Currently we have some license issues. We are working on it.

Commit 25404421 authored by dmorley's avatar dmorley
Browse files

allow for edit if forgot email on pod

parent 8e1f5ee2
......@@ -4,10 +4,6 @@ if (!$_POST['domain']){
echo "no pod domain given";
die;
}
if (!$_POST['email']){
echo "no email given";
die;
}
$domain = $_POST['domain'];
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
if (!$dbh) {
......@@ -22,11 +18,14 @@ $rows = pg_num_rows($result);
if ($rows <= 0) {
echo "domain not found";die;
}
while ($row = pg_fetch_array($result)) {
if ($row["email"] <> $_POST['email']) {
echo "email not a match";die;
}
if ($_POST['email']){
if ($row["email"] <> $_POST['email']) {
echo "email not a match";die;
}
$uuid = md5(uniqid($domain, true));
$expire = date("Y-m-d H:i:s", time() + 700);
......@@ -42,7 +41,27 @@ $expire = date("Y-m-d H:i:s", time() + 700);
@mail( $to, $subject, $message, $headers );
echo "Link sent to your email";
} elseif (!$_POST['email']){
$uuid = md5(uniqid($domain, true));
$expire = date("Y-m-d H:i:s", time() + 1700);
$sql = "UPDATE pods SET token=$1, tokenexpire=$2 WHERE domain = '$domain'";
$result = pg_query_params($dbh, $sql, array($uuid,$expire));
if (!$result) {
die("Error in SQL query: " . pg_last_error());
}
$to = "support@diasp.org";
$subject = "Temporary edit key for podupti.me";
$message = "User trying to edit pod without email address. Email found: " . $row["email"] . " Link: https://podupti.me/db/edit.php?domain=" . $_POST["domain"] . "&token=" . $uuid . " Expires: " . $expire . "\n\n";
$headers = "From: support@diasp.org\r\nBcc: support@diasp.org\r\n";
@mail( $to, $subject, $message, $headers );
echo "Link sent to administrator to review and verify, if approved they will forward the edit key to you.";
}
pg_free_result($result);
pg_close($dbh);
}
?>
......@@ -135,7 +135,7 @@ EOF;
<input type="submit" value="submit">
</form>
Need to edit something?<br>
<form action="https://podupti.me/db/gettoken.php" method="post">Pod Domainname:<input type="text" name="domain">Registered Email:<input type="text" name="email"><input type=submit value="send"></form>
<form action="https://podupti.me/db/gettoken.php" method="post">Pod Domainname:<input type="text" name="domain">Registered Email:<input type="text" name="email" placeholder="Ok to leave blank if you forgot"><input type=submit value="send"></form>
<br>Is your pod missing? If the server can not get a diaspora session its on the hidden list <a href="http://podupti.me/?hidden=true">Show</a>. This
is mostly because of selfsigned or openca certs, if you need a free ssl cert get one from startssl.com.
<br>
......
<?php
require_once 'PHPUnit/Extensions/SeleniumTestCase.php';
class WebTest extends PHPUnit_Extensions_SeleniumTestCase
class CodeCoverageTest extends PHPUnit_Extensions_Selenium2TestCase
{
protected function setUp()
protected $coverageScriptUrl = 'http://localhost/phpunit_coverage.php';
public function setUp()
{
$this->setBrowser('*firefox');
$this->setBrowserUrl('http://podupti.me/');
$this->markTestIncomplete('Would require PHP 5.4 for running .php files on the server');
$this->setBrowser(PHPUNIT_TESTSUITE_EXTENSION_SELENIUM2_BROWSER);
$this->setBrowserUrl('http://localhost/');
}
public function testTitle()
public function testCoverageIsRetrieved()
{
$this->open('http://podupti.me/');
$this->assertTitle('Diaspora Pod uptime - Find your new social home');
$this->url('example.php');
}
}
?>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment