public function check_for_errors()
{
$user = array();
$user['errors'] = '';
$user = Container::get('hooks')->fire('model.register.check_for_errors_start', $user);
// Check that someone from this IP didn't register a user within the last hour (DoS prevention)
$already_registered = DB::for_table('users')->where('registration_ip', Utils::getIp())->where_gt('registered', time() - 3600);
$already_registered = Container::get('hooks')->fireDB('model.register.check_for_errors_ip_query', $already_registered);
$already_registered = $already_registered->find_one();
if ($already_registered) {
throw new Error(__('Registration flood'), 429);
}
$user['username'] = Utils::trim(Input::post('req_user'));
$user['email1'] = strtolower(Utils::trim(Input::post('req_email1')));
if (ForumSettings::get('o_regs_verify') == '1') {
$email2 = strtolower(Utils::trim(Input::post('req_email2')));
$user['password1'] = Random::pass(12);
$password2 = $user['password1'];
} else {
$user['password1'] = Utils::trim(Input::post('req_password1'));
$password2 = Utils::trim(Input::post('req_password2'));
}
// Validate username and passwords
$profile = new \FeatherBB\Model\Profile();
$user['errors'] = $profile->check_username($user['username'], $user['errors']);
if (Utils::strlen($user['password1']) < 6) {
$user['errors'][] = __('Pass too short');
} elseif ($user['password1'] != $password2) {
$user['errors'][] = __('Pass not match');
}
// Antispam feature
$lang_antispam_questions = (require ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/antispam.php');
$question = Input::post('captcha_q') ? trim(Input::post('captcha_q')) : '';
$answer = Input::post('captcha') ? strtoupper(trim(Input::post('captcha'))) : '';
$lang_antispam_questions_array = array();
foreach ($lang_antispam_questions as $k => $v) {
$lang_antispam_questions_array[md5($k)] = strtoupper($v);
}
if (empty($lang_antispam_questions_array[$question]) || $lang_antispam_questions_array[$question] != $answer) {
$user['errors'][] = __('Robot test fail');
}
// Validate email
if (!Container::get('email')->is_valid_email($user['email1'])) {
$user['errors'][] = __('Invalid email');
} elseif (ForumSettings::get('o_regs_verify') == '1' && $user['email1'] != $email2) {
$user['errors'][] = __('Email not match');
}
// Check if it's a banned email address
if (Container::get('email')->is_banned_email($user['email1'])) {
if (ForumSettings::get('p_allow_banned_email') == '0') {
$user['errors'][] = __('Banned email');
}
$user['banned_email'] = 1;
// Used later when we send an alert email
}
// Check if someone else already has registered with that email address
$dupe_list = array();
$dupe_mail = DB::for_table('users')->select('username')->where('email', $user['email1']);
$dupe_mail = Container::get('hooks')->fireDB('model.register.check_for_errors_dupe', $dupe_mail);
$dupe_mail = $dupe_mail->find_many();
if ($dupe_mail) {
if (ForumSettings::get('p_allow_dupe_email') == '0') {
$user['errors'][] = __('Dupe email');
}
foreach ($dupe_mail as $cur_dupe) {
$dupe_list[] = $cur_dupe['username'];
}
}
// Make sure we got a valid language string
if (Input::post('language')) {
$user['language'] = preg_replace('%[\\.\\\\/]%', '', Input::post('language'));
if (!file_exists(ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . $user['language'] . '/common.po')) {
throw new Error(__('Bad request'), 500);
}
} else {
$user['language'] = ForumSettings::get('o_default_lang');
}
$user = Container::get('hooks')->fire('model.register.check_for_errors', $user);
return $user;
}
public function check_errors_before_post($fid, $tid, $qid, $pid, $page, $errors)
{
$lang_antispam_questions = (require ForumEnv::get('FEATHER_ROOT') . 'featherbb/lang/' . User::get()->language . '/antispam.php');
$fid = Container::get('hooks')->fire('model.post.check_errors_before_post_start', $fid);
// Antispam feature
if (User::get()->is_guest) {
// It's a guest, so we have to validate the username
$profile = new \FeatherBB\Model\Profile();
$errors = $profile->check_username(Utils::trim(Input::post('req_username')), $errors);
$errors = Container::get('hooks')->fire('model.post.check_errors_before_post_antispam', $errors);
$question = Input::post('captcha_q') ? trim(Input::post('captcha_q')) : '';
$answer = Input::post('captcha') ? strtoupper(trim(Input::post('captcha'))) : '';
$lang_antispam_questions_array = array();
foreach ($lang_antispam_questions as $k => $v) {
$lang_antispam_questions_array[md5($k)] = strtoupper($v);
}
if (empty($lang_antispam_questions_array[$question]) || $lang_antispam_questions_array[$question] != $answer) {
$errors[] = __('Robot test fail');
}
}
// Flood protection
if (Input::post('preview') != '' && User::get()->last_post != '' && time() - User::get()->last_post < Container::get('prefs')->get(User::get(), 'post.min_interval')) {
$errors[] = sprintf(__('Flood start'), Container::get('prefs')->get(User::get(), 'post.min_interval'), Container::get('prefs')->get(User::get(), 'post.min_interval') - (time() - User::get()->last_post));
}
// If it's a new topic
if ($fid) {
$subject = Utils::trim(Input::post('req_subject'));
$subject = Container::get('hooks')->fire('model.post.check_errors_before_new_topic_subject', $subject);
if (ForumSettings::get('o_censoring') == '1') {
$censored_subject = Utils::trim(Utils::censor($subject));
$censored_subject = Container::get('hooks')->fire('model.post.check_errors_before_censored', $censored_subject);
}
if ($subject == '') {
$errors[] = __('No subject');
} elseif (ForumSettings::get('o_censoring') == '1' && $censored_subject == '') {
$errors[] = __('No subject after censoring');
} elseif (Utils::strlen($subject) > 70) {
$errors[] = __('Too long subject');
} elseif (ForumSettings::get('p_subject_all_caps') == '0' && Utils::is_all_uppercase($subject) && !User::get()->is_admmod) {
$errors[] = __('All caps subject');
}
$errors = Container::get('hooks')->fire('model.post.check_errors_before_new_topic_errors', $errors);
}
if (User::get()->is_guest) {
$email = strtolower(Utils::trim(ForumSettings::get('p_force_guest_email') == '1' ? Input::post('req_email') : Input::post('email')));
if (ForumSettings::get('p_force_guest_email') == '1' || $email != '') {
$errors = Container::get('hooks')->fire('model.post.check_errors_before_post_email', $errors, $email);
if (!Container::get('email')->is_valid_email($email)) {
$errors[] = __('Invalid email');
}
// Check if it's a banned email address
// we should only check guests because members' addresses are already verified
if (User::get()->is_guest && Container::get('email')->is_banned_email($email)) {
if (ForumSettings::get('p_allow_banned_email') == '0') {
$errors[] = __('Banned email');
}
$errors['banned_email'] = 1;
// Used later when we send an alert email
}
}
}
// Clean up message from POST
$message = Utils::linebreaks(Utils::trim(Input::post('req_message')));
$message = Container::get('hooks')->fire('model.post.check_errors_before_post_message', $message);
// Here we use strlen() not Utils::strlen() as we want to limit the post to FEATHER_MAX_POSTSIZE bytes, not characters
if (strlen($message) > ForumEnv::get('FEATHER_MAX_POSTSIZE')) {
$errors[] = sprintf(__('Too long message'), Utils::forum_number_format(ForumEnv::get('FEATHER_MAX_POSTSIZE')));
} elseif (ForumSettings::get('p_message_all_caps') == '0' && Utils::is_all_uppercase($message) && !User::get()->is_admmod) {
$errors[] = __('All caps message');
}
// Validate BBCode syntax
if (ForumSettings::get('p_message_bbcode') == '1') {
$message = Container::get('parser')->preparse_bbcode($message, $errors);
$message = Container::get('hooks')->fire('model.post.check_errors_before_post_bbcode', $message);
}
if (empty($errors)) {
$errors = Container::get('hooks')->fire('model.post.check_errors_before_post_no_error', $errors);
if ($message == '') {
$errors[] = __('No message');
} elseif (ForumSettings::get('o_censoring') == '1') {
// Censor message to see if that causes problems
$censored_message = Utils::trim(Utils::censor($message));
if ($censored_message == '') {
$errors[] = __('No message after censoring');
}
}
}
$errors = Container::get('hooks')->fire('model.post.check_errors_before_post', $errors);
return $errors;
}
