update README to contain missing api endpoints; abort execution when no message should be send

- set Register_Accept to 6 internally as it reflects the same state as PendingSendRequest
- cleanups

MatrixConnection.php

@@ -1,21 +1,6 @@
 <?php
-
+class MatrixConnection
-/**
+{
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-class MatrixConnection {
-
 	private $hs;
 	private $at;
 
@@ -34,7 +19,7 @@ class MatrixConnection {
 		if (!$message) {
 			error_log("no message to send");
 			return false;
-        } elseif (is_array($message)) {
+		} elseif(is_array($message)) {
 			$send_message = $message;
 		} elseif ($message instanceof MatrixMessage) {
 			$send_message = $message->get_object();
@@ -43,8 +28,8 @@ class MatrixConnection {
 			return false;
 		}
 
-        $url = "https://" . $this->hs . "/_matrix/client/r0/rooms/"
+		$url="https://".$this->hs."/_matrix/client/r0/rooms/"
-                . urlencode($room_id) . "/send/m.room.message?access_token=" . $this->at;
+			. urlencode($room_id) ."/send/m.room.message?access_token=".$this->at;
 		$handle = curl_init($url);
 		curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
 		curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, 5);
@@ -66,10 +51,10 @@ class MatrixConnection {
 
 	function hasUser($username) {
 		if (!$username) {
-            throw new Exception("no user given to lookup");
+			throw new Exception ("no user given to lookup");
 		}
 
-        $url = "https://" . $this->hs . "/_matrix/client/r0/profile/@" . $username . ":" . $this->hs;
+		$url = "https://".$this->hs."/_matrix/client/r0/profile/@" . $username . ":" . $this->hs;
 		$handle = curl_init($url);
 		curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
 		curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, 5);
@@ -95,7 +80,7 @@ class MatrixConnection {
 				"password" => $password,
 				"mac" => $mac,
 			     );
-        $url = "https://" . $this->hs . "/_matrix/client/v2_alpha/register";
+		$url = "https://".$this->hs."/_matrix/client/v2_alpha/register";
 		$handle = curl_init($url);
 		curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
 		curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, 5);
@@ -108,6 +93,7 @@ class MatrixConnection {
 
 	function exec_curl_request($handle) {
 		$response = curl_exec($handle);
+
 		if ($response === false) {
 			$errno = curl_errno($handle);
 			$error = curl_error($handle);
@@ -115,6 +101,7 @@ class MatrixConnection {
 			curl_close($handle);
 			return false;
 		}
+
 		$http_code = intval(curl_getinfo($handle, CURLINFO_HTTP_CODE));
 		curl_close($handle);
 
@@ -131,13 +118,13 @@ class MatrixConnection {
 		} else {
 			$response = json_decode($response, true);
 		}
+
 		return $response;
 	}
-
 }
 
-class MatrixMessage {
+class MatrixMessage
-
+{
 	private $message;
 
 	function __construct() {
@@ -156,7 +143,7 @@ class MatrixMessage {
 		$this->message["body"] = $body;
 	}
 
-    function set_formatted_body($fbody, $format = "org.matrix.custom.html") {
+	function set_formatted_body($fbody, $format="org.matrix.custom.html") {
 		$this->message["formatted_body"] = $fbody;
 		$this->message["format"] = $format;
 	}
@@ -164,7 +151,5 @@ class MatrixMessage {
 	function get_object() {
 		return $this->message;
 	}
-
 }
-
 ?>

README.md

@@ -14,34 +14,17 @@ This is done in several steps:
 
 2nd step: Implement the other apis to integrade [mxisd](https://github.com/kamax-io/mxisd/blob/master/docs/backends/rest.md)
 
-This bot takes care for user accounts. So it stores the credentials itself and provides ways to access them via matrix-synapse-rest-auth or mxisd.
 ## How to install
 
 - Copy `config.sample.php` to `config.php` and configure the bot as you can find there
-- Configure your webserver to publish the folder `public`.
+- Configure your webserver to publish the folder `public` and configure.
-  The folder `internal` contains files that can be accessed by mxisd or matrix-synapse-rest-auth or else via a reverse proxy
+  The folder `internal` contains files that can be accessed by mxisd or matrix-synapse-rest-auth
-- To integrate with [matrix-synapse-rest-auth](https://github.com/kamax-io/matrix-synapse-rest-auth):
+- To integrate with matrix-synapse-rest-auth:
   - `/_matrix-internal/identity/v1/check_credentials` should map to `internal/login.php`
-- To integrate with [mxisd](https://github.com/kamax-io/mxisd): Have a look at [the docs](https://github.com/kamax-io/mxisd/blob/master/docs/backends/rest.md) and apply as follows:
+- To integrate with mxisd: Have a look at [the docs](https://github.com/kamax-io/mxisd/blob/master/docs/backends/rest.md) and apply as follows:
-
-
 | Key                            | file which handles that       | Description                                          |
 |--------------------------------|-------------------------------|------------------------------------------------------|
 | rest.endpoints.auth            | internal/login.php            | Validate credentials and get user profile            |
 | rest.endpoints.directory       | internal/directory_search.php | Search for users by arbitrary input                  |
 | rest.endpoints.identity.single | internal/identity_single.php  | Endpoint to query a single 3PID                      |
 | rest.endpoints.identity.bulk   | internal/identity_bulk.php    | Endpoint to query a list of 3PID                     |
-
-
-## Implement usage of additional features:
-### Use the ChangePasswortInterceptor:
-
-You need a reverse proxy which maps `/_matrix/client/r0/account/password` to `internal/intercept_change_password.php`.
-Here is an example for nginx:
-
-```
-        location /_matrix/client/r0/account/password {
-                proxy_pass http://localhost/mxbot/internal/intercept_change_password.php;
-                proxy_set_header X-Forwarded-For $remote_addr;
-        }
-```

config.sample.php

@@ -17,13 +17,10 @@ $config = [
 	// When you want to collect the password on registration set this to true
 	"getPasswordOnRegistration" => false,
 
-    // default language: one of [ en-gb | de-de ]
-    "defaultLanguage" => "en-gb",
-
 	// to define where the data should be stored:
 	"databaseURI" => "sqlite:" . dirname(__FILE__) . "/db_file.sqlite",
 	// credentials for sqlite not used
 	"databaseUser" => "dbUser123",
 	"databasePass" => "secretPassword",
-        ]
+]
 ?>

cron.php

@@ -1,30 +1,15 @@
 <?php
-
-/**
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 require_once("config.php");
 require_once("mail_templates.php");
 require_once("database.php");
 
 $sql = "SELECT id, first_name, last_name, username, email, state, note, verify_token, admin_token FROM registrations "
-        . "WHERE state = " . RegisterState::PendingEmailSend
+."WHERE state = ". RegisterState::PendingEmailSend
-        . " OR state = " . RegisterState::PendingAdminSend
+. " OR state = " . RegisterState::PendingAdminSend
-        . " OR state = " . RegisterState::PendingRegistration
+. " OR state = " . RegisterState::PendingRegistration
-        . " OR state = " . RegisterState::PendingSendRegistrationMail
+. " OR state = " . RegisterState::PendingSendRegistrationMail
-        . " OR state = " . RegisterState::RegistrationDeclined
+. " OR state = " . RegisterState::RegistrationDeclined
-        . " OR state = " . RegisterState::AllDone . ";";
+. " OR state = " . RegisterState::AllDone . ";";
 foreach ($mx_db->query($sql) as $row) {
 	$first_name = $row["first_name"];
 	$last_name = $row["last_name"];
@@ -37,12 +22,15 @@ foreach ($mx_db->query($sql) as $row) {
 			case RegisterState::PendingEmailSend:
 				$verify_url = $config["webroot"] . "/verify.php?t=" . $row["verify_token"];
 				$success = send_mail_pending_verification(
-                        $config["homeserver"], $row["first_name"] . " " . $row["last_name"], $row["email"], $verify_url);
+						$config["homeserver"],
+						$row["first_name"] . " " . $row["last_name"],
+						$row["email"],
+						$verify_url);
 
 				if ($success) {
 					$mx_db->setRegistrationStateById(RegisterState::PendingEmailVerify, $row["id"]);
 				} else {
-                    throw new Exception("Could not send mail to " . $row["first_name"] . " " . $row["last_name"] . "(" . $row["id"] . ")");
+					throw new Exception("Could not send mail to ".$row["first_name"]." ".$row["last_name"]."(".$row["id"].")");
 				}
 				break;
 			case RegisterState::PendingAdminSend:
@@ -55,7 +43,7 @@ foreach ($mx_db->query($sql) as $row) {
 						. "Zum Bearbeiten hier klicken:\r\n" . $adminUrl);
 				$mxMsg->set_formatted_body($first_name . ' ' . $last_name . " möchte sich registrieren und hat folgende Notiz hinterlassen:<br />"
 						. $row["note"] . "<br />"
-                        . "Zum Bearbeiten <a href=\"" . $adminUrl . "\">hier</a> klicken");
+						. "Zum Bearbeiten <a href=\"". $adminUrl . "\">hier</a> klicken");
 				$mxMsg->set_type("m.text");
 				$response = $mxConn->send($config["register_room"], $mxMsg);
 
@@ -64,7 +52,7 @@ foreach ($mx_db->query($sql) as $row) {
 
 					send_mail_pending_approval($config["homeserver"], $first_name . " " . $last_name, $email);
 				} else {
-                    throw new Exception("Could not send notification for " . $row["first_name"] . " " . $row["last_name"] . "(" . $row["id"] . ") to admins.");
+					throw new Exception("Could not send notification for ".$row["first_name"]." ".$row["last_name"]."(".$row["id"].") to admins.");
 				}
 				break;
 			case RegisterState::PendingRegistration:

database.php

@@ -1,26 +1,11 @@
 <?php
-
-/**
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 require_once("config.php");
 if (!isset($config["databaseURI"])) {
-    throw new Exception("malformed configuration: databaseURI not defined");
+	throw new Exception ("malformed configuration: databaseURI not defined");
 }
 
-abstract class RegisterState {
+abstract class RegisterState
-
+{
 	// Sending an E-Mail failed in the first attempt. Will retry later
 	const PendingEmailSend = 0;
 	// User got a mail. We wait for it to verfiy
@@ -31,19 +16,21 @@ abstract class RegisterState {
 	const PendingAdminVerify = 6;
 	// Registration failed on first attempt. Will retry
 	const PendingRegistration = 7;
+
 	// in this case we have to reset the password of the user (or should we store it for this case?)
 	const PendingSendRegistrationMail = 8;
+
 	// State to allow persisting in the database although an admin declined it.
 	// Will be removed regularly
 	const RegistrationAccepted = 7;
 	const RegistrationDeclined = 13;
+
 	// User got successfully registered. Will be cleaned up later
 	const AllDone = 100;
-
 }
 
-class mxDatabase {
+class mxDatabase
-
+{
 	private $db = NULL;
 
 	/**
@@ -163,7 +150,6 @@ class mxDatabase {
 		}
 		return false;
 	}
-
 	function userRegistered($username) {
 		$sql = "SELECT COUNT(*) FROM logins WHERE localpart = '" . $username . "' LIMIT 1;";
 		$res = $this->db->query($sql);
@@ -186,10 +172,12 @@ class mxDatabase {
 	 */
 	function addRegistration($first_name, $last_name, $username, $note, $email) {
 		if ($this->userPendingRegistrations($username)) {
-            throw new Exception("USERNAME_PENDING_REGISTRATION");
+			require_once("language.php");
+			throw new Exception($language["USERNAME_PENDING_REGISTRATION"]." (requested)");
 		}
 		if ($this->userRegistered($username)) {
-            throw new Exception("USERNAME_REGISTERED");
+			require_once("language.php");
+			throw new Exception($language["USERNAME_REGISTERED"] . " (registered)");
 		}
 
 		$verify_token = bin2hex(random_bytes(16));
@@ -197,11 +185,11 @@ class mxDatabase {
 
 		$this->db->exec("INSERT INTO registrations
 			(first_name, last_name, username, note, email, verify_token, admin_token)
-			VALUES ('" . $first_name . "','" . $last_name . "','" . $username . "','" . $note . "','"
+			VALUES ('" . $first_name."','" . $last_name . "','" . $username . "','"	. $note . "','"
-                . $email . "','" . $verify_token . "','" . $admin_token . "')");
+			. $email."','"	.$verify_token."','"	.$admin_token."')");
 
 		return [
-            "verify_token" => $verify_token,
+			"verify_token"=> $verify_token,
 		];
 	}
 
@@ -215,6 +203,7 @@ class mxDatabase {
 		$sql = "SELECT COUNT(*) FROM registrations WHERE admin_token = '" . $admin_token . "'"
 			. " AND state = " . RegisterState::PendingAdminVerify . " LIMIT 1;";
 		$res = $this->db->query($sql);
+		$first_name = NULL; $last_name = NULL; $username = NULL; $note = NULL; $email = NULL;
 
 		if ($res->fetchColumn() > 0) {
 			$sql = "SELECT first_name, last_name, username, note, email FROM registrations"
@@ -239,6 +228,7 @@ class mxDatabase {
 		$sql = "SELECT COUNT(*) FROM registrations WHERE verify_token = '" . $verify_token . "'"
 			. " AND state = " . RegisterState::PendingEmailVerify . " LIMIT 1;";
 		$res = $this->db->query($sql);
+		$first_name = NULL; $last_name = NULL; $username = NULL; $note = NULL; $email = NULL;
 
 		if ($res->fetchColumn() > 0) {
 			$sql = "SELECT first_name, last_name, note, email, admin_token FROM registrations "
@@ -290,10 +280,10 @@ class mxDatabase {
 
 		// generate a password with 10 characters
 		$password = bin2hex(openssl_random_pseudo_bytes(5));
-        $password_hash = password_hash($password, PASSWORD_BCRYPT, ["cost" => 12]);
+		$password_hash = password_hash($password, PASSWORD_BCRYPT, ["cost"=>12]);
 
 		$sql = "INSERT INTO logins (first_name, last_name, localpart, password_hash, email) VALUES "
-                . "('" . $first_name . "','" . $last_name . "','" . $username . "','"
+			. "('" . $first_name."','" . $last_name . "','" . $username . "','"
 			. $password_hash . "','" . $email . "');";
 
 		if ($this->db->exec($sql)) {
@@ -302,24 +292,6 @@ class mxDatabase {
 		return NULL;
 	}
 
-    function updatePassword($localpart, $old_password, $new_password) {
-        $user = $this->getUserForLogin($localpart, $old_password);
-        if ($user == NULL) {
-            throw new Exception("user with that credentials not found");
-        }
-
-        // The credentials were fine. So now set the new password
-        $password_hash = password_hash($new_password, PASSWORD_BCRYPT, ["cost" => 12]);
-
-        $sql = "UPDATE logins SET password_hash = '" . $password_hash . "'"
-                . "WHERE localpart = '" . $localpart . "'";
-
-        if ($this->db->exec($sql)) {
-            return true;
-        }
-        return false;
-    }
-
 	function searchUserByName($search_term) {
 		$term = filter_var($search_term, FILTER_SANITIZE_STRING);
 		$result = array();
@@ -359,7 +331,6 @@ class mxDatabase {
 		}
 		return $result;
 	}
-
 }
 
 if (!isset($mx_db)) {

helpers.php

@@ -1,33 +0,0 @@
-<?php
-
-/**
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-function stripLocalpart($mxid) {
-    $localpart = NULL;
-    if (!empty($mxid)) {
-        // A mxid would start with an @ so we start at the 2. position
-        $sepPos = strpos($mxid, ':', 1);
-        if ($sepPos === false) {
-            // : not found. Assume mxid is localpart
-            // TODO: further checks
-            $localpart = $mxid;
-        } else {
-            $localpart = substr($mxid, 1, strpos($mxid, ':') - 1);
-        }
-    }
-    return $localpart;
-}
-
-?>

internal/directory_search.php

@@ -1,21 +1,6 @@
 <?php
-
-/**
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 require_once("../database.php");
-$response = [
+$response=[
     "limited" => false,
     "result" => [],
 ];
@@ -40,8 +25,9 @@ try {
             $response["result"] = $mx_db->searchUserByEmail($input["search_term"]);
             break;
         default:
-            throw new Exception('unknown type for "by" param');
+            throw new Exception("unknown type for \"by\" param");
     }
+    
 } catch (Exception $e) {
     error_log("failed with error: " . $e->getMessage());
     $response["error"] = $e->getMessage();

internal/identity_bulk.php

@@ -1,19 +1,4 @@
 <?php
-
-/**
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 require_once("../database.php");
 $response = [
     "lookup" => []
@@ -38,7 +23,7 @@ try {
         if (!isset($lookup["address"])) {
             throw new Exception('"lookup.address" is not defined');
         }
-        $res2 = NULL;
+        $res2 = array();
         switch ($lookup["medium"]) {
             case "email":
                 $res2 = $mx_db->searchUserByEmail($lookup["address"]);
@@ -55,11 +40,9 @@ try {
                 }
 		break;
             case "msisdn":
-                // This is reserved for number lookups
-                throw new Exception("unimplemented lookup medium");
                 break;
             default:
-                throw new Exception("unknown lookup medium");
+                throw new Exception("unknown type for \"by\" param");
         }
     }
 } catch (Exception $e) {

internal/identity_single.php

@@ -1,19 +1,4 @@
 <?php
-
-/**
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 require_once("../database.php");
 $response = new stdClass;
 try {
@@ -31,7 +16,7 @@ try {
     if (!isset($input["lookup"]["address"])) {
         throw new Exception('"lookup.address" is not defined');
     }
-    $res2 = NULL;
+    $res2 = array();
     switch ($input["lookup"]["medium"]) {
         case "email":
             $res2 = $mx_db->searchUserByEmail($input["lookup"]["address"]);
@@ -47,19 +32,15 @@ try {
                     ]
                 ];
             }
-            break;
+            
-        case "msisdn":
+
-            // This is reserved for number lookups
-            throw new Exception("unimplemented lookup medium");
             break;
         default:
-            throw new Exception("unknown lookup medium");
+            throw new Exception("unknown type for \"by\" param");
     }
 } catch (Exception $e) {
-    error_log("ídentity_single failed with error: " . $e->getMessage());
+    error_log("ídentity_bulk failed with error: " . $e->getMessage());
-    $response = [
+    $response["error"] = $e->getMessage();
-        "error" => $e->getMessage()
-    ];
 }
 print (json_encode($response, JSON_PRETTY_PRINT) . "\n");
 ?>

internal/intercept_change_password.php

@@ -1,69 +0,0 @@
-<?php
-
-/**
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-// URL for this: /_matrix/client/r0/account/password?access_token=$ACCESS_TOKEN
-
-header('Access-Control-Allow-Origin: *');
-header('Access-Control-Allow-Methods: POST, OPTIONS');
-header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization');
-if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
-    print ("{}");
-    // return with success
-    exit();
-}
-$response = new stdClass;
-try {
-    $inputJSON = file_get_contents('php://input');
-    $input = json_decode($inputJSON, TRUE);
-    if (empty($input)) {
-        throw new Exception('no valid json as input present');
-    }
-    if (!isset($input["auth"])) {
-        throw new Exception('"auth" is not defined');
-    }
-    if (!isset($input["auth"]["user"]) || !isset($input["auth"]["password"])) {
-        throw new Exception('"auth.user" or "auth.password" is not defined');
-    }
-    if (!isset($input["auth"]["type"]) || $input["auth"]["type"] !== "m.login.password") {
-        throw new Exception('no or unknown auth.type');
-    }
-    if (!isset($input["new_password"])) {
-        throw new Exception('"new_password" is not defined');
-    }
-
-    require_once("../helpers.php");
-    $localpart = stripLocalpart($input["auth"]["user"]);
-
-    if (empty($localpart)) {
-        throw new Exception("localpart cannot be identified");
-    }
-
-    require_once("../database.php");
-    if (!$mx_db->updatePassword(
-                    $localpart, $input["auth"]["password"], $input["new_password"]
-            )) {
-        throw new Exception("invalid credentials or another error while updating");
-    }
-} catch (Exception $e) {
-    header("HTTP/1.0 500 Internal Error");
-    error_log("failed with error: " . $e->getMessage());
-    $response = [
-        "errorcode" => "M_UNKNOWN",
-        "error" => $e->getMessage(),
-    ];
-}
-print (json_encode($response, JSON_PRETTY_PRINT));
-?>

internal/login.php

@@ -1,19 +1,4 @@
 <?php
-
-/**
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 $response = [
     "auth" => [
         "success" => false,
@@ -21,21 +6,18 @@ $response = [
 ];
 
 require_once("../database.php");
-
 abstract class LoginRequester {
-
     const UNDEFINED = 0;
     const MXISD = 1;
     const RestAuth = 2;
-
 }
-
 $loginRequester = LoginRequester::UNDEFINED;
 
 try {
     $inputJSON = file_get_contents('php://input');
     $input = json_decode($inputJSON, TRUE);
-    $mxid = $localpart = NULL;
+    $mxid = NULL;
+    $localpart = NULL;
     if (isset($input["user"])) {
         if (isset($input["user"]["localpart"])) {
             $localpart = $input["user"]["localpart"];
@@ -49,27 +31,32 @@ try {
             $mxid = $input["user"]["mxid"];
             $loginRequester = LoginRequester::MXISD;
         }
-    } else {
-        throw new Exception('"user" not in request body');
     }
 
     // prefer the localpart attribute of mxisd. But in case of matrix-synapse-rest-auth
     // we have to parse it on our own
-    if (empty($localpart)) {
+    if (empty($localpart) && !empty($mxid)) {
-        require_once("../helpers.php");
+        // A mxid would start with an @ so we start at the 2. position
-        $localpart = stripLocalpart($mxid);
+        $sepPos = strpos($mxid,':', 1);
+        if ($sepPos === false) {
+            // : not found. Assume mxid is localpart
+            // TODO: further checks
+            $localpart = $mxid;
+        } else {
+            $localpart = substr($mxid, 1, strpos($mxid,':') - 1 );
+        }
     }
     
     if (empty($localpart)) {
-        throw new Exception("localpart cannot be identified");
+        throw new Exception ("localpart cannot be identified");
     }
     
     $password = NULL;
-    if (isset($input["user"]["password"])) {
+    if (isset($input["user"]) && isset($input["user"]["password"])) {
         $password = $input["user"]["password"];
     }
     if (empty($password)) {
-        throw new Exception("password is not present");
+        throw new Exception ("password is not present");
     }
 
     $user = $mx_db->getUserForLogin($localpart, $password);
@@ -101,7 +88,6 @@ try {
             // only return that it was successful.
             // we do not know how the data shall be transmitted so we do nothing with it
             $response["auth"]["success"] = false;
-            $response["auth"]["error"] = "unidentified requester";
             break;
     }    
 } catch (Exception $e) {

lang/lang.de-de.php

@@ -1,19 +1,4 @@
 <?php
-
-/**
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 $language = array(
     "NO_CONFIGURATION" => "Es konnte keine Konfiguration gefunden werden.",
     "UNKNOWN_SESSION" => "Sitzungstoken nicht vorhanden oder ungültig.",

lang/lang.en-gb.php

@@ -1,41 +0,0 @@
-<?php
-/**
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-$language = array(
-    "NO_CONFIGURATION" => "No configuration found",
-    "UNKNOWN_SESSION" => "Session token not found of invalid.",
-    "UNKNOWN_USERNAME" => "username unknown",
-    "UNKNOWN_TOKEN" => "Token is unknown",
-    "USERNAME_LENGTH_INVALID" => "Username cpnsists pf more than 20 or less than 3 characters",
-    "USERNAME_NOT_ALNUM" => "Username is not alphanumeric",
-    "USERNAME_PENDING_REGISTRATION" => "This username is locked for registration. Try again later or try again with a different username",
-    "USERNAME_REGISTERED" => "This username is already registered. Please try again with another username",
-    "PASSWORD_NOT_MATCH" => "passwords do not match",
-    "NOTE_LENGTH_EXEEDED" => "Note consists of more than 50 characters",
-    "EMAIL_INVALID_FORMAT" => "no valid email address",
-    "FIRSTNAME_INVALID_FORMAT" => "First name with invalid formatting",
-    "SIRNAME_INVALID_FORMAT" => "Sirname with invalid formatting",
-    "SEND_MAIL_FAIL" => "Email could not be sent",
-    "SEND_MATRIX_FAIL" => "Sending a message to the admins failed",
-    "REGISTRATION_REQUEST_FAILED" => "Registration request failed",
-    "REGISTRATION_FAILED" => "Registration failed",
-    "VERIFICATION_SUCEEDED" => "Verification suceeded",
-    "VERIFICATION_FAILED" => "Verification failed",
-    "VERIFICATION_SUCCESS_BODY" => "Thank you. The admins got informed",
-    "ADMIN_VERIFY_SITE_TITLE" => "Handle registration request",
-    "ADMIN_REGISTER_ACCEPTED_BODY" => "The registration request got accepted. The user got notified per email.",
-    "ADMIN_REGISTER_DECLINED_BODY" => "The registration request got declined. The user got notified per email.",
-);
-?>

