From 2d90e8b89d22cd43b95c5156ff582a9349ef264e Mon Sep 17 00:00:00 2001
From: Andrea Zagli <azagli@libero.it>
Date: Sun, 14 Feb 2016 13:22:54 +0100
Subject: [PATCH] Implemented user confirmation.
---
src/main.c | 1 +
src/user.c | 213 +++++++++++++++++++++++++++++++++++++++++++++++------
src/user.h | 1 +
3 files changed, 193 insertions(+), 22 deletions(-)
diff --git a/src/main.c b/src/main.c
index de6d6ad..a9a1fd4 100644
--- a/src/main.c
+++ b/src/main.c
@@ -190,6 +190,7 @@ main (int argc, char *argv[])
zak_cgi_url_connect (zcgi_url, "/user[/]?", (ZakCgiUrlConnectedFunction)user_register, commons);
zak_cgi_url_connect (zcgi_url, "/user/register", (ZakCgiUrlConnectedFunction)user_register, commons);
+ zak_cgi_url_connect (zcgi_url, "/user/confirm/(?<link>[a-zA-Z0-9]+)", (ZakCgiUrlConnectedFunction)user_confirm, commons);
zak_cgi_url_dispatch (zcgi_url);
diff --git a/src/user.c b/src/user.c
index b60005b..0937155 100644
--- a/src/user.c
+++ b/src/user.c
@@ -30,6 +30,179 @@
#include "user.h"
+void
+user_confirm (GMatchInfo *minfo, gpointer user_data)
+{
+ CtplEnviron *env;
+
+ gchar *filename;
+ gchar *content;
+
+ GValue *gval;
+ GdaExSqlBuilder *sqlb;
+ GdaDataModel *dm;
+
+ GDateTime *gdt_now;
+
+ GError *error;
+ gchar *cnc_string;
+ GdaEx *gdaex_authedb;
+
+ guint i;
+ gchar digest[17] = "";
+ gchar pwd_gcrypt[33] = "";
+
+ Commons *commons = (Commons *)user_data;
+
+ if (get_is_logged (commons))
+ {
+ zak_cgi_main_redirect (commons->zcgi_main, "/bcity/bcity_fe/index/index");
+ return;
+ }
+
+ env = ctpl_environ_new ();
+ ctpl_environ_push_string (env, "form_msg", "");
+ ctpl_environ_push_string (env, "form", "");
+
+ sqlb = gdaex_sql_builder_new (GDA_SQL_STATEMENT_SELECT);
+
+ gdaex_sql_builder_from (sqlb, "users_to_register", "");
+
+ gdaex_sql_builder_fields (sqlb,
+ "users_to_register", "code", "", NULL,
+ "users_to_register", "password", "", NULL,
+ NULL);
+
+ gval = zak_utils_gvalue_new_string (g_match_info_fetch_named (minfo, "link"));
+ gdaex_sql_builder_where (sqlb, 0,
+ "users_to_register", "link", "",
+ GDA_SQL_OPERATOR_TYPE_EQ,
+ gval,
+ NULL);
+ g_value_unset (gval);
+
+ gdt_now = g_date_time_new_now_local ();
+ gval = zak_utils_gvalue_new_string (zak_utils_gdatetime_to_sql (gdt_now, "%F"));
+ gdaex_sql_builder_where (sqlb, 0,
+ "users_to_register", "expire", "",
+ GDA_SQL_OPERATOR_TYPE_GEQ,
+ gval,
+ NULL);
+ g_value_unset (gval);
+
+ dm = gdaex_sql_builder_query (sqlb, commons->gdaex, NULL);
+ g_object_unref (sqlb);
+ if (!gdaex_data_model_is_empty (dm))
+ {
+ /* elimina l'attesa registrazione */
+ sqlb = gdaex_sql_builder_new (GDA_SQL_STATEMENT_DELETE);
+
+ gdaex_sql_builder_from (sqlb, "users_to_register", "");
+
+ gval = zak_utils_gvalue_new_string (g_match_info_fetch_named (minfo, "link"));
+ gdaex_sql_builder_where (sqlb, 0,
+ "users_to_register", "link", "",
+ GDA_SQL_OPERATOR_TYPE_EQ,
+ gval,
+ NULL);
+ g_value_unset (gval);
+
+ if (gdaex_sql_builder_execute (sqlb, commons->gdaex, NULL) < 0)
+ {
+ g_warning ("Errore nell'eliminazione dell'attesa registrazione.");
+ }
+
+ /* salvo la password in zakauthedb */
+ /* leggo i parametri per libzakauthe */
+ error = NULL;
+ cnc_string = g_key_file_get_value (commons->config, "ZAKAUTHE", "cnc_string", &error);
+ if (cnc_string == NULL || error != NULL)
+ {
+ g_warning ("Impossibile leggere la stringa di connessione per libzakauthe dal file di configurazione: %s.",
+ error != NULL && error->message != NULL ? error->message : "nessun dettaglio");
+ }
+ else
+ {
+ gdaex_authedb = gdaex_new_from_string (cnc_string);
+ if (gdaex_authedb == NULL)
+ {
+ g_warning ("Errore nella connessione al database libzakauthe: %s", cnc_string);
+ }
+ else
+ {
+ sqlb = gdaex_sql_builder_new (GDA_SQL_STATEMENT_UPDATE);
+
+ gdaex_sql_builder_from (sqlb, "users", "");
+
+ /* cifro la password */
+ gcry_md_hash_buffer (GCRY_MD_MD5, &digest, gdaex_data_model_get_field_value_stringify_at (dm, 0, "password"), strlen (gdaex_data_model_get_field_value_stringify_at (dm, 0, "password")));
+ for (i = 0; i < 16; i++)
+ {
+ g_sprintf (pwd_gcrypt + (i * 2), "%02x", digest[i] & 0xFF);
+ }
+ pwd_gcrypt[32] = '\0';
+
+ gval = zak_utils_gvalue_new_string (&pwd_gcrypt[0]);
+ gdaex_sql_builder_field (sqlb,
+ "users", "password", "", gval);
+ g_value_unset (gval);
+
+ gval = zak_utils_gvalue_new_boolean (TRUE);
+ gdaex_sql_builder_field (sqlb,
+ "users", "enabled", "", gval);
+ g_value_unset (gval);
+
+ gval = zak_utils_gvalue_new_string (gdaex_data_model_get_field_value_stringify_at (dm, 0, "code"));
+ gdaex_sql_builder_where (sqlb, 0,
+ "users", "code", "",
+ GDA_SQL_OPERATOR_TYPE_EQ,
+ gval,
+ NULL);
+ g_value_unset (gval);
+
+ if (gdaex_sql_builder_execute (sqlb, gdaex_authedb, NULL) < 0)
+ {
+ g_warning ("Errore nel salvataggio in zakauthedb.");
+ }
+
+ ctpl_environ_push_string (env,
+ "form",
+ "Conferma utente avvenuta con successo.<br />\n"
+ "Addesso è possibile utilizzare B-City.<br /><br />\n"
+ "<form action=\"/bcity/bcity_fe\">\n"
+ "<button id=\"submit\" name=\"submit\" class=\"btn btn-lg btn-primary btn-block\" type=\"submit\">Continua</button>\n"
+ "</form>");
+ }
+ }
+ }
+ else
+ {
+ ctpl_environ_push_string (env, "form", "Utente non registrato.");
+ }
+ if (dm != NULL)
+ {
+ g_object_unref (dm);
+ }
+
+ filename = g_build_filename (commons->ctpldir, "user_register.ctpl", NULL);
+ content = get_ctpl_filled (filename, env);
+ g_free (filename);
+ ctpl_environ_unref (env);
+
+ env = ctpl_environ_new ();
+ ctpl_environ_push_string (env, "head", "");
+ ctpl_environ_push_string (env, "body_tag", "");
+ ctpl_environ_push_string (env, "body", content);
+
+ filename = g_build_filename (commons->ctpldir, "template.ctpl", NULL);
+ g_string_printf (commons->out, "%s",
+ get_ctpl_filled (filename, env));
+ g_free (filename);
+ ctpl_environ_unref (env);
+
+ g_free (content);
+}
+
void
user_register (GMatchInfo *minfo, gpointer user_data)
{
@@ -60,6 +233,15 @@ user_register (GMatchInfo *minfo, gpointer user_data)
ZakFormElement *form_element;
+ gchar *str;
+ gchar digest[17] = "";
+ gchar pwd_gcrypt[33] = "";
+
+ GValue *gval;
+ GdaExSqlBuilder *sqlb;
+ GDateTime *gdt_now;
+ GDateTime *gdt;
+
Commons *commons = (Commons *)user_data;
if (get_is_logged (commons))
@@ -85,7 +267,7 @@ user_register (GMatchInfo *minfo, gpointer user_data)
zak_cgi_form_bind (form);
if (zak_form_form_is_valid (ZAK_FORM_FORM (form)))
{
- /* leggo i parametri per libzakautho */
+ /* leggo i parametri per libzakauthe */
error = NULL;
cnc_string = g_key_file_get_value (commons->config, "ZAKAUTHE", "cnc_string", &error);
if (cnc_string == NULL || error != NULL)
@@ -117,10 +299,6 @@ user_register (GMatchInfo *minfo, gpointer user_data)
form_element = zak_form_form_get_element_by_id (ZAK_FORM_FORM (form), "code");
/* genero la password */
- gchar *str;
- gchar digest[17] = "";
- gchar pwd_gcrypt[33] = "";
-
str = g_strdup_printf ("%f", g_random_double ());
gcry_md_hash_buffer (GCRY_MD_MD5, &digest, str, strlen (str));
@@ -150,41 +328,32 @@ user_register (GMatchInfo *minfo, gpointer user_data)
g_free (str);
/* salvo l'attesa di registrazione nel db */
- GValue *gval;
- GdaExSqlBuilder *sqlb;
- GDateTime *gdt_now;
- GDateTime *gdt;
-
sqlb = gdaex_sql_builder_new (GDA_SQL_STATEMENT_INSERT);
gdaex_sql_builder_from (sqlb, "users_to_register", "");
gval = zak_utils_gvalue_new_string (&pwd_gcrypt[0]);
- gdaex_sql_builder_fields (sqlb,
- "users_to_register", "link", "", gval,
- NULL);
+ gdaex_sql_builder_field (sqlb,
+ "users_to_register", "link", "", gval);
g_value_unset (gval);
gval = zak_utils_gvalue_new_string (zak_form_element_get_value (form_element));
- gdaex_sql_builder_fields (sqlb,
- "users_to_register", "code", "", gval,
- NULL);
+ gdaex_sql_builder_field (sqlb,
+ "users_to_register", "code", "", gval);
g_value_unset (gval);
gdt_now = g_date_time_new_now_local ();
gdt = g_date_time_add_days (gdt_now, 15);
gval = zak_utils_gvalue_new_string (zak_utils_gdatetime_to_sql (gdt, NULL));
- gdaex_sql_builder_fields (sqlb,
- "users_to_register", "expire", "", gval,
- NULL);
+ gdaex_sql_builder_field (sqlb,
+ "users_to_register", "expire", "", gval);
g_value_unset (gval);
g_date_time_unref (gdt_now);
g_date_time_unref (gdt);
gval = zak_utils_gvalue_new_string (password);
- gdaex_sql_builder_fields (sqlb,
- "users_to_register", "password", "", gval,
- NULL);
+ gdaex_sql_builder_field (sqlb,
+ "users_to_register", "password", "", gval);
g_value_unset (gval);
if (gdaex_sql_builder_execute (sqlb, commons->gdaex, NULL) < 0)
diff --git a/src/user.h b/src/user.h
index 863d8f2..22e14de 100644
--- a/src/user.h
+++ b/src/user.h
@@ -27,6 +27,7 @@
#include "commons.h"
+void user_confirm (GMatchInfo *minfo, gpointer user_data);
void user_register (GMatchInfo *minfo, gpointer user_data);
--
2.49.0