friendica/mod/regmod.php

<?php
/**
 * @file mod/regmod.php
 */
use Friendica\App;
use Friendica\Core\Config;
use Friendica\Core\L10n;
use Friendica\Core\System;
use Friendica\Core\Worker;
use Friendica\Database\DBM;
use Friendica\Model\User;
use Friendica\Module\Login;

require_once 'include/enotify.php';

function user_allow($hash)
{
	$a = get_app();

	$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
		dbesc($hash)
	);


	if (!DBM::is_result($register)) {
		return false;
	}

	$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
		intval($register[0]['uid'])
	);

	if (!DBM::is_result($user)) {
		killme();
	}

	$r = q("DELETE FROM `register` WHERE `hash` = '%s'",
		dbesc($register[0]['hash'])
	);


	$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d",
		intval($register[0]['uid'])
	);

	$r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
		intval($user[0]['uid'])
	);
	if (DBM::is_result($r) && $r[0]['net-publish']) {
		$url = System::baseUrl() . '/profile/' . $user[0]['nickname'];
		if ($url && strlen(Config::get('system', 'directory'))) {
			Worker::add(PRIORITY_LOW, "Directory", $url);
		}
	}

	L10n::pushLang($register[0]['language']);

	User::sendRegisterOpenEmail(
		$user[0]['email'],
		$a->config['sitename'],
		System::baseUrl(),
		$user[0]['username'],
		$register[0]['password']);

	L10n::popLang();

	if ($res) {
		info(L10n::t('Account approved.') . EOL);
		return true;
	}
}

// This does not have to go through user_remove() and save the nickname
// permanently against re-registration, as the person was not yet
// allowed to have friends on this system
function user_deny($hash)
{
	$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
		dbesc($hash)
	);

	if (!DBM::is_result($register)) {
		return false;
	}

	$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
		intval($register[0]['uid'])
	);

	dba::delete('user', ['uid' => $register[0]['uid']]);
	dba::delete('register', ['hash' => $register[0]['hash']]);

	notice(sprintf(L10n::t('Registration revoked for %s'), $user[0]['username']) . EOL);
	return true;
}

function regmod_content(App $a)
{
	global $lang;

	if (!local_user()) {
		info(L10n::t('Please login.') . EOL);
		$o .= '<br /><br />' . Login::form($a->query_string, $a->config['register_policy'] == REGISTER_CLOSED ? 0 : 1);
		return $o;
	}

	if ((!is_site_admin()) || (x($_SESSION, 'submanage') && intval($_SESSION['submanage']))) {
		notice(L10n::t('Permission denied.') . EOL);
		return '';
	}

	if ($a->argc != 3) {
		killme();
	}

	$cmd = $a->argv[1];
	$hash = $a->argv[2];

	if ($cmd === 'deny') {
		user_deny($hash);
		goaway(System::baseUrl() . "/admin/users/");
		killme();
	}

	if ($cmd === 'allow') {
		user_allow($hash);
		goaway(System::baseUrl() . "/admin/users/");
		killme();
	}
}
verified registrations working 2010-07-29 02:15:10 -04:00			`<?php`
Update functions and calls Update function names and calls. 2018-01-21 11:38:01 -05:00			`/**`
			`* @file mod/regmod.php`
			`*/`
Move App to src - Add `use Friendica\App;` wherever needed 2017-04-30 00:07:00 -04:00			`use Friendica\App;`
Issue-#3873 Replace deprecated functions with new syntax. 2017-11-06 21:22:52 -05:00			`use Friendica\Core\Config;`
Update functions and calls Update function names and calls. 2018-01-21 11:38:01 -05:00			`use Friendica\Core\L10n;`
New class "System" 2017-08-26 02:04:21 -04:00			`use Friendica\Core\System;`
proc_run was replaced 2017-11-05 07:15:53 -05:00			`use Friendica\Core\Worker;`
Class file relocations Issue #3878 2017-11-07 22:57:46 -05:00			`use Friendica\Database\DBM;`
Hotfix regmod missing use statement 2017-12-07 14:12:03 -05:00			`use Friendica\Model\User;`
Move login() to Login module - Move nuke_session to include/security - Remove mod/login 2017-12-17 11:40:59 -05:00			`use Friendica\Module\Login;`
Move App to src - Add `use Friendica\App;` wherever needed 2017-04-30 00:07:00 -04:00
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`require_once 'include/enotify.php';`
get app structure needed in regmod 2011-06-29 03:40:43 -04:00
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`function user_allow($hash)`
			`{`
get app structure needed in regmod 2011-06-29 03:40:43 -04:00			`$a = get_app();`

Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00			$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
			`dbesc($hash)`
			`);`

verified registrations working 2010-07-29 02:15:10 -04:00
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`if (!DBM::is_result($register)) {`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00			`return false;`
Continued a bit: - converted some bad checks to use dbm::is_result() - added space between "if" and brace - added curly braces Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 04:16:48 -05:00			`}`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00
			$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
			`intval($register[0]['uid'])`
			`);`
SQL improvements. New parameter for a maximum amount of comments per thread 2013-12-08 08:49:24 -05:00
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`if (!DBM::is_result($user)) {`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00			`killme();`
Continued a bit: - converted some bad checks to use dbm::is_result() - added space between "if" and brace - added curly braces Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 04:16:48 -05:00			`}`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00
SQL improvements. New parameter for a maximum amount of comments per thread 2013-12-08 08:49:24 -05:00			$r = q("DELETE FROM `register` WHERE `hash` = '%s'",
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00			`dbesc($register[0]['hash'])`
			`);`


SQL improvements. New parameter for a maximum amount of comments per thread 2013-12-08 08:49:24 -05:00			$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d",
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00			`intval($register[0]['uid'])`
			`);`
SQL improvements. New parameter for a maximum amount of comments per thread 2013-12-08 08:49:24 -05:00
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00			$r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
			`intval($user[0]['uid'])`
			`);`
Class file relocations Issue #3878 2017-11-07 22:57:46 -05:00			`if (DBM::is_result($r) && $r[0]['net-publish']) {`
App::get_baseurl is now replaced with System::baseUrl 2017-08-26 03:32:10 -04:00			`$url = System::baseUrl() . '/profile/' . $user[0]['nickname'];`
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`if ($url && strlen(Config::get('system', 'directory'))) {`
Directory moved 2017-11-18 02:59:30 -05:00			`Worker::add(PRIORITY_LOW, "Directory", $url);`
added spaces + curly braces Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 05:36:03 -05:00			`}`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00			`}`

Update functions and calls Update function names and calls. 2018-01-21 11:38:01 -05:00			`L10n::pushLang($register[0]['language']);`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00
Update function calls to use Model\User and Object\Contact 2017-12-03 22:29:06 -05:00			`User::sendRegisterOpenEmail(`
More template gore! 2014-09-07 06:29:13 -04:00			`$user[0]['email'],`
			`$a->config['sitename'],`
App::get_baseurl is now replaced with System::baseUrl 2017-08-26 03:32:10 -04:00			`System::baseUrl(),`
More template gore! 2014-09-07 06:29:13 -04:00			`$user[0]['username'],`
			`$register[0]['password']);`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00
Update functions and calls Update function names and calls. 2018-01-21 11:38:01 -05:00			`L10n::popLang();`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`if ($res) {`
Hopefully all t() hopefully the last of the t() 2018-01-22 16:59:31 -05:00			`info(L10n::t('Account approved.') . EOL);`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00			`return true;`
SQL improvements. New parameter for a maximum amount of comments per thread 2013-12-08 08:49:24 -05:00			`}`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00			`}`

prevent re-registrations using a deleted username - not an issue with Friendica but could create a serious privacy issue with federated platforms 2012-03-22 04:46:52 -04:00			`// This does not have to go through user_remove() and save the nickname`
			`// permanently against re-registration, as the person was not yet`
			`// allowed to have friends on this system`
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`function user_deny($hash)`
			`{`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00			$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
			`dbesc($hash)`
			`);`

