X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=inline;f=mod%2Fregister.php;h=fcc9ebcab522fbf8585d2a838b9ee04c05060fd3;hb=011e0c3f8142e3976a4d386fce066c802d4727ab;hp=d9dae49a22bb0484ce95cc4aba78c0f8f4b5a7cb;hpb=f60f82727f96c033aaff9f5b5f0767c722e25f28;p=friendica.git diff --git a/mod/register.php b/mod/register.php index d9dae49a22..fcc9ebcab5 100644 --- a/mod/register.php +++ b/mod/register.php @@ -37,8 +37,13 @@ function register_post(&$a) { $openid_url = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : ''); $photo = ((x($_POST,'photo')) ? notags(trim($_POST['photo'])) : ''); + $tmp_str = $openid_url; if((! x($username)) || (! x($email)) || (! x($nickname))) { if($openid_url) { + if(! validate_url($tmp_str)) { + notice( t('Invalid OpenID url') . EOL); + return; + } $_SESSION['register'] = 1; $_SESSION['openid'] = $openid_url; require_once('library/openid.php'); @@ -82,6 +87,12 @@ function register_post(&$a) { if((! valid_email($email)) || (! validate_email($email))) $err .= t('Not a valid email address.') . EOL; + // Disallow somebody creating an account using openid that uses the admin email address, + // since openid bypasses email verification. + + if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) + $err .= t('Cannot use that email.') . EOL; + $nickname = $_POST['nickname'] = strtolower($nickname); if(! preg_match("/^[a-z][a-z0-9\-\_]*$/",$nickname)) @@ -123,7 +134,20 @@ function register_post(&$a) { $pkey = openssl_pkey_get_details($res); $pubkey = $pkey["key"]; + /** + * + * Create another keypair for signing/verifying + * salmon protocol messages. We have to use a slightly + * less robust key because this won't be using openssl + * but the phpseclib. Since it is PHP interpreted code + * it is not nearly as efficient, and the larger keys + * will take several minutes each to process. + * + */ + $sres=openssl_pkey_new(array( + 'digest_alg' => 'sha1', + 'private_key_bits' => 512, 'encrypt_key' => false )); // Get private key @@ -357,6 +381,9 @@ function register_content(&$a) { $oidlabel = t("Your OpenID \x28optional\x29: "); } + $license = t('Shared content is covered by the Creative Commons Attribution 3.0 license.'); + + $o = load_view_file("view/register.tpl"); $o = replace_macros($o, array( '$oidhtml' => $oidhtml, @@ -377,6 +404,7 @@ function register_content(&$a) { '$username' => $username, '$email' => $email, '$nickname' => $nickname, + '$license' => $license, '$sitename' => $a->get_hostname() )); return $o;