flash/sakura
flash/sakura
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Registration and activation works

Browse source
This commit is contained in:
flash 2015-04-19 13:00:32 +00:00
parent f4ed101874
commit 69c0dd651b
8 changed files with 405 additions and 119 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

61
_developer_data/structure.sql
View file

@ -5,9 +5,20 @@ SET time_zone = '+00:00';
SET foreign_key_checks = 0; SET foreign_key_checks = 0;
SET sql_mode = 'NO_AUTO_VALUE_ON_ZERO'; SET sql_mode = 'NO_AUTO_VALUE_ON_ZERO';
DROP DATABASE IF EXISTS `flashiidev`; DROP DATABASE IF EXISTS `sakura`;
CREATE DATABASE `flashiidev` /*!40100 DEFAULT CHARACTER SET utf8 COLLATE utf8_bin */; CREATE DATABASE `sakura` /*!40100 DEFAULT CHARACTER SET utf8 COLLATE utf8_bin */;
USE `flashiidev`; USE `sakura`;
DROP TABLE IF EXISTS `fii_actioncodes`;
CREATE TABLE `fii_actioncodes` (
`id` bigint(255) NOT NULL AUTO_INCREMENT COMMENT 'Automatically generated ID by MySQL for management.',
`action` varchar(255) COLLATE utf8_bin NOT NULL COMMENT 'Action identifier so the backend knows what to do.',
`userid` bigint(255) NOT NULL COMMENT 'ID of the user that would be affected by this action',
`actkey` varchar(255) COLLATE utf8_bin NOT NULL COMMENT 'The URL key for using this code.',
`instruction` varchar(255) COLLATE utf8_bin NOT NULL COMMENT 'Things the backend should do upon using this code',
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
DROP TABLE IF EXISTS `fii_apikeys`; DROP TABLE IF EXISTS `fii_apikeys`;
CREATE TABLE `fii_apikeys` ( CREATE TABLE `fii_apikeys` (
@ -39,6 +50,34 @@ CREATE TABLE `fii_config` (
`config_value` varchar(255) COLLATE utf8_bin NOT NULL COMMENT 'The value, obviously.' `config_value` varchar(255) COLLATE utf8_bin NOT NULL COMMENT 'The value, obviously.'
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin; ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
TRUNCATE `fii_config`;
INSERT INTO `fii_config` (`config_name`, `config_value`) VALUES
('recaptcha_public', ''),
('recaptcha_private', ''),
('charset', 'utf-8'),
('cookie_prefix', ''),
('cookie_domain', ''),
('cookie_path', '/'),
('site_style', 'yuuno'),
('manage_style', 'Manage'),
('allow_registration', '0'),
('smtp_server', ''),
('smtp_auth', ''),
('smtp_secure', ''),
('smtp_port', ''),
('smtp_username', ''),
('smtp_password', ''),
('smtp_replyto_mail', ''),
('smtp_replyto_name', ''),
('smtp_from_email', ''),
('smtp_from_name', 'Sakura Noreply'),
('sitename', 'Sakura'),
('recaptcha', '1'),
('require_activation', '1'),
('require_registration_code', '0'),
('disable_registration', '1'),
('max_reg_keys', '5'),
('mail_signature', 'Team Flashii');
DROP TABLE IF EXISTS `fii_infopages`; DROP TABLE IF EXISTS `fii_infopages`;
CREATE TABLE `fii_infopages` ( CREATE TABLE `fii_infopages` (
@ -83,6 +122,7 @@ CREATE TABLE `fii_profilefields` (
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=12 DEFAULT CHARSET=utf8 COLLATE=utf8_bin; ) ENGINE=InnoDB AUTO_INCREMENT=12 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
TRUNCATE `fii_profilefields`;
INSERT INTO `fii_profilefields` (`id`, `name`, `formtype`, `description`, `additional`) VALUES INSERT INTO `fii_profilefields` (`id`, `name`, `formtype`, `description`, `additional`) VALUES
(1, 'Website', 'url', 'URL to your website', ''), (1, 'Website', 'url', 'URL to your website', ''),
(2, 'Twitter', 'text', 'Your @twitter Username', ''), (2, 'Twitter', 'text', 'Your @twitter Username', ''),
@ -94,8 +134,7 @@ INSERT INTO `fii_profilefields` (`id`, `name`, `formtype`, `description`, `addit
(8, 'osu!', 'text', 'Your osu! Username', ''), (8, 'osu!', 'text', 'Your osu! Username', ''),
(9, 'Origin', 'text', 'Your Origin User ID', ''), (9, 'Origin', 'text', 'Your Origin User ID', ''),
(10, 'Xbox Live', 'text', 'Your Xbox User ID', ''), (10, 'Xbox Live', 'text', 'Your Xbox User ID', ''),
(11, 'PSN', 'text', 'Your PSN User ID', '') (11, 'PSN', 'text', 'Your PSN User ID', '');
ON DUPLICATE KEY UPDATE `id` = VALUES(`id`), `name` = VALUES(`name`), `formtype` = VALUES(`formtype`), `description` = VALUES(`description`), `additional` = VALUES(`additional`);
DROP TABLE IF EXISTS `fii_ranks`; DROP TABLE IF EXISTS `fii_ranks`;
CREATE TABLE `fii_ranks` ( CREATE TABLE `fii_ranks` (
@ -108,6 +147,7 @@ CREATE TABLE `fii_ranks` (
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=10 DEFAULT CHARSET=utf8 COLLATE=utf8_bin; ) ENGINE=InnoDB AUTO_INCREMENT=10 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
TRUNCATE `fii_ranks`;
INSERT INTO `fii_ranks` (`id`, `name`, `multi`, `colour`, `description`, `title`) VALUES INSERT INTO `fii_ranks` (`id`, `name`, `multi`, `colour`, `description`, `title`) VALUES
(1, 'Deactivated', 0, '#555', 'Users that are yet to be activated or that deactivated their own account.', 'Deactivated'), (1, 'Deactivated', 0, '#555', 'Users that are yet to be activated or that deactivated their own account.', 'Deactivated'),
(2, 'Regular user', 1, 'inherit', 'Regular users with regular permissions.', 'Regular user'), (2, 'Regular user', 1, 'inherit', 'Regular users with regular permissions.', 'Regular user'),
@ -117,8 +157,7 @@ INSERT INTO `fii_ranks` (`id`, `name`, `multi`, `colour`, `description`, `title`
(6, 'Bot', 1, '#9E8DA7', 'Reserved user accounts for services.', 'Bot'), (6, 'Bot', 1, '#9E8DA7', 'Reserved user accounts for services.', 'Bot'),
(7, 'Chat moderator', 1, '#09F', 'Moderators of the chat room.', 'Staff'), (7, 'Chat moderator', 1, '#09F', 'Moderators of the chat room.', 'Staff'),
(8, 'Tenshi', 0, '#EE9400', 'Users that donated $5.00 or more in order to keep the site and it\'s services alive!', 'Tenshi'), (8, 'Tenshi', 0, '#EE9400', 'Users that donated $5.00 or more in order to keep the site and it\'s services alive!', 'Tenshi'),
(9, 'Alumnii', 0, '#FF69B4', 'People who have contributed to the community but have moved on or resigned.', 'Alumnii') (9, 'Alumnii', 0, '#FF69B4', 'People who have contributed to the community but have moved on or resigned.', 'Alumnii');
ON DUPLICATE KEY UPDATE `id` = VALUES(`id`), `name` = VALUES(`name`), `multi` = VALUES(`multi`), `colour` = VALUES(`colour`), `description` = VALUES(`description`), `title` = VALUES(`title`);
DROP TABLE IF EXISTS `fii_regcodes`; DROP TABLE IF EXISTS `fii_regcodes`;
CREATE TABLE `fii_regcodes` ( CREATE TABLE `fii_regcodes` (
@ -128,7 +167,7 @@ CREATE TABLE `fii_regcodes` (
`used_by` bigint(128) unsigned NOT NULL COMMENT 'ID of user who used this code.', `used_by` bigint(128) unsigned NOT NULL COMMENT 'ID of user who used this code.',
`key_used` tinyint(1) unsigned NOT NULL COMMENT 'Boolean for setting this key as used.', `key_used` tinyint(1) unsigned NOT NULL COMMENT 'Boolean for setting this key as used.',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin; ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
DROP TABLE IF EXISTS `fii_sessions`; DROP TABLE IF EXISTS `fii_sessions`;
@ -142,7 +181,7 @@ CREATE TABLE `fii_sessions` (
`expire` int(64) unsigned NOT NULL COMMENT 'The timestamp for when this session should end, -1 for permanent. ', `expire` int(64) unsigned NOT NULL COMMENT 'The timestamp for when this session should end, -1 for permanent. ',
`remember` tinyint(1) unsigned NOT NULL DEFAULT '0' COMMENT 'If set to 1 session will be extended each time a page is loaded.', `remember` tinyint(1) unsigned NOT NULL DEFAULT '0' COMMENT 'If set to 1 session will be extended each time a page is loaded.',
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8 COLLATE=utf8_bin; ) ENGINE=InnoDB AUTO_INCREMENT=18 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
DROP TABLE IF EXISTS `fii_tenshi`; DROP TABLE IF EXISTS `fii_tenshi`;
@ -184,7 +223,7 @@ CREATE TABLE `fii_users` (
`profile_data` text COLLATE utf8_bin NOT NULL COMMENT 'Modular array containing profile data.', `profile_data` text COLLATE utf8_bin NOT NULL COMMENT 'Modular array containing profile data.',
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
UNIQUE KEY `username_clean` (`username_clean`) UNIQUE KEY `username_clean` (`username_clean`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COLLATE=utf8_bin; ) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
DROP TABLE IF EXISTS `fii_warnings`; DROP TABLE IF EXISTS `fii_warnings`;
@ -199,4 +238,4 @@ CREATE TABLE `fii_warnings` (
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin; ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin;
-- 2015-04-13 10:06:13 -- 2015-04-19 12:58:09

