Created
May 19, 2015 10:23
-
-
Save TheWatcher/a6cc1cf3acbed343bda5 to your computer and use it in GitHub Desktop.
Imhotep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
if($subscription -> {"id"}) { | |
# Note: herein lies a problem. At this point, we have a pre-existing subscription, that | |
# may or may not be a user's. If it is a user's, it may be active, or have an inactive | |
# alternate email associated with it - potentially sharing an email with an email-only | |
# subscription. Consider the following: | |
# | |
# Anonymous User sets up subscription s0 to f0, f1 using email e0, system sends auth | |
# code to e0, user activates it to prove ownership. | |
# Anonymous user later gets an account, but it is set up to use email e1. User logs in, | |
# and creates subscription s1 to f1 and f2 using alternate email e0, system sends auth | |
# code to e0 (ie: s1 is inactive, note s0 is unaffected at this point). Now one of two | |
# things can happen: | |
# | |
# - user activates s1 using authcode sent to e0. This will automatically merge s0 into | |
# s1 as the system detects the common e0 and gives priority to s1. | |
# - user does not activate s1, but returns later to modfy s1 to remove e0. This | |
# will automatically activate s1 sending emails to e1, but it will NOT merge the | |
# existing s0 into s1 as there is now no common email. This means that now the user | |
# is getting f0,f1 sent to e0, and f1,f2 sent to e1. | |
# | |
# If the subscription is both not activated and activated, how tall is Imhotep? | |
# | |
# The user has two options - they can either add e0 back into s1, activate, and thus get | |
# s0 merged into s1; alternatively each message sent to e0 for s0 will contain an unsub | |
# link that should let the user delete s0. | |
# | |
# An alternative, more dangerous option is to uncomment the following: | |
# | |
# $self -> _merge_subscriptions($subscription -> {"id"}, $subscription -> {"user_id"}, $subscription -> {"email"}) | |
# if($subscription -> {"user_id"} && $subscription -> {"email"}); | |
# | |
# that will merge any email only subscriptions for a user, even if they haven't activated | |
# the subscription. Butit opens the door for subscription hijacking and deletion. | |
# In theory, this should only ever run when userid is not undef - if it is, the email | |
# will always match the subscription email, otherwise _get_subscription_header() couldn't | |
# have found it to begin with. | |
$self -> _set_subscription_email($subscription -> {"id"}, $email) | |
or return undef; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment