diff options
Diffstat (limited to 'app/Controllers')
| -rw-r--r-- | app/Controllers/authController.php | 16 | ||||
| -rw-r--r-- | app/Controllers/userController.php | 21 |
2 files changed, 34 insertions, 3 deletions
diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php index e2e1aaa22..5874b312d 100644 --- a/app/Controllers/authController.php +++ b/app/Controllers/authController.php @@ -109,6 +109,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController { public function formLoginAction() { invalidateHttpCache(); + Minz_View::prependTitle(_t('gen.auth.login') . ' ยท '); Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js'))); $conf = Minz_Configuration::get('system'); @@ -122,7 +123,10 @@ class FreshRSS_auth_Controller extends Minz_ActionController { $conf = get_user_configuration($username); if ($conf == null) { - Minz_Error::error(403, array(_t('feedback.auth.login.invalid')), false); + Minz_Request::bad( + _t('feedback.auth.login.invalid'), + array('c' => 'auth', 'a' => 'login') + ); return; } @@ -151,7 +155,10 @@ class FreshRSS_auth_Controller extends Minz_ActionController { ' user=' . $username . ', nonce=' . $nonce . ', c=' . $challenge); - Minz_Error::error(403, array(_t('feedback.auth.login.invalid')), false); + Minz_Request::bad( + _t('feedback.auth.login.invalid'), + array('c' => 'auth', 'a' => 'login') + ); } } elseif (FreshRSS_Context::$system_conf->unsafe_autologin_enabled) { $username = Minz_Request::param('u', ''); @@ -182,7 +189,10 @@ class FreshRSS_auth_Controller extends Minz_ActionController { array('c' => 'index', 'a' => 'index')); } else { Minz_Log::warning('Unsafe password mismatch for user ' . $username); - Minz_Error::error(403, array(_t('feedback.auth.login.invalid')), false); + Minz_Request::bad( + _t('feedback.auth.login.invalid'), + array('c' => 'auth', 'a' => 'login') + ); } } } diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php index b5725e6b5..5da42f5a4 100644 --- a/app/Controllers/userController.php +++ b/app/Controllers/userController.php @@ -284,6 +284,27 @@ class FreshRSS_user_Controller extends Minz_ActionController { $email = Minz_Request::param('new_user_email', ''); $passwordPlain = Minz_Request::param('new_user_passwordPlain', '', true); + if (!self::checkUsername($new_user_name)) { + Minz_Request::bad( + _t('user.username.invalid'), + array('c' => 'auth', 'a' => 'register') + ); + } + + if (FreshRSS_UserDAO::exists($new_user_name)) { + Minz_Request::bad( + _t('user.username.taken', $new_user_name), + array('c' => 'auth', 'a' => 'register') + ); + } + + if (!FreshRSS_password_Util::check($passwordPlain)) { + Minz_Request::bad( + _t('user.password.invalid'), + array('c' => 'auth', 'a' => 'register') + ); + } + $tos_enabled = file_exists(join_path(DATA_PATH, 'tos.html')); $accept_tos = Minz_Request::param('accept_tos', false); |