X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Ffinishopenidlogin.php;h=f09027e9e0a64f14086407b6e1d60ae38eb64b25;hb=f2e3021b59f3661b3c900b06600a580b8970df2f;hp=825f1d959dc27700170bddb6fbde33ec437f7ddb;hpb=3bd2513c0b3925a652c11ee3ca4bc40af4c2aded;p=quix0rs-gnu-social.git diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php index 825f1d959d..f09027e9e0 100644 --- a/actions/finishopenidlogin.php +++ b/actions/finishopenidlogin.php @@ -26,15 +26,25 @@ class FinishopenidloginAction extends Action { function handle($args) { parent::handle($args); if (common_logged_in()) { - common_user_error(_t('Already logged in.')); + common_user_error(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->show_form(_('There was a problem with your session token. Try again, please.')); + return; + } if ($this->arg('create')) { + if (!$this->boolean('license')) { + $this->show_form(_('You can\'t register if you don\'t agree to the license.'), + $this->trimmed('newname')); + return; + } $this->create_new_user(); } else if ($this->arg('connect')) { $this->connect_user(); } else { common_debug(print_r($this->args, true), __FILE__); - $this->show_form(_t('Something weird happened.'), + $this->show_form(_('Something weird happened.'), $this->trimmed('newname')); } } else { @@ -42,54 +52,65 @@ class FinishopenidloginAction extends Action { } } - function show_form($error=NULL, $username=NULL) { - common_show_header(_t('OpenID Account Setup')); + function show_top($error=NULL) { if ($error) { common_element('div', array('class' => 'error'), $error); } else { global $config; common_element('div', 'instructions', - _t('This is the first time you\'ve logged into ') . - $config['site']['name'] . - _t(' so we must connect your OpenID to a local account. ' . - ' You can either create a new account, or connect with ' . - ' your existing account, if you have one.')); + sprintf(_('This is the first time you\'ve logged into %s so we must connect your OpenID to a local account. You can either create a new account, or connect with your existing account, if you have one.'), $config['site']['name'])); } - common_element_start('form', array('method' => 'POST', + } + + function show_form($error=NULL, $username=NULL) { + common_show_header(_('OpenID Account Setup'), NULL, $error, + array($this, 'show_top')); + + common_element_start('form', array('method' => 'post', 'id' => 'account_connect', 'action' => common_local_url('finishopenidlogin'))); + common_hidden('token', common_session_token()); common_element('h2', NULL, - 'Create new account'); + _('Create new account')); common_element('p', NULL, - _t('Create a new user with this nickname.')); - common_input('newname', _t('New nickname'), + _('Create a new user with this nickname.')); + common_input('newname', _('New nickname'), ($username) ? $username : '', - _t('1-64 lowercase letters or numbers, no punctuation or spaces')); - common_submit('create', _t('Create')); + _('1-64 lowercase letters or numbers, no punctuation or spaces')); + common_element_start('p'); + common_element('input', array('type' => 'checkbox', + 'id' => 'license', + 'name' => 'license', + 'value' => 'true')); + common_text(_('My text and files are available under ')); + common_element('a', array(href => common_config('license', 'url')), + common_config('license', 'title')); + common_text(_(' except this private data: password, email address, IM address, phone number.')); + common_element_end('p'); + common_submit('create', _('Create')); common_element('h2', NULL, - 'Connect existing account'); + _('Connect existing account')); common_element('p', NULL, - _t('If you already have an account, login with your username and password '. - 'to connect it to your OpenID.')); - common_input('nickname', _t('Existing nickname')); - common_password('password', _t('Password')); - common_submit('connect', _t('Connect')); + _('If you already have an account, login with your username and password to connect it to your OpenID.')); + common_input('nickname', _('Existing nickname')); + common_password('password', _('Password')); + common_submit('connect', _('Connect')); common_element_end('form'); common_show_footer(); } function try_login() { - + $consumer = oid_consumer(); $response = $consumer->complete(common_local_url('finishopenidlogin')); if ($response->status == Auth_OpenID_CANCEL) { - $this->message(_t('OpenID