mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-04-14 04:42:04 +02:00
Code Issues Releases Wiki Activity

Merge pull request from marc1706/ticket/11483

Browse Source 
[ticket/11483] Generate user act key if database entry is empty

* github.com:phpbb/phpbb:
  [ticket/11483] Add tests for generating user act key on force reactivate
  [ticket/11483] Generate user act key if database entry is empty
This commit is contained in:
Tristan Darricau 2016-11-06 15:41:46 +01:00
commit dc32b900c5
2 changed files with 54 additions and 6 deletions
phpBB/includes/acp
acp_users.php
tests/functional
user_password_reset_test.php

17
phpBB/includes/acp/acp_users.php

@ -373,11 +373,6 @@ class acp_users
if ($user_row['user_type'] == USER_NORMAL)
{
user_active_flip('deactivate', $user_id, INACTIVE_REMIND);
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
WHERE user_id = $user_id";
$db->sql_query($sql);
}
else
{
@ -386,8 +381,18 @@ class acp_users
FROM ' . USERS_TABLE . '
WHERE user_id = ' . $user_id;
$result = $db->sql_query($sql);
$user_actkey = (string) $db->sql_fetchfield('user_actkey');
$user_activation_key = (string) $db->sql_fetchfield('user_actkey');
$db->sql_freeresult($result);
$user_actkey = empty($user_activation_key) ? $user_actkey : $user_activation_key;
}
if ($user_row['user_type'] == USER_NORMAL || empty($user_activation_key))
{
$sql = 'UPDATE ' . USERS_TABLE . "
SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
WHERE user_id = $user_id";
$db->sql_query($sql);
}
$messenger = new messenger(false);

43
tests/functional/user_password_reset_test.php

@ -113,6 +113,49 @@ class phpbb_functional_user_password_reset_test extends phpbb_functional_test_ca
$this->assertContains($this->lang('LOGIN_ERROR_PASSWORD', '', ''), $crawler->filter('html')->text());
}
/**
* @depends test_login
*/
public function test_acivateAfterDeactivate()
{
// User is active, actkey should not exist
$this->get_user_data();
$this->assertEmpty($this->user_data['user_actkey']);
$this->login();
$this->admin_login();
$this->add_lang('acp/users');
// Go to user account page
$crawler = self::request('GET', 'adm/index.php?i=acp_users&mode=overview&sid=' . $this->sid);
$this->assertContainsLang('FIND_USERNAME', $crawler->filter('html')->text());
$form = $crawler->selectButton('Submit')->form();
$crawler = self::submit($form, array('username' => 'reset-password-test-user'));
// Deactivate account and go back to overview of current user
$this->assertContainsLang('USER_TOOLS', $crawler->filter('html')->text());
$form = $crawler->filter('input[name=update]')->selectButton('Submit')->form();
$crawler = self::submit($form, array('action' => 'active'));
$this->assertContainsLang('USER_ADMIN_DEACTIVED', $crawler->filter('html')->text());
$link = $crawler->selectLink('Back to previous page')->link();
$crawler = self::request('GET', preg_replace('#(.+)(adm/index.php.+)#', '$2', $link->getUri()));
// Ensure again that actkey is empty after deactivation
$this->get_user_data();
$this->assertEmpty($this->user_data['user_actkey']);
// Force reactivation of account and check that act key is not empty anymore
$this->assertContainsLang('USER_TOOLS', $crawler->filter('html')->text());
$form = $crawler->filter('input[name=update]')->selectButton('Submit')->form();
$crawler = self::submit($form, array('action' => 'reactivate'));
$this->assertContainsLang('FORCE_REACTIVATION_SUCCESS', $crawler->filter('html')->text());
$this->get_user_data();
$this->assertNotEmpty($this->user_data['user_actkey']);
}
protected function get_user_data()
{
$db = $this->get_db();