X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=plugins%2FOpenID%2Fopenidserver.php;h=ed9db4fd2865f728b21eaf1b6200195dad7c1e98;hb=0721d8d3e257709d27994eb4ab4bbe60abc93e2e;hp=afbca553f5e42799558ba5635bbf5ef3d6334adb;hpb=2a1468ec8b2918553b490ddaef6bdede3e2d5b1b;p=quix0rs-gnu-social.git diff --git a/plugins/OpenID/openidserver.php b/plugins/OpenID/openidserver.php index afbca553f5..ed9db4fd28 100644 --- a/plugins/OpenID/openidserver.php +++ b/plugins/OpenID/openidserver.php @@ -23,17 +23,16 @@ * @package StatusNet * @author Craig Andrews * @copyright 2008-2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ -if (!defined('STATUSNET') && !defined('LACONICA')) { +if (!defined('STATUSNET')) { exit(1); } -require_once INSTALLDIR.'/lib/action.php'; require_once INSTALLDIR.'/plugins/OpenID/openid.php'; -require_once(INSTALLDIR.'/plugins/OpenID/User_openid_trustroot.php'); /** * Settings for OpenID @@ -43,6 +42,7 @@ require_once(INSTALLDIR.'/plugins/OpenID/User_openid_trustroot.php'); * @category Settings * @package StatusNet * @author Craig Andrews + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -69,9 +69,13 @@ class OpenidserverAction extends Action //cannot prompt the user to login in immediate mode, so answer false $response = $this->generateDenyResponse($request); }else{ - /* Go log in, and then come back. */ + // Go log in, and then come back. + // + // Note: 303 redirect rather than 307 to avoid + // prompting user for form resubmission if we + // were POSTed here. common_set_returnto($_SERVER['REQUEST_URI']); - common_redirect(common_local_url('login')); + common_redirect(common_local_url('login'), 303); return; } }else if(common_profile_url($user->nickname) == $request->identity || $request->idSelect()){ @@ -90,8 +94,13 @@ class OpenidserverAction extends Action $this->oserver->encodeResponse($denyResponse); //sign the response $_SESSION['openid_allow_url'] = $allowResponse->encodeToUrl(); $_SESSION['openid_deny_url'] = $denyResponse->encodeToUrl(); - //ask the user to trust this trust root - common_redirect(common_local_url('openidtrust')); + + // Ask the user to trust this trust root... + // + // Note: 303 redirect rather than 307 to avoid + // prompting user for form resubmission if we + // were POSTed here. + common_redirect(common_local_url('openidtrust'), 303); return; } }else{ @@ -103,6 +112,7 @@ class OpenidserverAction extends Action $response = $this->generateDenyResponse($request); } else { //invalid + // TRANS: OpenID plugin client error given trying to add an unauthorised OpenID to a user (403). $this->clientError(sprintf(_m('You are not authorized to use the identity %s.'),$request->identity),$code=403); } } else { @@ -123,6 +133,7 @@ class OpenidserverAction extends Action } $this->raw($response->body); }else{ + // TRANS: OpenID plugin client error given when not getting a response for a given OpenID provider (500). $this->clientError(_m('Just an OpenID provider. Nothing to see here, move along...'),$code=500); } }