/** * Sets an error if supplied username has been blocked. */ public function validateName(array &$form, FormStateInterface $form_state) { if (!$form_state->isValueEmpty('name') && user_is_blocked($form_state->getValue('name'))) { // Blocked in user administration. $form_state->setErrorByName('name', $this->t('The username %name has not been activated or is blocked.', array('%name' => $form_state->getValue('name')))); } }
/** * Attempt to log in using the given username and password. * * On a successful login, this function should return the users attributes. On failure, * it should throw an exception. If the error was caused by the user entering the wrong * username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown. * * Note that both the username and the password are UTF-8 encoded. * * @param string $username The username the user wrote. * @param string $password The password the user wrote. * @return array Associative array with the users attributes. */ protected function login($username, $password) { assert('is_string($username)'); assert('is_string($password)'); // accomodating email logins here if ($result = db_query('SELECT name FROM {users} WHERE LOWER(mail) = LOWER(:name)', array(':name' => $username))) { if ($record = $result->fetchAssoc()) { $username = $record['name']; } } // authenticate the user // check if user is not blocked first if (!user_is_blocked($username)) { $drupaluid = user_authenticate($username, $password); if (0 == $drupaluid) { throw new SimpleSAML_Error_Error('WRONGUSERPASS'); } } else { throw new SimpleSAML_Error_Error('USERBLOCKED'); } // load the user object from Drupal $drupaluser = user_load($drupaluid); // get all the attributes out of the user object $userAttrs = get_object_vars($drupaluser); // define some variables to use as arrays $userAttrNames = null; $attributes = null; // figure out which attributes to include if (NULL == $this->attributes) { $userKeys = array_keys($userAttrs); // populate the attribute naming array foreach ($userKeys as $userKey) { $userAttrNames[$userKey] = $userKey; } } else { // populate the array of attribute keys // populate the attribute naming array foreach ($this->attributes as $confAttr) { $userKeys[] = $confAttr['drupaluservar']; $userAttrNames[$confAttr['drupaluservar']] = $confAttr['callit']; } } // an array of the keys that should never be included // (e.g., pass) $skipKeys = array('pass', 'field_address'); // package up the user attributes foreach ($userKeys as $userKey) { // skip any keys that should never be included if (!in_array($userKey, $skipKeys)) { if (is_string($userAttrs[$userKey]) || is_numeric($userAttrs[$userKey]) || is_bool($userAttrs[$userKey])) { $attributes[$userAttrNames[$userKey]] = array($userAttrs[$userKey]); } elseif (is_array($userAttrs[$userKey])) { // if the field is a field module field, special handling is required if (substr($userKey, 0, 6) == 'field_') { if ($userAttrs[$userKey]['und'][0]['safe_value']) { $attributes[$userAttrNames[$userKey]] = array($userAttrs[$userKey]['und'][0]['safe_value']); } else { if ($userAttrs[$userKey]['und'][0]['value']) { $attributes[$userAttrNames[$userKey]] = array($userAttrs[$userKey]['und'][0]['value']); } else { // accomodate taxonomy term reference fields foreach ($userAttrs[$userKey]['und'] as $key => $value) { if ($value['tid']) { $term_object = taxonomy_term_load($value['tid']); $attributes[$userAttrNames[$userKey]][$key] = $term_object->name; } } } } } else { // otherwise treat it like a normal array $attributes[$userAttrNames[$userKey]] = $userAttrs[$userKey]; } } } } return $attributes; }
