aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2021-04-28 13:17:45 +0200
committerMario <mario@mariovavti.com>2021-04-28 13:17:45 +0200
commit94f1c001f1fe2cefd17c5d535ec1fcd0e68c8df5 (patch)
tree74d98ca46111e066d9b42e06ff5416315a29f653 /Zotlabs/Module
parent531a03562dac2e8a5d0e3c76170e24c8e5d4b64b (diff)
downloadvolse-hubzilla-94f1c001f1fe2cefd17c5d535ec1fcd0e68c8df5.tar.gz
volse-hubzilla-94f1c001f1fe2cefd17c5d535ec1fcd0e68c8df5.tar.bz2
volse-hubzilla-94f1c001f1fe2cefd17c5d535ec1fcd0e68c8df5.zip
register: more testing and fixes
Diffstat (limited to 'Zotlabs/Module')
-rw-r--r--Zotlabs/Module/Admin/Site.php27
-rw-r--r--Zotlabs/Module/New_channel.php76
-rw-r--r--Zotlabs/Module/Regate.php59
-rw-r--r--Zotlabs/Module/Register.php30
4 files changed, 101 insertions, 91 deletions
diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php
index ac132cf60..3b2632411 100644
--- a/Zotlabs/Module/Admin/Site.php
+++ b/Zotlabs/Module/Admin/Site.php
@@ -126,7 +126,7 @@ class Site {
//logger( print_r( $this->msgbg, true) );
//logger( print_r( $this->joo, true) );
if ($this->error === 0) {
- set_config('system', 'register_duty', $this->register_duty);
+ set_config('system', 'register_duty', $this->register_duty);
set_config('system', 'register_duty_jso', $this->joo);
} else {
notice('ZAR0130E,'.t('Errors') . ': ' . $this->error) . EOL . $this->msgfg;
@@ -320,9 +320,8 @@ class Site {
REGISTER_APPROVE => t("Yes - with approval"),
REGISTER_OPEN => t("Yes")
);
- $this->register_duty ? get_config('system', 'register_duty') : '';
- $register_perday = get_config('system','max_daily_registrations');
- $register_perday ? '' : $register_perday = 50;
+ $this->register_duty = get_config('system', 'register_duty', '-:-');
+ $register_perday = get_config('system','max_daily_registrations', 50);
/* Acess policy */
$access_choices = Array(
@@ -393,11 +392,11 @@ class Site {
'field' => array(
'name' => 'expire',
'title' => t('duration up from now'),
- 'value' => ($regexpire_n === false ? 99 : $regexpire_n),
+ 'value' => ($regexpire_n === false ? 3 : $regexpire_n),
'min' => '0',
'max' => '99',
'size' => '2',
- 'default' => ($regexpire_u === false ? 'y' : $regexpire_u)
+ 'default' => ($regexpire_u === false ? 'd' : $regexpire_u)
),
'rabot' => $reg_rabots
)
@@ -450,7 +449,7 @@ class Site {
'$register_duty' => [
'register_duty',
t('Configure the registration open days/hours'),
- get_config('system', 'register_duty'),
+ get_config('system', 'register_duty', '-:-'),
t('Empty or \'-:-\' value will keep registration open 24/7 (default)') . EOL .
t('Weekdays and hours must be separated by colon \':\', From-To ranges with a dash `-` example: 1:800-1200') . EOL .
t('Weekday:Hour pairs must be separated by space \' \' example: 1:900-1700 2:900-1700') . EOL .
@@ -458,19 +457,22 @@ class Site {
t('Advanced examples:') . ' 1-5:0900-1200,1300-1700 6:900-1230 ' . t('or') . ' 1-2,4-5:800-1800<br>' . EOL .
'<a id="zar083a" class="btn btn-sm btn-outline-secondary zuia">' . t('Check your configuration') . '</a>'. EOL
],
- '$register_perday' => ['register_perday',
+ '$register_perday' => [
+ 'register_perday',
t('Max account registrations per day'),
get_config('system', 'max_daily_registrations', 50),
t('Unlimited if zero or no value - default 50')
],
- '$register_sameip' => ['register_sameip',
- t('Max account registrations from same ip'),
+ '$register_sameip' => [
+ 'register_sameip',
+ t('Max account registrations from same IP'),
get_config('system', 'register_sameip', 3),
t('Unlimited if zero or no value - default 3')
],
'$reg_delay' => $reg_delay,
'$reg_expire' => $reg_expire,
- '$reg_autochannel' => ['auto_channel_create',
+ '$reg_autochannel' => [
+ 'auto_channel_create',
t("Auto channel create"),
get_config('system','auto_channel_create', 1),
t("If disabled the channel will be created in a separate step during the registration process")
@@ -586,9 +588,6 @@ class Site {
}
}
- if (! $this->register_duty)
- $this->register_duty = '-:-';
-
$ranges = preg_split('/\s+/', $this->register_duty);
$this->msgbg .= '..ranges: ' . print_r(count($ranges),true) . $this->eol;
diff --git a/Zotlabs/Module/New_channel.php b/Zotlabs/Module/New_channel.php
index 98aa480fe..84d492f8f 100644
--- a/Zotlabs/Module/New_channel.php
+++ b/Zotlabs/Module/New_channel.php
@@ -11,7 +11,7 @@ class New_channel extends \Zotlabs\Web\Controller {
function init() {
$cmd = ((argc() > 1) ? argv(1) : '');
-
+
if($cmd === 'autofill.json') {
require_once('library/urlify/URLify.php');
$result = array('error' => false, 'message' => '');
@@ -20,14 +20,14 @@ class New_channel extends \Zotlabs\Web\Controller {
$x = false;
if(get_config('system','unicode_usernames')) {
- $x = punify(mb_strtolower($n));
+ $x = punify(mb_strtolower($n));
}
if((! $x) || strlen($x) > 64)
$x = strtolower(\URLify::transliterate($n));
-
+
$test = array();
-
+
// first name
if(strpos($x,' '))
$test[] = legal_webbie(substr($x,0,strpos($x,' ')));
@@ -44,19 +44,19 @@ class New_channel extends \Zotlabs\Web\Controller {
json_return_and_die(check_webbie($test));
}
-
+
if($cmd === 'checkaddr.json') {
require_once('library/urlify/URLify.php');
$result = array('error' => false, 'message' => '');
$n = trim($_REQUEST['nick']);
if(! $n) {
- $n = trim($_REQUEST['name']);
+ $n = trim($_REQUEST['name']);
}
$x = false;
if(get_config('system','unicode_usernames')) {
- $x = punify(mb_strtolower($n));
+ $x = punify(mb_strtolower($n));
}
if((! $x) || strlen($x) > 64)
@@ -64,7 +64,7 @@ class New_channel extends \Zotlabs\Web\Controller {
$test = array();
-
+
// first name
if(strpos($x,' '))
$test[] = legal_webbie(substr($x,0,strpos($x,' ')));
@@ -80,57 +80,57 @@ class New_channel extends \Zotlabs\Web\Controller {
$test[] = $n;
$test[] = $n . mt_rand(1000,9999);
}
-
+
for($y = 0; $y < 100; $y ++)
$test[] = 'id' . mt_rand(1000,9999);
-
+
json_return_and_die(check_webbie($test));
}
-
-
+
+
}
-
+
function post() {
-
+
$arr = $_POST;
-
+
$acc = \App::get_account();
$arr['account_id'] = get_account_id();
-
- // prevent execution by delegated channels as well as those not logged in.
+
+ // prevent execution by delegated channels as well as those not logged in.
// get_account_id() returns the account_id from the session. But \App::$account
- // may point to the original authenticated account.
-
+ // may point to the original authenticated account.
+
if((! $acc) || ($acc['account_id'] != $arr['account_id'])) {
notice( t('Permission denied.') . EOL );
return;
}
-
+
$result = create_identity($arr);
-
+
if(! $result['success']) {
notice($result['message']);
return;
}
-
+
$newuid = $result['channel']['channel_id'];
-
+
change_channel($result['channel']['channel_id']);
-
- $next_page = get_config('system', 'workflow_channel_next', 'profiles');
+
+ $next_page = get_config('system', 'workflow_channel_next', 'profiles');
goaway(z_root() . '/' . $next_page);
-
+
}
-
+
function get() {
-
+
$acc = \App::get_account();
-
+
if((! $acc) || $acc['account_id'] != get_account_id()) {
notice( t('Permission denied.') . EOL);
return;
}
-
+
$default_role = '';
$aid = get_account_id();
if($aid) {
@@ -140,7 +140,7 @@ class New_channel extends \Zotlabs\Web\Controller {
if($r && (! intval($r[0]['total']))) {
$default_role = get_config('system','default_permissions_role','social');
}
-
+
$limit = account_service_class_fetch(get_account_id(),'total_identities');
$canadd = true;
if($r && ($limit !== false)) {
@@ -155,7 +155,7 @@ class New_channel extends \Zotlabs\Web\Controller {
}
$name_help = '<span id="name_help_loading" style="display:none">' . t('Loading') . '</span><span id="name_help_text">';
- $name_help .= (($default_role)
+ $name_help .= (($default_role)
? t('Your real name is recommended.')
: t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"')
);
@@ -176,10 +176,10 @@ class New_channel extends \Zotlabs\Web\Controller {
$nickhub = '@' . \App::get_hostname();
$nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), $nick_help, "*");
$role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel permission role compatible with your usage needs and privacy requirements.') . '<br>' . '<a href="help/member/member_guide#Channel_Permission_Roles" target="_blank">' . t('Read more about channel permission roles') . '</a>',$perm_roles);
-
+
$o = replace_macros(get_markup_template('new_channel.tpl'), array(
'$title' => t('Create a Channel'),
- '$desc' => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things.') ,
+ '$desc' => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things.') ,
'$label_import' => t('or <a href="import">import an existing channel</a> from another location.'),
'$name' => $name,
'$role' => $role,
@@ -190,10 +190,10 @@ class New_channel extends \Zotlabs\Web\Controller {
'$channel_usage_message' => $channel_usage_message,
'$canadd' => $canadd
));
-
+
return $o;
-
+
}
-
-
+
+
}
diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php
index 6c4aeec3e..155f818ef 100644
--- a/Zotlabs/Module/Regate.php
+++ b/Zotlabs/Module/Regate.php
@@ -151,41 +151,54 @@ class Regate extends \Zotlabs\Web\Controller {
zar_log('ZAR1238I ' . $msg . ' ' . $cra['account']['account_email']
. ' ' . $cra['account']['account_language']);
+ authenticate_success($cra['account'],null,true,false,true);
+
$nextpage = 'new_channel';
- $auto_create = get_config('system','auto_channel_create',1);
+ $auto_create = get_config('system', 'auto_channel_create', 1);
if($auto_create) {
- // prepare channel creation
- if($reonar['chan.name'])
- set_aconfig($cra['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']);
- if($reonar['chan.did1'])
- set_aconfig($cra['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']);
+ $new_channel = ['success' => false];
- $permissions_role = get_config('system','default_permissions_role');
- if($permissions_role)
- set_aconfig($cra['account']['account_id'], 'register', 'permissions_role', $permissions_role);
- }
+ // We do not reserve a channel_address before the registration is verified
+ // and possibly approved by the admin.
+ // If the provided channel_address has been claimed meanwhile,
+ // we will proceed to /new_channel.
- authenticate_success($cra['account'],null,true,false,true);
+ if(isset($reonar['chan.did1']) && check_webbie([$reonar['chan.did1']])) {
- if($auto_create) {
- // create channel
- $new_channel = auto_channel_create($cra['account']['account_id']);
-
- if($new_channel['success']) {
- $channel_id = $new_channel['channel']['channel_id'];
- change_channel($channel_id);
- $nextpage = 'profiles/' . $channel_id;
- $msg_code = 'ZAR1239I';
- $msg = t('Channel successfull created') . ' ' . $did2;
+ // prepare channel creation
+ if($reonar['chan.name'])
+ set_aconfig($cra['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']);
+
+ if($reonar['chan.did1'])
+ set_aconfig($cra['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']);
+
+ $permissions_role = get_config('system','default_permissions_role');
+ if($permissions_role)
+ set_aconfig($cra['account']['account_id'], 'register', 'permissions_role', $permissions_role);
+
+ // create channel
+ $new_channel = auto_channel_create($cra['account']['account_id']);
+
+ if($new_channel['success']) {
+ $channel_id = $new_channel['channel']['channel_id'];
+ change_channel($channel_id);
+ $nextpage = 'profiles/' . $channel_id;
+ $msg_code = 'ZAR1239I';
+ $msg = t('Channel successfull created') . ' ' . $did2;
+ }
}
- else {
+
+ if(!$new_channel['success']) {
$msg_code = 'ZAR1239E';
- $msg = t('Channel still not created') . ' ' . $did2;
+ $msg = t('Automatic channel creation failed. Please create a channel.') . ' ' . $did2;
+ $nextpage = 'new_channel?name=' . $reonar['chan.name'];
}
+
zar_log($msg_code . ' ' . $msg . ' ' . $reonar['chan.did1'] . ' (' . $reonar['chan.name'] . ')');
+
}
unset($_SESSION['login_return_url']);
}
diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php
index 99e59dd77..bb87a1933 100644
--- a/Zotlabs/Module/Register.php
+++ b/Zotlabs/Module/Register.php
@@ -47,7 +47,6 @@ class Register extends Controller {
}
}
-
function post() {
check_form_security_token_redirectOnErr('/register', 'register');
@@ -64,7 +63,7 @@ class Register extends Controller {
$act = q("SELECT COUNT(*) AS act FROM account")[0]['act'];
$is247 = false;
$ip = $_SERVER['REMOTE_ADDR'];
- $sameip = intval(get_config('system','register_sameip'));
+ $sameip = intval(get_config('system','register_sameip', 3));
$arr = $_POST;
$invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : '');
$invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : '');
@@ -117,19 +116,18 @@ class Register extends Controller {
}
if ($email) {
- if (! preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email)) {
+ $email_result = check_account_email($email);
+ if ($email_result['error']) {
// msg!
- notice(t('Not a valid email address') . EOL);
+ notice(t($email_result['message']) . EOL);
return;
}
}
// case when an invited prepares the own account by supply own pw, accept tos, prepage channel (if auto)
if ($email && $invite_code) {
- if ( preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email ) ) {
- if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) {
- $is247 = true;
- }
+ if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) {
+ $is247 = true;
}
}
@@ -156,16 +154,16 @@ class Register extends Controller {
// s2 max daily
// msg?
- if ( !$is247 && self::check_reg_limits()['is'] ) return;
+ if (!$is247 && self::check_reg_limits()['is']) return;
- if(!$password) {
+ if (!$password) {
// msg!
notice(t('No password provided') . EOL);
return;
}
// pw1 == pw2
- if($password !== $password2) {
+ if ($password !== $password2) {
// msg!
notice(t('Passwords do not match') . EOL);
return;
@@ -337,11 +335,11 @@ class Register extends Controller {
if($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE ) {
- $cfgdelay = get_config( 'system', 'register_delay' );
+ $cfgdelay = get_config('system', 'register_delay', '0i');
$reg_delayed = calculate_adue( $cfgdelay );
$regdelay = (($reg_delayed) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_delayed['due']) : $now);
- $cfgexpire = get_config('system','register_expire' );
+ $cfgexpire = get_config('system', 'register_expire', '3d');
$reg_expires = calculate_adue( $cfgexpire );
$regexpire = (($reg_expires) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_expires['due']) : datetime_convert('UTC', 'UTC', 'now + 99 years'));
@@ -583,9 +581,9 @@ class Register extends Controller {
// check against register, account
$rear = array( 'is' => false, 'rn' => 0, 'an' => 0, 'msg' => '' );
- $max_dailies = intval(get_config('system','max_daily_registrations'));
+ $max_dailies = intval(get_config('system', 'max_daily_registrations', 50));
- if ( $max_dailies ) {
+ if ($max_dailies) {
$r = q("SELECT COUNT(reg_id) AS nr FROM register WHERE reg_vital = 1 AND reg_created > %s - INTERVAL %s",
db_utcnow(), db_quoteinterval('1 day')
@@ -594,7 +592,7 @@ class Register extends Controller {
$rear['is'] = ( $r && $r[0]['nr'] >= $max_dailies ) ? true : false;
$rear['rn'] = $r[0]['nr'];
- if ( !$rear['is']) {
+ if (!$rear['is']) {
$r = q("SELECT COUNT(account_id) AS nr FROM account WHERE account_created > %s - INTERVAL %s",
db_utcnow(), db_quoteinterval('1 day')
);