X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=install.php;h=9a7e27fa2c9c50b310c7e5ae0abf2c936cccf976;hb=cbf321eeb371fecdb069a33301629a6d045425f1;hp=7fece8999fe7bcf3ee644086c5543e114d807f69;hpb=3b0bdc0ae2730f9dc8ad4772fa5a65dae351b976;p=quix0rs-gnu-social.git diff --git a/install.php b/install.php index 7fece8999f..9a7e27fa2c 100644 --- a/install.php +++ b/install.php @@ -308,7 +308,7 @@ function checkPrereqs() printf('

PHP is linked to a version of the PCRE library ' . 'that does not support Unicode properties. ' . 'If you are running Red Hat Enterprise Linux / ' . - 'CentOS 5.3 or earlier, see our documentation page on fixing this.

'); $pass = false; @@ -483,6 +483,7 @@ function showForm() $dbRadios .= " $info[name]
\n"; } } + echo<< @@ -559,6 +560,11 @@ function showForm()

Optional email address for the initial StatusNet user (administrator)

+
  • + + +

    Release and security feed from update@status.net (recommended)

    +
    • @@ -583,10 +589,11 @@ function handlePost() $sitename = $_POST['sitename']; $fancy = !empty($_POST['fancy']); - $adminNick = $_POST['admin_nickname']; + $adminNick = strtolower($_POST['admin_nickname']); $adminPass = $_POST['admin_password']; $adminPass2 = $_POST['admin_password2']; $adminEmail = $_POST['admin_email']; + $adminUpdates = $_POST['admin_updates']; $server = $_SERVER['HTTP_HOST']; $path = substr(dirname($_SERVER['PHP_SELF']), 1); @@ -623,6 +630,19 @@ STR; updateStatus("No initial StatusNet user nickname specified.", true); $fail = true; } + if ($adminNick && !preg_match('/^[0-9a-z]{1,64}$/', $adminNick)) { + updateStatus('The user nickname "' . htmlspecialchars($adminNick) . + '" is invalid; should be plain letters and numbers no longer than 64 characters.', true); + $fail = true; + } + // @fixme hardcoded list; should use User::allowed_nickname() + // if/when it's safe to have loaded the infrastructure here + $blacklist = array('main', 'admin', 'twitter', 'settings', 'rsd.xml', 'favorited', 'featured', 'favoritedrss', 'featuredrss', 'rss', 'getfile', 'api', 'groups', 'group', 'peopletag', 'tag', 'user', 'message', 'conversation', 'bookmarklet', 'notice', 'attachment', 'search', 'index.php', 'doc', 'opensearch', 'robots.txt', 'xd_receiver.html', 'facebook'); + if (in_array($adminNick, $blacklist)) { + updateStatus('The user nickname "' . htmlspecialchars($adminNick) . + '" is reserved.', true); + $fail = true; + } if (empty($adminPass)) { updateStatus("No initial StatusNet user password specified.", true); @@ -657,7 +677,7 @@ STR; } // Okay, cross fingers and try to register an initial user - if (registerInitialUser($adminNick, $adminPass, $adminEmail)) { + if (registerInitialUser($adminNick, $adminPass, $adminEmail, $adminUpdates)) { updateStatus( "An initial user with the administrator role has been created." ); @@ -854,7 +874,7 @@ function runDbScript($filename, $conn, $type = 'mysqli') return true; } -function registerInitialUser($nickname, $password, $email) +function registerInitialUser($nickname, $password, $email, $adminUpdates) { define('STATUSNET', true); define('LACONICA', true); // compatibility @@ -882,7 +902,7 @@ function registerInitialUser($nickname, $password, $email) // Attempt to do a remote subscribe to update@status.net // Will fail if instance is on a private network. - if (class_exists('Ostatus_profile')) { + if (class_exists('Ostatus_profile') && $adminUpdates) { try { $oprofile = Ostatus_profile::ensureProfile('http://update.status.net/'); Subscription::start($user->getProfile(), $oprofile->localProfile());