web-base/Core/Documents/Account.class.php

88 lines
2.9 KiB
PHP
Raw Permalink Normal View History

2020-06-20 15:49:53 +02:00
<?php
2022-11-18 18:06:46 +01:00
namespace Core\Documents;
2020-06-20 15:49:53 +02:00
2022-11-18 18:06:46 +01:00
use Core\Elements\TemplateDocument;
2022-11-30 16:42:24 +01:00
use Core\Objects\DatabaseEntity\UserToken;
2022-11-18 18:06:46 +01:00
use Core\Objects\Router\Router;
2020-06-20 15:49:53 +02:00
2021-12-08 16:53:43 +01:00
class Account extends TemplateDocument {
2022-06-01 12:28:50 +02:00
public function __construct(Router $router, string $templateName) {
parent::__construct($router, $templateName);
2022-11-30 23:15:52 +01:00
$this->languageModules[] = "account";
2022-08-20 22:17:17 +02:00
$this->title = "Account";
$this->searchable = false;
2021-12-08 16:53:43 +01:00
$this->enableCSP();
2020-06-20 15:49:53 +02:00
}
2021-12-08 16:53:43 +01:00
private function createError(string $message) {
$this->parameters["view"]["success"] = false;
$this->parameters["view"]["message"] = $message;
}
2020-07-01 22:13:50 +02:00
2021-12-08 16:53:43 +01:00
protected function loadParameters() {
2022-11-30 16:42:24 +01:00
$settings = $this->getSettings();
$templateName = $this->getTemplateName();
2021-12-08 16:53:43 +01:00
$this->parameters["view"] = ["success" => true];
2022-11-30 16:42:24 +01:00
switch ($templateName) {
case "account/reset_password.twig": {
if (isset($_GET["token"]) && is_string($_GET["token"]) && !empty($_GET["token"])) {
$this->parameters["view"]["token"] = $_GET["token"];
$req = new \Core\API\User\CheckToken($this->getContext());
$this->parameters["view"]["success"] = $req->execute(array("token" => $_GET["token"]));
if ($this->parameters["view"]["success"]) {
if (strcmp($req->getToken()->getType(), UserToken::TYPE_PASSWORD_RESET) !== 0) {
$this->createError("The given token has a wrong type.");
}
} else {
$this->createError("Error requesting password reset: " . $req->getLastError());
2021-12-08 16:53:43 +01:00
}
}
2022-11-30 16:42:24 +01:00
break;
}
case "account/register.twig": {
if ($this->getUser()) {
$this->createError("You are already logged in.");
} else if (!$settings->isRegistrationAllowed()) {
$this->createError("Registration is not enabled on this website.");
}
break;
2021-12-08 16:53:43 +01:00
}
2022-11-30 16:42:24 +01:00
case "account/login.twig": {
if ($this->getUser()) {
header("Location: /admin");
exit();
}
break;
2021-12-08 16:53:43 +01:00
}
2022-11-30 16:42:24 +01:00
case "account/accept_invite.twig": {
if (isset($_GET["token"]) && is_string($_GET["token"]) && !empty($_GET["token"])) {
$this->parameters["view"]["token"] = $_GET["token"];
$req = new \Core\API\User\CheckToken($this->getContext());
$this->parameters["view"]["success"] = $req->execute(array("token" => $_GET["token"]));
if ($this->parameters["view"]["success"]) {
if (strcmp($req->getToken()->getType(), UserToken::TYPE_INVITE) !== 0) {
$this->createError("The given token has a wrong type.");
} else {
$this->parameters["view"]["invited_user"] = $req->getToken()->getUser()->jsonSerialize();
}
2021-12-08 16:53:43 +01:00
} else {
2022-11-30 16:42:24 +01:00
$this->createError("Error confirming e-mail address: " . $req->getLastError());
2021-12-08 16:53:43 +01:00
}
} else {
2022-11-30 16:42:24 +01:00
$this->createError("The link you visited is no longer valid");
2021-12-08 16:53:43 +01:00
}
2022-11-30 16:42:24 +01:00
break;
2020-06-20 15:49:53 +02:00
}
2022-11-30 16:42:24 +01:00
default:
break;
2020-06-20 15:49:53 +02:00
}
}
}