complete password fetching on registration; add Requirements section #11
6
cron.php
6
cron.php
@@ -19,7 +19,9 @@ require_once(__DIR__ . "/language.php");
|
|||||||
require_once(__DIR__ . "/mail_templates.php");
|
require_once(__DIR__ . "/mail_templates.php");
|
||||||
require_once(__DIR__ . "/database.php");
|
require_once(__DIR__ . "/database.php");
|
||||||
|
|
||||||
$sql = "SELECT id, first_name, last_name, username, email, state, note, verify_token, admin_token FROM registrations "
|
$sql = "SELECT id, first_name, last_name, username, password, email,"
|
||||||
|
. " state, note, verify_token, admin_token "
|
||||||
|
. "FROM registrations "
|
||||||
. "WHERE state = " . RegisterState::PendingEmailSend
|
. "WHERE state = " . RegisterState::PendingEmailSend
|
||||||
. " OR state = " . RegisterState::PendingAdminSend
|
. " OR state = " . RegisterState::PendingAdminSend
|
||||||
. " OR state = " . RegisterState::PendingRegistration
|
. " OR state = " . RegisterState::PendingRegistration
|
||||||
@@ -87,7 +89,7 @@ foreach ($mx_db->query($sql) as $row) {
|
|||||||
break;
|
break;
|
||||||
case "local":
|
case "local":
|
||||||
// register by adding a user to the local database
|
// register by adding a user to the local database
|
||||||
$password = $mx_db->addUser($row["first_name"], $row["last_name"], $row["username"], $row["email"]);
|
$password = $mx_db->addUser($row["first_name"], $row["last_name"], $row["username"], $row["password"], $row["email"]);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
throw new Exception("Unknown operationMode");
|
throw new Exception("Unknown operationMode");
|
||||||
|
|||||||
@@ -98,7 +98,7 @@ class mxDatabase {
|
|||||||
)");
|
)");
|
||||||
// make sure the bot is allowed to login
|
// make sure the bot is allowed to login
|
||||||
if (!$this->userRegistered("register_bot")) {
|
if (!$this->userRegistered("register_bot")) {
|
||||||
$password = $this->addUser("Register", "Bot", "register_bot", $config["register_email"]);
|
$password = $this->addUser("Register", "Bot", "register_bot", NULL, $config["register_email"]);
|
||||||
$config["register_password"] = $password;
|
$config["register_password"] = $password;
|
||||||
$myfile = fopen(dirname(__FILE__) . "/config.json", "w");
|
$myfile = fopen(dirname(__FILE__) . "/config.json", "w");
|
||||||
fwrite($myfile, json_encode($config, JSON_PRETTY_PRINT));
|
fwrite($myfile, json_encode($config, JSON_PRETTY_PRINT));
|
||||||
@@ -283,14 +283,16 @@ class mxDatabase {
|
|||||||
* NULL when failed
|
* NULL when failed
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
function addUser($first_name, $last_name, $username, $email) {
|
function addUser($first_name, $last_name, $username, $password, $email) {
|
||||||
// check if user already exists and abort in that case
|
// check if user already exists and abort in that case
|
||||||
if ($this->userRegistered($username)) {
|
if ($this->userRegistered($username)) {
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($password == NULL) {
|
||||||
// generate a password with 10 characters
|
// generate a password with 10 characters
|
||||||
$password = bin2hex(openssl_random_pseudo_bytes(5));
|
$password = bin2hex(openssl_random_pseudo_bytes(5));
|
||||||
|
}
|
||||||
$password_hash = password_hash($password, PASSWORD_BCRYPT, ["cost" => 12]);
|
$password_hash = password_hash($password, PASSWORD_BCRYPT, ["cost" => 12]);
|
||||||
|
|
||||||
$sql = "INSERT INTO logins (first_name, last_name, localpart, password_hash, email) VALUES "
|
$sql = "INSERT INTO logins (first_name, last_name, localpart, password_hash, email) VALUES "
|
||||||
|
|||||||
@@ -72,9 +72,6 @@ try {
|
|||||||
|
|
||||||
$password = NULL;
|
$password = NULL;
|
||||||
$use_db_password = (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"]);
|
$use_db_password = (isset($config["getPasswordOnRegistration"]) && $config["getPasswordOnRegistration"]);
|
||||||
switch ($config["operationMode"]) {
|
|
||||||
case "synapse":
|
|
||||||
// register with registration_shared_secret
|
|
||||||
if ($use_db_password && isset($user["password"]) && strlen($user["password"]) > 0) {
|
if ($use_db_password && isset($user["password"]) && strlen($user["password"]) > 0) {
|
||||||
$password = $user["password"];
|
$password = $user["password"];
|
||||||
} else {
|
} else {
|
||||||
@@ -82,6 +79,9 @@ try {
|
|||||||
// generate a password with 10 characters
|
// generate a password with 10 characters
|
||||||
$password = bin2hex(openssl_random_pseudo_bytes(5));
|
$password = bin2hex(openssl_random_pseudo_bytes(5));
|
||||||
}
|
}
|
||||||
|
switch ($config["operationMode"]) {
|
||||||
|
case "synapse":
|
||||||
|
// register with registration_shared_secret
|
||||||
$res = $mxConn->register($username, $password, $config["registration_shared_secret"]);
|
$res = $mxConn->register($username, $password, $config["registration_shared_secret"]);
|
||||||
if (!$res) {
|
if (!$res) {
|
||||||
// something went wrong while registering
|
// something went wrong while registering
|
||||||
@@ -90,8 +90,7 @@ try {
|
|||||||
break;
|
break;
|
||||||
case "local":
|
case "local":
|
||||||
// register by adding a user to the local database
|
// register by adding a user to the local database
|
||||||
$use_db_password = false; // requires restructure to use db-provided pw
|
$password = $mx_db->addUser($first_name, $last_name, $username, $password, $email);
|
||||||
$password = $mx_db->addUser($first_name, $last_name, $username, $email);
|
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
throw new Exception("Unknown operationMode");
|
throw new Exception("Unknown operationMode");
|
||||||
|
|||||||
Reference in New Issue
Block a user