aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-06-25 18:04:12 +0000
committermarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-06-25 18:04:12 +0000
commit9cdb242250336005002e7cc7ffa4d8c3316db30b (patch)
treec58702523ee6171b716f8d9c9de3b9485cabaf05
parent1feb73166aae32c77db23812802f995cdcb34358 (diff)
downloadelgg-9cdb242250336005002e7cc7ffa4d8c3316db30b.tar.gz
elgg-9cdb242250336005002e7cc7ffa4d8c3316db30b.tar.bz2
Refs #79
git-svn-id: https://code.elgg.org/elgg/trunk@1133 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r--actions/email/confirm.php38
-rw-r--r--engine/lib/users.php66
-rw-r--r--languages/en.php12
3 files changed, 114 insertions, 2 deletions
diff --git a/actions/email/confirm.php b/actions/email/confirm.php
new file mode 100644
index 000000000..d967f7c1e
--- /dev/null
+++ b/actions/email/confirm.php
@@ -0,0 +1,38 @@
+<?php
+ /**
+ * Action which confirms an email when it is registered or changed, based on a code.
+ *
+ * @package Elgg
+ * @subpackage Core
+ * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
+ * @author
+ * @copyright Curverider Ltd 2008
+ * @link http://elgg.org/
+ */
+
+ require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php");
+
+ // Ensure we are logged in
+ gatekeeper();
+
+ // Get user id
+ $user_guid = (int)get_input('u');
+ $user = get_entity($user_guid);
+
+ // And the code
+ $code = sanitise_string(get_input('c'));
+
+ if ( ($code) && ($user) )
+ {
+ if (validate_email($user_guid, $code))
+ system_message(elgg_echo('email:confirm:success'));
+ else
+ system_message(elgg_echo('email:confirm:fail'));
+ }
+ else
+ system_message(elgg_echo('email:confirm:fail'));
+
+ forward($_SERVER['HTTP_REFERER']);
+ exit;
+
+?> \ No newline at end of file
diff --git a/engine/lib/users.php b/engine/lib/users.php
index 3bd87dbff..5dc382670 100644
--- a/engine/lib/users.php
+++ b/engine/lib/users.php
@@ -749,6 +749,67 @@
return get_data($query, "entity_row_to_elggstar");
}
+
+ /**
+ * Generate a validation code for a given user's email address.
+ *
+ * @param int $user_guid The user id
+ * @param string $email_address The email address
+ */
+ function generate_email_validation_code($user_guid, $email_address)
+ {
+ global $CONFIG;
+
+ return md5($user_guid . $email_address . $CONFIG->site->url); // Note I bind to site URL, this is important on multisite!
+ }
+
+ /**
+ * Send out a validation request for a given user.
+ * This function assumes that a user has already been created and that the email address has been
+ * saved in the email field in the database.
+ *
+ * @param int $user_guid The user.
+ * @return bool
+ */
+ function request_email_validation($user_guid)
+ {
+ global $CONFIG;
+
+ $user_guid = (int)$user_guid;
+
+ $user = get_entity($user_guid);
+ if (($user) && ($user instanceof ElggUser))
+ {
+ // Clear existing status
+ $user->validated_email = false;
+
+ // Work out validate link
+ $link = $CONFIG->site->url . "action/email/confirm/?u=$user_guid&c=" . generate_email_validation_code($user_guid, $user->email);
+
+ // Send validation email
+ return notify_user($user->guid, $CONFIG->site_guid, elgg_echo('email:validate:subject'), sprintf(elgg_echo('email:validate:body'), $user->username, $link), NULL, 'email');
+
+ }
+
+ return false;
+ }
+
+ /**
+ * Validate a user email address against the code provided, and if valid set the appropriate flag
+ *
+ * @param int $user_guid User GUID
+ * @param string $code The code provided on validation.
+ */
+ function validate_email($user_guid, $code)
+ {
+ $user = get_entity($user_guid);
+
+ $valid = ($code == generate_email_validation_code($user_guid, $user->email));
+ if ($valid)
+ $user->validated_email = true;
+
+ return $valid;
+ }
/**
* Registers a user, returning false if the username already exists
@@ -794,10 +855,11 @@
$user->admin = true;
datalist_set('admin_registered',1);
}
+
+ // Send email validation request
+ request_email_validation($user->getGUID());
return $user->getGUID();
-
-
}
/**
diff --git a/languages/en.php b/languages/en.php
index 13b661209..cf94ecd1a 100644
--- a/languages/en.php
+++ b/languages/en.php
@@ -442,6 +442,9 @@ Alternatively, you can enter your database settings below and we will try and do
/**
* Emails
*/
+ 'email:confirm:success' => "You have confirmed your email address!",
+ 'email:confirm:fail' => "Your email address could not be verified...",
+
'friend:newfriend:subject' => "%s has made you a friend!",
'friend:newfriend:body' => "%s has made you a friend!
@@ -449,6 +452,15 @@ Check them out: %s
You cannot reply to this email.",
+
+ 'email:validate:subject' => "Please confirm your email address!",
+ 'email:validate:body' => "Hi %s,
+
+Please confirm your email address by clicking on the link below:
+
+%s
+",
+
/**
* XML-RPC
*/