<?php
-
/**
- * @file src/Model/User.php
- * This file includes the User class with user related database functions
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
*/
namespace Friendica\Model;
use DivineOmega\PasswordExposed;
use Exception;
-use Friendica\Core\Config;
+use Friendica\Content\Pager;
use Friendica\Core\Hook;
use Friendica\Core\L10n;
use Friendica\Core\Logger;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\TwoFactor\AppSpecificPassword;
+use Friendica\Network\HTTPException\InternalServerErrorException;
use Friendica\Object\Image;
use Friendica\Util\Crypto;
use Friendica\Util\DateTimeFormat;
* @param string $network network name
*
* @return int group id
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws InternalServerErrorException
*/
public static function getDefaultGroup($uid, $network = '')
{
throw new Exception(DI::l10n()->t('Empty passwords are not allowed.'));
}
- if (!Config::get('system', 'disable_password_exposed', false) && self::isPasswordExposed($password)) {
+ if (!DI::config()->get('system', 'disable_password_exposed', false) && self::isPasswordExposed($password)) {
throw new Exception(DI::l10n()->t('The new password has been exposed in a public data dump, please choose another.'));
}
*
* @param string $nickname The nickname that should be checked
* @return boolean True is the nickname is blocked on the node
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws InternalServerErrorException
*/
public static function isNicknameBlocked($nickname)
{
- $forbidden_nicknames = Config::get('system', 'forbidden_nicknames', '');
+ $forbidden_nicknames = DI::config()->get('system', 'forbidden_nicknames', '');
// if the config variable is empty return false
if (empty($forbidden_nicknames)) {
* @param array $data
* @return array
* @throws \ErrorException
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws InternalServerErrorException
* @throws \ImagickException
* @throws Exception
*/
{
$return = ['user' => null, 'password' => ''];
- $using_invites = Config::get('system', 'invitation_only');
+ $using_invites = DI::config()->get('system', 'invitation_only');
$invite_id = !empty($data['invite_id']) ? Strings::escapeTags(trim($data['invite_id'])) : '';
$username = !empty($data['username']) ? Strings::escapeTags(trim($data['username'])) : '';
$verified = !empty($data['verified']);
$language = !empty($data['language']) ? Strings::escapeTags(trim($data['language'])) : 'en';
- $publish = !empty($data['profile_publish_reg']);
- $netpublish = $publish && Config::get('system', 'directory');
+ $netpublish = $publish = !empty($data['profile_publish_reg']);
if ($password1 != $confirm) {
throw new Exception(DI::l10n()->t('Passwords do not match. Password unchanged.'));
// collapse multiple spaces in name
$username = preg_replace('/ +/', ' ', $username);
- $username_min_length = max(1, min(64, intval(Config::get('system', 'username_min_length', 3))));
- $username_max_length = max(1, min(64, intval(Config::get('system', 'username_max_length', 48))));
+ $username_min_length = max(1, min(64, intval(DI::config()->get('system', 'username_min_length', 3))));
+ $username_max_length = max(1, min(64, intval(DI::config()->get('system', 'username_max_length', 48))));
if ($username_min_length > $username_max_length) {
Logger::log(DI::l10n()->t('system.username_min_length (%s) and system.username_max_length (%s) are excluding each other, swapping values.', $username_min_length, $username_max_length), Logger::WARNING);
}
if (mb_strlen($username) < $username_min_length) {
- throw new Exception(L10n::tt('Username should be at least %s character.', 'Username should be at least %s characters.', $username_min_length));
+ throw new Exception(DI::l10n()->tt('Username should be at least %s character.', 'Username should be at least %s characters.', $username_min_length));
}
if (mb_strlen($username) > $username_max_length) {
- throw new Exception(L10n::tt('Username should be at most %s character.', 'Username should be at most %s characters.', $username_max_length));
+ throw new Exception(DI::l10n()->tt('Username should be at most %s character.', 'Username should be at most %s characters.', $username_max_length));
}
// So now we are just looking for a space in the full name.