61
_sakura/components/Main.php
View file

@ -243,8 +243,8 @@ class Main {
// Validate MX records // Validate MX records
public static function checkMXRecord($email) { public static function checkMXRecord($email) {
// Split up the address in two parts (user and domain) // Get the domain from the e-mail address
list($user, $domain) = split('@', $email); $domain = substr(strstr($email, '@'), 1);
// Check the MX record // Check the MX record
$record = checkdnsrr($domain, 'MX'); $record = checkdnsrr($domain, 'MX');
@ -407,4 +407,61 @@ class Main {
} }
// Create a new action code
public static function newActionCode($action, $userid, $instruct) {
// Make sure the user we're working with exists
if(Users::getUser($userid)['id'] == 0)
return false;
// Convert the instruction array to a JSON
$instruct = json_encode($instruct);
// Generate a key
$key = sha1(date("r") . time() . $userid . $action . rand(0, 9999));
// Insert the key into the database
Database::insert('actioncodes', [
'action' => $action,
'userid' => $userid,
'actkey' => $key,
'instruction' => $instruct
]);
// Return the key
return $key;
}
// Use an action code
public static function useActionCode($action, $key, $uid = 0) {
// Retrieve the row from the database
$keyRow = Database::fetch('actioncodes', false, [
'actkey' => [$key, '='],
'action' => [$action, '=']
]);
// Check if the code exists
if(count($keyRow) <= 1)
return [0, 'INVALID_CODE'];
// Check if the code was intended for the user that's using this code
if($keyRow['userid'] != 0) {
if($keyRow['userid'] != $uid)
return [0, 'INVALID_USER'];
}
// Remove the key from the database
Database::delete('actioncodes', [
'id' => [$keyRow['id'], '=']
]);
// Return success
return [1, 'SUCCESS', $keyRow['instruction']];
}
} }

106
_sakura/components/Users.php
View file

@ -191,7 +191,7 @@ class Users {
return [0, 'PASS_TOO_LONG']; return [0, 'PASS_TOO_LONG'];
// Passwords do not match // Passwords do not match
if($password != $confirmpassword) if($password != $confirmpass)
return [0, 'PASS_NOT_MATCH']; return [0, 'PASS_NOT_MATCH'];
// Check if the given email address is formatted properly // Check if the given email address is formatted properly
@ -254,7 +254,7 @@ class Users {
} }
// Send the activation e-mail and do other required stuff // Send the activation e-mail and do other required stuff
public static function sendActivationMail($uid) { public static function sendActivationMail($uid, $customKey = null) {
// Get the user data // Get the user data
$user = Database::fetch('users', false, ['id' => [$uid, '=']]); $user = Database::fetch('users', false, ['id' => [$uid, '=']]);
@ -264,14 +264,18 @@ class Users {
return false; return false;
// Generate activation key // Generate activation key
// $activate = <interface with the shit for the activationkeys table here>; $activate = ($customKey ? $customKey : Main::newActionCode('ACTIVATE', $uid, [
$activate = 'null'; 'user' => [
'rank_main' => 1,
'ranks' => json_encode([1])
]
]));
// Build the e-mail // Build the e-mail
$message = "Welcome to ". Configuration::getConfig('sitename') ."!\r\n\r\n"; $message = "Welcome to ". Configuration::getConfig('sitename') ."!\r\n\r\n";
$message .= "Please keep this e-mail for your records. Your account intormation is as follows:\r\n\r\n"; $message .= "Please keep this e-mail for your records. Your account intormation is as follows:\r\n\r\n";
$message .= "----------------------------\r\n\r\n"; $message .= "----------------------------\r\n\r\n";
$message .= "Username: ". $user['username'] ."\r\n"; $message .= "Username: ". $user['username'] ."\r\n\r\n";
$message .= "Your profile: http://". Configuration::getLocalConfig('urls', 'main') ."/u/". $user['id'] ."\r\n\r\n"; $message .= "Your profile: http://". Configuration::getLocalConfig('urls', 'main') ."/u/". $user['id'] ."\r\n\r\n";
$message .= "----------------------------\r\n\r\n"; $message .= "----------------------------\r\n\r\n";
$message .= "Please visit the following link in order to activate your account:\r\n\r\n"; $message .= "Please visit the following link in order to activate your account:\r\n\r\n";
@ -289,6 +293,87 @@ class Users {
} }
// Activating a user
public static function activateUser($uid, $requireKey = false, $key = null) {
// Get the user data
$user = Database::fetch('users', false, ['id' => [$uid, '=']]);
// Check if user exists
if(!count($user) > 1)
return [0, 'USER_NOT_EXIST'];
// Check if user is already activated
if($user['rank_main'])
return [0, 'USER_ALREADY_ACTIVE'];
// Set default values for activation
$rank = 1;
$ranks = json_encode([1]);
// Check if a key is set (there's an option to not set one for user management reasons but you can't really get around this anyway)
if($requireKey) {
// Check the action code
$action = Main::useActionCode('ACTIVATE', $key, $uid);
// Check if we got a negative return
if(!$action[0])
return [0, $action[1]];
// Assign the special values
$instructionData = json_decode($action[2], true);
$rank = $instructionData['user']['rank_main'];
$ranks = $instructionData['user']['ranks'];
}
// Activate the account
Database::update('users', [
[
'rank_main' => $rank,
'ranks' => $ranks
],
[
'id' => [$uid, '=']
]
]);
// Return success
return [1, 'SUCCESS'];
}
// Deactivating a user
public static function deactivateUser($uid) {
// Get the user data
$user = Database::fetch('users', false, ['id' => [$uid, '=']]);
// Check if user exists
if(!count($user) > 1)
return [0, 'USER_NOT_EXIST'];
// Check if user is already deactivated
if(!$user['rank_main'])
return [0, 'USER_ALREADY_DEACTIVE'];
// Deactivate the account
Database::update('users', [
[
'rank_main' => 0,
'ranks' => json_encode([0])
],
[
'id' => [$uid, '=']
]
]);
// Return success
return [1, 'SUCCESS'];
}
// Check if registration code is valid // Check if registration code is valid
public static function checkRegistrationCode($code) { public static function checkRegistrationCode($code) {
@ -412,15 +497,22 @@ class Users {
} }
// Get all users // Get all users
public static function getAllUsers() { public static function getAllUsers($includeInactive = true) {
// Execute query // Execute query
$getUsers = Database::fetch('users', true); $getUsers = Database::fetch('users', true);
// Reorder shit // Reorder shit
foreach($getUsers as $user) foreach($getUsers as $user) {
// Skip if inactive and not include deactivated users
if(!$includeInactive && $user['rank_main'] == 0)
continue;
$users[$user['id']] = $user; $users[$user['id']] = $user;
}
// and return an array with the users // and return an array with the users
return $users; return $users;

164
_sakura/templates/yuuno/main/authenticate.tpl
View file

@ -60,78 +60,108 @@
</form> </form>
</div> </div>
</div> </div>
<div class="registerForm"> <div class="registerCont">
<div class="head"> <div class="registerForm">
Register on Flashii <div class="head">
</div> Register on Flashii
<form id="registerForm" method="post" action="http://{{ sakura.urls.main }}/authenticate" style="display:{% if auth.blockRegister.do %}none{% else %}block{% endif %};">
<input type="hidden" name="mode" value="register" />
<input type="hidden" name="session" value="{{ php.sessionid }}" />
<input type="hidden" name="time" value="{{ php.time }}" />
<div class="leftAlign">
<label for="registerUserName">Username:</label>
</div> </div>
<div class="centreAlign"> <form id="registerForm" method="post" action="http://{{ sakura.urls.main }}/authenticate" style="display:{% if auth.blockRegister.do %}none{% else %}block{% endif %};">
<input class="inputStyling" type="text" id="registerUserName" name="username" placeholder="Any character" /> <input type="hidden" name="mode" value="register" />
</div> <input type="hidden" name="session" value="{{ php.sessionid }}" />
<div class="leftAlign"> <input type="hidden" name="time" value="{{ php.time }}" />
<label for="registerEmail">E-mail:</label> <div class="leftAlign">
</div> <label for="registerUserName">Username:</label>
<div class="centreAlign"> </div>
<input class="inputStyling" type="text" id="registerEmail" name="email" placeholder="Used for e.g. password retrieval" /> <div class="centreAlign">
</div> <input class="inputStyling" type="text" id="registerUserName" name="username" placeholder="Any character" />
<div class="leftAlign"> </div>
<label for="registerPassword">Password:</label> <div class="leftAlign">
</div> <label for="registerEmail">E-mail:</label>
<div class="centreAlign"> </div>
<input class="inputStyling" type="password" id="registerPassword" name="password" placeholder="Must be at least 5 characters." /> <div class="centreAlign">
</div> <input class="inputStyling" type="text" id="registerEmail" name="email" placeholder="Used for e.g. password retrieval" />
<div class="leftAlign"> </div>
<label for="registerConfirmPassword">Confirm Password:</label> <div class="leftAlign">
</div> <label for="registerPassword">Password:</label>
<div class="centreAlign"> </div>
<input class="inputStyling" type="password" id="registerConfirmPassword" name="confirmpassword" placeholder="Just to make sure" /> <div class="centreAlign">
</div> <input class="inputStyling" type="password" id="registerPassword" name="password" placeholder="Must be at least 8 characters." />
<div class="leftAlign"> </div>
<label for="recaptcha_response_field">Verification:</label> <div class="leftAlign">
</div> <label for="registerConfirmPassword">Confirm Password:</label>
<div class="centreAlign"> </div>
<script src="https://www.google.com/recaptcha/api.js" async defer></script> <div class="centreAlign">
<div class="g-recaptcha" data-sitekey="{{ sakura.recaptcha_public }}" style="margin: auto; display: inline-block;"></div> <input class="inputStyling" type="password" id="registerConfirmPassword" name="confirmpassword" placeholder="Just to make sure" />
<noscript> </div>
<div style="width: 302px; height: 352px; margin: auto; display: inline-block;"> <div class="leftAlign">
<div style="width: 302px; height: 352px; position: relative;"> <label for="recaptcha_response_field">Verification:</label>
<div style="width: 302px; height: 352px; position: absolute;"> </div>
<iframe src="https://www.google.com/recaptcha/api/fallback?k={{ sakura.recaptcha_public }}" frameborder="0" scrolling="no" style="width: 302px; height:352px; border-style: none;"></iframe> <div class="centreAlign">
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<div class="g-recaptcha" data-sitekey="{{ sakura.recaptcha_public }}" style="margin: auto; display: inline-block;"></div>
<noscript>
<div style="width: 302px; height: 352px; margin: auto; display: inline-block;">
<div style="width: 302px; height: 352px; position: relative;">
<div style="width: 302px; height: 352px; position: absolute;">
<iframe src="https://www.google.com/recaptcha/api/fallback?k={{ sakura.recaptcha_public }}" frameborder="0" scrolling="no" style="width: 302px; height:352px; border-style: none;"></iframe>
</div>
<div style="width: 250px; height: 80px; position: absolute; border-style: none; bottom: 21px; left: 25px; margin: 0px; padding: 0px; right: 25px;">
