if ($user) {
if (Event::handle('StartSetUser', array(&$user))) {
- if($user){
+ if (!empty($user)) {
+ if (!$user->hasRight(Right::WEBLOGIN)) {
+ throw new AuthorizationException(_('Not allowed to log in.'));
+ }
common_ensure_session();
$_SESSION['userid'] = $user->id;
$_cur = $user;
$r = preg_replace('/[\x{0}-\x{8}\x{b}-\x{c}\x{e}-\x{19}]/', '', $r);
$r = common_replace_urls_callback($r, 'common_linkify');
- $r = preg_replace('/(^|\"\;|\'|\(|\[|\{|\s+)#([\pL\pN_\-\.]{1,64})/e', "'\\1#'.common_tag_link('\\2')", $r);
+ $r = preg_replace('/(^|\"\;|\'|\(|\[|\{|\s+)#([\pL\pN_\-\.]{1,64})/ue', "'\\1#'.common_tag_link('\\2')", $r);
// XXX: machine tags
return $r;
}
function common_canonical_tag($tag)
{
+ // only alphanum
+ $tag = preg_replace('/[^\pL\pN]/u', '', $tag);
$tag = mb_convert_case($tag, MB_CASE_LOWER, "UTF-8");
- return str_replace(array('-', '_', '.'), '', $tag);
+ $tag = substr($tag, 0, 64);
+ return $tag;
}
function common_valid_profile_tag($str)