mysociety /
theyworkforyou
@@ -1,6 +1,6 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -$new_style_template = TRUE; |
|
| 3 | +$new_style_template = true; |
|
| 4 | 4 | |
| 5 | 5 | include_once '../../../includes/easyparliament/init.php'; |
| 6 | 6 | include_once INCLUDESPATH . 'easyparliament/member.php'; |
@@ -9,7 +9,7 @@ |
||
| 9 | 9 | If the input is not OK, the form is displayed again with error messages. |
| 10 | 10 | */ |
| 11 | 11 | |
| 12 | -$new_style_template = TRUE; |
|
| 12 | +$new_style_template = true; |
|
| 13 | 13 | |
| 14 | 14 | include_once '../../../includes/easyparliament/init.php'; |
| 15 | 15 | # need to include this as login code uses error_message |
@@ -27,11 +27,11 @@ |
||
| 27 | 27 | |
| 28 | 28 | $data['fb_login_url'] = $login->getLoginURL(); |
| 29 | 29 | if (isset($data['token'])) { |
| 30 | - $success = $login->loginUser($data['token']); |
|
| 31 | - if (!$success) { |
|
| 30 | + $success = $login->loginUser($data['token']); |
|
| 31 | + if (!$success) { |
|
| 32 | 32 | $data['error'] = 'Could not login using Facebook token'; |
| 33 | 33 | \MySociety\TheyWorkForYou\Renderer::output('login/facebook', $data); |
| 34 | - } |
|
| 34 | + } |
|
| 35 | 35 | } else { |
| 36 | 36 | \MySociety\TheyWorkForYou\Renderer::output('login/facebook', $data); |
| 37 | 37 | } |
@@ -32,6 +32,7 @@ |
||
| 32 | 32 | $data['error'] = 'Could not login using Facebook token'; |
| 33 | 33 | \MySociety\TheyWorkForYou\Renderer::output('login/facebook', $data); |
| 34 | 34 | } |
| 35 | -} else { |
|
| 35 | +} |
|
| 36 | +else { |
|
| 36 | 37 | \MySociety\TheyWorkForYou\Renderer::output('login/facebook', $data); |
| 37 | 38 | } |
@@ -12,7 +12,7 @@ discard block |
||
| 12 | 12 | */ |
| 13 | 13 | |
| 14 | 14 | class User { |
| 15 | - public function getUserDetails($user_id = False) { |
|
| 15 | + public function getUserDetails($user_id = false) { |
|
| 16 | 16 | global $THEUSER; |
| 17 | 17 | |
| 18 | 18 | $user = $THEUSER; |
@@ -250,7 +250,7 @@ discard block |
||
| 250 | 250 | } |
| 251 | 251 | |
| 252 | 252 | if ($details['email'] != $THEUSER->email()) { |
| 253 | - $results['email_changed'] = True; |
|
| 253 | + $results['email_changed'] = true; |
|
| 254 | 254 | } |
| 255 | 255 | |
| 256 | 256 | |
@@ -321,6 +321,9 @@ |
||
| 321 | 321 | return array(); |
| 322 | 322 | } |
| 323 | 323 | |
| 324 | + /** |
|
| 325 | + * @param Member $member |
|
| 326 | + */ |
|
| 324 | 327 | private function constructMPData($member, $user, $mp_house) { |
| 325 | 328 | $mp_data = array(); |
| 326 | 329 | $mp_data['name'] = $member->full_name(); |
@@ -33,10 +33,10 @@ discard block |
||
| 33 | 33 | $data['email'] = $user->email(); |
| 34 | 34 | $data['emailpublic'] = $user->emailpublic() == true ? "Yes" : "No"; |
| 35 | 35 | $data['optin'] = $user->optin() == true ? "Yes" : "No"; |
| 36 | - $data['postcode'] = $user->postcode(); |
|
| 36 | + $data['postcode'] = $user->postcode(); |
|
| 37 | 37 | $data['website'] = $user->url(); |
| 38 | - $data['registrationtime'] = $user->registrationtime(); |
|
| 39 | - $data['status']= $user->status(); |
|
| 38 | + $data['registrationtime'] = $user->registrationtime(); |
|
| 39 | + $data['status'] = $user->status(); |
|
| 40 | 40 | $data["deleted"] = $user->deleted(); |
| 41 | 41 | $data["confirmed"] = $user->confirmed(); |
| 42 | 42 | $data["status"] = $user->status(); |
@@ -243,10 +243,10 @@ discard block |
||
| 243 | 243 | // Who are we updating? $THEUSER or someone else? |
| 244 | 244 | if ($this_page == "otheruseredit") { |
| 245 | 245 | $who = 'the user’s'; |
| 246 | - $success = $THEUSER->update_other_user ( $details ); |
|
| 246 | + $success = $THEUSER->update_other_user($details); |
|
| 247 | 247 | } else { |
| 248 | 248 | $who = 'your'; |
| 249 | - $success = $THEUSER->update_self ( $details ); |
|
| 249 | + $success = $THEUSER->update_self($details); |
|
| 250 | 250 | } |
| 251 | 251 | |
| 252 | 252 | |
@@ -278,12 +278,12 @@ discard block |
||
| 278 | 278 | // If this goes well, the user will have their data |
| 279 | 279 | // added to the database and a confirmation email |
| 280 | 280 | // will be sent to them. |
| 281 | - $success = $THEUSER->add ( $details ); |
|
| 281 | + $success = $THEUSER->add($details); |
|
| 282 | 282 | |
| 283 | 283 | $errors = array(); |
| 284 | 284 | |
| 285 | 285 | if (!$success) { |
| 286 | - $errors["db"] = "Sorry, we were unable to create an account for you. Please <a href=\"mailto:". str_replace('@', '@', CONTACTEMAIL) . "\">let us know</a>. Thanks."; |
|
| 286 | + $errors["db"] = "Sorry, we were unable to create an account for you. Please <a href=\"mailto:" . str_replace('@', '@', CONTACTEMAIL) . "\">let us know</a>. Thanks."; |
|
| 287 | 287 | } |
| 288 | 288 | |
| 289 | 289 | return $errors; |
@@ -291,7 +291,7 @@ discard block |
||
| 291 | 291 | |
| 292 | 292 | public function getRep($cons_type, $mp_house) { |
| 293 | 293 | global $THEUSER; |
| 294 | - if ( !$THEUSER->has_postcode() ) { |
|
| 294 | + if (!$THEUSER->has_postcode()) { |
|
| 295 | 295 | return array(); |
| 296 | 296 | } |
| 297 | 297 | |
@@ -304,11 +304,11 @@ discard block |
||
| 304 | 304 | // Scottish homepage |
| 305 | 305 | try { |
| 306 | 306 | $constituencies = \MySociety\TheyWorkForYou\Utility\Postcode::postcodeToConstituencies($THEUSER->postcode()); |
| 307 | - if ( isset($constituencies[$cons_type]) ) { |
|
| 307 | + if (isset($constituencies[$cons_type])) { |
|
| 308 | 308 | $constituency = $constituencies[$cons_type]; |
| 309 | 309 | $MEMBER = new Member(array('constituency'=>$constituency, 'house'=> $mp_house)); |
| 310 | 310 | } |
| 311 | - } catch ( MemberException $e ) { |
|
| 311 | + } catch (MemberException $e) { |
|
| 312 | 312 | return array(); |
| 313 | 313 | } |
| 314 | 314 | |
@@ -345,7 +345,7 @@ discard block |
||
| 345 | 345 | $mreg = array(); |
| 346 | 346 | if ($THEUSER->isloggedin() && $THEUSER->postcode() != '' || $THEUSER->postcode_is_set()) { |
| 347 | 347 | $reps = \MySociety\TheyWorkForYou\Member::getRegionalList($THEUSER->postcode, $mp_house, $cons_type); |
| 348 | - foreach ( $reps as $rep ) { |
|
| 348 | + foreach ($reps as $rep) { |
|
| 349 | 349 | $member = new \MySociety\TheyWorkForYou\Member(array('person_id' => $rep['person_id'])); |
| 350 | 350 | $mreg[$rep['person_id']] = $this->constructMPData($member, $THEUSER, $mp_house); |
| 351 | 351 | } |
@@ -62,7 +62,8 @@ discard block |
||
| 62 | 62 | $details = $this->getUserDetails(); |
| 63 | 63 | $details["password"] = ''; |
| 64 | 64 | $details["emailpublic"] = false; |
| 65 | - } else { |
|
| 65 | + } |
|
| 66 | + else { |
|
| 66 | 67 | $details["firstname"] = trim(get_http_var("firstname")); |
| 67 | 68 | $details["lastname"] = trim(get_http_var("lastname")); |
| 68 | 69 | |
@@ -96,14 +97,16 @@ discard block |
||
| 96 | 97 | if (get_http_var("deleted") != "") { |
| 97 | 98 | $deleted = get_http_var("deleted"); |
| 98 | 99 | $details["deleted"] = $deleted[0] == "true" ? true : false; |
| 99 | - } else { |
|
| 100 | + } |
|
| 101 | + else { |
|
| 100 | 102 | $details['deleted'] = false; |
| 101 | 103 | } |
| 102 | 104 | |
| 103 | 105 | if (get_http_var("confirmed") != "") { |
| 104 | 106 | $confirmed = get_http_var("confirmed"); |
| 105 | 107 | $details["confirmed"] = $confirmed[0] == "true" ? true : false; |
| 106 | - } else { |
|
| 108 | + } |
|
| 109 | + else { |
|
| 107 | 110 | $details['confirmed'] = false; |
| 108 | 111 | } |
| 109 | 112 | } |
@@ -139,11 +142,13 @@ discard block |
||
| 139 | 142 | if ($details["email"] == "") { |
| 140 | 143 | $errors["email"] = "Please enter an email address"; |
| 141 | 144 | |
| 142 | - } elseif (!validate_email($details["email"])) { |
|
| 145 | + } |
|
| 146 | + elseif (!validate_email($details["email"])) { |
|
| 143 | 147 | // validate_email() is in includes/utilities.php |
| 144 | 148 | $errors["email"] = "Please enter a valid email address"; |
| 145 | 149 | |
| 146 | - } else { |
|
| 150 | + } |
|
| 151 | + else { |
|
| 147 | 152 | |
| 148 | 153 | $USER = new \USER; |
| 149 | 154 | $id_of_user_with_this_addresss = $USER->email_exists($details["email"], true); |
@@ -159,7 +164,8 @@ discard block |
||
| 159 | 164 | $errors["email"] = "Someone else has already joined with this email address"; |
| 160 | 165 | } |
| 161 | 166 | |
| 162 | - } else { |
|
| 167 | + } |
|
| 168 | + else { |
|
| 163 | 169 | // User is joining. Check no one is already here with this email. |
| 164 | 170 | if ($this_page == "userjoin" && $id_of_user_with_this_addresss) { |
| 165 | 171 | $errors["email"] = "There is already a user with this email address"; |
@@ -175,7 +181,8 @@ discard block |
||
| 175 | 181 | if ($details["password"] == "") { |
| 176 | 182 | $errors["password"] = "Please enter a password"; |
| 177 | 183 | |
| 178 | - } elseif (strlen($details["password"]) < 6) { |
|
| 184 | + } |
|
| 185 | + elseif (strlen($details["password"]) < 6) { |
|
| 179 | 186 | $errors["password"] = "Please enter at least six characters"; |
| 180 | 187 | } |
| 181 | 188 | |
@@ -187,7 +194,8 @@ discard block |
||
| 187 | 194 | $errors["password"] = "The passwords did not match. Please try again."; |
| 188 | 195 | } |
| 189 | 196 | |
| 190 | - } else { |
|
| 197 | + } |
|
| 198 | + else { |
|
| 191 | 199 | |
| 192 | 200 | // Update details pages. |
| 193 | 201 | |
@@ -205,7 +213,8 @@ discard block |
||
| 205 | 213 | if ($details["postcode"] != "") { |
| 206 | 214 | if (!validate_postcode($details["postcode"])) { |
| 207 | 215 | $errors["postcode"] = "Sorry, this isn't a valid UK postcode."; |
| 208 | - } else { |
|
| 216 | + } |
|
| 217 | + else { |
|
| 209 | 218 | try { |
| 210 | 219 | $mp = new \MySociety\TheyWorkForYou\Member(array( |
| 211 | 220 | 'postcode' => $details['postcode'], |
@@ -244,7 +253,8 @@ discard block |
||
| 244 | 253 | if ($this_page == "otheruseredit") { |
| 245 | 254 | $who = 'the user’s'; |
| 246 | 255 | $success = $THEUSER->update_other_user ( $details ); |
| 247 | - } else { |
|
| 256 | + } |
|
| 257 | + else { |
|
| 248 | 258 | $who = 'your'; |
| 249 | 259 | $success = $THEUSER->update_self ( $details ); |
| 250 | 260 | } |
@@ -255,7 +265,8 @@ discard block |
||
| 255 | 265 | |
| 256 | 266 | if ($this_page == 'otheruseredit') { |
| 257 | 267 | $this_page = "userview"; |
| 258 | - } else { |
|
| 268 | + } |
|
| 269 | + else { |
|
| 259 | 270 | $this_page = "userviewself"; |
| 260 | 271 | } |
| 261 | 272 | |
@@ -264,7 +275,8 @@ discard block |
||
| 264 | 275 | } |
| 265 | 276 | |
| 266 | 277 | |
| 267 | - } else { |
|
| 278 | + } |
|
| 279 | + else { |
|
| 268 | 280 | $results['errors'] = array("db" => "Sorry, we were unable to update $who details. Please <a href=\"mailto:" . str_replace('@', '@', CONTACTEMAIL) . "\">let us know</a> what you were trying to change. Thanks."); |
| 269 | 281 | } |
| 270 | 282 | |
@@ -32,7 +32,7 @@ |
||
| 32 | 32 | // And make sure the user is allowed to do this! |
| 33 | 33 | |
| 34 | 34 | $template = 'user/form'; |
| 35 | - if (is_numeric( get_http_var("u") ) && $THEUSER->is_able_to("edituser")) { |
|
| 35 | + if (is_numeric(get_http_var("u")) && $THEUSER->is_able_to("edituser")) { |
|
| 36 | 36 | |
| 37 | 37 | $data = $user->getUserDetails(get_http_var('u')); |
| 38 | 38 | $data['showall'] = true; |
@@ -5,7 +5,7 @@ discard block |
||
| 5 | 5 | * page so leave it like that for now. |
| 6 | 6 | */ |
| 7 | 7 | |
| 8 | -$new_style_template = TRUE; |
|
| 8 | +$new_style_template = true; |
|
| 9 | 9 | |
| 10 | 10 | include_once '../../includes/easyparliament/init.php'; |
| 11 | 11 | # need to include this as login code uses error_message |
@@ -127,7 +127,7 @@ discard block |
||
| 127 | 127 | $data['errors'] = $results['errors']; |
| 128 | 128 | $template = 'user/form'; |
| 129 | 129 | } else { |
| 130 | - $data['edited'] = True; |
|
| 130 | + $data['edited'] = true; |
|
| 131 | 131 | if (isset($results['email_changed'])) { |
| 132 | 132 | $data['email_changed'] = $results['email_changed']; |
| 133 | 133 | } |
@@ -106,12 +106,12 @@ |
||
| 106 | 106 | |
| 107 | 107 | // if data has been submitted then handle that |
| 108 | 108 | if ( |
| 109 | - get_http_var("submitted") == "true" && ( |
|
| 109 | + get_http_var("submitted") == "true" && ( |
|
| 110 | 110 | $this_page == 'useredit' || $this_page == 'otheruseredit' || $this_page == 'userjoin' |
| 111 | - ) |
|
| 112 | - ) { |
|
| 111 | + ) |
|
| 112 | + ) { |
|
| 113 | 113 | // Put all the user-submitted data in an array. |
| 114 | - $data = $user->getUpdateDetails($this_page, $THEUSER); |
|
| 114 | + $data = $user->getUpdateDetails($this_page, $THEUSER); |
|
| 115 | 115 | |
| 116 | 116 | if ($this_page == 'useredit') { |
| 117 | 117 | $data['facebook_user'] = $THEUSER->facebook_user(); |
@@ -41,7 +41,8 @@ discard block |
||
| 41 | 41 | $data['pg'] = 'editother'; |
| 42 | 42 | $this_page = "otheruseredit"; |
| 43 | 43 | |
| 44 | - } else if ($THEUSER->isloggedin()) { |
|
| 44 | + } |
|
| 45 | + else if ($THEUSER->isloggedin()) { |
|
| 45 | 46 | // Revert to editing THEUSER's own info. |
| 46 | 47 | $data = $user->getUserDetails(); |
| 47 | 48 | $data['pg'] = 'edit'; |
@@ -52,7 +53,8 @@ discard block |
||
| 52 | 53 | $this_page = 'userviewself'; |
| 53 | 54 | } |
| 54 | 55 | |
| 55 | - } else { |
|
| 56 | + } |
|
| 57 | + else { |
|
| 56 | 58 | $this_page = "userjoin"; |
| 57 | 59 | $template = 'user/join'; |
| 58 | 60 | } |
@@ -71,7 +73,8 @@ discard block |
||
| 71 | 73 | $this_page = 'userviewself'; |
| 72 | 74 | } |
| 73 | 75 | $data['pg'] = 'edit'; |
| 74 | - } else { |
|
| 76 | + } |
|
| 77 | + else { |
|
| 75 | 78 | // Unlikely to get to this page without being logged in, |
| 76 | 79 | // but just in case, show them the blank form. |
| 77 | 80 | $this_page = "userjoin"; |
@@ -89,12 +92,14 @@ discard block |
||
| 89 | 92 | $template = 'user/index'; |
| 90 | 93 | $data = $user->getUserDetails(); |
| 91 | 94 | $this_page = 'userviewself'; |
| 92 | - } else if (is_numeric(get_http_var('u'))) { |
|
| 95 | + } |
|
| 96 | + else if (is_numeric(get_http_var('u'))) { |
|
| 93 | 97 | // Viewing someone else's details. |
| 94 | 98 | $template = 'user/view_user'; |
| 95 | 99 | $data = $user->getUserDetails(get_http_var('u')); |
| 96 | 100 | $this_page = "userview"; |
| 97 | - } else { |
|
| 101 | + } |
|
| 102 | + else { |
|
| 98 | 103 | // probably want to login |
| 99 | 104 | $URL = new \MySociety\TheyWorkForYou\Url('userlogin'); |
| 100 | 105 | $URL->insert(array('ret'=>'/user/')); |
@@ -129,25 +134,29 @@ discard block |
||
| 129 | 134 | if ($this_page == 'userjoin') { |
| 130 | 135 | $template = 'user/join'; |
| 131 | 136 | } |
| 132 | - } else { |
|
| 137 | + } |
|
| 138 | + else { |
|
| 133 | 139 | if ($this_page == 'useredit' || $this_page == 'otheruseredit') { |
| 134 | 140 | $results = $user->update($data); |
| 135 | 141 | if (isset($results['errors'])) { |
| 136 | 142 | $data['errors'] = $results['errors']; |
| 137 | 143 | $template = 'user/form'; |
| 138 | - } else { |
|
| 144 | + } |
|
| 145 | + else { |
|
| 139 | 146 | $data['edited'] = True; |
| 140 | 147 | if (isset($results['email_changed'])) { |
| 141 | 148 | $data['email_changed'] = $results['email_changed']; |
| 142 | 149 | } |
| 143 | 150 | $template = 'user/index'; |
| 144 | 151 | } |
| 145 | - } else { |
|
| 152 | + } |
|
| 153 | + else { |
|
| 146 | 154 | $errors = $user->add($data); |
| 147 | 155 | if (sizeof($errors) > 0) { |
| 148 | 156 | $data['errors'] = $errors; |
| 149 | 157 | $template = 'user/join'; |
| 150 | - } else { |
|
| 158 | + } |
|
| 159 | + else { |
|
| 151 | 160 | $template = 'user/welcome'; |
| 152 | 161 | } |
| 153 | 162 | } |
@@ -125,7 +125,7 @@ |
||
| 125 | 125 | <span class="label">Security status:</span> |
| 126 | 126 | <span class="formw"><select name="status"> |
| 127 | 127 | <?php |
| 128 | - foreach ($statuses as $n => $status_name) { ?> |
|
| 128 | + foreach ($statuses as $n => $status_name) { ?> |
|
| 129 | 129 | <option value="<?= $status_name ?>"<?= $status_name == $status ? ' selected' : '' ?>> |
| 130 | 130 | <?= $status_name ?> |
| 131 | 131 | </option> |
@@ -174,7 +174,7 @@ |
||
| 174 | 174 | |
| 175 | 175 | <input type="hidden" name="submitted" value="true"> |
| 176 | 176 | |
| 177 | - <?php if (isset($ret) && $ret != '' ) { ?> |
|
| 177 | + <?php if (isset($ret) && $ret != '') { ?> |
|
| 178 | 178 | <input type="hidden" name="ret" value="<?= _htmlentities($ret) ?>"> |
| 179 | 179 | <?php } ?> |
| 180 | 180 | |
@@ -34,7 +34,7 @@ discard block |
||
| 34 | 34 | <input type="hidden" name="pg" value="edit"> |
| 35 | 35 | </form> |
| 36 | 36 | <?php } else { ?> |
| 37 | - <?php if (isset($showall) && $showall == True && isset($user_id)) { ?> |
|
| 37 | + <?php if (isset($showall) && $showall == true && isset($user_id)) { ?> |
|
| 38 | 38 | <h1>Edit the user’s details</h1> |
| 39 | 39 | <?php } else { ?> |
| 40 | 40 | <h1>Edit your details</h1> |
@@ -142,7 +142,7 @@ discard block |
||
| 142 | 142 | <input type="radio" name="emailpublic" id="emailpublicfalse" value="false" <?= $emailpublic == 'No' ? ' checked' : '' ?>> <label for="emailpublicfalse">No</label></span> |
| 143 | 143 | </div> |
| 144 | 144 | |
| 145 | - <?php if (isset($showall) && $showall == True) { ?> |
|
| 145 | + <?php if (isset($showall) && $showall == true) { ?> |
|
| 146 | 146 | <?php if (isset($errors['status'])) { ?> |
| 147 | 147 | <p class="error"> |
| 148 | 148 | <?= $errors['status'] ?> |
@@ -210,7 +210,7 @@ discard block |
||
| 210 | 210 | <input type="hidden" name="pg" value="<?= $pg ?>"> |
| 211 | 211 | <?php } ?> |
| 212 | 212 | |
| 213 | - <?php if (isset($showall) && $showall == True && isset($user_id)) { ?> |
|
| 213 | + <?php if (isset($showall) && $showall == true && isset($user_id)) { ?> |
|
| 214 | 214 | <input type="hidden" name="u" value="<?= _htmlentities($user_id) ?>"> |
| 215 | 215 | <?php } ?> |
| 216 | 216 | |
@@ -37,10 +37,12 @@ |
||
| 37 | 37 | |
| 38 | 38 | <input type="hidden" name="pg" value="edit"> |
| 39 | 39 | </form> |
| 40 | - <?php } else { ?> |
|
| 40 | + <?php } |
|
| 41 | +else { ?> |
|
| 41 | 42 | <?php if (isset($showall) && $showall == True && isset($user_id)) { ?> |
| 42 | 43 | <h1>Edit the user’s details</h1> |
| 43 | - <?php } else { ?> |
|
| 44 | + <?php } |
|
| 45 | +else { ?> |
|
| 44 | 46 | <h1>Edit your details</h1> |
| 45 | 47 | <?php } ?> |
| 46 | 48 | |
@@ -12,7 +12,7 @@ |
||
| 12 | 12 | <h1>Your details</h1> |
| 13 | 13 | <?php if (isset($edited)) { ?> |
| 14 | 14 | <p> |
| 15 | - <strong>have been updated<?= isset($email_changed) && $email_changed == True ? " and we’ve sent a confirmation email to your new email address" : '' ?>.</strong> |
|
| 15 | + <strong>have been updated<?= isset($email_changed) && $email_changed == true ? " and we’ve sent a confirmation email to your new email address" : '' ?>.</strong> |
|
| 16 | 16 | </p> |
| 17 | 17 | <?php } else { ?> |
| 18 | 18 | <p> |
@@ -42,7 +42,7 @@ |
||
| 42 | 42 | |
| 43 | 43 | <div class="row"> |
| 44 | 44 | <span class="label">Website</span> |
| 45 | - <span class="formw"><?= $website == '' ? 'none' : '<a href="' . _htmlentities($website) . '">'. _htmlentities($website) . '</a>' ?></span> |
|
| 45 | + <span class="formw"><?= $website == '' ? 'none' : '<a href="' . _htmlentities($website) . '">' . _htmlentities($website) . '</a>' ?></span> |
|
| 46 | 46 | </div> |
| 47 | 47 | |
| 48 | 48 | <?php if ($facebook_user) { ?> |
@@ -8,13 +8,15 @@ discard block |
||
| 8 | 8 | <p>We can’t find that user.</p> |
| 9 | 9 | </div> |
| 10 | 10 | </div> |
| 11 | - <?php } else { ?> |
|
| 11 | + <?php } |
|
| 12 | +else { ?> |
|
| 12 | 13 | <h1>Your details</h1> |
| 13 | 14 | <?php if (isset($edited)) { ?> |
| 14 | 15 | <p> |
| 15 | 16 | <strong>have been updated<?= isset($email_changed) && $email_changed == True ? " and we’ve sent a confirmation email to your new email address" : '' ?>.</strong> |
| 16 | 17 | </p> |
| 17 | - <?php } else { ?> |
|
| 18 | + <?php } |
|
| 19 | +else { ?> |
|
| 18 | 20 | <p> |
| 19 | 21 | <strong>This is how other people see you.</strong> |
| 20 | 22 | <?php if ($facebook_user && !$postcode) { ?> |
@@ -24,7 +26,8 @@ discard block |
||
| 24 | 26 | <a href="/user/?pg=edit">Update your postcode</a> so we can show you information about your representatives. |
| 25 | 27 | </p> |
| 26 | 28 | |
| 27 | - <?php } else { ?> |
|
| 29 | + <?php } |
|
| 30 | +else { ?> |
|
| 28 | 31 | <a href="/user/?pg=edit">Edit your details</a>. |
| 29 | 32 | <?php } ?> |
| 30 | 33 | </p> |
@@ -851,8 +851,8 @@ discard block |
||
| 851 | 851 | if ($cookie == '') { |
| 852 | 852 | $cookie = get_cookie_var("facebook_id"); |
| 853 | 853 | if ($cookie != '') { |
| 854 | - $this->facebook_user = True; |
|
| 855 | - twfy_debug("THEUSER", "is facebook login"); |
|
| 854 | + $this->facebook_user = True; |
|
| 855 | + twfy_debug("THEUSER", "is facebook login"); |
|
| 856 | 856 | } |
| 857 | 857 | } |
| 858 | 858 | |
@@ -873,36 +873,36 @@ discard block |
||
| 873 | 873 | // And make sure the user hasn't been "deleted". |
| 874 | 874 | |
| 875 | 875 | if ($this->facebook_user) { |
| 876 | - if (md5($this->facebook_token()) == $matches[2] && $this->deleted() == false) { |
|
| 877 | - twfy_debug ("THEUSER", "init SUCCESS: setting as logged in"); |
|
| 878 | - $this->loggedin = true; |
|
| 879 | - } elseif (md5 ($this->facebook_token()) != $matches[2]) { |
|
| 880 | - twfy_debug ("THEUSER", "init FAILED: Facebook token doesn't match cookie"); |
|
| 881 | - $this->loggedin = false; |
|
| 882 | - } else { |
|
| 883 | - twfy_debug ("THEUSER", "init FAILED: User is deleted"); |
|
| 884 | - $this->loggedin = false; |
|
| 885 | - } |
|
| 876 | + if (md5($this->facebook_token()) == $matches[2] && $this->deleted() == false) { |
|
| 877 | + twfy_debug ("THEUSER", "init SUCCESS: setting as logged in"); |
|
| 878 | + $this->loggedin = true; |
|
| 879 | + } elseif (md5 ($this->facebook_token()) != $matches[2]) { |
|
| 880 | + twfy_debug ("THEUSER", "init FAILED: Facebook token doesn't match cookie"); |
|
| 881 | + $this->loggedin = false; |
|
| 882 | + } else { |
|
| 883 | + twfy_debug ("THEUSER", "init FAILED: User is deleted"); |
|
| 884 | + $this->loggedin = false; |
|
| 885 | + } |
|
| 886 | 886 | } else { |
| 887 | - if (md5($this->password()) == $matches[2] && $this->deleted() == false) { |
|
| 888 | - // The correct password is in the cookie, |
|
| 889 | - // and the user isn't deleted, so set the user to be logged in. |
|
| 887 | + if (md5($this->password()) == $matches[2] && $this->deleted() == false) { |
|
| 888 | + // The correct password is in the cookie, |
|
| 889 | + // and the user isn't deleted, so set the user to be logged in. |
|
| 890 | 890 | |
| 891 | - // This would be an appropriate place to call other functions |
|
| 892 | - // that might set user info that only a logged-in user is going |
|
| 893 | - // to need. Their preferences and saved things or something. |
|
| 891 | + // This would be an appropriate place to call other functions |
|
| 892 | + // that might set user info that only a logged-in user is going |
|
| 893 | + // to need. Their preferences and saved things or something. |
|
| 894 | 894 | |
| 895 | 895 | |
| 896 | - twfy_debug ("THEUSER init SUCCEEDED", "setting as logged in"); |
|
| 897 | - $this->loggedin = true; |
|
| 896 | + twfy_debug ("THEUSER init SUCCEEDED", "setting as logged in"); |
|
| 897 | + $this->loggedin = true; |
|
| 898 | 898 | |
| 899 | - } elseif (md5 ($this->password()) != $matches[2]) { |
|
| 900 | - twfy_debug ("THEUSER init FAILED", "Password doesn't match cookie"); |
|
| 901 | - $this->loggedin = false; |
|
| 902 | - } else { |
|
| 903 | - twfy_debug ("THEUSER init FAILED", "User is deleted"); |
|
| 904 | - $this->loggedin = false; |
|
| 905 | - } |
|
| 899 | + } elseif (md5 ($this->password()) != $matches[2]) { |
|
| 900 | + twfy_debug ("THEUSER init FAILED", "Password doesn't match cookie"); |
|
| 901 | + $this->loggedin = false; |
|
| 902 | + } else { |
|
| 903 | + twfy_debug ("THEUSER init FAILED", "User is deleted"); |
|
| 904 | + $this->loggedin = false; |
|
| 905 | + } |
|
| 906 | 906 | } |
| 907 | 907 | |
| 908 | 908 | } else { |
@@ -872,7 +872,7 @@ discard block |
||
| 872 | 872 | if ($cookie == '') { |
| 873 | 873 | $cookie = get_cookie_var("facebook_id"); |
| 874 | 874 | if ($cookie != '') { |
| 875 | - $this->facebook_user = True; |
|
| 875 | + $this->facebook_user = true; |
|
| 876 | 876 | twfy_debug("THEUSER", "is facebook login"); |
| 877 | 877 | } |
| 878 | 878 | } |
@@ -1074,7 +1074,7 @@ discard block |
||
| 1074 | 1074 | |
| 1075 | 1075 | twfy_debug("USER", "logging in user from facebook " . $this->user_id); |
| 1076 | 1076 | |
| 1077 | - $this->loggedin = True; |
|
| 1077 | + $this->loggedin = true; |
|
| 1078 | 1078 | $this->_login($returl, $expire, $cookie, 'facebook_id'); |
| 1079 | 1079 | return true; |
| 1080 | 1080 | } |
@@ -1080,6 +1080,9 @@ discard block |
||
| 1080 | 1080 | return true; |
| 1081 | 1081 | } |
| 1082 | 1082 | |
| 1083 | + /** |
|
| 1084 | + * @param string $expire |
|
| 1085 | + */ |
|
| 1083 | 1086 | public function login($returl="", $expire) { |
| 1084 | 1087 | |
| 1085 | 1088 | // This is used to log the user in. Duh. |
@@ -1121,6 +1124,10 @@ discard block |
||
| 1121 | 1124 | $this->_login($returl, $expire, $cookie); |
| 1122 | 1125 | } |
| 1123 | 1126 | |
| 1127 | + /** |
|
| 1128 | + * @param string|null $returl |
|
| 1129 | + * @param string $cookie |
|
| 1130 | + */ |
|
| 1124 | 1131 | private function _login($returl, $expire, $cookie, $cookie_name = 'epuser_id') { |
| 1125 | 1132 | // Unset any existing postcode cookie. |
| 1126 | 1133 | // This will be the postcode the user set for themselves as a non-logged-in |
@@ -1170,6 +1177,9 @@ discard block |
||
| 1170 | 1177 | } |
| 1171 | 1178 | } |
| 1172 | 1179 | |
| 1180 | + /** |
|
| 1181 | + * @param string $token |
|
| 1182 | + */ |
|
| 1173 | 1183 | public function confirm_email($token, $redirect=true) { |
| 1174 | 1184 | $arg = ''; |
| 1175 | 1185 | if (strstr($token, '::')) $arg = '::'; |
@@ -138,14 +138,16 @@ discard block |
||
| 138 | 138 | |
| 139 | 139 | return true; |
| 140 | 140 | |
| 141 | - } elseif ($q->rows() > 1) { |
|
| 141 | + } |
|
| 142 | + elseif ($q->rows() > 1) { |
|
| 142 | 143 | // And, yes, if we've ended up with more than one row returned |
| 143 | 144 | // we're going to show an error too, just in case. |
| 144 | 145 | // *Should* never happen... |
| 145 | 146 | return false; |
| 146 | 147 | twfy_debug("USER", "There is more than one user with an id of '" . _htmlentities($user_id) . "'"); |
| 147 | 148 | |
| 148 | - } else { |
|
| 149 | + } |
|
| 150 | + else { |
|
| 149 | 151 | return false; |
| 150 | 152 | twfy_debug("USER", "There is no user with an id of '" . _htmlentities($user_id) . "'"); |
| 151 | 153 | } |
@@ -278,20 +280,24 @@ discard block |
||
| 278 | 280 | if ($success) { |
| 279 | 281 | // All is good in the world! |
| 280 | 282 | return true; |
| 281 | - } else { |
|
| 283 | + } |
|
| 284 | + else { |
|
| 282 | 285 | // Couldn't send the email. |
| 283 | 286 | return false; |
| 284 | 287 | } |
| 285 | - } else { |
|
| 288 | + } |
|
| 289 | + else { |
|
| 286 | 290 | // No confirmation email needed. |
| 287 | 291 | return true; |
| 288 | 292 | } |
| 289 | - } else { |
|
| 293 | + } |
|
| 294 | + else { |
|
| 290 | 295 | // Couldn't add the registration token to the DB. |
| 291 | 296 | return false; |
| 292 | 297 | } |
| 293 | 298 | |
| 294 | - } else { |
|
| 299 | + } |
|
| 300 | + else { |
|
| 295 | 301 | // Couldn't add the user's data to the DB. |
| 296 | 302 | return false; |
| 297 | 303 | } |
@@ -308,7 +314,8 @@ discard block |
||
| 308 | 314 | $this->facebook_id = $facebook_id; |
| 309 | 315 | |
| 310 | 316 | return $facebook_id; |
| 311 | - } else { |
|
| 317 | + } |
|
| 318 | + else { |
|
| 312 | 319 | return false; |
| 313 | 320 | } |
| 314 | 321 | } |
@@ -346,7 +353,8 @@ discard block |
||
| 346 | 353 | |
| 347 | 354 | if ($success) { |
| 348 | 355 | return true; |
| 349 | - } else { |
|
| 356 | + } |
|
| 357 | + else { |
|
| 350 | 358 | return false; |
| 351 | 359 | } |
| 352 | 360 | } |
@@ -388,7 +396,8 @@ discard block |
||
| 388 | 396 | |
| 389 | 397 | if ($success) { |
| 390 | 398 | return true; |
| 391 | - } else { |
|
| 399 | + } |
|
| 400 | + else { |
|
| 392 | 401 | return false; |
| 393 | 402 | } |
| 394 | 403 | } |
@@ -406,7 +415,8 @@ discard block |
||
| 406 | 415 | if (!isset($details["user_id"])) { |
| 407 | 416 | return false; |
| 408 | 417 | |
| 409 | - } elseif ($THEUSER->is_able_to("edituser")) { |
|
| 418 | + } |
|
| 419 | + elseif ($THEUSER->is_able_to("edituser")) { |
|
| 410 | 420 | |
| 411 | 421 | // If the user doing the updating has appropriate privileges... |
| 412 | 422 | |
@@ -416,11 +426,13 @@ discard block |
||
| 416 | 426 | // false otherwise. |
| 417 | 427 | if ($newdetails) { |
| 418 | 428 | return true; |
| 419 | - } else { |
|
| 429 | + } |
|
| 430 | + else { |
|
| 420 | 431 | return false; |
| 421 | 432 | } |
| 422 | 433 | |
| 423 | - } else { |
|
| 434 | + } |
|
| 435 | + else { |
|
| 424 | 436 | return false; |
| 425 | 437 | |
| 426 | 438 | } |
@@ -446,9 +458,15 @@ discard block |
||
| 446 | 458 | // Generates the password .... |
| 447 | 459 | for ($x=0; $x < 6;) { |
| 448 | 460 | $y = rand(1,1000); |
| 449 | - if($y>350 && $y<601) $d=chr(rand(48,57)); |
|
| 450 | - if($y<351) $d=chr(rand(65,90)); |
|
| 451 | - if($y>600) $d=chr(rand(97,122)); |
|
| 461 | + if($y>350 && $y<601) { |
|
| 462 | + $d=chr(rand(48,57)); |
|
| 463 | + } |
|
| 464 | + if($y<351) { |
|
| 465 | + $d=chr(rand(65,90)); |
|
| 466 | + } |
|
| 467 | + if($y>600) { |
|
| 468 | + $d=chr(rand(97,122)); |
|
| 469 | + } |
|
| 452 | 470 | if ($d!=$o && !preg_match('#[O01lI]#', $d)) { |
| 453 | 471 | $o=$d; $pwd.=$d; $x++; |
| 454 | 472 | } |
@@ -465,7 +483,8 @@ discard block |
||
| 465 | 483 | |
| 466 | 484 | // End password generating stuff. |
| 467 | 485 | |
| 468 | - } else { |
|
| 486 | + } |
|
| 487 | + else { |
|
| 469 | 488 | |
| 470 | 489 | // Email didn't exist. |
| 471 | 490 | return false; |
@@ -485,7 +504,8 @@ discard block |
||
| 485 | 504 | |
| 486 | 505 | return $pwd; |
| 487 | 506 | |
| 488 | - } else { |
|
| 507 | + } |
|
| 508 | + else { |
|
| 489 | 509 | return false; |
| 490 | 510 | } |
| 491 | 511 | |
@@ -533,10 +553,12 @@ discard block |
||
| 533 | 553 | array(':user_id' => $user_id)); |
| 534 | 554 | if ($q->rows() > 0) { |
| 535 | 555 | return true; |
| 536 | - } else { |
|
| 556 | + } |
|
| 557 | + else { |
|
| 537 | 558 | return false; |
| 538 | 559 | } |
| 539 | - } else { |
|
| 560 | + } |
|
| 561 | + else { |
|
| 540 | 562 | return false; |
| 541 | 563 | } |
| 542 | 564 | |
@@ -556,10 +578,12 @@ discard block |
||
| 556 | 578 | } |
| 557 | 579 | |
| 558 | 580 | return true; |
| 559 | - } else { |
|
| 581 | + } |
|
| 582 | + else { |
|
| 560 | 583 | return false; |
| 561 | 584 | } |
| 562 | - } else { |
|
| 585 | + } |
|
| 586 | + else { |
|
| 563 | 587 | return false; |
| 564 | 588 | } |
| 565 | 589 | |
@@ -578,10 +602,12 @@ discard block |
||
| 578 | 602 | } |
| 579 | 603 | |
| 580 | 604 | return true; |
| 581 | - } else { |
|
| 605 | + } |
|
| 606 | + else { |
|
| 582 | 607 | return false; |
| 583 | 608 | } |
| 584 | - } else { |
|
| 609 | + } |
|
| 610 | + else { |
|
| 585 | 611 | return false; |
| 586 | 612 | } |
| 587 | 613 | |
@@ -704,7 +730,8 @@ discard block |
||
| 704 | 730 | // Could maybe put some validation in here at some point. |
| 705 | 731 | if ($this->postcode != '') { |
| 706 | 732 | return true; |
| 707 | - } else { |
|
| 733 | + } |
|
| 734 | + else { |
|
| 708 | 735 | return false; |
| 709 | 736 | } |
| 710 | 737 | } |
@@ -755,7 +782,8 @@ discard block |
||
| 755 | 782 | // their own info). |
| 756 | 783 | if ($details['deleted'] == true) { |
| 757 | 784 | $del = '1'; |
| 758 | - } elseif ($details['deleted'] == false) { |
|
| 785 | + } |
|
| 786 | + elseif ($details['deleted'] == false) { |
|
| 759 | 787 | $del = '0'; |
| 760 | 788 | } |
| 761 | 789 | if (isset($del)) { |
@@ -768,7 +796,8 @@ discard block |
||
| 768 | 796 | // their own info). |
| 769 | 797 | if ($details['confirmed'] == true) { |
| 770 | 798 | $con = '1'; |
| 771 | - } elseif ($details['confirmed'] == false) { |
|
| 799 | + } |
|
| 800 | + elseif ($details['confirmed'] == false) { |
|
| 772 | 801 | $con = '0'; |
| 773 | 802 | } |
| 774 | 803 | if (isset($con)) { |
@@ -822,7 +851,8 @@ discard block |
||
| 822 | 851 | if ($q->success()) { |
| 823 | 852 | return $details; |
| 824 | 853 | |
| 825 | - } else { |
|
| 854 | + } |
|
| 855 | + else { |
|
| 826 | 856 | $PAGE->error_message ("Sorry, we were unable to update user id '" . _htmlentities($details["user_id"]) . "'"); |
| 827 | 857 | |
| 828 | 858 | return false; |
@@ -882,7 +912,8 @@ discard block |
||
| 882 | 912 | twfy_debug("THEUSER init FAILED", "No cookie set"); |
| 883 | 913 | $this->loggedin = false; |
| 884 | 914 | |
| 885 | - } elseif (preg_match("/([[:alnum:]]*)\.([[:alnum:]]*)/", $cookie, $matches)) { |
|
| 915 | + } |
|
| 916 | + elseif (preg_match("/([[:alnum:]]*)\.([[:alnum:]]*)/", $cookie, $matches)) { |
|
| 886 | 917 | |
| 887 | 918 | if (is_numeric($matches[1])) { |
| 888 | 919 | |
@@ -898,14 +929,17 @@ discard block |
||
| 898 | 929 | if (md5($this->facebook_token()) == $matches[2] && $this->deleted() == false) { |
| 899 | 930 | twfy_debug ("THEUSER", "init SUCCESS: setting as logged in"); |
| 900 | 931 | $this->loggedin = true; |
| 901 | - } elseif (md5 ($this->facebook_token()) != $matches[2]) { |
|
| 932 | + } |
|
| 933 | + elseif (md5 ($this->facebook_token()) != $matches[2]) { |
|
| 902 | 934 | twfy_debug ("THEUSER", "init FAILED: Facebook token doesn't match cookie"); |
| 903 | 935 | $this->loggedin = false; |
| 904 | - } else { |
|
| 936 | + } |
|
| 937 | + else { |
|
| 905 | 938 | twfy_debug ("THEUSER", "init FAILED: User is deleted"); |
| 906 | 939 | $this->loggedin = false; |
| 907 | 940 | } |
| 908 | - } else { |
|
| 941 | + } |
|
| 942 | + else { |
|
| 909 | 943 | if (md5($this->password()) == $matches[2] && $this->deleted() == false) { |
| 910 | 944 | // The correct password is in the cookie, |
| 911 | 945 | // and the user isn't deleted, so set the user to be logged in. |
@@ -918,26 +952,31 @@ discard block |
||
| 918 | 952 | twfy_debug ("THEUSER init SUCCEEDED", "setting as logged in"); |
| 919 | 953 | $this->loggedin = true; |
| 920 | 954 | |
| 921 | - } elseif (md5 ($this->password()) != $matches[2]) { |
|
| 955 | + } |
|
| 956 | + elseif (md5 ($this->password()) != $matches[2]) { |
|
| 922 | 957 | twfy_debug ("THEUSER init FAILED", "Password doesn't match cookie"); |
| 923 | 958 | $this->loggedin = false; |
| 924 | - } else { |
|
| 959 | + } |
|
| 960 | + else { |
|
| 925 | 961 | twfy_debug ("THEUSER init FAILED", "User is deleted"); |
| 926 | 962 | $this->loggedin = false; |
| 927 | 963 | } |
| 928 | 964 | } |
| 929 | 965 | |
| 930 | - } else { |
|
| 966 | + } |
|
| 967 | + else { |
|
| 931 | 968 | twfy_debug ("THEUSER init FAILED", "didn't get 1 row from db"); |
| 932 | 969 | $this->loggedin = false; |
| 933 | 970 | } |
| 934 | 971 | |
| 935 | - } else { |
|
| 972 | + } |
|
| 973 | + else { |
|
| 936 | 974 | twfy_debug ("THEUSER init FAILED", "cookie's user_id is not numeric"); |
| 937 | 975 | $this->loggedin = false; |
| 938 | 976 | } |
| 939 | 977 | |
| 940 | - } else { |
|
| 978 | + } |
|
| 979 | + else { |
|
| 941 | 980 | twfy_debug ("THEUSER init FAILED", "cookie is not of the correct form"); |
| 942 | 981 | $this->loggedin = false; |
| 943 | 982 | } |
@@ -985,7 +1024,8 @@ discard block |
||
| 985 | 1024 | twfy_debug("THEUSER", "isloggedin: true"); |
| 986 | 1025 | |
| 987 | 1026 | return true; |
| 988 | - } else { |
|
| 1027 | + } |
|
| 1028 | + else { |
|
| 989 | 1029 | twfy_debug("THEUSER", "isloggedin: false"); |
| 990 | 1030 | |
| 991 | 1031 | return false; |
@@ -1020,13 +1060,15 @@ discard block |
||
| 1020 | 1060 | |
| 1021 | 1061 | return true; |
| 1022 | 1062 | |
| 1023 | - } else { |
|
| 1063 | + } |
|
| 1064 | + else { |
|
| 1024 | 1065 | // Failed. |
| 1025 | 1066 | return array ("invalidemail" => $error_string); |
| 1026 | 1067 | |
| 1027 | 1068 | } |
| 1028 | 1069 | |
| 1029 | - } else { |
|
| 1070 | + } |
|
| 1071 | + else { |
|
| 1030 | 1072 | // Failed. |
| 1031 | 1073 | return array ("invalidemail" => $error_string); |
| 1032 | 1074 | } |
@@ -1105,11 +1147,13 @@ discard block |
||
| 1105 | 1147 | $PAGE->error_message ("We don't have the user_id or password to make the cookie.", true); |
| 1106 | 1148 | |
| 1107 | 1149 | return; |
| 1108 | - } elseif ($this->deleted) { |
|
| 1150 | + } |
|
| 1151 | + elseif ($this->deleted) { |
|
| 1109 | 1152 | $PAGE->error_message ("This user has been deleted.", true); |
| 1110 | 1153 | |
| 1111 | 1154 | return; |
| 1112 | - } elseif (!$this->confirmed) { |
|
| 1155 | + } |
|
| 1156 | + elseif (!$this->confirmed) { |
|
| 1113 | 1157 | $PAGE->error_message ("You have not yet confirmed your account by clicking the link in the confirmation email we sent to you. If you don't have the email, you can <a href='/user/login/?resend=" . $this->user_id() . "'>have it resent</a>. If it still doesn't arrive, get in touch.", true); |
| 1114 | 1158 | |
| 1115 | 1159 | return; |
@@ -1133,10 +1177,12 @@ discard block |
||
| 1133 | 1177 | if ($expire == 'never') { |
| 1134 | 1178 | twfy_debug("THEUSER", "cookie never expires"); |
| 1135 | 1179 | $cookie_expires = time()+86400*365*20; |
| 1136 | - } elseif (is_int($expire) && $expire > time()) { |
|
| 1180 | + } |
|
| 1181 | + elseif (is_int($expire) && $expire > time()) { |
|
| 1137 | 1182 | twfy_debug("THEUSER", "cookie expires at " . $expire); |
| 1138 | 1183 | $cookie_expires = $expire; |
| 1139 | - } else { |
|
| 1184 | + } |
|
| 1185 | + else { |
|
| 1140 | 1186 | twfy_debug("THEUSER", "cookie expires with session"); |
| 1141 | 1187 | } |
| 1142 | 1188 | |
@@ -1172,8 +1218,12 @@ discard block |
||
| 1172 | 1218 | |
| 1173 | 1219 | public function confirm_email($token, $redirect=true) { |
| 1174 | 1220 | $arg = ''; |
| 1175 | - if (strstr($token, '::')) $arg = '::'; |
|
| 1176 | - if (strstr($token, '-')) $arg = '-'; |
|
| 1221 | + if (strstr($token, '::')) { |
|
| 1222 | + $arg = '::'; |
|
| 1223 | + } |
|
| 1224 | + if (strstr($token, '-')) { |
|
| 1225 | + $arg = '-'; |
|
| 1226 | + } |
|
| 1177 | 1227 | list($user_id, $registrationtoken) = explode($arg, $token); |
| 1178 | 1228 | |
| 1179 | 1229 | if (!is_numeric($user_id) || $registrationtoken == '') { |
@@ -1236,13 +1286,16 @@ discard block |
||
| 1236 | 1286 | $redirecturl = $URL->generate(); |
| 1237 | 1287 | if ($redirect) { |
| 1238 | 1288 | $this->login($redirecturl, 'session'); |
| 1239 | - } else { |
|
| 1289 | + } |
|
| 1290 | + else { |
|
| 1240 | 1291 | return true; |
| 1241 | 1292 | } |
| 1242 | - } else { |
|
| 1293 | + } |
|
| 1294 | + else { |
|
| 1243 | 1295 | return false; |
| 1244 | 1296 | } |
| 1245 | - } else { |
|
| 1297 | + } |
|
| 1298 | + else { |
|
| 1246 | 1299 | return false; |
| 1247 | 1300 | } |
| 1248 | 1301 | |
@@ -1255,8 +1308,12 @@ discard block |
||
| 1255 | 1308 | |
| 1256 | 1309 | // Split the token into its parts. |
| 1257 | 1310 | $arg = ''; |
| 1258 | - if (strstr($token, '::')) $arg = '::'; |
|
| 1259 | - if (strstr($token, '-')) $arg = '-'; |
|
| 1311 | + if (strstr($token, '::')) { |
|
| 1312 | + $arg = '::'; |
|
| 1313 | + } |
|
| 1314 | + if (strstr($token, '-')) { |
|
| 1315 | + $arg = '-'; |
|
| 1316 | + } |
|
| 1260 | 1317 | list($user_id, $registrationtoken) = explode($arg, $token); |
| 1261 | 1318 | |
| 1262 | 1319 | if (!is_numeric($user_id) || $registrationtoken == '') { |
@@ -1310,12 +1367,14 @@ discard block |
||
| 1310 | 1367 | |
| 1311 | 1368 | $this->login($redirecturl, 'session'); |
| 1312 | 1369 | |
| 1313 | - } else { |
|
| 1370 | + } |
|
| 1371 | + else { |
|
| 1314 | 1372 | // Couldn't set them as confirmed in the DB. |
| 1315 | 1373 | return false; |
| 1316 | 1374 | } |
| 1317 | 1375 | |
| 1318 | - } else { |
|
| 1376 | + } |
|
| 1377 | + else { |
|
| 1319 | 1378 | // Couldn't find this user in the DB. Maybe the token was |
| 1320 | 1379 | // wrong or incomplete? |
| 1321 | 1380 | return false; |
@@ -1365,13 +1424,15 @@ discard block |
||
| 1365 | 1424 | twfy_debug("THEUSER", "User with ID confirmed: " . $this->user_id()); |
| 1366 | 1425 | $this->confirmed = true; |
| 1367 | 1426 | return true; |
| 1368 | - } else { |
|
| 1427 | + } |
|
| 1428 | + else { |
|
| 1369 | 1429 | twfy_debug("THEUSER", "User with ID not confirmed: " . $this->user_id()); |
| 1370 | 1430 | // Couldn't set them as confirmed in the DB. |
| 1371 | 1431 | return false; |
| 1372 | 1432 | } |
| 1373 | 1433 | |
| 1374 | - } else { |
|
| 1434 | + } |
|
| 1435 | + else { |
|
| 1375 | 1436 | // Couldn't find this user in the DB. Maybe the token was |
| 1376 | 1437 | // wrong or incomplete? |
| 1377 | 1438 | twfy_debug("THEUSER", "User with ID not found to confirm: " . $this->user_id()); |
@@ -1386,15 +1447,19 @@ discard block |
||
| 1386 | 1447 | // not-logged-in users. |
| 1387 | 1448 | |
| 1388 | 1449 | $this->postcode = $pc; |
| 1389 | - if (!headers_sent()) // if in debug mode |
|
| 1450 | + if (!headers_sent()) { |
|
| 1451 | + // if in debug mode |
|
| 1390 | 1452 | setcookie (POSTCODE_COOKIE, $pc, time()+7*86400, "/", COOKIEDOMAIN); |
| 1453 | + } |
|
| 1391 | 1454 | |
| 1392 | 1455 | twfy_debug('USER', "Set the cookie named '" . POSTCODE_COOKIE . " to '$pc' for " . COOKIEDOMAIN . " domain"); |
| 1393 | 1456 | } |
| 1394 | 1457 | |
| 1395 | 1458 | public function unset_postcode_cookie() { |
| 1396 | - if (!headers_sent()) // if in debug mode |
|
| 1459 | + if (!headers_sent()) { |
|
| 1460 | + // if in debug mode |
|
| 1397 | 1461 | setcookie (POSTCODE_COOKIE, '', time() - 3600, '/', COOKIEDOMAIN); |
| 1462 | + } |
|
| 1398 | 1463 | } |
| 1399 | 1464 | |
| 1400 | 1465 | // mostly here for updating from facebook where we do not need |
@@ -1433,11 +1498,13 @@ discard block |
||
| 1433 | 1498 | } |
| 1434 | 1499 | |
| 1435 | 1500 | return true; |
| 1436 | - } else { |
|
| 1501 | + } |
|
| 1502 | + else { |
|
| 1437 | 1503 | return false; |
| 1438 | 1504 | } |
| 1439 | 1505 | |
| 1440 | - } else { |
|
| 1506 | + } |
|
| 1507 | + else { |
|
| 1441 | 1508 | return false; |
| 1442 | 1509 | } |
| 1443 | 1510 | |
@@ -1508,20 +1575,24 @@ discard block |
||
| 1508 | 1575 | $newdetails['token'] = $token; |
| 1509 | 1576 | if ($confirm_email) { |
| 1510 | 1577 | return $this->send_email_confirmation_email($newdetails); |
| 1511 | - } else { |
|
| 1578 | + } |
|
| 1579 | + else { |
|
| 1512 | 1580 | return true; |
| 1513 | 1581 | } |
| 1514 | - } else { |
|
| 1582 | + } |
|
| 1583 | + else { |
|
| 1515 | 1584 | return false; |
| 1516 | 1585 | } |
| 1517 | 1586 | } |
| 1518 | 1587 | |
| 1519 | 1588 | return true; |
| 1520 | - } else { |
|
| 1589 | + } |
|
| 1590 | + else { |
|
| 1521 | 1591 | return false; |
| 1522 | 1592 | } |
| 1523 | 1593 | |
| 1524 | - } else { |
|
| 1594 | + } |
|
| 1595 | + else { |
|
| 1525 | 1596 | return false; |
| 1526 | 1597 | } |
| 1527 | 1598 | |
@@ -56,22 +56,22 @@ discard block |
||
| 56 | 56 | |
| 57 | 57 | class USER { |
| 58 | 58 | |
| 59 | - public $user_id = "0"; // So we have an ID for non-logged in users reporting comments etc. |
|
| 60 | - public $firstname = "Guest"; // So we have something to print for non-logged in users. |
|
| 59 | + public $user_id = "0"; // So we have an ID for non-logged in users reporting comments etc. |
|
| 60 | + public $firstname = "Guest"; // So we have something to print for non-logged in users. |
|
| 61 | 61 | public $lastname = ""; |
| 62 | - public $password = ""; // This will be a hashed version of a plaintext pw. |
|
| 62 | + public $password = ""; // This will be a hashed version of a plaintext pw. |
|
| 63 | 63 | public $email = ""; |
| 64 | - public $emailpublic = ""; // boolean - can other users see this user's email? |
|
| 64 | + public $emailpublic = ""; // boolean - can other users see this user's email? |
|
| 65 | 65 | public $postcode = ""; |
| 66 | 66 | public $url = ""; |
| 67 | - public $lastvisit = ""; // Last time the logged-in user loaded a page (GMT). |
|
| 67 | + public $lastvisit = ""; // Last time the logged-in user loaded a page (GMT). |
|
| 68 | 68 | public $registrationtime = ""; // When they registered (GMT). |
| 69 | - public $registrationip = ""; // Where they registered from. |
|
| 70 | - public $optin = ""; // boolean - Do they want emails from us? |
|
| 71 | - public $deleted = ""; // User can't log in or have their info displayed. |
|
| 72 | - public $confirmed = ''; // boolean - Has the user confirmed via email? |
|
| 73 | - public $facebook_id = ''; // Facebook ID for users who login with FB |
|
| 74 | - public $facebook_token = ''; // Facebook token for users who login with FB |
|
| 69 | + public $registrationip = ""; // Where they registered from. |
|
| 70 | + public $optin = ""; // boolean - Do they want emails from us? |
|
| 71 | + public $deleted = ""; // User can't log in or have their info displayed. |
|
| 72 | + public $confirmed = ''; // boolean - Has the user confirmed via email? |
|
| 73 | + public $facebook_id = ''; // Facebook ID for users who login with FB |
|
| 74 | + public $facebook_token = ''; // Facebook token for users who login with FB |
|
| 75 | 75 | // Don't use the status to check access privileges - use the is_able_to() function. |
| 76 | 76 | public $status = "Viewer"; |
| 77 | 77 | |
@@ -118,23 +118,23 @@ discard block |
||
| 118 | 118 | // We've got a user, so set them up. |
| 119 | 119 | |
| 120 | 120 | $this->user_id = $user_id; |
| 121 | - $this->firstname = $q->field(0,"firstname"); |
|
| 122 | - $this->lastname = $q->field(0,"lastname"); |
|
| 123 | - $this->password = $q->field(0,"password"); |
|
| 124 | - $this->email = $q->field(0,"email"); |
|
| 125 | - $this->emailpublic = $q->field(0,"emailpublic") == 1 ? true : false; |
|
| 126 | - $this->postcode = $q->field(0,"postcode"); |
|
| 127 | - $this->facebook_id = $q->field(0,"facebook_id"); |
|
| 128 | - $this->facebook_token = $q->field(0,"facebook_token"); |
|
| 129 | - $this->url = $q->field(0,"url"); |
|
| 130 | - $this->lastvisit = $q->field(0,"lastvisit"); |
|
| 121 | + $this->firstname = $q->field(0, "firstname"); |
|
| 122 | + $this->lastname = $q->field(0, "lastname"); |
|
| 123 | + $this->password = $q->field(0, "password"); |
|
| 124 | + $this->email = $q->field(0, "email"); |
|
| 125 | + $this->emailpublic = $q->field(0, "emailpublic") == 1 ? true : false; |
|
| 126 | + $this->postcode = $q->field(0, "postcode"); |
|
| 127 | + $this->facebook_id = $q->field(0, "facebook_id"); |
|
| 128 | + $this->facebook_token = $q->field(0, "facebook_token"); |
|
| 129 | + $this->url = $q->field(0, "url"); |
|
| 130 | + $this->lastvisit = $q->field(0, "lastvisit"); |
|
| 131 | 131 | $this->registrationtoken = $q->field(0, 'registrationtoken'); |
| 132 | - $this->registrationtime = $q->field(0,"registrationtime"); |
|
| 133 | - $this->registrationip = $q->field(0,"registrationip"); |
|
| 134 | - $this->optin = $q->field(0,"optin") == 1 ? true : false; |
|
| 135 | - $this->status = $q->field(0,"status"); |
|
| 136 | - $this->deleted = $q->field(0,"deleted") == 1 ? true : false; |
|
| 137 | - $this->confirmed = $q->field(0,"confirmed") == 1 ? true : false; |
|
| 132 | + $this->registrationtime = $q->field(0, "registrationtime"); |
|
| 133 | + $this->registrationip = $q->field(0, "registrationip"); |
|
| 134 | + $this->optin = $q->field(0, "optin") == 1 ? true : false; |
|
| 135 | + $this->status = $q->field(0, "status"); |
|
| 136 | + $this->deleted = $q->field(0, "deleted") == 1 ? true : false; |
|
| 137 | + $this->confirmed = $q->field(0, "confirmed") == 1 ? true : false; |
|
| 138 | 138 | |
| 139 | 139 | return true; |
| 140 | 140 | |
@@ -152,7 +152,7 @@ discard block |
||
| 152 | 152 | |
| 153 | 153 | } |
| 154 | 154 | |
| 155 | - public function add($details, $confirmation_required=true) { |
|
| 155 | + public function add($details, $confirmation_required = true) { |
|
| 156 | 156 | // Adds a new user's info into the db. |
| 157 | 157 | // Then optionally (and usually) calls another function to |
| 158 | 158 | // send them a confirmation email. |
@@ -239,7 +239,7 @@ discard block |
||
| 239 | 239 | // This will be sent to them via email, so we can confirm they exist. |
| 240 | 240 | // The token will be the first 16 characters of a hash. |
| 241 | 241 | |
| 242 | - $token = substr( password_hash($details["email"] . microtime(), PASSWORD_BCRYPT), 29, 16 ); |
|
| 242 | + $token = substr(password_hash($details["email"] . microtime(), PASSWORD_BCRYPT), 29, 16); |
|
| 243 | 243 | |
| 244 | 244 | // Full stops don't work well at the end of URLs in emails, |
| 245 | 245 | // so replace them. We won't be doing anything clever with the hash |
@@ -251,7 +251,7 @@ discard block |
||
| 251 | 251 | $r = $this->db->query("UPDATE users |
| 252 | 252 | SET registrationtoken = :registrationtoken |
| 253 | 253 | WHERE user_id = :user_id |
| 254 | - ", array ( |
|
| 254 | + ", array( |
|
| 255 | 255 | ':registrationtoken' => $this->registrationtoken, |
| 256 | 256 | ':user_id' => $this->user_id |
| 257 | 257 | )); |
@@ -298,7 +298,7 @@ discard block |
||
| 298 | 298 | } |
| 299 | 299 | |
| 300 | 300 | public function add_facebook_id($facebook_id) { |
| 301 | - $q = $this->db->query ("UPDATE users SET facebook_id = :facebook_id WHERE email = :email", |
|
| 301 | + $q = $this->db->query("UPDATE users SET facebook_id = :facebook_id WHERE email = :email", |
|
| 302 | 302 | array( |
| 303 | 303 | ':facebook_id' => $facebook_id, |
| 304 | 304 | ':email' => $this->email |
@@ -319,7 +319,7 @@ discard block |
||
| 319 | 319 | !isset($details['email']) || |
| 320 | 320 | $details['email'] == '' || |
| 321 | 321 | !isset($details['token']) || |
| 322 | - $details['token'] == '' ) { |
|
| 322 | + $details['token'] == '') { |
|
| 323 | 323 | return false; |
| 324 | 324 | } |
| 325 | 325 | |
@@ -331,12 +331,12 @@ discard block |
||
| 331 | 331 | $confirmurl = 'https://' . DOMAIN . '/E/' . $urltoken; |
| 332 | 332 | |
| 333 | 333 | // Arrays we need to send a templated email. |
| 334 | - $data = array ( |
|
| 334 | + $data = array( |
|
| 335 | 335 | 'to' => $details['email'], |
| 336 | 336 | 'template' => 'email_confirmation' |
| 337 | 337 | ); |
| 338 | 338 | |
| 339 | - $merge = array ( |
|
| 339 | + $merge = array( |
|
| 340 | 340 | 'FIRSTNAME' => $details['firstname'], |
| 341 | 341 | 'LASTNAME' => $details['lastname'], |
| 342 | 342 | 'CONFIRMURL' => $confirmurl |
@@ -373,12 +373,12 @@ discard block |
||
| 373 | 373 | $confirmurl = 'https://' . DOMAIN . '/U/' . $urltoken; |
| 374 | 374 | |
| 375 | 375 | // Arrays we need to send a templated email. |
| 376 | - $data = array ( |
|
| 376 | + $data = array( |
|
| 377 | 377 | 'to' => $details['email'], |
| 378 | 378 | 'template' => 'join_confirmation' |
| 379 | 379 | ); |
| 380 | 380 | |
| 381 | - $merge = array ( |
|
| 381 | + $merge = array( |
|
| 382 | 382 | 'FIRSTNAME' => $details['firstname'], |
| 383 | 383 | 'LASTNAME' => $details['lastname'], |
| 384 | 384 | 'CONFIRMURL' => $confirmurl |
@@ -440,23 +440,23 @@ discard block |
||
| 440 | 440 | $this->email = $email; |
| 441 | 441 | for (;;) { |
| 442 | 442 | |
| 443 | - $pwd=null; |
|
| 444 | - $o=null; |
|
| 443 | + $pwd = null; |
|
| 444 | + $o = null; |
|
| 445 | 445 | |
| 446 | 446 | // Generates the password .... |
| 447 | - for ($x=0; $x < 6;) { |
|
| 448 | - $y = rand(1,1000); |
|
| 449 | - if($y>350 && $y<601) $d=chr(rand(48,57)); |
|
| 450 | - if($y<351) $d=chr(rand(65,90)); |
|
| 451 | - if($y>600) $d=chr(rand(97,122)); |
|
| 452 | - if ($d!=$o && !preg_match('#[O01lI]#', $d)) { |
|
| 453 | - $o=$d; $pwd.=$d; $x++; |
|
| 447 | + for ($x = 0; $x < 6;) { |
|
| 448 | + $y = rand(1, 1000); |
|
| 449 | + if ($y > 350 && $y < 601) $d = chr(rand(48, 57)); |
|
| 450 | + if ($y < 351) $d = chr(rand(65, 90)); |
|
| 451 | + if ($y > 600) $d = chr(rand(97, 122)); |
|
| 452 | + if ($d != $o && !preg_match('#[O01lI]#', $d)) { |
|
| 453 | + $o = $d; $pwd .= $d; $x++; |
|
| 454 | 454 | } |
| 455 | 455 | } |
| 456 | 456 | |
| 457 | 457 | // If the PW fits your purpose (e.g. this regexpression) return it, else make a new one |
| 458 | 458 | // (You can change this regular-expression how you want ....) |
| 459 | - if (preg_match("/^[a-zA-Z]{1}([a-zA-Z]+[0-9][a-zA-Z]+)+/",$pwd)) { |
|
| 459 | + if (preg_match("/^[a-zA-Z]{1}([a-zA-Z]+[0-9][a-zA-Z]+)+/", $pwd)) { |
|
| 460 | 460 | break; |
| 461 | 461 | } |
| 462 | 462 | |
@@ -474,7 +474,7 @@ discard block |
||
| 474 | 474 | |
| 475 | 475 | $passwordforDB = password_hash($pwd, PASSWORD_BCRYPT); |
| 476 | 476 | |
| 477 | - $q = $this->db->query ("UPDATE users SET password = :password WHERE email = :email", |
|
| 477 | + $q = $this->db->query("UPDATE users SET password = :password WHERE email = :email", |
|
| 478 | 478 | array( |
| 479 | 479 | ':password' => $passwordforDB, |
| 480 | 480 | ':email' => $email |
@@ -502,14 +502,14 @@ discard block |
||
| 502 | 502 | return false; |
| 503 | 503 | } |
| 504 | 504 | |
| 505 | - $data = array ( |
|
| 505 | + $data = array( |
|
| 506 | 506 | 'to' => $this->email(), |
| 507 | 507 | 'template' => 'new_password' |
| 508 | 508 | ); |
| 509 | 509 | |
| 510 | 510 | $URL = new \MySociety\TheyWorkForYou\Url("userlogin"); |
| 511 | 511 | |
| 512 | - $merge = array ( |
|
| 512 | + $merge = array( |
|
| 513 | 513 | 'EMAIL' => $this->email(), |
| 514 | 514 | 'LOGINURL' => "https://" . DOMAIN . $URL->generate(), |
| 515 | 515 | 'PASSWORD' => $this->password() |
@@ -568,7 +568,7 @@ discard block |
||
| 568 | 568 | public function facebook_id_exists($id, $return_id = false) { |
| 569 | 569 | // Returns true if there's a user with this facebook id. |
| 570 | 570 | |
| 571 | - if ($id!= "") { |
|
| 571 | + if ($id != "") { |
|
| 572 | 572 | $q = $this->db->query("SELECT user_id FROM users WHERE facebook_id = :id", array(':id' => $id)); |
| 573 | 573 | if ($q->rows() > 0) { |
| 574 | 574 | if ($return_id) { |
@@ -647,7 +647,7 @@ discard block |
||
| 647 | 647 | /* Everyone */ return true; |
| 648 | 648 | |
| 649 | 649 | default: |
| 650 | - $PAGE->error_message ("You need to set permissions for '$action'!"); |
|
| 650 | + $PAGE->error_message("You need to set permissions for '$action'!"); |
|
| 651 | 651 | |
| 652 | 652 | return false; |
| 653 | 653 | |
@@ -665,7 +665,7 @@ discard block |
||
| 665 | 665 | // Maybe there's a way of fetching these from the DB, |
| 666 | 666 | // so we don't duplicate them here...? |
| 667 | 667 | |
| 668 | - $statuses = array ("Viewer", "User", "Moderator", "Administrator", "Superuser"); |
|
| 668 | + $statuses = array("Viewer", "User", "Moderator", "Administrator", "Superuser"); |
|
| 669 | 669 | |
| 670 | 670 | return $statuses; |
| 671 | 671 | |
@@ -824,7 +824,7 @@ discard block |
||
| 824 | 824 | return $details; |
| 825 | 825 | |
| 826 | 826 | } else { |
| 827 | - $PAGE->error_message ("Sorry, we were unable to update user id '" . _htmlentities($details["user_id"]) . "'"); |
|
| 827 | + $PAGE->error_message("Sorry, we were unable to update user id '" . _htmlentities($details["user_id"]) . "'"); |
|
| 828 | 828 | |
| 829 | 829 | return false; |
| 830 | 830 | } |
@@ -897,13 +897,13 @@ discard block |
||
| 897 | 897 | |
| 898 | 898 | if ($this->facebook_user) { |
| 899 | 899 | if (md5($this->facebook_token()) == $matches[2] && $this->deleted() == false) { |
| 900 | - twfy_debug ("THEUSER", "init SUCCESS: setting as logged in"); |
|
| 900 | + twfy_debug("THEUSER", "init SUCCESS: setting as logged in"); |
|
| 901 | 901 | $this->loggedin = true; |
| 902 | - } elseif (md5 ($this->facebook_token()) != $matches[2]) { |
|
| 903 | - twfy_debug ("THEUSER", "init FAILED: Facebook token doesn't match cookie"); |
|
| 902 | + } elseif (md5($this->facebook_token()) != $matches[2]) { |
|
| 903 | + twfy_debug("THEUSER", "init FAILED: Facebook token doesn't match cookie"); |
|
| 904 | 904 | $this->loggedin = false; |
| 905 | 905 | } else { |
| 906 | - twfy_debug ("THEUSER", "init FAILED: User is deleted"); |
|
| 906 | + twfy_debug("THEUSER", "init FAILED: User is deleted"); |
|
| 907 | 907 | $this->loggedin = false; |
| 908 | 908 | } |
| 909 | 909 | } else { |
@@ -916,30 +916,30 @@ discard block |
||
| 916 | 916 | // to need. Their preferences and saved things or something. |
| 917 | 917 | |
| 918 | 918 | |
| 919 | - twfy_debug ("THEUSER init SUCCEEDED", "setting as logged in"); |
|
| 919 | + twfy_debug("THEUSER init SUCCEEDED", "setting as logged in"); |
|
| 920 | 920 | $this->loggedin = true; |
| 921 | 921 | |
| 922 | - } elseif (md5 ($this->password()) != $matches[2]) { |
|
| 923 | - twfy_debug ("THEUSER init FAILED", "Password doesn't match cookie"); |
|
| 922 | + } elseif (md5($this->password()) != $matches[2]) { |
|
| 923 | + twfy_debug("THEUSER init FAILED", "Password doesn't match cookie"); |
|
| 924 | 924 | $this->loggedin = false; |
| 925 | 925 | } else { |
| 926 | - twfy_debug ("THEUSER init FAILED", "User is deleted"); |
|
| 926 | + twfy_debug("THEUSER init FAILED", "User is deleted"); |
|
| 927 | 927 | $this->loggedin = false; |
| 928 | 928 | } |
| 929 | 929 | } |
| 930 | 930 | |
| 931 | 931 | } else { |
| 932 | - twfy_debug ("THEUSER init FAILED", "didn't get 1 row from db"); |
|
| 932 | + twfy_debug("THEUSER init FAILED", "didn't get 1 row from db"); |
|
| 933 | 933 | $this->loggedin = false; |
| 934 | 934 | } |
| 935 | 935 | |
| 936 | 936 | } else { |
| 937 | - twfy_debug ("THEUSER init FAILED", "cookie's user_id is not numeric"); |
|
| 937 | + twfy_debug("THEUSER init FAILED", "cookie's user_id is not numeric"); |
|
| 938 | 938 | $this->loggedin = false; |
| 939 | 939 | } |
| 940 | 940 | |
| 941 | 941 | } else { |
| 942 | - twfy_debug ("THEUSER init FAILED", "cookie is not of the correct form"); |
|
| 942 | + twfy_debug("THEUSER init FAILED", "cookie is not of the correct form"); |
|
| 943 | 943 | $this->loggedin = false; |
| 944 | 944 | } |
| 945 | 945 | |
@@ -1010,67 +1010,67 @@ discard block |
||
| 1010 | 1010 | |
| 1011 | 1011 | if ($q->rows() == 1) { |
| 1012 | 1012 | // OK. |
| 1013 | - $dbpassword = $q->field(0,"password"); |
|
| 1013 | + $dbpassword = $q->field(0, "password"); |
|
| 1014 | 1014 | if (password_verify($userenteredpassword, $dbpassword)) { |
| 1015 | - $this->user_id = $q->field(0,"user_id"); |
|
| 1015 | + $this->user_id = $q->field(0, "user_id"); |
|
| 1016 | 1016 | $this->password = $dbpassword; |
| 1017 | 1017 | // We'll need these when we're going to log in. |
| 1018 | - $this->deleted = $q->field(0,"deleted") == 1 ? true : false; |
|
| 1019 | - $this->confirmed = $q->field(0,"confirmed") == 1 ? true : false; |
|
| 1018 | + $this->deleted = $q->field(0, "deleted") == 1 ? true : false; |
|
| 1019 | + $this->confirmed = $q->field(0, "confirmed") == 1 ? true : false; |
|
| 1020 | 1020 | |
| 1021 | 1021 | return true; |
| 1022 | 1022 | |
| 1023 | 1023 | } else { |
| 1024 | 1024 | // Failed. |
| 1025 | - return array ("invalidemail" => $error_string); |
|
| 1025 | + return array("invalidemail" => $error_string); |
|
| 1026 | 1026 | |
| 1027 | 1027 | } |
| 1028 | 1028 | |
| 1029 | 1029 | } else { |
| 1030 | 1030 | // Failed. |
| 1031 | - return array ("invalidemail" => $error_string); |
|
| 1031 | + return array("invalidemail" => $error_string); |
|
| 1032 | 1032 | } |
| 1033 | 1033 | |
| 1034 | 1034 | } |
| 1035 | 1035 | |
| 1036 | 1036 | public function has_postcode() { |
| 1037 | 1037 | $has_postcode = false; |
| 1038 | - if ( $this->isloggedin() && $this->postcode() != '' || $this->postcode_is_set() ) { |
|
| 1038 | + if ($this->isloggedin() && $this->postcode() != '' || $this->postcode_is_set()) { |
|
| 1039 | 1039 | $has_postcode = true; |
| 1040 | 1040 | } |
| 1041 | 1041 | return $has_postcode; |
| 1042 | 1042 | } |
| 1043 | 1043 | |
| 1044 | 1044 | |
| 1045 | - public function facebook_login($returl="", $expire, $accessToken) { |
|
| 1045 | + public function facebook_login($returl = "", $expire, $accessToken) { |
|
| 1046 | 1046 | global $PAGE; |
| 1047 | 1047 | |
| 1048 | 1048 | twfy_debug("THEUSER", "Faceook login, user_id " . $this->user_id); |
| 1049 | 1049 | twfy_debug("THEUSER", "Faceook login, facebook_id " . $this->facebook_id); |
| 1050 | 1050 | twfy_debug("THEUSER", "Faceook login, email" . $this->email); |
| 1051 | 1051 | if ($this->facebook_id() == "") { |
| 1052 | - $PAGE->error_message ("We don't have a facebook id for this user.", true); |
|
| 1052 | + $PAGE->error_message("We don't have a facebook id for this user.", true); |
|
| 1053 | 1053 | |
| 1054 | 1054 | return; |
| 1055 | 1055 | } |
| 1056 | 1056 | |
| 1057 | 1057 | twfy_debug("THEUSER", "Faceook login, facebook_token: " . $accessToken); |
| 1058 | 1058 | |
| 1059 | - $q = $this->db->query ("UPDATE users SET facebook_token = :token WHERE email = :email", |
|
| 1059 | + $q = $this->db->query("UPDATE users SET facebook_token = :token WHERE email = :email", |
|
| 1060 | 1060 | array( |
| 1061 | 1061 | ':token' => $accessToken, |
| 1062 | 1062 | ':email' => $this->email |
| 1063 | 1063 | )); |
| 1064 | 1064 | |
| 1065 | 1065 | if (!$q->success()) { |
| 1066 | - $PAGE->error_message ("There was a problem logging you in", true); |
|
| 1066 | + $PAGE->error_message("There was a problem logging you in", true); |
|
| 1067 | 1067 | twfy_debug("THEUSER", "Faceook login, failed to set accessToken"); |
| 1068 | 1068 | |
| 1069 | 1069 | return false; |
| 1070 | 1070 | } |
| 1071 | 1071 | |
| 1072 | 1072 | // facebook login users probably don't have a password |
| 1073 | - $cookie = $this->user_id() . "." . md5 ($accessToken); |
|
| 1073 | + $cookie = $this->user_id() . "." . md5($accessToken); |
|
| 1074 | 1074 | twfy_debug("THEUSER", "Faceook login, cookie: " . $cookie); |
| 1075 | 1075 | |
| 1076 | 1076 | twfy_debug("USER", "logging in user from facebook " . $this->user_id); |
@@ -1080,7 +1080,7 @@ discard block |
||
| 1080 | 1080 | return true; |
| 1081 | 1081 | } |
| 1082 | 1082 | |
| 1083 | - public function login($returl="", $expire) { |
|
| 1083 | + public function login($returl = "", $expire) { |
|
| 1084 | 1084 | |
| 1085 | 1085 | // This is used to log the user in. Duh. |
| 1086 | 1086 | // You should already have checked the user's email and password using |
@@ -1102,21 +1102,21 @@ discard block |
||
| 1102 | 1102 | |
| 1103 | 1103 | // Various checks about the user - if they fail, we exit. |
| 1104 | 1104 | if ($this->user_id() == "" || $this->password == "") { |
| 1105 | - $PAGE->error_message ("We don't have the user_id or password to make the cookie.", true); |
|
| 1105 | + $PAGE->error_message("We don't have the user_id or password to make the cookie.", true); |
|
| 1106 | 1106 | |
| 1107 | 1107 | return; |
| 1108 | 1108 | } elseif ($this->deleted) { |
| 1109 | - $PAGE->error_message ("This user has been deleted.", true); |
|
| 1109 | + $PAGE->error_message("This user has been deleted.", true); |
|
| 1110 | 1110 | |
| 1111 | 1111 | return; |
| 1112 | 1112 | } elseif (!$this->confirmed) { |
| 1113 | - $PAGE->error_message ("You have not yet confirmed your account by clicking the link in the confirmation email we sent to you. If you don't have the email, you can <a href='/user/login/?resend=" . $this->user_id() . "'>have it resent</a>. If it still doesn't arrive, get in touch.", true); |
|
| 1113 | + $PAGE->error_message("You have not yet confirmed your account by clicking the link in the confirmation email we sent to you. If you don't have the email, you can <a href='/user/login/?resend=" . $this->user_id() . "'>have it resent</a>. If it still doesn't arrive, get in touch.", true); |
|
| 1114 | 1114 | |
| 1115 | 1115 | return; |
| 1116 | 1116 | } |
| 1117 | 1117 | |
| 1118 | 1118 | // Reminder: $this->password is actually a hashed version of the plaintext pw. |
| 1119 | - $cookie = $this->user_id() . "." . md5 ($this->password()); |
|
| 1119 | + $cookie = $this->user_id() . "." . md5($this->password()); |
|
| 1120 | 1120 | |
| 1121 | 1121 | $this->_login($returl, $expire, $cookie); |
| 1122 | 1122 | } |
@@ -1132,7 +1132,7 @@ discard block |
||
| 1132 | 1132 | $cookie_expires = 0; |
| 1133 | 1133 | if ($expire == 'never') { |
| 1134 | 1134 | twfy_debug("THEUSER", "cookie never expires"); |
