diff options
| author | friendica <info@friendica.com> | 2012-03-22 01:46:52 -0700 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2012-03-22 01:46:52 -0700 |
| commit | ebdf0ee99e517c6718099fda2f1b2288c42e66da (patch) | |
| tree | 274a80868cf7a150ca701bbfc7ddb98152e2e42d /mod/register.php | |
| parent | 576eb6cc389d54c29b29b97d3c6d160e61bbf6ca (diff) | |
| download | volse-hubzilla-ebdf0ee99e517c6718099fda2f1b2288c42e66da.tar.gz volse-hubzilla-ebdf0ee99e517c6718099fda2f1b2288c42e66da.tar.bz2 volse-hubzilla-ebdf0ee99e517c6718099fda2f1b2288c42e66da.zip | |
prevent re-registrations using a deleted username - not an issue with Friendica but could create a serious privacy issue with federated platforms
Diffstat (limited to 'mod/register.php')
| -rwxr-xr-x | mod/register.php | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/mod/register.php b/mod/register.php index 388b3e250..6d0e2700b 100755 --- a/mod/register.php +++ b/mod/register.php @@ -150,6 +150,16 @@ function register_post(&$a) { if(count($r)) $err .= t('Nickname is already registered. Please choose another.') . EOL; + // Check deleted accounts that had this nickname. Doesn't matter to us, + // but could be a security issue for federated platforms. + + $r = q("SELECT * FROM `userd` + WHERE `username` = '%s' LIMIT 1", + dbesc($nickname) + ); + if(count($r)) + $err .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL; + if(strlen($err)) { notice( $err ); return; |