WebSVN – oidplus – Diff – /trunk/plugins/raPages/092_invite/plugin.inc.php



                        $auth = explode('$',$id)[3];
 
                        $out['icon'] = 'plugins/'.basename(dirname(__DIR__)).'/'.basename(__DIR__).'/activate_ra_big.png';
 
                        $res = OIDplus::db()->query("select * from ".OIDPLUS_TABLENAME_PREFIX."ra where email = ?", array($email));
                        if ($res->num_rows() > 0) {
                                $out['text'] = 'This RA is already registered and does not need to be invited.';
                        } else {
                                if (!OIDplus::authUtils()::validateAuthKey('activate_ra;'.$email.';'.$timestamp, $auth)) {
                                        $out['icon'] = 'img/error_big.png';
                                        $out['text'] = 'Invalid authorization. Is the URL OK?';

                return false;
        }
 
        private function inviteSecurityCheck($email) {
                $res = OIDplus::db()->query("select * from ".OIDPLUS_TABLENAME_PREFIX."ra where email = ?", array($email));
                if ($res->num_rows() > 0) {
                        throw new Exception("This RA is already registered and does not need to be invited.");
                }
 
                if (!OIDplus::authUtils()::isAdminLoggedIn()) {
                        // Check if the RA may invite the user (i.e. the they are the parent of an OID of that person)
                        $ok = false;
                        $res = OIDplus::db()->query("select parent from ".OIDPLUS_TABLENAME_PREFIX."objects where ra_email = ?", array($email));
                        while ($row = $res->fetch_array()) {
                                $objParent = OIDplusObject::parse($row['parent']);
                                if (is_null($objParent)) throw new Exception("Type of ".$row['parent']." unknown");
                                if ($objParent->userHasWriteRights()) {
                                        $ok = true;
                                }

        }
 
        private function getInvitationText($email) {
                $list_of_oids = array();
                $res = OIDplus::db()->query("select id from ".OIDPLUS_TABLENAME_PREFIX."objects where ra_email = ?", array($email));
                while ($row = $res->fetch_array()) {
                        $list_of_oids[] = $row['id'];
                }
 
                $message = file_get_contents(__DIR__ . '/invite_msg.tpl');
 

Rev 227	Rev 236
Line 176...	Line 176...
176	$auth = explode('$',$id)[3];	176	$auth = explode('$',$id)[3];
177		177
178	$out['icon'] = 'plugins/'.basename(dirname(__DIR__)).'/'.basename(__DIR__).'/activate_ra_big.png';	178	$out['icon'] = 'plugins/'.basename(dirname(__DIR__)).'/'.basename(__DIR__).'/activate_ra_big.png';
179		179
180	$res = OIDplus::db()->query("select * from ".OIDPLUS_TABLENAME_PREFIX."ra where email = ?", array($email));	180	$res = OIDplus::db()->query("select * from ".OIDPLUS_TABLENAME_PREFIX."ra where email = ?", array($email));
181	if (OIDplus::db()->num_rows($res) > 0) {	181	if ($res->num_rows() > 0) {
182	$out['text'] = 'This RA is already registered and does not need to be invited.';	182	$out['text'] = 'This RA is already registered and does not need to be invited.';
183	} else {	183	} else {
184	if (!OIDplus::authUtils()::validateAuthKey('activate_ra;'.$email.';'.$timestamp, $auth)) {	184	if (!OIDplus::authUtils()::validateAuthKey('activate_ra;'.$email.';'.$timestamp, $auth)) {
185	$out['icon'] = 'img/error_big.png';	185	$out['icon'] = 'img/error_big.png';
186	$out['text'] = 'Invalid authorization. Is the URL OK?';	186	$out['text'] = 'Invalid authorization. Is the URL OK?';
Line 205...	Line 205...
205	return false;	205	return false;
206	}	206	}
207		207
208	private function inviteSecurityCheck($email) {	208	private function inviteSecurityCheck($email) {
209	$res = OIDplus::db()->query("select * from ".OIDPLUS_TABLENAME_PREFIX."ra where email = ?", array($email));	209	$res = OIDplus::db()->query("select * from ".OIDPLUS_TABLENAME_PREFIX."ra where email = ?", array($email));
210	if (OIDplus::db()->num_rows($res) > 0) {	210	if ($res->num_rows() > 0) {
211	throw new Exception("This RA is already registered and does not need to be invited.");	211	throw new Exception("This RA is already registered and does not need to be invited.");
212	}	212	}
213		213
214	if (!OIDplus::authUtils()::isAdminLoggedIn()) {	214	if (!OIDplus::authUtils()::isAdminLoggedIn()) {
215	// Check if the RA may invite the user (i.e. the they are the parent of an OID of that person)	215	// Check if the RA may invite the user (i.e. the they are the parent of an OID of that person)
216	$ok = false;	216	$ok = false;
217	$res = OIDplus::db()->query("select parent from ".OIDPLUS_TABLENAME_PREFIX."objects where ra_email = ?", array($email));	217	$res = OIDplus::db()->query("select parent from ".OIDPLUS_TABLENAME_PREFIX."objects where ra_email = ?", array($email));
218	while ($row = OIDplus::db()->fetch_array($res)) {	218	while ($row = $res->fetch_array()) {
219	$objParent = OIDplusObject::parse($row['parent']);	219	$objParent = OIDplusObject::parse($row['parent']);
220	if (is_null($objParent)) throw new Exception("Type of ".$row['parent']." unknown");	220	if (is_null($objParent)) throw new Exception("Type of ".$row['parent']." unknown");
221	if ($objParent->userHasWriteRights()) {	221	if ($objParent->userHasWriteRights()) {
222	$ok = true;	222	$ok = true;
223	}	223	}
Line 229...	Line 229...
229	}	229	}
230		230
231	private function getInvitationText($email) {	231	private function getInvitationText($email) {
232	$list_of_oids = array();	232	$list_of_oids = array();
233	$res = OIDplus::db()->query("select id from ".OIDPLUS_TABLENAME_PREFIX."objects where ra_email = ?", array($email));	233	$res = OIDplus::db()->query("select id from ".OIDPLUS_TABLENAME_PREFIX."objects where ra_email = ?", array($email));
234	while ($row = OIDplus::db()->fetch_array($res)) {	234	while ($row = $res->fetch_array()) {
235	$list_of_oids[] = $row['id'];	235	$list_of_oids[] = $row['id'];
236	}	236	}
237		237
238	$message = file_get_contents(__DIR__ . '/invite_msg.tpl');	238	$message = file_get_contents(__DIR__ . '/invite_msg.tpl');
239		239

Subversion Repositories oidplus

oidplus/trunk/plugins/raPages/092_invite/plugin.inc.php – Rev 227 → 236