]> git.mxchange.org Git - friendica.git/blob - mod/openid.php
cache result of (expensive) security check for visitor rights
[friendica.git] / mod / openid.php
1 <?php
2
3
4 require_once('library/openid.php');
5
6
7 function openid_content(&$a) {
8
9         $noid = get_config('system','no_openid');
10         if($noid)
11                 goaway($a->get_baseurl());
12
13         if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
14                 $openid = new LightOpenID;
15
16                 if($openid->validate()) {
17
18                         if(x($_SESSION,'register')) {
19                                 unset($_SESSION['register']);
20                                 $args = '';
21                                 $attr = $openid->getAttributes();
22                                 if(is_array($attr) && count($attr)) {
23                                         foreach($attr as $k => $v) {
24                                                 if($k === 'namePerson/friendly')
25                                                         $nick = notags(trim($v));
26                                                 if($k === 'namePerson/first')
27                                                         $first = notags(trim($v));
28                                                 if($k === 'namePerson')
29                                                         $args .= '&username=' . notags(trim($v));
30                                                 if($k === 'contact/email')
31                                                         $args .= '&email=' . notags(trim($v));
32                                                 if($k === 'media/image/aspect11')
33                                                         $photosq = bin2hex(trim($v));
34                                                 if($k === 'media/image/default')
35                                                         $photo = bin2hex(trim($v));
36                                         }
37                                 }
38                                 if($nick)
39                                         $args .= '&nickname=' . $nick;
40                                 elseif($first)
41                                         $args .= '&nickname=' . $first;
42
43                                 if($photosq)
44                                         $args .= '&photo=' . $photosq;
45                                 elseif($photo)
46                                         $args .= '&photo=' . $photo;
47
48                                 $args .= '&openid_url=' . notags(trim($_SESSION['openid']));
49                                 if($a->config['register_policy'] != REGISTER_CLOSED)
50                                         goaway($a->get_baseurl() . '/register' . $args);
51                                 else
52                                         goaway($a->get_baseurl());
53
54                                 // NOTREACHED
55                         } 
56
57
58                         $r = q("SELECT * FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
59                                 dbesc($_SESSION['openid'])
60                         );
61                         if(! count($r)) {
62                                 notice( t('Login failed.') . EOL );
63                                 goaway($a->get_baseurl());
64                         }
65                         unset($_SESSION['openid']);
66
67                         $_SESSION['uid'] = $r[0]['uid'];
68                         $_SESSION['theme'] = $r[0]['theme'];
69                         $_SESSION['authenticated'] = 1;
70                         $_SESSION['page_flags'] = $r[0]['page-flags'];
71                         $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
72
73                         notice( t("Welcome back ") . $r[0]['username'] . EOL);
74                         $a->user = $r[0];
75                         if(strlen($a->user['timezone']))
76                                 date_default_timezone_set($a->user['timezone']);
77
78                         $r = q("SELECT * FROM `contact` WHERE `uid` = %s AND `self` = 1 LIMIT 1",
79                                 intval($_SESSION['uid']));
80                         if(count($r)) {
81                                 $a->contact = $r[0];
82                                 $a->cid = $r[0]['id'];
83                                 $_SESSION['cid'] = $a->cid;
84                         }
85
86                         header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] .'"');
87                         if(($a->module !== 'home') && isset($_SESSION['return_url']))
88                                 goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
89                         else
90                                 goaway($a->get_baseurl());
91                 }
92         }
93         notice( t('Login failed.') . EOL);
94         goaway($a->get_baseurl());
95         // NOTREACHED
96 }