Merge remote-tracking branch 'mike/master' into dev

Zotlabs/Module/Email_resend.php

@@ -0,0 +1,48 @@
+<?php
+
+namespace Zotlabs\Module;
+
+
+class Email_resend extends \Zotlabs\Web\Controller {
+
+	function post() {
+
+
+
+		if($_POST['token']) {
+			if(! account_approve(trim($_POST['token']))) {
+				notice('Token verification failed.')
+			}
+		}
+
+	}
+
+
+	function get() {
+
+		if(argc() > 1) {
+			$result = false;
+			$email = hex2bin(argv(1));
+
+			if($email) {
+				$result = verify_email_address( [ 'resend' => true, 'email' => $email ] );
+			}
+
+			if($result) {
+				notice(t('Email verification resent'));
+			}
+			else {
+				notice(t('Unable to resend email verification message.'));
+			}
+
+			return;
+
+		}
+
+		// @todo - one can provide a form here to resend the mail
+		// after directing to here if a succesful login was attempted from an unverified address.
+
+
+	}
+
+}

Zotlabs/Module/Email_validation.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace Zotlabs\Module;
+
+
+class Email_validation extends \Zotlabs\Web\Controller {
+
+	function post() {
+
+		if($_POST['token']) {
+			if(! account_approve(trim($_POST['token']))) {
+				notice('Token verification failed.');
+			}
+		}
+
+	}
+
+
+	function get() {
+
+		if(argc() > 1) {
+			$email = hex2bin(argv(1));
+		}
+
+		$o = replace_macros(get_markup_template('email_validation.tpl'), [
+			'$title' => t('Email Verification Required'),
+			'$desc' => sprintf( t('A verification token was sent to your email address [%s]. Enter that token here to complete the account verification step. Please allow a few minutes for delivery, and check your spam folder if you do not see the message.'),$email),
+			'$resend' => t('Resend Email'),
+			'$email' => bin2hex($email),
+			'$submit' => t('Submit'),
+			'$token' => [ 'token', t('Validation token'),'','' ],
+		]);
+		
+		return $o;
+
+	}
+
+}

Zotlabs/Module/Register.php

@@ -150,9 +150,11 @@ class Register extends \Zotlabs\Web\Controller {
 		}
 	
 		if($email_verify) {
-			goaway(z_root());
+			goaway(z_root() . '/email_validation/' . bin2hex($result['email']));
 		}
-	
+
+		// fall through and authenticate if no approvals or verifications were required. 	
+
 		authenticate_success($result['account'],null,true,false,true);
 		
 		$new_channel = false;
@@ -217,6 +219,9 @@ class Register extends \Zotlabs\Web\Controller {
 		$privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : "");
 
 		$perm_roles = \Zotlabs\Access\PermissionRoles::roles();
+
+		// A new account will not have a techlevel, but accounts can also be created by the administrator.
+
 		if((get_account_techlevel() < 4) && $privacy_role !== 'custom')
 			unset($perm_roles[t('Other')]);
 	
@@ -231,15 +236,17 @@ class Register extends \Zotlabs\Web\Controller {
 		// Configurable whether to restrict age or not - default is based on international legal requirements
 		// This can be relaxed if you are on a restricted server that does not share with public servers
 	
-		if(get_config('system','no_age_restriction')) 
+		if(get_config('system','no_age_restriction')) {
 			$label_tos = sprintf( t('I accept the %s for this website'), $toslink);
-		else
+		}
+		else {
 			$age = get_config('system','minimum_age');
 			if(!$age) {
 				$age = 13;
 			}
 			$label_tos = sprintf( t('I am over %s years of age and accept the %s for this website'), $age, $toslink);
-	
+		}
+
 		$enable_tos = 1 - intval(get_config('system','no_termsofservice'));
 	
 		$email        = array('email', t('Your email address'), ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : ""));
@@ -255,6 +262,7 @@ class Register extends \Zotlabs\Web\Controller {
 
 		$auto_create  = (get_config('system','auto_channel_create') ? true : false);
 		$default_role = get_config('system','default_permissions_role');
+		$email_verify = get_config('system','verify_email');
 	
 		require_once('include/bbcode.php');
 	
@@ -278,7 +286,7 @@ class Register extends \Zotlabs\Web\Controller {
 			'$pass1'        => $password,
 			'$pass2'        => $password2,
 			'$submit'       => t('Register'),
-			'$verify_note'  => t('This site may require email verification after submitting this form. If you are returned to a login page, please check your email for instructions.')
+			'$verify_note'  => (($email_verify) ? t('This site requires email verification. After completing this form, please check your email for further instructions.') : ''),
 		));
 	
 		return $o;

include/account.php

@@ -262,24 +262,46 @@ function create_account($arr) {
 
 function verify_email_address($arr) {
 
-	$hash = random_string();
+	if(array_key_exists('resend',$arr)) {
+		$email = $arr['email'];
+		$a = q("select * from account where account_email = '%s' limit 1",
+			dbesc($arr['email'])
+		);
+		if(! ($a && ($a[0]['account_flags'] & ACCOUNT_UNVERIFIED))) {
+			return false;
+		}
+		$account = $a[0];
+		$v = q("select * from register where uid = %d and password = 'verify' limit 1",
+			intval($account['account_id'])
+		);
+		if($v) {
+			$hash = $v[0]['hash'];
+		}
+		else {
+			return false;
+		}
+	}
+	else {
+		$hash = random_string(24);
 
-	$r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
-		dbesc($hash),
-		dbesc(datetime_convert()),
-		intval($arr['account']['account_id']),
-		dbesc('verify'),
-		dbesc($arr['account']['account_language'])
-	);
+		$r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ",
+			dbesc($hash),
+			dbesc(datetime_convert()),
+			intval($arr['account']['account_id']),
+			dbesc('verify'),
+			dbesc($arr['account']['account_language'])
+		);
+		$account = $arr['account'];
+	}
 
-	push_lang(($arr['account']['account_language']) ? $arr['account']['account_language'] : 'en');
+	push_lang(($account['account_language']) ? $account['account_language'] : 'en');
 
 	$email_msg = replace_macros(get_intltext_template('register_verify_member.tpl'),
 		[
 			'$sitename' => get_config('system','sitename'),
 			'$siteurl'  => z_root(),
 			'$email'    => $arr['email'],
-			'$uid'      => $arr['account']['account_id'],
+			'$uid'      => $account['account_id'],
 			'$hash'     => $hash,
 			'$details'  => $details
 	 	]

include/text.php

@@ -973,7 +973,14 @@ function contact_block() {
 			$contacts = t('Connections');
 			$micropro = Array();
 			foreach($r as $rr) {
-				$rr['archived'] = (intval($rr['abook_archived']) ? true : false);
+
+				// There is no setting to discover if you are bi-directionally connected
+				// Use the ability to post comments as an indication that this relationship is more
+				// than wishful thinking; even though soapbox channels and feeds will disable it. 
+
+				if(! intval(get_abconfig(App::$profile['uid'],$rr['xchan_hash'],'their_perms','post_comments'))) {
+					$rr['archived'] = true;
+				}
 				$micropro[] = micropro($rr,true,'mpfriend');
 			}
 		}

view/en/register_verify_member.tpl

@@ -10,7 +10,12 @@ Login with the password you chose at registration.
 
 We need to verify your email address in order to give you full access.
 
-If you registered this account, please visit the following link:
+Your validation code is
+
+{{$hash}}
+
+
+If you registered this account, please enter the validation code when requested or visit the following link:
 
 {{$siteurl}}/regver/allow/{{$hash}} 
 

view/tpl/email_validation.tpl

@@ -0,0 +1,16 @@
+<h2>{{$title}}</h2>
+
+<div class="descriptive-paragraph" style="font-size: 1.2em;"><p>{{$desc}}</p></div>
+
+<form action="email_validation" method="post">
+{{include file="field_input.tpl" field=$token}}
+
+<div class="pull-right">
+	<a href="email_resend/{{$email}}" class="btn btn-warning">{{$resend}}</a>
+</div>
+<div class="submit-wrapper" >
+	<button type="submit" name="submit" class="btn btn-primary">{{$submit}}</button>
+</div>
+</form>
+<div class="clear"></div>
+