summaryrefslogtreecommitdiffstats
path: root/template/en/default/account/email
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2006-08-20 03:11:59 +0200
committerlpsolit%gmail.com <>2006-08-20 03:11:59 +0200
commit59285f71c6ed0d4db7d4b0455902130a2d7c83bd (patch)
tree49e2e47a53bb4ac31c10d3225b5e0a66edc5c126 /template/en/default/account/email
parent9dfdfd787ff4c0afac28b66e67082712ec2a3d92 (diff)
downloadbugzilla-59285f71c6ed0d4db7d4b0455902130a2d7c83bd.tar.gz
bugzilla-59285f71c6ed0d4db7d4b0455902130a2d7c83bd.tar.xz
Bug 87795: Creating an account should send token and wait for confirmation (prevent user account abuse) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=bkor a=myk
Diffstat (limited to 'template/en/default/account/email')
-rw-r--r--template/en/default/account/email/confirm-new.html.tmpl64
-rw-r--r--template/en/default/account/email/request-new.txt.tmpl44
2 files changed, 108 insertions, 0 deletions
diff --git a/template/en/default/account/email/confirm-new.html.tmpl b/template/en/default/account/email/confirm-new.html.tmpl
new file mode 100644
index 000000000..0e9ab98e5
--- /dev/null
+++ b/template/en/default/account/email/confirm-new.html.tmpl
@@ -0,0 +1,64 @@
+[%# 1.0@bugzilla.org %]
+[%# The contents of this file are subject to the Mozilla Public
+ # License Version 1.1 (the "License"); you may not use this file
+ # except in compliance with the License. You may obtain a copy of
+ # the License at http://www.mozilla.org/MPL/
+ #
+ # Software distributed under the License is distributed on an "AS
+ # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ # implied. See the License for the specific language governing
+ # rights and limitations under the License.
+ #
+ # The Original Code is the Bugzilla Bug Tracking System.
+ #
+ # Contributor(s): Frédéric Buclin <LpSolit@gmail.com>
+ #%]
+
+[%# INTERFACE:
+ # token: string. The token to be used in the user account creation.
+ # email: email address of the user account.
+ # date: creation date of the token.
+ #%]
+
+[% title = BLOCK %]Create a new user account for '[% email FILTER html %]'[% END %]
+[% PROCESS "global/header.html.tmpl"
+ title = title
+ onload = "document.forms['confirm_account_form'].realname.focus();" %]
+
+[% expiration_ts = date + (constants.MAX_TOKEN_AGE * 86400) %]
+<div>
+ To complete the creation of your user account, you must choose a password in the
+ form below. You can also enter your real name, which is optional.<p>
+ If you don't fill this form before
+ <u>[%+ time2str("%H:%M on the %o of %B, %Y", expiration_ts) %]</u>, the creation
+ of this account will be automatically cancelled.
+</div>
+
+<form id="confirm_account_form" method="post" action="token.cgi">
+ <input type="hidden" name="t" value="[% token FILTER html %]">
+ <input type="hidden" name="a" value="confirm_new_account">
+ <table>
+ <tr>
+ <th align="right">Email Address:</th>
+ <td>[% email FILTER html %]</td>
+ </tr>
+ <tr>
+ <th align="right"><label for="realname">Real Name</label>:</th>
+ <td><input type="text" id="realname" name="realname" value=""></td>
+ </tr>
+ <tr>
+ <th align="right"><label for="passwd1">Type your password</label>:</th>
+ <td><input type="password" id="passwd1" name="passwd1" value=""></td>
+ </tr>
+ <tr>
+ <th align="right"><label for="passwd1">Re-type your password</label>:</th>
+ <td><input type="password" id="passwd2" name="passwd2" value=""></td>
+ </tr>
+ <tr>
+ <th align="right">&nbsp;</th>
+ <td><input type="submit" id="confirm" value="Send"></td>
+ </tr>
+ </table>
+</form>
+
+[% PROCESS global/footer.html.tmpl %]
diff --git a/template/en/default/account/email/request-new.txt.tmpl b/template/en/default/account/email/request-new.txt.tmpl
new file mode 100644
index 000000000..85fdec157
--- /dev/null
+++ b/template/en/default/account/email/request-new.txt.tmpl
@@ -0,0 +1,44 @@
+[%# 1.0@bugzilla.org %]
+[%# The contents of this file are subject to the Mozilla Public
+ # License Version 1.1 (the "License"); you may not use this file
+ # except in compliance with the License. You may obtain a copy of
+ # the License at http://www.mozilla.org/MPL/
+ #
+ # Software distributed under the License is distributed on an "AS
+ # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ # implied. See the License for the specific language governing
+ # rights and limitations under the License.
+ #
+ # The Original Code is the Bugzilla Bug Tracking System.
+ #
+ # Contributor(s): Frédéric Buclin <LpSolit@gmail.com>
+ #%]
+
+[%# INTERFACE:
+ # token: random string used to authenticate the transaction.
+ # token_ts: creation date of the token.
+ # email: email address of the new account.
+ #%]
+
+[% PROCESS global/variables.none.tmpl %]
+
+[% expiration_ts = token_ts + (constants.MAX_TOKEN_AGE * 86400) %]
+From: bugzilla-admin-daemon
+To: [% email %]
+Subject: [% terms.Bugzilla %]: confirm account creation
+
+[%+ terms.Bugzilla %] has received a request to create a user account
+using your email address ([% email %]).
+
+To confirm that you want to create an account using that email address,
+visit the following link:
+
+[%+ Param('urlbase') %]token.cgi?t=[% token FILTER url_quote %]&a=request_new_account
+
+If you are not the person who made this request, or you wish to cancel
+this request, visit the following link:
+
+[%+ Param('urlbase') %]token.cgi?t=[% token FILTER url_quote %]&a=cancel_new_account
+
+If you do nothing, the request will lapse after [%+ constants.MAX_TOKEN_AGE %] days
+(at precisely [%+ time2str("%H:%M on the %o of %B, %Y", expiration_ts) %]).