confirm email addresses

darcs-hash:20080620051536-5ed1f-231e427832dd20c861eb7a6dc1171315e90f455b.gz
This commit is contained in:
Evan Prodromou 2008-06-20 01:15:36 -04:00
parent 8ecd2a6b1d
commit bf0be3ddb7
8 changed files with 164 additions and 6 deletions

70
actions/confirmemail.php Normal file
View File

@ -0,0 +1,70 @@
<?php
/*
* Laconica - a distributed open-source microblogging tool
* Copyright (C) 2008, Controlez-Vous, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
if (!defined('LACONICA')) { exit(1); }
class ConfirmemailAction extends Action {
function handle($args) {
parent::handle($args);
if (!common_logged_in()) {
common_set_returnto($this->self_url());
common_redirect(common_local_url('login'));
return;
}
$code = $this->trimmed('code');
if (!$code) {
$this->client_error(_t('No confirmation code.'));
return;
}
$confirm_email = Confirm_email::staticGet('code', $code);
if (!$confirm_email) {
$this->client_error(_t('Confirmation code not found.'));
return;
}
$cur = common_current_user();
if ($cur->id != $confirm_email->user_id) {
$this->client_error(_t('That confirmation code is not for you!'));
return;
}
if ($cur->email == $confirm_email->email) {
$this->client_error(_t('That email address is already confirmed.'));
return;
}
$cur->query('BEGIN');
$orig_user = clone($cur);
$cur->email = $confirm_email->email;
$result = $cur->update($orig_user);
if (!$result) {
$this->server_error(_t('Error setting email address.'));
return;
}
$result = $confirm_email->delete();
if (!$result) {
$this->server_error(_t('Error deleting code.'));
return;
}
$cur->query('COMMIT');
common_show_header(_t('Confirm E-mail Address'));
common_element('p', NULL,
_t('The email address "') . $cur->email .
_t('" has been confirmed for your account.'));
common_show_footer(_t('Confirm E-mail Address'));
}
}

View File

@ -89,8 +89,11 @@ class RegisterAction extends Action {
}
function register_user($nickname, $password, $email) {
# TODO: wrap this in a transaction!
$profile = new Profile();
$profile->query('BEGIN');
$profile->nickname = $nickname;
$profile->profileurl = common_profile_url($nickname);
$profile->created = DB_DataObject_Cast::dateTime(); # current time
@ -103,15 +106,34 @@ class RegisterAction extends Action {
$user->id = $id;
$user->nickname = $nickname;
$user->password = common_munge_password($password, $id);
$user->email = $email;
$user->created = DB_DataObject_Cast::dateTime(); # current time
$user->uri = common_mint_tag('user:'.$id);
$result = $user->insert();
if (!$result) {
# Try to clean up...
$profile->delete();
return FALSE;
}
if ($email) {
$confirm = new Confirm_email();
$confirm->code = common_good_random(16);
$confirm->user_id = $user->id;
$confirm->email = $email;
$result = $confirm->insert();
if (!$result) {
return FALSE;
}
}
$profile->query('COMMIT');
if ($email) {
mail_confirm_address($code,
$profile->nickname,
$email);
}
return $result;
}

23
classes/Confirm_email.php Normal file
View File

@ -0,0 +1,23 @@
<?php
/**
* Table Definition for confirm_email
*/
require_once 'DB/DataObject.php';
class Confirm_email extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $__table = 'confirm_email'; // table name
public $code; // varchar(32) primary_key not_null
public $user_id; // int(4) not_null
public $email; // varchar(255) not_null
public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
/* Static get */
function staticGet($k,$v=NULL) { return DB_DataObject::staticGet('Confirm_email',$k,$v); }
/* the code above is auto generated do not remove the tag below */
###END_AUTOCODE
}

View File

@ -16,6 +16,15 @@ width = K
height = K
url = U
[confirm_email]
code = 130
user_id = 129
email = 130
modified = 384
[confirm_email__keys]
code = K
[consumer]
consumer_key = 130
seed = 130

View File

@ -145,7 +145,7 @@ create table oid_nonces (
UNIQUE (server_url(255), timestamp, salt)
) ENGINE=InnoDB;
create table confirmemail (
create table confirm_email (
code varchar(32) not null primary key comment 'good random code',
user_id integer not null comment 'user who requested confirmation' references user (id),
email varchar(255) not null comment 'email address for password recovery etc.',

View File

@ -68,4 +68,11 @@ class Action { // lawsuit
common_debug("User error '$code' on '$action': $msg", __FILE__);
common_user_error($msg, $code);
}
function self_url() {
$action = $this->trimmed('action');
$args = $this->args;
unset($args['action']);
return common_local_url($action, $args);
}
}

View File

@ -80,3 +80,4 @@ require_once(INSTALLDIR.'/classes/Profile.php');
require_once(INSTALLDIR.'/classes/Remote_profile.php');
require_once(INSTALLDIR.'/classes/Subscription.php');
require_once(INSTALLDIR.'/classes/User.php');
require_once(INSTALLDIR.'/classes/Confirm_email.php');

View File

@ -55,3 +55,29 @@ function mail_notify_from() {
}
}
# For confirming an email address
function mail_confirm_address($code, $nickname, $address) {
$recipients = $address;
$headers['From'] = mail_notify_from();
$headers['To'] = $nickname . ' <' . $address . '>';
$headers['Subject'] = _t('Email address confirmation');
$body = "Hey, $nickname.";
$body .= "\n\n";
$body .= 'Someone just entered this email address on ' . common_config('site', 'name') . '.';
$body .= "\n\n";
$body .= 'If it was you, and you want to confirm your entry, use the URL below:';
$body .= "\n\n";
$body .= "\t".common_local_url('confirmemail',
array('code' => $code));
$body .= "\n\n";
$body .= 'If not, just ignore this message.';
$body .= "\n\n";
$body .= 'Thanks for your time, ';
$body .= "\n";
$body .= common_config('site', 'name');
$body .= "\n";
mail_send($recipients, $headers, $body);
}