]> git.mxchange.org Git - friendica.git/blob - mod/openid.php
"profile locator/address" is now called "Identity Address" to reduce confusion
[friendica.git] / mod / openid.php
1 <?php
2
3
4 require_once('library/openid.php');
5
6
7 function openid_content(&$a) {
8
9         $noid = get_config('system','no_openid');
10         if($noid)
11                 goaway($a->get_baseurl());
12
13         if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
14                 $openid = new LightOpenID;
15
16                 if($openid->validate()) {
17
18                         if(x($_SESSION,'register')) {
19                                 unset($_SESSION['register']);
20                                 $args = '';
21                                 $attr = $openid->getAttributes();
22                                 if(is_array($attr) && count($attr)) {
23                                         foreach($attr as $k => $v) {
24                                                 if($k === 'namePerson/friendly')
25                                                         $nick = notags(trim($v));
26                                                 if($k === 'namePerson/first')
27                                                         $first = notags(trim($v));
28                                                 if($k === 'namePerson')
29                                                         $args .= '&username=' . notags(trim($v));
30                                                 if($k === 'contact/email')
31                                                         $args .= '&email=' . notags(trim($v));
32                                                 if($k === 'media/image/aspect11')
33                                                         $photosq = bin2hex(trim($v));
34                                                 if($k === 'media/image/default')
35                                                         $photo = bin2hex(trim($v));
36                                         }
37                                 }
38                                 if($nick)
39                                         $args .= '&nickname=' . $nick;
40                                 elseif($first)
41                                         $args .= '&nickname=' . $first;
42
43                                 if($photosq)
44                                         $args .= '&photo=' . $photosq;
45                                 elseif($photo)
46                                         $args .= '&photo=' . $photo;
47
48                                 $args .= '&openid_url=' . notags(trim($_SESSION['openid']));
49                                 if($a->config['register_policy'] != REGISTER_CLOSED)
50                                         goaway($a->get_baseurl() . '/register' . $args);
51                                 else
52                                         goaway($a->get_baseurl());
53
54                                 // NOTREACHED
55                         } 
56
57
58                         $r = q("SELECT * FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
59                                 dbesc($_SESSION['openid'])
60                         );
61                         if(! count($r)) {
62                                 notice( t('Login failed.') . EOL );
63                                 goaway($a->get_baseurl());
64                         }
65                         unset($_SESSION['openid']);
66
67                         $_SESSION['uid'] = $r[0]['uid'];
68                         $_SESSION['theme'] = $r[0]['theme'];
69                         $_SESSION['authenticated'] = 1;
70                         $_SESSION['page_flags'] = $r[0]['page-flags'];
71                         $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
72
73                         notice( sprintf( t("Welcome back "), $r[0]['username']) . EOL);
74                         $a->user = $r[0];
75
76                         if(strlen($a->user['timezone'])) {
77                                 date_default_timezone_set($a->user['timezone']);
78                                 $a->timezone = $a->user['timezone'];
79                         }
80
81                         $r = q("SELECT `uid`,`username` FROM `user` WHERE `password` = '%s' AND `email` = '%s'",
82                                 dbesc($a->user['password']),
83                                 dbesc($a->user['email'])
84                         );
85                         if(count($r))
86                                 $a->identities = $r;
87
88                         $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
89                                 intval($_SESSION['uid'])
90                         );
91                         if(count($r)) {
92                                 $a->contact = $r[0];
93                                 $a->cid = $r[0]['id'];
94                                 $_SESSION['cid'] = $a->cid;
95                         }
96
97                         q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d LIMIT 1",
98                                 dbesc(datetime_convert()),
99                                 intval($_SESSION['uid'])
100                         );
101
102                         header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] .'"');
103                         if(($a->module !== 'home') && isset($_SESSION['return_url']))
104                                 goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
105                         else
106                                 goaway($a->get_baseurl());
107                 }
108         }
109         notice( t('Login failed.') . EOL);
110         goaway($a->get_baseurl());
111         // NOTREACHED
112 }