Indefero

Indefero Commit Details


Date:2010-02-15 15:40:34 (15 years 8 months ago)
Author:Loic d'Anterroches
Branch:develop, feature-issue_links, feature.better-home, feature.content-md5, feature.diff-whitespace, feature.download-md5, feature.issue-links, feature.issue-of-others, feature.issue-summary, feature.search-filter, feature.webrepos, feature.wiki-default-page, master, release-1.1, release-1.2, release-1.3
Commit:52be41186f7d76ceab42b077af5d23a30064edd6
Parents: 96e8f4ae3c48cabe422023577c7702308886b030
Message:Correctly request an account confirmation when trying to recover the password of a not yet activated account.
Changes:

File differences

src/IDF/Form/Password.php
4242
4343
4444
45
46
47
45
4846
4947
5048
5149
5250
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
5366
5467
5568
......
6679
6780
6881
82
83
6984
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
86109
110
87111
88112
public function clean_account()
{
$account = mb_strtolower(trim($this->cleaned_data['account']));
$db =& Pluf::db();
$true = Pluf_DB_BooleanToDb(true, $db);
$sql = new Pluf_SQL('(email=%s OR login=%s) AND active='.$true,
$sql = new Pluf_SQL('email=%s OR login=%s',
array($account, $account));
$users = Pluf::factory('Pluf_User')->getList(array('filter'=>$sql->gen()));
if ($users->count() == 0) {
throw new Pluf_Form_Invalid(__('Sorry, we cannot find a user with this email address or login. Feel free to try again.'));
}
$ok = false;
foreach ($users as $user) {
if ($user->active) {
$ok = true;
continue;
}
if (!$user->active and $user->first_name == '---') {
$ok = true;
continue;
}
$ok = false; // This ensures an all or nothing ok.
}
if (!$ok) {
throw new Pluf_Form_Invalid(__('Sorry, we cannot find a user with this email address or login. Feel free to try again.'));
}
return $account;
}
$sql = new Pluf_SQL('email=%s OR login=%s',
array($account, $account));
$users = Pluf::factory('Pluf_User')->getList(array('filter'=>$sql->gen()));
$return_url = '';
foreach ($users as $user) {
$tmpl = new Pluf_Template('idf/user/passrecovery-email.txt');
$cr = new Pluf_Crypt(md5(Pluf::f('secret_key')));
$code = trim($cr->encrypt($user->email.':'.$user->id.':'.time()),
'~');
$code = substr(md5(Pluf::f('secret_key').$code), 0, 2).$code;
$url = Pluf::f('url_base').Pluf_HTTP_URL_urlForView('IDF_Views::passwordRecovery', array($code), array(), false);
$urlic = Pluf::f('url_base').Pluf_HTTP_URL_urlForView('IDF_Views::passwordRecoveryInputCode', array(), array(), false);
$context = new Pluf_Template_Context(array('url' => Pluf_Template::markSafe($url),
'urlik' => Pluf_Template::markSafe($urlic),
'user' => Pluf_Template::markSafe($user),
'key' => Pluf_Template::markSafe($code)));
$email = new Pluf_Mail(Pluf::f('from_email'), $user->email,
__('Password Recovery - InDefero'));
$email->setReturnPath(Pluf::f('bounce_email', Pluf::f('from_email')));
$email->addTextMessage($tmpl->render($context));
$email->sendMail();
if ($user->active) {
$return_url = Pluf_HTTP_URL_urlForView('IDF_Views::passwordRecoveryInputCode');
$tmpl = new Pluf_Template('idf/user/passrecovery-email.txt');
$cr = new Pluf_Crypt(md5(Pluf::f('secret_key')));
$code = trim($cr->encrypt($user->email.':'.$user->id.':'.time()),
'~');
$code = substr(md5(Pluf::f('secret_key').$code), 0, 2).$code;
$url = Pluf::f('url_base').Pluf_HTTP_URL_urlForView('IDF_Views::passwordRecovery', array($code), array(), false);
$urlic = Pluf::f('url_base').Pluf_HTTP_URL_urlForView('IDF_Views::passwordRecoveryInputCode', array(), array(), false);
$context = new Pluf_Template_Context(
array('url' => Pluf_Template::markSafe($url),
'urlik' => Pluf_Template::markSafe($urlic),
'user' => Pluf_Template::markSafe($user),
'key' => Pluf_Template::markSafe($code)));
$email = new Pluf_Mail(Pluf::f('from_email'), $user->email,
__('Password Recovery - InDefero'));
$email->setReturnPath(Pluf::f('bounce_email', Pluf::f('from_email')));
$email->addTextMessage($tmpl->render($context));
$email->sendMail();
}
if (!$user->active and $user->first_name == '---') {
$return_url = Pluf_HTTP_URL_urlForView('IDF_Views::registerInputKey');
IDF_Form_Register::sendVerificationEmail($user);
}
}
return $return_url;
}
}
src/IDF/Form/Register.php
124124
125125
126126
127
127
128
129
130
131
132
128133
134
129135
130136
131137
......
144150
145151
146152
147
148153
149154
$user->language = $this->request->language_code;
$user->active = false;
$user->create();
$from_email = Pluf::f('from_email');
self::sendVerificationEmail($user);
return $user;
}
public static function sendVerificationEmail($user)
{
Pluf::loadFunction('Pluf_HTTP_URL_urlForView');
$from_email = Pluf::f('from_email');
$cr = new Pluf_Crypt(md5(Pluf::f('secret_key')));
$encrypted = trim($cr->encrypt($user->email.':'.$user->id), '~');
$key = substr(md5(Pluf::f('secret_key').$encrypted), 0, 2).$encrypted;
__('Confirm the creation of your account.'));
$email->addTextMessage($text_email);
$email->sendMail();
return $user;
}
}
src/IDF/Views.php
183183
184184
185185
186
187
186188
187189
188190
......
190192
191193
192194
193
194
195
195196
196197
197198
* email is available in the database, send an email with a key to
* reset the password.
*
* If the user is not yet confirmed, send the confirmation key one
* more time.
*/
function passwordRecoveryAsk($request, $match)
{
if ($request->method == 'POST') {
$form = new IDF_Form_Password($request->POST);
if ($form->isValid()) {
$form->save();
$url = Pluf_HTTP_URL_urlForView('IDF_Views::passwordRecoveryInputCode');
$url = $form->save();
return new Pluf_HTTP_Response_Redirect($url);
}
} else {

Archive Download the corresponding diff file

Page rendered in 0.74885s using 13 queries.