X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModel%2FUser.php;h=dc5702b6055214cafd68241b196414845b430c73;hb=1e96faca4c9825bf6a8d8a50dc37498b764b9a3d;hp=76769e14c78debdc8ea3003fc414276ac4e40988;hpb=4714cb746b6fb8e7bc4ae9676866c9da37af75af;p=friendica.git

diff --git a/src/Model/User.php b/src/Model/User.php
index 76769e14c7..dc5702b605 100644
--- a/src/Model/User.php
+++ b/src/Model/User.php
@@ -211,18 +211,11 @@ class User
 					]
 				);
 			} else {
-				$user = dba::fetch_first('SELECT `uid`, `password`, `legacy_password`
-					FROM `user`
-					WHERE (`email` = ? OR `username` = ? OR `nickname` = ?)
-					AND `blocked` = 0
-					AND `account_expired` = 0
-					AND `account_removed` = 0
-					AND `verified` = 1
-					LIMIT 1',
-					$user_info,
-					$user_info,
-					$user_info
-				);
+				$fields = ['uid', 'password', 'legacy_password'];
+				$condition = ["(`email` = ? OR `username` = ? OR `nickname` = ?)
+					AND NOT `blocked` AND NOT `account_expired` AND NOT `account_removed` AND `verified`",
+					$user_info, $user_info, $user_info];
+				$user = dba::selectFirst('user', $fields, $condition);
 			}
 
 			if (!DBM::is_result($user)) {
@@ -311,6 +304,33 @@ class User
 		return dba::update('user', $fields, ['uid' => $uid]);
 	}
 
+	/**
+	 * @brief Checks if a nickname is in the list of the forbidden nicknames
+	 *
+	 * Check if a nickname is forbidden from registration on the node by the
+	 * admin. Forbidden nicknames (e.g. role namess) can be configured in the
+	 * admin panel.
+	 *
+	 * @param string $nickname The nickname that should be checked
+	 * @return boolean True is the nickname is blocked on the node
+	 */
+	public static function isNicknameBlocked($nickname)
+	{
+		$forbidden_nicknames = Config::get('system', 'forbidden_nicknames', '');
+		// if the config variable is empty return false
+		if (!x($forbidden_nicknames)) {
+			return false;
+		}
+		// check if the nickname is in the list of blocked nicknames
+		$forbidden = explode(',', $forbidden_nicknames);
+		$forbidden = array_map('trim', $forbidden);
+		if (in_array(strtolower($nickname), $forbidden)) {
+			return true;
+		}
+		// else return false
+		return false;
+	}
+
 	/**
 	 * @brief Catch-all user creation function
 	 *
@@ -424,6 +444,9 @@ class User
 		if (!valid_email($email) || !Network::isEmailDomainValid($email)) {
 			throw new Exception(L10n::t('Not a valid email address.'));
 		}
+		if (self::isNicknameBlocked($nickname)) {
+			throw new Exception(L10n::t('The nickname was blocked from registration by the nodes admin.'));
+		}
 
 		if (Config::get('system', 'block_extended_register', false) && dba::exists('user', ['email' => $email])) {
 			throw new Exception(L10n::t('Cannot use that email.'));