Rev 1282 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 1282 | Rev 1283 | ||
---|---|---|---|
Line 92... | Line 92... | ||
92 | 92 | ||
93 | return array("status" => 0); |
93 | return array("status" => 0); |
94 | } else { |
94 | } else { |
95 | OIDplus::logger()->log("V2:[INFO]RA(%1)+RA(%2)", "Requested email address change from '%1' to '%2'", $old_email, $new_email); |
95 | OIDplus::logger()->log("V2:[INFO]RA(%1)+RA(%2)", "Requested email address change from '%1' to '%2'", $old_email, $new_email); |
96 | 96 | ||
97 | $timestamp = time(); |
- | |
98 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:activate_new_ra_email$'.$old_email.'$'.$new_email.'$'.$timestamp.'$'.OIDplus::authUtils()->makeAuthKey('5ef24124-f4fb-11ed-b67e-3c4a92df8582:'.$old_email.'/'.$new_email.'/'.$timestamp)); |
97 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:activate_new_ra_email$'.$old_email.'$'.$new_email.'$'.OIDplus::authUtils()->makeAuthKey(['5ef24124-f4fb-11ed-b67e-3c4a92df8582',$old_email,$new_email])); |
99 | 98 | ||
100 | $message = file_get_contents(__DIR__ . '/change_request_email.tpl'); |
99 | $message = file_get_contents(__DIR__ . '/change_request_email.tpl'); |
101 | $message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
100 | $message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
102 | $message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
101 | $message = str_replace('{{SYSTEM_TITLE}}', OIDplus::config()->getValue('system_title'), $message); |
103 | $message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
102 | $message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
Line 117... | Line 116... | ||
117 | 116 | ||
118 | _CheckParamExists($params, 'old_email'); |
117 | _CheckParamExists($params, 'old_email'); |
119 | _CheckParamExists($params, 'new_email'); |
118 | _CheckParamExists($params, 'new_email'); |
120 | _CheckParamExists($params, 'password'); |
119 | _CheckParamExists($params, 'password'); |
121 | _CheckParamExists($params, 'auth'); |
120 | _CheckParamExists($params, 'auth'); |
122 | _CheckParamExists($params, 'timestamp'); |
- | |
123 | 121 | ||
124 | $old_email = $params['old_email']; |
122 | $old_email = $params['old_email']; |
125 | $new_email = $params['new_email']; |
123 | $new_email = $params['new_email']; |
126 | $password = $params['password']; |
124 | $password = $params['password']; |
127 | 125 | ||
128 | $auth = $params['auth']; |
126 | $auth = $params['auth']; |
129 | $timestamp = $params['timestamp']; |
- | |
130 | 127 | ||
131 | $ra_was_logged_in = OIDplus::authUtils()->isRaLoggedIn($old_email); |
128 | $ra_was_logged_in = OIDplus::authUtils()->isRaLoggedIn($old_email); |
132 | 129 | ||
133 | $ra = new OIDplusRA($old_email); |
130 | $ra = new OIDplusRA($old_email); |
134 | if ($ra->isPasswordLess() && !OIDplus::authUtils()->isAdminLoggedIn()) { |
131 | if ($ra->isPasswordLess() && !OIDplus::authUtils()->isAdminLoggedIn()) { |
135 | throw new OIDplusException(_L('E-Mail-Address cannot be changed because this user does not have a password')); |
132 | throw new OIDplusException(_L('E-Mail-Address cannot be changed because this user does not have a password')); |
136 | } |
133 | } |
137 | 134 | ||
138 | if (!OIDplus::authUtils()->validateAuthKey('5ef24124-f4fb-11ed-b67e-3c4a92df8582:'.$old_email.'/'.$new_email.'/'.$timestamp, $auth)) { |
135 | if (!OIDplus::authUtils()->validateAuthKey(['5ef24124-f4fb-11ed-b67e-3c4a92df8582',$old_email,$new_email], $auth, OIDplus::config()->getValue('max_ra_email_change_time', -1))) { |
139 | throw new OIDplusException(_L('Invalid auth key')); |
136 | throw new OIDplusException(_L('Invalid or expired authentication key')); |
140 | } |
- | |
141 | - | ||
142 | if ((OIDplus::config()->getValue('max_ra_email_change_time') > 0) && (time()-$timestamp > OIDplus::config()->getValue('max_ra_email_change_time'))) { |
- | |
143 | throw new OIDplusException(_L('Activation link expired!')); |
- | |
144 | } |
137 | } |
145 | 138 | ||
146 | $res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email)); |
139 | $res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email)); |
147 | if (!$res->any()) { |
140 | if (!$res->any()) { |
148 | throw new OIDplusException(_L('eMail address does not exist anymore. It was probably already changed.')); |
141 | throw new OIDplusException(_L('eMail address does not exist anymore. It was probably already changed.')); |
Line 272... | Line 265... | ||
272 | } else if (explode('$',$id)[0] == 'oidplus:activate_new_ra_email') { |
265 | } else if (explode('$',$id)[0] == 'oidplus:activate_new_ra_email') { |
273 | $handled = true; |
266 | $handled = true; |
274 | 267 | ||
275 | $old_email = explode('$',$id)[1]; |
268 | $old_email = explode('$',$id)[1]; |
276 | $new_email = explode('$',$id)[2]; |
269 | $new_email = explode('$',$id)[2]; |
277 | $timestamp = explode('$',$id)[3]; |
- | |
278 | $auth = explode('$',$id)[4]; |
270 | $auth = explode('$',$id)[3]; |
279 | 271 | ||
280 | $out['title'] = _L('Perform email address change'); |
272 | $out['title'] = _L('Perform email address change'); |
281 | $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : ''; |
273 | $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : ''; |
282 | 274 | ||
283 | if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()->isAdminLoggedIn()) { |
275 | if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()->isAdminLoggedIn()) { |
Line 295... | Line 287... | ||
295 | } else { |
287 | } else { |
296 | $res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email)); |
288 | $res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email)); |
297 | if ($res->any()) { |
289 | if ($res->any()) { |
298 | throw new OIDplusException(_L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.'), $out['title']); |
290 | throw new OIDplusException(_L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.'), $out['title']); |
299 | } else { |
291 | } else { |
300 | if (!OIDplus::authUtils()->validateAuthKey('activate_new_ra_email;'.$old_email.';'.$new_email.';'.$timestamp, $auth)) { |
292 | if (!OIDplus::authUtils()->validateAuthKey(['5ef24124-f4fb-11ed-b67e-3c4a92df8582',$old_email,$new_email], $auth, OIDplus::config()->getValue('max_ra_email_change_time', -1))) { |
301 | throw new OIDplusException(_L('Invalid authorization. Is the URL OK?'), $out['title']); |
293 | throw new OIDplusException(_L('Invalid authorization. Is the URL OK?'), $out['title']); |
302 | } else { |
294 | } else { |
303 | $out['text'] = '<p>'._L('Old eMail-Address').': <b>'.$old_email.'</b></p> |
295 | $out['text'] = '<p>'._L('Old eMail-Address').': <b>'.$old_email.'</b></p> |
304 | <p>'._L('New eMail-Address').': <b>'.$new_email.'</b></p> |
296 | <p>'._L('New eMail-Address').': <b>'.$new_email.'</b></p> |
305 | 297 | ||
306 | <form id="activateNewRaEmailForm" action="javascript:void(0);" onsubmit="return OIDplusPageRaChangeEMail.activateNewRaEmailFormOnSubmit();"> |
298 | <form id="activateNewRaEmailForm" action="javascript:void(0);" onsubmit="return OIDplusPageRaChangeEMail.activateNewRaEmailFormOnSubmit();"> |
307 | <input type="hidden" id="old_email" value="'.htmlentities($old_email).'"/> |
299 | <input type="hidden" id="old_email" value="'.htmlentities($old_email).'"/> |
308 | <input type="hidden" id="new_email" value="'.htmlentities($new_email).'"/> |
300 | <input type="hidden" id="new_email" value="'.htmlentities($new_email).'"/> |
309 | <input type="hidden" id="timestamp" value="'.htmlentities($timestamp).'"/> |
- | |
310 | <input type="hidden" id="auth" value="'.htmlentities($auth).'"/> |
301 | <input type="hidden" id="auth" value="'.htmlentities($auth).'"/> |
311 | 302 | ||
312 | <div><label class="padding_label">'._L('Please verify your password').':</label><input type="password" id="password" value=""/></div> |
303 | <div><label class="padding_label">'._L('Please verify your password').':</label><input type="password" id="password" value=""/></div> |
313 | <br><input type="submit" value="'._L('Change email address').'"> |
304 | <br><input type="submit" value="'._L('Change email address').'"> |
314 | </form>'; |
305 | </form>'; |