<textarea id="g-recaptcha-response" name="g-recaptcha-response" class="g-recaptcha-response" style="width: 250px; height: 80px; border: 1px solid #c1c1c1; margin: 0px; padding: 0px; resize: none;" value=""></textarea>
</div> </div>
<div style="width: 250px; height: 80px; position: absolute; border-style: none; bottom: 21px; left: 25px; margin: 0px; padding: 0px; right: 25px;">
<textarea id="g-recaptcha-response" name="g-recaptcha-response" class="g-recaptcha-response" style="width: 250px; height: 80px; border: 1px solid #c1c1c1; margin: 0px; padding: 0px; resize: none;" value=""></textarea>
</div> </div>
</div> </div>
</div> </noscript>
</noscript> </div>
</div> <div class="subLinks centreAlign">
<div class="subLinks centreAlign"> <input class="inputStyling" name="tos" type="checkbox" class="ignore-css" id="registerToS" /><label for="registerToS">I agree to the <a class="default" href="/r/terms" target="_blank">Terms of Service</a>.
<input class="inputStyling" name="tos" type="checkbox" class="ignore-css" id="registerToS" /><label for="registerToS">I agree to the <a class="default" href="/r/terms" target="_blank">Terms of Service</a>. </div>
</div> <div class="centreAlign">
<div class="centreAlign"> <input class="inputStyling" type="submit" name="submit" value="Register" />
<input class="inputStyling" type="submit" name="submit" value="Register" /> </div>
</div> </form>
</form> {% if auth.blockRegister.do %}
{% if auth.blockRegister.do %} <div class="registerForm" id="registerWarn" style="display: block;">
<div class="registerForm" id="registerWarn" style="display: block;"> <div class="centreAlign">
<div class="centreAlign"> <div class="fa fa-warning fa-5x" style="display: block; margin: 10px 0 0;"></div>
<div class="fa fa-warning fa-5x" style="display: block; margin: 10px 0 0;"></div> <h1>Are you {{ auth.blockRegister.username }}?</h1>
<h1>Are you {{ auth.blockRegister.username }}?</h1> <p>Making more than one account is not permitted.</p>
<p>Making more than one account is not permitted.</p> <p>If you lost your password please use the form on the bottom left but if you don't already have an account you can go ahead and click the link below to show the registration form this check is based on your IP so in some cases someone may have registered/used the site on this IP already.</p>
<p>If you lost your password please use the form on the bottom left but if you don't already have an account you can go ahead and click the link below to show the registration form this check is based on your IP so in some cases someone may have registered/used the site on this IP already.</p> <p>If we find out that you already have an account we may question you about it, if you can give a good reason we'll let it slide otherwise we may issue a temporary ban.</p>
<p>If we find out that you already have an account we may question you about it, if you can give a good reason we'll let it slide otherwise we may issue a temporary ban.</p> </div>
</div> <div class="subLinks centreAlign">
<div class="subLinks centreAlign"> <a href="javascript:;" class="default" onclick="document.getElementById('registerWarn').style.display='none';document.getElementById('registerForm').style.display='block';">Register anyway</a>.
<a href="javascript:;" class="default" onclick="document.getElementById('registerWarn').style.display='none';document.getElementById('registerForm').style.display='block';">Register anyway</a>. </div>
</div> </div>
{% endif %}
</div>
<div class="passwordForm">
<div class="head">
Resend Activation E-mail
</div>
<form method="post" action="http://{{ sakura.urls.main }}/authenticate">
<input type="hidden" name="mode" value="resendactivemail" />
<input type="hidden" name="session" value="{{ php.sessionid }}" />
<input type="hidden" name="time" value="{{ php.time }}" />
<div class="leftAlign">
<label for="activeUserName">Username:</label>
</div>
<div class="centreAlign">
<input class="inputStyling" type="text" id="activeUserName" name="username" />
</div>
<div class="leftAlign">
<label for="activeEmail">E-mail:</label>
</div>
<div class="centreAlign">
<input class="inputStyling" type="text" id="activeEmail" name="email" />
</div>
<div class="centreAlign">
<input class="inputStyling" type="submit" name="submit" value="Request Activation" />
</div>
<div class="subLinks centreAlign">
If you lost access to your e-mail address please <a href="/contact" class="default" target="_blank">contact us</a>.
</div>
</form>
</div> </div>
{% endif %}
</div> </div>
<div class="clear"></div> <div class="clear"></div>
</div> </div>

