Added User activation confirmation email - Refs BT#13479

jloguercio · jloguercio · commit 9af6dd0bc66d · 2017-10-02T18:38:48.000-05:00
diff --git a/app/Migrations/Schema/V111/Version20171002154600.php b/app/Migrations/Schema/V111/Version20171002154600.php
@@ -0,0 +1,34 @@
+<?php
+/* For licensing terms, see /license.txt */
+
+namespace Application\Migrations\Schema\V111;
+
+use Application\Migrations\AbstractMigrationChamilo;
+use Doctrine\DBAL\Schema\Schema;
+
+/**
+ * Class Version20171002154600
+ *
+ * Added a new option in registration settings called "confirmation"
+ * This option prevents the new user to login in the platform if your account is not
+ * confirmed via email.
+ * @package Application\Migrations\Schema\V111
+ */
+class Version20171002154600 extends AbstractMigrationChamilo
+{
+    /**
+     * @param Schema $schema
+     */
+    public function up(Schema $schema)
+    {
+        $this->addSql("INSERT INTO settings_options (variable, value, display_text) VALUES ('allow_registration', 'confirmation', 'MailConfirmation')");
+    }
+
+    /**
+     * @param Schema $schema
+     */
+    public function down(Schema $schema)
+    {
+        $this->addSql("DELETE settings_options WHERE variable='allow_registration' AND value='confirmation' AND display_text='MailConfirmation'");
+    }
+}
diff --git a/main/auth/inscription.php b/main/auth/inscription.php
@@ -785,6 +785,26 @@
                 echo $content;
                 Display::display_footer();
                 exit;
+            } else if (api_get_setting('allow_registration') === 'confirmation') {
+                $TABLE_USER = Database::get_main_table(TABLE_MAIN_USER);
+                // 1. set account inactive
+                $sql = "UPDATE $TABLE_USER SET active='0' WHERE user_id = ".$user_id;
+                Database::query($sql);
+
+                // 2. Send mail to the user
+                /** @var \Chamilo\UserBundle\Entity\User $thisUser */
+                $thisUser = Database::getManager()->getRepository('ChamiloUserBundle:User')->find($user_id);
+
+                UserManager::sendUserConfirmationMail($thisUser);
+
+                // 3. exit the page
+                unset($user_id);
+
+                Display::display_header(get_lang('ConfirmationForNewAccount', null, $values['language']));
+                echo Display::page_header(get_lang('YouNeedToConfirmYourAccountViaMailToAccessPlatform', null, $values['language']));
+                echo $content;
+                Display::display_footer();
+                exit;
             }
         }
     }
diff --git a/main/auth/resend_confirmation_mail.php b/main/auth/resend_confirmation_mail.php
@@ -0,0 +1,29 @@
+<?php
+/* For license terms, see /license.txt */
+
+require_once __DIR__.'/../inc/global.inc.php';
+
+// Build the form
+$form = new FormValidator('resend');
+$form->addElement('header', get_lang('ReSendConfirmationMail'));
+$form->addText('user', get_lang('UserName'), true);
+$form->addButtonSend(get_lang('Send'));
+
+if ($form->validate()) {
+    $values = $form->exportValues();
+
+    /** @var \Chamilo\UserBundle\Entity\User $thisUser */
+    $thisUser = Database::getManager()->getRepository('ChamiloUserBundle:User')->findBy(['username' => $values['user']]);
+
+    UserManager::sendUserConfirmationMail($thisUser);
+    Display::addFlash(Display::return_message(get_lang('EmailSend')));
+    header('Location: '.api_get_path(WEB_PATH));
+    exit;
+}
+
+$tpl = new Template(null);
+$tpl->assign('form', $form->toHtml());
+$content = $tpl->get_template('auth/resend_confirmation_mail.tpl');
+$tpl->assign('content', $tpl->fetch($content));
+$tpl->display_one_col_template();
+
diff --git a/main/auth/user_mail_confirmation.php b/main/auth/user_mail_confirmation.php
@@ -0,0 +1,32 @@
+<?php
+/* For license terms, see /license.txt */
+
+require_once __DIR__.'/../inc/global.inc.php';
+
+$token = isset($_GET['token']) ? $_GET['token'] : '';
+
+if (!ctype_alnum($token)) {
+    $token = '';
+}
+
+/** @var \Chamilo\UserBundle\Entity\User $user */
+$user = UserManager::getManager()->findUserByConfirmationToken($token);
+
+if ($user) {
+
+    $user->setActive(1); // Setted 1 to active the user
+    $user->setConfirmationToken(null);
+
+    Database::getManager()->persist($user);
+    Database::getManager()->flush();
+
+    Display::addFlash(Display::return_message(get_lang('UserConfirmedNowYouCanLogInThePlatform'), 'success'));
+    header('Location: '.api_get_path(WEB_PATH));
+    exit;
+} else {
+    Display::addFlash(
+        Display::return_message(get_lang('LinkExpired'))
+    );
+    header('Location: '.api_get_path(WEB_PATH));
+    exit;
+}
diff --git a/main/inc/lib/template.lib.php b/main/inc/lib/template.lib.php
@@ -1389,6 +1389,12 @@ public function handleLoginFailed()
                     break;
                 case 'account_inactive':
                     $message = get_lang('AccountInactive');
+
+                    if (api_get_setting('allow_registration') === 'confirmation') {
+                        $message = sprintf(
+                            get_lang('YourAccountIsInactiveBecauseYouDoesntConfirmItCheckYourMailAndFollowTheInstructionsOrClickHereToReSendEmail'),
+                            Display::url(get_lang('ReSendConfirmationMail'), api_get_path(WEB_PATH) . 'main/auth/resend_confirmation_mail.php'));
+                    }
                     break;
                 case 'user_password_incorrect':
                     $message = get_lang('InvalidId');
diff --git a/main/inc/lib/usermanager.lib.php b/main/inc/lib/usermanager.lib.php
@@ -5681,4 +5681,33 @@ public static function isTeacherOfStudent($teacherId, $studentId)
 
         return false;
     }
+
+    /**
+     * Send user confirmation mail
+     *
+     * @param User $user
+     */
+    public static function sendUserConfirmationMail(User $user)
+    {
+        $uniqueId = api_get_unique_id();
+        $user->setConfirmationToken($uniqueId);
+
+        Database::getManager()->persist($user);
+        Database::getManager()->flush();
+
+        $url = api_get_path(WEB_CODE_PATH).'auth/user_mail_confirmation.php?token='.$uniqueId;
+        $mailSubject = get_lang('InscriptionConfirmation');
+        $mailBody = sprintf(
+            get_lang('ToCompleteYourPlatformInscriptionYouNeedToConfirmYourAccountClickingTheFollowingLink'),
+            $url
+        );
+
+        api_mail_html(
+            $user->getCompleteName(),
+            $user->getEmail(),
+            $mailSubject,
+            $mailBody
+        );
+        Display::addFlash(Display::return_message(get_lang('CheckYourEmailAndFollowInstructions')));
+    }
 }
diff --git a/main/install/data.sql b/main/install/data.sql
@@ -336,6 +336,7 @@ VALUES
 ('allow_registration','true','Yes'),
 ('allow_registration','false','No'),
 ('allow_registration','approval','AfterApproval'),
+('allow_registration','confirmation','MailConfirmation'),
 ('allow_registration_as_teacher','true','Yes'),
 ('allow_registration_as_teacher','false','No'),
 ('allow_lostpassword','true','Yes'),
diff --git a/main/template/default/auth/resend_confirmation_mail.tpl b/main/template/default/auth/resend_confirmation_mail.tpl
@@ -0,0 +1 @@
+{{form}}
