Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
Q
question2answer
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
outils
question2answer
Commits
e449b233
Commit
e449b233
authored
Jul 15, 2016
by
Scott
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Coding style (user pages)
parent
b0af268c
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
168 additions
and
185 deletions
+168
-185
account.php
qa-include/pages/account.php
+0
-0
confirm.php
qa-include/pages/confirm.php
+84
-90
login.php
qa-include/pages/login.php
+0
-0
logout.php
qa-include/pages/logout.php
+9
-15
register.php
qa-include/pages/register.php
+0
-0
reset.php
qa-include/pages/reset.php
+75
-80
No files found.
qa-include/pages/account.php
View file @
e449b233
This diff is collapsed.
Click to expand it.
qa-include/pages/confirm.php
View file @
e449b233
...
...
@@ -20,136 +20,131 @@
More about this license: http://www.question2answer.org/license.php
*/
if
(
!
defined
(
'QA_VERSION'
))
{
// don't allow this page to be requested directly from browser
header
(
'Location: ../'
);
exit
;
}
if
(
!
defined
(
'QA_VERSION'
))
{
// don't allow this page to be requested directly from browser
header
(
'Location: ../'
);
exit
;
}
// Check we're not using single-sign on integration, that we're not already confirmed, and that we're not blocked
if
(
QA_FINAL_EXTERNAL_USERS
)
qa_fatal_error
(
'User login is handled by external code'
);
if
(
QA_FINAL_EXTERNAL_USERS
)
qa_fatal_error
(
'User login is handled by external code'
);
// Check if we've been asked to send a new link or have a successful email confirmation
$incode
=
trim
(
qa_get
(
'c'
));
// trim to prevent passing in blank values to match uninitiated DB rows
$inhandle
=
qa_get
(
'u'
);
$loginuserid
=
qa_get_logged_in_userid
();
$useremailed
=
false
;
$userconfirmed
=
false
;
$incode
=
trim
(
qa_get
(
'c'
));
// trim to prevent passing in blank values to match uninitiated DB rows
$inhandle
=
qa_get
(
'u'
);
$loginuserid
=
qa_get_logged_in_userid
();
$useremailed
=
false
;
$userconfirmed
=
false
;
if
(
isset
(
$loginuserid
)
&&
qa_clicked
(
'dosendconfirm'
))
{
// button clicked to send a link
require_once
QA_INCLUDE_DIR
.
'app/users-edit.php'
;
if
(
isset
(
$loginuserid
)
&&
qa_clicked
(
'dosendconfirm'
))
{
// button clicked to send a link
require_once
QA_INCLUDE_DIR
.
'app/users-edit.php'
;
if
(
!
qa_check_form_security_code
(
'confirm'
,
qa_post_text
(
'code'
)))
$pageerror
=
qa_lang_html
(
'misc/form_security_again'
);
if
(
!
qa_check_form_security_code
(
'confirm'
,
qa_post_text
(
'code'
)))
$pageerror
=
qa_lang_html
(
'misc/form_security_again'
);
else
{
qa_send_new_confirm
(
$loginuserid
);
$useremailed
=
true
;
}
else
{
qa_send_new_confirm
(
$loginuserid
);
$useremailed
=
true
;
}
}
elseif
(
strlen
(
$incode
))
{
// non-empty code detected from the URL
require_once
QA_INCLUDE_DIR
.
'db/selects.php'
;
require_once
QA_INCLUDE_DIR
.
'app/users-edit.php'
;
}
elseif
(
strlen
(
$incode
))
{
// non-empty code detected from the URL
require_once
QA_INCLUDE_DIR
.
'db/selects.php'
;
require_once
QA_INCLUDE_DIR
.
