eliseuamaro/gnu-social
1
0
Fork 0
forked from GNUsocial/gnu-social
Code Issues Pull Requests Releases Wiki Activity

[SECURITY] Fix nickname validation and properly allow email auth

Browse Source
This commit is contained in:
Diogo Peralta Cordeiro
2021-10-10 17:41:30 +01:00
parent 071b769997
commit 03f6029ce5
13 changed files with 163 additions and 176 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Entity/LocalUser.php
View File

@@ -308,9 +308,9 @@ class LocalUser extends Entity implements UserInterface
*
* @return self Returns self if nickname or email found
*/
public static function findByNicknameOrEmail(string $nickname, string $email): ?self
public static function getByEmail(string $email): ?self
{
$users = DB::findBy('local_user', ['or' => ['nickname' => $nickname, 'outgoing_email' => $email, 'incoming_email' => $email]]);
$users = DB::findBy('local_user', ['or' => ['outgoing_email' => $email, 'incoming_email' => $email]]);
switch (count($users)) {
case 0:
return null;