10 yıl önce · 02c3546440
--- a/app/Controllers/userController.php
+++ b/app/Controllers/userController.php
@@ -12,9 +12,14 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 
				 	 * This action is called before every other action in that class. It is
			
 
				 	 * the common boiler plate for every action. It is triggered by the
			
 
				 	 * underlying framework.
			
 
				+	 *
			
 
				+	 * @todo clean up the access condition.
			
 
				 	 */
			
 
				 	public function firstAction() {
			
 
				-		if (!FreshRSS_Auth::hasAccess()) {
			
 
				+		if (!FreshRSS_Auth::hasAccess() && !(
			
 
				+				Minz_Request::actionName() === 'create' &&
			
 
				+				!max_registrations_reached()
			
 
				+		)) {
			
 
				 			Minz_Error::error(403);
			
 
				 		}
			
 
				 	}
			
@@ -111,11 +116,16 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 
				 	 *   - new_user_name
			
 
				 	 *   - new_user_passwordPlain
			
 
				 	 *   - new_user_email
			
 
				+	 *   - r (i.e. a redirection url, optional)
			
 
				 	 *
			
 
				 	 * @todo clean up this method. Idea: write a method to init a user with basic information.
			
 
				+	 * @todo handle r redirection in Minz_Request::forward directly?
			
 
				 	 */
			
 
				 	public function createAction() {
			
 
				-		if (Minz_Request::isPost() && FreshRSS_Auth::hasAccess('admin')) {
			
 
				+		if (Minz_Request::isPost() && (
			
 
				+				FreshRSS_Auth::hasAccess('admin') ||
			
 
				+				!max_registrations_reached()
			
 
				+		)) {
			
 
				 			$db = FreshRSS_Context::$system_conf->db;
			
 
				 			require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
			
 
				 
			
@@ -186,7 +196,11 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 
				 			Minz_Session::_param('notification', $notif);
			
 
				 		}
			
 
				 
			
 
				-		Minz_Request::forward(array('c' => 'user', 'a' => 'manage'), true);
			
 
				+		$redirect_url = urldecode(Minz_Request::param('r', false, true));
			
 
				+		if (!$redirect_url) {
			
 
				+			$redirect_url = array('c' => 'user', 'a' => 'manage');
			
 
				+		}
			
 
				+		Minz_Request::forward($redirect_url, true);
			
 
				 	}
			
 
				 
			
 
				 	/**
			
--- a/app/views/auth/register.phtml
+++ b/app/views/auth/register.phtml
@@ -29,6 +29,13 @@
 
				         </div>
			
 
				 
			
 
				         <div>
			
 
				+            <?php
			
 
				+                $redirect_url = urlencode(Minz_Url::display(
			
 
				+                    array('c' => 'index', 'a' => 'index'),
			
 
				+                    'php', true
			
 
				+                ));
			
 
				+            ?>
			
 
				+            <input type="hidden" name="r" value="<?php echo $redirect_url; ?>" />
			
 
				             <button type="submit" class="btn btn-important"><?php echo _t('gen.action.create'); ?></button>
			
 
				             <a class="btn" href="<?php echo _url('index', 'index'); ?>"><?php echo _t('gen.action.cancel'); ?></a>
			
 
				         </div>
			
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -266,6 +266,22 @@ function listUsers() {
 
				 }
			
 
				 
			
 
				 
			
 
				+/**
			
 
				+ * Return if the maximum number of registrations has been reached.
			
 
				+ *
			
 
				+ * Note a max_regstrations of 0 means there is no limit.
			
 
				+ *
			
 
				+ * @return true if number of users >= max registrations, false else.
			
 
				+ */
			
 
				+function max_registrations_reached() {
			
 
				+	$system_conf = Minz_Configuration::get('system');
			
 
				+	$limit_registrations = $system_conf->limits['max_registrations'];
			
 
				+	$number_accounts = count(listUsers());
			
 
				+
			
 
				+	return $limit_registrations > 0 && $number_accounts >= $limit_registrations;
			
 
				+}
			
 
				+
			
 
				+
			
 
				 /**
			
 
				  * Register and return the configuration for a given user.
			
 
				  *