forked from GNUsocial/gnu-social
make 'admin' a safe user name
'admin' is a pretty common username that people try when installing; it was blacklisted because all of our admin panels were at /admin/*, which would conflict with the admin user's namespace. Changed the location of all admin panels to /panel/*, blacklisted the nickname 'panel', and allowed 'admin'. Tested with a fresh install; seems to work great.
This commit is contained in:
parent
39cf147a77
commit
e53793edf4
@ -236,7 +236,7 @@ abstract class Installer
|
||||
}
|
||||
// @fixme hardcoded list; should use User::allowed_nickname()
|
||||
// if/when it's safe to have loaded the infrastructure here
|
||||
$blacklist = array('main', 'admin', 'twitter', 'settings', 'rsd.xml', 'favorited', 'featured', 'favoritedrss', 'featuredrss', 'rss', 'getfile', 'api', 'groups', 'group', 'peopletag', 'tag', 'user', 'message', 'conversation', 'bookmarklet', 'notice', 'attachment', 'search', 'index.php', 'doc', 'opensearch', 'robots.txt', 'xd_receiver.html', 'facebook');
|
||||
$blacklist = array('main', 'panel', 'twitter', 'settings', 'rsd.xml', 'favorited', 'featured', 'favoritedrss', 'featuredrss', 'rss', 'getfile', 'api', 'groups', 'group', 'peopletag', 'tag', 'user', 'message', 'conversation', 'bookmarklet', 'notice', 'attachment', 'search', 'index.php', 'doc', 'opensearch', 'robots.txt', 'xd_receiver.html', 'facebook');
|
||||
if (in_array($this->adminNick, $blacklist)) {
|
||||
$this->updateStatus('The user nickname "' . htmlspecialchars($this->adminNick) .
|
||||
'" is reserved.', true);
|
||||
|
@ -791,21 +791,21 @@ class Router
|
||||
|
||||
// Admin
|
||||
|
||||
$m->connect('admin/site', array('action' => 'siteadminpanel'));
|
||||
$m->connect('admin/design', array('action' => 'designadminpanel'));
|
||||
$m->connect('admin/user', array('action' => 'useradminpanel'));
|
||||
$m->connect('admin/access', array('action' => 'accessadminpanel'));
|
||||
$m->connect('admin/paths', array('action' => 'pathsadminpanel'));
|
||||
$m->connect('admin/sessions', array('action' => 'sessionsadminpanel'));
|
||||
$m->connect('admin/sitenotice', array('action' => 'sitenoticeadminpanel'));
|
||||
$m->connect('admin/snapshot', array('action' => 'snapshotadminpanel'));
|
||||
$m->connect('admin/license', array('action' => 'licenseadminpanel'));
|
||||
$m->connect('panel/site', array('action' => 'siteadminpanel'));
|
||||
$m->connect('panel/design', array('action' => 'designadminpanel'));
|
||||
$m->connect('panel/user', array('action' => 'useradminpanel'));
|
||||
$m->connect('panel/access', array('action' => 'accessadminpanel'));
|
||||
$m->connect('panel/paths', array('action' => 'pathsadminpanel'));
|
||||
$m->connect('panel/sessions', array('action' => 'sessionsadminpanel'));
|
||||
$m->connect('panel/sitenotice', array('action' => 'sitenoticeadminpanel'));
|
||||
$m->connect('panel/snapshot', array('action' => 'snapshotadminpanel'));
|
||||
$m->connect('panel/license', array('action' => 'licenseadminpanel'));
|
||||
|
||||
$m->connect('admin/plugins', array('action' => 'pluginsadminpanel'));
|
||||
$m->connect('admin/plugins/enable/:plugin',
|
||||
$m->connect('panel/plugins', array('action' => 'pluginsadminpanel'));
|
||||
$m->connect('panel/plugins/enable/:plugin',
|
||||
array('action' => 'pluginenable'),
|
||||
array('plugin' => '[A-Za-z0-9_]+'));
|
||||
$m->connect('admin/plugins/disable/:plugin',
|
||||
$m->connect('panel/plugins/disable/:plugin',
|
||||
array('action' => 'plugindisable'),
|
||||
array('plugin' => '[A-Za-z0-9_]+'));
|
||||
|
||||
|
@ -168,7 +168,7 @@ class AdsensePlugin extends UAPPlugin
|
||||
|
||||
function onRouterInitialized($m)
|
||||
{
|
||||
$m->connect('admin/adsense',
|
||||
$m->connect('panel/adsense',
|
||||
array('action' => 'adsenseadminpanel'));
|
||||
|
||||
return true;
|
||||
|
@ -184,7 +184,7 @@ class BitlyUrlPlugin extends UrlShortenerPlugin
|
||||
*/
|
||||
function onRouterInitialized($m)
|
||||
{
|
||||
$m->connect('admin/bitly',
|
||||
$m->connect('panel/bitly',
|
||||
array('action' => 'bitlyadminpanel'));
|
||||
return true;
|
||||
}
|
||||
|
@ -297,7 +297,7 @@ class BlacklistPlugin extends Plugin
|
||||
*/
|
||||
function onRouterInitialized($m)
|
||||
{
|
||||
$m->connect('admin/blacklist', array('action' => 'blacklistadminpanel'));
|
||||
$m->connect('panel/blacklist', array('action' => 'blacklistadminpanel'));
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -105,7 +105,7 @@ class FacebookPlugin extends Plugin
|
||||
*/
|
||||
function onStartInitializeRouter($m)
|
||||
{
|
||||
$m->connect('admin/facebook', array('action' => 'facebookadminpanel'));
|
||||
$m->connect('panel/facebook', array('action' => 'facebookadminpanel'));
|
||||
|
||||
if (self::hasKeys()) {
|
||||
// Facebook App stuff
|
||||
|
@ -154,7 +154,7 @@ class FacebookBridgePlugin extends Plugin
|
||||
function onRouterInitialized($m)
|
||||
{
|
||||
// Always add the admin panel route
|
||||
$m->connect('admin/facebook', array('action' => 'facebookadminpanel'));
|
||||
$m->connect('panel/facebook', array('action' => 'facebookadminpanel'));
|
||||
|
||||
// Only add these routes if an application has been setup on
|
||||
// Facebook for the plugin to use.
|
||||
|
@ -80,7 +80,7 @@ class OpenIDPlugin extends Plugin
|
||||
$m->connect('index.php?action=finishaddopenid',
|
||||
array('action' => 'finishaddopenid'));
|
||||
$m->connect('main/openidserver', array('action' => 'openidserver'));
|
||||
$m->connect('admin/openid', array('action' => 'openidadminpanel'));
|
||||
$m->connect('panel/openid', array('action' => 'openidadminpanel'));
|
||||
|
||||
return true;
|
||||
}
|
||||
|
@ -175,7 +175,7 @@ ENDOFSCRIPT;
|
||||
|
||||
function onRouterInitialized($m)
|
||||
{
|
||||
$m->connect('admin/openx',
|
||||
$m->connect('panel/openx',
|
||||
array('action' => 'openxadminpanel'));
|
||||
|
||||
return true;
|
||||
|
@ -122,7 +122,7 @@ class SitemapPlugin extends Plugin
|
||||
'day' => '[0123][0-9]',
|
||||
'index' => '[1-9][0-9]*'));
|
||||
|
||||
$m->connect('admin/sitemap',
|
||||
$m->connect('panel/sitemap',
|
||||
array('action' => 'sitemapadminpanel'));
|
||||
|
||||
return true;
|
||||
|
@ -111,7 +111,7 @@ class TwitterBridgePlugin extends Plugin
|
||||
*/
|
||||
function onRouterInitialized($m)
|
||||
{
|
||||
$m->connect('admin/twitter', array('action' => 'twitteradminpanel'));
|
||||
$m->connect('panel/twitter', array('action' => 'twitteradminpanel'));
|
||||
|
||||
if (self::hasKeys()) {
|
||||
$m->connect(
|
||||
|
@ -85,7 +85,7 @@ class UserFlagPlugin extends Plugin
|
||||
{
|
||||
$m->connect('main/flag/profile', array('action' => 'flagprofile'));
|
||||
$m->connect('main/flag/clear', array('action' => 'clearflag'));
|
||||
$m->connect('admin/profile/flag', array('action' => 'adminprofileflag'));
|
||||
$m->connect('panel/profile/flag', array('action' => 'adminprofileflag'));
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -34,9 +34,9 @@ class YammerImportPlugin extends Plugin
|
||||
*/
|
||||
function onRouterInitialized($m)
|
||||
{
|
||||
$m->connect('admin/yammer',
|
||||
$m->connect('panel/yammer',
|
||||
array('action' => 'yammeradminpanel'));
|
||||
$m->connect('admin/yammer/auth',
|
||||
$m->connect('panel/yammer/auth',
|
||||
array('action' => 'yammerauth'));
|
||||
return true;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user