Class file relocations Issue #3878 2017-11-07 22:57:46 -05:00			`if (!DBM::is_result($register)) {`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00			`return false;`
Just some more dba::delete 2017-05-13 00:04:17 -04:00			`}`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00
			$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
			`intval($register[0]['uid'])`
			`);`
SQL improvements. New parameter for a maximum amount of comments per thread 2013-12-08 08:49:24 -05:00
Use short form array syntax everywhere - Add short form array syntax to po2php.php generation 2018-01-15 08:05:12 -05:00			`dba::delete('user', ['uid' => $register[0]['uid']]);`
			`dba::delete('register', ['hash' => $register[0]['hash']]);`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00
Hopefully all t() hopefully the last of the t() 2018-01-22 16:59:31 -05:00			`notice(sprintf(L10n::t('Registration revoked for %s'), $user[0]['username']) . EOL);`
Admin users page. some fix to template processor. 2011-06-16 08:56:43 -04:00			`return true;`
			`}`
verified registrations working 2010-07-29 02:15:10 -04:00
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`function regmod_content(App $a)`
			`{`
bug #85 2011-05-23 23:30:37 -04:00			`global $lang;`

Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`if (!local_user()) {`
Hopefully all t() hopefully the last of the t() 2018-01-22 16:59:31 -05:00			`info(L10n::t('Please login.') . EOL);`
Move login() to Login module - Move nuke_session to include/security - Remove mod/login 2017-12-17 11:40:59 -05:00			`$o .= '<br /><br />' . Login::form($a->query_string, $a->config['register_policy'] == REGISTER_CLOSED ? 0 : 1);`
verified registrations working 2010-07-29 02:15:10 -04:00			`return $o;`
			`}`

Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`if ((!is_site_admin()) \|\| (x($_SESSION, 'submanage') && intval($_SESSION['submanage']))) {`
Many t() calls modify many t() calls. 2018-01-21 13:33:59 -05:00			`notice(L10n::t('Permission denied.') . EOL);`
prevent admin hijacks 2011-01-05 01:17:58 -05:00			`return '';`
			`}`

added much more curly braces + space between "if" and brace Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 05:56:34 -05:00			`if ($a->argc != 3) {`
verified registrations working 2010-07-29 02:15:10 -04:00			`killme();`
added much more curly braces + space between "if" and brace Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 05:56:34 -05:00			`}`
verified registrations working 2010-07-29 02:15:10 -04:00
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`$cmd = $a->argv[1];`
verified registrations working 2010-07-29 02:15:10 -04:00			`$hash = $a->argv[2];`

added much more curly braces + space between "if" and brace Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 05:56:34 -05:00			`if ($cmd === 'deny') {`
fix email for - registration request - registration approval - account created by admin add a reditect after registration approval or deny 2014-09-09 16:07:47 -04:00			`user_deny($hash);`
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`goaway(System::baseUrl() . "/admin/users/");`
fix email for - registration request - registration approval - account created by admin add a reditect after registration approval or deny 2014-09-09 16:07:47 -04:00			`killme();`
verified registrations working 2010-07-29 02:15:10 -04:00			`}`

added much more curly braces + space between "if" and brace Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 05:56:34 -05:00			`if ($cmd === 'allow') {`
fix email for - registration request - registration approval - account created by admin add a reditect after registration approval or deny 2014-09-09 16:07:47 -04:00			`user_allow($hash);`
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-03 22:15:31 -05:00			`goaway(System::baseUrl() . "/admin/users/");`
fix email for - registration request - registration approval - account created by admin add a reditect after registration approval or deny 2014-09-09 16:07:47 -04:00			`killme();`
verified registrations working 2010-07-29 02:15:10 -04:00			`}`
add info() function. Works like notice() but show messages in a div with class info-message. update code to use info() instead of notice() when appropriate (non-error message) add info-message class style in themes 2011-05-23 05:39:57 -04:00			`}`