/** * 注册公共函数 * 由一些条件的判断完成最终注册 * @param $platform_userid 用户id唯一 * @param $platform_type 类型:sina、qq * @param null $nickname 昵称 * @param null $description 描述 * @param null $location 当前所在地 * @param int $gender 性别 */ function regist_common($platform_userid, $platform_type, $nickname = null, $profile_image_url = null, $description = null, $gender = 0, $location = null) { $head = null; //拼接userid头 switch ($platform_type) { case 2: $head = "qq"; break; case 1: $head = 'sina'; break; } $user = new User(); $sql = "platform_type='{$platform_type}' AND platform_userid='{$platform_userid}'"; $user->whereAdd($sql); $user->limit(1); $user->find(); if ($user->fetch()) { $this->showUserResult($user, 1); return; } $originalUsername = $head . $platform_userid; $username = $this->nicknameFromName($originalUsername); $email = $this->trimmed("email"); $homepage = $this->trimmed("homepage"); $password = $this->password; if (!User::allowed_nickname($nickname)) { // TRANS: Client error displayed when trying to create a new user with an invalid username. $this->clientError(_('username bad'), 400); return; } $user_check = User::staticGet('nickname', $username); if ($user_check) { $this->clientError('username exists', 400); return; } $user = User::register(array('nickname' => $username, 'password' => $password, 'email' => $email, 'fullname' => $nickname, 'homepage' => $homepage, 'bio' => $description, 'location' => $location, 'code' => $code, 'gender' => $gender, 'platform_userid' => $platform_userid, 'platform_type' => $platform_type)); if (!$user) { // TRANS: Form validation error displayed when trying to register with an invalid username or password. $this->clientError(_('Invalid username or password.', 400, 'json')); return; } // success! if (!common_set_user($user)) { // TRANS: Server error displayed when saving fails during user registration. $this->serverError(_('Error setting user.', '500', 'json')); return; } // this is a real login common_real_login(true); if ($this->boolean('rememberme')) { common_debug('Adding rememberme cookie for ' . $nickname); common_rememberme($user); } // Re-init language env in case it changed (not yet, but soon) common_init_language(); Event::handle('EndRegistrationTry', array($this)); if (!empty($profile_image_url)) { try { $user->getProfile()->setOriginalAvatarUrl($profile_image_url); common_broadcast_profile($user->getProfile()); } catch (Exception $exc) { } } $this->showUserResult($user, 0); }
/** * Handle a post * * Validate input and save changes. Reload the form with a success * or error message. * * @return void */ function handlePost() { // CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { // TRANS: Form validation error. $this->showForm(_('There was a problem with your session token. ' . 'Try again, please.')); return; } if (Event::handle('StartProfileSaveForm', array($this))) { try { $nickname = Nickname::normalize($this->trimmed('nickname')); } catch (NicknameException $e) { $this->showForm($e->getMessage()); return; } $fullname = $this->trimmed('fullname'); $homepage = $this->trimmed('homepage'); $bio = $this->trimmed('bio'); $location = $this->trimmed('location'); $autosubscribe = $this->boolean('autosubscribe'); $subscribe_policy = $this->trimmed('subscribe_policy'); $private_stream = $this->boolean('private_stream'); $language = $this->trimmed('language'); $timezone = $this->trimmed('timezone'); $tagstring = $this->trimmed('tags'); // Some validation if (!User::allowed_nickname($nickname)) { // TRANS: Validation error in form for profile settings. $this->showForm(_('Not a valid nickname.')); return; } else { if (!is_null($homepage) && strlen($homepage) > 0 && !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) { // TRANS: Validation error in form for profile settings. $this->showForm(_('Homepage is not a valid URL.')); return; } else { if (!is_null($fullname) && mb_strlen($fullname) > 255) { // TRANS: Validation error in form for profile settings. $this->showForm(_('Full name is too long (maximum 255 characters).')); return; } else { if (Profile::bioTooLong($bio)) { // TRANS: Validation error in form for profile settings. // TRANS: Plural form is used based on the maximum number of allowed // TRANS: characters for the biography (%d). $this->showForm(sprintf(_m('Bio is too long (maximum %d character).', 'Bio is too long (maximum %d characters).', Profile::maxBio()), Profile::maxBio())); return; } else { if (!is_null($location) && mb_strlen($location) > 255) { // TRANS: Validation error in form for profile settings. $this->showForm(_('Location is too long (maximum 255 characters).')); return; } else { if (is_null($timezone) || !in_array($timezone, DateTimeZone::listIdentifiers())) { // TRANS: Validation error in form for profile settings. $this->showForm(_('Timezone not selected.')); return; } else { if ($this->nicknameExists($nickname)) { // TRANS: Validation error in form for profile settings. $this->showForm(_('Nickname already in use. Try another one.')); return; } else { if (!is_null($language) && strlen($language) > 50) { // TRANS: Validation error in form for profile settings. $this->showForm(_('Language is too long (maximum 50 characters).')); return; } } } } } } } } $tags = array(); $tag_priv = array(); if (is_string($tagstring) && strlen($tagstring) > 0) { $tags = preg_split('/[\\s,]+/', $tagstring); foreach ($tags as &$tag) { $private = @$tag[0] === '.'; $tag = common_canonical_tag($tag); if (!common_valid_profile_tag($tag)) { // TRANS: Validation error in form for profile settings. // TRANS: %s is an invalid tag. $this->showForm(sprintf(_('Invalid tag: "%s".'), $tag)); return; } $tag_priv[$tag] = $private; } } $user = common_current_user(); $user->query('BEGIN'); if ($user->nickname != $nickname || $user->language != $language || $user->timezone != $timezone) { common_debug('Updating user nickname from ' . $user->nickname . ' to ' . $nickname, __FILE__); common_debug('Updating user language from ' . $user->language . ' to ' . $language, __FILE__); common_debug('Updating user timezone from ' . $user->timezone . ' to ' . $timezone, __FILE__); $original = clone $user; $user->nickname = $nickname; $user->language = $language; $user->timezone = $timezone; $result = $user->updateKeys($original); if ($result === false) { common_log_db_error($user, 'UPDATE', __FILE__); // TRANS: Server error thrown when user profile settings could not be updated. $this->serverError(_('Could not update user.')); return; } else { // Re-initialize language environment if it changed common_init_language(); // Clear the site owner, in case nickname changed if ($user->hasRole(Profile_role::OWNER)) { User::blow('user:site_owner'); } } } // XXX: XOR if ($user->autosubscribe ^ $autosubscribe || $user->private_stream ^ $private_stream || $user->subscribe_policy != $subscribe_policy) { $original = clone $user; $user->autosubscribe = $autosubscribe; $user->private_stream = $private_stream; $user->subscribe_policy = $subscribe_policy; $result = $user->update($original); if ($result === false) { common_log_db_error($user, 'UPDATE', __FILE__); // TRANS: Server error thrown when user profile settings could not be updated to // TRANS: automatically subscribe to any subscriber. $this->serverError(_('Could not update user for autosubscribe or subscribe_policy.')); return; } } $profile = $user->getProfile(); $orig_profile = clone $profile; $profile->nickname = $user->nickname; $profile->fullname = $fullname; $profile->homepage = $homepage; $profile->bio = $bio; $profile->location = $location; $loc = Location::fromName($location); if (empty($loc)) { $profile->lat = null; $profile->lon = null; $profile->location_id = null; $profile->location_ns = null; } else { $profile->lat = $loc->lat; $profile->lon = $loc->lon; $profile->location_id = $loc->location_id; $profile->location_ns = $loc->location_ns; } $profile->profileurl = common_profile_url($nickname); if (common_config('location', 'share') == 'user') { $exists = false; $prefs = User_location_prefs::staticGet('user_id', $user->id); if (empty($prefs)) { $prefs = new User_location_prefs(); $prefs->user_id = $user->id; $prefs->created = common_sql_now(); } else { $exists = true; $orig = clone $prefs; } $prefs->share_location = $this->boolean('sharelocation'); if ($exists) { $result = $prefs->update($orig); } else { $result = $prefs->insert(); } if ($result === false) { common_log_db_error($prefs, $exists ? 'UPDATE' : 'INSERT', __FILE__); // TRANS: Server error thrown when user profile location preference settings could not be updated. $this->serverError(_('Could not save location prefs.')); return; } } common_debug('Old profile: ' . common_log_objstring($orig_profile), __FILE__); common_debug('New profile: ' . common_log_objstring($profile), __FILE__); $result = $profile->update($orig_profile); if ($result === false) { common_log_db_error($profile, 'UPDATE', __FILE__); // TRANS: Server error thrown when user profile settings could not be saved. $this->serverError(_('Could not save profile.')); return; } // Set the user tags $result = $user->setSelfTags($tags, $tag_priv); if (!$result) { // TRANS: Server error thrown when user profile settings tags could not be saved. $this->serverError(_('Could not save tags.')); return; } $user->query('COMMIT'); Event::handle('EndProfileSaveForm', array($this)); common_broadcast_profile($profile); // TRANS: Confirmation shown when user profile settings are saved. $this->showForm(_('Settings saved.'), true); } }
/** * Try to register a user * * Validates the input and tries to save a new user and profile * record. On success, shows an instructions page. * * @return void */ function tryRegister() { if (Event::handle('StartRegistrationTry', array($this))) { $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { $this->showForm(_('There was a problem with your session token. ' . 'Try again, please.')); return; } $nickname = $this->trimmed('nickname'); $email = $this->trimmed('email'); $fullname = $this->trimmed('fullname'); $homepage = $this->trimmed('homepage'); $bio = $this->trimmed('bio'); $location = $this->trimmed('location'); // We don't trim these... whitespace is OK in a password! $password = $this->arg('password'); $confirm = $this->arg('confirm'); // invitation code, if any $code = $this->trimmed('code'); if ($code) { $invite = Invitation::staticGet($code); } if (common_config('site', 'inviteonly') && !($code && $invite)) { $this->clientError(_('Sorry, only invited people can register.')); return; } // Input scrubbing try { $nickname = Nickname::normalize($nickname); } catch (NicknameException $e) { $this->showForm($e->getMessage()); } $email = common_canonical_email($email); if (!$this->boolean('license')) { $this->showForm(_('You cannot register if you don\'t ' . 'agree to the license.')); } else { if ($email && !Validate::email($email, common_config('email', 'check_domain'))) { $this->showForm(_('Not a valid email address.')); } else { if ($this->nicknameExists($nickname)) { $this->showForm(_('Nickname already in use. Try another one.')); } else { if (!User::allowed_nickname($nickname)) { $this->showForm(_('Not a valid nickname.')); } else { if ($this->emailExists($email)) { $this->showForm(_('Email address already exists.')); } else { if (!is_null($homepage) && strlen($homepage) > 0 && !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) { $this->showForm(_('Homepage is not a valid URL.')); return; } else { if (!is_null($fullname) && mb_strlen($fullname) > 255) { $this->showForm(_('Full name is too long (maximum 255 characters).')); return; } else { if (Profile::bioTooLong($bio)) { $this->showForm(sprintf(_m('Bio is too long (maximum %d character).', 'Bio is too long (maximum %d characters).', Profile::maxBio()), Profile::maxBio())); return; } else { if (!is_null($location) && mb_strlen($location) > 255) { $this->showForm(_('Location is too long (maximum 255 characters).')); return; } else { if (strlen($password) < 6) { $this->showForm(_('Password must be 6 or more characters.')); return; } else { if ($password != $confirm) { $this->showForm(_('Passwords don\'t match.')); } else { if ($user = User::register(array('nickname' => $nickname, 'password' => $password, 'email' => $email, 'fullname' => $fullname, 'homepage' => $homepage, 'bio' => $bio, 'location' => $location, 'code' => $code))) { if (!$user) { $this->showForm(_('Invalid username or password.')); return; } // success! if (!common_set_user($user)) { $this->serverError(_('Error setting user.')); return; } // this is a real login common_real_login(true); if ($this->boolean('rememberme')) { common_debug('Adding rememberme cookie for ' . $nickname); common_rememberme($user); } Event::handle('EndRegistrationTry', array($this)); // Re-init language env in case it changed (not yet, but soon) common_init_language(); $this->showSuccess(); } else { $this->showForm(_('Invalid username or password.')); } } } } } } } } } } } } } }
/** * Handle a post * * Validate input and save changes. Reload the form with a success * or error message. * * @return void */ function handlePost() { // CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { $this->showForm(_('There was a problem with your session token. ' . 'Try again, please.')); return; } if (Event::handle('StartProfileSaveForm', array($this))) { $nickname = $this->trimmed('nickname'); $fullname = $this->trimmed('fullname'); $homepage = $this->trimmed('homepage'); $bio = $this->trimmed('bio'); $location = $this->trimmed('location'); $autosubscribe = $this->boolean('autosubscribe'); $language = $this->trimmed('language'); $timezone = $this->trimmed('timezone'); $tagstring = $this->trimmed('tags'); // Some validation if (!Validate::string($nickname, array('min_length' => 1, 'max_length' => 64, 'format' => NICKNAME_FMT))) { $this->showForm(_('Nickname must have only lowercase letters and numbers and no spaces.')); return; } else { if (!User::allowed_nickname($nickname)) { $this->showForm(_('Not a valid nickname.')); return; } else { if (!is_null($homepage) && strlen($homepage) > 0 && !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) { $this->showForm(_('Homepage is not a valid URL.')); return; } else { if (!is_null($fullname) && mb_strlen($fullname) > 255) { $this->showForm(_('Full name is too long (max 255 chars).')); return; } else { if (Profile::bioTooLong($bio)) { $this->showForm(sprintf(_('Bio is too long (max %d chars).'), Profile::maxBio())); return; } else { if (!is_null($location) && mb_strlen($location) > 255) { $this->showForm(_('Location is too long (max 255 chars).')); return; } else { if (is_null($timezone) || !in_array($timezone, DateTimeZone::listIdentifiers())) { $this->showForm(_('Timezone not selected.')); return; } else { if ($this->nicknameExists($nickname)) { $this->showForm(_('Nickname already in use. Try another one.')); return; } else { if (!is_null($language) && strlen($language) > 50) { $this->showForm(_('Language is too long (max 50 chars).')); return; } } } } } } } } } if ($tagstring) { $tags = array_map('common_canonical_tag', preg_split('/[\\s,]+/', $tagstring)); } else { $tags = array(); } foreach ($tags as $tag) { if (!common_valid_profile_tag($tag)) { $this->showForm(sprintf(_('Invalid tag: "%s"'), $tag)); return; } } $user = common_current_user(); $user->query('BEGIN'); if ($user->nickname != $nickname || $user->language != $language || $user->timezone != $timezone) { common_debug('Updating user nickname from ' . $user->nickname . ' to ' . $nickname, __FILE__); common_debug('Updating user language from ' . $user->language . ' to ' . $language, __FILE__); common_debug('Updating user timezone from ' . $user->timezone . ' to ' . $timezone, __FILE__); $original = clone $user; $user->nickname = $nickname; $user->language = $language; $user->timezone = $timezone; $result = $user->updateKeys($original); if ($result === false) { common_log_db_error($user, 'UPDATE', __FILE__); $this->serverError(_('Couldn\'t update user.')); return; } else { // Re-initialize language environment if it changed common_init_language(); // Clear the site owner, in case nickname changed if ($user->hasRole(Profile_role::OWNER)) { User::blow('user:site_owner'); } } } // XXX: XOR if ($user->autosubscribe ^ $autosubscribe) { $original = clone $user; $user->autosubscribe = $autosubscribe; $result = $user->update($original); if ($result === false) { common_log_db_error($user, 'UPDATE', __FILE__); $this->serverError(_('Couldn\'t update user for autosubscribe.')); return; } } $profile = $user->getProfile(); $orig_profile = clone $profile; $profile->nickname = $user->nickname; $profile->fullname = $fullname; $profile->homepage = $homepage; $profile->bio = $bio; $profile->location = $location; $loc = Location::fromName($location); if (empty($loc)) { $profile->lat = null; $profile->lon = null; $profile->location_id = null; $profile->location_ns = null; } else { $profile->lat = $loc->lat; $profile->lon = $loc->lon; $profile->location_id = $loc->location_id; $profile->location_ns = $loc->location_ns; } $profile->profileurl = common_profile_url($nickname); if (common_config('location', 'share') == 'user') { $exists = false; $prefs = User_location_prefs::staticGet('user_id', $user->id); if (empty($prefs)) { $prefs = new User_location_prefs(); $prefs->user_id = $user->id; $prefs->created = common_sql_now(); } else { $exists = true; $orig = clone $prefs; } $prefs->share_location = $this->boolean('sharelocation'); if ($exists) { $result = $prefs->update($orig); } else { $result = $prefs->insert(); } if ($result === false) { common_log_db_error($prefs, $exists ? 'UPDATE' : 'INSERT', __FILE__); $this->serverError(_('Couldn\'t save location prefs.')); return; } } common_debug('Old profile: ' . common_log_objstring($orig_profile), __FILE__); common_debug('New profile: ' . common_log_objstring($profile), __FILE__); $result = $profile->update($orig_profile); if ($result === false) { common_log_db_error($profile, 'UPDATE', __FILE__); $this->serverError(_('Couldn\'t save profile.')); return; } // Set the user tags $result = $user->setSelfTags($tags); if (!$result) { $this->serverError(_('Couldn\'t save tags.')); return; } $user->query('COMMIT'); Event::handle('EndProfileSaveForm', array($this)); common_broadcast_profile($profile); $this->showForm(_('Settings saved.'), true); } }
