The official, canonical postActiv repository. http://www.postactiv.com

confirmaddress.php 8.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209
  1. <?php
  2. // !TODO: I WRITE HTML, REFACTOR FOR SMARTY
  3. /* ============================================================================
  4. * Title: ConfirmAddress
  5. * Confirm an email address
  6. *
  7. * postActiv:
  8. * the micro-blogging software
  9. *
  10. * Copyright:
  11. * Copyright (C) 2016-2018, Maiyannah Bishop
  12. *
  13. * Derived from code copyright various sources:
  14. * o GNU Social (C) 2013-2016, Free Software Foundation, Inc
  15. * o StatusNet (C) 2008-2012, StatusNet, Inc
  16. * ----------------------------------------------------------------------------
  17. * License:
  18. * This program is free software: you can redistribute it and/or modify
  19. * it under the terms of the GNU Affero General Public License as published by
  20. * the Free Software Foundation, either version 3 of the License, or
  21. * (at your option) any later version.
  22. *
  23. * This program is distributed in the hope that it will be useful,
  24. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  25. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  26. * GNU Affero General Public License for more details.
  27. *
  28. * You should have received a copy of the GNU Affero General Public License
  29. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  30. *
  31. * <https://www.gnu.org/licenses/agpl.html>
  32. * ----------------------------------------------------------------------------
  33. * About:
  34. * Confirm an email address
  35. *
  36. * When users change their SMS, email, Jabber, or other addresses, we send out
  37. * a confirmation code to make sure the owner of that address approves. This class
  38. * accepts those codes.
  39. *
  40. * PHP version:
  41. * Tested with PHP 7.0
  42. * ----------------------------------------------------------------------------
  43. * File Authors:
  44. * o Evan Prodromou
  45. * o Mike Cochrane <mikec@mikenz.geek.nz>
  46. * o Zach Copley
  47. * o Jeffrey To <jeffery.to@gmail.com>
  48. * o Siebrand Mazeland <s.mazeland@xs4all.nl>
  49. * o Craig Andrews <candrews@integralblue.com>
  50. * o Brion Vibber <brion@pobox.com>
  51. * o Mikael Nordfeldth <mmn@hethane.se>
  52. * o Maiyannah Bishop <maiyannah.bishop@postactiv.com>
  53. *
  54. * Web:
  55. * o postActiv <http://www.postactiv.com>
  56. * o GNU social <https://www.gnu.org/s/social/>
  57. * ============================================================================
  58. */
  59. // This file is formatted so that it provides useful documentation output in
  60. // NaturalDocs. Please be considerate of this before changing formatting.
  61. if (!defined('POSTACTIV')) { exit(1); }
  62. class ConfirmaddressAction extends ManagedAction
  63. {
  64. /** type of confirmation. */
  65. protected $address;
  66. protected function doPreparation()
  67. {
  68. if (!common_logged_in()) {
  69. common_set_returnto($this->selfUrl());
  70. common_redirect(common_local_url('login'));
  71. }
  72. $code = $this->trimmed('code');
  73. if (!$code) {
  74. // TRANS: Client error displayed when not providing a confirmation code in the contact address confirmation action.
  75. throw new ClientException(_('No confirmation code.'));
  76. }
  77. $confirm = Confirm_address::getKV('code', $code);
  78. if (!$confirm instanceof Confirm_address) {
  79. // TRANS: Client error displayed when providing a non-existing confirmation code in the contact address confirmation action.
  80. throw new ClientException(_('Confirmation code not found.'), 404);
  81. }
  82. try {
  83. $profile = Profile::getByID($confirm->user_id);
  84. } catch (NoResultException $e) {
  85. common_log(LOG_INFO, 'Tried to confirm the email for a deleted profile: '._ve(['id'=>$confirm->user_id, 'email'=>$confirm->address]));
  86. $confirm->delete();
  87. throw $e;
  88. }
  89. if (!$profile->sameAs($this->scoped)) {
  90. // TRANS: Client error displayed when not providing a confirmation code for another user in the contact address confirmation action.
  91. throw new AuthorizationException(_('That confirmation code is not for you!'));
  92. }
  93. $type = $confirm->address_type;
  94. $transports = array();
  95. Event::handle('GetImTransports', array(&$transports));
  96. if (!in_array($type, array('email', 'sms')) && !in_array($type, array_keys($transports))) {
  97. // TRANS: Server error for an unknown address type, which can be 'email', 'sms', or the name of an IM network (such as 'xmpp' or 'aim')
  98. throw new ServerException(sprintf(_('Unrecognized address type %s'), $type));
  99. }
  100. $this->address = $confirm->address;
  101. $cur = $this->scoped->getUser();
  102. $cur->query('BEGIN');
  103. if (in_array($type, array('email', 'sms'))) {
  104. common_debug("Confirming {$type} address for user {$this->scoped->getID()}");
  105. if ($cur->$type == $confirm->address) {
  106. // Already verified, so delete the confirm_address entry
  107. $confirm->delete();
  108. // TRANS: Client error for an already confirmed email/jabber/sms address.
  109. throw new AlreadyFulfilledException(_('That address has already been confirmed.'));
  110. }
  111. $orig_user = clone($cur);
  112. $cur->$type = $confirm->address;
  113. if ($type == 'sms') {
  114. $cur->carrier = ($confirm->address_extra)+0;
  115. $carrier = Sms_carrier::getKV($cur->carrier);
  116. $cur->smsemail = $carrier->toEmailAddress($cur->sms);
  117. }
  118. // Throws exception on failure.
  119. $cur->updateWithKeys($orig_user);
  120. if ($type == 'email') {
  121. $cur->emailChanged();
  122. }
  123. } else {
  124. $user_im_prefs = new User_im_prefs();
  125. $user_im_prefs->transport = $confirm->address_type;
  126. $user_im_prefs->user_id = $cur->id;
  127. if ($user_im_prefs->find() && $user_im_prefs->fetch()) {
  128. if($user_im_prefs->screenname == $confirm->address){
  129. // Already verified, so delete the confirm_address entry
  130. $confirm->delete();
  131. // TRANS: Client error for an already confirmed IM address.
  132. throw new AlreadyFulfilledException(_('That address has already been confirmed.'));
  133. }
  134. $user_im_prefs->screenname = $confirm->address;
  135. $result = $user_im_prefs->update();
  136. if ($result === false) {
  137. common_log_db_error($user_im_prefs, 'UPDATE', __FILE__);
  138. // TRANS: Server error displayed when updating IM preferences fails.
  139. throw new ServerException(_('Could not update user IM preferences.'));
  140. }
  141. }else{
  142. $user_im_prefs = new User_im_prefs();
  143. $user_im_prefs->screenname = $confirm->address;
  144. $user_im_prefs->transport = $confirm->address_type;
  145. $user_im_prefs->user_id = $cur->id;
  146. $result = $user_im_prefs->insert();
  147. if ($result === false) {
  148. common_log_db_error($user_im_prefs, 'INSERT', __FILE__);
  149. // TRANS: Server error displayed when adding IM preferences fails.
  150. throw new ServerException(_('Could not insert user IM preferences.'));
  151. }
  152. }
  153. }
  154. $confirm->delete();
  155. $cur->query('COMMIT');
  156. }
  157. /**
  158. * Title of the page
  159. *
  160. * @return string title
  161. */
  162. function title()
  163. {
  164. // TRANS: Title for the contact address confirmation action.
  165. return _('Confirm address');
  166. }
  167. /**
  168. * Show a confirmation message.
  169. *
  170. * @return void
  171. */
  172. function showContent()
  173. {
  174. $this->element('p', null,
  175. // TRANS: Success message for the contact address confirmation action.
  176. // TRANS: %s can be 'email', 'jabber', or 'sms'.
  177. sprintf(_('The address "%s" has been '.
  178. 'confirmed for your account.'),
  179. $this->address));
  180. }
  181. }
  182. // END OF FILE
  183. // ============================================================================
  184. ?>