<?php
-
/**
- * @file src/Model/User.php
- * This file includes the User class with user related database functions
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
*/
namespace Friendica\Model;
use DivineOmega\PasswordExposed;
use Exception;
-use Friendica\Core\Config;
+use Friendica\Content\Pager;
use Friendica\Core\Hook;
use Friendica\Core\L10n;
use Friendica\Core\Logger;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\TwoFactor\AppSpecificPassword;
+use Friendica\Network\HTTPException\InternalServerErrorException;
use Friendica\Object\Image;
use Friendica\Util\Crypto;
use Friendica\Util\DateTimeFormat;
*/
public static function getOwnerDataById($uid, $check_valid = true)
{
- $r = DBA::fetchFirst(
- "SELECT
- `contact`.*,
- `user`.`prvkey` AS `uprvkey`,
- `user`.`timezone`,
- `user`.`nickname`,
- `user`.`sprvkey`,
- `user`.`spubkey`,
- `user`.`page-flags`,
- `user`.`account-type`,
- `user`.`prvnets`,
- `user`.`account_removed`,
- `user`.`hidewall`
- FROM `contact`
- INNER JOIN `user`
- ON `user`.`uid` = `contact`.`uid`
- WHERE `contact`.`uid` = ?
- AND `contact`.`self`
- LIMIT 1",
- $uid
- );
- if (!DBA::isResult($r)) {
- return false;
+ $owner = DBA::selectFirst('owner-view', [], ['uid' => $uid]);
+ if (!DBA::isResult($owner)) {
+ if (!DBA::exists('user', ['uid' => $uid]) || !$check_valid) {
+ return false;
+ }
+ Contact::createSelfFromUserId($uid);
+ $owner = self::getOwnerDataById($uid, false);
}
- if (empty($r['nickname'])) {
+ if (empty($owner['nickname'])) {
return false;
}
if (!$check_valid) {
- return $r;
+ return $owner;
}
// Check if the returned data is valid, otherwise fix it. See issue #6122
// Check for correct url and normalised nurl
- $url = DI::baseUrl() . '/profile/' . $r['nickname'];
- $repair = ($r['url'] != $url) || ($r['nurl'] != Strings::normaliseLink($r['url']));
+ $url = DI::baseUrl() . '/profile/' . $owner['nickname'];
+ $repair = ($owner['url'] != $url) || ($owner['nurl'] != Strings::normaliseLink($owner['url']));
if (!$repair) {
// Check if "addr" is present and correct
- $addr = $r['nickname'] . '@' . substr(DI::baseUrl(), strpos(DI::baseUrl(), '://') + 3);
- $repair = ($addr != $r['addr']);
+ $addr = $owner['nickname'] . '@' . substr(DI::baseUrl(), strpos(DI::baseUrl(), '://') + 3);
+ $repair = ($addr != $owner['addr']);
}
if (!$repair) {
// Check if the avatar field is filled and the photo directs to the correct path
$avatar = Photo::selectFirst(['resource-id'], ['uid' => $uid, 'profile' => true]);
if (DBA::isResult($avatar)) {
- $repair = empty($r['avatar']) || !strpos($r['photo'], $avatar['resource-id']);
+ $repair = empty($owner['avatar']) || !strpos($owner['photo'], $avatar['resource-id']);
}
}
if ($repair) {
Contact::updateSelfFromUserID($uid);
// Return the corrected data and avoid a loop
- $r = self::getOwnerDataById($uid, false);
+ $owner = self::getOwnerDataById($uid, false);
}
- return $r;
+ return $owner;
}
/**
* @param string $network network name
*
* @return int group id
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws InternalServerErrorException
*/
public static function getDefaultGroup($uid, $network = '')
{
throw new Exception(DI::l10n()->t('Empty passwords are not allowed.'));
}
- if (!Config::get('system', 'disable_password_exposed', false) && self::isPasswordExposed($password)) {
+ if (!DI::config()->get('system', 'disable_password_exposed', false) && self::isPasswordExposed($password)) {
throw new Exception(DI::l10n()->t('The new password has been exposed in a public data dump, please choose another.'));
}
*
* @param string $nickname The nickname that should be checked
* @return boolean True is the nickname is blocked on the node
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws InternalServerErrorException
*/
public static function isNicknameBlocked($nickname)
{
- $forbidden_nicknames = Config::get('system', 'forbidden_nicknames', '');
+ $forbidden_nicknames = DI::config()->get('system', 'forbidden_nicknames', '');
// if the config variable is empty return false
if (empty($forbidden_nicknames)) {
* @param array $data
* @return array
* @throws \ErrorException
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws InternalServerErrorException
* @throws \ImagickException
* @throws Exception
*/
{
$return = ['user' => null, 'password' => ''];
- $using_invites = Config::get('system', 'invitation_only');
+ $using_invites = DI::config()->get('system', 'invitation_only');
$invite_id = !empty($data['invite_id']) ? Strings::escapeTags(trim($data['invite_id'])) : '';
$username = !empty($data['username']) ? Strings::escapeTags(trim($data['username'])) : '';
$verified = !empty($data['verified']);
$language = !empty($data['language']) ? Strings::escapeTags(trim($data['language'])) : 'en';
- $publish = !empty($data['profile_publish_reg']);
- $netpublish = $publish && Config::get('system', 'directory');
+ $netpublish = $publish = !empty($data['profile_publish_reg']);
if ($password1 != $confirm) {
throw new Exception(DI::l10n()->t('Passwords do not match. Password unchanged.'));
// collapse multiple spaces in name
$username = preg_replace('/ +/', ' ', $username);
- $username_min_length = max(1, min(64, intval(Config::get('system', 'username_min_length', 3))));
- $username_max_length = max(1, min(64, intval(Config::get('system', 'username_max_length', 48))));
+ $username_min_length = max(1, min(64, intval(DI::config()->get('system', 'username_min_length', 3))));
+ $username_max_length = max(1, min(64, intval(DI::config()->get('system', 'username_max_length', 48))));
if ($username_min_length > $username_max_length) {
Logger::log(DI::l10n()->t('system.username_min_length (%s) and system.username_max_length (%s) are excluding each other, swapping values.', $username_min_length, $username_max_length), Logger::WARNING);
}
// So now we are just looking for a space in the full name.
- $loose_reg = Config::get('system', 'no_regfullname');
+ $loose_reg = DI::config()->get('system', 'no_regfullname');
if (!$loose_reg) {
$username = mb_convert_case($username, MB_CASE_TITLE, 'UTF-8');
if (strpos($username, ' ') === false) {
throw new Exception(DI::l10n()->t('The nickname was blocked from registration by the nodes admin.'));
}
- if (Config::get('system', 'block_extended_register', false) && DBA::exists('user', ['email' => $email])) {
+ if (DI::config()->get('system', 'block_extended_register', false) && DBA::exists('user', ['email' => $email])) {
throw new Exception(DI::l10n()->t('Cannot use that email.'));
}
// Disallow somebody creating an account using openid that uses the admin email address,
// since openid bypasses email verification. We'll allow it if there is not yet an admin account.
- if (Config::get('config', 'admin_email') && strlen($openid_url)) {
- $adminlist = explode(',', str_replace(' ', '', strtolower(Config::get('config', 'admin_email'))));
+ if (DI::config()->get('config', 'admin_email') && strlen($openid_url)) {
+ $adminlist = explode(',', str_replace(' ', '', strtolower(DI::config()->get('config', 'admin_email'))));
if (in_array(strtolower($email), $adminlist)) {
throw new Exception(DI::l10n()->t('Cannot use that email.'));
}
'photo' => DI::baseUrl() . "/photo/profile/{$uid}.jpg",
'thumb' => DI::baseUrl() . "/photo/avatar/{$uid}.jpg",
'publish' => $publish,
- 'is-default' => 1,
'net-publish' => $netpublish,
- 'profile-name' => DI::l10n()->t('default')
]);
if (!$insert_result) {
DBA::delete('user', ['uid' => $uid]);
}
$fields = ['def_gid' => $def_gid];
- if (Config::get('system', 'newuser_private') && $def_gid) {
+ if (DI::config()->get('system', 'newuser_private') && $def_gid) {
$fields['allow_gid'] = '<' . $def_gid . '>';
}
$photo_failure = false;
$filename = basename($photo);
- $img_str = Network::fetchUrl($photo, true);
- // guess mimetype from headers or filename
- $type = Images::guessType($photo, true);
+ $curlResult = Network::curl($photo, true);
+ if ($curlResult->isSuccess()) {
+ $img_str = $curlResult->getBody();
+ $type = $curlResult->getContentType();
+ } else {
+ $img_str = '';
+ $type = '';
+ }
+
+ $type = Images::getMimeTypeByData($img_str, $photo, $type);
$Image = new Image($img_str, $type);
if ($Image->isValid()) {
return $return;
}
+ /**
+ * Sets block state for a given user
+ *
+ * @param int $uid The user id
+ * @param bool $block Block state (default is true)
+ *
+ * @return bool True, if successfully blocked
+
+ * @throws Exception
+ */
+ public static function block(int $uid, bool $block = true)
+ {
+ return DBA::update('user', ['blocked' => $block], ['uid' => $uid]);
+ }
+
+ /**
+ * Allows a registration based on a hash
+ *
+ * @param string $hash
+ *
+ * @return bool True, if the allow was successful
+ *
+ * @throws InternalServerErrorException
+ * @throws Exception
+ */
+ public static function allow(string $hash)
+ {
+ $register = Register::getByHash($hash);
+ if (!DBA::isResult($register)) {
+ return false;
+ }
+
+ $user = User::getById($register['uid']);
+ if (!DBA::isResult($user)) {
+ return false;
+ }
+
+ Register::deleteByHash($hash);
+
+ DBA::update('user', ['blocked' => false, 'verified' => true], ['uid' => $register['uid']]);
+
+ $profile = DBA::selectFirst('profile', ['net-publish'], ['uid' => $register['uid']]);
+
+ if (DBA::isResult($profile) && $profile['net-publish'] && DI::config()->get('system', 'directory')) {
+ $url = DI::baseUrl() . '/profile/' . $user['nickname'];
+ Worker::add(PRIORITY_LOW, "Directory", $url);
+ }
+
+ $l10n = DI::l10n()->withLang($register['language']);
+
+ return User::sendRegisterOpenEmail(
+ $l10n,
+ $user,
+ DI::config()->get('config', 'sitename'),
+ DI::baseUrl()->get(),
+ ($register['password'] ?? '') ?: 'Sent in a previous email'
+ );
+ }
+
+ /**
+ * Denys a pending registration
+ *
+ * @param string $hash The hash of the pending user
+ *
+ * This does not have to go through user_remove() and save the nickname
+ * permanently against re-registration, as the person was not yet
+ * allowed to have friends on this system
+ *
+ * @return bool True, if the deny was successfull
+ * @throws Exception
+ */
+ public static function deny(string $hash)
+ {
+ $register = Register::getByHash($hash);
+ if (!DBA::isResult($register)) {
+ return false;
+ }
+
+ $user = User::getById($register['uid']);
+ if (!DBA::isResult($user)) {
+ return false;
+ }
+
+ return DBA::delete('user', ['uid' => $register['uid']]) &&
+ Register::deleteByHash($register['hash']);
+ }
+
+ /**
+ * Creates a new user based on a minimal set and sends an email to this user
+ *
+ * @param string $name The user's name
+ * @param string $email The user's email address
+ * @param string $nick The user's nick name
+ * @param string $lang The user's language (default is english)
+ *
+ * @return bool True, if the user was created successfully
+ * @throws InternalServerErrorException
+ * @throws \ErrorException
+ * @throws \ImagickException
+ */
+ public static function createMinimal(string $name, string $email, string $nick, string $lang = L10n::DEFAULT)
+ {
+ if (empty($name) ||
+ empty($email) ||
+ empty($nick)) {
+ throw new InternalServerErrorException('Invalid arguments.');
+ }
+
+ $result = self::create([
+ 'username' => $name,
+ 'email' => $email,
+ 'nickname' => $nick,
+ 'verified' => 1,
+ 'language' => $lang
+ ]);
+
+ $user = $result['user'];
+ $preamble = Strings::deindent(DI::l10n()->t('
+ Dear %1$s,
+ the administrator of %2$s has set up an account for you.'));
+ $body = Strings::deindent(DI::l10n()->t('
+ The login details are as follows:
+
+ Site Location: %1$s
+ Login Name: %2$s
+ Password: %3$s
+
+ You may change your password from your account "Settings" page after logging
+ in.
+
+ Please take a few moments to review the other account settings on that page.
+
+ You may also wish to add some basic information to your default profile
+ (on the "Profiles" page) so that other people can easily find you.
+
+ We recommend setting your full name, adding a profile photo,
+ adding some profile "keywords" (very useful in making new friends) - and
+ perhaps what country you live in; if you do not wish to be more specific
+ than that.
+
+ We fully respect your right to privacy, and none of these items are necessary.
+ If you are new and do not know anybody here, they may help
+ you to make some new and interesting friends.
+
+ If you ever want to delete your account, you can do so at %1$s/removeme
+
+ Thank you and welcome to %4$s.'));
+
+ $preamble = sprintf($preamble, $user['username'], DI::config()->get('config', 'sitename'));
+ $body = sprintf($body, DI::baseUrl()->get(), $user['nickname'], $result['password'], DI::config()->get('config', 'sitename'));
+
+ $email = DI::emailer()
+ ->newSystemMail()
+ ->withMessage(DI::l10n()->t('Registration details for %s', DI::config()->get('config', 'sitename')), $preamble, $body)
+ ->forUser($user)
+ ->withRecipient($user['email'])
+ ->build();
+ return DI::emailer()->send($email);
+ }
+
/**
* Sends pending registration confirmation email
*
* @param string $siteurl
* @param string $password Plaintext password
* @return NULL|boolean from notification() and email() inherited
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws InternalServerErrorException
*/
public static function sendRegisterPendingEmail($user, $sitename, $siteurl, $password)
{
$password
));
- return notification([
- 'type' => SYSTEM_EMAIL,
- 'uid' => $user['uid'],
- 'to_email' => $user['email'],
- 'subject' => DI::l10n()->t('Registration at %s', $sitename),
- 'body' => $body
- ]);
+ $email = DI::emailer()
+ ->newSystemMail()
+ ->withMessage(DI::l10n()->t('Registration at %s', $sitename), $body)
+ ->forUser($user)
+ ->withRecipient($user['email'])
+ ->build();
+ return DI::emailer()->send($email);
}
/**
*
* It's here as a function because the mail is sent from different parts
*
- * @param L10n\L10n $l10n The used language
- * @param array $user User record array
- * @param string $sitename
- * @param string $siteurl
- * @param string $password Plaintext password
+ * @param \Friendica\Core\L10n $l10n The used language
+ * @param array $user User record array
+ * @param string $sitename
+ * @param string $siteurl
+ * @param string $password Plaintext password
+ *
* @return NULL|boolean from notification() and email() inherited
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws InternalServerErrorException
*/
- public static function sendRegisterOpenEmail(L10n\L10n $l10n, $user, $sitename, $siteurl, $password)
+ public static function sendRegisterOpenEmail(\Friendica\Core\L10n $l10n, $user, $sitename, $siteurl, $password)
{
$preamble = Strings::deindent($l10n->t(
'
$password
));
- return notification([
- 'uid' => $user['uid'],
- 'language' => $user['language'],
- 'type' => SYSTEM_EMAIL,
- 'to_email' => $user['email'],
- 'subject' => DI::l10n()->t('Registration details for %s', $sitename),
- 'preamble' => $preamble,
- 'body' => $body
- ]);
+ $email = DI::emailer()
+ ->newSystemMail()
+ ->withMessage(DI::l10n()->t('Registration details for %s', $sitename), $preamble, $body)
+ ->forUser($user)
+ ->withRecipient($user['email'])
+ ->build();
+ return DI::emailer()->send($email);
}
/**
- * @param object $uid user to remove
+ * @param int $uid user to remove
* @return bool
- * @throws \Friendica\Network\HTTPException\InternalServerErrorException
+ * @throws InternalServerErrorException
*/
- public static function remove($uid)
+ public static function remove(int $uid)
{
if (!$uid) {
return false;
'active_users_monthly' => 0,
];
- $userStmt = DBA::p("SELECT `user`.`uid`, `user`.`login_date`, `contact`.`last-item`
- FROM `user`
- INNER JOIN `profile` ON `profile`.`uid` = `user`.`uid` AND `profile`.`is-default`
- INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self`
- WHERE (`profile`.`publish` OR `profile`.`net-publish`) AND `user`.`verified`
- AND NOT `user`.`blocked` AND NOT `user`.`account_removed`
- AND NOT `user`.`account_expired`");
-
+ $userStmt = DBA::select('owner-view', ['uid', 'login_date', 'last-item'],
+ ["`verified` AND `login_date` > ? AND NOT `blocked`
+ AND NOT `account_removed` AND NOT `account_expired`",
+ DBA::NULL_DATETIME]);
if (!DBA::isResult($userStmt)) {
return $statistics;
}
$statistics['active_users_monthly']++;
}
}
+ DBA::close($userStmt);
return $statistics;
}
+
+ /**
+ * Get all users of the current node
+ *
+ * @param int $start Start count (Default is 0)
+ * @param int $count Count of the items per page (Default is @see Pager::ITEMS_PER_PAGE)
+ * @param string $type The type of users, which should get (all, bocked, removed)
+ * @param string $order Order of the user list (Default is 'contact.name')
+ * @param bool $descending Order direction (Default is ascending)
+ *
+ * @return array The list of the users
+ * @throws Exception
+ */
+ public static function getList($start = 0, $count = Pager::ITEMS_PER_PAGE, $type = 'all', $order = 'name', bool $descending = false)
+ {
+ $param = ['limit' => [$start, $count], 'order' => [$order => $descending]];
+ $condition = [];
+ switch ($type) {
+ case 'active':
+ $condition['blocked'] = false;
+ break;
+ case 'blocked':
+ $condition['blocked'] = true;
+ break;
+ case 'removed':
+ $condition['account_removed'] = true;
+ break;
+ }
+
+ return DBA::selectToArray('owner-view', [], $condition, $param);
+ }
}