function output_build_reader_toolbar_desktop($content) { if ($_SERVER['URL_ARRAY'][1] == 'read' || $_SERVER['URL_ARRAY'][1] == 'send' && $_SERVER['URL_ARRAY'][2]) { // build a bio link if appropriate (and the bio isn't currently the content) if ((file_exists("{$_SERVER['PWUSERS_DIR']}/{$_SERVER['PLANOWNER']}/bio.txt") || (strpos($_SERVER['PLANOWNER_REAL_LOCATION'], 'diaryland') || strpos($_SERVER['PLANOWNER_REAL_LOCATION'], 'livejournal'))) && !($_SERVER['URL_ARRAY'][3] == 'bio')) { $readertoolbar[] = "<a href='{$_SERVER['WEB_ROOT']}/read/{$_SERVER['PLANOWNER_REAL_LOCATION']}/bio'>bio</a>\n"; } if ((strpos($_SERVER['PLANOWNER_REAL_LOCATION'], 'planworld.net') || strpos($_SERVER['PLANOWNER_REAL_LOCATION'], 'amherst.edu') || plan_is_local($_SERVER['PLANOWNER'])) && $_SERVER['PLANOWNER'] != $_SERVER['USER'] && $_SERVER['URL_ARRAY'][1] != 'send') { if (IS_JOSH) { $send_files = files_list("{$_SERVER['USER_ROOT']}/sends", files_encode_safe_name("{$_SERVER['PLANOWNER']}") . "*"); if (is_array($send_files)) { $lastsend = formattime(filemtime("{$_SERVER['USER_ROOT']}/sends/" . end($send_files))); if (strstr(end($send_files), '.new')) { $lastsend .= " <b>NEW</b>"; } } $readertoolbar[] = "<a href='{$_SERVER['WEB_ROOT']}/send/{$_SERVER['PLANOWNER_REAL_LOCATION']}/'>send <span style='opacity: 0.5'>{$lastsend}</span></a>"; } else { $readertoolbar[] = "<a href='{$_SERVER['WEB_ROOT']}/send/{$_SERVER['PLANOWNER_REAL_LOCATION']}/'>send</a>\n"; } } // build a plan link instead if the reader is reading the bio or send if ($_SERVER['URL_ARRAY'][3] == 'bio' || $_SERVER['URL_ARRAY'][1] == 'send') { $readertoolbar[] = "<a href='{$_SERVER['WEB_ROOT']}/read/{$_SERVER['PLANOWNER_REAL_LOCATION']}' >plan</a>\n"; } // build an archive link, if appropriate if (plan_has_archives($_SERVER['PLANOWNER_REAL_LOCATION'])) { if (!in_array('archives', $_SERVER['URL_ARRAY'])) { $readertoolbar[] = "<a href='{$_SERVER['WEB_ROOT']}/read/{$_SERVER['PLANOWNER']}/archives' >archives</a>\n"; } else { $readertoolbar[] = "<a href='{$_SERVER['WEB_ROOT']}/read/{$_SERVER['PLANOWNER']}' >plan</a>\n"; } } // If the reader isn't watching the writer, offer the option if (!stristr($testwatchlist, $_SERVER['PLANOWNER']) && !stristr($testwatchlist, $_SERVER['PLANOWNER_REAL_LOCATION'])) { $readertoolbar[] = "<span id='watch_link'><a class='action' href=\"javascript:loadXMLDoc('{$_SERVER['WEB_ROOT']}/lists/add_ajax/watched/!{$_SERVER['PLANOWNER_REAL_LOCATION']}:{$_SERVER['PLANOWNER_DISPLAY_NAME']}!',null,'planwatch');void(null);\" title='add {$_SERVER['PLANOWNER_DISPLAY_NAME']} to your watched list' >watch</a></span>\n"; } else { $readertoolbar[] = "<span id='watch_link'><a class='action' href=\"javascript:loadXMLDoc('{$_SERVER['WEB_ROOT']}/lists/remove_ajax/watched/{$_SERVER['PLANOWNER_REAL_LOCATION']}',null,'planwatch');void(null);\" title='remove {$_SERVER['PLANOWNER_DISPLAY_NAME']} from your watched list' >unwatch</a></span>\n"; } // if writer isn't a blog or the same as reader, offer the option of // blocking, unblocking, allowing, or disallowing access to reader's plan if ($_SERVER['PLANOWNER'] != $_SERVER['USER'] && !strpos($_SERVER['PLANOWNER'], '://')) { if (!user_is_blocked($_SERVER['USER'], $_SERVER[PLANOWNER])) { $readertoolbar[] = "<a class='action' href='{$_SERVER['WEB_ROOT']}/lists/add/blocked/{$_SERVER['PLANOWNER']}' title='block {$_SERVER['PLANOWNER_DISPLAY_NAME']} from reading your plan altogether' >block</a>\n"; } else { $readertoolbar[] = "<a class='action' href='{$_SERVER['WEB_ROOT']}/lists/remove/blocked/{$_SERVER['PLANOWNER']}' title='unblock {$_SERVER['PLANOWNER_DISPLAY_NAME']} so they can read your public plan again' >unblock</a>\n"; } if (!user_is_authorized($_SERVER['USER'], $_SERVER[PLANOWNER])) { $readertoolbar[] = "<a class='action' href='{$_SERVER['WEB_ROOT']}/lists/add/allowed/{$_SERVER['PLANOWNER']}' title='allow {$_SERVER['PLANOWNER_DISPLAY_NAME']} to read your private plan' >allow</a>\n"; } else { $readertoolbar[] = "<a class='action' href='{$_SERVER['WEB_ROOT']}/lists/remove/allowed/{$_SERVER['PLANOWNER']}' title='disallow {$_SERVER['PLANOWNER_DISPLAY_NAME']} from reading your private plan'>disallow</a>\n"; } // offer administrators a link to masquerade as writer // this is so it's easy to follow up on plan-reported bugs if (user_is_administrator() && file_exists("{$_SERVER['PWUSERS_DIR']}/{$_SERVER['PLANOWNER']}/userinfo.dat")) { $readertoolbar[] = "<a class='action' href='{$_SERVER['WEB_ROOT']}/masq/on/{$_SERVER['PLANOWNER']}'>masq</a>"; } $readertoolbar[] = "<a class='action' href='/lists/unread/{$_SERVER['PLANOWNER']}'>unread</a>"; } if ($_SERVER['PLANOWNER'] && $_SERVER['PLANOWNER'] == $_SERVER['USER'] && !strpos($_SERVER['PLANOWNER'], '@') && browser_is_modern()) { $readertoolbar[] = "<a class='action' href='/write'>new entry</a>"; } // make the links into a string for output. foreach ($readertoolbar as $tool) { if (strstr($tool, 'action')) { $class = " class='action' "; } else { $class = ''; } $readertoolbar_html .= "<li {$class}>{$tool}</li>"; } $readertoolbar = "\n<li class='listheader'>{$_SERVER['PLANOWNER_DISPLAY_NAME']}</li>" . $readertoolbar_html; if (IS_JOSH) { if ($lasttime = plan_get_last_update($_SERVER['PLANOWNER'])) { $readertoolbar .= "<li class='action' style='font-size: 80%; float: right;'>updated " . formattime($lasttime) . "</li>"; } if ($lastlogin = plan_get_last_login($_SERVER['PLANOWNER'])) { if (trim($lastlogin) && $lastlogin > 0) { $readertoolbar .= "<li class='action' style='font-size: 80%; float: right;'>active " . formattime($lastlogin) . "</li>"; } } } else { if ($lasttime = plan_get_last_update($_SERVER['PLANOWNER'])) { $readertoolbar .= "<li class='plan_data_block'>Last Update: " . formattime($lasttime) . "</li>"; } if ($lastlogin = plan_get_last_login($_SERVER['PLANOWNER'])) { if (trim($lastlogin) && $lastlogin > 0) { $readertoolbar .= "<li class='plan_data_block' id='lastaction'>Last Action: " . formattime($lastlogin) . "</li>"; } } } } return $readertoolbar; }
/** * Sets an error if supplied username has been blocked. */ public function validateName(array &$form, array &$form_state) { if (!empty($form_state['values']['name']) && user_is_blocked($form_state['values']['name'])) { // Blocked in user administration. $this->setFormError('name', $form_state, $this->t('The username %name has not been activated or is blocked.', array('%name' => $form_state['values']['name']))); } }
function plan_test_privacy($reader, $planwriter, $remotesnitch = FALSE) { $valid = FALSE; // if the reader is blocked, give up now if (!user_is_blocked($planwriter, $reader)) { $whitelist = file_get_contents("{$_SERVER['FILE_ROOT']}/resources/whitelist.txt"); if (!strstr($reader, '@planworld.net') || user_is_authorized($planwriter, $reader) || strstr($whitelist, $reader)) { $_SERVER['whitelist_passed'] = TRUE; } else { $_SERVER['whitelist_passed'] = FALSE; } // if the writer is registered only, there are a few considerations: // 1. the reader is registered here // 2. OR the reader is registered elsewhere in planworld // 3. if the reader is offsite, they must have snitch on // 4. if the reader is from planworld.net, they must be on the whitelist // 5. if the reader is registered here, they must have confirmed their email address // 6. EXCEPT the writer can personally allow any reader, regardless of snitch status if (plan_is_registered_only($planwriter) && $reader != 'guest' && $reader != 'rss reader' && trim($reader) && !plan_is_private($planwriter) && !file_exists("{$_SERVER['PWUSERS_DIR']}/{$reader}/unconfirmed") && ($_SERVER['USERINFO_ARRAY']['snitchlevel'] >= 1 || user_is_authorized($planwriter, $reader) || $reader == 'cacheuser') && $_SERVER['whitelist_passed'] && !(strstr(strtolower($reader), 'anonymous') && $_SERVER['PLANOWNER_INFO_ARRAY']['snitchlevel'] > 2)) { $valid = 1; } // if the plan is public or advertised, we're clear if (!plan_is_registered_only($planwriter) && !plan_is_private($planwriter)) { $valid = 1; } // if plan is private, only personally allowed users may read if (plan_is_private($planwriter) && user_is_authorized($planwriter, $reader)) { $valid = 1; } } // provides limited secret feeds for private plans. user must enable. if ($_SERVER['OUTPUT_MODE'] == "ATOM_PRIVATE") { $valid = 1; } // if the writer isn't local, we let the other end handle privacy if (!file_exists("{$_SERVER['PWUSERS_DIR']}/{$planwriter}")) { $valid = TRUE; } return $valid; }
/** * Verifies if the user is blocked. * * @param string $name * The username. * * @return bool * TRUE if the user is blocked, otherwise FALSE. */ protected function userIsBlocked($name) { return user_is_blocked($name); }
/** * This is the callback handler (referenced by routing.yml). */ public function callback_handler() { // Read Settings. $settings = \social_login_get_settings(); // No need to do anything if we haven't received these arguments. if (isset($_POST) && !empty($_POST['connection_token']) && !empty($_POST['oa_action']) && in_array($_POST['oa_action'], array('social_login', 'social_link'))) { // Clear session. \social_login_clear_session(); // API Connection Credentials. $api_subdomain = (!empty($settings['api_subdomain']) ? $settings['api_subdomain'] : ''); $api_key = (!empty($settings['api_key']) ? $settings['api_key'] : ''); $api_secret = (!empty($settings['api_secret']) ? $settings['api_secret'] : ''); // API Connection Handler. $handler = (!empty($settings['http_handler']) ? $settings['http_handler'] : 'curl'); $handler = ($handler == 'fsockopen' ? 'fsockopen' : 'curl'); // API Connection Protocol. $protocol = (!empty($settings['http_protocol']) ? $settings['http_protocol'] : 'https'); $protocol = ($protocol == 'http' ? 'http' : 'https'); // Automatic or manual registration? $registration_method = (!empty($settings['registration_method']) ? $settings['registration_method'] : ''); $registration_method = (in_array($registration_method, array( 'manual', 'auto_random_email', 'auto_manual_email', )) ? $registration_method : 'manual'); // Require approval? $registration_approval = (!empty($settings['registration_approval']) ? $settings['registration_approval'] : ''); $registration_approval = (in_array($registration_approval, array( 'inherit', 'disable', 'enable', )) ? $registration_approval : 'inherit'); // Retrieved connection_token. $token = trim($_POST['connection_token']); // Settings missing. if (empty($api_subdomain) || empty($api_key) || empty($api_secret)) { drupal_set_message(t('OneAll Social Login is not setup correctly, please request the administrator to verify the API Settings'), 'error'); \Drupal::logger('social_login')->notice('The API Settings are not filled out correctly', array()); } // Settings filled out. else { // Request identity details API. $data = \social_login_do_api_request($handler, $protocol . '://' . $api_subdomain . '.api.oneall.com/connections/' . $token . '.json', array( 'api_key' => $api_key, 'api_secret' => $api_secret, )); if (is_array($data) && !empty($data['http_data'])) { $social_data = @\Drupal\Component\Serialization\Json::decode($data['http_data']); // Everything seems to be ok. if (is_array($social_data) && isset($social_data['response']) && isset($social_data['response']['request']['status']['code']) && $social_data['response']['request']['status']['code'] == 200) { // The plugin that has been uses social_login/social_link. $data = $social_data['response']['result']['data']; // Save the social network data in a session. $_SESSION['social_login_session_open'] = 1; $_SESSION['social_login_session_time'] = time(); $_SESSION['social_login_social_data'] = serialize($social_data); $_SESSION['social_login_origin'] = (!empty($_GET['origin']) ? $_GET['origin'] : ''); // Unique user_token. $user_token = $data['user']['user_token']; // Extract identity. $identity = $data['user']['identity']; // Unique identity_token. $identity_token = $identity['identity_token']; // Social Network that has been used to connect. $provider_name = (!empty($identity['source']['name']) ? $identity['source']['name'] : t('Unkown')); // Try restoring the user for the token. $user_for_token = \social_login_get_user_for_user_token($user_token); // Existing user. if (is_object($user_for_token) && !empty($user_for_token->id())) { // Social Login Plugin used? if ($data['plugin']['key'] == 'social_login') { // Make sure that the user has not been blocked. $name = $user_for_token->get('name')->value; // $user_for_token->getAccountName(); if (!user_is_blocked($name)) { user_login_finalize($user_for_token); } else { drupal_set_message(t('Your account is blocked.'), 'error'); // Clear session. \social_login_clear_session(); } } // Social Link Plugin used? elseif ($data['plugin']['key'] == 'social_link') { // The user should be logged in. $user = \Drupal::currentUser(); // User is logged in. if (is_object($user) && $user->isAuthenticated()) { // The existing token does not match the current user! if ($user_for_token->id() <> $user->id()) { drupal_set_message(t('This @social_network account is already linked to another user.', array( '@social_network' => $provider_name, )), 'error'); } // The existing token matches the current user! else { // Link identity. if ($data['plugin']['data']['action'] == 'link_identity') { \social_login_map_identity_token_to_user_token($user, $identity_token, $user_token, $provider_name); drupal_set_message(t('The @social_network account has been linked to your account.', array( '@social_network' => $provider_name, )), 'status'); } // Unlink identity. else { \social_login_unmap_identity_token($identity_token); drupal_set_message(t('The social network account has been unlinked from your account.'), 'status'); } // Clear session. \social_login_clear_session(); // Redirect to profile. \Drupal::logger('social_login')->notice('- '. __FUNCTION__ .'@'. __LINE__ .' redirecting to '. \Drupal::url('user.page')); return new RedirectResponse(\Drupal::url('user.page')); } } // User is not logged in. else { drupal_set_message(t('You must be logged in to perform this action.'), 'error'); // Clear session. \social_login_clear_session(); // Redirect to home. return new RedirectResponse(\Drupal::url('<front>')); } } } // New user. else { \Drupal::logger('social_login')->notice('- '. __FUNCTION__ .'@'. __LINE__ .' new user'); // New users may register. if (\Drupal::config('user.settings')->get('register') != USER_REGISTER_ADMINISTRATORS_ONLY) { // Extract the user's email address. $user_email = ''; $user_email_is_verified = NULL; $user_email_is_random = NULL; if (isset($identity['emails']) && is_array($identity['emails'])) { while (!$user_email_is_verified && (list(, $email) = each($identity['emails']))) { $user_email = $email['value']; $user_email_is_verified = (!empty($email['is_verified'])); } } // The admin has chosen the automatic registration. if ($registration_method <> 'manual') { // No email address / Email address already exists. if (empty($user_email) || \social_login_get_uid_for_email($user_email) !== FALSE) { // The admin wants users to fill out their email manually. if ($registration_method == 'auto_manual_email') { // We have to fall back to the default registration. $registration_method = 'manual'; } // The admin has enabled the usage of random email addresses. else { // Create a bogus email. $user_email = \social_login_create_random_email(); // Flag - is used further down. $user_email_is_random = TRUE; } } } // Automatic registration is still enabled. if ($registration_method <> 'manual') { // If something goes wrong fall back to manual registration. $registration_method = 'manual'; // Extract User Firstname. $user_first_name = (!empty($identity['name']['givenName']) ? $identity['name']['givenName'] : ''); // Extract User Lastname. $user_last_name = (!empty($identity['name']['familyName']) ? $identity['name']['familyName'] : ''); // Forge User Login. $user_login = ''; if (!empty($identity['preferredUsername'])) { $user_login = $identity['preferredUsername']; } elseif (!empty($identity['displayName'])) { $user_login = $identity['displayName']; } elseif (!empty($identity['name']['formatted'])) { $user_login = $identity['name']['formatted']; } else { $user_login = trim($user_first_name . ' ' . $user_last_name); } // We absolutely need a unique username. if (strlen(trim($user_login)) == 0 || \social_login_get_uid_for_name(trim($user_login)) !== FALSE) { $i = 1; $user_login = $provider_name . t('User'); while (\social_login_get_uid_for_name($user_login) !== FALSE) { $user_login = $provider_name . t('User') . $i++; } } // We also need a password. $user_password = user_password(8); // Check the approval setting. switch ($registration_approval) { // No approval required. case 'disable': $user_status = 1; break; // Manual approval required. case 'enable': $user_status = 0; break; // Use the system-wide setting. default: $user_status = \Drupal::config('user.settings')->get('register') == USER_REGISTER_VISITORS ? 1 : 0; break; } $user_roles = array(); // real user accounts get the authenticated user role. // Make sure at least one module implements our hook. if (count(\Drupal::moduleHandler()->getImplementations('social_login_default_user_roles')) > 0) { // Call modules that implements the hook. $user_roles = \Drupal::moduleHandler()->invokeAll('social_login_default_user_roles', $user_roles); } // Setup the user fields. $user_fields = array( 'name' => $user_login, 'mail' => $user_email, 'pass' => $user_password, 'status' => $user_status, 'init' => $user_email, 'roles' => $user_roles, ); // Create a new user. $account = User::create($user_fields); $account->save(); // The new account has been created correctly. if ($account !== FALSE) { // Disable Drupal legacy registration. $registration_method = 'auto'; // Log the new user in. if (($uid = \Drupal::service("user.auth")->authenticate($user_login, $user_password)) !== FALSE) { // Loads a user object. $user = User::load($uid); user_login_finalize($user); // Send email if it's not a random email. if ($user_email_is_random !== TRUE) { // No approval required. if ($user_status == 1) { _user_mail_notify('register_no_approval_required', $user); drupal_set_message(t('You have succesfully created an account and linked it with your @social_network account.', array( '@social_network' => $provider_name, )), 'status'); } // Approval required. else { $a = _user_mail_notify('register_pending_approval', $user); drupal_set_message(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.<br />You will receive an email once your account has been approved and you can then login with your @social_network account.', array( '@social_network' => $provider_name, )), 'status'); } } // Random email used. else { drupal_set_message(t('You have succesfully created an account and linked it with your @social_network account.', array( '@social_network' => $provider_name, )), 'status'); } } // For some reason we could not log the user in. else { // Redirect to login page (login manually). drupal_set_message(t('Error while logging you in, please try to login manually.'), 'error'); \Drupal::logger('social_login')->error('- '. __FUNCTION__ .'@'. __LINE__ .' auto login, redirecting to '. \Drupal::url('user.login')); return new RedirectResponse(\Drupal::url('user.login')); } } // An error occured during user->save(). else { // Redirect to registration page (register manually). drupal_set_message(t('Error while creating your user account, please try to register manually.'), 'error'); \Drupal::logger('social_login')->error('- '. __FUNCTION__ .'@'. __LINE__ .' auto register, redirecting to '. \Drupal::url('user.register')); return new RedirectResponse(\Drupal::url('user.register')); } } // Use the legacy registration form? if ($registration_method == 'manual') { // Redirect to the registration page (+ prepopulate form with SESSION data). \Drupal::logger('social_login')->notice('- '. __FUNCTION__ .'@'. __LINE__ .' manual register, redirecting to '. \Drupal::url('user.register')); return new RedirectResponse(\Drupal::url('user.register')); } } // Registration disabled. else { drupal_set_message(t('Only site administrators can create new user accounts.'), 'error'); return new RedirectResponse(\Drupal::url('<front>')); } } } } else { \Drupal::logger('social_login')->error('- '. __FUNCTION__ .'@'. __LINE__ .' invalid JSON received from resource'); } } } // Return to the front page. return new RedirectResponse(\Drupal::url('<front>')); }
public function username_check_mail_callback() { $output = []; $mail = $_GET['mail']; $ret = valid_email_address($mail); if (!$ret) { $output['msg'] = $ret; } else { $ret = user_is_blocked($mail); $output['allowed'] = FALSE; if ($ret) { $output['allowed'] = FALSE; $output['msg'] = t('The e-mail address %mail is not allowed.', ['%mail' => $mail]); } else { $mail = String::checkPlain($mail); $ret = $this->_username_check_is_mail_exists($mail); if ($ret) { $url = Url::fromRoute("user.page"); $login_link = \Drupal::l(t('login'), $url); $forgot_link = \Drupal::l(t(' password'), $url); $output['allowed'] = FALSE; $output['msg'] = t('The e-mail address %mail is already in the system, you have an account here. Please ' . $login_link . ' or if you\'ve forgotten your password, ' . $forgot_link . '.', ['%mail' => $mail]); } else { $output['allowed'] = TRUE; } } } return new JsonResponse($output); }