mirror of
https://github.com/slawkens/myaac.git
synced 2025-11-02 00:46:23 +01:00
Merge branch 'main' into feature/refactor-account-lost
This commit is contained in:
slawkens
@@ -19,18 +19,17 @@ if(!$logged) {
|
||||
|
||||
csrfProtect();
|
||||
|
||||
$new_password = $_POST['newpassword'] ?? NULL;
|
||||
$new_password_confirm = $_POST['newpassword_confirm'] ?? NULL;
|
||||
$old_password = $_POST['oldpassword'] ?? NULL;
|
||||
$new_password = $_POST['new_password'] ?? null;
|
||||
$new_password_confirm = $_POST['new_password_confirm'] ?? null;
|
||||
$old_password = $_POST['old_password'] ?? null;
|
||||
if(empty($new_password) && empty($new_password_confirm) && empty($old_password)) {
|
||||
$twig->display('account.change-password.html.twig');
|
||||
}
|
||||
else
|
||||
{
|
||||
else {
|
||||
if(empty($new_password) || empty($new_password_confirm) || empty($old_password)){
|
||||
$errors[] = 'Please fill in form.';
|
||||
}
|
||||
$password_strlen = strlen($new_password);
|
||||
|
||||
if($new_password != $new_password_confirm) {
|
||||
$errors[] = 'The new passwords do not match!';
|
||||
}
|
||||
@@ -41,10 +40,13 @@ else
|
||||
}
|
||||
|
||||
/** @var OTS_Account $account_logged */
|
||||
$old_password = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $old_password);
|
||||
if($old_password != $account_logged->getPassword()) {
|
||||
$old_password_hashed = encrypt((USE_ACCOUNT_SALT ? $account_logged->getCustomField('salt') : '') . $old_password);
|
||||
if($old_password_hashed != $account_logged->getPassword()) {
|
||||
$errors[] = 'Current password is incorrect!';
|
||||
}
|
||||
else if ($old_password == $new_password) {
|
||||
$errors[] = 'The old password is same as the new password!';
|
||||
}
|
||||
|
||||
$hooks->trigger(HOOK_ACCOUNT_CHANGE_PASSWORD_POST);
|
||||
}
|
||||
|
||||
@@ -9,6 +9,7 @@
|
||||
*/
|
||||
|
||||
use MyAAC\Models\Account;
|
||||
use MyAAC\Models\AccountEmailVerify;
|
||||
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
@@ -20,16 +21,20 @@ if(empty($hash)) {
|
||||
return;
|
||||
}
|
||||
|
||||
if(!Account::where('email_hash', $hash)->exists()) {
|
||||
note("Your email couldn't be verified. Please contact staff to do it manually.");
|
||||
// by default link is valid for 30 days
|
||||
$accountEmailVerify = AccountEmailVerify::where('hash', $hash)->where('sent_at', '>', time() - 30 * 24 * 60 * 60)->first();
|
||||
if(!$accountEmailVerify) {
|
||||
note("Wrong link or link has expired.");
|
||||
}
|
||||
else
|
||||
{
|
||||
$accountModel = Account::where('email_hash', $hash)->where('email_verified', 0)->first();
|
||||
$accountModel = Account::where('id', $accountEmailVerify->account_id)->where('email_verified', 0)->first();
|
||||
if ($accountModel) {
|
||||
$accountModel->email_verified = 1;
|
||||
$accountModel->save();
|
||||
|
||||
AccountEmailVerify::where('account_id', $accountModel->id)->delete();
|
||||
|
||||
success('You have now verified your e-mail, this will increase the security of your account. Thank you for doing this. You can now <a href=' . getLink('account/manage') . '>log in</a>.');
|
||||
|
||||
$account = new OTS_Account();
|
||||
@@ -39,6 +44,6 @@ else
|
||||
}
|
||||
}
|
||||
else {
|
||||
error('Link has expired.');
|
||||
error('Your account is already verified.');
|
||||
}
|
||||
}
|
||||
|
||||
@@ -10,6 +10,7 @@
|
||||
*/
|
||||
|
||||
use MyAAC\CreateCharacter;
|
||||
use MyAAC\Models\AccountEmailVerify;
|
||||
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
$title = 'Create Account';
|
||||
@@ -244,7 +245,12 @@ if($save)
|
||||
if(setting('core.mail_enabled') && setting('core.account_mail_verify'))
|
||||
{
|
||||
$hash = md5(generateRandomString(16, true, true) . $email);
|
||||
$new_account->setCustomField('email_hash', $hash);
|
||||
|
||||
AccountEmailVerify::create([
|
||||
'account_id' => $new_account->getId(),
|
||||
'hash' => $hash,
|
||||
'sent_at' => time(),
|
||||
]);
|
||||
|
||||
$verify_url = getLink('account/confirm-email/' . $hash);
|
||||
$body_html = $twig->render('mail.account.verify.html.twig', array(
|
||||
|
||||
@@ -48,7 +48,9 @@ if(!empty($login_account) && !empty($login_password))
|
||||
)
|
||||
{
|
||||
if (setting('core.account_mail_verify') && (int)$account_logged->getCustomField('email_verified') !== 1) {
|
||||
$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.';
|
||||
$link = getLink('account/resend-email-verify');
|
||||
$errors[] = 'Your account is not verified. Please verify your email address. If the message is not coming check the SPAM folder in your E-Mail client.<br/>' .
|
||||
'You can resend the Email here: <a href="' . $link . '">' . $link . '</a>';
|
||||
} else {
|
||||
session_regenerate_id();
|
||||
setSession('account', $account_logged->getId());
|
||||
|
||||
@@ -38,15 +38,24 @@ csrfProtect();
|
||||
|
||||
$groups = new OTS_Groups_List();
|
||||
|
||||
$freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS;
|
||||
$dayOrDays = $account_logged->getPremDays() == 1 ? 'day' : 'days';
|
||||
/**
|
||||
* @var OTS_Account $account_logged
|
||||
*/
|
||||
if(!$account_logged->isPremium())
|
||||
$premDays = $account_logged->getPremDays();
|
||||
|
||||
$freePremium = isset($config['lua']['freePremium']) && getBoolean($config['lua']['freePremium']) || $premDays == OTS_Account::GRATIS_PREMIUM_DAYS;
|
||||
$dayOrDays = ($premDays == 1 ? 'day' : 'days');
|
||||
|
||||
$vipSystemEnabled = isset($config['lua']['vipSystemEnabled']) && getBoolean($config['lua']['vipSystemEnabled']);
|
||||
$premiumLabel = $vipSystemEnabled ? 'VIP' : 'Premium Account';
|
||||
|
||||
if ($freePremium && !$vipSystemEnabled) {
|
||||
$account_status = '<b><span style="color: green">Gratis Premium Account</span></b>';
|
||||
} else if(!$account_logged->isPremium()) {
|
||||
$account_status = '<b><span style="color: red">Free Account</span></b>';
|
||||
else
|
||||
$account_status = '<b><span style="color: green">' . ($freePremium ? 'Gratis Premium Account' : 'Premium Account, ' . $account_logged->getPremDays() . ' '.$dayOrDays.' left') . '</span></b>';
|
||||
} else {
|
||||
$account_status = '<b><span style="color: green">' . $premiumLabel . ', ' . $premDays . ' '.$dayOrDays.' left</span></b>';
|
||||
}
|
||||
|
||||
$recovery_key = $account_logged->getCustomField('key');
|
||||
if(empty($recovery_key))
|
||||
|
||||
94
system/pages/account/resend-email-verify.php
Normal file
94
system/pages/account/resend-email-verify.php
Normal file
@@ -0,0 +1,94 @@
|
||||
<?php
|
||||
|
||||
use MyAAC\Models\AccountEmailVerify;
|
||||
|
||||
defined('MYAAC') or die('Direct access not allowed!');
|
||||
|
||||
$title = 'Resend Email';
|
||||
|
||||
$errorWithBackButton = function ($msg) use ($twig) {
|
||||
$errors = [$msg];
|
||||
|
||||
$twig->display('error_box.html.twig', ['errors' => $errors]);
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'action' => getLink('account/resend-email-verify'),
|
||||
]);
|
||||
};
|
||||
|
||||
if (!setting('core.mail_enabled') || !setting('core.account_mail_verify')) {
|
||||
$errorWithBackButton('Resending email is not possible on this server.');
|
||||
return;
|
||||
}
|
||||
|
||||
$showForm = true;
|
||||
|
||||
if (isset($_POST['submit']) && $_POST['submit'] == '1') {
|
||||
$email = $_REQUEST['email'];
|
||||
|
||||
if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
$errorWithBackButton('Please enter valid Email.');
|
||||
return;
|
||||
}
|
||||
|
||||
$account = new OTS_Account();
|
||||
$account->findByEMail($email);
|
||||
if ($account->isLoaded()) {
|
||||
if ($account->getCustomField('email_verified') == '1') {
|
||||
$errorWithBackButton('This account is already verified! You can <a href=' . getLink('account/manage') . '>log in</a> on the website.');
|
||||
return;
|
||||
}
|
||||
|
||||
$accountEmailVerify = AccountEmailVerify::where('account_id', $account->getId())->orderBy('sent_at', 'DESC')->first();
|
||||
if ($accountEmailVerify && time() - $accountEmailVerify->sent_at < 60) {
|
||||
$errorWithBackButton('Only one Email per minute is allowed. Please try again later.');
|
||||
return;
|
||||
}
|
||||
|
||||
$tmp_account = $email;
|
||||
if (!config('account_login_by_email')) {
|
||||
$tmp_account = (USE_ACCOUNT_NAME ? $account->getName() : $account->getId());
|
||||
}
|
||||
|
||||
$hash = md5(generateRandomString(16, true, true) . $email);
|
||||
|
||||
AccountEmailVerify::create([
|
||||
'account_id' => $account->getId(),
|
||||
'hash' => $hash,
|
||||
'sent_at' => time(),
|
||||
]);
|
||||
|
||||
$verify_url = getLink('account/confirm-email/' . $hash);
|
||||
$body_html = $twig->render('mail.account.resend-email-verify.html.twig', array(
|
||||
'account' => $tmp_account,
|
||||
'verify_url' => generateLink($verify_url, $verify_url, true)
|
||||
));
|
||||
|
||||
if (_mail($account->getEMail(), configLua('serverName') . ' - Verify Account', $body_html)) {
|
||||
$message = "If account with this email exists - you will become an email with verification link.";
|
||||
$showForm = false;
|
||||
} else {
|
||||
$message = "<p class='error'>An error occurred while sending email (<b>{$email}</b> )! Try again later. For Admin: More info can be found in system/logs/mailer-error.log</p>";
|
||||
}
|
||||
}
|
||||
else {
|
||||
$message = "<br />If account with this email exists - you will become an email with verification link.";
|
||||
$showForm = false;
|
||||
}
|
||||
|
||||
$twig->display('success.html.twig', array(
|
||||
'title' => 'Verify Email Sent',
|
||||
'description' => $message,
|
||||
));
|
||||
}
|
||||
|
||||
//show errors if not empty
|
||||
if (!empty($errors)) {
|
||||
$twig->display('error_box.html.twig', ['errors' => $errors]);
|
||||
$twig->display('account.back_button.html.twig', [
|
||||
'action' => getLink('account/resend-email-verify'),
|
||||
]);
|
||||
}
|
||||
|
||||
if ($showForm) {
|
||||
$twig->display('account.resend-email-verify.html.twig');
|
||||
}
|
||||
@@ -21,6 +21,9 @@ if(!$logged) {
|
||||
$errors[] = 'You are not logged in. You can\'t create guild.';
|
||||
}
|
||||
|
||||
$configLuaFreePremium = configLua('freePremium');
|
||||
$freePremium = (isset($configLuaFreePremium) && getBoolean($configLuaFreePremium)) || ($logged && $account_logged->getPremDays() == OTS_Account::GRATIS_PREMIUM_DAYS);
|
||||
|
||||
$array_of_player_nig = array();
|
||||
if(empty($errors))
|
||||
{
|
||||
@@ -31,7 +34,7 @@ if(empty($errors))
|
||||
if(!$player_rank->isLoaded())
|
||||
{
|
||||
if($player->getLevel() >= setting('core.guild_need_level')) {
|
||||
if(!setting('core.guild_need_premium') || $account_logged->isPremium()) {
|
||||
if(!setting('core.guild_need_premium') || $account_logged->isPremium() || $freePremium) {
|
||||
$array_of_player_nig[] = $player->getName();
|
||||
}
|
||||
}
|
||||
@@ -95,7 +98,7 @@ if($todo == 'save')
|
||||
if($player->getLevel() < setting('core.guild_need_level')) {
|
||||
$errors[] = 'Character <b>'.$name.'</b> has too low level. To create guild you need character with level <b>' . setting('core.guild_need_level') . '</b>.';
|
||||
}
|
||||
if(setting('core.guild_need_premium') && !$account_logged->isPremium()) {
|
||||
if(setting('core.guild_need_premium') && !$account_logged->isPremium() && !$freePremium) {
|
||||
$errors[] = 'Character <b>'.$name.'</b> is on FREE account. To create guild you need PREMIUM account.';
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user