wamo/gnu-social
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

make 'admin' a safe user name

Browse Source 
'admin' is a pretty common username that people try when installing;
it was blacklisted because all of our admin panels were at /admin/*,
which would conflict with the admin user's namespace.

Changed the location of all admin panels to /panel/*, blacklisted the
nickname 'panel', and allowed 'admin'. Tested with a fresh install;
seems to work great.
This commit is contained in:
Evan Prodromou 2011-01-23 10:18:35 -05:00
parent 39cf147a77
commit e53793edf4
13 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/installer.php
View File

@ -236,7 +236,7 @@ abstract class Installer
}
// @fixme hardcoded list; should use User::allowed_nickname()
// if/when it's safe to have loaded the infrastructure here
$blacklist = array('main', 'admin', 'twitter', 'settings', 'rsd.xml', 'favorited', 'featured', 'favoritedrss', 'featuredrss', 'rss', 'getfile', 'api', 'groups', 'group', 'peopletag', 'tag', 'user', 'message', 'conversation', 'bookmarklet', 'notice', 'attachment', 'search', 'index.php', 'doc', 'opensearch', 'robots.txt', 'xd_receiver.html', 'facebook');
$blacklist = array('main', 'panel', 'twitter', 'settings', 'rsd.xml', 'favorited', 'featured', 'favoritedrss', 'featuredrss', 'rss', 'getfile', 'api', 'groups', 'group', 'peopletag', 'tag', 'user', 'message', 'conversation', 'bookmarklet', 'notice', 'attachment', 'search', 'index.php', 'doc', 'opensearch', 'robots.txt', 'xd_receiver.html', 'facebook');
if (in_array($this->adminNick, $blacklist)) {
$this->updateStatus('The user nickname "' . htmlspecialchars($this->adminNick) .
'" is reserved.', true);

24
lib/router.php
View File

@ -791,21 +791,21 @@ class Router
// Admin
$m->connect('admin/site', array('action' => 'siteadminpanel'));
$m->connect('admin/design', array('action' => 'designadminpanel'));
$m->connect('admin/user', array('action' => 'useradminpanel'));
$m->connect('admin/access', array('action' => 'accessadminpanel'));
$m->connect('admin/paths', array('action' => 'pathsadminpanel'));
$m->connect('admin/sessions', array('action' => 'sessionsadminpanel'));
$m->connect('admin/sitenotice', array('action' => 'sitenoticeadminpanel'));
$m->connect('admin/snapshot', array('action' => 'snapshotadminpanel'));
$m->connect('admin/license', array('action' => 'licenseadminpanel'));
$m->connect('panel/site', array('action' => 'siteadminpanel'));
$m->connect('panel/design', array('action' => 'designadminpanel'));
$m->connect('panel/user', array('action' => 'useradminpanel'));
$m->connect('panel/access', array('action' => 'accessadminpanel'));
$m->connect('panel/paths', array('action' => 'pathsadminpanel'));
$m->connect('panel/sessions', array('action' => 'sessionsadminpanel'));
$m->connect('panel/sitenotice', array('action' => 'sitenoticeadminpanel'));
$m->connect('panel/snapshot', array('action' => 'snapshotadminpanel'));
$m->connect('panel/license', array('action' => 'licenseadminpanel'));
$m->connect('admin/plugins', array('action' => 'pluginsadminpanel'));
$m->connect('admin/plugins/enable/:plugin',
$m->connect('panel/plugins', array('action' => 'pluginsadminpanel'));
$m->connect('panel/plugins/enable/:plugin',
array('action' => 'pluginenable'),
array('plugin' => '[A-Za-z0-9_]+'));
$m->connect('admin/plugins/disable/:plugin',
$m->connect('panel/plugins/disable/:plugin',
array('action' => 'plugindisable'),
array('plugin' => '[A-Za-z0-9_]+'));

2
plugins/Adsense/AdsensePlugin.php
View File

@ -168,7 +168,7 @@ class AdsensePlugin extends UAPPlugin
function onRouterInitialized($m)
{
$m->connect('admin/adsense',
$m->connect('panel/adsense',
array('action' => 'adsenseadminpanel'));
return true;

