scratchfoundation/swiki-confirmaccount
1
0
Fork 0
mirror of https://github.com/scratchfoundation/swiki-confirmaccount.git synced 2024-12-04 12:51:01 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

entirely new verification code algorithm! (fixes #3)

Browse source
This commit is contained in:
Jacob G 2015-01-11 21:01:56 -05:00
parent 6ec0e602ad
commit 0ce10636db
3 changed files with 15 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
ConfirmAccount/business/AccountRequestSubmission.php
View file

@ -24,7 +24,7 @@ class AccountRequestSubmission {
protected $attachmentDidNotForget; // user already saw "please re-attach" notice
protected $attachmentSize; // bytes size of file
protected $attachmentTempPath; // tmp path file was uploaded to FS
public function __construct( User $requester, array $params ) {
$this->requester = $requester;
$this->userName = trim( $params['userName'] );
@ -90,10 +90,10 @@ class AccountRequestSubmission {
}
//before we continue, verify user
$code = sha1($_SERVER['REMOTE_ADDR'] . date('m'));
$code = $context->getRequest()->getSessionData('confirmaccount-code');
$data = file_get_contents('http://scratch.mit.edu/site-api/comments/project/10135908/?page=1&salt=' . md5(time())); //add the salt so it doesn't cache
if (!$data) {
return array('api_failed', 'Accessing the API to verify your registration failed. Please try again later.');
return array('api_failed', $context->msg('requestaccount-api-failed'));
return;
}
$success = false;
@ -108,15 +108,15 @@ class AccountRequestSubmission {
}
if ($_POST['pwd1'] != $_POST['pwd2']) {
return array('pwds_no_match', 'The passwords did not match.');
return array('pwds_no_match', $context->msg('badretype'));
}
if (strlen($_POST['pwd1']) <= 4) {
return array('pwd_too_short', 'The password is too short');
return array('pwd_too_short', $context->msg('passwordtooshort', 5));
}
if (!$success) {
return array('no_comment', $this->msg('requestaccount-nocomment-error'));
return array('no_comment', $context->msg('requestaccount-nocomment-error'));
}
$u = User::newFromName( $this->userName, 'creatable' );

1
ConfirmAccount/frontend/language/RequestAccountPage.i18n.php
View file

@ -77,6 +77,7 @@ You cannot make any more requests.",
'requestaccount-project-info' => 'Please go to the [$1 user verification project] and comment the following code:<br />\'\'\'$2\'\'\'',
'requestaccount-project-link' => 'http://scratch.mit.edu/projects/10135908/',
'requestaccount-nocomment-error' => 'It does not appear you commented the verification code on the specified project. Please try again.',
'requestaccount-api-failed' => 'Accessing the API to verify your registration failed. Please try again later.',
);
/** Message documentation (Message documentation)

10
ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php
View file

@ -92,6 +92,12 @@ class RequestAccountPage extends SpecialPage {
protected function showForm( $msg = '', $forgotFile = 0 ) {
global $wgAccountRequestTypes, $wgMakeUserPageFromBio;
//generate the codes randomly, and generate a new one every two hours in case the code gets censored for some reason or any other issue related to the code
if (!$this->getRequest()->getSessionData('confirmaccount-code') || $this->getRequest()->getSessionData('confirmaccount-time') < time() - 60 * 60 * 2) {
$this->getRequest()->setSessionData('confirmaccount-code', sha1(rand(1,999999999)));
$this->getRequest()->setSessionData('confirmaccount-time', time());
}
$reqUser = $this->getUser();
$this->mForgotAttachment = $forgotFile;
@ -212,7 +218,7 @@ class RequestAccountPage extends SpecialPage {
//Scratch user verification
$form .= '<fieldset>';
$form .= '<legend>' . $this->msg('requestaccount-user-verification') . '</legend>';
$form .= '<p>' . $this->msg('requestaccount-project-info', $this->msg('requestaccount-project-link')->text(), sha1($_SERVER['REMOTE_ADDR'] . date('m'))) . '</b></p>
$form .= '<p>' . $this->msg('requestaccount-project-info', $this->msg('requestaccount-project-link')->text(), $this->getRequest()->getSessionData('confirmaccount-code')) . '</p>
<p>' . $this->msg('requestaccount-code-troubleshoot') . '</p>' . "\n";
$form .= '</fieldset>';
@ -319,7 +325,7 @@ class RequestAccountPage extends SpecialPage {
'attachmentSrcName' => $this->mSrcName,
'attachmentDidNotForget' => $this->mForgotAttachment, // confusing name :)
'attachmentSize' => $this->mFileSize,
'attachmentTempPath' => $this->mTempPath
'attachmentTempPath' => $this->mTempPath,
)
);