59 $error = $this->translator->translate(
'registration:noname');
69 }
catch (RegistrationException $ex) {
77 }
catch (RegistrationException $ex) {
85 }
catch (RegistrationException $ex) {
144 $constructor = \ElggUser::class;
153 $user =
new $constructor();
164 if (!
$user->save()) {
172 $user->setNotificationSetting(
'email',
true);
175 $user->setValidationStatus(
true,
'on_create');
195 $msg = $this->translator->translate(
'registration:usernametooshort', [$this->config->minusername]);
201 $msg = $this->translator->translate(
'registration:usernametoolong', [128]);
210 if (preg_match_all(
'/[^\p{L}\p{M}\p{Nd}._-]+/iu',
$username, $invalid_chars)) {
211 throw new RegistrationException($this->translator->translate(
'registration:invalidchars:route', [implode(
',', $invalid_chars[0])]));
216 $blacklist2 =
'\'/\\
"*& ?#%^(){}[]~?<>;|¬`@+=,:';
218 $blacklist2 = $this->events->triggerResults(
219 'username:character_blacklist',
221 ['blacklist' => $blacklist2],
225 for ($n = 0; $n < elgg_strlen($blacklist2); $n++) {
226 if (elgg_strpos($username, $blacklist2[$n]) !== false) {
227 $msg = $this->translator->translate('registration:invalidchars', [$blacklist2[$n], $blacklist2]);
228 $msg = htmlspecialchars($msg, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
229 throw new RegistrationException($msg);
233 $result = $this->events->triggerResults(
234 'registeruser:validate:username',
236 ['username' => $username],
241 throw new RegistrationException($this->translator->translate('registration:usernamenotvalid'));
244 if ($assert_unregistered) {
245 $exists = elgg_call(ELGG_IGNORE_ACCESS | ELGG_SHOW_DISABLED_ENTITIES | ELGG_SHOW_DELETED_ENTITIES, function () use ($username) {
246 return elgg_get_user_by_username($username);
249 if ($exists instanceof \ElggUser) {
250 throw new RegistrationException($this->translator->translate('registration:userexists'));
264 public function assertValidPassword(string|array $password): void {
266 if (is_array($password)) {
267 list($password, $password2) = $password;
269 if (empty($password) || empty($password2)) {
270 throw new RegistrationException(elgg_echo('RegistrationException:EmptyPassword'));
273 if (strcmp($password, $password2) != 0) {
274 throw new RegistrationException(elgg_echo('RegistrationException:PasswordMismatch'));
278 $result = $this->events->triggerResults(
279 'registeruser:validate:password',
281 ['password' => $password],
286 throw new RegistrationException($this->translator->translate('registration:passwordnotvalid'));
299 public function assertCurrentPassword(\ElggUser $user, string $password): void {
300 if (!$this->passwords->verify($password, $user->password_hash)) {
301 throw new RegistrationException($this->translator->translate('LoginException:PasswordFailure'));
314 public function assertValidEmail(string $address, bool $assert_unregistered = false): void {
315 if (!$this->isValidEmail($address)) {
316 throw new RegistrationException($this->translator->translate('registration:notemail'));
319 $result = $this->events->triggerResults(
320 'registeruser:validate:email',
322 ['email' => $address],
327 throw new RegistrationException($this->translator->translate('registration:emailnotvalid'));
330 if ($assert_unregistered) {
331 $exists = elgg_call(ELGG_IGNORE_ACCESS | ELGG_SHOW_DISABLED_ENTITIES | ELGG_SHOW_DELETED_ENTITIES, function () use ($address) {
332 return elgg_get_user_by_email($address);
335 if ($exists instanceof \ElggUser) {
336 throw new RegistrationException($this->translator->translate('registration:dupeemail'));
348 public function isValidEmail(string $address): bool {
349 return filter_var($address, FILTER_VALIDATE_EMAIL) === $address;
361 public function requestNewEmailValidation(\ElggUser $user, string $email): bool {
362 if (!$this->isValidEmail($email)) {
363 throw new InvalidArgumentException($this->translator->translate('registration:notemail'));
366 $site = elgg_get_site_entity();
368 $user->new_email = $email;
370 $url = elgg_generate_url('account:email:confirm', [
371 'guid' => $user->guid,
373 $url = elgg_http_get_signed_url($url, '+1 hour');
375 $notification = Email::factory([
377 'to' => new Address($email, $user->getDisplayName()),
378 'subject' => $this->translator->translate('email:request:email:subject', [], $user->getLanguage()),
379 'body' => $this->translator->translate('email:request:email:body', [
380 $site->getDisplayName(),
382 ], $user->getLanguage()),
385 return $this->email->send($notification);
396 public function registerAuthenticationFailure(\ElggUser $user): void {
397 $fails = (int) $user->authentication_failures;
400 $user->authentication_failures = $fails;
401 $user->{"authentication_failure_{$fails}
"} = time();
412 public function resetAuthenticationFailures(\ElggUser $user): void {
413 $fails = (int) $user->authentication_failures;
418 for ($n = 1; $n <= $fails; $n++) {
419 unset($user->{"authentication_failure_{$n}
"});
422 unset($user->authentication_failures);
435 public function isAuthenticationFailureLimitReached(\ElggUser $user, int $limit = null, int $lifetime = null): bool {
436 $limit = $limit ?? $this->config->authentication_failures_limit;
437 $lifetime = $lifetime ?? $this->config->authentication_failures_lifetime;
439 $fails = (int) $user->authentication_failures;
440 if (empty($fails) || $fails < $limit) {
445 $min_time = time() - $lifetime;
446 for ($n = $fails; $n > 0; $n--) {
447 $failure_timestamp = $user->{"authentication_failure_{$n}
"};
448 if ($failure_timestamp > $min_time) {
452 if ($failure_count === $limit) {
if(! $user||! $user->canDelete()) $name
$params
Saves global plugin settings.
Could not register a new user for whatever reason.
Exception thrown if an argument is not of the expected type.
Password generator service.
assertValidUsername(string $username, bool $assert_unregistered=false)
Simple function which ensures that a username contains only valid characters.
validateAccountData(string $username, string|array $password, string $name, string $email, bool $allow_multiple_emails=false)
Validate registration details to ensure they can be used to register a new user account.
__construct(protected Config $config, protected Translator $translator, protected PasswordService $passwords, protected EventsService $events, protected EmailService $email, protected PasswordGeneratorService $password_generator)
Constructor.
assertValidPassword(string|array $password)
Simple validation of a password.
assertValidAccountData(string $username, string|array $password, string $name, string $email, bool $allow_multiple_emails=false)
Assert that given registration details are valid and can be used to register the user.
assertValidEmail(string $address, bool $assert_unregistered=false)
Simple validation of a email.
Represents a set of validated parameters.
$config
Advanced site settings, debugging section.
elgg_extract($key, $array, $default=null, bool $strict=true)
Checks for $array[$key] and returns its value if it exists, else returns $default.
elgg_get_entity_class(string $type, string $subtype)
Return the class name registered as a constructor for an entity of a given type and subtype.
elgg_strlen()
Wrapper function for mb_strlen().
if(! $user||! $user->canEdit()) $password
if(parse_url(elgg_get_site_url(), PHP_URL_PATH) !=='/') if(file_exists(elgg_get_root_path() . 'robots.txt'))
Set robots.txt.