From 31527bd5d3f40d3caa7bb6532fde2cd5b96d06de Mon Sep 17 00:00:00 2001
From: brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Fri, 22 Jan 2010 21:08:10 +0000
Subject: Changed uservalidationbyemail to not use an action and cleaned up
 some of its code.

git-svn-id: http://code.elgg.org/elgg/trunk@3830 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 .../actions/email/confirm.php                      |  44 -----
 mod/uservalidationbyemail/manifest.xml             |   4 +-
 mod/uservalidationbyemail/start.php                | 217 ++++++++++++---------
 3 files changed, 129 insertions(+), 136 deletions(-)
 delete mode 100644 mod/uservalidationbyemail/actions/email/confirm.php

diff --git a/mod/uservalidationbyemail/actions/email/confirm.php b/mod/uservalidationbyemail/actions/email/confirm.php
deleted file mode 100644
index b5c493de0..000000000
--- a/mod/uservalidationbyemail/actions/email/confirm.php
+++ /dev/null
@@ -1,44 +0,0 @@
-<?php
-	/**
-	 * Action which confirms an email when it is registered or changed, based on a code.
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @author 
-	 * @link http://elgg.org/
-	 */
-
-	global $CONFIG;
-
-	// Get user id
-	$access_status = access_get_show_hidden_status();
-	access_show_hidden_entities(true);
-	
-	$user_guid = (int)get_input('u');
-	$user = get_entity($user_guid);
-	
-	// And the code
-	$code = sanitise_string(get_input('c'));
-	
-	if ( ($code) && ($user) )
-	{
-		if (uservalidationbyemail_validate_email($user_guid, $code)) {
-			system_message(elgg_echo('email:confirm:success'));
-		
-			$user = get_entity($user_guid);
-			$user->enable();
-			
-			notify_user($user_guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:success:subject'), $user->username), sprintf(elgg_echo('email:validate:success:body'), $user->name), NULL, 'email');
-			
-		} else
-			register_error(elgg_echo('email:confirm:fail'));
-	}
-	else
-		register_error(elgg_echo('email:confirm:fail'));
-		
-	access_show_hidden_entities($access_status);
-	
-	forward();
-	exit;
-
-?>
\ No newline at end of file
diff --git a/mod/uservalidationbyemail/manifest.xml b/mod/uservalidationbyemail/manifest.xml
index ceeaa0964..d41398555 100644
--- a/mod/uservalidationbyemail/manifest.xml
+++ b/mod/uservalidationbyemail/manifest.xml
@@ -1,10 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <plugin_manifest>
 	<field key="author" value="Curverider Ltd" />
-	<field key="version" value="1.5" />
+	<field key="version" value="1.7" />
 	<field key="description" value="Simple user account validation via email." />
 	<field key="website" value="http://www.elgg.org/" />
 	<field key="copyright" value="(C) Curverider 2008-2009" />
 	<field key="licence" value="GNU Public License version 2" />
 	<field key="elgg_version" value="2009033101" />
-</plugin_manifest>
\ No newline at end of file
+</plugin_manifest>
diff --git a/mod/uservalidationbyemail/start.php b/mod/uservalidationbyemail/start.php
index 049287c89..7010fa4b8 100644
--- a/mod/uservalidationbyemail/start.php
+++ b/mod/uservalidationbyemail/start.php
@@ -1,99 +1,136 @@
 <?php
-	/**
-	 * Email user validation plugin.
-	 * Non-admin or admin created accounts are invalid until their email address is confirmed. 
-	 * 
-	 * @package ElggUserValidationByEmail
-	 * @author Curverider Ltd
-	 * @link http://elgg.com/
-	 */
-
-	function uservalidationbyemail_init()
-	{
-		global $CONFIG; 
-		
-		// Register actions
-		register_action("email/confirm",true, $CONFIG->pluginspath . "uservalidationbyemail/actions/email/confirm.php");
-		
-		// Register hook listening to new users.
-		register_elgg_event_handler('validate', 'user', 'uservalidationbyemail_email_validation');
-	}
+/**
+ * Email user validation plugin.
+ * Non-admin or admin created accounts are invalid until their email address is confirmed.
+ *
+ * @package ElggUserValidationByEmail
+ * @author Curverider Ltd
+ * @link http://elgg.com/
+ */
+
+function uservalidationbyemail_init() {
+	global $CONFIG;
+
+	// Register page handler to validate users
+	// This isn't an action because security is handled by the validation codes.
+	register_page_handler('uservalidationbyemail', 'uservalidationbyemail_page_handler');
+
+	// Register hook listening to new users.
+	register_elgg_event_handler('validate', 'user', 'uservalidationbyemail_email_validation');
+}
+
+/**
+ * Get security token, forward to action.
+ *
+ * @param unknown_type $page
+ * @return unknown_type
+ */
+function uservalidationbyemail_page_handler($page) {
+	if (isset($page[0]) && $page[0] == 'confirm') {
+		$code = sanitise_string(get_input('c', FALSE));
+		$user_guid = get_input('u', FALSE);
+
+		// new users are not enabled by default.
+		$access_status = access_get_show_hidden_status();
+		access_show_hidden_entities(true);
+
+		$user = get_entity($user_guid);
+
+		if (($code) && ($user)) {
+			if (uservalidationbyemail_validate_email($user_guid, $code)) {
+				system_message(elgg_echo('email:confirm:success'));
+
+				$user = get_entity($user_guid);
+				$user->enable();
+
+				notify_user($user_guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:success:subject'), $user->username), sprintf(elgg_echo('email:validate:success:body'), $user->name), NULL, 'email');
 
-	/**
-	 * Request email validation.
-	 */
-	function uservalidationbyemail_email_validation($event, $object_type, $object)
-	{
-		if (($object) && ($object instanceof ElggUser))
-		{
-			uservalidationbyemail_request_validation($object->guid);
+			} else {
+				register_error(elgg_echo('email:confirm:fail'));
+			}
+		} else {
+			register_error(elgg_echo('email:confirm:fail'));
 		}
-		
-		return true;
+
+		access_show_hidden_entities($access_status);
+	} else {
+		register_error(elgg_echo('email:confirm:fail'));
 	}
-	
-	/**
-	 * Generate an email activation code.
-	 *
-	 * @param int $user_guid The guid of the user
-	 * @param string $email_address Email address 
-	 * @return string
-	 */
-	function uservalidationbyemail_generate_code($user_guid, $email_address)
-	{
-		global $CONFIG;
-		
-		// Note I bind to site URL, this is important on multisite!
-		return md5($user_guid . $email_address . $CONFIG->site->url . get_site_secret()); 
+
+	forward();
+}
+
+/**
+ * Request email validation.
+ */
+function uservalidationbyemail_email_validation($event, $object_type, $object) {
+	if (($object) && ($object instanceof ElggUser)) {
+		uservalidationbyemail_request_validation($object->guid);
 	}
-	
-	/**
-	 * Request user validation email.
-	 * Send email out to the address and request a confirmation.
-	 *
-	 * @param int $user_guid The user
-	 * @return mixed
-	 */
-	function uservalidationbyemail_request_validation($user_guid)
-	{
-		global $CONFIG;
-		
-		$user_guid = (int)$user_guid;
-		$user = get_entity($user_guid);
 
-		if (($user) && ($user instanceof ElggUser))
-		{
-			// Work out validate link
-			$link = $CONFIG->site->url . "action/email/confirm?u=$user_guid&c=" . uservalidationbyemail_generate_code($user_guid, $user->email);
-
-			// Send validation email		
-			$result = notify_user($user->guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:subject'), $user->username), sprintf(elgg_echo('email:validate:body'), $user->name, $link), NULL, 'email');
-			if ($result)
-				system_message(elgg_echo('uservalidationbyemail:registerok'));
-				
-			return $result;
+	return true;
+}
+
+/**
+ * Generate an email activation code.
+ *
+ * @param int $user_guid The guid of the user
+ * @param string $email_address Email address
+ * @return string
+ */
+function uservalidationbyemail_generate_code($user_guid, $email_address) {
+	global $CONFIG;
+
+	// Note I bind to site URL, this is important on multisite!
+	return md5($user_guid . $email_address . $CONFIG->site->url . get_site_secret());
+}
+
+/**
+ * Request user validation email.
+ * Send email out to the address and request a confirmation.
+ *
+ * @param int $user_guid The user
+ * @return mixed
+ */
+function uservalidationbyemail_request_validation($user_guid) {
+	global $CONFIG;
+
+	$user_guid = (int)$user_guid;
+	$user = get_entity($user_guid);
+
+	if (($user) && ($user instanceof ElggUser)) {
+		// Work out validate link
+		$code = uservalidationbyemail_generate_code($user_guid, $user->email);
+		$link = "{$CONFIG->site->url}pg/uservalidationbyemail/confirm?u=$user_guid&c=$code";
+
+		// Send validation email
+		$result = notify_user($user->guid, $CONFIG->site->guid, sprintf(elgg_echo('email:validate:subject'), $user->username), sprintf(elgg_echo('email:validate:body'), $user->name, $link), NULL, 'email');
+		if ($result) {
+			system_message(elgg_echo('uservalidationbyemail:registerok'));
 		}
-		
-		return false;
+
+		return $result;
 	}
-	
-	/**
-	 * Validate a user
-	 *
-	 * @param unknown_type $user_guid
-	 * @param unknown_type $code
-	 * @return unknown
-	 */
-	function uservalidationbyemail_validate_email($user_guid, $code)
-	{
-		$user = get_entity($user_guid);
-		
-		if ($code == uservalidationbyemail_generate_code($user_guid, $user->email))
-			return set_user_validation_status($user_guid, true, 'email');
-		
-		return false;
+
+	return FALSE;
+}
+
+/**
+ * Validate a user
+ *
+ * @param unknown_type $user_guid
+ * @param unknown_type $code
+ * @return unknown
+ */
+function uservalidationbyemail_validate_email($user_guid, $code) {
+	$user = get_entity($user_guid);
+
+	if ($code == uservalidationbyemail_generate_code($user_guid, $user->email)) {
+		return set_user_validation_status($user_guid, true, 'email');
 	}
-	
-	// Initialise
-	register_elgg_event_handler('init','system','uservalidationbyemail_init');
-?>
\ No newline at end of file
+
+	return false;
+}
+
+// Initialise
+register_elgg_event_handler('init', 'system', 'uservalidationbyemail_init');
\ No newline at end of file
-- 
cgit v1.2.3