friendica
/
friendica
mirror of https://github.com/friendica/friendica.git
1
2
Fork 1
Code Issues Releases 49 Wiki Activity
Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
15055 Commits
3 Branches
556 MiB
Tree: 2628ff91f4
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2628ff91f4'
${ noResults }
friendica/mod/openid.php

113 lines
2.7 KiB
Raw Normal View History

openid logins working
11 years ago
Revert "Updated modules to allow for partial overrides without errors" This reverts commit db949bb802448184bfe5164d8d3dd86ddf51b187.
5 years ago
openid logins working
11 years ago
Revert "Updated modules to allow for partial overrides without errors" This reverts commit db949bb802448184bfe5164d8d3dd86ddf51b187.
5 years ago
Normalize App parameter declaration (mod folder, 2 out of 3)
4 years ago
openid logins working
11 years ago
localise login template, allow openid to be disabled
11 years ago
Revert "Coding convention applied - part 1"
4 years ago
some more zot changes migrating back to f9a mainline
10 years ago
localise login template, allow openid to be disabled
11 years ago
some openid fixes, use identity url from openid server and normalise it.
9 years ago
Revert "Coding convention applied - part 1"
4 years ago
cleanup after openid refactoring
9 years ago
openid logins working
11 years ago
Revert "Coding convention applied - part 1"
4 years ago
openid logins working
11 years ago
Do not normalize openid url when logging in (since it isn't normalized when setting it via user settings) NOTE: this broke with 8367cad
5 years ago
some openid fixes, use identity url from openid server and normalise it.
9 years ago
Revert "Coding convention applied - part 1"
4 years ago
refactor openid logins/registrations
9 years ago
openid registration
11 years ago
Fix OpenID login The problem was that while openid was stored not-normalized in the database, the checking code was looking for a normalized form instead. The commit removing normalization step on saving user preferences was 8367cad, which might have left old users with normalized openid and new users with non-normalized one. This commit makes the checking code look for both normalized and not normalized form, to be backward compatible.
5 years ago
Fix "remember me" cookie for OpenID logins Closes #2432 NOTE: in order to obtain the same "cookie hash" it was required to include unneeded fields in the user record structure, this would be good to change in the future...
4 years ago
Simplify openid query, and (needlessly) quote all fields Fields quoting was requested by rabuzarus
5 years ago
Fix OpenID login The problem was that while openid was stored not-normalized in the database, the checking code was looking for a normalized form instead. The commit removing normalization step on saving user preferences was 8367cad, which might have left old users with normalized openid and new users with non-normalized one. This commit makes the checking code look for both normalized and not normalized form, to be backward compatible.
5 years ago
openid logins working
11 years ago
some openid fixes, use identity url from openid server and normalise it.
9 years ago
Cleanup for #3010 - added spaces, thanks to @annando . Signed-off-by: Roland Häder <roland@mxchange.org>
4 years ago
cleanup after openid refactoring
9 years ago
refactor openid logins/registrations
9 years ago
Normalize App parameter declaration (mod folder, 2 out of 3)
4 years ago
refactor openid logins/registrations
9 years ago
some more zot changes migrating back to f9a mainline
10 years ago
refactor openid logins/registrations
9 years ago
cleanup after openid refactoring
9 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
Revert "Coding convention applied - part 1"
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
Revert "Coding convention applied - part 1"
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
refactor openid logins/registrations
9 years ago
Continued with coding convention: - added curly braces around conditional code blocks - added space between if/foreach/... and brace - rewrote a code block so if dbm::is_result() fails it will abort, else the id is fetched from INSERT statement - made some SQL keywords upper-cased and added back-ticks to columns/table names Signed-off-by: Roland Haeder <roland@mxchange.org>
4 years ago
openid logins working
11 years ago
refactor openid logins/registrations
9 years ago
switch identities to manage pages
10 years ago
*much* more usage of App::get_baseurl() instead of $a->get_baseurl() (coding convention applied) Signed-off-by: Roland Häder <roland@mxchange.org>
4 years ago
register/login timestamps
10 years ago
refactor openid logins/registrations
9 years ago
openid logins working
11 years ago
some more zot changes migrating back to f9a mainline
10 years ago
openid logins working
11 years ago
add info() function. Works like notice() but show messages in a div with class info-message. update code to use info() instead of notice() when appropriate (non-error message) add info-message class style in themes
10 years ago
 
  1. <?php
  2. 

  3. 

  4. require_once('library/openid.php');
  5. 

  6. 

  7. function openid_content(App $a) {
  8. 

  9. 	$noid = get_config('system','no_openid');
  10. 	if($noid)
  11. 		goaway(z_root());
  12. 

  13. 	logger('mod_openid ' . print_r($_REQUEST,true), LOGGER_DATA);
  14. 

  15. 	if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
  16. 

  17. 		$openid = new LightOpenID;
  18. 

  19. 		if($openid->validate()) {
  20. 

  21. 			$authid = $_REQUEST['openid_identity'];
  22. 

  23. 			if(! strlen($authid)) {
  24. 				logger( t('OpenID protocol error. No ID returned.') . EOL);
  25. 				goaway(z_root());
  26. 			}
  27. 

  28. 			// NOTE: we search both for normalised and non-normalised form of $authid

  29. 			//       because the normalization step was removed from setting

  30. 			//       mod/settings.php in 8367cad so it might have left mixed

  31. 			//       records in the user table

  32. 			//

  33. 			$r = q("SELECT *, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` FROM `user`

  34. 				WHERE ( `openid` = '%s' OR `openid` = '%s' )
  35. 				AND `blocked` = 0 AND `account_expired` = 0
  36. 				AND `account_removed` = 0 AND `verified` = 1
  37. 				LIMIT 1",

  38. 				dbesc($authid), dbesc(normalise_openid($authid))
  39. 			);
  40. 

  41. 			if (dbm::is_result($r)) {
  42. 

  43. 				// successful OpenID login

  44. 

  45. 				unset($_SESSION['openid']);
  46. 

  47. 				require_once('include/security.php');
  48. 				authenticate_success($r[0],true,true);
  49. 

  50. 				// just in case there was no return url set

  51. 				// and we fell through

  52. 

  53. 				goaway(z_root());
  54. 			}
  55. 

  56. 			// Successful OpenID login - but we can't match it to an existing account.

  57. 			// New registration?

  58. 

  59. 			if ($a->config['register_policy'] == REGISTER_CLOSED) {
  60. 				notice( t('Account not found and OpenID registration is not permitted on this site.') . EOL);
  61. 				goaway(z_root());
  62. 			}
  63. 

  64. 			unset($_SESSION['register']);
  65. 			$args = '';
  66. 			$attr = $openid->getAttributes();
  67. 			if (is_array($attr) && count($attr)) {
  68. 				foreach ($attr as $k => $v) {
  69. 					if ($k === 'namePerson/friendly') {
  70. 						$nick = notags(trim($v));
  71. 					}
  72. 					if($k === 'namePerson/first') {
  73. 						$first = notags(trim($v));
  74. 					}
  75. 					if($k === 'namePerson') {
  76. 						$args .= '&username=' . notags(trim($v));
  77. 					}
  78. 					if ($k === 'contact/email') {
  79. 						$args .= '&email=' . notags(trim($v));
  80. 					}
  81. 					if ($k === 'media/image/aspect11') {
  82. 						$photosq = bin2hex(trim($v));
  83. 					}
  84. 					if ($k === 'media/image/default') {
  85. 						$photo = bin2hex(trim($v));
  86. 					}
  87. 				}
  88. 			}
  89. 			if ($nick) {
  90. 				$args .= '&nickname=' . $nick;
  91. 			}
  92. 			elseif ($first) {
  93. 				$args .= '&nickname=' . $first;
  94. 			}
  95. 

  96. 			if ($photosq) {
  97. 				$args .= '&photo=' . $photosq;
  98. 			}
  99. 			elseif ($photo) {
  100. 				$args .= '&photo=' . $photo;
  101. 			}
  102. 

  103. 			$args .= '&openid_url=' . notags(trim($authid));
  104. 

  105. 			goaway(App::get_baseurl() . '/register' . $args);
  106. 

  107. 			// NOTREACHED

  108. 		}
  109. 	}
  110. 	notice( t('Login failed.') . EOL);
  111. 	goaway(z_root());
  112. 	// NOTREACHED

  113. }