GNUsocial/gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity
Files
520faaf67d7bd7bb0a87322d3f2e244c22d0c994
gnu-social/plugins/OpenID/openid.php

294 lines
8.4 KiB
PHP
Raw Normal View History

beginnings of OpenID login darcs-hash:20080617144942-84dde-a2a1040a42254903a64cff0aae3c1912ed951473.gz
2008-06-17 10:49:42 -04:00
<?php
/*
a distributed -> the distributed
2009-08-25 18:14:12 -04:00
* StatusNet - the distributed open-source microblogging tool
change Laconica and Control Yourself to StatusNet in PHP files
2009-08-25 18:12:20 -04:00
* Copyright (C) 2008, 2009, StatusNet, Inc.
beginnings of OpenID login darcs-hash:20080617144942-84dde-a2a1040a42254903a64cff0aae3c1912ed951473.gz
2008-06-17 10:49:42 -04:00
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
define LACONICA and accept LACONICA for backwards compatibility
2009-08-26 10:41:36 -04:00
if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
beginnings of OpenID login darcs-hash:20080617144942-84dde-a2a1040a42254903a64cff0aae3c1912ed951473.gz
2008-06-17 10:49:42 -04:00
fix require paths for OpenID plugin files
2009-08-04 07:45:16 -04:00
require_once(INSTALLDIR.'/plugins/OpenID/User_openid.php');
require the openid relational class darcs-hash:20080618054847-84dde-2057020f22c3179fb93d5a3a7377e4f04bb74c83.gz
2008-06-18 01:48:47 -04:00
add OpenID and SReg libraries darcs-hash:20080617151249-84dde-49ae79fe369b0a6917fa9d0f2abd907bb13ba389.gz
2008-06-17 11:12:49 -04:00
require_once('Auth/OpenID.php');
beginnings of OpenID login darcs-hash:20080617144942-84dde-a2a1040a42254903a64cff0aae3c1912ed951473.gz
2008-06-17 10:49:42 -04:00
require_once('Auth/OpenID/Consumer.php');
Moved the public XRDS from the OpenID plugin to core Added 4 new events involved in XRDS: StartUserXRDS, EndUserXRDS, StartPublicXRDS, EndPublicXRDS Added OpenID provider functionality (no delegation support [yet])
2009-10-29 16:01:25 -04:00
require_once('Auth/OpenID/Server.php');
add OpenID and SReg libraries darcs-hash:20080617151249-84dde-49ae79fe369b0a6917fa9d0f2abd907bb13ba389.gz
2008-06-17 11:12:49 -04:00
require_once('Auth/OpenID/SReg.php');
beginnings of OpenID login darcs-hash:20080617144942-84dde-a2a1040a42254903a64cff0aae3c1912ed951473.gz
2008-06-17 10:49:42 -04:00
require_once('Auth/OpenID/MySQLStore.php');
immediate mode for openid darcs-hash:20080619134710-84dde-6086a4ac7bbd72a251fe5ce6fe3156e3270ebd74.gz
2008-06-19 09:47:10 -04:00
# About one year cookie expiry
define('OPENID_COOKIE_EXPIRY', round(365.25 * 24 * 60 * 60));
define('OPENID_COOKIE_KEY', 'lastusedopenid');
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function oid_store()
{
replace NULL with null Another global search-and-replace update. Here, I've replaced the PHP keyword 'NULL' with its lowercase version. This is another PEAR code standards change. darcs-hash:20081223192129-84dde-4a0182e0ec16a01ad88745ad3e08f7cb501aee0b.gz
2008-12-23 14:21:29 -05:00
static $store = null;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
if (!$store) {
Revert "* [Cc]an't -> [Cc]annot" This reverts commit 0ab17f382b9993ada3d12d4cdace72cca53fb545.
