Gitiles
Code Review Sign In
korap.ids-mannheim.de / ids-kl / ldap-signup / 11de6cbcf6da499a8142ec6cfa26600d39426892 / . / index.php
blob: 5ce87e67f76622ae09cc1a06f2773bbf61d58924 [file] [log] [blame]
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]1<?php
2require_once 'vendor/autoload.php';
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]3include 'config.php';
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]4include_once 'redis.php';
5include_once 'utils.php';
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]6include_once 'mail.php';
7include_once 'ldap.php';
Marc Kupietz87a14312023-03-09 20:39:31 +0100[diff] [blame]8include_once 'db_backend.php';
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]9include_once 'validators.php';
Marc Kupietzd871d882023-03-05 18:34:16 +0100[diff] [blame]10include_once 'User.php';
11require __DIR__ . '/vendor/autoload.php';
12use Monolog\Level;
13use Monolog\Logger as Logger;
14use Monolog\Handler\StreamHandler;
15use Monolog\Handler\RotatingFileHandler;
16use \User as User;
Marc Kupietz87a14312023-03-09 20:39:31 +0100[diff] [blame]17use \DB as DB;
Marc Kupietz3f6a5982023-03-06 07:04:59 +0100[diff] [blame]18include $TEMPLATE . "strings.php";
Marc Kupietzd871d882023-03-05 18:34:16 +0100[diff] [blame]19$log = new Logger('signup');
20$log->pushHandler(new RotatingFileHandler(__DIR__ . '/logs/signup.log', 0, Logger::DEBUG));
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]21
22if (!$DEBUG) error_reporting(0);
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]23else error_reporting(1);
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]24session_start();
25
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]26use Gregwar\Captcha\PhraseBuilder;
27
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]28$URI = array_slice(explode("/", explode('?', $_SERVER['REQUEST_URI'], 2)[0]), -1)[0];
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]29if (strlen($URI) == 2) {
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]30 $GLOBALS["cc"] = $URI;
31 $_SESSION["cc"] = $URI;
32}
33
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]34if (isset($_GET["lang"])) {
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]35 $GLOBALS["cc"] = $_GET["lang"];
36 $_SESSION["cc"] = $_GET["lang"];
37}
38
39$TEMPLATE = template_path();
40
41
Marc Kupietz3f6a5982023-03-06 07:04:59 +0100[diff] [blame]42function send_welcome_email(User $user)
43{
44 global $SMTP, $SERVICE_ACRONYM, $WELCOME_TEMPLATE, $TEMPLATE;
45 $TEMPLATE = template_path();
46 include $TEMPLATE . "email.php";
47 $url = "";
48
49 send_mail($user->email, $SMTP, (object) [
50 "subject" => $WELCOME_TEMPLATE->subject,
51 "text" => replace_all_user_variables($WELCOME_TEMPLATE->text, $user, $url),
52 "html" => replace_all_user_variables($WELCOME_TEMPLATE->html, $user, $url)
53 ]);
54}
55
Marc Kupietz0375b7e2023-03-04 18:13:26 +0100[diff] [blame]56function send_confirmation_email(string $mail, object $smtp, string $url, User $user)
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]57{
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]58 include 'config.php';
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]59 $TEMPLATE = template_path();
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]60 include $TEMPLATE . "email.php";
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]61
62 send_mail($mail, $smtp, (object) [
63 "subject" => $MAIL_TEMPLATE->subject,
Marc Kupietz0375b7e2023-03-04 18:13:26 +0100[diff] [blame]64 "text" => replace_all_user_variables($MAIL_TEMPLATE->text, $user, $url),
65 "html" => replace_all_user_variables($MAIL_TEMPLATE->html, $user, $url)
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]66 ]);
67}
68
69function send_recovery_email(string $mail, object $smtp, string $url)
70{
71 include 'config.php';
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]72 $TEMPLATE = template_path();
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]73 include $TEMPLATE . "email.php";
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]74
75 send_mail($mail, $smtp, (object) [
76 "subject" => $RECOVERY_EMAIL_TEMPLATE->subject,
77 "text" => str_replace("{{url}}", $url, $RECOVERY_EMAIL_TEMPLATE->text),
78 "html" => str_replace("{{url}}", $url, $RECOVERY_EMAIL_TEMPLATE->html)
79 ]);
80}
81
82function reload_captcha_script()
83{
84 include 'config.php';
Marc Kupietz3f6a5982023-03-06 07:04:59 +0100[diff] [blame]85
86 if ($CAPTCHA_LENGTH > 0) {
87 $TEMPLATE = template_path();
88 include $TEMPLATE . "strings.php";
89 echo '
90 <script>
91 const reload_captcha = async (e) => {
92 var cont = document.getElementById("reload_captcha");
93 cont.innerHTML = "<div class=\'spinner-border text-info\' role=\'status\'><span class=\'sr-only\'>' . $STRINGS->reloading_captcha . '</span></div>";
94 var img = document.getElementById("captcha")
95 var url = "' . $BASE_URL . '/captcha.php?token=' . $_SESSION["captcha_token"] . '"
96 await fetch(url, { cache: "reload", mode: "no-cors" })
97 .then(() => {
98 img.src = url+"&t=" + new Date().getTime();
99 setTimeout( () => {
100 cont.innerHTML = "<button id=\'reload\' class=\'btn btn-outline-info\' type=\'button\'> <span class=\'glyphicon glyphicon-refresh\' aria-hidden=\'true\'></span></button>";
101 bindButton()
102 }, 500);
103 })
104 }
105 function bindButton(){
106 var button = document.getElementById("reload");
107 button.addEventListener("click", reload_captcha)
108 }
109 bindButton()
110 </script>
111 ';
112 }
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]113}
114
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]115function register_page($error = false)
116{
117 $TEMPLATE = template_path();
118 include 'config.php';
119 if ($error)
120 include $TEMPLATE . 'error.htm';
121 $_SESSION["captcha_token"] = generateRandomString(12);
122 include $TEMPLATE . "register.htm";
123 reload_captcha_script();
124}
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]125
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]126
Marc Kupietzd871d882023-03-05 18:34:16 +0100[diff] [blame]127function verify_request(User $user)
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]128{
Marc Kupietz87a14312023-03-09 20:39:31 +0100[diff] [blame]129 global $log, $CONFERENCE_REGISTRATION, $CAPTCHA_LENGTH;
130
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]131 $TEMPLATE = template_path();
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]132 unset($_SESSION['captcha_token']);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]133 include $TEMPLATE . 'strings.php';
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]134 $password = $_POST["password"];
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]135 $error = "";
136
Marc Kupietz87a14312023-03-09 20:39:31 +0100[diff] [blame]137 if (!$CONFERENCE_REGISTRATION) {
138 $error .= validate_username($user->username);
139 $error .= validate_password($password);
140 }
141 $log->debug("validating request");
Marc Kupietz3417c882023-03-07 12:03:21 +0100[diff] [blame]142 $error .= validate_name($user->first_name, $FIRST_NAME_VALIDATION_ERROR);
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]143 $error .= validate_name($user->last_name, $LAST_NAME_VALIDATION_ERROR);
Marc Kupietz87a14312023-03-09 20:39:31 +0100[diff] [blame]144 $log->debug("request validated: $error");
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]145 $error .= validate_email($user->email);
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]146
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]147
Marc Kupietzd2dfa002023-03-04 14:59:16 +0100[diff] [blame]148 if ($CAPTCHA_LENGTH > 0 && !(isset($_SESSION['captcha']) && PhraseBuilder::comparePhrases($_SESSION['captcha'], $_POST['captcha']))) {
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]149 $error = $error . $STRINGS->wrong_captcha;
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]150 }
151 unset($_SESSION["captcha"]);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]152
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]153 return $error;
154}
155
Marc Kupietz0375b7e2023-03-04 18:13:26 +0100[diff] [blame]156
Marc Kupietzd871d882023-03-05 18:34:16 +0100[diff] [blame]157function approve_request(User $user)
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]158{
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]159 include 'config.php';
Marc Kupietz76121272023-03-07 13:05:23 +0100[diff] [blame]160 global $log, $_SESSION;
Marc Kupietzd871d882023-03-05 18:34:16 +0100[diff] [blame]161
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]162 $token = generateRandomString();
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]163 redis_set($token, $user, $MAIL_CONFIRMATION_AWAIT_DELAY);
164 $pending = redis_get("pending");
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]165 if ($pending) {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]166 $maillist = $pending->mails;
Marc Kupietz87a14312023-03-09 20:39:31 +0100[diff] [blame]167 if(is_array($maillist))
168 array_push($maillist, $user->email);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]169 } else
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]170 $maillist = [$user->email];
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]171 redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY);
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]172
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]173 $url = $BASE_URL . "?type=confirmation&token=" . $token;
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]174 if (in_array(explode("@", $user->email)[1], $MAIL_HOST_DIRECT_FALLBACK))
175 $smtp = $FALLBACK_SMTP;
176 else
177 $smtp = $SMTP;
Marc Kupietz0375b7e2023-03-04 18:13:26 +0100[diff] [blame]178 send_confirmation_email($user->email, $smtp, $url, $user);
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]179 $_SESSION['resend'] = generateRandomString(12);
180 $_SESSION['token'] = $token;
Marc Kupietz3417c882023-03-07 12:03:21 +0100[diff] [blame]181 $user->backup_in_session();
matheusfillipec0ce7fa2021-05-13 05:15:37 -0300[diff] [blame]182 $TEMPLATE = template_path();
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]183 include $TEMPLATE . "confirm_your_email.htm";
Marc Kupietz3417c882023-03-07 12:03:21 +0100[diff] [blame]184 $log->info("Registration process started for " . $user->to_string());
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]185}
186
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]187function recover_form($error = null)
188{
189 $TEMPLATE = template_path();
190 include 'config.php';
191 $_SESSION["captcha_token"] = generateRandomString(12);
192 if ($error)
193 include $TEMPLATE . 'error.htm';
194 include $TEMPLATE . "recover_email_form.htm";
195 reload_captcha_script();
196}
197
198function new_password_form($error = null)
199{
200 $TEMPLATE = template_path();
201 if ($error)
202 include $TEMPLATE . 'error.htm';
203 include $TEMPLATE . "recover_new_password_form.htm";
204}
205
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]206
207// PAGE
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]208include $TEMPLATE . "header.htm";
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]209
210if ($_SERVER["REQUEST_METHOD"] == "POST") {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]211 if (isset($_POST['type'])) {
212 switch ($_POST['type']) {
213 case "register":
Marc Kupietz3417c882023-03-07 12:03:21 +0100[diff] [blame]214 $log->info("Registration request from " . array_to_string($_POST));
215 $user = new User();
216 $user->init_from_array($_POST);
217 $log->info("Registration request from " . $user->to_string());
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]218 if (redis_inc_ipdata(getClientIP(), "register", true) > $HOURLY_REGISTRATIONS) {
219 include $TEMPLATE . "registration_limit.htm";
220 } else {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]221 $error = verify_request($user);
222 if ($error)
223 register_page($error);
224 else
225 approve_request($user);
226 }
227 break;
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]228 case "recover":
Marc Kupietz87a14312023-03-09 20:39:31 +0100[diff] [blame]229 if ($CONFERENCE_REGISTRATION)
230 break;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]231 $TEMPLATE = template_path();
232 unset($_SESSION['captcha_token']);
233 include $TEMPLATE . 'strings.php';
234
235 $email = $_POST["email"];
Marc Kupietz87a14312023-03-09 20:39:31 +0100[diff] [blame]236 if (($CONFERENCE_REGISTRATION & ! (new DB($log))->mail_count($email)) || !ldap_mail_count($email)) {
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]237 unset($_POST['email']);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]238 $error = $error . $STRINGS->recover_email_not_registered;
239 }
240
Marc Kupietzd2dfa002023-03-04 14:59:16 +0100[diff] [blame]241 if ($CAPTCHA_LENGTH > 0 && !(isset($_SESSION['captcha']) && PhraseBuilder::comparePhrases($_SESSION['captcha'], $_POST['captcha']))) {
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]242 $error = $error . $STRINGS->wrong_captcha;
243 }
244
245 unset($_SESSION["captcha"]);
246 if (redis_inc_ipdata(getClientIP(), "register", true) > $HOURLY_REGISTRATIONS) {
247 include $TEMPLATE . "registration_limit.htm";
248 } else {
249 if ($error) {
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]250 recover_form($error);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]251 } else {
252 include $TEMPLATE . 'strings.php';
253 $token = generateRandomString();
254 redis_set($token, $email, $MAIL_CONFIRMATION_AWAIT_DELAY);
255
256 $url = $BASE_URL . "?type=password_change&token=" . $token;
257 if (in_array(explode("@", $email)[1], $MAIL_HOST_DIRECT_FALLBACK))
258 $smtp = $FALLBACK_SMTP;
259 else
260 $smtp = $SMTP;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]261 $_SESSION['resend'] = generateRandomString(12);
262 $_SESSION['token'] = $token;
263 $_SESSION['email'] = $email;
264 $_SESSION['recover'] = $email;
265 $TEMPLATE = template_path();
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]266 send_recovery_email($email, $smtp, $url);
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]267 include $TEMPLATE . "confirm_your_email.htm";
Marc Kupietzd871d882023-03-05 18:34:16 +0100[diff] [blame]268 $log->info("Password recovery email sent to " . $email);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]269 }
270 }
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]271 break;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]272
273 case "password_change":
Marc Kupietz87a14312023-03-09 20:39:31 +0100[diff] [blame]274 if ($CONFERENCE_REGISTRATION)
275 break;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]276 $password = $_POST['password'];
277 $error = validate_password($password);
278 if ($error) {
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]279 new_password_form($error);
280 } else {
281 $TEMPLATE = template_path();
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]282 include $TEMPLATE . "recover_success.htm";
283 include $TEMPLATE . "email.php";
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]284 $email = $_SESSION["email_change"];
285 if (change_password($email, $password)) {
286 if (in_array(explode("@", $email)[1], $MAIL_HOST_DIRECT_FALLBACK))
287 $smtp = $FALLBACK_SMTP;
288 else
289 $smtp = $SMTP;
290 send_mail($email, $smtp, $PASSWORD_CHANGED_EMAIL_TEMPLATE);
Marc Kupietzd871d882023-03-05 18:34:16 +0100[diff] [blame]291 $log->info("Password changed for " . $email);
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]292 } else {
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]293 include $TEMPLATE . "strings.php";
294 echo $STRINGS->change_password_ldap_error;
295 }
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]296 unset($_SESSION["email_change"]);
297 redis_delete($_SESSION['token']);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]298 }
299 break;
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]300 }
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]301 }
302} elseif (isset($_GET['type'])) {
303 switch ($_GET['type']) {
304 case "confirmation":
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]305 if (!isset($_GET["token"])) {
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]306 echo $RUNTIME_ERROR->user_trying_invalid_get;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]307 } else {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]308 $token = $_GET["token"];
Marc Kupietzd871d882023-03-05 18:34:16 +0100[diff] [blame]309 $user = redis_get_user($token);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]310 if ($user && gettype($user) == "object") {
Marc Kupietz87a14312023-03-09 20:39:31 +0100[diff] [blame]311 if (($CONFERENCE_REGISTRATION && (new DB($log))->add_user($user)) || (!$CONFERENCE_REGISTRATION && ldap_add_user($user))) {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]312 if ($REDIRECT_TO)
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]313 header("refresh:5;url=" . $REDIRECT_TO);
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]314
315 $pending = redis_get("pending");
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]316 if ($pending) {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]317 $maillist = $pending->mails;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]318 if (in_array($user->email, $maillist)) {
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]319 unset($maillist[array_search($user->email, $maillist)]);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]320 redis_set("pending", (object)["mails" => $maillist], $MAIL_CONFIRMATION_AWAIT_DELAY);