2
plugins/BitlyUrl/BitlyUrlPlugin.php
View File

@ -184,7 +184,7 @@ class BitlyUrlPlugin extends UrlShortenerPlugin
*/
function onRouterInitialized($m)
{
$m->connect('admin/bitly',
$m->connect('panel/bitly',
array('action' => 'bitlyadminpanel'));
return true;
}

2
plugins/Blacklist/BlacklistPlugin.php
View File

@ -297,7 +297,7 @@ class BlacklistPlugin extends Plugin
*/
function onRouterInitialized($m)
{
$m->connect('admin/blacklist', array('action' => 'blacklistadminpanel'));
$m->connect('panel/blacklist', array('action' => 'blacklistadminpanel'));
return true;
}

2
plugins/Facebook/FacebookPlugin.php
View File

@ -105,7 +105,7 @@ class FacebookPlugin extends Plugin
*/
function onStartInitializeRouter($m)
{
$m->connect('admin/facebook', array('action' => 'facebookadminpanel'));
$m->connect('panel/facebook', array('action' => 'facebookadminpanel'));
if (self::hasKeys()) {
// Facebook App stuff

2
plugins/FacebookBridge/FacebookBridgePlugin.php
View File

@ -154,7 +154,7 @@ class FacebookBridgePlugin extends Plugin
function onRouterInitialized($m)
{
// Always add the admin panel route
$m->connect('admin/facebook', array('action' => 'facebookadminpanel'));
$m->connect('panel/facebook', array('action' => 'facebookadminpanel'));
// Only add these routes if an application has been setup on
// Facebook for the plugin to use.

2
plugins/OpenID/OpenIDPlugin.php
View File

@ -80,7 +80,7 @@ class OpenIDPlugin extends Plugin
$m->connect('index.php?action=finishaddopenid',
array('action' => 'finishaddopenid'));
$m->connect('main/openidserver', array('action' => 'openidserver'));
$m->connect('admin/openid', array('action' => 'openidadminpanel'));
$m->connect('panel/openid', array('action' => 'openidadminpanel'));
return true;
}

2
plugins/OpenX/OpenXPlugin.php
View File

@ -175,7 +175,7 @@ ENDOFSCRIPT;
function onRouterInitialized($m)
{
$m->connect('admin/openx',
$m->connect('panel/openx',
array('action' => 'openxadminpanel'));
return true;

2
plugins/Sitemap/SitemapPlugin.php
View File

@ -122,7 +122,7 @@ class SitemapPlugin extends Plugin
'day' => '[0123][0-9]',
'index' => '[1-9][0-9]*'));
$m->connect('admin/sitemap',
$m->connect('panel/sitemap',
array('action' => 'sitemapadminpanel'));
return true;

2
plugins/TwitterBridge/TwitterBridgePlugin.php
View File

@ -111,7 +111,7 @@ class TwitterBridgePlugin extends Plugin
*/
function onRouterInitialized($m)
{
$m->connect('admin/twitter', array('action' => 'twitteradminpanel'));
$m->connect('panel/twitter', array('action' => 'twitteradminpanel'));
if (self::hasKeys()) {
$m->connect(

2
plugins/UserFlag/UserFlagPlugin.php
View File

@ -85,7 +85,7 @@ class UserFlagPlugin extends Plugin
{
$m->connect('main/flag/profile', array('action' => 'flagprofile'));
$m->connect('main/flag/clear', array('action' => 'clearflag'));
$m->connect('admin/profile/flag', array('action' => 'adminprofileflag'));
$m->connect('panel/profile/flag', array('action' => 'adminprofileflag'));
return true;
}

4
plugins/YammerImport/YammerImportPlugin.php
View File

@ -34,9 +34,9 @@ class YammerImportPlugin extends Plugin
*/
function onRouterInitialized($m)
{
$m->connect('admin/yammer',
$m->connect('panel/yammer',
array('action' => 'yammeradminpanel'));
$m->connect('admin/yammer/auth',
$m->connect('panel/yammer/auth',
array('action' => 'yammerauth'));
return true;
}