-
Notifications
You must be signed in to change notification settings - Fork 54
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Real email confirmation is here (issue 25). This is both an addition …
…to the Admin CP and Client CP. Admins can now manage unconfirmed emails by going to Clients -> Email Confirmation. Users can check the status of their email or change it in their control panel under the Change Email navigation item. At this point in time having an unconfirmed email doesn't really do anything. In future releases we can use this info to automatically suspend or terminate accounts that have not validated their emails in a certain amount of time. Or suspend accounts immediately after signup until they have confirmed their email, much like Admin Validation is now. Confirm codes are just sha1 hashes of some data. Chance of collision is within acceptable limits. Even if hashes were to collide it wouldn't be disastrous as they're not logically required to be unique. This revision replaces the initial implementation of this idea by kujoez in r53-r55 and r58. You can check on the status of a user's email from anywhere using the $main->getEmailStatus method. It returns an integer 0 meaning the email is confirmed, 1 meaning "accepted" or not confirmed but email validation is not required, 2 meaning the email is unconfirmed, and 3 meaning the email is unconfirmed because they're attempting to change their email. When a user's account is initially suspended due to Admin Validation their account is suspended with the reason "TheHostingTool: Awaiting Admin Validation" Also introduced the ability to re-order the Client CP navigation in the database through a weight column.
- Loading branch information
Showing
17 changed files
with
319 additions
and
69 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
<?php | ||
if(THT != 1){die();} | ||
|
||
class page { | ||
public function content($passthrough = false) { | ||
global $main, $db, $style, $email; | ||
$id = $_SESSION['cuser']; | ||
$status = $main->getEmailStatus($id); | ||
$rep['STATUS'] = $style->notice(true, 'Confirmed'); | ||
$rep['RESEND'] = 'disabled="disabled"'; | ||
$rep['CANCEL'] = 'disabled="disabled"'; | ||
switch($status) { | ||
case 1: | ||
$rep['STATUS'] = $style->notice(true, 'Accepted'); | ||
break; | ||
case 3: | ||
$rep['CANCEL'] = ''; | ||
case 2: | ||
$rep['STATUS'] = $style->notice(false, 'Unconfirmed'); | ||
$rep['RESEND'] = ''; | ||
break; | ||
} | ||
if($_POST && !$passthrough) { | ||
if(isset($_POST['change'])) { | ||
$newemail = $_POST['newemail']; | ||
if(preg_match('/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i', $newemail)) { | ||
$query = $db->query("SELECT `id` FROM `<PRE>users` WHERE `email` = '{$db->strip($newemail)}' AND `id` != '{$db->strip($id)}'"); | ||
if($db->num_rows($query) != 0) { | ||
$main->errors("That email address is already in use!"); | ||
} else { | ||
$db->query("UPDATE `<PRE>users` SET `newemail` = '{$db->strip($newemail)}' WHERE `id` = {$db->strip($id)}"); | ||
if($email->sendConfirmEmail($id)) { | ||
$main->errors('Confirmation email sent to <code>'.$newemail.'</code>'); | ||
} else { | ||
$main->errors('Failed to resend email confirmation.'); | ||
} | ||
} | ||
} else { | ||
$main->errors("Email incorrectly formatted."); | ||
} | ||
} elseif(isset($_POST['resend']) && $rep['RESEND'] == '') { | ||
$result = $email->sendConfirmEmail($id); | ||
if($result) { | ||
$main->errors("Confirmation email resent to <code>{$result[1]}</code>"); | ||
} else { | ||
$main->errors("Failed to resend confirmation email."); | ||
} | ||
} elseif(isset($_POST['cancel']) && $rep['CANCEL'] == '') { | ||
$db->query("UPDATE `<PRE>users` SET `confirmcode` = NULL, `newemail` = NULL WHERE `id` = {$db->strip($id)}"); | ||
$main->errors("Canceled email update."); | ||
} | ||
$this->content(true); | ||
return; | ||
} | ||
$client = $db->client($id); | ||
$rep['EMAIL'] = $client['email']; | ||
$rep['NEWEMAIL'] = $client['newemail']!==null?$client['newemail']:''; | ||
echo $style->replaceVar('tpl/clientchangemail.tpl', $rep); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.