GNUsocial/gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity
Files
24713499a9686b6c2f1e765bb29d7e93e7256cd0
gnu-social/actions/userauthorization.php

516 lines
19 KiB
PHP
Raw Normal View History

oauth discovery and all new actions Updated the spec to include OAuth discovery. Added new actions for all the OMB URLs. darcs-hash:20080526112700-84dde-b1800fb4a5ab830be065e736d2a74b742b7eb0f6.gz
2008-05-26 07:27:00 -04:00
<?php
/*
* Laconica - a distributed open-source microblogging tool
* Copyright (C) 2008, Controlez-Vous, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
if (!defined('LACONICA')) { exit(1); }
clear out lots of debugging code, add require to userauthorization darcs-hash:20080603115218-84dde-f333d4541e1112487a5da1e3ad71064513e2228f.gz
2008-06-03 07:52:18 -04:00
require_once(INSTALLDIR.'/lib/omb.php');
full interface for userauthorization darcs-hash:20080604185131-84dde-2ff45e07ebba18c97803ed4a99121a6244ef1158.gz
2008-06-04 14:51:31 -04:00
define('TIMESTAMP_THRESHOLD', 300);
clear out lots of debugging code, add require to userauthorization darcs-hash:20080603115218-84dde-f333d4541e1112487a5da1e3ad71064513e2228f.gz
2008-06-03 07:52:18 -04:00
move opening brace of class declaration to next line Another gigantor PEAR coding standards patch. Here, I've moved the opening curly bracket on a class statement to the following line. darcs-hash:20081223194923-84dde-77a93de314caadbcb5b70bf346a4648be77a864e.gz
2008-12-23 14:49:23 -05:00
class UserauthorizationAction extends Action
{
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
var $error;
var $req;
csrf protection in userauthorization darcs-hash:20080829052732-84dde-0ebb7e32236b480cc3aa2eb7a4bb2b41ff6177d6.gz
2008-08-29 01:27:32 -04:00
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function handle($args)
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
parent::handle($args);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
# CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
$req = $this->getStoredRequest();
$this->showForm($req, _('There was a problem with your session token. '.
'Try again, please.'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
return;
}
# We've shown the form, now post user's choice
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
$this->sendAuthorization();
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
} else {
if (!common_logged_in()) {
# Go log in, and then come back
common_set_returnto($_SERVER['REQUEST_URI']);
common_redirect(common_local_url('login'));
return;
}
try {
# this must be a new request
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
$req = $this->getNewRequest();
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
if (!$req) {
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->clientError(_('No request found!'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
# XXX: only validate new requests, since nonce is one-time use
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
$this->validateRequest($req);
$this->storeRequest($req);
$this->showForm($req);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
} catch (OAuthException $e) {
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
$this->clearRequest();
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->clientError($e->getMessage());
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
return;
}
}
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function showForm($req, $error=null)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
$this->req = $req;
$this->error = $error;
$this->showPage();
}
function title()
{
return _('Authorize subscription');
}
function showPageNotice()
{
$this->element('p', null, _('Please check these details to make sure '.
'that you want to subscribe to this user\'s notices. '.
'If you didn\'t just ask to subscribe to someone\'s notices, '.
Cancel -> Reject in remote subscribe
2009-01-26 14:20:19 +01:00
'click "Reject".'));
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
}
function showContent()
{
$req = $this->req;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$nickname = $req->get_parameter('omb_listenee_nickname');
$profile = $req->get_parameter('omb_listenee_profile');
$license = $req->get_parameter('omb_listenee_license');
$fullname = $req->get_parameter('omb_listenee_fullname');
$homepage = $req->get_parameter('omb_listenee_homepage');
$bio = $req->get_parameter('omb_listenee_bio');
$location = $req->get_parameter('omb_listenee_location');
$avatar = $req->get_parameter('omb_listenee_avatar');
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->elementStart('div', 'profile');
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
if ($avatar) {
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('img', array('src' => $avatar,
Fixes #1067: Avatar stretched on authorize remote subscription page. The img tag used a wrong class which had a width: 100% applied.
2009-02-21 19:04:27 +01:00
'class' => 'avatar',
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
'width' => AVATAR_PROFILE_SIZE,
'height' => AVATAR_PROFILE_SIZE,
'alt' => $nickname));
}
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('a', array('href' => $profile,
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
'class' => 'external profile nickname'),
$nickname);
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (!is_null($fullname)) {
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->elementStart('div', 'fullname');
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (!is_null($homepage)) {
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('a', array('href' => $homepage),
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$fullname);
} else {
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->text($fullname);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->elementEnd('div');
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (!is_null($location)) {
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('div', 'location', $location);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (!is_null($bio)) {
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('div', 'bio', $bio);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->elementStart('div', 'license');
$this->element('a', array('href' => $license,
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
'class' => 'license'),
$license);
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->elementEnd('div');
$this->elementEnd('div');
$this->elementStart('form', array('method' => 'post',
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
'id' => 'userauthorization',
'name' => 'userauthorization',
'action' => common_local_url('userauthorization')));
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->hidden('token', common_session_token());
$this->submit('accept', _('Accept'));
$this->submit('reject', _('Reject'));
$this->elementEnd('form');
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function sendAuthorization()
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
$req = $this->getStoredRequest();
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
if (!$req) {
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->clientError(_('No authorization request!'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
return;
}
$callback = $req->get_parameter('oauth_callback');
if ($this->arg('accept')) {
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
if (!$this->authorizeToken($req)) {
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->clientError(_('Error authorizing token'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
if (!$this->saveRemoteProfile($req)) {
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->clientError(_('Error saving remote profile'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
if (!$callback) {
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
$this->showAcceptMessage($req->get_parameter('oauth_token'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
} else {
$params = array();
$params['oauth_token'] = $req->get_parameter('oauth_token');
$params['omb_version'] = OMB_VERSION_01;
$user = User::staticGet('uri', $req->get_parameter('omb_listener'));
$profile = $user->getProfile();
if (!$profile) {
common_log_db_error($user, 'SELECT', __FILE__);
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->serverError(_('User without matching profile'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
return;
}
$params['omb_listener_nickname'] = $user->nickname;
$params['omb_listener_profile'] = common_local_url('showstream',
array('nickname' => $user->nickname));
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (!is_null($profile->fullname)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$params['omb_listener_fullname'] = $profile->fullname;
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (!is_null($profile->homepage)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$params['omb_listener_homepage'] = $profile->homepage;
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (!is_null($profile->bio)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$params['omb_listener_bio'] = $profile->bio;
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (!is_null($profile->location)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$params['omb_listener_location'] = $profile->location;
}
$avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE);
if ($avatar) {
$params['omb_listener_avatar'] = $avatar->url;
}
$parts = array();
foreach ($params as $k => $v) {
fix case of OAuthUtil method
2009-03-07 13:35:19 -08:00
$parts[] = $k . '=' . OAuthUtil::urlencode_rfc3986($v);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
$query_string = implode('&', $parts);
$parsed = parse_url($callback);
$url = $callback . (($parsed['query']) ? '&' : '?') . $query_string;
common_redirect($url, 303);
}
} else {
if (!$callback) {
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
$this->showRejectMessage();
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
} else {
# XXX: not 100% sure how to signal failure... just redirect without token?
common_redirect($callback, 303);
}
}
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function authorizeToken(&$req)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$token_field = $req->get_parameter('oauth_token');
$rt = new Token();
$rt->tok = $token_field;
$rt->type = 0;
$rt->state = 0;
if ($rt->find(true)) {
$orig_rt = clone($rt);
$rt->state = 1; # Authorized but not used
if ($rt->update($orig_rt)) {
return true;
}
}
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 14:44:28 -05:00
return false;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
# XXX: refactor with similar code in finishremotesubscribe.php
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function saveRemoteProfile(&$req)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
# FIXME: we should really do this when the consumer comes
# back for an access token. If they never do, we've got stuff in a
# weird state.
$nickname = $req->get_parameter('omb_listenee_nickname');
$fullname = $req->get_parameter('omb_listenee_fullname');
$profile_url = $req->get_parameter('omb_listenee_profile');
$homepage = $req->get_parameter('omb_listenee_homepage');
$bio = $req->get_parameter('omb_listenee_bio');
$location = $req->get_parameter('omb_listenee_location');
$avatar_url = $req->get_parameter('omb_listenee_avatar');
$listenee = $req->get_parameter('omb_listenee');
$remote = Remote_profile::staticGet('uri', $listenee);
if ($remote) {
$exists = true;
$profile = Profile::staticGet($remote->id);
$orig_remote = clone($remote);
$orig_profile = clone($profile);
} else {
$exists = false;
$remote = new Remote_profile();
$remote->uri = $listenee;
$profile = new Profile();
}
$profile->nickname = $nickname;
$profile->profileurl = $profile_url;
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (!is_null($fullname)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$profile->fullname = $fullname;
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (!is_null($homepage)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$profile->homepage = $homepage;
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (!is_null($bio)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$profile->bio = $bio;
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (!is_null($location)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$profile->location = $location;
}
if ($exists) {
$profile->update($orig_profile);
} else {
$profile->created = DB_DataObject_Cast::dateTime(); # current time
$id = $profile->insert();
if (!$id) {
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 14:44:28 -05:00
return false;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
$remote->id = $id;
}
if ($exists) {
if (!$remote->update($orig_remote)) {
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 14:44:28 -05:00
return false;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
} else {
$remote->created = DB_DataObject_Cast::dateTime(); # current time
if (!$remote->insert()) {
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 14:44:28 -05:00
return false;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
}
if ($avatar_url) {
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
if (!$this->addAvatar($profile, $avatar_url)) {
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 14:44:28 -05:00
return false;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
}
$user = common_current_user();
$datastore = omb_oauth_datastore();
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
$consumer = $this->getConsumer($datastore, $req);
$token = $this->getToken($datastore, $req, $consumer);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$sub = new Subscription();
$sub->subscriber = $user->id;
$sub->subscribed = $remote->id;
$sub->token = $token->key; # NOTE: request token, not valid for use!
$sub->created = DB_DataObject_Cast::dateTime(); # current time
if (!$sub->insert()) {
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 14:44:28 -05:00
return false;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 14:44:28 -05:00
return true;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function addAvatar($profile, $url)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar');
copy($url, $temp_filename);
Fixed remote subscribe avatar problems Had some Avatar file-copying issues; seem to be fixed.
2009-02-09 23:13:11 +00:00
$imagefile = new ImageFile($profile->id, $temp_filename);
$filename = Avatar::filename($profile->id,
image_type_to_extension($imagefile->type),
null,
common_timestamp());
rename($temp_filename, Avatar::path($filename));
return $profile->setOriginal($filename);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function showAcceptMessage($tok)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
common_show_header(_('Subscription authorized'));
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('p', null,
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
_('The subscription has been authorized, but no '.
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
'callback URL was passed. Check with the site\'s instructions for '.
'details on how to authorize the subscription. Your subscription token is:'));
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('blockquote', 'token', $tok);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
common_show_footer();
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function showRejectMessage($tok)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
common_show_header(_('Subscription rejected'));
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('p', null,
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
_('The subscription has been rejected, but no '.
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
'callback URL was passed. Check with the site\'s instructions for '.
'details on how to fully reject the subscription.'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
common_show_footer();
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function storeRequest($req)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
common_ensure_session();
$_SESSION['userauthorizationrequest'] = $req;
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function clearRequest()
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
common_ensure_session();
unset($_SESSION['userauthorizationrequest']);
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function getStoredRequest()
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
common_ensure_session();
$req = $_SESSION['userauthorizationrequest'];
return $req;
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function getNewRequest()
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
common_remove_magic_from_request();
$req = OAuthRequest::from_request();
return $req;
}
# Throws an OAuthException if anything goes wrong
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function validateRequest(&$req)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
Fixes #827: Laconica expects full OAuth message for user auth request. When a user subscribes to a remote profile, he is redirected to his own service to confirm the request. This authorization request is specified in http://oauth.net/core/1.0#auth_step2. According to the standard, it does not have to pass consumer_key, nonce, timestamp or signature. The only specified parameters are oauth_token and oauth_callback, both optional.
2009-03-07 12:38:47 +01:00
/* Find token. */
$t = new Token();
$t->tok = $req->get_parameter('oauth_token');
$t->type = 0;
if (!$t->find(true)) {
throw new OAuthException("Invalid request token: " . $req->get_parameter('oauth_token'));
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
$this->validateOmb($req);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
return true;
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 01:35:05 +01:00
function validateOmb(&$req)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
foreach (array('omb_version', 'omb_listener', 'omb_listenee',
'omb_listenee_profile', 'omb_listenee_nickname',
'omb_listenee_license') as $param)
{
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 16:12:05 +01:00
if (is_null($req->get_parameter($param))) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
throw new OAuthException("Required parameter '$param' not found");
}
}
# Now, OMB stuff
$version = $req->get_parameter('omb_version');
if ($version != OMB_VERSION_01) {
throw new OAuthException("OpenMicroBlogging version '$version' not supported");
}
$listener = $req->get_parameter('omb_listener');
$user = User::staticGet('uri', $listener);
if (!$user) {
throw new OAuthException("Listener URI '$listener' not found here");
}
$cur = common_current_user();
if ($cur->id != $user->id) {
throw new OAuthException("Can't add for another user!");
}
$listenee = $req->get_parameter('omb_listenee');
if (!Validate::uri($listenee) &&
!common_valid_tag($listenee)) {
throw new OAuthException("Listenee URI '$listenee' not a recognizable URI");
}
if (strlen($listenee) > 255) {
throw new OAuthException("Listenee URI '$listenee' too long");
}
$other = User::staticGet('uri', $listenee);
if ($other) {
throw new OAuthException("Listenee URI '$listenee' is local user");
}
$remote = Remote_profile::staticGet('uri', $listenee);
if ($remote) {
$sub = new Subscription();
$sub->subscriber = $user->id;
$sub->subscribed = $remote->id;
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 14:44:28 -05:00
if ($sub->find(true)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
throw new OAuthException("Already subscribed to user!");
}
}
$nickname = $req->get_parameter('omb_listenee_nickname');
if (!Validate::string($nickname, array('min_length' => 1,
'max_length' => 64,
'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
throw new OAuthException('Nickname must have only letters and numbers and no spaces.');
}
$profile = $req->get_parameter('omb_listenee_profile');
if (!common_valid_http_url($profile)) {
throw new OAuthException("Invalid profile URL '$profile'.");
}
if ($profile == common_local_url('showstream', array('nickname' => $nickname))) {
throw new OAuthException("Profile URL '$profile' is for a local user.");
}
$license = $req->get_parameter('omb_listenee_license');
if (!common_valid_http_url($license)) {
throw new OAuthException("Invalid license URL '$license'.");
}
$site_license = common_config('license', 'url');
if (!common_compatible_license($license, $site_license)) {
throw new OAuthException("Listenee stream license '$license' not compatible with site license '$site_license'.");
}
# optional stuff
$fullname = $req->get_parameter('omb_listenee_fullname');
trac #1155 ++ replace strlen with mb_strlen for all utf8 strings.
2009-02-07 19:33:18 +00:00
if ($fullname && mb_strlen($fullname) > 255) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
throw new OAuthException("Full name '$fullname' too long.");
}
$homepage = $req->get_parameter('omb_listenee_homepage');
trac #1155 ++ replace strlen with mb_strlen for all utf8 strings.
2009-02-07 19:33:18 +00:00
if ($homepage && (!common_valid_http_url($homepage) || mb_strlen($homepage) > 255)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
throw new OAuthException("Invalid homepage '$homepage'");
}
$bio = $req->get_parameter('omb_listenee_bio');
trac #1155 ++ replace strlen with mb_strlen for all utf8 strings.
2009-02-07 19:33:18 +00:00
if ($bio && mb_strlen($bio) > 140) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
throw new OAuthException("Bio too long '$bio'");
}
$location = $req->get_parameter('omb_listenee_location');
trac #1155 ++ replace strlen with mb_strlen for all utf8 strings.
2009-02-07 19:33:18 +00:00
if ($location && mb_strlen($location) > 255) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
throw new OAuthException("Location too long '$location'");
}
$avatar = $req->get_parameter('omb_listenee_avatar');
if ($avatar) {
if (!common_valid_http_url($avatar) || strlen($avatar) > 255) {
throw new OAuthException("Invalid avatar URL '$avatar'");
}
$size = @getimagesize($avatar);
if (!$size) {
throw new OAuthException("Can't read avatar URL '$avatar'");
}
if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) {
throw new OAuthException("Wrong size image at '$avatar'");
}
if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG,
IMAGETYPE_PNG))) {
throw new OAuthException("Wrong image type for '$avatar'");
}
}
$callback = $req->get_parameter('oauth_callback');
if ($callback && !common_valid_http_url($callback)) {
throw new OAuthException("Invalid callback URL '$callback'");
}
if ($callback && $callback == common_local_url('finishremotesubscribe')) {
throw new OAuthException("Callback URL '$callback' is for local site.");
}
}
oauth discovery and all new actions Updated the spec to include OAuth discovery. Added new actions for all the OMB URLs. darcs-hash:20080526112700-84dde-b1800fb4a5ab830be065e736d2a74b742b7eb0f6.gz
2008-05-26 07:27:00 -04:00
}
Copy Permalink