From 231c61a7eb3bb79faed696945ccd6d831c80f0f2 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 17 Apr 2009 12:52:26 -0700 Subject: store invite code in session so openidfinish can find it --- actions/finishopenidlogin.php | 33 ++++++-- actions/register.php | 171 ++++++++++++++++++++++++------------------ 2 files changed, 127 insertions(+), 77 deletions(-) (limited to 'actions') diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php index 952185742..b08b96df6 100644 --- a/actions/finishopenidlogin.php +++ b/actions/finishopenidlogin.php @@ -191,11 +191,28 @@ class FinishopenidloginAction extends Action { # FIXME: save invite code before redirect, and check here - if (common_config('site', 'closed') || common_config('site', 'inviteonly')) { + if (common_config('site', 'closed')) { $this->clientError(_('Registration not allowed.')); return; } + $invite = null; + + if (common_config('site', 'inviteonly')) { + $code = $_SESSION['invitecode']; + if (empty($code)) { + $this->clientError(_('Registration not allowed.')); + return; + } + + $invite = Invitation::staticGet($code); + + if (empty($invite)) { + $this->clientError(_('Not a valid invitation code.')); + return; + } + } + $nickname = $this->trimmed('newname'); if (!Validate::string($nickname, array('min_length' => 1, @@ -257,10 +274,16 @@ class FinishopenidloginAction extends Action # XXX: add language # XXX: add timezone - $user = User::register(array('nickname' => $nickname, - 'email' => $email, - 'fullname' => $fullname, - 'location' => $location)); + $args = array('nickname' => $nickname, + 'email' => $email, + 'fullname' => $fullname, + 'location' => $location); + + if (!empty($invite)) { + $args['code'] = $invite->code; + } + + $user = User::register($args); $result = oid_link_user($user->id, $canonical, $display); diff --git a/actions/register.php b/actions/register.php index ab49ad3fd..4ac7c349d 100644 --- a/actions/register.php +++ b/actions/register.php @@ -55,6 +55,44 @@ class RegisterAction extends Action var $registered = false; + /** + * Prepare page to run + * + * + * @param $args + * @return string title + */ + + function prepare() + { + $this->code = $this->trimmed('code'); + + if (empty($this->code)) { + common_ensure_session(); + if (!empty($_SESSION['invitecode'])) { + $this->code = $_SESSION['invitecode']; + } + } + + if (common_config('site', 'inviteonly') && empty($this->code)) { + $this->clientError(_('Sorry, only invited people can register.')); + return false; + } + + if (!empty($this->code)) { + $this->invite = Invitation::staticGet($code); + if (empty($this->invite)) { + $this->clientError(_('Sorry, invalid invitation code.')); + return false; + } + // Store this in case we need it + common_ensure_session(); + $_SESSION['invitecode'] = $this->code; + } + + return true; + } + /** * Title of the page * @@ -112,7 +150,7 @@ class RegisterAction extends Action $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { $this->showForm(_('There was a problem with your session token. '. - 'Try again, please.')); + 'Try again, please.')); return; } @@ -145,14 +183,14 @@ class RegisterAction extends Action if (!$this->boolean('license')) { $this->showForm(_('You can\'t register if you don\'t '. - 'agree to the license.')); + 'agree to the license.')); } else if ($email && !Validate::email($email, true)) { $this->showForm(_('Not a valid email address.')); } else if (!Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => NICKNAME_FMT))) { + 'max_length' => 64, + 'format' => NICKNAME_FMT))) { $this->showForm(_('Nickname must have only lowercase letters '. - 'and numbers and no spaces.')); + 'and numbers and no spaces.')); } else if ($this->nicknameExists($nickname)) { $this->showForm(_('Nickname already in use. Try another one.')); } else if (!User::allowed_nickname($nickname)) { @@ -160,9 +198,9 @@ class RegisterAction extends Action } else if ($this->emailExists($email)) { $this->showForm(_('Email address already exists.')); } else if (!is_null($homepage) && (strlen($homepage) > 0) && - !Validate::uri($homepage, - array('allowed_schemes' => - array('http', 'https')))) { + !Validate::uri($homepage, + array('allowed_schemes' => + array('http', 'https')))) { $this->showForm(_('Homepage is not a valid URL.')); return; } else if (!is_null($fullname) && mb_strlen($fullname) > 255) { @@ -180,13 +218,13 @@ class RegisterAction extends Action } else if ($password != $confirm) { $this->showForm(_('Passwords don\'t match.')); } else if ($user = User::register(array('nickname' => $nickname, - 'password' => $password, - 'email' => $email, - 'fullname' => $fullname, - 'homepage' => $homepage, - 'bio' => $bio, - 'location' => $location, - 'code' => $code))) { + 'password' => $password, + 'email' => $email, + 'fullname' => $fullname, + 'homepage' => $homepage, + 'bio' => $bio, + 'location' => $location, + 'code' => $code))) { if (!$user) { $this->showForm(_('Invalid username or password.')); return; @@ -259,17 +297,17 @@ class RegisterAction extends Action // overrided to add hentry, and content-inner class function showContentBlock() - { - $this->elementStart('div', array('id' => 'content', 'class' => 'hentry')); - $this->showPageTitle(); - $this->showPageNoticeBlock(); - $this->elementStart('div', array('id' => 'content_inner', - 'class' => 'entry-content')); - // show the actual content (forms, lists, whatever) - $this->showContent(); - $this->elementEnd('div'); - $this->elementEnd('div'); - } + { + $this->elementStart('div', array('id' => 'content', 'class' => 'hentry')); + $this->showPageTitle(); + $this->showPageNoticeBlock(); + $this->elementStart('div', array('id' => 'content_inner', + 'class' => 'entry-content')); + // show the actual content (forms, lists, whatever) + $this->showContent(); + $this->elementEnd('div'); + $this->elementEnd('div'); + } /** * Instructions or a notice for the page @@ -343,90 +381,79 @@ class RegisterAction extends Action function showFormContent() { - $code = $this->trimmed('code'); - - if ($code) { - $invite = Invitation::staticGet($code); - } - - if (common_config('site', 'inviteonly') && !($code && $invite)) { - $this->clientError(_('Sorry, only invited people can register.')); - return; - } - $this->elementStart('form', array('method' => 'post', - 'id' => 'form_register', - 'class' => 'form_settings', - 'action' => common_local_url('register'))); + 'id' => 'form_register', + 'class' => 'form_settings', + 'action' => common_local_url('register'))); $this->elementStart('fieldset'); $this->element('legend', null, 'Account settings'); $this->hidden('token', common_session_token()); - if ($code) { - $this->hidden('code', $code); + if ($this->code) { + $this->hidden('code', $this->code); } $this->elementStart('ul', 'form_data'); if (Event::handle('StartRegistrationFormData', array($this))) { $this->elementStart('li'); $this->input('nickname', _('Nickname'), $this->trimmed('nickname'), - _('1-64 lowercase letters or numbers, '. - 'no punctuation or spaces. Required.')); + _('1-64 lowercase letters or numbers, '. + 'no punctuation or spaces. Required.')); $this->elementEnd('li'); $this->elementStart('li'); $this->password('password', _('Password'), - _('6 or more characters. Required.')); + _('6 or more characters. Required.')); $this->elementEnd('li'); $this->elementStart('li'); $this->password('confirm', _('Confirm'), - _('Same as password above. Required.')); + _('Same as password above. Required.')); $this->elementEnd('li'); $this->elementStart('li'); - if ($invite && $invite->address_type == 'email') { - $this->input('email', _('Email'), $invite->address, - _('Used only for updates, announcements, '. - 'and password recovery')); + if ($this->invite && $this->invite->address_type == 'email') { + $this->input('email', _('Email'), $this->invite->address, + _('Used only for updates, announcements, '. + 'and password recovery')); } else { $this->input('email', _('Email'), $this->trimmed('email'), - _('Used only for updates, announcements, '. - 'and password recovery')); + _('Used only for updates, announcements, '. + 'and password recovery')); } $this->elementEnd('li'); $this->elementStart('li'); $this->input('fullname', _('Full name'), - $this->trimmed('fullname'), - _('Longer name, preferably your "real" name')); + $this->trimmed('fullname'), + _('Longer name, preferably your "real" name')); $this->elementEnd('li'); $this->elementStart('li'); $this->input('homepage', _('Homepage'), - $this->trimmed('homepage'), - _('URL of your homepage, blog, '. - 'or profile on another site')); + $this->trimmed('homepage'), + _('URL of your homepage, blog, '. + 'or profile on another site')); $this->elementEnd('li'); $this->elementStart('li'); $this->textarea('bio', _('Bio'), - $this->trimmed('bio'), - _('Describe yourself and your '. - 'interests in 140 chars')); + $this->trimmed('bio'), + _('Describe yourself and your '. + 'interests in 140 chars')); $this->elementEnd('li'); $this->elementStart('li'); $this->input('location', _('Location'), - $this->trimmed('location'), - _('Where you are, like "City, '. - 'State (or Region), Country"')); + $this->trimmed('location'), + _('Where you are, like "City, '. + 'State (or Region), Country"')); $this->elementEnd('li'); Event::handle('EndRegistrationFormData', array($this)); $this->elementStart('li', array('id' => 'settings_rememberme')); $this->checkbox('rememberme', _('Remember me'), - $this->boolean('rememberme'), - _('Automatically login in the future; '. - 'not for shared computers!')); + $this->boolean('rememberme'), + _('Automatically login in the future; '. + 'not for shared computers!')); $this->elementEnd('li'); $attrs = array('type' => 'checkbox', - 'id' => 'license', - 'class' => 'checkbox', - 'name' => 'license', - 'value' => 'true'); + 'id' => 'license', + 'class' => 'checkbox', + 'name' => 'license', + 'value' => 'true'); if ($this->boolean('license')) { $attrs['checked'] = 'checked'; } @@ -435,9 +462,9 @@ class RegisterAction extends Action $this->elementStart('label', array('class' => 'checkbox', 'for' => 'license')); $this->text(_('My text and files are available under ')); $this->element('a', array('href' => common_config('license', 'url')), - common_config('license', 'title'), _("Creative Commons Attribution 3.0")); + common_config('license', 'title'), _("Creative Commons Attribution 3.0")); $this->text(_(' except this private data: password, '. - 'email address, IM address, and phone number.')); + 'email address, IM address, and phone number.')); $this->elementEnd('label'); $this->elementEnd('li'); } -- cgit v1.2.3-54-g00ecf From e8382b1292192d4c393f13ad7cd8da1be19211a8 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 17 Apr 2009 13:03:33 -0700 Subject: incorrect variable access --- actions/register.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'actions') diff --git a/actions/register.php b/actions/register.php index 4ac7c349d..033cf557f 100644 --- a/actions/register.php +++ b/actions/register.php @@ -63,13 +63,14 @@ class RegisterAction extends Action * @return string title */ - function prepare() + function prepare($args) { + parent::prepare($args); $this->code = $this->trimmed('code'); if (empty($this->code)) { common_ensure_session(); - if (!empty($_SESSION['invitecode'])) { + if (array_key_exists('invitecode', $_SESSION)) { $this->code = $_SESSION['invitecode']; } } @@ -80,7 +81,7 @@ class RegisterAction extends Action } if (!empty($this->code)) { - $this->invite = Invitation::staticGet($code); + $this->invite = Invitation::staticGet('code', $this->code); if (empty($this->invite)) { $this->clientError(_('Sorry, invalid invitation code.')); return false; -- cgit v1.2.3-54-g00ecf