friendica/mod/regmod.php

<?php
/**
 * @file mod/regmod.php
 */

use Friendica\App;
use Friendica\Core\Worker;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\Register;
use Friendica\Model\User;
use Friendica\Module\Security\Login;

function user_allow($hash)
{
	$register = Register::getByHash($hash);
	if (!DBA::isResult($register)) {
		return false;
	}

	$user = User::getById($register['uid']);
	if (!DBA::isResult($user)) {
		exit();
	}

	Register::deleteByHash($hash);

	DBA::update('user', ['blocked' => false, 'verified' => true], ['uid' => $register['uid']]);

	$profile = DBA::selectFirst('profile', ['net-publish'], ['uid' => $register['uid'], 'is-default' => true]);

	if (DBA::isResult($profile) && $profile['net-publish'] && DI::config()->get('system', 'directory')) {
		$url = DI::baseUrl() . '/profile/' . $user['nickname'];
		Worker::add(PRIORITY_LOW, "Directory", $url);
	}

	$l10n = DI::l10n()->withLang($register['language']);

	$res = User::sendRegisterOpenEmail(
		$l10n,
		$user,
		DI::config()->get('config', 'sitename'),
		DI::baseUrl()->get(),
		($register['password'] ?? '') ?: 'Sent in a previous email'
	);

	if ($res) {
		info(DI::l10n()->t('Account approved.') . EOL);
		return true;
	}
}

// This does not have to go through user_remove() and save the nickname
// permanently against re-registration, as the person was not yet
// allowed to have friends on this system
function user_deny($hash)
{
	$register = Register::getByHash($hash);
	if (!DBA::isResult($register)) {
		return false;
	}

	$user = User::getById($register['uid']);
	if (!DBA::isResult($user)) {
		exit();
	}

	DBA::delete('user', ['uid' => $register['uid']]);

	Register::deleteByHash($register['hash']);

	notice(DI::l10n()->t('Registration revoked for %s', $user['username']) . EOL);
	return true;
}

function regmod_content(App $a)
{
	if (!local_user()) {
		info(DI::l10n()->t('Please login.') . EOL);
		return Login::form(DI::args()->getQueryString(), intval(DI::config()->get('config', 'register_policy')) === \Friendica\Module\Register::CLOSED ? 0 : 1);
	}

	if (!is_site_admin() || !empty($_SESSION['submanage'])) {
		notice(DI::l10n()->t('Permission denied.') . EOL);
		return '';
	}

	if ($a->argc != 3) {
		exit();
	}

	$cmd = $a->argv[1];
	$hash = $a->argv[2];

	if ($cmd === 'deny') {
		user_deny($hash);
		DI::baseUrl()->redirect('admin/users/');
	}

	if ($cmd === 'allow') {
		user_allow($hash);
		DI::baseUrl()->redirect('admin/users/');
	}
}
verified registrations working 2010-07-29 08:15:10 +02:00			`<?php`
Update functions and calls Update function names and calls. 2018-01-21 17:38:01 +01:00			`/**`
			`* @file mod/regmod.php`
			`*/`
Replace direct accesses to App->config by Config::get/set calls 2018-07-07 23:46:30 +02:00
Move App to src - Add `use Friendica\App;` wherever needed 2017-04-30 06:07:00 +02:00			`use Friendica\App;`
proc_run was replaced 2017-11-05 13:15:53 +01:00			`use Friendica\Core\Worker;`
Rename Friendica\Database\dba to Friendica\Database\DBA 2018-07-20 14:19:26 +02:00			`use Friendica\Database\DBA;`
Refactor deprecated App::internalRedirect() to DI::baseUrl()->redirect() 2019-12-16 00:28:31 +01:00			`use Friendica\DI;`
Use Model\Register methods in modules - Update registration emails to avoid storing the plaintext password in the register table - Remove redundant sprintf() when used with L10n::t() - Remove redundant Systen::baseUrl() with goaway() 2018-10-14 17:57:28 +02:00			`use Friendica\Model\Register;`
Hotfix regmod missing use statement 2017-12-07 20:12:03 +01:00			`use Friendica\Model\User;`
Move Login/Logout/TwoFactor to bundled submodule "Security" 2019-12-27 22:19:28 +01:00			`use Friendica\Module\Security\Login;`
Move App to src - Add `use Friendica\App;` wherever needed 2017-04-30 06:07:00 +02:00
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-04 04:15:31 +01:00			`function user_allow($hash)`
			`{`
Use Model\Register methods in modules - Update registration emails to avoid storing the plaintext password in the register table - Remove redundant sprintf() when used with L10n::t() - Remove redundant Systen::baseUrl() with goaway() 2018-10-14 17:57:28 +02:00			`$register = Register::getByHash($hash);`
Rename DBA::is_result to DBA::isResult 2018-07-21 14:46:04 +02:00			`if (!DBA::isResult($register)) {`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00			`return false;`
Continued a bit: - converted some bad checks to use dbm::is_result() - added space between "if" and brace - added curly braces Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 10:16:48 +01:00			`}`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00
Improve transition from previous behavior - Simplify Model\User methods parameter list - Use DBA methods in mod/regmod - Replace killme with exit in mod/regmod - Simplify goaway() calls 2018-10-15 17:58:52 +02:00			`$user = User::getById($register['uid']);`
Rename DBA::is_result to DBA::isResult 2018-07-21 14:46:04 +02:00			`if (!DBA::isResult($user)) {`
Improve transition from previous behavior - Simplify Model\User methods parameter list - Use DBA methods in mod/regmod - Replace killme with exit in mod/regmod - Simplify goaway() calls 2018-10-15 17:58:52 +02:00			`exit();`
Continued a bit: - converted some bad checks to use dbm::is_result() - added space between "if" and brace - added curly braces Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 10:16:48 +01:00			`}`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00
Use Model\Register methods in modules - Update registration emails to avoid storing the plaintext password in the register table - Remove redundant sprintf() when used with L10n::t() - Remove redundant Systen::baseUrl() with goaway() 2018-10-14 17:57:28 +02:00			`Register::deleteByHash($hash);`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00
Improve transition from previous behavior - Simplify Model\User methods parameter list - Use DBA methods in mod/regmod - Replace killme with exit in mod/regmod - Simplify goaway() calls 2018-10-15 17:58:52 +02:00			`DBA::update('user', ['blocked' => false, 'verified' => true], ['uid' => $register['uid']]);`
SQL improvements. New parameter for a maximum amount of comments per thread 2013-12-08 14:49:24 +01:00
Improve transition from previous behavior - Simplify Model\User methods parameter list - Use DBA methods in mod/regmod - Replace killme with exit in mod/regmod - Simplify goaway() calls 2018-10-15 17:58:52 +02:00			`$profile = DBA::selectFirst('profile', ['net-publish'], ['uid' => $register['uid'], 'is-default' => true]);`

Move Config::get() to DI::config()->get() 2020-01-19 21:21:13 +01:00			`if (DBA::isResult($profile) && $profile['net-publish'] && DI::config()->get('system', 'directory')) {`
Move redundant System::baseUrl() to DI::baseUrl() calls 2019-12-30 23:00:08 +01:00			`$url = DI::baseUrl() . '/profile/' . $user['nickname'];`
Improve transition from previous behavior - Simplify Model\User methods parameter list - Use DBA methods in mod/regmod - Replace killme with exit in mod/regmod - Simplify goaway() calls 2018-10-15 17:58:52 +02:00			`Worker::add(PRIORITY_LOW, "Directory", $url);`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00			`}`

Move L10n::withLang() calls to DI::l10n()->withLang() calls 2020-01-18 20:54:15 +01:00			`$l10n = DI::l10n()->withLang($register['language']);`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00
fix undeclared variables or wrong variable names (/mod) 2018-02-12 03:25:09 +01:00			`$res = User::sendRegisterOpenEmail(`
Make L10n immutable - Remove Push/Pop - Add "withLang($lang)" method 2019-12-28 23:12:01 +01:00			`$l10n,`
Improve transition from previous behavior - Simplify Model\User methods parameter list - Use DBA methods in mod/regmod - Replace killme with exit in mod/regmod - Simplify goaway() calls 2018-10-15 17:58:52 +02:00			`$user,`
Move Config::get() to DI::config()->get() 2020-01-19 21:21:13 +01:00			`DI::config()->get('config', 'sitename'),`
Remove deprecated App::getBaseURL() - process methods to DI::baseUrl()->get() 2019-12-16 01:05:15 +01:00			`DI::baseUrl()->get(),`
Replace deprecated defaults() calls by a combination of ?? and ?: operators in mod/ 2019-10-15 15:01:17 +02:00			`($register['password'] ?? '') ?: 'Sent in a previous email'`
Improve transition from previous behavior - Simplify Model\User methods parameter list - Use DBA methods in mod/regmod - Replace killme with exit in mod/regmod - Simplify goaway() calls 2018-10-15 17:58:52 +02:00			`);`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-04 04:15:31 +01:00			`if ($res) {`
Move L10n::t() calls to DI::l10n()->t() calls 2020-01-18 20:52:34 +01:00			`info(DI::l10n()->t('Account approved.') . EOL);`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00			`return true;`
SQL improvements. New parameter for a maximum amount of comments per thread 2013-12-08 14:49:24 +01:00			`}`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00			`}`

prevent re-registrations using a deleted username - not an issue with Friendica but could create a serious privacy issue with federated platforms 2012-03-22 09:46:52 +01:00			`// This does not have to go through user_remove() and save the nickname`
			`// permanently against re-registration, as the person was not yet`
			`// allowed to have friends on this system`
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-04 04:15:31 +01:00			`function user_deny($hash)`
			`{`
Use Model\Register methods in modules - Update registration emails to avoid storing the plaintext password in the register table - Remove redundant sprintf() when used with L10n::t() - Remove redundant Systen::baseUrl() with goaway() 2018-10-14 17:57:28 +02:00			`$register = Register::getByHash($hash);`
Rename DBA::is_result to DBA::isResult 2018-07-21 14:46:04 +02:00			`if (!DBA::isResult($register)) {`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00			`return false;`
Just some more dba::delete 2017-05-13 06:04:17 +02:00			`}`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00
Improve transition from previous behavior - Simplify Model\User methods parameter list - Use DBA methods in mod/regmod - Replace killme with exit in mod/regmod - Simplify goaway() calls 2018-10-15 17:58:52 +02:00			`$user = User::getById($register['uid']);`
			`if (!DBA::isResult($user)) {`
			`exit();`
			`}`
SQL improvements. New parameter for a maximum amount of comments per thread 2013-12-08 14:49:24 +01:00
Use Model\Register methods in modules - Update registration emails to avoid storing the plaintext password in the register table - Remove redundant sprintf() when used with L10n::t() - Remove redundant Systen::baseUrl() with goaway() 2018-10-14 17:57:28 +02:00			`DBA::delete('user', ['uid' => $register['uid']]);`

			`Register::deleteByHash($register['hash']);`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00
Move L10n::t() calls to DI::l10n()->t() calls 2020-01-18 20:52:34 +01:00			`notice(DI::l10n()->t('Registration revoked for %s', $user['username']) . EOL);`
Admin users page. some fix to template processor. 2011-06-16 14:56:43 +02:00			`return true;`
			`}`
verified registrations working 2010-07-29 08:15:10 +02:00
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-04 04:15:31 +01:00			`function regmod_content(App $a)`
			`{`
			`if (!local_user()) {`
Move L10n::t() calls to DI::l10n()->t() calls 2020-01-18 20:52:34 +01:00			`info(DI::l10n()->t('Please login.') . EOL);`
Move Config::get() to DI::config()->get() 2020-01-19 21:21:13 +01:00			`return Login::form(DI::args()->getQueryString(), intval(DI::config()->get('config', 'register_policy')) === \Friendica\Module\Register::CLOSED ? 0 : 1);`
verified registrations working 2010-07-29 08:15:10 +02:00			`}`

Improve transition from previous behavior - Simplify Model\User methods parameter list - Use DBA methods in mod/regmod - Replace killme with exit in mod/regmod - Simplify goaway() calls 2018-10-15 17:58:52 +02:00			`if (!is_site_admin() \|\| !empty($_SESSION['submanage'])) {`
Move L10n::t() calls to DI::l10n()->t() calls 2020-01-18 20:52:34 +01:00			`notice(DI::l10n()->t('Permission denied.') . EOL);`
prevent admin hijacks 2011-01-05 07:17:58 +01:00			`return '';`
			`}`

added much more curly braces + space between "if" and brace Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 11:56:34 +01:00			`if ($a->argc != 3) {`
Improve transition from previous behavior - Simplify Model\User methods parameter list - Use DBA methods in mod/regmod - Replace killme with exit in mod/regmod - Simplify goaway() calls 2018-10-15 17:58:52 +02:00			`exit();`
added much more curly braces + space between "if" and brace Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 11:56:34 +01:00			`}`
verified registrations working 2010-07-29 08:15:10 +02:00
Fix formatting and add documentation - mod/register - mod/regmod - Model/User - Worker/CronJobs 2017-12-04 04:15:31 +01:00			`$cmd = $a->argv[1];`
verified registrations working 2010-07-29 08:15:10 +02:00			`$hash = $a->argv[2];`

added much more curly braces + space between "if" and brace Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 11:56:34 +01:00			`if ($cmd === 'deny') {`
fix email for - registration request - registration approval - account created by admin add a reditect after registration approval or deny 2014-09-09 22:07:47 +02:00			`user_deny($hash);`
Refactor deprecated App::internalRedirect() to DI::baseUrl()->redirect() 2019-12-16 00:28:31 +01:00			`DI::baseUrl()->redirect('admin/users/');`
verified registrations working 2010-07-29 08:15:10 +02:00			`}`

added much more curly braces + space between "if" and brace Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 11:56:34 +01:00			`if ($cmd === 'allow') {`
fix email for - registration request - registration approval - account created by admin add a reditect after registration approval or deny 2014-09-09 22:07:47 +02:00			`user_allow($hash);`
Refactor deprecated App::internalRedirect() to DI::baseUrl()->redirect() 2019-12-16 00:28:31 +01:00			`DI::baseUrl()->redirect('admin/users/');`
verified registrations working 2010-07-29 08:15:10 +02:00			`}`
add info() function. Works like notice() but show messages in a div with class info-message. update code to use info() instead of notice() when appropriate (non-error message) add info-message class style in themes 2011-05-23 11:39:57 +02:00			`}`