Compare commits
2 Commits
complete_p
...
f808615f22
| Author | SHA1 | Date | |
|---|---|---|---|
| f808615f22 | |||
| ffce2fc28b |
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -13,8 +14,8 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
class MatrixConnection
|
||||
{
|
||||
class MatrixConnection {
|
||||
|
||||
private $hs;
|
||||
private $at;
|
||||
|
||||
@@ -132,10 +133,11 @@ class MatrixConnection
|
||||
}
|
||||
return $response;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
class MatrixMessage
|
||||
{
|
||||
class MatrixMessage {
|
||||
|
||||
private $message;
|
||||
|
||||
function __construct() {
|
||||
@@ -162,5 +164,7 @@ class MatrixMessage
|
||||
function get_object() {
|
||||
return $this->message;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
@@ -1,22 +1,24 @@
|
||||
<?php
|
||||
|
||||
$config = [
|
||||
"homeserver" => "example.com",
|
||||
"access_token" => "To be used for sending the registration notification",
|
||||
|
||||
// Which e-mail-adresse shall the bot use to send e-mails?
|
||||
"register_email" => 'register_bot@example.com',
|
||||
// Where should the bot post registration requests to?
|
||||
"register_room" => '$registerRoomID:example.com',
|
||||
|
||||
// Where is the public part of the bot located? make sure you have a / at the end
|
||||
"webroot" => "https://myregisterdomain.net/",
|
||||
|
||||
// optional: Do you have a place where howTo's are located? If not leave this value out
|
||||
"howToURL" => "https://my-url-for-storing-howTos.net",
|
||||
|
||||
// set the mode of operation. Basically this defines where the data is stored:
|
||||
// - synapse (using the register endpoint - so no further auth config necessary
|
||||
// - local (recommended; using a table in the database to store credentials;
|
||||
// synapse has to be configured to use that)
|
||||
"operationMode" => "local",
|
||||
// When you want to collect the password on registration set this to true
|
||||
// only evaluated when operationMode = local
|
||||
"getPasswordOnRegistration" => false,
|
||||
|
||||
// to define where the data should be stored:
|
||||
"databaseURI" => "sqlite:" . dirname(__FILE__) . "/db_file.sqlite",
|
||||
// credentials for sqlite not used
|
||||
|
||||
6
cron.php
6
cron.php
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -36,10 +37,7 @@ foreach ($mx_db->query($sql) as $row) {
|
||||
case RegisterState::PendingEmailSend:
|
||||
$verify_url = $config["webroot"] . "/verify.php?t=" . $row["verify_token"];
|
||||
$success = send_mail_pending_verification(
|
||||
$config["homeserver"],
|
||||
$row["first_name"] . " " . $row["last_name"],
|
||||
$row["email"],
|
||||
$verify_url);
|
||||
$config["homeserver"], $row["first_name"] . " " . $row["last_name"], $row["email"], $verify_url);
|
||||
|
||||
if ($success) {
|
||||
$mx_db->setRegistrationStateById(RegisterState::PendingEmailVerify, $row["id"]);
|
||||
|
||||
17
database.php
17
database.php
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -18,8 +19,8 @@ if (!isset($config["databaseURI"])) {
|
||||
throw new Exception("malformed configuration: databaseURI not defined");
|
||||
}
|
||||
|
||||
abstract class RegisterState
|
||||
{
|
||||
abstract class RegisterState {
|
||||
|
||||
// Sending an E-Mail failed in the first attempt. Will retry later
|
||||
const PendingEmailSend = 0;
|
||||
// User got a mail. We wait for it to verfiy
|
||||
@@ -30,21 +31,19 @@ abstract class RegisterState
|
||||
const PendingAdminVerify = 6;
|
||||
// Registration failed on first attempt. Will retry
|
||||
const PendingRegistration = 7;
|
||||
|
||||
// in this case we have to reset the password of the user (or should we store it for this case?)
|
||||
const PendingSendRegistrationMail = 8;
|
||||
|
||||
// State to allow persisting in the database although an admin declined it.
|
||||
// Will be removed regularly
|
||||
const RegistrationAccepted = 7;
|
||||
const RegistrationDeclined = 13;
|
||||
|
||||
// User got successfully registered. Will be cleaned up later
|
||||
const AllDone = 100;
|
||||
|
||||
}
|
||||
|
||||
class mxDatabase
|
||||
{
|
||||
class mxDatabase {
|
||||
|
||||
private $db = NULL;
|
||||
|
||||
/**
|
||||
@@ -164,6 +163,7 @@ class mxDatabase
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function userRegistered($username) {
|
||||
$sql = "SELECT COUNT(*) FROM logins WHERE localpart = '" . $username . "' LIMIT 1;";
|
||||
$res = $this->db->query($sql);
|
||||
@@ -241,7 +241,7 @@ class mxDatabase
|
||||
$res = $this->db->query($sql);
|
||||
|
||||
if ($res->fetchColumn() > 0) {
|
||||
$sql = "SELECT first_name, last_name, note, email, admin_token FROM registrations "
|
||||
$sql = "SELECT first_name, last_name, note, email, username, admin_token FROM registrations "
|
||||
. " WHERE verify_token = '" . $verify_token . "'"
|
||||
. " AND state = " . RegisterState::PendingEmailVerify . " LIMIT 1;";
|
||||
foreach ($this->db->query($sql) as $row) {
|
||||
@@ -359,6 +359,7 @@ class mxDatabase
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if (!isset($mx_db)) {
|
||||
|
||||
15
helpers.php
15
helpers.php
@@ -1,4 +1,19 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
function stripLocalpart($mxid) {
|
||||
$localpart = NULL;
|
||||
if (!empty($mxid)) {
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -41,10 +42,9 @@ try {
|
||||
default:
|
||||
throw new Exception('unknown type for "by" param');
|
||||
}
|
||||
|
||||
} catch (Exception $e) {
|
||||
error_log("failed with error: " . $e->getMessage());
|
||||
$response["error"] = $e->getMessage();
|
||||
}
|
||||
print (json_encode($response, JSON_PRETTY_PRINT) . "\n");
|
||||
print (json_encode($response, JSON_PRETTY_PRINT));
|
||||
?>
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -65,5 +66,5 @@ try {
|
||||
error_log("ídentity_bulk failed with error: " . $e->getMessage());
|
||||
$response["error"] = $e->getMessage();
|
||||
}
|
||||
print (json_encode($response, JSON_PRETTY_PRINT) . "\n");
|
||||
print (json_encode($response, JSON_PRETTY_PRINT));
|
||||
?>
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -60,5 +61,5 @@ try {
|
||||
"error" => $e->getMessage()
|
||||
];
|
||||
}
|
||||
print (json_encode($response, JSON_PRETTY_PRINT) . "\n");
|
||||
print (json_encode($response, JSON_PRETTY_PRINT));
|
||||
?>
|
||||
|
||||
@@ -53,9 +53,7 @@ try {
|
||||
|
||||
require_once("../database.php");
|
||||
if (!$mx_db->updatePassword(
|
||||
$localpart,
|
||||
$input["auth"]["password"],
|
||||
$input["new_password"]
|
||||
$localpart, $input["auth"]["password"], $input["new_password"]
|
||||
)) {
|
||||
throw new Exception("invalid credentials or another error while updating");
|
||||
}
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -20,11 +21,15 @@ $response = [
|
||||
];
|
||||
|
||||
require_once("../database.php");
|
||||
|
||||
abstract class LoginRequester {
|
||||
|
||||
const UNDEFINED = 0;
|
||||
const MXISD = 1;
|
||||
const RestAuth = 2;
|
||||
|
||||
}
|
||||
|
||||
$loginRequester = LoginRequester::UNDEFINED;
|
||||
|
||||
try {
|
||||
@@ -103,5 +108,5 @@ try {
|
||||
error_log("Auth failed with error: " . $e->getMessage());
|
||||
$response["auth"]["error"] = $e->getMessage();
|
||||
}
|
||||
print (json_encode($response, JSON_PRETTY_PRINT) . "\n");
|
||||
print (json_encode($response, JSON_PRETTY_PRINT));
|
||||
?>
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -68,7 +69,6 @@ Wir melden uns, wenn die Registrierung erfolgreich war.
|
||||
|
||||
Das Administratoren-Team von " . $homeserver;
|
||||
return send_mail($receiver, $subject, $body);
|
||||
|
||||
}
|
||||
|
||||
function send_mail_registration_success($homeserver, $user, $receiver, $username, $password, $howToURL) {
|
||||
@@ -101,8 +101,8 @@ Bei Fragen findest du nach der Anmeldung ein paar Räume in denen du sie stellen
|
||||
|
||||
Das Administratoren-Team von " . $homeserver;
|
||||
return send_mail($receiver, $subject, $body);
|
||||
|
||||
}
|
||||
|
||||
function send_mail_registration_decline($homeserver, $user, $receiver, $reason) {
|
||||
$subject = "Registrierung auf $homeserver abgelehnt.";
|
||||
$body = "Guten Tag " . $user . ",
|
||||
@@ -118,4 +118,5 @@ Deine Registrierungsanfrage wurde durch die Administratoren abgelehnt.\n";
|
||||
$body .= "\nDas Administratoren-Team von " . $homeserver;
|
||||
return send_mail($receiver, $subject, $body);
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
@@ -13,12 +13,6 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
require_once "../language.php";
|
||||
if (!file_exists("../config.php")) {
|
||||
print($language["NO_CONFIGURATION"]);
|
||||
exit();
|
||||
}
|
||||
require_once "../config.php";
|
||||
|
||||
// enforce admin via https
|
||||
if (!isset($_SERVER['HTTPS'])) {
|
||||
@@ -26,6 +20,25 @@ if (!isset($_SERVER['HTTPS'])) {
|
||||
exit();
|
||||
}
|
||||
|
||||
require_once "../language.php";
|
||||
if (!file_exists("../config.php")) {
|
||||
print($language["NO_CONFIGURATION"]);
|
||||
exit();
|
||||
}
|
||||
require_once "../config.php";
|
||||
|
||||
// this values will not be used when using the register operation type
|
||||
$storeFirstLastName = false;
|
||||
if (isset($config["operationMode"]) && $config["operationMode"] === "local") {
|
||||
$storeFirstLastName = true;
|
||||
}
|
||||
|
||||
// currently the case to store the password on our own is the only supported one
|
||||
$storePassword = false;
|
||||
if (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"] &&
|
||||
isset($config["operationMode"]) && $config["operationMode"] === "synapse") {
|
||||
$storePassword = true;
|
||||
}
|
||||
session_start();
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
@@ -53,17 +66,22 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
if (!isset($_POST["email"]) || !filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) {
|
||||
throw new Exception("EMAIL_INVALID_FORMAT");
|
||||
}
|
||||
if (isset($_POST["first_name"]) && ! preg_match("/[A-Z][a-z]+/", $_POST["first_name"])) {
|
||||
if ($storeFirstLastName) {
|
||||
// only require first_name and last_name when we will evaluate them
|
||||
if (!isset($_POST["first_name"]) || ! preg_match("/[A-Z][a-z]+/", $_POST["first_name"])) {
|
||||
throw new Exception("FIRSTNAME_INVALID_FORMAT");
|
||||
}
|
||||
if (isset($_POST["last_name"]) && ! preg_match("/[A-Z][a-z]+/", $_POST["last_name"])) {
|
||||
if (!isset($_POST["last_name"]) || ! preg_match("/[A-Z][a-z]+/", $_POST["last_name"])) {
|
||||
throw new Exception("SIRNAME_INVALID_FORMAT");
|
||||
}
|
||||
|
||||
$first_name = filter_var($_POST["first_name"], FILTER_SANITIZE_STRING);
|
||||
$last_name = filter_var($_POST["last_name"], FILTER_SANITIZE_STRING);
|
||||
} else {
|
||||
$first_name = $last_name = "";
|
||||
}
|
||||
|
||||
$username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);
|
||||
if (isset($_POST["password"])) {
|
||||
if ($storePassword && isset($_POST["password"])) {
|
||||
$password = filter_var($_POST["password"], FILTER_SANITIZE_STRING);
|
||||
}
|
||||
$note = filter_var($_POST["note"], FILTER_SANITIZE_STRING);
|
||||
@@ -82,7 +100,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
require_once "../mail_templates.php";
|
||||
$success = send_mail_pending_verification(
|
||||
$config["homeserver"],
|
||||
$first_name . " " . $last_name,
|
||||
$storeFirstLastName ? $first_name . " " . $last_name : $username,
|
||||
$email,
|
||||
$verify_url);
|
||||
|
||||
@@ -137,6 +155,7 @@ body{
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<form name="regForm" role="form" action="index.php" method="post">
|
||||
<?php if ($storeFirstLastName) { ?>
|
||||
<div class="row">
|
||||
<div class="col-xs-6 col-sm-6 col-md-6">
|
||||
<div class="form-group">
|
||||
@@ -151,6 +170,7 @@ body{
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php } ?>
|
||||
|
||||
<div class="form-group">
|
||||
<input type="email" name="email" id="email" class="form-control input-sm" placeholder="E-Mail-Adresse" required>
|
||||
@@ -164,7 +184,7 @@ body{
|
||||
<input type="text" name="username" id="username" class="form-control input-sm"
|
||||
placeholder="Nutzername (für den Login)" pattern="[a-z1-9]{3,20}" required>
|
||||
</div>
|
||||
<?php if (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"]) { ?>
|
||||
<?php if ($storePassword) { ?>
|
||||
<div class="row">
|
||||
<div class="col-xs-6 col-sm-6 col-md-6">
|
||||
<div class="form-group">
|
||||
@@ -194,6 +214,14 @@ body{
|
||||
</div>
|
||||
</div>
|
||||
<script type="text/javascript">
|
||||
var user_name = document.getElementById("username");
|
||||
user_name.oninvalid = function(event) {
|
||||
event.target.setCustomValidity("Nutzername darf zwischen 3 und 20 kleine Buchstaben und Zahlen enthalten");
|
||||
}
|
||||
user_name.onkeyup = function (event) {
|
||||
event.target.setCustomValidity("");
|
||||
}
|
||||
<?php if ($storeFirstLastName) { ?>
|
||||
var first_name = document.getElementById("first_name");
|
||||
first_name.oninvalid = function(event) {
|
||||
event.target.setCustomValidity("Vorname muss das Format <Großbuchstabe><Kleinbuchstaben> haben");
|
||||
@@ -208,14 +236,7 @@ body{
|
||||
last_name.onkeyup = function(event) {
|
||||
event.target.setCustomValidity("");
|
||||
}
|
||||
var user_name = document.getElementById("username");
|
||||
user_name.oninvalid = function(event) {
|
||||
event.target.setCustomValidity("Nutzername darf zwischen 3 und 20 kleine Buchstaben und Zahlen enthalten");
|
||||
}
|
||||
user_name.onkeyup = function (event) {
|
||||
event.target.setCustomValidity("");
|
||||
}
|
||||
<?php if (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"]) { ?>
|
||||
<?php } if ($storePassword) { ?>
|
||||
var password = document.getElementById("password")
|
||||
, confirm_password = document.getElementById("password_confirm");
|
||||
function validatePassword(){
|
||||
@@ -230,5 +251,4 @@ body{
|
||||
<?php } ?>
|
||||
</script>
|
||||
<?php } ?>
|
||||
</body>
|
||||
</html>
|
||||
</body></html>
|
||||
|
||||
@@ -46,6 +46,7 @@ try {
|
||||
}
|
||||
$first_name = $user["first_name"];
|
||||
$last_name = $user["last_name"];
|
||||
$username = $user["username"];
|
||||
$note = $user["note"];
|
||||
$email = $user["email"];
|
||||
$admin_token = $user["admin_token"];
|
||||
@@ -54,10 +55,12 @@ try {
|
||||
$adminUrl = $config["webroot"] . "/verify_admin.php?t=" . $admin_token;
|
||||
$mxConn = new MatrixConnection($config["homeserver"], $config["access_token"]);
|
||||
$mxMsg = new MatrixMessage();
|
||||
$mxMsg->set_body($first_name . ' ' . $last_name . "möchte sich registrieren und hat folgende Notiz hinterlassen:\r\n"
|
||||
$mxMsg->set_body((strlen($first_name . $last_name) > 0 ? $first_name . " " . $last_name : $username)
|
||||
. " möchte sich registrieren und hat folgende Notiz hinterlassen:\r\n"
|
||||
. $note . "\r\n"
|
||||
. "Zum Bearbeiten hier klicken:\r\n" . $adminUrl);
|
||||
$mxMsg->set_formatted_body($first_name . ' ' . $last_name . " möchte sich registrieren und hat folgende Notiz hinterlassen:<br />"
|
||||
$mxMsg->set_formatted_body((strlen($first_name . $last_name) > 0 ? $first_name . " " . $last_name : $username)
|
||||
. " möchte sich registrieren und hat folgende Notiz hinterlassen:<br />"
|
||||
. $note . "<br />"
|
||||
. "Zum Bearbeiten <a href=\"". $adminUrl . "\">hier</a> klicken");
|
||||
$mxMsg->set_type("m.text");
|
||||
|
||||
@@ -95,7 +95,12 @@ try {
|
||||
print("<p>" . $language["ADMIN_REGISTER_ACCEPTED_BODY"] . "</p>");
|
||||
} elseif ($action == RegisterState::RegistrationDeclined) {
|
||||
$mx_db->setRegistrationStateAdmin(RegisterState::RegistrationDeclined, $token);
|
||||
send_mail_registration_decline($config["homeserver"], $first_name . " " . $last_name, $email, $decline_reason);
|
||||
send_mail_registration_decline(
|
||||
$config["homeserver"],
|
||||
strlen($first_name . $last_name) > 0 ? $first_name . " " . $last_name : $username,
|
||||
$email,
|
||||
$decline_reason
|
||||
);
|
||||
print("<title>" . $language["ADMIN_VERIFY_SITE_TITLE"] . "</title>");
|
||||
print("</head><body>");
|
||||
print("<h1>" . $language["ADMIN_VERIFY_SITE_TITLE"] . "</h1>");
|
||||
@@ -131,6 +136,8 @@ background: rgba(255, 255, 255, 0.8);
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<form name="appForm" role="form" action="verify_admin.php" method="GET">
|
||||
<?php if (isset($config["operationMode"]) && $config["operationMode"] === "local") {
|
||||
// this values will not be used when using the register operation type ?>
|
||||
<div class="row">
|
||||
<div class="col-xs-6 col-sm-6 col-md-6">
|
||||
<div class="form-group">
|
||||
@@ -145,7 +152,7 @@ background: rgba(255, 255, 255, 0.8);
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<?php } ?>
|
||||
<div class="form-group">
|
||||
<input type="text" id="note" class="form-control input-sm" value="<?php echo $note; ?>" disabled=true>
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user