3 * StatusNet, the distributed open-source microblogging tool
5 * Plugin that requires the user to have a validated email address before they can post notices
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Craig Andrews <candrews@integralblue.com>
25 * @author Brion Vibber <brion@status.net>
26 * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
27 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
28 * @link http://status.net/
31 if (!defined('STATUSNET') && !defined('LACONICA')) {
35 class RequireValidatedEmailPlugin extends Plugin
37 // Users created before this time will be grandfathered in
38 // without the validation requirement.
39 public $grandfatherCutoff=null;
41 // If OpenID plugin is installed, users with a verified OpenID
42 // association whose provider URL matches one of these regexes
43 // will be considered to be sufficiently valid for our needs.
45 // For example, to trust WikiHow and Wikipedia OpenID users:
47 // addPlugin('RequireValidatedEmailPlugin', array(
48 // 'trustedOpenIDs' => array(
49 // '!^http://\w+\.wikihow\.com/!',
50 // '!^http://\w+\.wikipedia\.org/!',
53 public $trustedOpenIDs=array();
55 function __construct()
57 parent::__construct();
61 * Event handler for notice saves; rejects the notice
62 * if user's address isn't validated.
64 * @param Notice $notice
65 * @return bool hook result code
67 function onStartNoticeSave($notice)
69 $user = User::staticGet('id', $notice->profile_id);
70 if (!empty($user)) { // it's a remote notice
71 if (!$this->validated($user)) {
72 throw new ClientException(_m("You must validate your email address before posting."));
79 * Event handler for registration attempts; rejects the registration
80 * if email field is missing.
82 * @param RegisterAction $action
83 * @return bool hook result code
85 function onStartRegistrationTry($action)
87 $email = $action->trimmed('email');
90 $action->showForm(_m('You must provide an email address to register.'));
94 // Default form will run address format validation and reject if bad.
100 * Check if a user has a validated email address or has been
101 * otherwise grandfathered in.
106 protected function validated($user)
108 // The email field is only stored after validation...
109 // Until then you'll find them in confirm_address.
110 $knownGood = !empty($user->email) ||
111 $this->grandfathered($user) ||
112 $this->hasTrustedOpenID($user);
114 // Give other plugins a chance to override, if they can validate
115 // that somebody's ok despite a non-validated email.
116 Event::handle('RequireValidatedEmailPlugin_Override', array($user, &$knownGood));
122 * Check if a user was created before the grandfathering cutoff.
123 * If so, we won't need to check for validation.
128 protected function grandfathered($user)
130 if ($this->grandfatherCutoff) {
131 $created = strtotime($user->created . " GMT");
132 $cutoff = strtotime($this->grandfatherCutoff);
133 if ($created < $cutoff) {
141 * Override for RequireValidatedEmail plugin. If we have a user who's
142 * not validated an e-mail, but did come from a trusted provider,
143 * we'll consider them ok.
145 function hasTrustedOpenID($user)
147 if ($this->trustedOpenIDs && class_exists('User_openid')) {
148 foreach ($this->trustedOpenIDs as $regex) {
149 $oid = new User_openid();
150 $oid->user_id = $user->id;
152 while ($oid->fetch()) {
153 if (preg_match($regex, $oid->canonical)) {
162 function onPluginVersion(&$versions)
164 $versions[] = array('name' => 'Require Validated Email',
165 'version' => STATUSNET_VERSION,
166 'author' => 'Craig Andrews, Evan Prodromou, Brion Vibber',
167 'homepage' => 'http://status.net/wiki/Plugin:RequireValidatedEmail',
169 _m('The Require Validated Email plugin disables posting for accounts that do not have a validated email address.'));