--- /dev/null
+<?php
+/*
+ * Laconica - a distributed open-source microblogging tool
+ * Copyright (C) 2008, Controlez-Vous, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+if (!defined('LACONICA')) { exit(1); }
+
+class OpenidloginAction extends Action {
+
+ function handle($args) {
+ parent::handle($args);
+ if (common_logged_in()) {
+ common_user_error(_t('Already logged in.'));
+ } else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+ $this->start_openid_login();
+ } else {
+ $this->show_form();
+ }
+ }
+
+ function show_form($error=NULL) {
+ common_show_header(_t('OpenID Login'));
+ if ($error) {
+ common_element('div', array('class' => 'error'), $error);
+ } else {
+ common_element('div', 'instructions',
+ _t('Login with an OpenID account.'));
+ }
+ common_element_start('form', array('method' => 'POST',
+ 'id' => 'openidlogin',
+ 'action' => common_local_url('openidlogin')));
+ common_input('openid_url', _t('OpenID URL'));
+ common_submit('submit', _t('Login'));
+ common_element_end('form');
+ common_show_footer();
+ }
+
+ function check_login() {
+ # XXX: form token in $_SESSION to prevent XSS
+ # XXX: login throttle
+ $openid_url = $this->trimmed('openid_url');
+ }
+}
--- /dev/null
+Roadmap
+-------
+
+This is a roadmap of tasks for different versions of the
+[Laconica](http://laconi.ca/) software. It's meant to help answer the
+question, "Is Laconica ever going to have such-and-such a feature?" or
+"When will Laconica do such-and-such?"
+
+Release 0.1
+-----------
+
+This was an internal milestone release, mostly for developing the core
+functionality.
+
++ login
++ register
++ settings
++ upload avatar
++ change password
++ settings menu
++ disallow login if user is logged in
++ disallow register if user is logged in
++ common_current_user()
++ common_logged_in()
++ session variable for login
++ post notice
++ logout
++ subscribe
++ unsubscribe
++ subscribe links on profile
++ header menu
++ footer menu
++ disallow direct to PHP files
++ common_local_url()
++ configuration for DB_DataObject
++ date formatting
++ new notice redirects to notice page
++ date in shown notice links to notice page
++ common_redirect()
++ configuration system ($config)
+
+Release 0.2
+-----------
+
+Another internal milestone. Bumped up from cruddy caveman HTML to a
+borrowed design from [OSWD](http://www.oswd.org/), added a lot of RSS
+generation, and more careful form validation.
+
++ design from Open Source Web Designs
++ add H1 to each page
++ add H2 for each page section
++ default to public stream
++ default avatar
++ default HTML type
++ set Content-Type
++ show current values in profile settings
++ save profile URL in profilesettings
++ save profile URL on registration
++ require valid nicknames
++ reject empty notices
++ validate registration form results
++ validate profilesettings form results
++ validate newnotice form results
++ remove validation code from classes
++ use only canonical usernames
++ fix layout of textarea
++ make notices into "big links"
++ RSS 1.0 feeds of a user's notices
++ RSS 1.0 feeds of a user's notices + friends
++ RSS 1.0 dump of a user's notices
++ RSS 1.0 feed of all public notices
++ deal with PHP quotes escaping
++ source link in footer menu
++ public stream link in top menu
++ dump, fix, undump database
+
+Release 0.3
+-----------
+
+First public release (theoretically). Added distributed subscriptions,
+"fancy" URLs, and a new graphic design for stoi.ca.
+
++ YADIS document link on showstream
++ YADIS document
++ subscribe remote
++ add subscriber remote
++ server side of user authorization
++ server side of request token
++ server side of access token
++ OAuth store
++ log of consumers who ask for access
++ receive remote notice
++ send remote notice
++ receive remote profile update
++ send remote profile update
++ subscribe form for not-logged-in users on showstream
++ pretty URLs
++ doc action
++ about doc
++ help doc
++ privacy doc
++ source doc
++ roadmap doc
++ add a way to stick variables into documents
++ FOAF document for user
++ license in RSS feeds
++ TOS checkbox on register
++ registration instructions
++ login instructions
++ profile settings instructions
++ avatar instructions
++ password change instructions
++ fix spacing on notices
++ fix spacing in profile
++ add a next page link to showstream
++ add a next page link to public
++ add a next page link to all
++ @ messages
++ Automatically linkify URLs in notices
++ themes
++ theme per site
++ only local notices in public stream
++ only local notices in public RSS
++ graphic refresh on all
++ graphic refresh on avatar
++ graphic refresh on doc
++ graphic refresh on login
++ graphic refresh on newnotice
++ graphic refresh on password
++ graphic refresh on profilesettings
++ graphic refresh on public
++ graphic refresh on register
++ graphic refresh on remotesubscribe
++ graphic refresh on shownotice
++ graphic refresh on showstream
++ graphic refresh on subscribed
++ graphic refresh on subscriptions
++ graphic refresh on userauthorization
++ correct use of views menu in settings
++ correct use of views menu in streams
++ content negotiation for content type
+
+Release 0.4
+-----------
+
+- contact doc
+- FAQ doc
+- update default theme to use new, more semantic, HTML
+- INSTALL file
+- limit entry in textarea to 140 chars
++ AGPL notification
+- Check licenses of all libraries for compatibility
+- jQuery for as much as possible
+- forward notices to Jabber
+- receive notices from Jabber
+- forward notices to other IM
+- forward notices to mobile phone
+- receive notices from other IM
+- receive notices from mobile phone
+- microid for profile page
+- format times per user
+- timezone preferences in Profile settings
++ email notification on subscriptions
+- content negotiation for interface language
+- user preference for interface language
+- gettext
+- tinyurl-ification of URLs
+- set Last-Modified
+- XML sitemap generation
+- email confirmation for registration
+- email options
+- change cookie handling for anon users to be more cache-friendly
+- content negotiation for encoding
+- If-Modified-Since support
+- Vary
++ site logo
+- check license compatibility for remote subscribe
+- optional FOAF URL in openmicroblogging exchange
+- subscribe/unsubscribe on subscriptions page
+- subscribe/unsubscribe on subscribed page
+
+Release 0.5
+-----------
+
+- content negotiation for charset (iconv?)
+- license per notice
+- use only canonical email addresses
+- allow mixed-case usernames
+- allow non-latin usernames
+- store canonical username for comparison and fetch
+- theme per profile
+- email newsletter
+- RDF dump of entire site
+- delete a notice
+- plugins and hooks and other extensibility
+- RDFa for stream pages
+- RDFa for subscriber pages
+- RDFa for subscribed pages
+- # tags
+- L: location
+- hreviews
+- stay logged in between sessions
+- use RSS as a subscription
+- license per attachment
+
+Release 0.6
+-----------
+
+- URL notices
+- image notices
+- video notices
+- audio notices
+- machine tags
+
+Release 1.0
+-----------
+
+- OAuth for third-party tools (desktop, other sites)
+- Twitter-compatible API
+- Pownce-compatible API
+- include twitter subscriptions (push and pull)
+- include Pownce subscriptions (push and pull)
+- privacy
+- Wrap DB_DataObject with memcached caching layer
+- login throttle to prevent brute-force attacks
+- form token in login to prevent XSS
+
+Post-1.0
+--------
+
+- Atom Publishing Protocol
+- "Universal" public feed
+- global registry (LDAP at openmicroblogging.net, maybe?)
\ No newline at end of file