mod/openid.php

   1 <?php
   2
   3
   4 require_once('library/openid.php');
   5
   6
   7 function openid_content(&$a) {
   8
   9         if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
  10                 $openid = new LightOpenID;
  11
  12                 if($openid->validate()) {
  13
  14                         if(x($_SESSION,'register')) {
  15                                 unset($_SESSION['register']);
  16                                 $args = '';
  17                                 $attr = $openid->getAttributes();
  18                                 if(is_array($attr) && count($attr)) {
  19                                         foreach($attr as $k => $v) {
  20                                                 if($k === 'namePerson/friendly')
  21                                                         $nick = notags(trim($v));
  22                                                 if($k === 'namePerson/first')
  23                                                         $first = notags(trim($v));
  24                                                 if($k === 'namePerson')
  25                                                         $args .= '&username=' . notags(trim($v));
  26                                                 if($k === 'contact/email')
  27                                                         $args .= '&email=' . notags(trim($v));
  28                                         }
  29                                 }
  30                                 if($nick)
  31                                         $args .= '&nickname=' . $nick;
  32                                 elseif($first)
  33                                         $args .= '&nickname=' . $first;
  34
  35                                 $args .= '&openid_url=' . notags(trim($_SESSION['openid']));
  36                                 if($a->config['register_policy'] != REGISTER_CLOSED)
  37                                         goaway($a->get_baseurl() . '/register' . $args);
  38                                 else
  39                                         goaway($a->get_baseurl());
  40
  41                                 // NOTREACHED
  42                         }
  43
  44
  45                         $r = q("SELECT * FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
  46                                 dbesc($_SESSION['openid'])
  47                         );
  48                         if(! count($r)) {
  49                                 notice( t('Login failed.') . EOL );
  50                                 goaway($a->get_baseurl());
  51                         }
  52                         unset($_SESSION['openid']);
  53
  54                         $_SESSION['uid'] = $r[0]['uid'];
  55                         $_SESSION['theme'] = $r[0]['theme'];
  56                         $_SESSION['authenticated'] = 1;
  57                         $_SESSION['page_flags'] = $r[0]['page-flags'];
  58                         $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
  59
  60                         notice( t("Welcome back ") . $r[0]['username'] . EOL);
  61                         $a->user = $r[0];
  62                         if(strlen($a->user['timezone']))
  63                                 date_default_timezone_set($a->user['timezone']);
  64
  65                         $r = q("SELECT * FROM `contact` WHERE `uid` = %s AND `self` = 1 LIMIT 1",
  66                                 intval($_SESSION['uid']));
  67                         if(count($r)) {
  68                                 $a->contact = $r[0];
  69                                 $a->cid = $r[0]['id'];
  70                                 $_SESSION['cid'] = $a->cid;
  71                         }
  72
  73                         header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] .'"');
  74                         if(($a->module !== 'home') && isset($_SESSION['return_url']))
  75                                 goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
  76                         else
  77                                 goaway($a->get_baseurl());
  78                 }
  79         }
  80         notice( t('Login failed.') . EOL);
  81         goaway($a->get_baseurl());
  82         // NOTREACHED
  83 }