actions/apiaccountregister.php

   1 <?php
   2
   3 /**
   4  * StatusNet, the distributed open-source microblogging tool
   5  *
   6  * Register account
   7  *
   8  * PHP version 5
   9  *
  10  * LICENCE: This program is free software: you can redistribute it and/or modify
  11  * it under the terms of the GNU Affero General Public License as published by
  12  * the Free Software Foundation, either version 3 of the License, or
  13  * (at your option) any later version.
  14  *
  15  * This program is distributed in the hope that it will be useful,
  16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18  * GNU Affero General Public License for more details.
  19  *
  20  * You should have received a copy of the GNU Affero General Public License
  21  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  22  *
  23  * @category  API
  24  * @package   GNUSocial
  25  * @author    Hannes Mannerheim <h@nnesmannerhe.im>
  26  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  27  * @link      http://www.gnu.org/software/social/
  28  */
  29
  30 if (!defined('GNUSOCIAL')) { exit(1); }
  31
  32 class ApiAccountRegisterAction extends ApiAction
  33 {
  34
  35     /**
  36      * Has there been an error?
  37      */
  38     var $error = null;
  39
  40     /**
  41      * Have we registered?
  42      */
  43     var $registered = false;
  44
  45     /**
  46      * Are we processing an invite?
  47      */
  48     var $invite = null;
  49
  50     /**
  51      * Take arguments for running
  52      *
  53      * @param array $args $_REQUEST args
  54      *
  55      * @return boolean success flag
  56      */
  57     function prepare($args)
  58     {
  59         parent::prepare($args);
  60         $this->code = $this->trimmed('code');
  61
  62         if (empty($this->code)) {
  63             common_ensure_session();
  64             if (array_key_exists('invitecode', $_SESSION)) {
  65                 $this->code = $_SESSION['invitecode'];
  66             }
  67         }
  68
  69         if (common_config('site', 'inviteonly') && empty($this->code)) {
  70             // TRANS: Client error displayed when trying to register to an invite-only site without an invitation.
  71             $this->clientError(_('Sorry, only invited people can register.'),404,'json');
  72             return false;
  73         }
  74
  75         if (!empty($this->code)) {
  76             $this->invite = Invitation::staticGet('code', $this->code);
  77             if (empty($this->invite)) {
  78             // TRANS: Client error displayed when trying to register to an invite-only site without a valid invitation.
  79                     $this->clientError(_('Sorry, invalid invitation code.'),404,'json');
  80                 return false;
  81             }
  82             // Store this in case we need it
  83             common_ensure_session();
  84             $_SESSION['invitecode'] = $this->code;
  85         }
  86
  87         return true;
  88     }
  89
  90     /**
  91      * Handle the request
  92      *
  93      * @param array $args $_REQUEST data (unused)
  94      *
  95      * @return void
  96      */
  97     function handle($args)
  98     {
  99         parent::handle($args);
 100
 101         if ($_SERVER['REQUEST_METHOD'] != 'POST') {
 102             $this->clientError(
 103                 _('This method requires a POST.'),
 104                 400, $this->format
 105             );
 106             return;
 107
 108         } else {
 109
 110             $nickname = $this->trimmed('nickname');
 111             $email    = $this->trimmed('email');
 112             $fullname = $this->trimmed('fullname');
 113             $homepage = $this->trimmed('homepage');
 114             $bio      = $this->trimmed('bio');
 115             $location = $this->trimmed('location');
 116
 117             // We don't trim these... whitespace is OK in a password!
 118             $password = $this->arg('password');
 119             $confirm  = $this->arg('confirm');
 120
 121             // invitation code, if any
 122             $code = $this->trimmed('code');
 123
 124             if ($code) {
 125                 $invite = Invitation::staticGet($code);
 126             }
 127
 128             if (common_config('site', 'inviteonly') && !($code && $invite)) {
 129                 // TRANS: Client error displayed when trying to register to an invite-only site without an invitation.
 130                     $this->clientError(_('Sorry, only invited people can register.'),404,'json');
 131                 return;
 132             }
 133
 134             // Input scrubbing
 135             try {
 136                 $nickname = Nickname::normalize($nickname);
 137             } catch (NicknameException $e) {
 138                 $this->showForm($e->getMessage());
 139             }
 140             $email    = common_canonical_email($email);
 141
 142                         if ($email && !Validate::email($email, common_config('email', 'check_domain'))) {
 143                 // TRANS: Form validation error displayed when trying to register without a valid e-mail address.
 144                     $this->clientError(_('Not a valid email address.'),404,'json');
 145             } else if ($this->nicknameExists($nickname)) {
 146                 // TRANS: Form validation error displayed when trying to register with an existing nickname.
 147                     $this->clientError(_('Nickname already in use. Try another one.'),404,'json');
 148             } else if (!User::allowed_nickname($nickname)) {
 149                 // TRANS: Form validation error displayed when trying to register with an invalid nickname.
 150                     $this->clientError(_('Not a valid nickname.'),404,'json');
 151             } else if ($this->emailExists($email)) {
 152                 // TRANS: Form validation error displayed when trying to register with an already registered e-mail address.
 153                     $this->clientError(_('Email address already exists.'),404,'json');
 154             } else if (!is_null($homepage) && (strlen($homepage) > 0) &&
 155                        !Validate::uri($homepage,
 156                                       array('allowed_schemes' =>
 157                                             array('http', 'https')))) {
 158                 // TRANS: Form validation error displayed when trying to register with an invalid homepage URL.
 159                     $this->clientError(_('Homepage is not a valid URL.'),404,'json');
 160                 return;
 161             } else if (!is_null($fullname) && mb_strlen($fullname) > 255) {
 162                 // TRANS: Form validation error displayed when trying to register with a too long full name.
 163                     $this->clientError(_('Full name is too long (maximum 255 characters).'),404,'json');
 164                 return;
 165             } else if (Profile::bioTooLong($bio)) {
 166                 // TRANS: Form validation error on registration page when providing too long a bio text.
 167                 // TRANS: %d is the maximum number of characters for bio; used for plural.
 168                     $this->clientError(sprintf(_m('Bio is too long (maximum %d character).',
 169                                            'Bio is too long (maximum %d characters).',
 170                                            Profile::maxBio()),
 171                                            Profile::maxBio()),404,'json');
 172                 return;
 173             } else if (!is_null($location) && mb_strlen($location) > 255) {
 174                 // TRANS: Form validation error displayed when trying to register with a too long location.
 175                     $this->clientError(_('Location is too long (maximum 255 characters).'),404,'json');
 176                 return;
 177             } else if (strlen($password) < 6) {
 178                 // TRANS: Form validation error displayed when trying to register with too short a password.
 179                     $this->clientError(_('Password must be 6 or more characters.'),404,'json');
 180                 return;
 181             } else if ($password != $confirm) {
 182                 // TRANS: Form validation error displayed when trying to register with non-matching passwords.
 183                     $this->clientError(_('Passwords do not match.'),404,'json');
 184             } else {
 185
 186                                 // annoy spammers
 187                                 sleep(7);
 188
 189                                 if ($user = User::register(array('nickname' => $nickname,
 190                                                             'password' => $password,
 191                                                             'email' => $email,
 192                                                             'fullname' => $fullname,
 193                                                             'homepage' => $homepage,
 194                                                             'bio' => $bio,
 195                                                             'location' => $location,
 196                                                             'code' => $code))) {
 197                         if (!$user) {
 198                             // TRANS: Form validation error displayed when trying to register with an invalid username or password.
 199                                     $this->clientError(_('Invalid username or password.'),404,'json');
 200                             return;
 201                         }
 202
 203                         Event::handle('EndRegistrationTry', array($this));
 204
 205                                 $this->initDocument('json');
 206                                 $this->showJsonObjects($this->twitterUserArray($user->getProfile()));
 207                                 $this->endDocument('json');
 208
 209                     } else {
 210                         // TRANS: Form validation error displayed when trying to register with an invalid username or password.
 211                         $this->clientError(_('Invalid username or password.'),404,'json');
 212                 }
 213             }
 214         }
 215     }
 216
 217
 218     /**
 219      * Does the given nickname already exist?
 220      *
 221      * Checks a canonical nickname against the database.
 222      *
 223      * @param string $nickname nickname to check
 224      *
 225      * @return boolean true if the nickname already exists
 226      */
 227     function nicknameExists($nickname)
 228     {
 229         $user = User::staticGet('nickname', $nickname);
 230         return is_object($user);
 231     }
 232
 233     /**
 234      * Does the given email address already exist?
 235      *
 236      * Checks a canonical email address against the database.
 237      *
 238      * @param string $email email address to check
 239      *
 240      * @return boolean true if the address already exists
 241      */
 242     function emailExists($email)
 243     {
 244         $email = common_canonical_email($email);
 245         if (!$email || strlen($email) == 0) {
 246             return false;
 247         }
 248         $user = User::staticGet('email', $email);
 249         return is_object($user);
 250     }
 251
 252 }