Index: branches/5.2.x/core/install/install_data.sql =================================================================== diff -u -N -r14468 -r14469 --- branches/5.2.x/core/install/install_data.sql (.../install_data.sql) (revision 14468) +++ branches/5.2.x/core/install/install_data.sql (.../install_data.sql) (revision 14469) @@ -103,6 +103,7 @@ INSERT INTO ConfigurationValues VALUES(DEFAULT, 'Min_UserName', '3', 'In-Portal:Users', 'in-portal:configure_users', 'la_title_General', 'la_text_min_username', 'text', '', '', 10.03, 0, 0, NULL); INSERT INTO ConfigurationValues VALUES(DEFAULT, 'Min_Password', '5', 'In-Portal:Users', 'in-portal:configure_users', 'la_title_General', 'la_text_min_password', 'text', '', '', 10.04, 0, 0, NULL); INSERT INTO ConfigurationValues VALUES(DEFAULT, 'Users_AllowReset', '180', 'In-Portal:Users', 'in-portal:configure_users', 'la_title_General', 'la_prompt_allow_reset', 'text', NULL, NULL, 10.05, 0, 0, NULL); +INSERT INTO ConfigurationValues VALUES(DEFAULT, 'UserEmailActivationTimeout', '', 'In-Portal:Users', 'in-portal:configure_users', 'la_title_General', 'la_config_UserEmailActivationTimeout', 'text', NULL, NULL, 10.051, 0, 0, NULL); INSERT INTO ConfigurationValues VALUES(DEFAULT, 'User_Password_Auto', '0', 'In-Portal:Users', 'in-portal:configure_users', 'la_title_General', 'la_users_password_auto', 'checkbox', '', '', 10.06, 0, 1, NULL); INSERT INTO ConfigurationValues VALUES(DEFAULT, 'User_MembershipExpirationReminder', '10', 'In-Portal:Users', 'in-portal:configure_users', 'la_title_General', 'la_MembershipExpirationReminder', 'text', NULL, '', 10.07, 0, 1, NULL); INSERT INTO ConfigurationValues VALUES(DEFAULT, 'User_NewGroup', '13', 'In-Portal:Users', 'in-portal:configure_users', 'la_title_General', 'la_users_new_group', 'select', NULL, '0=lu_none||SELECT GroupId as OptionValue, Name as OptionName FROM PortalGroup WHERE Enabled=1 AND Personal=0', 10.08, 0, 1, NULL); Index: branches/5.2.x/core/units/users/users_tag_processor.php =================================================================== diff -u -N -r14244 -r14469 --- branches/5.2.x/core/units/users/users_tag_processor.php (.../users_tag_processor.php) (revision 14244) +++ branches/5.2.x/core/units/users/users_tag_processor.php (.../users_tag_processor.php) (revision 14469) @@ -1,6 +1,6 @@ Application->recallObject('u', null, Array('skip_autoload' => true)); // TODO: change theme too /* @var $user_current_object UsersItem */ - $code_type = array_key_exists('code_type', $params) ? $params['code_type'] : 'forgot_password'; + $code_type = isset($params['code_type']) ? $params['code_type'] : 'forgot_password'; $error_messages = Array ( 'forgot_password' => Array ( @@ -120,14 +120,21 @@ if ($code_type == 'custom') { // custom error messages are given directly in tag - $error_messages['custom'] = Array ( + $error_messages[$code_type] = Array ( 'code_is_not_valid' => $params['error_invalid'], 'code_expired' => $params['error_expired'], ); } + $expiration_timeouts = Array ( + 'forgot_password' => 'config:Users_AllowReset', + 'activation' => 'config:UserEmailActivationTimeout', + 'custom' => '', + ); + if (!$passed_key) { $user_current_object->SetError('PwResetConfirm', 'code_is_not_valid', $error_messages[$code_type]['code_is_not_valid']); + return false; } @@ -136,20 +143,27 @@ $user_object->Load($passed_key, 'PwResetConfirm'); - if ($user_object->isLoaded()) { - $expiration_time = $user_object->GetDBField('PwRequestTime') + 3600; - if ($expiration_time > adodb_mktime()) { - return true; - } else { - $user_current_object->SetError('PwResetConfirm', 'code_expired', $error_messages[$code_type]['code_expired']); - return false; - } - } - else { + if ( !$user_object->isLoaded() ) { $user_current_object->SetError('PwResetConfirm', 'code_is_not_valid', $error_messages[$code_type]['code_is_not_valid']); + return false; } + else { + $expiration_timeout = isset($params['expiration_timeout']) ? $params['expiration_timeout'] : $expiration_timeouts[$code_type]; + if ( preg_match('/^config:(.*)$/', $expiration_timeout, $regs) ) { + $expiration_timeout = $this->Application->ConfigValue( $regs[1] ); + } + + if ( $expiration_timeout ) { + if ( $user_object->GetDBField('PwRequestTime') < strtotime('-' . $expiration_timeout . ' minutes') ) { + $user_current_object->SetError('PwResetConfirm', 'code_expired', $error_messages[$code_type]['code_expired']); + + return false; + } + } + } + return true; } Index: branches/5.2.x/core/install/upgrades.sql =================================================================== diff -u -N -r14447 -r14469 --- branches/5.2.x/core/install/upgrades.sql (.../upgrades.sql) (revision 14447) +++ branches/5.2.x/core/install/upgrades.sql (.../upgrades.sql) (revision 14469) @@ -1995,6 +1995,9 @@ # ===== v 5.1.1 ===== +# ===== v 5.1.3-B1 ===== +INSERT INTO ConfigurationValues VALUES (DEFAULT, 'UserEmailActivationTimeout', '', 'In-Portal:Users', 'in-portal:configure_users', 'la_title_General', 'la_config_UserEmailActivationTimeout', 'text', NULL, NULL, 10.051, 0, 0, NULL); + # ===== v 5.2.0-B1 ===== ALTER TABLE PortalUser ADD UserType TINYINT NOT NULL, Index: branches/5.2.x/core/install/english.lang =================================================================== diff -u -N -r14468 -r14469 --- branches/5.2.x/core/install/english.lang (.../english.lang) (revision 14468) +++ branches/5.2.x/core/install/english.lang (.../english.lang) (revision 14469) @@ -286,6 +286,7 @@ RW5hYmxlIEhUTUwgR1pJUCBjb21wcmVzc2lvbg== VXNlIFBhZ2VIaXQgY291bnRlcg== RWRpdGluZyBXaW5kb3cgU3R5bGU= + RW1haWwgYWN0aXZhdGlvbiBleHBpcmF0aW9uIHRpbWVvdXQgKGluIG1pbnV0ZXMp VXNlIFNtYWxsIFNlY3Rpb24gSGVhZGVycw== Q29tcHJlc3MgQ29tcGlsZWQgUEhQIFRlbXBsYXRlcw== VXNlIFRvb2xiYXIgTGFiZWxz