Additional accounts can now be created easily

This commit is contained in:
Michael 2020-01-17 07:02:59 +00:00
parent b15c7bb357
commit e5ecfa7c34
2 changed files with 78 additions and 19 deletions

View file

@ -43,12 +43,20 @@ class Register extends BaseModule
// 'block_extended_register' blocks all registrations, period. // 'block_extended_register' blocks all registrations, period.
$block = Config::get('system', 'block_extended_register'); $block = Config::get('system', 'block_extended_register');
if (local_user() && ($block)) { if (local_user() && $block) {
notice('Permission denied.' . EOL); notice('Permission denied.' . EOL);
return ''; return '';
} }
if ((!local_user()) && (intval(Config::get('config', 'register_policy')) === self::CLOSED)) { if (local_user()) {
$user = DBA::selectFirst('user', ['parent-uid'], ['uid' => local_user()]);
if (!empty($user['parent-uid'])) {
notice('Only parent users can create additional profiles.');
return '';
}
}
if (!local_user() && (intval(Config::get('config', 'register_policy')) === self::CLOSED)) {
notice('Permission denied.' . EOL); notice('Permission denied.' . EOL);
return ''; return '';
} }
@ -70,7 +78,7 @@ class Register extends BaseModule
$photo = $_REQUEST['photo'] ?? ''; $photo = $_REQUEST['photo'] ?? '';
$invite_id = $_REQUEST['invite_id'] ?? ''; $invite_id = $_REQUEST['invite_id'] ?? '';
if (Config::get('system', 'no_openid')) { if (local_user() || Config::get('system', 'no_openid')) {
$fillwith = ''; $fillwith = '';
$fillext = ''; $fillext = '';
$oidlabel = ''; $oidlabel = '';
@ -94,7 +102,7 @@ class Register extends BaseModule
]); ]);
} }
$ask_password = ! DBA::count('contact'); $ask_password = !DBA::count('contact');
$tpl = Renderer::getMarkupTemplate('register.tpl'); $tpl = Renderer::getMarkupTemplate('register.tpl');
@ -142,7 +150,10 @@ class Register extends BaseModule
'$privstatement'=> $tos->privacy_complete, '$privstatement'=> $tos->privacy_complete,
'$form_security_token' => BaseModule::getFormSecurityToken('register'), '$form_security_token' => BaseModule::getFormSecurityToken('register'),
'$explicit_content' => Config::get('system', 'explicit_content', false), '$explicit_content' => Config::get('system', 'explicit_content', false),
'$explicit_content_note' => L10n::t('Note: This node explicitly contains adult content') '$explicit_content_note' => L10n::t('Note: This node explicitly contains adult content'),
'$additional' => !empty(local_user()),
'$parent_password' => ['parent_password', L10n::t('Parent Password:'), '', L10n::t('Please enter the password of the parent account to legitimize your request.')]
]); ]);
return $o; return $o;
@ -163,6 +174,26 @@ class Register extends BaseModule
$arr = ['post' => $_POST]; $arr = ['post' => $_POST];
Hook::callAll('register_post', $arr); Hook::callAll('register_post', $arr);
$additional_account = false;
if (!local_user() && !empty($arr['post']['parent_password'])) {
notice(L10n::t('Permission denied.') . EOL);
return;
} elseif (local_user() && !empty($arr['post']['parent_password'])) {
try {
Model\User::getIdFromPasswordAuthentication(local_user(), $arr['post']['parent_password']);
} catch (\Exception $ex) {
notice(L10n::t("Password doesn't match"));
$regdata = ['nickname' => $arr['post']['nickname'], 'username' => $arr['post']['username']];
DI::baseUrl()->redirect('register?' . http_build_query($regdata));
}
$additional_account = true;
} elseif (local_user()) {
notice(L10n::t('Please enter your password'));
$regdata = ['nickname' => $arr['post']['nickname'], 'username' => $arr['post']['username']];
DI::baseUrl()->redirect('register?' . http_build_query($regdata));
}
$max_dailies = intval(Config::get('system', 'max_daily_registrations')); $max_dailies = intval(Config::get('system', 'max_daily_registrations'));
if ($max_dailies) { if ($max_dailies) {
$count = DBA::count('user', ['`register_date` > UTC_TIMESTAMP - INTERVAL 1 day']); $count = DBA::count('user', ['`register_date` > UTC_TIMESTAMP - INTERVAL 1 day']);
@ -208,6 +239,20 @@ class Register extends BaseModule
// Overwriting the "tar pit" field with the real one // Overwriting the "tar pit" field with the real one
$arr['email'] = $arr['field1']; $arr['email'] = $arr['field1'];
if ($additional_account) {
$user = DBA::selectFirst('user', ['email'], ['uid' => local_user()]);
if (!DBA::isResult($user)) {
notice(L10n::t('User not found'));
DI::baseUrl()->redirect('register');
}
$blocked = 0;
$verified = 1;
$arr['password1'] = $arr['confirm'] = $arr['parent_password'];
$arr['repeat'] = $arr['email'] = $user['email'];
}
if ($arr['email'] != $arr['repeat']) { if ($arr['email'] != $arr['repeat']) {
Logger::info('Mail mismatch', $arr); Logger::info('Mail mismatch', $arr);
notice(L10n::t('Please enter the identical mail address in the second field.')); notice(L10n::t('Please enter the identical mail address in the second field.'));
@ -235,6 +280,12 @@ class Register extends BaseModule
Worker::add(PRIORITY_LOW, 'Directory', $url); Worker::add(PRIORITY_LOW, 'Directory', $url);
} }
if ($additional_account) {
DBA::update('user', ['parent-uid' => local_user()], ['uid' => $user['uid']]);
info(L10n::t('The additional account was created.'));
DI::baseUrl()->redirect('delegation');
}
$using_invites = Config::get('system', 'invitation_only'); $using_invites = Config::get('system', 'invitation_only');
$num_invites = Config::get('system', 'number_invites'); $num_invites = Config::get('system', 'number_invites');
$invite_id = (!empty($_POST['invite_id']) ? Strings::escapeTags(trim($_POST['invite_id'])) : ''); $invite_id = (!empty($_POST['invite_id']) ? Strings::escapeTags(trim($_POST['invite_id'])) : '');

View file

@ -36,17 +36,19 @@
<div id="register-name-end" ></div> <div id="register-name-end" ></div>
<div id="register-email-wrapper" class="form-group"> {{if !$additional}}
<label for="register-email" id="label-register-email" >{{$addrlabel}}</label> <div id="register-email-wrapper" class="form-group">
<input type="text" maxlength="60" size="32" name="field1" id="register-email" class="form-control" value="{{$email}}" required> <label for="register-email" id="label-register-email" >{{$addrlabel}}</label>
</div> <input type="text" maxlength="60" size="32" name="field1" id="register-email" class="form-control" value="{{$email}}" required>
<div id="register-email-end" ></div> </div>
<div id="register-email-end" ></div>
<div id="register-repeat-wrapper" class="form-group"> <div id="register-repeat-wrapper" class="form-group">
<label for="register-repeat" id="label-register-repeat" >{{$addrlabel2}}</label> <label for="register-repeat" id="label-register-repeat" >{{$addrlabel2}}</label>
<input type="text" maxlength="60" size="32" name="repeat" id="register-repeat" class="form-control" value="" required> <input type="text" maxlength="60" size="32" name="repeat" id="register-repeat" class="form-control" value="" required>
</div> </div>
<div id="register-repeat-end" ></div> <div id="register-repeat-end" ></div>
{{/if}}
{{if $ask_password}} {{if $ask_password}}
{{include file="field_password.tpl" field=$password1}} {{include file="field_password.tpl" field=$password1}}
@ -60,6 +62,10 @@
</div> </div>
<div id="register-nickname-end" ></div> <div id="register-nickname-end" ></div>
{{if $additional}}
{{include file="field_password.tpl" field=$parent_password}}
{{/if}}
<input type="input" id=tarpit" name="email" style="display: none;" placeholder="Don't enter anything here"/> <input type="input" id=tarpit" name="email" style="display: none;" placeholder="Don't enter anything here"/>
{{if $permonly}} {{if $permonly}}
@ -83,9 +89,11 @@
</div> </div>
<div id="register-submit-end" class="clear"></div> <div id="register-submit-end" class="clear"></div>
<h3>{{$importh}}</h3> {{if !$additional}}
<div id ="import-profile"> <h3>{{$importh}}</h3>
<a href="uimport">{{$importt}}</a> <div id ="import-profile">
</div> <a href="uimport">{{$importt}}</a>
</div>
{{/if}}
</form> </form>
</div> </div>