X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModule%2FLogin.php;h=92b0daed13d2c40abc77f1bccd6227f76728d0ac;hb=2ef81108b37a85642e1f3380044a03cb1cd8719a;hp=3f9d6998c782fcdaa3aac6e87661bff9159dc653;hpb=ecea7425f8ad11ace4af39d476919e3203bff44f;p=friendica.git

diff --git a/src/Module/Login.php b/src/Module/Login.php
index 3f9d6998c7..92b0daed13 100644
--- a/src/Module/Login.php
+++ b/src/Module/Login.php
@@ -7,8 +7,10 @@ namespace Friendica\Module;
 use Exception;
 use Friendica\BaseModule;
 use Friendica\Core\Addon;
+use Friendica\Core\Authentication;
 use Friendica\Core\Config;
 use Friendica\Core\L10n;
+use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Model\User;
 use Friendica\Util\DateTimeFormat;
@@ -16,13 +18,12 @@ use Friendica\Util\Network;
 use LightOpenID;
 
 require_once 'boot.php';
-require_once 'include/security.php';
 require_once 'include/text.php';
 
 /**
  * Login module
  *
- * @author Hypolite Petovan mrpetovan@gmail.com
+ * @author Hypolite Petovan <hypolite@mrpetovan.com>
  */
 class Login extends BaseModule
 {
@@ -39,15 +40,18 @@ class Login extends BaseModule
 		}
 
 		if (local_user()) {
-			goaway(self::getApp()->get_baseurl());
+			$a->redirect();
 		}
 
-		return self::form(self::getApp()->get_baseurl(), intval(Config::get('config', 'register_policy')) !== REGISTER_CLOSED);
+		return self::form($_SESSION['return_url'], intval(Config::get('config', 'register_policy')) !== REGISTER_CLOSED);
 	}
 
 	public static function post()
 	{
+		$return_url = $_SESSION['return_url'];
 		session_unset();
+		$_SESSION['return_url'] = $return_url;
+		
 		// OpenId Login
 		if (
 			empty($_POST['password'])
@@ -80,22 +84,24 @@ class Login extends BaseModule
 	{
 		$noid = Config::get('system', 'no_openid');
 
+		$a = self::getApp();
+
 		// if it's an email address or doesn't resolve to a URL, fail.
 		if ($noid || strpos($openid_url, '@') || !Network::isUrlValid($openid_url)) {
 			notice(L10n::t('Login failed.') . EOL);
-			goaway(self::getApp()->get_baseurl());
+			$a->redirect();
 			// NOTREACHED
 		}
 
 		// Otherwise it's probably an openid.
 		try {
 			$a = get_app();
-			$openid = new LightOpenID($a->get_hostname());
+			$openid = new LightOpenID($a->getHostName());
 			$openid->identity = $openid_url;
 			$_SESSION['openid'] = $openid_url;
 			$_SESSION['remember'] = $remember;
-			$openid->returnUrl = self::getApp()->get_baseurl(true) . '/openid';
-			goaway($openid->authUrl());
+			$openid->returnUrl = self::getApp()->getBaseURL(true) . '/openid';
+			$a->redirect($openid->authUrl());
 		} catch (Exception $e) {
 			notice(L10n::t('We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.') . '<br /><br >' . L10n::t('The error message was:') . ' ' . $e->getMessage());
 		}
@@ -119,6 +125,8 @@ class Login extends BaseModule
 			'user_record' => null
 		];
 
+		$a = self::getApp();
+
 		/*
 		 * An addon indicates successful login by setting 'authenticated' to non-zero value and returning a user record
 		 * Addons should never set 'authenticated' except to indicate success - as hooks may be chained
@@ -140,18 +148,18 @@ class Login extends BaseModule
 			}
 		} catch (Exception $e) {
 			logger('authenticate: failed login attempt: ' . notags($username) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
-			notice($e->getMessage() . EOL);
-			goaway(self::getApp()->get_baseurl() . '/login');
+			info('Login failed. Please check your credentials.' . EOL);
+			$a->redirect();
 		}
 
 		if (!$remember) {
-			new_cookie(0); // 0 means delete on browser exit
+			Authentication::setCookie(0); // 0 means delete on browser exit
 		}
 
 		// if we haven't failed up this point, log them in.
 		$_SESSION['remember'] = $remember;
 		$_SESSION['last_login_date'] = DateTimeFormat::utcNow();
-		authenticate_success($record, true, true);
+		Authentication::setAuthenticatedSessionForUser($record, true, true);
 
 		if (x($_SESSION, 'return_url')) {
 			$return_url = $_SESSION['return_url'];
@@ -160,7 +168,7 @@ class Login extends BaseModule
 			$return_url = '';
 		}
 
-		goaway($return_url);
+		$a->redirect($return_url);
 	}
 
 	/**
@@ -170,6 +178,8 @@ class Login extends BaseModule
 	 */
 	public static function sessionAuth()
 	{
+		$a = self::getApp();
+
 		// When the "Friendica" cookie is set, take the value to authenticate and renew the cookie.
 		if (isset($_COOKIE["Friendica"])) {
 			$data = json_decode($_COOKIE["Friendica"]);
@@ -185,21 +195,21 @@ class Login extends BaseModule
 					]
 				);
 				if (DBA::isResult($user)) {
-					if ($data->hash != cookie_hash($user)) {
+					if ($data->hash != Authentication::getCookieHashForUser($user)) {
 						logger("Hash for user " . $data->uid . " doesn't fit.");
-						nuke_session();
-						goaway(self::getApp()->get_baseurl());
+						Authentication::deleteSession();
+						$a->redirect();
 					}
 
 					// Renew the cookie
 					// Expires after 7 days by default,
 					// can be set via system.auth_cookie_lifetime
 					$authcookiedays = Config::get('system', 'auth_cookie_lifetime', 7);
-					new_cookie($authcookiedays * 24 * 60 * 60, $user);
+					Authentication::setCookie($authcookiedays * 24 * 60 * 60, $user);
 
 					// Do the authentification if not done by now
 					if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
-						authenticate_success($user);
+						Authentication::setAuthenticatedSessionForUser($user);
 
 						if (Config::get('system', 'paranoia')) {
 							$_SESSION['addr'] = $data->ip;
@@ -211,11 +221,9 @@ class Login extends BaseModule
 
 		if (isset($_SESSION) && x($_SESSION, 'authenticated')) {
 			if (x($_SESSION, 'visitor_id') && !x($_SESSION, 'uid')) {
-				$r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
-					intval($_SESSION['visitor_id'])
-				);
-				if (DBA::isResult($r)) {
-					self::getApp()->contact = $r[0];
+				$contact = DBA::selectFirst('contact', [], ['id' => $_SESSION['visitor_id']]);
+				if (DBA::isResult($contact)) {
+					self::getApp()->contact = $contact;
 				}
 			}
 
@@ -226,8 +234,8 @@ class Login extends BaseModule
 				if ($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {
 					logger('Session address changed. Paranoid setting in effect, blocking session. ' .
 						$_SESSION['addr'] . ' != ' . $_SERVER['REMOTE_ADDR']);
-					nuke_session();
-					goaway(self::getApp()->get_baseurl());
+					Authentication::deleteSession();
+					$a->redirect();
 				}
 
 				$user = DBA::selectFirst('user', [],
@@ -240,8 +248,8 @@ class Login extends BaseModule
 					]
 				);
 				if (!DBA::isResult($user)) {
-					nuke_session();
-					goaway(self::getApp()->get_baseurl());
+					Authentication::deleteSession();
+					$a->redirect();
 				}
 
 				// Make sure to refresh the last login time for the user if the user
@@ -254,7 +262,7 @@ class Login extends BaseModule
 					$_SESSION['last_login_date'] = DateTimeFormat::utcNow();
 					$login_refresh = true;
 				}
-				authenticate_success($user, false, false, $login_refresh);
+				Authentication::setAuthenticatedSessionForUser($user, false, false, $login_refresh);
 			}
 		}
 	}
@@ -296,7 +304,7 @@ class Login extends BaseModule
 			$a->page['htmlhead'] .= replace_macros(
 				get_markup_template('login_head.tpl'),
 				[
-					'$baseurl' => $a->get_baseurl(true)
+					'$baseurl' => $a->getBaseURL(true)
 				]
 			);
 
@@ -307,7 +315,7 @@ class Login extends BaseModule
 		$o .= replace_macros(
 			$tpl,
 			[
-				'$dest_url'     => self::getApp()->get_baseurl(true) . '/login',
+				'$dest_url'     => self::getApp()->getBaseURL(true) . '/login',
 				'$logout'       => L10n::t('Logout'),
 				'$login'        => L10n::t('Login'),