Rev 1282 | Rev 1293 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1282 | Rev 1283 | ||
|---|---|---|---|
| Line 79... | Line 79... | ||
| 79 | OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
79 | OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
| 80 | 80 | ||
| 81 | $root_oid = self::getFreeRootOid(false); |
81 | $root_oid = self::getFreeRootOid(false); |
| 82 | OIDplus::logger()->log("V2:[INFO]OID(oid:%1)+RA(%2)", "Requested a free OID for email '%2' to be placed into root '%1'", $root_oid, $email); |
82 | OIDplus::logger()->log("V2:[INFO]OID(oid:%1)+RA(%2)", "Requested a free OID for email '%2' to be placed into root '%1'", $root_oid, $email); |
| 83 | 83 | ||
| 84 | $timestamp = time(); |
- | |
| 85 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:com.viathinksoft.freeoid.activate_freeoid$'.$email.'$'.$timestamp.'$'.OIDplus::authUtils()->makeAuthKey('40c87e20-f4fb-11ed-86ca-3c4a92df8582:'.$email.'/'.$timestamp)); |
84 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:com.viathinksoft.freeoid.activate_freeoid$'.$email.'$'.OIDplus::authUtils()->makeAuthKey(['40c87e20-f4fb-11ed-86ca-3c4a92df8582',$email])); |
| 86 | 85 | ||
| 87 | $message = file_get_contents(__DIR__ . '/request_msg.tpl'); |
86 | $message = file_get_contents(__DIR__ . '/request_msg.tpl'); |
| 88 | $message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
87 | $message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
| 89 | $message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
88 | $message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
| 90 | $message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
89 | $message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
| Line 95... | Line 94... | ||
| 95 | return array("status" => 0); |
94 | return array("status" => 0); |
| 96 | 95 | ||
| 97 | } else if ($actionID == 'activate_freeoid') { |
96 | } else if ($actionID == 'activate_freeoid') { |
| 98 | _CheckParamExists($params, 'email'); |
97 | _CheckParamExists($params, 'email'); |
| 99 | _CheckParamExists($params, 'auth'); |
98 | _CheckParamExists($params, 'auth'); |
| 100 | _CheckParamExists($params, 'timestamp'); |
- | |
| 101 | 99 | ||
| 102 | $email = $params['email']; |
100 | $email = $params['email']; |
| 103 | $auth = $params['auth']; |
101 | $auth = $params['auth']; |
| 104 | $timestamp = $params['timestamp']; |
- | |
| 105 | 102 | ||
| 106 | if (!OIDplus::authUtils()->validateAuthKey('40c87e20-f4fb-11ed-86ca-3c4a92df8582:'.$email.'/'.$timestamp, $auth)) { |
103 | if (!OIDplus::authUtils()->validateAuthKey(['40c87e20-f4fb-11ed-86ca-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_invite_time', -1))) { |
| 107 | throw new OIDplusException(_L('Invalid auth key')); |
104 | throw new OIDplusException(_L('Invalid or expired authentication key')); |
| 108 | } |
- | |
| 109 | - | ||
| 110 | if ((OIDplus::config()->getValue('max_ra_invite_time') > 0) && (time()-$timestamp > OIDplus::config()->getValue('max_ra_invite_time'))) { |
- | |
| 111 | throw new OIDplusException(_L('Invitation expired!')); |
- | |
| 112 | } |
105 | } |
| 113 | 106 | ||
| 114 | // 1. step: Check entered data and add the RA to the database |
107 | // 1. step: Check entered data and add the RA to the database |
| 115 | 108 | ||
| 116 | $ra = new OIDplusRA($email); |
109 | $ra = new OIDplusRA($email); |
| Line 284... | Line 277... | ||
| 284 | } |
277 | } |
| 285 | } else if (explode('$',$id)[0] == 'oidplus:com.viathinksoft.freeoid.activate_freeoid') { |
278 | } else if (explode('$',$id)[0] == 'oidplus:com.viathinksoft.freeoid.activate_freeoid') { |
| 286 | $handled = true; |
279 | $handled = true; |
| 287 | 280 | ||
| 288 | $email = explode('$',$id)[1]; |
281 | $email = explode('$',$id)[1]; |
| 289 | $timestamp = explode('$',$id)[2]; |
- | |
| 290 | $auth = explode('$',$id)[3]; |
282 | $auth = explode('$',$id)[2]; |
| 291 | 283 | ||
| 292 | $out['title'] = _L('Activate Free OID'); |
284 | $out['title'] = _L('Activate Free OID'); |
| 293 | $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : ''; |
285 | $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : ''; |
| 294 | 286 | ||
| 295 | if ($already_registered_oid = $this->alreadyHasFreeOid($email, true)) { |
287 | if ($already_registered_oid = $this->alreadyHasFreeOid($email, true)) { |
| 296 | throw new OIDplusHtmlException(_L('This email address already has a FreeOID registered (%1)', '<a '.OIDplus::gui()->link($already_registered_oid).'>'.htmlentities($already_registered_oid).'</a>')); |
288 | throw new OIDplusHtmlException(_L('This email address already has a FreeOID registered (%1)', '<a '.OIDplus::gui()->link($already_registered_oid).'>'.htmlentities($already_registered_oid).'</a>')); |
| 297 | } else { |
289 | } else { |
| 298 | if (!OIDplus::authUtils()->validateAuthKey('com.viathinksoft.freeoid.activate_freeoid;'.$email.';'.$timestamp, $auth)) { |
290 | if (!OIDplus::authUtils()->validateAuthKey(['40c87e20-f4fb-11ed-86ca-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_invite_time', -1))) { |
| 299 | throw new OIDplusException(_L('Invalid authorization. Is the URL OK?'), $out['title']); |
291 | throw new OIDplusException(_L('Invalid authorization. Is the URL OK?'), $out['title']); |
| 300 | } else { |
292 | } else { |
| 301 | $ra = new OIDplusRA($email); |
293 | $ra = new OIDplusRA($email); |
| 302 | $ra_existing = $ra->existing(); |
294 | $ra_existing = $ra->existing(); |
| 303 | 295 | ||
| 304 | $out['text'] = '<p>'._L('eMail-Address').': <b>'.$email.'</b></p>'; |
296 | $out['text'] = '<p>'._L('eMail-Address').': <b>'.$email.'</b></p>'; |
| 305 | 297 | ||
| 306 | $out['text'] .= ' <form id="activateFreeOIDForm" action="javascript:void(0);" onsubmit="return OIDplusPagePublicFreeOID.activateFreeOIDFormOnSubmit();">'; |
298 | $out['text'] .= ' <form id="activateFreeOIDForm" action="javascript:void(0);" onsubmit="return OIDplusPagePublicFreeOID.activateFreeOIDFormOnSubmit();">'; |
| 307 | $out['text'] .= ' <input type="hidden" id="email" value="'.htmlentities($email).'"/>'; |
299 | $out['text'] .= ' <input type="hidden" id="email" value="'.htmlentities($email).'"/>'; |
| 308 | $out['text'] .= ' <input type="hidden" id="timestamp" value="'.htmlentities($timestamp).'"/>'; |
- | |
| 309 | $out['text'] .= ' <input type="hidden" id="auth" value="'.htmlentities($auth).'"/>'; |
300 | $out['text'] .= ' <input type="hidden" id="auth" value="'.htmlentities($auth).'"/>'; |
| 310 | 301 | ||
| 311 | if ($ra_existing) { |
302 | if ($ra_existing) { |
| 312 | $out['text'] .= ' '._L('Your personal name or the name of your group').':<br><b>'.htmlentities($ra->raName()).'</b><br><br>'; |
303 | $out['text'] .= ' '._L('Your personal name or the name of your group').':<br><b>'.htmlentities($ra->raName()).'</b><br><br>'; |
| 313 | } else { |
304 | } else { |