Rev 1282 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1282 | Rev 1283 | ||
|---|---|---|---|
| Line 92... | Line 92... | ||
| 92 | 92 | ||
| 93 | return array("status" => 0); |
93 | return array("status" => 0); |
| 94 | } else { |
94 | } else { |
| 95 | OIDplus::logger()->log("V2:[INFO]RA(%1)+RA(%2)", "Requested email address change from '%1' to '%2'", $old_email, $new_email); |
95 | OIDplus::logger()->log("V2:[INFO]RA(%1)+RA(%2)", "Requested email address change from '%1' to '%2'", $old_email, $new_email); |
| 96 | 96 | ||
| 97 | $timestamp = time(); |
- | |
| 98 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:activate_new_ra_email$'.$old_email.'$'.$new_email.'$'.$timestamp.'$'.OIDplus::authUtils()->makeAuthKey('5ef24124-f4fb-11ed-b67e-3c4a92df8582:'.$old_email.'/'.$new_email.'/'.$timestamp)); |
97 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:activate_new_ra_email$'.$old_email.'$'.$new_email.'$'.OIDplus::authUtils()->makeAuthKey(['5ef24124-f4fb-11ed-b67e-3c4a92df8582',$old_email,$new_email])); |
| 99 | 98 | ||
| 100 | $message = file_get_contents(__DIR__ . '/change_request_email.tpl'); |
99 | $message = file_get_contents(__DIR__ . '/change_request_email.tpl'); |
| 101 | $message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
100 | $message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
| 102 | $message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
101 | $message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
| 103 | $message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
102 | $message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
| Line 117... | Line 116... | ||
| 117 | 116 | ||
| 118 | _CheckParamExists($params, 'old_email'); |
117 | _CheckParamExists($params, 'old_email'); |
| 119 | _CheckParamExists($params, 'new_email'); |
118 | _CheckParamExists($params, 'new_email'); |
| 120 | _CheckParamExists($params, 'password'); |
119 | _CheckParamExists($params, 'password'); |
| 121 | _CheckParamExists($params, 'auth'); |
120 | _CheckParamExists($params, 'auth'); |
| 122 | _CheckParamExists($params, 'timestamp'); |
- | |
| 123 | 121 | ||
| 124 | $old_email = $params['old_email']; |
122 | $old_email = $params['old_email']; |
| 125 | $new_email = $params['new_email']; |
123 | $new_email = $params['new_email']; |
| 126 | $password = $params['password']; |
124 | $password = $params['password']; |
| 127 | 125 | ||
| 128 | $auth = $params['auth']; |
126 | $auth = $params['auth']; |
| 129 | $timestamp = $params['timestamp']; |
- | |
| 130 | 127 | ||
| 131 | $ra_was_logged_in = OIDplus::authUtils()->isRaLoggedIn($old_email); |
128 | $ra_was_logged_in = OIDplus::authUtils()->isRaLoggedIn($old_email); |
| 132 | 129 | ||
| 133 | $ra = new OIDplusRA($old_email); |
130 | $ra = new OIDplusRA($old_email); |
| 134 | if ($ra->isPasswordLess() && !OIDplus::authUtils()->isAdminLoggedIn()) { |
131 | if ($ra->isPasswordLess() && !OIDplus::authUtils()->isAdminLoggedIn()) { |
| 135 | throw new OIDplusException(_L('E-Mail-Address cannot be changed because this user does not have a password')); |
132 | throw new OIDplusException(_L('E-Mail-Address cannot be changed because this user does not have a password')); |
| 136 | } |
133 | } |
| 137 | 134 | ||
| 138 | if (!OIDplus::authUtils()->validateAuthKey('5ef24124-f4fb-11ed-b67e-3c4a92df8582:'.$old_email.'/'.$new_email.'/'.$timestamp, $auth)) { |
135 | if (!OIDplus::authUtils()->validateAuthKey(['5ef24124-f4fb-11ed-b67e-3c4a92df8582',$old_email,$new_email], $auth, OIDplus::config()->getValue('max_ra_email_change_time', -1))) { |
| 139 | throw new OIDplusException(_L('Invalid auth key')); |
136 | throw new OIDplusException(_L('Invalid or expired authentication key')); |
| 140 | } |
- | |
| 141 | - | ||
| 142 | if ((OIDplus::config()->getValue('max_ra_email_change_time') > 0) && (time()-$timestamp > OIDplus::config()->getValue('max_ra_email_change_time'))) { |
- | |
| 143 | throw new OIDplusException(_L('Activation link expired!')); |
- | |
| 144 | } |
137 | } |
| 145 | 138 | ||
| 146 | $res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email)); |
139 | $res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email)); |
| 147 | if (!$res->any()) { |
140 | if (!$res->any()) { |
| 148 | throw new OIDplusException(_L('eMail address does not exist anymore. It was probably already changed.')); |
141 | throw new OIDplusException(_L('eMail address does not exist anymore. It was probably already changed.')); |
| Line 272... | Line 265... | ||
| 272 | } else if (explode('$',$id)[0] == 'oidplus:activate_new_ra_email') { |
265 | } else if (explode('$',$id)[0] == 'oidplus:activate_new_ra_email') { |
| 273 | $handled = true; |
266 | $handled = true; |
| 274 | 267 | ||
| 275 | $old_email = explode('$',$id)[1]; |
268 | $old_email = explode('$',$id)[1]; |
| 276 | $new_email = explode('$',$id)[2]; |
269 | $new_email = explode('$',$id)[2]; |
| 277 | $timestamp = explode('$',$id)[3]; |
- | |
| 278 | $auth = explode('$',$id)[4]; |
270 | $auth = explode('$',$id)[3]; |
| 279 | 271 | ||
| 280 | $out['title'] = _L('Perform email address change'); |
272 | $out['title'] = _L('Perform email address change'); |
| 281 | $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : ''; |
273 | $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : ''; |
| 282 | 274 | ||
| 283 | if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()->isAdminLoggedIn()) { |
275 | if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()->isAdminLoggedIn()) { |
| Line 295... | Line 287... | ||
| 295 | } else { |
287 | } else { |
| 296 | $res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email)); |
288 | $res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email)); |
| 297 | if ($res->any()) { |
289 | if ($res->any()) { |
| 298 | throw new OIDplusException(_L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.'), $out['title']); |
290 | throw new OIDplusException(_L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.'), $out['title']); |
| 299 | } else { |
291 | } else { |
| 300 | if (!OIDplus::authUtils()->validateAuthKey('activate_new_ra_email;'.$old_email.';'.$new_email.';'.$timestamp, $auth)) { |
292 | if (!OIDplus::authUtils()->validateAuthKey(['5ef24124-f4fb-11ed-b67e-3c4a92df8582',$old_email,$new_email], $auth, OIDplus::config()->getValue('max_ra_email_change_time', -1))) { |
| 301 | throw new OIDplusException(_L('Invalid authorization. Is the URL OK?'), $out['title']); |
293 | throw new OIDplusException(_L('Invalid authorization. Is the URL OK?'), $out['title']); |
| 302 | } else { |
294 | } else { |
| 303 | $out['text'] = '<p>'._L('Old eMail-Address').': <b>'.$old_email.'</b></p> |
295 | $out['text'] = '<p>'._L('Old eMail-Address').': <b>'.$old_email.'</b></p> |
| 304 | <p>'._L('New eMail-Address').': <b>'.$new_email.'</b></p> |
296 | <p>'._L('New eMail-Address').': <b>'.$new_email.'</b></p> |
| 305 | 297 | ||
| 306 | <form id="activateNewRaEmailForm" action="javascript:void(0);" onsubmit="return OIDplusPageRaChangeEMail.activateNewRaEmailFormOnSubmit();"> |
298 | <form id="activateNewRaEmailForm" action="javascript:void(0);" onsubmit="return OIDplusPageRaChangeEMail.activateNewRaEmailFormOnSubmit();"> |
| 307 | <input type="hidden" id="old_email" value="'.htmlentities($old_email).'"/> |
299 | <input type="hidden" id="old_email" value="'.htmlentities($old_email).'"/> |
| 308 | <input type="hidden" id="new_email" value="'.htmlentities($new_email).'"/> |
300 | <input type="hidden" id="new_email" value="'.htmlentities($new_email).'"/> |
| 309 | <input type="hidden" id="timestamp" value="'.htmlentities($timestamp).'"/> |
- | |
| 310 | <input type="hidden" id="auth" value="'.htmlentities($auth).'"/> |
301 | <input type="hidden" id="auth" value="'.htmlentities($auth).'"/> |
| 311 | 302 | ||
| 312 | <div><label class="padding_label">'._L('Please verify your password').':</label><input type="password" id="password" value=""/></div> |
303 | <div><label class="padding_label">'._L('Please verify your password').':</label><input type="password" id="password" value=""/></div> |
| 313 | <br><input type="submit" value="'._L('Change email address').'"> |
304 | <br><input type="submit" value="'._L('Change email address').'"> |
| 314 | </form>'; |
305 | </form>'; |