Use Model\Register methods in modules
- Update registration emails to avoid storing the plaintext password in the register table - Remove redundant sprintf() when used with L10n::t() - Remove redundant Systen::baseUrl() with goaway()
This commit is contained in:
parent
123992384b
commit
540adaf829
6 changed files with 55 additions and 72 deletions
|
@ -18,13 +18,14 @@ use Friendica\Database\DBA;
|
|||
use Friendica\Database\DBStructure;
|
||||
use Friendica\Model\Contact;
|
||||
use Friendica\Model\Item;
|
||||
use Friendica\Model\Register;
|
||||
use Friendica\Model\User;
|
||||
use Friendica\Module\Login;
|
||||
use Friendica\Module\Tos;
|
||||
use Friendica\Util\Arrays;
|
||||
use Friendica\Util\DateTimeFormat;
|
||||
use Friendica\Util\Temporal;
|
||||
use Friendica\Util\Network;
|
||||
use Friendica\Util\Temporal;
|
||||
|
||||
require_once 'include/enotify.php';
|
||||
require_once 'include/text.php';
|
||||
|
@ -895,8 +896,7 @@ function admin_page_summary(App $a)
|
|||
|
||||
logger('accounts: ' . print_r($accounts, true), LOGGER_DATA);
|
||||
|
||||
$r = q("SELECT COUNT(`id`) AS `count` FROM `register`");
|
||||
$pending = $r[0]['count'];
|
||||
$pending = Register::getPendingCount();
|
||||
|
||||
$r = q("SELECT COUNT(*) AS `total` FROM `queue` WHERE 1");
|
||||
$queue = (($r) ? $r[0]['total'] : 0);
|
||||
|
@ -1792,11 +1792,7 @@ function admin_page_users(App $a)
|
|||
}
|
||||
|
||||
/* get pending */
|
||||
$pending = q("SELECT `register`.*, `contact`.`name`, `user`.`email`
|
||||
FROM `register`
|
||||
INNER JOIN `contact` ON `register`.`uid` = `contact`.`uid`
|
||||
INNER JOIN `user` ON `register`.`uid` = `user`.`uid`;");
|
||||
|
||||
$pending = Register::getPending();
|
||||
|
||||
/* get users */
|
||||
$total = q("SELECT COUNT(*) AS `total` FROM `user` WHERE 1");
|
||||
|
|
|
@ -58,14 +58,9 @@ function invite_post(App $a)
|
|||
}
|
||||
|
||||
if ($invitation_only && ($invites_remaining || is_site_admin())) {
|
||||
$code = autoname(8) . srand(1000, 9999);
|
||||
$code = Friendica\Model\Register::createForInvitation();
|
||||
$nmessage = str_replace('$invite_code', $code, $message);
|
||||
|
||||
$r = q("INSERT INTO `register` (`hash`,`created`) VALUES ('%s', '%s') ",
|
||||
DBA::escape($code),
|
||||
DBA::escape(DateTimeFormat::utcNow())
|
||||
);
|
||||
|
||||
if (! is_site_admin()) {
|
||||
$invites_remaining --;
|
||||
if ($invites_remaining >= 0) {
|
||||
|
|
|
@ -202,11 +202,7 @@ function ping_init(App $a)
|
|||
$mail_count = count($mails);
|
||||
|
||||
if (intval(Config::get('config', 'register_policy')) === REGISTER_APPROVE && is_site_admin()) {
|
||||
$regs = q(
|
||||
"SELECT `contact`.`name`, `contact`.`url`, `contact`.`micro`, `register`.`created`
|
||||
FROM `contact` RIGHT JOIN `register` ON `register`.`uid` = `contact`.`uid`
|
||||
WHERE `contact`.`self` = 1"
|
||||
);
|
||||
$regs = Friendica\Model\Register::getPending();
|
||||
|
||||
if (DBA::isResult($regs)) {
|
||||
$register_count = count($regs);
|
||||
|
|
|
@ -11,10 +11,8 @@ use Friendica\Core\L10n;
|
|||
use Friendica\Core\PConfig;
|
||||
use Friendica\Core\System;
|
||||
use Friendica\Core\Worker;
|
||||
use Friendica\Database\DBA;
|
||||
use Friendica\Model;
|
||||
use Friendica\Module\Tos;
|
||||
use Friendica\Util\DateTimeFormat;
|
||||
|
||||
require_once 'include/enotify.php';
|
||||
|
||||
|
@ -86,7 +84,7 @@ function register_post(App $a)
|
|||
|
||||
if (intval(Config::get('config', 'register_policy')) === REGISTER_OPEN) {
|
||||
if ($using_invites && $invite_id) {
|
||||
q("delete * from register where hash = '%s' limit 1", DBA::escape($invite_id));
|
||||
Model\Register::deleteByHash($invite_id);
|
||||
PConfig::set($user['uid'], 'system', 'invites_remaining', $num_invites);
|
||||
}
|
||||
|
||||
|
@ -122,19 +120,11 @@ function register_post(App $a)
|
|||
goaway();
|
||||
}
|
||||
|
||||
$hash = random_string();
|
||||
$r = q("INSERT INTO `register` ( `hash`, `created`, `uid`, `password`, `language`, `note` ) VALUES ( '%s', '%s', %d, '%s', '%s', '%s' ) ",
|
||||
DBA::escape($hash),
|
||||
DBA::escape(DateTimeFormat::utcNow()),
|
||||
intval($user['uid']),
|
||||
DBA::escape($result['password']),
|
||||
DBA::escape(Config::get('system', 'language')),
|
||||
DBA::escape($_POST['permonlybox'])
|
||||
);
|
||||
Model\Register::createForApproval($user['uid'], Config::get('system', 'language'), $_POST['permonlybox']);
|
||||
|
||||
// invite system
|
||||
if ($using_invites && $invite_id) {
|
||||
q("DELETE * FROM `register` WHERE `hash` = '%s' LIMIT 1", DBA::escape($invite_id));
|
||||
Model\Register::deleteByHash($invite_id);
|
||||
PConfig::set($user['uid'], 'system', 'invites_remaining', $num_invites);
|
||||
}
|
||||
|
||||
|
@ -163,6 +153,7 @@ function register_post(App $a)
|
|||
}
|
||||
// send notification to the user, that the registration is pending
|
||||
Model\User::sendRegisterPendingEmail(
|
||||
$user['uid'],
|
||||
$user['email'],
|
||||
Config::get('config', 'sitename'),
|
||||
$user['username'],
|
||||
|
|
|
@ -9,6 +9,7 @@ use Friendica\Core\L10n;
|
|||
use Friendica\Core\System;
|
||||
use Friendica\Core\Worker;
|
||||
use Friendica\Database\DBA;
|
||||
use Friendica\Model\Register;
|
||||
use Friendica\Model\User;
|
||||
use Friendica\Module\Login;
|
||||
|
||||
|
@ -18,30 +19,24 @@ function user_allow($hash)
|
|||
{
|
||||
$a = get_app();
|
||||
|
||||
$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
|
||||
DBA::escape($hash)
|
||||
);
|
||||
|
||||
$register = Register::getByHash($hash);
|
||||
|
||||
if (!DBA::isResult($register)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
|
||||
intval($register[0]['uid'])
|
||||
intval($register['uid'])
|
||||
);
|
||||
|
||||
if (!DBA::isResult($user)) {
|
||||
killme();
|
||||
}
|
||||
|
||||
$r = q("DELETE FROM `register` WHERE `hash` = '%s'",
|
||||
DBA::escape($register[0]['hash'])
|
||||
);
|
||||
|
||||
Register::deleteByHash($hash);
|
||||
|
||||
$r = q("UPDATE `user` SET `blocked` = 0, `verified` = 1 WHERE `uid` = %d",
|
||||
intval($register[0]['uid'])
|
||||
intval($register['uid'])
|
||||
);
|
||||
|
||||
$r = q("SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1",
|
||||
|
@ -54,14 +49,14 @@ function user_allow($hash)
|
|||
}
|
||||
}
|
||||
|
||||
L10n::pushLang($register[0]['language']);
|
||||
L10n::pushLang($register['language']);
|
||||
|
||||
$res = User::sendRegisterOpenEmail(
|
||||
$user[0]['email'],
|
||||
Config::get('config', 'sitename'),
|
||||
System::baseUrl(),
|
||||
$user[0]['username'],
|
||||
$register[0]['password'],
|
||||
'Sent in a previous email',
|
||||
$user[0]);
|
||||
|
||||
L10n::popLang();
|
||||
|
@ -77,20 +72,19 @@ function user_allow($hash)
|
|||
// allowed to have friends on this system
|
||||
function user_deny($hash)
|
||||
{
|
||||
$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",
|
||||
DBA::escape($hash)
|
||||
);
|
||||
$register = Register::getByHash($hash);
|
||||
|
||||
if (!DBA::isResult($register)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
|
||||
intval($register[0]['uid'])
|
||||
intval($register['uid'])
|
||||
);
|
||||
|
||||
DBA::delete('user', ['uid' => $register[0]['uid']]);
|
||||
DBA::delete('register', ['hash' => $register[0]['hash']]);
|
||||
DBA::delete('user', ['uid' => $register['uid']]);
|
||||
|
||||
Register::deleteByHash($register['hash']);
|
||||
|
||||
notice(L10n::t('Registration revoked for %s', $user[0]['username']) . EOL);
|
||||
return true;
|
||||
|
|
|
@ -412,7 +412,7 @@ class User
|
|||
throw new Exception(L10n::t('An invitation is required.'));
|
||||
}
|
||||
|
||||
if (!DBA::exists('register', ['hash' => $invite_id])) {
|
||||
if (!Register::existsByHash($invite_id)) {
|
||||
throw new Exception(L10n::t('Invitation could not be verified.'));
|
||||
}
|
||||
}
|
||||
|
@ -660,22 +660,31 @@ class User
|
|||
* @param string $email
|
||||
* @param string $sitename
|
||||
* @param string $username
|
||||
* @param string $password Plaintext password
|
||||
* @return NULL|boolean from notification() and email() inherited
|
||||
*/
|
||||
public static function sendRegisterPendingEmail($email, $sitename, $username)
|
||||
public static function sendRegisterPendingEmail($uid, $email, $sitename, $username, $siteurl, $nickname, $password)
|
||||
{
|
||||
$body = deindent(L10n::t('
|
||||
Dear %1$s,
|
||||
Thank you for registering at %2$s. Your account is pending for approval by the administrator.
|
||||
'));
|
||||
|
||||
$body = sprintf($body, $username, $sitename);
|
||||
Your login details are as follows:
|
||||
|
||||
Site Location: %3$s
|
||||
Login Name: %4$s
|
||||
Password: %5$s
|
||||
',
|
||||
$body, $username, $sitename, $siteurl, $nickname, $password
|
||||
));
|
||||
|
||||
return notification([
|
||||
'type' => SYSTEM_EMAIL,
|
||||
'uid' => $uid,
|
||||
'to_email' => $email,
|
||||
'subject' => L10n::t('Registration at %s', $sitename),
|
||||
'body' => $body]);
|
||||
'body' => $body
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -695,7 +704,9 @@ class User
|
|||
$preamble = deindent(L10n::t('
|
||||
Dear %1$s,
|
||||
Thank you for registering at %2$s. Your account has been created.
|
||||
'));
|
||||
',
|
||||
$preamble, $username, $sitename
|
||||
));
|
||||
$body = deindent(L10n::t('
|
||||
The login details are as follows:
|
||||
|
||||
|
@ -722,10 +733,9 @@ class User
|
|||
|
||||
If you ever want to delete your account, you can do so at %3$s/removeme
|
||||
|
||||
Thank you and welcome to %2$s.'));
|
||||
|
||||
$preamble = sprintf($preamble, $username, $sitename);
|
||||
$body = sprintf($body, $email, $sitename, $siteurl, $username, $password);
|
||||
Thank you and welcome to %2$s.',
|
||||
$body, $email, $sitename, $siteurl, $username, $password
|
||||
));
|
||||
|
||||
return notification([
|
||||
'uid' => $user['uid'],
|
||||
|
@ -734,7 +744,8 @@ class User
|
|||
'to_email' => $email,
|
||||
'subject' => L10n::t('Registration details for %s', $sitename),
|
||||
'preamble' => $preamble,
|
||||
'body' => $body]);
|
||||
'body' => $body
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -771,7 +782,7 @@ class User
|
|||
if ($uid == local_user()) {
|
||||
unset($_SESSION['authenticated']);
|
||||
unset($_SESSION['uid']);
|
||||
goaway(System::baseUrl());
|
||||
goaway();;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue