mirror of
https://github.com/scratchfoundation/swiki-confirmaccount.git
synced 2024-12-04 21:01:02 -05:00
entirely new verification code algorithm! (fixes #3)
This commit is contained in:
parent
6ec0e602ad
commit
0ce10636db
3 changed files with 15 additions and 8 deletions
|
@ -24,7 +24,7 @@ class AccountRequestSubmission {
|
||||||
protected $attachmentDidNotForget; // user already saw "please re-attach" notice
|
protected $attachmentDidNotForget; // user already saw "please re-attach" notice
|
||||||
protected $attachmentSize; // bytes size of file
|
protected $attachmentSize; // bytes size of file
|
||||||
protected $attachmentTempPath; // tmp path file was uploaded to FS
|
protected $attachmentTempPath; // tmp path file was uploaded to FS
|
||||||
|
|
||||||
public function __construct( User $requester, array $params ) {
|
public function __construct( User $requester, array $params ) {
|
||||||
$this->requester = $requester;
|
$this->requester = $requester;
|
||||||
$this->userName = trim( $params['userName'] );
|
$this->userName = trim( $params['userName'] );
|
||||||
|
@ -90,10 +90,10 @@ class AccountRequestSubmission {
|
||||||
}
|
}
|
||||||
|
|
||||||
//before we continue, verify user
|
//before we continue, verify user
|
||||||
$code = sha1($_SERVER['REMOTE_ADDR'] . date('m'));
|
$code = $context->getRequest()->getSessionData('confirmaccount-code');
|
||||||
$data = file_get_contents('http://scratch.mit.edu/site-api/comments/project/10135908/?page=1&salt=' . md5(time())); //add the salt so it doesn't cache
|
$data = file_get_contents('http://scratch.mit.edu/site-api/comments/project/10135908/?page=1&salt=' . md5(time())); //add the salt so it doesn't cache
|
||||||
if (!$data) {
|
if (!$data) {
|
||||||
return array('api_failed', 'Accessing the API to verify your registration failed. Please try again later.');
|
return array('api_failed', $context->msg('requestaccount-api-failed'));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$success = false;
|
$success = false;
|
||||||
|
@ -108,15 +108,15 @@ class AccountRequestSubmission {
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_POST['pwd1'] != $_POST['pwd2']) {
|
if ($_POST['pwd1'] != $_POST['pwd2']) {
|
||||||
return array('pwds_no_match', 'The passwords did not match.');
|
return array('pwds_no_match', $context->msg('badretype'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (strlen($_POST['pwd1']) <= 4) {
|
if (strlen($_POST['pwd1']) <= 4) {
|
||||||
return array('pwd_too_short', 'The password is too short');
|
return array('pwd_too_short', $context->msg('passwordtooshort', 5));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$success) {
|
if (!$success) {
|
||||||
return array('no_comment', $this->msg('requestaccount-nocomment-error'));
|
return array('no_comment', $context->msg('requestaccount-nocomment-error'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$u = User::newFromName( $this->userName, 'creatable' );
|
$u = User::newFromName( $this->userName, 'creatable' );
|
||||||
|
|
|
@ -77,6 +77,7 @@ You cannot make any more requests.",
|
||||||
'requestaccount-project-info' => 'Please go to the [$1 user verification project] and comment the following code:<br />\'\'\'$2\'\'\'',
|
'requestaccount-project-info' => 'Please go to the [$1 user verification project] and comment the following code:<br />\'\'\'$2\'\'\'',
|
||||||
'requestaccount-project-link' => 'http://scratch.mit.edu/projects/10135908/',
|
'requestaccount-project-link' => 'http://scratch.mit.edu/projects/10135908/',
|
||||||
'requestaccount-nocomment-error' => 'It does not appear you commented the verification code on the specified project. Please try again.',
|
'requestaccount-nocomment-error' => 'It does not appear you commented the verification code on the specified project. Please try again.',
|
||||||
|
'requestaccount-api-failed' => 'Accessing the API to verify your registration failed. Please try again later.',
|
||||||
);
|
);
|
||||||
|
|
||||||
/** Message documentation (Message documentation)
|
/** Message documentation (Message documentation)
|
||||||
|
|
|
@ -92,6 +92,12 @@ class RequestAccountPage extends SpecialPage {
|
||||||
protected function showForm( $msg = '', $forgotFile = 0 ) {
|
protected function showForm( $msg = '', $forgotFile = 0 ) {
|
||||||
global $wgAccountRequestTypes, $wgMakeUserPageFromBio;
|
global $wgAccountRequestTypes, $wgMakeUserPageFromBio;
|
||||||
|
|
||||||
|
//generate the codes randomly, and generate a new one every two hours in case the code gets censored for some reason or any other issue related to the code
|
||||||
|
if (!$this->getRequest()->getSessionData('confirmaccount-code') || $this->getRequest()->getSessionData('confirmaccount-time') < time() - 60 * 60 * 2) {
|
||||||
|
$this->getRequest()->setSessionData('confirmaccount-code', sha1(rand(1,999999999)));
|
||||||
|
$this->getRequest()->setSessionData('confirmaccount-time', time());
|
||||||
|
}
|
||||||
|
|
||||||
$reqUser = $this->getUser();
|
$reqUser = $this->getUser();
|
||||||
|
|
||||||
$this->mForgotAttachment = $forgotFile;
|
$this->mForgotAttachment = $forgotFile;
|
||||||
|
@ -212,7 +218,7 @@ class RequestAccountPage extends SpecialPage {
|
||||||
//Scratch user verification
|
//Scratch user verification
|
||||||
$form .= '<fieldset>';
|
$form .= '<fieldset>';
|
||||||
$form .= '<legend>' . $this->msg('requestaccount-user-verification') . '</legend>';
|
$form .= '<legend>' . $this->msg('requestaccount-user-verification') . '</legend>';
|
||||||
$form .= '<p>' . $this->msg('requestaccount-project-info', $this->msg('requestaccount-project-link')->text(), sha1($_SERVER['REMOTE_ADDR'] . date('m'))) . '</b></p>
|
$form .= '<p>' . $this->msg('requestaccount-project-info', $this->msg('requestaccount-project-link')->text(), $this->getRequest()->getSessionData('confirmaccount-code')) . '</p>
|
||||||
<p>' . $this->msg('requestaccount-code-troubleshoot') . '</p>' . "\n";
|
<p>' . $this->msg('requestaccount-code-troubleshoot') . '</p>' . "\n";
|
||||||
$form .= '</fieldset>';
|
$form .= '</fieldset>';
|
||||||
|
|
||||||
|
@ -319,7 +325,7 @@ class RequestAccountPage extends SpecialPage {
|
||||||
'attachmentSrcName' => $this->mSrcName,
|
'attachmentSrcName' => $this->mSrcName,
|
||||||
'attachmentDidNotForget' => $this->mForgotAttachment, // confusing name :)
|
'attachmentDidNotForget' => $this->mForgotAttachment, // confusing name :)
|
||||||
'attachmentSize' => $this->mFileSize,
|
'attachmentSize' => $this->mFileSize,
|
||||||
'attachmentTempPath' => $this->mTempPath
|
'attachmentTempPath' => $this->mTempPath,
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue