox (and spam box!) for the code and instructions ' . 'on how to use it.');
}
/**
* Sends a confirmation to the address given
*
* Stores a confirmation record and sends out a
* Jabber message with the confirmation info.
*
* @return void
*/
function addAddress()
{
$user = common_current_user();
$jabber = $this->trimmed('jabber');
// Some validation
if (!$jabber) {
// TRANS: Message given saving IM address without having provided one.
$this->showForm(_('No Jabber ID.'));
return;
}
$jabber = jabber_normalize_jid($jabber);
if (!$jabber) {
// TRANS: Message given saving IM address that cannot be normalised.
$this->showForm(_('Cannot normalize that Jabber ID'));
return;
}
if (!jabber_valid_base_jid($jabber, common_config('email', 'domain_check'))) {
// TRANS: Message given saving IM address that not valid.
$this->showForm(_('Not a valid Jabber ID'));
return;
} else {
if ($user->jabber == $jabber) {
// TRANS: Message given saving IM address that is already set.
$this->showForm(_('That is already your Jabber ID.'));
return;
} else {
if ($this->jabberExists($jabber)) {
// TRANS: Message given saving IM address that is already set for another user.
$this->showForm(_('Jabber ID already belongs to another user.'));
return;
}
}
}
$confirm = new Confirm_address();
$confirm->address = $jabber;
$confirm->address_type = 'jabber';
$confirm->user_id = $user->id;
$confirm->code = common_confirmation_code(64);
$confirm->sent = common_sql_now();
$confirm->claimed = common_sql_now();
$result = $confirm->insert();
if ($result === false) {
common_log_db_error($confirm, 'INSERT', __FILE__);
// TRANS: Server error thrown on database error adding IM confirmation code.
$this->serverError(_('Couldn\'t insert confirmation code.'));
return;
}
jabber_confirm_address($confirm->code, $user->nickname, $jabber);
// TRANS: Message given saving valid IM address that is to be confirmed.
// TRANS: %s is the IM address set for the site.
$msg = sprintf(_('A confirmation code was sent ' . 'to the IM address you added. ' . 'You must approve %s for ' . 'sending messages to you.'), jabber_daemon_address());
$this->showForm($msg, true);
}
/**
* Add the address passed in by the user
*
* @return void
*/
function addAddress()
{
$user = common_current_user();
$email = $this->trimmed('email');
// Some validation
if (!$email) {
$this->showForm(_('No email address.'));
return;
}
$email = common_canonical_email($email);
if (!$email) {
$this->showForm(_('Cannot normalize that email address'));
return;
}
if (!Validate::email($email, true)) {
$this->showForm(_('Not a valid email address'));
return;
} else {
if ($user->email == $email) {
$this->showForm(_('That is already your email address.'));
return;
} else {
if ($this->emailExists($email)) {
$this->showForm(_('That email address already belongs ' . 'to another user.'));
return;
}
}
}
$confirm = new Confirm_address();
$confirm->address = $email;
$confirm->address_type = 'email';
$confirm->user_id = $user->id;
$confirm->code = common_confirmation_code(64);
$result = $confirm->insert();
if ($result === false) {
common_log_db_error($confirm, 'INSERT', __FILE__);
$this->serverError(_('Couldn\'t insert confirmation code.'));
return;
}
mail_confirm_address($user, $confirm->code, $user->nickname, $email);
$msg = _('A confirmation code was sent to the email address you added. ' . 'Check your inbox (and spam box!) for the code and instructions ' . 'on how to use it.');
$this->showForm($msg, true);
}
function prepare($argarray)
{
parent::prepare($argarray);
if (common_config('site', 'closed')) {
// TRANS: Client exception trown when registration by e-mail is not allowed.
throw new ClientException(_m('Registration not allowed.'), 403);
}
if ($this->isPost()) {
$this->checkSessionToken();
$this->email = $this->trimmed('email');
if (!empty($this->email)) {
if (common_config('site', 'inviteonly')) {
// TRANS: Client exception trown when trying to register without an invitation.
throw new ClientException(_m('Sorry, only invited people can register.'), 403);
}
$this->email = common_canonical_email($this->email);
$this->state = self::NEWEMAIL;
} else {
$this->state = self::SETPASSWORD;
$this->code = $this->trimmed('code');
if (empty($this->code)) {
// TRANS: Client exception thrown when no confirmation code was provided.
throw new ClientException(_m('No confirmation code.'));
}
$this->invitation = Invitation::getKV('code', $this->code);
if (!empty($this->invitation)) {
if (!empty($this->invitation->registered_user_id)) {
// TRANS: Client exception trown when using an invitation multiple times.
throw new ClientException(_m('Invitation already used.'), 403);
}
} else {
$this->confirmation = Confirm_address::getKV('code', $this->code);
if (empty($this->confirmation)) {
// TRANS: Client exception thrown when given confirmation code was not issued.
throw new ClientException(_m('No such confirmation code.'), 403);
}
}
$this->nickname = Nickname::normalize($this->trimmed('nickname'));
$this->password1 = $this->trimmed('password1');
$this->password2 = $this->trimmed('password2');
$this->tos = $this->boolean('tos');
}
} else {
// GET
$this->code = $this->trimmed('code');
if (empty($this->code)) {
if (common_config('site', 'inviteonly')) {
// TRANS: Client exception trown when trying to register without an invitation.
throw new ClientException(_m('Sorry, only invited people can register.'), 403);
}
$this->state = self::NEWREGISTER;
} else {
$this->invitation = Invitation::getKV('code', $this->code);
if (!empty($this->invitation)) {
if (!empty($this->invitation->registered_user_id)) {
// TRANS: Client exception trown when using an invitation multiple times.
throw new ClientException(_m('Invitation already used.'), 403);
}
$this->state = self::CONFIRMINVITE;
} else {
$this->state = self::CONFIRMREGISTER;
$this->confirmation = Confirm_address::getKV('code', $this->code);
if (empty($this->confirmation)) {
// TRANS: Client exception thrown when given confirmation code was not issued.
throw new ClientException(_m('No such confirmation code.'), 405);
}
}
}
}
return true;
}
function recoverPassword()
{
$nore = $this->trimmed('nicknameoremail');
if (!$nore) {
$this->showForm(_('Enter a nickname or email address.'));
return;
}
$user = User::staticGet('email', common_canonical_email($nore));
if (!$user) {
$user = User::staticGet('nickname', common_canonical_nickname($nore));
}
# See if it's an unconfirmed email address
if (!$user) {
$confirm_email = Confirm_address::staticGet('address', common_canonical_email($nore));
if ($confirm_email && $confirm_email->address_type == 'email') {
$user = User::staticGet($confirm_email->user_id);
}
}
if (!$user) {
$this->showForm(_('No user with that email address or username.'));
return;
}
# Try to get an unconfirmed email address if they used a user name
if (!$user->email && !$confirm_email) {
$confirm_email = Confirm_address::staticGet('user_id', $user->id);
if ($confirm_email && $confirm_email->address_type != 'email') {
# Skip non-email confirmations
$confirm_email = null;
}
}
if (!$user->email && !$confirm_email) {
$this->clientError(_('No registered email address for that user.'));
return;
}
# Success! We have a valid user and a confirmed or unconfirmed email address
$confirm = new Confirm_address();
$confirm->code = common_confirmation_code(128);
$confirm->address_type = 'recover';
$confirm->user_id = $user->id;
$confirm->address = isset($user->email) ? $user->email : $confirm_email->address;
if (!$confirm->insert()) {
common_log_db_error($confirm, 'INSERT', __FILE__);
$this->serverError(_('Error saving address confirmation.'));
return;
}
$body = "Hey, {$user->nickname}.";
$body .= "\n\n";
$body .= 'Someone just asked for a new password ' . 'for this account on ' . common_config('site', 'name') . '.';
$body .= "\n\n";
$body .= 'If it was you, and you want to confirm, use the URL below:';
$body .= "\n\n";
$body .= "\t" . common_local_url('recoverpassword', array('code' => $confirm->code));
$body .= "\n\n";
$body .= 'If not, just ignore this message.';
$body .= "\n\n";
$body .= 'Thanks for your time, ';
$body .= "\n";
$body .= common_config('site', 'name');
$body .= "\n";
mail_to_user($user, _('Password recovery requested'), $body, $confirm->address);
$this->mode = 'sent';
$this->msg = _('Instructions for recovering your password ' . 'have been sent to the email address registered to your ' . 'account.');
$this->success = true;
$this->showPage();
}
print "No email registered for user '{$user->nickname}'\n";
} else {
print "Unconfirmed Adress: {$unconfirmed_email->address}\n";
}
} else {
print "{$user->email}\n";
}
exit(0);
}
if (have_option('e', 'email')) {
$user = new User();
$user->email = get_option_value('e', 'email');
$user->find(false);
if (!$user->fetch()) {
// Check unconfirmed emails
$unconfirmed_email = new Confirm_address();
$unconfirmed_email->address = $user->email;
$unconfirmed_email->address_type = 'email';
$unconfirmed_email->find(true);
if (empty($unconfirmed_email->user_id)) {
print "No users with email {$user->email}\n";
} else {
$user = User::getKV('id', $unconfirmed_email->user_id);
print "Unconfirmed Address: {$user->id} {$user->nickname}\n";
}
exit(0);
}
do {
print "{$user->id} {$user->nickname}\n";
} while ($user->fetch());
} else {
static function registerEmail($email)
{
$old = User::getKV('email', $email);
if (!empty($old)) {
// TRANS: Error text when trying to register with an already registered e-mail address.
// TRANS: %s is the URL to recover password at.
throw new ClientException(sprintf(_m('A user with that email address already exists. You can use the ' . '<a href="%s">password recovery</a> tool to recover a missing password.'), common_local_url('recoverpassword')));
}
$valid = false;
if (Event::handle('StartValidateUserEmail', array(null, $email, &$valid))) {
$valid = Validate::email($email, common_config('email', 'check_domain'));
Event::handle('EndValidateUserEmail', array(null, $email, &$valid));
}
if (!$valid) {
// TRANS: Error text when trying to register with an invalid e-mail address.
throw new ClientException(_m('Not a valid email address.'));
}
$confirm = Confirm_address::getAddress($email, self::CONFIRMTYPE);
if (empty($confirm)) {
$confirm = Confirm_address::saveNew(null, $email, 'register');
}
return $confirm;
}
/**
* Called via a callback when NickServ responds to
* the bots query asking if a nick is registered
*
* @param array $data Data
* @return void
*/
public function handle_reg_response($data)
{
// Retrieve data
$screenname = $data['screenname'];
$nickdata = $this->regChecks[$screenname];
$usernick = $nickdata['user']->nickname;
if (isset($this->regChecksLookup[$usernick])) {
if ($data['registered']) {
// Send message
$this->plugin->sendConfirmationCode($screenname, $nickdata['code'], $nickdata['user'], true);
} else {
// TRANS: Message given when using an unregistered IRC nickname.
$this->plugin->sendMessage($screenname, _m('Your nickname is not registered so IRC connectivity cannot be enabled.'));
$confirm = new Confirm_address();
$confirm->user_id = $user->id;
$confirm->address_type = $this->plugin->transport;
if ($confirm->find(true)) {
$result = $confirm->delete();
if (!$result) {
common_log_db_error($confirm, 'DELETE', __FILE__);
// TRANS: Server error thrown on database error when deleting IRC nickname confirmation.
$this->serverError(_m('Could not delete confirmation.'));
return;
}
}
}
// Unset lookup value
unset($this->regChecksLookup[$usernick]);
// Unset data
unset($this->regChecks[$screename]);
}
}
$members[] = clone $profile;
}
}
} else {
print "Faltan parámetros\n";
exit(1);
}
}
}
// Si hemos llegado aquí es que hay usuario o grupo válido.
foreach ($members as $member) {
$user = $member->getUser();
if (empty($user->email)) {
print "El usuario '{$user->nickname}' no tiene email registrado.\n";
} else {
$confirm = new Confirm_address();
$confirm->code = common_confirmation_code(128);
$confirm->address_type = 'recover';
$confirm->user_id = $user->id;
$confirm->address = !empty($user->email) ? $user->email : $confirm_email->address;
if (!$confirm->insert()) {
common_log_db_error($confirm, 'INSERT', __FILE__);
// TRANS: Server error displayed if e-mail address confirmation fails in the database on the password recovery form.
throw new ServerException(_('Error saving address confirmation.'));
return;
}
//Creamos el correo
$subject = "¡Bienvenido a " . common_config('site', 'name') . "!";
$body = crearEmail($user, $confirm);
print "Enviando correo a {$user->nickname}...";
if (mail_to_user($user, $subject, $body)) {
/**
* Accept a confirmation code
*
* Checks the code and confirms the address in the
* user record
*
* @param args $args $_REQUEST array
*
* @return void
*/
function handle($args)
{
parent::handle($args);
if (!common_logged_in()) {
common_set_returnto($this->selfUrl());
common_redirect(common_local_url('login'));
return;
}
$code = $this->trimmed('code');
if (!$code) {
// TRANS: Client error displayed when not providing a confirmation code in the contact address confirmation action.
$this->clientError(_('No confirmation code.'));
return;
}
$confirm = Confirm_address::staticGet('code', $code);
if (!$confirm) {
// TRANS: Client error displayed when providing a non-existing confirmation code in the contact address confirmation action.
$this->clientError(_('Confirmation code not found.'));
return;
}
$cur = common_current_user();
if ($cur->id != $confirm->user_id) {
// TRANS: Client error displayed when not providing a confirmation code for another user in the contact address confirmation action.
$this->clientError(_('That confirmation code is not for you!'));
return;
}
$type = $confirm->address_type;
if (!in_array($type, array('email', 'jabber', 'sms'))) {
// TRANS: Server error for a unknow address type %s, which can be 'email', 'jabber', or 'sms'.
$this->serverError(sprintf(_('Unrecognized address type %s.'), $type));
return;
}
if ($cur->{$type} == $confirm->address) {
// TRANS: Client error for an already confirmed email/jabber/sms address.
$this->clientError(_('That address has already been confirmed.'));
return;
}
$cur->query('BEGIN');
$orig_user = clone $cur;
$cur->{$type} = $confirm->address;
if ($type == 'sms') {
$cur->carrier = $confirm->address_extra + 0;
$carrier = Sms_carrier::staticGet($cur->carrier);
$cur->smsemail = $carrier->toEmailAddress($cur->sms);
}
$result = $cur->updateKeys($orig_user);
if (!$result) {
common_log_db_error($cur, 'UPDATE', __FILE__);
// TRANS: Server error displayed when a user update to the database fails in the contact address confirmation action.
$this->serverError(_('Could not update user.'));
return;
}
if ($type == 'email') {
$cur->emailChanged();
}
$result = $confirm->delete();
if (!$result) {
common_log_db_error($confirm, 'DELETE', __FILE__);
// TRANS: Server error displayed when an address confirmation code deletion from the
// TRANS: database fails in the contact address confirmation action.
$this->serverError(_('Could not delete address confirmation.'));
return;
}
$cur->query('COMMIT');
$this->type = $type;
$this->showPage();
}
static function recoverPassword($nore)
{
// $confirm_email will be used as a fallback if our user doesn't have a confirmed email
$confirm_email = null;
if (common_is_email($nore)) {
$user = User::getKV('email', common_canonical_email($nore));
// See if it's an unconfirmed email address
if (!$user instanceof User) {
// Warning: it may actually be legit to have multiple folks
// who have claimed, but not yet confirmed, the same address.
// We'll only send to the first one that comes up.
$confirm_email = new Confirm_address();
$confirm_email->address = common_canonical_email($nore);
$confirm_email->address_type = 'email';
if ($confirm_email->find(true)) {
$user = User::getKV('id', $confirm_email->user_id);
}
}
// No luck finding anyone by that email address.
if (!$user instanceof User) {
if (common_config('site', 'fakeaddressrecovery')) {
// Return without actually doing anything! We fake address recovery
// to avoid revealing which email addresses are registered with the site.
return;
}
// TRANS: Information on password recovery form if no known e-mail address was specified.
throw new ClientException(_('No user with that email address exists here.'));
}
} else {
// This might throw a NicknameException on bad nicknames
$user = User::getKV('nickname', common_canonical_nickname($nore));
if (!$user instanceof User) {
// TRANS: Information on password recovery form if no known username was specified.
throw new ClientException(_('No user with that nickname exists here.'));
}
}
// Try to get an unconfirmed email address if they used a user name
if (empty($user->email) && $confirm_email === null) {
$confirm_email = new Confirm_address();
$confirm_email->user_id = $user->id;
$confirm_email->address_type = 'email';
$confirm_email->find();
if (!$confirm_email->fetch()) {
// Nothing found, so let's reset it to null
$confirm_email = null;
}
}
if (empty($user->email) && !$confirm_email instanceof Confirm_address) {
// TRANS: Client error displayed on password recovery form if a user does not have a registered e-mail address.
throw new ClientException(_('No registered email address for that user.'));
}
// Success! We have a valid user and a confirmed or unconfirmed email address
$confirm = new Confirm_address();
$confirm->code = common_confirmation_code(128);
$confirm->address_type = 'recover';
$confirm->user_id = $user->id;
$confirm->address = $user->email ?: $confirm_email->address;
if (!$confirm->insert()) {
common_log_db_error($confirm, 'INSERT', __FILE__);
// TRANS: Server error displayed if e-mail address confirmation fails in the database on the password recovery form.
throw new ServerException(_('Error saving address confirmation.'));
}
// @todo FIXME: needs i18n.
$body = "Hey, {$user->nickname}.";
$body .= "\n\n";
$body .= 'Someone just asked for a new password ' . 'for this account on ' . common_config('site', 'name') . '.';
$body .= "\n\n";
$body .= 'If it was you, and you want to confirm, use the URL below:';
$body .= "\n\n";
$body .= "\t" . common_local_url('recoverpassword', array('code' => $confirm->code));
$body .= "\n\n";
$body .= 'If not, just ignore this message.';
$body .= "\n\n";
$body .= 'Thanks for your time, ';
$body .= "\n";
$body .= common_config('site', 'name');
$body .= "\n";
$headers = _mail_prepare_headers('recoverpassword', $user->nickname, $user->nickname);
// TRANS: Subject for password recovery e-mail.
mail_to_user($user, _('Password recovery requested'), $body, $headers, $confirm->address);
}
/**
* Add a new SMS number for confirmation
*
* When the user requests a new SMS number, sends a confirmation
* message.
*
* @return void
*/
function addAddress()
{
$user = common_current_user();
$sms = $this->trimmed('sms');
$carrier_id = $this->trimmed('carrier');
// Some validation
if (!$sms) {
// TRANS: Message given saving SMS phone number without having provided one.
$this->showForm(_('No phone number.'));
return;
}
if (!$carrier_id) {
// TRANS: Message given saving SMS phone number without having selected a carrier.
$this->showForm(_('No carrier selected.'));
return;
}
$sms = common_canonical_sms($sms);
if ($user->sms == $sms) {
// TRANS: Message given saving SMS phone number that is already set.
$this->showForm(_('That is already your phone number.'));
return;
} else {
if ($this->smsExists($sms)) {
// TRANS: Message given saving SMS phone number that is already set for another user.
$this->showForm(_('That phone number already belongs to another user.'));
return;
}
}
$confirm = new Confirm_address();
$confirm->address = $sms;
$confirm->address_extra = $carrier_id;
$confirm->address_type = 'sms';
$confirm->user_id = $user->id;
$confirm->code = common_confirmation_code(40);
$result = $confirm->insert();
if ($result === false) {
common_log_db_error($confirm, 'INSERT', __FILE__);
// TRANS: Server error thrown on database error adding SMS confirmation code.
$this->serverError(_('Could not insert confirmation code.'));
return;
}
$carrier = Sms_carrier::staticGet($carrier_id);
mail_confirm_sms($confirm->code, $user->nickname, $carrier->toEmailAddress($sms));
// TRANS: Message given saving valid SMS phone number that is to be confirmed.
$msg = _('A confirmation code was sent to the phone number you added. ' . 'Check your phone for the code and instructions ' . 'on how to use it.');
$this->showForm($msg, true);
}
static function recoverPassword($nore)
{
$user = User::staticGet('email', common_canonical_email($nore));
if (!$user) {
try {
$user = User::staticGet('nickname', common_canonical_nickname($nore));
} catch (NicknameException $e) {
// invalid
}
}
// See if it's an unconfirmed email address
if (!$user) {
// Warning: it may actually be legit to have multiple folks
// who have claimed, but not yet confirmed, the same address.
// We'll only send to the first one that comes up.
$confirm_email = new Confirm_address();
$confirm_email->address = common_canonical_email($nore);
$confirm_email->address_type = 'email';
$confirm_email->find();
if ($confirm_email->fetch()) {
$user = User::staticGet($confirm_email->user_id);
} else {
$confirm_email = null;
}
} else {
$confirm_email = null;
}
if (!$user) {
// TRANS: Information on password recovery form if no known username or e-mail address was specified.
throw new ClientException(_('No user with that email address or username.'));
return;
}
// Try to get an unconfirmed email address if they used a user name
if (!$user->email && !$confirm_email) {
$confirm_email = new Confirm_address();
$confirm_email->user_id = $user->id;
$confirm_email->address_type = 'email';
$confirm_email->find();
if (!$confirm_email->fetch()) {
$confirm_email = null;
}
}
if (!$user->email && !$confirm_email) {
// TRANS: Client error displayed on password recovery form if a user does not have a registered e-mail address.
throw new ClientException(_('No registered email address for that user.'));
return;
}
// Success! We have a valid user and a confirmed or unconfirmed email address
$confirm = new Confirm_address();
$confirm->code = common_confirmation_code(128);
$confirm->address_type = 'recover';
$confirm->user_id = $user->id;
$confirm->address = !empty($user->email) ? $user->email : $confirm_email->address;
if (!$confirm->insert()) {
common_log_db_error($confirm, 'INSERT', __FILE__);
// TRANS: Server error displayed if e-mail address confirmation fails in the database on the password recovery form.
throw new ServerException(_('Error saving address confirmation.'));
return;
}
// @todo FIXME: needs i18n.
$body = "Hola, {$user->nickname}.";
$body .= "\n\n";
$body .= 'Alguien ha solicitado una nueva contraseña ' . 'para esta cuenta en ' . common_config('site', 'name') . '.';
$body .= "\n\n";
$body .= 'Si has sido tú, y quieres modificarla, pulsa en el enlace de abajo:';
$body .= "\n\n";
$body .= "\t" . common_local_url('recoverpassword', array('code' => $confirm->code));
$body .= "\n\n";
$body .= 'Si no, puedes ignorar y eliminar este mensaje.';
$body .= "\n\n";
$body .= 'Gracias por tu tiempo, ';
$body .= "\n";
$body .= common_config('site', 'name');
$body .= "\n";
$headers = _mail_prepare_headers('recoverpassword', $user->nickname, $user->nickname);
// TRANS: Subject for password recovery e-mail.
mail_to_user($user, _('Solicitud de recuperación de contraseña'), $body, $headers, $confirm->address);
}
/**
* Accept a confirmation code
*
* Checks the code and confirms the address in the
* user record
*
* @param args $args $_REQUEST array
*
* @return void
*/
function handle($args)
{
parent::handle($args);
if (!common_logged_in()) {
common_set_returnto($this->selfUrl());
common_redirect(common_local_url('login'));
return;
}
$code = $this->trimmed('code');
if (!$code) {
// TRANS: Client error displayed when not providing a confirmation code in the contact address confirmation action.
$this->clientError(_('No confirmation code.'));
return;
}
$confirm = Confirm_address::staticGet('code', $code);
if (!$confirm) {
// TRANS: Client error displayed when providing a non-existing confirmation code in the contact address confirmation action.
$this->clientError(_('Confirmation code not found.'));
return;
}
$cur = common_current_user();
if ($cur->id != $confirm->user_id) {
// TRANS: Client error displayed when not providing a confirmation code for another user in the contact address confirmation action.
$this->clientError(_('That confirmation code is not for you!'));
return;
}
$type = $confirm->address_type;
$transports = array();
Event::handle('GetImTransports', array(&$transports));
if (!in_array($type, array('email', 'sms')) && !in_array($type, array_keys($transports))) {
// TRANS: Server error for an unknown address type, which can be 'email', 'sms', or the name of an IM network (such as 'xmpp' or 'aim')
$this->serverError(sprintf(_('Unrecognized address type %s'), $type));
return;
}
$this->address = $confirm->address;
$cur->query('BEGIN');
if (in_array($type, array('email', 'sms'))) {
if ($cur->{$type} == $confirm->address) {
// TRANS: Client error for an already confirmed email/jabber/sms address.
$this->clientError(_('That address has already been confirmed.'));
return;
}
$orig_user = clone $cur;
$cur->{$type} = $confirm->address;
if ($type == 'sms') {
$cur->carrier = $confirm->address_extra + 0;
$carrier = Sms_carrier::staticGet($cur->carrier);
$cur->smsemail = $carrier->toEmailAddress($cur->sms);
}
$result = $cur->updateKeys($orig_user);
if (!$result) {
common_log_db_error($cur, 'UPDATE', __FILE__);
// TRANS: Server error displayed when confirming an e-mail address or IM address fails.
