1
Salomao
Re: Ativacao.php - Analysing code for team security
  • 2005/1/5 11:23

  • Salomao

  • Just popping in

  • Posts: 2

  • Since: 2004/2/25


Se eu entendi bem, ele pediu para você adicionar ao "rastreador" de patches.

If I got it right, he asked you to add it to patch tracker.



2
Salomao
Re: Ativacao.php - Analysing code for team security
  • 2005/1/4 18:17

  • Salomao

  • Just popping in

  • Posts: 2

  • Since: 2004/2/25


Trying to translate to English
Quote:

File ATIVACAO.PHP

<?PHP
### ======================================================
### [url=http://www.xoops.net.br/]XOOPS Brasil[/url] - A comunidade diferente!
### ======================================================
### Arquivo para reenvio de Link de Ativação
### Script for resend the activation link
### ======================================================
### Developer: Fernando Santos, fernando@zend.com.br
### Copyright: www.xoops.net.br © 2003-2004
### ------------------------------------------------------
### www.xoops.net.br
### ======================================================
### v.1.0, Sun Dec 19 15:33:59 BRST 2004
### ======================================================

$xoopsOption['pagetype'] = "user";
include 
"mainfile.php";
include 
'header.php';
// Doesn't matter GET or POST
$email = isset($HTTP_GET_VARS['email']) ? trim($HTTP_GET_VARS['email']) : '';
$email = isset($HTTP_POST_VARS['email']) ? trim($HTTP_POST_VARS['email']) : $email;
// If $email is empty, show form for link resend
if ($email == '') {
echo <<< TOPET05
<fieldset style="padding: 10px;">
  <legend style="font-weight: bold;">Resend activation link registration</legend>
  <div><br />Fill in the e-mail you used to register in our site, so you can receive agaian the activation link for your account.</div>
  <form action="
$_SERVER[PHP_SELF]" method="post">
    Your E-mail: <input type="text" name="email" size="26" maxlength="60" />&nbsp; <input type="submit" value="Send" />
  </form>
</fieldset>
TOPET05;
// If $email is not empty, let's verify some things before sending the link
}else{
$myts =& MyTextSanitizer::getInstance();
$member_handler =& xoops_gethandler('member');
// The line below returns an array with all the users registered with the given e-mail, in our case it'll be only the $getuser[0]
$getuser =& $member_handler->getUsers(new Criteria('email'$myts->addSlashes($email)));
// If the e-mail doesn't exist in the database, $getuser returns empty...
if (empty($getuser)) {
echo 
"<h2>E-mail doesn't appear to be registered in our databases!</h2>";
include(
"footer.php");
    exit();
}
//Verifying if the user is already active...
if($getuser[0]->isActive()){
echo 
"<h2>The user ".$getuser[0]->getVar('uname').", registered with e-mail ".$getuser[0]->getVar('email')." is already active!</h2>";
include(
"footer.php");
    exit();    
}
//Sending it
$xoopsMailer =& getMailer();
$xoopsMailer->useMail();
$xoopsMailer->setTemplate('register.tpl');
$xoopsMailer->assign('SITENAME'$xoopsConfig['sitename']);
$xoopsMailer->assign('ADMINMAIL'$xoopsConfig['adminmail']);
$xoopsMailer->assign('SITEURL'XOOPS_URL."/");
$xoopsMailer->setToUsers($getuser[0]);
$xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
$xoopsMailer->setFromName($xoopsConfig['sitename']);
$xoopsMailer->setSubject(sprintf("- Resend - "._US_USERKEYFOR,$getuser[0]->getVar("uname")));
    if ( !
$xoopsMailer->send() ) {
    echo 
"<h2>It could not be possible to resend the activation link for ".$getuser[0]->getVar('uname').". Contact the site administrators.</h2>";
    include(
"footer.php");
    exit();
    } else {
    echo 
"<h2>The activation link for ".$getuser[0]->getVar('uname')." was resent. If you don't receive the e-mail in a few hours, try again or contact the site administrators.</h2>";
    }
}
include(
"footer.php");
?>


Put this file in your XOOPS main directory. Then, put a link for it into the login block, and voilá. No need to alter anything else.
If any user claims that it hasn't received the activation link, ask him to go to yoursite.com/ativacao.php and fill in the form.
If you wanna send through GET, like
yoursite.com/ativacao.php?email=me@myemail.com
it'll work without problems.
Hope it helps... If someone wanna make the code look better, I'll appreciate it!!

Tested and approved.

Thanks to Izzy for the first tests

Big hug

Hope it helps...

Salomão - XT




TopTop



Login

Who's Online

245 user(s) are online (176 user(s) are browsing Support Forums)


Members: 0


Guests: 245


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Mar 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits