Rev 1282 | Rev 1293 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 1282 | Rev 1283 | ||
---|---|---|---|
Line 79... | Line 79... | ||
79 | OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
79 | OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
80 | 80 | ||
81 | $root_oid = self::getFreeRootOid(false); |
81 | $root_oid = self::getFreeRootOid(false); |
82 | OIDplus::logger()->log("V2:[INFO]OID(oid:%1)+RA(%2)", "Requested a free OID for email '%2' to be placed into root '%1'", $root_oid, $email); |
82 | OIDplus::logger()->log("V2:[INFO]OID(oid:%1)+RA(%2)", "Requested a free OID for email '%2' to be placed into root '%1'", $root_oid, $email); |
83 | 83 | ||
84 | $timestamp = time(); |
- | |
85 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:com.viathinksoft.freeoid.activate_freeoid$'.$email.'$'.$timestamp.'$'.OIDplus::authUtils()->makeAuthKey('40c87e20-f4fb-11ed-86ca-3c4a92df8582:'.$email.'/'.$timestamp)); |
84 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:com.viathinksoft.freeoid.activate_freeoid$'.$email.'$'.OIDplus::authUtils()->makeAuthKey(['40c87e20-f4fb-11ed-86ca-3c4a92df8582',$email])); |
86 | 85 | ||
87 | $message = file_get_contents(__DIR__ . '/request_msg.tpl'); |
86 | $message = file_get_contents(__DIR__ . '/request_msg.tpl'); |
88 | $message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
87 | $message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
89 | $message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
88 | $message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
90 | $message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
89 | $message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
Line 95... | Line 94... | ||
95 | return array("status" => 0); |
94 | return array("status" => 0); |
96 | 95 | ||
97 | } else if ($actionID == 'activate_freeoid') { |
96 | } else if ($actionID == 'activate_freeoid') { |
98 | _CheckParamExists($params, 'email'); |
97 | _CheckParamExists($params, 'email'); |
99 | _CheckParamExists($params, 'auth'); |
98 | _CheckParamExists($params, 'auth'); |
100 | _CheckParamExists($params, 'timestamp'); |
- | |
101 | 99 | ||
102 | $email = $params['email']; |
100 | $email = $params['email']; |
103 | $auth = $params['auth']; |
101 | $auth = $params['auth']; |
104 | $timestamp = $params['timestamp']; |
- | |
105 | 102 | ||
106 | if (!OIDplus::authUtils()->validateAuthKey('40c87e20-f4fb-11ed-86ca-3c4a92df8582:'.$email.'/'.$timestamp, $auth)) { |
103 | if (!OIDplus::authUtils()->validateAuthKey(['40c87e20-f4fb-11ed-86ca-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_invite_time', -1))) { |
107 | throw new OIDplusException(_L('Invalid auth key')); |
104 | throw new OIDplusException(_L('Invalid or expired authentication key')); |
108 | } |
- | |
109 | - | ||
110 | if ((OIDplus::config()->getValue('max_ra_invite_time') > 0) && (time()-$timestamp > OIDplus::config()->getValue('max_ra_invite_time'))) { |
- | |
111 | throw new OIDplusException(_L('Invitation expired!')); |
- | |
112 | } |
105 | } |
113 | 106 | ||
114 | // 1. step: Check entered data and add the RA to the database |
107 | // 1. step: Check entered data and add the RA to the database |
115 | 108 | ||
116 | $ra = new OIDplusRA($email); |
109 | $ra = new OIDplusRA($email); |
Line 284... | Line 277... | ||
284 | } |
277 | } |
285 | } else if (explode('$',$id)[0] == 'oidplus:com.viathinksoft.freeoid.activate_freeoid') { |
278 | } else if (explode('$',$id)[0] == 'oidplus:com.viathinksoft.freeoid.activate_freeoid') { |
286 | $handled = true; |
279 | $handled = true; |
287 | 280 | ||
288 | $email = explode('$',$id)[1]; |
281 | $email = explode('$',$id)[1]; |
289 | $timestamp = explode('$',$id)[2]; |
- | |
290 | $auth = explode('$',$id)[3]; |
282 | $auth = explode('$',$id)[2]; |
291 | 283 | ||
292 | $out['title'] = _L('Activate Free OID'); |
284 | $out['title'] = _L('Activate Free OID'); |
293 | $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : ''; |
285 | $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : ''; |
294 | 286 | ||
295 | if ($already_registered_oid = $this->alreadyHasFreeOid($email, true)) { |
287 | if ($already_registered_oid = $this->alreadyHasFreeOid($email, true)) { |
296 | throw new OIDplusHtmlException(_L('This email address already has a FreeOID registered (%1)', '<a '.OIDplus::gui()->link($already_registered_oid).'>'.htmlentities($already_registered_oid).'</a>')); |
288 | throw new OIDplusHtmlException(_L('This email address already has a FreeOID registered (%1)', '<a '.OIDplus::gui()->link($already_registered_oid).'>'.htmlentities($already_registered_oid).'</a>')); |
297 | } else { |
289 | } else { |
298 | if (!OIDplus::authUtils()->validateAuthKey('com.viathinksoft.freeoid.activate_freeoid;'.$email.';'.$timestamp, $auth)) { |
290 | if (!OIDplus::authUtils()->validateAuthKey(['40c87e20-f4fb-11ed-86ca-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_invite_time', -1))) { |
299 | throw new OIDplusException(_L('Invalid authorization. Is the URL OK?'), $out['title']); |
291 | throw new OIDplusException(_L('Invalid authorization. Is the URL OK?'), $out['title']); |
300 | } else { |
292 | } else { |
301 | $ra = new OIDplusRA($email); |
293 | $ra = new OIDplusRA($email); |
302 | $ra_existing = $ra->existing(); |
294 | $ra_existing = $ra->existing(); |
303 | 295 | ||
304 | $out['text'] = '<p>'._L('eMail-Address').': <b>'.$email.'</b></p>'; |
296 | $out['text'] = '<p>'._L('eMail-Address').': <b>'.$email.'</b></p>'; |
305 | 297 | ||
306 | $out['text'] .= ' <form id="activateFreeOIDForm" action="javascript:void(0);" onsubmit="return OIDplusPagePublicFreeOID.activateFreeOIDFormOnSubmit();">'; |
298 | $out['text'] .= ' <form id="activateFreeOIDForm" action="javascript:void(0);" onsubmit="return OIDplusPagePublicFreeOID.activateFreeOIDFormOnSubmit();">'; |
307 | $out['text'] .= ' <input type="hidden" id="email" value="'.htmlentities($email).'"/>'; |
299 | $out['text'] .= ' <input type="hidden" id="email" value="'.htmlentities($email).'"/>'; |
308 | $out['text'] .= ' <input type="hidden" id="timestamp" value="'.htmlentities($timestamp).'"/>'; |
- | |
309 | $out['text'] .= ' <input type="hidden" id="auth" value="'.htmlentities($auth).'"/>'; |
300 | $out['text'] .= ' <input type="hidden" id="auth" value="'.htmlentities($auth).'"/>'; |
310 | 301 | ||
311 | if ($ra_existing) { |
302 | if ($ra_existing) { |
312 | $out['text'] .= ' '._L('Your personal name or the name of your group').':<br><b>'.htmlentities($ra->raName()).'</b><br><br>'; |
303 | $out['text'] .= ' '._L('Your personal name or the name of your group').':<br><b>'.htmlentities($ra->raName()).'</b><br><br>'; |
313 | } else { |
304 | } else { |