X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Ffinishopenidlogin.php;h=b08b96df6c2afd017cecf9852fc663ec41b65e67;hb=b4e649fe906a793cd5e62d6390065ea5d41c40db;hp=ae5b136a25cc40ab4515bd7961cf451e8e53b784;hpb=eb2f9c98ac115ce67e9a740b200c832153ffa05c;p=quix0rs-gnu-social.git diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php index ae5b136a25..b08b96df6c 100644 --- a/actions/finishopenidlogin.php +++ b/actions/finishopenidlogin.php @@ -21,86 +21,106 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/openid.php'); -class FinishopenidloginAction extends Action { - - function handle($args) { +class FinishopenidloginAction extends Action +{ + var $error = null; + var $username = null; + var $message = null; + + function handle($args) + { parent::handle($args); - if (common_logged_in()) { - common_user_error(_('Already logged in.')); + if (common_is_real_login()) { + $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); + $this->showForm(_('There was a problem with your session token. Try again, please.')); return; } if ($this->arg('create')) { if (!$this->boolean('license')) { - $this->show_form(_('You can\'t register if you don\'t agree to the license.'), - $this->trimmed('newname')); + $this->showForm(_('You can\'t register if you don\'t agree to the license.'), + $this->trimmed('newname')); return; } - $this->create_new_user(); + $this->createNewUser(); } else if ($this->arg('connect')) { - $this->connect_user(); + $this->connectUser(); } else { common_debug(print_r($this->args, true), __FILE__); - $this->show_form(_('Something weird happened.'), - $this->trimmed('newname')); + $this->showForm(_('Something weird happened.'), + $this->trimmed('newname')); } } else { - $this->try_login(); + $this->tryLogin(); } } - function show_top($error=null) { - if ($error) { - common_element('div', array('class' => 'error'), $error); + function showPageNotice() + { + if ($this->error) { + $this->element('div', array('class' => 'error'), $this->error); } else { - global $config; - common_element('div', 'instructions', - sprintf(_('This is the first time you\'ve logged into %s so we must connect your OpenID to a local account. You can either create a new account, or connect with your existing account, if you have one.'), $config['site']['name'])); + $this->element('div', 'instructions', + sprintf(_('This is the first time you\'ve logged into %s so we must connect your OpenID to a local account. You can either create a new account, or connect with your existing account, if you have one.'), common_config('site', 'name'))); } } - function show_form($error=null, $username=null) { - common_show_header(_('OpenID Account Setup'), null, $error, - array($this, 'show_top')); + function title() + { + return _('OpenID Account Setup'); + } + + function showForm($error=null, $username=null) + { + $this->error = $error; + $this->username = $username; - common_element_start('form', array('method' => 'post', - 'id' => 'account_connect', - 'action' => common_local_url('finishopenidlogin'))); - common_hidden('token', common_session_token()); - common_element('h2', null, + $this->showPage(); + } + + function showContent() + { + if (!empty($this->message_text)) { + $this->element('p', null, $this->message); + return; + } + + $this->elementStart('form', array('method' => 'post', + 'id' => 'account_connect', + 'action' => common_local_url('finishopenidlogin'))); + $this->hidden('token', common_session_token()); + $this->element('h2', null, _('Create new account')); - common_element('p', null, + $this->element('p', null, _('Create a new user with this nickname.')); - common_input('newname', _('New nickname'), - ($username) ? $username : '', + $this->input('newname', _('New nickname'), + ($this->username) ? $this->username : '', _('1-64 lowercase letters or numbers, no punctuation or spaces')); - common_element_start('p'); - common_element('input', array('type' => 'checkbox', + $this->elementStart('p'); + $this->element('input', array('type' => 'checkbox', 'id' => 'license', 'name' => 'license', 'value' => 'true')); - common_text(_('My text and files are available under ')); - common_element('a', array(href => common_config('license', 'url')), + $this->text(_('My text and files are available under ')); + $this->element('a', array('href' => common_config('license', 'url')), common_config('license', 'title')); - common_text(_(' except this private data: password, email address, IM address, phone number.')); - common_element_end('p'); - common_submit('create', _('Create')); - common_element('h2', null, + $this->text(_(' except this private data: password, email address, IM address, phone number.')); + $this->elementEnd('p'); + $this->submit('create', _('Create')); + $this->element('h2', null, _('Connect existing account')); - common_element('p', null, + $this->element('p', null, _('If you already have an account, login with your username and password to connect it to your OpenID.')); - common_input('nickname', _('Existing nickname')); - common_password('password', _('Password')); - common_submit('connect', _('Connect')); - common_element_end('form'); - common_show_footer(); + $this->input('nickname', _('Existing nickname')); + $this->password('password', _('Password')); + $this->submit('connect', _('Connect')); + $this->elementEnd('form'); } - function try_login() { - + function tryLogin() + { $consumer = oid_consumer(); $response = $consumer->complete(common_local_url('finishopenidlogin')); @@ -138,65 +158,84 @@ class FinishopenidloginAction extends Action { common_rememberme($user); } unset($_SESSION['openid_rememberme']); - $this->go_home($user->nickname); + $this->goHome($user->nickname); } else { - $this->save_values($display, $canonical, $sreg); - $this->show_form(null, $this->best_new_nickname($display, $sreg)); + $this->saveValues($display, $canonical, $sreg); + $this->showForm(null, $this->bestNewNickname($display, $sreg)); } } } - function message($msg) { - common_show_header(_('OpenID Login')); - common_element('p', null, $msg); - common_show_footer(); + function message($msg) + { + $this->message_text = $msg; + $this->showPage(); } - function save_values($display, $canonical, $sreg) { + function saveValues($display, $canonical, $sreg) + { common_ensure_session(); $_SESSION['openid_display'] = $display; $_SESSION['openid_canonical'] = $canonical; $_SESSION['openid_sreg'] = $sreg; } - function get_saved_values() { + function getSavedValues() + { return array($_SESSION['openid_display'], $_SESSION['openid_canonical'], $_SESSION['openid_sreg']); } - function create_new_user() { - + function createNewUser() + { # FIXME: save invite code before redirect, and check here - if (common_config('site', 'closed') || common_config('site', 'inviteonly')) { - common_user_error(_('Registration not allowed.')); + if (common_config('site', 'closed')) { + $this->clientError(_('Registration not allowed.')); return; } + $invite = null; + + if (common_config('site', 'inviteonly')) { + $code = $_SESSION['invitecode']; + if (empty($code)) { + $this->clientError(_('Registration not allowed.')); + return; + } + + $invite = Invitation::staticGet($code); + + if (empty($invite)) { + $this->clientError(_('Not a valid invitation code.')); + return; + } + } + $nickname = $this->trimmed('newname'); if (!Validate::string($nickname, array('min_length' => 1, 'max_length' => 64, 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.')); + $this->showForm(_('Nickname must have only lowercase letters and numbers and no spaces.')); return; } if (!User::allowed_nickname($nickname)) { - $this->show_form(_('Nickname not allowed.')); + $this->showForm(_('Nickname not allowed.')); return; } if (User::staticGet('nickname', $nickname)) { - $this->show_form(_('Nickname already in use. Try another one.')); + $this->showForm(_('Nickname already in use. Try another one.')); return; } - list($display, $canonical, $sreg) = $this->get_saved_values(); + list($display, $canonical, $sreg) = $this->getSavedValues(); if (!$display || !$canonical) { - common_server_error(_('Stored OpenID not found.')); + $this->serverError(_('Stored OpenID not found.')); return; } @@ -205,11 +244,12 @@ class FinishopenidloginAction extends Action { $other = oid_get_user($canonical); if ($other) { - common_server_error(_('Creating new account for OpenID that already has a user.')); + $this->serverError(_('Creating new account for OpenID that already has a user.')); return; } - if ($sreg['country']) { + $location = ''; + if (!empty($sreg['country'])) { if ($sreg['postcode']) { # XXX: use postcode to get city and region # XXX: also, store postcode somewhere -- it's valuable! @@ -219,21 +259,31 @@ class FinishopenidloginAction extends Action { } } - if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { + if (!empty($sreg['fullname']) && mb_strlen($sreg['fullname']) <= 255) { $fullname = $sreg['fullname']; + } else { + $fullname = ''; } - if ($sreg['email'] && Validate::email($sreg['email'], true)) { + if (!empty($sreg['email']) && Validate::email($sreg['email'], true)) { $email = $sreg['email']; + } else { + $email = ''; } # XXX: add language # XXX: add timezone - $user = User::register(array('nickname' => $nickname, - 'email' => $email, - 'fullname' => $fullname, - 'location' => $location)); + $args = array('nickname' => $nickname, + 'email' => $email, + 'fullname' => $fullname, + 'location' => $location); + + if (!empty($invite)) { + $args['code'] = $invite->code; + } + + $user = User::register($args); $result = oid_link_user($user->id, $canonical, $display); @@ -244,16 +294,17 @@ class FinishopenidloginAction extends Action { common_rememberme($user); } unset($_SESSION['openid_rememberme']); - common_redirect(common_local_url('showstream', array('nickname' => $user->nickname))); + common_redirect(common_local_url('showstream', array('nickname' => $user->nickname)), + 303); } - function connect_user() { - + function connectUser() + { $nickname = $this->trimmed('nickname'); $password = $this->trimmed('password'); if (!common_check_user($nickname, $password)) { - $this->show_form(_('Invalid username or password.')); + $this->showForm(_('Invalid username or password.')); return; } @@ -261,17 +312,17 @@ class FinishopenidloginAction extends Action { $user = User::staticGet('nickname', $nickname); - list($display, $canonical, $sreg) = $this->get_saved_values(); + list($display, $canonical, $sreg) = $this->getSavedValues(); if (!$display || !$canonical) { - common_server_error(_('Stored OpenID not found.')); + $this->serverError(_('Stored OpenID not found.')); return; } $result = oid_link_user($user->id, $canonical, $display); if (!$result) { - common_server_error(_('Error connecting user to OpenID.')); + $this->serverError(_('Error connecting user to OpenID.')); return; } @@ -283,10 +334,11 @@ class FinishopenidloginAction extends Action { common_rememberme($user); } unset($_SESSION['openid_rememberme']); - $this->go_home($user->nickname); + $this->goHome($user->nickname); } - function go_home($nickname) { + function goHome($nickname) + { $url = common_get_returnto(); if ($url) { # We don't have to return to it again @@ -296,34 +348,35 @@ class FinishopenidloginAction extends Action { array('nickname' => $nickname)); } - common_redirect($url); + common_redirect($url, 303); } - function best_new_nickname($display, $sreg) { + function bestNewNickname($display, $sreg) + { # Try the passed-in nickname - if ($sreg['nickname']) { + if (!empty($sreg['nickname'])) { $nickname = $this->nicknamize($sreg['nickname']); - if ($this->is_new_nickname($nickname)) { + if ($this->isNewNickname($nickname)) { return $nickname; } } # Try the full name - if ($sreg['fullname']) { + if (!empty($sreg['fullname'])) { $fullname = $this->nicknamize($sreg['fullname']); - if ($this->is_new_nickname($fullname)) { + if ($this->isNewNickname($fullname)) { return $fullname; } } # Try the URL - $from_url = $this->openid_to_nickname($display); + $from_url = $this->openidToNickname($display); - if ($from_url && $this->is_new_nickname($from_url)) { + if ($from_url && $this->isNewNickname($from_url)) { return $from_url; } @@ -332,13 +385,14 @@ class FinishopenidloginAction extends Action { return null; } - function is_new_nickname($str) { + function isNewNickname($str) + { if (!Validate::string($str, array('min_length' => 1, 'max_length' => 64, 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { return false; } - if (!User::allowed_nickname($str)) { + if (!User::allowed_nickname($str)) { return false; } if (User::staticGet('nickname', $str)) { @@ -347,11 +401,12 @@ class FinishopenidloginAction extends Action { return true; } - function openid_to_nickname($openid) { + function openidToNickname($openid) + { if (Auth_Yadis_identifierScheme($openid) == 'XRI') { - return $this->xri_to_nickname($openid); + return $this->xriToNickname($openid); } else { - return $this->url_to_nickname($openid); + return $this->urlToNickname($openid); } } @@ -360,7 +415,8 @@ class FinishopenidloginAction extends Action { # 2. One element in path, like http://profile.typekey.com/EvanProdromou/ # or http://getopenid.com/evanprodromou - function url_to_nickname($openid) { + function urlToNickname($openid) + { static $bad = array('query', 'user', 'password', 'port', 'fragment'); $parts = parse_url($openid); @@ -406,8 +462,9 @@ class FinishopenidloginAction extends Action { return null; } - function xri_to_nickname($xri) { - $base = $this->xri_base($xri); + function xriToNickname($xri) + { + $base = $this->xriBase($xri); if (!$base) { return null; @@ -419,7 +476,8 @@ class FinishopenidloginAction extends Action { } } - function xri_base($xri) { + function xriBase($xri) + { if (substr($xri, 0, 6) == 'xri://') { return substr($xri, 6); } else { @@ -429,7 +487,8 @@ class FinishopenidloginAction extends Action { # Given a string, try to make it work as a nickname - function nicknamize($str) { + function nicknamize($str) + { $str = preg_replace('/\W/', '', $str); return strtolower($str); }