Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-20 13:15:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
streams/include/account.php

782 lines
22 KiB
PHP
Raw Normal View History

Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
<?php
/**
* @file include/account.php
* @brief Somme account related functions.
*/
more account infrastructure
2012-07-22 07:46:20 +00:00
require_once('include/config.php');
require_once('include/network.php');
require_once('include/plugin.php');
require_once('include/text.php');
require_once('include/language.php');
require_once('include/datetime.php');
Missing include for new_keypair
2013-08-10 15:28:05 +00:00
require_once('include/crypto.php');
renamed include files identity.php (channel.php) and Contact.php (connections.php)
2016-05-22 23:54:30 +00:00
require_once('include/channel.php');
more account infrastructure
2012-07-22 07:46:20 +00:00
registration dangling code fragment that should've been removed
2012-08-16 06:15:29 +00:00
provide techlevels in the pro server role. Should have no visible effect on other roles.
2016-09-01 00:49:22 +00:00
function get_account_by_id($account_id) {
$r = q("select * from account where account_id = %d",
intval($account_id)
);
return (($r) ? $r[0] : false);
}
registration dangling code fragment that should've been removed
2012-08-16 06:15:29 +00:00
function check_account_email($email) {
$result = array('error' => false, 'message' => '');
more zregister cleanup and theme separation
2012-08-16 07:51:03 +00:00
// Caution: empty email isn't counted as an error in this function.
// Check for empty value separately.
registration dangling code fragment that should've been removed
2012-08-16 06:15:29 +00:00
if(! strlen($email))
return $result;
if((! valid_email($email)) || (! validate_email($email)))
$result['message'] .= t('Not a valid email address') . EOL;
elseif(! allowed_email($email))
$result['message'] = t('Your email domain is not among those allowed on this site');
else {
$r = q("select account_email from account where account_email = '%s' limit 1",
dbesc($email)
);
photo driver issue when updating contact photos - old class structure used instead of photo_factory()
2013-05-06 05:49:46 +00:00
if($r) {
registration dangling code fragment that should've been removed
2012-08-16 06:15:29 +00:00
$result['message'] .= t('Your email address is already registered at this site.');
}
}
if($result['message'])
$result['error'] = true;
more zregister cleanup and theme separation
2012-08-16 07:51:03 +00:00
$arr = array('email' => $email, 'result' => $result);
call_hooks('check_account_email', $arr);
return $arr['result'];
registration dangling code fragment that should've been removed
2012-08-16 06:15:29 +00:00
}
more zregister cleanup and theme separation
2012-08-16 07:51:03 +00:00
function check_account_password($password) {
$result = array('error' => false, 'message' => '');
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
// The only validation we perform by default is pure Javascript to
more zregister cleanup and theme separation
2012-08-16 07:51:03 +00:00
// check minimum length and that both entered passwords match.
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
// Use hooked functions to perform complexity requirement checks.
more zregister cleanup and theme separation
2012-08-16 07:51:03 +00:00
$arr = array('password' => $password, 'result' => $result);
call_hooks('check_account_password', $arr);
registration dangling code fragment that should've been removed
2012-08-16 06:15:29 +00:00
more zregister cleanup and theme separation
2012-08-16 07:51:03 +00:00
return $arr['result'];
}
registration dangling code fragment that should've been removed
2012-08-16 06:15:29 +00:00
add invitiation logic to registrations - this is starting to look good
2012-08-16 10:16:55 +00:00
function check_account_invite($invite_code) {
$result = array('error' => false, 'message' => '');
more account infrastructure
2012-07-22 07:46:20 +00:00
$using_invites = get_config('system','invitation_only');
if($using_invites) {
add invitiation logic to registrations - this is starting to look good
2012-08-16 10:16:55 +00:00
if(! $invite_code) {
more account infrastructure
2012-07-22 07:46:20 +00:00
$result['message'] .= t('An invitation is required.') . EOL;
}
add invitiation logic to registrations - this is starting to look good
2012-08-16 10:16:55 +00:00
$r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_code));
Fix #109.
2015-12-09 13:37:14 +00:00
if(! $r) {
more account infrastructure
2012-07-22 07:46:20 +00:00
$result['message'] .= t('Invitation could not be verified.') . EOL;
}
add invitiation logic to registrations - this is starting to look good
2012-08-16 10:16:55 +00:00
}
if(strlen($result['message']))
$result['error'] = true;
$arr = array('invite_code' => $invite_code, 'result' => $result);
call_hooks('check_account_invite', $arr);
return $arr['result'];
}
provide auto admin registration as before, but allow the current admin to create other admins
2012-10-05 06:05:45 +00:00
function check_account_admin($arr) {
if(is_site_admin())
return true;
fix admin assign
2013-05-06 04:27:21 +00:00
$admin_email = trim(get_config('system','admin_email'));
provide auto admin registration as before, but allow the current admin to create other admins
2012-10-05 06:05:45 +00:00
if(strlen($admin_email) && $admin_email === trim($arr['email']))
return true;
return false;
}
check for mcrypt during install, allow admin email account to be admin *if* it's the first account.
2013-01-28 06:49:18 +00:00
function account_total() {
fix admin assign
2013-05-06 04:27:21 +00:00
$r = q("select account_id from account where true");
check for mcrypt during install, allow admin email account to be admin *if* it's the first account.
2013-01-28 06:49:18 +00:00
if(is_array($r))
return count($r);
return false;
}
add invitiation logic to registrations - this is starting to look good
2012-08-16 10:16:55 +00:00
function create_account($arr) {
// Required: { email, password }
$result = array('success' => false, 'email' => '', 'password' => '', 'message' => '');
$invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : '');
$email = ((x($arr,'email')) ? notags(trim($arr['email'])) : '');
$password = ((x($arr,'password')) ? trim($arr['password']) : '');
$password2 = ((x($arr,'password2')) ? trim($arr['password2']) : '');
$parent = ((x($arr,'parent')) ? intval($arr['parent']) : 0 );
$flags = ((x($arr,'account_flags')) ? intval($arr['account_flags']) : ACCOUNT_OK);
provide auto admin registration as before, but allow the current admin to create other admins
2012-10-05 06:05:45 +00:00
$roles = ((x($arr,'account_roles')) ? intval($arr['account_roles']) : 0 );
This is long overdue - use a symblic constant NULL_DATE instead of the easily mis-typed sequence '0000-00-00 00:00:00'
2014-09-09 03:35:15 +00:00
$expires = ((x($arr,'expires')) ? intval($arr['expires']) : NULL_DATE);
pro: add system techlevel to new accounts
2016-09-02 23:14:33 +00:00
$techlevel = ((array_key_exists('techlevel',$arr)) ? intval($arr['techlevel']) : intval(get_config('system','techlevel')));
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
Now logging in with Red zaccount/zentity instead of Friendica user. Yay. Most existing Friendica functionality is now stuffed since the Red structures are quite different.
2012-08-28 04:17:46 +00:00
$default_service_class = get_config('system','default_service_class');
more work on dav - deletion and a bit more progress on OS storage
2014-01-08 02:47:33 +00:00
Now logging in with Red zaccount/zentity instead of Friendica user. Yay. Most existing Friendica functionality is now stuffed since the Red structures are quite different.
2012-08-28 04:17:46 +00:00
if($default_service_class === false)
$default_service_class = '';
more account infrastructure
2012-07-22 07:46:20 +00:00
if((! x($email)) || (! x($password))) {
add invitiation logic to registrations - this is starting to look good
2012-08-16 10:16:55 +00:00
$result['message'] = t('Please enter the required information.');
return $result;
}
check for mcrypt during install, allow admin email account to be admin *if* it's the first account.
2013-01-28 06:49:18 +00:00
// prevent form hackery
provide auto admin registration as before, but allow the current admin to create other admins
2012-10-05 06:05:45 +00:00
if($roles & ACCOUNT_ROLE_ADMIN) {
$admin_result = check_account_admin($arr);
if(! $admin_result) {
$roles = 0;
}
}
check for mcrypt during install, allow admin email account to be admin *if* it's the first account.
2013-01-28 06:49:18 +00:00
// allow the admin_email account to be admin, but only if it's the first account.
$c = account_total();
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
if (($c === 0) && (check_account_admin($arr)))
check for mcrypt during install, allow admin email account to be admin *if* it's the first account.
2013-01-28 06:49:18 +00:00
$roles |= ACCOUNT_ROLE_ADMIN;
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
// Ensure that there is a host keypair.
move sitekey creation to the account creation function instead of during channel creation. Channel import bypassed sitekey creation completely. We should do it during install, but it's possible somebody might have to install manually and the sitekey would never get created. This is the best compromise I can come up with. Looks like the doc tree was also updated in this checkin
2013-08-09 08:20:34 +00:00
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
if ((! get_config('system', 'pubkey')) && (! get_config('system', 'prvkey'))) {
$hostkey = new_keypair(4096);
set_config('system', 'pubkey', $hostkey['pubkey']);
set_config('system', 'prvkey', $hostkey['prvkey']);
}
check for mcrypt during install, allow admin email account to be admin *if* it's the first account.
2013-01-28 06:49:18 +00:00
add invitiation logic to registrations - this is starting to look good
2012-08-16 10:16:55 +00:00
$invite_result = check_account_invite($invite_code);
reversed error logic
2012-08-16 12:13:51 +00:00
if($invite_result['error']) {
add invitiation logic to registrations - this is starting to look good
2012-08-16 10:16:55 +00:00
$result['message'] = $invite_result['message'];
return $result;
more account infrastructure
2012-07-22 07:46:20 +00:00
}
registration dangling code fragment that should've been removed
2012-08-16 06:15:29 +00:00
$email_result = check_account_email($email);
cleanup of mod_zregister, basic functionality working - new accounts getting stored.
2012-08-16 04:56:04 +00:00
reversed error logic
2012-08-16 12:13:51 +00:00
if($email_result['error']) {
registration dangling code fragment that should've been removed
2012-08-16 06:15:29 +00:00
$result['message'] = $email_result['message'];
more account infrastructure
2012-07-22 07:46:20 +00:00
return $result;
}
more zregister cleanup and theme separation
2012-08-16 07:51:03 +00:00
$password_result = check_account_password($password);
reversed error logic
2012-08-16 12:13:51 +00:00
if($password_result['error']) {
more zregister cleanup and theme separation
2012-08-16 07:51:03 +00:00
$result['message'] = $password_result['message'];
return $result;
}
NaCl passwords - (db update)
2012-08-22 00:48:09 +00:00
$salt = random_string(32);
$password_encoded = hash('whirlpool', $salt . $password);
more account infrastructure
2012-07-22 07:46:20 +00:00
$r = q("INSERT INTO account
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
( account_parent, account_salt, account_password, account_email, account_language,
pro: add system techlevel to new accounts
2016-09-02 23:14:33 +00:00
account_created, account_flags, account_roles, account_level, account_expires, account_service_class )
VALUES ( %d, '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s' )",
more account infrastructure
2012-07-22 07:46:20 +00:00
intval($parent),
NaCl passwords - (db update)
2012-08-22 00:48:09 +00:00
dbesc($salt),
more account infrastructure
2012-07-22 07:46:20 +00:00
dbesc($password_encoded),
dbesc($email),
cleanup of mod_zregister, basic functionality working - new accounts getting stored.
2012-08-16 04:56:04 +00:00
dbesc(get_best_language()),
more account infrastructure
2012-07-22 07:46:20 +00:00
dbesc(datetime_convert()),
pro: add system techlevel to new accounts
2016-09-02 23:14:33 +00:00
intval($flags),
intval($roles),
intval($techlevel),
more account infrastructure
2012-07-22 07:46:20 +00:00
dbesc($expires),
dbesc($default_service_class)
);
cleanup of mod_zregister, basic functionality working - new accounts getting stored.
2012-08-16 04:56:04 +00:00
if(! $r) {
logger('create_account: DB INSERT failed.');
$result['message'] = t('Failed to store account information.');
return($result);
}
more account infrastructure
2012-07-22 07:46:20 +00:00
a few minor changes
2012-08-27 06:05:00 +00:00
$r = q("select * from account where account_email = '%s' and account_password = '%s' limit 1",
zregister, cont.
2012-08-16 10:37:07 +00:00
dbesc($email),
dbesc($password_encoded)
);
if($r && count($r)) {
$result['account'] = $r[0];
}
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
else {
zregister, cont.
2012-08-16 10:37:07 +00:00
logger('create_account: could not retrieve newly created account');
}
a few minor changes
2012-08-27 06:05:00 +00:00
// Set the parent record to the current record_id if no parent was provided
if(! $parent) {
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
$r = q("update account set account_parent = %d where account_id = %d",
a few minor changes
2012-08-27 06:05:00 +00:00
intval($result['account']['account_id']),
intval($result['account']['account_id'])
);
if(! $r) {
logger('create_account: failed to set parent');
}
$result['account']['parent'] = $result['account']['account_id'];
}
cleanup of mod_zregister, basic functionality working - new accounts getting stored.
2012-08-16 04:56:04 +00:00
a few minor changes
2012-08-27 06:05:00 +00:00
$result['success'] = true;
cleanup of mod_zregister, basic functionality working - new accounts getting stored.
2012-08-16 04:56:04 +00:00
$result['email'] = $email;
$result['password'] = $password;
more account infrastructure
2012-07-22 07:46:20 +00:00
notification changes to support testdrive
2015-10-02 02:49:06 +00:00
call_hooks('register_account',$result);
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
return $result;
more account infrastructure
2012-07-22 07:46:20 +00:00
}
NaCl passwords - (db update)
2012-08-22 00:48:09 +00:00
some initial work towards email address verification
2014-07-04 01:29:32 +00:00
function verify_email_address($arr) {
$hash = random_string();
more removal of reserved words from DB schemas
2016-06-01 00:50:47 +00:00
$r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
some initial work towards email address verification
2014-07-04 01:29:32 +00:00
dbesc($hash),
dbesc(datetime_convert()),
intval($arr['account']['account_id']),
dbesc('verify'),
dbesc($arr['account']['account_language'])
);
$email_msg = replace_macros(get_intltext_template('register_verify_member.tpl'), array(
'$sitename' => get_config('system','sitename'),
'$siteurl' => z_root(),
'$email' => $arr['email'],
'$uid' => $arr['account']['account_id'],
'$hash' => $hash,
'$details' => $details
));
$res = mail($arr['email'], email_header_encode(sprintf( t('Registration confirmation for %s'), get_config('system','sitename'))),
$email_msg,
static App
2016-03-31 23:06:03 +00:00
'From: ' . 'Administrator' . '@' . App::get_hostname() . "\n"
some initial work towards email address verification
2014-07-04 01:29:32 +00:00
. 'Content-type: text/plain; charset=UTF-8' . "\n"
. 'Content-transfer-encoding: 8bit'
);
if($res)
$delivered ++;
else
logger('send_reg_approval_email: failed to ' . $admin['email'] . 'account_id: ' . $arr['account']['account_id']);
finish implementing email verification. Currently it only applies if REGISTER_OPEN is in effect.
2014-07-10 04:10:56 +00:00
return $res;
some initial work towards email address verification
2014-07-04 01:29:32 +00:00
}
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
function send_reg_approval_email($arr) {
$r = q("select * from account where account_roles & " . intval(ACCOUNT_ROLE_ADMIN));
if(! ($r && count($r)))
return false;
$admins = array();
foreach($r as $rr) {
if(strlen($rr['account_email'])) {
$admins[] = array('email' => $rr['account_email'], 'lang' => $rr['account_lang']);
}
}
if(! count($admins))
return false;
$hash = random_string();
more removal of reserved words from DB schemas
2016-06-01 00:50:47 +00:00
$r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
dbesc($hash),
dbesc(datetime_convert()),
intval($arr['account']['account_id']),
No bloody comment.
2013-02-08 08:58:09 +00:00
dbesc(''),
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
dbesc($arr['account']['account_language'])
);
Sort out registrations requiring approval
2013-02-12 00:43:27 +00:00
$ip = $_SERVER['REMOTE_ADDR'];
$details = (($ip) ? $ip . ' [' . gethostbyaddr($ip) . ']' : '[unknown or stealth IP]');
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
$delivered = 0;
foreach($admins as $admin) {
if(strlen($admin['lang']))
push_lang($admin['lang']);
else
push_lang('en');
Sort out registrations requiring approval
2013-02-12 00:43:27 +00:00
$email_msg = replace_macros(get_intltext_template('register_verify_eml.tpl'), array(
smarty support in intltext, fix old pending accounts query in ping, log failed email register notify
2013-02-09 21:20:10 +00:00
'$sitename' => get_config('system','sitename'),
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
'$siteurl' => z_root(),
'$email' => $arr['email'],
'$uid' => $arr['account']['account_id'],
Sort out registrations requiring approval
2013-02-12 00:43:27 +00:00
'$hash' => $hash,
'$details' => $details
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
));
smarty support in intltext, fix old pending accounts query in ping, log failed email register notify
2013-02-09 21:20:10 +00:00
$res = mail($admin['email'], sprintf( t('Registration request at %s'), get_config('system','sitename')),
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
$email_msg,
static App
2016-03-31 23:06:03 +00:00
'From: ' . t('Administrator') . '@' . App::get_hostname() . "\n"
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
. 'Content-type: text/plain; charset=UTF-8' . "\n"
. 'Content-transfer-encoding: 8bit'
);
if($res)
$delivered ++;
smarty support in intltext, fix old pending accounts query in ping, log failed email register notify
2013-02-09 21:20:10 +00:00
else
logger('send_reg_approval_email: failed to ' . $admin['email'] . 'account_id: ' . $arr['account']['account_id']);
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
pop_lang();
}
return($delivered ? true : false);
}
'auto channel creation' - if the corresponding config variable is set, create a channel when an account is created. Plugins can provide the necessary channel details (probably from an extended registration form). If no details are provided, a social (mostly public) channel will be created using the LHS of the email address and you will be directed to your channel page (unless email verification is required, in which case this step will be delayed until successful validation and login). If the reddress is already assigned a random name(1000-9999) reddress will be assigned.
2016-01-12 23:43:08 +00:00
function send_register_success_email($email,$password) {
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
$email_msg = replace_macros(get_intltext_template('register_open_eml.tpl'), array(
fix registration email (sitename)
2013-07-19 04:42:10 +00:00
'$sitename' => get_config('system','sitename'),
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
'$siteurl' => z_root(),
'$email' => $email,
Sort out registrations requiring approval
2013-02-12 00:43:27 +00:00
'$password' => t('your registration password'),
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
));
fixed several little nit bugs that cropped up during deployment
2012-12-06 08:03:24 +00:00
$res = mail($email, sprintf( t('Registration details for %s'), get_config('system','sitename')),
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
$email_msg,
static App
2016-03-31 23:06:03 +00:00
'From: ' . t('Administrator') . '@' . App::get_hostname() . "\n"
cleanup the rest of the new register logic
2012-08-23 02:39:12 +00:00
. 'Content-type: text/plain; charset=UTF-8' . "\n"
. 'Content-transfer-encoding: 8bit'
);
return($res ? true : false);
}
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
/**
* @brief Allows a user registration.
*
* @param string $hash
* @return array|boolean
*/
'auto channel creation' - if the corresponding config variable is set, create a channel when an account is created. Plugins can provide the necessary channel details (probably from an extended registration form). If no details are provided, a social (mostly public) channel will be created using the LHS of the email address and you will be directed to your channel page (unless email verification is required, in which case this step will be delayed until successful validation and login). If the reddress is already assigned a random name(1000-9999) reddress will be assigned.
2016-01-12 23:43:08 +00:00
function account_allow($hash) {
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
$ret = array('success' => false);
$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
dbesc($hash)
);
if(! $register)
return $ret;
$account = q("SELECT * FROM account WHERE account_id = %d LIMIT 1",
intval($register[0]['uid'])
);
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
if(! $account)
return $ret;
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
$r = q("DELETE FROM register WHERE hash = '%s'",
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
dbesc($register[0]['hash'])
);
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
intval(ACCOUNT_BLOCKED),
intval(ACCOUNT_BLOCKED),
intval($register[0]['uid'])
);
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
more register_approve stuff - like the admin page. Hopefully this won't conflict with Thomas's admin page "list users" changes
2013-02-08 11:51:31 +00:00
intval(ACCOUNT_PENDING),
intval(ACCOUNT_PENDING),
intval($register[0]['uid'])
);
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
more removal of reserved words from DB schemas
2016-06-01 00:50:47 +00:00
push_lang($register[0]['lang']);
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
$email_tpl = get_intltext_template("register_open_eml.tpl");
$email_tpl = replace_macros($email_tpl, array(
'$sitename' => get_config('system','sitename'),
'$siteurl' => z_root(),
'$username' => $account[0]['account_email'],
'$email' => $account[0]['account_email'],
'$password' => '',
'$uid' => $account[0]['account_id']
));
$res = mail($account[0]['account_email'], sprintf( t('Registration details for %s'), get_config('system','sitename')),
$email_tpl,
'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
. 'Content-type: text/plain; charset=UTF-8' . "\n"
. 'Content-transfer-encoding: 8bit' );
pop_lang();
use config system.server_role and deprecate 'UNO'
2016-08-08 00:29:35 +00:00
if(get_config('system','auto_channel_create') || get_config('system','server_role') === 'basic')
'auto channel creation' - if the corresponding config variable is set, create a channel when an account is created. Plugins can provide the necessary channel details (probably from an extended registration form). If no details are provided, a social (mostly public) channel will be created using the LHS of the email address and you will be directed to your channel page (unless email verification is required, in which case this step will be delayed until successful validation and login). If the reddress is already assigned a random name(1000-9999) reddress will be assigned.
2016-01-12 23:43:08 +00:00
auto_channel_create($register[0]['uid']);
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
if ($res) {
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
info( t('Account approved.') . EOL );
return true;
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
}
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
}
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
/**
'auto channel creation' - if the corresponding config variable is set, create a channel when an account is created. Plugins can provide the necessary channel details (probably from an extended registration form). If no details are provided, a social (mostly public) channel will be created using the LHS of the email address and you will be directed to your channel page (unless email verification is required, in which case this step will be delayed until successful validation and login). If the reddress is already assigned a random name(1000-9999) reddress will be assigned.
2016-01-12 23:43:08 +00:00
* @brief Denies an account registration.
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
*
* This does not have to go through user_remove() and save the nickname
* permanently against re-registration, as the person was not yet
* allowed to have friends on this system
*
* @param string $hash
* @return boolean
*/
'auto channel creation' - if the corresponding config variable is set, create a channel when an account is created. Plugins can provide the necessary channel details (probably from an extended registration form). If no details are provided, a social (mostly public) channel will be created using the LHS of the email address and you will be directed to your channel page (unless email verification is required, in which case this step will be delayed until successful validation and login). If the reddress is already assigned a random name(1000-9999) reddress will be assigned.
2016-01-12 23:43:08 +00:00
function account_deny($hash) {
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
$register = q("SELECT * FROM register WHERE hash = '%s' LIMIT 1",
dbesc($hash)
);
if(! count($register))
return false;
more diaspora heavy lifting
2014-08-26 03:57:10 +00:00
$account = q("SELECT account_id, account_email FROM account WHERE account_id = %d LIMIT 1",
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
intval($register[0]['uid'])
);
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
fix the admin interface to pending registrations
2014-01-21 22:56:42 +00:00
if(! $account)
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
return false;
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
$r = q("DELETE FROM account WHERE account_id = %d",
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
intval($register[0]['uid'])
);
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
$r = q("DELETE FROM `register` WHERE id = %d",
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
dbesc($register[0]['id'])
);
notice( sprintf(t('Registration revoked for %s'), $account[0]['account_email']) . EOL);
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
return true;
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
perhaps REGISTER_VERIFY will work now. I'll test it and make certain it works some day. But not today.
2013-02-08 11:11:40 +00:00
}
service class downgrade to the default service class on account expiration if using a non-default service class and account has expired.
2014-02-18 23:17:18 +00:00
'auto channel creation' - if the corresponding config variable is set, create a channel when an account is created. Plugins can provide the necessary channel details (probably from an extended registration form). If no details are provided, a social (mostly public) channel will be created using the LHS of the email address and you will be directed to your channel page (unless email verification is required, in which case this step will be delayed until successful validation and login). If the reddress is already assigned a random name(1000-9999) reddress will be assigned.
2016-01-12 23:43:08 +00:00
// called from regver to activate an account from the email verification link
service class downgrade to the default service class on account expiration if using a non-default service class and account has expired.
2014-02-18 23:17:18 +00:00
'auto channel creation' - if the corresponding config variable is set, create a channel when an account is created. Plugins can provide the necessary channel details (probably from an extended registration form). If no details are provided, a social (mostly public) channel will be created using the LHS of the email address and you will be directed to your channel page (unless email verification is required, in which case this step will be delayed until successful validation and login). If the reddress is already assigned a random name(1000-9999) reddress will be assigned.
2016-01-12 23:43:08 +00:00
function account_approve($hash) {
some initial work towards email address verification
2014-07-04 01:29:32 +00:00
$ret = array('success' => false);
'auto channel creation' - if the corresponding config variable is set, create a channel when an account is created. Plugins can provide the necessary channel details (probably from an extended registration form). If no details are provided, a social (mostly public) channel will be created using the LHS of the email address and you will be directed to your channel page (unless email verification is required, in which case this step will be delayed until successful validation and login). If the reddress is already assigned a random name(1000-9999) reddress will be assigned.
2016-01-12 23:43:08 +00:00
// Note: when the password in the register table is 'verify', the uid actually contains the account_id
some initial work towards email address verification
2014-07-04 01:29:32 +00:00
$register = q("SELECT * FROM `register` WHERE `hash` = '%s' and password = 'verify' LIMIT 1",
dbesc($hash)
);
if(! $register)
return $ret;
$account = q("SELECT * FROM account WHERE account_id = %d LIMIT 1",
intval($register[0]['uid'])
);
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
some initial work towards email address verification
2014-07-04 01:29:32 +00:00
if(! $account)
return $ret;
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
$r = q("DELETE FROM register WHERE hash = '%s' and password = 'verify'",
some initial work towards email address verification
2014-07-04 01:29:32 +00:00
dbesc($register[0]['hash'])
);
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
some initial work towards email address verification
2014-07-04 01:29:32 +00:00
intval(ACCOUNT_BLOCKED),
intval(ACCOUNT_BLOCKED),
intval($register[0]['uid'])
);
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
some initial work towards email address verification
2014-07-04 01:29:32 +00:00
intval(ACCOUNT_PENDING),
intval(ACCOUNT_PENDING),
intval($register[0]['uid'])
);
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
$r = q("update account set account_flags = (account_flags & ~%d) where (account_flags & %d)>0 and account_id = %d",
finish implementing email verification. Currently it only applies if REGISTER_OPEN is in effect.
2014-07-10 04:10:56 +00:00
intval(ACCOUNT_UNVERIFIED),
intval(ACCOUNT_UNVERIFIED),
intval($register[0]['uid'])
);
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
add letsencrypt x3 intermediate cert and new cert file, improve UX of new registrations
2016-06-28 02:04:00 +00:00
// get a fresh copy after we've modified it.
$account = q("SELECT * FROM account WHERE account_id = %d LIMIT 1",
intval($register[0]['uid'])
);
if(! $account)
return $ret;
'auto channel creation' - if the corresponding config variable is set, create a channel when an account is created. Plugins can provide the necessary channel details (probably from an extended registration form). If no details are provided, a social (mostly public) channel will be created using the LHS of the email address and you will be directed to your channel page (unless email verification is required, in which case this step will be delayed until successful validation and login). If the reddress is already assigned a random name(1000-9999) reddress will be assigned.
2016-01-12 23:43:08 +00:00
use config system.server_role and deprecate 'UNO'
2016-08-08 00:29:35 +00:00
if(get_config('system','auto_channel_create') || get_config('system','server_role') === 'basic')
'auto channel creation' - if the corresponding config variable is set, create a channel when an account is created. Plugins can provide the necessary channel details (probably from an extended registration form). If no details are provided, a social (mostly public) channel will be created using the LHS of the email address and you will be directed to your channel page (unless email verification is required, in which case this step will be delayed until successful validation and login). If the reddress is already assigned a random name(1000-9999) reddress will be assigned.
2016-01-12 23:43:08 +00:00
auto_channel_create($register[0]['uid']);
add letsencrypt x3 intermediate cert and new cert file, improve UX of new registrations
2016-06-28 02:04:00 +00:00
else {
$_SESSION['login_return_url'] = 'new_channel';
sort out some of the authentication mess - with luck this may fix the DAV auth issue which I simply could not duplicate or find a reason for.
2016-07-21 00:55:40 +00:00
authenticate_success($account[0],null,true,true,false,true);
add letsencrypt x3 intermediate cert and new cert file, improve UX of new registrations
2016-06-28 02:04:00 +00:00
}
'auto channel creation' - if the corresponding config variable is set, create a channel when an account is created. Plugins can provide the necessary channel details (probably from an extended registration form). If no details are provided, a social (mostly public) channel will be created using the LHS of the email address and you will be directed to your channel page (unless email verification is required, in which case this step will be delayed until successful validation and login). If the reddress is already assigned a random name(1000-9999) reddress will be assigned.
2016-01-12 23:43:08 +00:00
add letsencrypt x3 intermediate cert and new cert file, improve UX of new registrations
2016-06-28 02:04:00 +00:00
// info( t('Account verified. Please login.') . EOL );
finish implementing email verification. Currently it only applies if REGISTER_OPEN is in effect.
2014-07-10 04:10:56 +00:00
some initial work towards email address verification
2014-07-04 01:29:32 +00:00
return true;
}
service class downgrade to the default service class on account expiration if using a non-default service class and account has expired.
2014-02-18 23:17:18 +00:00
/**
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
* @brief Checks for accounts that have past their expiration date.
*
service class downgrade to the default service class on account expiration if using a non-default service class and account has expired.
2014-02-18 23:17:18 +00:00
* If the account has a service class which is not the site default,
* the service class is reset to the site default and expiration reset to never.
* If the account has no service class it is expired and subsequently disabled.
* called from include/poller.php as a scheduled task.
*
* Reclaiming resources which are no longer within the service class limits is
* not the job of this function, but this can be implemented by plugin if desired.
* Default behaviour is to stop allowing additional resources to be consumed.
*/
function downgrade_accounts() {
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
$r = q("select * from account where not ( account_flags & %d )>0
This is long overdue - use a symblic constant NULL_DATE instead of the easily mis-typed sequence '0000-00-00 00:00:00'
2014-09-09 03:35:15 +00:00
and account_expires != '%s'
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
and account_expires < %s ",
argument order reversed in downgrade_accounts
2014-09-10 00:25:31 +00:00
intval(ACCOUNT_EXPIRED),
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
dbesc(NULL_DATE),
db_getfunc('UTC_TIMESTAMP')
service class downgrade to the default service class on account expiration if using a non-default service class and account has expired.
2014-02-18 23:17:18 +00:00
);
if(! $r)
return;
$basic = get_config('system','default_service_class');
foreach($r as $rr) {
if(($basic) && ($rr['account_service_class']) && ($rr['account_service_class'] != $basic)) {
$x = q("UPDATE account set account_service_class = '%s', account_expires = '%s'
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
where account_id = %d",
service class downgrade to the default service class on account expiration if using a non-default service class and account has expired.
2014-02-18 23:17:18 +00:00
dbesc($basic),
This is long overdue - use a symblic constant NULL_DATE instead of the easily mis-typed sequence '0000-00-00 00:00:00'
2014-09-09 03:35:15 +00:00
dbesc(NULL_DATE),
service class downgrade to the default service class on account expiration if using a non-default service class and account has expired.
2014-02-18 23:17:18 +00:00
intval($rr['account_id'])
);
some more snakebite and fix up include/account - forgot about that inline array stuff
2014-02-19 00:59:31 +00:00
$ret = array('account' => $rr);
call_hooks('account_downgrade', $ret );
service class downgrade to the default service class on account expiration if using a non-default service class and account has expired.
2014-02-18 23:17:18 +00:00
logger('downgrade_accounts: Account id ' . $rr['account_id'] . ' downgraded.');
}
else {
PostgreSQL support initial commit There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
2014-11-13 20:21:58 +00:00
$x = q("UPDATE account SET account_flags = (account_flags | %d) where account_id = %d",
service class downgrade to the default service class on account expiration if using a non-default service class and account has expired.
2014-02-18 23:17:18 +00:00
intval(ACCOUNT_EXPIRED),
intval($rr['account_id'])
);
some more snakebite and fix up include/account - forgot about that inline array stuff
2014-02-19 00:59:31 +00:00
$ret = array('account' => $rr);
call_hooks('account_downgrade', $ret);
service class downgrade to the default service class on account expiration if using a non-default service class and account has expired.
2014-02-18 23:17:18 +00:00
logger('downgrade_accounts: Account id ' . $rr['account_id'] . ' expired.');
}
}
some more snakebite and fix up include/account - forgot about that inline array stuff
2014-02-19 00:59:31 +00:00
}
implement service class for feed polling frequenecy, fixed a service class bug, moved service class stuff from plugin to account.php where it belongs and load that by default instead of on demand
2014-09-04 02:07:14 +00:00
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
/**
* @brief Check service_class restrictions.
*
* If there are no service_classes defined, everything is allowed.
* If $usage is supplied, we check against a maximum count and return true if
* the current usage is less than the subscriber plan allows. Otherwise we
* return boolean true or false if the property is allowed (or not) in this
* subscriber plan. An unset property for this service plan means the property
* is allowed, so it is only necessary to provide negative properties for each
* plan, or what the subscriber is not allowed to do.
*
* Like account_service_class_allows() but queries directly by account rather
* than channel. Service classes are set for accounts, so we look up the
* account for the channel and fetch the service class restrictions of the
* account.
*
* @see account_service_class_allows() if you have a channel_id already
* @see service_class_fetch()
*
* @param int $uid The channel_id to check
* @param string $property The service class property to check for
* @param string|boolean $usage (optional) The value to check against
* @return boolean
*/
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
function service_class_allows($uid, $property, $usage = false) {
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
$limit = service_class_fetch($uid, $property);
Fix for issue #763 Error creating new channel within the limits of the subscription plan
2015-01-11 15:12:36 +00:00
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
if($limit === false)
return true; // No service class set => everything is allowed
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
allow engineering units (e.g. 400M, 1G) as service class limits
2016-04-29 04:02:27 +00:00
$limit = engr_units_to_bytes($limit);
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
if($usage === false) {
// We use negative values for not allowed properties in a subscriber plan
return ((x($limit)) ? (bool) $limit : true);
} else {
return (((intval($usage)) < intval($limit)) ? true : false);
Fix for issue #763 Error creating new channel within the limits of the subscription plan
2015-01-11 15:12:36 +00:00
}
}
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
/**
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
* @brief Check service class restrictions by account.
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
*
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
* If there are no service_classes defined, everything is allowed.
* If $usage is supplied, we check against a maximum count and return true if
* the current usage is less than the subscriber plan allows. Otherwise we
* return boolean true or false if the property is allowed (or not) in this
* subscriber plan. An unset property for this service plan means the property
* is allowed, so it is only necessary to provide negative properties for each
* plan, or what the subscriber is not allowed to do.
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
*
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
* Like service_class_allows() but queries directly by account rather than channel.
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
*
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
* @see service_class_allows() if you have a channel_id instead of an account_id
* @see account_service_class_fetch()
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
*
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
* @param int $aid The account_id to check
* @param string $property The service class property to check for
Correcting reported Doxygen syntax warnings. Fixed wrong Doxygen syntax and add some of the available FIXME to Doxygen documentation. Updated Doxygen configuration to add also all capital letter tags. Adding some more Doxygen documentation.
2015-03-21 23:06:08 +00:00
* @param int|boolean $usage (optional) The value to check against
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
* @return boolean
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
*/
function account_service_class_allows($aid, $property, $usage = false) {
Fix for issue #763 Error creating new channel within the limits of the subscription plan
2015-01-11 15:12:36 +00:00
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
$limit = account_service_class_fetch($aid, $property);
implement service class for feed polling frequenecy, fixed a service class bug, moved service class stuff from plugin to account.php where it belongs and load that by default instead of on demand
2014-09-04 02:07:14 +00:00
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
if($limit === false)
return true; // No service class is set => everything is allowed
implement service class for feed polling frequenecy, fixed a service class bug, moved service class stuff from plugin to account.php where it belongs and load that by default instead of on demand
2014-09-04 02:07:14 +00:00
allow engineering units (e.g. 400M, 1G) as service class limits
2016-04-29 04:02:27 +00:00
$limit = engr_units_to_bytes($limit);
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
if($usage === false) {
// We use negative values for not allowed properties in a subscriber plan
return ((x($limit)) ? (bool) $limit : true);
} else {
return (((intval($usage)) < intval($limit)) ? true : false);
implement service class for feed polling frequenecy, fixed a service class bug, moved service class stuff from plugin to account.php where it belongs and load that by default instead of on demand
2014-09-04 02:07:14 +00:00
}
}
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
/**
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
* @brief Queries a service class value for a channel and property.
*
* Service classes are set for accounts, so look up the account for this channel
* and fetch the service classe of the account.
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
*
* If no service class is available it returns false and everything should be
* allowed.
*
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
* @see account_service_class_fetch()
*
* @param int $uid The channel_id to query
* @param string $property The service property name to check for
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
* @return boolean|int
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
*
* @todo Should we merge this with account_service_class_fetch()?
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
*/
function service_class_fetch($uid, $property) {
code cleanup
2016-05-25 03:49:23 +00:00
local_user => local_channel
2015-01-29 04:56:04 +00:00
if($uid == local_channel()) {
static App
2016-03-31 23:06:03 +00:00
$service_class = App::$account['account_service_class'];
implement service class for feed polling frequenecy, fixed a service class bug, moved service class stuff from plugin to account.php where it belongs and load that by default instead of on demand
2014-09-04 02:07:14 +00:00
}
else {
$r = q("select account_service_class as service_class
from channel c, account a
where c.channel_account_id=a.account_id and c.channel_id= %d limit 1",
intval($uid)
);
if($r !== false and count($r)) {
$service_class = $r[0]['service_class'];
}
}
if(! x($service_class))
return false; // everything is allowed
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
$arr = get_config('service_class', $service_class);
implement service class for feed polling frequenecy, fixed a service class bug, moved service class stuff from plugin to account.php where it belongs and load that by default instead of on demand
2014-09-04 02:07:14 +00:00
if(! is_array($arr) || (! count($arr)))
return false;
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
return((array_key_exists($property, $arr)) ? $arr[$property] : false);
implement service class for feed polling frequenecy, fixed a service class bug, moved service class stuff from plugin to account.php where it belongs and load that by default instead of on demand
2014-09-04 02:07:14 +00:00
}
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
/**
* @brief Queries a service class value for an account and property.
*
* Like service_class_fetch() but queries by account rather than channel.
*
* @see service_class_fetch() if you have channel_id.
* @see account_service_class_allows()
*
* @param int $aid The account_id to query
* @param string $property The service property name to check for
* @return boolean|int
*/
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
function account_service_class_fetch($aid, $property) {
honour service class restrictions for total_identities, total_channels ("friends") and total_feeds both when importing channels and subsequently when syncing clones. Limits are based on the local system - additional entries are silently dropped.
2014-09-16 00:17:00 +00:00
$r = q("select account_service_class as service_class from account where account_id = %d limit 1",
intval($aid)
);
if($r !== false && count($r)) {
$service_class = $r[0]['service_class'];
}
if(! x($service_class))
return false; // everything is allowed
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
$arr = get_config('service_class', $service_class);
honour service class restrictions for total_identities, total_channels ("friends") and total_feeds both when importing channels and subsequently when syncing clones. Limits are based on the local system - additional entries are silently dropped.
2014-09-16 00:17:00 +00:00
if(! is_array($arr) || (! count($arr)))
return false;
Some documentation, fix chatroom service class lookup. Add some Doxygen documentation and fixing a service class lookup for chatroom_create().
2015-03-13 23:10:06 +00:00
return((array_key_exists($property, $arr)) ? $arr[$property] : false);
honour service class restrictions for total_identities, total_channels ("friends") and total_feeds both when importing channels and subsequently when syncing clones. Limits are based on the local system - additional entries are silently dropped.
2014-09-16 00:17:00 +00:00
}
implement service class for feed polling frequenecy, fixed a service class bug, moved service class stuff from plugin to account.php where it belongs and load that by default instead of on demand
2014-09-04 02:07:14 +00:00
function upgrade_link($bbcode = false) {
Documentation and remove duplicate code. Add a bit Doxygen documentation and remove some duplicate code from account.php.
2015-03-15 23:20:14 +00:00
$l = get_config('service_class', 'upgrade_link');
implement service class for feed polling frequenecy, fixed a service class bug, moved service class stuff from plugin to account.php where it belongs and load that by default instead of on demand
2014-09-04 02:07:14 +00:00
if(! $l)
return '';
if($bbcode)
$t = sprintf('[zrl=%s]' . t('Click here to upgrade.') . '[/zrl]', $l);
else
$t = sprintf('<a href="%s">' . t('Click here to upgrade.') . '</div>', $l);
return $t;
}
function upgrade_message($bbcode = false) {
$x = upgrade_link($bbcode);
return t('This action exceeds the limits set by your subscription plan.') . (($x) ? ' ' . $x : '') ;
}
function upgrade_bool_message($bbcode = false) {
$x = upgrade_link($bbcode);
return t('This action is not available under your subscription plan.') . (($x) ? ' ' . $x : '') ;
Fix #109.
2015-12-09 13:37:14 +00:00
}
provide techlevels in the pro server role. Should have no visible effect on other roles.
2016-09-01 00:49:22 +00:00
function get_account_techlevel($account_id = 0) {
$role = \Zotlabs\Lib\System::get_server_role();
if($role == 'basic')
return 0;
if($role == 'standard')
return 5;
if(! $account_id) {
$x = \App::get_account();
}
else {
$x = get_account_by_id($account_id);
}
return (($x) ? intval($x['account_level']) : 0);
}
Reference in a new issue Copy permalink