forked from GNUsocial/gnu-social
Confirm there's actually user and domain portions of acct string before assigning things from output of explode(); avoids notice message when invalid input passed to main/xrd
This commit is contained in:
parent
a20880ee1e
commit
3bb639699c
@ -35,9 +35,13 @@ class UserxrdAction extends XrdAction
|
||||
$this->uri = Discovery::normalize($this->uri);
|
||||
|
||||
if (Discovery::isWebfinger($this->uri)) {
|
||||
list($nick, $domain) = explode('@', substr(urldecode($this->uri), 5));
|
||||
$nick = common_canonical_nickname($nick);
|
||||
$this->user = User::staticGet('nickname', $nick);
|
||||
$parts = explode('@', substr(urldecode($this->uri), 5));
|
||||
if (count($parts) == 2) {
|
||||
list($nick, $domain) = $parts;
|
||||
// @fixme confirm the domain too
|
||||
$nick = common_canonical_nickname($nick);
|
||||
$this->user = User::staticGet('nickname', $nick);
|
||||
}
|
||||
} else {
|
||||
$this->user = User::staticGet('uri', $this->uri);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user