]> git.mxchange.org Git - friendica.git/commitdiff
projects / friendica.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: abc6199)
smooth a few rough edges of openid
authorFriendika <info@friendika.com>
Thu, 18 Nov 2010 23:06:33 +0000 (15:06 -0800)
committerFriendika <info@friendika.com>
Thu, 18 Nov 2010 23:06:33 +0000 (15:06 -0800)
include/auth.php patch | blob | history
mod/home.php patch | blob | history
view/en/login.tpl patch | blob | history
view/en/settings.tpl patch | blob | history
view/theme/default/style.css patch | blob | history

diff --git a/include/auth.php b/include/auth.php
index c09a89ffb3ff96746bcf807312bf6e24f5d07672..0a6050a17e1cc92774d6d327c0d013a79afed564 100644 (file)
--- a/include/auth.php
+++ b/include/auth.php
@@ -70,26 +70,53 @@ else {
        if((x($_POST,'password')) && strlen($_POST['password']))
                $encrypted = hash('whirlpool',trim($_POST['password']));
        else {
-               if((x($_POST,'login-name')) && strlen($_POST['login-name'])) {
-                       $openid_url = trim($_POST['login-name']);
+               if((x($_POST,'openid_url')) && strlen($_POST['openid_url'])) {
+
+                       $openid_url = trim($_POST['openid_url']);
+
+                       // validate_url alters the calling parameter
+
+                       $temp_string = $openid_url;
+
+                       // if it's an email address or doesn't resolve to a URL, fail.
+
+                       if((strpos($temp_string,'@')) || (! validate_url($temp_string))) {
+                               $a = get_app();
+                               notice( t('Login failed.') . EOL);
+                               goaway($a->get_baseurl());
+                               // NOTREACHED
+                       }
+
+                       // Otherwise it's probably an openid.
+
+                       require_once('library/openid.php');
+                       $openid = new LightOpenID;
+                       $openid->identity = $openid_url;
+                       $_SESSION['openid'] = $openid_url;
+                       $a = get_app();
+                       $openid->returnUrl = $a->get_baseurl() . '/openid'; 
+
                        $r = q("SELECT `uid` FROM `user` WHERE `openid` = '%s' LIMIT 1",
                                dbesc($openid_url)
                        );
-                       if(count($r)) {
-                               require_once('library/openid.php');
-                               $openid = new LightOpenID;
-                               $openid->identity = $openid_url;
-                               $_SESSION['openid'] = $openid_url;
-                               $a = get_app();
-                               $openid->returnUrl = $a->get_baseurl() . '/openid'; 
+                       if(count($r)) { 
+                               // existing account
                                goaway($openid->authUrl());
                                // NOTREACHED   
                        }
                        else {
-                               $a = get_app();
-                               notice( t('Login failed.') . EOL);
-                               goaway($a->get_baseurl());
-                               // NOTREACHED
+                               if($a->config['register_policy'] == REGISTER_CLOSED) {
+                                       $a = get_app();
+                                       notice( t('Login failed.') . EOL);
+                                       goaway($a->get_baseurl());
+                                       // NOTREACHED
+                               }
+                               // new account
+                               $_SESSION['register'] = 1;
+                               $openid->required = array('namePerson/friendly', 'contact/email', 'namePerson');
+                               $openid->optional = array('namePerson/first');
+                               goaway($openid->authUrl());
+                               // NOTREACHED   
                        }
                }
        }
@@ -99,8 +126,8 @@ else {
 
                $r = q("SELECT * FROM `user` 
                        WHERE ( `email` = '%s' OR `nickname` = '%s' ) AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
-                       dbesc(trim($_POST['login-name'])),
-                       dbesc(trim($_POST['login-name'])),
+                       dbesc(trim($_POST['openid_url'])),
+                       dbesc(trim($_POST['openid_url'])),
                        dbesc($encrypted));
                if(($r === false) || (! count($r))) {
                        notice( t('Login failed.') . EOL );
diff --git a/mod/home.php b/mod/home.php
index 13b6d56c4a797f6417a69546ee9b44f0d5614c1c..b8f16158eb01f67c2f2f81069431df073324b681 100644 (file)
--- a/mod/home.php
+++ b/mod/home.php
@@ -20,6 +20,7 @@ function home_content(&$a) {
        $o .= '<h1>Welcome' . ((x($a->config,'sitename')) ? " to {$a->config['sitename']}" : "" ) . '</h1>';
        if(file_exists('home.html'))
                $o .= file_get_contents('home.html');
+
        $o .= login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
        return $o;
 
diff --git a/view/en/login.tpl b/view/en/login.tpl
index 8fe09e7d3789af14bb3a307355485393e093c168..396a00266f6f262158805c0f8d74715169bd6ba9 100644 (file)
--- a/view/en/login.tpl
+++ b/view/en/login.tpl
@@ -2,12 +2,12 @@
 <form action="" method="post" >
 <input type="hidden" name="auth-params" value="login" />
 <div id="login-name-wrapper">
-        <label for="login-name" id="label-login-name">Nickname or Email: </label>
-        <input type="text" maxlength="60" name="login-name" id="login-name" value="" />
+        <label for="login-name" id="label-login-name">Nickname/Email/OpenID: </label>
+        <input type="text" maxlength="60" name="openid_url" class="openid" id="login-name" value="" />
 </div>
 <div id="login-name-end" ></div>
 <div id="login-password-wrapper">
-        <label for="login-password" id="label-login-password">Password: </label>
+        <label for="login-password" id="label-login-password">Password (if not OpenID): </label>
         <input type="password" maxlength="60" name="password" id="login-password" value="" />
 </div>
 <div id="login-password-end"></div>
diff --git a/view/en/settings.tpl b/view/en/settings.tpl
index f1926c004c45c25a12c985123c18d9f14e0abef1..734effc0c27bf9316b631aa3b33e61e5bfc6f6b8 100644 (file)
--- a/view/en/settings.tpl
+++ b/view/en/settings.tpl
@@ -128,8 +128,8 @@ Leave password fields blank unless changing
 <div id="settings-confirm-end" ></div>
 
 <div id="settings-openid-wrapper" >
-<label id="settings-openid-label" for="settings-openid" >(optional) OpenID: </label>
-<input type="text" id="settings-openid" class="openid" name="openid_url" value="$openid" />
+<label id="settings-openid-label" for="settings-openid" >OpenID: </label>
+<input type="text" id="settings-openid" class="openid" name="openid_url" value="$openid" />&nbsp;(Optional) Allow this OpenID to login to this account.
 </div>
 <div id="settings-openid-end" ></div>
 
diff --git a/view/theme/default/style.css b/view/theme/default/style.css
index bd2e4184962a5275239df9e5a7830f0c9ac7c1b0..ee73cd114c863858dd700a02c9e9231a2f944e43 100644 (file)
--- a/view/theme/default/style.css
+++ b/view/theme/default/style.css
@@ -379,19 +379,24 @@ footer {
 
 #label-login-name, #label-login-password, #login-extra-filler {
        float: left;
-       width: 150px;
+       width: 200px;
        margin-bottom: 20px;
 }
 
 
-#login-name, #login-password {
+#login-password {
+       float: left;
+       width: 170px;
+}
+
+#login-name {
        float: left;
        width: 150px;
 }
 
 #register-link, #lost-password-link {
        float: left;
-       font-size: 0.7em;
+       font-size: 80%;
        margin-right: 15px;
 }
 
@@ -400,8 +405,8 @@ footer {
 }
 
 #login-submit-button {
-       margin-top: 10px;
-       margin-left: 150px;
+/*     margin-top: 10px; */
+       margin-left: 200px;
 }
 
 input#dfrn-url {
Unnamed repository; edit this file 'description' to name the repository.