diff --git a/common/lang/en.php b/common/lang/en.php
index d91396179..d68a21b28 100644
--- a/common/lang/en.php
+++ b/common/lang/en.php
@@ -237,6 +237,7 @@ $lang->msg_input_password = 'Please type the password.';
$lang->msg_invalid_document = 'Invalid Article Number';
$lang->msg_invalid_request = 'Invalid Request';
$lang->msg_invalid_password = 'The password you entered is incorrect.';
+$lang->msg_password_match = 'The two passwords do not match. Please check for typos.';
$lang->msg_security_violation = 'Security Violation';
$lang->msg_method_not_allowed = 'This HTTP method is not allowed for this action.';
$lang->msg_feature_disabled = 'This feature is disabled.';
diff --git a/common/lang/ko.php b/common/lang/ko.php
index 8b0eccc47..344e28fb6 100644
--- a/common/lang/ko.php
+++ b/common/lang/ko.php
@@ -239,6 +239,7 @@ $lang->msg_input_password = '비밀번호를 입력하세요.';
$lang->msg_invalid_document = '잘못된 문서번호입니다.';
$lang->msg_invalid_request = '잘못된 요청입니다.';
$lang->msg_invalid_password = '비밀번호가 올바르지 않습니다.';
+$lang->msg_password_match = '비밀번호가 서로 일치하지 않습니다. 오타 여부를 확인해 주십시오.';
$lang->msg_security_violation = '보안정책상 허용되지 않습니다.';
$lang->msg_method_not_allowed = '이 요청에 사용할 수 없는 HTTP 메소드입니다.';
$lang->msg_feature_disabled = '사용할 수 없는 기능입니다.';
diff --git a/modules/member/conf/module.xml b/modules/member/conf/module.xml
index 30cc33495..b21f39b5e 100644
--- a/modules/member/conf/module.xml
+++ b/modules/member/conf/module.xml
@@ -35,9 +35,9 @@
-
+
-
+
@@ -48,7 +48,7 @@
-
+
diff --git a/modules/member/member.admin.controller.php b/modules/member/member.admin.controller.php
index 7c9a50156..aeaada748 100644
--- a/modules/member/member.admin.controller.php
+++ b/modules/member/member.admin.controller.php
@@ -654,69 +654,9 @@ class memberAdminController extends member
* @param object $signupForm (user define signup form)
* @return void
*/
- function _createSignupRuleset($signupForm){
- $xml_file = './files/ruleset/insertMember.xml';
- $buff = '' . PHP_EOL.
- '' . PHP_EOL.
- '' . PHP_EOL.
- '' . PHP_EOL.
- '' . PHP_EOL . '%s' . PHP_EOL . '' . PHP_EOL.
- '';
-
- $fields = array();
-
- foreach($signupForm as $formInfo)
- {
- if($formInfo->required || $formInfo->mustRequired)
- {
- if($formInfo->type == 'tel' || $formInfo->type == 'kr_zip')
- {
- $fields[] = sprintf('', $formInfo->name);
- }
- else if($formInfo->name == 'password')
- {
- $fields[] = '';
- $fields[] = '';
- }
- else if($formInfo->name == 'find_account_question')
- {
- $fields[] = '';
- $fields[] = '';
- }
- else if($formInfo->name == 'email_address')
- {
- $fields[] = sprintf('', $formInfo->name);
- }
- else if($formInfo->name == 'user_id')
- {
- $fields[] = sprintf('', $formInfo->name);
- }
- else if($formInfo->name == 'nick_name')
- {
- $fields[] = sprintf('', $formInfo->name);
- }
- else if(strpos($formInfo->name, 'image') !== false)
- {
- $fields[] = sprintf('', $formInfo->name, $formInfo->name);
- }
- else if($formInfo->name == 'signature')
- {
- $fields[] = '';
- }
- else
- {
- $fields[] = sprintf('', $formInfo->name);
- }
- }
- }
-
- $xml_buff = sprintf($buff, implode(PHP_EOL, $fields));
- FileHandler::writeFile($xml_file, $xml_buff);
- unset($xml_buff);
-
- $validator = new Validator($xml_file);
- $validator->setCacheDir('files/cache');
- $validator->getJsPath();
+ function _createSignupRuleset($signupForm)
+ {
+
}
/**
@@ -726,25 +666,7 @@ class memberAdminController extends member
*/
function _createLoginRuleset($identifier)
{
- $xml_file = './files/ruleset/login.xml';
- $buff = ''.
- ''.
- ''.
- ''.
- '%s'.