$this->serverError(_('Could not update user.'));
return;
}
if ($type == 'email') {
$cur->emailChanged();
}
} else {
$user_im_prefs = new User_im_prefs();
$user_im_prefs->transport = $confirm->address_type;
$user_im_prefs->user_id = $cur->id;
if ($user_im_prefs->find() && $user_im_prefs->fetch()) {
if ($user_im_prefs->screenname == $confirm->address) {
// TRANS: Client error for an already confirmed IM address.
$this->clientError(_('That address has already been confirmed.'));
return;
}
$user_im_prefs->screenname = $confirm->address;
$result = $user_im_prefs->update();
if (!$result) {
common_log_db_error($user_im_prefs, 'UPDATE', __FILE__);
// TRANS: Server error displayed when updating IM preferences fails.
$this->serverError(_('Could not update user IM preferences.'));
return;
}
} else {
$user_im_prefs = new User_im_prefs();
$user_im_prefs->screenname = $confirm->address;
$user_im_prefs->transport = $confirm->address_type;
$user_im_prefs->user_id = $cur->id;
$result = $user_im_prefs->insert();
if (!$result) {
common_log_db_error($user_im_prefs, 'INSERT', __FILE__);
// TRANS: Server error displayed when adding IM preferences fails.
$this->serverError(_('Could not insert user IM preferences.'));
return;
}
}
}
$result = $confirm->delete();
if (!$result) {
common_log_db_error($confirm, 'DELETE', __FILE__);
// TRANS: Server error displayed when an address confirmation code deletion from the
// TRANS: database fails in the contact address confirmation action.
$this->serverError(_('Could not delete address confirmation.'));
return;
}
$cur->query('COMMIT');
$this->showPage();
}
-e email Email to register
END_OF_REGISTERBYEMAIL_HELP;
require_once INSTALLDIR . '/scripts/commandline.inc';
$email = get_option_value('e', 'email');
$parts = explode('@', $email);
$nickname = common_nicknamize($parts[0]);
$user = User::getKV('nickname', $nickname);
if (!empty($user)) {
$confirm = new Confirm_address();
$confirm->user_id = $user->id;
$confirm->address_type = 'email';
if ($confirm->find(true)) {
$url = common_local_url('confirmfirstemail', array('code' => $confirm->code));
print "{$url}\n";
} else {
print "User not waiting for confirmation.\n";
}
exit;
}
$user = User::register(array('nickname' => $nickname, 'password' => null));
$confirm = new Confirm_address();
$confirm->code = common_confirmation_code(128);
$confirm->user_id = $user->id;
$confirm->address = $email;
$confirm->address_type = 'email';
$confirm->insert();
$url = common_local_url('confirmfirstemail', array('code' => $confirm->code));
print "{$url}\n";
mail_confirm_address($user, $confirm->code, $user->nickname, $email, $url);
/**
* Sends a confirmation to the address given
*
* Stores a confirmation record and sends out a
* Jabber message with the confirmation info.
*
* @return void
*/
function addAddress()
{
$user = common_current_user();
$jabber = $this->trimmed('jabber');
// Some validation
if (!$jabber) {
$this->showForm(_('No Jabber ID.'));
return;
}
$jabber = jabber_normalize_jid($jabber);
if (!$jabber) {
$this->showForm(_('Cannot normalize that Jabber ID'));
return;
}
if (!jabber_valid_base_jid($jabber)) {
$this->showForm(_('Not a valid Jabber ID'));
return;
} else {
if ($user->jabber == $jabber) {
$this->showForm(_('That is already your Jabber ID.'));
return;
} else {
if ($this->jabberExists($jabber)) {
$this->showForm(_('Jabber ID already belongs to another user.'));
return;
}
}
}
$confirm = new Confirm_address();
$confirm->address = $jabber;
$confirm->address_type = 'jabber';
$confirm->user_id = $user->id;
$confirm->code = common_confirmation_code(64);
$result = $confirm->insert();
if ($result === false) {
common_log_db_error($confirm, 'INSERT', __FILE__);
$this->serverError(_('Couldn\'t insert confirmation code.'));
return;
}
if (!common_config('queue', 'enabled')) {
jabber_confirm_address($confirm->code, $user->nickname, $jabber);
}
$msg = sprintf(_('A confirmation code was sent ' . 'to the IM address you added. ' . 'You must approve %s for ' . 'sending messages to you.'), jabber_daemon_address());
$this->showForm($msg, true);
}
/**
* Register a new user account and profile and set up default subscriptions.
* If a new-user welcome message is configured, this will be sent.
