diff options
author | Yorhel <git@yorhel.nl> | 2011-08-23 15:52:09 +0200 |
---|---|---|
committer | Yorhel <git@yorhel.nl> | 2011-08-23 15:52:09 +0200 |
commit | 49a1cb08f10f69f517f261ad9c34304e4979cefb (patch) | |
tree | e71c2e8ffbeca875ad04e6a96a5c4bd16960d765 | |
parent | 18c681f059389646d0b48b305ccf5e7622cb47e4 (diff) |
Added email confirmation to registration process
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | data/lang.txt | 147 | ||||
-rw-r--r-- | lib/Multi/Maintenance.pm | 12 | ||||
-rw-r--r-- | lib/VNDB/DB/Users.pm | 6 | ||||
-rw-r--r-- | lib/VNDB/Handler/Users.pm | 51 | ||||
-rw-r--r-- | util/sql/schema.sql | 3 | ||||
-rw-r--r-- | util/updates/update_2.21.sql | 9 |
7 files changed, 116 insertions, 114 deletions
@@ -1,6 +1,8 @@ 2.21 - ? - New resolution: 1280x960 - New platforms: Android, Web and DB-PG + - Added email confirmation to registration process + - Re-structured password reset feature - Multi::Feed: Show full summary and refresh more often - Switched back to Algorithm::Diff::XS - Added secondary ordering on title on releases listing on VN page diff --git a/data/lang.txt b/data/lang.txt index dee67f24..d1673b7d 100644 --- a/data/lang.txt +++ b/data/lang.txt @@ -6493,13 +6493,6 @@ cs : Nové heslo hu : Új jelszó nl : Nieuw wachtwoord -:_newpass_sent_subtitle -en : Password reset -ru : Сбросить пароль -cs : Změnit heslo -hu : Jelszó visszaállitás -nl : Wachtwoord gereset - :_newpass_sent_msg en : Your password has been reset and instructions to set a new one should reach your mailbox in a few minutes. ru*: @@ -6509,7 +6502,6 @@ nl : Je wachtwoord is gereset, en instructies om een nieuwe te zetten zullen bin # Set password page (/u+/setpass) -# The labels before the input boxes are the same as _register_password and _register_confirm. :_setpass_title en : Set password for [_1] @@ -6532,6 +6524,20 @@ cs*: hu*: nl : Nu kan je een wachtwoord instellen voor je account. Je wordt automatisch ingelogd nadat je wachtwoord is opgeslagen. +:_setpass_password +en : Password +ru : Пароль +cs : Heslo +hu : Jelszó +nl : Wachtwoord + +:_setpass_confirm +en : Confirm password +ru : Подтверждение пароля +cs : Potvrdit heslo +hu : Jelszó megerősítése +nl : Herhaal wachtwoord + # Register new account (/u/register) @@ -6542,69 +6548,6 @@ cs : Vytvořit účet hu : Új fiók létrehozása nl : Registreer een account -:_register_why -en : Why should I register? -ru : Для чего нужна регистрация? -cs : Proč bych se měl registrovat? -hu : Miért kéne regisztráljak? -nl : Waarom registreren? - -:_register_why_msg -en : Creating an account is completely painless, the only thing we need to know is your prefered username - and a password. You can just use any email address that isn't yours, as we don't even confirm - that the address you gave us is really yours. Keep in mind, however, that you would probably - want to remember your password if you do choose to give us an invalid email address...[br] - [br] - Anyway, having an account here has a few advantages over being just a regular visitor[br] - - You can contribute to the database by editing any entries and adding new ones[br] - - Keep track of all visual novels and releases you have, you'd like to play, are playing, or have finished playing[br] - - Vote on the visual novels you liked or disliked[br] - - Contribute to the discussions on the boards -ru : Создание учётной записи совершенно безопасно. Единственное, что нам от вас требуется - желаемое имя - пользователя и пароль. Вы можете ввести любой, даже абсолютно "левый" адрес электронной почты, поскольку - мы даже не проверяем его подлинность. Однако, помните, что если вы ненароком забудете свой пароль, да ещё - и ввели неправильный адрес...[br] - [br] - В общем, наличие учётной записи даёт несколько преимуществ перед простыми посетителями:[br] - - Вы можете помогать базе развиваться, редактируя любые страницы и добавляя новые[br] - - Следить за всеми новеллами и выпусками, которые у вас есть, в которые вы бы хотели сыграть, в которые играете, либо уже доиграли[br] - - Голосовать за понравившиеся или, наоборот, не понравившиеся новеллы[br] - - Вступать в обсуждения на ветках форума -cs : Tvorba účtu je zcela bezbolestná, jediné údaje, které potřebujeme znát jsou uživatelské jméno, které chcete, a vaše heslo. - Můžete i použít e-mail, který není váš, jelikož ani neověřujeme, že jste nám zadali opravdu váš e-mail. - Pamatujte ale, že pokud jste zadali neplatnou e-mailovou adresu, pak byste si měli dobře zapamatovat vaše heslo...[br] - [br] - V každém případě, založení účtu vám přináší několik výhod oproti běžným návštěvníkům[br] - - Můžete přispívat do databáze editací všech dat a přidáváním dat nových[br] - - Mějte přehled o všech vizuálních novelách, které máte, chtěli byste hrát, hrajete, nebo jste dohráli[br] - - Hlasujte pro vizuální novely, které se vám líbily nebo nelíbily[br] - - Přispívejte do diskusí na boardech -hu : Egy fiókot nagyon egyszerű készíteni, minden ami kell egy felhasználónév és egy jelszó. Bármilyen email címet használhatsz, - minket nem érdekel, hogy a tied vagy nem, mivel nincs külön aktiválás. Viszont ha nem jó emailt adsz meg nekünk - akkor jól vésd az eszedbe a jelszavad, különben nem tudunk neked segíteni ha elfelejted.[br] - [br] - Nos, a saját fiókkal rendelkezők több előnybe is részesülnek mint az egyszerű látogatók[br] - - Hozzájárulhatsz az adatbázis fejlődéséhez, hiszen szerkeszthetsz, vagy létrehozhatsz új bejegyzéseket[br] - - Nyomon követheted a tulajdonodban levő visual novellek, helyzetét, állapotát...mit játszol, melyiket fejezted már be stb.[br] - - Szavazhatsz a visual novellekre, melyek tetszettek, vagy ép meggyűlöltették magukat[br] - - Bekapcsolódhatsz a fórumba levő beszélgetésekbe -nl : Een account aanmaken is volledig pijnloos, wij hebben alleen je gewenste gebruikersnaam en - een wachtwoord nodig. Je kan gerust een vals emailadres gebruiken, zolang je er maar rekening mee - houdt dat je wel een geldig emailadres nodig hebt als je je wachtwoord bent vergeten...[br] - [br] - Het hebben van een account geeft je een aantal voordelen:[br] - - Je kan verbeteringen doorvoeren in de database, en nieuwe items toevoegen[br] - - Je kan bijhouden welke visual novels en uitgaven je hebt, je nog wil spelen, of hebt gespeeld[br] - - Stemmen op visual novels die je leuk (of misschien wel walgelijk) vond[br] - - Meedoen aan de discussies op het forum - -:_register_form_title -en : New account -ru : Новая учётная запись -cs : Nový účet -hu : Új fiók -nl : Nieuw account - :_register_username en : Username ru : Имя пользователя @@ -6638,20 +6581,6 @@ hu : Az email címed csakis akkor kerül használatba ha elveszted a jelszavad. nl : Je emailadres wordt gebruikt als je je wachtwoord bent vergeten. We zullen je geen spam of nieuwsbrieven sturen tenzij je ons er expliciet om vraagt. -:_register_password -en : Password -ru : Пароль -cs : Heslo -hu : Jelszó -nl : Wachtwoord - -:_register_confirm -en : Confirm password -ru : Подтверждение пароля -cs : Potvrdit heslo -hu : Jelszó megerősítése -nl : Herhaal wachtwoord - :_register_question en : How many [index,_1,visual novels,releases,producers] do we have in the database? (Hint: look to your left) ru : Сколько [index,_1,новелл,выпусков,компаний] у нас в базе? (Подсказка: посмотрите слева) @@ -6666,6 +6595,54 @@ cs : Odpověď hu : Válasz nl : Antwoord +:_register_mail_body +en : Hello [_1] + + Someone has registered an account on VNDB.org with your email address. To + confirm your registration, follow the link below. + + [_2] + + If you don't remember creating an account on VNDB.org recently, please + ignore this e-mail. + + vndb.org +ru*: +cs*: +hu*: +nl : Hallo [_1], + + Iemand heeft een account aangemaakt op VNDB.org met jouw emailadres. Om + verder te gaan met de registratie, volg de onderstaande link. + + [_2] + + Als je niet recentelijk een account hebt aangemaakt op VNDB.org, negeer + deze email dan. + + vndb.org + +:_register_mail_subject +en : Confirm registration for [_1] +ru*: +cs*: +hu*: +nl : Emailbevestiging voor [_1] + +:_register_done_title +en : Account created +ru*: +cs*: +hu*: +nl : Account aangemaakt + +:_register_done_msg +en : Your account has been created! In a few minutes, you should receive an email with instructions to set your password. +ru*: +cs*: +hu*: +nl : Je account is aangemaakt! Binnen een paar minuten krijg je een email met instructies om een wachtwoord in te stellen. + # User edit (/u+/edit) diff --git a/lib/Multi/Maintenance.pm b/lib/Multi/Maintenance.pm index 33154f9b..a754e618 100644 --- a/lib/Multi/Maintenance.pm +++ b/lib/Multi/Maintenance.pm @@ -18,13 +18,13 @@ sub spawn { package_states => [ $p => [qw| _start shutdown set_daily daily set_monthly monthly log_stats - vncache_inc tagcache traitcache vnpopularity vnrating cleangraphs cleansessions cleannotifications + vncache_inc tagcache traitcache vnpopularity vnrating cleangraphs cleansessions cleannotifications rmuncomfirmusers vncache_full usercache statscache logrotate vnsearch_check vnsearch_gettitles vnsearch_update |], ], heap => { - daily => [qw|vncache_inc tagcache traitcache vnpopularity vnrating cleangraphs cleansessions cleannotifications|], + daily => [qw|vncache_inc tagcache traitcache vnpopularity vnrating cleangraphs cleansessions cleannotifications rmuncomfirmusers|], monthly => [qw|vncache_full usercache statscache logrotate|], vnsearch_checkdelay => 3600, @_, @@ -177,6 +177,14 @@ sub cleannotifications { } +sub rmuncomfirmusers { + $_[KERNEL]->post(pg => do => + q|DELETE FROM users WHERE NOT email_confirmed AND registered < NOW()-'1 week'::interval|, + undef, 'log_stats', 'rmunconfirmusers'); +} + + + # # M O N T H L Y J O B S # diff --git a/lib/VNDB/DB/Users.pm b/lib/VNDB/DB/Users.pm index abea9bec..88de4d96 100644 --- a/lib/VNDB/DB/Users.pm +++ b/lib/VNDB/DB/Users.pm @@ -118,7 +118,7 @@ sub dbUserEdit { my %h; defined $o{$_} && ($h{$_.' = ?'} = $o{$_}) - for (qw| username mail perm salt ign_votes |); + for (qw| username mail perm salt ign_votes email_confirmed |); $h{'passwd = decode(?, \'hex\')'} = $o{passwd} if defined $o{passwd}; @@ -134,8 +134,8 @@ sub dbUserEdit { # username, pass(ecrypted), salt, mail, [ip] sub dbUserAdd { my($s, @o) = @_; - $s->dbExec(q|INSERT INTO users (username, passwd, salt, mail, ip) VALUES(?, decode(?, 'hex'), ?, ?, ?)|, - @o[0..3], $o[4]||$s->reqIP); + $s->dbRow(q|INSERT INTO users (username, passwd, salt, mail, ip) VALUES(?, decode(?, 'hex'), ?, ?, ?) RETURNING id|, + @o[0..3], $o[4]||$s->reqIP)->{id}; } diff --git a/lib/VNDB/Handler/Users.pm b/lib/VNDB/Handler/Users.pm index 641190aa..58410f8b 100644 --- a/lib/VNDB/Handler/Users.pm +++ b/lib/VNDB/Handler/Users.pm @@ -16,6 +16,7 @@ TUWF::register( qr{u/newpass/sent} => \&newpass_sent, qr{u([1-9]\d*)/setpass} => \&setpass, qr{u/register} => \®ister, + qr{u/register/done} => \®ister_done, qr{u([1-9]\d*)/edit} => \&edit, qr{u([1-9]\d*)/posts} => \&posts, qr{u([1-9]\d*)/del(/[od])?} => \&delete, @@ -220,10 +221,7 @@ sub newpass_sent { div class => 'mainbox'; h1 mt '_newpass_sent_title'; div class => 'notice'; - h2 mt '_newpass_sent_subtitle'; - p; - lit mt '_newpass_sent_msg'; - end; + p mt '_newpass_sent_msg'; end; end; $self->htmlFooter; @@ -251,7 +249,7 @@ sub setpass { push @{$frm->{_err}}, 'passmatch' if $frm->{usrpass} ne $frm->{usrpass2}; if(!$frm->{_err}) { - my %o; + my %o = (email_confirmed => 1); ($o{passwd}, $o{salt}) = $self->authPreparePass($frm->{usrpass}); $self->dbUserEdit($uid, %o); return $self->authLogin($u->{username}, $frm->{usrpass}, "/u$uid"); @@ -261,8 +259,8 @@ sub setpass { $self->htmlHeader(title => mt('_setpass_title', $u->{username}), noindex => 1); $self->htmlForm({ frm => $frm, action => "/u$u->{id}/setpass?t=$t" }, setpass => [ mt('_setpass_title', $u->{username}), [ static => nolabel => 1, content => mt '_setpass_msg' ], - [ passwd => short => 'usrpass', name => mt('_register_password') ], - [ passwd => short => 'usrpass2', name => mt('_register_confirm') ], + [ passwd => short => 'usrpass', name => mt('_setpass_password') ], + [ passwd => short => 'usrpass2', name => mt('_setpass_confirm') ], ]); $self->htmlFooter; } @@ -278,43 +276,36 @@ sub register { $frm = $self->formValidate( { post => 'usrname', template => 'pname', minlength => 2, maxlength => 15 }, { post => 'mail', template => 'mail' }, - { post => 'usrpass', minlength => 4, maxlength => 64, template => 'asciiprint' }, - { post => 'usrpass2', minlength => 4, maxlength => 64, template => 'asciiprint' }, { post => 'type', regex => [ qr/^[1-3]$/ ] }, { post => 'answer', template => 'int' }, ); my $num = $self->{stats}{[qw|vn releases producers|]->[ $frm->{type} - 1 ]}; push @{$frm->{_err}}, 'notanswer' if !$frm->{_err} && ($frm->{answer} > $num || $frm->{answer} < $num*0.995); - push @{$frm->{_err}}, 'passmatch' if $frm->{usrpass} ne $frm->{usrpass2}; push @{$frm->{_err}}, 'usrexists' if $frm->{usrname} eq 'anonymous' || !$frm->{_err} && $self->dbUserGet(username => $frm->{usrname})->[0]{id}; push @{$frm->{_err}}, 'mailexists' if !$frm->{_err} && $self->dbUserGet(mail => $frm->{mail})->[0]{id}; push @{$frm->{_err}}, 'oneaday' if !$frm->{_err} && $self->dbUserGet(ip => $self->reqIP, registered => time-24*3600)->[0]{id}; if(!$frm->{_err}) { - my ($pass, $salt) = $self->authPreparePass($frm->{usrpass}); - $self->dbUserAdd($frm->{usrname}, $pass, $salt, $frm->{mail}); - return $self->authLogin($frm->{usrname}, $frm->{usrpass}, '/'); + my($token, $pass, $salt) = $self->authPrepareReset(); + my $uid = $self->dbUserAdd($frm->{usrname}, $pass, $salt, $frm->{mail}); + $self->mail(mt('_register_mail_body', $frm->{usrname}, "$self->{url}/u$uid/setpass?t=$token"), + To => $frm->{mail}, + From => 'VNDB <noreply@vndb.org>', + Subject => mt('_register_mail_subject', $frm->{usrname}), + ); + return $self->resRedirect('/u/register/done', 'post'); } } $self->htmlHeader(title => mt('_register_title'), noindex => 1); - div class => 'mainbox'; - h1 mt '_register_title'; - h2 mt '_register_why'; - p; - lit mt '_register_why_msg'; - end; - end; my $type = $frm->{type} || floor(rand 3)+1; - $self->htmlForm({ frm => $frm, action => '/u/register' }, register => [ mt('_register_form_title'), + $self->htmlForm({ frm => $frm, action => '/u/register' }, register => [ mt('_register_title'), [ hidden => short => 'type', value => $type ], [ input => short => 'usrname', name => mt '_register_username' ], [ static => content => mt '_register_username_msg' ], [ input => short => 'mail', name => mt '_register_mail' ], [ static => content => mt('_register_mail_msg').'<br /><br />' ], - [ passwd => short => 'usrpass', name => mt('_register_password') ], - [ passwd => short => 'usrpass2', name => mt('_register_confirm') ], [ static => content => '<br /><br />'.mt('_register_question', $type-1) ], [ input => short => 'answer', name => mt '_register_answer' ], ]); @@ -322,6 +313,20 @@ sub register { } +sub register_done { + my $self = shift; + return $self->resRedirect('/') if $self->authInfo->{id}; + $self->htmlHeader(title => mt('_register_done_title'), noindex => 1); + div class => 'mainbox'; + h1 mt '_register_done_title'; + div class => 'notice'; + p mt '_register_done_msg'; + end; + end; + $self->htmlFooter; +} + + sub edit { my($self, $uid) = @_; diff --git a/util/sql/schema.sql b/util/sql/schema.sql index 6cbd2b14..40af8975 100644 --- a/util/sql/schema.sql +++ b/util/sql/schema.sql @@ -365,7 +365,8 @@ CREATE TABLE users ( ip inet NOT NULL DEFAULT '0.0.0.0', c_tags integer NOT NULL DEFAULT 0, salt character(9) NOT NULL DEFAULT '', - ign_votes boolean NOT NULL DEFAULT FALSE + ign_votes boolean NOT NULL DEFAULT FALSE, + email_confirmed boolean NOT NULL DEFAULT FALSE ); -- users_prefs diff --git a/util/updates/update_2.21.sql b/util/updates/update_2.21.sql index d90a510d..30ddac60 100644 --- a/util/updates/update_2.21.sql +++ b/util/updates/update_2.21.sql @@ -6,3 +6,12 @@ UPDATE releases_rev SET resolution = resolution + 1 WHERE resolution >= 5; -- Old MD5 passwords can't be used anymore, so delete them UPDATE users SET passwd = '' WHERE salt = ''; + +-- Email addresses now have to be confirmed upon registration +-- This boolean column won't really checked on login, it's just here for +-- administration purposes. The passwd/salt columns contain a +-- password-reset-token, so the user won't be able to login directly after +-- registration anyway. +ALTER TABLE users ADD COLUMN email_confirmed boolean NOT NULL DEFAULT FALSE; +UPDATE users SET email_confirmed = TRUE; + |