Ignore:
Timestamp:
Nov 27, 2011, 4:27:10 PM (13 years ago)
Author:
Eric
Message:

Bug 2456 fixed - New feature : Avoid user connexion to the gallery until there has been no validation of registration. Users are redirected to a customizable content page.

Location:
extensions/UserAdvManager/trunk/include
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • extensions/UserAdvManager/trunk/include/functions.inc.php

    r12314 r12661  
    380380  global $conf, $user;
    381381 
     382  include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
     383 
    382384  $conf_UAM = unserialize($conf['UserAdvManager']);
    383385 
     
    396398  }
    397399
    398   // Performing redirection to profile page on first login
    399   // -----------------------------------------------------
    400   if ((isset($conf_UAM[20]) and $conf_UAM[20] == 'true'))
    401   {
    402     $query ='
     400  // Avoid login into public galleries until registration confirmation is done
     401  if ((isset($conf_UAM[39]) and $conf_UAM[39] == 'false') or ((isset($conf_UAM[39]) and $conf_UAM[39] == 'true') and UAM_UsrReg_Verif($user['id'])))
     402  {
     403    // Performing redirection to profile page on first login
     404    // -----------------------------------------------------
     405    if ((isset($conf_UAM[20]) and $conf_UAM[20] == 'true'))
     406    {
     407      $query ='
    403408SELECT user_id, status
    404409FROM '.USER_INFOS_TABLE.'
    405410WHERE user_id = '.$user['id'].'
    406411;';
    407     $data = pwg_db_fetch_assoc(pwg_query($query));
    408 
    409     if ($data['status'] <> "admin" and $data['status'] <> "webmaster" and $data['status'] <> "generic") // Exclusion of specific accounts
    410     {
    411       $user_idsOK = array();
    412       if (!UAM_check_profile($user['id'], $user_idsOK))
    413         redirect(PHPWG_ROOT_PATH.'profile.php');
    414     }
    415   }
    416 
    417   // Performing redirection to profile page for password reset
    418   // ---------------------------------------------------------
    419   if ((isset($conf_UAM[38]) and $conf_UAM[38] == 'true'))
    420   {
    421     $query ='
     412      $data = pwg_db_fetch_assoc(pwg_query($query));
     413
     414      if ($data['status'] <> "admin" and $data['status'] <> "webmaster" and $data['status'] <> "generic") // Exclusion of specific accounts
     415      {
     416        $user_idsOK = array();
     417        if (!UAM_check_profile($user['id'], $user_idsOK))
     418          redirect(PHPWG_ROOT_PATH.'profile.php');
     419      }
     420    }
     421
     422    // Performing redirection to profile page for password reset
     423    // ---------------------------------------------------------
     424    if ((isset($conf_UAM[38]) and $conf_UAM[38] == 'true'))
     425    {
     426      $query ='
    422427SELECT user_id, status
    423428FROM '.USER_INFOS_TABLE.'
    424429WHERE user_id = '.$user['id'].'
    425430;';
    426     $data = pwg_db_fetch_assoc(pwg_query($query));
    427 
    428     if ($data['status'] <> "webmaster" and $data['status'] <> "generic") // Exclusion of specific accounts
    429     {
    430       if (UAM_check_pwgreset($user['id']))
    431       {
    432         redirect(PHPWG_ROOT_PATH.'profile.php');
     431      $data = pwg_db_fetch_assoc(pwg_query($query));
     432
     433      if ($data['status'] <> "webmaster" and $data['status'] <> "generic") // Exclusion of specific accounts
     434      {
     435        if (UAM_check_pwgreset($user['id']))
     436        {
     437          redirect(PHPWG_ROOT_PATH.'profile.php');
     438        }
    433439      }
    434440    }
     441  }
     442  elseif ((isset($conf_UAM[39]) and $conf_UAM[39] == 'true') and !UAM_UsrReg_Verif($user['id']))
     443  {
     444    // Logged-in user cleanup, session destruction and redirected to custom page
     445    // -------------------------------------------------------------------------
     446    invalidate_user_cache();
     447    logout_user();
     448    redirect(UAM_PATH.'rejected.php');
    435449  }
    436450}
     
    20732087
    20742088/**
    2075  * Function called from main.inc.php - Check if username matches forbidden caracters
     2089 * Function called from functions.inc.php - Check if username matches forbidden caracters
    20762090 *
    20772091 * @param : User login
     
    25662580
    25672581/**
    2568  * Function called from maintain.inc.php - to check if database upgrade is needed
    2569  *
    2570  * @param : table name
    2571  *
    2572  * @return : boolean
    2573  *
    2574  */
    2575 function table_exist($table)
    2576 {
    2577   $query = 'DESC '.$table.';';
    2578   return (bool)($res=pwg_query($query));
    2579 }
    2580 
    2581 
    2582 /**
    2583  * Function called from UAM_admin.php and main.inc.php to get the plugin version and name
    2584  *
    2585  * @param : plugin directory
    2586  *
    2587  * @return : plugin's version and name
    2588  *
    2589  */
    2590 function PluginInfos($dir)
    2591 {
    2592   $path = $dir;
    2593 
    2594   $plg_data = implode( '', file($path.'main.inc.php') );
    2595   if ( preg_match("|Plugin Name: (.*)|", $plg_data, $val) )
    2596   {
    2597     $plugin['name'] = trim( $val[1] );
    2598   }
    2599   if (preg_match("|Version: (.*)|", $plg_data, $val))
    2600   {
    2601     $plugin['version'] = trim($val[1]);
    2602   }
    2603   if ( preg_match("|Plugin URI: (.*)|", $plg_data, $val) )
    2604   {
    2605     $plugin['uri'] = trim($val[1]);
    2606   }
    2607   if ($desc = load_language('description.txt', $path.'/', array('return' => true)))
    2608   {
    2609     $plugin['description'] = trim($desc);
    2610   }
    2611   elseif ( preg_match("|Description: (.*)|", $plg_data, $val) )
    2612   {
    2613     $plugin['description'] = trim($val[1]);
    2614   }
    2615   if ( preg_match("|Author: (.*)|", $plg_data, $val) )
    2616   {
    2617     $plugin['author'] = trim($val[1]);
    2618   }
    2619   if ( preg_match("|Author URI: (.*)|", $plg_data, $val) )
    2620   {
    2621     $plugin['author uri'] = trim($val[1]);
    2622   }
    2623   if (!empty($plugin['uri']) and strpos($plugin['uri'] , 'extension_view.php?eid='))
    2624   {
    2625     list( , $extension) = explode('extension_view.php?eid=', $plugin['uri']);
    2626     if (is_numeric($extension)) $plugin['extension'] = $extension;
    2627   }
    2628 // IMPORTANT SECURITY !
    2629 // --------------------
    2630   $plugin = array_map('htmlspecialchars', $plugin);
    2631 
    2632   return $plugin ;
    2633 }
    2634 
    2635 
    2636 /**
    2637  * Delete obsolete files on plugin upgrade
    2638  * Obsolete files are listed in file obsolete.list
    2639  *
    2640  */
    2641 function clean_obsolete_files()
    2642 {
    2643   if (file_exists(UAM_PATH.'obsolete.list')
    2644     and $old_files = file(UAM_PATH.'obsolete.list', FILE_IGNORE_NEW_LINES)
    2645     and !empty($old_files))
    2646   {
    2647     array_push($old_files, 'obsolete.list');
    2648     foreach($old_files as $old_file)
    2649     {
    2650       $path = UAM_PATH.$old_file;
    2651       if (is_file($path))
    2652       {
    2653         @unlink($path);
    2654       }
    2655       elseif (is_dir($path))
    2656       {
    2657         @rmdir($path);
    2658       }
    2659     }
    2660   }
    2661 }
    2662 
    2663 
    2664 /**
    26652582 * UAM_check_profile - Thx to LucMorizur
    26662583 * checks if a user id is registered as having already
    2667  * visited his profile.php page.
     2584 * visited his profile page.
    26682585 *
    26692586 * @uid        : the user id
     
    26992616 * UAM_check_pwdreset
    27002617 * checks if a user id is registered as having already
    2701  * changed their password.
     2618 * changed his password.
    27022619 *
    27032620 * @uid        : the user id
     
    27222639  else return false;
    27232640}
     2641
     2642
     2643/**
     2644 * UAM_UsrReg_Verif
     2645 * Check if the user who logged-in have validate his registration
     2646 *
     2647 * @returns : True if validation is OK else False
     2648 */
     2649function UAM_UsrReg_Verif($user_id)
     2650{
     2651  global $conf;
     2652
     2653        // Get UAM configuration
     2654  // ---------------------
     2655  $conf_UAM = unserialize($conf['UserAdvManager']);
     2656
     2657  $query = '
     2658SELECT group_id
     2659  FROM '.USER_GROUP_TABLE.'
     2660WHERE user_id = '.$user_id.'
     2661  AND group_id = '.$conf_UAM[2].'
     2662;';
     2663
     2664  $count = pwg_db_num_rows(pwg_query($query));
     2665 
     2666  if ($count == 0)
     2667  {
     2668    return true; // User is not in a "Waiting" group
     2669  }
     2670  else
     2671  {
     2672    return false; // User is still in a "Waiting" group
     2673  }
     2674}
     2675
    27242676
    27252677/**
     
    30172969
    30182970
     2971/**
     2972 * Delete obsolete files on plugin upgrade
     2973 * Obsolete files are listed in file obsolete.list
     2974 *
     2975 */
     2976function clean_obsolete_files()
     2977{
     2978  if (file_exists(UAM_PATH.'obsolete.list')
     2979    and $old_files = file(UAM_PATH.'obsolete.list', FILE_IGNORE_NEW_LINES)
     2980    and !empty($old_files))
     2981  {
     2982    array_push($old_files, 'obsolete.list');
     2983    foreach($old_files as $old_file)
     2984    {
     2985      $path = UAM_PATH.$old_file;
     2986      if (is_file($path))
     2987      {
     2988        @unlink($path);
     2989      }
     2990      elseif (is_dir($path))
     2991      {
     2992        @rmdir($path);
     2993      }
     2994    }
     2995  }
     2996}
     2997
     2998
     2999/**
     3000 * Function called from maintain.inc.php - to check if database upgrade is needed
     3001 *
     3002 * @param : table name
     3003 *
     3004 * @return : boolean
     3005 *
     3006 */
     3007function table_exist($table)
     3008{
     3009  $query = 'DESC '.$table.';';
     3010  return (bool)($res=pwg_query($query));
     3011}
     3012
     3013
     3014/**
     3015 * Function called from UAM_admin.php and main.inc.php to get the plugin version and name
     3016 *
     3017 * @param : plugin directory
     3018 *
     3019 * @return : plugin's version and name
     3020 *
     3021 */
     3022function PluginInfos($dir)
     3023{
     3024  $path = $dir;
     3025
     3026  $plg_data = implode( '', file($path.'main.inc.php') );
     3027  if ( preg_match("|Plugin Name: (.*)|", $plg_data, $val) )
     3028  {
     3029    $plugin['name'] = trim( $val[1] );
     3030  }
     3031  if (preg_match("|Version: (.*)|", $plg_data, $val))
     3032  {
     3033    $plugin['version'] = trim($val[1]);
     3034  }
     3035  if ( preg_match("|Plugin URI: (.*)|", $plg_data, $val) )
     3036  {
     3037    $plugin['uri'] = trim($val[1]);
     3038  }
     3039  if ($desc = load_language('description.txt', $path.'/', array('return' => true)))
     3040  {
     3041    $plugin['description'] = trim($desc);
     3042  }
     3043  elseif ( preg_match("|Description: (.*)|", $plg_data, $val) )
     3044  {
     3045    $plugin['description'] = trim($val[1]);
     3046  }
     3047  if ( preg_match("|Author: (.*)|", $plg_data, $val) )
     3048  {
     3049    $plugin['author'] = trim($val[1]);
     3050  }
     3051  if ( preg_match("|Author URI: (.*)|", $plg_data, $val) )
     3052  {
     3053    $plugin['author uri'] = trim($val[1]);
     3054  }
     3055  if (!empty($plugin['uri']) and strpos($plugin['uri'] , 'extension_view.php?eid='))
     3056  {
     3057    list( , $extension) = explode('extension_view.php?eid=', $plugin['uri']);
     3058    if (is_numeric($extension)) $plugin['extension'] = $extension;
     3059  }
     3060// IMPORTANT SECURITY !
     3061// --------------------
     3062  $plugin = array_map('htmlspecialchars', $plugin);
     3063
     3064  return $plugin ;
     3065}
     3066
    30193067
    30203068/**
  • extensions/UserAdvManager/trunk/include/upgradedb.inc.php

    r12271 r12661  
    559559  }
    560560}
     561
     562
     563/* upgrade from 2.30.x to 2.30.2 */
     564/* ***************************** */
     565function upgrade_2300_2302()
     566{
     567  global $conf;
     568 
     569  load_language('plugin.lang', UAM_PATH);
     570
     571  // Upgrading options
     572  // -----------------
     573  $query = '
     574SELECT value
     575  FROM '.CONFIG_TABLE.'
     576WHERE param = "UserAdvManager"
     577;';
     578
     579  $result = pwg_query($query);
     580  $conf_UAM = pwg_db_fetch_assoc($result);
     581   
     582  $Newconf_UAM = unserialize($conf_UAM['value']);
     583 
     584  $Newconf_UAM[39] = 'false';
     585  $Newconf_UAM[40] = l10n('UAM_Default_RejectConnexion_Txt');
     586
     587  $update_conf = serialize($Newconf_UAM);
     588
     589  conf_update_param('UserAdvManager', pwg_db_real_escape_string($update_conf));
     590}
    561591?>
Note: See TracChangeset for help on using the changeset viewer.