Ensure register records aren't created with uid = 0
- uid = 0 matches system account and public contact records, giving unexpected display in pending user list. More importantly, the originally created user can't be approved since its user id is lost.pull/12207/head
Hypolite Petovan
parent
c07af2a0ed
commit
6460218c0e
|
|
@ -23,6 +23,7 @@ namespace Friendica\Model;
|
|||
|
||||
use Friendica\Content\Pager;
|
||||
use Friendica\Database\DBA;
|
||||
use Friendica\Network\HTTPException;
|
||||
use Friendica\Util\DateTimeFormat;
|
||||
use Friendica\Util\Strings;
|
||||
|
||||
|
|
@ -113,21 +114,27 @@ class Register
|
|||
}
|
||||
|
||||
/**
|
||||
* Creates a register record for approval and returns the success of the database insert
|
||||
* Creates a register record for approval
|
||||
* Checks for the existence of the provided user id
|
||||
*
|
||||
* @param integer $uid The ID of the user needing approval
|
||||
* @param string $language The registration language
|
||||
* @param string $note An additional message from the user
|
||||
* @return boolean
|
||||
* @throws \Exception
|
||||
* @param integer $uid The ID of the user needing approval
|
||||
* @param string $language The registration language
|
||||
* @param string $note An additional message from the user
|
||||
* @return void
|
||||
* @throws \OutOfBoundsException
|
||||
* @throws HTTPException\InternalServerErrorException
|
||||
* @throws HTTPException\NotFoundException
|
||||
*/
|
||||
public static function createForApproval(int $uid, string $language, string $note = ''): bool
|
||||
public static function createForApproval(int $uid, string $language, string $note = ''): void
|
||||
{
|
||||
$hash = Strings::getRandomHex();
|
||||
|
||||
if (!$uid) {
|
||||
throw new \OutOfBoundsException("User ID can't be empty");
|
||||
}
|
||||
|
||||
if (!User::exists($uid)) {
|
||||
return false;
|
||||
throw new HTTPException\NotFoundException("User ID doesn't exist");
|
||||
}
|
||||
|
||||
$fields = [
|
||||
|
|
@ -139,7 +146,9 @@ class Register
|
|||
'note' => $note
|
||||
];
|
||||
|
||||
return DBA::insert('register', $fields);
|
||||
if (!DBA::insert('register', $fields)) {
|
||||
throw new HTTPException\InternalServerErrorException('Unable to insert a `register` record');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -353,6 +353,7 @@ class Register extends BaseModule
|
|||
}
|
||||
} elseif (intval(DI::config()->get('config', 'register_policy')) === self::APPROVE) {
|
||||
if (!User::getAdminEmailList()) {
|
||||
$this->logger->critical('Registration policy is set to APPROVE but no admin email address has been set in config.admin_email');
|
||||
DI::sysmsg()->addNotice(DI::l10n()->t('Your registration can not be processed.'));
|
||||
DI::baseUrl()->redirect();
|
||||
}
|
||||
|
|
@ -362,10 +363,17 @@ class Register extends BaseModule
|
|||
DI::sysmsg()->addNotice(DI::l10n()->t('You have to leave a request note for the admin.')
|
||||
. DI::l10n()->t('Your registration can not be processed.'));
|
||||
|
||||
DI::baseUrl()->redirect('register/');
|
||||
$this->baseUrl->redirect('register');
|
||||
}
|
||||
|
||||
Model\Register::createForApproval($user['uid'], DI::config()->get('system', 'language'), $_POST['permonlybox']);
|
||||
try {
|
||||
Model\Register::createForApproval($user['uid'], DI::config()->get('system', 'language'), $_POST['permonlybox']);
|
||||
} catch (\Throwable $e) {
|
||||
$this->logger->error('Unable to create a `register` record.', ['user' => $user]);
|
||||
DI::sysmsg()->addNotice(DI::l10n()->t('An internal error occured.')
|
||||
. DI::l10n()->t('Your registration can not be processed.'));
|
||||
$this->baseUrl->redirect('register');
|
||||
}
|
||||
|
||||
// invite system
|
||||
if ($using_invites && $invite_id) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue