Merge pull request #8122 from annando/additional

Additional accounts can now be created easily
This commit is contained in:
Hypolite Petovan 2020-01-18 08:21:17 -05:00 committed by GitHub
commit 7274891b62
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 120 additions and 46 deletions

View file

@ -43,13 +43,21 @@ class Register extends BaseModule
// 'block_extended_register' blocks all registrations, period.
$block = Config::get('system', 'block_extended_register');
if (local_user() && ($block)) {
notice('Permission denied.' . EOL);
if (local_user() && $block) {
notice(L10n::t('Permission denied.'));
return '';
}
if ((!local_user()) && (intval(Config::get('config', 'register_policy')) === self::CLOSED)) {
notice('Permission denied.' . EOL);
if (local_user()) {
$user = DBA::selectFirst('user', ['parent-uid'], ['uid' => local_user()]);
if (!empty($user['parent-uid'])) {
notice(L10n::t('Only parent users can create additional accounts.'));
return '';
}
}
if (!local_user() && (intval(Config::get('config', 'register_policy')) === self::CLOSED)) {
notice(L10n::t('Permission denied.'));
return '';
}
@ -58,7 +66,7 @@ class Register extends BaseModule
$count = DBA::count('user', ['`register_date` > UTC_TIMESTAMP - INTERVAL 1 day']);
if ($count >= $max_dailies) {
Logger::log('max daily registrations exceeded.');
notice(L10n::t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.') . EOL);
notice(L10n::t('This site has exceeded the number of allowed daily account registrations. Please try again tomorrow.'));
return '';
}
}
@ -70,7 +78,7 @@ class Register extends BaseModule
$photo = $_REQUEST['photo'] ?? '';
$invite_id = $_REQUEST['invite_id'] ?? '';
if (Config::get('system', 'no_openid')) {
if (local_user() || Config::get('system', 'no_openid')) {
$fillwith = '';
$fillext = '';
$oidlabel = '';
@ -94,7 +102,7 @@ class Register extends BaseModule
]);
}
$ask_password = ! DBA::count('contact');
$ask_password = !DBA::count('contact');
$tpl = Renderer::getMarkupTemplate('register.tpl');
@ -142,7 +150,10 @@ class Register extends BaseModule
'$privstatement'=> $tos->privacy_complete,
'$form_security_token' => BaseModule::getFormSecurityToken('register'),
'$explicit_content' => Config::get('system', 'explicit_content', false),
'$explicit_content_note' => L10n::t('Note: This node explicitly contains adult content')
'$explicit_content_note' => L10n::t('Note: This node explicitly contains adult content'),
'$additional' => !empty(local_user()),
'$parent_password' => ['parent_password', L10n::t('Parent Password:'), '', L10n::t('Please enter the password of the parent account to legitimize your request.')]
]);
return $o;
@ -163,6 +174,26 @@ class Register extends BaseModule
$arr = ['post' => $_POST];
Hook::callAll('register_post', $arr);
$additional_account = false;
if (!local_user() && !empty($arr['post']['parent_password'])) {
notice(L10n::t('Permission denied.'));
return;
} elseif (local_user() && !empty($arr['post']['parent_password'])) {
try {
Model\User::getIdFromPasswordAuthentication(local_user(), $arr['post']['parent_password']);
} catch (\Exception $ex) {
notice(L10n::t("Password doesn't match."));
$regdata = ['nickname' => $arr['post']['nickname'], 'username' => $arr['post']['username']];
DI::baseUrl()->redirect('register?' . http_build_query($regdata));
}
$additional_account = true;
} elseif (local_user()) {
notice(L10n::t('Please enter your password.'));
$regdata = ['nickname' => $arr['post']['nickname'], 'username' => $arr['post']['username']];
DI::baseUrl()->redirect('register?' . http_build_query($regdata));
}
$max_dailies = intval(Config::get('system', 'max_daily_registrations'));
if ($max_dailies) {
$count = DBA::count('user', ['`register_date` > UTC_TIMESTAMP - INTERVAL 1 day']);
@ -185,7 +216,7 @@ class Register extends BaseModule
case self::CLOSED:
default:
if (empty($_SESSION['authenticated']) && empty($_SESSION['administrator'])) {
\notice(L10n::t('Permission denied.') . EOL);
notice(L10n::t('Permission denied.'));
return;
}
$blocked = 1;
@ -208,6 +239,20 @@ class Register extends BaseModule
// Overwriting the "tar pit" field with the real one
$arr['email'] = $arr['field1'];
if ($additional_account) {
$user = DBA::selectFirst('user', ['email'], ['uid' => local_user()]);
if (!DBA::isResult($user)) {
notice(L10n::t('User not found.'));
DI::baseUrl()->redirect('register');
}
$blocked = 0;
$verified = 1;
$arr['password1'] = $arr['confirm'] = $arr['parent_password'];
$arr['repeat'] = $arr['email'] = $user['email'];
}
if ($arr['email'] != $arr['repeat']) {
Logger::info('Mail mismatch', $arr);
notice(L10n::t('Please enter the identical mail address in the second field.'));
@ -222,7 +267,7 @@ class Register extends BaseModule
try {
$result = Model\User::create($arr);
} catch (\Exception $e) {
\notice($e->getMessage());
notice($e->getMessage());
return;
}
@ -235,6 +280,12 @@ class Register extends BaseModule
Worker::add(PRIORITY_LOW, 'Directory', $url);
}
if ($additional_account) {
DBA::update('user', ['parent-uid' => local_user()], ['uid' => $user['uid']]);
info(L10n::t('The additional account was created.'));
DI::baseUrl()->redirect('delegation');
}
$using_invites = Config::get('system', 'invitation_only');
$num_invites = Config::get('system', 'number_invites');
$invite_id = (!empty($_POST['invite_id']) ? Strings::escapeTags(trim($_POST['invite_id'])) : '');
@ -256,29 +307,29 @@ class Register extends BaseModule
);
if ($res) {
\info(L10n::t('Registration successful. Please check your email for further instructions.') . EOL);
info(L10n::t('Registration successful. Please check your email for further instructions.'));
DI::baseUrl()->redirect();
} else {
\notice(
notice(
L10n::t('Failed to send email message. Here your accout details:<br> login: %s<br> password: %s<br><br>You can change your password after login.',
$user['email'],
$result['password'])
);
}
} else {
\info(L10n::t('Registration successful.') . EOL);
info(L10n::t('Registration successful.'));
DI::baseUrl()->redirect();
}
} elseif (intval(Config::get('config', 'register_policy')) === self::APPROVE) {
if (!strlen(Config::get('config', 'admin_email'))) {
\notice(L10n::t('Your registration can not be processed.') . EOL);
notice(L10n::t('Your registration can not be processed.'));
DI::baseUrl()->redirect();
}
// Check if the note to the admin is actually filled out
if (empty($_POST['permonlybox'])) {
\notice(L10n::t('You have to leave a request note for the admin.')
. L10n::t('Your registration can not be processed.') . EOL);
notice(L10n::t('You have to leave a request note for the admin.')
. L10n::t('Your registration can not be processed.'));
DI::baseUrl()->redirect('register/');
}
@ -325,7 +376,7 @@ class Register extends BaseModule
$result['password']
);
\info(L10n::t('Your registration is pending approval by the site owner.') . EOL);
info(L10n::t('Your registration is pending approval by the site owner.'));
DI::baseUrl()->redirect();
}

View file

@ -140,12 +140,15 @@ class Delegation extends BaseSettingsModule
$o = Renderer::replaceMacros(Renderer::getMarkupTemplate('settings/delegation.tpl'), [
'$form_security_token' => BaseModule::getFormSecurityToken('delegate'),
'$account_header' => L10n::t('Additional Accounts'),
'$account_desc' => L10n::t('Register additional accounts that are automatically connected to your existing account so you can manage it from this account.'),
'$add_account' => L10n::t('Register an additional account'),
'$parent_header' => L10n::t('Parent User'),
'$parent_user' => $parent_user,
'$parent_password' => $parent_password,
'$parent_desc' => L10n::t('Parent users have total control about this account, including the account settings. Please double check whom you give this access.'),
'$submit' => L10n::t('Save Settings'),
'$header' => L10n::t('Delegate Page Management'),
'$header' => L10n::t('Manage Accounts'),
'$delegates_header' => L10n::t('Delegates'),
'$base' => DI::baseUrl(),
'$desc' => L10n::t('Delegates are able to manage all aspects of this account/page except for basic account settings. Please do not delegate your personal account to anybody that you do not trust completely.'),

View file

@ -35,6 +35,7 @@
<div id="register-name-end" ></div>
{{if !$additional}}
<div id="register-email-wrapper" >
<label for="register-email" id="label-register-email" >{{$addrlabel}}</label>
<input type="text" maxlength="60" size="32" name="field1" id="register-email" value="{{$email}}" required>
@ -46,6 +47,7 @@
<input type="text" maxlength="60" size="32" name="repeat" id="register-repeat" value="" required>
</div>
<div id="register-repeat-end" ></div>
{{/if}}
{{if $ask_password}}
{{include file="field_password.tpl" field=$password1}}
@ -62,6 +64,10 @@
<input type="input" id=tarpit" name="email" style="display: none;" placeholder="Don't enter anything here"/>
{{if $additional}}
{{include file="field_password.tpl" field=$parent_password}}
{{/if}}
{{if $permonly}}
{{include file="field_textarea.tpl" field=$permonlybox}}
{{/if}}
@ -83,8 +89,10 @@
</div>
<div id="register-submit-end" ></div>
{{if !$additional}}
<h3>{{$importh}}</h3>
<div id ="import-profile">
<a href="uimport">{{$importt}}</a>
</div>
{{/if}}
</form>

View file

@ -11,6 +11,10 @@
<div class="submit"><input type="submit" name="delegate" value="{{$submit}}"/></div>
</form>
</div>
{{else}}
<h4>{{$account_header}}</h4>
<div id="add-account-desc" class="add-account-desc">{{$account_desc}}</div>
<a href='register'>{{$add_account}}</a>
{{/if}}
<h4>{{$delegates_header}}</h4>

View file

@ -36,6 +36,7 @@
<div id="register-name-end" ></div>
{{if !$additional}}
<div id="register-email-wrapper" class="form-group">
<label for="register-email" id="label-register-email" >{{$addrlabel}}</label>
<input type="text" maxlength="60" size="32" name="field1" id="register-email" class="form-control" value="{{$email}}" required>
@ -47,6 +48,7 @@
<input type="text" maxlength="60" size="32" name="repeat" id="register-repeat" class="form-control" value="" required>
</div>
<div id="register-repeat-end" ></div>
{{/if}}
{{if $ask_password}}
{{include file="field_password.tpl" field=$password1}}
@ -60,6 +62,10 @@
</div>
<div id="register-nickname-end" ></div>
{{if $additional}}
{{include file="field_password.tpl" field=$parent_password}}
{{/if}}
<input type="input" id=tarpit" name="email" style="display: none;" placeholder="Don't enter anything here"/>
{{if $permonly}}
@ -83,9 +89,11 @@
</div>
<div id="register-submit-end" class="clear"></div>
{{if !$additional}}
<h3>{{$importh}}</h3>
<div id ="import-profile">
<a href="uimport">{{$importt}}</a>
</div>
{{/if}}
</form>
</div>