flash/sakura
flash/sakura
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Today's bread

Browse source
This commit is contained in:
flash 2015-04-21 14:23:28 +00:00
parent cc5010abd4
commit a27ba62db9
7 changed files with 118 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
_sakura/components/Users.php
View file

@ -204,6 +204,7 @@ class Users {
// Set a few variables
$usernameClean = Main::cleanString($username, true);
$emailClean = Main::cleanString($email, true);
$password = Hashing::create_hash($password);
$requireActive = Configuration::getConfig('require_activation');
$userRank = $requireActive ? [0] : [1];
@ -217,7 +218,7 @@ class Users {
'password_salt' => $password[2],
'password_algo' => $password[0],
'password_iter' => $password[1],
'email' => $email,
'email' => $emailClean,
'rank_main' => $userRank[0],
'ranks' => $userRankJson,
'register_ip' => Main::getRemoteIP(),
@ -253,6 +254,35 @@ class Users {
}
// Check if a user exists and then resend the activation e-mail
public static function resendActivationMail($username, $email) {
// Clean username string
$usernameClean = Main::cleanString($username, true);
$emailClean = Main::cleanString($email, true);
// Do database request
$user = Database::fetch('users', false, [
'username_clean' => [$usernameClean, '='],
'email' => [$emailClean, '=']
]);
// Check if user exists
if(count($user) < 2)
return [0, 'USER_NOT_EXIST'];
// Check if a user is activated
if($user['rank_main'])
return [0, 'USER_ALREADY_ACTIVE'];
// Send activation e-mail
self::sendActivationMail($user['id']);
// Return success
return [1, 'SUCCESS'];
}
// Send the activation e-mail and do other required stuff
public static function sendActivationMail($uid, $customKey = null) {
@ -308,8 +338,8 @@ class Users {
return [0, 'USER_ALREADY_ACTIVE'];
// Set default values for activation
$rank = 1;
$ranks = json_encode([1]);
$rank = 1;
$ranks = json_encode([1]);
// Check if a key is set (there's an option to not set one for user management reasons but you can't really get around this anyway)
if($requireKey) {

3
_sakura/composer.json
View file

@ -5,7 +5,6 @@
"ext-json": "*",
"twig/twig": "~1.18",
"phpmailer/phpmailer": "~5.2",
"flashwave/parsedown": "~1.5",
"paypal/rest-api-sdk-php": "0.5.*"
"flashwave/parsedown": "~1.5"
}
}

2
_sakura/sakura.php
View file

@ -8,7 +8,7 @@
namespace Sakura;
// Define Sakura version
define('SAKURA_VERSION', '20150420');
define('SAKURA_VERSION', '20150421');
// Define Sakura Path
define('ROOT', str_replace(basename(__DIR__), '', dirname(__FILE__)));

4
_sakura/templates/yuuno/global/header.tpl
View file

@ -77,10 +77,14 @@
{% if php.self == '/authenticate.php' %}
// AJAX Form Submission
var forms = {
{% if not auth.changingPass %}
"loginForm": 'Logging in...',
{% if not sakura.disableregister %}"registerForm": 'Processing registration...',{% endif %}
{% if not sakura.requireactive %}"resendForm": 'Attempting to resend activation...',{% endif %}
"passwordForm": 'Sending password recovery mail...'
{% else %}
"passwordForm": 'Changing password...'
{% endif %}
};
for(var i in forms) {

26
_sakura/templates/yuuno/main/forgotpassword.tpl Normal file
View file

@ -0,0 +1,26 @@
{% include 'global/header.tpl' %}
<div class="content news settings">
<div class="head">Forgot Password</div>
<form method="post" action="/authenticate" id="passwordForm">
<input type="hidden" name="redirect" value="//iihsalf.net/" />
<input type="hidden" name="session" value="{{ php.sessionid }}" />
<input type="hidden" name="time" value="{{ php.time }}" />
<input type="hidden" name="mode" value="changepassword" />
<div class="profile-field">
<div><h2>Verification Key</h2></div>
<div style="text-align: center;"><input type="text" name="verk" placeholder="The key that was sent to you in the e-mail" class="inputStyling"{% if auth.forgotKey is not null %} value="{{ auth.forgotKey }}" disabled="disabled"{% endif %} /></div>
</div>
<div class="profile-field">
<div><h2>New Password</h2></div>
<div style="text-align: center;"><input type="password" name="newpw" placeholder="Your new password, has to be at least 8 characters" class="inputStyling" /></div>
</div>
<div class="profile-field">
<div><h2>Verify Password</h2></div>
<div style="text-align: center;"><input type="password" name="verpw" placeholder="Your new password again to make sure you didn't typo anything" class="inputStyling" /></div>
</div>
<div class="profile-save">
<input type="submit" value="Save" name="submit" class="inputStyling" /> <input type="reset" value="Reset" name="reset" class="inputStyling" />
</div>
</form>
</div>
{% include 'global/footer.tpl' %}

