X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=lib%2Fopenid.php;h=11934138fd463d49735897cff3c3ac31c8c6318a;hb=721d6f94c72816e802b813c132d39fc7ef08c680;hp=111cc4a0cb4f235f16c0ff6acff392613b9b2eef;hpb=0ba99486039b10686a520e22ef50385625e5b9ae;p=quix0rs-gnu-social.git diff --git a/lib/openid.php b/lib/openid.php index 111cc4a0cb..11934138fd 100644 --- a/lib/openid.php +++ b/lib/openid.php @@ -30,7 +30,7 @@ require_once('Auth/OpenID/MySQLStore.php'); define('OPENID_COOKIE_EXPIRY', round(365.25 * 24 * 60 * 60)); define('OPENID_COOKIE_KEY', 'lastusedopenid'); - + function oid_store() { static $store = NULL; if (!$store) { @@ -49,25 +49,26 @@ function oid_consumer() { } function oid_clear_last() { - if (oid_get_last()) { - oid_set_last(''); - } + oid_set_last(''); } function oid_set_last($openid_url) { - global $config; - setcookie(OPENID_COOKIE_KEY, $openid_url, - time() + OPENID_COOKIE_EXPIRY, - '/' . $config['site']['path'] . '/', - $config['site']['server']); + common_set_cookie(OPENID_COOKIE_KEY, + $openid_url, + time() + OPENID_COOKIE_EXPIRY); } function oid_get_last() { - return $_COOKIE[OPENID_COOKIE_KEY]; + $openid_url = $_COOKIE[OPENID_COOKIE_KEY]; + if ($openid_url && strlen($openid_url) > 0) { + return $openid_url; + } else { + return NULL; + } } function oid_link_user($id, $canonical, $display) { - + $oid = new User_openid(); $oid->user_id = $id; $oid->canonical = $canonical; @@ -79,7 +80,7 @@ function oid_link_user($id, $canonical, $display) { common_debug('DB error ' . $err->code . ': ' . $err->message, __FILE__); return false; } - + return true; } @@ -94,10 +95,19 @@ function oid_get_user($openid_url) { function oid_check_immediate($openid_url, $backto=NULL) { if (!$backto) { - $backto = $_SERVER['PHP_SELF']; + $action = $_REQUEST['action']; + $args = common_copy_args($_GET); + unset($args['action']); + $backto = common_local_url($action, $args); } + common_debug('going back to "' . $backto . '"', __FILE__); + common_ensure_session(); + $_SESSION['openid_immediate_backto'] = $backto; + common_debug('passed-in variable is "' . $backto . '"', __FILE__); + common_debug('session variable is "' . $_SESSION['openid_immediate_backto'] . '"', __FILE__); + oid_authenticate($openid_url, 'finishimmediate', true); @@ -106,23 +116,23 @@ function oid_check_immediate($openid_url, $backto=NULL) { function oid_authenticate($openid_url, $returnto, $immediate=false) { $consumer = oid_consumer(); - + if (!$consumer) { common_server_error(_t('Cannot instantiate OpenID consumer object.')); return false; } - + common_ensure_session(); - + $auth_request = $consumer->begin($openid_url); - + // Handle failure status return values. if (!$auth_request) { return _t('Not a valid OpenID.'); } else if (Auth_OpenID::isFailure($auth_request)) { return _t('OpenID failure: ') . $auth_request->message; } - + $sreg_request = Auth_OpenID_SRegRequest::build(// Required array(), // Optional @@ -133,14 +143,14 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) { 'timezone', 'postcode', 'country')); - + if ($sreg_request) { $auth_request->addExtension($sreg_request); } - + $trust_root = common_local_url('public'); $process_url = common_local_url($returnto); - + if ($auth_request->shouldSendRedirect()) { $redirect_url = $auth_request->redirectURL($trust_root, $process_url, @@ -156,22 +166,18 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) { $form_id = 'openid_message'; $form_html = $auth_request->formMarkup($trust_root, $process_url, $immediate, array('id' => $form_id)); - + # XXX: This is cheap, but things choke if we don't escape ampersands # in the HTML attributes - + $form_html = preg_replace('/&/', '&', $form_html); - + // Display an error if the form markup couldn't be generated; // otherwise, render the HTML. if (Auth_OpenID::isFailure($form_html)) { $this->show_form(_t('Could not create OpenID form: ') . $form_html->message); } else { - common_show_header(_t('OpenID Auto-Submit')); - common_element('p', 'instructions', - _t('This form should automatically submit itself. '. - 'If not, click the submit button to go to your '. - 'OpenID provider.')); + common_show_header(_t('OpenID Auto-Submit'), NULL, NULL, '_oid_print_instructions'); common_raw($form_html); common_element('script', NULL, '$(document).ready(function() { ' . @@ -182,18 +188,27 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) { } } +# Half-assed attempt at a module-private function + +function _oid_print_instructions() { + common_element('p', 'instructions', + _t('This form should automatically submit itself. '. + 'If not, click the submit button to go to your '. + 'OpenID provider.')); +} + # update a user from sreg parameters function oid_update_user(&$user, &$sreg) { - + $profile = $user->getProfile(); - + $orig_profile = clone($profile); - + if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { $profile->fullname = $sreg['fullname']; } - + if ($sreg['country']) { if ($sreg['postcode']) { # XXX: use postcode to get city and region @@ -203,23 +218,25 @@ function oid_update_user(&$user, &$sreg) { $profile->location = $sreg['country']; } } - + # XXX save language if it's passed # XXX save timezone if it's passed - + if (!$profile->update($orig_profile)) { common_server_error(_t('Error saving the profile.')); - return; + return false; } - + $orig_user = clone($user); - + if ($sreg['email'] && Validate::email($sreg['email'], true)) { $user->email = $sreg['email']; } - + if (!$user->update($orig_user)) { common_server_error(_t('Error saving the user.')); - return; + return false; } + + return true; }