Home Explore Help
Register Sign In
biodantas
/
gnu-social
forked from diogo/gnu-social
Watch 1
Star 0
Fork 0
Files
Tree: v1.2.x
Branches Tags
gnu-social
/
plugins
/
EmailRegistration
/
actions
/
emailregister.php

emailregister.php 14 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * StatusNet - the distributed open-source microblogging tool
    4. 

  4.  * Copyright (C) 2011, StatusNet, Inc.
    5. 

  5.  *
    6. 

  6.  * Register a user by their email address
    7. 

  7.  *
    8. 

  8.  * PHP version 5
    9. 

  9.  *
    10. 

  10.  * This program is free software: you can redistribute it and/or modify
    11. 

  11.  * it under the terms of the GNU Affero General Public License as published by
    12. 

  12.  * the Free Software Foundation, either version 3 of the License, or
    13. 

  13.  * (at your option) any later version.
    14. 

  14.  *
    15. 

  15.  * This program is distributed in the hope that it will be useful,
    16. 

  16.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    17. 

  17.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    18. 

  18.  * GNU Affero General Public License for more details.
    19. 

  19.  *
    20. 

  20.  * You should have received a copy of the GNU Affero General Public License
    21. 

  21.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    22. 

  22.  *
    23. 

  23.  * @category  Email registration
    24. 

  24.  * @package   StatusNet
    25. 

  25.  * @author    Evan Prodromou <evan@status.net>
    26. 

  26.  * @copyright 2011 StatusNet, Inc.
    27. 

  27.  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
    28. 

  28.  * @link      http://status.net/
    29. 

  29.  */
    30. 

  30. 

  31. if (!defined('STATUSNET')) {
    32. 

  32.     // This check helps protect against security problems;
    33. 

  33.     // your code file can't be executed directly from the web.
    34. 

  34.     exit(1);
    35. 

  35. }
    36. 

  36. 

  37. /**
    38. 

  38.  * Email registration
    39. 

  39.  *
    40. 

  40.  * There are four cases where we're called:
    41. 

  41.  *
    42. 

  42.  * 1. GET, no arguments. Initial registration; ask for an email address.
    43. 

  43.  * 2. POST, email address argument. Initial registration; send an email to confirm.
    44. 

  44.  * 3. GET, code argument. Confirming an invitation or a registration; look them up,
    45. 

  45.  *    create the relevant user if possible, login as that user, and
    46. 

  46.  *    show a password-entry form.
    47. 

  47.  * 4. POST, password argument. After confirmation, set the password for the new
    48. 

  48.  *    user, and redirect to a registration complete action with some instructions.
    49. 

  49.  *
    50. 

  50.  * @category  Action
    51. 

  51.  * @package   StatusNet
    52. 

  52.  * @author    Evan Prodromou <evan@status.net>
    53. 

  53.  * @copyright 2011 StatusNet, Inc.
    54. 

  54.  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
    55. 

  55.  * @link      http://status.net/
    56. 

  56.  */
    57. 

  57. class EmailregisterAction extends Action
    58. 

  58. {
    59. 

  59.     const NEWEMAIL = 1;
    60. 

  60.     const SETPASSWORD = 2;
    61. 

  61.     const NEWREGISTER = 3;
    62. 

  62.     const CONFIRMINVITE = 4;
    63. 

  63.     const CONFIRMREGISTER = 5;
    64. 

  64. 

  65.     const CONFIRMTYPE = 'register';
    66. 

  66. 

  67.     protected $user;
    68. 

  68.     protected $email;
    69. 

  69.     protected $code;
    70. 

  70.     protected $invitation;
    71. 

  71.     protected $confirmation;
    72. 

  72.     protected $password1;
    73. 

  73.     protected $password2;
    74. 

  74.     protected $state;
    75. 

  75.     protected $error;
    76. 

  76.     protected $complete;
    77. 

  77. 

  78.     function prepare($argarray)
    79. 

  79.     {
    80. 

  80.         parent::prepare($argarray);
    81. 

  81. 

