X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModel%2FUser.php;h=029613b17b0b692e19e3301fcd6d2b841d54640e;hb=8bdfdc7d52e149edb711c6d238c1f7593e237e83;hp=8a9f0a93042737cb1efa63952c10f1fbb05b4421;hpb=c89241dbd80b1b0503e239f8b468e6efbcb79802;p=friendica.git

diff --git a/src/Model/User.php b/src/Model/User.php
index 8a9f0a9304..029613b17b 100644
--- a/src/Model/User.php
+++ b/src/Model/User.php
@@ -312,8 +312,8 @@ class User
 	 */
 	public static function getIdForURL(string $url)
 	{
-		// Avoid any database requests when the hostname isn't even part of the url.
-		if (!strpos($url, DI::baseUrl()->getHostname())) {
+		// Avoid database queries when the local node hostname isn't even part of the url.
+		if (!Contact::isLocal($url)) {
 			return 0;
 		}
 
@@ -523,19 +523,18 @@ class User
 		try {
 			$user = self::getAuthenticationInfo($user_info);
 		} catch (Exception $e) {
-			// Addons can create users, and creating a numeric username would create
+			$username = (is_string($user_info) ? $user_info : $user_info['nickname'] ?? '');
+
+			// Addons can create users, and since this 'catch' branch should only
+			// execute if getAuthenticationInfo can't find an existing user, that's
+			// exactly what will happen here. Creating a numeric username would create
 			// abiguity with user IDs, possibly opening up an attack vector.
 			// So let's be very careful about that.
-			if (is_numeric($user_info) || is_numeric($user_info['nickname'] ?? '')) {
+			if (empty($username) || is_numeric($username)) {
 				throw $e;
 			}
 
-			$username = (is_string($user_info) ? $user_info : $user_info['nickname'] ?? '');
-
-			if (!$username) {
-				throw $e;
-			}
-			return self::getIdFromAuthenticateHooks($user_info, $password);
+			return self::getIdFromAuthenticateHooks($username, $password);
 		}
 
 		if ($third_party && DI::pConfig()->get($user['uid'], '2fa', 'verified')) {
@@ -582,7 +581,8 @@ class User
 	 * @return int User Id if authentication is successful
 	 * @throws HTTPException\ForbiddenException
 	 */
-	public static function getIdFromAuthenticateHooks($username, $password) {
+	public static function getIdFromAuthenticateHooks($username, $password)
+	{
 		$addon_auth = [
 			'username'      => $username,
 			'password'      => $password,
@@ -1123,6 +1123,8 @@ class User
 					Photo::update(['profile' => 1], ['resource-id' => $resource_id]);
 				}
 			}
+
+			Contact::updateSelfFromUserID($uid, true);
 		}
 
 		Hook::callAll('register_account', $uid);