Compare commits
2 Commits
master
...
f808615f22
| Author | SHA1 | Date | |
|---|---|---|---|
| f808615f22 | |||
| ffce2fc28b |
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -13,8 +14,8 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
class MatrixConnection
|
||||
{
|
||||
class MatrixConnection {
|
||||
|
||||
private $hs;
|
||||
private $at;
|
||||
|
||||
@@ -33,7 +34,7 @@ class MatrixConnection
|
||||
if (!$message) {
|
||||
error_log("no message to send");
|
||||
return false;
|
||||
} elseif(is_array($message)) {
|
||||
} elseif (is_array($message)) {
|
||||
$send_message = $message;
|
||||
} elseif ($message instanceof MatrixMessage) {
|
||||
$send_message = $message->get_object();
|
||||
@@ -42,8 +43,8 @@ class MatrixConnection
|
||||
return false;
|
||||
}
|
||||
|
||||
$url="https://".$this->hs."/_matrix/client/r0/rooms/"
|
||||
. urlencode($room_id) ."/send/m.room.message?access_token=".$this->at;
|
||||
$url = "https://" . $this->hs . "/_matrix/client/r0/rooms/"
|
||||
. urlencode($room_id) . "/send/m.room.message?access_token=" . $this->at;
|
||||
$handle = curl_init($url);
|
||||
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, 5);
|
||||
@@ -65,10 +66,10 @@ class MatrixConnection
|
||||
|
||||
function hasUser($username) {
|
||||
if (!$username) {
|
||||
throw new Exception ("no user given to lookup");
|
||||
throw new Exception("no user given to lookup");
|
||||
}
|
||||
|
||||
$url = "https://".$this->hs."/_matrix/client/r0/profile/@" . $username . ":" . $this->hs;
|
||||
$url = "https://" . $this->hs . "/_matrix/client/r0/profile/@" . $username . ":" . $this->hs;
|
||||
$handle = curl_init($url);
|
||||
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, 5);
|
||||
@@ -94,7 +95,7 @@ class MatrixConnection
|
||||
"password" => $password,
|
||||
"mac" => $mac,
|
||||
);
|
||||
$url = "https://".$this->hs."/_matrix/client/v2_alpha/register";
|
||||
$url = "https://" . $this->hs . "/_matrix/client/v2_alpha/register";
|
||||
$handle = curl_init($url);
|
||||
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, 5);
|
||||
@@ -132,10 +133,11 @@ class MatrixConnection
|
||||
}
|
||||
return $response;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
class MatrixMessage
|
||||
{
|
||||
class MatrixMessage {
|
||||
|
||||
private $message;
|
||||
|
||||
function __construct() {
|
||||
@@ -154,7 +156,7 @@ class MatrixMessage
|
||||
$this->message["body"] = $body;
|
||||
}
|
||||
|
||||
function set_formatted_body($fbody, $format="org.matrix.custom.html") {
|
||||
function set_formatted_body($fbody, $format = "org.matrix.custom.html") {
|
||||
$this->message["formatted_body"] = $fbody;
|
||||
$this->message["format"] = $format;
|
||||
}
|
||||
@@ -162,5 +164,7 @@ class MatrixMessage
|
||||
function get_object() {
|
||||
return $this->message;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
@@ -1,26 +1,28 @@
|
||||
<?php
|
||||
|
||||
$config = [
|
||||
"homeserver" => "example.com",
|
||||
"access_token" => "To be used for sending the registration notification",
|
||||
|
||||
// Which e-mail-adresse shall the bot use to send e-mails?
|
||||
"register_email" => 'register_bot@example.com',
|
||||
// Where should the bot post registration requests to?
|
||||
"register_room" => '$registerRoomID:example.com',
|
||||
|
||||
// Where is the public part of the bot located? make sure you have a / at the end
|
||||
"webroot" => "https://myregisterdomain.net/",
|
||||
|
||||
// optional: Do you have a place where howTo's are located? If not leave this value out
|
||||
"howToURL" => "https://my-url-for-storing-howTos.net",
|
||||
|
||||
// set the mode of operation. Basically this defines where the data is stored:
|
||||
// - synapse (using the register endpoint - so no further auth config necessary
|
||||
// - local (recommended; using a table in the database to store credentials;
|
||||
// synapse has to be configured to use that)
|
||||
"operationMode" => "local",
|
||||
// When you want to collect the password on registration set this to true
|
||||
// only evaluated when operationMode = local
|
||||
"getPasswordOnRegistration" => false,
|
||||
|
||||
// to define where the data should be stored:
|
||||
"databaseURI" => "sqlite:" . dirname(__FILE__) . "/db_file.sqlite",
|
||||
// credentials for sqlite not used
|
||||
"databaseUser" => "dbUser123",
|
||||
"databasePass" => "secretPassword",
|
||||
]
|
||||
]
|
||||
?>
|
||||
|
||||
24
cron.php
24
cron.php
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -18,12 +19,12 @@ require_once("mail_templates.php");
|
||||
require_once("database.php");
|
||||
|
||||
$sql = "SELECT id, first_name, last_name, username, email, state, note, verify_token, admin_token FROM registrations "
|
||||
."WHERE state = ". RegisterState::PendingEmailSend
|
||||
. " OR state = " . RegisterState::PendingAdminSend
|
||||
. " OR state = " . RegisterState::PendingRegistration
|
||||
. " OR state = " . RegisterState::PendingSendRegistrationMail
|
||||
. " OR state = " . RegisterState::RegistrationDeclined
|
||||
. " OR state = " . RegisterState::AllDone . ";";
|
||||
. "WHERE state = " . RegisterState::PendingEmailSend
|
||||
. " OR state = " . RegisterState::PendingAdminSend
|
||||
. " OR state = " . RegisterState::PendingRegistration
|
||||
. " OR state = " . RegisterState::PendingSendRegistrationMail
|
||||
. " OR state = " . RegisterState::RegistrationDeclined
|
||||
. " OR state = " . RegisterState::AllDone . ";";
|
||||
foreach ($mx_db->query($sql) as $row) {
|
||||
$first_name = $row["first_name"];
|
||||
$last_name = $row["last_name"];
|
||||
@@ -36,15 +37,12 @@ foreach ($mx_db->query($sql) as $row) {
|
||||
case RegisterState::PendingEmailSend:
|
||||
$verify_url = $config["webroot"] . "/verify.php?t=" . $row["verify_token"];
|
||||
$success = send_mail_pending_verification(
|
||||
$config["homeserver"],
|
||||
$row["first_name"] . " " . $row["last_name"],
|
||||
$row["email"],
|
||||
$verify_url);
|
||||
$config["homeserver"], $row["first_name"] . " " . $row["last_name"], $row["email"], $verify_url);
|
||||
|
||||
if ($success) {
|
||||
$mx_db->setRegistrationStateById(RegisterState::PendingEmailVerify, $row["id"]);
|
||||
} else {
|
||||
throw new Exception("Could not send mail to ".$row["first_name"]." ".$row["last_name"]."(".$row["id"].")");
|
||||
throw new Exception("Could not send mail to " . $row["first_name"] . " " . $row["last_name"] . "(" . $row["id"] . ")");
|
||||
}
|
||||
break;
|
||||
case RegisterState::PendingAdminSend:
|
||||
@@ -57,7 +55,7 @@ foreach ($mx_db->query($sql) as $row) {
|
||||
. "Zum Bearbeiten hier klicken:\r\n" . $adminUrl);
|
||||
$mxMsg->set_formatted_body($first_name . ' ' . $last_name . " möchte sich registrieren und hat folgende Notiz hinterlassen:<br />"
|
||||
. $row["note"] . "<br />"
|
||||
