Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

120 lines
3.3 KiB

  1. <?php
  2. require_once('library/openid.php');
  3. function openid_content(&$a) {
  4. $noid = get_config('system','no_openid');
  5. if($noid)
  6. goaway($a->get_baseurl());
  7. if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) {
  8. $openid = new LightOpenID;
  9. if($openid->validate()) {
  10. if(x($_SESSION,'register')) {
  11. unset($_SESSION['register']);
  12. $args = '';
  13. $attr = $openid->getAttributes();
  14. if(is_array($attr) && count($attr)) {
  15. foreach($attr as $k => $v) {
  16. if($k === 'namePerson/friendly')
  17. $nick = notags(trim($v));
  18. if($k === 'namePerson/first')
  19. $first = notags(trim($v));
  20. if($k === 'namePerson')
  21. $args .= '&username=' . notags(trim($v));
  22. if($k === 'contact/email')
  23. $args .= '&email=' . notags(trim($v));
  24. if($k === 'media/image/aspect11')
  25. $photosq = bin2hex(trim($v));
  26. if($k === 'media/image/default')
  27. $photo = bin2hex(trim($v));
  28. }
  29. }
  30. if($nick)
  31. $args .= '&nickname=' . $nick;
  32. elseif($first)
  33. $args .= '&nickname=' . $first;
  34. if($photosq)
  35. $args .= '&photo=' . $photosq;
  36. elseif($photo)
  37. $args .= '&photo=' . $photo;
  38. $args .= '&openid_url=' . notags(trim($_SESSION['openid']));
  39. if($a->config['register_policy'] != REGISTER_CLOSED)
  40. goaway($a->get_baseurl() . '/register' . $args);
  41. else
  42. goaway($a->get_baseurl());
  43. // NOTREACHED
  44. }
  45. $r = q("SELECT * FROM `user` WHERE `openid` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
  46. dbesc($_SESSION['openid'])
  47. );
  48. if(! count($r)) {
  49. notice( t('Login failed.') . EOL );
  50. goaway($a->get_baseurl());
  51. }
  52. unset($_SESSION['openid']);
  53. $_SESSION['uid'] = $r[0]['uid'];
  54. $_SESSION['theme'] = $r[0]['theme'];
  55. $_SESSION['authenticated'] = 1;
  56. $_SESSION['page_flags'] = $r[0]['page-flags'];
  57. $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
  58. $a->user = $r[0];
  59. if($a->user['login_date'] === '0000-00-00 00:00:00') {
  60. $_SESSION['return_url'] = 'profile_photo/new';
  61. $a->module = 'profile_photo';
  62. notice( t("Welcome ") . $a->user['username'] . EOL);
  63. notice( t('Please upload a profile photo.') . EOL);
  64. }
  65. else
  66. notice( t("Welcome back ") . $a->user['username'] . EOL);
  67. if(strlen($a->user['timezone'])) {
  68. date_default_timezone_set($a->user['timezone']);
  69. $a->timezone = $a->user['timezone'];
  70. }
  71. $r = q("SELECT `uid`,`username` FROM `user` WHERE `password` = '%s' AND `email` = '%s'",
  72. dbesc($a->user['password']),
  73. dbesc($a->user['email'])
  74. );
  75. if(count($r))
  76. $a->identities = $r;
  77. $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
  78. intval($_SESSION['uid'])
  79. );
  80. if(count($r)) {
  81. $a->contact = $r[0];
  82. $a->cid = $r[0]['id'];
  83. $_SESSION['cid'] = $a->cid;
  84. }
  85. q("UPDATE `user` SET `login_date` = '%s' WHERE `uid` = %d LIMIT 1",
  86. dbesc(datetime_convert()),
  87. intval($_SESSION['uid'])
  88. );
  89. header('X-Account-Management-Status: active; name="' . $a->user['username'] . '"; id="' . $a->user['nickname'] .'"');
  90. if(($a->module !== 'home') && isset($_SESSION['return_url']))
  91. goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
  92. else
  93. goaway($a->get_baseurl());
  94. }
  95. }
  96. notice( t('Login failed.') . EOL);
  97. goaway($a->get_baseurl());
  98. // NOTREACHED
  99. }