0ct0pu5/forkbb
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

2018-04-10

Browse source
This commit is contained in:
Visman 2018-04-10 13:27:25 +07:00
parent e37a827baf
commit 271c91b87a
4 changed files with 60 additions and 52 deletions

52
app/Models/Pages/Auth.php
View file

@ -9,12 +9,6 @@ use ForkBB\Models\User\Model as User;
class Auth extends Page
{
/**
* Для передачи User из vCheckEmail() в forgetPost()
* @var User
*/
protected $tmpUser; //????
/**
* Выход пользователя
*
@ -158,15 +152,19 @@ class Auth extends Page
$v = null;
if ('POST' === $method) {
$tmpUser = $this->c->users->create();
$v = $this->c->Validator->reset()
->addValidators([
'check_email' => [$this, 'vCheckEmail'],
'check_email' => [$this->c->Validators, 'vCheckEmail'],
])->addRules([
'token' => 'token:Forget',
'email' => 'required|string:trim,lower|email|check_email',
'email' => 'required|string:trim,lower|email|check_email:exists,flood',
])->addAliases([
])->addMessages([
'email.email' => 'Invalid email',
])->addArguments([
'email.check_email' => $tmpUser, // сюда идет возрат данных по найденному пользователю
]);
if ($v->validation($_POST)) {
@ -176,7 +174,7 @@ class Auth extends Page
$tplData = [
'fRootLink' => $this->c->Router->link('Index'),
'fMailer' => \ForkBB\__('Mailer', $this->c->config->o_board_title),
'username' => $this->tmpUser->username,
'username' => $tmpUser->username,
'link' => $link,
];
@ -184,8 +182,8 @@ class Auth extends Page
$isSent = $this->c->Mail
->reset()
->setFolder($this->c->DIR_LANG)
->setLanguage($this->tmpUser->language)
->setTo($v->email, $this->tmpUser->username)
->setLanguage($tmpUser->language)
->setTo($v->email, $tmpUser->username)
->setFrom($this->c->config->o_webmaster_email, \ForkBB\__('Mailer', $this->c->config->o_board_title))
->setTpl('passphrase_reset.tpl', $tplData)
->send();
@ -194,9 +192,9 @@ class Auth extends Page
}
if ($isSent) {
$this->tmpUser->activate_string = $key;
$this->tmpUser->last_email_sent = \time();
$this->c->users->update($this->tmpUser);
$tmpUser->activate_string = $key;
$tmpUser->last_email_sent = \time();
$this->c->users->update($tmpUser);
return $this->c->Message->message(\ForkBB\__('Forget mail', $this->c->config->o_admin_email), false, 200);
} else {
return $this->c->Message->message(\ForkBB\__('Error mail', $this->c->config->o_admin_email), true, 200);
@ -218,32 +216,6 @@ class Auth extends Page
return $this;
}
/**
* Дополнительная проверка email
*
* @param Validator $v
* @param string $email
*
* @return string
*/
public function vCheckEmail(Validator $v, $email)
{
if (! empty($v->getErrors())) {
// email забанен
} elseif ($this->c->bans->isBanned($this->c->users->create(['email' => $email])) > 0) {
$v->addError('Banned email');
// нет пользователя с таким email
} elseif (! ($user = $this->c->users->load($email, 'email')) instanceof User) {
$v->addError('Invalid email');
// за последний час уже был запрос на этот email
} elseif ($user->last_email_sent > 0 && \time() - $user->last_email_sent < 3600) {
$v->addError(\ForkBB\__('Email flood', (int) (($user->last_email_sent + 3600 - \time()) / 60)), 'e');
} else {
$this->tmpUser = $user;
}
return $email;
}
/**
* Смена кодовой фразы
*

3
app/Models/Pages/Profile.php
View file

@ -214,7 +214,7 @@ class Profile extends Page
])->addRules([
'token' => 'token:ChangeUserEmail',
'password' => 'required|string:trim|check_password',
'new_email' => 'required|string:trim,lower|email|check_email',
'new_email' => 'required|string:trim,lower|email|check_email:unique,flood',
])->addAliases([
'new_email' => 'New email',
'password' => 'Your password',
@ -293,6 +293,7 @@ class Profile extends Page
'required' => true,
'pattern' => '.+@.+',
'value' => isset($v->new_email) ? $v->new_email : $this->curUser->email,
'info' => ! $this->user->isAdmin && '1' == $this->c->config->o_regs_verify ? \ForkBB\__('Email instructions') : null,
],
'password' => [
'id' => 'password',

2
app/Models/Pages/Register.php
View file

@ -26,7 +26,7 @@ class Register extends Page
'token' => 'token:RegisterForm',
'agree' => 'required|token:Register',
'on' => 'integer',
'email' => 'required_with:on|string:trim,lower|email|check_email',
'email' => 'required_with:on|string:trim,lower|email|check_email:unique',
'username' => 'required_with:on|string:trim,spaces|min:2|max:25|login|check_username',
'password' => 'required_with:on|string|min:16|password',
])->addAliases([

55
app/Models/Validators.php
View file

@ -73,32 +73,67 @@ class Validators
*
* @param Validator $v
* @param string $email
* @param string $z
* @param string $attrs
* @param mixed $originalUser
*
* @return string
*/
public function vCheckEmail(Validator $v, $email, $z, $originalUser)
public function vCheckEmail(Validator $v, $email, $attrs, $originalUser)
{
// email забанен
if ($this->c->bans->isBanned($this->c->users->create(['email' => $email])) > 0) {
$v->addError('Banned email');
// проверка email на уникальность
// остальные проверки
} elseif (empty($v->getErrors())) {
$id = null;
$attrs = \array_flip(\explode(',', $attrs));
$ok = true;
$user = true;
if ($originalUser instanceof User && ! $originalUser->isGuest) {
$id = $originalUser->id;
} elseif (! $originalUser instanceof User) {
$id = true;
// наличие
if (isset($attrs['exists'])) {
$user = $this->c->users->load($email, 'email');
if (! $user instanceof User) {
$v->addError('Invalid email');
$ok = false;
}
}
if ($id) {
$user = $this->c->users->load($email, 'email');
// уникальность
if ($ok && isset($attrs['unique']) && (! $originalUser instanceof User || ! $originalUser->isGuest)) {
if (true === $user) {
$user = $this->c->users->load($email, 'email');
}
$id = $originalUser instanceof User ? $originalUser->id : true;
if (($user instanceof User && $id !== $user->id) || (! $user instanceof User && 0 !== $user)) {
$v->addError('Dupe email');
$ok = false;
}
}
// флуд
if ($ok && isset($attrs['flood'])) {
$min = 3600;
if ($originalUser instanceof User && ! $originalUser->isGuest) {
$flood = \time() - $originalUser->last_email_sent;
} elseif ($user instanceof User) {
$flood = \time() - $user->last_email_sent;
} else {
$flood = $min;
}
if ($flood < $min) {
$v->addError(\ForkBB\__('Email flood', (int) (($min - $flood) / 60)), 'e');
$ok = false;
}
}
// возврат данных пользователя через 4-ый параметр
if ($ok && $originalUser instanceof User && $originalUser->id < 1 && $user instanceof User) {
$originalUser->setAttrs($user->getAttrs());
}
}
return $email;
}