]> git.mxchange.org Git - friendica.git/commitdiff
projects / friendica.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c07af2a)
Ensure register records aren't created with uid = 0
authorHypolite Petovan <hypolite@mrpetovan.com>
Fri, 18 Nov 2022 21:04:02 +0000 (16:04 -0500)
committerHypolite Petovan <hypolite@mrpetovan.com>
Fri, 18 Nov 2022 21:04:02 +0000 (16:04 -0500)
- uid = 0 matches system account and public contact records, giving unexpected display in pending user list. More importantly, the originally created user can't be approved since its user id is lost.

src/Model/Register.php patch | blob | history
src/Module/Register.php patch | blob | history

diff --git a/src/Model/Register.php b/src/Model/Register.php
index c24e66d4d07dd67a33cfb7f1523289dd1cfadce5..396524673180ffebb13852da2d92a2055be01a07 100644 (file)
--- a/src/Model/Register.php
+++ b/src/Model/Register.php
@@ -23,6 +23,7 @@ namespace Friendica\Model;
 
 use Friendica\Content\Pager;
 use Friendica\Database\DBA;
+use Friendica\Network\HTTPException;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Strings;
 
@@ -113,21 +114,27 @@ class Register
        }
 
        /**
-        * Creates a register record for approval and returns the success of the database insert
+        * Creates a register record for approval
         * Checks for the existence of the provided user id
         *
-        * @param  integer $uid      The ID of the user needing approval
-        * @param  string  $language The registration language
-        * @param  string  $note     An additional message from the user
-        * @return boolean
-        * @throws \Exception
+        * @param integer $uid      The ID of the user needing approval
+        * @param string  $language The registration language
+        * @param string  $note     An additional message from the user
+        * @return void
+        * @throws \OutOfBoundsException
+        * @throws HTTPException\InternalServerErrorException
+        * @throws HTTPException\NotFoundException
         */
-       public static function createForApproval(int $uid, string $language, string $note = ''): bool
+       public static function createForApproval(int $uid, string $language, string $note = ''): void
        {
                $hash = Strings::getRandomHex();
 
+               if (!$uid) {
+                       throw new \OutOfBoundsException("User ID can't be empty");
+               }
+
                if (!User::exists($uid)) {
-                       return false;
+                       throw new HTTPException\NotFoundException("User ID doesn't exist");
                }
 
                $fields = [
@@ -139,7 +146,9 @@ class Register
                        'note'     => $note
                ];
 
-               return DBA::insert('register', $fields);
+               if (!DBA::insert('register', $fields)) {
+                       throw new HTTPException\InternalServerErrorException('Unable to insert a `register` record');
+               }
        }
 
        /**
diff --git a/src/Module/Register.php b/src/Module/Register.php
index b71fb777c593cc6bc38ec954a4f32a697a78639c..cd963c17a59116bf9bdaeb90b0f90be792974f7d 100644 (file)
--- a/src/Module/Register.php
+++ b/src/Module/Register.php
@@ -353,6 +353,7 @@ class Register extends BaseModule
                        }
                } elseif (intval(DI::config()->get('config', 'register_policy')) === self::APPROVE) {
                        if (!User::getAdminEmailList()) {
+                               $this->logger->critical('Registration policy is set to APPROVE but no admin email address has been set in config.admin_email');
                                DI::sysmsg()->addNotice(DI::l10n()->t('Your registration can not be processed.'));
                                DI::baseUrl()->redirect();
                        }
@@ -362,10 +363,17 @@ class Register extends BaseModule
                                DI::sysmsg()->addNotice(DI::l10n()->t('You have to leave a request note for the admin.')
                                        . DI::l10n()->t('Your registration can not be processed.'));
 
-                               DI::baseUrl()->redirect('register/');
+                               $this->baseUrl->redirect('register');
                        }
 
-                       Model\Register::createForApproval($user['uid'], DI::config()->get('system', 'language'), $_POST['permonlybox']);
+                       try {
+                               Model\Register::createForApproval($user['uid'], DI::config()->get('system', 'language'), $_POST['permonlybox']);
+                       } catch (\Throwable $e) {
+                               $this->logger->error('Unable to create a `register` record.', ['user' => $user]);
+                               DI::sysmsg()->addNotice(DI::l10n()->t('An internal error occured.')
+                                       . DI::l10n()->t('Your registration can not be processed.'));
+                               $this->baseUrl->redirect('register');
+                       }
 
                        // invite system
                        if ($using_invites && $invite_id) {
Unnamed repository; edit this file 'description' to name the repository.