mirror of
https://github.com/openvk/openvk
synced 2025-01-09 01:09:46 +03:00
Users: Validate email and Telegram account name when changing page contacts
This commit is contained in:
parent
863a3b1c89
commit
9a48870eac
5 changed files with 55 additions and 14 deletions
|
@ -6,6 +6,7 @@ use openvk\Web\Models\Entities\PasswordReset;
|
|||
use openvk\Web\Models\Repositories\IPs;
|
||||
use openvk\Web\Models\Repositories\Users;
|
||||
use openvk\Web\Models\Repositories\Restores;
|
||||
use openvk\Web\Util\Validator;
|
||||
use Chandler\Session\Session;
|
||||
use Chandler\Security\User as ChandlerUser;
|
||||
use Chandler\Security\Authenticator;
|
||||
|
@ -32,17 +33,6 @@ final class AuthPresenter extends OpenVKPresenter
|
|||
parent::__construct();
|
||||
}
|
||||
|
||||
private function emailValid(string $email): bool
|
||||
{
|
||||
if(empty($email)) return false;
|
||||
|
||||
$email = trim($email);
|
||||
[$user, $domain] = explode("@", $email);
|
||||
$domain = idn_to_ascii($domain) . ".";
|
||||
|
||||
return checkdnsrr($domain, "MX");
|
||||
}
|
||||
|
||||
private function ipValid(): bool
|
||||
{
|
||||
$ip = (new IPs)->get(CONNECTING_IP);
|
||||
|
@ -87,7 +77,7 @@ final class AuthPresenter extends OpenVKPresenter
|
|||
if(!$this->ipValid())
|
||||
$this->flashFail("err", "Подозрительная попытка регистрации", "Вы пытались зарегистрироваться из подозрительного места.");
|
||||
|
||||
if(!$this->emailValid($this->postParam("email")))
|
||||
if(!Validator::i()->emailValid($this->postParam("email")))
|
||||
$this->flashFail("err", "Неверный email адрес", "Email, который вы ввели, не является корректным.");
|
||||
|
||||
if (strtotime($this->postParam("birthday")) > time())
|
||||
|
|
|
@ -9,6 +9,7 @@ use openvk\Web\Models\Repositories\Albums;
|
|||
use openvk\Web\Models\Repositories\Videos;
|
||||
use openvk\Web\Models\Repositories\Notes;
|
||||
use openvk\Web\Models\Repositories\Vouchers;
|
||||
use openvk\Web\Util\Validator;
|
||||
use Chandler\Security\Authenticator;
|
||||
use lfkeitel\phptotp\{Base32, Totp};
|
||||
use chillerlan\QRCode\{QRCode, QROptions};
|
||||
|
@ -158,8 +159,20 @@ final class UserPresenter extends OpenVKPresenter
|
|||
$this->flashFail("err", tr("error_segmentation"), "котлетки: Remote err!");
|
||||
}
|
||||
} elseif($_GET['act'] === "contacts") {
|
||||
$user->setEmail_Contact(empty($this->postParam("email_contact")) ? NULL : $this->postParam("email_contact"));
|
||||
$user->setTelegram(empty($this->postParam("telegram")) ? NULL : ltrim($this->postParam("telegram"), "@"));
|
||||
if(empty($this->postParam("email_contact")) || Validator::i()->emailValid($this->postParam("email_contact")))
|
||||
$user->setEmail_Contact(empty($this->postParam("email_contact")) ? NULL : $this->postParam("email_contact"));
|
||||
else
|
||||
$this->flashFail("err", tr("invalid_email_address"), tr("invalid_email_address_comment"));
|
||||
|
||||
$telegram = $this->postParam("telegram");
|
||||
if(empty($telegram) || Validator::i()->telegramValid($telegram))
|
||||
if(strpos($telegram, "t.me/") === 0)
|
||||
$user->setTelegram(empty($telegram) ? NULL : substr($telegram, 5));
|
||||
else
|
||||
$user->setTelegram(empty($telegram) ? NULL : ltrim($telegram, "@"));
|
||||
else
|
||||
$this->flashFail("err", tr("invalid_telegram_name"), tr("invalid_telegram_name_comment"));
|
||||
|
||||
$user->setCity(empty($this->postParam("city")) ? NULL : $this->postParam("city"));
|
||||
$user->setAddress(empty($this->postParam("address")) ? NULL : $this->postParam("address"));
|
||||
|
||||
|
|
26
Web/Util/Validator.php
Normal file
26
Web/Util/Validator.php
Normal file
|
@ -0,0 +1,26 @@
|
|||
<?php declare(strict_types=1);
|
||||
namespace openvk\Web\Util;
|
||||
use Chandler\Patterns\TSimpleSingleton;
|
||||
|
||||
class Validator
|
||||
{
|
||||
function emailValid(string $email): bool
|
||||
{
|
||||
if(empty($email)) return false;
|
||||
|
||||
$email = trim($email);
|
||||
[$user, $domain] = explode("@", $email);
|
||||
if(is_null($domain)) return false;
|
||||
if(iconv_strlen($user) > 64) return false;
|
||||
$domain = idn_to_ascii($domain) . ".";
|
||||
|
||||
return checkdnsrr($domain, "MX");
|
||||
}
|
||||
|
||||
function telegramValid(string $telegram): bool
|
||||
{
|
||||
return (bool) preg_match("/^(?:t.me\/|@)?([a-zA-Z0-9]{0,32})$/", $telegram);
|
||||
}
|
||||
|
||||
use TSimpleSingleton;
|
||||
}
|
|
@ -561,6 +561,12 @@
|
|||
|
||||
"shared_succ" = "The post will appear on your wall. Click on the notification to go to your wall.";
|
||||
|
||||
"invalid_email_address" = "Invalid Email address";
|
||||
"invalid_email_address_comment" = "The Email you entered is not correct.";
|
||||
|
||||
"invalid_telegram_name" = "Invalid Telegram account name";
|
||||
"invalid_telegram_name_comment" = "The Telegram account name you entered is not correct.";
|
||||
|
||||
/* Admin actions */
|
||||
|
||||
"login_as" = "Login as $1";
|
||||
|
|
|
@ -586,6 +586,12 @@
|
|||
|
||||
"shared_succ" = "Запись появится на вашей стене. Нажмите на уведомление, чтобы перейти к своей стене.";
|
||||
|
||||
"invalid_email_address" = "Неверный Email адрес";
|
||||
"invalid_email_address_comment" = "Email, который вы ввели, не является корректным.";
|
||||
|
||||
"invalid_telegram_name" = "Неверное имя Telegram аккаунта";
|
||||
"invalid_telegram_name_comment" = "Вы ввели неверное имя аккаунта Telegram.";
|
||||
|
||||
/* Admin actions */
|
||||
|
||||
"login_as" = "Войти как $1";
|
||||
|
|
Loading…
Reference in a new issue