r20160317
This commit is contained in:
parent
6c643702c1
commit
aabc983611
7 changed files with 150 additions and 95 deletions
|
@ -31,7 +31,11 @@ class ActionCode
|
|||
// Insert it
|
||||
DB::table('actioncodes')
|
||||
->insert(
|
||||
['action' => $action, 'id' => $user, 'code' => $code]
|
||||
[
|
||||
'code_action' => $action,
|
||||
'user_id' => $user,
|
||||
'action_code' => $code,
|
||||
]
|
||||
);
|
||||
|
||||
// Return the code
|
||||
|
|
|
@ -7,6 +7,7 @@
|
|||
|
||||
namespace Sakura\Controllers;
|
||||
|
||||
use Sakura\ActionCode;
|
||||
use Sakura\Config;
|
||||
use Sakura\DB;
|
||||
use Sakura\Hashing;
|
||||
|
@ -78,7 +79,7 @@ class AuthController extends Controller
|
|||
// Check if authentication is disallowed
|
||||
if (Config::get('lock_authentication')) {
|
||||
$message = 'Logging in is disabled for security checkups! Try again later.';
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -97,7 +98,7 @@ class AuthController extends Controller
|
|||
|
||||
if ($rates > 4) {
|
||||
$message = 'Your have hit the login rate limit, try again later.';
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -109,7 +110,7 @@ class AuthController extends Controller
|
|||
if ($user->id === 0) {
|
||||
$this->touchRateLimit($user->id);
|
||||
$message = 'The user you tried to log into does not exist.';
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -120,7 +121,7 @@ class AuthController extends Controller
|
|||
case 'disabled':
|
||||
$this->touchRateLimit($user->id);
|
||||
$message = 'Logging into this account is disabled.';
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
|
||||
|
@ -134,7 +135,7 @@ class AuthController extends Controller
|
|||
])) {
|
||||
$this->touchRateLimit($user->id);
|
||||
$message = 'The password you entered was invalid.';
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -144,7 +145,7 @@ class AuthController extends Controller
|
|||
if ($user->permission(Site::DEACTIVATED)) {
|
||||
$this->touchRateLimit($user->id);
|
||||
$message = 'Your account does not have the required permissions to log in.';
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -174,10 +175,16 @@ class AuthController extends Controller
|
|||
$this->touchRateLimit($user->id, 1);
|
||||
|
||||
$success = 1;
|
||||
$redirect = $user->lastOnline ? (isset($_REQUEST['redirect']) ? $_REQUEST['redirect'] : Router::route('main.index')) : Router::route('main.infopage', 'welcome');
|
||||
|
||||
$redirect = $user->lastOnline
|
||||
? (isset($_REQUEST['redirect'])
|
||||
? $_REQUEST['redirect']
|
||||
: Router::route('main.index'))
|
||||
: Router::route('main.infopage', 'welcome');
|
||||
|
||||
$message = 'Welcome' . ($user->lastOnline ? ' back' : '') . '!';
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -200,7 +207,7 @@ class AuthController extends Controller
|
|||
|
||||
public function registerPost()
|
||||
{
|
||||
// Preliminarily set login to failed
|
||||
// Preliminarily set registration to failed
|
||||
$success = 0;
|
||||
$redirect = Router::route('auth.register');
|
||||
|
||||
|
@ -208,7 +215,7 @@ class AuthController extends Controller
|
|||
if (Config::get('lock_authentication') || Config::get('disable_registration')) {
|
||||
$message = 'Registration is disabled for security checkups! Try again later.';
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -217,7 +224,7 @@ class AuthController extends Controller
|
|||
if (!isset($_POST['session']) || $_POST['session'] != session_id()) {
|
||||
$message = "Your session expired, refreshing the page will most likely fix this!";
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -236,7 +243,7 @@ class AuthController extends Controller
|
|||
if (!$terms) {
|
||||
$message = 'You are required to agree to the Terms of Service.';
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -257,7 +264,7 @@ class AuthController extends Controller
|
|||
if (!$response || !$response->success) {
|
||||
$message = 'Captcha verification failed, please try again.';
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -270,7 +277,7 @@ class AuthController extends Controller
|
|||
if ($user && $user->id !== 0) {
|
||||
$message = "{$user->username} is already a member here! If this is you please use the password reset form instead of making a new account.";
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -279,7 +286,7 @@ class AuthController extends Controller
|
|||
if (strlen($username) < Config::get('username_min_length')) {
|
||||
$message = 'Your name must be at least 3 characters long.';
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -288,7 +295,7 @@ class AuthController extends Controller
|
|||
if (strlen($username) > Config::get('username_max_length')) {
|
||||
$message = 'Your name can\'t be longer than 16 characters.';
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -297,7 +304,7 @@ class AuthController extends Controller
|
|||
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
$message = 'Your e-mail address is formatted incorrectly.';
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -306,7 +313,7 @@ class AuthController extends Controller
|
|||
if (!Utils::checkMXRecord($email)) {
|
||||
$message = 'No valid MX-Record found on the e-mail address you supplied.';
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -318,7 +325,7 @@ class AuthController extends Controller
|
|||
if ($emailCheck) {
|
||||
$message = 'Someone already registered using this email!';
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -327,7 +334,7 @@ class AuthController extends Controller
|
|||
if (Utils::pwdEntropy($password) < Config::get('min_entropy')) {
|
||||
$message = 'Your password is too weak, try adding some special characters.';
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
@ -349,11 +356,76 @@ class AuthController extends Controller
|
|||
$success = 1;
|
||||
$redirect = Router::route('auth.login');
|
||||
$message = $requireActive
|
||||
? 'Your registration went through! An activation e-mail has been sent.'
|
||||
: 'Your registration went through! Welcome to ' . Config::get('sitename') . '!';
|
||||
? 'Your registration went through! An activation e-mail has been sent.'
|
||||
: 'Your registration went through! Welcome to ' . Config::get('sitename') . '!';
|
||||
|
||||
Template::vars(['page' => ['success' => $success, 'redirect' => $redirect, 'message' => $message]]);
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
||||
public function activate()
|
||||
{
|
||||
// Preliminarily set activation to failed
|
||||
$success = 0;
|
||||
$redirect = Router::route('main.index');
|
||||
|
||||
// Attempt to get the required GET parameters
|
||||
$userId = isset($_GET['u']) ? $_GET['u'] : 0;
|
||||
$key = isset($_GET['k']) ? $_GET['k'] : "";
|
||||
|
||||
// Attempt to create a user object
|
||||
$user = User::construct($userId);
|
||||
|
||||
// Quit if the user ID is 0
|
||||
if ($user->id === 0) {
|
||||
$message = "This user does not exist! Contact us if you think this isn't right.";
|
||||
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
||||
// Check if the user is already active
|
||||
if (!$user->permission(Site::DEACTIVATED)) {
|
||||
$message = "Your account is already activated! Why are you here?";
|
||||
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
||||
// Validate the activation key
|
||||
$action = ActionCode::validate('ACTIVATE', $key, $user->id);
|
||||
|
||||
if (!$action) {
|
||||
$message = "Invalid activation code! Contact us if you think this isn't right.";
|
||||
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
||||
// Get the ids for deactivated and default user ranks
|
||||
$rankDefault = Config::get('default_rank_id');
|
||||
$rankDeactive = Config::get('deactive_rank_id');
|
||||
|
||||
// Add normal user, remove deactivated and set normal as default
|
||||
$user->addRanks([$rankDefault]);
|
||||
$user->setMainRank($rankDefault);
|
||||
$user->removeRanks([$rankDeactive]);
|
||||
|
||||
$success = 1;
|
||||
$redirect = Router::route('auth.login');
|
||||
$message = "Your account is activated, welcome to " . Config::get('sitename') . "!";
|
||||
|
||||
Template::vars(['page' => compact('success', 'redirect', 'message')]);
|
||||
|
||||
return Template::render('global/information');
|
||||
}
|
||||
|
||||
public function reactivateGet()
|
||||
{
|
||||
return Template::render('main/reactivate');
|
||||
}
|
||||
}
|
||||
|
|
|
@ -460,7 +460,8 @@ class User
|
|||
array_unique(
|
||||
array_merge(
|
||||
array_keys($this->ranks),
|
||||
$ranks)
|
||||
$ranks
|
||||
)
|
||||
),
|
||||
array_keys($this->ranks)
|
||||
);
|
||||
|
@ -487,7 +488,7 @@ class User
|
|||
|
||||
// Iterate over the ranks
|
||||
foreach ($remove as $rank) {
|
||||
DB::table('ranks')
|
||||
DB::table('user_ranks')
|
||||
->where('user_id', $this->id)
|
||||
->where('rank_id', $rank)
|
||||
->delete();
|
||||
|
|
|
@ -308,50 +308,6 @@ class Users
|
|||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Activate a user.
|
||||
*
|
||||
* @param int $uid The ID.
|
||||
* @param bool $requireKey Require a key.
|
||||
* @param string $key The key.
|
||||
*
|
||||
* @return array Status.
|
||||
*/
|
||||
public static function activateUser($uid, $requireKey = false, $key = null)
|
||||
{
|
||||
// Get the user data
|
||||
$user = User::construct($uid);
|
||||
|
||||
// Check if user exists
|
||||
if (!$user->id) {
|
||||
return [0, 'USER_NOT_EXIST'];
|
||||
}
|
||||
|
||||
// Check if user is already activated
|
||||
if (!$user->permission(Site::DEACTIVATED)) {
|
||||
return [0, 'USER_ALREADY_ACTIVE'];
|
||||
}
|
||||
|
||||
// Check if a key is set
|
||||
if ($requireKey) {
|
||||
// Check the action code
|
||||
$action = ActionCode::validate('ACTIVATE', $key, $user->id);
|
||||
|
||||
// Check if we got a negative return
|
||||
if (!$action) {
|
||||
return [0, 'INVALID_CODE'];
|
||||
}
|
||||
}
|
||||
|
||||
// Add normal user, remove deactivated and set normal as default
|
||||
$user->addRanks([2]);
|
||||
$user->removeRanks([1]);
|
||||
$user->setMainRank(2);
|
||||
|
||||
// Return success
|
||||
return [1, 'SUCCESS'];
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all available profile fields.
|
||||
*
|
||||
|
@ -613,6 +569,7 @@ class Users
|
|||
{
|
||||
$get = DB::table('users')
|
||||
->where('rank_main', '!=', Config::get('restricted_rank_id'))
|
||||
->where('rank_main', '!=', Config::get('deactive_rank_id'))
|
||||
->orderBy('user_id', 'desc')
|
||||
->limit(1)
|
||||
->get(['user_id']);
|
||||
|
|
|
@ -90,28 +90,6 @@ if (isset($_REQUEST['mode'])) {
|
|||
];
|
||||
break;
|
||||
|
||||
// Activating accounts
|
||||
case 'activate':
|
||||
// Attempt activation
|
||||
$activate = Users::activateUser($_REQUEST['u'], true, $_REQUEST['k']);
|
||||
|
||||
// Array containing "human understandable" messages
|
||||
$messages = [
|
||||
'USER_NOT_EXIST' => 'The user you tried to activate does not exist.',
|
||||
'USER_ALREADY_ACTIVE' => 'The user you tried to activate is already active.',
|
||||
'INVALID_CODE' => 'Invalid activation code, if you think this is an error contact the administrator.',
|
||||
'INVALID_USER' => 'The used activation code is not designated for this user.',
|
||||
'SUCCESS' => 'Successfully activated your account, you may now log in.',
|
||||
];
|
||||
|
||||
// Add page specific things
|
||||
$renderData['page'] = [
|
||||
'redirect' => $urls->format('SITE_LOGIN'),
|
||||
'message' => $messages[$activate[1]],
|
||||
'success' => $activate[0],
|
||||
];
|
||||
break;
|
||||
|
||||
// Resending the activation e-mail
|
||||
case 'resendactivemail':
|
||||
// Attempt send
|
||||
|
@ -178,6 +156,14 @@ if (isset($_REQUEST['mode'])) {
|
|||
];
|
||||
break;
|
||||
|
||||
case 'activate':
|
||||
$renderData['page'] = [
|
||||
'redirect' => Router::route('auth.activate'),
|
||||
'message' => 'Wrong activation page.',
|
||||
'success' => 0,
|
||||
];
|
||||
break;
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
namespace Sakura;
|
||||
|
||||
// Define Sakura version
|
||||
define('SAKURA_VERSION', '20160313');
|
||||
define('SAKURA_VERSION', '20160317');
|
||||
|
||||
// Define Sakura Path
|
||||
define('ROOT', __DIR__ . '/');
|
||||
|
|
35
templates/yuuno/main/reactivate.twig
Normal file
35
templates/yuuno/main/reactivate.twig
Normal file
|
@ -0,0 +1,35 @@
|
|||
{% extends 'global/master.twig' %}
|
||||
|
||||
{% block title %}Reactivate account{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
{% if sakura.lockAuth %}
|
||||
<h1 class="stylised" style="line-height: 1.8em; text-align: center;">Reactivation is disabled for security checkups! Try again later.</h1>
|
||||
{% else %}
|
||||
<div class="loginPage">
|
||||
<div class="resendForm">
|
||||
<div class="head">
|
||||
Reactivate account
|
||||
</div>
|
||||
<form method="post" action="{{ route('auth.reactivate') }}" id="resendForm">
|
||||
<input type="hidden" name="session" value="{{ php.sessionid }}" />
|
||||
<div class="leftAlign">
|
||||
<label for="activeUserName">Username:</label>
|
||||
</div>
|
||||
<div class="centreAlign">
|
||||
<input class="inputStyling" type="text" id="activeUserName" name="username" />
|
||||
</div>
|
||||
<div class="leftAlign">
|
||||
<label for="activeEmail">E-mail:</label>
|
||||
</div>
|
||||
<div class="centreAlign">
|
||||
<input class="inputStyling" type="text" id="activeEmail" name="email" />
|
||||
</div>
|
||||
<div class="centreAlign">
|
||||
<input class="inputStyling" type="submit" name="submit" value="Request Activation" id="requestActiveBtn" />
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
{% endblock %}
|
Reference in a new issue