Fix formatting
- include/auth.php - include/oauth.php - include/user.php - mod/removeme.php - src/Worker/Queue.php
This commit is contained in:
Hypolite Petovan
parent
2236f60cfa
commit
90a8ae2cb8
5 changed files with 73 additions and 174 deletions
|
|
@ -5,8 +5,8 @@ use Friendica\Core\System;
|
||||||
use Friendica\Core\Config;
|
use Friendica\Core\Config;
|
||||||
use Friendica\Database\DBM;
|
use Friendica\Database\DBM;
|
||||||
|
|
||||||
require_once('include/security.php');
|
require_once 'include/security.php';
|
||||||
require_once('include/datetime.php');
|
require_once 'include/datetime.php';
|
||||||
|
|
||||||
// When the "Friendica" cookie is set, take the value to authenticate and renew the cookie.
|
// When the "Friendica" cookie is set, take the value to authenticate and renew the cookie.
|
||||||
if (isset($_COOKIE["Friendica"])) {
|
if (isset($_COOKIE["Friendica"])) {
|
||||||
|
|
@ -34,20 +34,19 @@ if (isset($_COOKIE["Friendica"])) {
|
||||||
if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
|
if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
|
||||||
authenticate_success($r[0]);
|
authenticate_success($r[0]);
|
||||||
|
|
||||||
if (Config::get('system','paranoia'))
|
if (Config::get('system', 'paranoia')) {
|
||||||
$_SESSION['addr'] = $data->ip;
|
$_SESSION['addr'] = $data->ip;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
// login/logout
|
// login/logout
|
||||||
|
|
||||||
if (isset($_SESSION) && x($_SESSION, 'authenticated') && (!x($_POST, 'auth-params') || ($_POST['auth-params'] !== 'login'))) {
|
if (isset($_SESSION) && x($_SESSION, 'authenticated') && (!x($_POST, 'auth-params') || ($_POST['auth-params'] !== 'login'))) {
|
||||||
|
|
||||||
if ((x($_POST, 'auth-params') && ($_POST['auth-params'] === 'logout')) || ($a->module === 'logout')) {
|
if ((x($_POST, 'auth-params') && ($_POST['auth-params'] === 'logout')) || ($a->module === 'logout')) {
|
||||||
|
|
||||||
// process logout request
|
// process logout request
|
||||||
call_hooks("logging_out");
|
call_hooks("logging_out");
|
||||||
nuke_session();
|
nuke_session();
|
||||||
|
|
@ -65,9 +64,7 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
||||||
}
|
}
|
||||||
|
|
||||||
if (x($_SESSION, 'uid')) {
|
if (x($_SESSION, 'uid')) {
|
||||||
|
|
||||||
// already logged in user returning
|
// already logged in user returning
|
||||||
|
|
||||||
$check = Config::get('system', 'paranoia');
|
$check = Config::get('system', 'paranoia');
|
||||||
// extra paranoia - if the IP changed, log them out
|
// extra paranoia - if the IP changed, log them out
|
||||||
if ($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {
|
if ($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {
|
||||||
|
|
@ -94,19 +91,16 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
||||||
$_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
|
$_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
|
||||||
}
|
}
|
||||||
if (strcmp(datetime_convert('UTC', 'UTC', 'now - 12 hours'), $_SESSION['last_login_date']) > 0) {
|
if (strcmp(datetime_convert('UTC', 'UTC', 'now - 12 hours'), $_SESSION['last_login_date']) > 0) {
|
||||||
|
|
||||||
$_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
|
$_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
|
||||||
$login_refresh = true;
|
$login_refresh = true;
|
||||||
}
|
}
|
||||||
authenticate_success($r[0], false, false, $login_refresh);
|
authenticate_success($r[0], false, false, $login_refresh);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
session_unset();
|
session_unset();
|
||||||
|
if (x($_POST, 'password') && strlen($_POST['password'])) {
|
||||||
if (x($_POST,'password') && strlen($_POST['password']))
|
|
||||||
$encrypted = hash('whirlpool', trim($_POST['password']));
|
$encrypted = hash('whirlpool', trim($_POST['password']));
|
||||||
else {
|
} else {
|
||||||
if ((x($_POST, 'openid_url')) && strlen($_POST['openid_url']) ||
|
if ((x($_POST, 'openid_url')) && strlen($_POST['openid_url']) ||
|
||||||
(x($_POST, 'username')) && strlen($_POST['username'])) {
|
(x($_POST, 'username')) && strlen($_POST['username'])) {
|
||||||
|
|
||||||
|
|
@ -115,11 +109,9 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
||||||
$openid_url = trim((strlen($_POST['openid_url']) ? $_POST['openid_url'] : $_POST['username']));
|
$openid_url = trim((strlen($_POST['openid_url']) ? $_POST['openid_url'] : $_POST['username']));
|
||||||
|
|
||||||
// validate_url alters the calling parameter
|
// validate_url alters the calling parameter
|
||||||
|
|
||||||
$temp_string = $openid_url;
|
$temp_string = $openid_url;
|
||||||
|
|
||||||
// if it's an email address or doesn't resolve to a URL, fail.
|
// if it's an email address or doesn't resolve to a URL, fail.
|
||||||
|
|
||||||
if ($noid || strpos($temp_string, '@') || !validate_url($temp_string)) {
|
if ($noid || strpos($temp_string, '@') || !validate_url($temp_string)) {
|
||||||
$a = get_app();
|
$a = get_app();
|
||||||
notice(t('Login failed.') . EOL);
|
notice(t('Login failed.') . EOL);
|
||||||
|
|
@ -128,7 +120,6 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
||||||
}
|
}
|
||||||
|
|
||||||
// Otherwise it's probably an openid.
|
// Otherwise it's probably an openid.
|
||||||
|
|
||||||
try {
|
try {
|
||||||
require_once('library/openid.php');
|
require_once('library/openid.php');
|
||||||
$openid = new LightOpenID;
|
$openid = new LightOpenID;
|
||||||
|
|
@ -145,7 +136,6 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
||||||
}
|
}
|
||||||
|
|
||||||
if (x($_POST, 'auth-params') && $_POST['auth-params'] === 'login') {
|
if (x($_POST, 'auth-params') && $_POST['auth-params'] === 'login') {
|
||||||
|
|
||||||
$record = null;
|
$record = null;
|
||||||
|
|
||||||
$addon_auth = array(
|
$addon_auth = array(
|
||||||
|
|
@ -162,12 +152,11 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
||||||
* and later plugins should not interfere with an earlier one that succeeded.
|
* and later plugins should not interfere with an earlier one that succeeded.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
call_hooks('authenticate', $addon_auth);
|
call_hooks('authenticate', $addon_auth);
|
||||||
|
|
||||||
if ($addon_auth['authenticated'] && count($addon_auth['user_record']))
|
if ($addon_auth['authenticated'] && count($addon_auth['user_record'])) {
|
||||||
$record = $addon_auth['user_record'];
|
$record = $addon_auth['user_record'];
|
||||||
else {
|
} else {
|
||||||
|
|
||||||
// process normal login request
|
// process normal login request
|
||||||
|
|
||||||
|
|
@ -178,9 +167,10 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
||||||
dbesc(trim($_POST['username'])),
|
dbesc(trim($_POST['username'])),
|
||||||
dbesc($encrypted)
|
dbesc($encrypted)
|
||||||
);
|
);
|
||||||
if (DBM::is_result($r))
|
if (DBM::is_result($r)) {
|
||||||
$record = $r[0];
|
$record = $r[0];
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (!$record || !count($record)) {
|
if (!$record || !count($record)) {
|
||||||
logger('authenticate: failed login attempt: ' . notags(trim($_POST['username'])) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
|
logger('authenticate: failed login attempt: ' . notags(trim($_POST['username'])) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
|
||||||
|
|
@ -202,8 +192,8 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
||||||
/**
|
/**
|
||||||
* @brief Kills the "Friendica" cookie and all session data
|
* @brief Kills the "Friendica" cookie and all session data
|
||||||
*/
|
*/
|
||||||
function nuke_session() {
|
function nuke_session()
|
||||||
|
{
|
||||||
new_cookie(-3600); // make sure cookie is deleted on browser close, as a security measure
|
new_cookie(-3600); // make sure cookie is deleted on browser close, as a security measure
|
||||||
session_unset();
|
session_unset();
|
||||||
session_destroy();
|
session_destroy();
|
||||||
|
|
|
||||||
|
|
@ -182,93 +182,3 @@ class FKOAuth1 extends OAuthServer {
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
/*
|
|
||||||
class FKOAuth2 extends OAuth2 {
|
|
||||||
|
|
||||||
private function db_secret($client_secret){
|
|
||||||
return hash('whirlpool',$client_secret);
|
|
||||||
}
|
|
||||||
|
|
||||||
public function addClient($client_id, $client_secret, $redirect_uri) {
|
|
||||||
$client_secret = $this->db_secret($client_secret);
|
|
||||||
$r = q("INSERT INTO clients (client_id, pw, redirect_uri) VALUES ('%s', '%s', '%s')",
|
|
||||||
dbesc($client_id),
|
|
||||||
dbesc($client_secret),
|
|
||||||
dbesc($redirect_uri)
|
|
||||||
);
|
|
||||||
|
|
||||||
return $r;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected function checkClientCredentials($client_id, $client_secret = NULL) {
|
|
||||||
$client_secret = $this->db_secret($client_secret);
|
|
||||||
|
|
||||||
$r = q("SELECT pw FROM clients WHERE client_id = '%s'",
|
|
||||||
dbesc($client_id));
|
|
||||||
|
|
||||||
if ($client_secret === NULL)
|
|
||||||
return $result !== FALSE;
|
|
||||||
|
|
||||||
return $result["client_secret"] == $client_secret;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected function getRedirectUri($client_id) {
|
|
||||||
$r = q("SELECT redirect_uri FROM clients WHERE client_id = '%s'",
|
|
||||||
dbesc($client_id));
|
|
||||||
if ($r === FALSE)
|
|
||||||
return FALSE;
|
|
||||||
|
|
||||||
return isset($r[0]["redirect_uri"]) && $r[0]["redirect_uri"] ? $r[0]["redirect_uri"] : NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected function getAccessToken($oauth_token) {
|
|
||||||
$r = q("SELECT client_id, expires, scope FROM tokens WHERE id = '%s'",
|
|
||||||
dbesc($oauth_token));
|
|
||||||
|
|
||||||
if (DBM::is_result($r))
|
|
||||||
return $r[0];
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
protected function setAccessToken($oauth_token, $client_id, $expires, $scope = NULL) {
|
|
||||||
$r = q("INSERT INTO tokens (id, client_id, expires, scope) VALUES ('%s', '%s', %d, '%s')",
|
|
||||||
dbesc($oauth_token),
|
|
||||||
dbesc($client_id),
|
|
||||||
intval($expires),
|
|
||||||
dbesc($scope));
|
|
||||||
|
|
||||||
return $r;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected function getSupportedGrantTypes() {
|
|
||||||
return array(
|
|
||||||
OAUTH2_GRANT_TYPE_AUTH_CODE,
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
protected function getAuthCode($code) {
|
|
||||||
$r = q("SELECT id, client_id, redirect_uri, expires, scope FROM auth_codes WHERE id = '%s'",
|
|
||||||
dbesc($code));
|
|
||||||
|
|
||||||
if (DBM::is_result($r))
|
|
||||||
return $r[0];
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
protected function setAuthCode($code, $client_id, $redirect_uri, $expires, $scope = NULL) {
|
|
||||||
$r = q("INSERT INTO auth_codes
|
|
||||||
(id, client_id, redirect_uri, expires, scope) VALUES
|
|
||||||
('%s', '%s', '%s', %d, '%s')",
|
|
||||||
dbesc($code),
|
|
||||||
dbesc($client_id),
|
|
||||||
dbesc($redirect_uri),
|
|
||||||
intval($expires),
|
|
||||||
dbesc($scope));
|
|
||||||
return $r;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
|
||||||
|
|
@ -4,13 +4,12 @@ use Friendica\Core\Config;
|
||||||
use Friendica\Core\System;
|
use Friendica\Core\System;
|
||||||
use Friendica\Database\DBM;
|
use Friendica\Database\DBM;
|
||||||
|
|
||||||
require_once('include/network.php');
|
require_once 'include/network.php';
|
||||||
require_once('include/plugin.php');
|
require_once 'include/plugin.php';
|
||||||
require_once('include/text.php');
|
require_once 'include/text.php';
|
||||||
require_once('include/pgettext.php');
|
require_once 'include/pgettext.php';
|
||||||
require_once('include/datetime.php');
|
require_once 'include/datetime.php';
|
||||||
require_once('include/enotify.php');
|
require_once 'include/enotify.php';
|
||||||
|
|
||||||
|
|
||||||
function create_user($arr) {
|
function create_user($arr) {
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -4,8 +4,8 @@ use Friendica\App;
|
||||||
use Friendica\Core\System;
|
use Friendica\Core\System;
|
||||||
use Friendica\Model\User;
|
use Friendica\Model\User;
|
||||||
|
|
||||||
function removeme_post(App $a) {
|
function removeme_post(App $a)
|
||||||
|
{
|
||||||
if (!local_user()) {
|
if (!local_user()) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
@ -32,11 +32,10 @@ function removeme_post(App $a) {
|
||||||
User::remove($a->user['uid']);
|
User::remove($a->user['uid']);
|
||||||
// NOTREACHED
|
// NOTREACHED
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function removeme_content(App $a) {
|
function removeme_content(App $a)
|
||||||
|
{
|
||||||
if (!local_user()) {
|
if (!local_user()) {
|
||||||
goaway(System::baseUrl());
|
goaway(System::baseUrl());
|
||||||
}
|
}
|
||||||
|
|
@ -59,5 +58,4 @@ function removeme_content(App $a) {
|
||||||
));
|
));
|
||||||
|
|
||||||
return $o;
|
return $o;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @file src/Worker/Queue.php
|
* @file src/Worker/Queue.php
|
||||||
*/
|
*/
|
||||||
|
|
@ -19,7 +20,8 @@ require_once 'include/items.php';
|
||||||
require_once 'include/bbcode.php';
|
require_once 'include/bbcode.php';
|
||||||
require_once 'include/salmon.php';
|
require_once 'include/salmon.php';
|
||||||
|
|
||||||
class Queue {
|
class Queue
|
||||||
|
{
|
||||||
public static function execute($queue_id = 0)
|
public static function execute($queue_id = 0)
|
||||||
{
|
{
|
||||||
global $a;
|
global $a;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue