GNUsocial
/
gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity
gnu-social/actions/userauthorization.php

503 lines
18 KiB
PHP
Raw Normal View History

oauth discovery and all new actions Updated the spec to include OAuth discovery. Added new actions for all the OMB URLs. darcs-hash:20080526112700-84dde-b1800fb4a5ab830be065e736d2a74b742b7eb0f6.gz
2008-05-26 12:27:00 +01:00
<?php
/*
* Laconica - a distributed open-source microblogging tool
* Copyright (C) 2008, Controlez-Vous, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
if (!defined('LACONICA')) { exit(1); }
clear out lots of debugging code, add require to userauthorization darcs-hash:20080603115218-84dde-f333d4541e1112487a5da1e3ad71064513e2228f.gz
2008-06-03 12:52:18 +01:00
require_once(INSTALLDIR.'/lib/omb.php');
full interface for userauthorization darcs-hash:20080604185131-84dde-2ff45e07ebba18c97803ed4a99121a6244ef1158.gz
2008-06-04 19:51:31 +01:00
define('TIMESTAMP_THRESHOLD', 300);
clear out lots of debugging code, add require to userauthorization darcs-hash:20080603115218-84dde-f333d4541e1112487a5da1e3ad71064513e2228f.gz
2008-06-03 12:52:18 +01:00
move opening brace of class declaration to next line Another gigantor PEAR coding standards patch. Here, I've moved the opening curly bracket on a class statement to the following line. darcs-hash:20081223194923-84dde-77a93de314caadbcb5b70bf346a4648be77a864e.gz
2008-12-23 19:49:23 +00:00
class UserauthorizationAction extends Action
{
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
var $error;
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
var $params;
csrf protection in userauthorization darcs-hash:20080829052732-84dde-0ebb7e32236b480cc3aa2eb7a4bb2b41ff6177d6.gz
2008-08-29 06:27:32 +01:00
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
function handle($args)
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
parent::handle($args);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
# CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$params = $this->getStoredParams();
$this->showForm($params, _('There was a problem with your session token. '.
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
'Try again, please.'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
return;
}
# We've shown the form, now post user's choice
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
$this->sendAuthorization();
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
} else {
if (!common_logged_in()) {
# Go log in, and then come back
common_set_returnto($_SERVER['REQUEST_URI']);
common_redirect(common_local_url('login'));
return;
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
try {
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$this->validateRequest();
$this->storeParams($_GET);
$this->showForm($_GET);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
} catch (OAuthException $e) {
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$this->clearParams();
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->clientError($e->getMessage());
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
return;
}
}
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
function showForm($params, $error=null)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
{
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$this->params = $params;
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
$this->error = $error;
$this->showPage();
}
function title()
{
return _('Authorize subscription');
}
function showPageNotice()
{
$this->element('p', null, _('Please check these details to make sure '.
'that you want to subscribe to this user\'s notices. '.
'If you didn\'t just ask to subscribe to someone\'s notices, '.
Cancel -> Reject in remote subscribe
2009-01-26 13:20:19 +00:00
'click "Reject".'));
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
}
function showContent()
{
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$params = $this->params;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$nickname = $params['omb_listenee_nickname'];
$profile = $params['omb_listenee_profile'];
$license = $params['omb_listenee_license'];
$fullname = $params['omb_listenee_fullname'];
$homepage = $params['omb_listenee_homepage'];
$bio = $params['omb_listenee_bio'];
$location = $params['omb_listenee_location'];
$avatar = $params['omb_listenee_avatar'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->elementStart('div', 'profile');
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
if ($avatar) {
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('img', array('src' => $avatar,
Fixes #1067: Avatar stretched on authorize remote subscription page. The img tag used a wrong class which had a width: 100% applied.
