Commit d5d08b8f authored by Marcel Korpel's avatar Marcel Korpel Committed by Lukas Fleischer
Browse files

Add option to hide one's email address



Implements FS#42343.
Signed-off-by: default avatarMarcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer's avatarLukas Fleischer <lfleischer@archlinux.org>
parent f3ec4d1e
......@@ -26,6 +26,7 @@ CREATE TABLE Users (
Suspended TINYINT UNSIGNED NOT NULL DEFAULT 0,
Username VARCHAR(32) NOT NULL,
Email VARCHAR(64) NOT NULL,
HideEmail TINYINT UNSIGNED NOT NULL DEFAULT 0,
Passwd CHAR(32) NOT NULL,
Salt CHAR(32) NOT NULL DEFAULT '',
ResetKey CHAR(32) NOT NULL DEFAULT '',
......
......@@ -17,3 +17,10 @@ ALTER TABLE PackageBases
ADD COLUMN FlaggerComment VARCHAR(255) NOT NULL,
ADD FOREIGN KEY (FlaggerUID) REFERENCES Users(ID) ON DELETE SET NULL;
----
3. Add field to store the state of a user's email address:
----
ALTER TABLE Users
ADD COLUMN HideEmail TINYINT UNSIGNED NOT NULL DEFAULT 0;
----
......@@ -32,10 +32,10 @@ if ($action == "UpdateAccount") {
list($success, $update_account_message) = process_account_form(
"edit", "UpdateAccount",
in_request("U"), in_request("T"), in_request("S"),
in_request("E"), in_request("P"), in_request("C"),
in_request("R"), in_request("L"), in_request("I"),
in_request("K"), in_request("PK"), in_request("J"),
in_request("ID"), $row["Username"]);
in_request("E"), in_request("H"), in_request("P"),
in_request("C"), in_request("R"), in_request("L"),
in_request("I"), in_request("K"), in_request("PK"),
in_request("J"), in_request("ID"), $row["Username"]);
}
}
......@@ -79,8 +79,8 @@ if (isset($_COOKIE["AURSID"])) {
if (can_edit_account($row)) {
display_account_form("UpdateAccount", $row["Username"],
$row["AccountTypeID"], $row["Suspended"], $row["Email"],
"", "", $row["RealName"], $row["LangPreference"],
$row["IRCNick"], $row["PGPKey"], $PK,
$row["HideEmail"], "", "", $row["RealName"],
$row["LangPreference"], $row["IRCNick"], $row["PGPKey"], $PK,
$row["InactivityTS"] ? 1 : 0, $row["ID"], $row["Username"]);
} else {
print __("You do not have permission to edit this account.");
......@@ -115,9 +115,10 @@ if (isset($_COOKIE["AURSID"])) {
if (!$success) {
display_account_form("UpdateAccount", in_request("U"), in_request("T"),
in_request("S"), in_request("E"), in_request("P"), in_request("C"),
in_request("R"), in_request("L"), in_request("I"), in_request("K"),
in_request("PK"), in_request("J"), in_request("ID"), $row["Username"]);
in_request("S"), in_request("E"), in_request("H"), in_request("P"),
in_request("C"), in_request("R"), in_request("L"), in_request("I"),
in_request("K"), in_request("PK"), in_request("J"), in_request("ID"),
$row["Username"]);
}
} else {
......
......@@ -21,7 +21,7 @@ echo '<h2>' . __('Register') . '</h2>';
if (in_request("Action") == "NewAccount") {
list($success, $message) = process_account_form(
"new", "NewAccount", in_request("U"), 1, 0,
in_request("E"), '', '', in_request("R"),
in_request("E"), in_request("H"), '', '', in_request("R"),
in_request("L"), in_request("I"), in_request("K"),
in_request("PK"));
......@@ -29,13 +29,13 @@ if (in_request("Action") == "NewAccount") {
if (!$success) {
display_account_form("NewAccount", in_request("U"), 1, 0,
in_request("E"), '', '', in_request("R"),
in_request("E"), in_request("H"), '', '', in_request("R"),
in_request("L"), in_request("I"), in_request("K"),
in_request("PK"));
}
} else {
print '<p>' . __("Use this form to create an account.") . '</p>';
display_account_form("NewAccount", "", "", "", "", "", "", "", $LANG);
display_account_form("NewAccount", "", "", "", "", "", "", "", "", $LANG);
}
echo '</div>';
......
......@@ -47,6 +47,7 @@ function html_format_pgp_fingerprint($fingerprint) {
* @param string $T The account type of the displayed user
* @param string $S Whether the displayed user has a suspended account
* @param string $E The e-mail address of the displayed user
* @param string $H Whether the e-mail address of the displayed user is hidden
* @param string $P The password value of the displayed user
* @param string $C The confirmed password value of the displayed user
* @param string $R The real name of the displayed user
......@@ -60,7 +61,7 @@ function html_format_pgp_fingerprint($fingerprint) {
*
* @return void
*/
function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="",
function display_account_form($A,$U="",$T="",$S="",$E="",$H="",$P="",$C="",$R="",
$L="",$I="",$K="",$PK="",$J="",$UID=0,$N="") {
global $SUPPORTED_LANGS;
......@@ -78,6 +79,7 @@ function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="",
* @param string $T The account type for the user
* @param string $S Whether or not the account is suspended
* @param string $E The e-mail address for the user
* @param string $H Whether or not the e-mail address should be hidden
* @param string $P The password for the user
* @param string $C The confirmed password for the user
* @param string $R The real name of the user
......@@ -91,7 +93,7 @@ function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="",
*
* @return array Boolean indicating success and message to be printed
*/
function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$P="",$C="",
function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C="",
$R="",$L="",$I="",$K="",$PK="",$J="",$UID=0,$N="") {
global $SUPPORTED_LANGS;
......@@ -324,6 +326,11 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$P="",$C="",
$q.= ", Suspended = 0";
}
$q.= ", Email = " . $dbh->quote($E);
if ($H) {
$q.= ", HideEmail = 1";
} else {
$q.= ", HideEmail = 0";
}
if ($P) {
$salt = generate_salt();
$hash = salted_hash($P, $salt);
......
......@@ -25,7 +25,17 @@
</tr>
<tr>
<th><?= __("Email Address") . ":" ?></th>
<td><a href="mailto:<?= htmlspecialchars($row["Email"], ENT_QUOTES) ?>"><?= htmlspecialchars($row["Email"], ENT_QUOTES) ?></a></td>
<td>
<?php
if ($row["HideEmail"] == 1 && !has_credential(CRED_ACCOUNT_SEARCH)):
print "<em>" . __("hidden") . "</em>";
else:
?>
<a href="mailto:<?= htmlspecialchars($row["Email"], ENT_QUOTES) ?>"><?= htmlspecialchars($row["Email"], ENT_QUOTES) ?></a>
<?php
endif;
?>
</td>
</tr>
<tr>
<th><?= __("Real Name") . ":" ?></th>
......
......@@ -76,6 +76,11 @@
<em><?= __("Please ensure you correctly entered your email address, otherwise you will be locked out.") ?></em>
</p>
<p>
<label for="id_hide"><?= __("Hide Email Address") ?>:</label>
<input type="checkbox" name="H" id="id_hide" <?= $H ? 'checked="checked"' : '' ?> />
</p>
<?php if ($A == "UpdateAccount"): ?>
<p>
<label for="id_passwd1"><?= __("Password") ?>:</label>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment