require_once(INSTALLDIR.'/lib/omb.php');
define('TIMESTAMP_THRESHOLD', 300);
-class UserauthorizationAction extends Action {
+class UserauthorizationAction extends Action
+{
- function handle($args) {
+ function handle($args)
+ {
parent::handle($args);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
common_debug('getting new request', __FILE__);
$req = $this->get_new_request();
if (!$req) {
- $this->client_error(_('No request found!'));
+ $this->clientError(_('No request found!'));
}
common_debug('validating request', __FILE__);
# XXX: only validate new requests, since nonce is one-time use
$this->show_form($req);
} catch (OAuthException $e) {
$this->clear_request();
- $this->client_error($e->getMessage());
+ $this->clientError($e->getMessage());
return;
}
}
}
- function show_form($req) {
+ function show_form($req)
+ {
$nickname = $req->get_parameter('omb_listenee_nickname');
$profile = $req->get_parameter('omb_listenee_profile');
$avatar = $req->get_parameter('omb_listenee_avatar');
common_show_header(_('Authorize subscription'));
- common_element('p', null, _('Please check these details to make sure '.
+ $this->element('p', null, _('Please check these details to make sure '.
'that you want to subscribe to this user\'s notices. '.
'If you didn\'t just ask to subscribe to someone\'s notices, '.
'click "Cancel".'));
- common_element_start('div', 'profile');
+ $this->elementStart('div', 'profile');
if ($avatar) {
- common_element('img', array('src' => $avatar,
+ $this->element('img', array('src' => $avatar,
'class' => 'avatar profile',
'width' => AVATAR_PROFILE_SIZE,
'height' => AVATAR_PROFILE_SIZE,
'alt' => $nickname));
}
- common_element('a', array('href' => $profile,
+ $this->element('a', array('href' => $profile,
'class' => 'external profile nickname'),
$nickname);
if ($fullname) {
- common_element_start('div', 'fullname');
+ $this->elementStart('div', 'fullname');
if ($homepage) {
- common_element('a', array('href' => $homepage),
+ $this->element('a', array('href' => $homepage),
$fullname);
} else {
- common_text($fullname);
+ $this->text($fullname);
}
- common_element_end('div');
+ $this->elementEnd('div');
}
if ($location) {
- common_element('div', 'location', $location);
+ $this->element('div', 'location', $location);
}
if ($bio) {
- common_element('div', 'bio', $bio);
+ $this->element('div', 'bio', $bio);
}
- common_element_start('div', 'license');
- common_element('a', array('href' => $license,
+ $this->elementStart('div', 'license');
+ $this->element('a', array('href' => $license,
'class' => 'license'),
$license);
- common_element_end('div');
- common_element_end('div');
- common_element_start('form', array('method' => 'post',
+ $this->elementEnd('div');
+ $this->elementEnd('div');
+ $this->elementStart('form', array('method' => 'post',
'id' => 'userauthorization',
'name' => 'userauthorization',
'action' => common_local_url('userauthorization')));
- common_hidden('token', common_session_token());
- common_submit('accept', _('Accept'));
- common_submit('reject', _('Reject'));
- common_element_end('form');
+ $this->hidden('token', common_session_token());
+ $this->submit('accept', _('Accept'));
+ $this->submit('reject', _('Reject'));
+ $this->elementEnd('form');
common_show_footer();
}
- function send_authorization() {
+ function send_authorization()
+ {
$req = $this->get_stored_request();
if (!$req) {
- common_user_error(_('No authorization request!'));
+ $this->clientError(_('No authorization request!'));
return;
}
if ($this->arg('accept')) {
if (!$this->authorize_token($req)) {
- $this->client_error(_('Error authorizing token'));
+ $this->clientError(_('Error authorizing token'));
}
if (!$this->save_remote_profile($req)) {
- $this->client_error(_('Error saving remote profile'));
+ $this->clientError(_('Error saving remote profile'));
}
if (!$callback) {
$this->show_accept_message($req->get_parameter('oauth_token'));
$profile = $user->getProfile();
if (!$profile) {
common_log_db_error($user, 'SELECT', __FILE__);
- $this->server_error(_('User without matching profile'));
+ $this->serverError(_('User without matching profile'));
return;
}
$params['omb_listener_nickname'] = $user->nickname;
}
}
- function authorize_token(&$req) {
+ function authorize_token(&$req)
+ {
$consumer_key = $req->get_parameter('oauth_consumer_key');
$token_field = $req->get_parameter('oauth_token');
common_debug('consumer key = "'.$consumer_key.'"', __FILE__);
$rt->tok = $token_field;
$rt->type = 0;
$rt->state = 0;
- common_debug('request token to look up: "'.print_r($rt,TRUE).'"');
+ common_debug('request token to look up: "'.print_r($rt,true).'"');
if ($rt->find(true)) {
common_debug('found request token to authorize', __FILE__);
$orig_rt = clone($rt);
return true;
}
}
- return FALSE;
+ return false;
}
# XXX: refactor with similar code in finishremotesubscribe.php
- function save_remote_profile(&$req) {
+ function save_remote_profile(&$req)
+ {
# FIXME: we should really do this when the consumer comes
# back for an access token. If they never do, we've got stuff in a
# weird state.
$profile->created = DB_DataObject_Cast::dateTime(); # current time
$id = $profile->insert();
if (!$id) {
- return FALSE;
+ return false;
}
$remote->id = $id;
}
if ($exists) {
if (!$remote->update($orig_remote)) {
- return FALSE;
+ return false;
}
} else {
$remote->created = DB_DataObject_Cast::dateTime(); # current time
if (!$remote->insert()) {
- return FALSE;
+ return false;
}
}
if ($avatar_url) {
if (!$this->add_avatar($profile, $avatar_url)) {
- return FALSE;
+ return false;
}
}
$sub->created = DB_DataObject_Cast::dateTime(); # current time
if (!$sub->insert()) {
- return FALSE;
+ return false;
}
- return TRUE;
+ return true;
}
- function add_avatar($profile, $url) {
+ function add_avatar($profile, $url)
+ {
$temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar');
copy($url, $temp_filename);
return $profile->setOriginal($temp_filename);
}
- function show_accept_message($tok) {
+ function show_accept_message($tok)
+ {
common_show_header(_('Subscription authorized'));
- common_element('p', null,
+ $this->element('p', null,
_('The subscription has been authorized, but no '.
'callback URL was passed. Check with the site\'s instructions for '.
'details on how to authorize the subscription. Your subscription token is:'));
- common_element('blockquote', 'token', $tok);
+ $this->element('blockquote', 'token', $tok);
common_show_footer();
}
- function show_reject_message($tok) {
+ function show_reject_message($tok)
+ {
common_show_header(_('Subscription rejected'));
- common_element('p', null,
+ $this->element('p', null,
_('The subscription has been rejected, but no '.
'callback URL was passed. Check with the site\'s instructions for '.
'details on how to fully reject the subscription.'));
common_show_footer();
}
- function store_request($req) {
+ function store_request($req)
+ {
common_ensure_session();
$_SESSION['userauthorizationrequest'] = $req;
}
- function clear_request() {
+ function clear_request()
+ {
common_ensure_session();
unset($_SESSION['userauthorizationrequest']);
}
- function get_stored_request() {
+ function get_stored_request()
+ {
common_ensure_session();
$req = $_SESSION['userauthorizationrequest'];
return $req;
}
- function get_new_request() {
+ function get_new_request()
+ {
common_remove_magic_from_request();
$req = OAuthRequest::from_request();
return $req;
# Throws an OAuthException if anything goes wrong
- function validate_request(&$req) {
+ function validate_request(&$req)
+ {
# OAuth stuff -- have to copy from OAuth.php since they're
# all private methods, and there's no user-authentication method
common_debug('checking version', __FILE__);
return true;
}
- function validate_omb(&$req) {
+ function validate_omb(&$req)
+ {
foreach (array('omb_version', 'omb_listener', 'omb_listenee',
'omb_listenee_profile', 'omb_listenee_nickname',
'omb_listenee_license') as $param)
$sub = new Subscription();
$sub->subscriber = $user->id;
$sub->subscribed = $remote->id;
- if ($sub->find(TRUE)) {
+ if ($sub->find(true)) {
throw new OAuthException("Already subscribed to user!");
}
}
# Snagged from OAuthServer
- function check_version(&$req) {
+ function check_version(&$req)
+ {
$version = $req->get_parameter("oauth_version");
if (!$version) {
$version = 1.0;
# Snagged from OAuthServer
- function get_consumer($datastore, $req) {
+ function get_consumer($datastore, $req)
+ {
$consumer_key = @$req->get_parameter("oauth_consumer_key");
if (!$consumer_key) {
throw new OAuthException("Invalid consumer key");
# Mostly cadged from OAuthServer
- function get_token($datastore, &$req, $consumer) {/*{{{*/
+ function get_token($datastore, &$req, $consumer)
+ {/*{{{*/
$token_field = @$req->get_parameter('oauth_token');
$token = $datastore->lookup_token($consumer, 'request', $token_field);
if (!$token) {
return $token;
}
- function check_timestamp(&$req) {
+ function check_timestamp(&$req)
+ {
$timestamp = @$req->get_parameter('oauth_timestamp');
$now = time();
if ($now - $timestamp > TIMESTAMP_THRESHOLD) {
}
# NOTE: don't call twice on the same request; will fail!
- function check_nonce(&$datastore, &$req, $consumer, $token) {
+ function check_nonce(&$datastore, &$req, $consumer, $token)
+ {
$timestamp = @$req->get_parameter('oauth_timestamp');
$nonce = @$req->get_parameter('oauth_nonce');
$found = $datastore->lookup_nonce($consumer, $token, $nonce, $timestamp);
return true;
}
- function check_signature(&$req, $consumer, $token) {
+ function check_signature(&$req, $consumer, $token)
+ {
$signature_method = $this->get_signature_method($req);
$signature = $req->get_parameter('oauth_signature');
$valid_sig = $signature_method->check_signature($req,
}
}
- function get_signature_method(&$req) {
+ function get_signature_method(&$req)
+ {
$signature_method = @$req->get_parameter("oauth_signature_method");
if (!$signature_method) {
$signature_method = "PLAINTEXT";