aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--mod/uservalidationbyemail/actions/email/confirm.php44
-rw-r--r--mod/uservalidationbyemail/manifest.xml4
-rw-r--r--mod/uservalidationbyemail/start.php217
3 files changed, 129 insertions, 136 deletions
diff --git a/mod/uservalidationbyemail/actions/email/confirm.php b/mod/uservalidationbyemail/actions/email/confirm.php
deleted file mode 100644
index b5c493de0..000000000
--- a/mod/uservalidationbyemail/actions/email/confirm.php
+++ /dev/null
@@ -1,44 +0,0 @@
-<?php
- /**
- * Action which confirms an email when it is registered or changed, based on a code.
- *
- * @package Elgg
- * @subpackage Core
- * @author
- * @link http://elgg.org/
- */
-
- global $CONFIG;
-
- // Get user id
- $access_status = access_get_show_hidden_status();
- access_show_hidden_entities(true);
-
- $user_guid = (int)get_input('u');
- $user = get_entity($user_guid);
-
- // And the code
- $code = sanitise_string(get_input('c'));
-
- if ( ($code) && ($user) )
- {
- if (uservalidationbyemail_validate_email($user_guid, $code)) {
- system_message(elgg_echo('email:confirm:success'));
-
- $user = get_entity($user_guid);
- $user->enable();
-
- notify_user($user_guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:success:subject'), $user->username), sprintf(elgg_echo('email:validate:success:body'), $user->name), NULL, 'email');
-
- } else
- register_error(elgg_echo('email:confirm:fail'));
- }
- else
- register_error(elgg_echo('email:confirm:fail'));
-
- access_show_hidden_entities($access_status);
-
- forward();
- exit;
-
-?> \ No newline at end of file
diff --git a/mod/uservalidationbyemail/manifest.xml b/mod/uservalidationbyemail/manifest.xml
index ceeaa0964..d41398555 100644
--- a/mod/uservalidationbyemail/manifest.xml
+++ b/mod/uservalidationbyemail/manifest.xml
@@ -1,10 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<plugin_manifest>
<field key="author" value="Curverider Ltd" />
- <field key="version" value="1.5" />
+ <field key="version" value="1.7" />
<field key="description" value="Simple user account validation via email." />
<field key="website" value="http://www.elgg.org/" />
<field key="copyright" value="(C) Curverider 2008-2009" />
<field key="licence" value="GNU Public License version 2" />
<field key="elgg_version" value="2009033101" />
-</plugin_manifest> \ No newline at end of file
+</plugin_manifest>
diff --git a/mod/uservalidationbyemail/start.php b/mod/uservalidationbyemail/start.php
index 049287c89..7010fa4b8 100644
--- a/mod/uservalidationbyemail/start.php
+++ b/mod/uservalidationbyemail/start.php
@@ -1,99 +1,136 @@
<?php
- /**
- * Email user validation plugin.
- * Non-admin or admin created accounts are invalid until their email address is confirmed.
- *
- * @package ElggUserValidationByEmail
- * @author Curverider Ltd
- * @link http://elgg.com/
- */
-
- function uservalidationbyemail_init()
- {
- global $CONFIG;
-
- // Register actions
- register_action("email/confirm",true, $CONFIG->pluginspath . "uservalidationbyemail/actions/email/confirm.php");
-
- // Register hook listening to new users.
- register_elgg_event_handler('validate', 'user', 'uservalidationbyemail_email_validation');
- }
+/**
+ * Email user validation plugin.
+ * Non-admin or admin created accounts are invalid until their email address is confirmed.
+ *
+ * @package ElggUserValidationByEmail
+ * @author Curverider Ltd
+ * @link http://elgg.com/
+ */
+
+function uservalidationbyemail_init() {
+ global $CONFIG;
+
+ // Register page handler to validate users
+ // This isn't an action because security is handled by the validation codes.
+ register_page_handler('uservalidationbyemail', 'uservalidationbyemail_page_handler');
+
+ // Register hook listening to new users.
+ register_elgg_event_handler('validate', 'user', 'uservalidationbyemail_email_validation');
+}
+
+/**
+ * Get security token, forward to action.
+ *
+ * @param unknown_type $page
+ * @return unknown_type
+ */
+function uservalidationbyemail_page_handler($page) {
+ if (isset($page[0]) && $page[0] == 'confirm') {
+ $code = sanitise_string(get_input('c', FALSE));
+ $user_guid = get_input('u', FALSE);
+
+ // new users are not enabled by default.
+ $access_status = access_get_show_hidden_status();
+ access_show_hidden_entities(true);
+
+ $user = get_entity($user_guid);
+
+ if (($code) && ($user)) {
+ if (uservalidationbyemail_validate_email($user_guid, $code)) {
+ system_message(elgg_echo('email:confirm:success'));
+
+ $user = get_entity($user_guid);
+ $user->enable();
+
+ notify_user($user_guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:success:subject'), $user->username), sprintf(elgg_echo('email:validate:success:body'), $user->name), NULL, 'email');
- /**
- * Request email validation.
- */
- function uservalidationbyemail_email_validation($event, $object_type, $object)
- {
- if (($object) && ($object instanceof ElggUser))
- {
- uservalidationbyemail_request_validation($object->guid);
+ } else {
+ register_error(elgg_echo('email:confirm:fail'));
+ }
+ } else {
+ register_error(elgg_echo('email:confirm:fail'));
}
-
- return true;
+
+ access_show_hidden_entities($access_status);
+ } else {
+ register_error(elgg_echo('email:confirm:fail'));
}
-
- /**
- * Generate an email activation code.
- *
- * @param int $user_guid The guid of the user
- * @param string $email_address Email address
- * @return string
- */
- function uservalidationbyemail_generate_code($user_guid, $email_address)
- {
- global $CONFIG;
-
- // Note I bind to site URL, this is important on multisite!
- return md5($user_guid . $email_address . $CONFIG->site->url . get_site_secret());
+
+ forward();
+}
+
+/**
+ * Request email validation.
+ */
+function uservalidationbyemail_email_validation($event, $object_type, $object) {
+ if (($object) && ($object instanceof ElggUser)) {
+ uservalidationbyemail_request_validation($object->guid);
}
-
- /**
- * Request user validation email.
- * Send email out to the address and request a confirmation.
- *
- * @param int $user_guid The user
- * @return mixed
- */
- function uservalidationbyemail_request_validation($user_guid)
- {
- global $CONFIG;
-
- $user_guid = (int)$user_guid;
- $user = get_entity($user_guid);
- if (($user) && ($user instanceof ElggUser))
- {
- // Work out validate link
- $link = $CONFIG->site->url . "action/email/confirm?u=$user_guid&c=" . uservalidationbyemail_generate_code($user_guid, $user->email);
-
- // Send validation email
- $result = notify_user($user->guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:subject'), $user->username), sprintf(elgg_echo('email:validate:body'), $user->name, $link), NULL, 'email');
- if ($result)
- system_message(elgg_echo('uservalidationbyemail:registerok'));
-
- return $result;
+ return true;
+}
+
+/**
+ * Generate an email activation code.
+ *
+ * @param int $user_guid The guid of the user
+ * @param string $email_address Email address
+ * @return string
+ */
+function uservalidationbyemail_generate_code($user_guid, $email_address) {
+ global $CONFIG;
+
+ // Note I bind to site URL, this is important on multisite!
+ return md5($user_guid . $email_address . $CONFIG->site->url . get_site_secret());
+}
+
+/**
+ * Request user validation email.
+ * Send email out to the address and request a confirmation.
+ *
+ * @param int $user_guid The user
+ * @return mixed
+ */
+function uservalidationbyemail_request_validation($user_guid) {
+ global $CONFIG;
+
+ $user_guid = (int)$user_guid;
+ $user = get_entity($user_guid);
+
+ if (($user) && ($user instanceof ElggUser)) {
+ // Work out validate link
+ $code = uservalidationbyemail_generate_code($user_guid, $user->email);
+ $link = "{$CONFIG->site->url}pg/uservalidationbyemail/confirm?u=$user_guid&c=$code";
+
+ // Send validation email
+ $result = notify_user($user->guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:subject'), $user->username), sprintf(elgg_echo('email:validate:body'), $user->name, $link), NULL, 'email');
+ if ($result) {
+ system_message(elgg_echo('uservalidationbyemail:registerok'));
}
-
- return false;
+
+ return $result;
}
-
- /**
- * Validate a user
- *
- * @param unknown_type $user_guid
- * @param unknown_type $code
- * @return unknown
- */
- function uservalidationbyemail_validate_email($user_guid, $code)
- {
- $user = get_entity($user_guid);
-
- if ($code == uservalidationbyemail_generate_code($user_guid, $user->email))
- return set_user_validation_status($user_guid, true, 'email');
-
- return false;
+
+ return FALSE;
+}
+
+/**
+ * Validate a user
+ *
+ * @param unknown_type $user_guid
+ * @param unknown_type $code
+ * @return unknown
+ */
+function uservalidationbyemail_validate_email($user_guid, $code) {
+ $user = get_entity($user_guid);
+
+ if ($code == uservalidationbyemail_generate_code($user_guid, $user->email)) {
+ return set_user_validation_status($user_guid, true, 'email');
}
-
- // Initialise
- register_elgg_event_handler('init','system','uservalidationbyemail_init');
-?> \ No newline at end of file
+
+ return false;
+}
+
+// Initialise
+register_elgg_event_handler('init', 'system', 'uservalidationbyemail_init'); \ No newline at end of file