diff --git a/modules/ModuleNewsletterActivateNotificationCenter.php b/modules/ModuleNewsletterActivateNotificationCenter.php index 343e9c25..b0db7b4a 100644 --- a/modules/ModuleNewsletterActivateNotificationCenter.php +++ b/modules/ModuleNewsletterActivateNotificationCenter.php @@ -71,14 +71,42 @@ protected function activateRecipient($token) /** @var \Contao\CoreBundle\OptIn\OptIn $optIn */ $optIn = \System::getContainer()->get('contao.opt-in'); - if (!($optInToken = $optIn->find($token)) || $optInToken->isConfirmed() || \count($arrRelated = $optInToken->getRelatedRecords()) < 1) + if ((!$optInToken = $optIn->find($token)) || !$optInToken->isValid() || \count($arrRelated = $optInToken->getRelatedRecords()) < 1 || key($arrRelated) != 'tl_newsletter_recipients' || \count($arrIds = current($arrRelated)) < 1) { $this->Template->type = 'error'; - $this->Template->message = $GLOBALS['TL_LANG']['MSC']['accountError']; + $this->Template->message = $GLOBALS['TL_LANG']['MSC']['invalidToken']; return; } + if ($optInToken->isConfirmed()) + { + $this->Template->type = 'error'; + $this->Template->message = $GLOBALS['TL_LANG']['MSC']['tokenConfirmed']; + + return; + } + + $arrRecipients = array(); + + // Validate the token + foreach ($arrIds as $intId) + { + if (!$objRecipient = NewsletterRecipientsModel::findByPk($intId)) + { + $this->Template->type = 'error'; + $this->Template->message = $GLOBALS['TL_LANG']['MSC']['invalidToken']; + return; + } + if ($optInToken->getEmail() != $objRecipient->email) + { + $this->Template->type = 'error'; + $this->Template->message = $GLOBALS['TL_LANG']['MSC']['tokenEmailMismatch']; + return; + } + $arrRecipients[] = $objRecipient; + } + $strEmail = $optInToken->getEmail(); } else { $objRecipient = \NewsletterRecipientsModel::findByToken($token); @@ -99,17 +127,14 @@ protected function activateRecipient($token) $arrCids = array(); if (version_compare(VERSION, '4.7', '>=')) { - foreach ($arrRelated as $strTable=>$intId) + // Activate the subscriptions + foreach ($arrRecipients as $objRecipient) { - if ($strTable == 'tl_newsletter_recipients' && ($objRecipient = \NewsletterRecipientsModel::findByPk($intId))) - { - $arrAdd[] = $objRecipient->id; - $arrCids[] = $objRecipient->pid; - - $objRecipient->tstamp = $time; - $objRecipient->active = '1'; - $objRecipient->save(); - } + $arrAdd[] = $objRecipient->id; + $arrCids[] = $objRecipient->pid; + $objRecipient->tstamp = $time; + $objRecipient->active = '1'; + $objRecipient->save(); } $optInToken->confirm(); diff --git a/modules/ModuleNewsletterSubscribeNotificationCenter.php b/modules/ModuleNewsletterSubscribeNotificationCenter.php index 2e6263db..8d19cb62 100644 --- a/modules/ModuleNewsletterSubscribeNotificationCenter.php +++ b/modules/ModuleNewsletterSubscribeNotificationCenter.php @@ -160,7 +160,7 @@ protected function addNewsletterRecipient($strEmail, $arrNew) if (version_compare(VERSION, '4.7', '>=')) { /** @var \Contao\CoreBundle\OptIn\OptIn $optIn */ $optIn = \System::getContainer()->get('contao.opt-in'); - $strToken = $optIn->create('nl-', $strEmail, $arrRelated)->getIdentifier(); + $strToken = $optIn->create('nl', $strEmail, $arrRelated)->getIdentifier(); } $this->sendNotification($strToken, $strEmail, $arrNew); diff --git a/modules/ModulePasswordNotificationCenter.php b/modules/ModulePasswordNotificationCenter.php index be207a70..db6985c9 100644 --- a/modules/ModulePasswordNotificationCenter.php +++ b/modules/ModulePasswordNotificationCenter.php @@ -51,7 +51,7 @@ protected function sendPasswordLink($objMember) if (version_compare($contaoVersion, '4.7.0', '>=')) { /** @var \Contao\CoreBundle\OptIn\OptIn $optIn */ $optIn = System::getContainer()->get('contao.opt-in'); - $optInToken = $optIn->create('pw-', $objMember->email, array('tl_member'=>array($objMember->id))); + $optInToken = $optIn->create('pw', $objMember->email, array('tl_member'=>array($objMember->id))); $token = $optInToken->getIdentifier(); } elseif (version_compare($contaoVersion, '4.4.12', '>=')) { $token = 'PW' . substr($token, 2);