Code Coverage for /data/phpBB/includes/ucp/ucp

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 80	0.00% covered (danger)	0.00%	0 / 1	CRAP	0.00% covered (danger)	0.00%	0 / 1
ucp_activate	0.00% covered (danger)	0.00%	0 / 78	0.00% covered (danger)	0.00%	0 / 1	380	0.00% covered (danger)	0.00%	0 / 1
main	0.00% covered (danger)	0.00%	0 / 78	0.00% covered (danger)	0.00%	0 / 1	380

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	/**
23	* ucp_activate
24	* User activation
25	*/
26	class ucp_activate
27	{
28	var $u_action;
29
30	function main($id, $mode)
31	{
32	global $config, $phpbb_root_path, $phpEx, $request;
33	global $db, $user, $auth, $phpbb_container, $phpbb_log, $phpbb_dispatcher;
34
35	$user_id = $request->variable('u', 0);
36	$key = $request->variable('k', '');
37
38	$sql = 'SELECT user_id, username, user_type, user_email, user_newpasswd, user_lang, user_notify_type, user_actkey, user_inactive_reason
39	FROM ' . USERS_TABLE . "
40	WHERE user_id = $user_id";
41	$result = $db->sql_query($sql);
42	$user_row = $db->sql_fetchrow($result);
43	$db->sql_freeresult($result);
44
45	if (!$user_row)
46	{
47	trigger_error('NO_USER');
48	}
49
50	if ($user_row['user_type'] <> USER_INACTIVE && !$user_row['user_newpasswd'])
51	{
52	meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
53	trigger_error('ALREADY_ACTIVATED');
54	}
55
56	if ($user_row['user_inactive_reason'] == INACTIVE_MANUAL \|\| $user_row['user_actkey'] !== $key)
57	{
58	trigger_error('WRONG_ACTIVATION');
59	}
60
61	// Do not allow activating by non administrators when admin activation is on
62	// Only activation type the user should be able to do is INACTIVE_REMIND
63	// or activate a new password which is not an activation state :@
64	if (!$user_row['user_newpasswd'] && $user_row['user_inactive_reason'] != INACTIVE_REMIND && $config['require_activation'] == USER_ACTIVATION_ADMIN && !$auth->acl_get('a_user'))
65	{
66	if (!$user->data['is_registered'])
67	{
68	login_box('', $user->lang['NO_AUTH_OPERATION']);
69	}
70	send_status_line(403, 'Forbidden');
71	trigger_error('NO_AUTH_OPERATION');
72	}
73
74	$update_password = ($user_row['user_newpasswd']) ? true : false;
75
76	if ($update_password)
77	{
78	$sql_ary = array(
79	'user_actkey' => '',
80	'user_password' => $user_row['user_newpasswd'],
81	'user_newpasswd' => '',
82	'user_login_attempts' => 0,
83	'reset_token' => '',
84	'reset_token_expiration' => 0,
85	);
86
87	$sql = 'UPDATE ' . USERS_TABLE . '
88	SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
89	WHERE user_id = ' . $user_row['user_id'];
90	$db->sql_query($sql);
91
92	$user->reset_login_keys($user_row['user_id']);
93
94	$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_NEW_PASSWORD', false, array(
95	'reportee_id' => $user_row['user_id'],
96	$user_row['username']
97	));
98	}
99
100	if (!$update_password)
101	{
102	include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
103
104	user_active_flip('activate', $user_row['user_id']);
105
106	$sql_ary = [
107	'user_actkey' => '',
108	'reset_token' => '',
109	'reset_token_expiration' => 0,
110	];
111
112	$sql = 'UPDATE ' . USERS_TABLE . '
113	SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
114	WHERE user_id = {$user_row['user_id']}";
115	$db->sql_query($sql);
116
117	// Create the correct logs
118	$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_ACTIVE_USER', false, array(
119	'reportee_id' => $user_row['user_id']
120	));
121
122	if ($auth->acl_get('a_user'))
123	{
124	$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_ACTIVE', false, array($user_row['username']));
125	}
126	}
127
128	if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password)
129	{
130	/* @var $phpbb_notifications \phpbb\notification\manager */
131	$phpbb_notifications = $phpbb_container->get('notification_manager');
132	$phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_row['user_id']);
133
134	include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
135
136	$messenger = new messenger(false);
137
138	$messenger->template('admin_welcome_activated', $user_row['user_lang']);
139
140	$messenger->set_addresses($user_row);
141
142	$messenger->anti_abuse_headers($config, $user);
143
144	$messenger->assign_vars(array(
145	'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT))
146	);
147
148	$messenger->send($user_row['user_notify_type']);
149
150	$message = 'ACCOUNT_ACTIVE_ADMIN';
151	}
152	else
153	{
154	if (!$update_password)
155	{
156	$message = ($user_row['user_inactive_reason'] == INACTIVE_PROFILE) ? 'ACCOUNT_ACTIVE_PROFILE' : 'ACCOUNT_ACTIVE';
157	}
158	else
159	{
160	$message = 'PASSWORD_ACTIVATED';
161	}
162	}
163
164	/**
165	* This event can be used to modify data after user account's activation
166	*
167	* @event core.ucp_activate_after
168	* @var array user_row Array with some user data
169	* @var string message Language string of the message that will be displayed to the user
170	* @since 3.1.6-RC1
171	*/
172	$vars = array('user_row', 'message');
173	extract($phpbb_dispatcher->trigger_event('core.ucp_activate_after', compact($vars)));
174
175	meta_refresh(3, append_sid("{$phpbb_root_path}index.$phpEx"));
176	trigger_error($user->lang[$message]);
177	}
178	}