diff options
Diffstat (limited to 'mod')
-rw-r--r-- | mod/uservalidationbyemail/actions/email/confirm.php | 44 | ||||
-rw-r--r-- | mod/uservalidationbyemail/manifest.xml | 4 | ||||
-rw-r--r-- | mod/uservalidationbyemail/start.php | 217 |
3 files changed, 129 insertions, 136 deletions
diff --git a/mod/uservalidationbyemail/actions/email/confirm.php b/mod/uservalidationbyemail/actions/email/confirm.php deleted file mode 100644 index b5c493de0..000000000 --- a/mod/uservalidationbyemail/actions/email/confirm.php +++ /dev/null @@ -1,44 +0,0 @@ -<?php - /** - * Action which confirms an email when it is registered or changed, based on a code. - * - * @package Elgg - * @subpackage Core - * @author - * @link http://elgg.org/ - */ - - global $CONFIG; - - // Get user id - $access_status = access_get_show_hidden_status(); - access_show_hidden_entities(true); - - $user_guid = (int)get_input('u'); - $user = get_entity($user_guid); - - // And the code - $code = sanitise_string(get_input('c')); - - if ( ($code) && ($user) ) - { - if (uservalidationbyemail_validate_email($user_guid, $code)) { - system_message(elgg_echo('email:confirm:success')); - - $user = get_entity($user_guid); - $user->enable(); - - notify_user($user_guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:success:subject'), $user->username), sprintf(elgg_echo('email:validate:success:body'), $user->name), NULL, 'email'); - - } else - register_error(elgg_echo('email:confirm:fail')); - } - else - register_error(elgg_echo('email:confirm:fail')); - - access_show_hidden_entities($access_status); - - forward(); - exit; - -?>
\ No newline at end of file diff --git a/mod/uservalidationbyemail/manifest.xml b/mod/uservalidationbyemail/manifest.xml index ceeaa0964..d41398555 100644 --- a/mod/uservalidationbyemail/manifest.xml +++ b/mod/uservalidationbyemail/manifest.xml @@ -1,10 +1,10 @@ <?xml version="1.0" encoding="UTF-8"?> <plugin_manifest> <field key="author" value="Curverider Ltd" /> - <field key="version" value="1.5" /> + <field key="version" value="1.7" /> <field key="description" value="Simple user account validation via email." /> <field key="website" value="http://www.elgg.org/" /> <field key="copyright" value="(C) Curverider 2008-2009" /> <field key="licence" value="GNU Public License version 2" /> <field key="elgg_version" value="2009033101" /> -</plugin_manifest>
\ No newline at end of file +</plugin_manifest> diff --git a/mod/uservalidationbyemail/start.php b/mod/uservalidationbyemail/start.php index 049287c89..7010fa4b8 100644 --- a/mod/uservalidationbyemail/start.php +++ b/mod/uservalidationbyemail/start.php @@ -1,99 +1,136 @@ <?php - /** - * Email user validation plugin. - * Non-admin or admin created accounts are invalid until their email address is confirmed. - * - * @package ElggUserValidationByEmail - * @author Curverider Ltd - * @link http://elgg.com/ - */ - - function uservalidationbyemail_init() - { - global $CONFIG; - - // Register actions - register_action("email/confirm",true, $CONFIG->pluginspath . "uservalidationbyemail/actions/email/confirm.php"); - - // Register hook listening to new users. - register_elgg_event_handler('validate', 'user', 'uservalidationbyemail_email_validation'); - } +/** + * Email user validation plugin. + * Non-admin or admin created accounts are invalid until their email address is confirmed. + * + * @package ElggUserValidationByEmail + * @author Curverider Ltd + * @link http://elgg.com/ + */ + +function uservalidationbyemail_init() { + global $CONFIG; + + // Register page handler to validate users + // This isn't an action because security is handled by the validation codes. + register_page_handler('uservalidationbyemail', 'uservalidationbyemail_page_handler'); + + // Register hook listening to new users. + register_elgg_event_handler('validate', 'user', 'uservalidationbyemail_email_validation'); +} + +/** + * Get security token, forward to action. + * + * @param unknown_type $page + * @return unknown_type + */ +function uservalidationbyemail_page_handler($page) { + if (isset($page[0]) && $page[0] == 'confirm') { + $code = sanitise_string(get_input('c', FALSE)); + $user_guid = get_input('u', FALSE); + + // new users are not enabled by default. + $access_status = access_get_show_hidden_status(); + access_show_hidden_entities(true); + + $user = get_entity($user_guid); + + if (($code) && ($user)) { + if (uservalidationbyemail_validate_email($user_guid, $code)) { + system_message(elgg_echo('email:confirm:success')); + + $user = get_entity($user_guid); + $user->enable(); + + notify_user($user_guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:success:subject'), $user->username), sprintf(elgg_echo('email:validate:success:body'), $user->name), NULL, 'email'); - /** - * Request email validation. - */ - function uservalidationbyemail_email_validation($event, $object_type, $object) - { - if (($object) && ($object instanceof ElggUser)) - { - uservalidationbyemail_request_validation($object->guid); + } else { + register_error(elgg_echo('email:confirm:fail')); + } + } else { + register_error(elgg_echo('email:confirm:fail')); } - - return true; + + access_show_hidden_entities($access_status); + } else { + register_error(elgg_echo('email:confirm:fail')); } - - /** - * Generate an email activation code. - * - * @param int $user_guid The guid of the user - * @param string $email_address Email address - * @return string - */ - function uservalidationbyemail_generate_code($user_guid, $email_address) - { - global $CONFIG; - - // Note I bind to site URL, this is important on multisite! - return md5($user_guid . $email_address . $CONFIG->site->url . get_site_secret()); + + forward(); +} + +/** + * Request email validation. + */ +function uservalidationbyemail_email_validation($event, $object_type, $object) { + if (($object) && ($object instanceof ElggUser)) { + uservalidationbyemail_request_validation($object->guid); } - - /** - * Request user validation email. - * Send email out to the address and request a confirmation. - * - * @param int $user_guid The user - * @return mixed - */ - function uservalidationbyemail_request_validation($user_guid) - { - global $CONFIG; - - $user_guid = (int)$user_guid; - $user = get_entity($user_guid); - if (($user) && ($user instanceof ElggUser)) - { - // Work out validate link - $link = $CONFIG->site->url . "action/email/confirm?u=$user_guid&c=" . uservalidationbyemail_generate_code($user_guid, $user->email); - - // Send validation email - $result = notify_user($user->guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:subject'), $user->username), sprintf(elgg_echo('email:validate:body'), $user->name, $link), NULL, 'email'); - if ($result) - system_message(elgg_echo('uservalidationbyemail:registerok')); - - return $result; + return true; +} + +/** + * Generate an email activation code. + * + * @param int $user_guid The guid of the user + * @param string $email_address Email address + * @return string + */ +function uservalidationbyemail_generate_code($user_guid, $email_address) { + global $CONFIG; + + // Note I bind to site URL, this is important on multisite! + return md5($user_guid . $email_address . $CONFIG->site->url . get_site_secret()); +} + +/** + * Request user validation email. + * Send email out to the address and request a confirmation. + * + * @param int $user_guid The user + * @return mixed + */ +function uservalidationbyemail_request_validation($user_guid) { + global $CONFIG; + + $user_guid = (int)$user_guid; + $user = get_entity($user_guid); + + if (($user) && ($user instanceof ElggUser)) { + // Work out validate link + $code = uservalidationbyemail_generate_code($user_guid, $user->email); + $link = "{$CONFIG->site->url}pg/uservalidationbyemail/confirm?u=$user_guid&c=$code"; + + // Send validation email + $result = notify_user($user->guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:subject'), $user->username), sprintf(elgg_echo('email:validate:body'), $user->name, $link), NULL, 'email'); + if ($result) { + system_message(elgg_echo('uservalidationbyemail:registerok')); } - - return false; + + return $result; } - - /** - * Validate a user - * - * @param unknown_type $user_guid - * @param unknown_type $code - * @return unknown - */ - function uservalidationbyemail_validate_email($user_guid, $code) - { - $user = get_entity($user_guid); - - if ($code == uservalidationbyemail_generate_code($user_guid, $user->email)) - return set_user_validation_status($user_guid, true, 'email'); - - return false; + + return FALSE; +} + +/** + * Validate a user + * + * @param unknown_type $user_guid + * @param unknown_type $code + * @return unknown + */ +function uservalidationbyemail_validate_email($user_guid, $code) { + $user = get_entity($user_guid); + + if ($code == uservalidationbyemail_generate_code($user_guid, $user->email)) { + return set_user_validation_status($user_guid, true, 'email'); } - - // Initialise - register_elgg_event_handler('init','system','uservalidationbyemail_init'); -?>
\ No newline at end of file + + return false; +} + +// Initialise +register_elgg_event_handler('init', 'system', 'uservalidationbyemail_init');
\ No newline at end of file |