Merge branch '0.9.x' into 1.0.x

[quix0rs-gnu-social.git] / plugins / OpenID / openidlogin.php

diff --git a/plugins/OpenID/openidlogin.php b/plugins/OpenID/openidlogin.php
index 34e00cccebd509cc3f83c8d7d03c0d569330d79d..8d25a2e9ac9beb6378867a621da025e97070f12d 100644 (file)
--- a/plugins/OpenID/openidlogin.php
+++ b/plugins/OpenID/openidlogin.php
@@ -17,7 +17,9 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
+if (!defined('STATUSNET')) {
+    exit(1);
+}
 
 require_once INSTALLDIR.'/plugins/OpenID/openid.php';
 
@@ -33,20 +35,15 @@ class OpenidloginAction extends Action
             $provider = common_config('openid', 'trusted_provider');
             if ($provider) {
                 $openid_url = $provider;
+                if (common_config('openid', 'append_username')) {
+                    $openid_url .= $this->trimmed('openid_username');
+                }
             } else {
                 $openid_url = $this->trimmed('openid_url');
             }
 
             oid_assert_allowed($openid_url);
 
-            # CSRF protection
-            $token = $this->trimmed('token');
-            if (!$token || $token != common_session_token()) {
-                // TRANS: Message given when there is a problem with the user's session token.
-                $this->showForm(_m('There was a problem with your session token. Try again, please.'), $openid_url);
-                return;
-            }
-
             $rememberme = $this->boolean('rememberme');
 
             common_ensure_session();
@@ -100,7 +97,15 @@ class OpenidloginAction extends Action
     function showScripts()
     {
         parent::showScripts();
-        $this->autofocus('openid_url');
+        if (common_config('openid', 'trusted_provider')) {
+            if (common_config('openid', 'append_username')) {
+                $this->autofocus('openid_username');
+            } else {
+                $this->autofocus('rememberme');
+            }
+        } else {
+            $this->autofocus('openid_url');
+        }
     }
 
     function title()
@@ -125,15 +130,21 @@ class OpenidloginAction extends Action
         $this->elementStart('fieldset');
         // TRANS: OpenID plugin logon form legend.
         $this->element('legend', null, _m('OpenID login'));
-        $this->hidden('token', common_session_token());
 
         $this->elementStart('ul', 'form_data');
         $this->elementStart('li');
         $provider = common_config('openid', 'trusted_provider');
+        $appendUsername = common_config('openid', 'append_username');
         if ($provider) {
             $this->element('label', array(), _m('OpenID provider'));
             $this->element('span', array(), $provider);
+            if ($appendUsername) {
+                $this->element('input', array('id' => 'openid_username',
+                                              'name' => 'openid_username',
+                                              'style' => 'float: none'));
+            }
             $this->element('p', 'form_guide',
+                           ($appendUsername ? _m('Enter your username.') . ' ' : '') .
                            _m('You will be sent to the provider\'s site for authentication.'));
             $this->hidden('openid_url', $provider);
         } else {