diff options
Diffstat (limited to 'mod/uservalidationbyemail')
10 files changed, 282 insertions, 116 deletions
diff --git a/mod/uservalidationbyemail/actions/resend_validation.php b/mod/uservalidationbyemail/actions/resend_validation.php index 59a69b0f6..586509b13 100644 --- a/mod/uservalidationbyemail/actions/resend_validation.php +++ b/mod/uservalidationbyemail/actions/resend_validation.php @@ -26,7 +26,7 @@ foreach ($user_guids as $guid) { // don't resend emails to validated users $is_validated = elgg_get_user_validation_status($guid); - if ($is_validated !== FALSE || !uservalidationbyemail_request_validation($guid)) { + if ($is_validated !== FALSE || !uservalidationbyemail_request_validation($guid, true)) { $error = TRUE; continue; } diff --git a/mod/uservalidationbyemail/languages/en.php b/mod/uservalidationbyemail/languages/en.php index f01dba269..df576a0e0 100644 --- a/mod/uservalidationbyemail/languages/en.php +++ b/mod/uservalidationbyemail/languages/en.php @@ -7,6 +7,8 @@ */ $english = array( + 'admin:users:unvalidated' => 'Unvalidated', + 'email:validate:subject' => "%s please confirm your email address for %s!", 'email:validate:body' => "%s, @@ -37,7 +39,10 @@ If you can't click on the link, copy and paste it to your browser manually. 'uservalidationbyemail:confirm_validate_user' => 'Validate %s?', 'uservalidationbyemail:confirm_resend_validation' => 'Resend validation email to %s?', 'uservalidationbyemail:confirm_delete' => 'Delete %s?', - 'uservalidationbyemail:admin:with_checked' => 'With checked:', + 'uservalidationbyemail:confirm_validate_checked' => 'Validate checked users?', + 'uservalidationbyemail:confirm_resend_validation_checked' => 'Resend validation to checked users?', + 'uservalidationbyemail:confirm_delete_checked' => 'Delete checked users?', + 'uservalidationbyemail:check_all' => 'All', 'uservalidationbyemail:errors:unknown_users' => 'Unknown users', 'uservalidationbyemail:errors:could_not_validate_user' => 'Could not validate user.', diff --git a/mod/uservalidationbyemail/lib/functions.php b/mod/uservalidationbyemail/lib/functions.php index ab382c059..f3091f94d 100644 --- a/mod/uservalidationbyemail/lib/functions.php +++ b/mod/uservalidationbyemail/lib/functions.php @@ -25,13 +25,13 @@ function uservalidationbyemail_generate_code($user_guid, $email_address) { * Request user validation email. * Send email out to the address and request a confirmation. * - * @param int $user_guid The user's GUID + * @param int $user_guid The user's GUID + * @param bool $admin_requested Was it requested by admin * @return mixed */ -function uservalidationbyemail_request_validation($user_guid) { - global $CONFIG; +function uservalidationbyemail_request_validation($user_guid, $admin_requested = FALSE) { - $site_url = elgg_get_site_url(); + $site = elgg_get_site_entity(); $user_guid = (int)$user_guid; $user = get_entity($user_guid); @@ -39,15 +39,15 @@ function uservalidationbyemail_request_validation($user_guid) { if (($user) && ($user instanceof ElggUser)) { // Work out validate link $code = uservalidationbyemail_generate_code($user_guid, $user->email); - $link = "{$site_url}pg/uservalidationbyemail/confirm?u=$user_guid&c=$code"; - $site = $CONFIG->site; + $link = "{$site->url}uservalidationbyemail/confirm?u=$user_guid&c=$code"; + // Send validation email $subject = elgg_echo('email:validate:subject', array($user->name, $site->name)); $body = elgg_echo('email:validate:body', array($user->name, $site->name, $link, $site->name, $site->url)); - $result = notify_user($user->guid, $CONFIG->site->guid, $subject, $body, NULL, 'email'); + $result = notify_user($user->guid, $site->guid, $subject, $body, NULL, 'email'); - if ($result) { + if ($result && !