diff options
| author | Max Kostikov <max@kostikov.co> | 2021-04-29 09:32:02 +0000 |
|---|---|---|
| committer | Max Kostikov <max@kostikov.co> | 2021-04-29 09:32:02 +0000 |
| commit | 0cbdeb7bf16f1fb0d03038dd5af324b7cdd7e850 (patch) | |
| tree | 2229673706f8c83d4f4789b68c339b78a8c3b299 /Zotlabs | |
| parent | 61cf92ebddcad92d79d831178d3c7c9ed58d62e9 (diff) | |
| parent | 6be464ef8484063690840e6b06e7540f7416788a (diff) | |
| download | volse-hubzilla-0cbdeb7bf16f1fb0d03038dd5af324b7cdd7e850.tar.gz volse-hubzilla-0cbdeb7bf16f1fb0d03038dd5af324b7cdd7e850.tar.bz2 volse-hubzilla-0cbdeb7bf16f1fb0d03038dd5af324b7cdd7e850.zip | |
Merge branch 'dev' into 'dev'
Dev Sync
See merge request kostikov/core!1
Diffstat (limited to 'Zotlabs')
| -rw-r--r-- | Zotlabs/Lib/Activity.php | 8 | ||||
| -rw-r--r-- | Zotlabs/Module/Admin/Site.php | 162 | ||||
| -rw-r--r-- | Zotlabs/Module/Display.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/New_channel.php | 76 | ||||
| -rw-r--r-- | Zotlabs/Module/Regate.php | 85 | ||||
| -rw-r--r-- | Zotlabs/Module/Register.php | 111 | ||||
| -rw-r--r-- | Zotlabs/Module/Search.php | 2 |
7 files changed, 222 insertions, 224 deletions
diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index 82e74fc83..e036c7b1e 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -1360,16 +1360,14 @@ class Activity { case 'Join': // A second Follow request, but we haven't approved the first one - if ($contact['abook_pending']) { return; } // We've already approved them or followed them first // Send an Accept back to them - set_abconfig($channel['channel_id'], $person_obj['id'], 'pubcrawl', 'their_follow_id', $their_follow_id); - Master::Summon(['Notifier', 'permissions_accept', $contact['abook_id']]); + Master::Summon(['Notifier', 'permission_accept', $contact['abook_id']]); return; case 'Accept': @@ -1471,9 +1469,9 @@ class Activity { if ($my_perms && $automatic) { // send an Accept for this Follow activity - Master::Summon(['Notifier', 'permissions_accept', $new_connection[0]['abook_id']]); + Master::Summon(['Notifier', 'permission_accept', $new_connection[0]['abook_id']]); // Send back a Follow notification to them - Master::Summon(['Notifier', 'permissions_create', $new_connection[0]['abook_id']]); + Master::Summon(['Notifier', 'permission_create', $new_connection[0]['abook_id']]); } $clone = []; diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index 8a7bb1180..3b2632411 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -5,9 +5,6 @@ namespace Zotlabs\Module\Admin; class Site { - // system cfgs - const ivo = 'invitation_only'; - const iva = 'invitation_also'; /** * @brief POST handler for Admin Site Page. @@ -129,7 +126,7 @@ class Site { //logger( print_r( $this->msgbg, true) ); //logger( print_r( $this->joo, true) ); if ($this->error === 0) { - set_config('system', 'register_duty', $this->register_duty); + set_config('system', 'register_duty', $this->register_duty); set_config('system', 'register_duty_jso', $this->joo); } else { notice('ZAR0130E,'.t('Errors') . ': ' . $this->error) . EOL . $this->msgfg; @@ -198,8 +195,8 @@ class Site { set_config('system','register_wo_email', $register_wo_email); set_config('system','minimum_age', $minimum_age); set_config('system','auto_channel_create', $reg_autochannel); - set_config('system',self::ivo, $invitation_only); - set_config('system',self::iva, $invitation_also); + set_config('system', 'invitation_only', $invitation_only); + set_config('system', 'invitation_also', $invitation_also); set_config('system','access_policy', $access_policy); set_config('system','account_abandon_days', $abandon_days); set_config('system','register_text', $register_text); @@ -323,9 +320,8 @@ class Site { REGISTER_APPROVE => t("Yes - with approval"), REGISTER_OPEN => t("Yes") ); - $this->register_duty ? get_config('system', 'register_duty') : ''; - $register_perday = get_config('system','max_daily_registrations'); - $register_perday ? '' : $register_perday = 50; + $this->register_duty = get_config('system', 'register_duty', '-:-'); + $register_perday = get_config('system','max_daily_registrations', 50); /* Acess policy */ $access_choices = Array( @@ -367,11 +363,10 @@ class Site { list($regdelay_n, $regdelay_u) = array(substr($regdelay,0,-1),substr($regdelay,-1)); $reg_delay = replace_macros(get_markup_template('field_duration.qmc.tpl'), array( - 'label' => t('Account registration delay'), + 'label' => t('Register verification delay'), 'qmc' => 'zar', - 'qmcid' => 'ZAR0860C', - 'help' => t('How long a registration request has to wait before validation can perform.' - . ' No delay if zero or no value.'), + 'qmcid' => '', + 'help' => t('Time to wait before a registration can be verified'), 'field' => array( 'name' => 'delay', 'title' => t('duration up from now'), @@ -390,25 +385,22 @@ class Site { list($regexpire_n, $regexpire_u) = array(substr($regexpire,0,-1),substr($regexpire,-1)); $reg_expire = replace_macros(get_markup_template('field_duration.qmc.tpl'), array( - 'label' => t('Account registration expiration'), + 'label' => t('Register verification expiration time'), 'qmc' => 'zar', - 'qmcid' => 'ZAR0862C', - 'help' => t('How long a registration to confirm remains valid.' - . ' Not expire if zero or no value.'), + 'qmcid' => '', + 'help' => t('Time before an unverified registration will expire'), 'field' => array( 'name' => 'expire', 'title' => t('duration up from now'), - 'value' => ($regexpire_n === false ? 99 : $regexpire_n), + 'value' => ($regexpire_n === false ? 3 : $regexpire_n), 'min' => '0', 'max' => '99', 'size' => '2', - 'default' => ($regexpire_u === false ? 'y' : $regexpire_u) + 'default' => ($regexpire_u === false ? 'd' : $regexpire_u) ), 'rabot' => $reg_rabots ) ); - $invitation_only = get_config('system',self::ivo); - $invitation_also = get_config('system',self::iva); $tao = ''; $t = get_markup_template("admin_site.tpl"); @@ -441,81 +433,72 @@ class Site { // Register // [hilmar-> - '$register_text' => array('register_text', + '$register_text' => [ + 'register_text', t("Register text"), htmlspecialchars(get_config('system','register_text'), ENT_QUOTES, 'UTF-8'), - t("Will be displayed prominently on the registration page.") . ' ' - . t('If you operate with register duties (see ZAR0830C), best practise is to tell cleartext about here'), - 'ZAR0810C'), - '$register_policy' => array('register_policy', + t("This text will be displayed prominently at the registration page") + ], + '$register_policy' => [ + 'register_policy', t("Does this site allow new member registration?"), get_config('system','register_policy'), "", $register_choices, - 'ZAR0820C'), - '$register_wo_email' => array('register_wo_email', - t("Registration is also possible without having to enter an email address."), - get_config('system','register_wo_email'), - t("Registration is also supported without requiring an email address from the applicant. Instead of the email address an artificial identification is generated, which has to be confirmed in a separate dialog. The default value is (Off) and corresponds to the registration procedure up to version 5.4.x."), - "", "", 'ZAR0824C'), - - '$register_duty' => array('register_duty', - t('Registration office on duty'), - $this->register_duty = get_config('system', 'register_duty'), - t('The weekdays and hours the register office is open for registrations') . '. ' - . t('Split weekdays and hours per `:`') . '. ' - . t('Separate weekday(s):hour(s) pairs with blank(s)') . '. ' - . t('Several values or ranges are to split by comma') . '. ' - . t('From-To ranges are joined with `-`') . '. ' - . t('ie') . ' `1-5:0900-1200,1300-1700 6:900-1230` ' . t('or') .' `1-2,4-5:800-1800` ' - . EOL . ' <a id="zar083a" class="zuia btn">' . t('Parse and test your input') . '</a>'. EOL - . t('If left empty, defaults to 24h open everyday the week (-:-).') . ' ' - . t('Note, ranges are specified as open-close pairs and in case of') - . ' 0900-1200 ' - . t('results to: opens 9h and closes 12h. If meant open 9h to 12h exactly, say `0900-1201`'), - 'ZAR0830C'), - '$register_perday' => array('register_perday', - t('Account registrations max per day'), - (x(get_config('system', 'max_daily_registrations'))) - ? get_config('system', 'max_daily_registrations') : 50, - t('How many registration requests the site accepts during one day. Unlimited if zero or no value. Default 50'), - 'ZAR0840C'), - '$register_sameip' => array('register_sameip', - t('Account registrations from same ip'), - (x(get_config('system', 'register_sameip'))) - ? get_config('system', 'register_sameip') : 3, - t('How many pending registration requests the site accepts from a same ip address.'), - 'ZAR0850C'), - '$reg_delay'=>$reg_delay, - '$reg_expire'=>$reg_expire, - '$reg_autochannel' => array('auto_channel_create', + ], + '$register_duty' => [ + 'register_duty', + t('Configure the registration open days/hours'), + get_config('system', 'register_duty', '-:-'), + t('Empty or \'-:-\' value will keep registration open 24/7 (default)') . EOL . + t('Weekdays and hours must be separated by colon \':\', From-To ranges with a dash `-` example: 1:800-1200') . EOL . + t('Weekday:Hour pairs must be separated by space \' \' example: 1:900-1700 2:900-1700') . EOL . + t('From-To ranges must be separated by comma \',\' example: 1:800-1200,1300-1700 or 1-2,4-5:900-1700') . EOL . + t('Advanced examples:') . ' 1-5:0900-1200,1300-1700 6:900-1230 ' . t('or') . ' 1-2,4-5:800-1800<br>' . EOL . + '<a id="zar083a" class="btn btn-sm btn-outline-secondary zuia">' . t('Check your configuration') . '</a>'. EOL + ], + '$register_perday' => [ + 'register_perday', + t('Max account registrations per day'), + get_config('system', 'max_daily_registrations', 50), + t('Unlimited if zero or no value - default 50') + ], + '$register_sameip' => [ + 'register_sameip', + t('Max account registrations from same IP'), + get_config('system', 'register_sameip', 3), + t('Unlimited if zero or no value - default 3') + ], + '$reg_delay' => $reg_delay, + '$reg_expire' => $reg_expire, + '$reg_autochannel' => [ + 'auto_channel_create', t("Auto channel create"), get_config('system','auto_channel_create', 1), - t("Auto create a channel when register a new account. When On, the register form will show additional fields for the channel-name and the nickname."), - "", "", 'ZAR0870C'), - - '$invitation_only' => array(self::ivo, - ($invitation_only === false ? '✗' : '✓') . ' ' . t("Invitation only"), - $invitation_only, - t("Only allow new member registrations with an invitation code. Above register policy must be set to Yes."), - "", "", 'ZAR0880C'), - - '$invitation_also' => array(self::iva, - ($invitation_also === false ? '✗' : '✓') . ' ' . t("Invitation also"), - $invitation_also, - t("Also allow new member registrations with an invitation code. Above register policy must be set to Yes."), - "", "", 'ZAR0881C'), - - '$verify_email' => array('verify_email', - t("Verify Email Addresses"), + t("If disabled the channel will be created in a separate step during the registration process") + ], + '$invitation_only' => [ + 'invitation_only', + t("Require invite code"), + $invitation_only + ], + '$invitation_also' => [ + 'invitation_also', + t("Allow invite code"), + $invitation_also + ], + '$verify_email' => [ + 'verify_email', + t("Require email address"), get_config('system','verify_email'), - t("Check to verify email addresses used in account registration (recommended)."), - "", "", 'ZAR0890C'), - '$abandon_days' => array('abandon_days', - t('Accounts abandoned after x days'), + t("The provided email address will be verified (recommended)") + ], + '$abandon_days' => [ + 'abandon_days', + t('Abandon account after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.') - ), + ], // <-hilmar] '$role' => $role, @@ -598,16 +581,13 @@ class Site { if ($this->isajax) { $op = (preg_match('/[a-z]{2,4}/', $_REQUEST['zarop'])) ? $_REQUEST['zarop'] : ''; if ($op == 'zar083') { - $this->msgbg = 'ZAR0130I Testmode:' . $this->eol . $this->msgbg; + $this->msgbg = 'Testmode:' . $this->eol . $this->msgbg; } else { killme(); exit; } } - if (! $this->register_duty) - $this->register_duty = '-:-'; - $ranges = preg_split('/\s+/', $this->register_duty); $this->msgbg .= '..ranges: ' . print_r(count($ranges),true) . $this->eol; @@ -696,11 +676,11 @@ class Site { $cdow = $this->wdconst[$adow]; // below is the essential algo to verify a date (of format Hi) meets an open or closed condition $t = date('Hi', ( rand(time(), 60*60*24+time()) ) ); - $how='closed'; + $how='close'; foreach ($aro[$adow] as $o => $v) { // $this->msgbg .= 'debug: ' . $o . ' gt ' . $t . ' / ' . $v . $this->eol; // 4devels if ($o > $t) { - $how = ($v ? 'open' : 'closed'); + $how = ($v ? 'open' : 'close'); break; } } diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index eb97e77a0..21d3e2e08 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -325,7 +325,7 @@ class Display extends \Zotlabs\Web\Controller { if($parents_str) { $items = q("SELECT item.*, item.id AS item_id FROM item - WHERE parent in ( %s ) $item_normal ", + WHERE parent in ( %s ) $sql_extra $item_normal ", dbesc($parents_str) ); xchan_query($items); diff --git a/Zotlabs/Module/New_channel.php b/Zotlabs/Module/New_channel.php index 98aa480fe..84d492f8f 100644 --- a/Zotlabs/Module/New_channel.php +++ b/Zotlabs/Module/New_channel.php @@ -11,7 +11,7 @@ class New_channel extends \Zotlabs\Web\Controller { function init() { $cmd = ((argc() > 1) ? argv(1) : ''); - + if($cmd === 'autofill.json') { require_once('library/urlify/URLify.php'); $result = array('error' => false, 'message' => ''); @@ -20,14 +20,14 @@ class New_channel extends \Zotlabs\Web\Controller { $x = false; if(get_config('system','unicode_usernames')) { - $x = punify(mb_strtolower($n)); + $x = punify(mb_strtolower($n)); } if((! $x) || strlen($x) > 64) $x = strtolower(\URLify::transliterate($n)); - + $test = array(); - + // first name if(strpos($x,' ')) $test[] = legal_webbie(substr($x,0,strpos($x,' '))); @@ -44,19 +44,19 @@ class New_channel extends \Zotlabs\Web\Controller { json_return_and_die(check_webbie($test)); } - + if($cmd === 'checkaddr.json') { require_once('library/urlify/URLify.php'); $result = array('error' => false, 'message' => ''); $n = trim($_REQUEST['nick']); if(! $n) { - $n = trim($_REQUEST['name']); + $n = trim($_REQUEST['name']); } $x = false; if(get_config('system','unicode_usernames')) { - $x = punify(mb_strtolower($n)); + $x = punify(mb_strtolower($n)); } if((! $x) || strlen($x) > 64) @@ -64,7 +64,7 @@ class New_channel extends \Zotlabs\Web\Controller { $test = array(); - + // first name if(strpos($x,' ')) $test[] = legal_webbie(substr($x,0,strpos($x,' '))); @@ -80,57 +80,57 @@ class New_channel extends \Zotlabs\Web\Controller { $test[] = $n; $test[] = $n . mt_rand(1000,9999); } - + for($y = 0; $y < 100; $y ++) $test[] = 'id' . mt_rand(1000,9999); - + json_return_and_die(check_webbie($test)); } - - + + } - + function post() { - + $arr = $_POST; - + $acc = \App::get_account(); $arr['account_id'] = get_account_id(); - - // prevent execution by delegated channels as well as those not logged in. + + // prevent execution by delegated channels as well as those not logged in. // get_account_id() returns the account_id from the session. But \App::$account - // may point to the original authenticated account. - + // may point to the original authenticated account. + if((! $acc) || ($acc['account_id'] != $arr['account_id'])) { notice( t('Permission denied.') . EOL ); return; } - + $result = create_identity($arr); - + if(! $result['success']) { notice($result['message']); return; } - + $newuid = $result['channel']['channel_id']; - + change_channel($result['channel']['channel_id']); - - $next_page = get_config('system', 'workflow_channel_next', 'profiles'); + + $next_page = get_config('system', 'workflow_channel_next', 'profiles'); goaway(z_root() . '/' . $next_page); - + } - + function get() { - + $acc = \App::get_account(); - + if((! $acc) || $acc['account_id'] != get_account_id()) { notice( t('Permission denied.') . EOL); return; } - + $default_role = ''; $aid = get_account_id(); if($aid) { @@ -140,7 +140,7 @@ class New_channel extends \Zotlabs\Web\Controller { if($r && (! intval($r[0]['total']))) { $default_role = get_config('system','default_permissions_role','social'); } - + $limit = account_service_class_fetch(get_account_id(),'total_identities'); $canadd = true; if($r && ($limit !== false)) { @@ -155,7 +155,7 @@ class New_channel extends \Zotlabs\Web\Controller { } $name_help = '<span id="name_help_loading" style="display:none">' . t('Loading') . '</span><span id="name_help_text">'; - $name_help .= (($default_role) + $name_help .= (($default_role) ? t('Your real name is recommended.') : t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"') ); @@ -176,10 +176,10 @@ class New_channel extends \Zotlabs\Web\Controller { $nickhub = '@' . \App::get_hostname(); $nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), $nick_help, "*"); $role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel permission role compatible with your usage needs and privacy requirements.') . '<br>' . '<a href="help/member/member_guide#Channel_Permission_Roles" target="_blank">' . t('Read more about channel permission roles') . '</a>',$perm_roles); - + $o = replace_macros(get_markup_template('new_channel.tpl'), array( '$title' => t('Create a Channel'), - '$desc' => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things.') , + '$desc' => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things.') , '$label_import' => t('or <a href="import">import an existing channel</a> from another location.'), '$name' => $name, '$role' => $role, @@ -190,10 +190,10 @@ class New_channel extends \Zotlabs\Web\Controller { '$channel_usage_message' => $channel_usage_message, '$canadd' => $canadd )); - + return $o; - + } - - + + } diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 372b65433..155f818ef 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -151,46 +151,62 @@ class Regate extends \Zotlabs\Web\Controller { zar_log('ZAR1238I ' . $msg . ' ' . $cra['account']['account_email'] . ' ' . $cra['account']['account_language']); + authenticate_success($cra['account'],null,true,false,true); + $nextpage = 'new_channel'; - $auto_create = get_config('system','auto_channel_create',1); + $auto_create = get_config('system', 'auto_channel_create', 1); if($auto_create) { - // prepare channel creation - if($reonar['chan.name']) - set_aconfig($cra['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']); - if($reonar['chan.did1']) - set_aconfig($cra['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']); + $new_channel = ['success' => false]; - $permissions_role = get_config('system','default_permissions_role'); - if($permissions_role) - set_aconfig($cra['account']['account_id'], 'register', 'permissions_role', $permissions_role); - } + // We do not reserve a channel_address before the registration is verified + // and possibly approved by the admin. + // If the provided channel_address has been claimed meanwhile, + // we will proceed to /new_channel. - authenticate_success($cra['account'],null,true,false,true); + if(isset($reonar['chan.did1']) && check_webbie([$reonar['chan.did1']])) { - if($auto_create) { - // create channel - $new_channel = auto_channel_create($cra['account']['account_id']); - - if($new_channel['success']) { - $channel_id = $new_channel['channel']['channel_id']; - change_channel($channel_id); - $nextpage = 'profiles/' . $channel_id; - $msg = 'ZAR1239I ' . t('Channel successfull created') . ' ' . $did2; + // prepare channel creation + if($reonar['chan.name']) + set_aconfig($cra['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']); + + if($reonar['chan.did1']) + set_aconfig($cra['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']); + + $permissions_role = get_config('system','default_permissions_role'); + if($permissions_role) + set_aconfig($cra['account']['account_id'], 'register', 'permissions_role', $permissions_role); + + // create channel + $new_channel = auto_channel_create($cra['account']['account_id']); + + if($new_channel['success']) { + $channel_id = $new_channel['channel']['channel_id']; + change_channel($channel_id); + $nextpage = 'profiles/' . $channel_id; + $msg_code = 'ZAR1239I'; + $msg = t('Channel successfull created') . ' ' . $did2; + } } - else { - $msg = 'ZAR1239E ' . t('Channel still not created') . ' ' . $did2; + + if(!$new_channel['success']) { + $msg_code = 'ZAR1239E'; + $msg = t('Automatic channel creation failed. Please create a channel.') . ' ' . $did2; + $nextpage = 'new_channel?name=' . $reonar['chan.name']; } - zar_log($msg . ' ' . $reonar['chan.did1'] . ' (' . $reonar['chan.name'] . ')'); + + zar_log($msg_code . ' ' . $msg . ' ' . $reonar['chan.did1'] . ' (' . $reonar['chan.name'] . ')'); + } unset($_SESSION['login_return_url']); } else { q("ROLLBACK"); - $msg = 'ZAR1238E ' . t('Account creation error'); - zar_log($msg . ':' . print_r($cra, true)); + $msg_code = 'ZAR1238E'; + $msg = t('Account creation error'); + zar_log($msg_code . ' ' . $msg . ': ' . print_r($cra, true)); } } else { @@ -200,25 +216,32 @@ class Regate extends \Zotlabs\Web\Controller { } else { // nothing to confirm - $msg = 'ZAR1236E' . ' ' . t('Verify failed'); + $msg_code = 'ZAR1236E'; + $msg = t('Verify failed'); } } else { - $msg = 'ZAR1235E' . ' ' . t('Token verification failed'); + $msg_code = 'ZAR1235E'; + $msg = t('Token verification failed'); } } else { - $msg = 'ZAR1234W' . ' ' . t('Request not inside time frame'); + $msg_code = 'ZAR1234W'; + $msg = t('Request not inside time frame'); //info($r[0]['reg_startup'] . EOL . $r[0]['reg_expire'] ); } } else { - $msg = 'ZAR1232E' . ' ' . t('Identity unknown'); - zar_log($msg . ':' . $did2 . $didx); + $msg_code = 'ZAR1232E'; + $msg = t('Identity unknown'); + zar_log($msg_code . ' ' . $msg . ':' . $did2 . $didx); } } else { - $msg = 'ZAR1231E' . t('dId2 mistaken'); + $msg_code = 'ZAR1231E'; + $msg = t('dId2 mistaken'); + zar_log($msg_code . ' ' . $msg); + } } diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index 601828d5c..56d3f2d22 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -47,7 +47,6 @@ class Register extends Controller { } } - function post() { check_form_security_token_redirectOnErr('/register', 'register'); @@ -61,24 +60,26 @@ class Register extends Controller { */ - $act = q("SELECT COUNT(*) AS act FROM account")[0]['act']; - $duty = zar_register_dutystate(); - $is247 = false; - $ip = $_SERVER['REMOTE_ADDR']; - $sameip = intval(get_config('system','register_sameip')); - $arr = $_POST; - $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); - $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); - $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); - $name = ''; - $nick = ''; - $email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : ''); - $password = ((x($arr,'password')) ? trim($arr['password']) : ''); - $password2 = ((x($arr,'password2')) ? trim($arr['password2']) : ''); + $act = q("SELECT COUNT(*) AS act FROM account")[0]['act']; + $is247 = false; + $ip = $_SERVER['REMOTE_ADDR']; + $sameip = intval(get_config('system','register_sameip', 3)); + $arr = $_POST; + $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); + $name = ''; + $nick = ''; + $email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : ''); + $password = ((x($arr,'password')) ? trim($arr['password']) : ''); + $password2 = ((x($arr,'password2')) ? trim($arr['password2']) : ''); $register_msg = ((x($arr,'register_msg')) ? notags(trim($arr['register_msg'])) : ''); + $reonar = []; + $auto_create = get_config('system','auto_channel_create', 1); + $duty = zar_register_dutystate(); - $reonar = []; - $auto_create = get_config('system','auto_channel_create', 1); + if (!get_config('system', 'register_duty_jso')) { + // if not yet configured default to true + $duty = array( 'isduty' => true, 'atfrm' => '', 'nowfmt' => ''); + } if($auto_create) { $name = escape_tags(trim($arr['name'])); @@ -113,27 +114,26 @@ class Register extends Controller { } if ($email) { - if (! preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email)) { - // msg! - notice(t('Not a valid email address') . EOL); + $email_result = check_account_email($email); + if ($email_result['error']) { + notice($email_result['message'] . EOL); return; } } // case when an invited prepares the own account by supply own pw, accept tos, prepage channel (if auto) if ($email && $invite_code) { - if ( preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email ) ) { - if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) { - $is247 = true; - } + if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) { + $is247 = true; } } if ($act > 0 && !$is247 && !$duty['isduty']) { // normally (except very 1st timr after install), that should never arrive here (ie js hack or sth like) // log suitable for f2b also - $logmsg = 'ZAR0230S Unexpected registration request off duty'; - zar_log($logmsg); + $logmsg = 'Unexpected registration request off duty'; + notice($logmsg); + zar_log('ZAR0230S ' . $logmsg); return; } @@ -149,19 +149,12 @@ class Register extends Controller { } } - // s2 max daily - // msg? - if ( !$is247 && self::check_reg_limits()['is'] ) return; - - if(!$password) { - // msg! + if (!$password) { notice(t('No password provided') . EOL); return; } - // pw1 == pw2 - if($password !== $password2) { - // msg! + if ($password !== $password2) { notice(t('Passwords do not match') . EOL); return; } @@ -208,7 +201,7 @@ class Register extends Controller { break; } - if($email_verify && ($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE) ) + if($email_verify && ($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE)) $flags = ($flags | ACCOUNT_UNVERIFIED); // $arr has $_POST; @@ -287,28 +280,27 @@ class Register extends Controller { return; } - } else { - $icdone = false; // no ivc entered - if ( ! $invonly) { + if (!$invonly) { // possibly the email is just in use ? $reg = q("SELECT * from register WHERE reg_vital = 1 AND reg_email = '%s'", - dbesc('e' . $email)); + dbesc($email) + ); - if ( ! $reg) - $act = q("SELECT * from account WHERE account_email = '%s'", dbesc($email)); + if (!$reg) { + $act = q("SELECT * from account WHERE account_email = '%s'", + dbesc($email) + ); + } // in case an invitation was made but the invitecode was not entered, better ignore. // goaway(z_root() . '/regate/' . bin2hex($reg['email'])); - if ( ! $reg && ! $act) { + if (! $reg && !$act) { // email useable - $well = true; - - } else { $msg = t('Email address already in use') . EOL; notice($msg); @@ -328,15 +320,21 @@ class Register extends Controller { } + // check max daily registrations after we have dealt with the invitecode + if (self::check_reg_limits()['is']) { + notice('Max registrations per day exceeded.'); + return; + } + if ($well) { if($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE ) { - $cfgdelay = get_config( 'system', 'register_delay' ); + $cfgdelay = get_config('system', 'register_delay', '0i'); $reg_delayed = calculate_adue( $cfgdelay ); $regdelay = (($reg_delayed) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_delayed['due']) : $now); - $cfgexpire = get_config('system','register_expire' ); + $cfgexpire = get_config('system', 'register_expire', '3d'); $reg_expires = calculate_adue( $cfgexpire ); $regexpire = (($reg_expires) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_expires['due']) : datetime_convert('UTC', 'UTC', 'now + 99 years')); @@ -451,7 +449,6 @@ class Register extends Controller { } - function get() { $registration_is = ''; @@ -472,11 +469,11 @@ class Register extends Controller { $other_sites = '<a href="pubsites">' . t('Register at another affiliated hub in case when prefered') . '</a>'; } - if ( !get_config('system', 'register_duty_jso') ) { - // duty yet not configured - $duty = array( 'isduty' => false, 'atfrm' => '', 'nowfmt' => ''); - } else { - $duty = zar_register_dutystate(); + $duty = zar_register_dutystate(); + + if (!get_config('system', 'register_duty_jso')) { + // if not yet configured default to true + $duty = array( 'isduty' => true, 'atfrm' => '', 'nowfmt' => ''); } $invitations = false; @@ -578,9 +575,9 @@ class Register extends Controller { // check against register, account $rear = array( 'is' => false, 'rn' => 0, 'an' => 0, 'msg' => '' ); - $max_dailies = intval(get_config('system','max_daily_registrations')); + $max_dailies = intval(get_config('system', 'max_daily_registrations', 50)); - if ( $max_dailies ) { + if ($max_dailies) { $r = q("SELECT COUNT(reg_id) AS nr FROM register WHERE reg_vital = 1 AND reg_created > %s - INTERVAL %s", db_utcnow(), db_quoteinterval('1 day') @@ -589,7 +586,7 @@ class Register extends Controller { $rear['is'] = ( $r && $r[0]['nr'] >= $max_dailies ) ? true : false; $rear['rn'] = $r[0]['nr']; - if ( !$rear['is']) { + if (!$rear['is']) { $r = q("SELECT COUNT(account_id) AS nr FROM account WHERE account_created > %s - INTERVAL %s", db_utcnow(), db_quoteinterval('1 day') ); diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index 73dfa0816..2ad79e3f6 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -58,7 +58,7 @@ class Search extends Controller { $o .= search($search, 'search-box', '/search', ((local_channel()) ? true : false)); if (local_channel() && strpos($search, 'https://') === 0 && !$update && !$load) { - $j = Activity::fetch($search, App::get_channel()); + $j = Activity::fetch(punify($search), App::get_channel()); if ($j) { $AS = new ActivityStreams($j); if ($AS->is_valid()) { |