- $loose_reg = Config::get('system', 'no_regfullname');
+ $loose_reg = DI::config()->get('system', 'no_regfullname');
if (!$loose_reg) {
$username = mb_convert_case($username, MB_CASE_TITLE, 'UTF-8');
if (strpos($username, ' ') === false) {
throw new Exception(DI::l10n()->t('The nickname was blocked from registration by the nodes admin.'));
}
- if (Config::get('system', 'block_extended_register', false) && DBA::exists('user', ['email' => $email])) {
+ if (DI::config()->get('system', 'block_extended_register', false) && DBA::exists('user', ['email' => $email])) {
throw new Exception(DI::l10n()->t('Cannot use that email.'));
}
// Disallow somebody creating an account using openid that uses the admin email address,
// since openid bypasses email verification. We'll allow it if there is not yet an admin account.
- if (Config::get('config', 'admin_email') && strlen($openid_url)) {
- $adminlist = explode(',', str_replace(' ', '', strtolower(Config::get('config', 'admin_email'))));
+ if (DI::config()->get('config', 'admin_email') && strlen($openid_url)) {
+ $adminlist = explode(',', str_replace(' ', '', strtolower(DI::config()->get('config', 'admin_email'))));
if (in_array(strtolower($email), $adminlist)) {
throw new Exception(DI::l10n()->t('Cannot use that email.'));
}
'photo' => DI::baseUrl() . "/photo/profile/{$uid}.jpg",
'thumb' => DI::baseUrl() . "/photo/avatar/{$uid}.jpg",
'publish' => $publish,
- 'is-default' => 1,
'net-publish' => $netpublish,
- 'profile-name' => DI::l10n()->t('default')
]);
if (!$insert_result) {
DBA::delete('user', ['uid' => $uid]);
}
$fields = ['def_gid' => $def_gid];
- if (Config::get('system', 'newuser_private') && $def_gid) {
+ if (DI::config()->get('system', 'newuser_private') && $def_gid) {
$fields['allow_gid'] = '<' . $def_gid . '>';
}
$photo_failure = false;
$filename = basename($photo);
- $img_str = Network::fetchUrl($photo, true);
- // guess mimetype from headers or filename
- $type = Images::guessType($photo, true);
+ $curlResult = Network::curl($photo, true);
+ if ($curlResult->isSuccess()) {
+ $img_str = $curlResult->getBody();
+ $type = $curlResult->getContentType();
+ } else {
+ $img_str = '';
+ $type = '';
+ }
+
+ $type = Images::getMimeTypeByData($img_str, $photo, $type);
$Image = new Image($img_str, $type);
if ($Image->isValid()) {
return $return;
}
+ /**
+ * Sets block state for a given user
+ *
+ * @param int $uid The user id
+ * @param bool $block Block state (default is true)
+ *
+ * @return bool True, if successfully blocked
+
+ * @throws Exception
+ */
+ public static function block(int $uid, bool $block = true)
+ {
+ return DBA::update('user', ['blocked' => $block], ['uid' => $uid]);
+ }
+
+ /**
+ * Allows a registration based on a hash
+ *
+ * @param string $hash
+ *
+ * @return bool True, if the allow was successful
+ *
+ * @throws InternalServerErrorException
+ * @throws Exception
+ */
+ public static function allow(string $hash)
+ {
+ $register = Register::getByHash($hash);
+ if (!DBA::isResult($register)) {
+ return false;
+ }
+
+ $user = User::getById($register['uid']);
+ if (!DBA::isResult($user)) {
+ return false;
+ }
+
+ Register::deleteByHash($hash);
+
+ DBA::update('user', ['blocked' => false, 'verified' => true], ['uid' => $register['uid']]);
+
+ $profile = DBA::selectFirst('profile', ['net-publish'], ['uid' => $register['uid']]);
+
+ if (DBA::isResult($profile) && $profile['net-publish'] && DI::config()->get('system', 'directory')) {
+ $url = DI::baseUrl() . '/profile/' . $user['nickname'];
+ Worker::add(PRIORITY_LOW, "Directory", $url);
+ }
+
+ $l10n = DI::l10n()->withLang($register['language']);
+
+ return User::sendRegisterOpenEmail(
+ $l10n,
+ $user,
+ DI::config()->get('config', 'sitename'),
+ DI::baseUrl()->get(),
+ ($register['password'] ?? '') ?: 'Sent in a previous email'
+ );
+ }
+
+ /**
+ * Denys a pending registration
+ *
+ * @param string $hash The hash of the pending user
+ *
+ * This does not have to go through user_remove() and save the nickname
+ * permanently against re-registration, as the person was not yet
+ * allowed to have friends on this system
+ *
+ * @return bool True, if the deny was successfull
+ * @throws Exception
+ */
+ public static function deny(string $hash)
+ {
+ $register = Register::getByHash($hash);
+ if (!DBA::isResult($register)) {
+ return false;
+ }
+
+ $user = User::getById($register['uid']);
+ if (!DBA::isResult($user)) {
+ return false;
+ }
+
+ return DBA::delete('user', ['uid' => $register['uid']]) &&
+ Register::deleteByHash($register['hash']);
+ }
+
+ /**
+ * Creates a new user based on a minimal set and sends an email to this user
+ *
+ * @param string $name The user's name
+ * @param string $email The user's email address
+ * @param string $nick The user's nick name
+ * @param string $lang The user's language (default is english)
+ *
+ * @return bool True, if the user was created successfully
+ * @throws InternalServerErrorException
+ * @throws \ErrorException
+ * @throws \ImagickException
+ */
+ public static function createMinimal(string $name, string $email, string $nick, string $lang = L10n::DEFAULT)
+ {
+ if (empty($name) ||
+ empty($email) ||
+ empty($nick)) {
+ throw new InternalServerErrorException('Invalid arguments.');
+ }
+
+ $result = self::create([
+ 'username' => $name,
+ 'email' => $email,
+ 'nickname' => $nick,
+ 'verified' => 1,
+ 'language' => $lang
+ ]);
+
+ $user = $result['user'];
+ $preamble = Strings::deindent(DI::l10n()->t('
+ Dear %1$s,
+ the administrator of %2$s has set up an account for you.'));
+ $body = Strings::deindent(DI::l10n()->t('
+ The login details are as follows:
+
+ Site Location: %1$s
+ Login Name: %2$s
+ Password: %3$s
+
+ You may change your password from your account "Settings" page after logging
+ in.
+
+ Please take a few moments to review the other account settings on that page.
+
+ You may also wish to add some basic information to your default profile
+ (on the "Profiles" page) so that other people can easily find you.
+
+ We recommend setting your full name, adding a profile photo,
+ adding some profile "keywords" (very useful in making new friends) - and
+ perhaps what country you live in; if you do not wish to be more specific
+ than that.
+
+ We fully respect your right to privacy, and none of these items are necessary.
+ If you are new and do not know anybody here, they may help
+ you to make some new and interesting friends.
+
+ If you ever want to delete your account, you can do so at %1$s/removeme
+
+ Thank you and welcome to %4$s.'));
+
+ $preamble = sprintf($preamble, $user['username'], DI::config()->get('config', 'sitename'));
+ $body = sprintf($body, DI::baseUrl()->get(), $user['nickname'], $result['password'], DI::config()->get('config', 'sitename'));
+
+ $email = DI::emailer()
+ ->newSystemMail()
+ ->withMessage(DI::l10n()->t('Registration details for %s', DI::config()->get('config', 'sitename')), $preamble, $body)
+ ->forUser($user)
+ ->withRecipient($user['email'])
+ ->build();
+ return DI::emailer()->send($email);
+ }
+
/**
* Sends pending registration confirmation email
*
* @param string $siteurl
* @param string $password Plaintext password
* @return NULL|boolean from notification() and email() inherited
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws InternalServerErrorException
*/
public static function sendRegisterPendingEmail($user, $sitename, $siteurl, $password)
{
$password
));
- return notification([
- 'type' => SYSTEM_EMAIL,
- 'uid' => $user['uid'],
- 'to_email' => $user['email'],
- 'subject' => DI::l10n()->t('Registration at %s', $sitename),
- 'body' => $body
- ]);
+ $email = DI::emailer()
+ ->newSystemMail()
+ ->withMessage(DI::l10n()->t('Registration at %s', $sitename), $body)
+ ->forUser($user)
+ ->withRecipient($user['email'])
+ ->build();
+ return DI::emailer()->send($email);
}
/**
*
* It's here as a function because the mail is sent from different parts
*
- * @param L10n\L10n $l10n The used language
- * @param array $user User record array
- * @param string $sitename
- * @param string $siteurl
- * @param string $password Plaintext password
+ * @param \Friendica\Core\L10n $l10n The used language
+ * @param array $user User record array
+ * @param string $sitename
+ * @param string $siteurl
+ * @param string $password Plaintext password
+ *
* @return NULL|boolean from notification() and email() inherited
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws InternalServerErrorException
*/
- public static function sendRegisterOpenEmail(L10n\L10n $l10n, $user, $sitename, $siteurl, $password)
+ public static function sendRegisterOpenEmail(\Friendica\Core\L10n $l10n, $user, $sitename, $siteurl, $password)
{
$preamble = Strings::deindent($l10n->t(
'
$password
));
- return notification([
- 'uid' => $user['uid'],
- 'language' => $user['language'],
- 'type' => SYSTEM_EMAIL,
- 'to_email' => $user['email'],
- 'subject' => DI::l10n()->t('Registration details for %s', $sitename),
- 'preamble' => $preamble,
- 'body' => $body
- ]);
+ $email = DI::emailer()
+ ->newSystemMail()
+ ->withMessage(DI::l10n()->t('Registration details for %s', $sitename), $preamble, $body)
+ ->forUser($user)
+ ->withRecipient($user['email'])
+ ->build();
+ return DI::emailer()->send($email);
}
/**
- * @param object $uid user to remove
+ * @param int $uid user to remove
* @return bool
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws InternalServerErrorException
*/
- public static function remove($uid)
+ public static function remove(int $uid)
{
if (!$uid) {
return false;
$userStmt = DBA::p("SELECT `user`.`uid`, `user`.`login_date`, `contact`.`last-item`
FROM `user`
- INNER JOIN `profile` ON `profile`.`uid` = `user`.`uid` AND `profile`.`is-default`
INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self`
- WHERE (`profile`.`publish` OR `profile`.`net-publish`) AND `user`.`verified`
- AND NOT `user`.`blocked` AND NOT `user`.`account_removed`
- AND NOT `user`.`account_expired`");
+ WHERE `user`.`verified`
+ AND `user`.`login_date` > ?
+ AND NOT `user`.`blocked`
+ AND NOT `user`.`account_removed`
+ AND NOT `user`.`account_expired`",
+ DBA::NULL_DATETIME
+ );
if (!DBA::isResult($userStmt)) {
return $statistics;
return $statistics;
}
+
+ /**
+ * Get all users of the current node
+ *
+ * @param int $start Start count (Default is 0)
+ * @param int $count Count of the items per page (Default is @see Pager::ITEMS_PER_PAGE)
+ * @param string $type The type of users, which should get (all, bocked, removed)
+ * @param string $order Order of the user list (Default is 'contact.name')
+ * @param string $order_direction Order direction (Default is ASC)
+ *
+ * @return array The list of the users
+ * @throws Exception
+ */
+ public static function getList($start = 0, $count = Pager::ITEMS_PER_PAGE, $type = 'all', $order = 'contact.name', $order_direction = '+')
+ {
+ $sql_order = '`' . str_replace('.', '`.`', $order) . '`';
+ $sql_order_direction = ($order_direction === '+') ? 'ASC' : 'DESC';
+
+ switch ($type) {
+ case 'active':
+ $sql_extra = 'AND `user`.`blocked` = 0';
+ break;
+ case 'blocked':
+ $sql_extra = 'AND `user`.`blocked` = 1';
+ break;
+ case 'removed':
+ $sql_extra = 'AND `user`.`account_removed` = 1';
+ break;
+ case 'all':
+ default:
+ $sql_extra = '';
+ break;
+ }
+
+ $usersStmt = DBA::p("SELECT `user`.*, `contact`.`name`, `contact`.`url`, `contact`.`micro`, `user`.`account_expired`, `contact`.`last-item` AS `lastitem_date`, `contact`.`nick`, `contact`.`created`
+ FROM `user`
+ INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self`
+ WHERE `user`.`verified` $sql_extra
+ ORDER BY $sql_order $sql_order_direction LIMIT ?, ?", $start, $count
+ );
+
+ return DBA::toArray($usersStmt);
+ }
}
projects / friendica.git / blobdiff