2009-02-21 18:04:27 +00:00
'class' => 'avatar',
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
'width' => AVATAR_PROFILE_SIZE,
'height' => AVATAR_PROFILE_SIZE,
'alt' => $nickname));
}
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('a', array('href' => $profile,
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
'class' => 'external profile nickname'),
$nickname);
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 15:12:05 +00:00
if (!is_null($fullname)) {
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->elementStart('div', 'fullname');
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 15:12:05 +00:00
if (!is_null($homepage)) {
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('a', array('href' => $homepage),
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
$fullname);
} else {
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->text($fullname);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->elementEnd('div');
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 15:12:05 +00:00
if (!is_null($location)) {
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('div', 'location', $location);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 15:12:05 +00:00
if (!is_null($bio)) {
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('div', 'bio', $bio);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->elementStart('div', 'license');
$this->element('a', array('href' => $license,
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
'class' => 'license'),
$license);
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->elementEnd('div');
$this->elementEnd('div');
$this->elementStart('form', array('method' => 'post',
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
'id' => 'userauthorization',
'name' => 'userauthorization',
'action' => common_local_url('userauthorization')));
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->hidden('token', common_session_token());
$this->submit('accept', _('Accept'));
$this->submit('reject', _('Reject'));
$this->elementEnd('form');
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
function sendAuthorization()
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
{
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$params = $this->getStoredParams();
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
if (!$params) {
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->clientError(_('No authorization request!'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
return;
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$callback = $params['oauth_callback'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
if ($this->arg('accept')) {
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
if (!$this->authorizeToken($params)) {
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->clientError(_('Error authorizing token'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
if (!$this->saveRemoteProfile($params)) {
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->clientError(_('Error saving remote profile'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
if (!$callback) {
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$this->showAcceptMessage($params['oauth_token']);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
} else {
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$newparams = array();
$newparams['oauth_token'] = $params['oauth_token'];
$newparams['omb_version'] = OMB_VERSION_01;
$user = User::staticGet('uri', $params['omb_listener']);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
$profile = $user->getProfile();
if (!$profile) {
common_log_db_error($user, 'SELECT', __FILE__);
Convert use of common_server_error and common_user_error to methods on Action
2009-01-15 23:03:38 +00:00
$this->serverError(_('User without matching profile'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
return;
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$newparams['omb_listener_nickname'] = $user->nickname;
$newparams['omb_listener_profile'] = common_local_url('showstream',
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
array('nickname' => $user->nickname));
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 15:12:05 +00:00
if (!is_null($profile->fullname)) {
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$newparams['omb_listener_fullname'] = $profile->fullname;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 15:12:05 +00:00
if (!is_null($profile->homepage)) {
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$newparams['omb_listener_homepage'] = $profile->homepage;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 15:12:05 +00:00
if (!is_null($profile->bio)) {
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$newparams['omb_listener_bio'] = $profile->bio;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 15:12:05 +00:00
if (!is_null($profile->location)) {
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$newparams['omb_listener_location'] = $profile->location;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
$avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE);
if ($avatar) {
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$newparams['omb_listener_avatar'] = $avatar->url;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
$parts = array();
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
foreach ($newparams as $k => $v) {
fix case of OAuthUtil method
2009-03-07 21:35:19 +00:00
$parts[] = $k . '=' . OAuthUtil::urlencode_rfc3986($v);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
$query_string = implode('&', $parts);
$parsed = parse_url($callback);
$url = $callback . (($parsed['query']) ? '&' : '?') . $query_string;
common_redirect($url, 303);
}
} else {
if (!$callback) {
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
$this->showRejectMessage();
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
} else {
# XXX: not 100% sure how to signal failure... just redirect without token?
common_redirect($callback, 303);
}
}
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
function authorizeToken(&$params)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
{
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$token_field = $params['oauth_token'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
$rt = new Token();
$rt->tok = $token_field;
$rt->type = 0;
$rt->state = 0;
if ($rt->find(true)) {
$orig_rt = clone($rt);
$rt->state = 1; # Authorized but not used
if ($rt->update($orig_rt)) {
return true;
}
}
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 19:44:28 +00:00
return false;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
# XXX: refactor with similar code in finishremotesubscribe.php
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
function saveRemoteProfile(&$params)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
# FIXME: we should really do this when the consumer comes
# back for an access token. If they never do, we've got stuff in a
# weird state.
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$nickname = $params['omb_listenee_nickname'];
$fullname = $params['omb_listenee_fullname'];
$profile_url = $params['omb_listenee_profile'];
$homepage = $params['omb_listenee_homepage'];
$bio = $params['omb_listenee_bio'];
$location = $params['omb_listenee_location'];
$avatar_url = $params['omb_listenee_avatar'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$listenee = $params['omb_listenee'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
$remote = Remote_profile::staticGet('uri', $listenee);
if ($remote) {
$exists = true;
$profile = Profile::staticGet($remote->id);
$orig_remote = clone($remote);
$orig_profile = clone($profile);
} else {
$exists = false;
$remote = new Remote_profile();
$remote->uri = $listenee;
$profile = new Profile();
}
$profile->nickname = $nickname;
$profile->profileurl = $profile_url;
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 15:12:05 +00:00
if (!is_null($fullname)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
$profile->fullname = $fullname;
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 15:12:05 +00:00
if (!is_null($homepage)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
$profile->homepage = $homepage;
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 15:12:05 +00:00
if (!is_null($bio)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
$profile->bio = $bio;
}
Improve handling of null values in profile parameters. This commit fixes two issues: - Allowing remote users to clear profile parameters via OMB. - Improved handling of profile parameters which evaluate to false ('0' for example)
2009-03-03 15:12:05 +00:00
if (!is_null($location)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
$profile->location = $location;
}
if ($exists) {
$profile->update($orig_profile);
} else {
$profile->created = DB_DataObject_Cast::dateTime(); # current time
$id = $profile->insert();
if (!$id) {
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 19:44:28 +00:00
return false;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
$remote->id = $id;
}
if ($exists) {
if (!$remote->update($orig_remote)) {
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 19:44:28 +00:00
return false;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
} else {
$remote->created = DB_DataObject_Cast::dateTime(); # current time
if (!$remote->insert()) {
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 19:44:28 +00:00
return false;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
}
if ($avatar_url) {
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
if (!$this->addAvatar($profile, $avatar_url)) {
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 19:44:28 +00:00
return false;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
}
$user = common_current_user();
$sub = new Subscription();
$sub->subscriber = $user->id;
$sub->subscribed = $remote->id;
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$sub->token = $params['oauth_token']; # NOTE: request token, not valid for use!
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
$sub->created = DB_DataObject_Cast::dateTime(); # current time
if (!$sub->insert()) {
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 19:44:28 +00:00
return false;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 19:44:28 +00:00
return true;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
function addAvatar($profile, $url)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
$temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar');
copy($url, $temp_filename);
Fixed remote subscribe avatar problems Had some Avatar file-copying issues; seem to be fixed.
2009-02-09 23:13:11 +00:00
$imagefile = new ImageFile($profile->id, $temp_filename);
$filename = Avatar::filename($profile->id,
image_type_to_extension($imagefile->type),
null,
common_timestamp());
rename($temp_filename, Avatar::path($filename));
return $profile->setOriginal($filename);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
function showAcceptMessage($tok)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
common_show_header(_('Subscription authorized'));
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('p', null,
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
_('The subscription has been authorized, but no '.
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
'callback URL was passed. Check with the site\'s instructions for '.
'details on how to authorize the subscription. Your subscription token is:'));
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('blockquote', 'token', $tok);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
common_show_footer();
}
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
function showRejectMessage($tok)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
common_show_header(_('Subscription rejected'));
Convert all actions to use new UI functions I did a massive search-and-replace to get all the action subclasses to use the new output function (common_element() -> $this->element(), etc.) There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
$this->element('p', null,
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
_('The subscription has been rejected, but no '.
Update userauthorization, strip out a lot of debug stuff
2009-01-23 00:35:05 +00:00
'callback URL was passed. Check with the site\'s instructions for '.
'details on how to fully reject the subscription.'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
common_show_footer();
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
function storeParams($params)
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
common_ensure_session();
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$_SESSION['userauthorizationparams'] = $params;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
function clearParams()
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
common_ensure_session();
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
unset($_SESSION['userauthorizationparams']);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
function getStoredParams()
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
common_ensure_session();
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$params = $_SESSION['userauthorizationparams'];
return $params;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
}
# Throws an OAuthException if anything goes wrong
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
function validateRequest()
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
{
Remove second OAuth request validation.
2009-03-07 12:04:36 +00:00
/* Find token.
TODO: If no token is passed the user should get a prompt to enter it
according to OAuth Core 1.0 */
Fixes #827: Laconica expects full OAuth message for user auth request. When a user subscribes to a remote profile, he is redirected to his own service to confirm the request. This authorization request is specified in http://oauth.net/core/1.0#auth_step2. According to the standard, it does not have to pass consumer_key, nonce, timestamp or signature. The only specified parameters are oauth_token and oauth_callback, both optional.
2009-03-07 11:38:47 +00:00
$t = new Token();
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$t->tok = $_GET['oauth_token'];
Fixes #827: Laconica expects full OAuth message for user auth request. When a user subscribes to a remote profile, he is redirected to his own service to confirm the request. This authorization request is specified in http://oauth.net/core/1.0#auth_step2. According to the standard, it does not have to pass consumer_key, nonce, timestamp or signature. The only specified parameters are oauth_token and oauth_callback, both optional.
2009-03-07 11:38:47 +00:00
$t->type = 0;
if (!$t->find(true)) {
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
throw new OAuthException("Invalid request token: " . $_GET['oauth_token']);
Fixes #827: Laconica expects full OAuth message for user auth request. When a user subscribes to a remote profile, he is redirected to his own service to confirm the request. This authorization request is specified in http://oauth.net/core/1.0#auth_step2. According to the standard, it does not have to pass consumer_key, nonce, timestamp or signature. The only specified parameters are oauth_token and oauth_callback, both optional.
2009-03-07 11:38:47 +00:00
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$this->validateOmb();
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
return true;
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
function validateOmb()
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 19:33:23 +00:00
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
foreach (array('omb_version', 'omb_listener', 'omb_listenee',
'omb_listenee_profile', 'omb_listenee_nickname',
'omb_listenee_license') as $param)
{
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
if (!isset($_GET[$param]) || is_null($_GET[$param])) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
throw new OAuthException("Required parameter '$param' not found");
}
}
# Now, OMB stuff
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$version = $_GET['omb_version'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
if ($version != OMB_VERSION_01) {
throw new OAuthException("OpenMicroBlogging version '$version' not supported");
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$listener = $_GET['omb_listener'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
$user = User::staticGet('uri', $listener);
if (!$user) {
throw new OAuthException("Listener URI '$listener' not found here");
}
$cur = common_current_user();
if ($cur->id != $user->id) {
throw new OAuthException("Can't add for another user!");
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$listenee = $_GET['omb_listenee'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
if (!Validate::uri($listenee) &&
!common_valid_tag($listenee)) {
throw new OAuthException("Listenee URI '$listenee' not a recognizable URI");
}
if (strlen($listenee) > 255) {
throw new OAuthException("Listenee URI '$listenee' too long");
}
$other = User::staticGet('uri', $listenee);
if ($other) {
throw new OAuthException("Listenee URI '$listenee' is local user");
}
$remote = Remote_profile::staticGet('uri', $listenee);
if ($remote) {
$sub = new Subscription();
$sub->subscriber = $user->id;
$sub->subscribed = $remote->id;
TRUE More PEAR coding standards global changes. Here, I've changed all instances of TRUE to true and FALSE to false. darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 19:44:28 +00:00
if ($sub->find(true)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
throw new OAuthException("Already subscribed to user!");
}
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$nickname = $_GET['omb_listenee_nickname'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
if (!Validate::string($nickname, array('min_length' => 1,
'max_length' => 64,
'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
throw new OAuthException('Nickname must have only letters and numbers and no spaces.');
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$profile = $_GET['omb_listenee_profile'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
if (!common_valid_http_url($profile)) {
throw new OAuthException("Invalid profile URL '$profile'.");
}
if ($profile == common_local_url('showstream', array('nickname' => $nickname))) {
throw new OAuthException("Profile URL '$profile' is for a local user.");
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$license = $_GET['omb_listenee_license'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
if (!common_valid_http_url($license)) {
throw new OAuthException("Invalid license URL '$license'.");
}
$site_license = common_config('license', 'url');
if (!common_compatible_license($license, $site_license)) {
throw new OAuthException("Listenee stream license '$license' not compatible with site license '$site_license'.");
}
# optional stuff
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$fullname = $_GET['omb_listenee_fullname'];
trac #1155 ++ replace strlen with mb_strlen for all utf8 strings.
2009-02-07 19:33:18 +00:00
if ($fullname && mb_strlen($fullname) > 255) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
throw new OAuthException("Full name '$fullname' too long.");
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$homepage = $_GET['omb_listenee_homepage'];
trac #1155 ++ replace strlen with mb_strlen for all utf8 strings.
2009-02-07 19:33:18 +00:00
if ($homepage && (!common_valid_http_url($homepage) || mb_strlen($homepage) > 255)) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
throw new OAuthException("Invalid homepage '$homepage'");
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$bio = $_GET['omb_listenee_bio'];
trac #1155 ++ replace strlen with mb_strlen for all utf8 strings.
2009-02-07 19:33:18 +00:00
if ($bio && mb_strlen($bio) > 140) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
throw new OAuthException("Bio too long '$bio'");
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$location = $_GET['omb_listenee_location'];
trac #1155 ++ replace strlen with mb_strlen for all utf8 strings.
2009-02-07 19:33:18 +00:00
if ($location && mb_strlen($location) > 255) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
throw new OAuthException("Location too long '$location'");
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$avatar = $_GET['omb_listenee_avatar'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
if ($avatar) {
if (!common_valid_http_url($avatar) || strlen($avatar) > 255) {
throw new OAuthException("Invalid avatar URL '$avatar'");
}
$size = @getimagesize($avatar);
if (!$size) {
throw new OAuthException("Can't read avatar URL '$avatar'");
}
if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) {
throw new OAuthException("Wrong size image at '$avatar'");
}
if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG,
IMAGETYPE_PNG))) {
throw new OAuthException("Wrong image type for '$avatar'");
}
}
Remove OAuthRequest as storage from userauthorization. Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-08 08:28:34 +00:00
$callback = $_GET['oauth_callback'];
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 19:19:07 +00:00
if ($callback && !common_valid_http_url($callback)) {
throw new OAuthException("Invalid callback URL '$callback'");
}
if ($callback && $callback == common_local_url('finishremotesubscribe')) {
throw new OAuthException("Callback URL '$callback' is for local site.");
}
}
oauth discovery and all new actions Updated the spec to include OAuth discovery. Added new actions for all the OMB URLs. darcs-hash:20080526112700-84dde-b1800fb4a5ab830be065e736d2a74b742b7eb0f6.gz
2008-05-26 12:27:00 +01:00
}