From ebdf0ee99e517c6718099fda2f1b2288c42e66da Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 22 Mar 2012 01:46:52 -0700 Subject: [PATCH] prevent re-registrations using a deleted username - not an issue with Friendica but could create a serious privacy issue with federated platforms --- boot.php | 2 +- database.sql | 6 ++++++ include/Contact.php | 6 ++++++ mod/register.php | 10 ++++++++++ mod/regmod.php | 5 +++++ update.php | 11 ++++++++++- 6 files changed, 38 insertions(+), 2 deletions(-) diff --git a/boot.php b/boot.php index 910de6f82..04e16e64d 100755 --- a/boot.php +++ b/boot.php @@ -11,7 +11,7 @@ require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); define ( 'FRIENDICA_VERSION', '2.3.1288' ); define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); -define ( 'DB_UPDATE_VERSION', 1132 ); +define ( 'DB_UPDATE_VERSION', 1133 ); define ( 'EOL', "
\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); diff --git a/database.sql b/database.sql index f058bc59e..327b482c0 100755 --- a/database.sql +++ b/database.sql @@ -861,3 +861,9 @@ INDEX ( `term` ) ) ENGINE = MyISAM DEFAULT CHARSET=utf8; +CREATE TABLE IF NOT EXISTS `userd` ( +`id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , +`username` CHAR( 255 ) NOT NULL, +INDEX ( `username` ) +) ENGINE = MyISAM DEFAULT CHARSET=utf8; + diff --git a/include/Contact.php b/include/Contact.php index baccea305..d9949b1ef 100755 --- a/include/Contact.php +++ b/include/Contact.php @@ -15,6 +15,12 @@ function user_remove($uid) { call_hooks('remove_user',$r[0]); + // save username (actually the nickname as it is guaranteed + // unique), so it cannot be re-registered in the future. + + q("insert into userd ( username ) values ( '%s' )", + $r[0]['nickname'] + ); q("DELETE FROM `contact` WHERE `uid` = %d", intval($uid)); q("DELETE FROM `group` WHERE `uid` = %d", intval($uid)); diff --git a/mod/register.php b/mod/register.php index 388b3e250..6d0e2700b 100755 --- a/mod/register.php +++ b/mod/register.php @@ -150,6 +150,16 @@ function register_post(&$a) { if(count($r)) $err .= t('Nickname is already registered. Please choose another.') . EOL; + // Check deleted accounts that had this nickname. Doesn't matter to us, + // but could be a security issue for federated platforms. + + $r = q("SELECT * FROM `userd` + WHERE `username` = '%s' LIMIT 1", + dbesc($nickname) + ); + if(count($r)) + $err .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL; + if(strlen($err)) { notice( $err ); return; diff --git a/mod/regmod.php b/mod/regmod.php index 17e728ba2..21f41eb01 100755 --- a/mod/regmod.php +++ b/mod/regmod.php @@ -64,6 +64,11 @@ function user_allow($hash) { } + +// This does not have to go through user_remove() and save the nickname +// permanently against re-registration, as the person was not yet +// allowed to have friends on this system + function user_deny($hash) { $register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1", diff --git a/update.php b/update.php index 6a685a6ff..a69742a94 100755 --- a/update.php +++ b/update.php @@ -1,6 +1,6 @@