. "Zum Bearbeiten <a href=\"". $adminUrl . "\">hier</a> klicken");
|
||||
. "Zum Bearbeiten <a href=\"" . $adminUrl . "\">hier</a> klicken");
|
||||
$mxMsg->set_type("m.text");
|
||||
$response = $mxConn->send($config["register_room"], $mxMsg);
|
||||
|
||||
@@ -66,7 +64,7 @@ foreach ($mx_db->query($sql) as $row) {
|
||||
|
||||
send_mail_pending_approval($config["homeserver"], $first_name . " " . $last_name, $email);
|
||||
} else {
|
||||
throw new Exception("Could not send notification for ".$row["first_name"]." ".$row["last_name"]."(".$row["id"].") to admins.");
|
||||
throw new Exception("Could not send notification for " . $row["first_name"] . " " . $row["last_name"] . "(" . $row["id"] . ") to admins.");
|
||||
}
|
||||
break;
|
||||
case RegisterState::PendingRegistration:
|
||||
|
||||
33
database.php
33
database.php
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -15,11 +16,11 @@
|
||||
*/
|
||||
require_once("config.php");
|
||||
if (!isset($config["databaseURI"])) {
|
||||
throw new Exception ("malformed configuration: databaseURI not defined");
|
||||
throw new Exception("malformed configuration: databaseURI not defined");
|
||||
}
|
||||
|
||||
abstract class RegisterState
|
||||
{
|
||||
abstract class RegisterState {
|
||||
|
||||
// Sending an E-Mail failed in the first attempt. Will retry later
|
||||
const PendingEmailSend = 0;
|
||||
// User got a mail. We wait for it to verfiy
|
||||
@@ -30,21 +31,19 @@ abstract class RegisterState
|
||||
const PendingAdminVerify = 6;
|
||||
// Registration failed on first attempt. Will retry
|
||||
const PendingRegistration = 7;
|
||||
|
||||
// in this case we have to reset the password of the user (or should we store it for this case?)
|
||||
const PendingSendRegistrationMail = 8;
|
||||
|
||||
// State to allow persisting in the database although an admin declined it.
|
||||
// Will be removed regularly
|
||||
const RegistrationAccepted = 7;
|
||||
const RegistrationDeclined = 13;
|
||||
|
||||
// User got successfully registered. Will be cleaned up later
|
||||
const AllDone = 100;
|
||||
|
||||
}
|
||||
|
||||
class mxDatabase
|
||||
{
|
||||
class mxDatabase {
|
||||
|
||||
private $db = NULL;
|
||||
|
||||
/**
|
||||
@@ -164,6 +163,7 @@ class mxDatabase
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function userRegistered($username) {
|
||||
$sql = "SELECT COUNT(*) FROM logins WHERE localpart = '" . $username . "' LIMIT 1;";
|
||||
$res = $this->db->query($sql);
|
||||
@@ -197,11 +197,11 @@ class mxDatabase
|
||||
|
||||
$this->db->exec("INSERT INTO registrations
|
||||
(first_name, last_name, username, note, email, verify_token, admin_token)
|
||||
VALUES ('" . $first_name."','" . $last_name . "','" . $username . "','" . $note . "','"
|
||||
. $email."','" .$verify_token."','" .$admin_token."')");
|
||||
VALUES ('" . $first_name . "','" . $last_name . "','" . $username . "','" . $note . "','"
|
||||
. $email . "','" . $verify_token . "','" . $admin_token . "')");
|
||||
|
||||
return [
|
||||
"verify_token"=> $verify_token,
|
||||
"verify_token" => $verify_token,
|
||||
];
|
||||
}
|
||||
|
||||
@@ -241,7 +241,7 @@ class mxDatabase
|
||||
$res = $this->db->query($sql);
|
||||
|
||||
if ($res->fetchColumn() > 0) {
|
||||
$sql = "SELECT first_name, last_name, note, email, admin_token FROM registrations "
|
||||
$sql = "SELECT first_name, last_name, note, email, username, admin_token FROM registrations "
|
||||
. " WHERE verify_token = '" . $verify_token . "'"
|
||||
. " AND state = " . RegisterState::PendingEmailVerify . " LIMIT 1;";
|
||||
foreach ($this->db->query($sql) as $row) {
|
||||
@@ -290,10 +290,10 @@ class mxDatabase
|
||||
|
||||
// generate a password with 10 characters
|
||||
$password = bin2hex(openssl_random_pseudo_bytes(5));
|
||||
$password_hash = password_hash($password, PASSWORD_BCRYPT, ["cost"=>12]);
|
||||
$password_hash = password_hash($password, PASSWORD_BCRYPT, ["cost" => 12]);
|
||||
|
||||
$sql = "INSERT INTO logins (first_name, last_name, localpart, password_hash, email) VALUES "
|
||||
. "('" . $first_name."','" . $last_name . "','" . $username . "','"
|
||||
. "('" . $first_name . "','" . $last_name . "','" . $username . "','"
|
||||
. $password_hash . "','" . $email . "');";
|
||||
|
||||
if ($this->db->exec($sql)) {
|
||||
@@ -305,11 +305,11 @@ class mxDatabase
|
||||
function updatePassword($localpart, $old_password, $new_password) {
|
||||
$user = $this->getUserForLogin($localpart, $old_password);
|
||||
if ($user == NULL) {
|
||||
throw new Exception ("user with that credentials not found");
|
||||
throw new Exception("user with that credentials not found");
|
||||
}
|
||||
|
||||
// The credentials were fine. So now set the new password
|
||||
$password_hash = password_hash($new_password, PASSWORD_BCRYPT, ["cost"=>12]);
|
||||
$password_hash = password_hash($new_password, PASSWORD_BCRYPT, ["cost" => 12]);
|
||||
|
||||
$sql = "UPDATE logins SET password_hash = '" . $password_hash . "'"
|
||||
. "WHERE localpart = '" . $localpart . "'";
|
||||
@@ -359,6 +359,7 @@ class mxDatabase
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if (!isset($mx_db)) {
|
||||
|
||||
19
helpers.php
19
helpers.php
@@ -1,15 +1,30 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
function stripLocalpart($mxid) {
|
||||
$localpart = NULL;
|
||||
if (!empty($mxid)) {
|
||||
// A mxid would start with an @ so we start at the 2. position
|
||||
$sepPos = strpos($mxid,':', 1);
|
||||
$sepPos = strpos($mxid, ':', 1);
|
||||
if ($sepPos === false) {
|
||||
// : not found. Assume mxid is localpart
|
||||
// TODO: further checks
|
||||
$localpart = $mxid;
|
||||
} else {
|
||||
$localpart = substr($mxid, 1, strpos($mxid,':') - 1 );
|
||||
$localpart = substr($mxid, 1, strpos($mxid, ':') - 1);
|
||||
}
|
||||
}
|
||||
return $localpart;
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -14,7 +15,7 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
require_once("../database.php");
|
||||
$response=[
|
||||
$response = [
|
||||
"limited" => false,
|
||||
"result" => [],
|
||||
];
|
||||
@@ -41,10 +42,9 @@ try {
|
||||
default:
|
||||
throw new Exception('unknown type for "by" param');
|
||||
}
|
||||
|
||||
} catch (Exception $e) {
|
||||
error_log("failed with error: " . $e->getMessage());
|
||||
$response["error"] = $e->getMessage();
|
||||
}
|
||||
print (json_encode($response, JSON_PRETTY_PRINT) . "\n");
|
||||
print (json_encode($response, JSON_PRETTY_PRINT));
|
||||
?>
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -65,5 +66,5 @@ try {
|
||||
error_log("ídentity_bulk failed with error: " . $e->getMessage());
|
||||
$response["error"] = $e->getMessage();
|
||||
}
|
||||
print (json_encode($response, JSON_PRETTY_PRINT) . "\n");
|
||||
print (json_encode($response, JSON_PRETTY_PRINT));
|
||||
?>
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -60,5 +61,5 @@ try {
|
||||
"error" => $e->getMessage()
|
||||
];
|
||||
}
|
||||
print (json_encode($response, JSON_PRETTY_PRINT) . "\n");
|
||||
print (json_encode($response, JSON_PRETTY_PRINT));
|
||||
?>
|
||||
|
||||
@@ -53,9 +53,7 @@ try {
|
||||
|
||||
require_once("../database.php");
|
||||
if (!$mx_db->updatePassword(
|
||||
$localpart,
|
||||
$input["auth"]["password"],
|
||||
$input["new_password"]
|
||||
$localpart, $input["auth"]["password"], $input["new_password"]
|
||||
)) {
|
||||
throw new Exception("invalid credentials or another error while updating");
|
||||
}
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -20,11 +21,15 @@ $response = [
|
||||
];
|
||||
|
||||
require_once("../database.php");
|
||||
|
||||
abstract class LoginRequester {
|
||||
|
||||
const UNDEFINED = 0;
|
||||
const MXISD = 1;
|
||||
const RestAuth = 2;
|
||||
|
||||
}
|
||||
|
||||
$loginRequester = LoginRequester::UNDEFINED;
|
||||
|
||||
try {
|
||||
@@ -56,7 +61,7 @@ try {
|
||||
}
|
||||
|
||||
if (empty($localpart)) {
|
||||
throw new Exception ("localpart cannot be identified");
|
||||
throw new Exception("localpart cannot be identified");
|
||||
}
|
||||
|
||||
$password = NULL;
|
||||
@@ -64,7 +69,7 @@ try {
|
||||
$password = $input["user"]["password"];
|
||||
}
|
||||
if (empty($password)) {
|
||||
throw new Exception ("password is not present");
|
||||
throw new Exception("password is not present");
|
||||
}
|
||||
|
||||
$user = $mx_db->getUserForLogin($localpart, $password);
|
||||
@@ -103,5 +108,5 @@ try {
|
||||
error_log("Auth failed with error: " . $e->getMessage());
|
||||
$response["auth"]["error"] = $e->getMessage();
|
||||
}
|
||||
print (json_encode($response, JSON_PRETTY_PRINT) . "\n");
|
||||
print (json_encode($response, JSON_PRETTY_PRINT));
|
||||
?>
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -14,10 +15,10 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
$lang = "de-de";
|
||||
if(isset($_GET['lang'])){
|
||||
if (isset($_GET['lang'])) {
|
||||
$lang = filter_var($_GET['lang'], FILTER_SANITIZE_STRING);
|
||||
}
|
||||
$lang_file = dirname(__FILE__) . "/lang/lang.".$lang.".php";
|
||||
$lang_file = dirname(__FILE__) . "/lang/lang." . $lang . ".php";
|
||||
if (!file_exists($lang_file)) {
|
||||
error_log("Translation for " . $lang . " not found. Fallback to 'de-de'");
|
||||
$lang = "de-de";
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Copyright 2018 Matthias Kesler
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
@@ -39,7 +40,7 @@ Danach ist eine Re-Registrierung mit deinem gewünschten Nutzernamen für andere
|
||||
Vielen Dank für dein Verständnis.
|
||||
|
||||
Das Administratoren-Team von " . $homeserver;
|
||||
return send_mail($receiver, $subject, $body );
|
||||
return send_mail($receiver, $subject, $body);
|
||||
}
|
||||
|
||||
function send_mail_pending_approval($homeserver, $user, $receiver) {
|
||||
@@ -53,7 +54,7 @@ Du bekommst eine weitere E-Mail, sobald deine Registrierung bestätigt oder able
|
||||
Vielen Dank für dein Verständnis.
|
||||
|
||||
Das Administratoren-Team von " . $homeserver;
|
||||
return send_mail($receiver, $subject, $body );
|
||||
return send_mail($receiver, $subject, $body);
|
||||
}
|
||||
|
||||
function send_mail_registration_allowed_but_failed($homeserver, $user, $receiver) {
|
||||
@@ -68,7 +69,6 @@ Wir melden uns, wenn die Registrierung erfolgreich war.
|
||||
|
||||
Das Administratoren-Team von " . $homeserver;
|
||||
return send_mail($receiver, $subject, $body);
|
||||
|
||||
}
|
||||
|
||||
function send_mail_registration_success($homeserver, $user, $receiver, $username, $password, $howToURL) {
|
||||
@@ -84,25 +84,25 @@ Passwort: $password
|
||||
Hinweis: Das Passwort kannst du aktuell über die App selbst ändern. Auch wenn das Passwort nirgends
|
||||
im Klartext gespeichert wird, kann jemand Zugriff auf diese Mail erlangen und so den Zugriff bekommen.
|
||||
";
|
||||
/*
|
||||
Wichtig: Bitte ändere das Passwort direkt nach der Anmeldung.
|
||||
Es wird zwar von unserer Seite nicht gespeichert, doch fremde könnten Zugriff auf diese E-Mail
|
||||
erhalten und so deinen Account kompromittieren.
|
||||
/*
|
||||
Wichtig: Bitte ändere das Passwort direkt nach der Anmeldung.
|
||||
Es wird zwar von unserer Seite nicht gespeichert, doch fremde könnten Zugriff auf diese E-Mail
|
||||
erhalten und so deinen Account kompromittieren.
|
||||
*/
|
||||
if (!empty($howToURL)) {
|
||||
if (!empty($howToURL)) {
|
||||
$body .= "
|
||||
Zu weiteren Hilfestellungen findest du hier eine Auflistung von verschiedenen
|
||||
Anleitungen zu verschiedenen Clients:
|
||||
$howToURL\n";
|
||||
}
|
||||
}
|
||||
$body .= "
|
||||
Viel Spaß bei der Verwendung von $homeserver.
|
||||
Bei Fragen findest du nach der Anmeldung ein paar Räume in denen du sie stellen kannst.
|
||||
|
||||
Das Administratoren-Team von " . $homeserver;
|
||||
return send_mail($receiver, $subject, $body);
|
||||
|
||||
}
|
||||
|
||||
function send_mail_registration_decline($homeserver, $user, $receiver, $reason) {
|
||||
$subject = "Registrierung auf $homeserver abgelehnt.";
|
||||
$body = "Guten Tag " . $user . ",
|
||||
@@ -116,6 +116,7 @@ Deine Registrierungsanfrage wurde durch die Administratoren abgelehnt.\n";
|
||||
}
|
||||
|
||||
$body .= "\nDas Administratoren-Team von " . $homeserver;
|
||||
return send_mail($receiver, $subject, $body );
|
||||
return send_mail($receiver, $subject, $body);
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
@@ -13,12 +13,6 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
require_once "../language.php";
|
||||
if (!file_exists("../config.php")) {
|
||||
print($language["NO_CONFIGURATION"]);
|
||||
exit();
|
||||
}
|
||||
require_once "../config.php";
|
||||
|
||||
// enforce admin via https
|
||||
if (!isset($_SERVER['HTTPS'])) {
|
||||
@@ -26,6 +20,25 @@ if (!isset($_SERVER['HTTPS'])) {
|
||||
exit();
|
||||
}
|
||||
|
||||
require_once "../language.php";
|
||||
if (!file_exists("../config.php")) {
|
||||
print($language["NO_CONFIGURATION"]);
|
||||
exit();
|
||||
}
|
||||
require_once "../config.php";
|
||||
|
||||
// this values will not be used when using the register operation type
|
||||
$storeFirstLastName = false;
|
||||
if (isset($config["operationMode"]) && $config["operationMode"] === "local") {
|
||||
$storeFirstLastName = true;
|
||||
}
|
||||
|
||||
// currently the case to store the password on our own is the only supported one
|
||||
$storePassword = false;
|
||||
if (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"] &&
|
||||
isset($config["operationMode"]) && $config["operationMode"] === "synapse") {
|
||||
$storePassword = true;
|
||||
}
|
||||
session_start();
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
@@ -53,17 +66,22 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
if (!isset($_POST["email"]) || !filter_var($_POST["email"], FILTER_VALIDATE_EMAIL)) {
|
||||
throw new Exception("EMAIL_INVALID_FORMAT");
|
||||
}
|
||||
if (isset($_POST["first_name"]) && ! preg_match("/[A-Z][a-z]+/", $_POST["first_name"])) {
|
||||
if ($storeFirstLastName) {
|
||||
// only require first_name and last_name when we will evaluate them
|
||||
if (!isset($_POST["first_name"]) || ! preg_match("/[A-Z][a-z]+/", $_POST["first_name"])) {
|
||||
throw new Exception("FIRSTNAME_INVALID_FORMAT");
|
||||
}
|
||||
if (isset($_POST["last_name"]) && ! preg_match("/[A-Z][a-z]+/", $_POST["last_name"])) {
|
||||
if (!isset($_POST["last_name"]) || ! preg_match("/[A-Z][a-z]+/", $_POST["last_name"])) {
|
||||
throw new Exception("SIRNAME_INVALID_FORMAT");
|
||||
}
|
||||
|
||||
$first_name = filter_var($_POST["first_name"], FILTER_SANITIZE_STRING);
|
||||
$last_name = filter_var($_POST["last_name"], FILTER_SANITIZE_STRING);
|
||||
} else {
|
||||
$first_name = $last_name = "";
|
||||
}
|
||||
|
||||
$username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);
|
||||
if (isset($_POST["password"])) {
|
||||
if ($storePassword && isset($_POST["password"])) {
|
||||
$password = filter_var($_POST["password"], FILTER_SANITIZE_STRING);
|
||||
}
|
||||
$note = filter_var($_POST["note"], FILTER_SANITIZE_STRING);
|
||||
@@ -82,7 +100,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
require_once "../mail_templates.php";
|
||||
$success = send_mail_pending_verification(
|
||||
$config["homeserver"],
|
||||
$first_name . " " . $last_name,
|
||||
$storeFirstLastName ? $first_name . " " . $last_name : $username,
|
||||
$email,
|
||||
$verify_url);
|
||||
|
||||
@@ -137,6 +155,7 @@ body{
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<form name="regForm" role="form" action="index.php" method="post">
|
||||
<?php if ($storeFirstLastName) { ?>
|
||||
<div class="row">
|
||||
<div class="col-xs-6 col-sm-6 col-md-6">
|
||||
<div class="form-group">
|
||||
@@ -151,6 +170,7 @@ body{
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php } ?>
|
||||
|
||||
<div class="form-group">
|
||||
<input type="email" name="email" id="email" class="form-control input-sm" placeholder="E-Mail-Adresse" required>
|
||||
@@ -164,7 +184,7 @@ body{
|
||||
<input type="text" name="username" id="username" class="form-control input-sm"
|
||||
placeholder="Nutzername (für den Login)" pattern="[a-z1-9]{3,20}" required>
|
||||
</div>
|
||||
<?php if (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"]) { ?>
|
||||
<?php if ($storePassword) { ?>
|
||||
<div class="row">
|
||||
<div class="col-xs-6 col-sm-6 col-md-6">
|
||||
<div class="form-group">
|
||||
@@ -177,7 +197,7 @@ body{
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<?php } ?>
|
||||
<?php } ?>
|
||||
<input type="hidden" name="token" id="token" value="<?php echo $_SESSION["token"]; ?>">
|
||||
<input type="submit" value="Registrieren" class="btn btn-info btn-block">
|
||||
|
||||
@@ -194,6 +214,14 @@ body{
|
||||
</div>
|
||||
</div>
|
||||
<script type="text/javascript">
|
||||
var user_name = document.getElementById("username");
|
||||
user_name.oninvalid = function(event) {
|
||||
event.target.setCustomValidity("Nutzername darf zwischen 3 und 20 kleine Buchstaben und Zahlen enthalten");
|
||||
}
|
||||
user_name.onkeyup = function (event) {
|
||||
event.target.setCustomValidity("");
|
||||
}
|
||||
<?php if ($storeFirstLastName) { ?>
|
||||
var first_name = document.getElementById("first_name");
|
||||
first_name.oninvalid = function(event) {
|
||||
event.target.setCustomValidity("Vorname muss das Format <Großbuchstabe><Kleinbuchstaben> haben");
|
||||
@@ -208,14 +236,7 @@ body{
|
||||
last_name.onkeyup = function(event) {
|
||||
event.target.setCustomValidity("");
|
||||
}
|
||||
var user_name = document.getElementById("username");
|
||||
user_name.oninvalid = function(event) {
|
||||
event.target.setCustomValidity("Nutzername darf zwischen 3 und 20 kleine Buchstaben und Zahlen enthalten");
|
||||
}
|
||||
user_name.onkeyup = function (event) {
|
||||
event.target.setCustomValidity("");
|
||||
}
|
||||
<?php if (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"]) { ?>
|
||||
<?php } if ($storePassword) { ?>
|
||||
var password = document.getElementById("password")
|
||||
, confirm_password = document.getElementById("password_confirm");
|
||||
function validatePassword(){
|
||||
@@ -229,6 +250,5 @@ body{
|
||||
confirm_password.onkeyup = validatePassword;
|
||||
<?php } ?>
|
||||
</script>
|
||||
<?php } ?>
|
||||
</body>
|
||||
</html>
|
||||
<?php } ?>
|
||||
</body></html>
|
||||
|
||||
@@ -46,6 +46,7 @@ try {
|
||||
}
|
||||
$first_name = $user["first_name"];
|
||||
$last_name = $user["last_name"];
|
||||
$username = $user["username"];
|
||||
$note = $user["note"];
|
||||
$email = $user["email"];
|
||||
$admin_token = $user["admin_token"];
|
||||
@@ -54,10 +55,12 @@ try {
|
||||
$adminUrl = $config["webroot"] . "/verify_admin.php?t=" . $admin_token;
|
||||
$mxConn = new MatrixConnection($config["homeserver"], $config["access_token"]);
|
||||
$mxMsg = new MatrixMessage();
|
||||
$mxMsg->set_body($first_name . ' ' . $last_name . "möchte sich registrieren und hat folgende Notiz hinterlassen:\r\n"
|
||||
$mxMsg->set_body((strlen($first_name . $last_name) > 0 ? $first_name . " " . $last_name : $username)
|
||||
. " möchte sich registrieren und hat folgende Notiz hinterlassen:\r\n"
|
||||
. $note . "\r\n"
|
||||
. "Zum Bearbeiten hier klicken:\r\n" . $adminUrl);
|
||||
$mxMsg->set_formatted_body($first_name . ' ' . $last_name . " möchte sich registrieren und hat folgende Notiz hinterlassen:<br />"
|
||||
$mxMsg->set_formatted_body((strlen($first_name . $last_name) > 0 ? $first_name . " " . $last_name : $username)
|
||||
. " möchte sich registrieren und hat folgende Notiz hinterlassen:<br />"
|
||||
. $note . "<br />"
|
||||
. "Zum Bearbeiten <a href=\"". $adminUrl . "\">hier</a> klicken");
|
||||
$mxMsg->set_type("m.text");
|
||||
|
||||
@@ -95,7 +95,12 @@ try {
|
||||
print("<p>" . $language["ADMIN_REGISTER_ACCEPTED_BODY"] . "</p>");
|
||||
} elseif ($action == RegisterState::RegistrationDeclined) {
|
||||
$mx_db->setRegistrationStateAdmin(RegisterState::RegistrationDeclined, $token);
|
||||
send_mail_registration_decline($config["homeserver"], $first_name . " " . $last_name, $email, $decline_reason);
|
||||
send_mail_registration_decline(
|
||||
$config["homeserver"],
|
||||
strlen($first_name . $last_name) > 0 ? $first_name . " " . $last_name : $username,
|
||||
$email,
|
||||
$decline_reason
|
||||
);
|
||||
print("<title>" . $language["ADMIN_VERIFY_SITE_TITLE"] . "</title>");
|
||||
print("</head><body>");
|
||||
print("<h1>" . $language["ADMIN_VERIFY_SITE_TITLE"] . "</h1>");
|
||||
@@ -131,6 +136,8 @@ background: rgba(255, 255, 255, 0.8);
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<form name="appForm" role="form" action="verify_admin.php" method="GET">
|
||||
<?php if (isset($config["operationMode"]) && $config["operationMode"] === "local") {
|
||||
// this values will not be used when using the register operation type ?>
|
||||
<div class="row">
|
||||
<div class="col-xs-6 col-sm-6 col-md-6">
|
||||
<div class="form-group">
|
||||
@@ -145,7 +152,7 @@ background: rgba(255, 255, 255, 0.8);
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<?php } ?>
|
||||
<div class="form-group">
|
||||
<input type="text" id="note" class="form-control input-sm" value="<?php echo $note; ?>" disabled=true>
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user