diff options
| -rw-r--r-- | actions/email/confirm.php | 38 | ||||
| -rw-r--r-- | engine/lib/users.php | 66 | ||||
| -rw-r--r-- | languages/en.php | 12 |
3 files changed, 114 insertions, 2 deletions
diff --git a/actions/email/confirm.php b/actions/email/confirm.php new file mode 100644 index 000000000..d967f7c1e --- /dev/null +++ b/actions/email/confirm.php @@ -0,0 +1,38 @@ +<?php + /** + * Action which confirms an email when it is registered or changed, based on a code. + * + * @package Elgg + * @subpackage Core + * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 + * @author + * @copyright Curverider Ltd 2008 + * @link http://elgg.org/ + */ + + require_once(dirname(dirname(dirname(__FILE__))) . "/engine/start.php"); + + // Ensure we are logged in + gatekeeper(); + + // Get user id + $user_guid = (int)get_input('u'); + $user = get_entity($user_guid); + + // And the code + $code = sanitise_string(get_input('c')); + + if ( ($code) && ($user) ) + { + if (validate_email($user_guid, $code)) + system_message(elgg_echo('email:confirm:success')); + else + system_message(elgg_echo('email:confirm:fail')); + } + else + system_message(elgg_echo('email:confirm:fail')); + + forward($_SERVER['HTTP_REFERER']); + exit; + +?>
\ No newline at end of file diff --git a/engine/lib/users.php b/engine/lib/users.php index 3bd87dbff..5dc382670 100644 --- a/engine/lib/users.php +++ b/engine/lib/users.php @@ -749,6 +749,67 @@ return get_data($query, "entity_row_to_elggstar"); } + + /** + * Generate a validation code for a given user's email address. + * + * @param int $user_guid The user id + * @param string $email_address The email address + */ + function generate_email_validation_code($user_guid, $email_address) + { + global $CONFIG; + + return md5($user_guid . $email_address . $CONFIG->site->url); // Note I bind to site URL, this is important on multisite! + } + + /** + * Send out a validation request for a given user. + * This function assumes that a user has already been created and that the email address has been + * saved in the email field in the database. + * + * @param int $user_guid The user. + * @return bool + */ + function request_email_validation($user_guid) + { + global $CONFIG; + + $user_guid = (int)$user_guid; + + $user = get_entity($user_guid); + if (($user) && ($user instanceof ElggUser)) + { + // Clear existing status + $user->validated_email = false; + + // Work out validate link + $link = $CONFIG->site->url . "action/email/confirm/?u=$user_guid&c=" . generate_email_validation_code($user_guid, $user->email); + + // Send validation email + return notify_user($user->guid, $CONFIG->site_guid, elgg_echo('email:validate:subject'), sprintf(elgg_echo('email:validate:body'), $user->username, $link), NULL, 'email'); + + } + + return false; + } + + /** + * Validate a user email address against the code provided, and if valid set the appropriate flag + * + * @param int $user_guid User GUID + * @param string $code The code provided on validation. + */ + function validate_email($user_guid, $code) + { + $user = get_entity($user_guid); + + $valid = ($code == generate_email_validation_code($user_guid, $user->email)); + if ($valid) + $user->validated_email = true; + + return $valid; + } /**
* Registers a user, returning false if the username already exists
@@ -794,10 +855,11 @@ $user->admin = true;
datalist_set('admin_registered',1);
}
+ + // Send email validation request + request_email_validation($user->getGUID()); return $user->getGUID();
-
-
}
/**
diff --git a/languages/en.php b/languages/en.php index 13b661209..cf94ecd1a 100644 --- a/languages/en.php +++ b/languages/en.php @@ -442,6 +442,9 @@ Alternatively, you can enter your database settings below and we will try and do /** * Emails */ + 'email:confirm:success' => "You have confirmed your email address!", + 'email:confirm:fail' => "Your email address could not be verified...", + 'friend:newfriend:subject' => "%s has made you a friend!", 'friend:newfriend:body' => "%s has made you a friend! @@ -449,6 +452,15 @@ Check them out: %s You cannot reply to this email.", + + 'email:validate:subject' => "Please confirm your email address!", + 'email:validate:body' => "Hi %s, + +Please confirm your email address by clicking on the link below: + +%s +", + /** * XML-RPC */ |