Improved block check for redirects

[friendica.git] / src / Model / User.php

diff --git a/src/Model/User.php b/src/Model/User.php
index 2b8516c255b0d1089a8a121000b2ac0a82c279d6..75b913250c304099afa3eb9832d2b058351ebe2b 100644 (file)
--- a/src/Model/User.php
+++ b/src/Model/User.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2022, the Friendica project
+ * @copyright Copyright (C) 2010-2023, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -39,13 +39,13 @@ use Friendica\Network\HTTPClient\Client\HttpClientAccept;
 use Friendica\Security\TwoFactor\Model\AppSpecificPassword;
 use Friendica\Network\HTTPException;
 use Friendica\Object\Image;
+use Friendica\Protocol\Delivery;
 use Friendica\Util\Crypto;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Images;
 use Friendica\Util\Network;
 use Friendica\Util\Proxy;
 use Friendica\Util\Strings;
-use Friendica\Worker\Delivery;
 use ImagickException;
 use LightOpenID;
 
@@ -158,6 +158,7 @@ class User
                $system['publish'] = false;
                $system['net-publish'] = false;
                $system['hide-friends'] = true;
+               $system['hidewall'] = true;
                $system['prv_keywords'] = '';
                $system['pub_keywords'] = '';
                $system['address'] = '';
@@ -756,7 +757,7 @@ class User
        }
 
        /**
-        * Allowed characters are a-z, A-Z, 0-9 and special characters except white spaces, accentuated letters and colon (:).
+        * Allowed characters are a-z, A-Z, 0-9 and special characters except white spaces and accentuated letters.
         *
         * Password length is limited to 72 characters if the current default password hashing algorithm is Blowfish.
         * From the manual: "Using the PASSWORD_BCRYPT as the algorithm, will result in the password parameter being
@@ -769,13 +770,13 @@ class User
         */
        public static function getPasswordRegExp(string $delimiter = null): string
        {
-               $allowed_characters = '!"#$%&\'()*+,-./;<=>?@[\]^_`{|}~';
+               $allowed_characters = ':!"#$%&\'()*+,-./;<=>?@[\]^_`{|}~';
 
                if ($delimiter) {
                        $allowed_characters = preg_quote($allowed_characters, $delimiter);
                }
 
-               return '^[a-zA-Z0-9' . $allowed_characters . ']' . (PASSWORD_DEFAULT !== PASSWORD_BCRYPT ? '{1,72}' : '+') . '$';
+               return '^[a-zA-Z0-9' . $allowed_characters . ']' . (PASSWORD_DEFAULT === PASSWORD_BCRYPT ? '{1,72}' : '+') . '$';
        }
 
        /**
@@ -803,7 +804,7 @@ class User
                }
 
                if (!preg_match('/' . self::getPasswordRegExp('/') . '/', $password)) {
-                       throw new Exception(DI::l10n()->t('The password can\'t contain accentuated letters, white spaces or colons (:)'));
+                       throw new Exception(DI::l10n()->t("The password can't contain white spaces nor accentuated letters"));
                }
 
                return self::updatePasswordHashed($uid, self::hashPassword($password));
@@ -829,6 +830,22 @@ class User
                return DBA::update('user', $fields, ['uid' => $uid]);
        }
 
+       /**
+        * Returns if the given uid is valid and in the admin list
+        *
+        * @param int $uid
+        *
+        * @return bool
+        * @throws Exception
+        */
+       public static function isSiteAdmin(int $uid): bool
+       {
+               return DBA::exists('user', [
+                       'uid'   => $uid,
+                       'email' => self::getAdminEmailList()
+               ]);
+       }
+
        /**
         * Checks if a nickname is in the list of the forbidden nicknames
         *