X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModel%2FUser.php;h=4dca908b61fdf93cdac24878df78d6f6dcb92b69;hb=daa1177e3a1e42b4c95e0a8759f1610942b952c7;hp=9b0f409e11b150b6b39e279655a5553c29fdcb7f;hpb=ac67f3c1547c8a370cb21a98d2559bb8a98381bd;p=friendica.git diff --git a/src/Model/User.php b/src/Model/User.php index 9b0f409e11..4dca908b61 100644 --- a/src/Model/User.php +++ b/src/Model/User.php @@ -6,22 +6,19 @@ namespace Friendica\Model; use DivineOmega\PasswordExposed\PasswordStatus; +use Exception; use Friendica\Core\Addon; use Friendica\Core\Config; use Friendica\Core\L10n; use Friendica\Core\PConfig; use Friendica\Core\System; use Friendica\Core\Worker; +use Friendica\Database\dba; use Friendica\Database\DBM; -use Friendica\Model\Contact; -use Friendica\Model\Group; -use Friendica\Model\Photo; use Friendica\Object\Image; use Friendica\Util\Crypto; use Friendica\Util\DateTimeFormat; use Friendica\Util\Network; -use dba; -use Exception; use LightOpenID; use function password_exposed; @@ -65,6 +62,21 @@ class User return $r; } + /** + * @brief Get owner data by nick name + * + * @param int $nick + * @return boolean|array + */ + public static function getOwnerDataByNick($nick) + { + $user = dba::selectFirst('user', ['uid'], ['nickname' => $nick]); + if (!DBM::is_result($user)) { + return false; + } + return self::getOwnerDataById($user['uid']); + } + /** * @brief Returns the default group for a given user and network * @@ -196,18 +208,11 @@ class User ] ); } else { - $user = dba::fetch_first('SELECT `uid`, `password`, `legacy_password` - FROM `user` - WHERE (`email` = ? OR `username` = ? OR `nickname` = ?) - AND `blocked` = 0 - AND `account_expired` = 0 - AND `account_removed` = 0 - AND `verified` = 1 - LIMIT 1', - $user_info, - $user_info, - $user_info - ); + $fields = ['uid', 'password', 'legacy_password']; + $condition = ["(`email` = ? OR `username` = ? OR `nickname` = ?) + AND NOT `blocked` AND NOT `account_expired` AND NOT `account_removed` AND `verified`", + $user_info, $user_info, $user_info]; + $user = dba::selectFirst('user', $fields, $condition); } if (!DBM::is_result($user)) { @@ -296,6 +301,33 @@ class User return dba::update('user', $fields, ['uid' => $uid]); } + /** + * @brief Checks if a nickname is in the list of the forbidden nicknames + * + * Check if a nickname is forbidden from registration on the node by the + * admin. Forbidden nicknames (e.g. role namess) can be configured in the + * admin panel. + * + * @param string $nickname The nickname that should be checked + * @return boolean True is the nickname is blocked on the node + */ + public static function isNicknameBlocked($nickname) + { + $forbidden_nicknames = Config::get('system', 'forbidden_nicknames', ''); + // if the config variable is empty return false + if (!x($forbidden_nicknames)) { + return false; + } + // check if the nickname is in the list of blocked nicknames + $forbidden = explode(',', $forbidden_nicknames); + $forbidden = array_map('trim', $forbidden); + if (in_array(strtolower($nickname), $forbidden)) { + return true; + } + // else return false + return false; + } + /** * @brief Catch-all user creation function * @@ -331,6 +363,7 @@ class User $confirm = x($data, 'confirm') ? trim($data['confirm']) : ''; $blocked = x($data, 'blocked') ? intval($data['blocked']) : 0; $verified = x($data, 'verified') ? intval($data['verified']) : 0; + $language = x($data, 'language') ? notags(trim($data['language'])) : 'en'; $publish = x($data, 'profile_publish_reg') && intval($data['profile_publish_reg']) ? 1 : 0; $netpublish = strlen(Config::get('system', 'directory')) ? $publish : 0; @@ -408,6 +441,9 @@ class User if (!valid_email($email) || !Network::isEmailDomainValid($email)) { throw new Exception(L10n::t('Not a valid email address.')); } + if (self::isNicknameBlocked($nickname)) { + throw new Exception(L10n::t('The nickname was blocked from registration by the nodes admin.')); + } if (Config::get('system', 'block_extended_register', false) && dba::exists('user', ['email' => $email])) { throw new Exception(L10n::t('Cannot use that email.')); @@ -415,8 +451,8 @@ class User // Disallow somebody creating an account using openid that uses the admin email address, // since openid bypasses email verification. We'll allow it if there is not yet an admin account. - if (x($a->config, 'admin_email') && strlen($openid_url)) { - $adminlist = explode(',', str_replace(' ', '', strtolower($a->config['admin_email']))); + if (Config::get('config', 'admin_email') && strlen($openid_url)) { + $adminlist = explode(',', str_replace(' ', '', strtolower(Config::get('config', 'admin_email')))); if (in_array(strtolower($email), $adminlist)) { throw new Exception(L10n::t('Cannot use that email.')); } @@ -466,6 +502,7 @@ class User 'sprvkey' => $sprvkey, 'verified' => $verified, 'blocked' => $blocked, + 'language' => $language, 'timezone' => 'UTC', 'register_date' => DateTimeFormat::utcNow(), 'default-location' => ''