*
* @param array $fields associative array of optional properties
* string 'bio'
* string 'email'
* bool 'email_confirmed' pass true to mark email as pre-confirmed
* string 'fullname'
* string 'homepage'
* string 'location' informal string description of geolocation
* float 'lat' decimal latitude for geolocation
* float 'lon' decimal longitude for geolocation
* int 'location_id' geoname identifier
* int 'location_ns' geoname namespace to interpret location_id
* string 'nickname' REQUIRED
* string 'password' (may be missing for eg OpenID registrations)
* string 'code' invite code
* ?string 'uri' permalink to notice; defaults to local notice URL
* @return mixed User object or false on failure
*/
static function register($fields)
{
// MAGICALLY put fields into current scope
extract($fields);
$profile = new Profile();
if (!empty($email)) {
$email = common_canonical_email($email);
}
$nickname = common_canonical_nickname($nickname);
$profile->nickname = $nickname;
if (!User::allowed_nickname($nickname)) {
common_log(LOG_WARNING, sprintf("Attempted to register a nickname that is not allowed: %s", $profile->nickname), __FILE__);
return false;
}
$profile->profileurl = common_profile_url($nickname);
if (!empty($fullname)) {
$profile->fullname = $fullname;
}
if (!empty($homepage)) {
$profile->homepage = $homepage;
}
if (!empty($bio)) {
$profile->bio = $bio;
}
if (!empty($location)) {
$profile->location = $location;
$loc = Location::fromName($location);
if (!empty($loc)) {
$profile->lat = $loc->lat;
$profile->lon = $loc->lon;
$profile->location_id = $loc->location_id;
$profile->location_ns = $loc->location_ns;
}
}
$profile->created = common_sql_now();
$user = new User();
$user->nickname = $nickname;
// Users who respond to invite email have proven their ownership of that address
if (!empty($code)) {
$invite = Invitation::staticGet($code);
if ($invite && $invite->address && $invite->address_type == 'email' && $invite->address == $email) {
$user->email = $invite->address;
}
}
if (isset($email_confirmed) && $email_confirmed) {
$user->email = $email;
}
// This flag is ignored but still set to 1
$user->inboxed = 1;
// Set default-on options here, otherwise they'll be disabled
// initially for sites using caching, since the initial encache
// doesn't know about the defaults in the database.
$user->emailnotifysub = 1;
$user->emailnotifyfav = 1;
$user->emailnotifynudge = 1;
$user->emailnotifymsg = 1;
$user->emailnotifyattn = 1;
$user->emailmicroid = 1;
$user->emailpost = 1;
$user->jabbermicroid = 1;
$user->viewdesigns = 1;
$user->created = common_sql_now();
if (Event::handle('StartUserRegister', array(&$user, &$profile))) {
$profile->query('BEGIN');
$id = $profile->insert();
if (empty($id)) {
common_log_db_error($profile, 'INSERT', __FILE__);
return false;
}
$user->id = $id;
if (!empty($uri)) {
$user->uri = $uri;
} else {
$user->uri = common_user_uri($user);
}
if (!empty($password)) {
// may not have a password for OpenID users
$user->password = common_munge_password($password, $id);
}
$result = $user->insert();
if (!$result) {
common_log_db_error($user, 'INSERT', __FILE__);
return false;
}
// Everyone gets an inbox
$inbox = new Inbox();
$inbox->user_id = $user->id;
$inbox->notice_ids = '';
$result = $inbox->insert();
if (!$result) {
common_log_db_error($inbox, 'INSERT', __FILE__);
return false;
}
// Everyone is subscribed to themself
$subscription = new Subscription();
$subscription->subscriber = $user->id;
$subscription->subscribed = $user->id;
$subscription->created = $user->created;
$result = $subscription->insert();
if (!$result) {
common_log_db_error($subscription, 'INSERT', __FILE__);
return false;
}
if (!empty($email) && !$user->email) {
$confirm = new Confirm_address();
$confirm->code = common_confirmation_code(128);
$confirm->user_id = $user->id;
$confirm->address = $email;
$confirm->address_type = 'email';
$result = $confirm->insert();
if (!$result) {
common_log_db_error($confirm, 'INSERT', __FILE__);
return false;
}
}
if (!empty($code) && $user->email) {
$user->emailChanged();
}
// Default system subscription
$defnick = common_config('newuser', 'default');
if (!empty($defnick)) {
$defuser = User::staticGet('nickname', $defnick);
if (empty($defuser)) {
common_log(LOG_WARNING, sprintf("Default user %s does not exist.", $defnick), __FILE__);
} else {
Subscription::start($user, $defuser);
}
}
$profile->query('COMMIT');
if (!empty($email) && !$user->email) {
mail_confirm_address($user, $confirm->code, $profile->nickname, $email);
}
// Welcome message
$welcome = common_config('newuser', 'welcome');
if (!empty($welcome)) {
$welcomeuser = User::staticGet('nickname', $welcome);
if (empty($welcomeuser)) {
common_log(LOG_WARNING, sprintf("Welcome user %s does not exist.", $defnick), __FILE__);
} else {
$notice = Notice::saveNew($welcomeuser->id, sprintf(_('Welcome to %1$s, @%2$s!'), common_config('site', 'name'), $user->nickname), 'system');
}
}
Event::handle('EndUserRegister', array(&$profile, &$user));
}
return $user;
}
function recoverPassword()
{
$nore = $this->trimmed('nicknameoremail');
if (!$nore) {
// TRANS: Form instructions for password recovery form.
$this->showForm(_('Enter a nickname or email address.'));
return;
}
$user = User::staticGet('email', common_canonical_email($nore));
if (!$user) {
try {
$user = User::staticGet('nickname', common_canonical_nickname($nore));
} catch (NicknameException $e) {
// invalid
}
}
# See if it's an unconfirmed email address
if (!$user) {
// Warning: it may actually be legit to have multiple folks
// who have claimed, but not yet confirmed, the same address.
// We'll only send to the first one that comes up.
$confirm_email = new Confirm_address();
$confirm_email->address = common_canonical_email($nore);
$confirm_email->address_type = 'email';
$confirm_email->find();
if ($confirm_email->fetch()) {
$user = User::staticGet($confirm_email->user_id);
} else {
$confirm_email = null;
}
} else {
$confirm_email = null;
}
if (!$user) {
// TRANS: Information on password recovery form if no known username or e-mail address was specified.
$this->showForm(_('No user with that email address or username.'));
return;
}
# Try to get an unconfirmed email address if they used a user name
if (!$user->email && !$confirm_email) {
$confirm_email = new Confirm_address();
$confirm_email->user_id = $user->id;
$confirm_email->address_type = 'email';
$confirm_email->find();
if (!$confirm_email->fetch()) {
$confirm_email = null;
}
}
if (!$user->email && !$confirm_email) {
// TRANS: Client error displayed on password recovery form if a user does not have a registered e-mail address.
$this->clientError(_('No registered email address for that user.'));
return;
}
# Success! We have a valid user and a confirmed or unconfirmed email address
$confirm = new Confirm_address();
$confirm->code = common_confirmation_code(128);
$confirm->address_type = 'recover';
$confirm->user_id = $user->id;
$confirm->address = !empty($user->email) ? $user->email : $confirm_email->address;
if (!$confirm->insert()) {
common_log_db_error($confirm, 'INSERT', __FILE__);
// TRANS: Server error displayed if e-mail address confirmation fails in the database on the password recovery form.
$this->serverError(_('Error saving address confirmation.'));
return;
}
// @todo FIXME: needs i18n.
$body = "Hey, {$user->nickname}.";
$body .= "\n\n";
$body .= 'Someone just asked for a new password ' . 'for this account on ' . common_config('site', 'name') . '.';
$body .= "\n\n";
$body .= 'If it was you, and you want to confirm, use the URL below:';
$body .= "\n\n";
$body .= "\t" . common_local_url('recoverpassword', array('code' => $confirm->code));
$body .= "\n\n";
$body .= 'If not, just ignore this message.';
$body .= "\n\n";
$body .= 'Thanks for your time, ';
$body .= "\n";
$body .= common_config('site', 'name');
$body .= "\n";
$headers = _mail_prepare_headers('recoverpassword', $user->nickname, $user->nickname);
// TRANS: Subject for password recovery e-mail.
mail_to_user($user, _('Password recovery requested'), $body, $headers, $confirm->address);
$this->mode = 'sent';
// TRANS: User notification after an e-mail with instructions was sent from the password recovery form.
$this->msg = _('Instructions for recovering your password ' . 'have been sent to the email address registered to your ' . 'account.');
$this->success = true;
$this->showPage();
}
static function register($fields)
{
# MAGICALLY put fields into current scope
extract($fields);
$profile = new Profile();
$profile->query('BEGIN');
$profile->nickname = $nickname;
$profile->profileurl = common_profile_url($nickname);
if (!empty($fullname)) {
$profile->fullname = $fullname;
}
if (!empty($homepage)) {
$profile->homepage = $homepage;
}
if (!empty($bio)) {
$profile->bio = $bio;
}
if (!empty($location)) {
$profile->location = $location;
}
$profile->created = common_sql_now();
$id = $profile->insert();
if (empty($id)) {
common_log_db_error($profile, 'INSERT', __FILE__);
return false;
}
$user = new User();
$user->id = $id;
$user->nickname = $nickname;
if (!empty($password)) {
# may not have a password for OpenID users
$user->password = common_munge_password($password, $id);
}
# Users who respond to invite email have proven their ownership of that address
if (!empty($code)) {
$invite = Invitation::staticGet($code);
if ($invite && $invite->address && $invite->address_type == 'email' && $invite->address == $email) {
$user->email = $invite->address;
}
}
$inboxes = common_config('inboxes', 'enabled');
if ($inboxes === true || $inboxes == 'transitional') {
$user->inboxed = 1;
}
$user->created = common_sql_now();
$user->uri = common_user_uri($user);
$result = $user->insert();
if (!$result) {
common_log_db_error($user, 'INSERT', __FILE__);
return false;
}
# Everyone is subscribed to themself
$subscription = new Subscription();
$subscription->subscriber = $user->id;
$subscription->subscribed = $user->id;
$subscription->created = $user->created;
$result = $subscription->insert();
if (!$result) {
common_log_db_error($subscription, 'INSERT', __FILE__);
return false;
}
if (!empty($email) && !$user->email) {
$confirm = new Confirm_address();
$confirm->code = common_confirmation_code(128);
$confirm->user_id = $user->id;
$confirm->address = $email;
$confirm->address_type = 'email';
$result = $confirm->insert();
if (!$result) {
common_log_db_error($confirm, 'INSERT', __FILE__);
return false;
}
}
if (!empty($code) && $user->email) {
$user->emailChanged();
}
$profile->query('COMMIT');
if ($email && !$user->email) {
mail_confirm_address($user, $confirm->code, $profile->nickname, $email);
}
return $user;
}
