try {
common_debug('getting request from env variables', __FILE__);
$req = OAuthRequest::from_request();
- common_debug('getting a server', __FILE__);
+ common_debug('getting a server', __FILE__);
$server = omb_oauth_server();
- common_debug('fetching the access token', __FILE__);
+ common_debug('fetching the access token', __FILE__);
$token = $server->fetch_access_token($req);
common_debug('got this token: "'.print_r($token,TRUE).'"', __FILE__);
- common_debug('printing the access token', __FILE__);
+ common_debug('printing the access token', __FILE__);
print $token;
} catch (OAuthException $e) {
common_server_error($e->getMessage());
function handle($args) {
parent::handle($args);
-
+
$consumer = oid_consumer();
$response = $consumer->complete(common_local_url('finishimmediate'));
$response->endpoint->canonicalID : $response->getDisplayIdentifier();
$user = oid_get_user($canonical);
-
+
if ($user) {
oid_update_user($user, $sreg);
oid_set_last($display); # refresh for another year
}
# Failure! Clear openid so we don't try it again
-
+
oid_clear_last();
$this->go_backto();
return;
}
-
+
function go_backto() {
common_ensure_session();
$backto = $_SESSION['openid_immediate_backto'];
$this->show_form();
}
}
-
+
function check_login() {
# XXX: form token in $_SESSION to prevent XSS
# XXX: login throttle
if (common_check_user($nickname, $password)) {
# success!
if (!common_set_user($nickname)) {
- common_server_error(_t('Error setting user.'));
+ common_server_error(_('Error setting user.'));
return;
}
common_real_login(true);
}
common_redirect($url);
} else {
- $this->show_form(_t('Incorrect username or password.'));
+ $this->show_form(_('Incorrect username or password.'));
+ return;
+ }
+
+ # success!
+ if (!common_set_user($user)) {
+ common_server_error(_t('Error setting user.'));
+ return;
}
-
+
common_real_login(true);
-
+
if ($this->boolean('rememberme')) {
common_debug('Adding rememberme cookie for ' . $nickname);
common_rememberme($user);
}
function get_instructions() {
- return _t('Login with your username and password. ' .
+ return _('Login with your username and password. ' .
'Don\'t have a username yet? ' .
'[Register](%%action.register%%) a new account, or ' .
'try [OpenID](%%action.openidlogin%%). ');
function show_form($msg=NULL) {
$content = $this->trimmed('status_textarea');
- common_show_header(_t('New notice'), NULL, $content,
+ if (!$content) {
+ $replyto = $this->trimmed('replyto');
+ $profile = Profile::staticGet('nickname', $replyto);
+ if ($profile) {
+ $content = '@' . $profile->nickname . ' ';
+ }
+ }
+ common_show_header(_('New notice'), NULL, $content,
array($this, 'show_top'));
if ($msg) {
common_element('p', 'error', $msg);
class PublicxrdsAction extends Action {
function handle($args) {
-
+
parent::handle($args);
-
+
header('Content-Type: application/xrds+xml');
common_start_xml();
common_element_start('XRDS', array('xmlns' => 'xri://$xrds'));
-
+
common_element_start('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
'version' => '2.0'));
$this->show_service(Auth_OpenID_RP_RETURN_TO_URL_TYPE,
common_local_url($finish));
}
-
+
common_element_end('XRD');
-
+
common_element_end('XRDS');
common_end_xml();
}
-
+
function show_service($type, $uri, $params=NULL, $sigs=NULL, $localId=NULL) {
common_element_start('Service');
if ($uri) {
if (!$user) {
$this->show_form(_t('Invalid username or password.'));
return;
- }
+ }
# success!
if (!common_set_user($user)) {
common_server_error(_('Error setting user.'));
}
common_redirect(common_local_url('profilesettings'));
} else {
- $this->show_form(_t('Invalid username or password.'));
+ $this->show_form(_('Invalid username or password.'));
}
}
$profile = $this->trimmed('profile_url');
common_show_header(_('Remote subscribe'), NULL, $err,
array($this, 'show_top'));
- # id = remotesubscribe conflicts with the
+ # id = remotesubscribe conflicts with the
# button on profile page
common_element_start('form', array('id' => 'remsub', 'method' => 'post',
'action' => common_local_url('remotesubscribe')));
'href' => $noticeurl,
'title' => common_exact_date($notice->created)),
common_date_string($notice->created));
- if ($notice->reply_to) {
- $replyurl = common_local_url('shownotice', array('notice' => $notice->reply_to));
- common_text(' (');
- common_element('a', array('class' => 'inreplyto',
- 'href' => $replyurl),
- _t('in reply to...'));
- common_text(')');
- }
common_element_start('a',
array('href' => common_local_url('newnotice',
array('replyto' => $profile->nickname)),
*/
require_once 'DB/DataObject.php';
-class Avatar extends DB_DataObject
+class Avatar extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $__table = 'avatar'; // table name
public $profile_id; // int(4) primary_key not_null
- public $original; // tinyint(1)
+ public $original; // tinyint(1)
public $width; // int(4) primary_key not_null
public $height; // int(4) primary_key not_null
public $mediatype; // varchar(32) not_null
- public $filename; // varchar(255)
+ public $filename; // varchar(255)
public $url; // varchar(255) unique_key
public $created; // datetime() not_null
public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
###END_AUTOCODE
# We clean up the file, too
-
+
function delete() {
$filename = $this->filename;
if (parent::delete()) {
}
# Create and save scaled version of this avatar
- # XXX: maybe break into different methods
-
+ # XXX: maybe break into different methods
+
function scale($size) {
$image_s = imagecreatetruecolor($size, $size);
*/
require_once 'DB/DataObject.php';
-class Confirm_address extends DB_DataObject
+class Confirm_address extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $address; // varchar(255) not_null
public $address_extra; // varchar(255) not_null
public $address_type; // varchar(8) not_null
- public $claimed; // datetime()
- public $sent; // datetime()
+ public $claimed; // datetime()
+ public $sent; // datetime()
public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
/* Static get */
/* the code above is auto generated do not remove the tag below */
###END_AUTOCODE
-
+
function sequenceKey() { return array(false, false); }
}
*/
require_once 'DB/DataObject.php';
-class Consumer extends DB_DataObject
+class Consumer extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
*/
require_once 'DB/DataObject.php';
-class Nonce extends DB_DataObject
+class Nonce extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
*/
require_once 'DB/DataObject.php';
-class Notice extends DB_DataObject
+class Notice extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $profile_id; // int(4) not_null
public $uri; // varchar(255) unique_key
public $content; // varchar(140)
- public $rendered; // text()
public $url; // varchar(255)
public $created; // datetime() not_null
public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
*/
require_once 'DB/DataObject.php';
-class Profile extends DB_DataObject
+class Profile extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $__table = 'profile'; // table name
public $id; // int(4) primary_key not_null
- public $nickname; // varchar(64) multiple_key not_null
- public $fullname; // varchar(255) multiple_key
+ public $nickname; // varchar(64) not_null
+ public $fullname; // varchar(255)
public $profileurl; // varchar(255)
- public $homepage; // varchar(255) multiple_key
- public $bio; // varchar(140) multiple_key
- public $location; // varchar(255) multiple_key
+ public $homepage; // varchar(255)
+ public $bio; // varchar(140)
+ public $location; // varchar(255)
public $created; // datetime() not_null
public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
}
return true;
}
-
+
function getBestName() {
return ($this->fullname) ? $this->fullname : $this->nickname;
}
*/
require_once 'DB/DataObject.php';
-class Queue_item extends DB_DataObject
+class Queue_item extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $__table = 'queue_item'; // table name
public $notice_id; // int(4) primary_key not_null
public $created; // datetime() not_null
- public $claimed; // datetime()
+ public $claimed; // datetime()
/* Static get */
function staticGet($k,$v=NULL) { return DB_DataObject::staticGet('Queue_item',$k,$v); }
/* the code above is auto generated do not remove the tag below */
###END_AUTOCODE
-
+
function sequenceKey() { return array(false, false); }
}
*/
require_once 'DB/DataObject.php';
-class Remember_me extends DB_DataObject
+class Remember_me extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
/* the code above is auto generated do not remove the tag below */
###END_AUTOCODE
-
+
function sequenceKey() { return array(false, false); }
}
*/
require_once 'DB/DataObject.php';
-class Remote_profile extends DB_DataObject
+class Remote_profile extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $__table = 'remote_profile'; // table name
public $id; // int(4) primary_key not_null
public $uri; // varchar(255) unique_key
- public $postnoticeurl; // varchar(255)
- public $updateprofileurl; // varchar(255)
+ public $postnoticeurl; // varchar(255)
+ public $updateprofileurl; // varchar(255)
public $created; // datetime() not_null
public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
*/
require_once 'DB/DataObject.php';
-class Reply extends DB_DataObject
+class Reply extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $__table = 'reply'; // table name
public $notice_id; // int(4) primary_key not_null
public $profile_id; // int(4) primary_key not_null
+ public $replied_id; // int(4)
public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
public $replied_id; // int(4)
*/
require_once 'DB/DataObject.php';
-class Sms_carrier extends DB_DataObject
+class Sms_carrier extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
*/
require_once 'DB/DataObject.php';
-class Subscription extends DB_DataObject
+class Subscription extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $__table = 'subscription'; // table name
public $subscriber; // int(4) primary_key not_null
public $subscribed; // int(4) primary_key not_null
- public $token; // varchar(255)
- public $secret; // varchar(255)
+ public $token; // varchar(255)
+ public $secret; // varchar(255)
public $created; // datetime() not_null
public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
*/
require_once 'DB/DataObject.php';
-class Token extends DB_DataObject
+class Token extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $tok; // char(32) primary_key not_null
public $secret; // char(32) not_null
public $type; // tinyint(1) not_null
- public $state; // tinyint(1)
+ public $state; // tinyint(1)
public $created; // datetime() not_null
public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
require_once 'DB/DataObject.php';
require_once 'Validate.php';
-class User extends DB_DataObject
+class User extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
public $__table = 'user'; // table name
public $id; // int(4) primary_key not_null
public $nickname; // varchar(64) unique_key
- public $password; // varchar(255)
+ public $password; // varchar(255)
public $email; // varchar(255) unique_key
public $jabber; // varchar(255) unique_key
- public $jabbernotify; // tinyint(1)
- public $updatefrompresence; // tinyint(1)
+ public $jabbernotify; // tinyint(1)
+ public $updatefrompresence; // tinyint(1)
public $sms; // varchar(64) unique_key
- public $carrier; // int(4)
- public $smsnotify; // tinyint(1)
+ public $carrier; // int(4)
+ public $smsnotify; // tinyint(1)
public $uri; // varchar(255) unique_key
public $created; // datetime() not_null
public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP
}
# 'update' won't write key columns, so we have to do it ourselves.
-
+
function updateKeys(&$orig) {
$parts = array();
foreach (array('nickname', 'email', 'jabber', 'sms', 'carrier') as $k) {
return true;
}
$toupdate = implode(', ', $parts);
- $qry = 'UPDATE ' . $this->tableName() . ' SET ' . $toupdate .
+ $qry = 'UPDATE ' . $this->tableName() . ' SET ' . $toupdate .
' WHERE id = ' . $this->id;
return $this->query($qry);
}
-
+
function allowed_nickname($nickname) {
# XXX: should already be validated for size, content, etc.
static $blacklist = array('rss', 'xrds', 'doc', 'main',
*/
require_once 'DB/DataObject.php';
-class User_openid extends DB_DataObject
+class User_openid extends DB_DataObject
{
###START_AUTOCODE
/* the code below is auto generated do not remove the above tag */
claimed datetime comment 'date this item was claimed',
index queue_item_created_idx (created)
-
+
) ENGINE=MyISAM;
# Abort if called from a web server
if (isset($_SERVER) && array_key_exists('REQUEST_METHOD', $_SERVER)) {
- print "This script must be run from the command line\n";
- exit();
+ print "This script must be run from the command line\n";
+ exit();
}
define('INSTALLDIR', dirname(__FILE__));
$cnt = $notice->find();
while ($notice->fetch()) {
- common_log(LOG_INFO, 'Getting replies for notice #' . $notice->id);
- common_save_replies($notice);
+ common_log(LOG_INFO, 'Getting replies for notice #' . $notice->id);
+ common_save_replies($notice);
}
$arg = $this->arg($key, $def);
return (is_string($arg)) ? trim($arg) : $arg;
}
-
+
function handle($argarray) {
$this->args =& common_copy_args($argarray);
}
-
+
function boolean($key, $def=false) {
$arg = strtolower($this->trimmed($key));
-
+
if (is_null($arg)) {
return $def;
} else if (in_array($arg, array('true', 'yes', '1'))) {
return $def;
}
}
-
+
function server_error($msg, $code=500) {
$action = $this->trimmed('action');
common_debug("Server error '$code' on '$action': $msg", __FILE__);
common_server_error($msg, $code);
}
-
+
function client_error($msg, $code=400) {
$action = $this->trimmed('action');
common_debug("User error '$code' on '$action': $msg", __FILE__);
common_user_error($msg, $code);
}
-
+
function self_url() {
$action = $this->trimmed('action');
$args = $this->args;
while ($sub->fetch()) {
$user = User::staticGet($sub->subscriber);
if ($user && $user->jabber && $user->jabbernotify) {
- common_log(LOG_INFO,
+ common_log(LOG_INFO,
'Sending notice ' . $notice->id . ' to ' . $user->jabber,
__FILE__);
$success = jabber_send_message($user->jabber, $msg);
class LaconicaOAuthDataStore extends OAuthDataStore {
# We keep a record of who's contacted us
-
+
function lookup_consumer($consumer_key) {
$con = Consumer::staticGet('consumer_key', $consumer_key);
if (!$con) {
}
return new OAuthConsumer($con->consumer_key, '');
}
-
+
function lookup_token($consumer, $token_type, $token_key) {
$t = new Token();
$t->consumer_key = $consumer->key;
return NULL;
}
}
-
+
function lookup_nonce($consumer, $token, $nonce, $timestamp) {
$n = new Nonce();
$n->consumer_key = $consumer->key;
return FALSE;
}
}
-
+
function new_request_token($consumer) {
$t = new Token();
$t->consumer_key = $consumer->key;
}
# defined in OAuthDataStore, but not implemented anywhere
-
+
function fetch_request_token($consumer) {
return $this->new_request_token($consumer);
}
-
+
function new_access_token($token, $consumer) {
common_debug('new_access_token("'.$token->key.'","'.$consumer->key.'")', __FILE__);
$rt = new Token();
$rt->state = 2; # used
if (!$rt->update($orig_rt)) {
return NULL;
- }
+ }
common_debug('request token "'.$rt->tok.'" updated', __FILE__);
# Update subscription
# XXX: mixing levels here
} else {
common_debug('subscription updated to use access token', __FILE__);
return new OAuthToken($at->tok, $at->secret);
- }
+ }
}
} else {
return NULL;
}
}
-
+
# defined in OAuthDataStore, but not implemented anywhere
-
+
function fetch_access_token($consumer) {
return $this->new_access_token($consumer);
}
array('notice' =>
$notice->id)));
$req->set_parameter('omb_notice_license', $config['license']['url']);
-
+
$req->sign_request(omb_hmac_sha1(), $con, $token);
# We re-use this tool's fetcher, since it's pretty good
$req->to_postdata());
common_debug('Got HTTP result "'.print_r($result,TRUE).'"', __FILE__);
-
+
if ($result->status == 403) { # not authorized, don't send again
common_debug('403 result, deleting subscription', __FILE__);
$subscription->delete();
return false;
} else if ($result->status != 200) {
- common_debug('Error status '.$result->status, __FILE__);
+ common_debug('Error status '.$result->status, __FILE__);
return false;
} else { # success!
parse_str($result->body, $return);
$req->set_parameter('omb_listenee', $user->uri);
$req->set_parameter('omb_listenee_profile', common_profile_url($profile->nickname));
$req->set_parameter('omb_listenee_nickname', $profile->nickname);
-
+
# We use blanks to force emptying any existing values in these optional fields
-
+
$req->set_parameter('omb_listenee_fullname',
($profile->fullname) ? $profile->fullname : '');
- $req->set_parameter('omb_listenee_homepage',
+ $req->set_parameter('omb_listenee_homepage',
($profile->homepage) ? $profile->homepage : '');
- $req->set_parameter('omb_listenee_bio',
+ $req->set_parameter('omb_listenee_bio',
($profile->bio) ? $profile->bio : '');
$req->set_parameter('omb_listenee_location',
($profile->location) ? $profile->location : '');
-
+
$avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE);
- $req->set_parameter('omb_listenee_avatar',
+ $req->set_parameter('omb_listenee_avatar',
($avatar) ? $avatar->url : '');
-
+
$req->sign_request(omb_hmac_sha1(), $con, $token);
# We re-use this tool's fetcher, since it's pretty good
$req->to_postdata());
common_debug('Got HTTP result "'.print_r($result,TRUE).'"', __FILE__);
-
+
if ($result->status == 403) { # not authorized, don't send again
common_debug('403 result, deleting subscription', __FILE__);
$subscription->delete();
return false;
} else if ($result->status != 200) {
- common_debug('Error status '.$result->status, __FILE__);
+ common_debug('Error status '.$result->status, __FILE__);
return false;
} else { # success!
parse_str($result->body, $return);
_t(' in reply to...'));
common_text(')');
}
- common_element_start('a',
+ common_element_start('a',
array('href' => common_local_url('newnotice',
array('replyto' => $profile->nickname)),
'onclick' => 'doreply("'.$profile->nickname.'"); return false',
function common_element_end($tag) {
static $empty_tag = array('base', 'meta', 'link', 'hr',
'br', 'param', 'img', 'area',
- 'input', 'col');
+ 'input', 'col');
global $xw;
# XXX: check namespace
if (in_array($tag, $empty_tag)) {
} else if (!($user instanceof User)) {
return false;
}
-
+
if ($user) {
common_ensure_session();
$_SESSION['userid'] = $user->id;