Code Coverage for /data/phpBB/includes/ucp/ucp

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 82	0.00% covered (danger)	0.00%	0 / 1	CRAP	0.00% covered (danger)	0.00%	0 / 1
ucp_activate	0.00% covered (danger)	0.00%	0 / 80	0.00% covered (danger)	0.00%	0 / 1	380	0.00% covered (danger)	0.00%	0 / 1
main	0.00% covered (danger)	0.00%	0 / 80	0.00% covered (danger)	0.00%	0 / 1	380

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	/**
23	* ucp_activate
24	* User activation
25	*/
26	class ucp_activate
27	{
28	var $u_action;
29
30	function main($id, $mode)
31	{
32	global $config, $phpbb_root_path, $phpEx, $request;
33	global $db, $user, $auth, $phpbb_container, $phpbb_log, $phpbb_dispatcher;
34
35	/** @var \phpbb\controller\helper $controller_helper */
36	$controller_helper = $phpbb_container->get('controller.helper');
37
38	$user_id = $request->variable('u', 0);
39	$key = $request->variable('k', '');
40
41	$sql = 'SELECT user_id, username, user_type, user_email, user_newpasswd, user_lang, user_actkey, user_inactive_reason
42	FROM ' . USERS_TABLE . "
43	WHERE user_id = $user_id";
44	$result = $db->sql_query($sql);
45	$user_row = $db->sql_fetchrow($result);
46	$db->sql_freeresult($result);
47
48	if (!$user_row)
49	{
50	trigger_error('NO_USER');
51	}
52
53	if ($user_row['user_type'] <> USER_INACTIVE && !$user_row['user_newpasswd'])
54	{
55	meta_refresh(3, $controller_helper->route('phpbb_index_controller'));
56	trigger_error('ALREADY_ACTIVATED');
57	}
58
59	if ($user_row['user_inactive_reason'] == INACTIVE_MANUAL \|\| $user_row['user_actkey'] !== $key)
60	{
61	trigger_error('WRONG_ACTIVATION');
62	}
63
64	// Do not allow activating by non administrators when admin activation is on
65	// Only activation type the user should be able to do is INACTIVE_REMIND
66	// or activate a new password which is not an activation state :@
67	if (!$user_row['user_newpasswd'] && $user_row['user_inactive_reason'] != INACTIVE_REMIND && $config['require_activation'] == USER_ACTIVATION_ADMIN && !$auth->acl_get('a_user'))
68	{
69	if (!$user->data['is_registered'])
70	{
71	login_box('', $user->lang['NO_AUTH_OPERATION']);
72	}
73	send_status_line(403, 'Forbidden');
74	trigger_error('NO_AUTH_OPERATION');
75	}
76
77	$update_password = ($user_row['user_newpasswd']) ? true : false;
78
79	if ($update_password)
80	{
81	$sql_ary = array(
82	'user_actkey' => '',
83	'user_password' => $user_row['user_newpasswd'],
84	'user_newpasswd' => '',
85	'user_login_attempts' => 0,
86	'reset_token' => '',
87	'reset_token_expiration' => 0,
88	);
89
90	$sql = 'UPDATE ' . USERS_TABLE . '
91	SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
92	WHERE user_id = ' . $user_row['user_id'];
93	$db->sql_query($sql);
94
95	$user->reset_login_keys($user_row['user_id']);
96
97	$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_NEW_PASSWORD', false, array(
98	'reportee_id' => $user_row['user_id'],
99	$user_row['username']
100	));
101	}
102
103	if (!$update_password)
104	{
105	include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
106
107	user_active_flip('activate', $user_row['user_id']);
108
109	$sql_ary = [
110	'user_actkey' => '',
111	'reset_token' => '',
112	'reset_token_expiration' => 0,
113	];
114
115	$sql = 'UPDATE ' . USERS_TABLE . '
116	SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
117	WHERE user_id = {$user_row['user_id']}";
118	$db->sql_query($sql);
119
120	// Create the correct logs
121	$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_ACTIVE_USER', false, array(
122	'reportee_id' => $user_row['user_id']
123	));
124
125	if ($auth->acl_get('a_user'))
126	{
127	$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_USER_ACTIVE', false, array($user_row['username']));
128	}
129	}
130
131	if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !$update_password)
132	{
133	/* @var $phpbb_notifications \phpbb\notification\manager */
134	$phpbb_notifications = $phpbb_container->get('notification_manager');
135	$phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_row['user_id']);
136
137	/** @var \phpbb\di\service_collection $messenger_collection */
138	$messenger_collection = $phpbb_container->get('messenger.method_collection');
139	/** @var \phpbb\messenger\method\messenger_interface $messenger_method */
140	$messenger_method = $messenger_collection->offsetGet('messenger.method.email');
141
142	$messenger_method->set_use_queue(false);
143	$messenger_method->template('admin_welcome_activated', $user_row['user_lang']);
144	$messenger_method->set_addresses($user_row);
145	$messenger_method->anti_abuse_headers($config, $user);
146	$messenger_method->assign_vars([
147	'USERNAME' => html_entity_decode($user_row['username'], ENT_COMPAT),
148	]);
149
150	$messenger_method->send();
151
152	$message = 'ACCOUNT_ACTIVE_ADMIN';
153	}
154	else
155	{
156	if (!$update_password)
157	{
158	$message = ($user_row['user_inactive_reason'] == INACTIVE_PROFILE) ? 'ACCOUNT_ACTIVE_PROFILE' : 'ACCOUNT_ACTIVE';
159	}
160	else
161	{
162	$message = 'PASSWORD_ACTIVATED';
163	}
164	}
165
166	/**
167	* This event can be used to modify data after user account's activation
168	*
169	* @event core.ucp_activate_after
170	* @var array user_row Array with some user data
171	* @var string message Language string of the message that will be displayed to the user
172	* @since 3.1.6-RC1
173	*/
174	$vars = array('user_row', 'message');
175	extract($phpbb_dispatcher->trigger_event('core.ucp_activate_after', compact($vars)));
176
177	meta_refresh(3, $controller_helper->route('phpbb_index_controller'));
178	trigger_error($user->lang[$message]);
179	}
180	}