2009-11-08 23:28:51 +01:00
# Can't be called statically
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$user = new User();
$conn = $user->getDatabaseConnection();
$store = new Auth_OpenID_MySQLStore($conn);
}
return $store;
beginnings of OpenID login darcs-hash:20080617144942-84dde-a2a1040a42254903a64cff0aae3c1912ed951473.gz
2008-06-17 10:49:42 -04:00
}
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function oid_consumer()
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$store = oid_store();
$consumer = new Auth_OpenID_Consumer($store);
return $consumer;
consolidate linking a user to an OpenID darcs-hash:20080618114310-84dde-15b224bb16d434150af457bc3b08de58e3833abd.gz
2008-06-18 07:43:10 -04:00
}
Moved the public XRDS from the OpenID plugin to core Added 4 new events involved in XRDS: StartUserXRDS, EndUserXRDS, StartPublicXRDS, EndPublicXRDS Added OpenID provider functionality (no delegation support [yet])
2009-10-29 16:01:25 -04:00
function oid_server()
{
$store = oid_store();
$server = new Auth_OpenID_Server($store, common_local_url('openidserver'));
return $server;
}
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function oid_clear_last()
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
oid_set_last('');
immediate mode for openid darcs-hash:20080619134710-84dde-6086a4ac7bbd72a251fe5ce6fe3156e3270ebd74.gz
2008-06-19 09:47:10 -04:00
}
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function oid_set_last($openid_url)
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
common_set_cookie(OPENID_COOKIE_KEY,
$openid_url,
time() + OPENID_COOKIE_EXPIRY);
immediate mode for openid darcs-hash:20080619134710-84dde-6086a4ac7bbd72a251fe5ce6fe3156e3270ebd74.gz
2008-06-19 09:47:10 -04:00
}
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function oid_get_last()
{
Attempt to access non-existent OPENID_COOKIE_KEY cookie causing a warning
2009-02-17 23:09:57 -05:00
if (empty($_COOKIE[OPENID_COOKIE_KEY])) {
return null;
}
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$openid_url = $_COOKIE[OPENID_COOKIE_KEY];
if ($openid_url && strlen($openid_url) > 0) {
return $openid_url;
} else {
replace NULL with null Another global search-and-replace update. Here, I've replaced the PHP keyword 'NULL' with its lowercase version. This is another PEAR code standards change. darcs-hash:20081223192129-84dde-4a0182e0ec16a01ad88745ad3e08f7cb501aee0b.gz
2008-12-23 14:21:29 -05:00
return null;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
immediate mode for openid darcs-hash:20080619134710-84dde-6086a4ac7bbd72a251fe5ce6fe3156e3270ebd74.gz
2008-06-19 09:47:10 -04:00
}
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function oid_link_user($id, $canonical, $display)
{
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$oid = new User_openid();
$oid->user_id = $id;
$oid->canonical = $canonical;
$oid->display = $display;
$oid->created = DB_DataObject_Cast::dateTime();
add more debugging darcs-hash:20080618201123-84dde-3c6a131fafc0ba8922293c608173a6d7407ce8d0.gz
2008-06-18 16:11:23 -04:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
if (!$oid->insert()) {
$err = PEAR::getStaticProperty('DB_DataObject','lastError');
common_debug('DB error ' . $err->code . ': ' . $err->message, __FILE__);
return false;
}
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
return true;
consolidate linking a user to an OpenID darcs-hash:20080618114310-84dde-15b224bb16d434150af457bc3b08de58e3833abd.gz
2008-06-18 07:43:10 -04:00
}
move openid authentication to a common function darcs-hash:20080618133251-84dde-40c6326cb27ac20e52ef456a3f05e111c6fae97c.gz
2008-06-18 09:32:51 -04:00
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function oid_get_user($openid_url)
{
replace NULL with null Another global search-and-replace update. Here, I've replaced the PHP keyword 'NULL' with its lowercase version. This is another PEAR code standards change. darcs-hash:20081223192129-84dde-4a0182e0ec16a01ad88745ad3e08f7cb501aee0b.gz
2008-12-23 14:21:29 -05:00
$user = null;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$oid = User_openid::staticGet('canonical', $openid_url);
if ($oid) {
$user = User::staticGet('id', $oid->user_id);
}
return $user;
immediate mode for openid darcs-hash:20080619134710-84dde-6086a4ac7bbd72a251fe5ce6fe3156e3270ebd74.gz
2008-06-19 09:47:10 -04:00
}
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function oid_check_immediate($openid_url, $backto=null)
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
if (!$backto) {
$action = $_REQUEST['action'];
$args = common_copy_args($_GET);
unset($args['action']);
$backto = common_local_url($action, $args);
}
common_debug('going back to "' . $backto . '"', __FILE__);
common_ensure_session();
$_SESSION['openid_immediate_backto'] = $backto;
common_debug('passed-in variable is "' . $backto . '"', __FILE__);
common_debug('session variable is "' . $_SESSION['openid_immediate_backto'] . '"', __FILE__);
oid_authenticate($openid_url,
'finishimmediate',
true);
immediate mode for openid darcs-hash:20080619134710-84dde-6086a4ac7bbd72a251fe5ce6fe3156e3270ebd74.gz
2008-06-19 09:47:10 -04:00
}
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function oid_authenticate($openid_url, $returnto, $immediate=false)
{
immediate mode for openid darcs-hash:20080619134710-84dde-6086a4ac7bbd72a251fe5ce6fe3156e3270ebd74.gz
2008-06-19 09:47:10 -04:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$consumer = oid_consumer();
if (!$consumer) {
New _m() gettext wrapper with smart detection of plugin domains. Plugin base class registers your gettext files if present at initialization. update_pot.sh replaced with update_po_templates.php which can do core, plugins, or all (default). Top-level Makefile added to build .mo files for plugins as well as core. As described on list: http://lists.status.net/pipermail/statusnet-dev/2009-December/002869.html
2009-12-08 12:17:11 -08:00
common_server_error(_m('Cannot instantiate OpenID consumer object.'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
return false;
}
common_ensure_session();
$auth_request = $consumer->begin($openid_url);
// Handle failure status return values.
if (!$auth_request) {
New _m() gettext wrapper with smart detection of plugin domains. Plugin base class registers your gettext files if present at initialization. update_pot.sh replaced with update_po_templates.php which can do core, plugins, or all (default). Top-level Makefile added to build .mo files for plugins as well as core. As described on list: http://lists.status.net/pipermail/statusnet-dev/2009-December/002869.html
2009-12-08 12:17:11 -08:00
return _m('Not a valid OpenID.');
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
} else if (Auth_OpenID::isFailure($auth_request)) {
New _m() gettext wrapper with smart detection of plugin domains. Plugin base class registers your gettext files if present at initialization. update_pot.sh replaced with update_po_templates.php which can do core, plugins, or all (default). Top-level Makefile added to build .mo files for plugins as well as core. As described on list: http://lists.status.net/pipermail/statusnet-dev/2009-December/002869.html
2009-12-08 12:17:11 -08:00
return sprintf(_m('OpenID failure: %s'), $auth_request->message);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
$sreg_request = Auth_OpenID_SRegRequest::build(// Required
array(),
// Optional
array('nickname',
'email',
'fullname',
'language',
'timezone',
'postcode',
'country'));
if ($sreg_request) {
$auth_request->addExtension($sreg_request);
}
give the correct root url when SSL enabled
2009-03-31 10:09:11 -04:00
$trust_root = common_root_url(true);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$process_url = common_local_url($returnto);
if ($auth_request->shouldSendRedirect()) {
$redirect_url = $auth_request->redirectURL($trust_root,
$process_url,
$immediate);
if (!$redirect_url) {
} else if (Auth_OpenID::isFailure($redirect_url)) {
New _m() gettext wrapper with smart detection of plugin domains. Plugin base class registers your gettext files if present at initialization. update_pot.sh replaced with update_po_templates.php which can do core, plugins, or all (default). Top-level Makefile added to build .mo files for plugins as well as core. As described on list: http://lists.status.net/pipermail/statusnet-dev/2009-December/002869.html
2009-12-08 12:17:11 -08:00
return sprintf(_m('Could not redirect to server: %s'), $redirect_url->message);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
} else {
Try to do intelligent redirect codes After fixing the redirect code output, there are a lot of weirdnesses with e.g. form handling. Try to add explicit redirect codes where needed -- principly when handling a POST.
2009-04-01 15:30:59 -04:00
common_redirect($redirect_url, 303);
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
} else {
// Generate form markup and render it.
$form_id = 'openid_message';
$form_html = $auth_request->formMarkup($trust_root, $process_url,
$immediate, array('id' => $form_id));
Revert "Remove more contractions" This reverts commit 5ab709b73977131813884558bf56d97172a7aa26. Missed this one yesterday...
2009-11-09 20:01:46 +01:00
# XXX: This is cheap, but things choke if we don't escape ampersands
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
# in the HTML attributes
$form_html = preg_replace('/&/', '&amp;', $form_html);
Revert "* [Cc]an't -> [Cc]annot" This reverts commit 0ab17f382b9993ada3d12d4cdace72cca53fb545.
2009-11-08 23:28:51 +01:00
// Display an error if the form markup couldn't be generated;
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
// otherwise, render the HTML.
if (Auth_OpenID::isFailure($form_html)) {
New _m() gettext wrapper with smart detection of plugin domains. Plugin base class registers your gettext files if present at initialization. update_pot.sh replaced with update_po_templates.php which can do core, plugins, or all (default). Top-level Makefile added to build .mo files for plugins as well as core. As described on list: http://lists.status.net/pipermail/statusnet-dev/2009-December/002869.html
2009-12-08 12:17:11 -08:00
common_server_error(sprintf(_m('Could not create OpenID form: %s'), $form_html->message));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
} else {
Help OpenID module make its little form
2009-01-23 02:17:29 +01:00
$action = new AutosubmitAction(); // see below
$action->form_html = $form_html;
$action->form_id = $form_id;
$action->prepare(array('action' => 'autosubmit'));
$action->handle(array('action' => 'autosubmit'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
}
}
fixup syntax error in openid.php darcs-hash:20080618150557-84dde-61120bcf12e9ecfaafda079d1a943c75f99f5930.gz
2008-06-18 11:05:57 -04:00
}
move update_user function to openid.php darcs-hash:20080619135148-84dde-6caaa7f97d2405bc318bfa818c4ac9cbc31cab33.gz
2008-06-19 09:51:48 -04:00
put instructions into header div darcs-hash:20080619190357-84dde-f7e6e0741c5fc9c1bf99b4273ff1c0160056cf39.gz
2008-06-19 15:03:57 -04:00
# Half-assed attempt at a module-private function
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function _oid_print_instructions()
{
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
common_element('div', 'instructions',
New _m() gettext wrapper with smart detection of plugin domains. Plugin base class registers your gettext files if present at initialization. update_pot.sh replaced with update_po_templates.php which can do core, plugins, or all (default). Top-level Makefile added to build .mo files for plugins as well as core. As described on list: http://lists.status.net/pipermail/statusnet-dev/2009-December/002869.html
2009-12-08 12:17:11 -08:00
_m('This form should automatically submit itself. '.
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
'If not, click the submit button to go to your '.
'OpenID provider.'));
put instructions into header div darcs-hash:20080619190357-84dde-f7e6e0741c5fc9c1bf99b4273ff1c0160056cf39.gz
2008-06-19 15:03:57 -04:00
}
move update_user function to openid.php darcs-hash:20080619135148-84dde-6caaa7f97d2405bc318bfa818c4ac9cbc31cab33.gz
2008-06-19 09:51:48 -04:00
# update a user from sreg parameters
change function headers to K&R style Another huge change, for PEAR code standards compliance. Function headers have to be in K&R style (opening brace on its own line), instead of having the opening brace on the same line as the function and parameters. So, a little perl magic found all the function definitions and move the opening brace to the next line (properly indented... usually). darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
function oid_update_user(&$user, &$sreg)
{
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$profile = $user->getProfile();
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$orig_profile = clone($profile);
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
OpenID fixes: - avoid notice spew when checking sreg items that weren't provided - fix keys spec for user_openid, clears up problems with removing openid associations - fix keys spec for user_openid_trustroot
2010-03-12 10:07:32 -08:00
if (!empty($sreg['fullname']) && strlen($sreg['fullname']) <= 255) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$profile->fullname = $sreg['fullname'];
}
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
OpenID fixes: - avoid notice spew when checking sreg items that weren't provided - fix keys spec for user_openid, clears up problems with removing openid associations - fix keys spec for user_openid_trustroot
2010-03-12 10:07:32 -08:00
if (!empty($sreg['country'])) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
