3 * StatusNet, the distributed open-source microblogging tool
5 * Plugin that requires the user to have a validated email address before they can post notices
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
24 * @author Craig Andrews <candrews@integralblue.com>, Brion Vibber <brion@status.net>
25 * @copyright 2009 Craig Andrews http://candrews.integralblue.com
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://status.net/
30 if (!defined('STATUSNET') && !defined('LACONICA')) {
34 class RequireValidatedEmailPlugin extends Plugin
36 // Users created before this time will be grandfathered in
37 // without the validation requirement.
38 public $grandfatherCutoff=null;
40 // If OpenID plugin is installed, users with a verified OpenID
41 // association whose provider URL matches one of these regexes
42 // will be considered to be sufficiently valid for our needs.
44 // For example, to trust WikiHow and Wikipedia OpenID users:
46 // addPlugin('RequireValidatedEmailPlugin', array(
47 // 'trustedOpenIDs' => array(
48 // '!^http://\w+\.wikihow\.com/!',
49 // '!^http://\w+\.wikipedia\.org/!',
52 public $trustedOpenIDs=array();
54 function __construct()
56 parent::__construct();
60 * Event handler for notice saves; rejects the notice
61 * if user's address isn't validated.
63 * @param Notice $notice
64 * @return bool hook result code
66 function onStartNoticeSave($notice)
68 $user = User::staticGet('id', $notice->profile_id);
69 if (!empty($user)) { // it's a remote notice
70 if (!$this->validated($user)) {
71 throw new ClientException(_m("You must validate your email address before posting."));
78 * Event handler for registration attempts; rejects the registration
79 * if email field is missing.
81 * @param RegisterAction $action
82 * @return bool hook result code
84 function onStartRegistrationTry($action)
86 $email = $action->trimmed('email');
89 $action->showForm(_m('You must provide an email address to register.'));
93 // Default form will run address format validation and reject if bad.
99 * Check if a user has a validated email address or has been
100 * otherwise grandfathered in.
105 protected function validated($user)
107 // The email field is only stored after validation...
108 // Until then you'll find them in confirm_address.
109 $knownGood = !empty($user->email) ||
110 $this->grandfathered($user) ||
111 $this->hasTrustedOpenID($user);
113 // Give other plugins a chance to override, if they can validate
114 // that somebody's ok despite a non-validated email.
115 Event::handle('RequireValidatedEmailPlugin_Override', array($user, &$knownGood));
121 * Check if a user was created before the grandfathering cutoff.
122 * If so, we won't need to check for validation.
127 protected function grandfathered($user)
129 if ($this->grandfatherCutoff) {
130 $created = strtotime($user->created . " GMT");
131 $cutoff = strtotime($this->grandfatherCutoff);
132 if ($created < $cutoff) {
140 * Override for RequireValidatedEmail plugin. If we have a user who's
141 * not validated an e-mail, but did come from a trusted provider,
142 * we'll consider them ok.
144 function hasTrustedOpenID($user)
146 if ($this->trustedOpenIDs && class_exists('User_openid')) {
147 foreach ($this->trustedOpenIDs as $regex) {
148 $oid = new User_openid();
149 $oid->user_id = $user->id;
151 while ($oid->fetch()) {
152 if (preg_match($regex, $oid->canonical)) {
161 function onPluginVersion(&$versions)
163 $versions[] = array('name' => 'Require Validated Email',
164 'version' => STATUSNET_VERSION,
165 'author' => 'Craig Andrews, Evan Prodromou, Brion Vibber',
166 'homepage' => 'http://status.net/wiki/Plugin:RequireValidatedEmail',
168 _m('The Require Validated Email plugin disables posting for accounts that do not have a validated email address.'));