From 20148e4d062019f9a1024f9afae905a4851d9aff Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 16 Oct 2016 11:16:06 +0200
Subject: [PATCH 1/2] [ticket/11483] Generate user act key if database entry is
 empty

The force reactivation action in the ACP will no longer overwrite the
generated activation key in case the key stored in the database is empty.
It will also save the generated key back to the database to actually allow
the activation by the user.

PHPBB3-11483
---
 phpBB/includes/acp/acp_users.php | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php
index 1e453e88ad..008cc02471 100644
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@@ -373,11 +373,6 @@ class acp_users
 								if ($user_row['user_type'] == USER_NORMAL)
 								{
 									user_active_flip('deactivate', $user_id, INACTIVE_REMIND);
-
-									$sql = 'UPDATE ' . USERS_TABLE . "
-										SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
-										WHERE user_id = $user_id";
-									$db->sql_query($sql);
 								}
 								else
 								{
@@ -386,8 +381,18 @@ class acp_users
 										FROM ' . USERS_TABLE . '
 										WHERE user_id = ' . $user_id;
 									$result = $db->sql_query($sql);
-									$user_actkey = (string) $db->sql_fetchfield('user_actkey');
+									$user_activation_key = (string) $db->sql_fetchfield('user_actkey');
 									$db->sql_freeresult($result);
+
+									$user_actkey = empty($user_activation_key) ? $user_actkey : $user_activation_key;
+								}
+
+								if ($user_row['user_type'] == USER_NORMAL || empty($user_activation_key))
+								{
+									$sql = 'UPDATE ' . USERS_TABLE . "
+										SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
+										WHERE user_id = $user_id";
+									$db->sql_query($sql);
 								}
 
 								$messenger = new messenger(false);

From ac36cc25ebb4b7ee26228607dd3e171641dea8bd Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 6 Nov 2016 11:58:31 +0100
Subject: [PATCH 2/2] [ticket/11483] Add tests for generating user act key on
 force reactivate

PHPBB3-11483
---
 tests/functional/user_password_reset_test.php | 43 +++++++++++++++++++
 1 file changed, 43 insertions(+)

diff --git a/tests/functional/user_password_reset_test.php b/tests/functional/user_password_reset_test.php
index f9406f0eb5..3da78407cf 100644
--- a/tests/functional/user_password_reset_test.php
+++ b/tests/functional/user_password_reset_test.php
@@ -113,6 +113,49 @@ class phpbb_functional_user_password_reset_test extends phpbb_functional_test_ca
 		$this->assertContains($this->lang('LOGIN_ERROR_PASSWORD', '', ''), $crawler->filter('html')->text());
 	}
 
+	/**
+	 * @depends test_login
+	 */
+	public function test_acivateAfterDeactivate()
+	{
+		// User is active, actkey should not exist
+		$this->get_user_data();
+		$this->assertEmpty($this->user_data['user_actkey']);
+
+		$this->login();
+		$this->admin_login();
+		$this->add_lang('acp/users');
+
+		// Go to user account page
+		$crawler = self::request('GET', 'adm/index.php?i=acp_users&mode=overview&sid=' . $this->sid);
+		$this->assertContainsLang('FIND_USERNAME', $crawler->filter('html')->text());
+
+		$form = $crawler->selectButton('Submit')->form();
+		$crawler = self::submit($form, array('username' => 'reset-password-test-user'));
+
+		// Deactivate account and go back to overview of current user
+		$this->assertContainsLang('USER_TOOLS', $crawler->filter('html')->text());
+		$form = $crawler->filter('input[name=update]')->selectButton('Submit')->form();
+		$crawler = self::submit($form, array('action' => 'active'));
+
+		$this->assertContainsLang('USER_ADMIN_DEACTIVED', $crawler->filter('html')->text());
+		$link = $crawler->selectLink('Back to previous page')->link();
+		$crawler = self::request('GET', preg_replace('#(.+)(adm/index.php.+)#', '$2', $link->getUri()));
+
+		// Ensure again that actkey is empty after deactivation
+		$this->get_user_data();
+		$this->assertEmpty($this->user_data['user_actkey']);
+
+		// Force reactivation of account and check that act key is not empty anymore
+		$this->assertContainsLang('USER_TOOLS', $crawler->filter('html')->text());
+		$form = $crawler->filter('input[name=update]')->selectButton('Submit')->form();
+		$crawler = self::submit($form, array('action' => 'reactivate'));
+		$this->assertContainsLang('FORCE_REACTIVATION_SUCCESS', $crawler->filter('html')->text());
+
+		$this->get_user_data();
+		$this->assertNotEmpty($this->user_data['user_actkey']);
+	}
+
 	protected function get_user_data()
 	{
 		$db = $this->get_db();