if ($sreg['postcode']) {
# XXX: use postcode to get city and region
# XXX: also, store postcode somewhere -- it's valuable!
$profile->location = $sreg['postcode'] . ', ' . $sreg['country'];
} else {
$profile->location = $sreg['country'];
}
}
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
# XXX save language if it's passed
# XXX save timezone if it's passed
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
if (!$profile->update($orig_profile)) {
New _m() gettext wrapper with smart detection of plugin domains. Plugin base class registers your gettext files if present at initialization. update_pot.sh replaced with update_po_templates.php which can do core, plugins, or all (default). Top-level Makefile added to build .mo files for plugins as well as core. As described on list: http://lists.status.net/pipermail/statusnet-dev/2009-December/002869.html
2009-12-08 12:17:11 -08:00
common_server_error(_m('Error saving the profile.'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
return false;
}
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$orig_user = clone($user);
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
OpenID fixes: - avoid notice spew when checking sreg items that weren't provided - fix keys spec for user_openid, clears up problems with removing openid associations - fix keys spec for user_openid_trustroot
2010-03-12 10:07:32 -08:00
if (!empty($sreg['email']) && Validate::email($sreg['email'], common_config('email', 'check_domain'))) {
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
$user->email = $sreg['email'];
}
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
if (!$user->update($orig_user)) {
New _m() gettext wrapper with smart detection of plugin domains. Plugin base class registers your gettext files if present at initialization. update_pot.sh replaced with update_po_templates.php which can do core, plugins, or all (default). Top-level Makefile added to build .mo files for plugins as well as core. As described on list: http://lists.status.net/pipermail/statusnet-dev/2009-December/002869.html
2009-12-08 12:17:11 -08:00
common_server_error(_m('Error saving the user.'));
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
return false;
}
implement rememberme functionality Added a checkbox on login or register to remember the current user. If the login is successful, this sets a cookie with a random code (saved in the DB). If they come back, and they aren't logged in "normally", we check to see if they have a rememberme cookie. If so, we log them in. However, they can't change settings -- cookie theft is too prevalent. So we mark a session as having a "real" (password or OpenID) login, or not. In settings pages, we check to see if the login is "real", and if not, we redirect to the login page. darcs-hash:20080624025234-34904-ad20001bf35bf41fcb63a0c357fd929aacc55fdb.gz
2008-06-23 22:52:34 -04:00
replace all tabs with four spaces The PEAR coding standards decree: no tabs, but indent by four spaces. I've done a global search-and-replace on all tabs, replacing them by four spaces. This is a huge change, but it will go a long way to getting us towards phpcs-compliance. And that means better code readability, and that means more participation. darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
return true;
move update_user function to openid.php darcs-hash:20080619135148-84dde-6caaa7f97d2405bc318bfa818c4ac9cbc31cab33.gz
2008-06-19 09:51:48 -04:00
}
Help OpenID module make its little form
2009-01-23 02:17:29 +01:00
class AutosubmitAction extends Action
{
var $form_html = null;
var $form_id = null;
function handle($args)
{
parent::handle($args);
$this->showPage();
}
function title()
{
New _m() gettext wrapper with smart detection of plugin domains. Plugin base class registers your gettext files if present at initialization. update_pot.sh replaced with update_po_templates.php which can do core, plugins, or all (default). Top-level Makefile added to build .mo files for plugins as well as core. As described on list: http://lists.status.net/pipermail/statusnet-dev/2009-December/002869.html
2009-12-08 12:17:11 -08:00
return _m('OpenID Auto-Submit');
Help OpenID module make its little form
2009-01-23 02:17:29 +01:00
}
function showContent()
{
$this->raw($this->form_html);
Fix regression in OpenID autosubmit page. Since core JS loads were moved to the bottom, the JavaScript was being run before jQuery was loaded, so the onload event never got set. Moved it down to the scripts section.
2009-11-13 15:34:15 -08:00
}
function showScripts()
{
parent::showScripts();
Help OpenID module make its little form
2009-01-23 02:17:29 +01:00
$this->element('script', null,
'$(document).ready(function() { ' .
' $(\'#'. $this->form_id .'\').submit(); '.
'});');
}
}
Copy Permalink