2018-01-08 Auth, Register
This commit is contained in:
Visman
parent
c27d444203
commit
19dbdb6bbd
14 changed files with 175 additions and 215 deletions
|
|
@ -36,14 +36,11 @@ class Routing
|
|||
// регистрация/вход/выход
|
||||
if ($user->isGuest) {
|
||||
// вход
|
||||
$r->add('GET', '/login', 'Auth:login', 'Login');
|
||||
$r->add('POST', '/login', 'Auth:loginPost');
|
||||
$r->add(['GET', 'POST'], '/login', 'Auth:login', 'Login');
|
||||
// забыли кодовую фразу
|
||||
$r->add('GET', '/login/forget', 'Auth:forget', 'Forget');
|
||||
$r->add('POST', '/login/forget', 'Auth:forgetPost');
|
||||
$r->add(['GET', 'POST'], '/login/forget', 'Auth:forget', 'Forget');
|
||||
// смена кодовой фразы
|
||||
$r->add('GET', '/login/{email}/{key}/{hash}', 'Auth:changePass', 'ChangePassword');
|
||||
$r->add('POST', '/login/{email}/{key}/{hash}', 'Auth:changePassPost');
|
||||
$r->add(['GET', 'POST'], '/login/{email}/{key}/{hash}', 'Auth:changePass', 'ChangePassword');
|
||||
|
||||
// регистрация
|
||||
if ($config->o_regs_allow == '1') {
|
||||
|
|
|
|||
|
|
@ -540,7 +540,11 @@ class Mail
|
|||
{
|
||||
// завершение сеанса smtp
|
||||
if (is_resource($this->connect)) {
|
||||
$this->smtpData('QUIT', null);
|
||||
try {
|
||||
$this->smtpData('QUIT', null);
|
||||
} catch (MailException $e) {
|
||||
//????
|
||||
}
|
||||
@fclose($this->connect);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,11 +16,11 @@ class IsBanned extends Method
|
|||
*/
|
||||
public function isBanned(User $user)
|
||||
{
|
||||
$name = $this->model->trimToNull($this->model->username, true);
|
||||
$name = $this->model->trimToNull($user->username, true);
|
||||
if (null !== $name && isset($this->model->userList[$name])) {
|
||||
return 1;
|
||||
}
|
||||
$email = $this->model->trimToNull($this->model->email);
|
||||
$email = $this->model->trimToNull($user->email);
|
||||
if (null !== $email) {
|
||||
foreach ($this->model->otherList as $row) {
|
||||
if (null === $row['email']) {
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ class Categories extends Admin
|
|||
'form.*.cat_name' => 'required|string:trim|max:80',
|
||||
'form.*.disp_position' => 'required|integer|min:0|max:9999999999',
|
||||
'new' => 'string:trim|max:80'
|
||||
])->setAliases([
|
||||
])->setArguments([
|
||||
])->setMessages([
|
||||
]);
|
||||
|
|
@ -138,6 +139,7 @@ class Categories extends Admin
|
|||
'confirm' => 'integer',
|
||||
'delete' => 'string',
|
||||
'cancel' => 'string',
|
||||
])->setAliases([
|
||||
])->setArguments([
|
||||
'token' => $args,
|
||||
]);
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ class Censoring extends Admin
|
|||
'o_censoring' => 'required|integer|in:0,1',
|
||||
'form.*.search_for' => 'string:trim|max:60',
|
||||
'form.*.replace_with' => 'string:trim|max:60',
|
||||
])->setAliases([
|
||||
])->setArguments([
|
||||
])->setMessages([
|
||||
]);
|
||||
|
|
|
|||
|
|
@ -114,6 +114,7 @@ class Forums extends Admin
|
|||
$v = $this->c->Validator->setRules([
|
||||
'token' => 'token:AdminForums',
|
||||
'form.*.disp_position' => 'required|integer|min:0|max:9999999999',
|
||||
])->setAliases([
|
||||
])->setArguments([
|
||||
])->setMessages([
|
||||
]);
|
||||
|
|
@ -249,6 +250,7 @@ class Forums extends Admin
|
|||
'confirm' => 'integer',
|
||||
'delete' => 'string',
|
||||
'cancel' => 'string',
|
||||
])->setAliases([
|
||||
])->setArguments([
|
||||
'token' => $args,
|
||||
]);
|
||||
|
|
@ -366,6 +368,7 @@ class Forums extends Admin
|
|||
'perms.*.post_topics' => 'checkbox',
|
||||
'submit' => 'string',
|
||||
'reset' => empty($forum->id) ? 'absent' : 'string',
|
||||
])->setAliases([
|
||||
])->setArguments([
|
||||
'token' => $args,
|
||||
]);
|
||||
|
|
|
|||
|
|
@ -114,6 +114,7 @@ class Groups extends Admin
|
|||
$v = $this->c->Validator->setRules([
|
||||
'token' => 'token:AdminGroupsDefault',
|
||||
'defaultgroup' => 'required|integer|in:' . implode(',', array_keys($this->groupsDefault)),
|
||||
])->setAliases([
|
||||
])->setMessages([
|
||||
'defaultgroup.in' => 'Invalid default group',
|
||||
]);
|
||||
|
|
@ -143,6 +144,7 @@ class Groups extends Admin
|
|||
$v = $this->c->Validator->setRules([
|
||||
'token' => 'token:AdminGroupsNew',
|
||||
'basegroup' => 'required|integer|in:' . implode(',', array_keys($this->groupsNew)),
|
||||
])->setAliases([
|
||||
])->setMessages([
|
||||
'basegroup.in' => 'Invalid group to create on base',
|
||||
]);
|
||||
|
|
@ -223,6 +225,7 @@ class Groups extends Admin
|
|||
'g_search_flood' => 'integer|min:0|max:999999',
|
||||
'g_email_flood' => 'integer|min:0|max:999999',
|
||||
'g_report_flood' => 'integer|min:0|max:999999',
|
||||
])->setAliases([
|
||||
])->setArguments([
|
||||
'token' => $vars,
|
||||
])->setMessages([
|
||||
|
|
@ -621,6 +624,7 @@ class Groups extends Admin
|
|||
'confirm' => 'integer',
|
||||
'delete' => 'string',
|
||||
'cancel' => 'string',
|
||||
])->setAliases([
|
||||
])->setArguments([
|
||||
'token' => $args,
|
||||
]);
|
||||
|
|
|
|||
|
|
@ -87,6 +87,7 @@ class Options extends Admin
|
|||
'o_announcement_message' => 'string:trim|max:65000 bytes',
|
||||
'o_maintenance' => 'required|integer|in:0,1|check_empty:o_maintenance_message',
|
||||
'o_maintenance_message' => 'string:trim|max:65000 bytes',
|
||||
])->setAliases([
|
||||
])->setArguments([
|
||||
])->setMessages([
|
||||
'o_board_title' => 'Must enter title message',
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ class Permissions extends Admin
|
|||
'p_sig_all_caps' => 'required|integer|in:0,1',
|
||||
'p_sig_length' => 'required|integer|min:0|max:16000',
|
||||
'p_sig_lines' => 'required|integer|min:0|max:100',
|
||||
])->setAliases([
|
||||
])->setArguments([
|
||||
])->setMessages([
|
||||
]);
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ class Auth extends Page
|
|||
*/
|
||||
public function logout($args)
|
||||
{
|
||||
if (empty($args['token']) || ! $this->c->Csrf->verify($args['token'], 'Logout', $args)) {
|
||||
if (! $this->c->Csrf->verify($args['token'], 'Logout', $args)) {
|
||||
return $this->c->Redirect->page('Index')->message('Bad token');
|
||||
}
|
||||
|
||||
|
|
@ -37,24 +37,37 @@ class Auth extends Page
|
|||
}
|
||||
|
||||
/**
|
||||
* Подготовка данных для страницы входа на форум
|
||||
* Вход на форум
|
||||
*
|
||||
* @param array $args
|
||||
* @param string $method
|
||||
*
|
||||
* @return Page
|
||||
*/
|
||||
public function login(array $args)
|
||||
public function login(array $args, $method)
|
||||
{
|
||||
$this->c->Lang->load('auth');
|
||||
|
||||
$save = empty($args) || ! empty($args['_save']);
|
||||
|
||||
if (! isset($args['_username'])) {
|
||||
$args['_username'] = '';
|
||||
}
|
||||
if (! isset($args['_redirect'])) {
|
||||
$args['_redirect'] = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
|
||||
$args['_redirect'] = $this->c->Router->validate($args['_redirect'], 'Index');
|
||||
$v = null;
|
||||
if ('POST' === $method) {
|
||||
$v = $this->c->Validator->addValidators([
|
||||
'login_process' => [$this, 'vLoginProcess'],
|
||||
])->setRules([
|
||||
'token' => 'token:Login',
|
||||
'redirect' => 'required|referer:Index',
|
||||
'username' => 'required|string',
|
||||
'password' => 'required|string|login_process',
|
||||
'save' => 'checkbox',
|
||||
])->setAliases([
|
||||
'username' => 'Username',
|
||||
'password' => 'Passphrase',
|
||||
]);
|
||||
|
||||
if ($v->validation($_POST)) {
|
||||
return $this->c->Redirect->url($v->redirect)->message('Login redirect');
|
||||
}
|
||||
|
||||
$this->fIswev = $v->getErrors();
|
||||
}
|
||||
|
||||
$this->fIndex = 'login';
|
||||
|
|
@ -66,46 +79,15 @@ class Auth extends Page
|
|||
$this->formToken = $this->c->Csrf->create('Login');
|
||||
$this->forgetLink = $this->c->Router->link('Forget');
|
||||
$this->regLink = $this->c->config->o_regs_allow == '1' ? $this->c->Router->link('Register') : null;
|
||||
$this->username = $args['_username'];
|
||||
$this->redirect = $args['_redirect'];
|
||||
$this->save = $save;
|
||||
$this->username = $v ? $v->username : (isset($args['_username']) ? $args['_username'] : '');
|
||||
$this->redirect = $v ? $v->redirect : $this->c->Router->validate($_SERVER['HTTP_REFERER'], 'Index'); //????
|
||||
$this->save = $v ? $v->save : 1;
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Вход на форум
|
||||
*
|
||||
* @return Page
|
||||
*/
|
||||
public function loginPost()
|
||||
{
|
||||
$this->c->Lang->load('auth');
|
||||
|
||||
$v = $this->c->Validator->addValidators([
|
||||
'login_process' => [$this, 'vLoginProcess'],
|
||||
])->setRules([
|
||||
'token' => 'token:Login',
|
||||
'redirect' => 'referer:Index',
|
||||
'username' => ['required|string', \ForkBB\__('Username')],
|
||||
'password' => ['required|string|login_process', \ForkBB\__('Passphrase')],
|
||||
'save' => 'checkbox',
|
||||
]);
|
||||
|
||||
if ($v->validation($_POST)) {
|
||||
return $this->c->Redirect->url($v->redirect)->message('Login redirect');
|
||||
} else {
|
||||
$this->fIswev = $v->getErrors();
|
||||
return $this->login([
|
||||
'_username' => $v->username,
|
||||
'_redirect' => $v->redirect,
|
||||
'_save' => $v->save,
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Проверка по базе и вход на форум
|
||||
* Проверка по базе и вход
|
||||
*
|
||||
* @param Validator $v
|
||||
* @param string $password
|
||||
|
|
@ -143,6 +125,10 @@ class Auth extends Page
|
|||
) {
|
||||
$user->registration_ip = $this->c->user->ip;
|
||||
}
|
||||
// сбросить запрос на смену кодовой фразы
|
||||
if (! empty($user->activate_string) && 'p' === $user->activate_string{0}) {
|
||||
$user->activate_string = null;
|
||||
}
|
||||
// изменения юзера в базе
|
||||
$this->c->users->update($user);
|
||||
|
||||
|
|
@ -154,18 +140,63 @@ class Auth extends Page
|
|||
}
|
||||
|
||||
/**
|
||||
* Подготовка данных для страницы восстановления пароля
|
||||
* Запрос на смену кодовой фразы
|
||||
*
|
||||
* @param array $args
|
||||
* @param string $method
|
||||
*
|
||||
* @return Page
|
||||
*/
|
||||
public function forget(array $args)
|
||||
public function forget(array $args, $method)
|
||||
{
|
||||
$this->c->Lang->load('auth');
|
||||
|
||||
if (! isset($args['_email'])) {
|
||||
$args['_email'] = '';
|
||||
$v = null;
|
||||
if ('POST' === $method) {
|
||||
$v = $this->c->Validator->addValidators([
|
||||
'check_email' => [$this, 'vCheckEmail'],
