qa-page-confirm.php 4.9 KB
Newer Older
Gideon Greenspan committed
1 2 3 4 5 6 7
<?php

/*
	Question2Answer (c) Gideon Greenspan

	http://www.question2answer.org/

Scott Vivian committed
8

Gideon Greenspan committed
9 10 11 12 13 14 15 16 17
	File: qa-include/qa-page-confirm.php
	Version: See define()s at top of qa-include/qa-base.php
	Description: Controller for email confirmation page (can also request a new code)


	This program is free software; you can redistribute it and/or
	modify it under the terms of the GNU General Public License
	as published by the Free Software Foundation; either version 2
	of the License, or (at your option) any later version.
Scott Vivian committed
18

Gideon Greenspan committed
19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	More about this license: http://www.question2answer.org/license.php
*/

	if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
		header('Location: ../');
		exit;
	}


//	Check we're not using single-sign on integration, that we're not already confirmed, and that we're not blocked
Scott Vivian committed
34

Gideon Greenspan committed
35 36 37 38 39 40 41 42 43 44 45
	if (QA_FINAL_EXTERNAL_USERS)
		qa_fatal_error('User login is handled by external code');


//	Check if we've been asked to send a new link or have a successful email confirmation

	$incode=trim(qa_get('c')); // trim to prevent passing in blank values to match uninitiated DB rows
	$inhandle=qa_get('u');
	$loginuserid=qa_get_logged_in_userid();
	$useremailed=false;
	$userconfirmed=false;
Scott Vivian committed
46

Gideon Greenspan committed
47 48
	if (isset($loginuserid) && qa_clicked('dosendconfirm')) { // button clicked to send a link
		require_once QA_INCLUDE_DIR.'qa-app-users-edit.php';
Scott Vivian committed
49

Gideon Greenspan committed
50 51
		if (!qa_check_form_security_code('confirm', qa_post_text('code')))
			$pageerror=qa_lang_html('misc/form_security_again');
Scott Vivian committed
52

Gideon Greenspan committed
53 54 55 56
		else {
			qa_send_new_confirm($loginuserid);
			$useremailed=true;
		}
Scott Vivian committed
57

Gideon Greenspan committed
58 59 60
	} elseif (strlen($incode)) { // non-empty code detected from the URL
		require_once QA_INCLUDE_DIR.'qa-db-selects.php';
		require_once QA_INCLUDE_DIR.'qa-app-users-edit.php';
Scott Vivian committed
61

Gideon Greenspan committed
62 63
		if (!empty($inhandle)) { // match based on code and handle provided on URL
			$userinfo=qa_db_select_with_pending(qa_db_user_account_selectspec($inhandle, false));
Scott Vivian committed
64

Gideon Greenspan committed
65 66 67 68 69
			if (strtolower(trim(@$userinfo['emailcode']))==strtolower($incode)) {
				qa_complete_confirm($userinfo['userid'], $userinfo['email'], $userinfo['handle']);
				$userconfirmed=true;
			}
		}
Scott Vivian committed
70

Gideon Greenspan committed
71 72 73
		if ((!$userconfirmed) && isset($loginuserid)) { // as a backup, also match code on URL against logged in user
			$userinfo=qa_db_select_with_pending(qa_db_user_account_selectspec($loginuserid, true));
			$flags=$userinfo['flags'];
Scott Vivian committed
74

Gideon Greenspan committed
75 76
			if ( ($flags & QA_USER_FLAGS_EMAIL_CONFIRMED) && !($flags & QA_USER_FLAGS_MUST_CONFIRM) )
				$userconfirmed=true; // if they confirmed before, just show message as if it happened now
Scott Vivian committed
77

Gideon Greenspan committed
78 79 80 81 82 83 84 85 86
			elseif (strtolower(trim($userinfo['emailcode']))==strtolower($incode)) {
				qa_complete_confirm($userinfo['userid'], $userinfo['email'], $userinfo['handle']);
				$userconfirmed=true;
			}
		}
	}


//	Prepare content for theme
Scott Vivian committed
87

Gideon Greenspan committed
88
	$qa_content=qa_content_prepare();
Scott Vivian committed
89

Gideon Greenspan committed
90
	$qa_content['title']=qa_lang_html('users/confirm_title');
Gideon Greenspan committed
91
	$qa_content['error']=@$pageerror;
Gideon Greenspan committed
92 93 94

	if ($useremailed)
		$qa_content['error']=qa_lang_html('users/confirm_emailed'); // not an error, but display it prominently anyway
Scott Vivian committed
95

Gideon Greenspan committed
96 97
	elseif ($userconfirmed) {
		$qa_content['error']=qa_lang_html('users/confirm_complete');
Scott Vivian committed
98

Gideon Greenspan committed
99 100 101
		if (!isset($loginuserid))
			$qa_content['suggest_next']=strtr(
				qa_lang_html('users/log_in_to_access'),
Scott Vivian committed
102

Gideon Greenspan committed
103
				array(
Gideon Greenspan committed
104 105
					'^1' => '<a href="'.qa_path_html('login', array('e' => $inhandle)).'">',
					'^2' => '</a>',
Gideon Greenspan committed
106 107 108 109
				)
			);

	} elseif (isset($loginuserid)) { // if logged in, allow sending a fresh link
Gideon Greenspan committed
110
		require_once QA_INCLUDE_DIR.'qa-util-string.php';
Scott Vivian committed
111

Gideon Greenspan committed
112 113
		if (strlen($incode))
			$qa_content['error']=qa_lang_html('users/confirm_wrong_resend');
Scott Vivian committed
114

Gideon Greenspan committed
115
		$email=qa_get_logged_in_email();
Scott Vivian committed
116

Gideon Greenspan committed
117
		$qa_content['form']=array(
Gideon Greenspan committed
118
			'tags' => 'method="post" action="'.qa_path_html('confirm').'"',
Scott Vivian committed
119

Gideon Greenspan committed
120
			'style' => 'tall',
Scott Vivian committed
121

Gideon Greenspan committed
122 123 124
			'fields' => array(
				'email' => array(
					'label' => qa_lang_html('users/email_label'),
Gideon Greenspan committed
125
					'value' => qa_html($email).strtr(qa_lang_html('users/change_email_link'), array(
Gideon Greenspan committed
126 127
						'^1' => '<a href="'.qa_path_html('account').'">',
						'^2' => '</a>',
Gideon Greenspan committed
128 129 130 131
					)),
					'type' => 'static',
				),
			),
Scott Vivian committed
132

Gideon Greenspan committed
133 134
			'buttons' => array(
				'send' => array(
Gideon Greenspan committed
135
					'tags' => 'name="dosendconfirm"',
Gideon Greenspan committed
136 137 138
					'label' => qa_lang_html('users/send_confirm_button'),
				),
			),
Gideon Greenspan committed
139 140 141 142

			'hidden' => array(
				'code' => qa_get_form_security_code('confirm'),
			),
Gideon Greenspan committed
143
		);
Scott Vivian committed
144

Gideon Greenspan committed
145 146 147 148
		if (!qa_email_validate($email)) {
			$qa_content['error']=qa_lang_html('users/email_invalid');
			unset($qa_content['form']['buttons']['send']);
		}
Gideon Greenspan committed
149 150 151 152

	} else
		$qa_content['error']=qa_insert_login_links(qa_lang_html('users/confirm_wrong_log_in'), 'confirm');

Scott Vivian committed
153

Gideon Greenspan committed
154 155 156 157 158 159
	return $qa_content;


/*
	Omit PHP closing tag to help avoid accidental output
*/