if (common_logged_in()) {
common_user_error(_('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+ $token = $this->trimmed('token');
+ if (!$token || $token != common_session_token()) {
+ $this->show_form(_('There was a problem with your session token. Try again, please.'));
+ return;
+ }
if ($this->arg('create')) {
if (!$this->boolean('license')) {
$this->show_form(_('You can\'t register if you don\'t agree to the license.'),
} else {
global $config;
common_element('div', 'instructions',
- sprintf(_('This is the first time you\'ve logged into %s' .
- ' so we must connect your OpenID to a local account. ' .
- ' You can either create a new account, or connect with ' .
- ' your existing account, if you have one.'
- ), $config['site']['name']));
+ sprintf(_('This is the first time you\'ve logged into %s so we must connect your OpenID to a local account. You can either create a new account, or connect with your existing account, if you have one.'), $config['site']['name']));
}
}
common_element_start('form', array('method' => 'post',
'id' => 'account_connect',
'action' => common_local_url('finishopenidlogin')));
+ common_hidden('token', common_session_token());
common_element('h2', NULL,
_('Create new account'));
common_element('p', NULL,
common_element('h2', NULL,
_('Connect existing account'));
common_element('p', NULL,
- _('If you already have an account, login with your username and password '.
- 'to connect it to your OpenID.'));
+ _('If you already have an account, login with your username and password to connect it to your OpenID.'));
common_input('nickname', _('Existing nickname'));
common_password('password', _('Password'));
common_submit('connect', _('Connect'));
# XXX: commented out at @edd's request until better
# control over how data flows from OpenID provider.
# oid_update_user($user, $sreg);
- common_set_user($user->nickname);
+ common_set_user($user);
common_real_login(true);
+ if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) {
+ common_rememberme($user);
+ }
+ unset($_SESSION['openid_rememberme']);
$this->go_home($user->nickname);
} else {
$this->save_values($display, $canonical, $sreg);
function create_new_user() {
+ # FIXME: save invite code before redirect, and check here
+
+ if (common_config('site', 'closed') || common_config('site', 'inviteonly')) {
+ common_user_error(_('Registration not allowed.'));
+ return;
+ }
+
$nickname = $this->trimmed('newname');
if (!Validate::string($nickname, array('min_length' => 1,
'max_length' => 64,
'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
- $this->show_form(_('Nickname must have only letters and numbers and no spaces.'));
+ $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.'));
return;
}
return;
}
- $profile = new Profile();
-
- $profile->nickname = $nickname;
-
- if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) {
- $profile->fullname = $sreg['fullname'];
- }
-
if ($sreg['country']) {
if ($sreg['postcode']) {
# XXX: use postcode to get city and region
# XXX: also, store postcode somewhere -- it's valuable!
- $profile->location = $sreg['postcode'] . ', ' . $sreg['country'];
+ $location = $sreg['postcode'] . ', ' . $sreg['country'];
} else {
- $profile->location = $sreg['country'];
+ $location = $sreg['country'];
}
}
- # XXX save language if it's passed
- # XXX save timezone if it's passed
-
- $profile->profileurl = common_profile_url($nickname);
-
- $profile->created = DB_DataObject_Cast::dateTime(); # current time
-
- $id = $profile->insert();
- if (!$id) {
- common_server_error(_('Error saving the profile.'));
- return;
+ if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) {
+ $fullname = $sreg['fullname'];
}
- $user = new User();
- $user->id = $id;
- $user->nickname = $nickname;
- $user->uri = common_user_uri($user);
-
if ($sreg['email'] && Validate::email($sreg['email'], true)) {
- $user->email = $sreg['email'];
+ $email = $sreg['email'];
}
- $user->created = DB_DataObject_Cast::dateTime(); # current time
+ # XXX: add language
+ # XXX: add timezone
- $result = $user->insert();
-
- if (!$result) {
- # Try to clean up...
- $profile->delete();
- }
+ $user = User::register(array('nickname' => $nickname,
+ 'email' => $email,
+ 'fullname' => $fullname,
+ 'location' => $location));
$result = oid_link_user($user->id, $canonical, $display);
- if (!$result) {
- # Try to clean up...
- $user->delete();
- $profile->delete();
- }
-
oid_set_last($display);
- common_set_user($user->nickname);
+ common_set_user($user);
common_real_login(true);
+ if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) {
+ common_rememberme($user);
+ }
+ unset($_SESSION['openid_rememberme']);
common_redirect(common_local_url('showstream', array('nickname' => $user->nickname)));
}
oid_update_user($user, $sreg);
oid_set_last($display);
- common_set_user($user->nickname);
+ common_set_user($user);
common_real_login(true);
+ if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) {
+ common_rememberme($user);
+ }
+ unset($_SESSION['openid_rememberme']);
$this->go_home($user->nickname);
}
# Try the passed-in nickname
-
if ($sreg['nickname']) {
$nickname = $this->nicknamize($sreg['nickname']);
if ($this->is_new_nickname($nickname)) {