authentication cancelled.')); + $this->message(_('OpenID authentication cancelled.')); return; } else if ($response->status == Auth_OpenID_FAILURE) { // Authentication failed; display the error message. - $this->message(_t('OpenID authentication failed: ') . $response->message); + $this->message(sprintf(_('OpenID authentication failed: %s'), $response->message)); } else if ($response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded; extract the // identity URL and Simple Registration data (if it was @@ -104,11 +125,15 @@ class FinishopenidloginAction extends Action { $sreg = $sreg_resp->contents(); } - $user = $this->get_user($canonical); - + $user = oid_get_user($canonical); + if ($user) { - $this->update_user($user, $sreg); + oid_set_last($display); + # XXX: commented out at @edd's request until better + # control over how data flows from OpenID provider. + # oid_update_user($user, $sreg); common_set_user($user->nickname); + common_real_login(true); $this->go_home($user->nickname); } else { $this->save_values($display, $canonical, $sreg); @@ -118,65 +143,16 @@ class FinishopenidloginAction extends Action { } function message($msg) { - common_show_header(_t('OpenID Login')); + common_show_header(_('OpenID Login')); common_element('p', NULL, $msg); common_show_footer(); } - - function get_user($canonical) { - $user = NULL; - $oid = User_openid::staticGet('canonical', $canonical); - if ($oid) { - $user = User::staticGet('id', $oid->user_id); - } - return $user; - } - - function update_user($user, $sreg) { - - $profile = $user->getProfile(); - - $orig_profile = clone($profile); - - if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { - $profile->fullname = $sreg['fullname']; - } - - if ($sreg['country']) { - if ($sreg['postcode']) { - # XXX: use postcode to get city and region - # XXX: also, store postcode somewhere -- it's valuable! - $profile->location = $sreg['postcode'] . ', ' . $sreg['country']; - } else { - $profile->location = $sreg['country']; - } - } - # XXX save language if it's passed - # XXX save timezone if it's passed - - if (!$profile->update($orig_profile)) { - common_server_error(_t('Error saving the profile.')); - return; - } - - $orig_user = clone($user); - - if ($sreg['email'] && Validate::email($sreg['email'], true)) { - $user->email = $sreg['email']; - } - - if (!$user->update($orig_user)) { - common_server_error(_t('Error saving the user.')); - return; - } - } - function save_values($display, $canonical, $sreg) { common_ensure_session(); $_SESSION['openid_display'] = $display; - $_SESSION['openid_canonical'] = $canonical; - $_SESSION['openid_sreg'] = $sreg; + $_SESSION['openid_canonical'] = $canonical; + $_SESSION['openid_sreg'] = $sreg; } function get_saved_values() { @@ -184,141 +160,113 @@ class FinishopenidloginAction extends Action { $_SESSION['openid_canonical'], $_SESSION['openid_sreg']); } - + function create_new_user() { - + $nickname = $this->trimmed('newname'); - + if (!Validate::string($nickname, array('min_length' => 1, 'max_length' => 64, 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->show_form(_t('Nickname must have only letters and numbers and no spaces.')); + $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.')); return; } - + + if (!User::allowed_nickname($nickname)) { + $this->show_form(_('Nickname not allowed.')); + return; + } + if (User::staticGet('nickname', $nickname)) { - $this->show_form(_t('Nickname already in use. Try another one.')); + $this->show_form(_('Nickname already in use. Try another one.')); return; } - + list($display, $canonical, $sreg) = $this->get_saved_values(); - + if (!$display || !$canonical) { - common_server_error(_t('Stored OpenID not found.')); + common_server_error(_('Stored OpenID not found.')); return; } - + # Possible race condition... let's be paranoid - - $other = $this->get_user($canonical); - + + $other = oid_get_user($canonical); + if ($other) { - common_server_error(_t('Creating new account for OpenID that already has a user.')); + common_server_error(_('Creating new account for OpenID that already has a user.')); return; } - - $profile = new Profile(); - - $profile->nickname = $nickname; - - if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { - $profile->fullname = $sreg['fullname']; - } - + if ($sreg['country']) { if ($sreg['postcode']) { # XXX: use postcode to get city and region # XXX: also, store postcode somewhere -- it's valuable! - $profile->location = $sreg['postcode'] . ', ' . $sreg['country']; + $location = $sreg['postcode'] . ', ' . $sreg['country']; } else { - $profile->location = $sreg['country']; + $location = $sreg['country']; } } - - # XXX save language if it's passed - # XXX save timezone if it's passed - $profile->created = DB_DataObject_Cast::dateTime(); # current time - - $id = $profile->insert(); - if (!$id) { - common_server_error(_t('Error saving the profile.')); - return; + if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { + $fullname = $sreg['fullname']; } - $user = new User(); - $user->id = $id; - $user->nickname = $nickname; - $user->uri = common_mint_tag('user:'.$id); - if ($sreg['email'] && Validate::email($sreg['email'], true)) { - $user->email = $sreg['email']; - } - - $user->created = DB_DataObject_Cast::dateTime(); # current time - - $result = $user->insert(); - - if (!$result) { - # Try to clean up... - $profile->delete(); + $email = $sreg['email']; } - $oid = new User_openid(); - $oid->display = $display; - $oid->canonical = $canonical; - $oid->user_id = $id; - $oid->created = DB_DataObject_Cast::dateTime(); + # XXX: add language + # XXX: add timezone - $result = $oid->insert(); + $user = User::register(array('nickname' => $nickname, + 'email' => $email, + 'fullname' => $fullname, + 'location' => $location)); - if (!$result) { - # Try to clean up... - $user->delete(); - $profile->delete(); - } + $result = oid_link_user($user->id, $canonical, $display); + oid_set_last($display); common_set_user($user->nickname); - common_redirect(common_local_url('showstream', array('nickname' => $user->nickname)); + common_real_login(true); + common_redirect(common_local_url('showstream', array('nickname' => $user->nickname))); } - + function connect_user() { - + $nickname = $this->trimmed('nickname'); $password = $this->trimmed('password'); if (!common_check_user($nickname, $password)) { - $this->show_form(_t('Invalid username or password.')); + $this->show_form(_('Invalid username or password.')); return; } # They're legit! - + $user = User::staticGet('nickname', $nickname); list($display, $canonical, $sreg) = $this->get_saved_values(); if (!$display || !$canonical) { - common_server_error(_t('Stored OpenID not found.')); + common_server_error(_('Stored OpenID not found.')); return; } - - $oid = new User_openid(); - $oid->display = $display; - $oid->canonical = $canonical; - $oid->user_id = $user->id; - $oid->created = DB_DataObject_Cast::dateTime(); - - if (!$oid->insert()) { - common_server_error(_t('Error connecting OpenID.')); + + $result = oid_link_user($user->id, $canonical, $display); + + if (!$result) { + common_server_error(_('Error connecting user to OpenID.')); return; } - - $this->update_user($user, $sreg); + + oid_update_user($user, $sreg); + oid_set_last($display); common_set_user($user->nickname); + common_real_login(true); $this->go_home($user->nickname); } - + function go_home($nickname) { $url = common_get_returnto(); if ($url) { @@ -331,9 +279,9 @@ class FinishopenidloginAction extends Action { } common_redirect($url); } - + function best_new_nickname($display, $sreg) { - + # Try the passed-in nickname @@ -352,11 +300,11 @@ class FinishopenidloginAction extends Action { return $fullname; } } - + # Try the URL - + $from_url = $this->openid_to_nickname($display); - + if ($from_url && $this->is_new_nickname($from_url)) { return $from_url; } @@ -372,12 +320,15 @@ class FinishopenidloginAction extends Action { 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { return false; } + if (!User::allowed_nickname($str)) { + return false; + } if (User::staticGet('nickname', $str)) { return false; } return true; } - + function openid_to_nickname($openid) { if (Auth_Yadis_identifierScheme($openid) == 'XRI') { return $this->xri_to_nickname($openid); @@ -449,7 +400,7 @@ class FinishopenidloginAction extends Action { return $this->nicknamize(array_pop($parts)); } } - + function xri_base($xri) { if (substr($xri, 0, 6) == 'xri://') { return substr($xri, 6); @@ -459,7 +410,7 @@ class FinishopenidloginAction extends Action { } # Given a string, try to make it work as a nickname - + function nicknamize($str) { $str = preg_replace('/\W/', '', $str); return strtolower($str);