diff --git a/src/Controller/Security.php b/src/Controller/Security.php index 7c1f42f130..0f171122c6 100644 --- a/src/Controller/Security.php +++ b/src/Controller/Security.php @@ -138,7 +138,9 @@ class Security extends Controller $found_user = DB::findOneBy('local_user', ['or' => ['nickname' => $nickname, 'outgoing_email' => $data['email']]]); if ($found_user->getNickname() === $nickname) { throw new NicknameTakenException($found_user->getActor()); - } elseif ($found_user->getOutgoingEmail() === $data['email']) { + } + + if ($found_user->getOutgoingEmail() === $data['email']) { throw new EmailTakenException($found_user->getActor()); } unset($found_user); @@ -164,7 +166,7 @@ class Security extends Controller DB::persistWithSameId( $actor, $user, - function (int $id) use ($user) { + static function (int $id) use ($user) { // Self subscription for the Home feed and alike DB::persist(ActorSubscription::create(['subscriber_id' => $id, 'subscribed_id' => $id])); Feed::createDefaultFeeds($id, $user); diff --git a/src/Controller/UserPanel.php b/src/Controller/UserPanel.php index f3a3c37474..0fd742107d 100644 --- a/src/Controller/UserPanel.php +++ b/src/Controller/UserPanel.php @@ -115,8 +115,22 @@ class UserPanel extends Controller // TODO Add support missing settings $form = Form::create([ - ['outgoing_email', TextType::class, ['label' => _m('Outgoing email'), 'required' => false, 'help' => _m('Change the email we use to contact you')]], - ['incoming_email', TextType::class, ['label' => _m('Incoming email'), 'required' => false, 'help' => _m('Change the email you use to contact us (for posting, for instance)')]], + ['outgoing_email_sanitized', TextType::class, + [ + 'label' => _m('Outgoing email'), + 'required' => false, + 'help' => _m('Change the email we use to contact you'), + 'data' => $user->getOutgoingEmail() ?: '', + ], + ], + ['incoming_email_sanitized', TextType::class, + [ + 'label' => _m('Incoming email'), + 'required' => false, + 'help' => _m('Change the email you use to contact us (for posting, for instance)'), + 'data' => $user->getIncomingEmail() ?: '', + ], + ], ['save_email', SubmitType::class, ['label' => _m('Save email info')]], ]); diff --git a/src/Entity/LocalUser.php b/src/Entity/LocalUser.php index 806e90414e..a7fe98357d 100644 --- a/src/Entity/LocalUser.php +++ b/src/Entity/LocalUser.php @@ -28,6 +28,7 @@ use App\Core\DB\DB; use App\Core\Entity; use App\Core\ActorLocalRoles; use App\Util\Common; +use App\Util\Exception\EmailException; use App\Util\Exception\NicknameEmptyException; use App\Util\Exception\NicknameException; use App\Util\Exception\NicknameInvalidException; @@ -369,6 +370,40 @@ class LocalUser extends Entity implements UserInterface, PasswordAuthenticatedUs return $this; } + /** + * Validates desired email, throwing an EmailException if it's invalid + * + * @param string|null $email The desired outgoing email + * @return LocalUser + * @throws EmailException + */ + public function setOutgoingEmailSanitized(?string $email): self + { + $sanitized_email = filter_var($email, FILTER_SANITIZE_EMAIL); + if (!is_null($email) && !filter_var($sanitized_email, FILTER_VALIDATE_EMAIL)) { + throw new EmailException('Invalid email entry, please use a valid email'); + } + $this->outgoing_email = \is_null($sanitized_email) ? null : \mb_substr($sanitized_email, 0, 191); + return $this; + } + + /** + * Validates desired email, throwing an EmailException if it's invalid + * + * @param string|null $email The desired incoming email + * @return LocalUser + * @throws EmailException + */ + public function setIncomingEmailSanitized(?string $email): self + { + $sanitized_email = filter_var($email, FILTER_SANITIZE_EMAIL); + if (!is_null($email) && !filter_var($sanitized_email, FILTER_VALIDATE_EMAIL)) { + throw new EmailException('Invalid email entry, please use a valid email'); + } + $this->incoming_email = \is_null($sanitized_email) ? null : \mb_substr($sanitized_email, 0, 191); + return $this; + } + public function getActor(): Actor { return Actor::getById($this->id);