X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=src%2FModel%2FUser.php;h=11d55e7f7e26529fa507f8ddacd2b5a60124b385;hb=c5ca5bfdf84f6fb5e4ba4d8509df25c58aeb516a;hp=73c380561c9c80786e5a98e8f615da7da7dced95;hpb=fe547b7851e5175aed1e9335f265ea25b24bca7c;p=friendica.git diff --git a/src/Model/User.php b/src/Model/User.php index 73c380561c..11d55e7f7e 100644 --- a/src/Model/User.php +++ b/src/Model/User.php @@ -1,6 +1,6 @@ get(); + $system['homepage'] = DI::baseUrl(); $system['dob'] = '0000-00-00'; // Ensure that the user contains data @@ -218,7 +220,7 @@ class User 'self' => true, 'network' => Protocol::ACTIVITYPUB, 'name' => 'System Account', - 'addr' => $system_actor_name . '@' . DI::baseUrl()->getHostname(), + 'addr' => $system_actor_name . '@' . DI::baseUrl()->getHost(), 'nick' => $system_actor_name, 'url' => DI::baseUrl() . '/friendica', 'pubkey' => $keys['pubkey'], @@ -527,7 +529,7 @@ class User // Addons can create users, and since this 'catch' branch should only // execute if getAuthenticationInfo can't find an existing user, that's // exactly what will happen here. Creating a numeric username would create - // abiguity with user IDs, possibly opening up an attack vector. + // ambiguity with user IDs, possibly opening up an attack vector. // So let's be very careful about that. if (empty($username) || is_numeric($username)) { throw $e; @@ -665,6 +667,28 @@ class User return $user; } + /** + * Update the day of the last activity of the given user + * + * @param integer $uid + * @return void + */ + public static function updateLastActivity(int $uid) + { + $user = User::getById($uid, ['last-activity']); + if (empty($user)) { + return; + } + + $current_day = DateTimeFormat::utcNow('Y-m-d'); + + if ($user['last-activity'] != $current_day) { + User::update(['last-activity' => $current_day], $uid); + // Set the last activity for all identities of the user + DBA::update('user', ['last-activity' => $current_day], ['parent-uid' => $uid, 'account_removed' => false]); + } + } + /** * Generates a human-readable random password * @@ -734,7 +758,7 @@ class User } /** - * Allowed characters are a-z, A-Z, 0-9 and special characters except white spaces, accentuated letters and colon (:). + * Allowed characters are a-z, A-Z, 0-9 and special characters except white spaces and accentuated letters. * * Password length is limited to 72 characters if the current default password hashing algorithm is Blowfish. * From the manual: "Using the PASSWORD_BCRYPT as the algorithm, will result in the password parameter being @@ -747,13 +771,13 @@ class User */ public static function getPasswordRegExp(string $delimiter = null): string { - $allowed_characters = '!"#$%&\'()*+,-./;<=>?@[\]^_`{|}~'; + $allowed_characters = ':!"#$%&\'()*+,-./;<=>?@[\]^_`{|}~'; if ($delimiter) { $allowed_characters = preg_quote($allowed_characters, $delimiter); } - return '^[a-zA-Z0-9' . $allowed_characters . ']' . (PASSWORD_DEFAULT !== PASSWORD_BCRYPT ? '{1,72}' : '+') . '$'; + return '^[a-zA-Z0-9' . $allowed_characters . ']' . (PASSWORD_DEFAULT === PASSWORD_BCRYPT ? '{1,72}' : '+') . '$'; } /** @@ -781,7 +805,7 @@ class User } if (!preg_match('/' . self::getPasswordRegExp('/') . '/', $password)) { - throw new Exception(DI::l10n()->t('The password can\'t contain accentuated letters, white spaces or colons (:)')); + throw new Exception(DI::l10n()->t("The password can't contain white spaces nor accentuated letters")); } return self::updatePasswordHashed($uid, self::hashPassword($password)); @@ -792,14 +816,14 @@ class User * Empties the password reset token field just in case. * * @param int $uid - * @param string $pasword_hashed + * @param string $password_hashed * @return bool * @throws Exception */ - private static function updatePasswordHashed(int $uid, string $pasword_hashed): bool + private static function updatePasswordHashed(int $uid, string $password_hashed): bool { $fields = [ - 'password' => $pasword_hashed, + 'password' => $password_hashed, 'pwdreset' => null, 'pwdreset_time' => null, 'legacy_password' => false @@ -807,11 +831,27 @@ class User return DBA::update('user', $fields, ['uid' => $uid]); } + /** + * Returns if the given uid is valid and in the admin list + * + * @param int $uid + * + * @return bool + * @throws Exception + */ + public static function isSiteAdmin(int $uid): bool + { + return DBA::exists('user', [ + 'uid' => $uid, + 'email' => self::getAdminEmailList() + ]); + } + /** * Checks if a nickname is in the list of the forbidden nicknames * * Check if a nickname is forbidden from registration on the node by the - * admin. Forbidden nicknames (e.g. role namess) can be configured in the + * admin. Forbidden nicknames (e.g. role names) can be configured in the * admin panel. * * @param string $nickname The nickname that should be checked @@ -984,7 +1024,7 @@ class User $_SESSION['register'] = 1; $_SESSION['openid'] = $openid_url; - $openid = new LightOpenID(DI::baseUrl()->getHostname()); + $openid = new LightOpenID(DI::baseUrl()->getHost()); $openid->identity = $openid_url; $openid->returnUrl = DI::baseUrl() . '/openid'; $openid->required = ['namePerson/friendly', 'contact/email', 'namePerson']; @@ -1192,7 +1232,7 @@ class User $resource_id = Photo::newResource(); - // Not using Photo::PROFILE_PHOTOS here, so that it is discovered as translateble string + // Not using Photo::PROFILE_PHOTOS here, so that it is discovered as translatable string $profile_album = DI::l10n()->t('Profile Photos'); $r = Photo::store($image, $uid, 0, $resource_id, $filename, $profile_album, 4); @@ -1227,6 +1267,8 @@ class User Hook::callAll('register_account', $uid); + self::setRegisterMethodByUserCount(); + $return['user'] = $user; return $return; } @@ -1321,7 +1363,7 @@ class User $l10n, $user, DI::config()->get('config', 'sitename'), - DI::baseUrl()->get(), + DI::baseUrl(), ($register['password'] ?? '') ?: 'Sent in a previous email' ); } @@ -1335,7 +1377,7 @@ class User * permanently against re-registration, as the person was not yet * allowed to have friends on this system * - * @return bool True, if the deny was successfull + * @return bool True, if the deny was successful * @throws Exception */ public static function deny(string $hash): bool @@ -1418,7 +1460,7 @@ class User Thank you and welcome to %4$s.')); $preamble = sprintf($preamble, $user['username'], DI::config()->get('config', 'sitename')); - $body = sprintf($body, DI::baseUrl()->get(), $user['nickname'], $result['password'], DI::config()->get('config', 'sitename')); + $body = sprintf($body, DI::baseUrl(), $user['nickname'], $result['password'], DI::config()->get('config', 'sitename')); $email = DI::emailer() ->newSystemMail() @@ -1571,6 +1613,7 @@ class User // Remove the user relevant data Worker::add(Worker::PRIORITY_NEGLIGIBLE, 'RemoveUser', $uid); + self::setRegisterMethodByUserCount(); return true; } @@ -1709,8 +1752,8 @@ class User 'active_users_weekly' => 0, ]; - $userStmt = DBA::select('owner-view', ['uid', 'login_date', 'last-item'], - ["`verified` AND `login_date` > ? AND NOT `blocked` + $userStmt = DBA::select('owner-view', ['uid', 'last-activity', 'last-item'], + ["`verified` AND `last-activity` > ? AND NOT `blocked` AND NOT `account_removed` AND NOT `account_expired`", DBA::NULL_DATETIME]); if (!DBA::isResult($userStmt)) { @@ -1724,17 +1767,17 @@ class User while ($user = DBA::fetch($userStmt)) { $statistics['total_users']++; - if ((strtotime($user['login_date']) > $halfyear) || (strtotime($user['last-item']) > $halfyear) + if ((strtotime($user['last-activity']) > $halfyear) || (strtotime($user['last-item']) > $halfyear) ) { $statistics['active_users_halfyear']++; } - if ((strtotime($user['login_date']) > $month) || (strtotime($user['last-item']) > $month) + if ((strtotime($user['last-activity']) > $month) || (strtotime($user['last-item']) > $month) ) { $statistics['active_users_monthly']++; } - if ((strtotime($user['login_date']) > $week) || (strtotime($user['last-item']) > $week) + if ((strtotime($user['last-activity']) > $week) || (strtotime($user['last-item']) > $week) ) { $statistics['active_users_weekly']++; } @@ -1749,7 +1792,7 @@ class User * * @param int $start Start count (Default is 0) * @param int $count Count of the items per page (Default is @see Pager::ITEMS_PER_PAGE) - * @param string $type The type of users, which should get (all, bocked, removed) + * @param string $type The type of users, which should get (all, blocked, removed) * @param string $order Order of the user list (Default is 'contact.name') * @param bool $descending Order direction (Default is ascending) * @return array|bool The list of the users @@ -1838,4 +1881,29 @@ class User return true; }); } + + public static function setRegisterMethodByUserCount() + { + $max_registered_users = DI::config()->get('config', 'max_registered_users'); + if ($max_registered_users <= 0) { + return; + } + + $register_policy = DI::config()->get('config', 'register_policy'); + if (!in_array($register_policy, [Module\Register::OPEN, Module\Register::CLOSED])) { + Logger::debug('Unsupported register policy.', ['policy' => $register_policy]); + return; + } + + $users = DBA::count('user', ['blocked' => false, 'account_removed' => false, 'account_expired' => false]); + if (($users >= $max_registered_users) && ($register_policy == Module\Register::OPEN)) { + DI::config()->set('config', 'register_policy', Module\Register::CLOSED); + Logger::notice('Max users reached, registration is closed.', ['users' => $users, 'max' => $max_registered_users]); + } elseif (($users < $max_registered_users) && ($register_policy == Module\Register::CLOSED)) { + DI::config()->set('config', 'register_policy', Module\Register::OPEN); + Logger::notice('Below maximum users, registration is opened.', ['users' => $users, 'max' => $max_registered_users]); + } else { + Logger::debug('Unchanged register policy', ['policy' => $register_policy, 'users' => $users, 'max' => $max_registered_users]); + } + } }