From 268cb93c9af1d22685fa5caa2b2a9272583a6693 Mon Sep 17 00:00:00 2001
From: Eric Rasmussen <erasmussen2@unl.edu>
Date: Wed, 27 Jan 2010 22:56:19 +0000
Subject: [PATCH] work on getemail page that appears during first time CAS sign
 in.  changes include: moving files arround into the correct elgg structure,
 adding tokens to the action calls

---
 .../views/default/account/forms/getemail.php  | 43 +++++++++----------
 .../views/default/account/getemail.php        | 22 ----------
 .../views/default/actions/getemail.php        | 37 ----------------
 3 files changed, 20 insertions(+), 82 deletions(-)
 delete mode 100644 plugins/cas_auth_unl/views/default/account/getemail.php
 delete mode 100644 plugins/cas_auth_unl/views/default/actions/getemail.php

diff --git a/plugins/cas_auth_unl/views/default/account/forms/getemail.php b/plugins/cas_auth_unl/views/default/account/forms/getemail.php
index 75488723..67dde5d8 100644
--- a/plugins/cas_auth_unl/views/default/account/forms/getemail.php
+++ b/plugins/cas_auth_unl/views/default/account/forms/getemail.php
@@ -12,28 +12,25 @@
 	 */
 	 
 	// if we're returning from a failed email validation, we'll put the failed email in the email form field
-	if( isset($_REQUEST['e']) )
-	{
-		$vars['unl_email'] = $_REQUEST['e'];
-	}
-
-	$form_body = '<p class="required">Indicates a required field.</p>';
-	$form_body .= '<fieldset>
-    				<legend>Email Verification</legend>
-    				<ol>';
-	$form_body .= "<li class='required'><label class='element'>" . elgg_echo('email') . "</label><div class='element'>" . elgg_view('input/text' , array('internalname' => 'email', 'class' => "general-textarea", 'value' => $vars['unl_email'])) . "</div></li>";
-	$form_body .= "</ol></fieldset>";
-	$form_body .= '<p class="submit">' .elgg_view('input/submit', array('internalname' => 'submit', 'value' => 'Complete Registration and Login!')) . "</p>";
+	$theiremail = get_input('e');
+	
 ?>
 
-	<h2 class="sec_header">Email Verification</h2>
-	<div class="three_col left formCool">
-	<p>We just want to make sure we have your correct e-mail and then we'll log you in.</p>
-	<?php echo elgg_view('input/form', array('action' => "{$vars['url']}action/getemail", 'body' => $form_body)) ?>
-	</div>
-	<div class="col right">
-	<div class="zenbox cool">
-	<h3>Email Address Usage</h3>
-	<p>Your email address is only used to send notifications from Planet Red.</p>
-	</div>
-	</div>
\ No newline at end of file
+		<h2  class="sec_header">Email Verification</h2>
+		<div class="three_col left">
+		<p>We just want to make sure we have your correct e-mail and then we'll log you in.</p>
+				<?php 
+					$form_body = "<p><label>" . elgg_echo('email') . "<br />" . elgg_view('input/text' , array('internalname' => 'email', 'class' => "general-textarea", 'value' => $theiremail)) . "</label><br />";
+					$form_body .= elgg_view('input/submit', array('value' => elgg_echo('Complete Registration and Login!'))) ."</p>";
+					
+					$ts = time();
+					$token = generate_action_token($ts); 
+					echo elgg_view('input/form', array('body' => $form_body, 'action' => $vars['url']."action/getemail?__elgg_ts=$ts&__elgg_token=$token"));
+				?>
+		</div>
+		<div class="col right">
+		<div class="zenbox cool">
+		<h3>Email Address Usage</h3>
+		<p>Your email address is only used to send notifications from Planet Red.</p>
+		</div>
+		</div>
\ No newline at end of file
diff --git a/plugins/cas_auth_unl/views/default/account/getemail.php b/plugins/cas_auth_unl/views/default/account/getemail.php
deleted file mode 100644
index 40d5666e..00000000
--- a/plugins/cas_auth_unl/views/default/account/getemail.php
+++ /dev/null
@@ -1,22 +0,0 @@
-<?php
-
-	/**
-	 * Get a UNL SSO user's email when they login the first time
-	 * 
-	 * @package cas_auth
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Eric Rasmussen
-	 * @copyright University of Nebraska-Lincoln 2009
-	 * @link http://www.unl.edu/
-	 */
-
-	/**
-	 * Start the Elgg engine
-	 */
-		require_once(dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/elgg/engine/start.php");
-
-	
-	page_draw(elgg_echo('register'), elgg_view("account/forms/getemail"));
-
-		
-?>
\ No newline at end of file
diff --git a/plugins/cas_auth_unl/views/default/actions/getemail.php b/plugins/cas_auth_unl/views/default/actions/getemail.php
deleted file mode 100644
index 49147433..00000000
--- a/plugins/cas_auth_unl/views/default/actions/getemail.php
+++ /dev/null
@@ -1,37 +0,0 @@
-<?php
-
-	/**
-	 * Elgg UNL SSO get email registration action
-	 * 
-	 * @package Elgg
-	 * @subpackage Core
-	 * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
-	 * @author Curverider Ltd
-	 * @copyright Curverider Ltd 2008-2009
-	 * @link http://elgg.org/
-	 */
- 
-	global $CONFIG;
-	
-	action_gatekeeper();
- 
-	$email = get_input('email');
-	$email = sanitise_string($email);
-
-	if (is_email_address($email)) {
-		if (!get_user_by_email($email)) {
-			forward('?loginwith=UNLlogin&email=' . $email);
-		} else {
-			register_error(elgg_echo("Sorry, that email has already been registered.  Please try again."));
-		}
-	} else {
-		register_error(elgg_echo("Sorry, that is not a complete email address.  Please try again."));
-	}
-		
-	$qs = explode('?',$_SERVER['HTTP_REFERER']);
-	$qs = $qs[0];
-	$qs .= "?e=" . urlencode($email);
-	
-	forward($CONFIG->url . 'mod/cas_auth/views/default/account/getemail.php?e=' . urlencode($email));
-
-?>
\ No newline at end of file
-- 
GitLab