/* * This file is a part of Winix * and is not publicly distributed * * Copyright (c) 2008-2012, Tomasz Sowa * All rights reserved. * */ #include #include "adduser.h" #include "core/slog.h" #include "core/plugin.h" #include "core/misc.h" #include "functions/functions.h" namespace Fun { AddUser::AddUser() { fun.url = L"adduser"; } /* checking whether a login consists of allowed characters */ bool AddUser::HasLoginCorrectChars(const std::wstring & login) { for(size_t i=0 ; i WINIX_ACCOUNT_MAX_LOGIN_SIZE ) { log << log2 << "AddUser: login can't be longer than: " << WINIX_ACCOUNT_MAX_LOGIN_SIZE << " characters" << logend; if( use_ses_log ) slog << logerror << T("adduser_err_login_too_big") << " " << WINIX_ACCOUNT_MAX_LOGIN_SIZE << " " << T("adduser_err_login_too_big2") << logend; return false; } if( !HasLoginCorrectChars(login) ) { log << log2 << "AddUser: incorrect login characters" << logend; if( use_ses_log ) slog << logerror << T("adduser_err_login_incorrect_chars") << logend; return false; } if( system->users.IsUser(login) ) { log << log2 << "AddUser: such user already exists" << logend; if( use_ses_log ) slog << logerror << T("adduser_err_user_exists") << logend; return false; } return true; } bool AddUser::IsEmailCorrect(const std::wstring & email, bool use_ses_log) { if( email.size() > WINIX_ACCOUNT_MAX_EMAIL_SIZE ) { log << log2 << "AddUser: email can't be longer than: " << WINIX_ACCOUNT_MAX_EMAIL_SIZE << " characters" << logend; if( use_ses_log ) slog << logerror << T("adduser_err_email_too_big") << " " << WINIX_ACCOUNT_MAX_EMAIL_SIZE << " " << T("adduser_err_email_too_big2") << logend; return false; } if( !ValidateEmail(email) ) { log << log2 << "AddUser: email: " << email << " does not seem to be correct" << logend; if( use_ses_log ) slog << logerror << T(L"adduser_err_email_incorrect") << logend; return false; } return true; } // !! IMPROVE ME // may it should be moved to passwd winix function /* adding a new account this method doesn't check whether the login or password is correct (consist of allowed characters) input: user - all fields from User struct without 'id' pass - user's password output: result: true when the account has been successfully created and user.id will be set */ bool AddUser::AddNewUser(User & user, const std::wstring & pass) { up.pass = pass; system->crypt.PassHashCrypt(up); if( db->AddUser(user, up) == WINIX_ERR_OK ) { if( system->users.AddUser(user) ) { log << log2 << "AddUser: added a new user: " << user.name << logend; return true; } else { log << log1 << "AddUser: I can't add to system->users: " << user.name << " but the user was added to the db correctly" << logend; } } else { log << log1 << "AddUser: I cannot add a user -- database error" << logend; } return false; } void AddUser::MakePost() { user.Clear(); const std::wstring & login = cur->request->PostVar(L"login"); const std::wstring & pass = cur->request->PostVar(L"password"); const std::wstring & conf_pass = cur->request->PostVar(L"passwordconfirm"); const std::wstring & email = cur->request->PostVar(L"email"); long code = 0; if( !IsLoginCorrect(login, true) || !IsEmailCorrect(email, true) || !functions->fun_passwd.IsPasswordCorrect(pass, conf_pass, true) ) return; user.name = login; user.email = email; user.super_user = false; user.notify = 0; user.status = (config->account_need_email_verification)? WINIX_ACCOUNT_NOT_ACTIVATED : WINIX_ACCOUNT_READY; if( cur->session->puser && cur->session->puser->super_user ) { if( cur->request->IsPostVar(L"autoactivate") ) { user.status = WINIX_ACCOUNT_READY; log << log2 << "AddUser: account activated by an admin" << logend; } } if( user.status == WINIX_ACCOUNT_NOT_ACTIVATED ) { code = std::rand(); user.aenv.Add(L"activation_code", code); } if( AddNewUser(user, pass) ) { if( !cur->session->puser && user.status == WINIX_ACCOUNT_READY ) { system->users.LoginUser(user.id, false); log << log2 << "AddUser: now logged as: " << user.name << logend; plugin.Call(WINIX_USER_LOGGED); } if( user.status == WINIX_ACCOUNT_NOT_ACTIVATED ) { system->notify.ActivateAccount(user.name, user.email, code); slog << loginfo << T(L"account_email_sent") << logend; } system->RedirectToLastItem(); } } void AddUser::MakeGet() { } } // namespace