Fix formatting
- include/auth.php - include/oauth.php - include/user.php - mod/removeme.php - src/Worker/Queue.php
This commit is contained in:
Hypolite Petovan
parent
2236f60cfa
commit
90a8ae2cb8
5 changed files with 73 additions and 174 deletions
|
|
@ -5,8 +5,8 @@ use Friendica\Core\System;
|
|||
use Friendica\Core\Config;
|
||||
use Friendica\Database\DBM;
|
||||
|
||||
require_once('include/security.php');
|
||||
require_once('include/datetime.php');
|
||||
require_once 'include/security.php';
|
||||
require_once 'include/datetime.php';
|
||||
|
||||
// When the "Friendica" cookie is set, take the value to authenticate and renew the cookie.
|
||||
if (isset($_COOKIE["Friendica"])) {
|
||||
|
|
@ -34,20 +34,19 @@ if (isset($_COOKIE["Friendica"])) {
|
|||
if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
|
||||
authenticate_success($r[0]);
|
||||
|
||||
if (Config::get('system','paranoia'))
|
||||
if (Config::get('system', 'paranoia')) {
|
||||
$_SESSION['addr'] = $data->ip;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// login/logout
|
||||
|
||||
if (isset($_SESSION) && x($_SESSION, 'authenticated') && (!x($_POST, 'auth-params') || ($_POST['auth-params'] !== 'login'))) {
|
||||
|
||||
if ((x($_POST, 'auth-params') && ($_POST['auth-params'] === 'logout')) || ($a->module === 'logout')) {
|
||||
|
||||
// process logout request
|
||||
call_hooks("logging_out");
|
||||
nuke_session();
|
||||
|
|
@ -65,9 +64,7 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
|||
}
|
||||
|
||||
if (x($_SESSION, 'uid')) {
|
||||
|
||||
// already logged in user returning
|
||||
|
||||
$check = Config::get('system', 'paranoia');
|
||||
// extra paranoia - if the IP changed, log them out
|
||||
if ($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {
|
||||
|
|
@ -94,19 +91,16 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
|||
$_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
|
||||
}
|
||||
if (strcmp(datetime_convert('UTC', 'UTC', 'now - 12 hours'), $_SESSION['last_login_date']) > 0) {
|
||||
|
||||
$_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
|
||||
$login_refresh = true;
|
||||
}
|
||||
authenticate_success($r[0], false, false, $login_refresh);
|
||||
}
|
||||
} else {
|
||||
|
||||
session_unset();
|
||||
|
||||
if (x($_POST,'password') && strlen($_POST['password']))
|
||||
if (x($_POST, 'password') && strlen($_POST['password'])) {
|
||||
$encrypted = hash('whirlpool', trim($_POST['password']));
|
||||
else {
|
||||
} else {
|
||||
if ((x($_POST, 'openid_url')) && strlen($_POST['openid_url']) ||
|
||||
(x($_POST, 'username')) && strlen($_POST['username'])) {
|
||||
|
||||
|
|
@ -115,11 +109,9 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
|||
$openid_url = trim((strlen($_POST['openid_url']) ? $_POST['openid_url'] : $_POST['username']));
|
||||
|
||||
// validate_url alters the calling parameter
|
||||
|
||||
$temp_string = $openid_url;
|
||||
|
||||
// if it's an email address or doesn't resolve to a URL, fail.
|
||||
|
||||
if ($noid || strpos($temp_string, '@') || !validate_url($temp_string)) {
|
||||
$a = get_app();
|
||||
notice(t('Login failed.') . EOL);
|
||||
|
|
@ -128,7 +120,6 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
|||
}
|
||||
|
||||
// Otherwise it's probably an openid.
|
||||
|
||||
try {
|
||||
require_once('library/openid.php');
|
||||
$openid = new LightOpenID;
|
||||
|
|
@ -145,7 +136,6 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
|||
}
|
||||
|
||||
if (x($_POST, 'auth-params') && $_POST['auth-params'] === 'login') {
|
||||
|
||||
$record = null;
|
||||
|
||||
$addon_auth = array(
|
||||
|
|
@ -162,12 +152,11 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
|||
* and later plugins should not interfere with an earlier one that succeeded.
|
||||
*
|
||||
*/
|
||||
|
||||
call_hooks('authenticate', $addon_auth);
|
||||
|
||||
if ($addon_auth['authenticated'] && count($addon_auth['user_record']))
|
||||
if ($addon_auth['authenticated'] && count($addon_auth['user_record'])) {
|
||||
$record = $addon_auth['user_record'];
|
||||
else {
|
||||
} else {
|
||||
|
||||
// process normal login request
|
||||
|
||||
|
|
@ -178,9 +167,10 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
|||
dbesc(trim($_POST['username'])),
|
||||
dbesc($encrypted)
|
||||
);
|
||||
if (DBM::is_result($r))
|
||||
if (DBM::is_result($r)) {
|
||||
$record = $r[0];
|
||||
}
|
||||
}
|
||||
|
||||
if (!$record || !count($record)) {
|
||||
logger('authenticate: failed login attempt: ' . notags(trim($_POST['username'])) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
|
||||
|
|
@ -202,8 +192,8 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
|
|||
/**
|
||||
* @brief Kills the "Friendica" cookie and all session data
|
||||
*/
|
||||
function nuke_session() {
|
||||
|
||||
function nuke_session()
|
||||
{
|
||||
new_cookie(-3600); // make sure cookie is deleted on browser close, as a security measure
|
||||
session_unset();
|
||||
session_destroy();
|
||||
|
|
|
|||
|
|
@ -182,93 +182,3 @@ class FKOAuth1 extends OAuthServer {
|
|||
}
|
||||
|
||||
}
|
||||
/*
|
||||
class FKOAuth2 extends OAuth2 {
|
||||
|
||||
private function db_secret($client_secret){
|
||||
return hash('whirlpool',$client_secret);
|
||||
}
|
||||
|
||||
public function addClient($client_id, $client_secret, $redirect_uri) {
|
||||
$client_secret = $this->db_secret($client_secret);
|
||||
$r = q("INSERT INTO clients (client_id, pw, redirect_uri) VALUES ('%s', '%s', '%s')",
|
||||
dbesc($client_id),
|
||||
dbesc($client_secret),
|
||||
dbesc($redirect_uri)
|
||||
);
|
||||
|
||||
return $r;
|
||||
}
|
||||
|
||||
protected function checkClientCredentials($client_id, $client_secret = NULL) {
|
||||
$client_secret = $this->db_secret($client_secret);
|
||||
|
||||
$r = q("SELECT pw FROM clients WHERE client_id = '%s'",
|
||||
dbesc($client_id));
|
||||
|
||||
if ($client_secret === NULL)
|
||||
return $result !== FALSE;
|
||||
|
||||
return $result["client_secret"] == $client_secret;
|
||||
}
|
||||
|
||||
protected function getRedirectUri($client_id) {
|
||||
$r = q("SELECT redirect_uri FROM clients WHERE client_id = '%s'",
|
||||
dbesc($client_id));
|
||||
if ($r === FALSE)
|
||||
return FALSE;
|
||||
|
||||
return isset($r[0]["redirect_uri"]) && $r[0]["redirect_uri"] ? $r[0]["redirect_uri"] : NULL;
|
||||
}
|
||||
|
||||
protected function getAccessToken($oauth_token) {
|
||||
$r = q("SELECT client_id, expires, scope FROM tokens WHERE id = '%s'",
|
||||
dbesc($oauth_token));
|
||||
|
||||
if (DBM::is_result($r))
|
||||
return $r[0];
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
|
||||
protected function setAccessToken($oauth_token, $client_id, $expires, $scope = NULL) {
|
||||
$r = q("INSERT INTO tokens (id, client_id, expires, scope) VALUES ('%s', '%s', %d, '%s')",
|
||||
dbesc($oauth_token),
|
||||
dbesc($client_id),
|
||||
intval($expires),
|
||||
dbesc($scope));
|
||||
|
||||
return $r;
|
||||
}
|
||||
|
||||
protected function getSupportedGrantTypes() {
|
||||
return array(
|
||||
OAUTH2_GRANT_TYPE_AUTH_CODE,
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
protected function getAuthCode($code) {
|
||||
$r = q("SELECT id, client_id, redirect_uri, expires, scope FROM auth_codes WHERE id = '%s'",
|
||||
dbesc($code));
|
||||
|
||||
if (DBM::is_result($r))
|
||||
return $r[0];
|
||||
return null;
|
||||
}
|
||||
|
||||
protected function setAuthCode($code, $client_id, $redirect_uri, $expires, $scope = NULL) {
|
||||
$r = q("INSERT INTO auth_codes
|
||||
(id, client_id, redirect_uri, expires, scope) VALUES
|
||||
('%s', '%s', '%s', %d, '%s')",
|
||||
dbesc($code),
|
||||
dbesc($client_id),
|
||||
dbesc($redirect_uri),
|
||||
intval($expires),
|
||||
dbesc($scope));
|
||||
return $r;
|
||||
}
|
||||
|
||||
}
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -4,13 +4,12 @@ use Friendica\Core\Config;
|
|||
use Friendica\Core\System;
|
||||
use Friendica\Database\DBM;
|
||||
|
||||
require_once('include/network.php');
|
||||
require_once('include/plugin.php');
|
||||
require_once('include/text.php');
|
||||
require_once('include/pgettext.php');
|
||||
require_once('include/datetime.php');
|
||||
require_once('include/enotify.php');
|
||||
|
||||
require_once 'include/network.php';
|
||||
require_once 'include/plugin.php';
|
||||
require_once 'include/text.php';
|
||||
require_once 'include/pgettext.php';
|
||||
require_once 'include/datetime.php';
|
||||
require_once 'include/enotify.php';
|
||||
|
||||
function create_user($arr) {
|
||||
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@ use Friendica\App;
|
|||
use Friendica\Core\System;
|
||||
use Friendica\Model\User;
|
||||
|
||||
function removeme_post(App $a) {
|
||||
|
||||
function removeme_post(App $a)
|
||||
{
|
||||
if (!local_user()) {
|
||||
return;
|
||||
}
|
||||
|
|
@ -32,11 +32,10 @@ function removeme_post(App $a) {
|
|||
User::remove($a->user['uid']);
|
||||
// NOTREACHED
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
function removeme_content(App $a) {
|
||||
|
||||
function removeme_content(App $a)
|
||||
{
|
||||
if (!local_user()) {
|
||||
goaway(System::baseUrl());
|
||||
}
|
||||
|
|
@ -59,5 +58,4 @@ function removeme_content(App $a) {
|
|||
));
|
||||
|
||||
return $o;
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @file src/Worker/Queue.php
|
||||
*/
|
||||
|
|
@ -19,7 +20,8 @@ require_once 'include/items.php';
|
|||
require_once 'include/bbcode.php';
|
||||
require_once 'include/salmon.php';
|
||||
|
||||
class Queue {
|
||||
class Queue
|
||||
{
|
||||
public static function execute($queue_id = 0)
|
||||
{
|
||||
global $a;
|
||||
|
|
|
|||
Loading…
Reference in a new issue