10
content/data/yuuno/css/yuuno.css
View file

@ -532,7 +532,7 @@ a.gotop:active {
border-radius: 2px; border-radius: 2px;
} }
.content-right .head, .content-right .head,
.loginPage > .registerForm .head { .loginPage > .registerCont .head {
margin: -1px -2px -1px; margin: -1px -2px -1px;
padding: 4px 5px 5px; padding: 4px 5px 5px;
font-weight: 700; font-weight: 700;
@ -1100,7 +1100,7 @@ textarea.inputStyling {
margin: 0 auto; margin: 0 auto;
max-width: 825px; max-width: 825px;
} }
.loginPage > .registerForm, .loginPage > .registerCont > *,
.loginPage > .loginCont > * { .loginPage > .loginCont > * {
text-align: center; text-align: center;
border: 1px solid #9475B2; border: 1px solid #9475B2;
@ -1113,7 +1113,7 @@ textarea.inputStyling {
background: #D3BFFF; background: #D3BFFF;
} }
@media (max-width: 430px) { @media (max-width: 430px) {
.loginPage > .registerForm, .loginPage > .registerCont > *,
.loginPage > .loginCont > * { .loginPage > .loginCont > * {
width: 300px; width: 300px;
} }
@ -1121,14 +1121,14 @@ textarea.inputStyling {
.loginPage > .loginCont { .loginPage > .loginCont {
float: left; float: left;
} }
.loginPage > .registerForm { .loginPage > .registerCont {
float: right; float: right;
} }
@media (max-width: 820px) { @media (max-width: 820px) {
.loginPage > .loginCont { .loginPage > .loginCont {
float: none; float: none;
} }
.loginPage > .registerForm { .loginPage > .registerCont {
float: none; float: none;
} }
} }

2
main/.htaccess
View file

@ -17,7 +17,7 @@ Options +FollowSymLinks -Indexes
RewriteRule ^feedback?/?$ http://forum.flash.moe/viewforum.php?f=22 RewriteRule ^feedback?/?$ http://forum.flash.moe/viewforum.php?f=22
RewriteRule ^credits?/?$ credits.php RewriteRule ^credits?/?$ credits.php
RewriteRule ^index?/?$ index.php RewriteRule ^index?/?$ index.php
RewriteRule ^login?/?$|logout?/?$|register?/?$|forgotpassword?/?|authenticate?/?$ authenticate.php RewriteRule ^login?/?$|logout?/?$|activate?/?$|register?/?$|forgotpassword?/?|authenticate?/?$ authenticate.php
RewriteRule ^donate?/?$ donate.php RewriteRule ^donate?/?$ donate.php
RewriteRule ^contact?/?$ contact.php RewriteRule ^contact?/?$ contact.php

118
main/authenticate.php
View file

@ -11,39 +11,42 @@ require_once str_replace(basename(__DIR__), '', dirname(__FILE__)) .'_sakura/sak
// Page actions // Page actions
if( if(
isset($_REQUEST['mode']) && isset($_REQUEST['mode'])
isset($_REQUEST['time']) &&
isset($_REQUEST['session'])
) { ) {
// Continue // Continue
$continue = true; $continue = true;
// Compare time and session so we know the link isn't forged // Make sure we're not in activate mode since adding a timestamp and accessing the PHP session id is kind of hard when you're in an e-mail client
if($_REQUEST['time'] < time() - 1000) { if(!isset($_REQUEST['mode']) || $_REQUEST['mode'] != 'activate') {
$renderData['page'] = [ // Compare time and session so we know the link isn't forged
'title' => 'Action failed', if($_REQUEST['time'] < time() - 1000) {
'redirect' => '/authenticate',
'message' => 'Timestamps differ too much, please try again.'
];
// Prevent $renderData['page'] = [
$continue = false; 'title' => 'Action failed',
'redirect' => '/authenticate',
'message' => 'Timestamps differ too much, please try again.'
];
} // Prevent
$continue = false;
// Match session ids for the same reason }
if($_REQUEST['session'] != session_id()) {
$renderData['page'] = [ // Match session ids for the same reason
'title' => 'Action failed', if(!isset($_REQUEST['session']) || $_REQUEST['session'] != session_id()) {
'redirect' => '/authenticate',
'message' => 'Session IDs do not match.'
];
// Prevent $renderData['page'] = [
$continue = false; 'title' => 'Action failed',
'redirect' => '/authenticate',
'message' => 'Session IDs do not match.'
];
// Prevent
$continue = false;
}
} }
@ -54,7 +57,6 @@ if(
$continue = false; $continue = false;
} }
if($continue) { if($continue) {
switch($_REQUEST['mode']) { switch($_REQUEST['mode']) {
@ -73,6 +75,35 @@ if(
break; break;
// Activating accounts
case 'activate':
// Attempt activation
$activate = Users::activateUser($_REQUEST['u'], true, $_REQUEST['k']);
// Array containing "human understandable" messages
$messages = [
'USER_NOT_EXIST' => 'The user you tried to activate does not exist.',
'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.',
'INVALID_CODE' => 'Invalid activation code, if you think this is an error contact the administrator.',
'INVALID_USER' => 'The used registration code is not designated for this user.',
'SUCCESS' => 'Successfully activated your account, you may now log in.'
];
// Add page specific things
$renderData['page'] = [
'title' => 'Activate account',
'redirect' => '/authenticate',
'message' => $messages[$activate[1]]
];
break;
// Resending the activation e-mail
case 'resendactivemail':
break;
// Login processing // Login processing
case 'login': case 'login':
@ -101,11 +132,48 @@ if(
// Registration processing // Registration processing
case 'register': case 'register':
// Attempt registration
$register = Users::register(
$_REQUEST['username'],
$_REQUEST['password'],
$_REQUEST['confirmpassword'],
$_REQUEST['email'],
isset($_REQUEST['tos']),
(
Configuration::getConfig('recaptcha') ?
$_REQUEST['g-recaptcha-response'] :
null
),
(
Configuration::getConfig('require_registration_code') ?
$_REQUEST['registercode'] :
null
)
);
// Array containing "human understandable" messages
$messages = [
'DISABLED' => 'Registration is currently disabled.',
'INVALID_REG_KEY' => 'The given registration code was invalid.',
'TOS' => 'You are required to agree to the Terms of Service.',
'CAPTCHA_FAIL' => 'Captcha verification failed, please try again.',
'USER_EXISTS' => 'A user with this username already exists, if you lost your password try using the Lost Password form.',
'NAME_TOO_SHORT' => 'Your name must be at least 3 characters long.',
'NAME_TOO_LONG' => 'Your name can\'t be longer than 16 characters.',
'PASS_TOO_SHORT' => 'Your password is too short, it must be at least 8 characters.',
'PASS_TOO_LONG' => 'A password longer than 256 characters? Seriously?',
'PASS_NOT_MATCH' => 'Passwords do not match.',
'INVALID_EMAIL' => 'Your e-mail address is formatted incorrectly.',
'INVALID_MX' => 'No valid MX-Record found on the e-mail address you supplied.',
'EMAILSENT' => 'Your registration went through! An activation e-mail has been sent.',
'SUCCESS' => 'Your registration went through! Welcome to '. Configuration::getConfig('sitename') .'!'
];
// Add page specific things // Add page specific things
$renderData['page'] = [ $renderData['page'] = [
'title' => 'Register on Flashii', 'title' => 'Register on Flashii',
'redirect' => $_SERVER['PHP_SELF'], 'redirect' => ($register[0] ? '/' : '/authenticate'),
'message' => 'what' 'message' => $messages[$register[1]]
]; ];
break; break;

2
main/index.php
View file

@ -16,7 +16,7 @@ $renderData['page'] = [
'articleCount' => count($renderData['newsPosts']) 'articleCount' => count($renderData['newsPosts'])
]; ];
$renderData['stats'] = [ $renderData['stats'] = [
'userCount' => ($userCount = count($users = Users::getAllUsers())) .' user'. ($userCount == 1 ? '' : 's'), 'userCount' => ($userCount = count($users = Users::getAllUsers(false))) .' user'. ($userCount == 1 ? '' : 's'),
'newestUser' => max($users), 'newestUser' => max($users),
'lastRegDate' => ($lastRegDate = date_diff(date_create(date('Y-m-d', max($users)['regdate'])), date_create(date('Y-m-d')))->format('%a')) .' day'. ($lastRegDate == 1 ? '' : 's'), 'lastRegDate' => ($lastRegDate = date_diff(date_create(date('Y-m-d', max($users)['regdate'])), date_create(date('Y-m-d')))->format('%a')) .' day'. ($lastRegDate == 1 ? '' : 's'),
'chatOnline' => ($chatOnline = 0) .' user'. ($chatOnline == 1 ? '' : 's') 'chatOnline' => ($chatOnline = 0) .' user'. ($chatOnline == 1 ? '' : 's')