X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fregister.php;h=fc729a29bfbb819bc4f0992ff8e3b9146fc65b2c;hb=de56ccca07e19c5163792c210ff5f6130e91d892;hp=2fa66338902a73baf9dd0f51beb3f70c7c63ecf9;hpb=3f5ededc01d8eedac2a9a75917849fbe78a3e701;p=quix0rs-gnu-social.git

diff --git a/actions/register.php b/actions/register.php
index 2fa6633890..fc729a29bf 100644
--- a/actions/register.php
+++ b/actions/register.php
@@ -1,18 +1,18 @@
 <?php
-/* 
+/*
  * Laconica - a distributed open-source microblogging tool
  * Copyright (C) 2008, Controlez-Vous, Inc.
- * 
+ *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as published by
  * the Free Software Foundation, either version 3 of the License, or
  * (at your option) any later version.
- * 
+ *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU Affero General Public License for more details.
- * 
+ *
  * You should have received a copy of the GNU Affero General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
@@ -20,10 +20,10 @@
 if (!defined('LACONICA')) { exit(1); }
 
 class RegisterAction extends Action {
-	
+
 	function handle($args) {
 		parent::handle($args);
-		
+
 		if (common_logged_in()) {
 			common_user_error(_t('Already logged in.'));
 		} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
@@ -34,18 +34,27 @@ class RegisterAction extends Action {
 	}
 
 	function try_register() {
-		$nickname = $this->arg('nickname');
+		$nickname = $this->trimmed('nickname');
+		$email = $this->trimmed('email');
+		
+		# We don't trim these... whitespace is OK in a password!
+		
 		$password = $this->arg('password');
 		$confirm = $this->arg('confirm');
-		$email = $this->arg('email');
 
 		# Input scrubbing
-		
+
 		$nickname = common_canonical_nickname($nickname);
 		$email = common_canonical_email($email);
-		
-		if ($this->nickname_exists($nickname)) {
-			$this->show_form(_t('Username already exists.'));
+
+		if (!Validate::email($email, true)) {
+			$this->show_form(_t('Not a valid email address.'));
+		} else if (!Validate::string($nickname, array('min_length' => 1,
+													  'max_length' => 64,
+													  'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
+			$this->show_form(_t('Nickname must have only letters and numbers and no spaces.'));
+		} else if ($this->nickname_exists($nickname)) {
+			$this->show_form(_t('Nickname already exists.'));
 		} else if ($this->email_exists($email)) {
 			$this->show_form(_t('Email address already exists.'));
 		} else if ($password != $confirm) {
@@ -63,14 +72,14 @@ class RegisterAction extends Action {
 	}
 
 	# checks if *CANONICAL* nickname exists
-	
+
 	function nickname_exists($nickname) {
 		$user = User::staticGet('nickname', $nickname);
 		return ($user !== false);
 	}
 
 	# checks if *CANONICAL* email exists
-	
+
 	function email_exists($email) {
 		$email = common_canonical_email($email);
 		$user = User::staticGet('email', $email);
@@ -83,12 +92,7 @@ class RegisterAction extends Action {
 		$profile->nickname = $nickname;
 		$profile->profileurl = common_profile_url($nickname);
 		$profile->created = DB_DataObject_Cast::dateTime(); # current time
-		
-		$val = $profile->validate();
-		if ($val !== TRUE) {
-			# XXX: some feedback here, please!
-			return FALSE;
-		}
+
 		$id = $profile->insert();
 		if (!$id) {
 			return FALSE;
@@ -99,14 +103,7 @@ class RegisterAction extends Action {
 		$user->password = common_munge_password($password, $id);
 		$user->email = $email;
 		$user->created =  DB_DataObject_Cast::dateTime(); # current time
-		
-		$val = $user->validate();
-		if ($val !== TRUE) {
-			# XXX: some feedback here, please!
-			# Try to clean up...
-			$profile->delete();
-			return FALSE;
-		}
+		$user->uri = common_mint_tag('user:'.$id);
 		
 		$result = $user->insert();
 		if (!$result) {
@@ -115,9 +112,9 @@ class RegisterAction extends Action {
 		}
 		return $result;
 	}
-	
+
 	function show_form($error=NULL) {
-		
+
 		common_show_header(_t('Register'));
 		common_element_start('form', array('method' => 'POST',
 										   'id' => 'login',