3 * StatusNet, the distributed open-source microblogging tool
5 * Plugin that requires the user to have a validated email address before they
10 * LICENCE: This program is free software: you can redistribute it and/or modify
11 * it under the terms of the GNU Affero General Public License as published by
12 * the Free Software Foundation, either version 3 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU Affero General Public License for more details.
20 * You should have received a copy of the GNU Affero General Public License
21 * along with this program. If not, see <http://www.gnu.org/licenses/>.
25 * @author Craig Andrews <candrews@integralblue.com>
26 * @author Brion Vibber <brion@status.net>
27 * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
28 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
29 * @link http://status.net/
32 if (!defined('STATUSNET') && !defined('LACONICA')) {
37 * Plugin for requiring a validated email before posting.
39 * Enable this plugin using addPlugin('RequireValidatedEmail');
43 * @author Craig Andrews <candrews@integralblue.com>
44 * @author Brion Vibber <brion@status.net>
45 * @author Evan Prodromou <evan@status.net>
46 * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
47 * @copyright 2009-2010 StatusNet, Inc.
48 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
49 * @link http://status.net/
52 class RequireValidatedEmailPlugin extends Plugin
55 * Users created before this time will be grandfathered in
56 * without the validation requirement.
59 public $grandfatherCutoff = null;
62 * If OpenID plugin is installed, users with a verified OpenID
63 * association whose provider URL matches one of these regexes
64 * will be considered to be sufficiently valid for our needs.
66 * For example, to trust WikiHow and Wikipedia OpenID users:
68 * addPlugin('RequireValidatedEmailPlugin', array(
69 * 'trustedOpenIDs' => array(
70 * '!^http://\w+\.wikihow\.com/!',
71 * '!^http://\w+\.wikipedia\.org/!',
76 public $trustedOpenIDs = array();
79 * Event handler for notice saves; rejects the notice
80 * if user's address isn't validated.
82 * @param Notice $notice The notice being saved
84 * @return bool hook result code
87 function onStartNoticeSave($notice)
89 $user = User::staticGet('id', $notice->profile_id);
90 if (!empty($user)) { // it's a remote notice
91 if (!$this->validated($user)) {
92 $msg = _m("You must validate your email address before posting.");
93 throw new ClientException($msg);
100 * Event handler for registration attempts; rejects the registration
101 * if email field is missing.
103 * @param Action $action Action being executed
105 * @return bool hook result code
107 function onStartRegistrationTry($action)
109 $email = $action->trimmed('email');
112 $action->showForm(_m('You must provide an email address to register.'));
116 // Default form will run address format validation and reject if bad.
122 * Check if a user has a validated email address or has been
123 * otherwise grandfathered in.
125 * @param User $user User to valide
129 protected function validated($user)
131 // The email field is only stored after validation...
132 // Until then you'll find them in confirm_address.
133 $knownGood = !empty($user->email) ||
134 $this->grandfathered($user) ||
135 $this->hasTrustedOpenID($user);
137 // Give other plugins a chance to override, if they can validate
138 // that somebody's ok despite a non-validated email.
140 // FIXME: This isn't how to do it! Use Start*/End* instead
142 Event::handle('RequireValidatedEmailPlugin_Override',
143 array($user, &$knownGood));
149 * Check if a user was created before the grandfathering cutoff.
150 * If so, we won't need to check for validation.
152 * @param User $user User to check
154 * @return bool true if user is grandfathered
156 protected function grandfathered($user)
158 if ($this->grandfatherCutoff) {
159 $created = strtotime($user->created . " GMT");
160 $cutoff = strtotime($this->grandfatherCutoff);
161 if ($created < $cutoff) {
169 * Override for RequireValidatedEmail plugin. If we have a user who's
170 * not validated an e-mail, but did come from a trusted provider,
171 * we'll consider them ok.
173 * @param User $user User to check
175 * @return bool true if user has a trusted OpenID.
178 function hasTrustedOpenID($user)
180 if ($this->trustedOpenIDs && class_exists('User_openid')) {
181 foreach ($this->trustedOpenIDs as $regex) {
182 $oid = new User_openid();
184 $oid->user_id = $user->id;
187 while ($oid->fetch()) {
188 if (preg_match($regex, $oid->canonical)) {
198 * Add version information for this plugin.
200 * @param array &$versions Array of associative arrays of version data
202 * @return boolean hook value
205 function onPluginVersion(&$versions)
208 array('name' => 'Require Validated Email',
209 'version' => STATUSNET_VERSION,
210 'author' => 'Craig Andrews, '.
214 'http://status.net/wiki/Plugin:RequireValidatedEmail',
216 _m('Disables posting without a validated email address.'));
221 * Hide the notice form if the user isn't able to post.
223 * @param Action $action action being shown
225 * @return boolean hook value
228 function onStartShowNoticeForm($action)
230 $user = common_current_user();
231 if (!empty($user)) { // it's a remote notice
232 if (!$this->validated($user)) {