From 721d6f94c72816e802b813c132d39fc7ef08c680 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Wed, 2 Jul 2008 09:15:07 -0400 Subject: [PATCH] method darcs-hash:20080702131507-84dde-507a6380fcab66c1fbcbaad6d1399c8a2f210acf.gz --- actions/finishopenidlogin.php | 94 +++++++++++++++++------------------ actions/imsettings.php | 2 +- actions/login.php | 2 +- actions/openidlogin.php | 2 +- actions/openidsettings.php | 2 +- actions/password.php | 2 +- actions/profilesettings.php | 2 +- actions/recoverpassword.php | 4 +- actions/register.php | 2 +- actions/remotesubscribe.php | 2 +- actions/showstream.php | 4 +- actions/userauthorization.php | 90 ++++++++++++++++----------------- lib/util.php | 12 +++-- 13 files changed, 111 insertions(+), 109 deletions(-) diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php index 09102e8442..3b3a61c107 100644 --- a/actions/finishopenidlogin.php +++ b/actions/finishopenidlogin.php @@ -58,14 +58,14 @@ class FinishopenidloginAction extends Action { _t(' so we must connect your OpenID to a local account. ' . ' You can either create a new account, or connect with ' . ' your existing account, if you have one.')); - } + } } - + function show_form($error=NULL, $username=NULL) { common_show_header(_t('OpenID Account Setup'), NULL, $error, array($this, 'show_top')); - common_element_start('form', array('method' => 'POST', + common_element_start('form', array('method' => 'post', 'id' => 'account_connect', 'action' => common_local_url('finishopenidlogin'))); common_element('h2', NULL, @@ -99,7 +99,7 @@ class FinishopenidloginAction extends Action { } function try_login() { - + $consumer = oid_consumer(); $response = $consumer->complete(common_local_url('finishopenidlogin')); @@ -125,7 +125,7 @@ class FinishopenidloginAction extends Action { } $user = oid_get_user($canonical); - + if ($user) { oid_set_last($display); oid_update_user($user, $sreg); @@ -144,12 +144,12 @@ class FinishopenidloginAction extends Action { common_element('p', NULL, $msg); common_show_footer(); } - + function save_values($display, $canonical, $sreg) { common_ensure_session(); $_SESSION['openid_display'] = $display; - $_SESSION['openid_canonical'] = $canonical; - $_SESSION['openid_sreg'] = $sreg; + $_SESSION['openid_canonical'] = $canonical; + $_SESSION['openid_sreg'] = $sreg; } function get_saved_values() { @@ -157,11 +157,11 @@ class FinishopenidloginAction extends Action { $_SESSION['openid_canonical'], $_SESSION['openid_sreg']); } - + function create_new_user() { - + $nickname = $this->trimmed('newname'); - + if (!Validate::string($nickname, array('min_length' => 1, 'max_length' => 64, 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { @@ -173,36 +173,36 @@ class FinishopenidloginAction extends Action { $this->show_form(_t('Nickname not allowed.')); return; } - + if (User::staticGet('nickname', $nickname)) { $this->show_form(_t('Nickname already in use. Try another one.')); return; } - + list($display, $canonical, $sreg) = $this->get_saved_values(); - + if (!$display || !$canonical) { common_server_error(_t('Stored OpenID not found.')); return; } - + # Possible race condition... let's be paranoid - + $other = oid_get_user($canonical); - + if ($other) { common_server_error(_t('Creating new account for OpenID that already has a user.')); return; } - + $profile = new Profile(); - + $profile->nickname = $nickname; - + if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { $profile->fullname = $sreg['fullname']; } - + if ($sreg['country']) { if ($sreg['postcode']) { # XXX: use postcode to get city and region @@ -215,51 +215,51 @@ class FinishopenidloginAction extends Action { # XXX save language if it's passed # XXX save timezone if it's passed - + $profile->profileurl = common_profile_url($nickname); - + $profile->created = DB_DataObject_Cast::dateTime(); # current time - + $id = $profile->insert(); if (!$id) { common_server_error(_t('Error saving the profile.')); return; } - + $user = new User(); $user->id = $id; $user->nickname = $nickname; $user->uri = common_user_uri($user); - + if ($sreg['email'] && Validate::email($sreg['email'], true)) { $user->email = $sreg['email']; } - + $user->created = DB_DataObject_Cast::dateTime(); # current time - + $result = $user->insert(); - + if (!$result) { # Try to clean up... $profile->delete(); } $result = oid_link_user($user->id, $canonical, $display); - + if (!$result) { # Try to clean up... $user->delete(); $profile->delete(); } - + oid_set_last($display); common_set_user($user->nickname); common_real_login(true); common_redirect(common_local_url('showstream', array('nickname' => $user->nickname))); } - + function connect_user() { - + $nickname = $this->trimmed('nickname'); $password = $this->trimmed('password'); @@ -269,7 +269,7 @@ class FinishopenidloginAction extends Action { } # They're legit! - + $user = User::staticGet('nickname', $nickname); list($display, $canonical, $sreg) = $this->get_saved_values(); @@ -278,21 +278,21 @@ class FinishopenidloginAction extends Action { common_server_error(_t('Stored OpenID not found.')); return; } - + $result = oid_link_user($user->id, $canonical, $display); - + if (!$result) { common_server_error(_t('Error connecting user to OpenID.')); return; } - + oid_update_user($user, $sreg); oid_set_last($display); common_set_user($user->nickname); common_real_login(true); $this->go_home($user->nickname); } - + function go_home($nickname) { $url = common_get_returnto(); if ($url) { @@ -305,9 +305,9 @@ class FinishopenidloginAction extends Action { } common_redirect($url); } - + function best_new_nickname($display, $sreg) { - + # Try the passed-in nickname @@ -326,11 +326,11 @@ class FinishopenidloginAction extends Action { return $fullname; } } - + # Try the URL - + $from_url = $this->openid_to_nickname($display); - + if ($from_url && $this->is_new_nickname($from_url)) { return $from_url; } @@ -345,7 +345,7 @@ class FinishopenidloginAction extends Action { 'max_length' => 64, 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { return false; - } + } if (!User::allowed_nickname($str)) { return false; } @@ -354,7 +354,7 @@ class FinishopenidloginAction extends Action { } return true; } - + function openid_to_nickname($openid) { if (Auth_Yadis_identifierScheme($openid) == 'XRI') { return $this->xri_to_nickname($openid); @@ -426,7 +426,7 @@ class FinishopenidloginAction extends Action { return $this->nicknamize(array_pop($parts)); } } - + function xri_base($xri) { if (substr($xri, 0, 6) == 'xri://') { return substr($xri, 6); @@ -436,7 +436,7 @@ class FinishopenidloginAction extends Action { } # Given a string, try to make it work as a nickname - + function nicknamize($str) { $str = preg_replace('/\W/', '', $str); return strtolower($str); diff --git a/actions/imsettings.php b/actions/imsettings.php index a9d0e18218..4ad63e1ccf 100644 --- a/actions/imsettings.php +++ b/actions/imsettings.php @@ -33,7 +33,7 @@ class ImsettingsAction extends SettingsAction { function show_form($msg=NULL, $success=false) { $user = common_current_user(); $this->form_header(_t('IM Settings'), $msg, $success); - common_element_start('form', array('method' => 'POST', + common_element_start('form', array('method' => 'post', 'id' => 'imsettings', 'action' => common_local_url('imsettings'))); diff --git a/actions/login.php b/actions/login.php index 1c4df74585..2f37ef8434 100644 --- a/actions/login.php +++ b/actions/login.php @@ -65,7 +65,7 @@ class LoginAction extends Action { function show_form($error=NULL) { common_show_header(_t('Login'), NULL, $error, array($this, 'show_top')); - common_element_start('form', array('method' => 'POST', + common_element_start('form', array('method' => 'post', 'id' => 'login', 'action' => common_local_url('login'))); common_input('nickname', _t('Nickname')); diff --git a/actions/openidlogin.php b/actions/openidlogin.php