aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module')
-rw-r--r--Zotlabs/Module/Admin/Accounts.php37
-rw-r--r--Zotlabs/Module/Admin/Site.php3
-rw-r--r--Zotlabs/Module/Notifications.php23
-rw-r--r--Zotlabs/Module/Regate.php176
-rw-r--r--Zotlabs/Module/Register.php210
-rw-r--r--Zotlabs/Module/Sse_bs.php4
-rw-r--r--Zotlabs/Module/Wfinger.php2
7 files changed, 239 insertions, 216 deletions
diff --git a/Zotlabs/Module/Admin/Accounts.php b/Zotlabs/Module/Admin/Accounts.php
index ac46c43aa..76d332268 100644
--- a/Zotlabs/Module/Admin/Accounts.php
+++ b/Zotlabs/Module/Admin/Accounts.php
@@ -206,28 +206,34 @@ class Accounts {
$tao = 'tao.zar.zarax = ' . "'" . '<img src="' . z_root() . '/images/zapax16.gif">' . "';\n";
- $pending = get_pending_accounts();
+
+ // by default we will only return verified results. if reg_all is set we will return everything''
+ $get_all = isset($_REQUEST['get_all']);
+ $pending = get_pending_accounts($get_all);
unset($_SESSION[self::MYP]);
+
if ($pending) {
// collect and group all ip
- $atips = q("SELECT reg_atip AS atip, COUNT(reg_atip) AS atips FROM register "
- ." WHERE reg_vital = 1 GROUP BY reg_atip ");
- $atips ? $atipn = array_column($atips, 'atips', 'atip') : $atipn = array('' => 0);
+ $atips = dbq("SELECT reg_atip AS atip, COUNT(reg_atip) AS atips FROM register
+ WHERE reg_vital = 1 GROUP BY reg_atip"
+ );
+
+ (($atips) ? $atipn = array_column($atips, 'atips', 'atip') : $atipn = ['' => 0]);
$tao .= 'tao.zar.zarar = {';
foreach ($pending as $n => $v) {
- if (array_key_exists($v['reg_atip'], $atipn)) {
- $pending[$n]['reg_atip'] = $v['reg_atip'] . ' ◄' . $atipn[ $v['reg_atip'] ] . '×';
- }
+ $stuff = json_decode($v['reg_stuff'], true);
- $pending[$n]['status'] = t('Not verified');
- if($pending[$n]['reg_vfd'])
- $pending[$n]['status'] = t('Verified');
+ if(isset($stuff['msg'])) {
+ $pending[$n]['msg'] = $stuff['msg'];
+ }
- if(!$pending[$n]['reg_vfd'] && $pending[$n]['reg_expires'] < datetime_convert())
- $pending[$n]['status'] = t('Expired');
+ if (array_key_exists($v['reg_atip'], $atipn)) {
+ $pending[$n]['reg_atip'] = $v['reg_atip'];
+ $pending[$n]['reg_atip_n'] = $atipn[$v['reg_atip']];
+ }
// timezone adjust date_time for display
$pending[$n]['reg_created'] = datetime_convert('UTC', date_default_timezone_get(), $pending[$n]['reg_created']);
@@ -298,9 +304,9 @@ class Accounts {
'$sel_tall' => t('Select toggle'),
'$sel_deny' => t('Deny selected'),
'$sel_aprv' => t('Approve selected'),
- '$h_pending' => t('Registrations waiting for confirm'),
- '$th_pending' => array( t('Request date'), t('Verification status'), t('Timeframe'), 'dId2', t('specified,atip') ),
- '$no_pending' => t('No registrations.'),
+ '$h_pending' => t('Verified registrations waiting for approval'),
+ '$th_pending' => array(t('Request date'), 'dId2', t('Email'), 'IP', t('Requests')),
+ '$no_pending' => t('No verified registrations.'),
'$approve' => t('Approve'),
'$deny' => t('Deny'),
'$delete' => t('Delete'),
@@ -330,6 +336,7 @@ class Accounts {
'$tao' => $tao,
'$pending' => $pending,
'$users' => $users,
+ '$msg' => t('Message')
));
$o .= paginate($a);
diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php
index 73c24897f..8a7bb1180 100644
--- a/Zotlabs/Module/Admin/Site.php
+++ b/Zotlabs/Module/Admin/Site.php
@@ -469,8 +469,7 @@ class Site {
. t('From-To ranges are joined with `-`') . '. '
. t('ie') . ' `1-5:0900-1200,1300-1700 6:900-1230` ' . t('or') .' `1-2,4-5:800-1800` '
. EOL . ' <a id="zar083a" class="zuia btn">' . t('Parse and test your input') . '</a>'. EOL
- . t('If left empty, defaults to 24h closed everyday the week.') . ' '
- . t('To open 24h everyday the week, short is `-:-`.') . ' '
+ . t('If left empty, defaults to 24h open everyday the week (-:-).') . ' '
. t('Note, ranges are specified as open-close pairs and in case of')
. ' 0900-1200 '
. t('results to: opens 9h and closes 12h. If meant open 9h to 12h exactly, say `0900-1201`'),
diff --git a/Zotlabs/Module/Notifications.php b/Zotlabs/Module/Notifications.php
index 55268e0a2..8ecf5760a 100644
--- a/Zotlabs/Module/Notifications.php
+++ b/Zotlabs/Module/Notifications.php
@@ -6,15 +6,17 @@ require_once('include/bbcode.php');
class Notifications extends \Zotlabs\Web\Controller {
function get() {
-
+
if(! local_channel()) {
notice( t('Permission denied.') . EOL);
return;
}
-
+
nav_set_selected('Notifications');
-
+
$o = '';
+ $notif_content = '';
+ $notifications_available = false;
$r = q("select count(*) as total from notify where uid = %d and seen = 0",
intval(local_channel())
@@ -24,7 +26,8 @@ class Notifications extends \Zotlabs\Web\Controller {
and seen = 0 order by created desc limit 50",
intval(local_channel())
);
- } else {
+ }
+ else {
$r1 = q("select * from notify where uid = %d
and seen = 0 order by created desc limit 50",
intval(local_channel())
@@ -36,12 +39,12 @@ class Notifications extends \Zotlabs\Web\Controller {
);
$r = array_merge($r1,$r2);
}
-
+
if($r) {
- $notifications_available = 1;
+ $notifications_available = true;
foreach ($r as $rr) {
$x = strip_tags(bbcode($rr['msg']));
- $notif_content = replace_macros(get_markup_template('notify.tpl'),array(
+ $notif_content .= replace_macros(get_markup_template('notify.tpl'),array(
'$item_link' => z_root().'/notify/view/'. $rr['id'],
'$item_image' => $rr['photo'],
'$item_text' => $x,
@@ -54,15 +57,15 @@ class Notifications extends \Zotlabs\Web\Controller {
else {
$notif_content = t('No more system notifications.');
}
-
+
$o .= replace_macros(get_markup_template('notifications.tpl'),array(
'$notif_header' => t('System Notifications'),
'$notif_link_mark_seen' => t('Mark all seen'),
'$notif_content' => $notif_content,
'$notifications_available' => $notifications_available,
));
-
+
return $o;
}
-
+
}
diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php
index 6d9d5dc28..372b65433 100644
--- a/Zotlabs/Module/Regate.php
+++ b/Zotlabs/Module/Regate.php
@@ -50,13 +50,14 @@ class Regate extends \Zotlabs\Web\Controller {
$ip = $_SERVER['REMOTE_ADDR'];
$isduty = zar_register_dutystate();
- if ($isduty['isduty'] !== false && $isduty['isduty'] != 1) {
+
+ if (!$_SESSION['zar']['invite_in_progress'] && ($isduty['isduty'] !== false && $isduty['isduty'] != 1)) {
// normally, that should never happen here
// log suitable for fail2ban also
$logmsg = 'ZAR1230S Unexpected registration verification request for '
. get_config('system','sitename') . ' arrived from § ' . $ip . ' §';
zar_log($logmsg);
- goaway(z_root() . '/');
+ goaway(z_root());
}
// do we have a valid dId2 ?
@@ -68,20 +69,19 @@ class Regate extends \Zotlabs\Web\Controller {
if ($r && count($r)) {
$r = $r[0];
// check timeframe
- if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now ) {
- if ( isset($_POST['resend']) && $didx == 'e' ) {
+ if ($r['reg_startup'] <= $now && $r['reg_expires'] >= $now) {
+ if (isset($_POST['resend']) && $didx == 'e') {
$re = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = 'e' AND reg_did2 = '%s' ORDER BY reg_created DESC ", dbesc($r['reg_did2']) );
- if ( $re ) {
+ if ($re) {
$re = $re[0];
- $reonar = json_decode($re['reg_stuff'],true);
- $reonar['subject'] = 'Re,Fwd,' . $reonar['subject'];
+ $reonar = json_decode($re['reg_stuff'], true);
if ($reonar) {
+ $reonar['subject'] = 'Re,Fwd,' . $reonar['subject'];
$zm = zar_reg_mail($reonar);
- $msg = ($zm) ? 'ZAR1238I ' . t('Email resent')
- : 'ZAR1238E ' . t('Resent failed');
- zar_log($msg . ' ' . $r['reg_did2']);
+ $msg = (($zm) ? t('Email resent') : t('Email resend failed'));
+ zar_log((($zm) ? 'ZAR1238I' : 'ZAR1238E') . ' ' . $msg . ' ' . $r['reg_did2']);
info($msg);
- goaway(z_root() . '/' . $nextpage);
+ return;
}
}
}
@@ -99,16 +99,28 @@ class Regate extends \Zotlabs\Web\Controller {
if ( $acpin && ($r['reg_hash'] == $acpin )) {
$flags = $r['reg_flags'];
- if ( ($flags & ACCOUNT_UNVERIFIED ) == ACCOUNT_UNVERIFIED) {
+ if (($flags & ACCOUNT_UNVERIFIED) == ACCOUNT_UNVERIFIED) {
// verification success
$msg = 'ZAR1237I' . ' ' . t('Verify successfull');
$reonar = json_decode( $r['reg_stuff'], true);
$reonar['valid'] = $now . ',' . $ip . ' ' . $did2 . ' ' . $msg;
+
// clear flag
$flags &= $flags ^ ACCOUNT_UNVERIFIED;
+
+ // are we invited by the admin?
+ $isa = get_account_by_id($r['reg_uid']);
+ $isa = ($isa && ($isa['account_roles'] && ACCOUNT_ROLE_ADMIN));
+
+ // approve contra invite by admin
+ if ($isa && get_config('system','register_policy') == REGISTER_APPROVE) {
+ $flags &= $flags ^ ACCOUNT_PENDING;
+ }
+
// sth todo?
$vital = $flags == 0 ? 0 : 1;
+
// set flag
$flags |= REGISTER_AGREED;
zar_log($msg . ' ' . $did2 . ':flags' . $flags . ',rid' . $r['reg_id']);
@@ -123,21 +135,20 @@ class Regate extends \Zotlabs\Web\Controller {
intval($r['reg_id'])
);
- if ( ($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING ) {
- $msg .= "\n".t('Last step will be by an instance admin to agree your account request');
+ if (($flags & ACCOUNT_PENDING ) == ACCOUNT_PENDING) {
$nextpage = 'regate/' . bin2hex($did2) . $didx;
q("COMMIT");
}
- elseif ( ($flags ^ REGISTER_AGREED) == 0) {
+ elseif (($flags ^ REGISTER_AGREED) == 0) {
$cra = create_account_from_register([ 'reg_id' => $r['reg_id'] ]);
if ($cra['success']) {
q("COMMIT");
- $msg = 'ZAR1238I ' . t('Account successfull created');
+ $msg = t('Account successfull created');
// zar_log($msg . ':' . print_r($cra, true));
- zar_log($msg . ' ' . $cra['account']['account_email']
+ zar_log('ZAR1238I ' . $msg . ' ' . $cra['account']['account_email']
. ' ' . $cra['account']['account_language']);
$nextpage = 'new_channel';
@@ -240,38 +251,47 @@ class Regate extends \Zotlabs\Web\Controller {
return $o;
}
- if ( argc() > 1 ) {
- $did2 = hex2bin( substr( argv(1), 0, -1) );
- $didx = substr( argv(1), -1 );
- $deny = argc() > 2 ? argv(2) : '';
- $deny = preg_match('/^[0-9a-f]{8,8}$/', $deny) ? hex2bin($deny) : false;
- }
+ $isduty = zar_register_dutystate();
+ $nowfmt = $isduty['nowfmt'];
+ $atform = $isduty['atform'];
- if ($_SESSION['zar']['msg']) {
- $o = replace_macros(get_markup_template('plain.tpl'), [
- '$title' => t('Your Registration'),
- '$now' => '',
- '$infos' => $_SESSION['zar']['msg'] . EOL,
+ if ($_SESSION['zar']['delayed']) {
+ $o = replace_macros(get_markup_template('regate_pre.tpl'), [
+ '$title' => t('Registration verification'),
+ '$now' => $nowfmt,
+ '$id' => $_SESSION['zar']['id'],
+ '$pin' => $_SESSION['zar']['pin'],
+ '$regdelay' => $_SESSION['zar']['regdelay'],
+ '$regexpire' => $_SESSION['zar']['regexpire'],
+ '$strings' => [
+ t('Hold on, you can start verification in'),
+ t('Please remember your verification token for ID'),
+ t('Token validity')
+ ]
]);
- unset($_SESSION['zar']['msg']);
+ unset($_SESSION['zar']['delayed']);
return $o;
}
- $now = datetime_convert();
- $ip = $_SERVER['REMOTE_ADDR'];
+ if (argc() < 2)
+ return;
- $isduty = zar_register_dutystate();
- $nowfmt = $isduty['nowfmt'];
- $atform = $isduty['atform'];
-
- $pin = $_SESSION['zar']['pin'] ?? '';
- unset($_SESSION['zar']['pin']);
+ $did2 = hex2bin( substr( argv(1), 0, -1) );
+ $didx = substr( argv(1), -1 );
+ $deny = argc() > 2 ? argv(2) : '';
+ $deny = preg_match('/^[0-9a-f]{8,8}$/', $deny) ? hex2bin($deny) : false;
+ $now = datetime_convert();
+ $ip = $_SERVER['REMOTE_ADDR'];
+ $pin = '';
- $title = t('Register Verification');
+ if(isset($_SESSION['zar']['pin'])) {
+ $pin = $_SESSION['zar']['pin'];
+ unset($_SESSION['zar']['pin']);
+ }
// do we have a valid dId2 ?
- if (($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) || ($didx == 'e')) {
+ if (($didx == 'a' && substr( $did2 , -2) == substr( base_convert( md5( substr( $did2, 1, -2) ),16 ,10), -2)) || ($didx == 'e') || ($didx == 'i')) {
$r = q("SELECT * FROM register WHERE reg_vital = 1 AND reg_didx = '%s' AND reg_did2 = '%s' ORDER BY reg_created DESC",
dbesc($didx),
@@ -285,14 +305,15 @@ class Regate extends \Zotlabs\Web\Controller {
$resend = ($r['reg_didx'] == 'e') ? t('Resend') : false;
// is still only instance admins intervention required?
- if ( $r['reg_flags'] == ACCOUNT_PENDING ) {
- $o = replace_macros(get_markup_template('plain.tpl'), [
- '$title' => t('Register Verification Status'),
- '$now' => $nowfmt,
- '$infos' => t('Verification successful!') . EOL
- . t('After your account has been approved by our administrator you will be able to login with your ID') . EOL
- . $did2 . EOL
- . t('and your provided password.')
+ if ($r['reg_flags'] == ACCOUNT_PENDING) {
+ $o = replace_macros(get_markup_template('regate_post.tpl'), [
+ '$title' => t('Registration status'),
+ '$id' => $did2,
+ '$strings' => [
+ t('Verification successful!'),
+ t('Your login ID is'),
+ t('After your account has been approved by our administrator you will be able to login with your login ID and your provided password.')
+ ]
]);
}
else {
@@ -300,14 +321,11 @@ class Regate extends \Zotlabs\Web\Controller {
if ($deny) {
if (substr($r['reg_hash'],0,4) == $deny) {
-
zar_log('ZAR1134S email verfication denied ' . $did2);
- $msg = 'ZAR1133A' . ' ' . t('Sorry for any inconvience. Thank you for your response.');
$o = replace_macros(get_markup_template('plain.tpl'), [
- '$title' => t('Registration request denied'),
- '$now' => $nowf,
- '$infos' => $msg . EOL,
+ '$title' => t('Registration request revoked'),
+ '$infos' => t('Sorry for any inconvience. Thank you for your response.')
]);
$reonar = json_decode( $r['reg_stuff'], true);
@@ -330,14 +348,18 @@ class Regate extends \Zotlabs\Web\Controller {
if ( $r['reg_startup'] <= $now && $r['reg_expires'] >= $now) {
$o = replace_macros(get_markup_template('regate.tpl'), [
'$form_security_token' => get_form_security_token("regate"),
- '$title' => $title,
- '$desc' => $pin ? t('Please enter your validation token') . ' <code class="inline-code">' . $pin . '</code>' : t('Please enter your validation token'),
- '$did2' => bin2hex($did2) . $didx,
- '$now' => $nowfmt,
- '$atform' => $atform,
- '$resend' => $resend,
- '$submit' => t('Submit'),
- '$acpin' => [ 'acpin', t('Validation token'),'','' ]
+ '$title' => t('Registration verification'),
+ '$desc' => t('Please enter your verification token for ID'),
+ '$id' => $did2,
+ // we might consider to not provide $pin if a registration delay is configured
+ // and the pin turns out to be readable by bots
+ '$pin' => $pin,
+ '$did2' => bin2hex($did2) . $didx,
+ '$now' => $nowfmt,
+ '$atform' => $atform,
+ '$resend' => $resend,
+ '$submit' => t('Submit'),
+ '$acpin' => [ 'acpin', t('Verification token'),'','' ]
]);
}
else {
@@ -346,38 +368,48 @@ class Regate extends \Zotlabs\Web\Controller {
$rd = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d ",
intval($r['reg_id'])
);
+
+ $o = replace_macros(get_markup_template('plain.tpl'), [
+ '$infos' => t('ID expired'),
+ ]);
+
+ return $o;
}
- $o = replace_macros(get_markup_template('plain.tpl'), [
- '$title' => $title,
- '$now' => $nowf,
+ $o = replace_macros(get_markup_template('regate_pre.tpl'), [
+ '$title' => t('Registration verification'),
+ '$now' => $nowfmt,
+ '$id' => $did2,
'$countdown' => datetime_convert('UTC', 'UTC', $r['reg_startup'], 'c'),
- '$infos' => 'ZAR1132W' . ' ' . t('Request not inside time frame') . EOL,
+ '$strings' => [
+ t('Hold on, you can start verification in'),
+ t('You will require the verification token for ID')
+ ]
]);
}
}
}
}
else {
- $msg = 'ZAR1132E' . ' ' . t('Identity unknown');
- zar_log($msg . ':' . $did2 . ',' . $didx);
+ $msg = t('Unknown or expired ID');
+ zar_log('ZAR1132E ' . $msg . ':' . $did2 . ',' . $didx);
$o = replace_macros(get_markup_template('plain.tpl'), [
'$title' => $title,
- '$now' => $nowf,
- '$infos' => $msg . EOL,
+ '$now' => $nowfmt,
+ '$infos' => $msg
]);
}
}
else {
- $msg = 'ZAR1131E ' . t('dId2 mistaken');
+ $msg = 'ZAR1131E ' . t('dId2 malformed');
// $log = ' from § ' . $ip . ' §' . ' (' . dbesc($did2) . ')';
zar_log($msg);
$o = replace_macros(get_markup_template('plain.tpl'), [
'$title' => $title,
- '$now' => $nowf,
- '$infos' => ($msg) . EOL,
- ]);
+ '$now' => $nowfmt,
+ '$infos' => $msg
+ ]);
}
return $o;
diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php
index d076d9ccf..601828d5c 100644
--- a/Zotlabs/Module/Register.php
+++ b/Zotlabs/Module/Register.php
@@ -6,6 +6,8 @@ use App;
use Zotlabs\Web\Controller;
require_once('include/security.php');
+require_once('include/channel.php');
+
class Register extends Controller {
@@ -59,66 +61,74 @@ class Register extends Controller {
*/
- $act = q("SELECT COUNT(*) AS act FROM account")[0]['act'];
- $duty = zar_register_dutystate();
- $is247 = false;
- $ip = $_SERVER['REMOTE_ADDR'];
- $sameip = intval(get_config('system','register_sameip'));
-
- $arr = $_POST;
- $invite_code = ( (x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : '');
- $email = ( (x($arr,'email')) ? notags(punify(trim($arr['email']))) : '');
- $password = ( (x($arr,'password')) ? trim($arr['password']) : '');
- $password2 = ( (x($arr,'password2')) ? trim($arr['password2']) : '');
-
- $reonar = array();
+ $act = q("SELECT COUNT(*) AS act FROM account")[0]['act'];
+ $duty = zar_register_dutystate();
+ $is247 = false;
+ $ip = $_SERVER['REMOTE_ADDR'];
+ $sameip = intval(get_config('system','register_sameip'));
+ $arr = $_POST;
+ $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : '');
+ $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : '');
+ $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : '');
+ $name = '';
+ $nick = '';
+ $email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : '');
+ $password = ((x($arr,'password')) ? trim($arr['password']) : '');
+ $password2 = ((x($arr,'password2')) ? trim($arr['password2']) : '');
+ $register_msg = ((x($arr,'register_msg')) ? notags(trim($arr['register_msg'])) : '');
+
+ $reonar = [];
+ $auto_create = get_config('system','auto_channel_create', 1);
+ if($auto_create) {
+ $name = escape_tags(trim($arr['name']));
- // case when an invited prepares the own account by supply own pw, accept tos, prepage channel (if auto)
- if ($email && $invite_code) {
- if ( preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email ) ) {
- if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) {
- $is247 = true;
- }
+ $name_error = validate_channelname($name);
+ if($name_error) {
+ notice($name_error . EOL);
+ return $ret;
}
- }
-
-/*
- // assume someone tries to validate (dId2 C/D/E), because only field email entered
- if ( $email && ( ! $invite_code ) && ( ! $password ) && ( ! $_POST['password2'] ) ) {
- // dId2 logic
-
- if ( preg_match('/^\@{1,1}.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email ) ) {
- // dId2 C channel - ffu
+ $nick = mb_strtolower(escape_tags(trim($arr['nickname'])));
+ if(!$nick) {
+ notice(t('Nickname is required.'));
+ return;
}
- if ( preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email ) ) {
- // dId2 E email
- goaway(z_root() . '/regate/' . bin2hex($email) . 'e' );
+ if($nick === 'sys') {
+ notice(t('Reserved nickname. Please choose another.') . EOL);
+ return;
}
- if ( preg_match('/^d{1,1}[0-9]{5,10}$/', $email ) ) {
- // dId2 A artifical & anonymous
- goaway(z_root() . '/regate/' . bin2hex($email) . 'a' );
+ if(check_webbie([$nick]) !== $nick) {
+ notice(t('Nickname has unsupported characters or is already being used on this site.') . EOL);
+ return;
}
-
}
-*/
- $email_verify = get_config('system','verify_email');
- if ($email_verify && ! $email) {
+
+ $email_verify = get_config('system', 'verify_email');
+ if ($email_verify && !$email) {
notice(t('Email address required') . EOL);
return;
}
if ($email) {
- if ( ! preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $_POST['email'] ) ) {
+ if (! preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email)) {
// msg!
notice(t('Not a valid email address') . EOL);
return;
}
}
+ // case when an invited prepares the own account by supply own pw, accept tos, prepage channel (if auto)
+ if ($email && $invite_code) {
+ if ( preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email ) ) {
+ if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) {
+ $is247 = true;
+ }
+ }
+ }
+
if ($act > 0 && !$is247 && !$duty['isduty']) {
// normally (except very 1st timr after install), that should never arrive here (ie js hack or sth like)
// log suitable for f2b also
@@ -127,12 +137,13 @@ class Register extends Controller {
return;
}
- if ($sameip && !$is247) {
+ if ($sameip) {
$f = q("SELECT COUNT(reg_atip) AS atip FROM register WHERE reg_vital = 1 AND reg_atip = '%s' ",
dbesc($ip)
);
- if ($f && $f[0]['atip'] > $sameip) {
+ if ($f && $f[0]['atip'] >= $sameip) {
$logmsg = 'ZAR0239S Exceeding same ip register request of ' . $sameip;
+ notice('Registrations from same IP exceeded.');
zar_log($logmsg);
return;
}
@@ -163,6 +174,9 @@ class Register extends Controller {
return;
}
+ $salt = random_string(32);
+ $password = $salt . ',' . hash('whirlpool', $salt . $password);
+
// accept tos
if(! x($_POST,'tos')) {
// msg!
@@ -170,11 +184,9 @@ class Register extends Controller {
return;
}
-
$policy = get_config('system','register_policy');
$invonly = get_config('system','invitation_only');
$invalso = get_config('system','invitation_also');
- $auto_create = get_config('system','auto_channel_create', 1);
switch($policy) {
@@ -210,36 +222,23 @@ class Register extends Controller {
if ($invonly || $invalso) {
$reg = q("SELECT * from register WHERE reg_vital = 1 AND reg_didx = 'i' AND reg_hash = '%s'",
- dbesc($invite_code));
+ dbesc($invite_code)
+ );
- if ( $reg && count($reg) == 1 ) {
+ if ($reg && count($reg) == 1) {
$reg = $reg[0];
if ($reg['reg_email'] == ($email)) {
if ($reg['reg_startup'] <= $now && $reg['reg_expires'] >= $now) {
- // is invitor admin
- $isa = get_account_by_id($reg['reg_uid']);
- $isa = ( $isa && ($isa['account_roles'] && ACCOUNT_ROLE_ADMIN) );
-
- // approve contra invite by admin
- if ($isa && $policy == REGISTER_APPROVE)
- $flags &= $flags ^ ACCOUNT_PENDING;
-
- // if $flags == 0 ??
+ if ($auto_create) {
+ $reonar['chan.name'] = $name;
+ $reonar['chan.did1'] = $nick;
+ }
- // transit ?
-
- // update reg vital 0 off
- //$icdone = q("UPDATE register SET reg_vital = 0 WHERE reg_id = %d ",
- //intval($reg['reg_id'])
- //);
-
- // update DB flags, password
- // TODO: what else?
- q("UPDATE register set reg_flags = %d, reg_pass = '%s', reg_stuff = '%s' WHERE reg_id = '%s'",
- intval($flags),
- dbesc(bin2hex($password)),
+ q("UPDATE register set reg_pass = '%s', reg_stuff = '%s' WHERE reg_id = '%s'",
+ dbesc($password),
+ dbesc(json_encode($reonar)),
intval($reg['reg_id'])
);
@@ -248,9 +247,12 @@ class Register extends Controller {
// msg!
info($msg . EOL);
+
// the invitecode has verified us and we have all the info we need
// take the shortcut.
+ $_SESSION['zar']['invite_in_progress'] = true;
+
$mod = new Regate();
$_REQUEST['form_security_token'] = get_form_security_token("regate");
App::$argc = 2;
@@ -350,16 +352,15 @@ class Register extends Controller {
$reonar['from'] = get_config('system', 'from_email');
$reonar['to'] = $email;
$reonar['subject'] = sprintf( t('Registration confirmation for %s'), get_config('system','sitename'));
- $reonar['txtpersonal']= t('Valid from') . ' ' . $regdelay . ' UTC' . t('and expire') . ' ' . $regexpire . ' UTC';
$reonar['txttemplate']= replace_macros(get_intltext_template('register_verify_member.tpl'),
[
- '$sitename' => get_config('system','sitename'),
- '$siteurl' => z_root(),
- '$email' => $email,
- '$due' => $reonar['txtpersonal'],
- '$mail' => bin2hex($email) . 'e',
- '$ko' => bin2hex(substr($empin,0,4)),
- '$hash' => $empin
+ '$sitename' => get_config('system','sitename'),
+ '$siteurl' => z_root(),
+ '$email' => $email,
+ '$timeframe' => [$regdelay, $regexpire],
+ '$mail' => bin2hex($email) . 'e',
+ '$ko' => bin2hex(substr($empin,0,4)),
+ '$hash' => $empin
]
);
pop_lang();
@@ -378,13 +379,14 @@ class Register extends Controller {
}
}
- if ( $auto_create ) {
- $reonar['chan.name'] = notags(trim($arr['name']));
- $reonar['chan.did1'] = notags(trim($arr['nickname']));
+ if ($auto_create) {
+ $reonar['chan.name'] = $name;
+ $reonar['chan.did1'] = $nick;
}
- $salt = random_string(32);
- $password = $salt . ',' . hash('whirlpool', $salt . $password);
+ if ($policy == REGISTER_APPROVE) {
+ $reonar['msg'] = $register_msg;
+ }
$reg = q("INSERT INTO register ("
. "reg_flags,reg_didx,reg_did2,reg_hash,reg_created,reg_startup,reg_expires,"
@@ -401,7 +403,7 @@ class Register extends Controller {
dbesc($password),
dbesc(substr(get_best_language(),0,2)),
dbesc($ip),
- dbesc(json_encode( $reonar ))
+ dbesc(json_encode($reonar))
);
if ($didx == 'a') {
@@ -425,14 +427,11 @@ class Register extends Controller {
if($reg_delayed) {
// this could be removed to make registration harder
+ $_SESSION['zar']['id'] = 'd' . $didnew;
$_SESSION['zar']['pin'] = $pass2;
-
- $_SESSION['zar']['msg'] = t('Your validation token is') . EOL
- . '<h3>' . $pass2 . '</h3>' . EOL
- . t('Hold on, you can continue verification in')
- . '<div class="d-none"><code class="inline-code"><span id="register_start" data-utc="' . datetime_convert('UTC', 'UTC', $regdelay, 'c') . '" class="register_date">' . datetime_convert('UTC', 'UTC', $regdelay, 'c') . '</span></code> ' . t('and') . ' <code class="inline-code"><span data-utc="' . datetime_convert('UTC', 'UTC', $regexpire, 'c') . '" class="register_date">' . datetime_convert('UTC', 'UTC', $regexpire, 'c') . '</span></code></div>'
- //. t('Please come back to this page in the requested timeframe or wait for the countdown to complete.')
- ;
+ $_SESSION['zar']['delayed'] = true;
+ $_SESSION['zar']['regdelay'] = datetime_convert('UTC', 'UTC', $regdelay, 'c');
+ $_SESSION['zar']['regexpire'] = datetime_convert('UTC', 'UTC', $regexpire, 'c');
}
else {
$_SESSION['zar']['pin'] = $pass2;
@@ -493,10 +492,6 @@ class Register extends Controller {
if ( $opal['is'])
$duty['atform'] = 'disabled';
- $privacy_role = ((x($_REQUEST,'permissions_role')) ? $_REQUEST['permissions_role'] : "");
-
- $perm_roles = \Zotlabs\Access\PermissionRoles::roles();
-
// Configurable terms of service link
$tosurl = get_config('system','tos_url');
if(! $tosurl)
@@ -521,7 +516,6 @@ class Register extends Controller {
$enable_tos = 1 - intval(get_config('system','no_termsofservice'));
$auto_create = get_config('system', 'auto_channel_create', 1);
- $default_role = get_config('system','default_permissions_role');
$email_verify = get_config('system','verify_email');
$emailval = ((x($_REQUEST,'email')) ? strip_tags(trim($_REQUEST['email'])) : "");
@@ -538,38 +532,21 @@ class Register extends Controller {
$invite_code = array('invite_code', t('Please enter your invitation code'), ((x($_REQUEST,'invite_code')) ? strip_tags(trim($_REQUEST['invite_code'])) : ""));
- //
- $name = array('name', t('Your name'),
- ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Real names are preferred.'));
+ $name = array('name', t('Your name'), ((x($_REQUEST,'name')) ? $_REQUEST['name'] : ''), t('Real name is preferred'), '', '', $duty['atform']);
$nickhub = '@' . str_replace(array('http://','https://','/'), '', get_config('system','baseurl'));
- $nickname = array('nickname', t('Choose a short nickname'),
- ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''),
- sprintf( t('Your nickname will be used to create an easy to remember channel address e.g. nickname%s'),
- $nickhub));
- $role = array('permissions_role' , t('Channel role and privacy'),
- ($privacy_role) ? $privacy_role : 'social',
- t('Select a channel permission role for your usage needs and privacy requirements.')
- . ' <a href="help/member/member_guide#Channel_Permission_Roles" target="_blank">'
- . t('Read more about channel permission roles')
- . '</a>',$perm_roles);
- //
+ $nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), t('Your nickname will be used to create an easy to remember channel address'), '', '', $duty['atform']);
- $tos = array('tos', $label_tos, '', '', array(t('no'),t('yes')));
+ $tos = array('tos', $label_tos, ((x($_REQUEST,'tos')) ? $_REQUEST['tos'] : ''), '', [t('No'),t('Yes')], $duty['atform']);
+ $register_msg = ['register_msg', t('Why do you want to join this hub?'), ((x($_REQUEST,'register_msg')) ? $_REQUEST['register_msg'] : ''), t('This will help to review your registrtation')];
require_once('include/bbcode.php');
$o = replace_macros(get_markup_template('register.tpl'), array(
-
- '$tao' => "typeof(window.tao) == 'undefined' ? window.tao = {} : '';\n"
- . "tao.zar = { vsn: '2.0.0', form: {}, msg: {} };\n"
- . "tao.zar.patano = /^d[0-9]{5,10}$/;\n"
- . "tao.zar.patema = /^[a-z0-9.-]{1,64}@[a-z0-9.-]{2,32}\.[a-z]{2,12}$/;\n"
- . "tao.zar.msg.ZAR0239E = '" . t('Email address not valid') . "';\n",
-
'$form_security_token' => get_form_security_token("register"),
'$title' => t('Registration'),
'$reg_is' => $registration_is,
+ '$register_msg' => $register_msg,
'$registertext' => bbcode(get_config('system','register_text')),
'$other_sites' => $other_sites,
'$msg' => $opal['msg'],
@@ -580,8 +557,6 @@ class Register extends Controller {
'$atform' => $duty['atform'],
'$auto_create' => $auto_create,
'$name' => $name,
- '$role' => $role,
- '$default_role' => $default_role,
'$nickname' => $nickname,
'$enable_tos' => $enable_tos,
'$tos' => $tos,
@@ -592,7 +567,8 @@ class Register extends Controller {
'$pass1' => $password,
'$pass2' => $password2,
'$submit' => t('Register'),
- //'$verify_note' => (($email_verify) ? t('This site requires verification. After completing this form, please check the notice or your email for further instructions.') : '')
+ '$nickhub' => $nickhub
+
));
return $o;
diff --git a/Zotlabs/Module/Sse_bs.php b/Zotlabs/Module/Sse_bs.php
index 271d040fd..cc67c8eb7 100644
--- a/Zotlabs/Module/Sse_bs.php
+++ b/Zotlabs/Module/Sse_bs.php
@@ -688,6 +688,10 @@ class Sse_bs extends Controller {
if(! self::$uid && ! is_site_admin())
return $result;
+ $policy = intval(get_config('system','register_policy'));
+ if(($policy & REGISTER_APPROVE) != REGISTER_APPROVE)
+ return $result;
+
if(! (self::$vnotify & VNOTIFY_REGISTER))
return $result;
diff --git a/Zotlabs/Module/Wfinger.php b/Zotlabs/Module/Wfinger.php
index 6f2864615..46da7f007 100644
--- a/Zotlabs/Module/Wfinger.php
+++ b/Zotlabs/Module/Wfinger.php
@@ -20,6 +20,8 @@ class Wfinger extends \Zotlabs\Web\Controller {
$scheme = 'https';
elseif(x($_SERVER,'SERVER_PORT') && (intval($_SERVER['SERVER_PORT']) == 443))
$scheme = 'https';
+ elseif(x($_SERVER,'HTTP_X_FORWARDED_PROTO') && ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'))
+ $scheme = 'https';
$zot = intval($_REQUEST['zot']);