From e5ecfa7c34631155932265ccadd130f7c9debde4 Mon Sep 17 00:00:00 2001 From: Michael Date: Fri, 17 Jan 2020 07:02:59 +0000 Subject: [PATCH 1/5] Additional accounts can now be created easily --- src/Module/Register.php | 61 +++++++++++++++++++++++--- view/theme/frio/templates/register.tpl | 36 +++++++++------ 2 files changed, 78 insertions(+), 19 deletions(-) diff --git a/src/Module/Register.php b/src/Module/Register.php index bd0858ee3..a15498973 100644 --- a/src/Module/Register.php +++ b/src/Module/Register.php @@ -43,12 +43,20 @@ class Register extends BaseModule // 'block_extended_register' blocks all registrations, period. $block = Config::get('system', 'block_extended_register'); - if (local_user() && ($block)) { + if (local_user() && $block) { notice('Permission denied.' . EOL); return ''; } - if ((!local_user()) && (intval(Config::get('config', 'register_policy')) === self::CLOSED)) { + if (local_user()) { + $user = DBA::selectFirst('user', ['parent-uid'], ['uid' => local_user()]); + if (!empty($user['parent-uid'])) { + notice('Only parent users can create additional profiles.'); + return ''; + } + } + + if (!local_user() && (intval(Config::get('config', 'register_policy')) === self::CLOSED)) { notice('Permission denied.' . EOL); return ''; } @@ -70,7 +78,7 @@ class Register extends BaseModule $photo = $_REQUEST['photo'] ?? ''; $invite_id = $_REQUEST['invite_id'] ?? ''; - if (Config::get('system', 'no_openid')) { + if (local_user() || Config::get('system', 'no_openid')) { $fillwith = ''; $fillext = ''; $oidlabel = ''; @@ -94,7 +102,7 @@ class Register extends BaseModule ]); } - $ask_password = ! DBA::count('contact'); + $ask_password = !DBA::count('contact'); $tpl = Renderer::getMarkupTemplate('register.tpl'); @@ -142,7 +150,10 @@ class Register extends BaseModule '$privstatement'=> $tos->privacy_complete, '$form_security_token' => BaseModule::getFormSecurityToken('register'), '$explicit_content' => Config::get('system', 'explicit_content', false), - '$explicit_content_note' => L10n::t('Note: This node explicitly contains adult content') + '$explicit_content_note' => L10n::t('Note: This node explicitly contains adult content'), + '$additional' => !empty(local_user()), + '$parent_password' => ['parent_password', L10n::t('Parent Password:'), '', L10n::t('Please enter the password of the parent account to legitimize your request.')] + ]); return $o; @@ -163,6 +174,26 @@ class Register extends BaseModule $arr = ['post' => $_POST]; Hook::callAll('register_post', $arr); + $additional_account = false; + + if (!local_user() && !empty($arr['post']['parent_password'])) { + notice(L10n::t('Permission denied.') . EOL); + return; + } elseif (local_user() && !empty($arr['post']['parent_password'])) { + try { + Model\User::getIdFromPasswordAuthentication(local_user(), $arr['post']['parent_password']); + } catch (\Exception $ex) { + notice(L10n::t("Password doesn't match")); + $regdata = ['nickname' => $arr['post']['nickname'], 'username' => $arr['post']['username']]; + DI::baseUrl()->redirect('register?' . http_build_query($regdata)); + } + $additional_account = true; + } elseif (local_user()) { + notice(L10n::t('Please enter your password')); + $regdata = ['nickname' => $arr['post']['nickname'], 'username' => $arr['post']['username']]; + DI::baseUrl()->redirect('register?' . http_build_query($regdata)); + } + $max_dailies = intval(Config::get('system', 'max_daily_registrations')); if ($max_dailies) { $count = DBA::count('user', ['`register_date` > UTC_TIMESTAMP - INTERVAL 1 day']); @@ -208,6 +239,20 @@ class Register extends BaseModule // Overwriting the "tar pit" field with the real one $arr['email'] = $arr['field1']; + if ($additional_account) { + $user = DBA::selectFirst('user', ['email'], ['uid' => local_user()]); + if (!DBA::isResult($user)) { + notice(L10n::t('User not found')); + DI::baseUrl()->redirect('register'); + } + + $blocked = 0; + $verified = 1; + + $arr['password1'] = $arr['confirm'] = $arr['parent_password']; + $arr['repeat'] = $arr['email'] = $user['email']; + } + if ($arr['email'] != $arr['repeat']) { Logger::info('Mail mismatch', $arr); notice(L10n::t('Please enter the identical mail address in the second field.')); @@ -235,6 +280,12 @@ class Register extends BaseModule Worker::add(PRIORITY_LOW, 'Directory', $url); } + if ($additional_account) { + DBA::update('user', ['parent-uid' => local_user()], ['uid' => $user['uid']]); + info(L10n::t('The additional account was created.')); + DI::baseUrl()->redirect('delegation'); + } + $using_invites = Config::get('system', 'invitation_only'); $num_invites = Config::get('system', 'number_invites'); $invite_id = (!empty($_POST['invite_id']) ? Strings::escapeTags(trim($_POST['invite_id'])) : ''); diff --git a/view/theme/frio/templates/register.tpl b/view/theme/frio/templates/register.tpl index 3bc6c8378..c2ac17436 100644 --- a/view/theme/frio/templates/register.tpl +++ b/view/theme/frio/templates/register.tpl @@ -36,17 +36,19 @@
-
- - -
-
+ {{if !$additional}} +
+ + +
+
-
- - -
-
+
+ + +
+
+ {{/if}} {{if $ask_password}} {{include file="field_password.tpl" field=$password1}} @@ -60,6 +62,10 @@
+ {{if $additional}} + {{include file="field_password.tpl" field=$parent_password}} + {{/if}} + {{if $permonly}} @@ -83,9 +89,11 @@
-

{{$importh}}

-
- {{$importt}} -
+ {{if !$additional}} +

{{$importh}}

+
+ {{$importt}} +
+ {{/if}} From 7ee7bd72fdb780085c4bcab6023f1585eacd3748 Mon Sep 17 00:00:00 2001 From: Michael Date: Fri, 17 Jan 2020 07:08:32 +0000 Subject: [PATCH 2/5] Additional accounts now work for the general template as well --- view/templates/register.tpl | 36 ++++++++++++++++++++++-------------- 1 file changed, 22 insertions(+), 14 deletions(-) diff --git a/view/templates/register.tpl b/view/templates/register.tpl index b47d39b97..d79da2d33 100644 --- a/view/templates/register.tpl +++ b/view/templates/register.tpl @@ -35,17 +35,19 @@
-
- - -
-
+ {{if !$additional}} +
+ + +
+
-
- - -
-
+
+ + +
+
+ {{/if}} {{if $ask_password}} {{include file="field_password.tpl" field=$password1}} @@ -62,6 +64,10 @@ + {{if $additional}} + {{include file="field_password.tpl" field=$parent_password}} + {{/if}} + {{if $permonly}} {{include file="field_textarea.tpl" field=$permonlybox}} {{/if}} @@ -83,8 +89,10 @@
-

{{$importh}}

- + {{if !$additional}} +

{{$importh}}

+ + {{/if}} From 5c0f0c9c194df349eff54b3502f7f9b522ea58c1 Mon Sep 17 00:00:00 2001 From: Michael Date: Fri, 17 Jan 2020 07:29:22 +0000 Subject: [PATCH 3/5] Improved notices --- src/Module/Register.php | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/src/Module/Register.php b/src/Module/Register.php index a15498973..c26c878af 100644 --- a/src/Module/Register.php +++ b/src/Module/Register.php @@ -44,20 +44,20 @@ class Register extends BaseModule $block = Config::get('system', 'block_extended_register'); if (local_user() && $block) { - notice('Permission denied.' . EOL); + notice(L10n::t('Permission denied.')); return ''; } if (local_user()) { $user = DBA::selectFirst('user', ['parent-uid'], ['uid' => local_user()]); if (!empty($user['parent-uid'])) { - notice('Only parent users can create additional profiles.'); + notice(L10n::t('Only parent users can create additional profiles.')); return ''; } } if (!local_user() && (intval(Config::get('config', 'register_policy')) === self::CLOSED)) { - notice('Permission denied.' . EOL); + notice(L10n::t('Permission denied.')); return ''; } @@ -66,7 +66,7 @@ class Register extends BaseModule $count = DBA::count('user', ['`register_date` > UTC_TIMESTAMP - INTERVAL 1 day']); if ($count >= $max_dailies) { Logger::log('max daily registrations exceeded.'); - notice(L10n::t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.') . EOL); + notice(L10n::t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.')); return ''; } } @@ -177,19 +177,19 @@ class Register extends BaseModule $additional_account = false; if (!local_user() && !empty($arr['post']['parent_password'])) { - notice(L10n::t('Permission denied.') . EOL); + notice(L10n::t('Permission denied.')); return; } elseif (local_user() && !empty($arr['post']['parent_password'])) { try { Model\User::getIdFromPasswordAuthentication(local_user(), $arr['post']['parent_password']); } catch (\Exception $ex) { - notice(L10n::t("Password doesn't match")); + notice(L10n::t("Password doesn't match.")); $regdata = ['nickname' => $arr['post']['nickname'], 'username' => $arr['post']['username']]; DI::baseUrl()->redirect('register?' . http_build_query($regdata)); } $additional_account = true; } elseif (local_user()) { - notice(L10n::t('Please enter your password')); + notice(L10n::t('Please enter your password.')); $regdata = ['nickname' => $arr['post']['nickname'], 'username' => $arr['post']['username']]; DI::baseUrl()->redirect('register?' . http_build_query($regdata)); } @@ -216,7 +216,7 @@ class Register extends BaseModule case self::CLOSED: default: if (empty($_SESSION['authenticated']) && empty($_SESSION['administrator'])) { - \notice(L10n::t('Permission denied.') . EOL); + notice(L10n::t('Permission denied.')); return; } $blocked = 1; @@ -242,7 +242,7 @@ class Register extends BaseModule if ($additional_account) { $user = DBA::selectFirst('user', ['email'], ['uid' => local_user()]); if (!DBA::isResult($user)) { - notice(L10n::t('User not found')); + notice(L10n::t('User not found.')); DI::baseUrl()->redirect('register'); } @@ -267,7 +267,7 @@ class Register extends BaseModule try { $result = Model\User::create($arr); } catch (\Exception $e) { - \notice($e->getMessage()); + notice($e->getMessage()); return; } @@ -307,29 +307,29 @@ class Register extends BaseModule ); if ($res) { - \info(L10n::t('Registration successful. Please check your email for further instructions.') . EOL); + info(L10n::t('Registration successful. Please check your email for further instructions.')); DI::baseUrl()->redirect(); } else { - \notice( + notice( L10n::t('Failed to send email message. Here your accout details:
login: %s
password: %s

You can change your password after login.', $user['email'], $result['password']) ); } } else { - \info(L10n::t('Registration successful.') . EOL); + info(L10n::t('Registration successful.')); DI::baseUrl()->redirect(); } } elseif (intval(Config::get('config', 'register_policy')) === self::APPROVE) { if (!strlen(Config::get('config', 'admin_email'))) { - \notice(L10n::t('Your registration can not be processed.') . EOL); + notice(L10n::t('Your registration can not be processed.')); DI::baseUrl()->redirect(); } // Check if the note to the admin is actually filled out if (empty($_POST['permonlybox'])) { - \notice(L10n::t('You have to leave a request note for the admin.') - . L10n::t('Your registration can not be processed.') . EOL); + notice(L10n::t('You have to leave a request note for the admin.') + . L10n::t('Your registration can not be processed.')); DI::baseUrl()->redirect('register/'); } @@ -376,7 +376,7 @@ class Register extends BaseModule $result['password'] ); - \info(L10n::t('Your registration is pending approval by the site owner.') . EOL); + info(L10n::t('Your registration is pending approval by the site owner.')); DI::baseUrl()->redirect(); } From f3b3c4e8660a99b00d69e3738bd569767ad0100c Mon Sep 17 00:00:00 2001 From: Michael Date: Fri, 17 Jan 2020 12:44:26 +0000 Subject: [PATCH 4/5] Link to registration added --- src/Module/Settings/Delegation.php | 5 ++++- view/templates/settings/delegation.tpl | 4 ++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/Module/Settings/Delegation.php b/src/Module/Settings/Delegation.php index 283753d12..d9ae60582 100644 --- a/src/Module/Settings/Delegation.php +++ b/src/Module/Settings/Delegation.php @@ -140,12 +140,15 @@ class Delegation extends BaseSettingsModule $o = Renderer::replaceMacros(Renderer::getMarkupTemplate('settings/delegation.tpl'), [ '$form_security_token' => BaseModule::getFormSecurityToken('delegate'), + '$account_header' => L10n::t('Additional Accounts'), + '$account_desc' => L10n::t('Register additional accounts that are automatically connected to your existing account so you can manage it from this account.'), + '$add_account' => L10n::t('Register an additional account'), '$parent_header' => L10n::t('Parent User'), '$parent_user' => $parent_user, '$parent_password' => $parent_password, '$parent_desc' => L10n::t('Parent users have total control about this account, including the account settings. Please double check whom you give this access.'), '$submit' => L10n::t('Save Settings'), - '$header' => L10n::t('Delegate Page Management'), + '$header' => L10n::t('Manage Accounts'), '$delegates_header' => L10n::t('Delegates'), '$base' => DI::baseUrl(), '$desc' => L10n::t('Delegates are able to manage all aspects of this account/page except for basic account settings. Please do not delegate your personal account to anybody that you do not trust completely.'), diff --git a/view/templates/settings/delegation.tpl b/view/templates/settings/delegation.tpl index 9e7242de6..be8fdf606 100644 --- a/view/templates/settings/delegation.tpl +++ b/view/templates/settings/delegation.tpl @@ -11,6 +11,10 @@
+{{else}} +

{{$account_header}}

+ +{{$add_account}} {{/if}}

{{$delegates_header}}

From f69a601ab154aa969298bd77998783cce12f5b5e Mon Sep 17 00:00:00 2001 From: Michael Date: Sat, 18 Jan 2020 04:52:30 +0000 Subject: [PATCH 5/5] Wrong wording --- src/Module/Register.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Module/Register.php b/src/Module/Register.php index c26c878af..2ea4373b9 100644 --- a/src/Module/Register.php +++ b/src/Module/Register.php @@ -51,7 +51,7 @@ class Register extends BaseModule if (local_user()) { $user = DBA::selectFirst('user', ['parent-uid'], ['uid' => local_user()]); if (!empty($user['parent-uid'])) { - notice(L10n::t('Only parent users can create additional profiles.')); + notice(L10n::t('Only parent users can create additional accounts.')); return ''; } }