Ensure register records aren't created with uid = 0
- uid = 0 matches system account and public contact records, giving unexpected display in pending user list. More importantly, the originally created user can't be approved since its user id is lost.
This commit is contained in:
Hypolite Petovan
parent
c07af2a0ed
commit
6460218c0e
|
|
@ -23,6 +23,7 @@ namespace Friendica\Model;
|
|||
|
||||
use Friendica\Content\Pager;
|
||||
use Friendica\Database\DBA;
|
||||
use Friendica\Network\HTTPException;
|
||||
use Friendica\Util\DateTimeFormat;
|
||||
use Friendica\Util\Strings;
|
||||
|
||||
|
|
@ -113,21 +114,27 @@ class Register
|
|||
}
|
||||
|
||||
/**
|
||||
* Creates a register record for approval and returns the success of the database insert
|
||||
* Creates a register record for approval
|
||||
* Checks for the existence of the provided user id
|
||||
*
|
||||
* @param integer $uid The ID of the user needing approval
|
||||
* @param string $language The registration language
|
||||
* @param string $note An additional message from the user
|
||||
* @return boolean
|
||||
* @throws \Exception
|
||||
* @param integer $uid The ID of the user needing approval
|
||||
* @param string $language The registration language
|
||||
* @param string $note An additional message from the user
|
||||
* @return void
|
||||
* @throws \OutOfBoundsException
|
||||
* @throws HTTPException\InternalServerErrorException
|
||||
* @throws HTTPException\NotFoundException
|
||||
*/
|
||||
public static function createForApproval(int $uid, string $language, string $note = ''): bool
|
||||
public static function createForApproval(int $uid, string $language, string $note = ''): void
|
||||
{
|
||||
$hash = Strings::getRandomHex();
|
||||
|
||||
if (!$uid) {
|
||||
throw new \OutOfBoundsException("User ID can't be empty");
|
||||
}
|
||||
|
||||
if (!User::exists($uid)) {
|
||||
return false;
|
||||
throw new HTTPException\NotFoundException("User ID doesn't exist");
|
||||
}
|
||||
|
||||
$fields = [
|
||||
|
|
@ -139,7 +146,9 @@ class Register
|
|||
'note' => $note
|
||||
];
|
||||
|
||||
return DBA::insert('register', $fields);
|
||||
if (!DBA::insert('register', $fields)) {
|
||||
throw new HTTPException\InternalServerErrorException('Unable to insert a `register` record');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -353,6 +353,7 @@ class Register extends BaseModule
|
|||
}
|
||||
} elseif (intval(DI::config()->get('config', 'register_policy')) === self::APPROVE) {
|
||||
if (!User::getAdminEmailList()) {
|
||||
$this->logger->critical('Registration policy is set to APPROVE but no admin email address has been set in config.admin_email');
|
||||
DI::sysmsg()->addNotice(DI::l10n()->t('Your registration can not be processed.'));
|
||||
DI::baseUrl()->redirect();
|
||||
}
|
||||
|
|
@ -362,10 +363,17 @@ class Register extends BaseModule
|
|||
DI::sysmsg()->addNotice(DI::l10n()->t('You have to leave a request note for the admin.')
|
||||
. DI::l10n()->t('Your registration can not be processed.'));
|
||||
|
||||
DI::baseUrl()->redirect('register/');
|
||||
$this->baseUrl->redirect('register');
|
||||
}
|
||||
|
||||
Model\Register::createForApproval($user['uid'], DI::config()->get('system', 'language'), $_POST['permonlybox']);
|
||||
try {
|
||||
Model\Register::createForApproval($user['uid'], DI::config()->get('system', 'language'), $_POST['permonlybox']);
|
||||
} catch (\Throwable $e) {
|
||||
$this->logger->error('Unable to create a `register` record.', ['user' => $user]);
|
||||
DI::sysmsg()->addNotice(DI::l10n()->t('An internal error occured.')
|
||||
. DI::l10n()->t('Your registration can not be processed.'));
|
||||
$this->baseUrl->redirect('register');
|
||||
}
|
||||
|
||||
// invite system
|
||||
if ($using_invites && $invite_id) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user