actions/smssettings.php

   1 <?php
   2 /*
   3  * Laconica - a distributed open-source microblogging tool
   4  * Copyright (C) 2008, Controlez-Vous, Inc.
   5  *
   6  * This program is free software: you can redistribute it and/or modify
   7  * it under the terms of the GNU Affero General Public License as published by
   8  * the Free Software Foundation, either version 3 of the License, or
   9  * (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU Affero General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Affero General Public License
  17  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 if (!defined('LACONICA')) { exit(1); }
  21
  22 require_once(INSTALLDIR.'/lib/settingsaction.php');
  23 require_once(INSTALLDIR.'/actions/emailsettings.php');
  24
  25 class SmssettingsAction extends EmailsettingsAction {
  26
  27     function get_instructions()
  28     {
  29         return _('You can receive SMS messages through email from %%site.name%%.');
  30     }
  31
  32     function show_form($msg=null, $success=false)
  33     {
  34         $user = common_current_user();
  35         $this->form_header(_('SMS Settings'), $msg, $success);
  36         common_element_start('form', array('method' => 'post',
  37                                            'id' => 'smssettings',
  38                                            'action' =>
  39                                            common_local_url('smssettings')));
  40         common_hidden('token', common_session_token());
  41         common_element('h2', null, _('Address'));
  42
  43         if ($user->sms) {
  44             common_element_start('p');
  45             $carrier = $user->getCarrier();
  46             common_element('span', 'address confirmed', $user->sms . ' (' . $carrier->name . ')');
  47             common_element('span', 'input_instructions',
  48                            _('Current confirmed SMS-enabled phone number.'));
  49             common_hidden('sms', $user->sms);
  50             common_hidden('carrier', $user->carrier);
  51             common_element_end('p');
  52             common_submit('remove', _('Remove'));
  53         } else {
  54             $confirm = $this->get_confirmation();
  55             if ($confirm) {
  56                 $carrier = Sms_carrier::staticGet($confirm->address_extra);
  57                 common_element_start('p');
  58                 common_element('span', 'address unconfirmed', $confirm->address . ' (' . $carrier->name . ')');
  59                 common_element('span', 'input_instructions',
  60                                _('Awaiting confirmation on this phone number.'));
  61                 common_hidden('sms', $confirm->address);
  62                 common_hidden('carrier', $confirm->address_extra);
  63                 common_element_end('p');
  64                 common_submit('cancel', _('Cancel'));
  65                 common_input('code', _('Confirmation code'), null,
  66                              _('Enter the code you received on your phone.'));
  67                 common_submit('confirm', _('Confirm'));
  68             } else {
  69                 common_input('sms', _('SMS Phone number'),
  70                              ($this->arg('sms')) ? $this->arg('sms') : null,
  71                              _('Phone number, no punctuation or spaces, with area code'));
  72                 $this->carrier_select();
  73                 common_submit('add', _('Add'));
  74             }
  75         }
  76
  77         if ($user->sms) {
  78             common_element('h2', null, _('Incoming email'));
  79
  80             if ($user->incomingemail) {
  81                 common_element_start('p');
  82                 common_element('span', 'address', $user->incomingemail);
  83                 common_element('span', 'input_instructions',
  84                                _('Send email to this address to post new notices.'));
  85                 common_element_end('p');
  86                 common_submit('removeincoming', _('Remove'));
  87             }
  88
  89             common_element_start('p');
  90             common_element('span', 'input_instructions',
  91                            _('Make a new email address for posting to; cancels the old one.'));
  92             common_element_end('p');
  93             common_submit('newincoming', _('New'));
  94         }
  95
  96         common_element('h2', null, _('Preferences'));
  97
  98         common_checkbox('smsnotify',
  99                         _('Send me notices through SMS; I understand I may incur exorbitant charges from my carrier.'),
 100                         $user->smsnotify);
 101
 102         common_submit('save', _('Save'));
 103
 104         common_element_end('form');
 105         common_show_footer();
 106     }
 107
 108     function get_confirmation()
 109     {
 110         $user = common_current_user();
 111         $confirm = new Confirm_address();
 112         $confirm->user_id = $user->id;
 113         $confirm->address_type = 'sms';
 114         if ($confirm->find(TRUE)) {
 115             return $confirm;
 116         } else {
 117             return null;
 118         }
 119     }
 120
 121     function handle_post()
 122     {
 123
 124         # CSRF protection
 125
 126         $token = $this->trimmed('token');
 127         if (!$token || $token != common_session_token()) {
 128             $this->show_form(_('There was a problem with your session token. Try again, please.'));
 129             return;
 130         }
 131
 132         if ($this->arg('save')) {
 133             $this->save_preferences();
 134         } else if ($this->arg('add')) {
 135             $this->add_address();
 136         } else if ($this->arg('cancel')) {
 137             $this->cancel_confirmation();
 138         } else if ($this->arg('remove')) {
 139             $this->remove_address();
 140         } else if ($this->arg('removeincoming')) {
 141             $this->remove_incoming();
 142         } else if ($this->arg('newincoming')) {
 143             $this->new_incoming();
 144         } else if ($this->arg('confirm')) {
 145             $this->confirm_code();
 146         } else {
 147             $this->show_form(_('Unexpected form submission.'));
 148         }
 149     }
 150
 151     function save_preferences()
