1 files changed, 44 insertions, 13 deletions

diff --git a/mod/uservalidationbyemail/start.php b/mod/uservalidationbyemail/start.php
index 79b8b7413..f44d2ab50 100644
--- a/mod/uservalidationbyemail/start.php
+++ b/mod/uservalidationbyemail/start.php
@@ -15,7 +15,7 @@ function uservalidationbyemail_init() {
 
 	// Register page handler to validate users
 	// This doesn't need to be an action because security is handled by the validation codes.
-	register_page_handler('uservalidationbyemail', 'uservalidationbyemail_page_handler');
+	elgg_register_page_handler('uservalidationbyemail', 'uservalidationbyemail_page_handler');
 
 	// mark users as unvalidated and disable when they register
 	elgg_register_plugin_hook_handler('register', 'user', 'uservalidationbyemail_disable_new_user');
@@ -39,7 +39,10 @@ function uservalidationbyemail_init() {
 	elgg_register_plugin_hook_handler('public_pages', 'walled_garden', 'uservalidationbyemail_public_pages');
 
 	// admin interface to manually validate users
-	elgg_add_admin_submenu_item('unvalidated', elgg_echo('uservalidationbyemail:admin:unvalidated'), 'users');
+	elgg_register_admin_menu_item('administer', 'unvalidated', 'users');
+
+	elgg_extend_view('css/admin', 'uservalidationbyemail/css');
+	elgg_extend_view('js/elgg', 'uservalidationbyemail/js');
 
 	$action_path = dirname(__FILE__) . '/actions';
 
@@ -59,13 +62,24 @@ function uservalidationbyemail_init() {
  * @return bool
  */
 function uservalidationbyemail_disable_new_user($hook, $type, $value, $params) {
-	$user = elgg_get_array_value('user', $params);
+	$user = elgg_extract('user', $params);
 
 	// no clue what's going on, so don't react.
 	if (!$user instanceof ElggUser) {
 		return;
 	}
 
+	// another plugin is requesting that registration be terminated
+	// no need for uservalidationbyemail
+	if (!$value) {
+		return $value;
+	}
+
+	// has the user already been validated?
+	if (elgg_get_user_validation_status($user->guid) == true) {
+		return $value;
+	}
+
 	// disable user to prevent showing up on the site
 	// set context so our canEdit() override works
 	elgg_push_context('uservalidationbyemail_new_user');
@@ -100,7 +114,7 @@ function uservalidationbyemail_disable_new_user($hook, $type, $value, $params) {
 function uservalidationbyemail_allow_new_user_can_edit($hook, $type, $value, $params) {
 	// $params['user'] is the user to check permissions for.
 	// we want the entity to check, which is a user.
-	$user = elgg_get_array_value('entity', $params);
+	$user = elgg_extract('entity', $params);
 
 	if (!($user instanceof ElggUser)) {
 		return;
@@ -122,8 +136,11 @@ function uservalidationbyemail_allow_new_user_can_edit($hook, $type, $value, $pa
  */
 function uservalidationbyemail_check_auth_attempt($credentials) {
 
+	if (!isset($credentials['username'])) {
+		return;
+	}
+
 	$username = $credentials['username'];
-	$password = $credentials['password'];
 
 	// See if the user exists and isn't validated
 	$access_status = access_get_show_hidden_status();
@@ -144,6 +161,7 @@ function uservalidationbyemail_check_auth_attempt($credentials) {
  * Checks sent passed validation code and user guids and validates the user.
  *
  * @param array $page
+ * @return bool
  */
 function uservalidationbyemail_page_handler($page) {
 
@@ -157,7 +175,7 @@ function uservalidationbyemail_page_handler($page) {
 
 		$user = get_entity($user_guid);
 
-		if (($code) && ($user)) {
+		if ($code && $user) {
 			if (uservalidationbyemail_validate_email($user_guid, $code)) {
 
 				elgg_push_context('uservalidationbyemail_validate_user');
@@ -166,7 +184,11 @@ function uservalidationbyemail_page_handler($page) {
 				$user->enable();
 				elgg_pop_context();
 
-				login($user);
+				try {
+					login($user);
+				} catch(LoginException $e){
+					register_error($e->getMessage());
+				}
 			} else {
 				register_error(elgg_echo('email:confirm:fail'));
 			}
@@ -179,7 +201,8 @@ function uservalidationbyemail_page_handler($page) {
 		register_error(elgg_echo('email:confirm:fail'));
 	}
 
-	forward();
+	// forward to front page
+	forward('');
 }
 
 /**
@@ -199,7 +222,7 @@ function uservalidationbyemail_validate_new_admin_user($event, $type, $user) {
  * Registers public pages to allow in the case walled garden has been enabled.
  */
 function uservalidationbyemail_public_pages($hook, $type, $return_value, $params) {
-	$return_value[] = 'pg/uservalidationbyemail/confirm';
+	$return_value[] = 'uservalidationbyemail/confirm';
 	return $return_value;
 }
 
@@ -210,15 +233,23 @@ function uservalidationbyemail_public_pages($hook, $type, $return_value, $params
  * @param string   $type
  * @param ElggUser $user
  * @return bool
+ *
+ * @throws LoginException
  */
 function uservalidationbyemail_check_manual_login($event, $type, $user) {
 	$access_status = access_get_show_hidden_status();
 	access_show_hidden_entities(TRUE);
 
-	// @todo register_error()?
-	$return = ($user instanceof ElggUser && !$user->isEnabled() && !$user->validated) ? FALSE : NULL;
+	if (($user instanceof ElggUser) && !$user->isEnabled() && !$user->validated) {
+		// send new validation email
+		uservalidationbyemail_request_validation($user->getGUID());
+		
+		// restore hidden entities settings
+		access_show_hidden_entities($access_status);
+		
+		// throw error so we get a nice error message
+		throw new LoginException(elgg_echo('uservalidationbyemail:login:fail'));
+	}
 
 	access_show_hidden_entities($access_status);
-
-	return $return;
 }