Skip to content

Q
question2answer
Commit e449b233 by Scott
Options

Coding style (user pages)

parent b0af268c
Showing with 168 additions and 185 deletions
qa-include/pages/confirm.php
...@@ -20,136 +20,131 @@ ...@@ -20,136 +20,131 @@
More about this license: http://www.question2answer.org/license.php More about this license: http://www.question2answer.org/license.php
*/ */
if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
header('Location: ../'); header('Location: ../');
exit; exit;
} }
// Check we're not using single-sign on integration, that we're not already confirmed, and that we're not blocked // Check we're not using single-sign on integration, that we're not already confirmed, and that we're not blocked
if (QA_FINAL_EXTERNAL_USERS) if (QA_FINAL_EXTERNAL_USERS)
qa_fatal_error('User login is handled by external code'); qa_fatal_error('User login is handled by external code');
// Check if we've been asked to send a new link or have a successful email confirmation // Check if we've been asked to send a new link or have a successful email confirmation
$incode=trim(qa_get('c')); // trim to prevent passing in blank values to match uninitiated DB rows $incode = trim(qa_get('c')); // trim to prevent passing in blank values to match uninitiated DB rows
$inhandle=qa_get('u'); $inhandle = qa_get('u');
$loginuserid=qa_get_logged_in_userid(); $loginuserid = qa_get_logged_in_userid();
$useremailed=false; $useremailed = false;
$userconfirmed=false; $userconfirmed = false;
if (isset($loginuserid) && qa_clicked('dosendconfirm')) { // button clicked to send a link if (isset($loginuserid) && qa_clicked('dosendconfirm')) { // button clicked to send a link
require_once QA_INCLUDE_DIR.'app/users-edit.php'; require_once QA_INCLUDE_DIR . 'app/users-edit.php';
if (!qa_check_form_security_code('confirm', qa_post_text('code'))) if (!qa_check_form_security_code('confirm', qa_post_text('code')))
$pageerror=qa_lang_html('misc/form_security_again'); $pageerror = qa_lang_html('misc/form_security_again');
else { else {
qa_send_new_confirm($loginuserid); qa_send_new_confirm($loginuserid);
$useremailed=true; $useremailed = true;
} }
} elseif (strlen($incode)) { // non-empty code detected from the URL } elseif (strlen($incode)) { // non-empty code detected from the URL
require_once QA_INCLUDE_DIR.'db/selects.php'; require_once QA_INCLUDE_DIR . 'db/selects.php';
require_once QA_INCLUDE_DIR.'app/users-edit.php'; require_once QA_INCLUDE_DIR . 'app/users-edit.php';
if (!empty($inhandle)) { // match based on code and handle provided on URL if (!empty($inhandle)) { // match based on code and handle provided on URL
$userinfo=qa_db_select_with_pending(qa_db_user_account_selectspec($inhandle, false)); $userinfo = qa_db_select_with_pending(qa_db_user_account_selectspec($inhandle, false));
if (strtolower(trim(@$userinfo['emailcode']))==strtolower($incode)) { if (strtolower(trim(@$userinfo['emailcode'])) == strtolower($incode)) {
qa_complete_confirm($userinfo['userid'], $userinfo['email'], $userinfo['handle']); qa_complete_confirm($userinfo['userid'], $userinfo['email'], $userinfo['handle']);
$userconfirmed=true; $userconfirmed = true;
}
} }
}
if ((!$userconfirmed) && isset($loginuserid)) { // as a backup, also match code on URL against logged in user if ((!$userconfirmed) && isset($loginuserid)) { // as a backup, also match code on URL against logged in user
$userinfo=qa_db_select_with_pending(qa_db_user_account_selectspec($loginuserid, true)); $userinfo = qa_db_select_with_pending(qa_db_user_account_selectspec($loginuserid, true));
$flags=$userinfo['flags']; $flags = $userinfo['flags'];
if ( ($flags & QA_USER_FLAGS_EMAIL_CONFIRMED) && !($flags & QA_USER_FLAGS_MUST_CONFIRM) ) if (($flags & QA_USER_FLAGS_EMAIL_CONFIRMED) && !($flags & QA_USER_FLAGS_MUST_CONFIRM))
$userconfirmed=true; // if they confirmed before, just show message as if it happened now $userconfirmed = true; // if they confirmed before, just show message as if it happened now
elseif (strtolower(trim($userinfo['emailcode']))==strtolower($incode)) { elseif (strtolower(trim($userinfo['emailcode'])) == strtolower($incode)) {
qa_complete_confirm($userinfo['userid'], $userinfo['email'], $userinfo['handle']); qa_complete_confirm($userinfo['userid'], $userinfo['email'], $userinfo['handle']);
$userconfirmed=true; $userconfirmed = true;
}
} }
} }
}
// Prepare content for theme // Prepare content for theme
$qa_content=qa_content_prepare(); $qa_content = qa_content_prepare();
$qa_content['title']=qa_lang_html('users/confirm_title'); $qa_content['title'] = qa_lang_html('users/confirm_title');
$qa_content['error']=@$pageerror; $qa_content['error'] = @$pageerror;
if ($useremailed) if ($useremailed) {
$qa_content['error']=qa_lang_html('users/confirm_emailed'); // not an error, but display it prominently anyway $qa_content['error'] = qa_lang_html('users/confirm_emailed'); // not an error, but display it prominently anyway
elseif ($userconfirmed) { } elseif ($userconfirmed) {
$qa_content['error']=qa_lang_html('users/confirm_complete'); $qa_content['error'] = qa_lang_html('users/confirm_complete');
if (!isset($loginuserid)) if (!isset($loginuserid)) {
$qa_content['suggest_next']=strtr( $qa_content['suggest_next'] = strtr(
qa_lang_html('users/log_in_to_access'), qa_lang_html('users/log_in_to_access'),
array(
array( '^1' => '<a href="' . qa_path_html('login', array('e' => $inhandle)) . '">',
'^1' => '<a href="'.qa_path_html('login', array('e' => $inhandle)).'">', '^2' => '</a>',
'^2' => '</a>', )
) );
); }
} elseif (isset($loginuserid)) { // if logged in, allow sending a fresh link } elseif (isset($loginuserid)) { // if logged in, allow sending a fresh link
require_once QA_INCLUDE_DIR.'util/string.php'; require_once QA_INCLUDE_DIR . 'util/string.php';
if (strlen($incode)) if (strlen($incode))
$qa_content['error']=qa_lang_html('users/confirm_wrong_resend'); $qa_content['error'] = qa_lang_html('users/confirm_wrong_resend');
$email=qa_get_logged_in_email(); $email = qa_get_logged_in_email();
$qa_content['form']=array( $qa_content['form'] = array(
'tags' => 'method="post" action="'.qa_path_html('confirm').'"', 'tags' => 'method="post" action="' . qa_path_html('confirm') . '"',
'style' => 'tall', 'style' => 'tall',
'fields' => array( 'fields' => array(
'email' => array( 'email' => array(
'label' => qa_lang_html('users/email_label'), 'label' => qa_lang_html('users/email_label'),
'value' => qa_html($email).strtr(qa_lang_html('users/change_email_link'), array( 'value' => qa_html($email) . strtr(qa_lang_html('users/change_email_link'), array(
'^1' => '<a href="'.qa_path_html('account').'">', '^1' => '<a href="' . qa_path_html('account') . '">',
'^2' => '</a>', '^2' => '</a>',
)), )),
'type' => 'static', 'type' => 'static',
),
), ),
),
'buttons' => array( 'buttons' => array(
'send' => array( 'send' => array(
'tags' => 'name="dosendconfirm"', 'tags' => 'name="dosendconfirm"',
'label' => qa_lang_html('users/send_confirm_button'), 'label' => qa_lang_html('users/send_confirm_button'),
),
), ),
),
'hidden' => array( 'hidden' => array(
'code' => qa_get_form_security_code('confirm'), 'code' => qa_get_form_security_code('confirm'),
), ),
); );
if (!qa_email_validate($email)) {
$qa_content['error']=qa_lang_html('users/email_invalid');
unset($qa_content['form']['buttons']['send']);
}
} else
$qa_content['error']=qa_insert_login_links(qa_lang_html('users/confirm_wrong_log_in'), 'confirm');
if (!qa_email_validate($email)) {
$qa_content['error'] = qa_lang_html('users/email_invalid');
unset($qa_content['form']['buttons']['send']);
}
return $qa_content; } else
$qa_content['error'] = qa_insert_login_links(qa_lang_html('users/confirm_wrong_log_in'), 'confirm');
/* return $qa_content;
Omit PHP closing tag to help avoid accidental output
*/
\ No newline at end of file
qa-include/pages/logout.php
...@@ -20,21 +20,16 @@ ...@@ -20,21 +20,16 @@
More about this license: http://www.question2answer.org/license.php More about this license: http://www.question2answer.org/license.php
*/ */
if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
header('Location: ../'); header('Location: ../');
exit; exit;
} }
if (QA_FINAL_EXTERNAL_USERS) if (QA_FINAL_EXTERNAL_USERS)
qa_fatal_error('User logout is handled by external code'); qa_fatal_error('User logout is handled by external code');
if (qa_is_logged_in()) if (qa_is_logged_in())
qa_set_logged_in_user(null); qa_set_logged_in_user(null);
qa_redirect(''); // back to home page qa_redirect(''); // back to home page
/*
Omit PHP closing tag to help avoid accidental output
*/
\ No newline at end of file
qa-include/pages/reset.php
...@@ -20,120 +20,116 @@ ...@@ -20,120 +20,116 @@
More about this license: http://www.question2answer.org/license.php More about this license: http://www.question2answer.org/license.php
*/ */
if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser if (!defined('QA_VERSION')) { // don't allow this page to be requested directly from browser
header('Location: ../'); header('Location: ../');
exit; exit;
} }
// Check we're not using single-sign on integration and that we're not logged in // Check we're not using single-sign on integration and that we're not logged in
if (QA_FINAL_EXTERNAL_USERS) if (QA_FINAL_EXTERNAL_USERS)
qa_fatal_error('User login is handled by external code'); qa_fatal_error('User login is handled by external code');
if (qa_is_logged_in()) if (qa_is_logged_in())
qa_redirect(''); qa_redirect('');
// Process incoming form // Process incoming form
if (qa_clicked('doreset')) { if (qa_clicked('doreset')) {
require_once QA_INCLUDE_DIR.'app/users-edit.php'; require_once QA_INCLUDE_DIR . 'app/users-edit.php';
require_once QA_INCLUDE_DIR.'db/users.php'; require_once QA_INCLUDE_DIR . 'db/users.php';
$inemailhandle=qa_post_text('emailhandle');
$incode=trim(qa_post_text('code')); // trim to prevent passing in blank values to match uninitiated DB rows
$errors=array(); $inemailhandle = qa_post_text('emailhandle');
$incode = trim(qa_post_text('code')); // trim to prevent passing in blank values to match uninitiated DB rows
if (!qa_check_form_security_code('reset', qa_post_text('formcode'))) $errors = array();
$errors['page']=qa_lang_html('misc/form_security_again');
else { if (!qa_check_form_security_code('reset', qa_post_text('formcode')))
if (qa_opt('allow_login_email_only') || (strpos($inemailhandle, '@')!==false)) // handles can't contain @ symbols $errors['page'] = qa_lang_html('misc/form_security_again');
$matchusers=qa_db_user_find_by_email($inemailhandle);
else
$matchusers=qa_db_user_find_by_handle($inemailhandle);
if (count($matchusers)==1) { // if match more than one (should be impossible), consider it a non-match else {
require_once QA_INCLUDE_DIR.'db/selects.php'; if (qa_opt('allow_login_email_only') || (strpos($inemailhandle, '@') !== false)) // handles can't contain @ symbols
$matchusers = qa_db_user_find_by_email($inemailhandle);
else
$matchusers = qa_db_user_find_by_handle($inemailhandle);
$inuserid=$matchusers[0]; if (count($matchusers) == 1) { // if match more than one (should be impossible), consider it a non-match
$userinfo=qa_db_select_with_pending(qa_db_user_account_selectspec($inuserid, true)); require_once QA_INCLUDE_DIR . 'db/selects.php';
// strlen() check is vital otherwise we can reset code for most users by entering the empty string $inuserid = $matchusers[0];
if (strlen($incode) && (strtolower(trim($userinfo['emailcode'])) == strtolower($incode))) { $userinfo = qa_db_select_with_pending(qa_db_user_account_selectspec($inuserid, true));
qa_complete_reset_user($inuserid);
qa_redirect('login', array('e' => $inemailhandle, 'ps' => '1')); // redirect to login page
} else // strlen() check is vital otherwise we can reset code for most users by entering the empty string
$errors['code']=qa_lang('users/reset_code_wrong'); if (strlen($incode) && strtolower(trim($userinfo['emailcode'])) == strtolower($incode)) {
qa_complete_reset_user($inuserid);
qa_redirect('login', array('e' => $inemailhandle, 'ps' => '1')); // redirect to login page
} else {
$errors['code'] = qa_lang('users/reset_code_wrong');
}
} else } else {
$errors['emailhandle']=qa_lang('users/user_not_found'); $errors['emailhandle'] = qa_lang('users/user_not_found');
} }
} else {
$inemailhandle=qa_get('e');
$incode=qa_get('c');
} }
} else {
$inemailhandle = qa_get('e');
$incode = qa_get('c');
}
// Prepare content for theme
$qa_content=qa_content_prepare(); // Prepare content for theme
$qa_content['title']=qa_lang_html('users/reset_title'); $qa_content = qa_content_prepare();
$qa_content['error']=@$errors['page'];
if (empty($inemailhandle) || isset($errors['emailhandle'])) $qa_content['title'] = qa_lang_html('users/reset_title');
$forgotpath=qa_path('forgot'); $qa_content['error'] = @$errors['page'];
else
$forgotpath=qa_path('forgot', array('e' => $inemailhandle));
$qa_content['form']=array( if (empty($inemailhandle) || isset($errors['emailhandle']))
'tags' => 'method="post" action="'.qa_self_html().'"', $forgotpath = qa_path('forgot');
else
$forgotpath = qa_path('forgot', array('e' => $inemailhandle));
'style' => 'tall', $qa_content['form'] = array(
'tags' => 'method="post" action="' . qa_self_html() . '"',
'ok' => empty($incode) ? qa_lang_html('users/reset_code_emailed') : null, 'style' => 'tall',
'fields' => array( 'ok' => empty($incode) ? qa_lang_html('users/reset_code_emailed') : null,
'email_handle' => array(
'label' => qa_opt('allow_login_email_only') ? qa_lang_html('users/email_label') : qa_lang_html('users/email_handle_label'),
'tags' => 'name="emailhandle" id="emailhandle"',
'value' => qa_html(@$inemailhandle),
'error' => qa_html(@$errors['emailhandle']),
),
'code' => array( 'fields' => array(
'label' => qa_lang_html('users/reset_code_label'), 'email_handle' => array(
'tags' => 'name="code" id="code"', 'label' => qa_opt('allow_login_email_only') ? qa_lang_html('users/email_label') : qa_lang_html('users/email_handle_label'),
'value' => qa_html(@$incode), 'tags' => 'name="emailhandle" id="emailhandle"',
'error' => qa_html(@$errors['code']), 'value' => qa_html(@$inemailhandle),
'note' => qa_lang_html('users/reset_code_emailed').' - '. 'error' => qa_html(@$errors['emailhandle']),
'<a href="'.qa_html($forgotpath).'">'.qa_lang_html('users/reset_code_another').'</a>',
),
), ),
'buttons' => array( 'code' => array(
'reset' => array( 'label' => qa_lang_html('users/reset_code_label'),
'label' => qa_lang_html('users/send_password_button'), 'tags' => 'name="code" id="code"',
), 'value' => qa_html(@$incode),
'error' => qa_html(@$errors['code']),
'note' => qa_lang_html('users/reset_code_emailed') . ' - ' .
'<a href="' . qa_html($forgotpath) . '">' . qa_lang_html('users/reset_code_another') . '</a>',
), ),
),
'hidden' => array( 'buttons' => array(
'doreset' => '1', 'reset' => array(
'formcode' => qa_get_form_security_code('reset'), 'label' => qa_lang_html('users/send_password_button'),
), ),
); ),
$qa_content['focusid']=(isset($errors['emailhandle']) || !strlen(@$inemailhandle)) ? 'emailhandle' : 'code';
'hidden' => array(
'doreset' => '1',
'formcode' => qa_get_form_security_code('reset'),
),
);
return $qa_content; $qa_content['focusid'] = (isset($errors['emailhandle']) || !strlen(@$inemailhandle)) ? 'emailhandle' : 'code';
/* return $qa_content;
Omit PHP closing tag to help avoid accidental output
*/
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment