diff --git a/_sakura/components/Users.php b/_sakura/components/Users.php index d4bf5ba..3ee2d2c 100644 --- a/_sakura/components/Users.php +++ b/_sakura/components/Users.php @@ -204,6 +204,7 @@ class Users { // Set a few variables $usernameClean = Main::cleanString($username, true); + $emailClean = Main::cleanString($email, true); $password = Hashing::create_hash($password); $requireActive = Configuration::getConfig('require_activation'); $userRank = $requireActive ? [0] : [1]; @@ -217,7 +218,7 @@ class Users { 'password_salt' => $password[2], 'password_algo' => $password[0], 'password_iter' => $password[1], - 'email' => $email, + 'email' => $emailClean, 'rank_main' => $userRank[0], 'ranks' => $userRankJson, 'register_ip' => Main::getRemoteIP(), @@ -253,6 +254,35 @@ class Users { } + // Check if a user exists and then resend the activation e-mail + public static function resendActivationMail($username, $email) { + + // Clean username string + $usernameClean = Main::cleanString($username, true); + $emailClean = Main::cleanString($email, true); + + // Do database request + $user = Database::fetch('users', false, [ + 'username_clean' => [$usernameClean, '='], + 'email' => [$emailClean, '='] + ]); + + // Check if user exists + if(count($user) < 2) + return [0, 'USER_NOT_EXIST']; + + // Check if a user is activated + if($user['rank_main']) + return [0, 'USER_ALREADY_ACTIVE']; + + // Send activation e-mail + self::sendActivationMail($user['id']); + + // Return success + return [1, 'SUCCESS']; + + } + // Send the activation e-mail and do other required stuff public static function sendActivationMail($uid, $customKey = null) { @@ -308,8 +338,8 @@ class Users { return [0, 'USER_ALREADY_ACTIVE']; // Set default values for activation - $rank = 1; - $ranks = json_encode([1]); + $rank = 1; + $ranks = json_encode([1]); // Check if a key is set (there's an option to not set one for user management reasons but you can't really get around this anyway) if($requireKey) { diff --git a/_sakura/composer.json b/_sakura/composer.json index 8546815..442f4a0 100644 --- a/_sakura/composer.json +++ b/_sakura/composer.json @@ -5,7 +5,6 @@ "ext-json": "*", "twig/twig": "~1.18", "phpmailer/phpmailer": "~5.2", - "flashwave/parsedown": "~1.5", - "paypal/rest-api-sdk-php": "0.5.*" + "flashwave/parsedown": "~1.5" } } diff --git a/_sakura/sakura.php b/_sakura/sakura.php index 987ba1f..0f19861 100644 --- a/_sakura/sakura.php +++ b/_sakura/sakura.php @@ -8,7 +8,7 @@ namespace Sakura; // Define Sakura version -define('SAKURA_VERSION', '20150420'); +define('SAKURA_VERSION', '20150421'); // Define Sakura Path define('ROOT', str_replace(basename(__DIR__), '', dirname(__FILE__))); diff --git a/_sakura/templates/yuuno/global/header.tpl b/_sakura/templates/yuuno/global/header.tpl index cfc010f..eff7a5e 100644 --- a/_sakura/templates/yuuno/global/header.tpl +++ b/_sakura/templates/yuuno/global/header.tpl @@ -77,10 +77,14 @@ {% if php.self == '/authenticate.php' %} // AJAX Form Submission var forms = { + {% if not auth.changingPass %} "loginForm": 'Logging in...', {% if not sakura.disableregister %}"registerForm": 'Processing registration...',{% endif %} {% if not sakura.requireactive %}"resendForm": 'Attempting to resend activation...',{% endif %} "passwordForm": 'Sending password recovery mail...' + {% else %} + "passwordForm": 'Changing password...' + {% endif %} }; for(var i in forms) { diff --git a/_sakura/templates/yuuno/main/forgotpassword.tpl b/_sakura/templates/yuuno/main/forgotpassword.tpl new file mode 100644 index 0000000..5a7cd00 --- /dev/null +++ b/_sakura/templates/yuuno/main/forgotpassword.tpl @@ -0,0 +1,26 @@ +{% include 'global/header.tpl' %} +
+
Forgot Password
+
+ + + + +
+

Verification Key

+
+
+
+

New Password

+
+
+
+

Verify Password

+
+
+
+ +
+
+
+{% include 'global/footer.tpl' %} diff --git a/_sakura/templates/yuuno/main/legacypasswordchange.tpl b/_sakura/templates/yuuno/main/legacypasswordchange.tpl index dd9b0ef..f80c0e1 100644 --- a/_sakura/templates/yuuno/main/legacypasswordchange.tpl +++ b/_sakura/templates/yuuno/main/legacypasswordchange.tpl @@ -4,11 +4,11 @@
Because of a change in the way Flashii handles authentication you are required to change your password.
-
+ - +

Old Password

diff --git a/main/authenticate.php b/main/authenticate.php index 4477531..9deb756 100644 --- a/main/authenticate.php +++ b/main/authenticate.php @@ -53,12 +53,13 @@ if(isset($_REQUEST['mode'])) { // Login check if(Users::checkLogin()) { - if($_REQUEST['mode'] != 'logout') + if($_REQUEST['mode'] != 'logout' || $_REQUEST['mode'] != 'legacypw') $continue = false; } if($continue) { + switch($_REQUEST['mode']) { case 'logout': @@ -76,6 +77,30 @@ if(isset($_REQUEST['mode'])) { break; + case 'legacypw': + + // Add page specific things + $renderData['page'] = [ + 'title' => 'Changing Password', + 'redirect' => $_SERVER['PHP_SELF'], + 'message' => 'yet to be implemented', + 'success' => 0 + ]; + + break; + + case 'changepassword': + + // Add page specific things + $renderData['page'] = [ + 'title' => 'Forgot Password', + 'redirect' => $_SERVER['PHP_SELF'], + 'message' => 'Yet to be implemented', + 'success' => 0 + ]; + + break; + // Activating accounts case 'activate': @@ -105,7 +130,14 @@ if(isset($_REQUEST['mode'])) { case 'resendactivemail': // Attempt send - //Users::resendActivationMail($_REQUEST['username'], $_REQUEST['email']); + $resend = Users::resendActivationMail($_REQUEST['username'], $_REQUEST['email']); + + // Array containing "human understandable" messages + $messages = [ + 'USER_NOT_EXIST' => 'The user you tried to activate does not exist.', + 'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.', + 'SUCCESS' => 'The activation e-mail has been sent to the address associated with your account.' + ]; // Add page specific things $renderData['page'] = [ @@ -200,13 +232,14 @@ if(isset($_REQUEST['mode'])) { $renderData['page'] = [ 'title' => 'Forgot Password', 'redirect' => $_SERVER['PHP_SELF'], - 'message' => 'what', + 'message' => 'yet to be implemented', 'success' => 0 ]; break; } + } // Print page contents or if the AJAX request is set only display the render data @@ -227,7 +260,7 @@ if(isset($_REQUEST['mode'])) { // Add page specific things $renderData['page'] = [ - 'title' => 'Login to Flashii' + 'title' => 'Authentication' ]; $renderData['auth'] = [ 'redirect' => ( @@ -254,5 +287,19 @@ if(count($regUserIP = Users::getUsersByIP(Main::getRemoteIP()))) { } +// If password forgot things are set display password forget thing +if(isset($_REQUEST['pw']) && $_REQUEST['pw']) { + + $renderData['page']['title'] = 'Changing Password'; + $renderData['auth']['changingPass'] = true; + + if(isset($_REQUEST['key'])) + $renderData['auth']['forgotKey'] = $_REQUEST['key']; + + print Templates::render('main/forgotpassword.tpl', $renderData); + exit; + +} + // Print page contents print Templates::render('main/authenticate.tpl', $renderData);