From 94f1c001f1fe2cefd17c5d535ec1fcd0e68c8df5 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 28 Apr 2021 13:17:45 +0200 Subject: register: more testing and fixes --- Zotlabs/Module/Admin/Site.php | 27 ++++++++------- Zotlabs/Module/New_channel.php | 76 +++++++++++++++++++++--------------------- Zotlabs/Module/Regate.php | 59 +++++++++++++++++++------------- Zotlabs/Module/Register.php | 30 ++++++++--------- 4 files changed, 101 insertions(+), 91 deletions(-) (limited to 'Zotlabs') diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index ac132cf60..3b2632411 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -126,7 +126,7 @@ class Site { //logger( print_r( $this->msgbg, true) ); //logger( print_r( $this->joo, true) ); if ($this->error === 0) { - set_config('system', 'register_duty', $this->register_duty); + set_config('system', 'register_duty', $this->register_duty); set_config('system', 'register_duty_jso', $this->joo); } else { notice('ZAR0130E,'.t('Errors') . ': ' . $this->error) . EOL . $this->msgfg; @@ -320,9 +320,8 @@ class Site { REGISTER_APPROVE => t("Yes - with approval"), REGISTER_OPEN => t("Yes") ); - $this->register_duty ? get_config('system', 'register_duty') : ''; - $register_perday = get_config('system','max_daily_registrations'); - $register_perday ? '' : $register_perday = 50; + $this->register_duty = get_config('system', 'register_duty', '-:-'); + $register_perday = get_config('system','max_daily_registrations', 50); /* Acess policy */ $access_choices = Array( @@ -393,11 +392,11 @@ class Site { 'field' => array( 'name' => 'expire', 'title' => t('duration up from now'), - 'value' => ($regexpire_n === false ? 99 : $regexpire_n), + 'value' => ($regexpire_n === false ? 3 : $regexpire_n), 'min' => '0', 'max' => '99', 'size' => '2', - 'default' => ($regexpire_u === false ? 'y' : $regexpire_u) + 'default' => ($regexpire_u === false ? 'd' : $regexpire_u) ), 'rabot' => $reg_rabots ) @@ -450,7 +449,7 @@ class Site { '$register_duty' => [ 'register_duty', t('Configure the registration open days/hours'), - get_config('system', 'register_duty'), + get_config('system', 'register_duty', '-:-'), t('Empty or \'-:-\' value will keep registration open 24/7 (default)') . EOL . t('Weekdays and hours must be separated by colon \':\', From-To ranges with a dash `-` example: 1:800-1200') . EOL . t('Weekday:Hour pairs must be separated by space \' \' example: 1:900-1700 2:900-1700') . EOL . @@ -458,19 +457,22 @@ class Site { t('Advanced examples:') . ' 1-5:0900-1200,1300-1700 6:900-1230 ' . t('or') . ' 1-2,4-5:800-1800
' . EOL . '' . t('Check your configuration') . ''. EOL ], - '$register_perday' => ['register_perday', + '$register_perday' => [ + 'register_perday', t('Max account registrations per day'), get_config('system', 'max_daily_registrations', 50), t('Unlimited if zero or no value - default 50') ], - '$register_sameip' => ['register_sameip', - t('Max account registrations from same ip'), + '$register_sameip' => [ + 'register_sameip', + t('Max account registrations from same IP'), get_config('system', 'register_sameip', 3), t('Unlimited if zero or no value - default 3') ], '$reg_delay' => $reg_delay, '$reg_expire' => $reg_expire, - '$reg_autochannel' => ['auto_channel_create', + '$reg_autochannel' => [ + 'auto_channel_create', t("Auto channel create"), get_config('system','auto_channel_create', 1), t("If disabled the channel will be created in a separate step during the registration process") @@ -586,9 +588,6 @@ class Site { } } - if (! $this->register_duty) - $this->register_duty = '-:-'; - $ranges = preg_split('/\s+/', $this->register_duty); $this->msgbg .= '..ranges: ' . print_r(count($ranges),true) . $this->eol; diff --git a/Zotlabs/Module/New_channel.php b/Zotlabs/Module/New_channel.php index 98aa480fe..84d492f8f 100644 --- a/Zotlabs/Module/New_channel.php +++ b/Zotlabs/Module/New_channel.php @@ -11,7 +11,7 @@ class New_channel extends \Zotlabs\Web\Controller { function init() { $cmd = ((argc() > 1) ? argv(1) : ''); - + if($cmd === 'autofill.json') { require_once('library/urlify/URLify.php'); $result = array('error' => false, 'message' => ''); @@ -20,14 +20,14 @@ class New_channel extends \Zotlabs\Web\Controller { $x = false; if(get_config('system','unicode_usernames')) { - $x = punify(mb_strtolower($n)); + $x = punify(mb_strtolower($n)); } if((! $x) || strlen($x) > 64) $x = strtolower(\URLify::transliterate($n)); - + $test = array(); - + // first name if(strpos($x,' ')) $test[] = legal_webbie(substr($x,0,strpos($x,' '))); @@ -44,19 +44,19 @@ class New_channel extends \Zotlabs\Web\Controller { json_return_and_die(check_webbie($test)); } - + if($cmd === 'checkaddr.json') { require_once('library/urlify/URLify.php'); $result = array('error' => false, 'message' => ''); $n = trim($_REQUEST['nick']); if(! $n) { - $n = trim($_REQUEST['name']); + $n = trim($_REQUEST['name']); } $x = false; if(get_config('system','unicode_usernames')) { - $x = punify(mb_strtolower($n)); + $x = punify(mb_strtolower($n)); } if((! $x) || strlen($x) > 64) @@ -64,7 +64,7 @@ class New_channel extends \Zotlabs\Web\Controller { $test = array(); - + // first name if(strpos($x,' ')) $test[] = legal_webbie(substr($x,0,strpos($x,' '))); @@ -80,57 +80,57 @@ class New_channel extends \Zotlabs\Web\Controller { $test[] = $n; $test[] = $n . mt_rand(1000,9999); } - + for($y = 0; $y < 100; $y ++) $test[] = 'id' . mt_rand(1000,9999); - + json_return_and_die(check_webbie($test)); } - - + + } - + function post() { - + $arr = $_POST; - + $acc = \App::get_account(); $arr['account_id'] = get_account_id(); - - // prevent execution by delegated channels as well as those not logged in. + + // prevent execution by delegated channels as well as those not logged in. // get_account_id() returns the account_id from the session. But \App::$account - // may point to the original authenticated account. - + // may point to the original authenticated account. + if((! $acc) || ($acc['account_id'] != $arr['account_id'])) { notice( t('Permission denied.') . EOL ); return; } - + $result = create_identity($arr); - + if(! $result['success']) { notice($result['message']); return; } - + $newuid = $result['channel']['channel_id']; - + change_channel($result['channel']['channel_id']); - - $next_page = get_config('system', 'workflow_channel_next', 'profiles'); + + $next_page = get_config('system', 'workflow_channel_next', 'profiles'); goaway(z_root() . '/' . $next_page); - + } - + function get() { - + $acc = \App::get_account(); - + if((! $acc) || $acc['account_id'] != get_account_id()) { notice( t('Permission denied.') . EOL); return; } - + $default_role = ''; $aid = get_account_id(); if($aid) { @@ -140,7 +140,7 @@ class New_channel extends \Zotlabs\Web\Controller { if($r && (! intval($r[0]['total']))) { $default_role = get_config('system','default_permissions_role','social'); } - + $limit = account_service_class_fetch(get_account_id(),'total_identities'); $canadd = true; if($r && ($limit !== false)) { @@ -155,7 +155,7 @@ class New_channel extends \Zotlabs\Web\Controller { } $name_help = ''; - $name_help .= (($default_role) + $name_help .= (($default_role) ? t('Your real name is recommended.') : t('Examples: "Bob Jameson", "Lisa and her Horses", "Soccer", "Aviation Group"') ); @@ -176,10 +176,10 @@ class New_channel extends \Zotlabs\Web\Controller { $nickhub = '@' . \App::get_hostname(); $nickname = array('nickname', t('Choose a short nickname'), ((x($_REQUEST,'nickname')) ? $_REQUEST['nickname'] : ''), $nick_help, "*"); $role = array('permissions_role' , t('Channel role and privacy'), ($privacy_role) ? $privacy_role : 'social', t('Select a channel permission role compatible with your usage needs and privacy requirements.') . '
' . '' . t('Read more about channel permission roles') . '',$perm_roles); - + $o = replace_macros(get_markup_template('new_channel.tpl'), array( '$title' => t('Create a Channel'), - '$desc' => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things.') , + '$desc' => t('A channel is a unique network identity. It can represent a person (social network profile), a forum (group), a business or celebrity page, a newsfeed, and many other things.') , '$label_import' => t('or import an existing channel from another location.'), '$name' => $name, '$role' => $role, @@ -190,10 +190,10 @@ class New_channel extends \Zotlabs\Web\Controller { '$channel_usage_message' => $channel_usage_message, '$canadd' => $canadd )); - + return $o; - + } - - + + } diff --git a/Zotlabs/Module/Regate.php b/Zotlabs/Module/Regate.php index 6c4aeec3e..155f818ef 100644 --- a/Zotlabs/Module/Regate.php +++ b/Zotlabs/Module/Regate.php @@ -151,41 +151,54 @@ class Regate extends \Zotlabs\Web\Controller { zar_log('ZAR1238I ' . $msg . ' ' . $cra['account']['account_email'] . ' ' . $cra['account']['account_language']); + authenticate_success($cra['account'],null,true,false,true); + $nextpage = 'new_channel'; - $auto_create = get_config('system','auto_channel_create',1); + $auto_create = get_config('system', 'auto_channel_create', 1); if($auto_create) { - // prepare channel creation - if($reonar['chan.name']) - set_aconfig($cra['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']); - if($reonar['chan.did1']) - set_aconfig($cra['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']); + $new_channel = ['success' => false]; - $permissions_role = get_config('system','default_permissions_role'); - if($permissions_role) - set_aconfig($cra['account']['account_id'], 'register', 'permissions_role', $permissions_role); - } + // We do not reserve a channel_address before the registration is verified + // and possibly approved by the admin. + // If the provided channel_address has been claimed meanwhile, + // we will proceed to /new_channel. - authenticate_success($cra['account'],null,true,false,true); + if(isset($reonar['chan.did1']) && check_webbie([$reonar['chan.did1']])) { - if($auto_create) { - // create channel - $new_channel = auto_channel_create($cra['account']['account_id']); - - if($new_channel['success']) { - $channel_id = $new_channel['channel']['channel_id']; - change_channel($channel_id); - $nextpage = 'profiles/' . $channel_id; - $msg_code = 'ZAR1239I'; - $msg = t('Channel successfull created') . ' ' . $did2; + // prepare channel creation + if($reonar['chan.name']) + set_aconfig($cra['account']['account_id'], 'register', 'channel_name', $reonar['chan.name']); + + if($reonar['chan.did1']) + set_aconfig($cra['account']['account_id'], 'register', 'channel_address', $reonar['chan.did1']); + + $permissions_role = get_config('system','default_permissions_role'); + if($permissions_role) + set_aconfig($cra['account']['account_id'], 'register', 'permissions_role', $permissions_role); + + // create channel + $new_channel = auto_channel_create($cra['account']['account_id']); + + if($new_channel['success']) { + $channel_id = $new_channel['channel']['channel_id']; + change_channel($channel_id); + $nextpage = 'profiles/' . $channel_id; + $msg_code = 'ZAR1239I'; + $msg = t('Channel successfull created') . ' ' . $did2; + } } - else { + + if(!$new_channel['success']) { $msg_code = 'ZAR1239E'; - $msg = t('Channel still not created') . ' ' . $did2; + $msg = t('Automatic channel creation failed. Please create a channel.') . ' ' . $did2; + $nextpage = 'new_channel?name=' . $reonar['chan.name']; } + zar_log($msg_code . ' ' . $msg . ' ' . $reonar['chan.did1'] . ' (' . $reonar['chan.name'] . ')'); + } unset($_SESSION['login_return_url']); } diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index 99e59dd77..bb87a1933 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -47,7 +47,6 @@ class Register extends Controller { } } - function post() { check_form_security_token_redirectOnErr('/register', 'register'); @@ -64,7 +63,7 @@ class Register extends Controller { $act = q("SELECT COUNT(*) AS act FROM account")[0]['act']; $is247 = false; $ip = $_SERVER['REMOTE_ADDR']; - $sameip = intval(get_config('system','register_sameip')); + $sameip = intval(get_config('system','register_sameip', 3)); $arr = $_POST; $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); @@ -117,19 +116,18 @@ class Register extends Controller { } if ($email) { - if (! preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email)) { + $email_result = check_account_email($email); + if ($email_result['error']) { // msg! - notice(t('Not a valid email address') . EOL); + notice(t($email_result['message']) . EOL); return; } } // case when an invited prepares the own account by supply own pw, accept tos, prepage channel (if auto) if ($email && $invite_code) { - if ( preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email ) ) { - if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) { - $is247 = true; - } + if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) { + $is247 = true; } } @@ -156,16 +154,16 @@ class Register extends Controller { // s2 max daily // msg? - if ( !$is247 && self::check_reg_limits()['is'] ) return; + if (!$is247 && self::check_reg_limits()['is']) return; - if(!$password) { + if (!$password) { // msg! notice(t('No password provided') . EOL); return; } // pw1 == pw2 - if($password !== $password2) { + if ($password !== $password2) { // msg! notice(t('Passwords do not match') . EOL); return; @@ -337,11 +335,11 @@ class Register extends Controller { if($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE ) { - $cfgdelay = get_config( 'system', 'register_delay' ); + $cfgdelay = get_config('system', 'register_delay', '0i'); $reg_delayed = calculate_adue( $cfgdelay ); $regdelay = (($reg_delayed) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_delayed['due']) : $now); - $cfgexpire = get_config('system','register_expire' ); + $cfgexpire = get_config('system', 'register_expire', '3d'); $reg_expires = calculate_adue( $cfgexpire ); $regexpire = (($reg_expires) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_expires['due']) : datetime_convert('UTC', 'UTC', 'now + 99 years')); @@ -583,9 +581,9 @@ class Register extends Controller { // check against register, account $rear = array( 'is' => false, 'rn' => 0, 'an' => 0, 'msg' => '' ); - $max_dailies = intval(get_config('system','max_daily_registrations')); + $max_dailies = intval(get_config('system', 'max_daily_registrations', 50)); - if ( $max_dailies ) { + if ($max_dailies) { $r = q("SELECT COUNT(reg_id) AS nr FROM register WHERE reg_vital = 1 AND reg_created > %s - INTERVAL %s", db_utcnow(), db_quoteinterval('1 day') @@ -594,7 +592,7 @@ class Register extends Controller { $rear['is'] = ( $r && $r[0]['nr'] >= $max_dailies ) ? true : false; $rear['rn'] = $r[0]['nr']; - if ( !$rear['is']) { + if (!$rear['is']) { $r = q("SELECT COUNT(account_id) AS nr FROM account WHERE account_created > %s - INTERVAL %s", db_utcnow(), db_quoteinterval('1 day') ); -- cgit v1.2.3