[aur-dev] [PATCH] Add option to hide one's email address
Marcel Korpel
marcel.korpel at gmail.com
Sun Sep 20 18:12:25 UTC 2015
Implements FS#42343.
Signed-off-by: Marcel Korpel <marcel.korpel at gmail.com>
---
schema/aur-schema.sql | 1 +
upgrading/4.1.0.txt | 7 +++++++
web/html/account.php | 19 ++++++++++---------
web/html/register.php | 6 +++---
web/lib/acctfuncs.inc.php | 11 +++++++++--
web/template/account_details.php | 12 +++++++++++-
web/template/account_edit_form.php | 5 +++++
7 files changed, 46 insertions(+), 15 deletions(-)
diff --git a/schema/aur-schema.sql b/schema/aur-schema.sql
index 2c45a97..53dc468 100644
--- a/schema/aur-schema.sql
+++ b/schema/aur-schema.sql
@@ -26,6 +26,7 @@ CREATE TABLE Users (
Suspended TINYINT UNSIGNED NOT NULL DEFAULT 0,
Username VARCHAR(32) NOT NULL,
Email VARCHAR(64) NOT NULL,
+ HideEmail TINYINT UNSIGNED NOT NULL DEFAULT 0,
Passwd CHAR(32) NOT NULL,
Salt CHAR(32) NOT NULL DEFAULT '',
ResetKey CHAR(32) NOT NULL DEFAULT '',
diff --git a/upgrading/4.1.0.txt b/upgrading/4.1.0.txt
index 439562f..26f9f65 100644
--- a/upgrading/4.1.0.txt
+++ b/upgrading/4.1.0.txt
@@ -17,3 +17,10 @@ ALTER TABLE PackageBases
ADD COLUMN FlaggerComment VARCHAR(255) NOT NULL,
ADD FOREIGN KEY (FlaggerUID) REFERENCES Users(ID) ON DELETE SET NULL;
----
+
+3. Add field to store the state of a user's email address:
+
+----
+ALTER TABLE Users
+ ADD COLUMN HideEmail TINYINT UNSIGNED NOT NULL DEFAULT 0;
+----
diff --git a/web/html/account.php b/web/html/account.php
index adc2542..b2886fc 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -32,10 +32,10 @@ if ($action == "UpdateAccount") {
list($success, $update_account_message) = process_account_form(
"edit", "UpdateAccount",
in_request("U"), in_request("T"), in_request("S"),
- in_request("E"), in_request("P"), in_request("C"),
- in_request("R"), in_request("L"), in_request("I"),
- in_request("K"), in_request("PK"), in_request("J"),
- in_request("ID"), $row["Username"]);
+ in_request("E"), in_request("H"), in_request("P"),
+ in_request("C"), in_request("R"), in_request("L"),
+ in_request("I"), in_request("K"), in_request("PK"),
+ in_request("J"), in_request("ID"), $row["Username"]);
}
}
@@ -79,8 +79,8 @@ if (isset($_COOKIE["AURSID"])) {
if (can_edit_account($row)) {
display_account_form("UpdateAccount", $row["Username"],
$row["AccountTypeID"], $row["Suspended"], $row["Email"],
- "", "", $row["RealName"], $row["LangPreference"],
- $row["IRCNick"], $row["PGPKey"], $PK,
+ $row["HideEmail"], "", "", $row["RealName"],
+ $row["LangPreference"], $row["IRCNick"], $row["PGPKey"], $PK,
$row["InactivityTS"] ? 1 : 0, $row["ID"], $row["Username"]);
} else {
print __("You do not have permission to edit this account.");
@@ -115,9 +115,10 @@ if (isset($_COOKIE["AURSID"])) {
if (!$success) {
display_account_form("UpdateAccount", in_request("U"), in_request("T"),
- in_request("S"), in_request("E"), in_request("P"), in_request("C"),
- in_request("R"), in_request("L"), in_request("I"), in_request("K"),
- in_request("PK"), in_request("J"), in_request("ID"), $row["Username"]);
+ in_request("S"), in_request("E"), in_request("H"), in_request("P"),
+ in_request("C"), in_request("R"), in_request("L"), in_request("I"),
+ in_request("K"), in_request("PK"), in_request("J"), in_request("ID"),
+ $row["Username"]);
}
} else {
diff --git a/web/html/register.php b/web/html/register.php
index 9c5c1cc..f8400a3 100644
--- a/web/html/register.php
+++ b/web/html/register.php
@@ -21,7 +21,7 @@ echo '<h2>' . __('Register') . '</h2>';
if (in_request("Action") == "NewAccount") {
list($success, $message) = process_account_form(
"new", "NewAccount", in_request("U"), 1, 0,
- in_request("E"), '', '', in_request("R"),
+ in_request("E"), in_request("H"), '', '', in_request("R"),
in_request("L"), in_request("I"), in_request("K"),
in_request("PK"));
@@ -29,13 +29,13 @@ if (in_request("Action") == "NewAccount") {
if (!$success) {
display_account_form("NewAccount", in_request("U"), 1, 0,
- in_request("E"), '', '', in_request("R"),
+ in_request("E"), in_request("H"), '', '', in_request("R"),
in_request("L"), in_request("I"), in_request("K"),
in_request("PK"));
}
} else {
print '<p>' . __("Use this form to create an account.") . '</p>';
- display_account_form("NewAccount", "", "", "", "", "", "", "", $LANG);
+ display_account_form("NewAccount", "", "", "", "", "", "", "", "", $LANG);
}
echo '</div>';
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index 756c847..a200998 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -47,6 +47,7 @@ function html_format_pgp_fingerprint($fingerprint) {
* @param string $T The account type of the displayed user
* @param string $S Whether the displayed user has a suspended account
* @param string $E The e-mail address of the displayed user
+ * @param string $H Whether the e-mail address of the displayed user is hidden
* @param string $P The password value of the displayed user
* @param string $C The confirmed password value of the displayed user
* @param string $R The real name of the displayed user
@@ -60,7 +61,7 @@ function html_format_pgp_fingerprint($fingerprint) {
*
* @return void
*/
-function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="",
+function display_account_form($A,$U="",$T="",$S="",$E="",$H="",$P="",$C="",$R="",
$L="",$I="",$K="",$PK="",$J="",$UID=0,$N="") {
global $SUPPORTED_LANGS;
@@ -78,6 +79,7 @@ function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="",
* @param string $T The account type for the user
* @param string $S Whether or not the account is suspended
* @param string $E The e-mail address for the user
+ * @param string $H Whether or not the e-mail address should be hidden
* @param string $P The password for the user
* @param string $C The confirmed password for the user
* @param string $R The real name of the user
@@ -91,7 +93,7 @@ function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="",
*
* @return array Boolean indicating success and message to be printed
*/
-function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$P="",$C="",
+function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C="",
$R="",$L="",$I="",$K="",$PK="",$J="",$UID=0,$N="") {
global $SUPPORTED_LANGS;
@@ -324,6 +326,11 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$P="",$C="",
$q.= ", Suspended = 0";
}
$q.= ", Email = " . $dbh->quote($E);
+ if ($H) {
+ $q.= ", HideEmail = 1";
+ } else {
+ $q.= ", HideEmail = 0";
+ }
if ($P) {
$salt = generate_salt();
$hash = salted_hash($P, $salt);
diff --git a/web/template/account_details.php b/web/template/account_details.php
index 9282b2c..59a6a63 100644
--- a/web/template/account_details.php
+++ b/web/template/account_details.php
@@ -25,7 +25,17 @@
</tr>
<tr>
<th><?= __("Email Address") . ":" ?></th>
- <td><a href="mailto:<?= htmlspecialchars($row["Email"], ENT_QUOTES) ?>"><?= htmlspecialchars($row["Email"], ENT_QUOTES) ?></a></td>
+ <td>
+ <?php
+ if ($row["HideEmail"] == 1 && !has_credential(CRED_ACCOUNT_SEARCH)):
+ print "<em>" . __("hidden") . "</em>";
+ else:
+ ?>
+ <a href="mailto:<?= htmlspecialchars($row["Email"], ENT_QUOTES) ?>"><?= htmlspecialchars($row["Email"], ENT_QUOTES) ?></a>
+ <?php
+ endif;
+ ?>
+ </td>
</tr>
<tr>
<th><?= __("Real Name") . ":" ?></th>
diff --git a/web/template/account_edit_form.php b/web/template/account_edit_form.php
index 83aedb0..16655c0 100644
--- a/web/template/account_edit_form.php
+++ b/web/template/account_edit_form.php
@@ -76,6 +76,11 @@
<em><?= __("Please ensure you correctly entered your email address, otherwise you will be locked out.") ?></em>
</p>
+ <p>
+ <label for="id_hide"><?= __("Hide Email Address") ?>:</label>
+ <input type="checkbox" name="H" id="id_hide" <?= $H ? 'checked="checked"' : '' ?> />
+ </p>
+
<?php if ($A == "UpdateAccount"): ?>
<p>
<label for="id_passwd1"><?= __("Password") ?>:</label>
--
2.5.2
More information about the aur-dev
mailing list