  82.         if (common_config('site', 'closed')) {
    83. 

  83.             // TRANS: Client exception trown when registration by e-mail is not allowed.
    84. 

  84.             throw new ClientException(_m('Registration not allowed.'), 403);
    85. 

  85.         }
    86. 

  86. 

  87.         if ($this->isPost()) {
    88. 

  88. 

  89.             $this->checkSessionToken();
    90. 

  90. 

  91.             $this->email = $this->trimmed('email');
    92. 

  92. 

  93.             if (!empty($this->email)) {
    94. 

  94.                 if (common_config('site', 'inviteonly')) {
    95. 

  95.                     // TRANS: Client exception trown when trying to register without an invitation.
    96. 

  96.                     throw new ClientException(_m('Sorry, only invited people can register.'), 403);
    97. 

  97.                 }
    98. 

  98.                 $this->email = common_canonical_email($this->email);
    99. 

  99.                 $this->state = self::NEWEMAIL;
    100. 

  100.             } else {
    101. 

  101.                 $this->state = self::SETPASSWORD;
    102. 

  102. 

  103.                 $this->code = $this->trimmed('code');
    104. 

  104. 

  105.                 if (empty($this->code)) {
    106. 

  106.                     // TRANS: Client exception thrown when no confirmation code was provided.
    107. 

  107.                     throw new ClientException(_m('No confirmation code.'));
    108. 

  108.                 }
    109. 

  109. 

  110.                 $this->invitation = Invitation::getKV('code', $this->code);
    111. 

  111. 

  112.                 if (!empty($this->invitation)) {
    113. 

  113.                     if (!empty($this->invitation->registered_user_id)) {
    114. 

  114.                         // TRANS: Client exception trown when using an invitation multiple times.
    115. 

  115.                         throw new ClientException(_m('Invitation already used.'), 403);
    116. 

  116.                     }
    117. 

  117.                 } else {
    118. 

  118. 

  119.                     $this->confirmation = Confirm_address::getKV('code', $this->code);
    120. 

  120. 

  121.                     if (empty($this->confirmation)) {
    122. 

  122.                         // TRANS: Client exception thrown when given confirmation code was not issued.
    123. 

  123.                         throw new ClientException(_m('No such confirmation code.'), 403);
    124. 

  124.                     }
    125. 

  125.                 }
    126. 

  126. 

  127.                 $this->nickname = Nickname::normalize($this->trimmed('nickname'));
    128. 

  128.                 $this->password1 = $this->trimmed('password1');
    129. 

  129.                 $this->password2 = $this->trimmed('password2');
    130. 

  130. 

  131.                 $this->tos = $this->boolean('tos');
    132. 

  132.             }
    133. 

  133.         } else { // GET
    134. 

  134.             $this->code = $this->trimmed('code');
    135. 

  135. 

  136.             if (empty($this->code)) {
    137. 

  137.                 if (common_config('site', 'inviteonly')) {
    138. 

  138.                     // TRANS: Client exception trown when trying to register without an invitation.
    139. 

  139.                     throw new ClientException(_m('Sorry, only invited people can register.'), 403);
    140. 

  140.                 }
    141. 

  141.                 $this->state = self::NEWREGISTER;
    142. 

  142.             } else {
    143. 

  143.                 $this->invitation = Invitation::getKV('code', $this->code);
    144. 

  144.                 if (!empty($this->invitation)) {
    145. 

  145.                     if (!empty($this->invitation->registered_user_id)) {
    146. 

  146.                         // TRANS: Client exception trown when using an invitation multiple times.
    147. 

  147.                         throw new ClientException(_m('Invitation already used.'), 403);
    148. 

  148.                     }
    149. 

  149.                     $this->state = self::CONFIRMINVITE;
    150. 

  150.                 } else {
    151. 

  151.                     $this->state = self::CONFIRMREGISTER;
    152. 

  152.                     $this->confirmation = Confirm_address::getKV('code', $this->code);
    153. 

  153. 

  154.                     if (empty($this->confirmation)) {
    155. 

  155.                         // TRANS: Client exception thrown when given confirmation code was not issued.
    156. 

  156.                         throw new ClientException(_m('No such confirmation code.'), 405);
    157. 

  157.                     }
    158. 

  158.                 }
    159. 

  159.             }
    160. 

  160.         }
    161. 

  161. 

  162.         return true;
    163. 

  163.     }
    164. 

  164. 

  165.     function title()
    166. 

  166.     {
    167. 

  167.         switch ($this->state) {
    168. 

  168.         case self::NEWREGISTER:
    169. 

  169.         case self::NEWEMAIL:
    170. 

  170.             // TRANS: Title for registration page.
    171. 

  171.             return _m('TITLE','Register');
    172. 

  172.             break;
    173. 

  173.         case self::SETPASSWORD:
    174. 

  174.         case self::CONFIRMINVITE:
    175. 

  175.         case self::CONFIRMREGISTER:
    176. 

  176.             // TRANS: Title for page where to register with a confirmation code.
    177. 

  177.             return _m('TITLE','Complete registration');
    178. 

  178.             break;
    179. 

  179.         }
    180. 

  180.     }
    181. 

  181. 

  182.     /**
    183. 

  183.      * Handler method
    184. 

  184.      *
    185. 

  185.      * @param array $argarray is ignored since it's now passed in in prepare()
    186. 

  186.      *
    187. 

  187.      * @return void
    188. 

  188.      */
    189. 

  189.     function handle($argarray=null)
    190. 

  190.     {
    191. 

  191.         $cur = common_current_user();
    192. 

  192. 

  193.         if (!empty($cur)) {
    194. 

  194.             common_redirect(common_local_url('all', array('nickname' => $cur->nickname)));
    195. 

  195.         }
    196. 

  196. 

  197.         switch ($this->state) {
    198. 

  198.         case self::NEWREGISTER:
    199. 

  199.             $this->showRegistrationForm();
    200. 

  200.             break;
    201. 

  201.         case self::NEWEMAIL:
    202. 

  202.             $this->registerUser();
    203. 

  203.             break;
    204. 

  204.         case self::CONFIRMINVITE:
    205. 

  205.             $this->confirmRegistration();
    206. 

  206.             break;
    207. 

  207.         case self::CONFIRMREGISTER:
    208. 

  208.             $this->confirmRegistration();
    209. 

  209.             break;
    210. 

  210.         case self::SETPASSWORD:
    211. 

  211.             $this->setPassword();
    212. 

  212.             break;
    213. 

  213.         }
    214. 

  214.         return;
    215. 

  215.     }
    216. 

  216. 

  217.     function showRegistrationForm()
    218. 

  218.     {
    219. 

  219.         $this->form = new EmailRegistrationForm($this, $this->email);
    220. 

  220.         $this->showPage();
    221. 

  221.     }
    222. 

  222. 

  223.     function registerUser()
    224. 

  224.     {
    225. 

  225.         try {
    226. 

  226.             $confirm = EmailRegistrationPlugin::registerEmail($this->email);
    227. 

  227.         } catch (ClientException $ce) {
    228. 

  228.             $this->error = $ce->getMessage();
    229. 

  229.             $this->showRegistrationForm();
    230. 

  230.             return;
    231. 

  231.         }
    232. 

  232. 

  233.         EmailRegistrationPlugin::sendConfirmEmail($confirm);
    234. 

  234. 

  235.         // TRANS: Confirmation text after initial registration.
    236. 

  236.         // TRANS: %s an e-mail address.
    237. 

  237.         $prompt = sprintf(_m('An email was sent to %s to confirm that address. Check your email inbox for instructions.'),
    238. 

  238.                           $this->email);
    239. 

  239. 

  240.         $this->complete = $prompt;
    241. 

  241. 

  242.         $this->showPage();
    243. 

  243.     }
    244. 

  244. 

  245.     function confirmRegistration()
    246. 

  246.     {
    247. 

  247.         if (!empty($this->invitation)) {
    248. 

  248.             $email = $this->invitation->address;
    249. 

  249.         } else if (!empty($this->confirmation)) {
    250. 

  250.             $email = $this->confirmation->address;
    251. 

  251.         }
    252. 

  252. 

  253.         $nickname = $this->nicknameFromEmail($email);
    254. 

  254. 

  255.         $this->form = new ConfirmRegistrationForm($this,
    256. 

  256.                                                   $nickname,
    257. 

  257.                                                   $email,
    258. 

  258.                                                   $this->code);
    259. 

  259.         $this->showPage();
    260. 

  260.     }
    261. 

  261. 

  262.     function setPassword()
    263. 

  263.     {
    264. 

  264.         if (Event::handle('StartRegistrationTry', array($this))) {
    265. 

  265.             if (!empty($this->invitation)) {
    266. 

  266.                 $email = trim($this->invitation->address);
    267. 

  267.             } else if (!empty($this->confirmation)) {
    268. 

  268.                 $email = trim($this->confirmation->address);
    269. 

  269.             } else {
    270. 

  270.                 // TRANS: Client exception trown when trying to set password with an invalid confirmation code.
    271. 

  271.                 throw new Exception(_m('No confirmation thing.'));
    272. 

  272.             }
    273. 

  273. 

  274.             if (!$this->tos) {
    275. 

  275.                 // TRANS: Error text when trying to register without agreeing to the terms.
    276. 

  276.                 $this->error = _m('You must accept the terms of service and privacy policy to register.');
    277. 

  277.             } else if (empty($this->password1)) {
    278. 

  278.                 // TRANS: Error text when trying to register without a password.
    279. 

  279.                 $this->error = _m('You must set a password');
    280. 

  280.             } else if (strlen($this->password1) < 6) {
    281. 

  281.                 // TRANS: Error text when trying to register with too short a password.
    282. 

  282.                 $this->error = _m('Password must be 6 or more characters.');
    283. 

  283.             } else if ($this->password1 != $this->password2) {
    284. 

  284.                 // TRANS: Error text when trying to register without providing the same password twice.
    285. 

  285.                 $this->error = _m('Passwords do not match.');
    286. 

  286.             }
    287. 

  287. 

  288.             if (!empty($this->error)) {
    289. 

  289.                 $this->form = new ConfirmRegistrationForm($this, $this->nickname, $email, $this->code);
    290. 

  290.                 $this->showPage();
    291. 

  291.                 return;
    292. 

  292.             }
    293. 

  293. 

  294.             try {
    295. 

  295.                 $fields = array('nickname' => $this->nickname,
    296. 

  296.                                 'email' => $email,
    297. 

  297.                                 'password' => $this->password1,
    298. 

  298.                                 'email_confirmed' => true);
    299. 

  299. 

  300.                 if (!empty($this->invitation)) {
    301. 

  301.                     $fields['code'] = $this->invitation->code;
    302. 

  302.                 }
    303. 

  303.                 $this->user = User::register($fields);
    304. 

  304.             } catch (ClientException $e) {
    305. 

  305.                 $this->error = $e->getMessage();
    306. 

  306.                 $this->form = new ConfirmRegistrationForm($this, $this->nickname, $email, $this->code);
    307. 

  307.                 $this->showPage();
    308. 

  308.                 return;
    309. 

  309.             }
    310. 

  310. 

  311.             if (empty($this->user)) {
    312. 

  312.                 // TRANS: Exception trown when using an invitation multiple times.
    313. 

  313.                 throw new Exception(_m('Failed to register user.'));
    314. 

  314.             }
    315. 

  315. 

  316.             common_set_user($this->user);
    317. 

  317.             // this is a real login
    318. 

  318.             common_real_login(true);
    319. 

  319. 

  320.             // Re-init language env in case it changed (not yet, but soon)
    321. 

  321.             common_init_language();
    322. 

  322. 

  323.             if (!empty($this->confirmation)) {
    324. 

  324.                 $this->confirmation->delete();
    325. 

  325.             }
    326. 

  326. 

