From aabc983611aba7667d891915a734baef652227d2 Mon Sep 17 00:00:00 2001 From: flashwave Date: Thu, 17 Mar 2016 20:09:00 +0100 Subject: [PATCH] r20160317 --- libraries/ActionCode.php | 6 +- libraries/Controllers/AuthController.php | 122 ++++++++++++++++++----- libraries/User.php | 5 +- libraries/Users.php | 45 +-------- public/authenticate.php | 30 ++---- sakura.php | 2 +- templates/yuuno/main/reactivate.twig | 35 +++++++ 7 files changed, 150 insertions(+), 95 deletions(-) create mode 100644 templates/yuuno/main/reactivate.twig diff --git a/libraries/ActionCode.php b/libraries/ActionCode.php index 95cc47f..d028406 100644 --- a/libraries/ActionCode.php +++ b/libraries/ActionCode.php @@ -31,7 +31,11 @@ class ActionCode // Insert it DB::table('actioncodes') ->insert( - ['action' => $action, 'id' => $user, 'code' => $code] + [ + 'code_action' => $action, + 'user_id' => $user, + 'action_code' => $code, + ] ); // Return the code diff --git a/libraries/Controllers/AuthController.php b/libraries/Controllers/AuthController.php index c8d56be..f222235 100644 --- a/libraries/Controllers/AuthController.php +++ b/libraries/Controllers/AuthController.php @@ -7,6 +7,7 @@ namespace Sakura\Controllers; +use Sakura\ActionCode; use Sakura\Config; use Sakura\DB; use Sakura\Hashing; @@ -78,7 +79,7 @@ class AuthController extends Controller // Check if authentication is disallowed if (Config::get('lock_authentication')) { $message = 'Logging in is disabled for security checkups! Try again later.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -97,7 +98,7 @@ class AuthController extends Controller if ($rates > 4) { $message = 'Your have hit the login rate limit, try again later.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -109,7 +110,7 @@ class AuthController extends Controller if ($user->id === 0) { $this->touchRateLimit($user->id); $message = 'The user you tried to log into does not exist.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -120,7 +121,7 @@ class AuthController extends Controller case 'disabled': $this->touchRateLimit($user->id); $message = 'Logging into this account is disabled.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); @@ -134,7 +135,7 @@ class AuthController extends Controller ])) { $this->touchRateLimit($user->id); $message = 'The password you entered was invalid.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -144,7 +145,7 @@ class AuthController extends Controller if ($user->permission(Site::DEACTIVATED)) { $this->touchRateLimit($user->id); $message = 'Your account does not have the required permissions to log in.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -174,10 +175,16 @@ class AuthController extends Controller $this->touchRateLimit($user->id, 1); $success = 1; - $redirect = $user->lastOnline ? (isset($_REQUEST['redirect']) ? $_REQUEST['redirect'] : Router::route('main.index')) : Router::route('main.infopage', 'welcome'); + + $redirect = $user->lastOnline + ? (isset($_REQUEST['redirect']) + ? $_REQUEST['redirect'] + : Router::route('main.index')) + : Router::route('main.infopage', 'welcome'); + $message = 'Welcome' . ($user->lastOnline ? ' back' : '') . '!'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -200,7 +207,7 @@ class AuthController extends Controller public function registerPost() { - // Preliminarily set login to failed + // Preliminarily set registration to failed $success = 0; $redirect = Router::route('auth.register'); @@ -208,7 +215,7 @@ class AuthController extends Controller if (Config::get('lock_authentication') || Config::get('disable_registration')) { $message = 'Registration is disabled for security checkups! Try again later.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -217,7 +224,7 @@ class AuthController extends Controller if (!isset($_POST['session']) || $_POST['session'] != session_id()) { $message = "Your session expired, refreshing the page will most likely fix this!"; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -236,7 +243,7 @@ class AuthController extends Controller if (!$terms) { $message = 'You are required to agree to the Terms of Service.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -253,16 +260,16 @@ class AuthController extends Controller if ($response) { $response = json_decode($response); } - + if (!$response || !$response->success) { $message = 'Captcha verification failed, please try again.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } } - + // Attempt to get account data $user = User::construct(Utils::cleanString($username, true, true)); @@ -270,7 +277,7 @@ class AuthController extends Controller if ($user && $user->id !== 0) { $message = "{$user->username} is already a member here! If this is you please use the password reset form instead of making a new account."; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -279,7 +286,7 @@ class AuthController extends Controller if (strlen($username) < Config::get('username_min_length')) { $message = 'Your name must be at least 3 characters long.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -288,7 +295,7 @@ class AuthController extends Controller if (strlen($username) > Config::get('username_max_length')) { $message = 'Your name can\'t be longer than 16 characters.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -297,7 +304,7 @@ class AuthController extends Controller if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $message = 'Your e-mail address is formatted incorrectly.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -306,7 +313,7 @@ class AuthController extends Controller if (!Utils::checkMXRecord($email)) { $message = 'No valid MX-Record found on the e-mail address you supplied.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -318,7 +325,7 @@ class AuthController extends Controller if ($emailCheck) { $message = 'Someone already registered using this email!'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -327,7 +334,7 @@ class AuthController extends Controller if (Utils::pwdEntropy($password) < Config::get('min_entropy')) { $message = 'Your password is too weak, try adding some special characters.'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } @@ -349,11 +356,76 @@ class AuthController extends Controller $success = 1; $redirect = Router::route('auth.login'); $message = $requireActive - ? 'Your registration went through! An activation e-mail has been sent.' - : 'Your registration went through! Welcome to ' . Config::get('sitename') . '!'; + ? 'Your registration went through! An activation e-mail has been sent.' + : 'Your registration went through! Welcome to ' . Config::get('sitename') . '!'; - Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]); + Template::vars(['page' => compact('success', 'redirect', 'message')]); return Template::render('global/information'); } + + public function activate() + { + // Preliminarily set activation to failed + $success = 0; + $redirect = Router::route('main.index'); + + // Attempt to get the required GET parameters + $userId = isset($_GET['u']) ? $_GET['u'] : 0; + $key = isset($_GET['k']) ? $_GET['k'] : ""; + + // Attempt to create a user object + $user = User::construct($userId); + + // Quit if the user ID is 0 + if ($user->id === 0) { + $message = "This user does not exist! Contact us if you think this isn't right."; + + Template::vars(['page' => compact('success', 'redirect', 'message')]); + + return Template::render('global/information'); + } + + // Check if the user is already active + if (!$user->permission(Site::DEACTIVATED)) { + $message = "Your account is already activated! Why are you here?"; + + Template::vars(['page' => compact('success', 'redirect', 'message')]); + + return Template::render('global/information'); + } + + // Validate the activation key + $action = ActionCode::validate('ACTIVATE', $key, $user->id); + + if (!$action) { + $message = "Invalid activation code! Contact us if you think this isn't right."; + + Template::vars(['page' => compact('success', 'redirect', 'message')]); + + return Template::render('global/information'); + } + + // Get the ids for deactivated and default user ranks + $rankDefault = Config::get('default_rank_id'); + $rankDeactive = Config::get('deactive_rank_id'); + + // Add normal user, remove deactivated and set normal as default + $user->addRanks([$rankDefault]); + $user->setMainRank($rankDefault); + $user->removeRanks([$rankDeactive]); + + $success = 1; + $redirect = Router::route('auth.login'); + $message = "Your account is activated, welcome to " . Config::get('sitename') . "!"; + + Template::vars(['page' => compact('success', 'redirect', 'message')]); + + return Template::render('global/information'); + } + + public function reactivateGet() + { + return Template::render('main/reactivate'); + } } diff --git a/libraries/User.php b/libraries/User.php index 8c45431..4ca423c 100644 --- a/libraries/User.php +++ b/libraries/User.php @@ -460,7 +460,8 @@ class User array_unique( array_merge( array_keys($this->ranks), - $ranks) + $ranks + ) ), array_keys($this->ranks) ); @@ -487,7 +488,7 @@ class User // Iterate over the ranks foreach ($remove as $rank) { - DB::table('ranks') + DB::table('user_ranks') ->where('user_id', $this->id) ->where('rank_id', $rank) ->delete(); diff --git a/libraries/Users.php b/libraries/Users.php index 7366da3..5b32f10 100644 --- a/libraries/Users.php +++ b/libraries/Users.php @@ -308,50 +308,6 @@ class Users return true; } - /** - * Activate a user. - * - * @param int $uid The ID. - * @param bool $requireKey Require a key. - * @param string $key The key. - * - * @return array Status. - */ - public static function activateUser($uid, $requireKey = false, $key = null) - { - // Get the user data - $user = User::construct($uid); - - // Check if user exists - if (!$user->id) { - return [0, 'USER_NOT_EXIST']; - } - - // Check if user is already activated - if (!$user->permission(Site::DEACTIVATED)) { - return [0, 'USER_ALREADY_ACTIVE']; - } - - // Check if a key is set - if ($requireKey) { - // Check the action code - $action = ActionCode::validate('ACTIVATE', $key, $user->id); - - // Check if we got a negative return - if (!$action) { - return [0, 'INVALID_CODE']; - } - } - - // Add normal user, remove deactivated and set normal as default - $user->addRanks([2]); - $user->removeRanks([1]); - $user->setMainRank(2); - - // Return success - return [1, 'SUCCESS']; - } - /** * Get all available profile fields. * @@ -613,6 +569,7 @@ class Users { $get = DB::table('users') ->where('rank_main', '!=', Config::get('restricted_rank_id')) + ->where('rank_main', '!=', Config::get('deactive_rank_id')) ->orderBy('user_id', 'desc') ->limit(1) ->get(['user_id']); diff --git a/public/authenticate.php b/public/authenticate.php index 514cae4..710b88e 100644 --- a/public/authenticate.php +++ b/public/authenticate.php @@ -90,28 +90,6 @@ if (isset($_REQUEST['mode'])) { ]; break; - // Activating accounts - case 'activate': - // Attempt activation - $activate = Users::activateUser($_REQUEST['u'], true, $_REQUEST['k']); - - // Array containing "human understandable" messages - $messages = [ - 'USER_NOT_EXIST' => 'The user you tried to activate does not exist.', - 'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.', - 'INVALID_CODE' => 'Invalid activation code, if you think this is an error contact the administrator.', - 'INVALID_USER' => 'The used activation code is not designated for this user.', - 'SUCCESS' => 'Successfully activated your account, you may now log in.', - ]; - - // Add page specific things - $renderData['page'] = [ - 'redirect' => $urls->format('SITE_LOGIN'), - 'message' => $messages[$activate[1]], - 'success' => $activate[0], - ]; - break; - // Resending the activation e-mail case 'resendactivemail': // Attempt send @@ -178,6 +156,14 @@ if (isset($_REQUEST['mode'])) { ]; break; + case 'activate': + $renderData['page'] = [ + 'redirect' => Router::route('auth.activate'), + 'message' => 'Wrong activation page.', + 'success' => 0, + ]; + break; + } } diff --git a/sakura.php b/sakura.php index 782649b..2da3e6e 100644 --- a/sakura.php +++ b/sakura.php @@ -8,7 +8,7 @@ namespace Sakura; // Define Sakura version -define('SAKURA_VERSION', '20160313'); +define('SAKURA_VERSION', '20160317'); // Define Sakura Path define('ROOT', __DIR__ . '/'); diff --git a/templates/yuuno/main/reactivate.twig b/templates/yuuno/main/reactivate.twig new file mode 100644 index 0000000..b7d7b61 --- /dev/null +++ b/templates/yuuno/main/reactivate.twig @@ -0,0 +1,35 @@ +{% extends 'global/master.twig' %} + +{% block title %}Reactivate account{% endblock %} + +{% block content %} + {% if sakura.lockAuth %} +

Reactivation is disabled for security checkups! Try again later.

+ {% else %} +
+
+
+ Reactivate account +
+
+ +
+ +
+
+ +
+
+ +
+
+ +
+
+ +
+
+
+
+ {% endif %} +{% endblock %}