|
||||
])->setRules([
|
||||
'token' => 'token:Forget',
|
||||
'email' => 'required|string:trim,lower|email|check_email',
|
||||
])->setAliases([
|
||||
])->setMessages([
|
||||
'email.email' => 'Invalid email',
|
||||
]);
|
||||
|
||||
if ($v->validation($_POST)) {
|
||||
$key = 'p' . $this->c->Secury->randomPass(79);
|
||||
$hash = $this->c->Secury->hash($v->email . $key);
|
||||
$link = $this->c->Router->link('ChangePassword', ['email' => $v->email, 'key' => $key, 'hash' => $hash]);
|
||||
$tplData = [
|
||||
'fRootLink' => $this->c->Router->link('Index'),
|
||||
'fMailer' => \ForkBB\__('Mailer', $this->c->config->o_board_title),
|
||||
'username' => $this->tmpUser->username,
|
||||
'link' => $link,
|
||||
];
|
||||
|
||||
try {
|
||||
$isSent = $this->c->Mail
|
||||
->reset()
|
||||
->setFolder($this->c->DIR_LANG)
|
||||
->setLanguage($this->tmpUser->language)
|
||||
->setTo($v->email, $this->tmpUser->username)
|
||||
->setFrom($this->c->config->o_webmaster_email, \ForkBB\__('Mailer', $this->c->config->o_board_title))
|
||||
->setTpl('passphrase_reset.tpl', $tplData)
|
||||
->send();
|
||||
} catch (MailException $e) {
|
||||
$isSent = false;
|
||||
}
|
||||
|
||||
if ($isSent) {
|
||||
$this->tmpUser->activate_string = $key;
|
||||
$this->tmpUser->last_email_sent = time();
|
||||
$this->c->users->update($this->tmpUser);
|
||||
return $this->c->Message->message(\ForkBB\__('Forget mail', $this->c->config->o_admin_email), false, 200);
|
||||
} else {
|
||||
return $this->c->Message->message(\ForkBB\__('Error mail', $this->c->config->o_admin_email), true, 200);
|
||||
}
|
||||
}
|
||||
$this->fIswev = $v->getErrors();
|
||||
}
|
||||
|
||||
$this->fIndex = 'login';
|
||||
|
|
@ -175,69 +206,11 @@ class Auth extends Page
|
|||
$this->titles = \ForkBB\__('Passphrase reset');
|
||||
$this->formAction = $this->c->Router->link('Forget');
|
||||
$this->formToken = $this->c->Csrf->create('Forget');
|
||||
$this->email = $args['_email'];
|
||||
$this->email = $v ? $v->email : (isset($args['_email']) ? $args['_email'] : '');
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Отправка письма для восстановления пароля
|
||||
*
|
||||
* @return Page
|
||||
*/
|
||||
public function forgetPost()
|
||||
{
|
||||
$this->c->Lang->load('auth');
|
||||
|
||||
$v = $this->c->Validator->addValidators([
|
||||
'check_email' => [$this, 'vCheckEmail'],
|
||||
])->setRules([
|
||||
'token' => 'token:Forget',
|
||||
'email' => 'required|string:trim,lower|email|check_email',
|
||||
])->setMessages([
|
||||
'email.email' => 'Invalid email',
|
||||
]);
|
||||
|
||||
if (! $v->validation($_POST)) {
|
||||
$this->fIswev = $v->getErrors();
|
||||
return $this->forget([
|
||||
'_email' => $v->email,
|
||||
]);
|
||||
}
|
||||
|
||||
$key = 'p' . $this->c->Secury->randomPass(79);
|
||||
$hash = $this->c->Secury->hash($v->email . $key);
|
||||
$link = $this->c->Router->link('ChangePassword', ['email' => $v->email, 'key' => $key, 'hash' => $hash]);
|
||||
$tplData = [
|
||||
'fRootLink' => $this->c->Router->link('Index'),
|
||||
'fMailer' => \ForkBB\__('Mailer', $this->c->config->o_board_title),
|
||||
'username' => $this->tmpUser->username,
|
||||
'link' => $link,
|
||||
];
|
||||
|
||||
try {
|
||||
$isSent = $this->c->Mail
|
||||
->reset()
|
||||
->setFolder($this->c->DIR_LANG)
|
||||
->setLanguage($this->tmpUser->language)
|
||||
->setTo($v->email, $this->tmpUser->username)
|
||||
->setFrom($this->c->config->o_webmaster_email, \ForkBB\__('Mailer', $this->c->config->o_board_title))
|
||||
->setTpl('passphrase_reset.tpl', $tplData)
|
||||
->send();
|
||||
} catch (MailException $e) {
|
||||
$isSent = false;
|
||||
}
|
||||
|
||||
if ($isSent) {
|
||||
$this->tmpUser->activate_string = $key;
|
||||
$this->tmpUser->last_email_sent = time();
|
||||
$this->c->users->update($this->tmpUser);
|
||||
return $this->c->Message->message(\ForkBB\__('Forget mail', $this->c->config->o_admin_email), false, 200);
|
||||
} else {
|
||||
return $this->c->Message->message(\ForkBB\__('Error mail', $this->c->config->o_admin_email), true, 200);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Дополнительная проверка email
|
||||
*
|
||||
|
|
@ -249,17 +222,14 @@ class Auth extends Page
|
|||
public function vCheckEmail(Validator $v, $email)
|
||||
{
|
||||
if (! empty($v->getErrors())) {
|
||||
return $email;
|
||||
}
|
||||
|
||||
// email забанен
|
||||
if ($this->c->bans->isBanned($this->c->users->create(['email' => $email])) > 0) {
|
||||
} elseif ($this->c->bans->isBanned($this->c->users->create(['email' => $email])) > 0) {
|
||||
$v->addError('Banned email');
|
||||
// нет пользователя с таким email
|
||||
} elseif (! ($user = $this->c->users->load($email, 'email')) instanceof User) {
|
||||
$v->addError('Invalid email');
|
||||
// за последний час уже был запрос на этот email
|
||||
} elseif (! empty($user->last_email_sent) && time() - $user->last_email_sent < 3600) {
|
||||
} elseif ($user->last_email_sent > 0 && time() - $user->last_email_sent < 3600) {
|
||||
$v->addError(\ForkBB\__('Email flood', (int) (($user->last_email_sent + 3600 - time()) / 60)), 'e');
|
||||
} else {
|
||||
$this->tmpUser = $user;
|
||||
|
|
@ -268,33 +238,57 @@ class Auth extends Page
|
|||
}
|
||||
|
||||
/**
|
||||
* Подготовка данных для формы изменения пароля
|
||||
* Смена кодовой фразы
|
||||
*
|
||||
* @param array $args
|
||||
* @param string $method
|
||||
*
|
||||
* @return Page
|
||||
*/
|
||||
public function changePass(array $args)
|
||||
public function changePass(array $args, $method)
|
||||
{
|
||||
if (isset($args['_user'])) {
|
||||
$user = $args['_user'];
|
||||
unset($args['_user']);
|
||||
} else {
|
||||
// что-то пошло не так
|
||||
if (! hash_equals($args['hash'], $this->c->Secury->hash($args['email'] . $args['key']))
|
||||
|| ! ($user = $this->c->users->load($args['email'], 'email')) instanceof User
|
||||
|| empty($user->activate_string)
|
||||
|| $user->activate_string{0} !== 'p'
|
||||
|| ! hash_equals($user->activate_string, $args['key'])
|
||||
) {
|
||||
return $this->c->Message->message('Bad request', false);
|
||||
}
|
||||
// что-то пошло не так
|
||||
if (! hash_equals($args['hash'], $this->c->Secury->hash($args['email'] . $args['key']))
|
||||
|| ! ($user = $this->c->users->load($args['email'], 'email')) instanceof User
|
||||
|| empty($user->activate_string)
|
||||
|| 'p' !== $user->activate_string{0}
|
||||
|| ! hash_equals($user->activate_string, $args['key'])
|
||||
) {
|
||||
return $this->c->Message->message('Bad request', false);
|
||||
}
|
||||
|
||||
$this->c->Lang->load('auth');
|
||||
|
||||
if ('POST' === $method) {
|
||||
$v = $this->c->Validator->setRules([
|
||||
'token' => 'token:ChangePassword',
|
||||
'password' => 'required|string|min:16|password',
|
||||
'password2' => 'required|same:password',
|
||||
])->setAliases([
|
||||
'password' => 'New pass',
|
||||
'password2' => 'Confirm new pass',
|
||||
])->setArguments([
|
||||
'token' => $args,
|
||||
])->setMessages([
|
||||
'password.password' => 'Pass format',
|
||||
'password2.same' => 'Pass not match',
|
||||
]);
|
||||
|
||||
if ($v->validation($_POST)) {
|
||||
$user->password = password_hash($v->password, PASSWORD_DEFAULT);
|
||||
$user->email_confirmed = 1;
|
||||
$user->activate_string = null;
|
||||
$this->c->users->update($user);
|
||||
|
||||
$this->a['fIswev']['s'][] = \ForkBB\__('Pass updated');
|
||||
return $this->login([], 'GET');
|
||||
}
|
||||
|
||||
$this->fIswev = $v->getErrors();
|
||||
}
|
||||
// активация аккаунта (письмо активации не дошло, заказали восстановление)
|
||||
if ($user->isUnverified) {
|
||||
$user->group_id = $this->c->config->o_default_user_group;
|
||||
$user->group_id = $this->c->config->o_default_user_group;
|
||||
$user->email_confirmed = 1;
|
||||
$this->c->users->update($user);
|
||||
$this->c->Cache->delete('stats');
|
||||
|
|
@ -311,53 +305,4 @@ class Auth extends Page
|
|||
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Смена пароля
|
||||
*
|
||||
* @param array $args
|
||||
*
|
||||
* @return Page
|
||||
*/
|
||||
public function changePassPost(array $args)
|
||||
{
|
||||
// что-то пошло не так
|
||||
if (! hash_equals($args['hash'], $this->c->Secury->hash($args['email'] . $args['key']))
|
||||
|| ! ($user = $this->c->users->load($args['email'], 'email')) instanceof User
|
||||
|| empty($user->activate_string)
|
||||
|| $user->activate_string{0} !== 'p'
|
||||
|| ! hash_equals($user->activate_string, $args['key'])
|
||||
) {
|
||||
return $this->c->Message->message('Bad request', false);
|
||||
}
|
||||
|
||||
$this->c->Lang->load('auth');
|
||||
|
||||
$v = $this->c->Validator;
|
||||
$v->setRules([
|
||||
'token' => 'token:ChangePassword',
|
||||
'password' => ['required|string|min:16|password', \ForkBB\__('New pass')],
|
||||
'password2' => ['required|same:password', \ForkBB\__('Confirm new pass')],
|
||||
])->setArguments([
|
||||
'token' => $args,
|
||||
])->setMessages([
|
||||
'password.password' => 'Pass format',
|
||||
'password2.same' => 'Pass not match',
|
||||
]);
|
||||
|
||||
if (! $v->validation($_POST)) {
|
||||
$this->fIswev = $v->getErrors();
|
||||
$args['_user'] = $user;
|
||||
return $this->changePass($args);
|
||||
}
|
||||
$data = $v->getData();
|
||||
|
||||
$user->password = password_hash($data['password'], PASSWORD_DEFAULT);
|
||||
$user->email_confirmed = 1;
|
||||
$user->activate_string = null;
|
||||
$this->c->users->update($user);
|
||||
|
||||
$this->a['fIswev']['s'][] = \ForkBB\__('Pass updated');
|
||||
return $this->login(['_redirect' => $this->c->Router->link('Index')]);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -35,6 +35,7 @@ class Delete extends Page
|
|||
'confirm' => 'integer',
|
||||
'delete' => 'string',
|
||||
'cancel' => 'string',
|
||||
])->setAliases([
|
||||
])->setArguments([
|
||||
'token' => $args,
|
||||
]);
|
||||
|
|
|
|||
|
|
@ -217,6 +217,7 @@ trait PostValidatorTrait
|
|||
'preview' => 'string',
|
||||
'submit' => 'string|check_timeout',
|
||||
'message' => 'required|string:trim|max:' . $this->c->MAX_POST_SIZE . '|check_message',
|
||||
])->setAliases([
|
||||
])->setArguments([
|
||||
'token' => $args,
|
||||
'subject.check_subject' => $executive,
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ use ForkBB\Models\User\Model as User;
|
|||
class Register extends Page
|
||||
{
|
||||
/**
|
||||
* Обработчик регистрации
|
||||
* Регистрация
|
||||
*
|
||||
* @return Page
|
||||
*/
|
||||
|
|
@ -25,9 +25,13 @@ class Register extends Page
|
|||
'token' => 'token:RegisterForm',
|
||||
'agree' => 'required|token:Register',
|
||||
'on' => 'integer',
|
||||
'email' => ['required_with:on|string:trim,lower|email|check_email', \ForkBB\__('Email')],
|
||||
'username' => ['required_with:on|string:trim,spaces|min:2|max:25|login|check_username', \ForkBB\__('Username')],
|
||||
'password' => ['required_with:on|string|min:16|password', \ForkBB\__('Passphrase')],
|
||||
'email' => 'required_with:on|string:trim,lower|email|check_email',
|
||||
'username' => 'required_with:on|string:trim,spaces|min:2|max:25|login|check_username',
|
||||
'password' => 'required_with:on|string|min:16|password',
|
||||
])->setAliases([
|
||||
'email' => 'Email',
|
||||
'username' => 'Username',
|
||||
'password' => 'Passphrase',
|
||||
])->setMessages([
|
||||
'agree.required' => ['cancel', 'cancel'],
|
||||
'agree.token' => [\ForkBB\__('Bad agree', $this->c->Router->link('Register')), 'w'],
|
||||
|
|
@ -36,7 +40,7 @@ class Register extends Page
|
|||
]);
|
||||
|
||||
// завершение регистрации
|
||||
if ($v->validation($_POST) && $v->on === 1) {
|
||||
if ($v->validation($_POST) && 1 === $v->on) {
|
||||
return $this->regEnd($v);
|
||||
}
|
||||
|
||||
|
|
@ -72,11 +76,8 @@ class Register extends Page
|
|||
*/
|
||||
public function vCheckEmail(Validator $v, $email)
|
||||
{
|
||||
$user = $this->c->users->create();
|
||||
$user->__email = $email;
|
||||
|
||||
// email забанен
|
||||
if ($this->c->bans->isBanned($user) > 0) {
|
||||
if ($this->c->bans->isBanned($this->c->users->create(['email' => $email])) > 0) {
|
||||
$v->addError('Banned email');
|
||||
// найден хотя бы 1 юзер с таким же email
|
||||
} elseif (empty($v->getErrors()) && 0 !== $this->c->users->load($email, 'email')) {
|
||||
|
|
@ -95,11 +96,10 @@ class Register extends Page
|
|||
*/
|
||||
public function vCheckUsername(Validator $v, $username)
|
||||
{
|
||||
$user = $this->c->users->create();
|
||||
$user->__username = $username;
|
||||
$user = $this->c->users->create(['username' => $username]);
|
||||
|
||||
// username = Гость
|
||||
if (preg_match('%^(guest|' . preg_quote(\ForkBB\__('Guest'), '%') . ')$%iu', $username)) {
|
||||
if (preg_match('%^(guest|' . preg_quote(\ForkBB\__('Guest'), '%') . ')$%iu', $username)) { //????
|
||||
$v->addError('Username guest');
|
||||
// цензура
|
||||
} elseif ($this->c->censorship->censor($username) !== $username) {
|
||||
|
|
@ -117,13 +117,13 @@ class Register extends Page
|
|||
/**
|
||||
* Завершение регистрации
|
||||
*
|
||||
* @param array @data
|
||||
* @param Validator $v
|
||||
*
|
||||
* @return Page
|
||||
*/
|
||||
protected function regEnd(Validator $v)
|
||||
{
|
||||
if ($this->c->config->o_regs_verify == '1') {
|
||||
if ('1' == $this->c->config->o_regs_verify) {
|
||||
$groupId = 0;
|
||||
$key = 'w' . $this->c->Secury->randomPass(79);
|
||||
} else {
|
||||
|
|
@ -143,20 +143,20 @@ class Register extends Page
|
|||
$user->email_setting = $this->c->config->o_default_email_setting;
|
||||
$user->timezone = $this->c->config->o_default_timezone;
|
||||
$user->dst = $this->c->config->o_default_dst;
|
||||
$user->language = $user->language;
|
||||
$user->style = $user->style;
|
||||
$user->language = $user->language; //????
|
||||
$user->style = $user->style; //????
|
||||
$user->registered = time();
|
||||
$user->registration_ip = $this->c->user->ip;
|
||||
|
||||
$newUserId = $this->c->users->insert($user);
|
||||
|
||||
// обновление статистики по пользователям
|
||||
if ($this->c->config->o_regs_verify != '1') {
|
||||
if ('1' != $this->c->config->o_regs_verify) {
|
||||
$this->c->Cache->delete('stats');
|
||||
}
|
||||
|
||||
// уведомление о регистрации
|
||||
if ($this->c->config->o_regs_report == '1' && $this->c->config->o_mailing_list != '') {
|
||||
if ('1' == $this->c->config->o_regs_report && '' != $this->c->config->o_mailing_list) {
|
||||
$tplData = [
|
||||
'fTitle' => $this->c->config->o_board_title,
|
||||
'fRootLink' => $this->c->Router->link('Index'),
|
||||
|
|
@ -182,7 +182,7 @@ class Register extends Page
|
|||
$this->c->Lang->load('register');
|
||||
|
||||
// отправка письма активации аккаунта
|
||||
if ($this->c->config->o_regs_verify == '1') {
|
||||
if ('1' == $this->c->config->o_regs_verify) {
|
||||
$hash = $this->c->Secury->hash($newUserId . $key);
|
||||
$link = $this->c->Router->link('RegActivate', ['id' => $newUserId, 'key' => $key, 'hash' => $hash]);
|
||||
$tplData = [
|
||||
|
|
@ -213,13 +213,13 @@ class Register extends Page
|
|||
} else {
|
||||
$auth = $this->c->Auth;
|
||||
$auth->fIswev = ['w' => [\ForkBB\__('Error welcom mail', $this->c->config->o_admin_email)]];
|
||||
return $auth->forget(['_email' => $v->email]);
|
||||
return $auth->forget(['_email' => $v->email], 'GET');
|
||||
}
|
||||
// форма логина
|
||||
} else {
|
||||
$auth = $this->c->Auth;
|
||||
$auth->fIswev = ['s' => [\ForkBB\__('Reg complete')]];
|
||||
return $auth->login(['_username' => $v->username]);
|
||||
return $auth->login(['_username' => $v->username], 'GET');
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -235,23 +235,23 @@ class Register extends Page
|
|||
if (! hash_equals($args['hash'], $this->c->Secury->hash($args['id'] . $args['key']))
|
||||
|| ! ($user = $this->c->users->load($args['id'])) instanceof User
|
||||
|| empty($user->activate_string)
|
||||
|| $user->activate_string{0} !== 'w'
|
||||
|| 'w' !== $user->activate_string{0}
|
||||
|| ! hash_equals($user->activate_string, $args['key'])
|
||||
) {
|
||||
return $this->c->Message->message('Bad request', false);
|
||||
}
|
||||
|
||||
$user->group_id = $this->c->config->o_default_user_group;
|
||||
$user->group_id = $this->c->config->o_default_user_group;
|
||||
$user->email_confirmed = 1;
|
||||
$user->activate_string = null;
|
||||
$this->c->users->update($user);
|
||||
|
||||
$this->c->Cache->delete('stats'); //????
|
||||
$this->c->Cache->delete('stats');
|
||||
|
||||
$this->c->Lang->load('register');
|
||||
|
||||
$auth = $this->c->Auth;
|
||||
$auth->fIswev = ['s' => [\ForkBB\__('Reg complete')]];
|
||||
return $auth->login(['_username' => $v->username]);
|
||||
return $auth->login(['_username' => $user->username], 'GET');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ class Save extends Action
|
|||
}
|
||||
$values = $user->getAttrs();
|
||||
|
||||
if ($user->isGuest) {
|
||||
if ($user->isGuest && ! $user->isUnverified) {
|
||||
$fileds = $this->c->dbMap->online;
|
||||
$table = 'online';
|
||||
$where = 'user_id=1 AND ident=?s';
|
||||
|
|
@ -48,7 +48,7 @@ class Save extends Action
|
|||
if (empty($set)) {
|
||||
return $user;
|
||||
}
|
||||
if ($user->isGuest) {
|
||||
if ($user->isGuest && ! $user->isUnverified) {
|
||||
$vars[] = $user->ip;
|
||||
} else {
|
||||
$vars[] = $user->id;
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue