use Exception;
use Friendica\Core\Addon;
use Friendica\Core\Config;
+use Friendica\Core\Hook;
use Friendica\Core\L10n;
use Friendica\Core\Logger;
use Friendica\Core\PConfig;
if (!DBA::isResult($r)) {
return false;
}
+
+ if (empty($r['nickname'])) {
+ return false;
+ }
+
+ // Check if the returned data is valid, otherwise fix it. See issue #6122
+ $url = System::baseUrl() . '/profile/' . $r['nickname'];
+ $addr = $r['nickname'] . '@' . substr(System::baseUrl(), strpos(System::baseUrl(), '://') + 3);
+
+ if (($addr != $r['addr']) || ($r['url'] != $url) || ($r['nurl'] != Strings::normaliseLink($r['url']))) {
+ Contact::updateSelfFromUserID($uid);
+ }
+
return $r;
}
$using_invites = Config::get('system', 'invitation_only');
$num_invites = Config::get('system', 'number_invites');
- $invite_id = !empty($data['invite_id']) ? Strings::removeTags(trim($data['invite_id'])) : '';
- $username = !empty($data['username']) ? Strings::removeTags(trim($data['username'])) : '';
- $nickname = !empty($data['nickname']) ? Strings::removeTags(trim($data['nickname'])) : '';
- $email = !empty($data['email']) ? Strings::removeTags(trim($data['email'])) : '';
- $openid_url = !empty($data['openid_url']) ? Strings::removeTags(trim($data['openid_url'])) : '';
- $photo = !empty($data['photo']) ? Strings::removeTags(trim($data['photo'])) : '';
+ $invite_id = !empty($data['invite_id']) ? Strings::escapeTags(trim($data['invite_id'])) : '';
+ $username = !empty($data['username']) ? Strings::escapeTags(trim($data['username'])) : '';
+ $nickname = !empty($data['nickname']) ? Strings::escapeTags(trim($data['nickname'])) : '';
+ $email = !empty($data['email']) ? Strings::escapeTags(trim($data['email'])) : '';
+ $openid_url = !empty($data['openid_url']) ? Strings::escapeTags(trim($data['openid_url'])) : '';
+ $photo = !empty($data['photo']) ? Strings::escapeTags(trim($data['photo'])) : '';
$password = !empty($data['password']) ? trim($data['password']) : '';
$password1 = !empty($data['password1']) ? trim($data['password1']) : '';
$confirm = !empty($data['confirm']) ? trim($data['confirm']) : '';
- $blocked = !empty($data['blocked']) ? intval($data['blocked']) : 0;
- $verified = !empty($data['verified']) ? intval($data['verified']) : 0;
- $language = !empty($data['language']) ? Strings::removeTags(trim($data['language'])) : 'en';
+ $blocked = !empty($data['blocked']);
+ $verified = !empty($data['verified']);
+ $language = !empty($data['language']) ? Strings::escapeTags(trim($data['language'])) : 'en';
- $publish = !empty($data['profile_publish_reg']) && intval($data['profile_publish_reg']) ? 1 : 0;
- $netpublish = strlen(Config::get('system', 'directory')) ? $publish : 0;
+ $publish = !empty($data['profile_publish_reg']);
+ $netpublish = $publish && Config::get('system', 'directory');
if ($password1 != $confirm) {
throw new Exception(L10n::t('Passwords do not match. Password unchanged.'));
Dear %1$s,
Thank you for registering at %2$s. Your account has been created.
',
- $preamble, $user['username'], $sitename
+ $user['username'], $sitename
));
$body = Strings::deindent(L10n::t('
The login details are as follows:
public static function remove($uid)
{
if (!$uid) {
- return;
+ return false;
}
$a = get_app();
$user = DBA::selectFirst('user', [], ['uid' => $uid]);
- Addon::callHooks('remove_user', $user);
+ Hook::callAll('remove_user', $user);
// save username (actually the nickname as it is guaranteed
// unique), so it cannot be re-registered in the future.
DBA::insert('userd', ['username' => $user['nickname']]);
// The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
- DBA::update('user', ['account_removed' => true, 'account_expires_on' => DateTimeFormat::utc(DateTimeFormat::utcNow() . " + 7 day")], ['uid' => $uid]);
- Worker::add(PRIORITY_HIGH, "Notifier", "removeme", $uid);
+ DBA::update('user', ['account_removed' => true, 'account_expires_on' => DateTimeFormat::utc('now + 7 day')], ['uid' => $uid]);
+ Worker::add(PRIORITY_HIGH, 'Notifier', 'removeme', $uid);
// Send an update to the directory
$self = DBA::selectFirst('contact', ['url'], ['uid' => $uid, 'self' => true]);
- Worker::add(PRIORITY_LOW, "Directory", $self['url']);
+ Worker::add(PRIORITY_LOW, 'Directory', $self['url']);
// Remove the user relevant data
- Worker::add(PRIORITY_LOW, "RemoveUser", $uid);
+ Worker::add(PRIORITY_LOW, 'RemoveUser', $uid);
- if ($uid == local_user()) {
- unset($_SESSION['authenticated']);
- unset($_SESSION['uid']);
- $a->internalRedirect();
- }
+ return true;
}
/**
projects / friendica.git / blobdiff