2018-04-10

app/Models/Pages/Auth.php

@@ -9,12 +9,6 @@ use ForkBB\Models\User\Model as User;
 
 class Auth extends Page
 {
-    /**
-     * Для передачи User из vCheckEmail() в forgetPost()
-     * @var User
-     */
-    protected $tmpUser; //????
-
     /**
      * Выход пользователя
      *
@@ -158,15 +152,19 @@ class Auth extends Page
         $v = null;
 
         if ('POST' === $method) {
+            $tmpUser = $this->c->users->create();
+
             $v = $this->c->Validator->reset()
                 ->addValidators([
-                    'check_email' => [$this, 'vCheckEmail'],
+                    'check_email' => [$this->c->Validators, 'vCheckEmail'],
                 ])->addRules([
                     'token' => 'token:Forget',
-                    'email' => 'required|string:trim,lower|email|check_email',
+                    'email' => 'required|string:trim,lower|email|check_email:exists,flood',
                 ])->addAliases([
                 ])->addMessages([
                     'email.email' => 'Invalid email',
+                ])->addArguments([
+                    'email.check_email' => $tmpUser, // сюда идет возрат данных по найденному пользователю
                 ]);
 
             if ($v->validation($_POST)) {
@@ -176,7 +174,7 @@ class Auth extends Page
                 $tplData = [
                     'fRootLink' => $this->c->Router->link('Index'),
                     'fMailer'   => \ForkBB\__('Mailer', $this->c->config->o_board_title),
-                    'username'  => $this->tmpUser->username,
+                    'username'  => $tmpUser->username,
                     'link'      => $link,
                 ];
 
@@ -184,8 +182,8 @@ class Auth extends Page
                     $isSent = $this->c->Mail
                         ->reset()
                         ->setFolder($this->c->DIR_LANG)
-                        ->setLanguage($this->tmpUser->language)
-                        ->setTo($v->email, $this->tmpUser->username)
+                        ->setLanguage($tmpUser->language)
+                        ->setTo($v->email, $tmpUser->username)
                         ->setFrom($this->c->config->o_webmaster_email, \ForkBB\__('Mailer', $this->c->config->o_board_title))
                         ->setTpl('passphrase_reset.tpl', $tplData)
                         ->send();
@@ -194,9 +192,9 @@ class Auth extends Page
                 }
 
                 if ($isSent) {
-                    $this->tmpUser->activate_string = $key;
-                    $this->tmpUser->last_email_sent = \time();
-                    $this->c->users->update($this->tmpUser);
+                    $tmpUser->activate_string = $key;
+                    $tmpUser->last_email_sent = \time();
+                    $this->c->users->update($tmpUser);
                     return $this->c->Message->message(\ForkBB\__('Forget mail', $this->c->config->o_admin_email), false, 200);
                 } else {
                     return $this->c->Message->message(\ForkBB\__('Error mail', $this->c->config->o_admin_email), true, 200);
@@ -218,32 +216,6 @@ class Auth extends Page
         return $this;
     }
 
-    /**
-     * Дополнительная проверка email
-     *
-     * @param Validator $v
-     * @param string $email
-     *
-     * @return string
-     */
-    public function vCheckEmail(Validator $v, $email)
-    {
-        if (! empty($v->getErrors())) {
-        // email забанен
-        } elseif ($this->c->bans->isBanned($this->c->users->create(['email' => $email])) > 0) {
-            $v->addError('Banned email');
-        // нет пользователя с таким email
-        } elseif (! ($user = $this->c->users->load($email, 'email')) instanceof User) {
-            $v->addError('Invalid email');
-        // за последний час уже был запрос на этот email
-        } elseif ($user->last_email_sent > 0 && \time() - $user->last_email_sent < 3600) {
-            $v->addError(\ForkBB\__('Email flood', (int) (($user->last_email_sent + 3600 - \time()) / 60)), 'e');
-        } else {
-            $this->tmpUser = $user;
-        }
-        return $email;
-    }
-
     /**
      * Смена кодовой фразы
      *

app/Models/Pages/Profile.php

@@ -214,7 +214,7 @@ class Profile extends Page
                 ])->addRules([
                     'token'     => 'token:ChangeUserEmail',
                     'password'  => 'required|string:trim|check_password',
-                    'new_email' => 'required|string:trim,lower|email|check_email',
+                    'new_email' => 'required|string:trim,lower|email|check_email:unique,flood',
                 ])->addAliases([
                     'new_email' => 'New email',
                     'password'  => 'Your password',
@@ -293,6 +293,7 @@ class Profile extends Page
                             'required'  => true,
                             'pattern'   => '.+@.+',
                             'value'     => isset($v->new_email) ? $v->new_email : $this->curUser->email,
+                            'info'      => ! $this->user->isAdmin && '1' == $this->c->config->o_regs_verify ? \ForkBB\__('Email instructions') : null,
                         ],
                         'password' => [
                             'id'        => 'password',

app/Models/Pages/Register.php

@@ -26,7 +26,7 @@ class Register extends Page
                 'token'    => 'token:RegisterForm',
                 'agree'    => 'required|token:Register',
                 'on'       => 'integer',
-                'email'    => 'required_with:on|string:trim,lower|email|check_email',
+                'email'    => 'required_with:on|string:trim,lower|email|check_email:unique',
                 'username' => 'required_with:on|string:trim,spaces|min:2|max:25|login|check_username',
                 'password' => 'required_with:on|string|min:16|password',
             ])->addAliases([

app/Models/Validators.php

@@ -73,32 +73,67 @@ class Validators
      *
      * @param Validator $v
      * @param string $email
-     * @param string $z
+     * @param string $attrs
      * @param mixed $originalUser
      *
      * @return string
      */
-    public function vCheckEmail(Validator $v, $email, $z, $originalUser)
+    public function vCheckEmail(Validator $v, $email, $attrs, $originalUser)
     {
         // email забанен
         if ($this->c->bans->isBanned($this->c->users->create(['email' => $email])) > 0) {
             $v->addError('Banned email');
-        // проверка email на уникальность
+        // остальные проверки
         } elseif (empty($v->getErrors())) {
-            $id = null;
+            $attrs = \array_flip(\explode(',', $attrs));
+            $ok    = true;
+            $user  = true;
+
+            // наличие
+            if (isset($attrs['exists'])) {
+                $user = $this->c->users->load($email, 'email');
 
-            if ($originalUser instanceof User && ! $originalUser->isGuest) {
-                $id = $originalUser->id;
-            } elseif (! $originalUser instanceof User) {
-                $id = true;
+                if (! $user instanceof User) {
+                    $v->addError('Invalid email');
+                    $ok = false;
+                }
             }
 
-            if ($id) {
-                $user = $this->c->users->load($email, 'email');
+            // уникальность
+            if ($ok && isset($attrs['unique']) && (! $originalUser instanceof User || ! $originalUser->isGuest)) {
+                if (true === $user) {
+                    $user = $this->c->users->load($email, 'email');
+                }
+
+                $id = $originalUser instanceof User ? $originalUser->id : true;
+
                 if (($user instanceof User && $id !== $user->id) || (! $user instanceof User && 0 !== $user)) {
                     $v->addError('Dupe email');
+                    $ok = false;
                 }
             }
+
+            // флуд
+            if ($ok && isset($attrs['flood'])) {
+                $min = 3600;
+
+                if ($originalUser instanceof User && ! $originalUser->isGuest) {
+                    $flood = \time() - $originalUser->last_email_sent;
+                } elseif ($user instanceof User) {
+                    $flood = \time() - $user->last_email_sent;
+                } else {
+                    $flood = $min;
+                }
+                if ($flood < $min) {
+                    $v->addError(\ForkBB\__('Email flood', (int) (($min - $flood) / 60)), 'e');
+                    $ok = false;
+                }
+            }
+
+            // возврат данных пользователя через 4-ый параметр
+            if ($ok && $originalUser instanceof User && $originalUser->id < 1 && $user instanceof User) {
+                $originalUser->setAttrs($user->getAttrs());
+            }
         }
         return $email;
     }