apiaccountregister.php 6.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195
  1. <?php
  2. /**
  3. * StatusNet, the distributed open-source microblogging tool
  4. *
  5. * Register account
  6. *
  7. * PHP version 5
  8. *
  9. * LICENCE: This program is free software: you can redistribute it and/or modify
  10. * it under the terms of the GNU Affero General Public License as published by
  11. * the Free Software Foundation, either version 3 of the License, or
  12. * (at your option) any later version.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU Affero General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU Affero General Public License
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  21. *
  22. * @category API
  23. * @package GNUsocial
  24. * @author Hannes Mannerheim <h@nnesmannerhe.im>
  25. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  26. * @link http://www.gnu.org/software/social/
  27. */
  28. if (!defined('GNUSOCIAL')) { exit(1); }
  29. class ApiAccountRegisterAction extends ApiAction
  30. {
  31. /**
  32. * Has there been an error?
  33. */
  34. var $error = null;
  35. /**
  36. * Have we registered?
  37. */
  38. var $registered = false;
  39. protected $needPost = true;
  40. protected $code = null; // invite code
  41. protected $invite = null; // invite to-be-stored
  42. /**
  43. * Take arguments for running
  44. *
  45. * @param array $args $_REQUEST args
  46. *
  47. * @return boolean success flag
  48. */
  49. protected function prepare(array $args=array())
  50. {
  51. parent::prepare($args);
  52. if ($this->format !== 'json') {
  53. $this->clientError('This method currently only serves JSON.', 415);
  54. }
  55. $this->code = $this->trimmed('code');
  56. return true;
  57. }
  58. /**
  59. * Handle the request
  60. *
  61. * @param array $args $_REQUEST data (unused)
  62. *
  63. * @return void
  64. */
  65. protected function handle()
  66. {
  67. parent::handle();
  68. $nickname = $this->trimmed('nickname');
  69. $email = $this->trimmed('email');
  70. $fullname = $this->trimmed('fullname');
  71. $homepage = $this->trimmed('homepage');
  72. $bio = $this->trimmed('bio');
  73. $location = $this->trimmed('location');
  74. // We don't trim these... whitespace is OK in a password!
  75. $password = $this->arg('password');
  76. $confirm = $this->arg('confirm');
  77. if (empty($this->code)) {
  78. common_ensure_session();
  79. if (array_key_exists('invitecode', $_SESSION)) {
  80. $this->code = $_SESSION['invitecode'];
  81. }
  82. }
  83. if (common_config('site', 'inviteonly') && empty($this->code)) {
  84. // TRANS: Client error displayed when trying to register to an invite-only site without an invitation.
  85. $this->clientError(_('Sorry, only invited people can register.'), 401);
  86. }
  87. if (!empty($this->code)) {
  88. $this->invite = Invitation::getKV('code', $this->code);
  89. if (empty($this->invite)) {
  90. // TRANS: Client error displayed when trying to register to an invite-only site without a valid invitation.
  91. $this->clientError(_('Sorry, invalid invitation code.'), 401);
  92. }
  93. // Store this in case we need it
  94. common_ensure_session();
  95. $_SESSION['invitecode'] = $this->code;
  96. }
  97. // Input scrubbing
  98. try {
  99. $nickname = Nickname::normalize($nickname, true);
  100. } catch (NicknameException $e) {
  101. // clientError handles Api exceptions with various formats and stuff
  102. $this->clientError($e->getMessage(), $e->getCode());
  103. }
  104. $email = common_canonical_email($email);
  105. if ($email && !Validate::email($email, common_config('email', 'check_domain'))) {
  106. // TRANS: Form validation error displayed when trying to register without a valid e-mail address.
  107. $this->clientError(_('Not a valid email address.'), 400);
  108. } else if ($this->emailExists($email)) {
  109. // TRANS: Form validation error displayed when trying to register with an already registered e-mail address.
  110. $this->clientError(_('Email address already exists.'), 400);
  111. } else if (!is_null($homepage) && (strlen($homepage) > 0) &&
  112. !common_valid_http_url($homepage)) {
  113. // TRANS: Form validation error displayed when trying to register with an invalid homepage URL.
  114. $this->clientError(_('Homepage is not a valid URL.'), 400);
  115. } else if (Profile::bioTooLong($bio)) {
  116. // TRANS: Form validation error on registration page when providing too long a bio text.
  117. // TRANS: %d is the maximum number of characters for bio; used for plural.
  118. $this->clientError(sprintf(_m('Bio is too long (maximum %d character).',
  119. 'Bio is too long (maximum %d characters).',
  120. Profile::maxBio()),
  121. Profile::maxBio()), 400);
  122. } else if (strlen($password) < 6) {
  123. // TRANS: Form validation error displayed when trying to register with too short a password.
  124. $this->clientError(_('Password must be 6 or more characters.'), 400);
  125. } else if ($password != $confirm) {
  126. // TRANS: Form validation error displayed when trying to register with non-matching passwords.
  127. $this->clientError(_('Passwords do not match.'), 400);
  128. } else {
  129. // annoy spammers
  130. sleep(7);
  131. if (Event::handle('APIStartRegistrationTry', array($this))) {
  132. try {
  133. $user = User::register(array('nickname' => $nickname,
  134. 'password' => $password,
  135. 'email' => $email,
  136. 'fullname' => $fullname,
  137. 'homepage' => $homepage,
  138. 'bio' => $bio,
  139. 'location' => $location,
  140. 'code' => $this->code));
  141. Event::handle('EndRegistrationTry', array($this));
  142. $this->initDocument('json');
  143. $this->showJsonObjects($this->twitterUserArray($user->getProfile()));
  144. $this->endDocument('json');
  145. } catch (Exception $e) {
  146. $this->clientError($e->getMessage(), 400);
  147. }
  148. }
  149. }
  150. }
  151. /**
  152. * Does the given email address already exist?
  153. *
  154. * Checks a canonical email address against the database.
  155. *
  156. * @param string $email email address to check
  157. *
  158. * @return boolean true if the address already exists
  159. */
  160. function emailExists($email)
  161. {
  162. $email = common_canonical_email($email);
  163. if (!$email || strlen($email) == 0) {
  164. return false;
  165. }
  166. $user = User::getKV('email', $email);
  167. return is_object($user);
  168. }
  169. }