From: Hypolite Petovan Date: Sun, 17 Dec 2017 16:40:59 +0000 (-0500) Subject: Move login() to Login module X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=2dc598ed5b20f656a78f8ee365427c0f37ef78bb;p=friendica.git Move login() to Login module - Move nuke_session to include/security - Remove mod/login --- diff --git a/boot.php b/boot.php index 199ca05551..d786295587 100644 --- a/boot.php +++ b/boot.php @@ -29,6 +29,7 @@ use Friendica\Core\Worker; use Friendica\Database\DBM; use Friendica\Model\Contact; use Friendica\Database\DBStructure; +use Friendica\Module\Login; require_once 'include/network.php'; require_once 'include/plugin.php'; @@ -835,83 +836,6 @@ function get_guid($size = 16, $prefix = "") } } -/** - * @brief Wrapper for adding a login box. - * - * @param bool $register If $register == true provide a registration link. - * This will most always depend on the value of $a->config['register_policy']. - * @param bool $hiddens optional - * - * @return string Returns the complete html for inserting into the page - * - * @hooks 'login_hook' - * string $o - */ -function login($register = false, $hiddens = false) -{ - $a = get_app(); - $o = ""; - $reg = false; - if ($register) { - $reg = array( - 'title' => t('Create a New Account'), - 'desc' => t('Register') - ); - } - - $noid = Config::get('system', 'no_openid'); - - $dest_url = $a->query_string; - - if (local_user()) { - $tpl = get_markup_template("logout.tpl"); - } else { - $a->page['htmlhead'] .= replace_macros( - get_markup_template("login_head.tpl"), - array( - '$baseurl' => $a->get_baseurl(true) - ) - ); - - $tpl = get_markup_template("login.tpl"); - $_SESSION['return_url'] = $a->query_string; - $a->module = 'login'; - } - - $o .= replace_macros( - $tpl, - array( - '$dest_url' => $dest_url, - '$logout' => t('Logout'), - '$login' => t('Login'), - - '$lname' => array('username', t('Nickname or Email: ') , '', ''), - '$lpassword' => array('password', t('Password: '), '', ''), - '$lremember' => array('remember', t('Remember me'), 0, ''), - - '$openid' => !$noid, - '$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''), - - '$hiddens' => $hiddens, - - '$register' => $reg, - - '$lostpass' => t('Forgot your password?'), - '$lostlink' => t('Password Reset'), - - '$tostitle' => t('Website Terms of Service'), - '$toslink' => t('terms of service'), - - '$privacytitle' => t('Website Privacy Policy'), - '$privacylink' => t('privacy policy'), - ) - ); - - call_hooks('login_hook', $o); - - return $o; -} - /** * @brief Used to end the current process, after saving session state. */ diff --git a/include/auth.php b/include/auth.php index a02c18d1db..7f1b1016e1 100644 --- a/include/auth.php +++ b/include/auth.php @@ -198,12 +198,3 @@ if (isset($_SESSION) && x($_SESSION, 'authenticated') && (!x($_POST, 'auth-param } } -/** - * @brief Kills the "Friendica" cookie and all session data - */ -function nuke_session() -{ - new_cookie(-3600); // make sure cookie is deleted on browser close, as a security measure - session_unset(); - session_destroy(); -} diff --git a/include/security.php b/include/security.php index 1a5629f935..c443586c25 100644 --- a/include/security.php +++ b/include/security.php @@ -425,3 +425,13 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f killme(); } } + +/** + * @brief Kills the "Friendica" cookie and all session data + */ +function nuke_session() +{ + new_cookie(-3600); // make sure cookie is deleted on browser close, as a security measure + session_unset(); + session_destroy(); +} diff --git a/mod/admin.php b/mod/admin.php index 9408aa31c6..142c2e0625 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -13,6 +13,7 @@ use Friendica\Database\DBM; use Friendica\Database\DBStructure; use Friendica\Model\Contact; use Friendica\Model\User; +use Friendica\Module\Login; require_once 'include/enotify.php'; require_once 'include/text.php'; @@ -153,7 +154,7 @@ function admin_post(App $a) function admin_content(App $a) { if (!is_site_admin()) { - return login(false); + return Login::form(); } if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) { diff --git a/mod/api.php b/mod/api.php index fdd9790c09..69d7311a0b 100644 --- a/mod/api.php +++ b/mod/api.php @@ -3,6 +3,7 @@ use Friendica\App; use Friendica\Core\Config; use Friendica\Database\DBM; +use Friendica\Module\Login; require_once('include/api.php'); @@ -87,8 +88,8 @@ function api_content(App $a) if (!local_user()) { /// @TODO We need login form to redirect to this page - notice( t('Please login to continue.') . EOL ); - return login(false,$request->get_parameters()); + notice(t('Please login to continue.') . EOL); + return Login::form($a->query_string, false, $request->get_parameters()); } //FKOAuth1::loginUser(4); diff --git a/mod/bookmarklet.php b/mod/bookmarklet.php index e781536075..4696ed6580 100644 --- a/mod/bookmarklet.php +++ b/mod/bookmarklet.php @@ -2,6 +2,7 @@ use Friendica\App; use Friendica\Core\System; +use Friendica\Module\Login; require_once('include/conversation.php'); require_once('include/items.php'); @@ -14,8 +15,8 @@ function bookmarklet_init(App $a) function bookmarklet_content(App $a) { if (!local_user()) { - $o .= login(($a->config['register_policy'] == REGISTER_CLOSED) ? false : true); $o = '

