X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fopenid.php;h=7300c686b4b209695cb719cad00847894e536267;hb=6c341962648b73c935c2de26996b07332b776a1f;hp=663bc1cecbae0a44142e9771ee0bb42202b78486;hpb=a0f65ca7a1b1fbc1a2d0f823940211377fc6e13e;p=friendica.git

diff --git a/mod/openid.php b/mod/openid.php
index 663bc1cecb..7300c686b4 100644
--- a/mod/openid.php
+++ b/mod/openid.php
@@ -8,7 +8,6 @@ use Friendica\Core\Authentication;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
 use Friendica\Core\Logger;
-use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Util\Strings;
 
@@ -20,7 +19,7 @@ function openid_content(App $a) {
 
 	Logger::log('mod_openid ' . print_r($_REQUEST,true), Logger::DATA);
 
-	if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
+	if(!empty($_GET['openid_mode']) && !empty($_SESSION['openid'])) {
 
 		$openid = new LightOpenID($a->getHostName());
 
@@ -44,7 +43,7 @@ function openid_content(App $a) {
 				AND `blocked` = 0 AND `account_expired` = 0
 				AND `account_removed` = 0 AND `verified` = 1
 				LIMIT 1",
-				DBA::escape($authid), DBA::escape(normalise_openid($authid))
+				DBA::escape($authid), DBA::escape(Strings::normaliseOpenID($authid))
 			);
 
 			if (DBA::isResult($r)) {
@@ -64,7 +63,7 @@ function openid_content(App $a) {
 			// Successful OpenID login - but we can't match it to an existing account.
 			// New registration?
 
-			if (intval(Config::get('config', 'register_policy')) === REGISTER_CLOSED) {
+			if (intval(Config::get('config', 'register_policy')) === \Friendica\Module\Register::CLOSED) {
 				notice(L10n::t('Account not found and OpenID registration is not permitted on this site.') . EOL);
 				$a->internalRedirect();
 			}
@@ -75,16 +74,16 @@ function openid_content(App $a) {
 			if (is_array($attr) && count($attr)) {
 				foreach ($attr as $k => $v) {
 					if ($k === 'namePerson/friendly') {
-						$nick = Strings::removeTags(trim($v));
+						$nick = Strings::escapeTags(trim($v));
 					}
 					if($k === 'namePerson/first') {
-						$first = Strings::removeTags(trim($v));
+						$first = Strings::escapeTags(trim($v));
 					}
 					if($k === 'namePerson') {
-						$args .= '&username=' . urlencode(Strings::removeTags(trim($v)));
+						$args .= '&username=' . urlencode(Strings::escapeTags(trim($v)));
 					}
 					if ($k === 'contact/email') {
-						$args .= '&email=' . urlencode(Strings::removeTags(trim($v)));
+						$args .= '&email=' . urlencode(Strings::escapeTags(trim($v)));
 					}
 					if ($k === 'media/image/aspect11') {
 						$photosq = bin2hex(trim($v));
@@ -94,21 +93,21 @@ function openid_content(App $a) {
 					}
 				}
 			}
-			if ($nick) {
+			if (!empty($nick)) {
 				$args .= '&nickname=' . urlencode($nick);
 			}
-			elseif ($first) {
+			elseif (!empty($first)) {
 				$args .= '&nickname=' . urlencode($first);
 			}
 
-			if ($photosq) {
+			if (!empty($photosq)) {
 				$args .= '&photo=' . urlencode($photosq);
 			}
-			elseif ($photo) {
+			elseif (!empty($photo)) {
 				$args .= '&photo=' . urlencode($photo);
 			}
 
-			$args .= '&openid_url=' . urlencode(Strings::removeTags(trim($authid)));
+			$args .= '&openid_url=' . urlencode(Strings::escapeTags(trim($authid)));
 
 			$a->internalRedirect('register?' . $args);