aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
authorzottel <github@zottel.net>2012-03-22 16:03:14 +0100
committerzottel <github@zottel.net>2012-03-22 16:03:14 +0100
commite7d80a79fff23e6f8900b40677d11d1022a45df6 (patch)
tree29355722fb8a3e993884e852a254277c80e90de4 /mod
parent3f3c4aec79bf3ceedd551bae7cec7acfd68e3772 (diff)
parent622b25df5f2d1ab21c9e23047bc0c98bfe72bad0 (diff)
downloadvolse-hubzilla-e7d80a79fff23e6f8900b40677d11d1022a45df6.tar.gz
volse-hubzilla-e7d80a79fff23e6f8900b40677d11d1022a45df6.tar.bz2
volse-hubzilla-e7d80a79fff23e6f8900b40677d11d1022a45df6.zip
Merge remote branch 'upstream/master'
Diffstat (limited to 'mod')
-rw-r--r--mod/delegate.php2
-rwxr-xr-xmod/register.php10
-rwxr-xr-xmod/regmod.php5
3 files changed, 16 insertions, 1 deletions
diff --git a/mod/delegate.php b/mod/delegate.php
index c19df0681..8c5031859 100644
--- a/mod/delegate.php
+++ b/mod/delegate.php
@@ -86,7 +86,7 @@ function delegate_content(&$a) {
$r = q("select nurl from contact where substring_index(contact.nurl,'/',3) = '%s'
and contact.uid = %d and contact.self = 0 and network = '%s' ",
- dbesc($a->get_baseurl()),
+ dbesc(normalise_link($a->get_baseurl())),
intval(local_user()),
dbesc(NETWORK_DFRN)
);
diff --git a/mod/register.php b/mod/register.php
index 388b3e250..6d0e2700b 100755
--- a/mod/register.php
+++ b/mod/register.php
@@ -150,6 +150,16 @@ function register_post(&$a) {
if(count($r))
$err .= t('Nickname is already registered. Please choose another.') . EOL;
+ // Check deleted accounts that had this nickname. Doesn't matter to us,
+ // but could be a security issue for federated platforms.
+
+ $r = q("SELECT * FROM `userd`
+ WHERE `username` = '%s' LIMIT 1",
+ dbesc($nickname)
+ );
+ if(count($r))
+ $err .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL;
+
if(strlen($err)) {
notice( $err );
return;
diff --git a/mod/regmod.php b/mod/regmod.php
index 17e728ba2..21f41eb01 100755
--- a/mod/regmod.php
+++ b/mod/regmod.php
@@ -64,6 +64,11 @@ function user_allow($hash) {
}
+
+// This does not have to go through user_remove() and save the nickname
+// permanently against re-registration, as the person was not yet
+// allowed to have friends on this system
+
function user_deny($hash) {
$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",