summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/designsettings.php13
-rw-r--r--lib/grouplist.php28
-rw-r--r--lib/language.php69
-rw-r--r--lib/profilelist.php5
-rw-r--r--lib/router.php54
-rw-r--r--lib/util.php45
6 files changed, 111 insertions, 103 deletions
diff --git a/lib/designsettings.php b/lib/designsettings.php
index 820d534f2..5ce9ddeda 100644
--- a/lib/designsettings.php
+++ b/lib/designsettings.php
@@ -271,17 +271,20 @@ class DesignSettingsAction extends AccountSettingsAction
function handlePost()
{
- // XXX: Robin's workaround for a bug in PHP where $_POST
- // and $_FILE are empty in the case that the uploaded
- // file is bigger than PHP is configured to handle.
-
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
- if (empty($_POST) && $_SERVER['CONTENT_LENGTH']) {
+ // Workaround for PHP returning empty $_POST and $_FILES when POST
+ // length > post_max_size in php.ini
+
+ if (empty($_FILES)
+ && empty($_POST)
+ && ($_SERVER['CONTENT_LENGTH'] > 0)
+ ) {
$msg = _('The server was unable to handle that much POST ' .
'data (%s bytes) due to its current configuration.');
$this->showForm(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
+ return;
}
}
diff --git a/lib/grouplist.php b/lib/grouplist.php
index b41c5b5f8..cc734bdd0 100644
--- a/lib/grouplist.php
+++ b/lib/grouplist.php
@@ -97,7 +97,7 @@ class GroupList extends Widget
$this->out->elementStart('a', array('href' => $this->group->homeUrl(),
'class' => 'url',
- 'rel' => 'group'));
+ 'rel' => 'contact group'));
$this->out->element('img', array('src' => $logo,
'class' => 'photo avatar',
'width' => AVATAR_STREAM_SIZE,
@@ -105,48 +105,32 @@ class GroupList extends Widget
'alt' =>
($this->group->fullname) ? $this->group->fullname :
$this->group->nickname));
- $hasFN = ($this->group->fullname) ? 'nickname url uid' : 'fn org nickname url uid';
+ $hasFN = ($this->group->fullname) ? 'nickname' : 'fn org nickname';
$this->out->elementStart('span', $hasFN);
$this->out->raw($this->highlight($this->group->nickname));
$this->out->elementEnd('span');
$this->out->elementEnd('a');
if ($this->group->fullname) {
- $this->out->elementStart('dl', 'entity_fn');
- $this->out->element('dt', null, 'Full name');
- $this->out->elementStart('dd');
$this->out->elementStart('span', 'fn org');
$this->out->raw($this->highlight($this->group->fullname));
$this->out->elementEnd('span');
- $this->out->elementEnd('dd');
- $this->out->elementEnd('dl');
}
if ($this->group->location) {
- $this->out->elementStart('dl', 'entity_location');
- $this->out->element('dt', null, _('Location'));
- $this->out->elementStart('dd', 'label');
+ $this->out->elementStart('span', 'label');
$this->out->raw($this->highlight($this->group->location));
- $this->out->elementEnd('dd');
- $this->out->elementEnd('dl');
+ $this->out->elementEnd('span');
}
if ($this->group->homepage) {
- $this->out->elementStart('dl', 'entity_url');
- $this->out->element('dt', null, _('URL'));
- $this->out->elementStart('dd');
$this->out->elementStart('a', array('href' => $this->group->homepage,
'class' => 'url'));
$this->out->raw($this->highlight($this->group->homepage));
$this->out->elementEnd('a');
- $this->out->elementEnd('dd');
- $this->out->elementEnd('dl');
}
if ($this->group->description) {
- $this->out->elementStart('dl', 'entity_note');
- $this->out->element('dt', null, _('Note'));
- $this->out->elementStart('dd', 'note');
+ $this->out->elementStart('p', 'note');
$this->out->raw($this->highlight($this->group->description));
- $this->out->elementEnd('dd');
- $this->out->elementEnd('dl');
+ $this->out->elementEnd('p');
}
# If we're on a list with an owner (subscriptions or subscribers)...
diff --git a/lib/language.php b/lib/language.php
index 7dcb808c9..bec5620fd 100644
--- a/lib/language.php
+++ b/lib/language.php
@@ -100,38 +100,39 @@ function get_nice_language_list()
* @return array mapping of language codes to language info
*/
function get_all_languages() {
- return array(
- 'bg' => array('q' => 0.8, 'lang' => 'bg', 'name' => 'Bulgarian', 'direction' => 'ltr'),
- 'ca' => array('q' => 0.5, 'lang' => 'ca', 'name' => 'Catalan', 'direction' => 'ltr'),
- 'cs' => array('q' => 0.5, 'lang' => 'cs', 'name' => 'Czech', 'direction' => 'ltr'),
- 'de' => array('q' => 0.8, 'lang' => 'de', 'name' => 'German', 'direction' => 'ltr'),
- 'el' => array('q' => 0.1, 'lang' => 'el', 'name' => 'Greek', 'direction' => 'ltr'),
- 'en-us' => array('q' => 1, 'lang' => 'en', 'name' => 'English (US)', 'direction' => 'ltr'),
- 'en-gb' => array('q' => 1, 'lang' => 'en_GB', 'name' => 'English (British)', 'direction' => 'ltr'),
- 'en' => array('q' => 1, 'lang' => 'en', 'name' => 'English (US)', 'direction' => 'ltr'),
- 'es' => array('q' => 1, 'lang' => 'es', 'name' => 'Spanish', 'direction' => 'ltr'),
- 'fi' => array('q' => 1, 'lang' => 'fi', 'name' => 'Finnish', 'direction' => 'ltr'),
- 'fr-fr' => array('q' => 1, 'lang' => 'fr', 'name' => 'French', 'direction' => 'ltr'),
- 'ga' => array('q' => 0.5, 'lang' => 'ga', 'name' => 'Galician', 'direction' => 'ltr'),
- 'he' => array('q' => 0.5, 'lang' => 'he', 'name' => 'Hebrew', 'direction' => 'rtl'),
- 'it' => array('q' => 1, 'lang' => 'it', 'name' => 'Italian', 'direction' => 'ltr'),
- 'jp' => array('q' => 0.5, 'lang' => 'ja', 'name' => 'Japanese', 'direction' => 'ltr'),
- 'ko' => array('q' => 0.9, 'lang' => 'ko', 'name' => 'Korean', 'direction' => 'ltr'),
- 'mk' => array('q' => 0.5, 'lang' => 'mk', 'name' => 'Macedonian', 'direction' => 'ltr'),
- 'nb' => array('q' => 0.1, 'lang' => 'nb', 'name' => 'Norwegian (Bokmål)', 'direction' => 'ltr'),
- 'no' => array('q' => 0.1, 'lang' => 'nb', 'name' => 'Norwegian (Bokmål)', 'direction' => 'ltr'),
- 'nn' => array('q' => 1, 'lang' => 'nn', 'name' => 'Norwegian (Nynorsk)', 'direction' => 'ltr'),
- 'nl' => array('q' => 0.5, 'lang' => 'nl', 'name' => 'Dutch', 'direction' => 'ltr'),
- 'pl' => array('q' => 0.5, 'lang' => 'pl', 'name' => 'Polish', 'direction' => 'ltr'),
- 'pt' => array('q' => 0.1, 'lang' => 'pt', 'name' => 'Portuguese', 'direction' => 'ltr'),
- 'pt-br' => array('q' => 0.9, 'lang' => 'pt_BR', 'name' => 'Portuguese Brazil', 'direction' => 'ltr'),
- 'ru' => array('q' => 0.9, 'lang' => 'ru', 'name' => 'Russian', 'direction' => 'ltr'),
- 'sv' => array('q' => 0.8, 'lang' => 'sv', 'name' => 'Swedish', 'direction' => 'ltr'),
- 'te' => array('q' => 0.3, 'lang' => 'te', 'name' => 'Telugu', 'direction' => 'ltr'),
- 'tr' => array('q' => 0.5, 'lang' => 'tr', 'name' => 'Turkish', 'direction' => 'ltr'),
- 'uk' => array('q' => 1, 'lang' => 'uk', 'name' => 'Ukrainian', 'direction' => 'ltr'),
- 'vi' => array('q' => 0.8, 'lang' => 'vi', 'name' => 'Vietnamese', 'direction' => 'ltr'),
- 'zh-cn' => array('q' => 0.9, 'lang' => 'zh_CN', 'name' => 'Chinese (Simplified)', 'direction' => 'ltr'),
- 'zh-hant' => array('q' => 0.2, 'lang' => 'zh_TW', 'name' => 'Chinese (Taiwanese)', 'direction' => 'ltr'),
- );
+ return array(
+ 'bg' => array('q' => 0.8, 'lang' => 'bg', 'name' => 'Bulgarian', 'direction' => 'ltr'),
+ 'ca' => array('q' => 0.5, 'lang' => 'ca', 'name' => 'Catalan', 'direction' => 'ltr'),
+ 'cs' => array('q' => 0.5, 'lang' => 'cs', 'name' => 'Czech', 'direction' => 'ltr'),
+ 'de' => array('q' => 0.8, 'lang' => 'de', 'name' => 'German', 'direction' => 'ltr'),
+ 'el' => array('q' => 0.1, 'lang' => 'el', 'name' => 'Greek', 'direction' => 'ltr'),
+ 'en-us' => array('q' => 1, 'lang' => 'en', 'name' => 'English (US)', 'direction' => 'ltr'),
+ 'en-gb' => array('q' => 1, 'lang' => 'en_GB', 'name' => 'English (British)', 'direction' => 'ltr'),
+ 'en' => array('q' => 1, 'lang' => 'en', 'name' => 'English (US)', 'direction' => 'ltr'),
+ 'es' => array('q' => 1, 'lang' => 'es', 'name' => 'Spanish', 'direction' => 'ltr'),
+ 'fi' => array('q' => 1, 'lang' => 'fi', 'name' => 'Finnish', 'direction' => 'ltr'),
+ 'fr-fr' => array('q' => 1, 'lang' => 'fr', 'name' => 'French', 'direction' => 'ltr'),
+ 'ga' => array('q' => 0.5, 'lang' => 'ga', 'name' => 'Galician', 'direction' => 'ltr'),
+ 'he' => array('q' => 0.5, 'lang' => 'he', 'name' => 'Hebrew', 'direction' => 'rtl'),
+ 'is' => array('q' => 0.1, 'lang' => 'is', 'name' => 'Icelandic', 'direction' => 'ltr'),
+ 'it' => array('q' => 1, 'lang' => 'it', 'name' => 'Italian', 'direction' => 'ltr'),
+ 'jp' => array('q' => 0.5, 'lang' => 'ja', 'name' => 'Japanese', 'direction' => 'ltr'),
+ 'ko' => array('q' => 0.9, 'lang' => 'ko', 'name' => 'Korean', 'direction' => 'ltr'),
+ 'mk' => array('q' => 0.5, 'lang' => 'mk', 'name' => 'Macedonian', 'direction' => 'ltr'),
+ 'nb' => array('q' => 0.1, 'lang' => 'nb', 'name' => 'Norwegian (Bokmål)', 'direction' => 'ltr'),
+ 'no' => array('q' => 0.1, 'lang' => 'nb', 'name' => 'Norwegian (Bokmål)', 'direction' => 'ltr'),
+ 'nn' => array('q' => 1, 'lang' => 'nn', 'name' => 'Norwegian (Nynorsk)', 'direction' => 'ltr'),
+ 'nl' => array('q' => 0.5, 'lang' => 'nl', 'name' => 'Dutch', 'direction' => 'ltr'),
+ 'pl' => array('q' => 0.5, 'lang' => 'pl', 'name' => 'Polish', 'direction' => 'ltr'),
+ 'pt' => array('q' => 0.1, 'lang' => 'pt', 'name' => 'Portuguese', 'direction' => 'ltr'),
+ 'pt-br' => array('q' => 0.9, 'lang' => 'pt_BR', 'name' => 'Portuguese Brazil', 'direction' => 'ltr'),
+ 'ru' => array('q' => 0.9, 'lang' => 'ru', 'name' => 'Russian', 'direction' => 'ltr'),
+ 'sv' => array('q' => 0.8, 'lang' => 'sv', 'name' => 'Swedish', 'direction' => 'ltr'),
+ 'te' => array('q' => 0.3, 'lang' => 'te', 'name' => 'Telugu', 'direction' => 'ltr'),
+ 'tr' => array('q' => 0.5, 'lang' => 'tr', 'name' => 'Turkish', 'direction' => 'ltr'),
+ 'uk' => array('q' => 1, 'lang' => 'uk', 'name' => 'Ukrainian', 'direction' => 'ltr'),
+ 'vi' => array('q' => 0.8, 'lang' => 'vi', 'name' => 'Vietnamese', 'direction' => 'ltr'),
+ 'zh-cn' => array('q' => 0.9, 'lang' => 'zh_CN', 'name' => 'Chinese (Simplified)', 'direction' => 'ltr'),
+ 'zh-hant' => array('q' => 0.2, 'lang' => 'zh_TW', 'name' => 'Chinese (Taiwanese)', 'direction' => 'ltr'),
+ );
}
diff --git a/lib/profilelist.php b/lib/profilelist.php
index 5f536e0f4..bbb722701 100644
--- a/lib/profilelist.php
+++ b/lib/profilelist.php
@@ -182,7 +182,8 @@ class ProfileListItem extends Widget
{
$avatar = $this->profile->getAvatar(AVATAR_STREAM_SIZE);
$this->out->elementStart('a', array('href' => $this->profile->profileurl,
- 'class' => 'url'));
+ 'class' => 'url',
+ 'rel' => 'contact'));
$this->out->element('img', array('src' => ($avatar) ? $avatar->displayUrl() : Avatar::defaultImage(AVATAR_STREAM_SIZE),
'class' => 'photo avatar',
'width' => AVATAR_STREAM_SIZE,
@@ -190,7 +191,7 @@ class ProfileListItem extends Widget
'alt' =>
($this->profile->fullname) ? $this->profile->fullname :
$this->profile->nickname));
- $hasFN = ($this->profile->fullname !== '') ? 'nickname' : 'fn nickname';
+ $hasFN = (!empty($this->profile->fullname)) ? 'nickname' : 'fn nickname';
$this->out->elementStart('span', $hasFN);
$this->out->raw($this->highlight($this->profile->nickname));
$this->out->elementEnd('span');
diff --git a/lib/router.php b/lib/router.php
index eb931e5b0..db9fdb470 100644
--- a/lib/router.php
+++ b/lib/router.php
@@ -122,7 +122,7 @@ class Router
// exceptional
$m->connect('main/remote', array('action' => 'remotesubscribe'));
- $m->connect('main/remote?nickname=:nickname', array('action' => 'remotesubscribe'), array('nickname' => '[A-Za-z0-9_-]+'));
+ $m->connect('main/remote?nickname=:nickname', array('action' => 'remotesubscribe'), array('nickname' => '['.NICKNAME_FMT.']+'));
foreach (Router::$bare as $action) {
$m->connect('index.php?action=' . $action, array('action' => $action));
@@ -166,10 +166,10 @@ class Router
$m->connect('notice/new', array('action' => 'newnotice'));
$m->connect('notice/new?replyto=:replyto',
array('action' => 'newnotice'),
- array('replyto' => '[A-Za-z0-9_-]+'));
+ array('replyto' => '['.NICKNAME_FMT.']+'));
$m->connect('notice/new?replyto=:replyto&inreplyto=:inreplyto',
array('action' => 'newnotice'),
- array('replyto' => '[A-Za-z0-9_-]+'),
+ array('replyto' => '['.NICKNAME_FMT.']+'),
array('inreplyto' => '[0-9]+'));
$m->connect('notice/:notice/file',
@@ -193,7 +193,7 @@ class Router
array('id' => '[0-9]+'));
$m->connect('message/new', array('action' => 'newmessage'));
- $m->connect('message/new?to=:to', array('action' => 'newmessage'), array('to' => '[A-Za-z0-9_-]+'));
+ $m->connect('message/new?to=:to', array('action' => 'newmessage'), array('to' => '['.NICKNAME_FMT.']+'));
$m->connect('message/:message',
array('action' => 'showmessage'),
array('message' => '[0-9]+'));
@@ -277,7 +277,7 @@ class Router
$m->connect('api/statuses/friends_timeline/:id.:format',
array('action' => 'ApiTimelineFriends',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json|rss|atom)'));
$m->connect('api/statuses/home_timeline.:format',
array('action' => 'ApiTimelineFriends',
@@ -285,7 +285,7 @@ class Router
$m->connect('api/statuses/home_timeline/:id.:format',
array('action' => 'ApiTimelineFriends',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json|rss|atom)'));
$m->connect('api/statuses/user_timeline.:format',
@@ -294,7 +294,7 @@ class Router
$m->connect('api/statuses/user_timeline/:id.:format',
array('action' => 'ApiTimelineUser',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json|rss|atom)'));
$m->connect('api/statuses/mentions.:format',
@@ -303,7 +303,7 @@ class Router
$m->connect('api/statuses/mentions/:id.:format',
array('action' => 'ApiTimelineMentions',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json|rss|atom)'));
$m->connect('api/statuses/replies.:format',
@@ -312,7 +312,7 @@ class Router
$m->connect('api/statuses/replies/:id.:format',
array('action' => 'ApiTimelineMentions',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json|rss|atom)'));
$m->connect('api/statuses/friends.:format',
@@ -321,7 +321,7 @@ class Router
$m->connect('api/statuses/friends/:id.:format',
array('action' => 'ApiUserFriends',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json)'));
$m->connect('api/statuses/followers.:format',
@@ -330,7 +330,7 @@ class Router
$m->connect('api/statuses/followers/:id.:format',
array('action' => 'ApiUserFollowers',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json)'));
$m->connect('api/statuses/show.:format',
@@ -359,7 +359,7 @@ class Router
$m->connect('api/users/show/:id.:format',
array('action' => 'ApiUserShow',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json)'));
// direct messages
@@ -397,12 +397,12 @@ class Router
$m->connect('api/friendships/create/:id.:format',
array('action' => 'ApiFriendshipsCreate',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json)'));
$m->connect('api/friendships/destroy/:id.:format',
array('action' => 'ApiFriendshipsDestroy',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json)'));
// Social graph
@@ -447,28 +447,28 @@ class Router
$m->connect('api/favorites/:id.:format',
array('action' => 'ApiTimelineFavorites',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xmljson|rss|atom)'));
$m->connect('api/favorites/create/:id.:format',
array('action' => 'ApiFavoriteCreate',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json)'));
$m->connect('api/favorites/destroy/:id.:format',
array('action' => 'ApiFavoriteDestroy',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json)'));
// blocks
$m->connect('api/blocks/create/:id.:format',
array('action' => 'ApiBlockCreate',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json)'));
$m->connect('api/blocks/destroy/:id.:format',
array('action' => 'ApiBlockDestroy',
- 'id' => '[a-zA-Z0-9]+',
+ 'id' => '['.NICKNAME_FMT.']+',
'format' => '(xml|json)'));
// help
@@ -584,14 +584,14 @@ class Router
'replies', 'inbox', 'outbox', 'microsummary') as $a) {
$m->connect(':nickname/'.$a,
array('action' => $a),
- array('nickname' => '[a-zA-Z0-9]{1,64}'));
+ array('nickname' => '['.NICKNAME_FMT.']{1,64}'));
}
foreach (array('subscriptions', 'subscribers') as $a) {
$m->connect(':nickname/'.$a.'/:tag',
array('action' => $a),
array('tag' => '[a-zA-Z0-9]+',
- 'nickname' => '[a-zA-Z0-9]{1,64}'));
+ 'nickname' => '['.NICKNAME_FMT.']{1,64}'));
}
foreach (array('rss', 'groups') as $a) {
@@ -603,31 +603,31 @@ class Router
foreach (array('all', 'replies', 'favorites') as $a) {
$m->connect(':nickname/'.$a.'/rss',
array('action' => $a.'rss'),
- array('nickname' => '[a-zA-Z0-9]{1,64}'));
+ array('nickname' => '['.NICKNAME_FMT.']{1,64}'));
}
$m->connect(':nickname/favorites',
array('action' => 'showfavorites'),
- array('nickname' => '[a-zA-Z0-9]{1,64}'));
+ array('nickname' => '['.NICKNAME_FMT.']{1,64}'));
$m->connect(':nickname/avatar/:size',
array('action' => 'avatarbynickname'),
array('size' => '(original|96|48|24)',
- 'nickname' => '[a-zA-Z0-9]{1,64}'));
+ 'nickname' => '['.NICKNAME_FMT.']{1,64}'));
$m->connect(':nickname/tag/:tag/rss',
array('action' => 'userrss'),
- array('nickname' => '[a-zA-Z0-9]{1,64}'),
+ array('nickname' => '['.NICKNAME_FMT.']{1,64}'),
array('tag' => '[a-zA-Z0-9]+'));
$m->connect(':nickname/tag/:tag',
array('action' => 'showstream'),
- array('nickname' => '[a-zA-Z0-9]{1,64}'),
+ array('nickname' => '['.NICKNAME_FMT.']{1,64}'),
array('tag' => '[a-zA-Z0-9]+'));
$m->connect(':nickname',
array('action' => 'showstream'),
- array('nickname' => '[a-zA-Z0-9]{1,64}'));
+ array('nickname' => '['.NICKNAME_FMT.']{1,64}'));
Event::handle('RouterInitialized', array($m));
}
diff --git a/lib/util.php b/lib/util.php
index 46aa7f901..a4865c46c 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -119,22 +119,41 @@ function common_munge_password($password, $id)
// check if a username exists and has matching password
function common_check_user($nickname, $password)
{
- // NEVER allow blank passwords, even if they match the DB
- if (mb_strlen($password) == 0) {
- return false;
- }
+ $authenticated = false;
+ $eventResult = Event::handle('CheckPassword', array($nickname, $password, &$authenticated));
$user = User::staticGet('nickname', $nickname);
if (is_null($user) || $user === false) {
- return false;
+ //user does not exist
+ if($authenticated){
+ //a handler said these are valid credentials, so see if a plugin wants to auto register the user
+ if(Event::handle('AutoRegister', array($nickname))){
+ //no handler registered the user
+ return false;
+ }else{
+ $user = User::staticGet('nickname', $nickname);
+ if (is_null($user) || $user === false) {
+ common_log(LOG_WARNING, "A plugin handled the AutoRegister event, but did not actually register the user, nickname: $nickname");
+ return false;
+ }else{
+ return $user;
+ }
+ }
+ }else{
+ //no handler indicated the credentials were valid, and we know their not valid because the user isn't in the database
+ return false;
+ }
} else {
- $authenticated = false;
- Event::handle('CheckPassword', array($nickname, $password, &$authenticated));
- if(! $authenticated){
- //no handler asserted the user, so check ourselves
- if (0 == strcmp(common_munge_password($password, $user->id),
- $user->password)) {
- //internal checking passed
- $authenticated = true;
+ if($eventResult && ! $authenticated){
+ //no handler was authoritative
+ if (mb_strlen($password) == 0) {
+ // NEVER allow blank passwords, even if they match the DB
+ return false;
+ }else{
+ if (0 == strcmp(common_munge_password($password, $user->id),
+ $user->password)) {
+ //internal checking passed
+ $authenticated = true;
+ }
}
}
if($authenticated){
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-09-19 19:35:55 +0000