mysociety /
theyworkforyou
@@ -7,7 +7,7 @@ |
||
| 7 | 7 | namespace MySociety\TheyWorkForYou; |
| 8 | 8 | |
| 9 | 9 | // Disable the old PAGE class. |
| 10 | -$new_style_template = TRUE; |
|
| 10 | +$new_style_template = true; |
|
| 11 | 11 | global $this_page; |
| 12 | 12 | $this_page = 'topics'; |
| 13 | 13 | |
@@ -8,7 +8,7 @@ |
||
| 8 | 8 | $topic = $topics->getTopic($slug); |
| 9 | 9 | } |
| 10 | 10 | |
| 11 | -if (!$slug || !isset($topic) || $topic === NULL) { |
|
| 11 | +if (!$slug || !isset($topic) || $topic === null) { |
|
| 12 | 12 | header('HTTP/1.0 404 Not Found'); |
| 13 | 13 | exit(); |
| 14 | 14 | } |
@@ -9,7 +9,7 @@ |
||
| 9 | 9 | If the input is not OK, the form is displayed again with error messages. |
| 10 | 10 | */ |
| 11 | 11 | |
| 12 | -$new_style_template = TRUE; |
|
| 12 | +$new_style_template = true; |
|
| 13 | 13 | |
| 14 | 14 | include_once '../../../includes/easyparliament/init.php'; |
| 15 | 15 | # need to include this as login code uses error_message |
@@ -27,11 +27,11 @@ |
||
| 27 | 27 | |
| 28 | 28 | $data['fb_login_url'] = $login->getLoginURL(); |
| 29 | 29 | if (isset($data['token'])) { |
| 30 | - $success = $login->loginUser($data['token']); |
|
| 31 | - if (!$success) { |
|
| 30 | + $success = $login->loginUser($data['token']); |
|
| 31 | + if (!$success) { |
|
| 32 | 32 | $data['error'] = 'Could not login using Facebook token'; |
| 33 | 33 | \MySociety\TheyWorkForYou\Renderer::output('login/facebook', $data); |
| 34 | - } |
|
| 34 | + } |
|
| 35 | 35 | } else { |
| 36 | 36 | \MySociety\TheyWorkForYou\Renderer::output('login/facebook', $data); |
| 37 | 37 | } |
@@ -33,15 +33,15 @@ discard block |
||
| 33 | 33 | ':email' => $email |
| 34 | 34 | )); |
| 35 | 35 | $out = ''; |
| 36 | - for ($i=0; $i<$q->rows(); ++$i) { |
|
| 36 | + for ($i = 0; $i < $q->rows(); ++$i) { |
|
| 37 | 37 | $row = $q->row($i); |
| 38 | - $criteria = explode(' ',$row['criteria']); |
|
| 38 | + $criteria = explode(' ', $row['criteria']); |
|
| 39 | 39 | $ccc = array(); |
| 40 | 40 | $current = true; |
| 41 | 41 | foreach ($criteria as $c) { |
| 42 | - if (preg_match('#^speaker:(\d+)#',$c,$m)) { |
|
| 42 | + if (preg_match('#^speaker:(\d+)#', $c, $m)) { |
|
| 43 | 43 | $MEMBER = new \MEMBER(array('person_id'=>$m[1])); |
| 44 | - $ccc[] = 'spoken by ' . $MEMBER->full_name(); |
|
| 44 | + $ccc[] = 'spoken by '.$MEMBER->full_name(); |
|
| 45 | 45 | if (!$MEMBER->current_member_anywhere()) { |
| 46 | 46 | $current = false; |
| 47 | 47 | } |
@@ -49,24 +49,24 @@ discard block |
||
| 49 | 49 | $ccc[] = $c; |
| 50 | 50 | } |
| 51 | 51 | } |
| 52 | - $criteria = join(' ',$ccc); |
|
| 53 | - $token = $row['alert_id'] . '-' . $row['registrationtoken']; |
|
| 52 | + $criteria = join(' ', $ccc); |
|
| 53 | + $token = $row['alert_id'].'-'.$row['registrationtoken']; |
|
| 54 | 54 | $action = '<form action="/alert/" method="post"><input type="hidden" name="t" value="'.$token.'">'; |
| 55 | 55 | if (!$row['confirmed']) { |
| 56 | 56 | $action .= '<input type="submit" name="action" value="Confirm">'; |
| 57 | - } elseif ($row['deleted']==2) { |
|
| 57 | + } elseif ($row['deleted'] == 2) { |
|
| 58 | 58 | $action .= '<input type="submit" name="action" value="Resume">'; |
| 59 | 59 | } else { |
| 60 | 60 | $action .= '<input type="submit" name="action" value="Suspend"> <input type="submit" name="action" value="Delete">'; |
| 61 | 61 | } |
| 62 | 62 | $action .= '</form>'; |
| 63 | - $out .= '<tr><td>' . $criteria . '</td><td align="center">' . $action . '</td></tr>'; |
|
| 63 | + $out .= '<tr><td>'.$criteria.'</td><td align="center">'.$action.'</td></tr>'; |
|
| 64 | 64 | if (!$current) { |
| 65 | 65 | $out .= '<tr><td colspan="2"><small> — <em>not a current member of any body covered by TheyWorkForYou</em></small></td></tr>'; |
| 66 | 66 | } |
| 67 | 67 | } |
| 68 | 68 | if ($out) { |
| 69 | - print '<table cellpadding="3" cellspacing="0"><tr><th>Criteria</th><th>Action</th></tr>' . $out . '</table>'; |
|
| 69 | + print '<table cellpadding="3" cellspacing="0"><tr><th>Criteria</th><th>Action</th></tr>'.$out.'</table>'; |
|
| 70 | 70 | } else { |
| 71 | 71 | print '<p>You currently have no email alerts set up. You can create alerts <a href="/alert/">here</a>.</p>'; |
| 72 | 72 | } |
@@ -32,7 +32,7 @@ |
||
| 32 | 32 | // And make sure the user is allowed to do this! |
| 33 | 33 | |
| 34 | 34 | $template = 'user/form'; |
| 35 | - if (is_numeric( get_http_var("u") ) && $THEUSER->is_able_to("edituser")) { |
|
| 35 | + if (is_numeric(get_http_var("u")) && $THEUSER->is_able_to("edituser")) { |
|
| 36 | 36 | |
| 37 | 37 | $data = $user->getUserDetails(get_http_var('u')); |
| 38 | 38 | $data['showall'] = true; |
@@ -5,7 +5,7 @@ discard block |
||
| 5 | 5 | * page so leave it like that for now. |
| 6 | 6 | */ |
| 7 | 7 | |
| 8 | -$new_style_template = TRUE; |
|
| 8 | +$new_style_template = true; |
|
| 9 | 9 | |
| 10 | 10 | include_once '../../includes/easyparliament/init.php'; |
| 11 | 11 | # need to include this as login code uses error_message |
@@ -127,7 +127,7 @@ discard block |
||
| 127 | 127 | $data['errors'] = $results['errors']; |
| 128 | 128 | $template = 'user/form'; |
| 129 | 129 | } else { |
| 130 | - $data['edited'] = True; |
|
| 130 | + $data['edited'] = true; |
|
| 131 | 131 | if (isset($results['email_changed'])) { |
| 132 | 132 | $data['email_changed'] = $results['email_changed']; |
| 133 | 133 | } |
@@ -105,10 +105,10 @@ |
||
| 105 | 105 | |
| 106 | 106 | // if data has been submitted then handle that |
| 107 | 107 | if ( |
| 108 | - get_http_var("submitted") == "true" && ( |
|
| 108 | + get_http_var("submitted") == "true" && ( |
|
| 109 | 109 | $this_page == 'useredit' || $this_page == 'otheruseredit' || $this_page == 'userjoin' |
| 110 | - ) |
|
| 111 | - ) { |
|
| 110 | + ) |
|
| 111 | + ) { |
|
| 112 | 112 | // Put all the user-submitted data in an array. |
| 113 | 113 | $data = $user->getUpdateDetails($this_page, $THEUSER->facebook_user); |
| 114 | 114 | |
@@ -125,7 +125,7 @@ |
||
| 125 | 125 | <span class="label">Security status:</span> |
| 126 | 126 | <span class="formw"><select name="status"> |
| 127 | 127 | <?php |
| 128 | - foreach ($statuses as $n => $status_name) { ?> |
|
| 128 | + foreach ($statuses as $n => $status_name) { ?> |
|
| 129 | 129 | <option value="<?= $status_name ?>"<?= $status_name == $status ? ' selected' : '' ?>> |
| 130 | 130 | <?= $status_name ?> |
| 131 | 131 | </option> |
@@ -174,7 +174,7 @@ |
||
| 174 | 174 | |
| 175 | 175 | <input type="hidden" name="submitted" value="true"> |
| 176 | 176 | |
| 177 | - <?php if (isset($ret) && $ret != '' ) { ?> |
|
| 177 | + <?php if (isset($ret) && $ret != '') { ?> |
|
| 178 | 178 | <input type="hidden" name="ret" value="<?= _htmlentities($ret) ?>"> |
| 179 | 179 | <?php } ?> |
| 180 | 180 | |
@@ -34,7 +34,7 @@ discard block |
||
| 34 | 34 | <input type="hidden" name="pg" value="edit"> |
| 35 | 35 | </form> |
| 36 | 36 | <?php } else { ?> |
| 37 | - <?php if (isset($showall) && $showall == True && isset($user_id)) { ?> |
|
| 37 | + <?php if (isset($showall) && $showall == true && isset($user_id)) { ?> |
|
| 38 | 38 | <h1>Edit the user’s details</h1> |
| 39 | 39 | <?php } else { ?> |
| 40 | 40 | <h1>Edit your details</h1> |
@@ -142,7 +142,7 @@ discard block |
||
| 142 | 142 | <input type="radio" name="emailpublic" id="emailpublicfalse" value="false" <?= $emailpublic == 'No' ? ' checked' : '' ?>> <label for="emailpublicfalse">No</label></span> |
| 143 | 143 | </div> |
| 144 | 144 | |
| 145 | - <?php if (isset($showall) && $showall == True) { ?> |
|
| 145 | + <?php if (isset($showall) && $showall == true) { ?> |
|
| 146 | 146 | <?php if (isset($errors['status'])) { ?> |
| 147 | 147 | <p class="error"> |
| 148 | 148 | <?= $errors['status'] ?> |
@@ -210,7 +210,7 @@ discard block |
||
| 210 | 210 | <input type="hidden" name="pg" value="<?= $pg ?>"> |
| 211 | 211 | <?php } ?> |
| 212 | 212 | |
| 213 | - <?php if (isset($showall) && $showall == True && isset($user_id)) { ?> |
|
| 213 | + <?php if (isset($showall) && $showall == true && isset($user_id)) { ?> |
|
| 214 | 214 | <input type="hidden" name="u" value="<?= _htmlentities($user_id) ?>"> |
| 215 | 215 | <?php } ?> |
| 216 | 216 | |
@@ -13,7 +13,7 @@ |
||
| 13 | 13 | |
| 14 | 14 | <div class="row"> |
| 15 | 15 | <span class="label">Website</span> |
| 16 | - <span class="formw"><?= $website == '' ? 'none' : '<a href="' . _htmlentities($website) . '">'. _htmlentities($website) . '</a>' ?></span> |
|
| 16 | + <span class="formw"><?= $website == '' ? 'none' : '<a href="'._htmlentities($website).'">'._htmlentities($website).'</a>' ?></span> |
|
| 17 | 17 | </div> |
| 18 | 18 | |
| 19 | 19 | <div class="row"> |
@@ -12,7 +12,7 @@ |
||
| 12 | 12 | <h1>Your details</h1> |
| 13 | 13 | <?php if (isset($edited)) { ?> |
| 14 | 14 | <p> |
| 15 | - <strong>have been updated<?= isset($email_changed) && $email_changed == True ? " and we’ve sent a confirmation email to your new email address" : '' ?>.</strong> |
|
| 15 | + <strong>have been updated<?= isset($email_changed) && $email_changed == true ? " and we’ve sent a confirmation email to your new email address" : '' ?>.</strong> |
|
| 16 | 16 | </p> |
| 17 | 17 | <?php } else { ?> |
| 18 | 18 | <p> |
@@ -42,7 +42,7 @@ |
||
| 42 | 42 | |
| 43 | 43 | <div class="row"> |
| 44 | 44 | <span class="label">Website</span> |
| 45 | - <span class="formw"><?= $website == '' ? 'none' : '<a href="' . _htmlentities($website) . '">'. _htmlentities($website) . '</a>' ?></span> |
|
| 45 | + <span class="formw"><?= $website == '' ? 'none' : '<a href="'._htmlentities($website).'">'._htmlentities($website).'</a>' ?></span> |
|
| 46 | 46 | </div> |
| 47 | 47 | |
| 48 | 48 | <?php if ($facebook_user) { ?> |
@@ -851,8 +851,8 @@ discard block |
||
| 851 | 851 | if ($cookie == '') { |
| 852 | 852 | $cookie = get_cookie_var("facebook_id"); |
| 853 | 853 | if ($cookie != '') { |
| 854 | - $this->facebook_user = True; |
|
| 855 | - twfy_debug("THEUSER", "is facebook login"); |
|
| 854 | + $this->facebook_user = True; |
|
| 855 | + twfy_debug("THEUSER", "is facebook login"); |
|
| 856 | 856 | } |
| 857 | 857 | } |
| 858 | 858 | |
@@ -873,36 +873,36 @@ discard block |
||
| 873 | 873 | // And make sure the user hasn't been "deleted". |
| 874 | 874 | |
| 875 | 875 | if ($this->facebook_user) { |
| 876 | - if (md5($this->facebook_token()) == $matches[2] && $this->deleted() == false) { |
|
| 877 | - twfy_debug ("THEUSER", "init SUCCESS: setting as logged in"); |
|
| 878 | - $this->loggedin = true; |
|
| 879 | - } elseif (md5 ($this->facebook_token()) != $matches[2]) { |
|
| 880 | - twfy_debug ("THEUSER", "init FAILED: Facebook token doesn't match cookie"); |
|
| 881 | - $this->loggedin = false; |
|
| 882 | - } else { |
|
| 883 | - twfy_debug ("THEUSER", "init FAILED: User is deleted"); |
|
| 884 | - $this->loggedin = false; |
|
| 885 | - } |
|
| 876 | + if (md5($this->facebook_token()) == $matches[2] && $this->deleted() == false) { |
|
| 877 | + twfy_debug ("THEUSER", "init SUCCESS: setting as logged in"); |
|
| 878 | + $this->loggedin = true; |
|
| 879 | + } elseif (md5 ($this->facebook_token()) != $matches[2]) { |
|
| 880 | + twfy_debug ("THEUSER", "init FAILED: Facebook token doesn't match cookie"); |
|
| 881 | + $this->loggedin = false; |
|
| 882 | + } else { |
|
| 883 | + twfy_debug ("THEUSER", "init FAILED: User is deleted"); |
|
| 884 | + $this->loggedin = false; |
|
| 885 | + } |
|
| 886 | 886 | } else { |
| 887 | - if (md5($this->password()) == $matches[2] && $this->deleted() == false) { |
|
| 888 | - // The correct password is in the cookie, |
|
| 889 | - // and the user isn't deleted, so set the user to be logged in. |
|
| 887 | + if (md5($this->password()) == $matches[2] && $this->deleted() == false) { |
|
| 888 | + // The correct password is in the cookie, |
|
| 889 | + // and the user isn't deleted, so set the user to be logged in. |
|
| 890 | 890 | |
| 891 | - // This would be an appropriate place to call other functions |
|
| 892 | - // that might set user info that only a logged-in user is going |
|
| 893 | - // to need. Their preferences and saved things or something. |
|
| 891 | + // This would be an appropriate place to call other functions |
|
| 892 | + // that might set user info that only a logged-in user is going |
|
| 893 | + // to need. Their preferences and saved things or something. |
|
| 894 | 894 | |
| 895 | 895 | |
| 896 | - twfy_debug ("THEUSER init SUCCEEDED", "setting as logged in"); |
|
| 897 | - $this->loggedin = true; |
|
| 896 | + twfy_debug ("THEUSER init SUCCEEDED", "setting as logged in"); |
|
| 897 | + $this->loggedin = true; |
|
| 898 | 898 | |
| 899 | - } elseif (md5 ($this->password()) != $matches[2]) { |
|
| 900 | - twfy_debug ("THEUSER init FAILED", "Password doesn't match cookie"); |
|
| 901 | - $this->loggedin = false; |
|
| 902 | - } else { |
|
| 903 | - twfy_debug ("THEUSER init FAILED", "User is deleted"); |
|
| 904 | - $this->loggedin = false; |
|
| 905 | - } |
|
| 899 | + } elseif (md5 ($this->password()) != $matches[2]) { |
|
| 900 | + twfy_debug ("THEUSER init FAILED", "Password doesn't match cookie"); |
|
| 901 | + $this->loggedin = false; |
|
| 902 | + } else { |
|
| 903 | + twfy_debug ("THEUSER init FAILED", "User is deleted"); |
|
| 904 | + $this->loggedin = false; |
|
| 905 | + } |
|
| 906 | 906 | } |
| 907 | 907 | |
| 908 | 908 | } else { |
@@ -445,9 +445,15 @@ discard block |
||
| 445 | 445 | // Generates the password .... |
| 446 | 446 | for ($x=0; $x < 6;) { |
| 447 | 447 | $y = rand(1,1000); |
| 448 | - if($y>350 && $y<601) $d=chr(rand(48,57)); |
|
| 449 | - if($y<351) $d=chr(rand(65,90)); |
|
| 450 | - if($y>600) $d=chr(rand(97,122)); |
|
| 448 | + if($y>350 && $y<601) { |
|
| 449 | + $d=chr(rand(48,57)); |
|
| 450 | + } |
|
| 451 | + if($y<351) { |
|
| 452 | + $d=chr(rand(65,90)); |
|
| 453 | + } |
|
| 454 | + if($y>600) { |
|
| 455 | + $d=chr(rand(97,122)); |
|
| 456 | + } |
|
| 451 | 457 | if ($d!=$o && !preg_match('#[O01lI]#', $d)) { |
| 452 | 458 | $o=$d; $pwd.=$d; $x++; |
| 453 | 459 | } |
@@ -1171,8 +1177,12 @@ discard block |
||
| 1171 | 1177 | |
| 1172 | 1178 | public function confirm_email($token, $redirect=true) { |
| 1173 | 1179 | $arg = ''; |
| 1174 | - if (strstr($token, '::')) $arg = '::'; |
|
| 1175 | - if (strstr($token, '-')) $arg = '-'; |
|
| 1180 | + if (strstr($token, '::')) { |
|
| 1181 | + $arg = '::'; |
|
| 1182 | + } |
|
| 1183 | + if (strstr($token, '-')) { |
|
| 1184 | + $arg = '-'; |
|
| 1185 | + } |
|
| 1176 | 1186 | list($user_id, $registrationtoken) = explode($arg, $token); |
| 1177 | 1187 | |
| 1178 | 1188 | if (!is_numeric($user_id) || $registrationtoken == '') { |
@@ -1254,8 +1264,12 @@ discard block |
||
| 1254 | 1264 | |
| 1255 | 1265 | // Split the token into its parts. |
| 1256 | 1266 | $arg = ''; |
| 1257 | - if (strstr($token, '::')) $arg = '::'; |
|
| 1258 | - if (strstr($token, '-')) $arg = '-'; |
|
| 1267 | + if (strstr($token, '::')) { |
|
| 1268 | + $arg = '::'; |
|
| 1269 | + } |
|
| 1270 | + if (strstr($token, '-')) { |
|
| 1271 | + $arg = '-'; |
|
| 1272 | + } |
|
| 1259 | 1273 | list($user_id, $registrationtoken) = explode($arg, $token); |
| 1260 | 1274 | |
| 1261 | 1275 | if (!is_numeric($user_id) || $registrationtoken == '') { |
@@ -1385,15 +1399,19 @@ discard block |
||
| 1385 | 1399 | // not-logged-in users. |
| 1386 | 1400 | |
| 1387 | 1401 | $this->postcode = $pc; |
| 1388 | - if (!headers_sent()) // if in debug mode |
|
| 1402 | + if (!headers_sent()) { |
|
| 1403 | + // if in debug mode |
|
| 1389 | 1404 | setcookie (POSTCODE_COOKIE, $pc, time()+7*86400, "/", COOKIEDOMAIN); |
| 1405 | + } |
|
| 1390 | 1406 | |
| 1391 | 1407 | twfy_debug('USER', "Set the cookie named '" . POSTCODE_COOKIE . " to '$pc' for " . COOKIEDOMAIN . " domain"); |
| 1392 | 1408 | } |
| 1393 | 1409 | |
| 1394 | 1410 | public function unset_postcode_cookie() { |
| 1395 | - if (!headers_sent()) // if in debug mode |
|
| 1411 | + if (!headers_sent()) { |
|
| 1412 | + // if in debug mode |
|
| 1396 | 1413 | setcookie (POSTCODE_COOKIE, '', time() - 3600, '/', COOKIEDOMAIN); |
| 1414 | + } |
|
| 1397 | 1415 | } |
| 1398 | 1416 | |
| 1399 | 1417 | // mostly here for updating from facebook where we do not need |
@@ -872,7 +872,7 @@ discard block |
||
| 872 | 872 | if ($cookie == '') { |
| 873 | 873 | $cookie = get_cookie_var("facebook_id"); |
| 874 | 874 | if ($cookie != '') { |
| 875 | - $this->facebook_user = True; |
|
| 875 | + $this->facebook_user = true; |
|
| 876 | 876 | twfy_debug("THEUSER", "is facebook login"); |
| 877 | 877 | } |
| 878 | 878 | } |
@@ -1074,7 +1074,7 @@ discard block |
||
| 1074 | 1074 | |
| 1075 | 1075 | twfy_debug("USER", "logging in user from facebook " . $this->user_id); |
| 1076 | 1076 | |
| 1077 | - $this->loggedin = True; |
|
| 1077 | + $this->loggedin = true; |
|
| 1078 | 1078 | $this->_login($returl, $expire, $cookie, 'facebook_id'); |
| 1079 | 1079 | return true; |
| 1080 | 1080 | } |
@@ -1080,6 +1080,9 @@ discard block |
||
| 1080 | 1080 | return true; |
| 1081 | 1081 | } |
| 1082 | 1082 | |
| 1083 | + /** |
|
| 1084 | + * @param string $expire |
|
| 1085 | + */ |
|
| 1083 | 1086 | public function login($returl="", $expire) { |
| 1084 | 1087 | |
| 1085 | 1088 | // This is used to log the user in. Duh. |
@@ -1121,6 +1124,10 @@ discard block |
||
| 1121 | 1124 | $this->_login($returl, $expire, $cookie); |
| 1122 | 1125 | } |
| 1123 | 1126 | |
| 1127 | + /** |
|
| 1128 | + * @param string|null $returl |
|
| 1129 | + * @param string $cookie |
|
| 1130 | + */ |
|
| 1124 | 1131 | private function _login($returl, $expire, $cookie, $cookie_name = 'epuser_id') { |
| 1125 | 1132 | // Unset any existing postcode cookie. |
| 1126 | 1133 | // This will be the postcode the user set for themselves as a non-logged-in |
@@ -1170,6 +1177,9 @@ discard block |
||
| 1170 | 1177 | } |
| 1171 | 1178 | } |
| 1172 | 1179 | |
| 1180 | + /** |
|
| 1181 | + * @param string $token |
|
| 1182 | + */ |
|
| 1173 | 1183 | public function confirm_email($token, $redirect=true) { |
| 1174 | 1184 | $arg = ''; |
| 1175 | 1185 | if (strstr($token, '::')) $arg = '::'; |
@@ -56,22 +56,22 @@ discard block |
||
| 56 | 56 | |
| 57 | 57 | class USER { |
| 58 | 58 | |
| 59 | - public $user_id = "0"; // So we have an ID for non-logged in users reporting comments etc. |
|
| 60 | - public $firstname = "Guest"; // So we have something to print for non-logged in users. |
|
| 59 | + public $user_id = "0"; // So we have an ID for non-logged in users reporting comments etc. |
|
| 60 | + public $firstname = "Guest"; // So we have something to print for non-logged in users. |
|
| 61 | 61 | public $lastname = ""; |
| 62 | - public $password = ""; // This will be a hashed version of a plaintext pw. |
|
| 62 | + public $password = ""; // This will be a hashed version of a plaintext pw. |
|
| 63 | 63 | public $email = ""; |
| 64 | - public $emailpublic = ""; // boolean - can other users see this user's email? |
|
| 64 | + public $emailpublic = ""; // boolean - can other users see this user's email? |
|
| 65 | 65 | public $postcode = ""; |
| 66 | 66 | public $url = ""; |
| 67 | - public $lastvisit = ""; // Last time the logged-in user loaded a page (GMT). |
|
| 67 | + public $lastvisit = ""; // Last time the logged-in user loaded a page (GMT). |
|
| 68 | 68 | public $registrationtime = ""; // When they registered (GMT). |
| 69 | - public $registrationip = ""; // Where they registered from. |
|
| 70 | - public $optin = ""; // boolean - Do they want emails from us? |
|
| 71 | - public $deleted = ""; // User can't log in or have their info displayed. |
|
| 72 | - public $confirmed = ''; // boolean - Has the user confirmed via email? |
|
| 73 | - public $facebook_id = ''; // Facebook ID for users who login with FB |
|
| 74 | - public $facebook_token = ''; // Facebook token for users who login with FB |
|
| 69 | + public $registrationip = ""; // Where they registered from. |
|
| 70 | + public $optin = ""; // boolean - Do they want emails from us? |
|
| 71 | + public $deleted = ""; // User can't log in or have their info displayed. |
|
| 72 | + public $confirmed = ''; // boolean - Has the user confirmed via email? |
|
| 73 | + public $facebook_id = ''; // Facebook ID for users who login with FB |
|
| 74 | + public $facebook_token = ''; // Facebook token for users who login with FB |
|
| 75 | 75 | // Don't use the status to check access privileges - use the is_able_to() function. |
| 76 | 76 | public $status = "Viewer"; |
| 77 | 77 | |
@@ -118,23 +118,23 @@ discard block |
||
| 118 | 118 | // We've got a user, so set them up. |
| 119 | 119 | |
| 120 | 120 | $this->user_id = $user_id; |
| 121 | - $this->firstname = $q->field(0,"firstname"); |
|
| 122 | - $this->lastname = $q->field(0,"lastname"); |
|
| 123 | - $this->password = $q->field(0,"password"); |
|
| 124 | - $this->email = $q->field(0,"email"); |
|
| 125 | - $this->emailpublic = $q->field(0,"emailpublic") == 1 ? true : false; |
|
| 126 | - $this->postcode = $q->field(0,"postcode"); |
|
| 127 | - $this->facebook_id = $q->field(0,"facebook_id"); |
|
| 128 | - $this->facebook_token = $q->field(0,"facebook_token"); |
|
| 129 | - $this->url = $q->field(0,"url"); |
|
| 130 | - $this->lastvisit = $q->field(0,"lastvisit"); |
|
| 121 | + $this->firstname = $q->field(0, "firstname"); |
|
| 122 | + $this->lastname = $q->field(0, "lastname"); |
|
| 123 | + $this->password = $q->field(0, "password"); |
|
| 124 | + $this->email = $q->field(0, "email"); |
|
| 125 | + $this->emailpublic = $q->field(0, "emailpublic") == 1 ? true : false; |
|
| 126 | + $this->postcode = $q->field(0, "postcode"); |
|
| 127 | + $this->facebook_id = $q->field(0, "facebook_id"); |
|
| 128 | + $this->facebook_token = $q->field(0, "facebook_token"); |
|
| 129 | + $this->url = $q->field(0, "url"); |
|
| 130 | + $this->lastvisit = $q->field(0, "lastvisit"); |
|
| 131 | 131 | $this->registrationtoken = $q->field(0, 'registrationtoken'); |
| 132 | - $this->registrationtime = $q->field(0,"registrationtime"); |
|
| 133 | - $this->registrationip = $q->field(0,"registrationip"); |
|
| 134 | - $this->optin = $q->field(0,"optin") == 1 ? true : false; |
|
| 135 | - $this->status = $q->field(0,"status"); |
|
| 136 | - $this->deleted = $q->field(0,"deleted") == 1 ? true : false; |
|
| 137 | - $this->confirmed = $q->field(0,"confirmed") == 1 ? true : false; |
|
| 132 | + $this->registrationtime = $q->field(0, "registrationtime"); |
|
| 133 | + $this->registrationip = $q->field(0, "registrationip"); |
|
| 134 | + $this->optin = $q->field(0, "optin") == 1 ? true : false; |
|
| 135 | + $this->status = $q->field(0, "status"); |
|
| 136 | + $this->deleted = $q->field(0, "deleted") == 1 ? true : false; |
|
| 137 | + $this->confirmed = $q->field(0, "confirmed") == 1 ? true : false; |
|
| 138 | 138 | |
| 139 | 139 | return true; |
| 140 | 140 | |
@@ -143,16 +143,16 @@ discard block |
||
| 143 | 143 | // we're going to show an error too, just in case. |
| 144 | 144 | // *Should* never happen... |
| 145 | 145 | return false; |
| 146 | - twfy_debug("USER", "There is more than one user with an id of '" . _htmlentities($user_id) . "'"); |
|
| 146 | + twfy_debug("USER", "There is more than one user with an id of '"._htmlentities($user_id)."'"); |
|
| 147 | 147 | |
| 148 | 148 | } else { |
| 149 | 149 | return false; |
| 150 | - twfy_debug("USER", "There is no user with an id of '" . _htmlentities($user_id) . "'"); |
|
| 150 | + twfy_debug("USER", "There is no user with an id of '"._htmlentities($user_id)."'"); |
|
| 151 | 151 | } |
| 152 | 152 | |
| 153 | 153 | } |
| 154 | 154 | |
| 155 | - public function add($details, $confirmation_required=true) { |
|
| 155 | + public function add($details, $confirmation_required = true) { |
|
| 156 | 156 | // Adds a new user's info into the db. |
| 157 | 157 | // Then optionally (and usually) calls another function to |
| 158 | 158 | // send them a confirmation email. |
@@ -239,7 +239,7 @@ discard block |
||
| 239 | 239 | // This will be sent to them via email, so we can confirm they exist. |
| 240 | 240 | // The token will be the first 16 characters of a hash. |
| 241 | 241 | |
| 242 | - $token = substr( password_hash($details["email"] . microtime(), PASSWORD_BCRYPT), 29, 16 ); |
|
| 242 | + $token = substr(password_hash($details["email"].microtime(), PASSWORD_BCRYPT), 29, 16); |
|
| 243 | 243 | |
| 244 | 244 | // Full stops don't work well at the end of URLs in emails, |
| 245 | 245 | // so replace them. We won't be doing anything clever with the hash |
@@ -251,7 +251,7 @@ discard block |
||
| 251 | 251 | $r = $this->db->query("UPDATE users |
| 252 | 252 | SET registrationtoken = :registrationtoken |
| 253 | 253 | WHERE user_id = :user_id |
| 254 | - ", array ( |
|
| 254 | + ", array( |
|
| 255 | 255 | ':registrationtoken' => $this->registrationtoken, |
| 256 | 256 | ':user_id' => $this->user_id |
| 257 | 257 | )); |
@@ -298,7 +298,7 @@ discard block |
||
| 298 | 298 | } |
| 299 | 299 | |
| 300 | 300 | public function add_facebook_id($facebook_id) { |
| 301 | - $q = $this->db->query ("UPDATE users SET facebook_id = :facebook_id WHERE email = :email", |
|
| 301 | + $q = $this->db->query("UPDATE users SET facebook_id = :facebook_id WHERE email = :email", |
|
| 302 | 302 | array( |
| 303 | 303 | ':facebook_id' => $facebook_id, |
| 304 | 304 | ':email' => $this->email |
@@ -319,24 +319,24 @@ discard block |
||
| 319 | 319 | !isset($details['email']) || |
| 320 | 320 | $details['email'] == '' || |
| 321 | 321 | !isset($details['token']) || |
| 322 | - $details['token'] == '' ) { |
|
| 322 | + $details['token'] == '') { |
|
| 323 | 323 | return false; |
| 324 | 324 | } |
| 325 | 325 | |
| 326 | 326 | // We prefix the registration token with the user's id and '-'. |
| 327 | 327 | // Not for any particularly good reason, but we do. |
| 328 | 328 | |
| 329 | - $urltoken = $this->user_id . '-' . $details['token']; |
|
| 329 | + $urltoken = $this->user_id.'-'.$details['token']; |
|
| 330 | 330 | |
| 331 | - $confirmurl = 'https://' . DOMAIN . '/E/' . $urltoken; |
|
| 331 | + $confirmurl = 'https://'.DOMAIN.'/E/'.$urltoken; |
|
| 332 | 332 | |
| 333 | 333 | // Arrays we need to send a templated email. |
| 334 | - $data = array ( |
|
| 334 | + $data = array( |
|
| 335 | 335 | 'to' => $details['email'], |
| 336 | 336 | 'template' => 'email_confirmation' |
| 337 | 337 | ); |
| 338 | 338 | |
| 339 | - $merge = array ( |
|
| 339 | + $merge = array( |
|
| 340 | 340 | 'FIRSTNAME' => $details['firstname'], |
| 341 | 341 | 'LASTNAME' => $details['lastname'], |
| 342 | 342 | 'CONFIRMURL' => $confirmurl |
@@ -368,17 +368,17 @@ discard block |
||
| 368 | 368 | // We prefix the registration token with the user's id and '-'. |
| 369 | 369 | // Not for any particularly good reason, but we do. |
| 370 | 370 | |
| 371 | - $urltoken = $this->user_id . '-' . $this->registrationtoken; |
|
| 371 | + $urltoken = $this->user_id.'-'.$this->registrationtoken; |
|
| 372 | 372 | |
| 373 | - $confirmurl = 'https://' . DOMAIN . '/U/' . $urltoken; |
|
| 373 | + $confirmurl = 'https://'.DOMAIN.'/U/'.$urltoken; |
|
| 374 | 374 | |
| 375 | 375 | // Arrays we need to send a templated email. |
| 376 | - $data = array ( |
|
| 376 | + $data = array( |
|
| 377 | 377 | 'to' => $details['email'], |
| 378 | 378 | 'template' => 'join_confirmation' |
| 379 | 379 | ); |
| 380 | 380 | |
| 381 | - $merge = array ( |
|
| 381 | + $merge = array( |
|
| 382 | 382 | 'FIRSTNAME' => $details['firstname'], |
| 383 | 383 | 'LASTNAME' => $details['lastname'], |
| 384 | 384 | 'CONFIRMURL' => $confirmurl |
@@ -440,23 +440,23 @@ discard block |
||
| 440 | 440 | $this->email = $email; |
| 441 | 441 | for (;;) { |
| 442 | 442 | |
| 443 | - $pwd=null; |
|
| 444 | - $o=null; |
|
| 443 | + $pwd = null; |
|
| 444 | + $o = null; |
|
| 445 | 445 | |
| 446 | 446 | // Generates the password .... |
| 447 | - for ($x=0; $x < 6;) { |
|
| 448 | - $y = rand(1,1000); |
|
| 449 | - if($y>350 && $y<601) $d=chr(rand(48,57)); |
|
| 450 | - if($y<351) $d=chr(rand(65,90)); |
|
| 451 | - if($y>600) $d=chr(rand(97,122)); |
|
| 452 | - if ($d!=$o && !preg_match('#[O01lI]#', $d)) { |
|
| 453 | - $o=$d; $pwd.=$d; $x++; |
|
| 447 | + for ($x = 0; $x < 6;) { |
|
| 448 | + $y = rand(1, 1000); |
|
| 449 | + if ($y > 350 && $y < 601) $d = chr(rand(48, 57)); |
|
| 450 | + if ($y < 351) $d = chr(rand(65, 90)); |
|
| 451 | + if ($y > 600) $d = chr(rand(97, 122)); |
|
| 452 | + if ($d != $o && !preg_match('#[O01lI]#', $d)) { |
|
| 453 | + $o = $d; $pwd .= $d; $x++; |
|
| 454 | 454 | } |
| 455 | 455 | } |
| 456 | 456 | |
| 457 | 457 | // If the PW fits your purpose (e.g. this regexpression) return it, else make a new one |
| 458 | 458 | // (You can change this regular-expression how you want ....) |
| 459 | - if (preg_match("/^[a-zA-Z]{1}([a-zA-Z]+[0-9][a-zA-Z]+)+/",$pwd)) { |
|
| 459 | + if (preg_match("/^[a-zA-Z]{1}([a-zA-Z]+[0-9][a-zA-Z]+)+/", $pwd)) { |
|
| 460 | 460 | break; |
| 461 | 461 | } |
| 462 | 462 | |
@@ -474,7 +474,7 @@ discard block |
||
| 474 | 474 | |
| 475 | 475 | $passwordforDB = password_hash($pwd, PASSWORD_BCRYPT); |
| 476 | 476 | |
| 477 | - $q = $this->db->query ("UPDATE users SET password = :password WHERE email = :email", |
|
| 477 | + $q = $this->db->query("UPDATE users SET password = :password WHERE email = :email", |
|
| 478 | 478 | array( |
| 479 | 479 | ':password' => $passwordforDB, |
| 480 | 480 | ':email' => $email |
@@ -502,16 +502,16 @@ discard block |
||
| 502 | 502 | return false; |
| 503 | 503 | } |
| 504 | 504 | |
| 505 | - $data = array ( |
|
| 505 | + $data = array( |
|
| 506 | 506 | 'to' => $this->email(), |
| 507 | 507 | 'template' => 'new_password' |
| 508 | 508 | ); |
| 509 | 509 | |
| 510 | 510 | $URL = new URL("userlogin"); |
| 511 | 511 | |
| 512 | - $merge = array ( |
|
| 512 | + $merge = array( |
|
| 513 | 513 | 'EMAIL' => $this->email(), |
| 514 | - 'LOGINURL' => "https://" . DOMAIN . $URL->generate(), |
|
| 514 | + 'LOGINURL' => "https://".DOMAIN.$URL->generate(), |
|
| 515 | 515 | 'PASSWORD' => $this->password() |
| 516 | 516 | ); |
| 517 | 517 | |
@@ -568,7 +568,7 @@ discard block |
||
| 568 | 568 | public function facebook_id_exists($id, $return_id = false) { |
| 569 | 569 | // Returns true if there's a user with this facebook id. |
| 570 | 570 | |
| 571 | - if ($id!= "") { |
|
| 571 | + if ($id != "") { |
|
| 572 | 572 | $q = $this->db->query("SELECT user_id FROM users WHERE facebook_id = :id", array(':id' => $id)); |
| 573 | 573 | if ($q->rows() > 0) { |
| 574 | 574 | if ($return_id) { |
@@ -647,7 +647,7 @@ discard block |
||
| 647 | 647 | /* Everyone */ return true; |
| 648 | 648 | |
| 649 | 649 | default: |
| 650 | - $PAGE->error_message ("You need to set permissions for '$action'!"); |
|
| 650 | + $PAGE->error_message("You need to set permissions for '$action'!"); |
|
| 651 | 651 | |
| 652 | 652 | return false; |
| 653 | 653 | |
@@ -665,7 +665,7 @@ discard block |
||
| 665 | 665 | // Maybe there's a way of fetching these from the DB, |
| 666 | 666 | // so we don't duplicate them here...? |
| 667 | 667 | |
| 668 | - $statuses = array ("Viewer", "User", "Moderator", "Administrator", "Superuser"); |
|
| 668 | + $statuses = array("Viewer", "User", "Moderator", "Administrator", "Superuser"); |
|
| 669 | 669 | |
| 670 | 670 | return $statuses; |
| 671 | 671 | |
@@ -803,7 +803,7 @@ discard block |
||
| 803 | 803 | . $deletedsql |
| 804 | 804 | . $confirmedsql |
| 805 | 805 | . $emailsql |
| 806 | - . $statussql . " |
|
| 806 | + . $statussql." |
|
| 807 | 807 | optin = :optin |
| 808 | 808 | WHERE user_id = :user_id |
| 809 | 809 | ", array_merge($params, array( |
@@ -823,7 +823,7 @@ discard block |
||
| 823 | 823 | return $details; |
| 824 | 824 | |
| 825 | 825 | } else { |
| 826 | - $PAGE->error_message ("Sorry, we were unable to update user id '" . _htmlentities($details["user_id"]) . "'"); |
|
| 826 | + $PAGE->error_message("Sorry, we were unable to update user id '"._htmlentities($details["user_id"])."'"); |
|
| 827 | 827 | |
| 828 | 828 | return false; |
| 829 | 829 | } |
@@ -896,13 +896,13 @@ discard block |
||
| 896 | 896 | |
| 897 | 897 | if ($this->facebook_user) { |
| 898 | 898 | if (md5($this->facebook_token()) == $matches[2] && $this->deleted() == false) { |
| 899 | - twfy_debug ("THEUSER", "init SUCCESS: setting as logged in"); |
|
| 899 | + twfy_debug("THEUSER", "init SUCCESS: setting as logged in"); |
|
| 900 | 900 | $this->loggedin = true; |
| 901 | - } elseif (md5 ($this->facebook_token()) != $matches[2]) { |
|
| 902 | - twfy_debug ("THEUSER", "init FAILED: Facebook token doesn't match cookie"); |
|
| 901 | + } elseif (md5($this->facebook_token()) != $matches[2]) { |
|
| 902 | + twfy_debug("THEUSER", "init FAILED: Facebook token doesn't match cookie"); |
|
| 903 | 903 | $this->loggedin = false; |
| 904 | 904 | } else { |
| 905 | - twfy_debug ("THEUSER", "init FAILED: User is deleted"); |
|
| 905 | + twfy_debug("THEUSER", "init FAILED: User is deleted"); |
|
| 906 | 906 | $this->loggedin = false; |
| 907 | 907 | } |
| 908 | 908 | } else { |
@@ -915,30 +915,30 @@ discard block |
||
| 915 | 915 | // to need. Their preferences and saved things or something. |
| 916 | 916 | |
| 917 | 917 | |
| 918 | - twfy_debug ("THEUSER init SUCCEEDED", "setting as logged in"); |
|
| 918 | + twfy_debug("THEUSER init SUCCEEDED", "setting as logged in"); |
|
| 919 | 919 | $this->loggedin = true; |
| 920 | 920 | |
| 921 | - } elseif (md5 ($this->password()) != $matches[2]) { |
|
| 922 | - twfy_debug ("THEUSER init FAILED", "Password doesn't match cookie"); |
|
| 921 | + } elseif (md5($this->password()) != $matches[2]) { |
|
| 922 | + twfy_debug("THEUSER init FAILED", "Password doesn't match cookie"); |
|
| 923 | 923 | $this->loggedin = false; |
| 924 | 924 | } else { |
| 925 | - twfy_debug ("THEUSER init FAILED", "User is deleted"); |
|
| 925 | + twfy_debug("THEUSER init FAILED", "User is deleted"); |
|
| 926 | 926 | $this->loggedin = false; |
| 927 | 927 | } |
| 928 | 928 | } |
| 929 | 929 | |
| 930 | 930 | } else { |
| 931 | - twfy_debug ("THEUSER init FAILED", "didn't get 1 row from db"); |
|
| 931 | + twfy_debug("THEUSER init FAILED", "didn't get 1 row from db"); |
|
| 932 | 932 | $this->loggedin = false; |
| 933 | 933 | } |
| 934 | 934 | |
| 935 | 935 | } else { |
| 936 | - twfy_debug ("THEUSER init FAILED", "cookie's user_id is not numeric"); |
|
| 936 | + twfy_debug("THEUSER init FAILED", "cookie's user_id is not numeric"); |
|
| 937 | 937 | $this->loggedin = false; |
| 938 | 938 | } |
| 939 | 939 | |
| 940 | 940 | } else { |
| 941 | - twfy_debug ("THEUSER init FAILED", "cookie is not of the correct form"); |
|
| 941 | + twfy_debug("THEUSER init FAILED", "cookie is not of the correct form"); |
|
| 942 | 942 | $this->loggedin = false; |
| 943 | 943 | } |
| 944 | 944 | |
@@ -965,7 +965,7 @@ discard block |
||
| 965 | 965 | $date_now = gmdate("Y-m-d H:i:s"); |
| 966 | 966 | $q = $this->db->query("UPDATE users |
| 967 | 967 | SET lastvisit = '$date_now' |
| 968 | - WHERE user_id = '" . $this->user_id() . "'"); |
|
| 968 | + WHERE user_id = '".$this->user_id()."'"); |
|
| 969 | 969 | |
| 970 | 970 | $this->lastvisit = $date_now; |
| 971 | 971 | } |
@@ -1004,83 +1004,83 @@ discard block |
||
| 1004 | 1004 | // This error string is shared between both email and password errors to |
| 1005 | 1005 | // prevent leaking of account existence. |
| 1006 | 1006 | |
| 1007 | - $error_string = 'There is no user registered with an email of ' . _htmlentities($email) . ', or the given password is incorrect. If you are subscribed to email alerts, you are not necessarily registered on the website. If you register, you will be able to manage your email alerts, as well as leave annotations.'; |
|
| 1007 | + $error_string = 'There is no user registered with an email of '._htmlentities($email).', or the given password is incorrect. If you are subscribed to email alerts, you are not necessarily registered on the website. If you register, you will be able to manage your email alerts, as well as leave annotations.'; |
|
| 1008 | 1008 | |
| 1009 | 1009 | $q = $this->db->query("SELECT user_id, password, deleted, confirmed FROM users WHERE email = :email", array(':email' => $email)); |
| 1010 | 1010 | |
| 1011 | 1011 | if ($q->rows() == 1) { |
| 1012 | 1012 | // OK. |
| 1013 | - $dbpassword = $q->field(0,"password"); |
|
| 1013 | + $dbpassword = $q->field(0, "password"); |
|
| 1014 | 1014 | if (password_verify($userenteredpassword, $dbpassword)) { |
| 1015 | - $this->user_id = $q->field(0,"user_id"); |
|
| 1015 | + $this->user_id = $q->field(0, "user_id"); |
|
| 1016 | 1016 | $this->password = $dbpassword; |
| 1017 | 1017 | // We'll need these when we're going to log in. |
| 1018 | - $this->deleted = $q->field(0,"deleted") == 1 ? true : false; |
|
| 1019 | - $this->confirmed = $q->field(0,"confirmed") == 1 ? true : false; |
|
| 1018 | + $this->deleted = $q->field(0, "deleted") == 1 ? true : false; |
|
| 1019 | + $this->confirmed = $q->field(0, "confirmed") == 1 ? true : false; |
|
| 1020 | 1020 | |
| 1021 | 1021 | return true; |
| 1022 | 1022 | |
| 1023 | 1023 | } else { |
| 1024 | 1024 | // Failed. |
| 1025 | - return array ("invalidemail" => $error_string); |
|
| 1025 | + return array("invalidemail" => $error_string); |
|
| 1026 | 1026 | |
| 1027 | 1027 | } |
| 1028 | 1028 | |
| 1029 | 1029 | } else { |
| 1030 | 1030 | // Failed. |
| 1031 | - return array ("invalidemail" => $error_string); |
|
| 1031 | + return array("invalidemail" => $error_string); |
|
| 1032 | 1032 | } |
| 1033 | 1033 | |
| 1034 | 1034 | } |
| 1035 | 1035 | |
| 1036 | 1036 | public function has_postcode() { |
| 1037 | 1037 | $has_postcode = false; |
| 1038 | - if ( $this->isloggedin() && $this->postcode() != '' || $this->postcode_is_set() ) { |
|
| 1038 | + if ($this->isloggedin() && $this->postcode() != '' || $this->postcode_is_set()) { |
|
| 1039 | 1039 | $has_postcode = true; |
| 1040 | 1040 | } |
| 1041 | 1041 | return $has_postcode; |
| 1042 | 1042 | } |
| 1043 | 1043 | |
| 1044 | 1044 | |
| 1045 | - public function facebook_login($returl="", $expire, $accessToken) { |
|
| 1045 | + public function facebook_login($returl = "", $expire, $accessToken) { |
|
| 1046 | 1046 | global $PAGE; |
| 1047 | 1047 | |
| 1048 | - twfy_debug("THEUSER", "Faceook login, user_id " . $this->user_id); |
|
| 1049 | - twfy_debug("THEUSER", "Faceook login, facebook_id " . $this->facebook_id); |
|
| 1050 | - twfy_debug("THEUSER", "Faceook login, email" . $this->email); |
|
| 1048 | + twfy_debug("THEUSER", "Faceook login, user_id ".$this->user_id); |
|
| 1049 | + twfy_debug("THEUSER", "Faceook login, facebook_id ".$this->facebook_id); |
|
| 1050 | + twfy_debug("THEUSER", "Faceook login, email".$this->email); |
|
| 1051 | 1051 | if ($this->facebook_id() == "") { |
| 1052 | - $PAGE->error_message ("We don't have a facebook id for this user.", true); |
|
| 1052 | + $PAGE->error_message("We don't have a facebook id for this user.", true); |
|
| 1053 | 1053 | |
| 1054 | 1054 | return; |
| 1055 | 1055 | } |
| 1056 | 1056 | |
| 1057 | - twfy_debug("THEUSER", "Faceook login, facebook_token: " . $accessToken); |
|
| 1057 | + twfy_debug("THEUSER", "Faceook login, facebook_token: ".$accessToken); |
|
| 1058 | 1058 | |
| 1059 | - $q = $this->db->query ("UPDATE users SET facebook_token = :token WHERE email = :email", |
|
| 1059 | + $q = $this->db->query("UPDATE users SET facebook_token = :token WHERE email = :email", |
|
| 1060 | 1060 | array( |
| 1061 | 1061 | ':token' => $accessToken, |
| 1062 | 1062 | ':email' => $this->email |
| 1063 | 1063 | )); |
| 1064 | 1064 | |
| 1065 | 1065 | if (!$q->success()) { |
| 1066 | - $PAGE->error_message ("There was a problem logging you in", true); |
|
| 1066 | + $PAGE->error_message("There was a problem logging you in", true); |
|
| 1067 | 1067 | twfy_debug("THEUSER", "Faceook login, failed to set accessToken"); |
| 1068 | 1068 | |
| 1069 | 1069 | return false; |
| 1070 | 1070 | } |
| 1071 | 1071 | |
| 1072 | 1072 | // facebook login users probably don't have a password |
| 1073 | - $cookie = $this->user_id() . "." . md5 ($accessToken); |
|
| 1074 | - twfy_debug("THEUSER", "Faceook login, cookie: " . $cookie); |
|
| 1073 | + $cookie = $this->user_id().".".md5($accessToken); |
|
| 1074 | + twfy_debug("THEUSER", "Faceook login, cookie: ".$cookie); |
|
| 1075 | 1075 | |
| 1076 | - twfy_debug("USER", "logging in user from facebook " . $this->user_id); |
|
| 1076 | + twfy_debug("USER", "logging in user from facebook ".$this->user_id); |
|
| 1077 | 1077 | |
| 1078 | 1078 | $this->loggedin = True; |
| 1079 | 1079 | $this->_login($returl, $expire, $cookie, 'facebook_id'); |
| 1080 | 1080 | return true; |
| 1081 | 1081 | } |
| 1082 | 1082 | |
| 1083 | - public function login($returl="", $expire) { |
|
| 1083 | + public function login($returl = "", $expire) { |
|
| 1084 | 1084 | |
| 1085 | 1085 | // This is used to log the user in. Duh. |
| 1086 | 1086 | // You should already have checked the user's email and password using |
@@ -1102,21 +1102,21 @@ discard block |
||
| 1102 | 1102 | |
| 1103 | 1103 | // Various checks about the user - if they fail, we exit. |
| 1104 | 1104 | if ($this->user_id() == "" || $this->password == "") { |
| 1105 | - $PAGE->error_message ("We don't have the user_id or password to make the cookie.", true); |
|
| 1105 | + $PAGE->error_message("We don't have the user_id or password to make the cookie.", true); |
|
| 1106 | 1106 | |
| 1107 | 1107 | return; |
| 1108 | 1108 | } elseif ($this->deleted) { |
| 1109 | - $PAGE->error_message ("This user has been deleted.", true); |
|
| 1109 | + $PAGE->error_message("This user has been deleted.", true); |
|
| 1110 | 1110 | |
| 1111 | 1111 | return; |
| 1112 | 1112 | } elseif (!$this->confirmed) { |
| 1113 | - $PAGE->error_message ("You have not yet confirmed your account by clicking the link in the confirmation email we sent to you. If you don't have the email, you can <a href='/user/login/?resend=" . $this->user_id() . "'>have it resent</a>. If it still doesn't arrive, get in touch.", true); |
|
| 1113 | + $PAGE->error_message("You have not yet confirmed your account by clicking the link in the confirmation email we sent to you. If you don't have the email, you can <a href='/user/login/?resend=".$this->user_id()."'>have it resent</a>. If it still doesn't arrive, get in touch.", true); |
|
| 1114 | 1114 | |
| 1115 | 1115 | return; |
| 1116 | 1116 | } |
| 1117 | 1117 | |
| 1118 | 1118 | // Reminder: $this->password is actually a hashed version of the plaintext pw. |
| 1119 | - $cookie = $this->user_id() . "." . md5 ($this->password()); |
|
| 1119 | + $cookie = $this->user_id().".".md5($this->password()); |
|
| 1120 | 1120 | |
| 1121 | 1121 | $this->_login($returl, $expire, $cookie); |
| 1122 | 1122 | } |
@@ -1127,14 +1127,14 @@ discard block |
||
| 1127 | 1127 | // user. We don't want it hanging around as it causes confusion. |
| 1128 | 1128 | $this->unset_postcode_cookie(); |
| 1129 | 1129 | |
| 1130 | - twfy_debug("THEUSER", "expire is " . $expire); |
|
| 1130 | + twfy_debug("THEUSER", "expire is ".$expire); |
|
| 1131 | 1131 | |
| 1132 | 1132 | $cookie_expires = 0; |
| 1133 | 1133 | if ($expire == 'never') { |
| 1134 | 1134 | twfy_debug("THEUSER", "cookie never expires"); |
| 1135 | - $cookie_expires = time()+86400*365*20; |
|
| 1135 | + $cookie_expires = time() + 86400 * 365 * 20; |
|
| 1136 | 1136 | } elseif (is_int($expire) && $expire > time()) { |
| 1137 | - twfy_debug("THEUSER", "cookie expires at " . $expire); |
|
| 1137 | + twfy_debug("THEUSER", "cookie expires at ".$expire); |
|
| 1138 | 1138 | $cookie_expires = $expire; |
| 1139 | 1139 | } else { |
| 1140 | 1140 | twfy_debug("THEUSER", "cookie expires with session"); |
@@ -1170,7 +1170,7 @@ discard block |
||
| 1170 | 1170 | } |
| 1171 | 1171 | } |
| 1172 | 1172 | |
| 1173 | - public function confirm_email($token, $redirect=true) { |
|
| 1173 | + public function confirm_email($token, $redirect = true) { |
|
| 1174 | 1174 | $arg = ''; |
| 1175 | 1175 | if (strstr($token, '::')) $arg = '::'; |
| 1176 | 1176 | if (strstr($token, '-')) $arg = '-'; |
@@ -1183,24 +1183,24 @@ discard block |
||
| 1183 | 1183 | FROM tokens |
| 1184 | 1184 | WHERE token = :token |
| 1185 | 1185 | AND type = 'E' |
| 1186 | - ", array (':token' => $registrationtoken)); |
|
| 1186 | + ", array(':token' => $registrationtoken)); |
|
| 1187 | 1187 | |
| 1188 | 1188 | if ($q->rows() == 1) { |
| 1189 | 1189 | $expires = $q->field(0, 'expires'); |
| 1190 | 1190 | $expire_time = strtotime($expires); |
| 1191 | - if ( $expire_time < time() ) { |
|
| 1191 | + if ($expire_time < time()) { |
|
| 1192 | 1192 | global $PAGE; |
| 1193 | 1193 | if ($PAGE && $redirect) { |
| 1194 | - $PAGE->error_message ("Sorry, that token seems to have expired"); |
|
| 1194 | + $PAGE->error_message("Sorry, that token seems to have expired"); |
|
| 1195 | 1195 | } |
| 1196 | 1196 | |
| 1197 | 1197 | return false; |
| 1198 | 1198 | } |
| 1199 | 1199 | |
| 1200 | - list( $user_id, $email ) = explode('::', $q->field(0, 'data')); |
|
| 1200 | + list($user_id, $email) = explode('::', $q->field(0, 'data')); |
|
| 1201 | 1201 | |
| 1202 | 1202 | // if we are logged in as someone else don't change the email |
| 1203 | - if ( $this->user_id() != 0 && $this->user_id() != $user_id ) { |
|
| 1203 | + if ($this->user_id() != 0 && $this->user_id() != $user_id) { |
|
| 1204 | 1204 | return false; |
| 1205 | 1205 | } |
| 1206 | 1206 | |
@@ -1292,7 +1292,7 @@ discard block |
||
| 1292 | 1292 | # This should probably be in the ALERT class |
| 1293 | 1293 | $this->db->query('update alerts set confirmed=1 where email = :email and criteria = :criteria', array( |
| 1294 | 1294 | ':email' => $this->email, |
| 1295 | - ':criteria' => 'speaker:' . $pid |
|
| 1295 | + ':criteria' => 'speaker:'.$pid |
|
| 1296 | 1296 | )); |
| 1297 | 1297 | } catch (MySociety\TheyWorkForYou\MemberException $e) { |
| 1298 | 1298 | } |
@@ -1328,7 +1328,7 @@ discard block |
||
| 1328 | 1328 | // |
| 1329 | 1329 | // Note that this doesn't login or redirect the user. |
| 1330 | 1330 | |
| 1331 | - twfy_debug("THEUSER", "Confirming user without token: " . $this->user_id()); |
|
| 1331 | + twfy_debug("THEUSER", "Confirming user without token: ".$this->user_id()); |
|
| 1332 | 1332 | $q = $this->db->query("SELECT email, password, postcode |
| 1333 | 1333 | FROM users |
| 1334 | 1334 | WHERE user_id = :user_id |
@@ -1338,9 +1338,9 @@ discard block |
||
| 1338 | 1338 | |
| 1339 | 1339 | if ($q->rows() == 1) { |
| 1340 | 1340 | |
| 1341 | - twfy_debug("THEUSER", "User with ID found to confirm: " . $this->user_id()); |
|
| 1341 | + twfy_debug("THEUSER", "User with ID found to confirm: ".$this->user_id()); |
|
| 1342 | 1342 | // We'll need these to be set before logging the user in. |
| 1343 | - $this->email = $q->field(0, 'email'); |
|
| 1343 | + $this->email = $q->field(0, 'email'); |
|
| 1344 | 1344 | |
| 1345 | 1345 | // Set that they're confirmed in the DB. |
| 1346 | 1346 | $r = $this->db->query("UPDATE users |
@@ -1355,18 +1355,18 @@ discard block |
||
| 1355 | 1355 | # This should probably be in the ALERT class |
| 1356 | 1356 | $this->db->query('update alerts set confirmed=1 where email = :email and criteria = :criteria', array( |
| 1357 | 1357 | ':email' => $this->email, |
| 1358 | - ':criteria' => 'speaker:' . $pid |
|
| 1358 | + ':criteria' => 'speaker:'.$pid |
|
| 1359 | 1359 | )); |
| 1360 | 1360 | } catch (MySociety\TheyWorkForYou\MemberException $e) { |
| 1361 | 1361 | } |
| 1362 | 1362 | } |
| 1363 | 1363 | |
| 1364 | 1364 | if ($r->success()) { |
| 1365 | - twfy_debug("THEUSER", "User with ID confirmed: " . $this->user_id()); |
|
| 1365 | + twfy_debug("THEUSER", "User with ID confirmed: ".$this->user_id()); |
|
| 1366 | 1366 | $this->confirmed = true; |
| 1367 | 1367 | return true; |
| 1368 | 1368 | } else { |
| 1369 | - twfy_debug("THEUSER", "User with ID not confirmed: " . $this->user_id()); |
|
| 1369 | + twfy_debug("THEUSER", "User with ID not confirmed: ".$this->user_id()); |
|
| 1370 | 1370 | // Couldn't set them as confirmed in the DB. |
| 1371 | 1371 | return false; |
| 1372 | 1372 | } |
@@ -1374,7 +1374,7 @@ discard block |
||
| 1374 | 1374 | } else { |
| 1375 | 1375 | // Couldn't find this user in the DB. Maybe the token was |
| 1376 | 1376 | // wrong or incomplete? |
| 1377 | - twfy_debug("THEUSER", "User with ID not found to confirm: " . $this->user_id()); |
|
| 1377 | + twfy_debug("THEUSER", "User with ID not found to confirm: ".$this->user_id()); |
|
| 1378 | 1378 | return false; |
| 1379 | 1379 | } |
| 1380 | 1380 | } |
@@ -1387,14 +1387,14 @@ discard block |
||
| 1387 | 1387 | |
| 1388 | 1388 | $this->postcode = $pc; |
| 1389 | 1389 | if (!headers_sent()) // if in debug mode |
| 1390 | - setcookie (POSTCODE_COOKIE, $pc, time()+7*86400, "/", COOKIEDOMAIN); |
|
| 1390 | + setcookie(POSTCODE_COOKIE, $pc, time() + 7 * 86400, "/", COOKIEDOMAIN); |
|
| 1391 | 1391 | |
| 1392 | - twfy_debug('USER', "Set the cookie named '" . POSTCODE_COOKIE . " to '$pc' for " . COOKIEDOMAIN . " domain"); |
|
| 1392 | + twfy_debug('USER', "Set the cookie named '".POSTCODE_COOKIE." to '$pc' for ".COOKIEDOMAIN." domain"); |
|
| 1393 | 1393 | } |
| 1394 | 1394 | |
| 1395 | 1395 | public function unset_postcode_cookie() { |
| 1396 | 1396 | if (!headers_sent()) // if in debug mode |
| 1397 | - setcookie (POSTCODE_COOKIE, '', time() - 3600, '/', COOKIEDOMAIN); |
|
| 1397 | + setcookie(POSTCODE_COOKIE, '', time() - 3600, '/', COOKIEDOMAIN); |
|
| 1398 | 1398 | } |
| 1399 | 1399 | |
| 1400 | 1400 | // mostly here for updating from facebook where we do not need |
@@ -1407,8 +1407,8 @@ discard block |
||
| 1407 | 1407 | |
| 1408 | 1408 | // this is checked elsewhere but just in case we check here and |
| 1409 | 1409 | // bail out to be on the safe side |
| 1410 | - if ( isset($details['email'] ) ) { |
|
| 1411 | - if ( $details['email'] != $this->email() && $this->email_exists( $details['email'] ) ) { |
|
| 1410 | + if (isset($details['email'])) { |
|
| 1411 | + if ($details['email'] != $this->email() && $this->email_exists($details['email'])) { |
|
| 1412 | 1412 | return false; |
| 1413 | 1413 | } |
| 1414 | 1414 | } |
@@ -1457,8 +1457,8 @@ discard block |
||
| 1457 | 1457 | // this is checked elsewhere but just in case we check here and |
| 1458 | 1458 | // bail out to be on the safe side |
| 1459 | 1459 | $email = ''; |
| 1460 | - if ( isset($details['email'] ) ) { |
|
| 1461 | - if ( $details['email'] != $this->email() && $this->email_exists( $details['email'] ) ) { |
|
| 1460 | + if (isset($details['email'])) { |
|
| 1461 | + if ($details['email'] != $this->email() && $this->email_exists($details['email'])) { |
|
| 1462 | 1462 | return false; |
| 1463 | 1463 | } |
| 1464 | 1464 | $email = $details['email']; |
@@ -1486,8 +1486,8 @@ discard block |
||
| 1486 | 1486 | } |
| 1487 | 1487 | |
| 1488 | 1488 | if ($email && $email != $this->email) { |
| 1489 | - $token = substr( password_hash($email . microtime(), PASSWORD_BCRYPT), 29, 16 ); |
|
| 1490 | - $data = $this->user_id() . '::' . $email; |
|
| 1489 | + $token = substr(password_hash($email.microtime(), PASSWORD_BCRYPT), 29, 16); |
|
| 1490 | + $data = $this->user_id().'::'.$email; |
|
| 1491 | 1491 | $r = $this->db->query("INSERT INTO tokens |
| 1492 | 1492 | ( expires, token, type, data ) |
| 1493 | 1493 | VALUES |
@@ -1503,7 +1503,7 @@ discard block |
||
| 1503 | 1503 | )); |
| 1504 | 1504 | |
| 1505 | 1505 | // send confirmation email here |
| 1506 | - if ( $r->success() ) { |
|
| 1506 | + if ($r->success()) { |
|
| 1507 | 1507 | $newdetails['email'] = $email; |
| 1508 | 1508 | $newdetails['token'] = $token; |
| 1509 | 1509 | if ($confirm_email) { |
