From: Andrea Zagli Date: Sun, 14 Feb 2016 12:22:54 +0000 (+0100) Subject: Implemented user confirmation. X-Git-Url: https://saetta.ns0.it/gitweb?a=commitdiff_plain;h=2d90e8b89d22cd43b95c5156ff582a9349ef264e;p=bcity%2Ffe Implemented user confirmation. --- diff --git a/src/main.c b/src/main.c index de6d6ad..a9a1fd4 100644 --- a/src/main.c +++ b/src/main.c @@ -190,6 +190,7 @@ main (int argc, char *argv[]) zak_cgi_url_connect (zcgi_url, "/user[/]?", (ZakCgiUrlConnectedFunction)user_register, commons); zak_cgi_url_connect (zcgi_url, "/user/register", (ZakCgiUrlConnectedFunction)user_register, commons); + zak_cgi_url_connect (zcgi_url, "/user/confirm/(?[a-zA-Z0-9]+)", (ZakCgiUrlConnectedFunction)user_confirm, commons); zak_cgi_url_dispatch (zcgi_url); diff --git a/src/user.c b/src/user.c index b60005b..0937155 100644 --- a/src/user.c +++ b/src/user.c @@ -30,6 +30,179 @@ #include "user.h" +void +user_confirm (GMatchInfo *minfo, gpointer user_data) +{ + CtplEnviron *env; + + gchar *filename; + gchar *content; + + GValue *gval; + GdaExSqlBuilder *sqlb; + GdaDataModel *dm; + + GDateTime *gdt_now; + + GError *error; + gchar *cnc_string; + GdaEx *gdaex_authedb; + + guint i; + gchar digest[17] = ""; + gchar pwd_gcrypt[33] = ""; + + Commons *commons = (Commons *)user_data; + + if (get_is_logged (commons)) + { + zak_cgi_main_redirect (commons->zcgi_main, "/bcity/bcity_fe/index/index"); + return; + } + + env = ctpl_environ_new (); + ctpl_environ_push_string (env, "form_msg", ""); + ctpl_environ_push_string (env, "form", ""); + + sqlb = gdaex_sql_builder_new (GDA_SQL_STATEMENT_SELECT); + + gdaex_sql_builder_from (sqlb, "users_to_register", ""); + + gdaex_sql_builder_fields (sqlb, + "users_to_register", "code", "", NULL, + "users_to_register", "password", "", NULL, + NULL); + + gval = zak_utils_gvalue_new_string (g_match_info_fetch_named (minfo, "link")); + gdaex_sql_builder_where (sqlb, 0, + "users_to_register", "link", "", + GDA_SQL_OPERATOR_TYPE_EQ, + gval, + NULL); + g_value_unset (gval); + + gdt_now = g_date_time_new_now_local (); + gval = zak_utils_gvalue_new_string (zak_utils_gdatetime_to_sql (gdt_now, "%F")); + gdaex_sql_builder_where (sqlb, 0, + "users_to_register", "expire", "", + GDA_SQL_OPERATOR_TYPE_GEQ, + gval, + NULL); + g_value_unset (gval); + + dm = gdaex_sql_builder_query (sqlb, commons->gdaex, NULL); + g_object_unref (sqlb); + if (!gdaex_data_model_is_empty (dm)) + { + /* elimina l'attesa registrazione */ + sqlb = gdaex_sql_builder_new (GDA_SQL_STATEMENT_DELETE); + + gdaex_sql_builder_from (sqlb, "users_to_register", ""); + + gval = zak_utils_gvalue_new_string (g_match_info_fetch_named (minfo, "link")); + gdaex_sql_builder_where (sqlb, 0, + "users_to_register", "link", "", + GDA_SQL_OPERATOR_TYPE_EQ, + gval, + NULL); + g_value_unset (gval); + + if (gdaex_sql_builder_execute (sqlb, commons->gdaex, NULL) < 0) + { + g_warning ("Errore nell'eliminazione dell'attesa registrazione."); + } + + /* salvo la password in zakauthedb */ + /* leggo i parametri per libzakauthe */ + error = NULL; + cnc_string = g_key_file_get_value (commons->config, "ZAKAUTHE", "cnc_string", &error); + if (cnc_string == NULL || error != NULL) + { + g_warning ("Impossibile leggere la stringa di connessione per libzakauthe dal file di configurazione: %s.", + error != NULL && error->message != NULL ? error->message : "nessun dettaglio"); + } + else + { + gdaex_authedb = gdaex_new_from_string (cnc_string); + if (gdaex_authedb == NULL) + { + g_warning ("Errore nella connessione al database libzakauthe: %s", cnc_string); + } + else + { + sqlb = gdaex_sql_builder_new (GDA_SQL_STATEMENT_UPDATE); + + gdaex_sql_builder_from (sqlb, "users", ""); + + /* cifro la password */ + gcry_md_hash_buffer (GCRY_MD_MD5, &digest, gdaex_data_model_get_field_value_stringify_at (dm, 0, "password"), strlen (gdaex_data_model_get_field_value_stringify_at (dm, 0, "password"))); + for (i = 0; i < 16; i++) + { + g_sprintf (pwd_gcrypt + (i * 2), "%02x", digest[i] & 0xFF); + } + pwd_gcrypt[32] = '\0'; + + gval = zak_utils_gvalue_new_string (&pwd_gcrypt[0]); + gdaex_sql_builder_field (sqlb, + "users", "password", "", gval); + g_value_unset (gval); + + gval = zak_utils_gvalue_new_boolean (TRUE); + gdaex_sql_builder_field (sqlb, + "users", "enabled", "", gval); + g_value_unset (gval); + + gval = zak_utils_gvalue_new_string (gdaex_data_model_get_field_value_stringify_at (dm, 0, "code")); + gdaex_sql_builder_where (sqlb, 0, + "users", "code", "", + GDA_SQL_OPERATOR_TYPE_EQ, + gval, + NULL); + g_value_unset (gval); + + if (gdaex_sql_builder_execute (sqlb, gdaex_authedb, NULL) < 0) + { + g_warning ("Errore nel salvataggio in zakauthedb."); + } + + ctpl_environ_push_string (env, + "form", + "Conferma utente avvenuta con successo.
\n" + "Addesso è possibile utilizzare B-City.

\n" + "
\n" + "\n" + "
"); + } + } + } + else + { + ctpl_environ_push_string (env, "form", "Utente non registrato."); + } + if (dm != NULL) + { + g_object_unref (dm); + } + + filename = g_build_filename (commons->ctpldir, "user_register.ctpl", NULL); + content = get_ctpl_filled (filename, env); + g_free (filename); + ctpl_environ_unref (env); + + env = ctpl_environ_new (); + ctpl_environ_push_string (env, "head", ""); + ctpl_environ_push_string (env, "body_tag", ""); + ctpl_environ_push_string (env, "body", content); + + filename = g_build_filename (commons->ctpldir, "template.ctpl", NULL); + g_string_printf (commons->out, "%s", + get_ctpl_filled (filename, env)); + g_free (filename); + ctpl_environ_unref (env); + + g_free (content); +} + void user_register (GMatchInfo *minfo, gpointer user_data) { @@ -60,6 +233,15 @@ user_register (GMatchInfo *minfo, gpointer user_data) ZakFormElement *form_element; + gchar *str; + gchar digest[17] = ""; + gchar pwd_gcrypt[33] = ""; + + GValue *gval; + GdaExSqlBuilder *sqlb; + GDateTime *gdt_now; + GDateTime *gdt; + Commons *commons = (Commons *)user_data; if (get_is_logged (commons)) @@ -85,7 +267,7 @@ user_register (GMatchInfo *minfo, gpointer user_data) zak_cgi_form_bind (form); if (zak_form_form_is_valid (ZAK_FORM_FORM (form))) { - /* leggo i parametri per libzakautho */ + /* leggo i parametri per libzakauthe */ error = NULL; cnc_string = g_key_file_get_value (commons->config, "ZAKAUTHE", "cnc_string", &error); if (cnc_string == NULL || error != NULL) @@ -117,10 +299,6 @@ user_register (GMatchInfo *minfo, gpointer user_data) form_element = zak_form_form_get_element_by_id (ZAK_FORM_FORM (form), "code"); /* genero la password */ - gchar *str; - gchar digest[17] = ""; - gchar pwd_gcrypt[33] = ""; - str = g_strdup_printf ("%f", g_random_double ()); gcry_md_hash_buffer (GCRY_MD_MD5, &digest, str, strlen (str)); @@ -150,41 +328,32 @@ user_register (GMatchInfo *minfo, gpointer user_data) g_free (str); /* salvo l'attesa di registrazione nel db */ - GValue *gval; - GdaExSqlBuilder *sqlb; - GDateTime *gdt_now; - GDateTime *gdt; - sqlb = gdaex_sql_builder_new (GDA_SQL_STATEMENT_INSERT); gdaex_sql_builder_from (sqlb, "users_to_register", ""); gval = zak_utils_gvalue_new_string (&pwd_gcrypt[0]); - gdaex_sql_builder_fields (sqlb, - "users_to_register", "link", "", gval, - NULL); + gdaex_sql_builder_field (sqlb, + "users_to_register", "link", "", gval); g_value_unset (gval); gval = zak_utils_gvalue_new_string (zak_form_element_get_value (form_element)); - gdaex_sql_builder_fields (sqlb, - "users_to_register", "code", "", gval, - NULL); + gdaex_sql_builder_field (sqlb, + "users_to_register", "code", "", gval); g_value_unset (gval); gdt_now = g_date_time_new_now_local (); gdt = g_date_time_add_days (gdt_now, 15); gval = zak_utils_gvalue_new_string (zak_utils_gdatetime_to_sql (gdt, NULL)); - gdaex_sql_builder_fields (sqlb, - "users_to_register", "expire", "", gval, - NULL); + gdaex_sql_builder_field (sqlb, + "users_to_register", "expire", "", gval); g_value_unset (gval); g_date_time_unref (gdt_now); g_date_time_unref (gdt); gval = zak_utils_gvalue_new_string (password); - gdaex_sql_builder_fields (sqlb, - "users_to_register", "password", "", gval, - NULL); + gdaex_sql_builder_field (sqlb, + "users_to_register", "password", "", gval); g_value_unset (gval); if (gdaex_sql_builder_execute (sqlb, commons->gdaex, NULL) < 0) diff --git a/src/user.h b/src/user.h index 863d8f2..22e14de 100644 --- a/src/user.h +++ b/src/user.h @@ -27,6 +27,7 @@ #include "commons.h" +void user_confirm (GMatchInfo *minfo, gpointer user_data); void user_register (GMatchInfo *minfo, gpointer user_data);