Commit 25404421 authored by dmorley's avatar dmorley

allow for edit if forgot email on pod

parent 8e1f5ee2
......@@ -4,10 +4,6 @@ if (!$_POST['domain']){
echo "no pod domain given";
die;
}
if (!$_POST['email']){
echo "no email given";
die;
}
$domain = $_POST['domain'];
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
if (!$dbh) {
......@@ -22,11 +18,14 @@ $rows = pg_num_rows($result);
if ($rows <= 0) {
echo "domain not found";die;
}
while ($row = pg_fetch_array($result)) {
if ($row["email"] <> $_POST['email']) {
echo "email not a match";die;
}
if ($_POST['email']){
if ($row["email"] <> $_POST['email']) {
echo "email not a match";die;
}
$uuid = md5(uniqid($domain, true));
$expire = date("Y-m-d H:i:s", time() + 700);
......@@ -42,7 +41,27 @@ $expire = date("Y-m-d H:i:s", time() + 700);
@mail( $to, $subject, $message, $headers );
echo "Link sent to your email";
} elseif (!$_POST['email']){
$uuid = md5(uniqid($domain, true));
$expire = date("Y-m-d H:i:s", time() + 1700);
$sql = "UPDATE pods SET token=$1, tokenexpire=$2 WHERE domain = '$domain'";
$result = pg_query_params($dbh, $sql, array($uuid,$expire));
if (!$result) {
die("Error in SQL query: " . pg_last_error());
}
$to = "support@diasp.org";
$subject = "Temporary edit key for podupti.me";
$message = "User trying to edit pod without email address. Email found: " . $row["email"] . " Link: https://podupti.me/db/edit.php?domain=" . $_POST["domain"] . "&token=" . $uuid . " Expires: " . $expire . "\n\n";
$headers = "From: support@diasp.org\r\nBcc: support@diasp.org\r\n";
@mail( $to, $subject, $message, $headers );
echo "Link sent to administrator to review and verify, if approved they will forward the edit key to you.";
}
pg_free_result($result);
pg_close($dbh);
}
?>
......@@ -135,7 +135,7 @@ EOF;
<input type="submit" value="submit">
</form>
Need to edit something?<br>
<form action="https://podupti.me/db/gettoken.php" method="post">Pod Domainname:<input type="text" name="domain">Registered Email:<input type="text" name="email"><input type=submit value="send"></form>
<form action="https://podupti.me/db/gettoken.php" method="post">Pod Domainname:<input type="text" name="domain">Registered Email:<input type="text" name="email" placeholder="Ok to leave blank if you forgot"><input type=submit value="send"></form>
<br>Is your pod missing? If the server can not get a diaspora session its on the hidden list <a href="http://podupti.me/?hidden=true">Show</a>. This
is mostly because of selfsigned or openca certs, if you need a free ssl cert get one from startssl.com.
<br>
......
<?php
require_once 'PHPUnit/Extensions/SeleniumTestCase.php';
class WebTest extends PHPUnit_Extensions_SeleniumTestCase
class CodeCoverageTest extends PHPUnit_Extensions_Selenium2TestCase
{
protected function setUp()
protected $coverageScriptUrl = 'http://localhost/phpunit_coverage.php';
public function setUp()
{
$this->setBrowser('*firefox');
$this->setBrowserUrl('http://podupti.me/');
$this->markTestIncomplete('Would require PHP 5.4 for running .php files on the server');
$this->setBrowser(PHPUNIT_TESTSUITE_EXTENSION_SELENIUM2_BROWSER);
$this->setBrowserUrl('http://localhost/');
}
public function testTitle()
public function testCoverageIsRetrieved()
{
$this->open('http://podupti.me/');
$this->assertTitle('Diaspora Pod uptime - Find your new social home');
$this->url('example.php');
}
}
?>
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment