aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/ucp
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/ucp')
-rw-r--r--phpBB/includes/ucp/ucp_groups.php16
-rw-r--r--phpBB/includes/ucp/ucp_profile.php7
-rw-r--r--phpBB/includes/ucp/ucp_register.php34
-rw-r--r--phpBB/includes/ucp/ucp_remind.php174
-rw-r--r--phpBB/includes/ucp/ucp_resend.php2
5 files changed, 43 insertions, 190 deletions
diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php
index cf6e049748..6eba3a03a9 100644
--- a/phpBB/includes/ucp/ucp_groups.php
+++ b/phpBB/includes/ucp/ucp_groups.php
@@ -136,7 +136,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
$sql = 'SELECT group_type
FROM ' . GROUPS_TABLE . '
@@ -240,7 +240,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
@@ -460,7 +460,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
@@ -754,7 +754,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
@@ -884,7 +884,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
@@ -911,7 +911,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
@@ -990,7 +990,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
@@ -1051,7 +1051,7 @@ class ucp_groups
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
- list(, $row) = each($row);
+ $row = current($row);
if (!$row['group_leader'])
{
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index 36ab3d0463..dca7e7eeb7 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -70,9 +70,9 @@ class ucp_profile
// Do not check cur_password, it is the old one.
$check_ary = array(
'new_password' => array(
- array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
+ array('string', true, $config['min_pass_chars'], 0),
array('password')),
- 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
+ 'password_confirm' => array('string', true, $config['min_pass_chars'], 0),
'email' => array(
array('string', false, 6, 60),
array('user_email')),
@@ -131,7 +131,6 @@ class ucp_profile
'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $data['username'] : $user->data['username'],
'username_clean' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($data['username']) : $user->data['username_clean'],
'user_email' => ($auth->acl_get('u_chgemail')) ? $data['email'] : $user->data['user_email'],
- 'user_email_hash' => ($auth->acl_get('u_chgemail')) ? phpbb_email_hash($data['email']) : $user->data['user_email_hash'],
'user_password' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? $passwords_manager->hash($data['new_password']) : $user->data['user_password'],
);
@@ -267,7 +266,7 @@ class ucp_profile
'CUR_PASSWORD' => '',
'L_USERNAME_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])),
- 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])),
+ 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars'])),
'S_FORCE_PASSWORD' => ($auth->acl_get('u_chgpasswd') && $config['chg_passforce'] && $user->data['user_passchg'] < time() - ($config['chg_passforce'] * 86400)) ? true : false,
'S_CHANGE_USERNAME' => ($config['allow_namechange'] && $auth->acl_get('u_chgname')) ? true : false,
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index 03ac63b12b..00fa8034f9 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -276,9 +276,9 @@ class ucp_register
array('string', false, $config['min_name_chars'], $config['max_name_chars']),
array('username', '')),
'new_password' => array(
- array('string', false, $config['min_pass_chars'], $config['max_pass_chars']),
+ array('string', false, $config['min_pass_chars'], 0),
array('password')),
- 'password_confirm' => array('string', false, $config['min_pass_chars'], $config['max_pass_chars']),
+ 'password_confirm' => array('string', false, $config['min_pass_chars'], 0),
'email' => array(
array('string', false, 6, 60),
array('user_email')),
@@ -452,6 +452,9 @@ class ucp_register
{
$message = $user->lang['ACCOUNT_ADDED'];
$email_template = 'user_welcome';
+
+ // Autologin after registration
+ $user->session_create($user_id, 0, false, 1);
}
if ($config['email_enable'])
@@ -600,6 +603,31 @@ class ucp_register
break;
}
+ /* @var $provider_collection \phpbb\auth\provider_collection */
+ $provider_collection = $phpbb_container->get('auth.provider_collection');
+ $auth_provider = $provider_collection->get_provider();
+
+ $auth_provider_data = $auth_provider->get_login_data();
+ if ($auth_provider_data)
+ {
+ if (isset($auth_provider_data['VARS']))
+ {
+ $template->assign_vars($auth_provider_data['VARS']);
+ }
+
+ if (isset($auth_provider_data['BLOCK_VAR_NAME']))
+ {
+ foreach ($auth_provider_data['BLOCK_VARS'] as $block_vars)
+ {
+ $template->assign_block_vars($auth_provider_data['BLOCK_VAR_NAME'], $block_vars);
+ }
+ }
+
+ $template->assign_vars(array(
+ 'PROVIDER_TEMPLATE_FILE' => $auth_provider_data['TEMPLATE_FILE'],
+ ));
+ }
+
// Assign template vars for timezone select
phpbb_timezone_select($template, $user, $data['tz'], true);
@@ -611,7 +639,7 @@ class ucp_register
'L_REG_COND' => $l_reg_cond,
'L_USERNAME_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])),
- 'L_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])),
+ 'L_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars'])),
'S_LANG_OPTIONS' => language_select($data['lang']),
'S_TZ_PRESELECT' => !$submit,
diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php
deleted file mode 100644
index e50428bfea..0000000000
--- a/phpBB/includes/ucp/ucp_remind.php
+++ /dev/null
@@ -1,174 +0,0 @@
-<?php
-/**
-*
-* This file is part of the phpBB Forum Software package.
-*
-* @copyright (c) phpBB Limited <https://www.phpbb.com>
-* @license GNU General Public License, version 2 (GPL-2.0)
-*
-* For full copyright and license information, please see
-* the docs/CREDITS.txt file.
-*
-*/
-
-/**
-* @ignore
-*/
-if (!defined('IN_PHPBB'))
-{
- exit;
-}
-
-/**
-* ucp_remind
-* Sending password reminders
-*/
-class ucp_remind
-{
- var $u_action;
-
- function main($id, $mode)
- {
- global $config, $phpbb_root_path, $phpEx, $request;
- global $db, $user, $template, $phpbb_container, $phpbb_dispatcher;
-
- if (!$config['allow_password_reset'])
- {
- trigger_error($user->lang('UCP_PASSWORD_RESET_DISABLED', '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'));
- }
-
- $username = $request->variable('username', '', true);
- $email = strtolower($request->variable('email', ''));
- $submit = (isset($_POST['submit'])) ? true : false;
-
- add_form_key('ucp_remind');
-
- if ($submit)
- {
- if (!check_form_key('ucp_remind'))
- {
- trigger_error('FORM_INVALID');
- }
-
- if (empty($email))
- {
- trigger_error('NO_EMAIL_USER');
- }
-
- $sql_array = array(
- 'SELECT' => 'user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason',
- 'FROM' => array(USERS_TABLE => 'u'),
- 'WHERE' => "user_email_hash = '" . $db->sql_escape(phpbb_email_hash($email)) . "'" .
- (!empty($username) ? " AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'" : ''),
- );
-
- /**
- * Change SQL query for fetching user data
- *
- * @event core.ucp_remind_modify_select_sql
- * @var string email User's email from the form
- * @var string username User's username from the form
- * @var array sql_array Fully assembled SQL query with keys SELECT, FROM, WHERE
- * @since 3.1.11-RC1
- */
- $vars = array(
- 'email',
- 'username',
- 'sql_array',
- );
- extract($phpbb_dispatcher->trigger_event('core.ucp_remind_modify_select_sql', compact($vars)));
-
- $sql = $db->sql_build_query('SELECT', $sql_array);
- $result = $db->sql_query_limit($sql, 2); // don't waste resources on more rows than we need
- $rowset = $db->sql_fetchrowset($result);
-
- if (count($rowset) > 1)
- {
- $db->sql_freeresult($result);
-
- $template->assign_vars(array(
- 'USERNAME_REQUIRED' => true,
- 'EMAIL' => $email,
- ));
- }
- else
- {
- $message = $user->lang['PASSWORD_UPDATED_IF_EXISTED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
-
- if (empty($rowset))
- {
- trigger_error($message);
- }
-
- $user_row = $rowset[0];
- $db->sql_freeresult($result);
-
- if (!$user_row)
- {
- trigger_error($message);
- }
-
- if ($user_row['user_type'] == USER_IGNORE || $user_row['user_type'] == USER_INACTIVE)
- {
- trigger_error($message);
- }
-
- // Check users permissions
- $auth2 = new \phpbb\auth\auth();
- $auth2->acl($user_row);
-
- if (!$auth2->acl_get('u_chgpasswd'))
- {
- trigger_error($message);
- }
-
- $server_url = generate_board_url();
-
- // Make password at least 8 characters long, make it longer if admin wants to.
- // gen_rand_string() however has a limit of 12 or 13.
- $user_password = gen_rand_string_friendly(max(8, mt_rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars'])));
-
- // For the activation key a random length between 6 and 10 will do.
- $user_actkey = gen_rand_string(mt_rand(6, 10));
-
- // Instantiate passwords manager
- /* @var $manager \phpbb\passwords\manager */
- $passwords_manager = $phpbb_container->get('passwords.manager');
-
- $sql = 'UPDATE ' . USERS_TABLE . "
- SET user_newpasswd = '" . $db->sql_escape($passwords_manager->hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'
- WHERE user_id = " . $user_row['user_id'];
- $db->sql_query($sql);
-
- include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
-
- $messenger = new messenger(false);
-
- $messenger->template('user_activate_passwd', $user_row['user_lang']);
-
- $messenger->set_addresses($user_row);
-
- $messenger->anti_abuse_headers($config, $user);
-
- $messenger->assign_vars(array(
- 'USERNAME' => htmlspecialchars_decode($user_row['username']),
- 'PASSWORD' => htmlspecialchars_decode($user_password),
- 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
- );
-
- $messenger->send($user_row['user_notify_type']);
-
- trigger_error($message);
- }
- }
-
- $template->assign_vars(array(
- 'USERNAME' => $username,
- 'EMAIL' => $email,
- 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=sendpassword'))
- );
-
- $this->tpl_name = 'ucp_remind';
- $this->page_title = 'UCP_REMIND';
- }
-}
diff --git a/phpBB/includes/ucp/ucp_resend.php b/phpBB/includes/ucp/ucp_resend.php
index 44c54100cd..55923668d4 100644
--- a/phpBB/includes/ucp/ucp_resend.php
+++ b/phpBB/includes/ucp/ucp_resend.php
@@ -47,7 +47,7 @@ class ucp_resend
$sql = 'SELECT user_id, group_id, username, user_email, user_type, user_lang, user_actkey, user_inactive_reason
FROM ' . USERS_TABLE . "
- WHERE user_email_hash = '" . $db->sql_escape(phpbb_email_hash($email)) . "'
+ WHERE user_email = '" . $db->sql_escape($email) . "'
AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);