4
_sakura/templates/yuuno/main/legacypasswordchange.tpl
View file

@ -4,11 +4,11 @@
<div class="settings-explanation">
Because of a change in the way Flashii handles authentication you are required to change your password.
</div>
<form method="post" action="/authenticate">
<form method="post" action="/authenticate" id="passwordForm">
<input type="hidden" name="redirect" value="//iihsalf.net/" />
<input type="hidden" name="session" value="{{ php.sessionid }}" />
<input type="hidden" name="time" value="{{ php.time }}" />
<input type="hidden" name="mode" value="legacypwchange" />
<input type="hidden" name="mode" value="legacypw" />
<div class="profile-field">
<div><h2>Old Password</h2></div>
<div style="text-align: center;"><input type="password" name="oldpw" placeholder="Your current password for verification" class="inputStyling" /></div>

55
main/authenticate.php
View file

@ -53,12 +53,13 @@ if(isset($_REQUEST['mode'])) {
// Login check
if(Users::checkLogin()) {
if($_REQUEST['mode'] != 'logout')
if($_REQUEST['mode'] != 'logout' || $_REQUEST['mode'] != 'legacypw')
$continue = false;
}
if($continue) {
switch($_REQUEST['mode']) {
case 'logout':
@ -76,6 +77,30 @@ if(isset($_REQUEST['mode'])) {
break;
case 'legacypw':
// Add page specific things
$renderData['page'] = [
'title' => 'Changing Password',
'redirect' => $_SERVER['PHP_SELF'],
'message' => 'yet to be implemented',
'success' => 0
];
break;
case 'changepassword':
// Add page specific things
$renderData['page'] = [
'title' => 'Forgot Password',
'redirect' => $_SERVER['PHP_SELF'],
'message' => 'Yet to be implemented',
'success' => 0
];
break;
// Activating accounts
case 'activate':
@ -105,7 +130,14 @@ if(isset($_REQUEST['mode'])) {
case 'resendactivemail':
// Attempt send
//Users::resendActivationMail($_REQUEST['username'], $_REQUEST['email']);
$resend = Users::resendActivationMail($_REQUEST['username'], $_REQUEST['email']);
// Array containing "human understandable" messages
$messages = [
'USER_NOT_EXIST' => 'The user you tried to activate does not exist.',
'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.',
'SUCCESS' => 'The activation e-mail has been sent to the address associated with your account.'
];
// Add page specific things
$renderData['page'] = [
@ -200,13 +232,14 @@ if(isset($_REQUEST['mode'])) {
$renderData['page'] = [
'title' => 'Forgot Password',
'redirect' => $_SERVER['PHP_SELF'],
'message' => 'what',
'message' => 'yet to be implemented',
'success' => 0
];
break;
}
}
// Print page contents or if the AJAX request is set only display the render data
@ -227,7 +260,7 @@ if(isset($_REQUEST['mode'])) {
// Add page specific things
$renderData['page'] = [
'title' => 'Login to Flashii'
'title' => 'Authentication'
];
$renderData['auth'] = [
'redirect' => (
@ -254,5 +287,19 @@ if(count($regUserIP = Users::getUsersByIP(Main::getRemoteIP()))) {
}
// If password forgot things are set display password forget thing
if(isset($_REQUEST['pw']) && $_REQUEST['pw']) {
$renderData['page']['title'] = 'Changing Password';
$renderData['auth']['changingPass'] = true;
if(isset($_REQUEST['key']))
$renderData['auth']['forgotKey'] = $_REQUEST['key'];
print Templates::render('main/forgotpassword.tpl', $renderData);
exit;
}
// Print page contents
print Templates::render('main/authenticate.tpl', $renderData);