diff --git a/checkin_notes b/checkin_notes index a69b1de1f6..dab5318d63 100755 --- a/checkin_notes +++ b/checkin_notes @@ -24663,3 +24663,28 @@ David 12 Feb 2005 util.inc user/ various (didn't finish) + +David 13 Feb 2005 + - Get rid of the concept of explicitly "activating" an account. + Instead: whenever the server receives an account key + (whether via the web or in a scheduler RPC request) + for an account that has an unverified email address + (i.e. the email_addr field is in 'munged' form) + it changes the email address to non-munged form. + + html/ + inc/ + email.inc + languages/ + language_interface + translations/ + en.po + user/ + account_created.php + account_setup.php + account_setup_first.php + account_setup_nonfirst_done.php + create_account_form.php + login_action.php + sched/ + handle_request.C diff --git a/html/inc/email.inc b/html/inc/email.inc index c21befaff4..7d93690b46 100644 --- a/html/inc/email.inc +++ b/html/inc/email.inc @@ -36,8 +36,7 @@ This email confirms your account with ".PROJECT.": "; if (!$is_validated) { $body .= " -To activate your account, copy and paste your Account Key -in the 'Activate account' page at ".URL_BASE."account_created.php +To configure your account, visit ".URL_BASE."account_created.php "; } } else { diff --git a/html/languages/language_interface b/html/languages/language_interface index bb2787921e..acea032bf2 100644 --- a/html/languages/language_interface +++ b/html/languages/language_interface @@ -26,4 +26,13 @@ RULES_OTHER_TEXT_B CREATE_AC_TITLE CREATE_AC_READ_RULES CREATE_AC_ALREADY_GOT +CREATE_AC_NAME +CREATE_AC_NAME_DESC +CREATE_AC_EMAIL +CREATE_AC_EMAIL_DESC +CREATE_AC_COUNTRY +CREATE_AC_COUNTRY_DESC +CREATE_AC_ZIP +CREATE_AC_CREATE AC_CREATED_TITLE +OPTIONAL diff --git a/html/languages/translations/en.po b/html/languages/translations/en.po index 35c091e25f..58fdf202ff 100644 --- a/html/languages/translations/en.po +++ b/html/languages/translations/en.po @@ -139,7 +139,7 @@ msgid "CREATE_AC_READ_RULES" msgstr "Read the %s before creating an account." msgid "CREATE_AC_ALREADY_GOT" -msgstr "If you already received an account ID, do not submit this form. " +msgstr "If you already received an account key, do not submit this form. " "%s instead." msgid "CREATE_AC_NAME" @@ -200,7 +200,7 @@ msgid "" msgstr "" msgid "AC_CREATED_TITLE" -msgstr "Activate your account" +msgstr "Configure your account" ######################################### diff --git a/html/user/account_created.php b/html/user/account_created.php index e172105c46..8396ae652f 100644 --- a/html/user/account_created.php +++ b/html/user/account_created.php @@ -3,27 +3,29 @@ include_once("../inc/db.inc"); include_once("../inc/util.inc"); include_once("../inc/email.inc"); -$email_addr = $_GET["email_addr"]; -page_head("Activate account"); - -// $email_addr is set when this page is reached via -// create_account_action.php +$email_addr = get_str("email_addr", true); if ($email_addr) { + // here when this page is reached via create_account_action.php + // + page_head("Account created"); echo "

Congratulations - your ".PROJECT." account has been created

"; + $email_addr = process_user_text($email_addr); email_sent_message($email_addr); } else { - echo "

Activate your ".PROJECT." account

\n"; + // here when user followed link in account-confirm email + // + page_head("Configure account"); } echo "
diff --git a/html/user/account_setup.php b/html/user/account_setup.php index 854dfd2662..ae3f4b6a54 100644 --- a/html/user/account_setup.php +++ b/html/user/account_setup.php @@ -8,15 +8,15 @@ page_head("Account setup"); echo " -

Account setup

".PROJECT." uses the BOINC software system.
BOINC lets you divide your computer time between several distributed computing projects. -
Is this your first BOINC project? -
- This is my first BOINC project

- I'm currently participating in another BOINC project + Is this your first BOINC project? +

+ Yes - this is my first BOINC project +

+ No - I'm currently participating in another BOINC project

"; diff --git a/html/user/account_setup_first.php b/html/user/account_setup_first.php index f5b1f74f65..d44ff388b8 100644 --- a/html/user/account_setup_first.php +++ b/html/user/account_setup_first.php @@ -13,13 +13,14 @@ if ($user == NULL) { exit(); } -page_head("Account setup"); +page_head("Preferences"); echo "
You can control when and how your computer is used by ".PROJECT.".
To use the defaults settings, scroll to the bottom and click OK. +

"; $global_prefs = default_prefs_global(); global_prefs_update($user, $global_prefs); diff --git a/html/user/account_setup_nonfirst_done.php b/html/user/account_setup_nonfirst_done.php index dcfa082a32..7b38d3ba67 100644 --- a/html/user/account_setup_nonfirst_done.php +++ b/html/user/account_setup_nonfirst_done.php @@ -18,16 +18,16 @@ echo " Open the BOINC application window by double-clicking the BOINC system tray icon. Choose the 'Attach to Project' item in the Settings menu. - It will ask you for a project URL and an account ID. + It will ask you for a project URL and an account key.

  • Mac, Unix and Linux users: Quit the BOINC client. - Then run the BOINC client program with the -attach_project option. - It will ask you for a project URL and an account ID. + Then run the BOINC client with the -attach_project option. + It will ask you for a project URL and an account key. In each case copy and paste the following:
    • Project URL: ".MASTER_URL." -
    • Account ID: $user->authenticator +
    • Account Key: $user->authenticator
    This completes the ".PROJECT." installation. diff --git a/html/user/create_account_form.php b/html/user/create_account_form.php index aaa6c11e93..3f22178426 100644 --- a/html/user/create_account_form.php +++ b/html/user/create_account_form.php @@ -21,9 +21,9 @@ if (parse_bool($config, "disable_account_creation")) { } echo " -

    "; printf(tr(CREATE_AC_READ_RULES), "".tr(RULES_TITLE)."");echo "

    +

    "; printf(tr(CREATE_AC_READ_RULES), "".tr(RULES_TITLE)."");echo "

    -

    "; printf(tr(CREATE_AC_ALREADY_GOT), "".tr(AC_CREATED_TITLE).""); echo " +

    "; printf(tr(CREATE_AC_ALREADY_GOT), "".tr(AC_CREATED_TITLE).""); echo "

    diff --git a/html/user/login_action.php b/html/user/login_action.php index 32709ab2e4..4275dda5ef 100644 --- a/html/user/login_action.php +++ b/html/user/login_action.php @@ -7,11 +7,11 @@ init_session(); db_init(); - // First see if key is in URL; if not then check for form data + // see if key is in URL; if not then check for POST data // - $authenticator = process_user_text($_GET["key"]); + $authenticator = process_user_text(get_str("key", true)); if (!$authenticator) { - $authenticator = process_user_text($_POST["authenticator"]); + $authenticator = process_user_text(post_str("authenticator")); } $query = "select * from user where authenticator='$authenticator'"; @@ -23,22 +23,25 @@ if (!$user) { page_head("Log in"); echo " - We have no account with the account ID '$authenticator'. + We have no account with the key '$authenticator'.
    Click Back to try again. "; page_tail(); } else { + // see if the account is unactivated (i.e. email address not verified). + // If so activate it. + if (split_munged_email_addr($user->email_addr, $authenticator, $email)) { $email=trim(strtolower($email)); - $retval = mysql_query("update user set email_addr='$email' where id=$user->id"); + mysql_query("update user set email_addr='$email' where id=$user->id"); $n = mysql_affected_rows(); if ($n <= 0) { page_head("Account already exists"); echo " - We can't activate your account because - an account with the same email address - has already been activated. - To get the ID of this account, + We can't activate this account because + an account with the same email address already exists. + You should use this existing account. + To get the key of this account, click here. "; page_tail(); diff --git a/sched/handle_request.C b/sched/handle_request.C index caa1e84fa8..e0db1b9f60 100644 --- a/sched/handle_request.C +++ b/sched/handle_request.C @@ -48,6 +48,26 @@ using namespace std; #include "fcgi_stdio.h" #endif +// If user's email addr is munged (i.e. of the form @X_Y, +// where X is email and Y is authenticator) then unmunge it. +// This can fail if there's already an account with same email +// +int unmunge_email_addr(DB_USER& user) { + char* p, buf[256], email[256]; + int retval; + + if (user.email_addr[0] != '@') return 0; + p = strrchr(user.email_addr, '_'); + if (!p) return ERR_NULL; + *p = 0; + strcpy(email, user.email_addr+1); + sprintf(buf, "email_addr='%s'", email); + retval = user.update_field(buf); + if (retval) return retval; + strcpy(user.email_addr, email); + return 0; +} + // Look up the host and its user, and make sure the authenticator matches. // If no host ID is supplied, or if RPC seqno mismatch, // create a new host record and return its ID @@ -56,7 +76,7 @@ using namespace std; // If this returns zero, then: // - reply.host contains a valid host record (possibly new) // - reply.user contains a valid user record -// - if user has team, reply.team contains team record +// - if user belongs to a team, reply.team contains team record // int authenticate_user(SCHEDULER_REQUEST& sreq, SCHEDULER_REPLY& reply) { int retval; @@ -89,7 +109,7 @@ int authenticate_user(SCHEDULER_REQUEST& sreq, SCHEDULER_REPLY& reply) { if (retval) { USER_MESSAGE um("Invalid or missing account key. " "Visit this project's web site to get an account key.", - "low" + "high" ); reply.insert_message(um); reply.request_delay = 3600; @@ -101,6 +121,26 @@ int authenticate_user(SCHEDULER_REQUEST& sreq, SCHEDULER_REPLY& reply) { ); return ERR_AUTHENTICATOR; } + + // if user email address is not already verified, do it + // + retval = unmunge_email_addr(user); + if (retval) { + USER_MESSAGE um("Email address conflict for account key. " + "Visit this project's web site to get current account key.", + "high" + ); + reply.insert_message(um); + reply.request_delay = 3600; + reply.nucleus_only = true; + log_messages.printf( + SCHED_MSG_LOG::CRITICAL, + "[HOST#%d] [USER#%d] authenticator email conflict '%s'\n", + host.id, user.id, sreq.authenticator + ); + return ERR_AUTHENTICATOR; + } + reply.user = user; if (host.userid != user.id) {
    • - To activate your account, paste the account key here: + To continue, paste the account key here: