// List of possible actor names
$possible_accounts = ['friendica', 'actor', 'system', 'internal'];
foreach ($possible_accounts as $name) {
- if (!DBA::exists('user', ['nickname' => $name, 'account_removed' => false, 'expire' => false]) &&
+ if (!DBA::exists('user', ['nickname' => $name, 'account_removed' => false, 'account_expired' => false]) &&
!DBA::exists('userd', ['username' => $name])) {
DI::config()->set('system', 'actor_name', $name);
return $name;
return password_hash($password, PASSWORD_DEFAULT);
}
+ /**
+ * Allowed characters are a-z, A-Z, 0-9 and special characters except white spaces, accentuated letters and colon (:).
+ *
+ * Password length is limited to 72 characters if the current default password hashing algorithm is Blowfish.
+ * From the manual: "Using the PASSWORD_BCRYPT as the algorithm, will result in the password parameter being
+ * truncated to a maximum length of 72 bytes."
+ *
+ * @see https://www.php.net/manual/en/function.password-hash.php#refsect1-function.password-hash-parameters
+ *
+ * @param string|null $delimiter Whether the regular expression is meant to be wrapper in delimiter characters
+ * @return string
+ */
+ public static function getPasswordRegExp(string $delimiter = null): string
+ {
+ $allowed_characters = '!"#$%&\'()*+,-./;<=>?@[\]^_`{|}~';
+
+ if ($delimiter) {
+ $allowed_characters = preg_quote($allowed_characters, $delimiter);
+ }
+
+ return '^[a-zA-Z0-9' . $allowed_characters . ']' . (PASSWORD_DEFAULT !== PASSWORD_BCRYPT ? '{1,72}' : '+') . '$';
+ }
+
/**
* Updates a user row with a new plaintext password
*
throw new Exception(DI::l10n()->t('The new password has been exposed in a public data dump, please choose another.'));
}
- $allowed_characters = '!"#$%&\'()*+,-./;<=>?@[\]^_`{|}~';
+ if (PASSWORD_DEFAULT === PASSWORD_BCRYPT && strlen($password) > 72) {
+ throw new Exception(DI::l10n()->t('The password length is limited to 72 characters.'));
+ }
- if (!preg_match('/^[a-z0-9' . preg_quote($allowed_characters, '/') . ']+$/i', $password)) {
+ if (!preg_match('/' . self::getPasswordRegExp('/') . '/', $password)) {
throw new Exception(DI::l10n()->t('The password can\'t contain accentuated letters, white spaces or colons (:)'));
}
try {
$authurl = $openid->authUrl();
} catch (Exception $e) {
- throw new Exception(DI::l10n()->t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.') . EOL . EOL . DI::l10n()->t('The error message was:') . $e->getMessage(), 0, $e);
+ throw new Exception(DI::l10n()->t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.') . '<br />' . DI::l10n()->t('The error message was:') . $e->getMessage(), 0, $e);
}
System::externalRedirect($authurl);
// NOTREACHED
if (DBA::isResult($profile) && $profile['net-publish'] && Search::getGlobalDirectory()) {
$url = DI::baseUrl() . '/profile/' . $user['nickname'];
- Worker::add(PRIORITY_LOW, "Directory", $url);
+ Worker::add(Worker::PRIORITY_LOW, "Directory", $url);
}
$l10n = DI::l10n()->withLang($register['language']);
If you are new and do not know anybody here, they may help
you to make some new and interesting friends.
- If you ever want to delete your account, you can do so at %1$s/removeme
+ If you ever want to delete your account, you can do so at %1$s/settings/removeme
Thank you and welcome to %4$s.'));
If you are new and do not know anybody here, they may help
you to make some new and interesting friends.
- If you ever want to delete your account, you can do so at %3$s/removeme
+ If you ever want to delete your account, you can do so at %3$s/settings/removeme
Thank you and welcome to %2$s.',
$user['nickname'],
// The user and related data will be deleted in Friendica\Worker\ExpireAndRemoveUsers
DBA::update('user', ['account_removed' => true, 'account_expires_on' => DateTimeFormat::utc('now + 7 day')], ['uid' => $uid]);
- Worker::add(PRIORITY_HIGH, 'Notifier', Delivery::REMOVAL, $uid);
+ Worker::add(Worker::PRIORITY_HIGH, 'Notifier', Delivery::REMOVAL, $uid);
// Send an update to the directory
$self = DBA::selectFirst('contact', ['url'], ['uid' => $uid, 'self' => true]);
- Worker::add(PRIORITY_LOW, 'Directory', $self['url']);
+ Worker::add(Worker::PRIORITY_LOW, 'Directory', $self['url']);
// Remove the user relevant data
- Worker::add(PRIORITY_NEGLIGIBLE, 'RemoveUser', $uid);
+ Worker::add(Worker::PRIORITY_NEGLIGIBLE, 'RemoveUser', $uid);
return true;
}