summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog2
-rw-r--r--data/lang.txt147
-rw-r--r--lib/Multi/Maintenance.pm12
-rw-r--r--lib/VNDB/DB/Users.pm6
-rw-r--r--lib/VNDB/Handler/Users.pm51
-rw-r--r--util/sql/schema.sql3
-rw-r--r--util/updates/update_2.21.sql9
7 files changed, 116 insertions, 114 deletions
diff --git a/ChangeLog b/ChangeLog
index 17e513ef..7b046c4b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,8 @@
2.21 - ?
- New resolution: 1280x960
- New platforms: Android, Web and DB-PG
+ - Added email confirmation to registration process
+ - Re-structured password reset feature
- Multi::Feed: Show full summary and refresh more often
- Switched back to Algorithm::Diff::XS
- Added secondary ordering on title on releases listing on VN page
diff --git a/data/lang.txt b/data/lang.txt
index dee67f24..d1673b7d 100644
--- a/data/lang.txt
+++ b/data/lang.txt
@@ -6493,13 +6493,6 @@ cs : Nové heslo
hu : Új jelszó
nl : Nieuw wachtwoord
-:_newpass_sent_subtitle
-en : Password reset
-ru : Сбросить пароль
-cs : Změnit heslo
-hu : Jelszó visszaállitás
-nl : Wachtwoord gereset
-
:_newpass_sent_msg
en : Your password has been reset and instructions to set a new one should reach your mailbox in a few minutes.
ru*:
@@ -6509,7 +6502,6 @@ nl : Je wachtwoord is gereset, en instructies om een nieuwe te zetten zullen bin
# Set password page (/u+/setpass)
-# The labels before the input boxes are the same as _register_password and _register_confirm.
:_setpass_title
en : Set password for [_1]
@@ -6532,6 +6524,20 @@ cs*:
hu*:
nl : Nu kan je een wachtwoord instellen voor je account. Je wordt automatisch ingelogd nadat je wachtwoord is opgeslagen.
+:_setpass_password
+en : Password
+ru : Пароль
+cs : Heslo
+hu : Jelszó
+nl : Wachtwoord
+
+:_setpass_confirm
+en : Confirm password
+ru : Подтверждение пароля
+cs : Potvrdit heslo
+hu : Jelszó megerősítése
+nl : Herhaal wachtwoord
+
# Register new account (/u/register)
@@ -6542,69 +6548,6 @@ cs : Vytvořit účet
hu : Új fiók létrehozása
nl : Registreer een account
-:_register_why
-en : Why should I register?
-ru : Для чего нужна регистрация?
-cs : Proč bych se měl registrovat?
-hu : Miért kéne regisztráljak?
-nl : Waarom registreren?
-
-:_register_why_msg
-en : Creating an account is completely painless, the only thing we need to know is your prefered username
- and a password. You can just use any email address that isn't yours, as we don't even confirm
- that the address you gave us is really yours. Keep in mind, however, that you would probably
- want to remember your password if you do choose to give us an invalid email address...[br]
- [br]
- Anyway, having an account here has a few advantages over being just a regular visitor[br]
- - You can contribute to the database by editing any entries and adding new ones[br]
- - Keep track of all visual novels and releases you have, you'd like to play, are playing, or have finished playing[br]
- - Vote on the visual novels you liked or disliked[br]
- - Contribute to the discussions on the boards
-ru : Создание учётной записи совершенно безопасно. Единственное, что нам от вас требуется - желаемое имя
- пользователя и пароль. Вы можете ввести любой, даже абсолютно "левый" адрес электронной почты, поскольку
- мы даже не проверяем его подлинность. Однако, помните, что если вы ненароком забудете свой пароль, да ещё
- и ввели неправильный адрес...[br]
- [br]
- В общем, наличие учётной записи даёт несколько преимуществ перед простыми посетителями:[br]
- - Вы можете помогать базе развиваться, редактируя любые страницы и добавляя новые[br]
- - Следить за всеми новеллами и выпусками, которые у вас есть, в которые вы бы хотели сыграть, в которые играете, либо уже доиграли[br]
- - Голосовать за понравившиеся или, наоборот, не понравившиеся новеллы[br]
- - Вступать в обсуждения на ветках форума
-cs : Tvorba účtu je zcela bezbolestná, jediné údaje, které potřebujeme znát jsou uživatelské jméno, které chcete, a vaše heslo.
- Můžete i použít e-mail, který není váš, jelikož ani neověřujeme, že jste nám zadali opravdu váš e-mail.
- Pamatujte ale, že pokud jste zadali neplatnou e-mailovou adresu, pak byste si měli dobře zapamatovat vaše heslo...[br]
- [br]
- V každém případě, založení účtu vám přináší několik výhod oproti běžným návštěvníkům[br]
- - Můžete přispívat do databáze editací všech dat a přidáváním dat nových[br]
- - Mějte přehled o všech vizuálních novelách, které máte, chtěli byste hrát, hrajete, nebo jste dohráli[br]
- - Hlasujte pro vizuální novely, které se vám líbily nebo nelíbily[br]
- - Přispívejte do diskusí na boardech
-hu : Egy fiókot nagyon egyszerű készíteni, minden ami kell egy felhasználónév és egy jelszó. Bármilyen email címet használhatsz,
- minket nem érdekel, hogy a tied vagy nem, mivel nincs külön aktiválás. Viszont ha nem jó emailt adsz meg nekünk
- akkor jól vésd az eszedbe a jelszavad, különben nem tudunk neked segíteni ha elfelejted.[br]
- [br]
- Nos, a saját fiókkal rendelkezők több előnybe is részesülnek mint az egyszerű látogatók[br]
- - Hozzájárulhatsz az adatbázis fejlődéséhez, hiszen szerkeszthetsz, vagy létrehozhatsz új bejegyzéseket[br]
- - Nyomon követheted a tulajdonodban levő visual novellek, helyzetét, állapotát...mit játszol, melyiket fejezted már be stb.[br]
- - Szavazhatsz a visual novellekre, melyek tetszettek, vagy ép meggyűlöltették magukat[br]
- - Bekapcsolódhatsz a fórumba levő beszélgetésekbe
-nl : Een account aanmaken is volledig pijnloos, wij hebben alleen je gewenste gebruikersnaam en
- een wachtwoord nodig. Je kan gerust een vals emailadres gebruiken, zolang je er maar rekening mee
- houdt dat je wel een geldig emailadres nodig hebt als je je wachtwoord bent vergeten...[br]
- [br]
- Het hebben van een account geeft je een aantal voordelen:[br]
- - Je kan verbeteringen doorvoeren in de database, en nieuwe items toevoegen[br]
- - Je kan bijhouden welke visual novels en uitgaven je hebt, je nog wil spelen, of hebt gespeeld[br]
- - Stemmen op visual novels die je leuk (of misschien wel walgelijk) vond[br]
- - Meedoen aan de discussies op het forum
-
-:_register_form_title
-en : New account
-ru : Новая учётная запись
-cs : Nový účet
-hu : Új fiók
-nl : Nieuw account
-
:_register_username
en : Username
ru : Имя пользователя
@@ -6638,20 +6581,6 @@ hu : Az email címed csakis akkor kerül használatba ha elveszted a jelszavad.
nl : Je emailadres wordt gebruikt als je je wachtwoord bent vergeten. We zullen je geen spam
of nieuwsbrieven sturen tenzij je ons er expliciet om vraagt.
-:_register_password
-en : Password
-ru : Пароль
-cs : Heslo
-hu : Jelszó
-nl : Wachtwoord
-
-:_register_confirm
-en : Confirm password
-ru : Подтверждение пароля
-cs : Potvrdit heslo
-hu : Jelszó megerősítése
-nl : Herhaal wachtwoord
-
:_register_question
en : How many [index,_1,visual novels,releases,producers] do we have in the database? (Hint: look to your left)
ru : Сколько [index,_1,новелл,выпусков,компаний] у нас в базе? (Подсказка: посмотрите слева)
@@ -6666,6 +6595,54 @@ cs : Odpověď
hu : Válasz
nl : Antwoord
+:_register_mail_body
+en : Hello [_1]
+
+ Someone has registered an account on VNDB.org with your email address. To
+ confirm your registration, follow the link below.
+
+ [_2]
+
+ If you don't remember creating an account on VNDB.org recently, please
+ ignore this e-mail.
+
+ vndb.org
+ru*:
+cs*:
+hu*:
+nl : Hallo [_1],
+
+ Iemand heeft een account aangemaakt op VNDB.org met jouw emailadres. Om
+ verder te gaan met de registratie, volg de onderstaande link.
+
+ [_2]
+
+ Als je niet recentelijk een account hebt aangemaakt op VNDB.org, negeer
+ deze email dan.
+
+ vndb.org
+
+:_register_mail_subject
+en : Confirm registration for [_1]
+ru*:
+cs*:
+hu*:
+nl : Emailbevestiging voor [_1]
+
+:_register_done_title
+en : Account created
+ru*:
+cs*:
+hu*:
+nl : Account aangemaakt
+
+:_register_done_msg
+en : Your account has been created! In a few minutes, you should receive an email with instructions to set your password.
+ru*:
+cs*:
+hu*:
+nl : Je account is aangemaakt! Binnen een paar minuten krijg je een email met instructies om een wachtwoord in te stellen.
+
# User edit (/u+/edit)
diff --git a/lib/Multi/Maintenance.pm b/lib/Multi/Maintenance.pm
index 33154f9b..a754e618 100644
--- a/lib/Multi/Maintenance.pm
+++ b/lib/Multi/Maintenance.pm
@@ -18,13 +18,13 @@ sub spawn {
package_states => [
$p => [qw|
_start shutdown set_daily daily set_monthly monthly log_stats
- vncache_inc tagcache traitcache vnpopularity vnrating cleangraphs cleansessions cleannotifications
+ vncache_inc tagcache traitcache vnpopularity vnrating cleangraphs cleansessions cleannotifications rmuncomfirmusers
vncache_full usercache statscache logrotate
vnsearch_check vnsearch_gettitles vnsearch_update
|],
],
heap => {
- daily => [qw|vncache_inc tagcache traitcache vnpopularity vnrating cleangraphs cleansessions cleannotifications|],
+ daily => [qw|vncache_inc tagcache traitcache vnpopularity vnrating cleangraphs cleansessions cleannotifications rmuncomfirmusers|],
monthly => [qw|vncache_full usercache statscache logrotate|],
vnsearch_checkdelay => 3600,
@_,
@@ -177,6 +177,14 @@ sub cleannotifications {
}
+sub rmuncomfirmusers {
+ $_[KERNEL]->post(pg => do =>
+ q|DELETE FROM users WHERE NOT email_confirmed AND registered < NOW()-'1 week'::interval|,
+ undef, 'log_stats', 'rmunconfirmusers');
+}
+
+
+
#
# M O N T H L Y J O B S
#
diff --git a/lib/VNDB/DB/Users.pm b/lib/VNDB/DB/Users.pm
index abea9bec..88de4d96 100644
--- a/lib/VNDB/DB/Users.pm
+++ b/lib/VNDB/DB/Users.pm
@@ -118,7 +118,7 @@ sub dbUserEdit {
my %h;
defined $o{$_} && ($h{$_.' = ?'} = $o{$_})
- for (qw| username mail perm salt ign_votes |);
+ for (qw| username mail perm salt ign_votes email_confirmed |);
$h{'passwd = decode(?, \'hex\')'} = $o{passwd}
if defined $o{passwd};
@@ -134,8 +134,8 @@ sub dbUserEdit {
# username, pass(ecrypted), salt, mail, [ip]
sub dbUserAdd {
my($s, @o) = @_;
- $s->dbExec(q|INSERT INTO users (username, passwd, salt, mail, ip) VALUES(?, decode(?, 'hex'), ?, ?, ?)|,
- @o[0..3], $o[4]||$s->reqIP);
+ $s->dbRow(q|INSERT INTO users (username, passwd, salt, mail, ip) VALUES(?, decode(?, 'hex'), ?, ?, ?) RETURNING id|,
+ @o[0..3], $o[4]||$s->reqIP)->{id};
}
diff --git a/lib/VNDB/Handler/Users.pm b/lib/VNDB/Handler/Users.pm
index 641190aa..58410f8b 100644
--- a/lib/VNDB/Handler/Users.pm
+++ b/lib/VNDB/Handler/Users.pm
@@ -16,6 +16,7 @@ TUWF::register(
qr{u/newpass/sent} => \&newpass_sent,
qr{u([1-9]\d*)/setpass} => \&setpass,
qr{u/register} => \&register,
+ qr{u/register/done} => \&register_done,
qr{u([1-9]\d*)/edit} => \&edit,
qr{u([1-9]\d*)/posts} => \&posts,
qr{u([1-9]\d*)/del(/[od])?} => \&delete,
@@ -220,10 +221,7 @@ sub newpass_sent {
div class => 'mainbox';
h1 mt '_newpass_sent_title';
div class => 'notice';
- h2 mt '_newpass_sent_subtitle';
- p;
- lit mt '_newpass_sent_msg';
- end;
+ p mt '_newpass_sent_msg';
end;
end;
$self->htmlFooter;
@@ -251,7 +249,7 @@ sub setpass {
push @{$frm->{_err}}, 'passmatch' if $frm->{usrpass} ne $frm->{usrpass2};
if(!$frm->{_err}) {
- my %o;
+ my %o = (email_confirmed => 1);
($o{passwd}, $o{salt}) = $self->authPreparePass($frm->{usrpass});
$self->dbUserEdit($uid, %o);
return $self->authLogin($u->{username}, $frm->{usrpass}, "/u$uid");
@@ -261,8 +259,8 @@ sub setpass {
$self->htmlHeader(title => mt('_setpass_title', $u->{username}), noindex => 1);
$self->htmlForm({ frm => $frm, action => "/u$u->{id}/setpass?t=$t" }, setpass => [ mt('_setpass_title', $u->{username}),
[ static => nolabel => 1, content => mt '_setpass_msg' ],
- [ passwd => short => 'usrpass', name => mt('_register_password') ],
- [ passwd => short => 'usrpass2', name => mt('_register_confirm') ],
+ [ passwd => short => 'usrpass', name => mt('_setpass_password') ],
+ [ passwd => short => 'usrpass2', name => mt('_setpass_confirm') ],
]);
$self->htmlFooter;
}
@@ -278,43 +276,36 @@ sub register {
$frm = $self->formValidate(
{ post => 'usrname', template => 'pname', minlength => 2, maxlength => 15 },
{ post => 'mail', template => 'mail' },
- { post => 'usrpass', minlength => 4, maxlength => 64, template => 'asciiprint' },
- { post => 'usrpass2', minlength => 4, maxlength => 64, template => 'asciiprint' },
{ post => 'type', regex => [ qr/^[1-3]$/ ] },
{ post => 'answer', template => 'int' },
);
my $num = $self->{stats}{[qw|vn releases producers|]->[ $frm->{type} - 1 ]};
push @{$frm->{_err}}, 'notanswer' if !$frm->{_err} && ($frm->{answer} > $num || $frm->{answer} < $num*0.995);
- push @{$frm->{_err}}, 'passmatch' if $frm->{usrpass} ne $frm->{usrpass2};
push @{$frm->{_err}}, 'usrexists' if $frm->{usrname} eq 'anonymous' || !$frm->{_err} && $self->dbUserGet(username => $frm->{usrname})->[0]{id};
push @{$frm->{_err}}, 'mailexists' if !$frm->{_err} && $self->dbUserGet(mail => $frm->{mail})->[0]{id};
push @{$frm->{_err}}, 'oneaday' if !$frm->{_err} && $self->dbUserGet(ip => $self->reqIP, registered => time-24*3600)->[0]{id};
if(!$frm->{_err}) {
- my ($pass, $salt) = $self->authPreparePass($frm->{usrpass});
- $self->dbUserAdd($frm->{usrname}, $pass, $salt, $frm->{mail});
- return $self->authLogin($frm->{usrname}, $frm->{usrpass}, '/');
+ my($token, $pass, $salt) = $self->authPrepareReset();
+ my $uid = $self->dbUserAdd($frm->{usrname}, $pass, $salt, $frm->{mail});
+ $self->mail(mt('_register_mail_body', $frm->{usrname}, "$self->{url}/u$uid/setpass?t=$token"),
+ To => $frm->{mail},
+ From => 'VNDB <noreply@vndb.org>',
+ Subject => mt('_register_mail_subject', $frm->{usrname}),
+ );
+ return $self->resRedirect('/u/register/done', 'post');
}
}
$self->htmlHeader(title => mt('_register_title'), noindex => 1);
- div class => 'mainbox';
- h1 mt '_register_title';
- h2 mt '_register_why';
- p;
- lit mt '_register_why_msg';
- end;
- end;
my $type = $frm->{type} || floor(rand 3)+1;
- $self->htmlForm({ frm => $frm, action => '/u/register' }, register => [ mt('_register_form_title'),
+ $self->htmlForm({ frm => $frm, action => '/u/register' }, register => [ mt('_register_title'),
[ hidden => short => 'type', value => $type ],
[ input => short => 'usrname', name => mt '_register_username' ],
[ static => content => mt '_register_username_msg' ],
[ input => short => 'mail', name => mt '_register_mail' ],
[ static => content => mt('_register_mail_msg').'<br /><br />' ],
- [ passwd => short => 'usrpass', name => mt('_register_password') ],
- [ passwd => short => 'usrpass2', name => mt('_register_confirm') ],
[ static => content => '<br /><br />'.mt('_register_question', $type-1) ],
[ input => short => 'answer', name => mt '_register_answer' ],
]);
@@ -322,6 +313,20 @@ sub register {
}
+sub register_done {
+ my $self = shift;
+ return $self->resRedirect('/') if $self->authInfo->{id};
+ $self->htmlHeader(title => mt('_register_done_title'), noindex => 1);
+ div class => 'mainbox';
+ h1 mt '_register_done_title';
+ div class => 'notice';
+ p mt '_register_done_msg';
+ end;
+ end;
+ $self->htmlFooter;
+}
+
+
sub edit {
my($self, $uid) = @_;
diff --git a/util/sql/schema.sql b/util/sql/schema.sql
index 6cbd2b14..40af8975 100644
--- a/util/sql/schema.sql
+++ b/util/sql/schema.sql
@@ -365,7 +365,8 @@ CREATE TABLE users (
ip inet NOT NULL DEFAULT '0.0.0.0',
c_tags integer NOT NULL DEFAULT 0,
salt character(9) NOT NULL DEFAULT '',
- ign_votes boolean NOT NULL DEFAULT FALSE
+ ign_votes boolean NOT NULL DEFAULT FALSE,
+ email_confirmed boolean NOT NULL DEFAULT FALSE
);
-- users_prefs
diff --git a/util/updates/update_2.21.sql b/util/updates/update_2.21.sql
index d90a510d..30ddac60 100644
--- a/util/updates/update_2.21.sql
+++ b/util/updates/update_2.21.sql
@@ -6,3 +6,12 @@ UPDATE releases_rev SET resolution = resolution + 1 WHERE resolution >= 5;
-- Old MD5 passwords can't be used anymore, so delete them
UPDATE users SET passwd = '' WHERE salt = '';
+
+-- Email addresses now have to be confirmed upon registration
+-- This boolean column won't really checked on login, it's just here for
+-- administration purposes. The passwd/salt columns contain a
+-- password-reset-token, so the user won't be able to login directly after
+-- registration anyway.
+ALTER TABLE users ADD COLUMN email_confirmed boolean NOT NULL DEFAULT FALSE;
+UPDATE users SET email_confirmed = TRUE;
+