2018-04-05
This commit is contained in:
Visman
parent
2b7b77f191
commit
359014086f
6 changed files with 47 additions and 24 deletions
|
|
@ -129,8 +129,8 @@ class Auth extends Page
|
|||
$user->registration_ip = $this->user->ip;
|
||||
}
|
||||
// сбросить запрос на смену кодовой фразы
|
||||
if (! empty($user->activate_string) && 'p' === $user->activate_string{0}) {
|
||||
$user->activate_string = null;
|
||||
if (32 === \strlen($user->activate_string)) {
|
||||
$user->activate_string = '';
|
||||
}
|
||||
// изменения юзера в базе
|
||||
$this->c->users->update($user);
|
||||
|
|
@ -139,6 +139,7 @@ class Auth extends Page
|
|||
$this->c->Cookie->setUser($user, (bool) $v->save);
|
||||
}
|
||||
}
|
||||
|
||||
return $password;
|
||||
}
|
||||
|
||||
|
|
@ -155,6 +156,7 @@ class Auth extends Page
|
|||
$this->c->Lang->load('auth');
|
||||
|
||||
$v = null;
|
||||
|
||||
if ('POST' === $method) {
|
||||
$v = $this->c->Validator->reset()
|
||||
->addValidators([
|
||||
|
|
@ -168,7 +170,7 @@ class Auth extends Page
|
|||
]);
|
||||
|
||||
if ($v->validation($_POST)) {
|
||||
$key = 'p' . $this->c->Secury->randomPass(79);
|
||||
$key = $this->c->Secury->randomPass(32);
|
||||
$hash = $this->c->Secury->hash($v->email . $key);
|
||||
$link = $this->c->Router->link('ChangePassword', ['email' => $v->email, 'key' => $key, 'hash' => $hash]);
|
||||
$tplData = [
|
||||
|
|
@ -200,6 +202,7 @@ class Auth extends Page
|
|||
return $this->c->Message->message(\ForkBB\__('Error mail', $this->c->config->o_admin_email), true, 200);
|
||||
}
|
||||
}
|
||||
|
||||
$this->fIswev = $v->getErrors();
|
||||
}
|
||||
|
||||
|
|
@ -254,8 +257,6 @@ class Auth extends Page
|
|||
// что-то пошло не так
|
||||
if (! \hash_equals($args['hash'], $this->c->Secury->hash($args['email'] . $args['key']))
|
||||
|| ! ($user = $this->c->users->load($args['email'], 'email')) instanceof User
|
||||
|| empty($user->activate_string)
|
||||
|| 'p' !== $user->activate_string{0}
|
||||
|| ! \hash_equals($user->activate_string, $args['key'])
|
||||
) {
|
||||
return $this->c->Message->message('Bad request', false);
|
||||
|
|
@ -282,7 +283,8 @@ class Auth extends Page
|
|||
if ($v->validation($_POST)) {
|
||||
$user->password = \password_hash($v->password, PASSWORD_DEFAULT);
|
||||
$user->email_confirmed = 1;
|
||||
$user->activate_string = null;
|
||||
$user->activate_string = '';
|
||||
|
||||
$this->c->users->update($user);
|
||||
|
||||
$this->fIswev = ['s', \ForkBB\__('Pass updated')];
|
||||
|
|
|
|||
|
|
@ -907,8 +907,7 @@ class Install extends Page
|
|||
'registration_ip' => ['VARCHAR(45)', false, ''],
|
||||
'last_visit' => ['INT(10) UNSIGNED', false, 0],
|
||||
'admin_note' => ['VARCHAR(30)', false, ''],
|
||||
'activate_string' => ['VARCHAR(80)', true],
|
||||
'activate_key' => ['VARCHAR(8)', true], //????
|
||||
'activate_string' => ['VARCHAR(80)', false, ''],
|
||||
'messages_enable' => ['TINYINT(1)', false, 1],
|
||||
'messages_email' => ['TINYINT(1)', false, 0],
|
||||
'messages_flag' => ['TINYINT(1)', false, 0],
|
||||
|
|
|
|||
|
|
@ -153,7 +153,7 @@ class Profile extends Page
|
|||
|
||||
$this->c->DB->commit();
|
||||
|
||||
return $this->c->Redirect->page('EditUserProfile', ['id' => $this->curUser->id])->message('Profile redirect');
|
||||
return $this->c->Redirect->page('EditUserProfile', ['id' => $this->curUser->id])->message('Profile redirect');
|
||||
} else {
|
||||
$this->fIswev = $v->getErrors();
|
||||
|
||||
|
|
@ -165,7 +165,7 @@ class Profile extends Page
|
|||
|
||||
if ($isEdit) {
|
||||
$this->robots = 'noindex';
|
||||
$crumbs[] = [$this->c->Router->link('EditUserProfile', ['id' => $this->curUser->id]), \ForkBB\__('Editing profile')];
|
||||
$crumbs[] = [$this->c->Router->link('EditUserProfile', ['id' => $this->curUser->id]), \ForkBB\__('Editing profile')];
|
||||
} else {
|
||||
$this->canonical = $this->curUser->link;
|
||||
}
|
||||
|
|
@ -211,19 +211,32 @@ class Profile extends Page
|
|||
'check_password' => [$this, 'vCheckPassword'],
|
||||
'check_email' => [$this->c->Validators, 'vCheckEmail'],
|
||||
])->addRules([
|
||||
'token' => 'token:ChangeUserEmail',
|
||||
'password' => 'required|string:trim|check_password',
|
||||
'new_email' => 'required|string:trim,lower|email|check_email',
|
||||
'token' => 'token:ChangeUserEmail',
|
||||
'password' => 'required|string:trim|check_password',
|
||||
'new_email' => 'required|string:trim,lower|email|check_email',
|
||||
])->addAliases([
|
||||
'new_email' => 'New email',
|
||||
'password' => 'Your password',
|
||||
'new_email' => 'New email',
|
||||
'password' => 'Your password',
|
||||
])->addArguments([
|
||||
'token' => ['id' => $this->curUser->id],
|
||||
'token' => ['id' => $this->curUser->id],
|
||||
'new_email.check_email' => $this->curUser,
|
||||
])->addMessages([
|
||||
]);
|
||||
|
||||
if ($v->validation($_POST)) {
|
||||
if ($v->new_email === $this->curUser->email) {
|
||||
return $this->c->Redirect->page('EditUserProfile', ['id' => $this->curUser->id])->message('Email is old redirect');
|
||||
}
|
||||
|
||||
if ($this->user->isAdmin || '1' != $this->c->config->o_regs_verify) {
|
||||
$this->curUser->email = $v->new_email;
|
||||
$this->curUser->email_confirmed = 0;
|
||||
|
||||
$this->c->users->update($this->curUser);
|
||||
|
||||
return $this->c->Redirect->page('EditUserProfile', ['id' => $this->curUser->id])->message('Email changed redirect');
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -266,8 +279,6 @@ class Profile extends Page
|
|||
],
|
||||
];
|
||||
|
||||
|
||||
|
||||
$this->robots = 'noindex';
|
||||
$this->crumbs = $this->extCrumbs(
|
||||
[$this->c->Router->link('ChangeUserEmail', ['id' => $this->curUser->id]), \ForkBB\__('Change email')]
|
||||
|
|
|
|||
|
|
@ -78,16 +78,16 @@ class Register extends Page
|
|||
{
|
||||
if ('1' == $this->c->config->o_regs_verify) {
|
||||
$groupId = 0;
|
||||
$key = 'w' . $this->c->Secury->randomPass(79);
|
||||
$key = $this->c->Secury->randomPass(31);
|
||||
} else {
|
||||
$groupId = $this->c->config->o_default_user_group;
|
||||
$key = null;
|
||||
$key = null;
|
||||
}
|
||||
|
||||
$user = $this->c->users->create();
|
||||
|
||||
$user->username = $v->username;
|
||||
$user->password = password_hash($v->password, PASSWORD_DEFAULT);
|
||||
$user->password = \password_hash($v->password, PASSWORD_DEFAULT);
|
||||
$user->group_id = $groupId;
|
||||
$user->email = $v->email;
|
||||
$user->email_confirmed = 0;
|
||||
|
|
@ -187,8 +187,6 @@ class Register extends Page
|
|||
{
|
||||
if (! \hash_equals($args['hash'], $this->c->Secury->hash($args['id'] . $args['key']))
|
||||
|| ! ($user = $this->c->users->load($args['id'])) instanceof User
|
||||
|| empty($user->activate_string)
|
||||
|| 'w' !== $user->activate_string{0}
|
||||
|| ! \hash_equals($user->activate_string, $args['key'])
|
||||
) {
|
||||
return $this->c->Message->message('Bad request', false);
|
||||
|
|
@ -196,7 +194,8 @@ class Register extends Page
|
|||
|
||||
$user->group_id = $this->c->config->o_default_user_group;
|
||||
$user->email_confirmed = 1;
|
||||
$user->activate_string = null;
|
||||
$user->activate_string = '';
|
||||
|
||||
$this->c->users->update($user);
|
||||
|
||||
$this->c->Cache->delete('stats');
|
||||
|
|
|
|||
|
|
@ -443,3 +443,9 @@ msgstr "Your password"
|
|||
|
||||
msgid "Invalid password"
|
||||
msgstr "Invalid password"
|
||||
|
||||
msgid "Email is old redirect"
|
||||
msgstr "Email address is not changed. Redirecting …"
|
||||
|
||||
msgid "Email changed redirect"
|
||||
msgstr "Email address changed. Redirecting …"
|
||||
|
|
|
|||
|
|
@ -443,3 +443,9 @@ msgstr "Ваш пароль"
|
|||
|
||||
msgid "Invalid password"
|
||||
msgstr "Неверный пароль"
|
||||
|
||||
msgid "Email is old redirect"
|
||||
msgstr "Адрес электронной почты оставлен без изменений. Переадресация …"
|
||||
|
||||
msgid "Email changed redirect"
|
||||
msgstr "Адрес электронной почты изменен. Переадресация …"
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue