Xataface  2.0alpha2
Xataface Application Framework
 All Data Structures Namespaces Files Functions Variables Groups Pages
activate.php
Go to the documentation of this file.
1 <?php
8 class dataface_actions_activate {
9  function handle(&$params){
10  $app = Dataface_Application::getInstance();
11 
12  if ( !isset($_GET['code']) ){
13  // We need this parameter or we can do nothing.
14  return PEAR::raiseError(
15  df_translate('actions.activate.MESSAGE_MISSING_CODE_PARAMETER',
16  'The code parameter is missing from your request. Validation cannot take place. Please check your url and try again.'
17  ),
18  DATAFACE_E_ERROR
19  );
20  }
21 
22  // Step 0: Find out what the redirect URL will be
23  // We accept --redirect markers to specify which page to redirect
24  // to after we're done. This will usually be the page that the
25  // user was on before they went to the login page.
26  if ( isset($_SESSION['--redirect']) ) $url = $_SESSION['--redirect'];
27  else if ( isset($_SESSION['-redirect']) ) $url = $_SESSION['-redirect'];
28  else if ( isset($_REQUEST['--redirect']) ) $url = $_REQUEST['--redirect'];
29  else if ( isset($_REQUEST['-redirect']) ) $url = $_REQUEST['-redirect'];
30  else $url = $app->url('-action='.$app->_conf['default_action']);
31 
32 
33  // Step 1: Delete all registrations older than time limit
34  $time_limit = 24*60*60; // 1 day
35  if ( isset($params['time_limit']) ){
36  $time_limit = intval($params['time_limit']);
37  }
38 
39  $res = mysql_query(
40  "delete from dataface__registrations
41  where registration_date < '".addslashes(date('Y-m-d H:i:s', time()-$time_limit))."'",
42  df_db()
43  );
44  if ( !$res ){
45  error_log(mysql_error(df_db()));
46  throw new Exception("Failed to delete registrations due to an SQL error. See error log for details.", E_USER_ERROR);
47 
48  }
49 
50  // Step 2: Load the specified registration information
51 
52  $res = mysql_query(
53  "select registration_data from dataface__registrations
54  where registration_code = '".addslashes($_GET['code'])."'",
55  df_db()
56  );
57 
58  if ( !$res ){
59  error_log(mysql_error(df_db()));
60  throw new Exception("Failed to load registration information due to an SQL error. See error log for details.", E_USER_ERROR);
61 
62  }
63 
64  if ( mysql_num_rows($res) == 0 ){
65  // We didn't find any records matching the prescribed code, so
66  // we redirect the user to their desired page and inform them
67  // that the registration didn't work.
68  $msg = df_translate(
69  'actions.activate.MESSAGE_REGISTRATION_NOT_FOUND',
70  'No registration information could be found to match this code. Please try registering again.'
71  );
72  $app->redirect($url.'&--msg='.urlencode($msg));
73 
74  }
75 
76  // Step 3: Check to make sure that there are no other users with the
77  // same name.
78 
79  list($raw_data) = mysql_fetch_row($res);
80  $values = unserialize($raw_data);
81  $appdel = $app->getDelegate();
82  if ( isset($appdel) and method_exists($appdel, 'validateRegistrationForm') ){
83  $res = $appdel->validateRegistrationForm($values);
84  if ( PEAR::isError($res) ){
85  $msg = $res->getMessage();
86  $app->redirect($url.'&--msg='.urlencode($msg));
87  }
88  } else {
89  $res = mysql_query("select count(*) from
90  `".str_replace('`','',$app->_conf['_auth']['users_table'])."`
91  where `".str_replace('`','',$app->_conf['_auth']['username_column'])."` = '".addslashes($values[$app->_conf['_auth']['username_column']])."'
92  ", df_db());
93  if ( !$res ){
94  error_log(mysql_error(df_db()));
95  throw new Exception("Failed to find user records due to an SQL error. See error log for details.", E_USER_ERROR);
96 
97  }
98  list($num) = mysql_fetch_row($res);
99  if ( $num > 0 ){
100  $msg = df_translate(
101  'actions.activate.MESSAGE_DUPLICATE_USER',
102  'Registration failed because a user already exists by that name. Try registering again with a different name.'
103  );
104  $app->redirect($url.'&--msg='.urlencode($msg));
105  }
106  }
107 
108 
109  // Step 4: Save the registration data and log the user in.
110  $record = new Dataface_Record($app->_conf['_auth']['users_table'], array());
111  $record->setValues($values);
112  $res = $record->save();
113  if ( PEAR::isError($res) ){
114  $app->redirect($url.'&--msg='.urlencode($res->getMessage()));
115  } else {
116  $res = mysql_query(
117  "delete from dataface__registrations
118  where registration_code = '".addslashes($_GET['code'])."'",
119  df_db()
120  );
121 
122  if ( !$res ){
123  error_log(mysql_error(df_db()));
124  throw new Exception("Failed to clean up old registrations due to an SQL error. See error log for details.", E_USER_ERROR);
125 
126  }
127  $msg = df_translate(
128  'actions.activate.MESSAGE_REGISTRATION_COMPLETE',
129  'Registration complete. You are now logged in.');
130  $_SESSION['UserName'] = $record->strval($app->_conf['_auth']['username_column']);
131 
132 
133  import('Dataface/Utilities.php');
134 
135  Dataface_Utilities::fireEvent('after_action_activate', array('record'=>$record));
136 
137  $app->redirect($url.'&--msg='.urlencode($msg));
138 
139  }
140 
141 
142  }
143 }
144 ?>
Generated on Fri Mar 22 2013 09:40:33 for Xataface by   doxygen 1.8.1.2