  327.             Event::handle('EndRegistrationTry', array($this));
    328. 

  328.         }
    329. 

  329. 

  330.         if (Event::handle('StartRegisterSuccess', array($this))) {
    331. 

  331.             Event::handle('EndRegisterSuccess', array($this));
    332. 

  332.             common_redirect(common_local_url('doc', array('title' => 'welcome')), 303);
    333. 

  333.             // common_redirect exits, so we can't run the event _after_ it of course.
    334. 

  334.         }
    335. 

  335.     }
    336. 

  336. 

  337.     function sendConfirmEmail($confirm)
    338. 

  338.     {
    339. 

  339.         $sitename = common_config('site', 'name');
    340. 

  340. 

  341.         $recipients = array($confirm->address);
    342. 

  342. 

  343.         $headers['From'] = mail_notify_from();
    344. 

  344.         $headers['To'] = trim($confirm->address);
    345. 

  345.          // TRANS: Subject for confirmation e-mail.
    346. 

  346.          // TRANS: %s is the StatusNet sitename.
    347. 

  347.         $headers['Subject'] = sprintf(_m('Confirm your registration on %s'), $sitename);
    348. 

  348. 

  349.         $confirmUrl = common_local_url('register', array('code' => $confirm->code));
    350. 

  350. 

  351.         // TRANS: Body for confirmation e-mail.
    352. 

  352.         // TRANS: %1$s is the StatusNet sitename, %2$s is the confirmation URL.
    353. 

  353.         $body = sprintf(_m('Someone (probably you) has requested an account on %1$s using this email address.'.
    354. 

  354.                           "\n".
    355. 

  355.                           'To confirm the address, click the following URL or copy it into the address bar of your browser.'.
    356. 

  356.                           "\n".
    357. 

  357.                           '%2$s'.
    358. 

  358.                           "\n".
    359. 

  359.                           'If it was not you, you can safely ignore this message.'),
    360. 

  360.                         $sitename,
    361. 

  361.                         $confirmUrl);
    362. 

  362. 

  363.         mail_send($recipients, $headers, $body);
    364. 

  364.     }
    365. 

  365. 

  366.     function showContent()
    367. 

  367.     {
    368. 

  368.         if ($this->complete) {
    369. 

  369.             $this->elementStart('p', 'success');
    370. 

  370.             $this->raw($this->complete);
    371. 

  371.             $this->elementEnd('p');
    372. 

  372.         } else {
    373. 

  373.             if ($this->error) {
    374. 

  374.                 $this->elementStart('p', 'error');
    375. 

  375.                 $this->raw($this->error);
    376. 

  376.                 $this->elementEnd('p');
    377. 

  377.             }
    378. 

  378. 

  379.             if (!empty($this->form)) {
    380. 

  380.                 $this->form->show();
    381. 

  381.             }
    382. 

  382.         }
    383. 

  383.     }
    384. 

  384. 

  385.     /**
    386. 

  386.      * Return true if read only.
    387. 

  387.      *
    388. 

  388.      * MAY override
    389. 

  389.      *
    390. 

  390.      * @param array $args other arguments
    391. 

  391.      *
    392. 

  392.      * @return boolean is read only action?
    393. 

  393.      */
    394. 

  394.     function isReadOnly($args)
    395. 

  395.     {
    396. 

  396.         return false;
    397. 

  397.     }
    398. 

  398. 

  399.     function nicknameFromEmail($email)
    400. 

  400.     {
    401. 

  401.         return EmailRegistrationPlugin::nicknameFromEmail($email);
    402. 

  402.     }
    403. 

  403. 

  404.     /**
    405. 

  405.      * A local menu
    406. 

  406.      *
    407. 

  407.      * Shows different login/register actions.
    408. 

  408.      *
    409. 

  409.      * @return void
    410. 

  410.      */
    411. 

  411.     function showLocalNav()
    412. 

  412.     {
    413. 

  413.         $nav = new LoginGroupNav($this);
    414. 

  414.         $nav->show();
    415. 

  415.     }
    416. 

  416. }
    417. 

  417.