Permalink
Browse files

Add support for the new mobile phone feature.

  • Loading branch information...
1 parent 0f436d7 commit 50ae5062ea56beeabed2ab5a228f9d00d442c345 @evansims evansims committed Aug 15, 2012
Showing with 141 additions and 16 deletions.
  1. +77 −13 app/class.controllers.php
  2. +13 −0 app/class.service.php
  3. +2 −2 app/class.sessions.php
  4. +1 −0 app/views/header.php
  5. +1 −1 app/views/home.php
  6. +45 −0 app/views/phone.php
  7. +2 −0 index.php
View
@@ -101,30 +101,30 @@ public static function Security() {
if(isset($_POST['activity'])) {
if($_POST['activity'] == 'password') {
- $password = (isset($_POST['password']) ? $_POST['password'] : null);
+ //$password = (isset($_POST['password']) ? $_POST['password'] : null);
$new_password = (isset($_POST['new_password']) ? $_POST['new_password'] : null);
$confirm_password = (isset($_POST['confirm_password']) ? $_POST['confirm_password'] : null);
- if($password) {
+ //if($password) {
if($new_password && $confirm_password) {
if(strlen($new_password) > 5 && strlen($new_password) < 128) {
if($new_password === $confirm_password) {
if(strtoupper($new_password) !== $new_password) {
- if($password_check = Service::checkPassword($password)) {
- if($password_check->success) {
+ //if($password_check = Service::checkPassword($password)) {
+ //if($password_check->success) {
if($password_check = Service::changePassword($new_password)) {
$password_update_message = 'Your password has been updated.';
} else {
$password_update_error = $password_check->error;
}
- } else {
- $password_update_error = $password_check->error; //'The account password you provided was incorrect. Please try again.';
- }
+ //} else {
+ // $password_update_error = $password_check->error; //'The account password you provided was incorrect. Please try again.';
+ //}
- } else {
- $password_update_error = 'We encountered a technical problem. Please try again later.';
- }
+ //} else {
+ // $password_update_error = 'We encountered a technical problem. Please try again later.';
+ //}
} else {
$password_update_error = 'Your password appears to be fully capitalized. Do you have your caps lock on?';
@@ -142,9 +142,9 @@ public static function Security() {
$password_update_error = 'You must provide and confirm your new password choice.';
}
- } else {
- $password_update_error = 'You must provide your password.';
- }
+ //} else {
+ // $password_update_error = 'You must provide your password.';
+ //}
} elseif($_POST['activity'] == 'yubikey_remove') {
if($removal = Service::deleteYubikey()) {
@@ -276,6 +276,70 @@ public static function Security() {
Cleanup();
}
+ public static function Phone() {
+ $user = &Service::$user;
+
+ $set_action_message = null;
+ $set_action_error = null;
+ $button_text = 'Change or Remove';
+
+ if(isset($_POST['activity'])) {
+
+ if($_POST['activity'] == 'update_phone') {
+ if(isset($_POST['number'])) {
+ $_POST['number'] = substr(trim(str_replace(array('+', '-'), '', filter_var($_POST['number'], FILTER_SANITIZE_NUMBER_INT))), 0, 50);
+
+ if($_POST['number'] == $user->phone->number) {
+ if(isset($_POST['code'])) {
+ $_POST['code'] = substr(filter_var($_POST['code'], FILTER_SANITIZE_STRING), 0, 6);
+
+ if($ret = Service::confirmPhone($_POST['number'], $_POST['code'])) {
+ if(isset($ret->success) && $ret->success == true) {
+ $user->phone->confirmed = true;
+ $set_action_message = 'Your phone was linked successfully.';
+ } else {
+ $set_action_error = $ret->error;
+ }
+ }
+ }
+ } else {
+ if($ret = Service::setPhone($_POST['number'])) {
+ if(isset($ret->success) && $ret->success == true) {
+ $user->phone->number = $_POST['number'];
+
+ if(strlen($_POST['number'])) {
+ $set_action_message = 'We just sent you your confirmation code. Please enter it below.';
+ $button_text = 'Confirm';
+ } else {
+ $set_action_message = 'Your account is no longer linked to any phones.';
+ }
+
+ } else {
+ $set_action_error = $ret->error; // TODO CHECK FOR DUPLICATES!!
+ }
+ }
+ }
+ }
+ }
+
+ } else {
+ if(!$user->phone->number) {
+ $button_text = 'Send SMS';
+ }
+ if($user->phone->number && !$user->phone->confirmed) {
+ $button_text = 'Confirm';
+ }
+ }
+
+ Views::Render("phone", array(
+ 'user' => $user,
+ 'set_action_message' => $set_action_message,
+ 'set_action_error' => $set_action_error,
+ 'button_text' => $button_text
+ ));
+ Cleanup();
+ }
+
public static function Register() {
$register_message = null;
$register_error = null;
View
@@ -72,6 +72,14 @@ public static function setChallengeAnswer($answer) {
return Service::apiCall("PUT", "/user/:user_id/challenge/answer/", array('answer' => $answer));
}
+ public static function setPhone($number) {
+ return Service::apiCall("POST", "/user/:user_id/phone/", array('phone' => $number));
+ }
+
+ public static function confirmPhone($number, $code) {
+ return Service::apiCall("POST", "/user/:user_id/phone/confirm/", array('phone' => $number, 'code' => $code));
+ }
+
public static function getYubikeyPair() {
return Service::apiCall("GET", "/user/:user_id/security/yubikey/");
}
@@ -96,6 +104,11 @@ static function apiCall($method, $url, $params = array()) {
$api = &Service::$api;
+ if(Sessions::$loggedin) {
+ $params['user_id'] = Sessions::$data['user_id'];
+ $params['session_id'] = Sessions::$data['session_id'];
+ }
+
if(!$api) {
$api = curl_init();
}
View
@@ -23,10 +23,10 @@ static public function Check() {
if($session) {
if($session->success) {
+ Sessions::$loggedin = true;
Service::User(Sessions::$data['user_id']);
Sessions::SetCookie();
- Sessions::$loggedin = true;
return true;
} else {
$page['errors']['login_error'] = $session->error;
@@ -45,10 +45,10 @@ static public function Check() {
Sessions::$data['user_id'] = $auth->user_id;
Sessions::$data['session_id'] = $auth->session_id;
+ Sessions::$loggedin = true;
Service::User(Sessions::$data['user_id']);
Sessions::SetCookie();
- Sessions::$loggedin = true;
return true;
} else {
$page['errors']['login_error'] = $auth->error;
View
@@ -71,6 +71,7 @@
<li class="grouped <?php if(Breadcrumbs::Crumb(0) == 'accounts') echo('active'); ?>"><a href="<?php echo $site['url']; ?>/accounts">Accounts</a></li>
<li class="<?php if(Breadcrumbs::Crumb(0) == 'security') echo('active'); ?>"><a href="<?php echo $site['url']; ?>/security">Security</a></li>
+ <li class="<?php if(Breadcrumbs::Crumb(0) == 'phone') echo('active'); ?>"><a href="<?php echo $site['url']; ?>/phone">Phone</a></li>
<?php /*
<li class="<?php if(Breadcrumbs::Crumb(0) == 'badges') echo('active'); ?>"><a href="<?php echo $site['url']; ?>/badges">Badges</a></li>
View
@@ -22,7 +22,7 @@
echo rtrim($emails, '<br />');
?>
</span>
- <span class="links"><a href="<?php echo($site['url']); ?>/accounts">Edit</a></span>
+ <?php if(count($user->emails) > 1): ?><span class="links"><a href="<?php echo($site['url']); ?>/accounts">Edit</a></span><?php endif; ?>
</li>
<li class="editable" onclick="window.location = '<?php echo($site['url']); ?>/security'; return false;">
<span class="title">Password</span>
View
@@ -0,0 +1,45 @@
+
+ <h3>Link Your Phone</h3>
+ <p>Linking your SMS-capable phone to your CrowdmapID account allows you to sign in using your phone number instead of your email address, and provides a convenient means of resetting forgotten passwords.</p>
+
+ <p>Upon changing your number we will send an SMS message containing your confirmation code.</p>
+
+ <p>Be sure to include your country code (i.e. +1, followed by your area code, for the United States.)</p>
+
+ <?php if(isset($set_action_message) && strlen($set_action_message)): ?>
+ <p class="info_message"><?php echo($set_action_message); ?></p>
+ <?php endif; ?>
+
+ <?php if(isset($set_action_error) && strlen($set_action_error)): ?>
+ <p class="error_message"><?php echo($set_action_error); ?></p>
+ <?php endif; ?>
+
+ <form method="post" action="<?php echo($site['url']); ?>/phone" id="update_phone">
+ <input type="hidden" id="activity" name="activity" value="update_phone" />
+
+ <div class="form-row">
+ <label for="number">Phone Number:</label>
+ <div class="text"><input type="text" id="number" name="number" placeholder="Please provide your phone number." value="<?php echo($user->phone->number); ?>" onclick="this.focus(); this.select(); return false;" /></div>
+ </div>
+
+ <?php if($user->phone->number && !$user->phone->confirmed): ?>
+ <div class="form-row">
+ <label for="code">Confirmation:</label>
+ <div class="text"><input type="text" id="code" name="code" placeholder="Enter the code you received in your SMS." value="" onclick="this.focus(); this.select(); return false;" /></div>
+ </div>
+ <?php endif; ?>
+
+ <div class="form-row">
+ <label class="filler">&nbsp;</label>
+ <div class="buttons">
+ <input type="submit" class="submit" value="<?php echo($button_text); ?>" />
+ </div>
+ </div>
+
+ </form>
+
+ <?php if(isset($add_action_error) && strlen($add_action_error)): ?>
+ <script type="text/javascript">
+ document.getElementById('email').focus();
+ </script>
+ <?php endif; ?>
View
@@ -57,6 +57,8 @@
Controllers::Accounts();
} elseif($p == 'security') {
Controllers::Security();
+ } elseif($p == 'phone') {
+ Controllers::Phone();
} elseif($p == 'home') {
Controllers::Home();
}

0 comments on commit 50ae506

Please sign in to comment.