X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=actions%2Fapiaccountregister.php;h=9926fc8cf933762c0fd476c94203214d086a0588;hb=ed4fa719863a6a8a167322d02eda94cab77a8b15;hp=7d038b20dc2cf806ed460599dcb83992d10ecb28;hpb=8912cdc7a4acaeaea3b2b323efc86333ffd5ef63;p=quix0rs-gnu-social.git diff --git a/actions/apiaccountregister.php b/actions/apiaccountregister.php index 7d038b20dc..9926fc8cf9 100644 --- a/actions/apiaccountregister.php +++ b/actions/apiaccountregister.php @@ -1,5 +1,5 @@ . * * @category API - * @package GNUSocial + * @package GNUsocial * @author Hannes Mannerheim * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://www.gnu.org/software/social/ @@ -42,10 +42,10 @@ class ApiAccountRegisterAction extends ApiAction */ var $registered = false; - /** - * Are we processing an invite? - */ - var $invite = null; + protected $needPost = true; + + protected $code = null; // invite code + protected $invite = null; // invite to-be-stored /** * Take arguments for running @@ -54,11 +54,41 @@ class ApiAccountRegisterAction extends ApiAction * * @return boolean success flag */ - function prepare($args) + protected function prepare(array $args=array()) { parent::prepare($args); + + if ($this->format !== 'json') { + $this->clientError('This method currently only serves JSON.', 415); + } + $this->code = $this->trimmed('code'); + return true; + } + + /** + * Handle the request + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + protected function handle() + { + parent::handle(); + + $nickname = $this->trimmed('nickname'); + $email = $this->trimmed('email'); + $fullname = $this->trimmed('fullname'); + $homepage = $this->trimmed('homepage'); + $bio = $this->trimmed('bio'); + $location = $this->trimmed('location'); + + // We don't trim these... whitespace is OK in a password! + $password = $this->arg('password'); + $confirm = $this->arg('confirm'); + if (empty($this->code)) { common_ensure_session(); if (array_key_exists('invitecode', $_SESSION)) { @@ -68,164 +98,88 @@ class ApiAccountRegisterAction extends ApiAction if (common_config('site', 'inviteonly') && empty($this->code)) { // TRANS: Client error displayed when trying to register to an invite-only site without an invitation. - $this->clientError(_('Sorry, only invited people can register.'),404,'json'); - return false; + $this->clientError(_('Sorry, only invited people can register.'), 401); } if (!empty($this->code)) { - $this->invite = Invitation::staticGet('code', $this->code); + $this->invite = Invitation::getKV('code', $this->code); if (empty($this->invite)) { // TRANS: Client error displayed when trying to register to an invite-only site without a valid invitation. - $this->clientError(_('Sorry, invalid invitation code.'),404,'json'); - return false; + $this->clientError(_('Sorry, invalid invitation code.'), 401); } // Store this in case we need it common_ensure_session(); $_SESSION['invitecode'] = $this->code; } - return true; - } - - /** - * Handle the request - * - * @param array $args $_REQUEST data (unused) - * - * @return void - */ - function handle($args) - { - parent::handle($args); + // Input scrubbing + try { + $nickname = Nickname::normalize($nickname, true); + } catch (NicknameException $e) { + // clientError handles Api exceptions with various formats and stuff + $this->clientError($e->getMessage(), $e->getCode()); + } - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->clientError( - _('This method requires a POST.'), - 400, $this->format - ); - return; + $email = common_canonical_email($email); + if ($email && !Validate::email($email, common_config('email', 'check_domain'))) { + // TRANS: Form validation error displayed when trying to register without a valid e-mail address. + $this->clientError(_('Not a valid email address.'), 400); + } else if ($this->emailExists($email)) { + // TRANS: Form validation error displayed when trying to register with an already registered e-mail address. + $this->clientError(_('Email address already exists.'), 400); + } else if (!is_null($homepage) && (strlen($homepage) > 0) && + !common_valid_http_url($homepage)) { + // TRANS: Form validation error displayed when trying to register with an invalid homepage URL. + $this->clientError(_('Homepage is not a valid URL.'), 400); + } else if (!is_null($fullname) && mb_strlen($fullname) > 255) { + // TRANS: Form validation error displayed when trying to register with a too long full name. + $this->clientError(_('Full name is too long (maximum 255 characters).'), 400); + } else if (Profile::bioTooLong($bio)) { + // TRANS: Form validation error on registration page when providing too long a bio text. + // TRANS: %d is the maximum number of characters for bio; used for plural. + $this->clientError(sprintf(_m('Bio is too long (maximum %d character).', + 'Bio is too long (maximum %d characters).', + Profile::maxBio()), + Profile::maxBio()), 400); + } else if (!is_null($location) && mb_strlen($location) > 255) { + // TRANS: Form validation error displayed when trying to register with a too long location. + $this->clientError(_('Location is too long (maximum 255 characters).'), 400); + } else if (strlen($password) < 6) { + // TRANS: Form validation error displayed when trying to register with too short a password. + $this->clientError(_('Password must be 6 or more characters.'), 400); + } else if ($password != $confirm) { + // TRANS: Form validation error displayed when trying to register with non-matching passwords. + $this->clientError(_('Passwords do not match.'), 400); } else { - - $nickname = $this->trimmed('nickname'); - $email = $this->trimmed('email'); - $fullname = $this->trimmed('fullname'); - $homepage = $this->trimmed('homepage'); - $bio = $this->trimmed('bio'); - $location = $this->trimmed('location'); - - // We don't trim these... whitespace is OK in a password! - $password = $this->arg('password'); - $confirm = $this->arg('confirm'); - - // invitation code, if any - $code = $this->trimmed('code'); - - if ($code) { - $invite = Invitation::staticGet($code); - } + + // annoy spammers + sleep(7); + + if ($user = User::register(array('nickname' => $nickname, + 'password' => $password, + 'email' => $email, + 'fullname' => $fullname, + 'homepage' => $homepage, + 'bio' => $bio, + 'location' => $location, + 'code' => $code))) { + if (!$user) { + // TRANS: Form validation error displayed when trying to register with an invalid username or password. + $this->clientError(_('Invalid username or password.'), 400); + } - if (common_config('site', 'inviteonly') && !($code && $invite)) { - // TRANS: Client error displayed when trying to register to an invite-only site without an invitation. - $this->clientError(_('Sorry, only invited people can register.'),404,'json'); - return; - } + Event::handle('EndRegistrationTry', array($this)); - // Input scrubbing - try { - $nickname = Nickname::normalize($nickname); - } catch (NicknameException $e) { - $this->showForm($e->getMessage()); - } - $email = common_canonical_email($email); - - if ($email && !Validate::email($email, common_config('email', 'check_domain'))) { - // TRANS: Form validation error displayed when trying to register without a valid e-mail address. - $this->clientError(_('Not a valid email address.'),404,'json'); - } else if ($this->nicknameExists($nickname)) { - // TRANS: Form validation error displayed when trying to register with an existing nickname. - $this->clientError(_('Nickname already in use. Try another one.'),404,'json'); - } else if (!User::allowed_nickname($nickname)) { - // TRANS: Form validation error displayed when trying to register with an invalid nickname. - $this->clientError(_('Not a valid nickname.'),404,'json'); - } else if ($this->emailExists($email)) { - // TRANS: Form validation error displayed when trying to register with an already registered e-mail address. - $this->clientError(_('Email address already exists.'),404,'json'); - } else if (!is_null($homepage) && (strlen($homepage) > 0) && - !common_valid_http_url($homepage)) { - // TRANS: Form validation error displayed when trying to register with an invalid homepage URL. - $this->clientError(_('Homepage is not a valid URL.'),404,'json'); - return; - } else if (!is_null($fullname) && mb_strlen($fullname) > 255) { - // TRANS: Form validation error displayed when trying to register with a too long full name. - $this->clientError(_('Full name is too long (maximum 255 characters).'),404,'json'); - return; - } else if (Profile::bioTooLong($bio)) { - // TRANS: Form validation error on registration page when providing too long a bio text. - // TRANS: %d is the maximum number of characters for bio; used for plural. - $this->clientError(sprintf(_m('Bio is too long (maximum %d character).', - 'Bio is too long (maximum %d characters).', - Profile::maxBio()), - Profile::maxBio()),404,'json'); - return; - } else if (!is_null($location) && mb_strlen($location) > 255) { - // TRANS: Form validation error displayed when trying to register with a too long location. - $this->clientError(_('Location is too long (maximum 255 characters).'),404,'json'); - return; - } else if (strlen($password) < 6) { - // TRANS: Form validation error displayed when trying to register with too short a password. - $this->clientError(_('Password must be 6 or more characters.'),404,'json'); - return; - } else if ($password != $confirm) { - // TRANS: Form validation error displayed when trying to register with non-matching passwords. - $this->clientError(_('Passwords do not match.'),404,'json'); - } else { - - // annoy spammers - sleep(7); - - if ($user = User::register(array('nickname' => $nickname, - 'password' => $password, - 'email' => $email, - 'fullname' => $fullname, - 'homepage' => $homepage, - 'bio' => $bio, - 'location' => $location, - 'code' => $code))) { - if (!$user) { - // TRANS: Form validation error displayed when trying to register with an invalid username or password. - $this->clientError(_('Invalid username or password.'),404,'json'); - return; - } - - Event::handle('EndRegistrationTry', array($this)); - - $this->initDocument('json'); - $this->showJsonObjects($this->twitterUserArray($user->getProfile())); - $this->endDocument('json'); - - } else { - // TRANS: Form validation error displayed when trying to register with an invalid username or password. - $this->clientError(_('Invalid username or password.'),404,'json'); - } - } - } - } - + $this->initDocument('json'); + $this->showJsonObjects($this->twitterUserArray($user->getProfile())); + $this->endDocument('json'); - /** - * Does the given nickname already exist? - * - * Checks a canonical nickname against the database. - * - * @param string $nickname nickname to check - * - * @return boolean true if the nickname already exists - */ - function nicknameExists($nickname) - { - $user = User::staticGet('nickname', $nickname); - return is_object($user); + } else { + // TRANS: Form validation error displayed when trying to register with an invalid username or password. + $this->clientError(_('Invalid username or password.'), 400); + } + } } /** @@ -243,7 +197,7 @@ class ApiAccountRegisterAction extends ApiAction if (!$email || strlen($email) == 0) { return false; } - $user = User::staticGet('email', $email); + $user = User::getKV('email', $email); return is_object($user); }