lang/mail.de-de.php

@@ -1,124 +0,0 @@
-<?php
-/**
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-function send_mail($receiver, $subject, $body) {
-	include("config.php");
-	$headers = "From: " . $config["register_email"] . "\r\n"
-		. "Content-Type: text/plain;charset=utf-8";
-	return mail($receiver, $subject, $body, $headers);
-}
-
-function send_mail_pending_verification($homeserver, $user, $receiver, $verify_url) {
-	$subject = "Bitte bestätige Registrierung auf $homeserver";
-	$body = "Guten Tag " . $user . ",
-
-Du hast anscheinend versucht dich auf $homeserver zu registrieren.
-Hier gibt es eine zweistufige Registrierung.
-
-Wir möchten dich bitten, dass du kurz bestätigst, dass du die Registrierung durchgeführt hast.
-Gehe dafür auf folgenden Link:
-$verify_url
-
-Erst anschließend werden die Administratoren über deine Registrierungsanfrage informiert.
-
-Hinweis: Du hast ca. 48 Stunden Zeit um die Bestätigung durchzuführen.
-Danach ist eine Re-Registrierung mit deinem gewünschten Nutzernamen für andere wieder möglich.
-
-Vielen Dank für dein Verständnis.
-
-Das Administratoren-Team von " . $homeserver;
-	return send_mail($receiver, $subject, $body );
-}
-
-function send_mail_pending_approval($homeserver, $user, $receiver) {
-	$subject = "Registrierung wartet auf Bestätigung durch Administratoren";
-	$body = "Guten Tag " . $user . ",
-
-Deine Registrierungsanfrage wurde verifiziert und wird nun durch die Administratoren überprüft.
-
-Du bekommst eine weitere E-Mail, sobald deine Registrierung bestätigt oder ablehnt wurde.
-
-Vielen Dank für dein Verständnis.
-
-Das Administratoren-Team von " . $homeserver;
-	return send_mail($receiver, $subject, $body );
-}
-
-function send_mail_registration_allowed_but_failed($homeserver, $user, $receiver) {
-	$subject = "Registrierung auf $homeserver genehmigt";
-	$body = "Guten Tag " . $user . ",
-
-Deine Registrierungsanfrage wurde durch die Administratoren bestätigt.
-
-Leider ist beim Registrieren ein Fehler aufgetaucht. Der Registrierungversuch wird bald wiederholt.
-Wir hoffen, das Problem ist bald behoben.
-Wir melden uns, wenn die Registrierung erfolgreich war.
-
-Das Administratoren-Team von " . $homeserver;
-	return send_mail($receiver, $subject, $body);
-
-}
-
-function send_mail_registration_success($homeserver, $user, $receiver, $username, $password, $howToURL) {
-	$subject = "Registrierung auf $homeserver erfolgreich";
-	$body = "Guten Tag " . $user . ",
-
-Deine Registrierungsanfrage wurde durch die Administratoren bestätigt.
-
-Zum Anmelden kannst du folgende Zugangsdaten verwenden:
-Nutzername: $username
-Passwort: $password
-
-Hinweis: Das Passwort kannst du aktuell über die App selbst ändern. Auch wenn das Passwort nirgends
-im Klartext gespeichert wird, kann jemand Zugriff auf diese Mail erlangen und so den Zugriff bekommen.
-";
-/*
-Wichtig: Bitte ändere das Passwort direkt nach der Anmeldung.
-Es wird zwar von unserer Seite nicht gespeichert, doch fremde könnten Zugriff auf diese E-Mail
-erhalten und so deinen Account kompromittieren.
- */
-if (!empty($howToURL)) {
-	$body .= "
-Zu weiteren Hilfestellungen findest du hier eine Auflistung von verschiedenen
-Anleitungen zu verschiedenen Clients:
-$howToURL\n";
-}
-	$body .= "
-Viel Spaß bei der Verwendung von $homeserver.
-Bei Fragen findest du nach der Anmeldung ein paar Räume in denen du sie stellen kannst.
-
-Das Administratoren-Team von " . $homeserver;
-	return send_mail($receiver, $subject, $body);
-
-}
-function send_mail_registration_decline($homeserver, $user, $receiver, $reason) {
-	$subject = "Registrierung auf $homeserver abgelehnt";
-	$body = "Guten Tag " . $user . ",
-
-Deine Registrierungsanfrage wurde durch die Administratoren abgelehnt.\n";
-
-	if (empty($reason)) {
-		$body .= "\nEs wurde kein Grund angegeben\n";
-	} else {
-		$body .= "\nAls Grund wurde folgendes angegeben:\n$reason\n";
-	}
-
-	$body .= "
-Wir hoffen, dass du dies akzeptieren kannst.
-
-Das Administratoren-Team von " . $homeserver;
-	return send_mail($receiver, $subject, $body );
-}
-?>

lang/mail.en-gb.php

@@ -1,118 +0,0 @@
-<?php
-/**
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-function send_mail($receiver, $subject, $body) {
-	include("config.php");
-	$headers = "From: " . $config["register_email"] . "\r\n"
-		. "Content-Type: text/plain;charset=utf-8";
-	return mail($receiver, $subject, $body, $headers);
-}
-
-function send_mail_pending_verification($homeserver, $user, $receiver, $verify_url) {
-	$subject = "Pleast approve your registration request on $homeserver";
-	$body = "Dear " . $user . ",
-
-It seems that you tried to register on $homeserver.
-This homeserver requires a two step registration.
-
-For this we want you to verify that you want to register. For this please click on this link:
-$verify_url
-
-The admins will informed about your registration request once you clicked on this link.
-
-Note: This registration request will be cleaned up in 48 hours.
-Others might take your username afterwards.
-
-Thanks for your patience.
-
-The admin team of " . $homeserver;
-	return send_mail($receiver, $subject, $body );
-}
-
-function send_mail_pending_approval($homeserver, $user, $receiver) {
-	$subject = "Registration is pending verification from an admin";
-	$body = "Dear " . $user . ",
-
-You have verified your registration request. The admins are now checking your request.
-
-You will get an email once they approve or decline your request.
-
-Sincerely,
-
-The admin team of " . $homeserver;
-	return send_mail($receiver, $subject, $body );
-}
-
-function send_mail_registration_allowed_but_failed($homeserver, $user, $receiver) {
-	$subject = "Registration on $homeserver got approved";
-	$body = "Dear " . $user . ",
-
-Your registration request got approved by the admin team.
-
-But there was a problem when triggering the registration request. It will be retried in a few minutes.
-We hope that the issue will be fixed soon.
-You will get another email with initial credentials once the registration got handled completely.
-
-The admin team of " . $homeserver;
-	return send_mail($receiver, $subject, $body);
-
-}
-
-function send_mail_registration_success($homeserver, $user, $receiver, $username, $password, $howToURL) {
-	$subject = "Registration on $homeserver got approved";
-	$body = "Dear " . $user . ",
-
-Your registration request got verified by the admin team.
-
-To log in you can use the following credentials::
-Username: $username
-Password: $password
-
-Important: Please change your password as soon as possible after your first login.
-The password is not stored in clear text on the server but people could get access to this mail
-and compromise your account.
-";
-if (!empty($howToURL)) {
-	$body .= "
-You can find further help here::
-$howToURL\n";
-}
-	$body .= "
-Enjoy your usage of $homeserver.
-You can ask further questions inside of the chat system.
-
-The admin team of " . $homeserver;
-	return send_mail($receiver, $subject, $body);
-
-}
-function send_mail_registration_decline($homeserver, $user, $receiver, $reason) {
-	$subject = "Registration on $homeserver declined.";
-	$body = "Guten Tag " . $user . ",
-
-Your registration request got declined by the admin team.\n";
-
-	if (empty($reason)) {
-		$body .= "\nThey did not provide any reason for this\n";
-	} else {
-		$body .= "\nThey provide following hint for you:\n$reason\n";
-	}
-
-	$body .= "
-We hope that you can understand this reason.
-
-The admin team of " . $homeserver;
-	return send_mail($receiver, $subject, $body );
-}
-?>

language.php

@@ -1,31 +1,13 @@
 <?php
-
+$lang = "de-de";
-/**
+if(isset($_GET['lang'])){
- * Copyright 2018 Matthias Kesler
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-require_once("config.php");
-$lang = $config["defaultLanguage"];
-
-if (isset($_GET['lang'])) {
 	$lang = filter_var($_GET['lang'], FILTER_SANITIZE_STRING);
 }
-$lang_file = dirname(__FILE__) . "/lang/lang." . $lang . ".php";
+$lang_file = dirname(__FILE__) . "/lang/lang.".$lang.".php";
 if (!file_exists($lang_file)) {
 	error_log("Translation for " . $lang . " not found. Fallback to 'de-de'");
 	$lang = "de-de";
 }
-$lang_file = dirname(__FILE__) . "/lang/lang." . $lang . ".php";
 require_once($lang_file);
 unset($lang_file);
 ?>

mail_templates.php

@@ -1,29 +1,108 @@
 <?php
 
-/**
+function send_mail($receiver, $subject, $body) {
- * Copyright 2018 Matthias Kesler
+	include("config.php");
- * Licensed under the Apache License, Version 2.0 (the "License");
+	$headers = "From: " . $config["register_email"] . "\r\n"
- * you may not use this file except in compliance with the License.
+		. "Content-Type: text/plain;charset=utf-8";
- * You may obtain a copy of the License at
+	return mail($receiver, $subject, $body, $headers);
- * 
+}
- * http://www.apache.org/licenses/LICENSE-2.0
+
- * 
+function send_mail_pending_verification($homeserver, $user, $receiver, $verify_url) {
- * Unless required by applicable law or agreed to in writing, software
+	$subject = "Bitte bestätige Registrierung auf $homeserver";
- * distributed under the License is distributed on an "AS IS" BASIS,
+	$body = "Guten Tag " . $user . ",
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+
- * See the License for the specific language governing permissions and
+Du hast anscheinend versucht dich auf $homeserver zu registrieren.
- * limitations under the License.
+Hier gibt es eine zweistufige Registrierung.
+
+Wir möchten dich bitten, dass du kurz bestätigst, dass du die Registrierung durchgeführt hast.
+Gehe dafür auf folgenden Link:
+$verify_url
+
+Erst anschließend werden die Administratoren über deine Registrierungsanfrage informiert.
+
+Hinweis: Du hast ca. 48 Stunden Zeit um die Bestätigung durchzuführen.
+Danach ist eine Re-Registrierung mit deinem gewünschten Nutzernamen für andere wieder möglich.
+
+Vielen Dank für dein Verständnis.
+
+Das Administratoren-Team von " . $homeserver;
+	return send_mail($receiver, $subject, $body );
+}
+
+function send_mail_pending_approval($homeserver, $user, $receiver) {
+	$subject = "Registrierung wartet auf Bestätigung durch Administratoren";
+	$body = "Guten Tag " . $user . ",
+
+Deine Registrierungsanfrage wurde verifiziert und wird nun durch die Administratoren überprüft.
+
+Du bekommst eine weitere E-Mail, sobald deine Registrierung bestätigt oder ablehnt wurde.
+
+Vielen Dank für dein Verständnis.
+
+Das Administratoren-Team von " . $homeserver;
+	return send_mail($receiver, $subject, $body );
+}
+
+function send_mail_registration_allowed_but_failed($homeserver, $user, $receiver) {
+	$subject = "Registrierung auf $homeserver genehmigt.";
+	$body = "Guten Tag " . $user . ",
+
+Deine Registrierungsanfrage wurde durch die Administratoren bestätigt.
+
+Leider ist beim Registrieren ein Fehler aufgetaucht. Der Registrierungversuch wird bald wiederholt.
+Wir hoffen, das Problem ist bald behoben.
+Wir melden uns, wenn die Registrierung erfolgreich war.
+
+Das Administratoren-Team von " . $homeserver;
+	return send_mail($receiver, $subject, $body);
+
+}
+
+function send_mail_registration_success($homeserver, $user, $receiver, $username, $password, $howToURL) {
+	$subject = "Registrierung auf $homeserver erfolgreich.";
+	$body = "Guten Tag " . $user . ",
+
+Deine Registrierungsanfrage wurde durch die Administratoren bestätigt.
+
+Zum Anmelden kannst du folgende Zugangsdaten verwenden:
+Nutzername: $username
+Passwort: $password
+
+Hinweis: Aktuell ist es nicht möglich, das Passwort selbst zu ändern. Sobald die Funktionalität zur
+Verfügung steht, gibt es aber einen Hinweis.
+";
+/*
+Wichtig: Bitte ändere das Passwort direkt nach der Anmeldung.
+Es wird zwar von unserer Seite nicht gespeichert, doch fremde könnten Zugriff auf diese E-Mail
+erhalten und so deinen Account kompromittieren.
  */
-require_once("config.php");
+if (!empty($howToURL)) {
-$lang = $config["defaultLanguage"];
+	$body .= "
-if (isset($_GET['lang'])) {
+Zu weiteren Hilfestellungen findest du hier eine Auflistung von verschiedenen
-    $lang = filter_var($_GET['lang'], FILTER_SANITIZE_STRING);
+Anleitungen zu verschiedenen Clients:
+$howToURL\n";
 }
-$lang_file = dirname(__FILE__) . "/lang/mail." . $lang . ".php";
+	$body .= "
-if (!file_exists($lang_file)) {
+Viel Spaß bei der Verwendung von $homeserver.
-    error_log("Mail templates for '" . $lang . "' not found. Fallback to 'de-de'");
+Bei Fragen findest du nach der Anmeldung ein paar Räume in denen du sie stellen kannst.
-    $lang = "de-de";
+
+Das Administratoren-Team von " . $homeserver;
+	return send_mail($receiver, $subject, $body);
+
+}
+function send_mail_registration_decline($homeserver, $user, $receiver, $reason) {
+	$subject = "Registrierung auf $homeserver abgelehnt.";
+	$body = "Guten Tag " . $user . ",
+
+Deine Registrierungsanfrage wurde durch die Administratoren abgelehnt.\n";
+
+	if (empty($reason)) {
+		$body .= "\nEs wurde kein Grund angegeben\n";
+	} else {
+		$body .= "\nAls Grund wurde folgendes angegeben:\n$reason\n";
+	}
+
+	$body .= "\nDas Administratoren-Team von " . $homeserver;
+	return send_mail($receiver, $subject, $body );
 }
-require_once($lang_file);
-unset($lang_file);
 ?>

public/index.php

@@ -1,18 +1,6 @@
-<html><head><?php
+<html>
-/**
+	<head>
- * Copyright 2018 Matthias Kesler
+<?php
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 require_once "../language.php";
 if (!file_exists("../config.php")) {
 	print($language["NO_CONFIGURATION"]);
@@ -22,7 +10,7 @@ require_once "../config.php";
 
 // enforce admin via https
 if (!isset($_SERVER['HTTPS'])) {
-    header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], true, 301);
+	header('Location: https://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'], true, 301);
 	exit();
 }
 
@@ -32,32 +20,32 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 	try {
 		if (!isset($_SESSION["token"]) || !isset($_POST["token"]) || $_SESSION["token"] != $_POST["token"]) {
 			// token not present or invalid
-            throw new Exception("UNKNOWN_SESSION");
+			throw new Exception($language["UNKNOWN_SESSION"]);
 		}
 		if (!isset($_POST["username"])) {
-            throw new Exception("UNKNOWN_USERNAME");
+			throw new Exception($language["UNKNOWN_USERNAME"]);
 		}
 		if (strlen($_POST["username"] > 20 || strlen($_POST["username"]) < 3)) {
-            throw new Exception("USERNAME_LENGTH_INVALID");
+			throw new Exception($language["USERNAME_LENGTH_INVALID"]);
 		}
 		if (ctype_alnum($_POST['username']) != true) {
-            throw new Exception("USERNAME_NOT_ALNUM");
+			throw new Exception($language["USERNAME_NOT_ALNUM"]);
 		}
 		if (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"] &&
 			$_POST["password"] != $_POST["password_confirm"]) {
-            throw new Exception("PASSWORD_NOT_MATCH");
+			throw new Exception($language["PASSWORD_NOT_MATCH"]);
 		}
 		if (isset($_POST["note"]) && strlen($_POST["note"]) > 50) {
-            throw new Exception("NOTE_LENGTH_EXEEDED");
+			throw new Exception($language["NOTE_LENGTH_EXEEDED"]);
 		}
 		if (!isset($_POST["email"]) || !filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) {
-            throw new Exception("EMAIL_INVALID_FORMAT");
+			throw new Exception($language["EMAIL_INVALID_FORMAT"]);
 		}
-        if (isset($_POST["first_name"]) && !preg_match("/[A-Z][a-z]+/", $_POST["first_name"])) {
+		if (isset($_POST["first_name"]) && ! preg_match("/[A-Z][a-z]+/", $_POST["first_name"])) {
-            throw new Exception("FIRSTNAME_INVALID_FORMAT");
+			throw new Exception($language["FIRSTNAME_INVALID_FORMAT"]);
 		}
-        if (isset($_POST["last_name"]) && !preg_match("/[A-Z][a-z]+/", $_POST["last_name"])) {
+		if (isset($_POST["last_name"]) && ! preg_match("/[A-Z][a-z]+/", $_POST["last_name"])) {
-            throw new Exception("SIRNAME_INVALID_FORMAT");
+			throw new Exception($language["SIRNAME_INVALID_FORMAT"]);
 		}
 
 		$first_name = filter_var($_POST["first_name"], FILTER_SANITIZE_STRING);
@@ -74,17 +62,21 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 
 		if (!isset($res["verify_token"])) {
 			error_log("sth. went wrong. registration did not throw but admin_token not set");
-            throw Exception("Unknown Error");
+			throw Exception ("Unknown Error");
 		}
 		$verify_token = $res["verify_token"];
 
 		$verify_url = $config["webroot"] . "/verify.php?t=" . $verify_token;
 		require_once "../mail_templates.php";
 		$success = send_mail_pending_verification(
-                $config["homeserver"], $first_name . " " . $last_name, $email, $verify_url);
+			$config["homeserver"],
+			$first_name . " " . $last_name,
+			$email,
+			$verify_url);
 
 		$mx_db->setRegistrationStateVerify(
-                ($success ? RegisterState::PendingEmailVerify : RegisterState::PendingEmailSend), $verify_token);
+			($success ? RegisterState::PendingEmailVerify : RegisterState::PendingEmailSend),
+			$verify_token);
 
 		print("<title>Erfolgreich</title>");
 		print("</head><body>");
@@ -95,35 +87,31 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 		print("<title>" . $language["REGISTRATION_REQUEST_FAILED"] . "</title>");
 		print("</head><body>");
 		print("<h1>" . $language["REGISTRATION_REQUEST_FAILED"] . "</h1>");
-        if (isset($language[$e->getMessage()])) {
-            print("<p>" . $language[$e->getMessage()] . "</p>");
-        } else {
 		print("<p>" . $e->getMessage() . "</p>");
-        }
 		print("<a href=\"" . $config["webroot"] . "/index.php" . "\">Zur Registrierungsseite</a>");
 	}
 } else {
 	$_SESSION["token"] = bin2hex(random_bytes(16));
-    ?>
+?>
 		<title>Registriere dich für <?php echo $config["homeserver"]; ?></title>
 		<link href="//netdna.bootstrapcdn.com/bootstrap/3.1.0/css/bootstrap.min.css" rel="stylesheet">
 		<style>
-        body{
+body{
 	background-color: #525252;
-        }
+}
-        .centered-form{
+.centered-form{
 	margin-top: 60px;
-        }
+}
 
-        .centered-form .panel{
+.centered-form .panel{
 	background: rgba(255, 255, 255, 0.8);
 	box-shadow: rgba(0, 0, 0, 0.3) 20px 20px 20px;
-        }
+}
 		</style>
 		<script type="text/javascript" src="//code.jquery.com/jquery-1.11.1.min.js"></script>
 		<script type="text/javascript" src="//netdna.bootstrapcdn.com/bootstrap/3.1.0/js/bootstrap.min.js"></script>
-</head>
+	</head>
-<body>
+	<body>
 		<div class="container">
 			<div class="row centered-form">
 				<div class="col-xs-12 col-sm-8 col-md-4 col-sm-offset-2 col-md-offset-4">
@@ -160,7 +148,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 									<input type="text" name="username" id="username" class="form-control input-sm"
 										placeholder="Nutzername (für den Login)" pattern="[a-z1-9]{3,20}" required>
 								</div>
-                            <?php if (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"]) { ?>
+<?php if (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"]) { ?>
 								<div class="row">
 									<div class="col-xs-6 col-sm-6 col-md-6">
 										<div class="form-group">
@@ -173,7 +161,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 										</div>
 									</div>
 								</div>
-                            <?php } ?>
+<?php } ?>
 								<input type="hidden" name="token" id="token" value="<?php echo $_SESSION["token"]; ?>">
 								<input type="submit" value="Registrieren" class="btn btn-info btn-block">
 
@@ -191,21 +179,21 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 		</div>
  <script type="text/javascript">
  var first_name = document.getElementById("first_name");
-        first_name.oninvalid = function (event) {
+	first_name.oninvalid = function(event) {
 		event.target.setCustomValidity("Vorname muss das Format <Großbuchstabe><Kleinbuchstaben> haben");
 	}
-        first_name.onkeyup = function (event) {
+	first_name.onkeyup = function(event) {
 		event.target.setCustomValidity("");
 	}
 	var last_name = document.getElementById("last_name");
-        last_name.oninvalid = function (event) {
+	last_name.oninvalid = function(event) {
 		event.target.setCustomValidity("Nachname muss das Format <Großbuchstabe><Kleinbuchstaben> haben");
 	}
-        last_name.onkeyup = function (event) {
+	last_name.onkeyup = function(event) {
 		event.target.setCustomValidity("");
 	}
 	var user_name = document.getElementById("username");
-        user_name.oninvalid = function (event) {
+	user_name.oninvalid = function(event) {
 		event.target.setCustomValidity("Nutzername darf zwischen 3 und 20 kleine Buchstaben und Zahlen enthalten");
 	}
 	user_name.onkeyup = function (event) {
@@ -214,8 +202,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 <?php	if (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"]) { ?>
 	var password = document.getElementById("password")
 		, confirm_password = document.getElementById("password_confirm");
-            function validatePassword() {
+	function validatePassword(){
-                if (password.value != confirm_password.value) {
+		if(password.value != confirm_password.value) {
 			confirm_password.setCustomValidity("Passwörter stimmen nicht überein");
 		} else {
 			confirm_password.setCustomValidity('');
@@ -224,7 +212,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 	password.onchange = validatePassword;
 	confirm_password.onkeyup = validatePassword;
 <?php	} ?>
-    </script>
+</script>
-<?php } ?>
+		<?php } ?>
 	</body>
 </html>

public/verify.php

@@ -1,18 +1,6 @@
-<html><head><?php
+<html>
-/**
+	<head>
- * Copyright 2018 Matthias Kesler
+<?php
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 require_once "../language.php";
 if (!file_exists("../config.php")) {
 	print($language["NO_CONFIGURATION"]);
@@ -23,7 +11,7 @@ require_once "../mail_templates.php";
 
 // enforce admin via https
 if (!isset($_SERVER['HTTPS'])) {
-    header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], true, 301);
+	header('Location: https://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'], true, 301);
 	exit();
 }
 
@@ -34,7 +22,7 @@ try {
 		throw new Exception("Method not allowed");
 	}
 	if (!isset($_GET["t"])) {
-        throw new Exception("UNKNOWN_TOKEN");
+		throw new Exception($language["UNKNOWN_TOKEN"]);
 	}
 	$token = filter_var($_GET["t"], FILTER_SANITIZE_STRING);
 
@@ -42,7 +30,7 @@ try {
 
 	$user = $mx_db->getUserForVerify($token);
 	if ($user == NULL) {
-        throw new Exception("UNKNOWN_TOKEN");
+		throw new Exception($language["UNKNOWN_TOKEN"]);
 	}
 	$first_name = $user["first_name"];
 	$last_name = $user["last_name"];
@@ -59,7 +47,7 @@ try {
 		. "Zum Bearbeiten hier klicken:\r\n" . $adminUrl);
 	$mxMsg->set_formatted_body($first_name . ' ' . $last_name . " möchte sich registrieren und hat folgende Notiz hinterlassen:<br />"
 		. $note . "<br />"
-            . "Zum Bearbeiten <a href=\"" . $adminUrl . "\">hier</a> klicken");
+		. "Zum Bearbeiten <a href=\"". $adminUrl . "\">hier</a> klicken");
 	$mxMsg->set_type("m.text");
 	$response = $mxConn->send($config["register_room"], $mxMsg);
 
@@ -67,7 +55,8 @@ try {
 		$message = $language["SEND_MATRIX_FAIL"];
 	}
 	$mx_db->setRegistrationStateVerify(
-            ($response ? RegisterState::PendingAdminVerify : RegisterState::PendingAdminSend), $token);
+		($response ? RegisterState::PendingAdminVerify : RegisterState::PendingAdminSend),
+		$token);
 
 	send_mail_pending_approval($config["homeserver"], $first_name . " " . $last_name, $email);
 
@@ -80,11 +69,7 @@ try {
 	print("<title>" . $language["VERIFICATION_FAILED"] . "</title>");
 	print("</head><body>");
 	print("<h1>" . $language["VERIFICATION_FAILED"] . "</h1>");
-    if (isset($language[$e->getMessage()])) {
-        print("<p>" . $language[$e->getMessage()] . "</p>");
-    } else {
 	print("<p>" . $e->getMessage() . "</p>");
-    }
 	print("<a href=\"" . $config["webroot"] . "/index.php" . "\">Zur Registrierungsseite</a>");
 }
 ?>

public/verify_admin.php

@@ -1,18 +1,6 @@
-<html><head><?php
+<html>
-/**
+<head>
- * Copyright 2018 Matthias Kesler
+<?php
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
 require_once "../language.php";
 if (!file_exists("../config.php")) {
 	print($language["NO_CONFIGURATION"]);
@@ -23,7 +11,7 @@ require_once "../mail_templates.php";
 
 // enforce admin via https
 if (!isset($_SERVER['HTTPS'])) {
-    header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], true, 301);
+	header('Location: https://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'], true, 301);
 	exit();
 }
 
@@ -34,7 +22,7 @@ try {
 		throw new Exception("Method not allowed");
 	}
 	if (!isset($_GET["t"])) {
-        throw new Exception("UNKNOWN_TOKEN");
+		throw new Exception($language["UNKNOWN_TOKEN"]);
 	}
 	$token = filter_var($_GET["t"], FILTER_SANITIZE_STRING);
 
@@ -54,7 +42,7 @@ try {
 
 	$user = $mx_db->getUserForApproval($token);
 	if ($user == NULL) {
-        throw new Exception("UNKNOWN_TOKEN");
+		throw new Exception($language["UNKNOWN_TOKEN"]);
 	}
 
 	$first_name = $user["first_name"];
@@ -86,7 +74,7 @@ try {
 			$mxMsg->set_type("m.text");
 			$mxMsg->set_body("Fehler beim Registrieren von " . $first_name . " " . $last_name . ".");
 			$mxConn->send($config["register_room"], $mxMsg);
-            throw new Exception("REGISTRATION_FAILED");
+			throw new Exception($language["REGISTRATION_FAILED"]);
 		}
 
 		print("<title>" . $language["ADMIN_VERIFY_SITE_TITLE"] . "</title>");
@@ -114,7 +102,7 @@ try {
 		}
 
 		.centered-form .panel{
-                background: rgba(255, 255, 255, 0.8);
+background: rgba(255, 255, 255, 0.8);
 	    box-shadow: rgba(0, 0, 0, 0.3) 20px 20px 20px;
 		}
 		</style>
@@ -127,7 +115,7 @@ try {
 			<div class="col-xs-12 col-sm-8 col-md-4 col-sm-offset-2 col-md-offset-4">
 			<div class="panel panel-default">
 			<div class="panel-heading">
-                            <h3 class="panel-title"><?php echo $language["ADMIN_VERIFY_SITE_TITLE"]; ?></h3>
+			<h3 class="panel-title"><?php echo $language["ADMIN_VERIFY_SITE_TITLE"] ; ?></h3>
 			</div>
 			<div class="panel-body">
 			<form name="appForm" role="form" action="verify_admin.php" method="GET">
@@ -168,17 +156,13 @@ try {
 
 			<?php
 	} // else - no action provided
-    } catch (Exception $e) {
+} catch (Exception $e) {
 	print("<title>" . $language["REGISTRATION_FAILED"] . "</title>");
 	print("</head><body>");
 	print("<h1>" . $language["REGISTRATION_FAILED"] . "</h1>");
-        if (isset($language[$e->getMessage()])) {
-            print("<p>" . $language[$e->getMessage()] . "</p>");
-        } else {
 	print("<p>" . $e->getMessage() . "</p>");
-        }
 	print("<a href=\"" . $config["webroot"] . "/index.php" . "\">Zur Registrierungsseite</a>");
-    }
+}
-    ?>
+?>
-                    < /body>
+</body>
-         </html>
+</html>