X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fremotesubscribe.php;h=374392d4a31df096599dc11cc2e59f002566aeaa;hb=03022c6e601f223c92216af9748c764786cf46c2;hp=14e8cb0683f1bcc20fc2ad6e04fe1ecf35aa0352;hpb=edbc0c665cc65875b4d14b79939233b1c9c06bb6;p=quix0rs-gnu-social.git diff --git a/actions/remotesubscribe.php b/actions/remotesubscribe.php index 14e8cb0683..374392d4a3 100644 --- a/actions/remotesubscribe.php +++ b/actions/remotesubscribe.php @@ -1,7 +1,7 @@ . */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/omb.php'); -class RemotesubscribeAction extends Action { +class RemotesubscribeAction extends Action +{ + var $nickname; + var $profile_url; + var $err; - function handle($args) { - - parent::handle($args); + function prepare($args) + { + parent::prepare($args); if (common_logged_in()) { - common_user_error(_('You can use the local subscription!')); - return; + $this->clientError(_('You can use the local subscription!')); + return false; } - if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $this->nickname = $this->trimmed('nickname'); + $this->profile_url = $this->trimmed('profile_url'); + + return true; + } + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] == 'POST') { # CSRF protection $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); return; } - - $this->remote_subscription(); + $this->remoteSubscription(); } else { - $this->show_form(); + $this->showForm(); } } - function get_instructions() { - return _('To subscribe, you can [login](%%action.login%%),' . - ' or [register](%%action.register%%) a new ' . - ' account. If you already have an account ' . - ' on a [compatible microblogging site](%%doc.openmublog%%), ' . - ' enter your profile URL below.'); + function showForm($err=null) + { + $this->err = $err; + $this->showPage(); } - function show_top($err=NULL) { - if ($err) { - common_element('div', 'error', $err); + function showPageNotice() + { + if ($this->err) { + $this->element('div', 'error', $this->err); } else { - $instructions = $this->get_instructions(); - $output = common_markup_to_html($instructions); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('p'); + $inst = sprintf(_('To subscribe, you can [login](%%%%action.%s%%%%),' . + ' or [register](%%%%action.%s%%%%) a new ' . + ' account. If you already have an account ' . + ' on a [compatible microblogging site](%%doc.openmublog%%), ' . + ' enter your profile URL below.'), + (!common_config('site','openidonly')) ? 'login' : 'openidlogin', + (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); + $output = common_markup_to_html($inst); + $this->elementStart('div', 'instructions'); + $this->raw($output); + $this->elementEnd('div'); } } - function show_form($err=NULL) { - $nickname = $this->trimmed('nickname'); - $profile = $this->trimmed('profile_url'); - common_show_header(_('Remote subscribe'), NULL, $err, - array($this, 'show_top')); + function title() + { + return _('Remote subscribe'); + } + + function showContent() + { # id = remotesubscribe conflicts with the # button on profile page - common_element_start('form', array('id' => 'remsub', 'method' => 'post', - 'action' => common_local_url('remotesubscribe'))); - common_hidden('token', common_session_token()); - common_input('nickname', _('User nickname'), $nickname, + $this->elementStart('form', array('id' => 'form_remote_subscribe', + 'method' => 'post', + 'class' => 'form_settings', + 'action' => common_local_url('remotesubscribe'))); + $this->elementStart('fieldset'); + $this->element('legend', _('Subscribe to a remote user')); + $this->hidden('token', common_session_token()); + + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->input('nickname', _('User nickname'), $this->nickname, _('Nickname of the user you want to follow')); - common_input('profile_url', _('Profile URL'), $profile, + $this->elementEnd('li'); + $this->elementStart('li'); + $this->input('profile_url', _('Profile URL'), $this->profile_url, _('URL of your profile on another compatible microblogging service')); - common_submit('submit', _('Subscribe')); - common_element_end('form'); - common_show_footer(); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('submit', _('Subscribe')); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); } - function remote_subscription() { - $user = $this->get_user(); + function remoteSubscription() + { + $user = $this->getUser(); if (!$user) { - $this->show_form(_('No such user.')); + $this->showForm(_('No such user.')); return; } - $profile = $this->trimmed('profile_url'); + $this->profile_url = $this->trimmed('profile_url'); - if (!$profile) { - $this->show_form(_('No such user.')); + if (!$this->profile_url) { + $this->showForm(_('No such user.')); return; } - if (!Validate::uri($profile, array('allowed_schemes' => array('http', 'https')))) { - $this->show_form(_('Invalid profile URL (bad format)')); + if (!Validate::uri($this->profile_url, array('allowed_schemes' => array('http', 'https')))) { + $this->showForm(_('Invalid profile URL (bad format)')); return; } $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - $yadis = Auth_Yadis_Yadis::discover($profile, $fetcher); + $yadis = Auth_Yadis_Yadis::discover($this->profile_url, $fetcher); if (!$yadis || $yadis->failed) { - $this->show_form(_('Not a valid profile URL (no YADIS document).')); + $this->showForm(_('Not a valid profile URL (no YADIS document).')); return; } @@ -119,50 +151,50 @@ class RemotesubscribeAction extends Action { $xrds =& Auth_Yadis_XRDS::parseXRDS(trim($yadis->response_text)); if (!$xrds) { - $this->show_form(_('Not a valid profile URL (no XRDS defined).')); + $this->showForm(_('Not a valid profile URL (no XRDS defined).')); return; } $omb = $this->getOmb($xrds); if (!$omb) { - $this->show_form(_('Not a valid profile URL (incorrect services).')); + $this->showForm(_('Not a valid profile URL (incorrect services).')); return; } if (omb_service_uri($omb[OAUTH_ENDPOINT_REQUEST]) == common_local_url('requesttoken')) { - $this->show_form(_('That\'s a local profile! Login to subscribe.')); + $this->showForm(_('That\'s a local profile! Login to subscribe.')); return; } if (User::staticGet('uri', omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]))) { - $this->show_form(_('That\'s a local profile! Login to subscribe.')); + $this->showForm(_('That\'s a local profile! Login to subscribe.')); return; } - list($token, $secret) = $this->request_token($omb); + list($token, $secret) = $this->requestToken($omb); if (!$token || !$secret) { - $this->show_form(_('Couldn\'t get a request token.')); + $this->showForm(_('Couldn\'t get a request token.')); return; } - $this->request_authorization($user, $omb, $token, $secret); + $this->requestAuthorization($user, $omb, $token, $secret); } - function get_user() { - $user = NULL; - $nickname = $this->trimmed('nickname'); - if ($nickname) { - $user = User::staticGet('nickname', $nickname); + function getUser() + { + $user = null; + if ($this->nickname) { + $user = User::staticGet('nickname', $this->nickname); } return $user; } - function getOmb($xrds) { - + function getOmb($xrds) + { static $omb_endpoints = array(OMB_ENDPOINT_UPDATEPROFILE, OMB_ENDPOINT_POSTNOTICE); static $oauth_endpoints = array(OAUTH_ENDPOINT_REQUEST, OAUTH_ENDPOINT_AUTHORIZE, OAUTH_ENDPOINT_ACCESS); @@ -173,7 +205,7 @@ class RemotesubscribeAction extends Action { $oauth_services = omb_get_services($xrds, OAUTH_DISCOVERY); if (!$oauth_services) { - return NULL; + return null; } $oauth_service = $oauth_services[0]; @@ -181,17 +213,17 @@ class RemotesubscribeAction extends Action { $oauth_xrd = $this->getXRD($oauth_service, $xrds); if (!$oauth_xrd) { - return NULL; + return null; } if (!$this->addServices($oauth_xrd, $oauth_endpoints, $omb)) { - return NULL; + return null; } $omb_services = omb_get_services($xrds, OMB_NAMESPACE); if (!$omb_services) { - return NULL; + return null; } $omb_service = $omb_services[0]; @@ -199,33 +231,34 @@ class RemotesubscribeAction extends Action { $omb_xrd = $this->getXRD($omb_service, $xrds); if (!$omb_xrd) { - return NULL; + return null; } if (!$this->addServices($omb_xrd, $omb_endpoints, $omb)) { - return NULL; + return null; } # XXX: check that we got all the services we needed foreach (array_merge($omb_endpoints, $oauth_endpoints) as $type) { if (!array_key_exists($type, $omb) || !$omb[$type]) { - return NULL; + return null; } } if (!omb_local_id($omb[OAUTH_ENDPOINT_REQUEST])) { - return NULL; + return null; } return $omb; } - function getXRD($main_service, $main_xrds) { + function getXRD($main_service, $main_xrds) + { $uri = omb_service_uri($main_service); if (strpos($uri, "#") !== 0) { # FIXME: more rigorous handling of external service definitions - return NULL; + return null; } $id = substr($uri, 1); $nodes = $main_xrds->allXrdNodes; @@ -239,10 +272,11 @@ class RemotesubscribeAction extends Action { return new Auth_Yadis_XRDS($parser, $bogus_nodes); } } - return NULL; + return null; } - function addServices($xrd, $types, &$omb) { + function addServices($xrd, $types, &$omb) + { foreach ($types as $type) { $matches = omb_get_services($xrd, $type); if ($matches) { @@ -255,7 +289,8 @@ class RemotesubscribeAction extends Action { return true; } - function request_token($omb) { + function requestToken($omb) + { $con = omb_oauth_consumer(); $url = omb_service_uri($omb[OAUTH_ENDPOINT_REQUEST]); @@ -267,12 +302,12 @@ class RemotesubscribeAction extends Action { $params = array(); parse_str($parsed['query'], $params); - $req = OAuthRequest::from_consumer_and_token($con, NULL, "POST", $url, $params); + $req = OAuthRequest::from_consumer_and_token($con, null, "POST", $url, $params); $listener = omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]); if (!$listener) { - return NULL; + return null; } $req->set_parameter('omb_listener', $listener); @@ -280,7 +315,7 @@ class RemotesubscribeAction extends Action { # XXX: test to see if endpoint accepts this signature method - $req->sign_request(omb_hmac_sha1(), $con, NULL); + $req->sign_request(omb_hmac_sha1(), $con, null); # We re-use this tool's fetcher, since it's pretty good @@ -288,10 +323,9 @@ class RemotesubscribeAction extends Action { $result = $fetcher->post($req->get_normalized_http_url(), $req->to_postdata(), - array('User-Agent' => 'Laconica/' . LACONICA_VERSION)); - + array('User-Agent: StatusNet/' . STATUSNET_VERSION)); if ($result->status != 200) { - return NULL; + return null; } parse_str($result->body, $return); @@ -299,9 +333,8 @@ class RemotesubscribeAction extends Action { return array($return['oauth_token'], $return['oauth_token_secret']); } - function request_authorization($user, $omb, $token, $secret) { - global $config; # for license URL - + function requestAuthorization($user, $omb, $token, $secret) + { $con = omb_oauth_consumer(); $tok = new OAuthToken($token, $secret); @@ -325,25 +358,25 @@ class RemotesubscribeAction extends Action { $req->set_parameter('omb_listenee', $user->uri); $req->set_parameter('omb_listenee_profile', common_profile_url($user->nickname)); $req->set_parameter('omb_listenee_nickname', $user->nickname); - $req->set_parameter('omb_listenee_license', $config['license']['url']); + $req->set_parameter('omb_listenee_license', common_config('license', 'url')); $profile = $user->getProfile(); if (!$profile) { common_log_db_error($user, 'SELECT', __FILE__); - $this->server_error(_('User without matching profile')); + $this->serverError(_('User without matching profile')); return; } - if ($profile->fullname) { + if (!is_null($profile->fullname)) { $req->set_parameter('omb_listenee_fullname', $profile->fullname); } - if ($profile->homepage) { + if (!is_null($profile->homepage)) { $req->set_parameter('omb_listenee_homepage', $profile->homepage); } - if ($profile->bio) { + if (!is_null($profile->bio)) { $req->set_parameter('omb_listenee_bio', $profile->bio); } - if ($profile->location) { + if (!is_null($profile->location)) { $req->set_parameter('omb_listenee_location', $profile->location); } $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); @@ -376,11 +409,7 @@ class RemotesubscribeAction extends Action { # Redirect to authorization service - common_redirect($req->to_url()); + common_redirect($req->to_url(), 303); return; } - - function make_nonce() { - return common_good_rand(16); - } }