From 660079bd2a4a6dcb54390a4c2f22bbc7a0633fd4 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Fri, 26 Jan 2018 12:16:47 -0800 Subject: [PATCH 1/3] Issue with configurable site age limit, vagueness when informing about email validation policy; added email validation resend ability and the option to input a verification code at a webpage though both require additional work to provide these abilities. --- Zotlabs/Module/Register.php | 14 +++++++--- include/account.php | 42 +++++++++++++++++++++++------- view/en/register_verify_member.tpl | 7 ++++- 3 files changed, 48 insertions(+), 15 deletions(-) diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index deaee31bf..1cb3bab91 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -217,6 +217,9 @@ class Register extends \Zotlabs\Web\Controller { $privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : ""); $perm_roles = \Zotlabs\Access\PermissionRoles::roles(); + + // A new account will not have a techlevel, but accounts can also be created by the administrator. + if((get_account_techlevel() < 4) && $privacy_role !== 'custom') unset($perm_roles[t('Other')]); @@ -231,15 +234,17 @@ class Register extends \Zotlabs\Web\Controller { // Configurable whether to restrict age or not - default is based on international legal requirements // This can be relaxed if you are on a restricted server that does not share with public servers - if(get_config('system','no_age_restriction')) + if(get_config('system','no_age_restriction')) { $label_tos = sprintf( t('I accept the %s for this website'), $toslink); - else + } + else { $age = get_config('system','minimum_age'); if(!$age) { $age = 13; } $label_tos = sprintf( t('I am over %s years of age and accept the %s for this website'), $age, $toslink); - + } + $enable_tos = 1 - intval(get_config('system','no_termsofservice')); $email = array('email', t('Your email address'), ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : "")); @@ -255,6 +260,7 @@ class Register extends \Zotlabs\Web\Controller { $auto_create = (get_config('system','auto_channel_create') ? true : false); $default_role = get_config('system','default_permissions_role'); + $email_verify = get_config('system','verify_email'); require_once('include/bbcode.php'); @@ -278,7 +284,7 @@ class Register extends \Zotlabs\Web\Controller { '$pass1' => $password, '$pass2' => $password2, '$submit' => t('Register'), - '$verify_note' => t('This site may require email verification after submitting this form. If you are returned to a login page, please check your email for instructions.') + '$verify_note' => (($email_verify) ? t('This site requires email verification. After completing this form, please check your email for further instructions.') : ''), )); return $o; diff --git a/include/account.php b/include/account.php index 6c6fdece4..3a7b677be 100644 --- a/include/account.php +++ b/include/account.php @@ -262,24 +262,46 @@ function create_account($arr) { function verify_email_address($arr) { - $hash = random_string(); + if(array_key_exists('resend',$arr)) { + $email = $arr['email']; + $a = q("select * from account where account_email = '%s' limit 1", + dbesc($arr['email']) + } + if(! ($a && ($a[0]['account_flags'] & ACCOUNT_UNVERIFIED))) { + return false; + } + $account = $a[0]; + $v = q("select * from register where uid = %d and password = 'verify' limit 1", + intval($account['account_id']) + ); + if($v) { + $hash = $v[0]['hash']; + } + else { + return false; + } + } + else { + $hash = random_string(24); - $r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", - dbesc($hash), - dbesc(datetime_convert()), - intval($arr['account']['account_id']), - dbesc('verify'), - dbesc($arr['account']['account_language']) - ); + $r = q("INSERT INTO register ( hash, created, uid, password, lang ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", + dbesc($hash), + dbesc(datetime_convert()), + intval($arr['account']['account_id']), + dbesc('verify'), + dbesc($arr['account']['account_language']) + ); + $account = $arr['account']; + } - push_lang(($arr['account']['account_language']) ? $arr['account']['account_language'] : 'en'); + push_lang(($account['account_language']) ? $account['account_language'] : 'en'); $email_msg = replace_macros(get_intltext_template('register_verify_member.tpl'), [ '$sitename' => get_config('system','sitename'), '$siteurl' => z_root(), '$email' => $arr['email'], - '$uid' => $arr['account']['account_id'], + '$uid' => $account['account_id'], '$hash' => $hash, '$details' => $details ] diff --git a/view/en/register_verify_member.tpl b/view/en/register_verify_member.tpl index 71f0964d4..9bdd7fa51 100644 --- a/view/en/register_verify_member.tpl +++ b/view/en/register_verify_member.tpl @@ -10,7 +10,12 @@ Login with the password you chose at registration. We need to verify your email address in order to give you full access. -If you registered this account, please visit the following link: +Your validation code is + +{{$hash}} + + +If you registered this account, please enter the validation code when requested or visit the following link: {{$siteurl}}/regver/allow/{{$hash}} From 4eead1c688f57bdf04091675fa38c5eed9f6acde Mon Sep 17 00:00:00 2001 From: zotlabs Date: Fri, 26 Jan 2018 13:42:53 -0800 Subject: [PATCH 2/3] typo from previous checkin and partial fix to hubzilla #965 - show any connection without comment permission as archived in contact_block(). --- include/account.php | 2 +- include/text.php | 9 ++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/include/account.php b/include/account.php index 3a7b677be..3ac485974 100644 --- a/include/account.php +++ b/include/account.php @@ -266,7 +266,7 @@ function verify_email_address($arr) { $email = $arr['email']; $a = q("select * from account where account_email = '%s' limit 1", dbesc($arr['email']) - } + ); if(! ($a && ($a[0]['account_flags'] & ACCOUNT_UNVERIFIED))) { return false; } diff --git a/include/text.php b/include/text.php index 956f42f7d..8ec6ebace 100644 --- a/include/text.php +++ b/include/text.php @@ -973,7 +973,14 @@ function contact_block() { $contacts = t('Connections'); $micropro = Array(); foreach($r as $rr) { - $rr['archived'] = (intval($rr['abook_archived']) ? true : false); + + // There is no setting to discover if you are bi-directionally connected + // Use the ability to post comments as an indication that this relationship is more + // than wishful thinking; even though soapbox channels and feeds will disable it. + + if(! intval(get_abconfig(App::$profile['uid'],$rr['xchan_hash'],'their_perms','post_comments'))) { + $rr['archived'] = true; + } $micropro[] = micropro($rr,true,'mpfriend'); } } From bd0f63980ba0d0e606f2dd7a65313f7e150d330a Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 27 Jan 2018 12:51:48 -0800 Subject: [PATCH 3/3] Usability improvements to registration/verification workflow. This requires additional testing. --- Zotlabs/Module/Email_resend.php | 48 +++++++++++++++++++++++++++++ Zotlabs/Module/Email_validation.php | 38 +++++++++++++++++++++++ Zotlabs/Module/Register.php | 6 ++-- view/tpl/email_validation.tpl | 16 ++++++++++ 4 files changed, 106 insertions(+), 2 deletions(-) create mode 100644 Zotlabs/Module/Email_resend.php create mode 100644 Zotlabs/Module/Email_validation.php create mode 100644 view/tpl/email_validation.tpl diff --git a/Zotlabs/Module/Email_resend.php b/Zotlabs/Module/Email_resend.php new file mode 100644 index 000000000..367593b55 --- /dev/null +++ b/Zotlabs/Module/Email_resend.php @@ -0,0 +1,48 @@ + 1) { + $result = false; + $email = hex2bin(argv(1)); + + if($email) { + $result = verify_email_address( [ 'resend' => true, 'email' => $email ] ); + } + + if($result) { + notice(t('Email verification resent')); + } + else { + notice(t('Unable to resend email verification message.')); + } + + return; + + } + + // @todo - one can provide a form here to resend the mail + // after directing to here if a succesful login was attempted from an unverified address. + + + } + +} \ No newline at end of file diff --git a/Zotlabs/Module/Email_validation.php b/Zotlabs/Module/Email_validation.php new file mode 100644 index 000000000..4cc016847 --- /dev/null +++ b/Zotlabs/Module/Email_validation.php @@ -0,0 +1,38 @@ + 1) { + $email = hex2bin(argv(1)); + } + + $o = replace_macros(get_markup_template('email_validation.tpl'), [ + '$title' => t('Email Verification Required'), + '$desc' => sprintf( t('A verification token was sent to your email address [%s]. Enter that token here to complete the account verification step. Please allow a few minutes for delivery, and check your spam folder if you do not see the message.'),$email), + '$resend' => t('Resend Email'), + '$email' => bin2hex($email), + '$submit' => t('Submit'), + '$token' => [ 'token', t('Validation token'),'','' ], + ]); + + return $o; + + } + +} \ No newline at end of file diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index 1cb3bab91..c7fa1cee8 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -150,9 +150,11 @@ class Register extends \Zotlabs\Web\Controller { } if($email_verify) { - goaway(z_root()); + goaway(z_root() . '/email_validation/' . bin2hex($result['email'])); } - + + // fall through and authenticate if no approvals or verifications were required. + authenticate_success($result['account'],null,true,false,true); $new_channel = false; diff --git a/view/tpl/email_validation.tpl b/view/tpl/email_validation.tpl new file mode 100644 index 000000000..f049a040f --- /dev/null +++ b/view/tpl/email_validation.tpl @@ -0,0 +1,16 @@ +

{{$title}}

+ +

{{$desc}}

+ +
+{{include file="field_input.tpl" field=$token}} + +
+ {{$resend}} +
+
+ +
+
+
+