X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Ffinishopenidlogin.php;h=827a4e9c7ae6418b7ec93473f449e1c491ee31b8;hb=35d17146213228445b0f30548aca01c9e1a71154;hp=7033344537f068803158357bfc71fffe6240b1d6;hpb=aabac60b6eb04b7f4c25a96fa1c103baf1cf53e0;p=quix0rs-gnu-social.git diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php index 7033344537..827a4e9c7a 100644 --- a/actions/finishopenidlogin.php +++ b/actions/finishopenidlogin.php @@ -26,11 +26,11 @@ class FinishopenidloginAction extends Action { function handle($args) { parent::handle($args); if (common_logged_in()) { - common_user_error(_t('Already logged in.')); + common_user_error(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('create')) { if (!$this->boolean('license')) { - $this->show_form(_t('You can\'t register if you don\'t agree to the license.'), + $this->show_form(_('You can\'t register if you don\'t agree to the license.'), $this->trimmed('newname')); return; } @@ -39,7 +39,7 @@ class FinishopenidloginAction extends Action { $this->connect_user(); } else { common_debug(print_r($this->args, true), __FILE__); - $this->show_form(_t('Something weird happened.'), + $this->show_form(_('Something weird happened.'), $this->trimmed('newname')); } } else { @@ -53,63 +53,58 @@ class FinishopenidloginAction extends Action { } else { global $config; common_element('div', 'instructions', - _t('This is the first time you\'ve logged into ') . - $config['site']['name'] . - _t(' so we must connect your OpenID to a local account. ' . - ' You can either create a new account, or connect with ' . - ' your existing account, if you have one.')); - } + sprintf(_('This is the first time you\'ve logged into %s so we must connect your OpenID to a local account. You can either create a new account, or connect with your existing account, if you have one.'), $config['site']['name'])); + } } - + function show_form($error=NULL, $username=NULL) { - common_show_header(_t('OpenID Account Setup'), NULL, $error, + common_show_header(_('OpenID Account Setup'), NULL, $error, array($this, 'show_top')); - common_element_start('form', array('method' => 'POST', + common_element_start('form', array('method' => 'post', 'id' => 'account_connect', 'action' => common_local_url('finishopenidlogin'))); common_element('h2', NULL, - 'Create new account'); + _('Create new account')); common_element('p', NULL, - _t('Create a new user with this nickname.')); - common_input('newname', _t('New nickname'), + _('Create a new user with this nickname.')); + common_input('newname', _('New nickname'), ($username) ? $username : '', - _t('1-64 lowercase letters or numbers, no punctuation or spaces')); + _('1-64 lowercase letters or numbers, no punctuation or spaces')); common_element_start('p'); common_element('input', array('type' => 'checkbox', 'id' => 'license', 'name' => 'license', 'value' => 'true')); - common_text(_t('My text and files are available under ')); + common_text(_('My text and files are available under ')); common_element('a', array(href => common_config('license', 'url')), common_config('license', 'title')); - common_text(_t(' except this private data: password, email address, IM address, phone number.')); + common_text(_(' except this private data: password, email address, IM address, phone number.')); common_element_end('p'); - common_submit('create', _t('Create')); + common_submit('create', _('Create')); common_element('h2', NULL, - 'Connect existing account'); + _('Connect existing account')); common_element('p', NULL, - _t('If you already have an account, login with your username and password '. - 'to connect it to your OpenID.')); - common_input('nickname', _t('Existing nickname')); - common_password('password', _t('Password')); - common_submit('connect', _t('Connect')); + _('If you already have an account, login with your username and password to connect it to your OpenID.')); + common_input('nickname', _('Existing nickname')); + common_password('password', _('Password')); + common_submit('connect', _('Connect')); common_element_end('form'); common_show_footer(); } function try_login() { - + $consumer = oid_consumer(); $response = $consumer->complete(common_local_url('finishopenidlogin')); if ($response->status == Auth_OpenID_CANCEL) { - $this->message(_t('OpenID authentication cancelled.')); + $this->message(_('OpenID authentication cancelled.')); return; } else if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. - $this->message(_t('OpenID authentication failed: ') . $response->message); + $this->message(sprintf(_('OpenID authentication failed: %s'), $response->message)); } else if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was @@ -125,11 +120,14 @@ class FinishopenidloginAction extends Action { } $user = oid_get_user($canonical); - + if ($user) { oid_set_last($display); - oid_update_user($user, $sreg); + # XXX: commented out at @edd's request until better + # control over how data flows from OpenID provider. + # oid_update_user($user, $sreg); common_set_user($user->nickname); + common_real_login(true); $this->go_home($user->nickname); } else { $this->save_values($display, $canonical, $sreg); @@ -139,16 +137,16 @@ class FinishopenidloginAction extends Action { } function message($msg) { - common_show_header(_t('OpenID Login')); + common_show_header(_('OpenID Login')); common_element('p', NULL, $msg); common_show_footer(); } - + function save_values($display, $canonical, $sreg) { common_ensure_session(); $_SESSION['openid_display'] = $display; - $_SESSION['openid_canonical'] = $canonical; - $_SESSION['openid_sreg'] = $sreg; + $_SESSION['openid_canonical'] = $canonical; + $_SESSION['openid_sreg'] = $sreg; } function get_saved_values() { @@ -156,135 +154,113 @@ class FinishopenidloginAction extends Action { $_SESSION['openid_canonical'], $_SESSION['openid_sreg']); } - + function create_new_user() { - + $nickname = $this->trimmed('newname'); - + if (!Validate::string($nickname, array('min_length' => 1, 'max_length' => 64, 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->show_form(_t('Nickname must have only letters and numbers and no spaces.')); + $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.')); return; } - + + if (!User::allowed_nickname($nickname)) { + $this->show_form(_('Nickname not allowed.')); + return; + } + if (User::staticGet('nickname', $nickname)) { - $this->show_form(_t('Nickname already in use. Try another one.')); + $this->show_form(_('Nickname already in use. Try another one.')); return; } - + list($display, $canonical, $sreg) = $this->get_saved_values(); - + if (!$display || !$canonical) { - common_server_error(_t('Stored OpenID not found.')); + common_server_error(_('Stored OpenID not found.')); return; } - + # Possible race condition... let's be paranoid - + $other = oid_get_user($canonical); - + if ($other) { - common_server_error(_t('Creating new account for OpenID that already has a user.')); + common_server_error(_('Creating new account for OpenID that already has a user.')); return; } - - $profile = new Profile(); - - $profile->nickname = $nickname; - - if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { - $profile->fullname = $sreg['fullname']; - } - + if ($sreg['country']) { if ($sreg['postcode']) { # XXX: use postcode to get city and region # XXX: also, store postcode somewhere -- it's valuable! - $profile->location = $sreg['postcode'] . ', ' . $sreg['country']; + $location = $sreg['postcode'] . ', ' . $sreg['country']; } else { - $profile->location = $sreg['country']; + $location = $sreg['country']; } } - - # XXX save language if it's passed - # XXX save timezone if it's passed - - $profile->profileurl = common_profile_url($nickname); - - $profile->created = DB_DataObject_Cast::dateTime(); # current time - $id = $profile->insert(); - if (!$id) { - common_server_error(_t('Error saving the profile.')); - return; + if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { + $fullname = $sreg['fullname']; } - $user = new User(); - $user->id = $id; - $user->nickname = $nickname; - $user->uri = common_mint_tag('user:'.$id); - if ($sreg['email'] && Validate::email($sreg['email'], true)) { - $user->email = $sreg['email']; + $email = $sreg['email']; } + + # XXX: add language + # XXX: add timezone - $user->created = DB_DataObject_Cast::dateTime(); # current time - - $result = $user->insert(); - - if (!$result) { - # Try to clean up... - $profile->delete(); - } + $user = User::register(array('nickname' => $nickname, + 'email' => $email, + 'fullname' => $fullname, + 'location' => $location)); $result = oid_link_user($user->id, $canonical, $display); - if (!$result) { - # Try to clean up... - $user->delete(); - $profile->delete(); - } - - oid_set_last($display); + oid_set_last($display); common_set_user($user->nickname); + common_real_login(true); common_redirect(common_local_url('showstream', array('nickname' => $user->nickname))); } - + function connect_user() { - + $nickname = $this->trimmed('nickname'); $password = $this->trimmed('password'); if (!common_check_user($nickname, $password)) { - $this->show_form(_t('Invalid username or password.')); + $this->show_form(_('Invalid username or password.')); return; } # They're legit! - + $user = User::staticGet('nickname', $nickname); list($display, $canonical, $sreg) = $this->get_saved_values(); if (!$display || !$canonical) { - common_server_error(_t('Stored OpenID not found.')); + common_server_error(_('Stored OpenID not found.')); return; } - + $result = oid_link_user($user->id, $canonical, $display); - + if (!$result) { - common_server_error(_t('Error connecting user to OpenID.')); + common_server_error(_('Error connecting user to OpenID.')); return; } - + oid_update_user($user, $sreg); oid_set_last($display); common_set_user($user->nickname); + common_real_login(true); $this->go_home($user->nickname); } - + function go_home($nickname) { $url = common_get_returnto(); if ($url) { @@ -297,9 +273,9 @@ class FinishopenidloginAction extends Action { } common_redirect($url); } - + function best_new_nickname($display, $sreg) { - + # Try the passed-in nickname @@ -318,11 +294,11 @@ class FinishopenidloginAction extends Action { return $fullname; } } - + # Try the URL - + $from_url = $this->openid_to_nickname($display); - + if ($from_url && $this->is_new_nickname($from_url)) { return $from_url; } @@ -338,12 +314,15 @@ class FinishopenidloginAction extends Action { 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { return false; } + if (!User::allowed_nickname($str)) { + return false; + } if (User::staticGet('nickname', $str)) { return false; } return true; } - + function openid_to_nickname($openid) { if (Auth_Yadis_identifierScheme($openid) == 'XRI') { return $this->xri_to_nickname($openid); @@ -415,7 +394,7 @@ class FinishopenidloginAction extends Action { return $this->nicknamize(array_pop($parts)); } } - + function xri_base($xri) { if (substr($xri, 0, 6) == 'xri://') { return substr($xri, 6); @@ -425,7 +404,7 @@ class FinishopenidloginAction extends Action { } # Given a string, try to make it work as a nickname - + function nicknamize($str) { $str = preg_replace('/\W/', '', $str); return strtolower($str);