' . t('Login') . '

'; + $o .= Login::form($a->query_string, $a->config['register_policy'] == REGISTER_CLOSED ? false : true); return $o; } diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index 6a4b6c4043..0bbc794bd5 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -19,6 +19,7 @@ use Friendica\Database\DBM; use Friendica\Model\Contact; use Friendica\Model\Group; use Friendica\Model\User; +use Friendica\Module\Login; use Friendica\Network\Probe; require_once 'include/enotify.php'; @@ -481,15 +482,14 @@ function dfrn_request_content(App $a) if (!local_user()) { info(t("Please login to confirm introduction.") . EOL); /* setup the return URL to come back to this page if they use openid */ - $_SESSION['return_url'] = $a->query_string; - return login(); + return Login::form(); } // Edge case, but can easily happen in the wild. This person is authenticated, // but not as the person who needs to deal with this request. if ($a->user['nickname'] != $a->argv[1]) { - return login(); notice(t("Incorrect identity currently logged in. Please login to this profile.") . EOL); + return Login::form(); } $dfrn_url = notags(trim(hex2bin($_GET['dfrn_url']))); diff --git a/mod/home.php b/mod/home.php index 985c408b5c..5f8d6a64ff 100644 --- a/mod/home.php +++ b/mod/home.php @@ -3,6 +3,7 @@ use Friendica\App; use Friendica\Core\Config; use Friendica\Core\System; +use Friendica\Module\Login; if(! function_exists('home_init')) { function home_init(App $a) { @@ -43,8 +44,8 @@ function home_content(App $a) { $o .= '

'.((x($a->config,'sitename')) ? sprintf(t("Welcome to %s"), $a->config['sitename']) : "").'

'; } + $o .= Login::form($a->query_string, $a->config['register_policy'] == REGISTER_CLOSED ? 0 : 1); - $o .= login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1); call_hooks("home_content",$o); diff --git a/mod/login.php b/mod/login.php deleted file mode 100644 index f30353e828..0000000000 --- a/mod/login.php +++ /dev/null @@ -1,20 +0,0 @@ -config['register_policy'] == REGISTER_CLOSED) ? false : true); -} diff --git a/mod/network.php b/mod/network.php index 552625c2af..1933c3d1e6 100644 --- a/mod/network.php +++ b/mod/network.php @@ -11,6 +11,7 @@ use Friendica\Core\PConfig; use Friendica\Database\DBM; use Friendica\Model\Contact; use Friendica\Model\Group; +use Friendica\Module\Login; require_once 'include/conversation.php'; require_once 'include/contact_widgets.php'; @@ -380,8 +381,7 @@ function networkConversation($a, $items, $mode, $update) { function network_content(App $a, $update = 0) { if (!local_user()) { - $_SESSION['return_url'] = $a->query_string; - return login(false); + return Login::form(); } /// @TODO Is this really necessary? $a is already available to hooks diff --git a/mod/notify.php b/mod/notify.php index fae7ebb39b..913f83f9be 100644 --- a/mod/notify.php +++ b/mod/notify.php @@ -4,6 +4,7 @@ use Friendica\App; use Friendica\Core\NotificationsManager; use Friendica\Core\System; use Friendica\Database\DBM; +use Friendica\Module\Login; function notify_init(App $a) { if (! local_user()) { @@ -45,7 +46,7 @@ function notify_init(App $a) { function notify_content(App $a) { if (! local_user()) { - return login(); + return Login::form(); } $nm = new NotificationsManager(); diff --git a/mod/oexchange.php b/mod/oexchange.php index 88edc9d60c..37dc76545f 100644 --- a/mod/oexchange.php +++ b/mod/oexchange.php @@ -2,6 +2,7 @@ use Friendica\App; use Friendica\Core\System; +use Friendica\Module\Login; function oexchange_init(App $a) { @@ -17,7 +18,7 @@ function oexchange_init(App $a) { function oexchange_content(App $a) { if (! local_user()) { - $o = login(false); + $o = Login::form(); return $o; } diff --git a/mod/profile.php b/mod/profile.php index fe2475c7af..9d4bd57c89 100644 --- a/mod/profile.php +++ b/mod/profile.php @@ -6,6 +6,7 @@ use Friendica\Core\PConfig; use Friendica\Core\System; use Friendica\Database\DBM; use Friendica\Model\Group; +use Friendica\Module\Login; require_once('include/contact_widgets.php'); require_once('include/redir.php'); @@ -102,7 +103,7 @@ function profile_content(App $a, $update = 0) { $hashtags = (x($_GET, 'tag') ? $_GET['tag'] : ''); if (Config::get('system','block_public') && (! local_user()) && (! remote_user())) { - return login(); + return Login::form(); } require_once("include/bbcode.php"); diff --git a/mod/regmod.php b/mod/regmod.php index d4908b210f..8f08067e21 100644 --- a/mod/regmod.php +++ b/mod/regmod.php @@ -6,6 +6,7 @@ use Friendica\Core\System; use Friendica\Core\Worker; use Friendica\Database\DBM; use Friendica\Model\User; +use Friendica\Module\Login; require_once 'include/enotify.php'; @@ -94,11 +95,9 @@ function regmod_content(App $a) { global $lang; - $_SESSION['return_url'] = $a->cmd; - if (!local_user()) { info(t('Please login.') . EOL); - $o .= '

' . login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1); + $o .= '

' . Login::form($a->query_string, $a->config['register_policy'] == REGISTER_CLOSED ? 0 : 1); return $o; }