function main() { global $user, $action; if (!_have_config()) { $msg = sprintf(_("No configuration file found. Try running " . "the installation program first.")); $sac = new ServerErrorAction($msg); $sac->showPage(); return; } // Make sure RW database is setup setupRW(); // XXX: we need a little more structure in this script // get and cache current user (may hit RW!) $user = common_current_user(); // initialize language env common_init_language(); $path = getPath($_REQUEST); $r = Router::get(); $args = $r->map($path); if (!$args) { // TRANS: Error message displayed when trying to access a non-existing page. $cac = new ClientErrorAction(_('Unknown page'), 404); $cac->showPage(); return; } $site_ssl = common_config('site', 'ssl'); // If the request is HTTP and it should be HTTPS... if ($site_ssl != 'never' && !GNUsocial::isHTTPS() && common_is_sensitive($args['action'])) { common_redirect(common_local_url($args['action'], $args)); } $args = array_merge($args, $_REQUEST); Event::handle('ArgsInitialize', array(&$args)); $action = basename($args['action']); if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) { common_redirect(common_local_url('public')); } // If the site is private, and they're not on one of the "public" // parts of the site, redirect to login if (!$user && common_config('site', 'private') && !isLoginAction($action) && !preg_match('/rss$/', $action) && $action != 'robotstxt' && !preg_match('/^Api/', $action)) { // set returnto $rargs =& common_copy_args($args); unset($rargs['action']); if (common_config('site', 'fancy')) { unset($rargs['p']); } if (array_key_exists('submit', $rargs)) { unset($rargs['submit']); } foreach (array_keys($_COOKIE) as $cookie) { unset($rargs[$cookie]); } common_set_returnto(common_local_url($action, $rargs)); common_redirect(common_local_url('login')); } $action_class = ucfirst($action) . 'Action'; if (!class_exists($action_class)) { // TRANS: Error message displayed when trying to perform an undefined action. $cac = new ClientErrorAction(_('Unknown action'), 404); $cac->showPage(); } else { try { call_user_func("{$action_class}::run", $args); } catch (ClientException $cex) { $cac = new ClientErrorAction($cex->getMessage(), $cex->getCode()); $cac->showPage(); } catch (ServerException $sex) { // snort snort guffaw $sac = new ServerErrorAction($sex->getMessage(), $sex->getCode(), $sex); $sac->showPage(); } catch (Exception $ex) { $sac = new ServerErrorAction($ex->getMessage(), 500, $ex); $sac->showPage(); } } }
/** * Try to register a user * * Validates the input and tries to save a new user and profile * record. On success, shows an instructions page. * * @return void */ function tryRegister() { if (Event::handle('StartRegistrationTry', array($this))) { $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { // TRANS: Client error displayed when the session token does not match or is not given. $this->showForm(_('There was a problem with your session token. ' . 'Try again, please.')); return; } $nickname = $this->trimmed('nickname'); $email = $this->trimmed('email'); $fullname = $this->trimmed('fullname'); $homepage = $this->trimmed('homepage'); $bio = $this->trimmed('bio'); $location = $this->trimmed('location'); // We don't trim these... whitespace is OK in a password! $password = $this->arg('password'); $confirm = $this->arg('confirm'); // invitation code, if any $code = $this->trimmed('code'); if ($code) { $invite = Invitation::getKV($code); } if (common_config('site', 'inviteonly') && !($code && $invite)) { // TRANS: Client error displayed when trying to register to an invite-only site without an invitation. $this->clientError(_('Sorry, only invited people can register.')); } // Input scrubbing try { $nickname = Nickname::normalize($nickname, true); } catch (NicknameException $e) { $this->showForm($e->getMessage()); return; } $email = common_canonical_email($email); if (!$this->boolean('license')) { // TRANS: Form validation error displayed when trying to register without agreeing to the site license. $this->showForm(_('You cannot register if you do not ' . 'agree to the license.')); } else { if ($email && !Validate::email($email, common_config('email', 'check_domain'))) { // TRANS: Form validation error displayed when trying to register without a valid e-mail address. $this->showForm(_('Not a valid email address.')); } else { if ($this->emailExists($email)) { // TRANS: Form validation error displayed when trying to register with an already registered e-mail address. $this->showForm(_('Email address already exists.')); } else { if (!is_null($homepage) && strlen($homepage) > 0 && !common_valid_http_url($homepage)) { // TRANS: Form validation error displayed when trying to register with an invalid homepage URL. $this->showForm(_('Homepage is not a valid URL.')); } else { if (!is_null($fullname) && mb_strlen($fullname) > 255) { // TRANS: Form validation error displayed when trying to register with a too long full name. $this->showForm(_('Full name is too long (maximum 255 characters).')); } else { if (Profile::bioTooLong($bio)) { // TRANS: Form validation error on registration page when providing too long a bio text. // TRANS: %d is the maximum number of characters for bio; used for plural. $this->showForm(sprintf(_m('Bio is too long (maximum %d character).', 'Bio is too long (maximum %d characters).', Profile::maxBio()), Profile::maxBio())); } else { if (!is_null($location) && mb_strlen($location) > 255) { // TRANS: Form validation error displayed when trying to register with a too long location. $this->showForm(_('Location is too long (maximum 255 characters).')); } else { if (strlen($password) < 6) { // TRANS: Form validation error displayed when trying to register with too short a password. $this->showForm(_('Password must be 6 or more characters.')); } else { if ($password != $confirm) { // TRANS: Form validation error displayed when trying to register with non-matching passwords. $this->showForm(_('Passwords do not match.')); } else { try { $user = User::register(array('nickname' => $nickname, 'password' => $password, 'email' => $email, 'fullname' => $fullname, 'homepage' => $homepage, 'bio' => $bio, 'location' => $location, 'code' => $code)); // success! if (!common_set_user($user)) { // TRANS: Server error displayed when saving fails during user registration. $this->serverError(_('Error setting user.')); } // this is a real login common_real_login(true); if ($this->boolean('rememberme')) { common_debug('Adding rememberme cookie for ' . $nickname); common_rememberme($user); } // Re-init language env in case it changed (not yet, but soon) common_init_language(); Event::handle('EndRegistrationTry', array($this)); $this->showSuccess(); } catch (Exception $e) { // TRANS: Form validation error displayed when trying to register with an invalid username or password. $this->showForm($e->getMessage()); } } } } } } } } } } } }
/** * Try to register a user * * Validates the input and tries to save a new user and profile * record. On success, shows an instructions page. * * @return void */ function tryRegister() { if (Event::handle('StartRegistrationTry', array($this))) { $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { // TRANS: Client error displayed when the session token does not match or is not given. $this->showForm(_('There was a problem with your session token. ' . 'Try again, please.')); return; } $privatekey = "6LfbNe0SAAAAAMlC0ByC2IHKH8LKatPNX8HaMGGH"; $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { // What happens when the CAPTCHA was entered incorrectly $this->showForm(_("El reCAPTCHA no se ha introducido correctamente.")); } else { if ($this->trimmed('phoneLbl') != "") { return; } $nickname = $this->trimmed('nickname'); $email = $this->trimmed('email'); $fullname = $this->trimmed('fullname'); // We don't trim these... whitespace is OK in a password! $password = $this->arg('password'); $confirm = $this->arg('confirm'); // invitation code, if any $code = $this->trimmed('code'); if ($code) { $invite = Invitation::staticGet($code); } if (common_config('site', 'inviteonly') && !($code && $invite)) { // TRANS: Client error displayed when trying to register to an invite-only site without an invitation. $this->clientError(_('Sorry, only invited people can register.')); return; } // Input scrubbing try { $nickname = Nickname::normalize($nickname); } catch (NicknameException $e) { $this->showForm($e->getMessage()); return; } $email = common_canonical_email($email); if (!$this->boolean('license')) { // TRANS: Form validation error displayed when trying to register without agreeing to the site license. $this->showForm(_('You cannot register if you do not ' . 'agree to the license.')); } else { if (!$email) { $this->showForm(_("Email can't be empty")); } else { if ($email && !Validate::email($email, common_config('email', 'check_domain'))) { // TRANS: Form validation error displayed when trying to register without a valid e-mail address. $this->showForm(_('Not a valid email address.')); } else { if ($this->nicknameExists($nickname)) { // TRANS: Form validation error displayed when trying to register with an existing nickname. $this->showForm(_('Nickname already in use. Try another one.')); } else { if (!User::allowed_nickname($nickname)) { // TRANS: Form validation error displayed when trying to register with an invalid nickname. $this->showForm(_('Not a valid nickname.')); } else { if ($this->emailExists($email)) { // TRANS: Form validation error displayed when trying to register with an already registered e-mail address. $this->showForm(_('Email address already exists.')); } else { if (!is_null($fullname) && mb_strlen($fullname) > 255) { // TRANS: Form validation error displayed when trying to register with a too long full name. $this->showForm(_('Full name is too long (maximum 255 characters).')); return; } else { if (strlen($password) < 6) { // TRANS: Form validation error displayed when trying to register with too short a password. $this->showForm(_('Password must be 6 or more characters.')); return; } else { if ($password != $confirm) { // TRANS: Form validation error displayed when trying to register with non-matching passwords. $this->showForm(_('Passwords do not match.')); } else { if ($user = User::register(array('nickname' => $nickname, 'password' => $password, 'email' => $email, 'fullname' => $fullname, 'homepage' => $homepage, 'bio' => $bio, 'location' => $location, 'code' => $code))) { if (!$user) { // TRANS: Form validation error displayed when trying to register with an invalid username or password. $this->showForm(_('Invalid username or password.')); return; } // success! if (!common_set_user($user)) { // TRANS: Server error displayed when saving fails during user registration. $this->serverError(_('Error setting user.')); return; } // this is a real login common_real_login(true); // Re-init language env in case it changed (not yet, but soon) common_init_language(); Event::handle('EndRegistrationTry', array($this)); $this->showSuccess(); } else { // TRANS: Form validation error displayed when trying to register with an invalid username or password. $this->showForm(_('Invalid username or password.')); } } } } } } } } } } } } }
function main() { // fake HTTP redirects using lighttpd's 404 redirects if (strpos($_SERVER['SERVER_SOFTWARE'], 'lighttpd') !== false) { $_lighty_url = $base_url . $_SERVER['REQUEST_URI']; $_lighty_url = @parse_url($_lighty_url); if ($_lighty_url['path'] != '/index.php' && $_lighty_url['path'] != '/') { $_lighty_path = preg_replace('/^' . preg_quote(common_config('site', 'path')) . '\\//', '', substr($_lighty_url['path'], 1)); $_SERVER['QUERY_STRING'] = 'p=' . $_lighty_path; if (isset($_lighty_url['query']) && $_lighty_url['query'] != '') { $_SERVER['QUERY_STRING'] .= '&' . $_lighty_url['query']; parse_str($_lighty_url['query'], $_lighty_query); foreach ($_lighty_query as $key => $val) { $_GET[$key] = $_REQUEST[$key] = $val; } } $_GET['p'] = $_REQUEST['p'] = $_lighty_path; } } $_SERVER['REDIRECT_URL'] = preg_replace("/\\?.+\$/", "", $_SERVER['REQUEST_URI']); // quick check for fancy URL auto-detection support in installer. if (isset($_SERVER['REDIRECT_URL']) && preg_replace("/^\\/\$/", "", dirname($_SERVER['REQUEST_URI'])) . '/check-fancy' === $_SERVER['REDIRECT_URL']) { die("Fancy URL support detection succeeded. We suggest you enable this to get fancy (pretty) URLs."); } global $user, $action; Snapshot::check(); if (!_have_config()) { $msg = sprintf(_("No configuration file found. Try running " . "the installation program first.")); $sac = new ServerErrorAction($msg); $sac->showPage(); return; } // For database errors PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'handleError'); // Make sure RW database is setup setupRW(); // XXX: we need a little more structure in this script // get and cache current user (may hit RW!) $user = common_current_user(); // initialize language env common_init_language(); $path = getPath($_REQUEST); $r = Router::get(); $args = $r->map($path); if (!$args) { $cac = new ClientErrorAction(_('Unknown page'), 404); $cac->showPage(); return; } $args = array_merge($args, $_REQUEST); Event::handle('ArgsInitialize', array(&$args)); $action = $args['action']; if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) { common_redirect(common_local_url('public')); return; } // If the site is private, and they're not on one of the "public" // parts of the site, redirect to login if (!$user && common_config('site', 'private') && !isLoginAction($action) && !preg_match('/rss$/', $action) && $action != 'robotstxt' && !preg_match('/^Api/', $action)) { // set returnto $rargs =& common_copy_args($args); unset($rargs['action']); if (common_config('site', 'fancy')) { unset($rargs['p']); } if (array_key_exists('submit', $rargs)) { unset($rargs['submit']); } foreach (array_keys($_COOKIE) as $cookie) { unset($rargs[$cookie]); } common_set_returnto(common_local_url($action, $rargs)); common_redirect(common_local_url('login')); return; } $action_class = ucfirst($action) . 'Action'; if (!class_exists($action_class)) { $cac = new ClientErrorAction(_('Unknown action'), 404); $cac->showPage(); } else { $action_obj = new $action_class(); checkMirror($action_obj, $args); try { if ($action_obj->prepare($args)) { $action_obj->handle($args); } } catch (ClientException $cex) { $cac = new ClientErrorAction($cex->getMessage(), $cex->getCode()); $cac->showPage(); } catch (ServerException $sex) { // snort snort guffaw $sac = new ServerErrorAction($sex->getMessage(), $sex->getCode(), $sex); $sac->showPage(); } catch (Exception $ex) { $sac = new ServerErrorAction($ex->getMessage(), 500, $ex); $sac->showPage(); } } }
function setPassword() { if (Event::handle('StartRegistrationTry', array($this))) { if (!empty($this->invitation)) { $email = trim($this->invitation->address); } else { if (!empty($this->confirmation)) { $email = trim($this->confirmation->address); } else { // TRANS: Client exception trown when trying to set password with an invalid confirmation code. throw new Exception(_m('No confirmation thing.')); } } if (!$this->tos) { // TRANS: Error text when trying to register without agreeing to the terms. $this->error = _m('You must accept the terms of service and privacy policy to register.'); } else { if (empty($this->password1)) { // TRANS: Error text when trying to register without a password. $this->error = _m('You must set a password'); } else { if (strlen($this->password1) < 6) { // TRANS: Error text when trying to register with too short a password. $this->error = _m('Password must be 6 or more characters.'); } else { if ($this->password1 != $this->password2) { // TRANS: Error text when trying to register without providing the same password twice. $this->error = _m('Passwords do not match.'); } } } } if (!empty($this->error)) { $this->form = new ConfirmRegistrationForm($this, $this->nickname, $email, $this->code); $this->showPage(); return; } try { $fields = array('nickname' => $this->nickname, 'email' => $email, 'password' => $this->password1, 'email_confirmed' => true); if (!empty($this->invitation)) { $fields['code'] = $this->invitation->code; } $this->user = User::register($fields); } catch (ClientException $e) { $this->error = $e->getMessage(); $this->form = new ConfirmRegistrationForm($this, $this->nickname, $email, $this->code); $this->showPage(); return; } if (empty($this->user)) { // TRANS: Exception trown when using an invitation multiple times. throw new Exception(_m('Failed to register user.')); } common_set_user($this->user); // this is a real login common_real_login(true); // Re-init language env in case it changed (not yet, but soon) common_init_language(); if (!empty($this->confirmation)) { $this->confirmation->delete(); } Event::handle('EndRegistrationTry', array($this)); } if (Event::handle('StartRegisterSuccess', array($this))) { Event::handle('EndRegisterSuccess', array($this)); common_redirect(common_local_url('doc', array('title' => 'welcome')), 303); // common_redirect exits, so we can't run the event _after_ it of course. } }
/** * Handle a post * * Validate input and save changes. Reload the form with a success * or error message. * * @return void */ protected function doPost() { if (Event::handle('StartProfileSaveForm', array($this))) { // $nickname will only be set if this changenick value is true. if (common_config('profile', 'changenick') == true) { try { $nickname = Nickname::normalize($this->trimmed('nickname'), true); } catch (NicknameTakenException $e) { // Abort only if the nickname is occupied by _another_ local user profile if (!$this->scoped->sameAs($e->profile)) { throw $e; } // Since the variable wasn't set before the exception was thrown, let's run // the normalize sequence again, but without in-use check this time. $nickname = Nickname::normalize($this->trimmed('nickname')); } } $fullname = $this->trimmed('fullname'); $homepage = $this->trimmed('homepage'); $bio = $this->trimmed('bio'); $location = $this->trimmed('location'); $autosubscribe = $this->booleanintstring('autosubscribe'); $subscribe_policy = $this->trimmed('subscribe_policy'); $private_stream = $this->booleanintstring('private_stream'); $language = $this->trimmed('language'); $timezone = $this->trimmed('timezone'); $tagstring = $this->trimmed('tags'); // Some validation if (!is_null($homepage) && strlen($homepage) > 0 && !common_valid_http_url($homepage)) { // TRANS: Validation error in form for profile settings. throw new ClientException(_('Homepage is not a valid URL.')); } else { if (!is_null($fullname) && mb_strlen($fullname) > 191) { // TRANS: Validation error in form for profile settings. throw new ClientException(_('Full name is too long (maximum 191 characters).')); } else { if (Profile::bioTooLong($bio)) { // TRANS: Validation error in form for profile settings. // TRANS: Plural form is used based on the maximum number of allowed // TRANS: characters for the biography (%d). throw new ClientException(sprintf(_m('Bio is too long (maximum %d character).', 'Bio is too long (maximum %d characters).', Profile::maxBio()), Profile::maxBio())); } else { if (!is_null($location) && mb_strlen($location) > 191) { // TRANS: Validation error in form for profile settings. throw new ClientException(_('Location is too long (maximum 191 characters).')); } else { if (is_null($timezone) || !in_array($timezone, DateTimeZone::listIdentifiers())) { // TRANS: Validation error in form for profile settings. throw new ClientException(_('Timezone not selected.')); } else { if (!is_null($language) && strlen($language) > 50) { // TRANS: Validation error in form for profile settings. throw new ClientException(_('Language is too long (maximum 50 characters).')); } } } } } } $tags = array(); $tag_priv = array(); if (is_string($tagstring) && strlen($tagstring) > 0) { $tags = preg_split('/[\\s,]+/', $tagstring); foreach ($tags as &$tag) { $private = @$tag[0] === '.'; $tag = common_canonical_tag($tag); if (!common_valid_profile_tag($tag)) { // TRANS: Validation error in form for profile settings. // TRANS: %s is an invalid tag. throw new ClientException(sprintf(_('Invalid tag: "%s".'), $tag)); } $tag_priv[$tag] = $private; } } $user = $this->scoped->getUser(); $user->query('BEGIN'); // $user->nickname is updated through Profile->update(); // XXX: XOR if ($user->autosubscribe ^ $autosubscribe || $user->private_stream ^ $private_stream || $user->timezone != $timezone || $user->language != $language || $user->subscribe_policy != $subscribe_policy) { $original = clone $user; $user->autosubscribe = $autosubscribe; $user->language = $language; $user->private_stream = $private_stream; $user->subscribe_policy = $subscribe_policy; $user->timezone = $timezone; $result = $user->update($original); if ($result === false) { common_log_db_error($user, 'UPDATE', __FILE__); $user->query('ROLLBACK'); // TRANS: Server error thrown when user profile settings could not be updated to // TRANS: automatically subscribe to any subscriber. throw new ServerException(_('Could not update user for autosubscribe or subscribe_policy.')); } // Re-initialize language environment if it changed common_init_language(); } $original = clone $this->scoped; if (common_config('profile', 'changenick') == true && $this->scoped->getNickname() !== $nickname) { assert(Nickname::normalize($nickname) === $nickname); common_debug("Changing user nickname from '{$this->scoped->getNickname()}' to '{$nickname}'."); $this->scoped->nickname = $nickname; $this->scoped->profileurl = common_profile_url($this->scoped->getNickname()); } $this->scoped->fullname = $fullname; $this->scoped->homepage = $homepage; $this->scoped->bio = $bio; $this->scoped->location = $location; $loc = Location::fromName($location); if (empty($loc)) { $this->scoped->lat = null; $this->scoped->lon = null; $this->scoped->location_id = null; $this->scoped->location_ns = null; } else { $this->scoped->lat = $loc->lat; $this->scoped->lon = $loc->lon; $this->scoped->location_id = $loc->location_id; $this->scoped->location_ns = $loc->location_ns; } if (common_config('location', 'share') == 'user') { $exists = false; $prefs = User_location_prefs::getKV('user_id', $this->scoped->getID()); if (empty($prefs)) { $prefs = new User_location_prefs(); $prefs->user_id = $this->scoped->getID(); $prefs->created = common_sql_now(); } else { $exists = true; $orig = clone $prefs; } $prefs->share_location = $this->booleanintstring('sharelocation'); if ($exists) { $result = $prefs->update($orig); } else { $result = $prefs->insert(); } if ($result === false) { common_log_db_error($prefs, $exists ? 'UPDATE' : 'INSERT', __FILE__); $user->query('ROLLBACK'); // TRANS: Server error thrown when user profile location preference settings could not be updated. throw new ServerException(_('Could not save location prefs.')); } } common_debug('Old profile: ' . common_log_objstring($original), __FILE__); common_debug('New profile: ' . common_log_objstring($this->scoped), __FILE__); $result = $this->scoped->update($original); if ($result === false) { common_log_db_error($this->scoped, 'UPDATE', __FILE__); $user->query('ROLLBACK'); // TRANS: Server error thrown when user profile settings could not be saved. throw new ServerException(_('Could not save profile.')); } // Set the user tags $result = Profile_tag::setSelfTags($this->scoped, $tags, $tag_priv); $user->query('COMMIT'); Event::handle('EndProfileSaveForm', array($this)); // TRANS: Confirmation shown when user profile settings are saved. return _('Settings saved.'); } }
function handle($args) { parent::handle($args); if (!Event::handle('StartRegistrationTry', array($this))) { return; } //database use nickname we change it into username for more //easier to understand $nickname = $this->trimmed('username'); $email = $this->trimmed('email'); $fullname = $this->trimmed('nickname'); $homepage = NULL; //$this->trimmed('homepage'); $bio = $this->trimmed('description'); $location = $this->trimmed('location'); $genderStr = $this->trimmed('gender'); if (!empty($bio)) { if (mb_strlen($bio) > self::MAX_DESCRIPTION) { $this->clientError(_('description must be set less than 70')); return; } } if (empty($email) && empty($nickname)) { $this->clientError(_('must set nickname or email')); return; } if (empty($nickname) && !empty($email)) { $user_email_check = User::staticGet('email', $email); if ($user_email_check) { $this->clientError(_('email exists')); return; } $nickname = $this->nicknameFromEmail($email); } // We don't trim these... whitespace is OK in a password! $password = $this->arg('password'); try { $nickname = Nickname::normalize($nickname); } catch (NicknameException $e) { $this->clientError(_('username error')); return; } if (!User::allowed_nickname($nickname)) { // TRANS: Client error displayed when trying to create a new user with an invalid username. $this->clientError(_('username bad'), 400); return; } $gender = 0; if (!empty($genderStr)) { if ($genderStr == 'f') { $gender = 1; } else { if ($genderStr == 'm') { $gender = 2; } } } $user_check = User::staticGet('nickname', $nickname); if ($user_check) { $this->clientError('username exists', 400); return; } if (empty($password)) { $this->clientError(_('password empty'), 400); return; } //no need to confirmed email $email_confirmed = !empty($email); $user = User::register(array('nickname' => $nickname, 'password' => $password, 'email' => $email, 'fullname' => $fullname, 'homepage' => $homepage, 'bio' => $bio, 'location' => $location, 'code' => $code, 'gender' => $gender, 'email_confirmed' => $email_confirmed)); if (!$user) { // TRANS: Form validation error displayed when trying to register with an invalid username or password. $this->clientError(_('Invalid username or password.', 400, 'json')); return; } // success! if (!common_set_user($user)) { // TRANS: Server error displayed when saving fails during user registration. $this->serverError(_('Error setting user.', '500', 'json')); return; } // this is a real login common_real_login(true); if ($this->boolean('rememberme')) { common_debug('Adding rememberme cookie for ' . $nickname); common_rememberme($user); } // Re-init language env in case it changed (not yet, but soon) common_init_language(); Event::handle('EndRegistrationTry', array($this)); $resultUser = $this->twitterUserArray($user->getProfile(), false); $this->initDocument('json'); $this->showJsonObjects($resultUser); $this->endDocument('json'); }
function main() { global $user, $action, $config; if (!_have_config()) { $msg = sprintf(_("No configuration file found. Try running " . "the installation program first.")); $sac = new ServerErrorAction($msg); $sac->showPage(); return; } // For database errors PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'handleError'); // XXX: we need a little more structure in this script // get and cache current user $user = common_current_user(); // initialize language env common_init_language(); $path = getPath($_REQUEST); $r = Router::get(); $args = $r->map($path); if (!$args) { $cac = new ClientErrorAction(_('Unknown page'), 404); $cac->showPage(); return; } $args = array_merge($args, $_REQUEST); $action = $args['action']; if (!$action || !preg_match('/^[a-zA-Z0-9_-]*$/', $action)) { common_redirect(common_local_url('public')); return; } // If the site is private, and they're not on one of the "public" // parts of the site, redirect to login if (!$user && common_config('site', 'private') && !in_array($action, array('login', 'openidlogin', 'finishopenidlogin', 'recoverpassword', 'api', 'doc', 'register'))) { common_redirect(common_local_url('login')); return; } $action_class = ucfirst($action) . 'Action'; if (!class_exists($action_class)) { $cac = new ClientErrorAction(_('Unknown action'), 404); $cac->showPage(); } else { $action_obj = new $action_class(); // XXX: find somewhere for this little block to live if (common_config('db', 'mirror') && $action_obj->isReadOnly()) { if (is_array(common_config('db', 'mirror'))) { // "load balancing", ha ha $arr = common_config('db', 'mirror'); $k = array_rand($arr); $mirror = $arr[$k]; } else { $mirror = common_config('db', 'mirror'); } $config['db']['database'] = $mirror; } try { if ($action_obj->prepare($args)) { $action_obj->handle($args); } } catch (ClientException $cex) { $cac = new ClientErrorAction($cex->getMessage(), $cex->getCode()); $cac->showPage(); } catch (ServerException $sex) { // snort snort guffaw $sac = new ServerErrorAction($sex->getMessage(), $sex->getCode()); $sac->showPage(); } catch (Exception $ex) { $sac = new ServerErrorAction($ex->getMessage()); $sac->showPage(); } } }
/** * Handle a post * * Validate input and save changes. Reload the form with a success * or error message. * * @return void */ function handlePost() { # CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { $this->showForm(_('There was a problem with your session token. ' . 'Try again, please.')); return; } $nickname = $this->trimmed('nickname'); $fullname = $this->trimmed('fullname'); $homepage = $this->trimmed('homepage'); $bio = $this->trimmed('bio'); $location = $this->trimmed('location'); $autosubscribe = $this->boolean('autosubscribe'); $language = $this->trimmed('language'); $timezone = $this->trimmed('timezone'); $tagstring = $this->trimmed('tags'); # Some validation if (!Validate::string($nickname, array('min_length' => 1, 'max_length' => 64, 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { $this->showForm(_('Nickname must have only lowercase letters and numbers and no spaces.')); return; } else { if (!User::allowed_nickname($nickname)) { $this->showForm(_('Not a valid nickname.')); return; } else { if (!is_null($homepage) && strlen($homepage) > 0 && !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) { $this->showForm(_('Homepage is not a valid URL.')); return; } else { if (!is_null($fullname) && mb_strlen($fullname) > 255) { $this->showForm(_('Full name is too long (max 255 chars).')); return; } else { if (!is_null($bio) && mb_strlen($bio) > 140) { $this->showForm(_('Bio is too long (max 140 chars).')); return; } else { if (!is_null($location) && mb_strlen($location) > 255) { $this->showForm(_('Location is too long (max 255 chars).')); return; } else { if (is_null($timezone) || !in_array($timezone, DateTimeZone::listIdentifiers())) { $this->showForm(_('Timezone not selected.')); return; } else { if ($this->nicknameExists($nickname)) { $this->showForm(_('Nickname already in use. Try another one.')); return; } else { if (!is_null($language) && strlen($language) > 50) { $this->showForm(_('Language is too long (max 50 chars).')); return; } } } } } } } } } if ($tagstring) { $tags = array_map('common_canonical_tag', preg_split('/[\\s,]+/', $tagstring)); } else { $tags = array(); } foreach ($tags as $tag) { if (!common_valid_profile_tag($tag)) { $this->showForm(sprintf(_('Invalid tag: "%s"'), $tag)); return; } } $user = common_current_user(); $user->query('BEGIN'); if ($user->nickname != $nickname || $user->language != $language || $user->timezone != $timezone) { common_debug('Updating user nickname from ' . $user->nickname . ' to ' . $nickname, __FILE__); common_debug('Updating user language from ' . $user->language . ' to ' . $language, __FILE__); common_debug('Updating user timezone from ' . $user->timezone . ' to ' . $timezone, __FILE__); $original = clone $user; $user->nickname = $nickname; $user->language = $language; $user->timezone = $timezone; $result = $user->updateKeys($original); if ($result === false) { common_log_db_error($user, 'UPDATE', __FILE__); $this->serverError(_('Couldn\'t update user.')); return; } else { # Re-initialize language environment if it changed common_init_language(); } } # XXX: XOR if ($user->autosubscribe ^ $autosubscribe) { $original = clone $user; $user->autosubscribe = $autosubscribe; $result = $user->update($original); if ($result === false) { common_log_db_error($user, 'UPDATE', __FILE__); $this->serverError(_('Couldn\'t update user for autosubscribe.')); return; } } $profile = $user->getProfile(); $orig_profile = clone $profile; $profile->nickname = $user->nickname; $profile->fullname = $fullname; $profile->homepage = $homepage; $profile->bio = $bio; $profile->location = $location; $profile->profileurl = common_profile_url($nickname); common_debug('Old profile: ' . common_log_objstring($orig_profile), __FILE__); common_debug('New profile: ' . common_log_objstring($profile), __FILE__); $result = $profile->update($orig_profile); if (!$result) { common_log_db_error($profile, 'UPDATE', __FILE__); $this->serverError(_('Couldn\'t save profile.')); return; } # Set the user tags $result = $user->setSelfTags($tags); if (!$result) { $this->serverError(_('Couldn\'t save tags.')); return; } $user->query('COMMIT'); common_broadcast_profile($profile); $this->showForm(_('Settings saved.'), true); }