]> git.mxchange.org Git - friendica.git/blobdiff - mod/register.php
projects / friendica.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'master' of git://github.com/friendika/friendika
[friendica.git] / mod / register.php
diff --git a/mod/register.php b/mod/register.php
index 68c7297c90267a571a38b2202b766bd1f47905bc..fcc9ebcab522fbf8585d2a838b9ee04c05060fd3 100644 (file)
--- a/mod/register.php
+++ b/mod/register.php
@@ -37,8 +37,13 @@ function register_post(&$a) {
        $openid_url = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : '');
        $photo      = ((x($_POST,'photo'))      ? notags(trim($_POST['photo']))      : '');
 
+       $tmp_str = $openid_url;
        if((! x($username)) || (! x($email)) || (! x($nickname))) {
                if($openid_url) {
+                       if(! validate_url($tmp_str)) {
+                               notice( t('Invalid OpenID url') . EOL);
+                               return;
+                       }
                        $_SESSION['register'] = 1;
                        $_SESSION['openid'] = $openid_url;
                        require_once('library/openid.php');
@@ -82,6 +87,12 @@ function register_post(&$a) {
        if((! valid_email($email)) || (! validate_email($email)))
                $err .= t('Not a valid email address.') . EOL;
 
+       // Disallow somebody creating an account using openid that uses the admin email address,
+       // since openid bypasses email verification.
+
+       if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url))
+               $err .= t('Cannot use that email.') . EOL;
+
        $nickname = $_POST['nickname'] = strtolower($nickname);
 
        if(! preg_match("/^[a-z][a-z0-9\-\_]*$/",$nickname))
Unnamed repository; edit this file 'description' to name the repository.