]> git.mxchange.org Git - friendica.git/blob - mod/openid.php
Merge pull request #104 from chriscase/master
[friendica.git] / mod / openid.php
1 <?php
2
3
4 require_once('library/openid.php');
5
6
7 function openid_content(&$a) {
8
9         $noid = get_config('system','no_openid');
10         if($noid)
11                 goaway($a->get_baseurl());
12
13         if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
14                 $openid = new LightOpenID;
15
16                 if($openid->validate()) {
17
18                         if(x($_SESSION,'register')) {
19                                 unset($_SESSION['register']);
20                                 $args = '';
21                                 $attr = $openid->getAttributes();
22                                 if(is_array($attr) && count($attr)) {
23                                         foreach($attr as $k => $v) {
24                                                 if($k === 'namePerson/friendly')
25                                                         $nick = notags(trim($v));
26                                                 if($k === 'namePerson/first')
27                                                         $first = notags(trim($v));
28                                                 if($k === 'namePerson')
29                                                         $args .= '&username=' . notags(trim($v));
30                                                 if($k === 'contact/email')
31                                                         $args .= '&email=' . notags(trim($v));
32                                                 if($k === 'media/image/aspect11')
33                                                         $photosq = bin2hex(trim($v));
34                                                 if($k === 'media/image/default')
35                                                         $photo = bin2hex(trim($v));
36                                         }
37                                 }
38                                 if($nick)
39                                         $args .= '&nickname=' . $nick;
40                                 elseif($first)
41                                         $args .= '&nickname=' . $first;
42
43                                 if($photosq)
44                                         $args .= '&photo=' . $photosq;
45                                 elseif($photo)
46                                         $args .= '&photo=' . $photo;
47
48                                 $args .= '&openid_url=' . notags(trim($_SESSION['openid']));
49                                 if($a->config['register_policy'] != REGISTER_CLOSED)
50                                         goaway($a->get_baseurl() . '/register' . $args);
51                                 else
52                                         goaway($a->get_baseurl());
53
54                                 // NOTREACHED
55                         } 
56
57
58                         $r = q("SELECT * FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
59                                 dbesc($_SESSION['openid'])
60                         );
61                         if(! count($r)) {
62                                 notice( t('Login failed.') . EOL );
63                                 goaway($a->get_baseurl());
64                         }
65                         unset($_SESSION['openid']);
66
67                         $_SESSION['uid'] = $r[0]['uid'];
68                         $_SESSION['theme'] = $r[0]['theme'];
69                         $_SESSION['authenticated'] = 1;
70                         $_SESSION['page_flags'] = $r[0]['page-flags'];
71                         $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
72
73                         $a->user = $r[0];
74
75                         if($a->user['login_date'] === '0000-00-00 00:00:00') {
76                                 $_SESSION['return_url'] = 'profile_photo/new';
77                                 $a->module = 'profile_photo';
78                                 notice( t("Welcome ") . $a->user['username'] . EOL);
79                                 notice( t('Please upload a profile photo.') . EOL);
80                         }
81                         else
82                                 notice( t("Welcome back ") . $a->user['username'] . EOL);
83
84
85                         if(strlen($a->user['timezone'])) {
86                                 date_default_timezone_set($a->user['timezone']);
87                                 $a->timezone = $a->user['timezone'];
88                         }
89
90                         $r = q("SELECT `uid`,`username` FROM `user` WHERE `password` = '%s' AND `email` = '%s'",
91                                 dbesc($a->user['password']),
92                                 dbesc($a->user['email'])
93                         );
94                         if(count($r))
95                                 $a->identities = $r;
96
97                         $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
98                                 intval($_SESSION['uid'])
99                         );
100                         if(count($r)) {
101                                 $a->contact = $r[0];
102                                 $a->cid = $r[0]['id'];
103                                 $_SESSION['cid'] = $a->cid;
104                         }
105
106                         q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d LIMIT 1",
107                                 dbesc(datetime_convert()),
108                                 intval($_SESSION['uid'])
109                         );
110
111                         header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] .'"');
112                         if(($a->module !== 'home') && isset($_SESSION['return_url']))
113                                 goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
114                         else
115                                 goaway($a->get_baseurl());
116                 }
117         }
118         notice( t('Login failed.') . EOL);
119         goaway($a->get_baseurl());
120         // NOTREACHED
121 }