From c15753cb8669a98da0f93fe5c029b52fa69cb0ab Mon Sep 17 00:00:00 2001 From: rurban Date: Sun, 24 Dec 2006 13:35:43 +0000 Subject: [PATCH] added experimental EMailConfirm auth. (not yet tested) requires actionpage ConfirmEmail TBD: purge expired cookies git-svn-id: svn://svn.code.sf.net/p/phpwiki/code/trunk@5257 96ab9672-09ca-45d6-a79d-3d69d39ca109 --- lib/MailNotify.php | 105 ++++++++++++++++++++++++++++++---- lib/WikiUser/EMailConfirm.php | 52 +++++++++++++++++ 2 files changed, 147 insertions(+), 10 deletions(-) create mode 100644 lib/WikiUser/EMailConfirm.php diff --git a/lib/MailNotify.php b/lib/MailNotify.php index 5b05f0df5..d1d9f73bd 100644 --- a/lib/MailNotify.php +++ b/lib/MailNotify.php @@ -1,5 +1,5 @@ userids = array_unique($userids); return array($this->emails, $this->userids); } - - function sendMail($subject, $content) { + + function sendMail($subject, $content, + $notice = _("PageChange Notification of %s"), + $silent = false) + { global $request; $emails = $this->emails; $from = $this->from; @@ -118,18 +122,23 @@ class MailNotify { "[".WIKI_NAME."] ".$subject, $subject."\n".$content, "From: $from\r\nBcc: ".join(',', $emails) - )) + )) { - trigger_error(sprintf(_("PageChange Notification of %s sent to %s"), - $this->pagename, join(',',$this->userids)), E_USER_NOTICE); + if (!$silent) + trigger_error(sprintf($notice, $this->pagename) + . " " + . sprintf(_("sent to %s"), join(',',$this->userids)), + E_USER_NOTICE); return true; } else { - trigger_error(sprintf(_("PageChange Notification of %s Error: Couldn't send to %s"), - $this->pagename, join(',',$this->userids)), E_USER_WARNING); + trigger_error(sprintf($notice, $this->pagename) + . " " + . sprintf(_("Error: Couldn't send to %s"), join(',',$this->userids)), + E_USER_WARNING); return false; } } - + /** * Send udiff for a changed page to multiple users. * See rename and remove methods also @@ -276,10 +285,86 @@ class MailNotify { } } } + + /** + * send mail to user and store the cookie in the db + * wikiurl?action=ConfirmEmail&id=bla + */ + function sendEmailConfirmation ($email, $userid) { + $id = rand_ascii_readable(16); + $wikidb = $GLOBALS['request']->getDbh(); + $data = $wikidb->get('ConfirmEmail'); + while(!empty($data[$id])) { // id collision + $id = rand_ascii_readable(16); + } + $subject = WIKI_NAME . " " . _("e-mail address confirmation"); + $ip = $request->get('REMOTE_HOST'); + $expire_date = time() + 7*86400; + $content = fmt("Someone, probably you from IP address %s, has registered an +account \"%s\" with this e-mail address on %s. + +To confirm that this account really does belong to you and activate +e-mail features on %s, open this link in your browser: + +%s + +If this is *not* you, don't follow the link. This confirmation code +will expire at %s.", + $ip, $userid, WIKI_NAME, WIKI_NAME, + WikiURL(HOME_PAGE, array('action' => 'ConfirmEmail', + 'id' => $id), + true), + CTime($expire_date)); + $this->sendMail($subject, $content, "", true); + $data[$id] = array('email' => $email, + 'userid' => $userid, + 'expire' => $expire_date); + $wikidb->set('ConfirmEmail', $data); + return ''; + } + + function checkEmailConfirmation () { + global $request; + $wikidb = $request->getDbh(); + $data = $wikidb->get('ConfirmEmail'); + $id = $request->getArg('id'); + if (empty($data[$id])) { // id not found + return HTML(HTML::h1("Confirm E-mail address"), + HTML::h1("Sorry! Wrong URL")); + } + // upgrade the user + $userid = $data['userid']; + $email = $data['email']; + $u = $request->getUser(); + if ($u->UserName() == $userid) { // lucky: current user (session) + $prefs = $u->getPreferences(); + $request->_user->_level = WIKIAUTH_USER; + $request->_prefs->set('emailVerified', true); + } else { // not current user + if (ENABLE_USER_NEW) { + $u = WikiUser($userid); + $u->getPreferences(); + $prefs = &$u->_prefs; + } else { + $u = new WikiUser($request, $userid); + $prefs = $u->getPreferences(); + } + $u->_level = WIKIAUTH_USER; + $request->setUser($u); + $request->_prefs->set('emailVerified', true); + } + unset($data[$id]); + $wikidb->set('ConfirmEmail', $data); + return HTML(HTML::h1("Confirm E-mail address"), + HTML::p("Your e-mail address has now been confirmed.")); + } } // $Log: not supported by cvs2svn $ +// Revision 1.2 2006/12/23 11:50:45 rurban +// added missing result init +// // Revision 1.1 2006/12/22 17:59:55 rurban // Move mailer functions into seperate MailNotify.php // diff --git a/lib/WikiUser/EMailConfirm.php b/lib/WikiUser/EMailConfirm.php new file mode 100644 index 000000000..60e8ffcde --- /dev/null +++ b/lib/WikiUser/EMailConfirm.php @@ -0,0 +1,52 @@ +_prefs and isa($this, "_EMailPassUser")) { + if ($prefs) $this->_prefs = $prefs; + if (!isset($this->_prefs->_method)) + _PassUser::_PassUser($UserName); + } + $this->_userid = $UserName; + return $this; + } + + function userExists() { + if (!$this->isValidName($this->_userid)) { + return $this->_tryNextUser(); + } + $this->_authmethod = 'EMailConfirm'; + // check the prefs for emailVerified + if ($this->_prefs->get('emailVerified')) + return true; + return $this->_tryNextUser(); + } +} + +// $Log: not supported by cvs2svn $ + +// Local Variables: +// mode: php +// tab-width: 8 +// c-basic-offset: 4 +// c-hanging-comment-ender-p: nil +// indent-tabs-mode: nil +// End: +?> \ No newline at end of file -- 2.45.0