 152     {
 153
 154         $smsnotify = $this->boolean('smsnotify');
 155
 156         $user = common_current_user();
 157
 158         assert(!is_null($user)); # should already be checked
 159
 160         $user->query('BEGIN');
 161
 162         $original = clone($user);
 163
 164         $user->smsnotify = $smsnotify;
 165
 166         $result = $user->update($original);
 167
 168         if ($result === FALSE) {
 169             common_log_db_error($user, 'UPDATE', __FILE__);
 170             common_server_error(_('Couldn\'t update user.'));
 171             return;
 172         }
 173
 174         $user->query('COMMIT');
 175
 176         $this->show_form(_('Preferences saved.'), true);
 177     }
 178
 179     function add_address()
 180     {
 181
 182         $user = common_current_user();
 183
 184         $sms = $this->trimmed('sms');
 185         $carrier_id = $this->trimmed('carrier');
 186
 187         # Some validation
 188
 189         if (!$sms) {
 190             $this->show_form(_('No phone number.'));
 191             return;
 192         }
 193
 194         if (!$carrier_id) {
 195             $this->show_form(_('No carrier selected.'));
 196             return;
 197         }
 198
 199         $sms = common_canonical_sms($sms);
 200
 201         if ($user->sms == $sms) {
 202             $this->show_form(_('That is already your phone number.'));
 203             return;
 204         } else if ($this->sms_exists($sms)) {
 205             $this->show_form(_('That phone number already belongs to another user.'));
 206             return;
 207         }
 208
 209           $confirm = new Confirm_address();
 210            $confirm->address = $sms;
 211            $confirm->address_extra = $carrier_id;
 212            $confirm->address_type = 'sms';
 213            $confirm->user_id = $user->id;
 214            $confirm->code = common_confirmation_code(40);
 215
 216         $result = $confirm->insert();
 217
 218         if ($result === FALSE) {
 219             common_log_db_error($confirm, 'INSERT', __FILE__);
 220             common_server_error(_('Couldn\'t insert confirmation code.'));
 221             return;
 222         }
 223
 224         $carrier = Sms_carrier::staticGet($carrier_id);
 225
 226         mail_confirm_sms($confirm->code,
 227                          $user->nickname,
 228                          $carrier->toEmailAddress($sms));
 229
 230         $msg = _('A confirmation code was sent to the phone number you added. Check your inbox (and spam box!) for the code and instructions on how to use it.');
 231
 232         $this->show_form($msg, TRUE);
 233     }
 234
 235     function cancel_confirmation()
 236     {
 237
 238         $sms = $this->trimmed('sms');
 239         $carrier = $this->trimmed('carrier');
 240
 241         $confirm = $this->get_confirmation();
 242
 243         if (!$confirm) {
 244             $this->show_form(_('No pending confirmation to cancel.'));
 245             return;
 246         }
 247         if ($confirm->address != $sms) {
 248             $this->show_form(_('That is the wrong confirmation number.'));
 249             return;
 250         }
 251
 252         $result = $confirm->delete();
 253
 254         if (!$result) {
 255             common_log_db_error($confirm, 'DELETE', __FILE__);
 256             $this->server_error(_('Couldn\'t delete email confirmation.'));
 257             return;
 258         }
 259
 260         $this->show_form(_('Confirmation cancelled.'), TRUE);
 261     }
 262
 263     function remove_address()
 264     {
 265
 266         $user = common_current_user();
 267         $sms = $this->arg('sms');
 268         $carrier = $this->arg('carrier');
 269
 270         # Maybe an old tab open...?
 271
 272         if ($user->sms != $sms) {
 273             $this->show_form(_('That is not your phone number.'));
 274             return;
 275         }
 276
 277         $user->query('BEGIN');
 278         $original = clone($user);
 279         $user->sms = null;
 280         $user->carrier = null;
 281         $user->smsemail = null;
 282         $result = $user->updateKeys($original);
 283         if (!$result) {
 284             common_log_db_error($user, 'UPDATE', __FILE__);
 285             common_server_error(_('Couldn\'t update user.'));
 286             return;
 287         }
 288         $user->query('COMMIT');
 289
 290         $this->show_form(_('The address was removed.'), TRUE);
 291     }
 292
 293     function sms_exists($sms)
 294     {
 295         $user = common_current_user();
 296         $other = User::staticGet('sms', $sms);
 297         if (!$other) {
 298             return false;
 299         } else {
 300             return $other->id != $user->id;
 301         }
 302     }
 303
 304     function carrier_select()
 305     {
 306         $carrier = new Sms_carrier();
 307         $cnt = $carrier->find();
 308
 309         common_element_start('p');
 310         common_element('label', array('for' => 'carrier'));
 311         common_element_start('select', array('name' => 'carrier',
 312                                              'id' => 'carrier'));
 313         common_element('option', array('value' => 0),
 314                        _('Select a carrier'));
 315         while ($carrier->fetch()) {
 316             common_element('option', array('value' => $carrier->id),
 317                            $carrier->name);
 318         }
 319         common_element_end('select');
 320         common_element_end('p');
 321         common_element('span', 'input_instructions',
 322                        sprintf(_('Mobile carrier for your phone. '.
 323                                  'If you know a carrier that accepts ' .
 324                                  'SMS over email but isn\'t listed here, ' .
 325                                  'send email to let us know at %s.'),
 326                                common_config('site', 'email')));
 327     }
 328
 329     function confirm_code()
 330     {
 331
 332         $code = $this->trimmed('code');
 333
 334         if (!$code) {
 335             $this->show_form(_('No code entered'));
 336             return;
 337         }
 338
 339         common_redirect(common_local_url('confirmaddress',
 340                                          array('code' => $code)));
 341     }
 342 }