Add option to hide one's email address

Implements FS#42343.

Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>

7 files changed, 46 insertions, 15 deletions

diff --git a/schema/aur-schema.sql b/schema/aur-schema.sql
index 2c45a976..53dc468b 100644
--- a/schema/aur-schema.sql
+++ b/schema/aur-schema.sql
@@ -26,6 +26,7 @@ CREATE TABLE Users (
 	Suspended TINYINT UNSIGNED NOT NULL DEFAULT 0,
 	Username VARCHAR(32) NOT NULL,
 	Email VARCHAR(64) NOT NULL,
+	HideEmail TINYINT UNSIGNED NOT NULL DEFAULT 0,
 	Passwd CHAR(32) NOT NULL,
 	Salt CHAR(32) NOT NULL DEFAULT '',
 	ResetKey CHAR(32) NOT NULL DEFAULT '',
diff --git a/upgrading/4.1.0.txt b/upgrading/4.1.0.txt
index 439562f7..26f9f65e 100644
--- a/upgrading/4.1.0.txt
+++ b/upgrading/4.1.0.txt
@@ -17,3 +17,10 @@ ALTER TABLE PackageBases
 	ADD COLUMN FlaggerComment VARCHAR(255) NOT NULL,
 	ADD FOREIGN KEY (FlaggerUID) REFERENCES Users(ID) ON DELETE SET NULL;
 ----
+
+3. Add field to store the state of a user's email address:
+
+----
+ALTER TABLE Users
+	ADD COLUMN HideEmail TINYINT UNSIGNED NOT NULL DEFAULT 0;
+----
diff --git a/web/html/account.php b/web/html/account.php
index adc2542c..b2886fc6 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -32,10 +32,10 @@ if ($action == "UpdateAccount") {
 		list($success, $update_account_message) = process_account_form(
 			"edit", "UpdateAccount",
 			in_request("U"), in_request("T"), in_request("S"),
-			in_request("E"), in_request("P"), in_request("C"),
-			in_request("R"), in_request("L"), in_request("I"),
-			in_request("K"), in_request("PK"), in_request("J"),
-			in_request("ID"), $row["Username"]);
+			in_request("E"), in_request("H"), in_request("P"),
+			in_request("C"), in_request("R"), in_request("L"),
+			in_request("I"), in_request("K"), in_request("PK"),
+			in_request("J"), in_request("ID"), $row["Username"]);
 	}
 }
 
@@ -79,8 +79,8 @@ if (isset($_COOKIE["AURSID"])) {
 			if (can_edit_account($row)) {
 				display_account_form("UpdateAccount", $row["Username"],
 					$row["AccountTypeID"], $row["Suspended"], $row["Email"],
-					"", "", $row["RealName"], $row["LangPreference"],
-					$row["IRCNick"], $row["PGPKey"], $PK,
+					$row["HideEmail"], "", "", $row["RealName"],
+					$row["LangPreference"], $row["IRCNick"], $row["PGPKey"], $PK,
 					$row["InactivityTS"] ? 1 : 0, $row["ID"], $row["Username"]);
 			} else {
 				print __("You do not have permission to edit this account.");
@@ -115,9 +115,10 @@ if (isset($_COOKIE["AURSID"])) {
 
 		if (!$success) {
 			display_account_form("UpdateAccount", in_request("U"), in_request("T"),
-				in_request("S"), in_request("E"), in_request("P"), in_request("C"),
-				in_request("R"), in_request("L"), in_request("I"), in_request("K"),
-				in_request("PK"), in_request("J"), in_request("ID"), $row["Username"]);
+				in_request("S"), in_request("E"), in_request("H"), in_request("P"),
+				in_request("C"), in_request("R"), in_request("L"), in_request("I"),
+				in_request("K"), in_request("PK"), in_request("J"), in_request("ID"),
+				$row["Username"]);
 		}
 
 	} else {
diff --git a/web/html/register.php b/web/html/register.php
index 9c5c1cc1..f8400a37 100644
--- a/web/html/register.php
+++ b/web/html/register.php
@@ -21,7 +21,7 @@ echo '<h2>' . __('Register') . '</h2>';
 if (in_request("Action") == "NewAccount") {
 	list($success, $message) = process_account_form(
 			"new", "NewAccount", in_request("U"), 1, 0,
-			in_request("E"), '', '', in_request("R"),
+			in_request("E"), in_request("H"), '', '', in_request("R"),
 			in_request("L"), in_request("I"), in_request("K"),
 			in_request("PK"));
 
@@ -29,13 +29,13 @@ if (in_request("Action") == "NewAccount") {
 
 	if (!$success) {
 		display_account_form("NewAccount", in_request("U"), 1, 0,
-			in_request("E"), '', '', in_request("R"),
+			in_request("E"), in_request("H"), '', '', in_request("R"),
 			in_request("L"), in_request("I"), in_request("K"),
 			in_request("PK"));
 	}
 } else {
 	print '<p>' . __("Use this form to create an account.") . '</p>';
-	display_account_form("NewAccount", "", "", "", "", "", "", "", $LANG);
+	display_account_form("NewAccount", "", "", "", "", "", "", "", "", $LANG);
 }
 
 echo '</div>';
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index 756c8477..a2009988 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -47,6 +47,7 @@ function html_format_pgp_fingerprint($fingerprint) {
  * @param string $T The account type of the displayed user
  * @param string $S Whether the displayed user has a suspended account
  * @param string $E The e-mail address of the displayed user
+ * @param string $H Whether the e-mail address of the displayed user is hidden
  * @param string $P The password value of the displayed user
  * @param string $C The confirmed password value of the displayed user
  * @param string $R The real name of the displayed user
@@ -60,7 +61,7 @@ function html_format_pgp_fingerprint($fingerprint) {
  *
  * @return void
  */
-function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="",
+function display_account_form($A,$U="",$T="",$S="",$E="",$H="",$P="",$C="",$R="",
 		$L="",$I="",$K="",$PK="",$J="",$UID=0,$N="") {
 	global $SUPPORTED_LANGS;
 
@@ -78,6 +79,7 @@ function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="",
  * @param string $T The account type for the user
  * @param string $S Whether or not the account is suspended
  * @param string $E The e-mail address for the user
+ * @param string $H Whether or not the e-mail address should be hidden
  * @param string $P The password for the user
  * @param string $C The confirmed password for the user
  * @param string $R The real name of the user
@@ -91,7 +93,7 @@ function display_account_form($A,$U="",$T="",$S="",$E="",$P="",$C="",$R="",
  *
  * @return array Boolean indicating success and message to be printed
  */
-function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$P="",$C="",
+function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$H="",$P="",$C="",
 		$R="",$L="",$I="",$K="",$PK="",$J="",$UID=0,$N="") {
 	global $SUPPORTED_LANGS;
 
@@ -324,6 +326,11 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",$P="",$C="",
 			$q.= ", Suspended = 0";
 		}
 		$q.= ", Email = " . $dbh->quote($E);
+		if ($H) {
+			$q.= ", HideEmail = 1";
+		} else {
+			$q.= ", HideEmail = 0";
+		}
 		if ($P) {
 			$salt = generate_salt();
 			$hash = salted_hash($P, $salt);
diff --git a/web/template/account_details.php b/web/template/account_details.php
index 9282b2c2..59a6a63b 100644
--- a/web/template/account_details.php
+++ b/web/template/account_details.php
@@ -25,7 +25,17 @@
 				</tr>
 				<tr>
 					<th><?= __("Email Address") . ":" ?></th>
-					<td><a href="mailto:<?= htmlspecialchars($row["Email"], ENT_QUOTES) ?>"><?= htmlspecialchars($row["Email"], ENT_QUOTES) ?></a></td>
+					<td>
+						<?php
+						if ($row["HideEmail"] == 1 && !has_credential(CRED_ACCOUNT_SEARCH)):
+							print "<em>" . __("hidden") . "</em>";
+						else:
+						?>
+							<a href="mailto:<?= htmlspecialchars($row["Email"], ENT_QUOTES) ?>"><?= htmlspecialchars($row["Email"], ENT_QUOTES) ?></a>
+						<?php
+						endif;
+						?>
+					</td>
 				</tr>
 				<tr>
 					<th><?= __("Real Name") . ":" ?></th>
diff --git a/web/template/account_edit_form.php b/web/template/account_edit_form.php
index 83aedb0d..16655c0f 100644
--- a/web/template/account_edit_form.php
+++ b/web/template/account_edit_form.php
@@ -76,6 +76,11 @@
 			<em><?= __("Please ensure you correctly entered your email address, otherwise you will be locked out.") ?></em>
 		</p>
 
+		<p>
+			<label for="id_hide"><?= __("Hide Email Address") ?>:</label>
+			<input type="checkbox" name="H" id="id_hide" <?= $H ? 'checked="checked"' : '' ?> />
+		</p>
+
 		<?php if ($A == "UpdateAccount"): ?>
 		<p>
 			<label for="id_passwd1"><?= __("Password") ?>:</label>