$admin_requested) { system_message(elgg_echo('uservalidationbyemail:registerok')); } @@ -73,3 +73,36 @@ function uservalidationbyemail_validate_email($user_guid, $code) { return false; } + +/** + * Return a where clause to get entities + * + * "Unvalidated" means metadata of validated is not set or not truthy. + * We can't use elgg_get_entities_from_metadata() because you can't say + * "where the entity has metadata set OR it's not equal to 1". + * + * @return array + */ +function uservalidationbyemail_get_unvalidated_users_sql_where() { + global $CONFIG; + + $validated_id = get_metastring_id('validated'); + if ($validated_id === false) { + $validated_id = add_metastring('validated'); + } + $one_id = get_metastring_id('1'); + if ($one_id === false) { + $one_id = add_metastring('1'); + } + + // thanks to daveb@freenode for the SQL tips! + $wheres = array(); + $wheres[] = "e.enabled='no'"; + $wheres[] = "NOT EXISTS ( + SELECT 1 FROM {$CONFIG->dbprefix}metadata md + WHERE md.entity_guid = e.guid + AND md.name_id = $validated_id + AND md.value_id = $one_id)"; + + return $wheres; +}
\ No newline at end of file diff --git a/mod/uservalidationbyemail/manifest.xml b/mod/uservalidationbyemail/manifest.xml index 8e29a1bbf..800dd2641 100644 --- a/mod/uservalidationbyemail/manifest.xml +++ b/mod/uservalidationbyemail/manifest.xml @@ -1,12 +1,17 @@ <?xml version="1.0" encoding="UTF-8"?> -<plugin_manifest> - <field key="author" value="Curverider Ltd" /> - <field key="version" value="1.7" /> - <field key="description" value="Simple user account validation via email." /> - <field key="website" value="http://www.elgg.org/" /> - <field key="copyright" value="(C) Curverider 2008-2010" /> - <field key="licence" value="GNU Public License version 2" /> - <field key="elgg_version" value="2009033101" /> - <field key="elgg_install_state" value="enabled" /> - <field key="admin_interface" value="advanced" /> +<plugin_manifest xmlns="http://www.elgg.org/plugin_manifest/1.8"> + <name>User Validation by Email</name> + <author>Core developers</author> + <version>1.8</version> + <category>bundled</category> + <category>security</category> + <description>Simple user account validation via email.</description> + <website>http://www.elgg.org/</website> + <copyright>See COPYRIGHT.txt</copyright> + <license>GNU General Public License version 2</license> + <requires> + <type>elgg_release</type> + <version>1.8</version> + </requires> + <activate_on_install>true</activate_on_install> </plugin_manifest> diff --git a/mod/uservalidationbyemail/start.php b/mod/uservalidationbyemail/start.php index 9d4233f37..f44d2ab50 100644 --- a/mod/uservalidationbyemail/start.php +++ b/mod/uservalidationbyemail/start.php @@ -15,7 +15,7 @@ function uservalidationbyemail_init() { // Register page handler to validate users // This doesn't need to be an action because security is handled by the validation codes. - register_page_handler('uservalidationbyemail', 'uservalidationbyemail_page_handler'); + elgg_register_page_handler('uservalidationbyemail', 'uservalidationbyemail_page_handler'); // mark users as unvalidated and disable when they register elgg_register_plugin_hook_handler('register', 'user', 'uservalidationbyemail_disable_new_user'); @@ -39,7 +39,10 @@ function uservalidationbyemail_init() { elgg_register_plugin_hook_handler('public_pages', 'walled_garden', 'uservalidationbyemail_public_pages'); // admin interface to manually validate users - elgg_add_admin_menu_item('unvalidated', elgg_echo('uservalidationbyemail:admin:unvalidated'), 'users'); + elgg_register_admin_menu_item('administer', 'unvalidated', 'users'); + + elgg_extend_view('css/admin', 'uservalidationbyemail/css'); + elgg_extend_view('js/elgg', 'uservalidationbyemail/js'); $action_path = dirname(__FILE__) . '/actions'; @@ -59,13 +62,24 @@ function uservalidationbyemail_init() { * @return bool */ function uservalidationbyemail_disable_new_user($hook, $type, $value, $params) { - $user = elgg_get_array_value('user', $params); + $user = elgg_extract('user', $params); // no clue what's going on, so don't react. if (!$user instanceof ElggUser) { return; } + // another plugin is requesting that registration be terminated + // no need for uservalidationbyemail + if (!$value) { + return $value; + } + + // has the user already been validated? + if (elgg_get_user_validation_status($user->guid) == true) { + return $value; + } + // disable user to prevent showing up on the site // set context so our canEdit() override works elgg_push_context('uservalidationbyemail_new_user'); @@ -100,7 +114,7 @@ function uservalidationbyemail_disable_new_user($hook, $type, $value, $params) { function uservalidationbyemail_allow_new_user_can_edit($hook, $type, $value, $params) { // $params['user'] is the user to check permissions for. // we want the entity to check, which is a user. - $user = elgg_get_array_value('entity', $params); + $user = elgg_extract('entity', $params); if (!($user instanceof ElggUser)) { return; @@ -122,8 +136,11 @@ function uservalidationbyemail_allow_new_user_can_edit($hook, $type, $value, $pa */ function uservalidationbyemail_check_auth_attempt($credentials) { + if (!isset($credentials['username'])) { + return; + } + $username = $credentials['username']; - $password = $credentials['password']; // See if the user exists and isn't validated $access_status = access_get_show_hidden_status(); @@ -144,6 +161,7 @@ function uservalidationbyemail_check_auth_attempt($credentials) { * Checks sent passed validation code and user guids and validates the user. * * @param array $page + * @return bool */ function uservalidationbyemail_page_handler($page) { @@ -157,7 +175,7 @@ function uservalidationbyemail_page_handler($page) { $user = get_entity($user_guid); - if (($code) && ($user)) { + if ($code && $user) { if (uservalidationbyemail_validate_email($user_guid, $code)) { elgg_push_context('uservalidationbyemail_validate_user'); @@ -166,7 +184,11 @@ function uservalidationbyemail_page_handler($page) { $user->enable(); elgg_pop_context(); - login($user); + try { + login($user); + } catch(LoginException $e){ + register_error($e->getMessage()); + } } else { register_error(elgg_echo('email:confirm:fail')); } @@ -179,7 +201,8 @@ function uservalidationbyemail_page_handler($page) { register_error(elgg_echo('email:confirm:fail')); } - forward(); + // forward to front page + forward(''); } /** @@ -199,7 +222,7 @@ function uservalidationbyemail_validate_new_admin_user($event, $type, $user) { * Registers public pages to allow in the case walled garden has been enabled. */ function uservalidationbyemail_public_pages($hook, $type, $return_value, $params) { - $return_value[] = 'pg/uservalidationbyemail/confirm'; + $return_value[] = 'uservalidationbyemail/confirm'; return $return_value; } @@ -210,15 +233,23 @@ function uservalidationbyemail_public_pages($hook, $type, $return_value, $params * @param string $type * @param ElggUser $user * @return bool + * + * @throws LoginException */ function uservalidationbyemail_check_manual_login($event, $type, $user) { $access_status = access_get_show_hidden_status(); access_show_hidden_entities(TRUE); - // @todo register_error()? - $return = ($user instanceof ElggUser && !$user->isEnabled() && !$user->validated) ? FALSE : NULL; + if (($user instanceof ElggUser) && !$user->isEnabled() && !$user->validated) { + // send new validation email + uservalidationbyemail_request_validation($user->getGUID()); + + // restore hidden entities settings + access_show_hidden_entities($access_status); + + // throw error so we get a nice error message + throw new LoginException(elgg_echo('uservalidationbyemail:login:fail')); + } access_show_hidden_entities($access_status); - - return $return; } diff --git a/mod/uservalidationbyemail/views/default/admin/users/unvalidated.php b/mod/uservalidationbyemail/views/default/admin/users/unvalidated.php index 332fac3f9..62a35d0bb 100644 --- a/mod/uservalidationbyemail/views/default/admin/users/unvalidated.php +++ b/mod/uservalidationbyemail/views/default/admin/users/unvalidated.php @@ -1,66 +1,9 @@ <?php /** - * Admin area to view, validate, resend validation email, or delete unvalidated users. - * - * @package Elgg.Core.Plugin - * @subpackage UserValidationByEmail.Administration + * List of unvalidated users */ -$limit = get_input('limit', 10); -$offset = get_input('offset', 0); - -// can't use elgg_list_entities() and friends because we don't use the default view for users. -$ia = elgg_set_ignore_access(TRUE); -$hidden_entities = access_get_show_hidden_status(); -access_show_hidden_entities(TRUE); - -$options = array( - 'type' => 'user', - 'metadata_name' => 'validated', - 'metadata_value' => 0, - 'limit' => $limit, - 'offset' => $offset -); -$users = elgg_get_entities_from_metadata($options); - -$options['count'] = TRUE; -$count = elgg_get_entities_from_metadata($options); - -access_show_hidden_entities($hidden_entities); -elgg_set_ignore_access($ia); - -// setup pagination -$pagination = elgg_view('navigation/pagination', array( - 'baseurl' => $vars['url'] . 'pg/admin/users/unvalidated', - 'offset' => $offset, - 'count' => $count, - 'limit' => $limit, +echo elgg_view_form('uservalidationbyemail/bulk_action', array( + 'id' => 'uservalidationbyemail-form', + 'action' => 'action/uservalidationbyemail/bulk_action' )); - -echo $pagination; - -if ($users) { - foreach ($users as $user) { - $form_body .= elgg_view('uservalidationbyemail/unvalidated_user', array('theuser' => $user)); - } -} else { - echo elgg_echo('uservalidationbyemail:admin:no_unvalidated_users'); - return; -} - -$form_body .= elgg_echo('uservalidationbyemail:admin:with_checked') . elgg_view('input/pulldown', array( - 'internalname' => 'action_type', - 'options_values' => array( - 'validate' => elgg_echo('uservalidationbyemail:admin:validate'), - 'resend_validation' => elgg_echo('uservalidationbyemail:admin:resend_validation'), - 'delete' => elgg_echo('uservalidationbyemail:admin:delete'), - ), - 'value' => 'resend_validation', -)); - -$form_body .= '<br />' . elgg_view('input/submit', array('value' => elgg_echo('submit'))); - -echo elgg_view('input/form', array( - 'action' => 'action/uservalidationbyemail/bulk_action', - 'body' => $form_body -));
\ No newline at end of file diff --git a/mod/uservalidationbyemail/views/default/forms/uservalidationbyemail/bulk_action.php b/mod/uservalidationbyemail/views/default/forms/uservalidationbyemail/bulk_action.php new file mode 100644 index 000000000..9199922d6 --- /dev/null +++ b/mod/uservalidationbyemail/views/default/forms/uservalidationbyemail/bulk_action.php @@ -0,0 +1,112 @@ +<?php +/** + * Admin area to view, validate, resend validation email, or delete unvalidated users. + * + * @package Elgg.Core.Plugin + * @subpackage UserValidationByEmail.Administration + */ + +$limit = get_input('limit', 10); +$offset = get_input('offset', 0); + +// can't use elgg_list_entities() and friends because we don't use the default view for users. +$ia = elgg_set_ignore_access(TRUE); +$hidden_entities = access_get_show_hidden_status(); +access_show_hidden_entities(TRUE); + +$options = array( + 'type' => 'user', + 'wheres' => uservalidationbyemail_get_unvalidated_users_sql_where(), + 'limit' => $limit, + 'offset' => $offset, + 'count' => TRUE, +); +$count = elgg_get_entities($options); + +if (!$count) { + access_show_hidden_entities($hidden_entities); + elgg_set_ignore_access($ia); + + echo elgg_autop(elgg_echo('uservalidationbyemail:admin:no_unvalidated_users')); + return TRUE; +} + +$options['count'] = FALSE; + +$users = elgg_get_entities($options); + +access_show_hidden_entities($hidden_entities); +elgg_set_ignore_access($ia); + +// setup pagination +$pagination = elgg_view('navigation/pagination',array( + 'base_url' => 'admin/users/unvalidated', + 'offset' => $offset, + 'count' => $count, + 'limit' => $limit, +)); + +$bulk_actions_checkbox = '<label><input type="checkbox" id="uservalidationbyemail-checkall" />' + . elgg_echo('uservalidationbyemail:check_all') . '</label>'; + +$validate = elgg_view('output/url', array( + 'href' => 'action/uservalidationbyemail/validate/', + 'text' => elgg_echo('uservalidationbyemail:admin:validate'), + 'title' => elgg_echo('uservalidationbyemail:confirm_validate_checked'), + 'class' => 'uservalidationbyemail-submit', + 'is_action' => true, + 'is_trusted' => true, +)); + +$resend_email = elgg_view('output/url', array( + 'href' => 'action/uservalidationbyemail/resend_validation/', + 'text' => elgg_echo('uservalidationbyemail:admin:resend_validation'), + 'title' => elgg_echo('uservalidationbyemail:confirm_resend_validation_checked'), + 'class' => 'uservalidationbyemail-submit', + 'is_action' => true, + 'is_trusted' => true, +)); + +$delete = elgg_view('output/url', array( + 'href' => 'action/uservalidationbyemail/delete/', + 'text' => elgg_echo('uservalidationbyemail:admin:delete'), + 'title' => elgg_echo('uservalidationbyemail:confirm_delete_checked'), + 'class' => 'uservalidationbyemail-submit', + 'is_action' => true, + 'is_trusted' => true, +)); + +$bulk_actions = <<<___END + <ul class="elgg-menu elgg-menu-general elgg-menu-hz float-alt"> + <li>$resend_email</li><li>$validate</li><li>$delete</li> + </ul> + + $bulk_actions_checkbox +___END; + +if (is_array($users) && count($users) > 0) { + $html = '<ul class="elgg-list elgg-list-distinct">'; + foreach ($users as $user) { + $html .= "<li id=\"unvalidated-user-{$user->guid}\" class=\"elgg-item uservalidationbyemail-unvalidated-user-item\">"; + $html .= elgg_view('uservalidationbyemail/unvalidated_user', array('user' => $user)); + $html .= '</li>'; + } + $html .= '</ul>'; +} + +echo <<<___END +<div class="elgg-module elgg-module-inline uservalidation-module"> + <div class="elgg-head"> + $bulk_actions + </div> + <div class="elgg-body"> + $html + </div> +</div> +___END; + +if ($count > 5) { + echo $bulk_actions; +} + +echo $pagination; diff --git a/mod/uservalidationbyemail/views/default/uservalidationbyemail/css.php b/mod/uservalidationbyemail/views/default/uservalidationbyemail/css.php new file mode 100644 index 000000000..afe334713 --- /dev/null +++ b/mod/uservalidationbyemail/views/default/uservalidationbyemail/css.php @@ -0,0 +1,12 @@ +<?php +/** + * CSS for user validation by email + */ +?> + +.uservalidation-module > .elgg-head * { + color: white; +} +.uservalidation-module > .elgg-body * { + color: #333; +}
\ No newline at end of file diff --git a/mod/uservalidationbyemail/views/default/uservalidationbyemail/js.php b/mod/uservalidationbyemail/views/default/uservalidationbyemail/js.php new file mode 100644 index 000000000..948a54651 --- /dev/null +++ b/mod/uservalidationbyemail/views/default/uservalidationbyemail/js.php @@ -0,0 +1,28 @@ + +elgg.provide('elgg.uservalidationbyemail'); + +elgg.uservalidationbyemail.init = function() { + $('#uservalidationbyemail-checkall').click(function() { + var checked = $(this).attr('checked') == 'checked'; + $('#uservalidationbyemail-form .elgg-body').find('input[type=checkbox]').attr('checked', checked); + }); + + $('.uservalidationbyemail-submit').click(function(event) { + var $form = $('#uservalidationbyemail-form'); + event.preventDefault(); + + // check if there are selected users + if ($('#uservalidationbyemail-form .elgg-body').find('input[type=checkbox]:checked').length < 1) { + return false; + } + + // confirmation + if (!confirm($(this).attr('title'))) { + return false; + } + + $form.attr('action', $(this).attr('href')).submit(); + }); +}; + +elgg.register_hook_handler('init', 'system', elgg.uservalidationbyemail.init); diff --git a/mod/uservalidationbyemail/views/default/uservalidationbyemail/unvalidated_user.php b/mod/uservalidationbyemail/views/default/uservalidationbyemail/unvalidated_user.php index bc2f7f5d2..5c652a637 100644 --- a/mod/uservalidationbyemail/views/default/uservalidationbyemail/unvalidated_user.php +++ b/mod/uservalidationbyemail/views/default/uservalidationbyemail/unvalidated_user.php @@ -6,15 +6,13 @@ * @subpackage UserValidationByEmail.Administration */ -$user = elgg_get_array_value('theuser', $vars); +$user = elgg_extract('user', $vars); -// doesn't work. -//$checkbox = elgg_view('input/checkboxes', array( -// 'internalname' => 'user_guids', -// 'options' => array("$user->username - \"$user->name\" <$user->email>" => $user->guid) -//)); -$checkbox = "<label><input type=\"checkbox\" value=\"$user->guid\" class=\"elgg-input-checkboxes\" name=\"user_guids[]\">" - . "$user->username - \"$user->name\" <$user->email></label>"; +$checkbox = elgg_view('input/checkbox', array( + 'name' => 'user_guids[]', + 'value' => $user->guid, + 'default' => false, +)); $created = elgg_echo('uservalidationbyemail:admin:user_created', array(elgg_view_friendly_time($user->time_created))); @@ -35,19 +33,18 @@ $delete = elgg_view('output/confirmlink', array( 'href' => "action/uservalidationbyemail/delete/?user_guids[]=$user->guid", 'text' => elgg_echo('uservalidationbyemail:admin:delete') )); - -// @todo All of these hard coded styles need to be removed. -// they're here because you can't currently extend the admin css. -?> - -<div class="admin_settings radius8" style="border: 1px solid black; padding: 5px;"> - <?php echo $checkbox; ?><br /> - - <div class="uservalidationbyemail_unvalidated_controls" style="float: right"> - <?php echo "$resend_email | $validate | $delete"; ?> +$menu = 'test'; +$block = <<<___END + <label>$user->username: "$user->name" <$user->email></label> + <div class="uservalidationbyemail-unvalidated-user-details"> + $created </div> +___END; - <div class="uservalidationbyemail_unvalidated_user_details" style="margin-left: 15px; font-size: smaller;"> - <?php echo $created; ?> - </div> -</div> +$menu = <<<__END + <ul class="elgg-menu elgg-menu-general elgg-menu-hz float-alt"> + <li>$resend_email</li><li>$validate</li><li>$delete</li> + </ul> +__END; + +echo elgg_view_image_block($checkbox, $block, array('image_alt' => $menu)); |