'app/users-edit.php'
;
if
(
!
empty
(
$inhandle
))
{
// match based on code and handle provided on URL
$userinfo
=
qa_db_select_with_pending
(
qa_db_user_account_selectspec
(
$inhandle
,
false
));
if
(
!
empty
(
$inhandle
))
{
// match based on code and handle provided on URL
$userinfo
=
qa_db_select_with_pending
(
qa_db_user_account_selectspec
(
$inhandle
,
false
));
if
(
strtolower
(
trim
(
@
$userinfo
[
'emailcode'
]))
==
strtolower
(
$incode
))
{
qa_complete_confirm
(
$userinfo
[
'userid'
],
$userinfo
[
'email'
],
$userinfo
[
'handle'
]);
$userconfirmed
=
true
;
}
if
(
strtolower
(
trim
(
@
$userinfo
[
'emailcode'
]))
==
strtolower
(
$incode
))
{
qa_complete_confirm
(
$userinfo
[
'userid'
],
$userinfo
[
'email'
],
$userinfo
[
'handle'
]);
$userconfirmed
=
true
;
}
}
if
((
!
$userconfirmed
)
&&
isset
(
$loginuserid
))
{
// as a backup, also match code on URL against logged in user
$userinfo
=
qa_db_select_with_pending
(
qa_db_user_account_selectspec
(
$loginuserid
,
true
));
$flags
=
$userinfo
[
'flags'
];
if
((
!
$userconfirmed
)
&&
isset
(
$loginuserid
))
{
// as a backup, also match code on URL against logged in user
$userinfo
=
qa_db_select_with_pending
(
qa_db_user_account_selectspec
(
$loginuserid
,
true
));
$flags
=
$userinfo
[
'flags'
];
if
(
(
$flags
&
QA_USER_FLAGS_EMAIL_CONFIRMED
)
&&
!
(
$flags
&
QA_USER_FLAGS_MUST_CONFIRM
)
)
$userconfirmed
=
true
;
// if they confirmed before, just show message as if it happened now
if
((
$flags
&
QA_USER_FLAGS_EMAIL_CONFIRMED
)
&&
!
(
$flags
&
QA_USER_FLAGS_MUST_CONFIRM
)
)
$userconfirmed
=
true
;
// if they confirmed before, just show message as if it happened now
elseif
(
strtolower
(
trim
(
$userinfo
[
'emailcode'
]))
==
strtolower
(
$incode
))
{
qa_complete_confirm
(
$userinfo
[
'userid'
],
$userinfo
[
'email'
],
$userinfo
[
'handle'
]);
$userconfirmed
=
true
;
}
elseif
(
strtolower
(
trim
(
$userinfo
[
'emailcode'
]))
==
strtolower
(
$incode
))
{
qa_complete_confirm
(
$userinfo
[
'userid'
],
$userinfo
[
'email'
],
$userinfo
[
'handle'
]);
$userconfirmed
=
true
;
}
}
}
// Prepare content for theme
$qa_content
=
qa_content_prepare
();
$qa_content
=
qa_content_prepare
();
$qa_content
[
'title'
]
=
qa_lang_html
(
'users/confirm_title'
);
$qa_content
[
'error'
]
=
@
$pageerror
;
$qa_content
[
'title'
]
=
qa_lang_html
(
'users/confirm_title'
);
$qa_content
[
'error'
]
=
@
$pageerror
;
if
(
$useremailed
)
$qa_content
[
'error'
]
=
qa_lang_html
(
'users/confirm_emailed'
);
// not an error, but display it prominently anyway
if
(
$useremailed
)
{
$qa_content
[
'error'
]
=
qa_lang_html
(
'users/confirm_emailed'
);
// not an error, but display it prominently anyway
elseif
(
$userconfirmed
)
{
$qa_content
[
'error'
]
=
qa_lang_html
(
'users/confirm_complete'
);
}
elseif
(
$userconfirmed
)
{
$qa_content
[
'error'
]
=
qa_lang_html
(
'users/confirm_complete'
);
if
(
!
isset
(
$loginuserid
))
$qa_content
[
'suggest_next'
]
=
strtr
(
qa_lang_html
(
'users/log_in_to_access'
),
array
(
'^1'
=>
'<a href="'
.
qa_path_html
(
'login'
,
array
(
'e'
=>
$inhandle
))
.
'"
>'
,
'^2'
=>
'</a>'
,
)
);
if
(
!
isset
(
$loginuserid
))
{
$qa_content
[
'suggest_next'
]
=
strtr
(
qa_lang_html
(
'users/log_in_to_access'
),
array
(
'^1'
=>
'<a href="'
.
qa_path_html
(
'login'
,
array
(
'e'
=>
$inhandle
))
.
'">'
,
'^2'
=>
'</a
>'
,
)
);
}
}
elseif
(
isset
(
$loginuserid
))
{
// if logged in, allow sending a fresh link
require_once
QA_INCLUDE_DIR
.
'util/string.php'
;
}
elseif
(
isset
(
$loginuserid
))
{
// if logged in, allow sending a fresh link
require_once
QA_INCLUDE_DIR
.
'util/string.php'
;
if
(
strlen
(
$incode
))
$qa_content
[
'error'
]
=
qa_lang_html
(
'users/confirm_wrong_resend'
);
if
(
strlen
(
$incode
))
$qa_content
[
'error'
]
=
qa_lang_html
(
'users/confirm_wrong_resend'
);
$email
=
qa_get_logged_in_email
();
$email
=
qa_get_logged_in_email
();
$qa_content
[
'form'
]
=
array
(
'tags'
=>
'method="post" action="'
.
qa_path_html
(
'confirm'
)
.
'"'
,
$qa_content
[
'form'
]
=
array
(
'tags'
=>
'method="post" action="'
.
qa_path_html
(
'confirm'
)
.
'"'
,
'style'
=>
'tall'
,
'style'
=>
'tall'
,
'fields'
=>
array
(
'email'
=>
array
(
'label'
=>
qa_lang_html
(
'users/email_label'
),
'value'
=>
qa_html
(
$email
)
.
strtr
(
qa_lang_html
(
'users/change_email_link'
),
array
(
'^1'
=>
'<a href="'
.
qa_path_html
(
'account'
)
.
'">'
,
'fields'
=>
array
(
'email'
=>
array
(
'label'
=>
qa_lang_html
(
'users/email_label'
),
'value'
=>
qa_html
(
$email
)
.
strtr
(
qa_lang_html
(
'users/change_email_link'
),
array
(
'^1'
=>
'<a href="'
.
qa_path_html
(
'account'
)
.
'">'
,
'^2'
=>
'</a>'
,
)),
'type'
=>
'static'
,
),
'type'
=>
'static'
,
),
),
'buttons'
=>
array
(
'send'
=>
array
(
'tags'
=>
'name="dosendconfirm"'
,
'label'
=>
qa_lang_html
(
'users/send_confirm_button'
),
),
'buttons'
=>
array
(
'send'
=>
array
(
'tags'
=>
'name="dosendconfirm"'
,
'label'
=>
qa_lang_html
(
'users/send_confirm_button'
),
),
),
'hidden'
=>
array
(
'code'
=>
qa_get_form_security_code
(
'confirm'
),
),
);
if
(
!
qa_email_validate
(
$email
))
{
$qa_content
[
'error'
]
=
qa_lang_html
(
'users/email_invalid'
);
unset
(
$qa_content
[
'form'
][
'buttons'
][
'send'
]);
}
}
else
$qa_content
[
'error'
]
=
qa_insert_login_links
(
qa_lang_html
(
'users/confirm_wrong_log_in'
),
'confirm'
);
'hidden'
=>
array
(
'code'
=>
qa_get_form_security_code
(
'confirm'
),
),
);
if
(
!
qa_email_validate
(
$email
))
{
$qa_content
[
'error'
]
=
qa_lang_html
(
'users/email_invalid'
);
unset
(
$qa_content
[
'form'
][
'buttons'
][
'send'
]);
}
return
$qa_content
;
}
else
$qa_content
[
'error'
]
=
qa_insert_login_links
(
qa_lang_html
(
'users/confirm_wrong_log_in'
),
'confirm'
);
/*
Omit PHP closing tag to help avoid accidental output
*/
\ No newline at end of file
return
$qa_content
;
qa-include/pages/login.php
View file @
e449b233
This diff is collapsed.
Click to expand it.
qa-include/pages/logout.php
View file @
e449b233
...
...
@@ -20,21 +20,16 @@
More about this license: http://www.question2answer.org/license.php
*/
if
(
!
defined
(
'QA_VERSION'
))
{
// don't allow this page to be requested directly from browser
header
(
'Location: ../'
);
exit
;
}
if
(
!
defined
(
'QA_VERSION'
))
{
// don't allow this page to be requested directly from browser
header
(
'Location: ../'
);
exit
;
}
if
(
QA_FINAL_EXTERNAL_USERS
)
qa_fatal_error
(
'User logout is handled by external code'
);
if
(
QA_FINAL_EXTERNAL_USERS
)
qa_fatal_error
(
'User logout is handled by external code'
);
if
(
qa_is_logged_in
())
qa_set_logged_in_user
(
null
);
if
(
qa_is_logged_in
())
qa_set_logged_in_user
(
null
);
qa_redirect
(
''
);
// back to home page
/*
Omit PHP closing tag to help avoid accidental output
*/
\ No newline at end of file
qa_redirect
(
''
);
// back to home page
qa-include/pages/register.php
View file @
e449b233
This diff is collapsed.
Click to expand it.
qa-include/pages/reset.php
View file @
e449b233
...
...
@@ -20,120 +20,116 @@
More about this license: http://www.question2answer.org/license.php
*/
if
(
!
defined
(
'QA_VERSION'
))
{
// don't allow this page to be requested directly from browser
header
(
'Location: ../'
);
exit
;
}
if
(
!
defined
(
'QA_VERSION'
))
{
// don't allow this page to be requested directly from browser
header
(
'Location: ../'
);
exit
;
}
// Check we're not using single-sign on integration and that we're not logged in
if
(
QA_FINAL_EXTERNAL_USERS
)
qa_fatal_error
(
'User login is handled by external code'
);
if
(
QA_FINAL_EXTERNAL_USERS
)
qa_fatal_error
(
'User login is handled by external code'
);
if
(
qa_is_logged_in
())
qa_redirect
(
''
);
if
(
qa_is_logged_in
())
qa_redirect
(
''
);
// Process incoming form
if
(
qa_clicked
(
'doreset'
))
{
require_once
QA_INCLUDE_DIR
.
'app/users-edit.php'
;
require_once
QA_INCLUDE_DIR
.
'db/users.php'
;
$inemailhandle
=
qa_post_text
(
'emailhandle'
);
$incode
=
trim
(
qa_post_text
(
'code'
));
// trim to prevent passing in blank values to match uninitiated DB rows
if
(
qa_clicked
(
'doreset'
))
{
require_once
QA_INCLUDE_DIR
.
'app/users-edit.php'
;
require_once
QA_INCLUDE_DIR
.
'db/users.php'
;
$errors
=
array
();
$inemailhandle
=
qa_post_text
(
'emailhandle'
);
$incode
=
trim
(
qa_post_text
(
'code'
));
// trim to prevent passing in blank values to match uninitiated DB rows
if
(
!
qa_check_form_security_code
(
'reset'
,
qa_post_text
(
'formcode'
)))
$errors
[
'page'
]
=
qa_lang_html
(
'misc/form_security_again'
);
$errors
=
array
();
else
{
if
(
qa_opt
(
'allow_login_email_only'
)
||
(
strpos
(
$inemailhandle
,
'@'
)
!==
false
))
// handles can't contain @ symbols
$matchusers
=
qa_db_user_find_by_email
(
$inemailhandle
);
else
$matchusers
=
qa_db_user_find_by_handle
(
$inemailhandle
);
if
(
!
qa_check_form_security_code
(
'reset'
,
qa_post_text
(
'formcode'
)))
$errors
[
'page'
]
=
qa_lang_html
(
'misc/form_security_again'
);
if
(
count
(
$matchusers
)
==
1
)
{
// if match more than one (should be impossible), consider it a non-match
require_once
QA_INCLUDE_DIR
.
'db/selects.php'
;
else
{
if
(
qa_opt
(
'allow_login_email_only'
)
||
(
strpos
(
$inemailhandle
,
'@'
)
!==
false
))
// handles can't contain @ symbols
$matchusers
=
qa_db_user_find_by_email
(
$inemailhandle
);
else
$matchusers
=
qa_db_user_find_by_handle
(
$inemailhandle
);
$inuserid
=
$matchusers
[
0
];
$userinfo
=
qa_db_select_with_pending
(
qa_db_user_account_selectspec
(
$inuserid
,
true
))
;
if
(
count
(
$matchusers
)
==
1
)
{
// if match more than one (should be impossible), consider it a non-match
require_once
QA_INCLUDE_DIR
.
'db/selects.php'
;
// strlen() check is vital otherwise we can reset code for most users by entering the empty string
if
(
strlen
(
$incode
)
&&
(
strtolower
(
trim
(
$userinfo
[
'emailcode'
]))
==
strtolower
(
$incode
)))
{
qa_complete_reset_user
(
$inuserid
);
qa_redirect
(
'login'
,
array
(
'e'
=>
$inemailhandle
,
'ps'
=>
'1'
));
// redirect to login page
$inuserid
=
$matchusers
[
0
];
$userinfo
=
qa_db_select_with_pending
(
qa_db_user_account_selectspec
(
$inuserid
,
true
));
}
else
$errors
[
'code'
]
=
qa_lang
(
'users/reset_code_wrong'
);
// strlen() check is vital otherwise we can reset code for most users by entering the empty string
if
(
strlen
(
$incode
)
&&
strtolower
(
trim
(
$userinfo
[
'emailcode'
]))
==
strtolower
(
$incode
))
{
qa_complete_reset_user
(
$inuserid
);
qa_redirect
(
'login'
,
array
(
'e'
=>
$inemailhandle
,
'ps'
=>
'1'
));
// redirect to login page
}
else
{
$errors
[
'code'
]
=
qa_lang
(
'users/reset_code_wrong'
);
}
}
else
$errors
[
'emailhandle'
]
=
qa_lang
(
'users/user_not_found'
);
}
else
{
$errors
[
'emailhandle'
]
=
qa_lang
(
'users/user_not_found'
);
}
}
else
{
$inemailhandle
=
qa_get
(
'e'
);
$incode
=
qa_get
(
'c'
);
}
}
else
{
$inemailhandle
=
qa_get
(
'e'
);
$incode
=
qa_get
(
'c'
);
}
// Prepare content for theme
$qa_content
=
qa_content_prepare
();
// Prepare content for theme
$qa_content
[
'title'
]
=
qa_lang_html
(
'users/reset_title'
);
$qa_content
[
'error'
]
=@
$errors
[
'page'
];
$qa_content
=
qa_content_prepare
();
if
(
empty
(
$inemailhandle
)
||
isset
(
$errors
[
'emailhandle'
]))
$forgotpath
=
qa_path
(
'forgot'
);
else
$forgotpath
=
qa_path
(
'forgot'
,
array
(
'e'
=>
$inemailhandle
));
$qa_content
[
'title'
]
=
qa_lang_html
(
'users/reset_title'
);
$qa_content
[
'error'
]
=
@
$errors
[
'page'
];
$qa_content
[
'form'
]
=
array
(
'tags'
=>
'method="post" action="'
.
qa_self_html
()
.
'"'
,
if
(
empty
(
$inemailhandle
)
||
isset
(
$errors
[
'emailhandle'
]))
$forgotpath
=
qa_path
(
'forgot'
);
else
$forgotpath
=
qa_path
(
'forgot'
,
array
(
'e'
=>
$inemailhandle
));
'style'
=>
'tall'
,
$qa_content
[
'form'
]
=
array
(
'tags'
=>
'method="post" action="'
.
qa_self_html
()
.
'"'
,
'ok'
=>
empty
(
$incode
)
?
qa_lang_html
(
'users/reset_code_emailed'
)
:
null
,
'style'
=>
'tall'
,
'fields'
=>
array
(
'email_handle'
=>
array
(
'label'
=>
qa_opt
(
'allow_login_email_only'
)
?
qa_lang_html
(
'users/email_label'
)
:
qa_lang_html
(
'users/email_handle_label'
),
'tags'
=>
'name="emailhandle" id="emailhandle"'
,
'value'
=>
qa_html
(
@
$inemailhandle
),
'error'
=>
qa_html
(
@
$errors
[
'emailhandle'
]),
),
'ok'
=>
empty
(
$incode
)
?
qa_lang_html
(
'users/reset_code_emailed'
)
:
null
,
'code'
=>
array
(
'label'
=>
qa_lang_html
(
'users/reset_code_label'
),
'tags'
=>
'name="code" id="code"'
,
'value'
=>
qa_html
(
@
$incode
),
'error'
=>
qa_html
(
@
$errors
[
'code'
]),
'note'
=>
qa_lang_html
(
'users/reset_code_emailed'
)
.
' - '
.
'<a href="'
.
qa_html
(
$forgotpath
)
.
'">'
.
qa_lang_html
(
'users/reset_code_another'
)
.
'</a>'
,
),
'fields'
=>
array
(
'email_handle'
=>
array
(
'label'
=>
qa_opt
(
'allow_login_email_only'
)
?
qa_lang_html
(
'users/email_label'
)
:
qa_lang_html
(
'users/email_handle_label'
),
'tags'
=>
'name="emailhandle" id="emailhandle"'
,
'value'
=>
qa_html
(
@
$inemailhandle
),
'error'
=>
qa_html
(
@
$errors
[
'emailhandle'
]),
),
'buttons'
=>
array
(
'reset'
=>
array
(
'label'
=>
qa_lang_html
(
'users/send_password_button'
),
),
'code'
=>
array
(
'label'
=>
qa_lang_html
(
'users/reset_code_label'
),
'tags'
=>
'name="code" id="code"'
,
'value'
=>
qa_html
(
@
$incode
),
'error'
=>
qa_html
(
@
$errors
[
'code'
]),
'note'
=>
qa_lang_html
(
'users/reset_code_emailed'
)
.
' - '
.
'<a href="'
.
qa_html
(
$forgotpath
)
.
'">'
.
qa_lang_html
(
'users/reset_code_another'
)
.
'</a>'
,
),
),
'hidden
'
=>
array
(
'doreset'
=>
'1'
,
'
formcode'
=>
qa_get_form_security_code
(
'reset
'
),
'buttons
'
=>
array
(
'reset'
=>
array
(
'
label'
=>
qa_lang_html
(
'users/send_password_button
'
),
),
);
$qa_content
[
'focusid'
]
=
(
isset
(
$errors
[
'emailhandle'
])
||
!
strlen
(
@
$inemailhandle
))
?
'emailhandle'
:
'code'
;
),
'hidden'
=>
array
(
'doreset'
=>
'1'
,
'formcode'
=>
qa_get_form_security_code
(
'reset'
),
),
);
return
$qa_content
;
$qa_content
[
'focusid'
]
=
(
isset
(
$errors
[
'emailhandle'
])
||
!
strlen
(
@
$inemailhandle
))
?
'emailhandle'
:
'code'
;
/*
Omit PHP closing tag to help avoid accidental output
*/
\ No newline at end of file
return
$qa_content
;
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment