Disallow mail addresses for registration (#13920)
* Disallow mail addresses for registration * Order for allow/disallow has been changed
This commit is contained in:
parent
cb294cf411
commit
d5c0f086bd
6 changed files with 282 additions and 264 deletions
|
@ -380,7 +380,7 @@ class OEmbed
|
|||
|
||||
$allowed = explode(',', $str_allowed);
|
||||
|
||||
return Network::isDomainAllowed($domain, $allowed);
|
||||
return Network::isDomainMatch($domain, $allowed);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -80,6 +80,7 @@ class Site extends BaseAdmin
|
|||
|
||||
$allowed_sites = (!empty($_POST['allowed_sites']) ? trim($_POST['allowed_sites']) : '');
|
||||
$allowed_email = (!empty($_POST['allowed_email']) ? trim($_POST['allowed_email']) : '');
|
||||
$disallowed_email = (!empty($_POST['disallowed_email']) ? trim($_POST['disallowed_email']) : '');
|
||||
$forbidden_nicknames = (!empty($_POST['forbidden_nicknames']) ? strtolower(trim($_POST['forbidden_nicknames'])) : '');
|
||||
$system_actor_name = (!empty($_POST['system_actor_name']) ? trim($_POST['system_actor_name']) : '');
|
||||
$no_oembed_rich_content = !empty($_POST['no_oembed_rich_content']);
|
||||
|
@ -255,6 +256,7 @@ class Site extends BaseAdmin
|
|||
$transactionConfig->set('config', 'register_text' , $register_text);
|
||||
$transactionConfig->set('system', 'allowed_sites' , $allowed_sites);
|
||||
$transactionConfig->set('system', 'allowed_email' , $allowed_email);
|
||||
$transactionConfig->set('system', 'disallowed_email' , $disallowed_email);
|
||||
$transactionConfig->set('system', 'forbidden_nicknames' , $forbidden_nicknames);
|
||||
$transactionConfig->set('system', 'system_actor_name' , $system_actor_name);
|
||||
$transactionConfig->set('system', 'no_oembed_rich_content' , $no_oembed_rich_content);
|
||||
|
@ -505,6 +507,7 @@ class Site extends BaseAdmin
|
|||
'$abandon_days' => ['abandon_days', DI::l10n()->t('Accounts abandoned after x days'), DI::config()->get('system', 'account_abandon_days'), DI::l10n()->t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')],
|
||||
'$allowed_sites' => ['allowed_sites', DI::l10n()->t('Allowed friend domains'), DI::config()->get('system', 'allowed_sites'), DI::l10n()->t('Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains')],
|
||||
'$allowed_email' => ['allowed_email', DI::l10n()->t('Allowed email domains'), DI::config()->get('system', 'allowed_email'), DI::l10n()->t('Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains')],
|
||||
'$disallowed_email' => ['disallowed_email', DI::l10n()->t('Disallowed email domains'), DI::config()->get('system', 'disallowed_email'), DI::l10n()->t('Comma separated list of domains which are rejected as email addresses for registrations to this site. Wildcards are accepted.')],
|
||||
'$no_oembed_rich_content' => ['no_oembed_rich_content', DI::l10n()->t('No OEmbed rich content'), DI::config()->get('system', 'no_oembed_rich_content'), DI::l10n()->t('Don\'t show the rich content (e.g. embedded PDF), except from the domains listed below.')],
|
||||
'$allowed_oembed' => ['allowed_oembed', DI::l10n()->t('Trusted third-party domains'), DI::config()->get('system', 'allowed_oembed'), DI::l10n()->t('Comma separated list of domains from which content is allowed to be embedded in posts like with OEmbed. All sub-domains of the listed domains are allowed as well.')],
|
||||
'$block_public' => ['block_public', DI::l10n()->t('Block public'), DI::config()->get('system', 'block_public'), DI::l10n()->t('Check to block public access to all otherwise public personal pages on this site unless you are currently logged in.')],
|
||||
|
|
|
@ -271,14 +271,17 @@ class Network
|
|||
return false;
|
||||
}
|
||||
|
||||
$str_allowed = DI::config()->get('system', 'allowed_email', '');
|
||||
if (empty($str_allowed)) {
|
||||
$allowed = DI::config()->get('system', 'allowed_email');
|
||||
if (!empty($allowed) && self::isDomainMatch($domain, explode(',', $allowed))) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$allowed = explode(',', $str_allowed);
|
||||
$disallowed = DI::config()->get('system', 'disallowed_email');
|
||||
if (!empty($disallowed) && self::isDomainMatch($domain, explode(',', $disallowed))) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return self::isDomainAllowed($domain, $allowed);
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -289,7 +292,7 @@ class Network
|
|||
*
|
||||
* @return boolean
|
||||
*/
|
||||
public static function isDomainAllowed(string $domain, array $domain_list): bool
|
||||
public static function isDomainMatch(string $domain, array $domain_list): bool
|
||||
{
|
||||
$found = false;
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -38,6 +38,9 @@
|
|||
{{include file="field_checkbox.tpl" field=$enable_openid}}
|
||||
{{include file="field_checkbox.tpl" field=$enable_regfullname}}
|
||||
{{include file="field_checkbox.tpl" field=$register_notification}}
|
||||
{{include file="field_textarea.tpl" field=$allowed_email}}
|
||||
{{include file="field_textarea.tpl" field=$disallowed_email}}
|
||||
{{include file="field_textarea.tpl" field=$forbidden_nicknames}}
|
||||
<div class="submit"><input type="submit" name="page_site" value="{{$submit}}"/></div>
|
||||
|
||||
<h2>{{$upload}}</h2>
|
||||
|
@ -48,8 +51,6 @@
|
|||
|
||||
<h2>{{$corporate}}</h2>
|
||||
{{include file="field_input.tpl" field=$allowed_sites}}
|
||||
{{include file="field_input.tpl" field=$allowed_email}}
|
||||
{{include file="field_input.tpl" field=$forbidden_nicknames}}
|
||||
{{include file="field_checkbox.tpl" field=$no_oembed_rich_content}}
|
||||
{{include file="field_input.tpl" field=$allowed_oembed}}
|
||||
{{include file="field_checkbox.tpl" field=$block_public}}
|
||||
|
|
|
@ -77,6 +77,9 @@
|
|||
{{include file="field_checkbox.tpl" field=$enable_openid}}
|
||||
{{include file="field_checkbox.tpl" field=$enable_regfullname}}
|
||||
{{include file="field_checkbox.tpl" field=$register_notification}}
|
||||
{{include file="field_textarea.tpl" field=$allowed_email}}
|
||||
{{include file="field_textarea.tpl" field=$disallowed_email}}
|
||||
{{include file="field_textarea.tpl" field=$forbidden_nicknames}}
|
||||
</div>
|
||||
<div class="panel-footer">
|
||||
<input type="submit" name="page_site" class="btn btn-primary" value="{{$submit}}"/>
|
||||
|
@ -126,8 +129,6 @@
|
|||
<div id="admin-settings-corporate-collapse" class="panel-collapse collapse" role="tabpanel" aria-labelledby="admin-settings-corporate">
|
||||
<div class="panel-body">
|
||||
{{include file="field_input.tpl" field=$allowed_sites}}
|
||||
{{include file="field_input.tpl" field=$allowed_email}}
|
||||
{{include file="field_input.tpl" field=$forbidden_nicknames}}
|
||||
{{include file="field_checkbox.tpl" field=$no_oembed_rich_content}}
|
||||
{{include file="field_input.tpl" field=$allowed_oembed}}
|
||||
{{include file="field_checkbox.tpl" field=$block_public}}
|
||||
|
|
Loading…
Reference in a new issue