| 1135 | - $cookie_expires = time()+86400*365*20; |
|
| 1135 | + $cookie_expires = time() + 86400 * 365 * 20; |
|
| 1136 | 1136 | } elseif (is_int($expire) && $expire > time()) { |
| 1137 | 1137 | twfy_debug("THEUSER", "cookie expires at " . $expire); |
| 1138 | 1138 | $cookie_expires = $expire; |
@@ -1170,7 +1170,7 @@ discard block |
||
| 1170 | 1170 | } |
| 1171 | 1171 | } |
| 1172 | 1172 | |
| 1173 | - public function confirm_email($token, $redirect=true) { |
|
| 1173 | + public function confirm_email($token, $redirect = true) { |
|
| 1174 | 1174 | $arg = ''; |
| 1175 | 1175 | if (strstr($token, '::')) $arg = '::'; |
| 1176 | 1176 | if (strstr($token, '-')) $arg = '-'; |
@@ -1183,24 +1183,24 @@ discard block |
||
| 1183 | 1183 | FROM tokens |
| 1184 | 1184 | WHERE token = :token |
| 1185 | 1185 | AND type = 'E' |
| 1186 | - ", array (':token' => $registrationtoken)); |
|
| 1186 | + ", array(':token' => $registrationtoken)); |
|
| 1187 | 1187 | |
| 1188 | 1188 | if ($q->rows() == 1) { |
| 1189 | 1189 | $expires = $q->field(0, 'expires'); |
| 1190 | 1190 | $expire_time = strtotime($expires); |
| 1191 | - if ( $expire_time < time() ) { |
|
| 1191 | + if ($expire_time < time()) { |
|
| 1192 | 1192 | global $PAGE; |
| 1193 | 1193 | if ($PAGE && $redirect) { |
| 1194 | - $PAGE->error_message ("Sorry, that token seems to have expired"); |
|
| 1194 | + $PAGE->error_message("Sorry, that token seems to have expired"); |
|
| 1195 | 1195 | } |
| 1196 | 1196 | |
| 1197 | 1197 | return false; |
| 1198 | 1198 | } |
| 1199 | 1199 | |
| 1200 | - list( $user_id, $email ) = explode('::', $q->field(0, 'data')); |
|
| 1200 | + list($user_id, $email) = explode('::', $q->field(0, 'data')); |
|
| 1201 | 1201 | |
| 1202 | 1202 | // if we are logged in as someone else don't change the email |
| 1203 | - if ( $this->user_id() != 0 && $this->user_id() != $user_id ) { |
|
| 1203 | + if ($this->user_id() != 0 && $this->user_id() != $user_id) { |
|
| 1204 | 1204 | return false; |
| 1205 | 1205 | } |
| 1206 | 1206 | |
@@ -1340,7 +1340,7 @@ discard block |
||
| 1340 | 1340 | |
| 1341 | 1341 | twfy_debug("THEUSER", "User with ID found to confirm: " . $this->user_id()); |
| 1342 | 1342 | // We'll need these to be set before logging the user in. |
| 1343 | - $this->email = $q->field(0, 'email'); |
|
| 1343 | + $this->email = $q->field(0, 'email'); |
|
| 1344 | 1344 | |
| 1345 | 1345 | // Set that they're confirmed in the DB. |
| 1346 | 1346 | $r = $this->db->query("UPDATE users |
@@ -1387,14 +1387,14 @@ discard block |
||
| 1387 | 1387 | |
| 1388 | 1388 | $this->postcode = $pc; |
| 1389 | 1389 | if (!headers_sent()) // if in debug mode |
| 1390 | - setcookie (POSTCODE_COOKIE, $pc, time()+7*86400, "/", COOKIEDOMAIN); |
|
| 1390 | + setcookie(POSTCODE_COOKIE, $pc, time() + 7 * 86400, "/", COOKIEDOMAIN); |
|
| 1391 | 1391 | |
| 1392 | 1392 | twfy_debug('USER', "Set the cookie named '" . POSTCODE_COOKIE . " to '$pc' for " . COOKIEDOMAIN . " domain"); |
| 1393 | 1393 | } |
| 1394 | 1394 | |
| 1395 | 1395 | public function unset_postcode_cookie() { |
| 1396 | 1396 | if (!headers_sent()) // if in debug mode |
| 1397 | - setcookie (POSTCODE_COOKIE, '', time() - 3600, '/', COOKIEDOMAIN); |
|
| 1397 | + setcookie(POSTCODE_COOKIE, '', time() - 3600, '/', COOKIEDOMAIN); |
|
| 1398 | 1398 | } |
| 1399 | 1399 | |
| 1400 | 1400 | // mostly here for updating from facebook where we do not need |
@@ -1407,8 +1407,8 @@ discard block |
||
| 1407 | 1407 | |
| 1408 | 1408 | // this is checked elsewhere but just in case we check here and |
| 1409 | 1409 | // bail out to be on the safe side |
| 1410 | - if ( isset($details['email'] ) ) { |
|
| 1411 | - if ( $details['email'] != $this->email() && $this->email_exists( $details['email'] ) ) { |
|
| 1410 | + if (isset($details['email'])) { |
|
| 1411 | + if ($details['email'] != $this->email() && $this->email_exists($details['email'])) { |
|
| 1412 | 1412 | return false; |
| 1413 | 1413 | } |
| 1414 | 1414 | } |
@@ -1457,8 +1457,8 @@ discard block |
||
| 1457 | 1457 | // this is checked elsewhere but just in case we check here and |
| 1458 | 1458 | // bail out to be on the safe side |
| 1459 | 1459 | $email = ''; |
| 1460 | - if ( isset($details['email'] ) ) { |
|
| 1461 | - if ( $details['email'] != $this->email() && $this->email_exists( $details['email'] ) ) { |
|
| 1460 | + if (isset($details['email'])) { |
|
| 1461 | + if ($details['email'] != $this->email() && $this->email_exists($details['email'])) { |
|
| 1462 | 1462 | return false; |
| 1463 | 1463 | } |
| 1464 | 1464 | $email = $details['email']; |
@@ -1486,7 +1486,7 @@ discard block |
||
| 1486 | 1486 | } |
| 1487 | 1487 | |
| 1488 | 1488 | if ($email && $email != $this->email) { |
| 1489 | - $token = substr( password_hash($email . microtime(), PASSWORD_BCRYPT), 29, 16 ); |
|
| 1489 | + $token = substr(password_hash($email . microtime(), PASSWORD_BCRYPT), 29, 16); |
|
| 1490 | 1490 | $data = $this->user_id() . '::' . $email; |
| 1491 | 1491 | $r = $this->db->query("INSERT INTO tokens |
| 1492 | 1492 | ( expires, token, type, data ) |
@@ -1503,7 +1503,7 @@ discard block |
||
| 1503 | 1503 | )); |
| 1504 | 1504 | |
| 1505 | 1505 | // send confirmation email here |
| 1506 | - if ( $r->success() ) { |
|
| 1506 | + if ($r->success()) { |
|
| 1507 | 1507 | $newdetails['email'] = $email; |
| 1508 | 1508 | $newdetails['token'] = $token; |
| 1509 | 1509 | if ($confirm_email) { |
@@ -19,14 +19,14 @@ discard block |
||
| 19 | 19 | if (get_http_var("submitted") == "true") { |
| 20 | 20 | // Form has been submitted, so check input. |
| 21 | 21 | |
| 22 | - $email = get_http_var("email"); |
|
| 22 | + $email = get_http_var("email"); |
|
| 23 | 23 | $password = get_http_var("password"); |
| 24 | 24 | $remember = get_http_var("remember"); |
| 25 | 25 | |
| 26 | 26 | // The user may have tried to do something that requires being logged in. |
| 27 | 27 | // In which case we should arrive here with that page's URL in 'ret'. |
| 28 | 28 | // We can then send the user there after log in. |
| 29 | - $returnurl = get_http_var("ret"); |
|
| 29 | + $returnurl = get_http_var("ret"); |
|
| 30 | 30 | |
| 31 | 31 | $errors = array(); |
| 32 | 32 | |
@@ -53,7 +53,7 @@ discard block |
||
| 53 | 53 | if ($remember == "true") { |
| 54 | 54 | $expire = "never"; |
| 55 | 55 | } else { |
| 56 | - $expire ="session"; |
|
| 56 | + $expire = "session"; |
|
| 57 | 57 | } |
| 58 | 58 | |
| 59 | 59 | // $returnurl is the url of where we'll send the user after login. |
@@ -96,7 +96,7 @@ discard block |
||
| 96 | 96 | } |
| 97 | 97 | |
| 98 | 98 | |
| 99 | -function display_page( $errors=array() ) { |
|
| 99 | +function display_page($errors = array()) { |
|
| 100 | 100 | global $PAGE, $this_page, $THEUSER; |
| 101 | 101 | |
| 102 | 102 | $PAGE->page_start(); |
@@ -127,7 +127,7 @@ discard block |
||
| 127 | 127 | <?php |
| 128 | 128 | |
| 129 | 129 | $PAGE->stripe_end(array( |
| 130 | - array ( |
|
| 130 | + array( |
|
| 131 | 131 | 'type' => 'include', |
| 132 | 132 | 'content' => 'userlogin' |
| 133 | 133 | ) |
@@ -32,7 +32,8 @@ discard block |
||
| 32 | 32 | |
| 33 | 33 | if ($email == "") { |
| 34 | 34 | $errors["email"] = "Please enter your email address"; |
| 35 | - } elseif (!validate_email($email)) { |
|
| 35 | + } |
|
| 36 | + elseif (!validate_email($email)) { |
|
| 36 | 37 | $errors["email"] = "Please enter a valid email address"; |
| 37 | 38 | } |
| 38 | 39 | if ($password == "") { |
@@ -43,7 +44,8 @@ discard block |
||
| 43 | 44 | // Validation errors. Print form again. |
| 44 | 45 | display_page($errors); |
| 45 | 46 | |
| 46 | - } else { |
|
| 47 | + } |
|
| 48 | + else { |
|
| 47 | 49 | // No errors so far, so try to log in. |
| 48 | 50 | |
| 49 | 51 | $valid = $THEUSER->isvalid($email, $password); |
@@ -52,14 +54,16 @@ discard block |
||
| 52 | 54 | // No validation errors. |
| 53 | 55 | if ($remember == "true") { |
| 54 | 56 | $expire = "never"; |
| 55 | - } else { |
|
| 57 | + } |
|
| 58 | + else { |
|
| 56 | 59 | $expire ="session"; |
| 57 | 60 | } |
| 58 | 61 | |
| 59 | 62 | // $returnurl is the url of where we'll send the user after login. |
| 60 | 63 | $THEUSER->login($returnurl, $expire); |
| 61 | 64 | |
| 62 | - } else { |
|
| 65 | + } |
|
| 66 | + else { |
|
| 63 | 67 | |
| 64 | 68 | // Merge the validation errors with any we already have. |
| 65 | 69 | $errors = array_merge($errors, $valid); |
@@ -69,7 +73,8 @@ discard block |
||
| 69 | 73 | |
| 70 | 74 | } |
| 71 | 75 | |
| 72 | -} elseif ($resend = get_http_var('resend')) { |
|
| 76 | +} |
|
| 77 | +elseif ($resend = get_http_var('resend')) { |
|
| 73 | 78 | $USER = new USER(); |
| 74 | 79 | $USER->init($resend); |
| 75 | 80 | if (!$USER->confirmed()) { |
@@ -90,7 +95,8 @@ discard block |
||
| 90 | 95 | $PAGE->stripe_end(); |
| 91 | 96 | $PAGE->page_end(); |
| 92 | 97 | } |
| 93 | -} else { |
|
| 98 | +} |
|
| 99 | +else { |
|
| 94 | 100 | // First time to the page... |
| 95 | 101 | display_page(); |
| 96 | 102 | } |
@@ -25,7 +25,7 @@ |
||
| 25 | 25 | |
| 26 | 26 | public function tearDown() |
| 27 | 27 | { |
| 28 | - $this->db = NULL; |
|
| 28 | + $this->db = null; |
|
| 29 | 29 | |
| 30 | 30 | parent::tearDown(); |
| 31 | 31 | } |
