1
|
|
|
<?php |
2
|
|
|
/** |
3
|
|
|
* Email user validation plugin. |
4
|
|
|
* Non-admin accounts are invalid until their email address is confirmed. |
5
|
|
|
* |
6
|
|
|
* @package Elgg.Core.Plugin |
7
|
|
|
* @subpackage UserValidationByEmail |
8
|
|
|
*/ |
9
|
|
|
|
10
|
|
|
/** |
11
|
|
|
* User validation by email init |
12
|
|
|
* |
13
|
|
|
* @return void |
14
|
|
|
*/ |
15
|
|
|
function uservalidationbyemail_init() { |
|
|
|
|
16
|
|
|
|
17
|
77 |
|
require_once dirname(__FILE__) . '/lib/functions.php'; |
18
|
|
|
|
19
|
|
|
// mark users as unvalidated and disable when they register |
20
|
77 |
|
elgg_register_plugin_hook_handler('register', 'user', 'uservalidationbyemail_disable_new_user'); |
21
|
|
|
|
22
|
|
|
// forward to uservalidationbyemail/emailsent page after register |
23
|
77 |
|
elgg_register_plugin_hook_handler('response', 'action:register', 'uservalidationbyemail_after_registration_url'); |
24
|
|
|
|
25
|
|
|
// canEdit override to allow not logged in code to disable a user |
26
|
77 |
|
elgg_register_plugin_hook_handler('permissions_check', 'user', 'uservalidationbyemail_allow_new_user_can_edit'); |
27
|
|
|
|
28
|
|
|
// admin user validation page |
29
|
77 |
|
elgg_register_plugin_hook_handler('register', 'menu:user:unvalidated', '_uservalidationbyemail_user_unvalidated_menu'); |
30
|
77 |
|
elgg_register_plugin_hook_handler('register', 'menu:user:unvalidated:bulk', '_uservalidationbyemail_user_unvalidated_bulk_menu'); |
31
|
|
|
|
32
|
|
|
// prevent users from logging in if they aren't validated |
33
|
77 |
|
register_pam_handler('uservalidationbyemail_check_auth_attempt', "required"); |
34
|
|
|
|
35
|
|
|
// prevent the engine from logging in users via login() |
36
|
77 |
|
elgg_register_event_handler('login:before', 'user', 'uservalidationbyemail_check_manual_login'); |
37
|
|
|
|
38
|
|
|
// make admin users always validated |
39
|
77 |
|
elgg_register_event_handler('make_admin', 'user', 'uservalidationbyemail_validate_new_admin_user'); |
40
|
77 |
|
} |
41
|
|
|
|
42
|
|
|
/** |
43
|
|
|
* Disables a user upon registration |
44
|
|
|
* |
45
|
|
|
* @param \Elgg\Hook $hook 'register', 'user' |
46
|
|
|
* |
47
|
|
|
* @return void |
48
|
|
|
*/ |
49
|
|
|
function uservalidationbyemail_disable_new_user(\Elgg\Hook $hook) { |
|
|
|
|
50
|
|
|
|
51
|
|
|
$user = $hook->getUserParam(); |
52
|
|
|
// no clue what's going on, so don't react. |
53
|
|
|
if (!$user instanceof ElggUser) { |
54
|
|
|
return; |
55
|
|
|
} |
56
|
|
|
|
57
|
|
|
// another plugin is requesting that registration be terminated |
58
|
|
|
// no need for uservalidationbyemail |
59
|
|
|
if (!$hook->getValue()) { |
60
|
|
|
return; |
61
|
|
|
} |
62
|
|
|
|
63
|
|
|
// has the user already been validated? |
64
|
|
|
if ($user->isValidated()) { |
65
|
|
|
return; |
66
|
|
|
} |
67
|
|
|
|
68
|
|
|
// disable user to prevent showing up on the site |
69
|
|
|
// set context so our canEdit() override works |
70
|
|
|
elgg_push_context('uservalidationbyemail_new_user'); |
71
|
|
|
|
72
|
|
|
elgg_call(ELGG_SHOW_DISABLED_ENTITIES, function () use ($user) { |
73
|
|
|
// Don't do a recursive disable. Any entities owned by the user at this point |
74
|
|
|
// are products of plugins that hook into create user and might need |
75
|
|
|
// access to the entities. |
76
|
|
|
// @todo That ^ sounds like a specific case...would be nice to track it down... |
77
|
|
|
$user->disable('uservalidationbyemail_new_user', false); |
78
|
|
|
|
79
|
|
|
// set user as unvalidated and send out validation email |
80
|
|
|
$user->setValidationStatus(false); |
81
|
|
|
uservalidationbyemail_request_validation($user->guid); |
82
|
|
|
|
83
|
|
|
}); |
84
|
|
|
|
85
|
|
|
elgg_pop_context(); |
86
|
|
|
} |
87
|
|
|
|
88
|
|
|
/** |
89
|
|
|
* Override the URL to be forwarded after registration |
90
|
|
|
* |
91
|
|
|
* @param \Elgg\Hook $hook 'response', 'action:register' |
92
|
|
|
* |
93
|
|
|
* @return void|\Elgg\Http\ResponseBuilder |
94
|
|
|
*/ |
95
|
|
|
function uservalidationbyemail_after_registration_url(\Elgg\Hook $hook) { |
|
|
|
|
96
|
|
|
if (elgg_get_session()->get('emailsent')) { |
97
|
|
|
$value = $hook->getValue(); |
98
|
|
|
$value->setForwardURL(elgg_normalize_url('uservalidationbyemail/emailsent')); |
99
|
|
|
return $value; |
100
|
|
|
} |
101
|
|
|
} |
102
|
|
|
|
103
|
|
|
/** |
104
|
|
|
* Override the canEdit() call for if we're in the context of registering a new user. |
105
|
|
|
* |
106
|
|
|
* @param \Elgg\Hook $hook 'permissions_check', 'user' |
107
|
|
|
* |
108
|
|
|
* @return void|true |
109
|
|
|
*/ |
110
|
|
|
function uservalidationbyemail_allow_new_user_can_edit(\Elgg\Hook $hook) { |
|
|
|
|
111
|
|
|
|
112
|
|
|
// $params['user'] is the user to check permissions for. |
113
|
|
|
// we want the entity to check, which is a user. |
114
|
134 |
|
if (!$hook->getEntityParam() instanceof ElggUser) { |
115
|
|
|
return; |
116
|
|
|
} |
117
|
|
|
|
118
|
134 |
|
$context = elgg_get_context(); |
119
|
134 |
|
if ($context == 'uservalidationbyemail_new_user' || $context == 'uservalidationbyemail_validate_user') { |
120
|
|
|
return true; |
121
|
|
|
} |
122
|
134 |
|
} |
123
|
|
|
|
124
|
|
|
/** |
125
|
|
|
* Checks if an account is validated |
126
|
|
|
* |
127
|
|
|
* @param array $credentials The username and password |
128
|
|
|
* |
129
|
|
|
* @return void |
130
|
|
|
*/ |
131
|
|
|
function uservalidationbyemail_check_auth_attempt($credentials) { |
|
|
|
|
132
|
|
|
|
133
|
10 |
|
if (!isset($credentials['username'])) { |
134
|
2 |
|
return; |
135
|
|
|
} |
136
|
|
|
|
137
|
8 |
|
$username = $credentials['username']; |
138
|
|
|
|
139
|
|
|
// See if the user exists and isn't validated |
140
|
|
|
elgg_call(ELGG_SHOW_DISABLED_ENTITIES, function() use ($username) { |
141
|
|
|
// check if logging in with email address |
142
|
8 |
|
if (strpos($username, '@') !== false) { |
143
|
|
|
$users = get_user_by_email($username); |
144
|
|
|
if (!empty($users)) { |
145
|
|
|
$username = $users[0]->username; |
146
|
|
|
} |
147
|
|
|
} |
148
|
|
|
|
149
|
8 |
|
$user = get_user_by_username($username); |
150
|
8 |
|
if ($user && isset($user->validated) && !$user->validated) { |
151
|
|
|
// show an error and resend validation email |
152
|
|
|
uservalidationbyemail_request_validation($user->guid); |
153
|
|
|
|
154
|
|
|
throw new LoginException(elgg_echo('uservalidationbyemail:login:fail')); |
155
|
|
|
} |
156
|
8 |
|
}); |
157
|
8 |
|
} |
158
|
|
|
|
159
|
|
|
/** |
160
|
|
|
* Make sure any admin users are automatically validated |
161
|
|
|
* |
162
|
|
|
* @param \Elgg\Event $event 'make_admin', 'user' |
163
|
|
|
* |
164
|
|
|
* @return void |
165
|
|
|
*/ |
166
|
|
|
function uservalidationbyemail_validate_new_admin_user(\Elgg\Event $event) { |
|
|
|
|
167
|
4 |
|
$user = $event->getObject(); |
168
|
4 |
|
if ($user instanceof ElggUser && $user->isValidated() !== true) { |
169
|
4 |
|
$user->setValidationStatus(true, 'admin_user'); |
170
|
|
|
} |
171
|
4 |
|
} |
172
|
|
|
|
173
|
|
|
/** |
174
|
|
|
* Prevent a manual code login with login() |
175
|
|
|
* |
176
|
|
|
* @param \Elgg\Event $event 'login:before', 'user' |
177
|
|
|
* |
178
|
|
|
* @return void |
179
|
|
|
* |
180
|
|
|
* @throws LoginException |
181
|
|
|
*/ |
182
|
|
|
function uservalidationbyemail_check_manual_login(\Elgg\Event $event) { |
|
|
|
|
183
|
9 |
|
$user = $event->getObject(); |
184
|
|
|
elgg_call(ELGG_SHOW_DISABLED_ENTITIES, function() use ($user) { |
185
|
9 |
|
if (($user instanceof ElggUser) && !$user->isEnabled() && !$user->validated) { |
186
|
|
|
// send new validation email |
187
|
|
|
uservalidationbyemail_request_validation($user->guid); |
188
|
|
|
|
189
|
|
|
// throw error so we get a nice error message |
190
|
|
|
throw new LoginException(elgg_echo('uservalidationbyemail:login:fail')); |
191
|
|
|
} |
192
|
9 |
|
}); |
193
|
9 |
|
} |
194
|
|
|
|
195
|
|
|
/** |
196
|
|
|
* Add a menu item to an unvalidated user |
197
|
|
|
* |
198
|
|
|
* @param \Elgg\Hook $hook the plugin hook 'register' 'menu:user:unvalidated' |
199
|
|
|
* |
200
|
|
|
* @return void|ElggMenuItem[] |
201
|
|
|
* |
202
|
|
|
* @since 3.0 |
203
|
|
|
* @internal |
204
|
|
|
*/ |
205
|
|
|
function _uservalidationbyemail_user_unvalidated_menu(\Elgg\Hook $hook) { |
|
|
|
|
206
|
|
|
|
207
|
|
|
if (!elgg_is_admin_logged_in()) { |
208
|
|
|
return; |
209
|
|
|
} |
210
|
|
|
|
211
|
|
|
$entity = $hook->getEntityParam(); |
212
|
|
|
if (!$entity instanceof ElggUser) { |
213
|
|
|
return; |
214
|
|
|
} |
215
|
|
|
|
216
|
|
|
$return = $hook->getValue(); |
217
|
|
|
|
218
|
|
|
$return[] = ElggMenuItem::factory([ |
219
|
|
|
'name' => 'uservalidationbyemail:resend', |
220
|
|
|
'text' => elgg_echo('uservalidationbyemail:admin:resend_validation'), |
221
|
|
|
'href' => elgg_http_add_url_query_elements('action/uservalidationbyemail/resend_validation', [ |
222
|
|
|
'user_guids[]' => $entity->guid, |
223
|
|
|
]), |
224
|
|
|
'confirm' => elgg_echo('uservalidationbyemail:confirm_resend_validation', [$entity->getDisplayName()]), |
225
|
|
|
'priority' => 100, |
226
|
|
|
]); |
227
|
|
|
|
228
|
|
|
return $return; |
229
|
|
|
} |
230
|
|
|
|
231
|
|
|
/** |
232
|
|
|
* Add a menu item to the buld actions for unvalidated users |
233
|
|
|
* |
234
|
|
|
* @param \Elgg\Hook $hook the plugin hook 'register' 'menu:user:unvalidated:bulk' |
235
|
|
|
* |
236
|
|
|
* @return void|ElggMenuItem[] |
237
|
|
|
* |
238
|
|
|
* @since 3.0 |
239
|
|
|
* @internal |
240
|
|
|
*/ |
241
|
|
|
function _uservalidationbyemail_user_unvalidated_bulk_menu(\Elgg\Hook $hook) { |
|
|
|
|
242
|
|
|
|
243
|
|
|
if (!elgg_is_admin_logged_in()) { |
244
|
|
|
return; |
245
|
|
|
} |
246
|
|
|
|
247
|
|
|
$return = $hook->getValue(); |
248
|
|
|
|
249
|
|
|
$return[] = ElggMenuItem::factory([ |
250
|
|
|
'id' => 'uservalidationbyemail-bulk-resend', |
251
|
|
|
'name' => 'uservalidationbyemail:resend:bulk', |
252
|
|
|
'text' => elgg_echo('uservalidationbyemail:admin:resend_validation'), |
253
|
|
|
'href' => 'action/uservalidationbyemail/resend_validation', |
254
|
|
|
'confirm' => elgg_echo('uservalidationbyemail:confirm_resend_validation_checked'), |
255
|
|
|
'priority' => 100, |
256
|
|
|
'section' => 'right', |
257
|
|
|
'deps' => 'elgg/uservalidationbyemail', |
258
|
|
|
]); |
259
|
|
|
|
260
|
|
|
return $return; |
261
|
|
|
} |
262
|
|
|
|
263
|
|
|
return function() { |
264
|
80 |
|
elgg_register_event_handler('init', 'system', 'uservalidationbyemail_init'); |
265
|
|
|
}; |
266
|
|
|
|