Merge pull request #6373 from MrPetovan/bug/6345-vier-fix-messages-notifs

[friendica.git] / mod / regmod.php

diff --git a/mod/regmod.php b/mod/regmod.php
index f662902d8dbcf71eb3516bc5cf4395fba56164ca..a772a78ce77e6b4ccdf9f2cc09317572b0defcbc 100644 (file)
--- a/mod/regmod.php
+++ b/mod/regmod.php
@@ -1,101 +1,109 @@
 <?php
+/**
+ * @file mod/regmod.php
+ */
+
+use Friendica\App;
+use Friendica\Core\Config;
+use Friendica\Core\L10n;
+use Friendica\Core\System;
+use Friendica\Core\Worker;
+use Friendica\Database\DBA;
+use Friendica\Model\Register;
+use Friendica\Model\User;
+use Friendica\Module\Login;
+
+function user_allow($hash)
+{
+       $a = get_app();
+
+       $register = Register::getByHash($hash);
+       if (!DBA::isResult($register)) {
+               return false;
+       }
 
+       $user = User::getById($register['uid']);
+       if (!DBA::isResult($user)) {
+               exit();
+       }
 
+       Register::deleteByHash($hash);
 
-function regmod_content(&$a) {
+       DBA::update('user', ['blocked' => false, 'verified' => true], ['uid' => $register['uid']]);
 
-       $_SESSION['return_url'] = $a->cmd;
+       $profile = DBA::selectFirst('profile', ['net-publish'], ['uid' => $register['uid'], 'is-default' => true]);
 
-       if(! local_user()) {
-               notice( t('Please login.') . EOL);
-               $o .= '<br /><br />' . login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
-               return $o;
+       if (DBA::isResult($profile) && $profile['net-publish'] && Config::get('system', 'directory')) {
+               $url = System::baseUrl() . '/profile/' . $user['nickname'];
+               Worker::add(PRIORITY_LOW, "Directory", $url);
        }
 
-       if((! (x($a->config,'admin_email'))) || ($a->config['admin_email'] !== $a->user['email'])) {
-               notice( t('Permission denied.') . EOL);
-               return '';
-       }
+       L10n::pushLang($register['language']);
 
-       if($a->argc != 3)
-               killme();
+       $res = User::sendRegisterOpenEmail(
+               $user,
+               Config::get('config', 'sitename'),
+               $a->getBaseUrl(),
+               defaults($register, 'password', 'Sent in a previous email')
+       );
 
-       $cmd  = $a->argv[1];
-       $hash = $a->argv[2];
+       L10n::popLang();
 
+       if ($res) {
+               info(L10n::t('Account approved.') . EOL);
+               return true;
+       }
+}
+
+// This does not have to go through user_remove() and save the nickname
+// permanently against re-registration, as the person was not yet
+// allowed to have friends on this system
+function user_deny($hash)
+{
+       $register = Register::getByHash($hash);
+       if (!DBA::isResult($register)) {
+               return false;
+       }
 
-       $register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
-               dbesc($hash)
-       );
+       $user = User::getById($register['uid']);
+       if (!DBA::isResult($user)) {
+               exit();
+       }
 
+       DBA::delete('user', ['uid' => $register['uid']]);
 
-       if(! count($register))
-               killme();
+       Register::deleteByHash($register['hash']);
 
-       $user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
-               intval($register[0]['uid'])
-       );
+       notice(L10n::t('Registration revoked for %s', $user['username']) . EOL);
+       return true;
+}
+
+function regmod_content(App $a)
+{
+       if (!local_user()) {
+               info(L10n::t('Please login.') . EOL);
+               return Login::form($a->query_string, intval(Config::get('config', 'register_policy')) === REGISTER_CLOSED ? 0 : 1);
+       }
 
-       if($cmd === 'deny') {
+       if (!is_site_admin() || !empty($_SESSION['submanage'])) {
+               notice(L10n::t('Permission denied.') . EOL);
+               return '';
+       }
 
-               $r = q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
-                       intval($register[0]['uid'])
-               );
-               $r = q("DELETE FROM `contact` WHERE `uid` = %d LIMIT 1",
-                       intval($register[0]['uid'])
-               ); 
-               $r = q("DELETE FROM `profile` WHERE `uid` = %d LIMIT 1",
-                       intval($register[0]['uid'])
-               ); 
+       if ($a->argc != 3) {
+               exit();
+       }
 
-               $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
-                       dbesc($register[0]['hash'])
-               );
-               notice( t('Registration revoked for ') . $user[0]['username'] . EOL);
-               return;
+       $cmd = $a->argv[1];
+       $hash = $a->argv[2];
 
+       if ($cmd === 'deny') {
+               user_deny($hash);
+               $a->internalRedirect('admin/users/');
        }
 
-       if($cmd === 'allow') {
-
-               if(! count($user))
-                       killme();
-
-               $r = q("DELETE FROM `register` WHERE `hash` = '%s' LIMIT 1",
-                       dbesc($register[0]['hash'])
-               );
-
-
-               $r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d LIMIT 1",
-                       intval($register[0]['uid'])
-               );
-               
-               $r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
-                       intval($user[0]['uid'])
-               );
-               if(count($r) && $r[0]['net-publish']) {
-                       $php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
-                       $url = $a->get_baseurl() . '/profile/' . $user[0]['nickname'];
-                       if($url && strlen(get_config('system','directory_submit_url')))
-                               proc_run($php_path,"include/directory.php","$url");
-               }
-
-               $email_tpl = load_view_file("view/register_open_eml.tpl");
-               $email_tpl = replace_macros($email_tpl, array(
-                               '$sitename' => $a->config['sitename'],
-                               '$siteurl' =>  $a->get_baseurl(),
-                               '$username' => $user[0]['username'],
-                               '$email' => $user[0]['email'],
-                               '$password' => $register[0]['password'],
-                               '$uid' => $user[0]['uid']
-               ));
-
-               $res = mail($user[0]['email'], t('Registration details for '). $a->config['sitename'],
-                       $email_tpl,'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] );
-
-               if($res) {
-                       notice( t('Account approved.') . EOL );
-                       return;
-               }
+       if ($cmd === 'allow') {
+               user_allow($hash);
+               $a->internalRedirect('admin/users/');
        }
-}
\ No newline at end of file
+}