- '';
-
- $fields = array();
- $trans = array('email_address'=>'email', 'user_id'=> '');
- $fields[] = sprintf('', $trans[$identifier]);
- $fields[] = '';
-
- $xml_buff = sprintf($buff, implode('', $fields));
- Filehandler::writeFile($xml_file, $xml_buff);
-
- $validator = new Validator($xml_file);
- $validator->setCacheDir('files/cache');
- $validator->getJsPath();
+
}
/**
diff --git a/modules/member/member.class.php b/modules/member/member.class.php
index 34bfc8925..03bcdb8b8 100644
--- a/modules/member/member.class.php
+++ b/modules/member/member.class.php
@@ -87,11 +87,6 @@ class member extends ModuleObject {
$identifier = 'user_id';
$config->signupForm = $oMemberAdminController->createSignupForm($identifier);
$config->identifier = $identifier;
-
- // Create Ruleset File
- FileHandler::makeDir('./files/ruleset');
- $oMemberAdminController->_createSignupRuleset($config->signupForm);
- $oMemberAdminController->_createLoginRuleset($config->identifier);
}
$oModuleController->insertModuleConfig('member',$config);
@@ -258,10 +253,9 @@ class member extends ModuleObject {
}
// supprot multilanguage agreement.
- if(is_readable('./files/member_extra_info/agreement.txt')) return true;
-
- if(!is_readable('./files/ruleset/insertMember.xml')) return true;
- if(!is_readable('./files/ruleset/login.xml')) return true;
+ if(FileHandler::exists('./files/member_extra_info/agreement.txt')) return true;
+ if(FileHandler::exists('./files/ruleset/insertMember.xml')) return true;
+ if(FileHandler::exists('./files/ruleset/login.xml')) return true;
// 2013. 11. 22 add menu when popup document menu called
if(!ModuleModel::getTrigger('document.getDocumentMenu', 'member', 'controller', 'triggerGetDocumentMenu', 'after')) return true;
@@ -501,7 +495,7 @@ class member extends ModuleObject {
}
}
- if(is_readable('./files/member_extra_info/agreement.txt'))
+ if(file_exists('./files/member_extra_info/agreement.txt'))
{
$source_file = RX_BASEDIR.'files/member_extra_info/agreement.txt';
$target_file = RX_BASEDIR.'files/member_extra_info/agreement_' . Context::get('lang_type') . '.txt';
@@ -509,11 +503,14 @@ class member extends ModuleObject {
FileHandler::rename($source_file, $target_file);
}
- FileHandler::makeDir('./files/ruleset');
- if(!is_readable('./files/ruleset/insertMember.xml'))
- $oMemberAdminController->_createSignupRuleset($config->signupForm);
- if(!is_readable('./files/ruleset/login.xml'))
- $oMemberAdminController->_createLoginRuleset($config->identifier);
+ if(FileHandler::exists('./files/ruleset/insertMember.xml'))
+ {
+ FileHandler::removeFile('./files/ruleset/insertMember.xml');
+ }
+ if(FileHandler::exists('./files/ruleset/login.xml'))
+ {
+ FileHandler::removeFile('./files/ruleset/login.xml');
+ }
// 2013. 11. 22 add menu when popup document menu called
if(!ModuleModel::getTrigger('document.getDocumentMenu', 'member', 'controller', 'triggerGetDocumentMenu', 'after'))
diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php
index dff0dfffb..658f46ce7 100644
--- a/modules/member/member.controller.php
+++ b/modules/member/member.controller.php
@@ -774,11 +774,15 @@ class memberController extends member
$config = MemberModel::getMemberConfig();
// call a trigger (before)
- $trigger_output = ModuleHandler::triggerCall ('member.procMemberInsert', 'before', $config);
+ $trigger_output = ModuleHandler::triggerCall('member.procMemberInsert', 'before', $config);
if(!$trigger_output->toBool ()) return $trigger_output;
+
// Check if an administrator allows a membership
- if($config->enable_join != 'Y') throw new Rhymix\Framework\Exceptions\FeatureDisabled('msg_signup_disabled');
-
+ if($config->enable_join !== 'Y' || !$config->signupForm)
+ {
+ throw new Rhymix\Framework\Exceptions\FeatureDisabled('msg_signup_disabled');
+ }
+
// Check if the user accept the license terms (only if terms exist)
$accept_agreement = Context::get('accept_agreement');
if(!is_array($accept_agreement))
@@ -851,34 +855,25 @@ class memberController extends member
$args->allow_mailing = Context::get('allow_mailing');
$args->allow_message = Context::get('allow_message');
-
if($args->password1) $args->password = $args->password1;
- // Check phone number
- if ($config->phone_number_verify_by_sms === 'Y' && $use_phone)
+ // Check all required fields
+ $output = $this->_checkSignUpFields($config, $args, 'insert');
+ if (!$output->toBool())
{
- if (!isset($_SESSION['verify_by_sms']) || !$_SESSION['verify_by_sms']['status'])
+ return $output;
+ }
+
+ // Check phone number
+ if ($use_phone)
+ {
+ $output = $this->_checkPhoneNumber($config, $args, 'insert');
+ if (!$output->toBool())
{
- throw new Rhymix\Framework\Exception('verify_by_sms_incomplete');
- }
- if ($config->phone_number_default_country && (!$args->phone_country || $config->phone_number_hide_country === 'Y'))
- {
- $args->phone_country = $config->phone_number_default_country;
- }
- if ($args->phone_country && !preg_match('/^[A-Z]{3}$/', $args->phone_country))
- {
- $args->phone_country = Rhymix\Framework\i18n::getCountryCodeByCallingCode($args->phone_country);
- }
- if ($args->phone_country !== $_SESSION['verify_by_sms']['country'])
- {
- throw new Rhymix\Framework\Exception('verify_by_sms_incomplete');
- }
- if ($args->phone_number !== $_SESSION['verify_by_sms']['number'])
- {
- throw new Rhymix\Framework\Exception('verify_by_sms_incomplete');
+ return $output;
}
}
-
+
// check password strength
if(!MemberModel::checkPasswordStrength($args->password, $config->password_strength))
{
@@ -1112,18 +1107,15 @@ class memberController extends member
// Extract the necessary information in advance
$getVars = array('allow_mailing','allow_message');
$use_phone = false;
- if($config->signupForm)
+ foreach($config->signupForm as $formInfo)
{
- foreach($config->signupForm as $formInfo)
+ if($formInfo->name === 'phone_number' && $formInfo->isUse)
{
- if($formInfo->name === 'phone_number' && $formInfo->isUse)
- {
- $use_phone = true;
- }
- if($formInfo->isDefaultForm && ($formInfo->isUse || $formInfo->required || $formInfo->mustRequired))
- {
- $getVars[] = $formInfo->name;
- }
+ $use_phone = true;
+ }
+ if($formInfo->isDefaultForm && ($formInfo->isUse || $formInfo->required || $formInfo->mustRequired))
+ {
+ $getVars[] = $formInfo->name;
}
}
@@ -1140,7 +1132,7 @@ class memberController extends member
$args->phone_country = preg_replace('/[^A-Z]/', '', Context::get('phone_country'));
}
}
-
+
// mobile input date format can be different
if($args->birthday)
{
@@ -1159,43 +1151,24 @@ class memberController extends member
$args->birthday = intval(strtr($args->birthday_ui, array('-'=>'', '/'=>'', '.'=>'', ' '=>'')));
}
- // Check phone number
- if ($config->phone_number_verify_by_sms === 'Y' && $use_phone)
+ // Check all required fields
+ $output = $this->_checkSignUpFields($config, $args, 'update');
+ if (!$output->toBool())
{
- $phone_verify_needed = false;
- if ($config->phone_number_default_country && (!$args->phone_country || $config->phone_number_hide_country === 'Y'))
+ return $output;
+ }
+
+ // Check phone number
+ if ($use_phone)
+ {
+ $output = $this->_checkPhoneNumber($config, $args, 'update', $logged_info);
+ if (!$output->toBool())
{
- $args->phone_country = $config->phone_number_default_country;
- }
- if ($args->phone_country && !preg_match('/^[A-Z]{3}$/', $args->phone_country))
- {
- $args->phone_country = Rhymix\Framework\i18n::getCountryCodeByCallingCode($args->phone_country);
- }
- if ($args->phone_country !== $logged_info->phone_country)
- {
- $phone_verify_needed = true;
- }
- if (preg_replace('/[^0-9]/', '', $args->phone_number) !== $logged_info->phone_number)
- {
- $phone_verify_needed = true;
- }
- if ($phone_verify_needed)
- {
- if (!isset($_SESSION['verify_by_sms']) || !$_SESSION['verify_by_sms']['status'])
- {
- throw new Rhymix\Framework\Exception('verify_by_sms_incomplete');
- }
- if ($args->phone_country !== $_SESSION['verify_by_sms']['country'])
- {
- throw new Rhymix\Framework\Exception('verify_by_sms_incomplete');
- }
- if ($args->phone_number !== $_SESSION['verify_by_sms']['number'])
- {
- throw new Rhymix\Framework\Exception('verify_by_sms_incomplete');
- }
+ return $output;
}
}
-
+
+ // Fill in member_srl
$args->member_srl = $logged_info->member_srl;
// Remove some unnecessary variables from all the vars
@@ -3859,7 +3832,115 @@ class memberController extends member
return array();
}
+
+ /**
+ * Check required fields on signup or modify info
+ *
+ * @param object $config
+ * @param object $args
+ * @param string $mode
+ * @return object
+ */
+ protected function _checkSignUpFields($config, $args, $mode = 'insert')
+ {
+ $not_required_in_update = ['password'];
+
+ foreach($config->signupForm as $formInfo)
+ {
+ if($formInfo->required || $formInfo->mustRequired)
+ {
+ if ($mode === 'update' && in_array($formInfo->name, $not_required_in_update))
+ {
+ // pass
+ }
+ else
+ {
+ if (!isset($args->{$formInfo->name}) || !$args->{$formInfo->name})
+ {
+ return new BaseObject(-1, sprintf(lang('common.filter.isnull'), $formInfo->title));
+ }
+ }
+ }
+ if ($formInfo->name === 'email_address' && $args->{$formInfo->name} && !Mail::isVaildMailAddress($args->{$formInfo->name}))
+ {
+ return new BaseObject(-1, sprintf(lang('common.filter.invalid_email'), $formInfo->title));
+ }
+ if ($formInfo->name === 'user_id' && $args->{$formInfo->name} && !preg_match('/^[a-z]+[\w-]*[a-z0-9_]+$/i', $args->{$formInfo->name}))
+ {
+ return new BaseObject(-1, sprintf(lang('common.filter.invalid_user_id'), $formInfo->title));
+ }
+ if ($formInfo->name === 'password' && $args->password && ($args->password !== Context::get('password2')))
+ {
+ return new BaseObject(-1, 'msg_password_mismatch');
+ }
+ }
+
+ return new BaseObject;
+ }
+ /**
+ * Check required fields on signup or modify info
+ *
+ * @param object $config
+ * @param object $args
+ * @param string $mode
+ * @param object $original
+ * @return object
+ */
+ protected function _checkPhoneNumber($config, $args, $mode = 'insert', $original = null)
+ {
+ if ($config->phone_number_verify_by_sms === 'Y')
+ {
+ // Attempt to fill in the country code.
+ if ($config->phone_number_default_country && (!$args->phone_country || $config->phone_number_hide_country === 'Y'))
+ {
+ $args->phone_country = $config->phone_number_default_country;
+ }
+ if ($args->phone_country && !preg_match('/^[A-Z]{3}$/', $args->phone_country))
+ {
+ $args->phone_country = Rhymix\Framework\i18n::getCountryCodeByCallingCode($args->phone_country);
+ }
+ if ($args->phone_country === 'KOR' && !Rhymix\Framework\Korea::isValidPhoneNumber($args->phone_number))
+ {
+ return new BaseObject(-1, 'msg_invalid_phone_number');
+ }
+
+ // If updating, check if the new info is the same as the old info.
+ if ($mode === 'update' && $original)
+ {
+ $recheck_needed = false;
+ if ($args->phone_country !== $original->phone_country)
+ {
+ $recheck_needed = true;
+ }
+ if (preg_replace('/[^0-9]/', '', $args->phone_number) !== $original->phone_number)
+ {
+ $recheck_needed = true;
+ }
+ if (!$recheck_needed)
+ {
+ return new BaseObject;
+ }
+ }
+
+ // Check if verified by SMS.
+ if (!isset($_SESSION['verify_by_sms']) || !$_SESSION['verify_by_sms']['status'])
+ {
+ return new BaseObject(-1, 'verify_by_sms_incomplete');
+ }
+ if ($args->phone_country !== $_SESSION['verify_by_sms']['country'])
+ {
+ return new BaseObject(-1, 'verify_by_sms_incomplete');
+ }
+ if ($args->phone_number !== $_SESSION['verify_by_sms']['number'])
+ {
+ return new BaseObject(-1, 'verify_by_sms_incomplete');
+ }
+ }
+
+ return new BaseObject;
+ }
+
public static function _clearMemberCache($member_srl)
{
return self::clearMemberCache($member_srl);
diff --git a/modules/member/ruleset/signup.xml b/modules/member/ruleset/signup.xml
index ba39a6cd5..a2704a420 100644
--- a/modules/member/ruleset/signup.xml
+++ b/modules/member/ruleset/signup.xml
@@ -3,13 +3,6 @@
-
-
-
-
-
-
-