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]321 }
322 }
323 redis_inc_ipdata(getClientIP(), "register");
Marc Kupietz87a14312023-03-09 20:39:31 +0100[diff] [blame]324 $log->info("User registration completed: " . $user->to_string());
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]325 echo $STRINGS->email_confirmation;
Matheus Fillipe5ad0cd52022-05-05 06:10:41 +0300[diff] [blame]326 if (isset($POST_REGISTER_HOOK)) $POST_REGISTER_HOOK($user);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]327 include $TEMPLATE . "mail_confirmed.htm";
328 } else {
Marc Kupietz3417c882023-03-07 12:03:21 +0100[diff] [blame]329 $log->error("User registration failed for: " . $user->to_string());
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]330 echo $STRINGS->email_confirmation;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]331 include $TEMPLATE . "registration_error.htm";
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]332 }
333 redis_delete($token);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]334 } else {
335 include $TEMPLATE . "token_expired.htm";
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]336 }
337 }
338 break;
339 case "resend":
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]340 if (isset($_GET['token']) && isset($_SESSION['resend']) && $_GET['token'] == $_SESSION['resend']) {
Marc Kupietz76121272023-03-07 13:05:23 +0100[diff] [blame]341 $log->info("Resending confirmation email to " . $_SESSION['email']);
342 $user = new User();
343 $user->init_from_array($_SESSION);
344 $log->info("Resending confirmation email to " . $user->to_string());
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]345 $token = $_SESSION['token'];
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]346 $url = $BASE_URL . "?type=confirmation&token=" . $token;
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]347 $smtp = $FALLBACK_SMTP;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]348 $address = $_SESSION["email"];
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]349 if (isset($_SESSION['recover'])) {
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]350 $url = $BASE_URL . "?type=password_change&token=" . $token;
Marc Kupietz0375b7e2023-03-04 18:13:26 +0100[diff] [blame]351 send_recovery_email($address, $smtp, $url, $user);
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]352 unset($_SESSION['recover']);
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]353 } else
Marc Kupietz0375b7e2023-03-04 18:13:26 +0100[diff] [blame]354 send_confirmation_email($address, $smtp, $url, $user);
Marc Kupietz76121272023-03-07 13:05:23 +0100[diff] [blame]355 echo "<div class='alert alert-info' role='alert'> Another email has been sent to ". $_SESSION['email']. " </div>";
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]356 unset($_SESSION['resend']);
357 unset($_SESSION['token']);
Marc Kupietz0375b7e2023-03-04 18:13:26 +0100[diff] [blame]358 # unset($_SESSION['email']);
359 } else {
Marc Kupietz76121272023-03-07 13:05:23 +0100[diff] [blame]360 echo "<div class='alert alert-warning' role='alert'>A second email has already been sent.</div>";
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]361 }
362 break;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]363
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]364 case "recover":
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]365 recover_form();
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]366 break;
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]367
368 case "password_change":
369 $TEMPLATE = template_path();
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]370 $token = $_GET["token"];
371 $email = redis_get($token);
372 $_SESSION["email_change"] = $email;
Matheus Fillipe301684b2021-05-14 09:09:43 +0300[diff] [blame]373 $_SESSION["token"] = $token;
374 if ($email && gettype($email) == "string") {
375 new_password_form();
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]376 } else {
377 include $TEMPLATE . "token_expired.htm";
378 }
matheusfillipe47cf90b2021-05-13 03:36:21 -0300[diff] [blame]379 break;
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]380 }
matheusfillipeabd513e2021-05-11 03:29:11 -0300[diff] [blame]381} else {
382 unset($_SESSION['captcha_token']);
383 register_page();
384}
385
matheusfillipef43dd962021-05-13 23:27:01 -0300[diff] [blame]386include $TEMPLATE . "bottom.htm";