boinc/html/user/user_optin_action.php

<?php
// This file is part of BOINC.
// http://boinc.berkeley.edu
// Copyright (C) 2014 University of California
//
// BOINC is free software; you can redistribute it and/or modify it
// under the terms of the GNU Lesser General Public License
// as published by the Free Software Foundation,
// either version 3 of the License, or (at your option) any later version.
//
// BOINC is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
// See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC.  If not, see <http://www.gnu.org/licenses/>.

// Sets the user's consent to the terms of use.
// Logs user in by sending a cookie.

require_once("../inc/boinc_db.inc");
require_once("../inc/util.inc");
require_once("../inc/user.inc");
require_once("../inc/consent.inc");

// Get the next url from POST
$next_url = post_str("next_url", true);
$next_url = urldecode($next_url);
$next_url = sanitize_local_url($next_url);
if (strlen($next_url) == 0) {
    $next_url = USER_HOME;
}

// Check opt-in checkbox
$optin = post_str("terms_of_use_optin_consent", true);
if (!$optin) {
    error_page(tra("You have not opted in to our terms of use. You may not continue until you do so."));
}

// Obtain session information
session_start();
$user = $_SESSION['user'];
$authenticator = $user->authenticator;
$perm = $_SESSION['perm'];

// Set consent in database
$consent_result = BoincConsent::lookup("userid=$user->id AND consent_id=1");
if ($consent_result) {
    $cquery = "consent_flag=1, consent_not_required=0";
    $cquery .= " WHERE userid = $user->id AND consent_id = 1";
    $rc1 = $consent_result->update($cquery);
    if (!$rc1) {
        error_page("Database error when attempting to UPDATE table consent with ID=$user->id. Please contact site administrators.");
    }
}
else {
    $rc2 = consent_to_a_policy($user, 1, 1, 0, 'Webreg', time());
    if (!$rc2) {
        error_page("Database error when attempting to INSERT into table consent with ID=$user->id. Please contact site administrators.");
    }
}

// Log-in user
send_cookie('auth', $authenticator, $perm);
session_unset();
session_destroy();

// Send user to next_url
Header("Location: ".url_base()."$next_url");
?>
web: Add an opt-in consent form to login workflow. When a user logs in, and they have not yet consented, the user is presented with a form to consent to the Terms of Use. This adds or modifies records in the consent table. Supported logins are: web form, authenticator, email_link, and ldap. 2018-05-08 19:36:05 +00:00			`<?php`
			`// This file is part of BOINC.`
			`// http://boinc.berkeley.edu`
			`// Copyright (C) 2014 University of California`
			`//`
			`// BOINC is free software; you can redistribute it and/or modify it`
			`// under the terms of the GNU Lesser General Public License`
			`// as published by the Free Software Foundation,`
			`// either version 3 of the License, or (at your option) any later version.`
			`//`
			`// BOINC is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.`
			`// See the GNU Lesser General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU Lesser General Public License`
			`// along with BOINC. If not, see <http://www.gnu.org/licenses/>.`

			`// Sets the user's consent to the terms of use.`
			`// Logs user in by sending a cookie.`

			`require_once("../inc/boinc_db.inc");`
			`require_once("../inc/util.inc");`
			`require_once("../inc/user.inc");`
			`require_once("../inc/consent.inc");`

			`// Get the next url from POST`
			`$next_url = post_str("next_url", true);`
			`$next_url = urldecode($next_url);`
			`$next_url = sanitize_local_url($next_url);`
			`if (strlen($next_url) == 0) {`
			`$next_url = USER_HOME;`
			`}`

			`// Check opt-in checkbox`
			`$optin = post_str("terms_of_use_optin_consent", true);`
			`if (!$optin) {`
			`error_page(tra("You have not opted in to our terms of use. You may not continue until you do so."));`
			`}`

			`// Obtain session information`
			`session_start();`
			`$user = $_SESSION['user'];`
			`$authenticator = $user->authenticator;`
			`$perm = $_SESSION['perm'];`

			`// Set consent in database`
			`$consent_result = BoincConsent::lookup("userid=$user->id AND consent_id=1");`
			`if ($consent_result) {`
			`$cquery = "consent_flag=1, consent_not_required=0";`
			`$cquery .= " WHERE userid = $user->id AND consent_id = 1";`
			`$rc1 = $consent_result->update($cquery);`
			`if (!$rc1) {`
			`error_page("Database error when attempting to UPDATE table consent with ID=$user->id. Please contact site administrators.");`
			`}`
			`}`
			`else {`
web: Misc minor changes. Changed name of consent function to be more generic. Added translation of ops page text. 2018-05-22 20:40:18 +00:00			`$rc2 = consent_to_a_policy($user, 1, 1, 0, 'Webreg', time());`
web: Add an opt-in consent form to login workflow. When a user logs in, and they have not yet consented, the user is presented with a form to consent to the Terms of Use. This adds or modifies records in the consent table. Supported logins are: web form, authenticator, email_link, and ldap. 2018-05-08 19:36:05 +00:00			`if (!$rc2) {`
			`error_page("Database error when attempting to INSERT into table consent with ID=$user->id. Please contact site administrators.");`
			`}`
			`}`

			`// Log-in user`
			`send_cookie('auth', $authenticator, $perm);`
			`session_unset();`
			`session_destroy();`

			`// Send user to next_url`
			`Header("Location: ".url_base()."$next_url");`
web: Misc minor changes. Changed name of consent function to be more generic. Added translation of ops page text. 2018-05-22 20:40:18 +00:00			`?>`