index 5ec17ec465..f9743ecde4 100644 --- a/actions/openidlogin.php +++ b/actions/openidlogin.php @@ -59,7 +59,7 @@ class OpenidloginAction extends Action { function show_form($error=NULL, $openid_url) { common_show_header(_t('OpenID Login'), NULL, $error, array($this, 'show_top')); $formaction = common_local_url('openidlogin'); - common_element_start('form', array('method' => 'POST', + common_element_start('form', array('method' => 'post', 'id' => 'openidlogin', 'action' => $formaction)); common_input('openid_url', _t('OpenID URL'), diff --git a/actions/openidsettings.php b/actions/openidsettings.php index c7cceebf90..6cdb198172 100644 --- a/actions/openidsettings.php +++ b/actions/openidsettings.php @@ -36,7 +36,7 @@ class OpenidsettingsAction extends SettingsAction { $this->form_header(_t('OpenID settings'), $msg, $success); - common_element_start('form', array('method' => 'POST', + common_element_start('form', array('method' => 'post', 'id' => 'openidadd', 'action' => common_local_url('openidsettings'))); diff --git a/actions/password.php b/actions/password.php index 628bfb5c03..9573f4940f 100644 --- a/actions/password.php +++ b/actions/password.php @@ -29,7 +29,7 @@ class PasswordAction extends SettingsAction { function show_form($msg=NULL, $success=false) { $this->form_header(_t('Change password'), $msg, $success); - common_element_start('form', array('method' => 'POST', + common_element_start('form', array('method' => 'post', 'id' => 'password', 'action' => common_local_url('password'))); diff --git a/actions/profilesettings.php b/actions/profilesettings.php index 49e2487487..ad4bb968ff 100644 --- a/actions/profilesettings.php +++ b/actions/profilesettings.php @@ -33,7 +33,7 @@ class ProfilesettingsAction extends SettingsAction { $profile = $user->getProfile(); $this->form_header(_t('Profile settings'), $msg, $success); - common_element_start('form', array('method' => 'POST', + common_element_start('form', array('method' => 'post', 'id' => 'profilesettings', 'action' => common_local_url('profilesettings'))); diff --git a/actions/recoverpassword.php b/actions/recoverpassword.php index 56f6ba9df9..06a7f62c8a 100644 --- a/actions/recoverpassword.php +++ b/actions/recoverpassword.php @@ -141,7 +141,7 @@ class RecoverpasswordAction extends Action { common_show_header(_t('Recover password'), NULL, $msg, array($this, 'show_top')); - common_element_start('form', array('method' => 'POST', + common_element_start('form', array('method' => 'post', 'id' => 'recoverpassword', 'action' => common_local_url('recoverpassword'))); common_input('nicknameoremail', _t('Nickname or email'), @@ -158,7 +158,7 @@ class RecoverpasswordAction extends Action { common_show_header(_t('Reset password'), NULL, $msg, array($this, 'show_password_top')); - common_element_start('form', array('method' => 'POST', + common_element_start('form', array('method' => 'post', 'id' => 'recoverpassword', 'action' => common_local_url('recoverpassword'))); common_password('newpassword', _t('New password'), diff --git a/actions/register.php b/actions/register.php index 4648f124f9..06ad858997 100644 --- a/actions/register.php +++ b/actions/register.php @@ -163,7 +163,7 @@ class RegisterAction extends Action { global $config; common_show_header(_t('Register'), NULL, $error, array($this, 'show_top')); - common_element_start('form', array('method' => 'POST', + common_element_start('form', array('method' => 'post', 'id' => 'login', 'action' => common_local_url('register'))); common_input('nickname', _t('Nickname'), NULL, diff --git a/actions/remotesubscribe.php b/actions/remotesubscribe.php index 18eb118abf..2bcf4e53b5 100644 --- a/actions/remotesubscribe.php +++ b/actions/remotesubscribe.php @@ -64,7 +64,7 @@ class RemotesubscribeAction extends Action { $profile = $this->trimmed('profile_url'); common_show_header(_t('Remote subscribe'), NULL, $err, array($this, 'show_top')); - common_element_start('form', array('id' => 'remotesubscribe', 'method' => 'POST', + common_element_start('form', array('id' => 'remotesubscribe', 'method' => 'post', 'action' => common_local_url('remotesubscribe'))); common_input('nickname', _t('User nickname'), $nickname, _t('Nickname of the user you want to follow')); diff --git a/actions/showstream.php b/actions/showstream.php index b18ec9b759..dcb78a4626 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -157,7 +157,7 @@ class ShowstreamAction extends StreamAction { } function show_subscribe_form($profile) { - common_element_start('form', array('id' => 'subscribe', 'method' => 'POST', + common_element_start('form', array('id' => 'subscribe', 'method' => 'post', 'action' => common_local_url('subscribe'))); common_element('input', array('id' => 'subscribeto', 'name' => 'subscribeto', @@ -178,7 +178,7 @@ class ShowstreamAction extends StreamAction { } function show_unsubscribe_form($profile) { - common_element_start('form', array('id' => 'unsubscribe', 'method' => 'POST', + common_element_start('form', array('id' => 'unsubscribe', 'method' => 'post', 'action' => common_local_url('unsubscribe'))); common_element('input', array('id' => 'unsubscribeto', 'name' => 'unsubscribeto', diff --git a/actions/userauthorization.php b/actions/userauthorization.php index 71ef3cde42..3139cec5bc 100644 --- a/actions/userauthorization.php +++ b/actions/userauthorization.php @@ -25,7 +25,7 @@ define('TIMESTAMP_THRESHOLD', 300); class UserauthorizationAction extends Action { function handle($args) { parent::handle($args); - + if ($_SERVER['REQUEST_METHOD'] == 'POST') { # We've shown the form, now post user's choice $this->send_authorization(); @@ -36,7 +36,7 @@ class UserauthorizationAction extends Action { $argsclone = $_GET; unset($argsclone['action']); common_set_returnto(common_local_url('userauthorization', $argsclone)); - common_debug('userauthorization.php - redirecting to login'); + common_debug('userauthorization.php - redirecting to login'); common_redirect(common_local_url('login')); return; } @@ -58,7 +58,7 @@ class UserauthorizationAction extends Action { common_server_error($e->getMessage()); return; } - + } } @@ -72,7 +72,7 @@ class UserauthorizationAction extends Action { $bio = $req->get_parameter('omb_listenee_bio'); $location = $req->get_parameter('omb_listenee_location'); $avatar = $req->get_parameter('omb_listenee_avatar'); - + common_show_header(_t('Authorize subscription')); common_element('p', NULL, _t('Please check these details to make sure '. 'that you want to subscribe to this user\'s notices. '. @@ -111,19 +111,19 @@ class UserauthorizationAction extends Action { $license); common_element_end('div'); common_element_end('div'); - common_element_start('form', array('method' => 'POST', + common_element_start('form', array('method' => 'post', 'id' => 'userauthorization', 'name' => 'userauthorization', 'action' => common_local_url('userauthorization'))); common_submit('accept', _t('Accept')); - common_submit('reject', _t('Reject')); + common_submit('reject', _t('Reject')); common_element_end('form'); common_show_footer(); } - + function send_authorization() { $req = $this->get_stored_request(); - + if (!$req) { common_user_error(_t('No authorization request!')); return; @@ -188,7 +188,7 @@ class UserauthorizationAction extends Action { $consumer_key = $req->get_parameter('oauth_consumer_key'); $token_field = $req->get_parameter('oauth_token'); common_debug('consumer key = "'.$consumer_key.'"', __FILE__); - common_debug('token field = "'.$token_field.'"', __FILE__); + common_debug('token field = "'.$token_field.'"', __FILE__); $rt = new Token(); $rt->consumer_key = $consumer_key; $rt->tok = $token_field; @@ -208,23 +208,23 @@ class UserauthorizationAction extends Action { } # XXX: refactor with similar code in finishremotesubscribe.php - + function save_remote_profile(&$req) { # FIXME: we should really do this when the consumer comes - # back for an access token. If they never do, we've got stuff in a + # back for an access token. If they never do, we've got stuff in a # weird state. - + $nickname = $req->get_parameter('omb_listenee_nickname'); $fullname = $req->get_parameter('omb_listenee_fullname'); - $profile_url = $req->get_parameter('omb_listenee_profile'); + $profile_url = $req->get_parameter('omb_listenee_profile'); $homepage = $req->get_parameter('omb_listenee_homepage'); $bio = $req->get_parameter('omb_listenee_bio'); $location = $req->get_parameter('omb_listenee_location'); $avatar_url = $req->get_parameter('omb_listenee_avatar'); - + $listenee = $req->get_parameter('omb_listenee'); $remote = Remote_profile::staticGet('uri', $listenee); - + if ($remote) { $exists = true; $profile = Profile::staticGet($remote->id); @@ -239,7 +239,7 @@ class UserauthorizationAction extends Action { $profile->nickname = $nickname; $profile->profileurl = $profile_url; - + if ($fullname) { $profile->fullname = $fullname; } @@ -252,7 +252,7 @@ class UserauthorizationAction extends Action { if ($location) { $profile->location = $location; } - + if ($exists) { $profile->update($orig_profile); } else { @@ -291,11 +291,11 @@ class UserauthorizationAction extends Action { $sub->subscribed = $remote->id; $sub->token = $token->key; # NOTE: request token, not valid for use! $sub->created = DB_DataObject_Cast::dateTime(); # current time - + if (!$sub->insert()) { return FALSE; } - + return TRUE; } @@ -304,10 +304,10 @@ class UserauthorizationAction extends Action { copy($url, $temp_filename); return $profile->setOriginal($temp_filename); } - + function show_accept_message($tok) { common_show_header(_t('Subscription authorized')); - common_element('p', NULL, + common_element('p', NULL, _t('The subscription has been authorized, but no '. 'callback URL was passed. Check with the site\'s instructions for '. 'details on how to authorize the subscription. Your subscription token is:')); @@ -317,25 +317,25 @@ class UserauthorizationAction extends Action { function show_reject_message($tok) { common_show_header(_t('Subscription rejected')); - common_element('p', NULL, + common_element('p', NULL, _t('The subscription has been rejected, but no '. 'callback URL was passed. Check with the site\'s instructions for '. 'details on how to fully reject the subscription.')); common_show_footer(); } - + function store_request($req) { common_ensure_session(); $_SESSION['userauthorizationrequest'] = $req; } - + function clear_request() { common_ensure_session(); unset($_SESSION['userauthorizationrequest']); } - + function get_stored_request() { - common_ensure_session(); + common_ensure_session(); $req = $_SESSION['userauthorizationrequest']; return $req; } @@ -344,29 +344,29 @@ class UserauthorizationAction extends Action { $req = OAuthRequest::from_request(); return $req; } - + # Throws an OAuthException if anything goes wrong - + function validate_request(&$req) { # OAuth stuff -- have to copy from OAuth.php since they're # all private methods, and there's no user-authentication method common_debug('checking version', __FILE__); $this->check_version($req); - common_debug('getting datastore', __FILE__); + common_debug('getting datastore', __FILE__); $datastore = omb_oauth_datastore(); common_debug('getting consumer', __FILE__); $consumer = $this->get_consumer($datastore, $req); - common_debug('getting token', __FILE__); + common_debug('getting token', __FILE__); $token = $this->get_token($datastore, $req, $consumer); common_debug('checking timestamp', __FILE__); $this->check_timestamp($req); - common_debug('checking nonce', __FILE__); + common_debug('checking nonce', __FILE__); $this->check_nonce($datastore, $req, $consumer, $token); common_debug('checking signature', __FILE__); $this->check_signature($req, $consumer, $token); - common_debug('validating omb stuff', __FILE__); + common_debug('validating omb stuff', __FILE__); $this->validate_omb($req); - common_debug('done validating', __FILE__); + common_debug('done validating', __FILE__); return true; } @@ -462,9 +462,9 @@ class UserauthorizationAction extends Action { throw new OAuthException("Invalid callback URL '$callback'"); } } - + # Snagged from OAuthServer - + function check_version(&$req) { $version = $req->get_parameter("oauth_version"); if (!$version) { @@ -477,13 +477,13 @@ class UserauthorizationAction extends Action { } # Snagged from OAuthServer - + function get_consumer($datastore, $req) { $consumer_key = @$req->get_parameter("oauth_consumer_key"); if (!$consumer_key) { throw new OAuthException("Invalid consumer key"); } - + $consumer = $datastore->lookup_consumer($consumer_key); if (!$consumer) { throw new OAuthException("Invalid consumer"); @@ -492,7 +492,7 @@ class UserauthorizationAction extends Action { } # Mostly cadged from OAuthServer - + function get_token($datastore, &$req, $consumer) {/*{{{*/ $token_field = @$req->get_parameter('oauth_token'); $token = $datastore->lookup_token($consumer, 'request', $token_field); @@ -501,7 +501,7 @@ class UserauthorizationAction extends Action { } return $token; } - + function check_timestamp(&$req) { $timestamp = @$req->get_parameter('oauth_timestamp'); $now = time(); @@ -520,19 +520,19 @@ class UserauthorizationAction extends Action { } return true; } - + function check_signature(&$req, $consumer, $token) { $signature_method = $this->get_signature_method($req); - $signature = $req->get_parameter('oauth_signature'); - $valid_sig = $signature_method->check_signature($req, - $consumer, - $token, + $signature = $req->get_parameter('oauth_signature'); + $valid_sig = $signature_method->check_signature($req, + $consumer, + $token, $signature); if (!$valid_sig) { throw new OAuthException("Invalid signature"); } } - + function get_signature_method(&$req) { $signature_method = @$req->get_parameter("oauth_signature_method"); if (!$signature_method) { diff --git a/lib/util.php b/lib/util.php index fdb4808bd2..bbaed32da5 100644 --- a/lib/util.php +++ b/lib/util.php @@ -219,7 +219,7 @@ function common_show_footer() { common_element_end('div'); # content div common_foot_menu(); common_element_start('div', array('id' => 'footer')); - common_element_start('p', 'laconica'); + common_element_start('div', 'laconica'); if (common_config('site', 'broughtby')) { $instr = _t('**%%site.name%%** is a microblogging service brought to you by [%%site.broughtby%%](%%site.broughtbyurl%%). '); } else { @@ -232,7 +232,7 @@ function common_show_footer() { '(http://www.fsf.org/licensing/licenses/agpl-3.0.html).'); $output = common_markup_to_html($instr); common_raw($output); - common_element_end('p'); + common_element_end('div'); common_element('img', array('id' => 'cc', 'src' => $config['license']['image'], 'alt' => $config['license']['title'])); @@ -393,7 +393,7 @@ function common_textarea($id, $label, $content=NULL, $instructions=NULL) { 'cols' => 40, 'name' => $id, 'id' => $id), - ($content) ? $content : ' '); + ($content) ? $content : ''); if ($instructions) { common_element('span', 'input_instructions', $instructions); } @@ -830,14 +830,16 @@ function common_notice_form($action=NULL, $content=NULL) { $user = common_current_user(); assert(!is_null($user)); common_element_start('form', array('id' => 'status_form', - 'method' => 'POST', + 'method' => 'post', 'action' => common_local_url('newnotice'))); common_element_start('p'); - common_element('label', array('for' => 'status_update', + common_element('label', array('for' => 'status_textarea', 'id' => 'status_label'), _t('What\'s up, ').$user->nickname.'?'); common_element('span', array('id' => 'counter', 'class' => 'counter'), '140'); common_element('textarea', array('id' => 'status_textarea', + 'cols' => 60, + 'rows' => 3, 'name' => 'status_textarea'), ($content) ? $content : ''); if ($action) {