Merge lp:~ubuntuforums-devel/vbulletin-openid-integration/version4-fixes into lp:vbulletin-openid-integration
- version4-fixes
- Merge into trunk
Proposed by
kyleabaker
Status: | Needs review |
---|---|
Proposed branch: | lp:~ubuntuforums-devel/vbulletin-openid-integration/version4-fixes |
Merge into: | lp:vbulletin-openid-integration |
Diff against target: |
2640 lines (+1482/-1043) 7 files modified
install.txt (+90/-23) product-openid.xml (+315/-301) readme.txt (+12/-6) upload/openid_associate.php (+47/-34) upload/openid_authenticate.php (+527/-311) upload/openid_store.php (+276/-219) upload/openid_utils.php (+215/-149) |
To merge this branch: | bzr merge lp:~ubuntuforums-devel/vbulletin-openid-integration/version4-fixes |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Canonical ISD hackers | Pending | ||
Review via email: mp+131238@code.launchpad.net |
Commit message
Description of the change
Initial vBulletin 4 compatibility.
To post a comment you must log in.
Unmerged revisions
- 2. By kyleabaker
-
vBulletin 4 fixes
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === modified file 'install.txt' | |||
2 | --- install.txt 2012-07-23 16:21:45 +0000 | |||
3 | +++ install.txt 2012-10-24 17:05:24 +0000 | |||
4 | @@ -6,6 +6,7 @@ | |||
5 | 6 | # | 6 | # |
6 | 7 | # Copyright 2009 William Norris | 7 | # Copyright 2009 William Norris |
7 | 8 | # Copyright 2009 Anthony Lenton | 8 | # Copyright 2009 Anthony Lenton |
8 | 9 | # Copyright 2012 Kyle Baker | ||
9 | 9 | # Copyright 2012 Canonical | 10 | # Copyright 2012 Canonical |
10 | 10 | # | 11 | # |
11 | 11 | # This file is part of vbulletin-openid-integration. | 12 | # This file is part of vbulletin-openid-integration. |
12 | @@ -27,29 +28,95 @@ | |||
13 | 27 | the internet, or at least to the domains that you plan on allowing as | 28 | the internet, or at least to the domains that you plan on allowing as |
14 | 28 | OpenID providers. | 29 | OpenID providers. |
15 | 29 | 30 | ||
24 | 30 | 1) install the OpenID 2.x series libraries from openidenabled.com | 31 | 1) Install the OpenID 2.x series libraries for PHP 5: |
25 | 31 | - http://www.openidenabled.com/php-openid/ | 32 | - Download from http://www.openidenabled.com/php-openid/ |
26 | 32 | 33 | - Extract the archive and browse the contents. | |
27 | 33 | 2) install product-openid.xml using the vBulletin Product Manager | 34 | - Find the directory labeled 'Auth' and copy it to the |
28 | 34 | 35 | base of your vBulletin 4.x installation. | |
29 | 35 | 3) Add a new User Profile Field -- a single-lined textbox named "OpenID" | 36 | (ex. http://example.com/vbulletin/Auth) |
30 | 36 | 37 | ||
31 | 37 | 4) Find the 'OpenID' settings group in the vBulletin Options and configure as | 38 | 2) Install product-openid.xml using the vBulletin Product Manager: |
32 | 39 | - Log in to the Admin Control Panel in vBulletin 4.x. | ||
33 | 40 | - In the left panel, find 'Plugins & Products' near the bottom | ||
34 | 41 | and click the arrow to expand. | ||
35 | 42 | - Once expanded, click 'Manage Products'. | ||
36 | 43 | - From this page, find '[Add/Import Product]' at the bottom of | ||
37 | 44 | the Installed Products section and click it. | ||
38 | 45 | - Under 'Import Product', select 'Choose File' and browse through | ||
39 | 46 | the vBulletin OpenID Integration installation files for | ||
40 | 47 | 'product-openid.xml' and open it. | ||
41 | 48 | - Click 'Import'. | ||
42 | 49 | |||
43 | 50 | 3) Upload vBulletin OpenID Integration files: | ||
44 | 51 | - From the installation vBulletin OpenID Integration files, find | ||
45 | 52 | the directory labeled 'upload'. | ||
46 | 53 | - Create a folder named 'vbopenid' in the root of your vBulletin | ||
47 | 54 | 4.x installation. (ex. http://example.com/vbulletin/vbopenid) | ||
48 | 55 | - Upload the contents of the 'upload' directory to your newly | ||
49 | 56 | created 'vbopenid' directory. | ||
50 | 57 | |||
51 | 58 | 4) Add a new User Profile Field -- a single-lined textbox named "OpenID" | ||
52 | 59 | - Log in to the Admin Control Panel in vBulletin 4.x. | ||
53 | 60 | - In the left panel, find 'User Profile Fields' mid-way down and | ||
54 | 61 | click the arrow to expand. | ||
55 | 62 | - Once expanded, click 'Add New User Profile Field'. | ||
56 | 63 | - From this page, the default Profile Field Type should be | ||
57 | 64 | 'Single-Line Text Box'. Click continue. | ||
58 | 65 | - User Profile Field Settings: | ||
59 | 66 | * Title: | "OpenID" | ||
60 | 67 | * Description: | | ||
61 | 68 | * Profile Field: | "Uncategorized" | ||
62 | 69 | * Default Value: | | ||
63 | 70 | * Max length of allowed user input: | Default is 100 | ||
64 | 71 | * Field Length: | Default is 25 | ||
65 | 72 | * Profile Field Type: | "Single-Line Text Box" | ||
66 | 73 | * Display Order: | | ||
67 | 74 | * Field Required: | | ||
68 | 75 | * Field Editable by User: | "No" | ||
69 | 76 | * Private Field: | "Yes" | ||
70 | 77 | * Field Searchable on Members List: | "No" | ||
71 | 78 | * Show on Members List: | "No" | ||
72 | 79 | * Regular Expression: | | ||
73 | 80 | | | ||
74 | 81 | * Which page displays this option?: | "Options: Other" | ||
75 | 82 | - Click 'Save'. | ||
76 | 83 | |||
77 | 84 | 5) Find the 'OpenID' settings group in the vBulletin Options and configure as | ||
78 | 38 | appropriate. This is particularly important if you installed the libraries | 85 | appropriate. This is particularly important if you installed the libraries |
80 | 39 | in step 1 in a location that is not part of the standard php include_path | 86 | in step 1 in a location that is not part of the standard php include_path or |
81 | 87 | in a location that differs from step 1 instructions. | ||
82 | 88 | - Log in to the Admin Control Panel in vBulletin 4.x. | ||
83 | 89 | - In the left panel, find 'Settings' at the top and | ||
84 | 90 | click the arrow to expand. | ||
85 | 91 | - Once expanded, click 'Options'. | ||
86 | 92 | - From this page, scroll through the list until you find 'OpenID', | ||
87 | 93 | select it and click 'Edit Settings'. | ||
88 | 94 | - Adjust settings as needed. Ensure that the OpenID Profile Field matches | ||
89 | 95 | the title of the User Profile Field that you created in step 4. | ||
90 | 96 | - Click 'Save'. | ||
91 | 40 | 97 | ||
94 | 41 | 5) Edit your templates to add "$openid_login_box" somewhere. I recommend adding | 98 | 6) Edit your templates to add the OpenID log in form somewhere. I recommend adding |
95 | 42 | it to the 'navbar' template -- inside the existing login box, just before the | 99 | it to the 'header' template -- inside the existing login box area, just before the |
96 | 43 | submit button, and wrap it in a div that floats right. So you'd end up with | 100 | submit button, and wrap it in a div that floats right. So you'd end up with |
109 | 44 | 101 | - Log in to the Admin Control Panel in vBulletin 4.x. | |
110 | 45 | <td> | 102 | - In the left panel, find 'Styles & Templates' near the top and |
111 | 46 | <div style="float: right"> | 103 | click the arrow to expand. |
112 | 47 | $openid_login_box | 104 | - Once expanded, click 'Style Manager'. |
113 | 48 | </div> | 105 | - From this page, you will find two sections labeled Style Manager. In |
114 | 49 | <input type="submit" class="button" value="$vbphrase[log_in]" tabindex="104" | 106 | the section containing 'Default Style', click the right most button |
115 | 50 | title="$vbphrase[enter_username_to_login_or_register]" accesskey="s" /> | 107 | to expand a list of all templates for this style. |
116 | 51 | </td> | 108 | - Scroll through the list until you find 'header' or the template that |
117 | 52 | 109 | you've decided to modify. | |
118 | 53 | But of course, you can add it anywhere you want. | 110 | - Make your changes and click 'Save'. |
119 | 54 | 111 | ||
120 | 55 | 112 | - If you decide to add to the 'header' template, insert the following | |
121 | 113 | immediately after the list item for Help. Find it by searching for | ||
122 | 114 | "help" in the text area. | ||
123 | 115 | |||
124 | 116 | <li> | ||
125 | 117 | {vb:phrase openid_login_box} | ||
126 | 118 | </li> | ||
127 | 119 | |||
128 | 120 | But of course, you can add it anywhere you want. | ||
129 | 121 | |||
130 | 122 | Congratulations! Installation is complete! | ||
131 | 56 | 123 | ||
132 | === modified file 'product-openid.xml' | |||
133 | --- product-openid.xml 2012-07-23 16:21:45 +0000 | |||
134 | +++ product-openid.xml 2012-10-24 17:05:24 +0000 | |||
135 | @@ -1,6 +1,9 @@ | |||
136 | 1 | <?xml version="1.0" encoding="ISO-8859-1"?> | ||
137 | 2 | |||
138 | 1 | <!-- | 3 | <!-- |
139 | 2 | Copyright 2009 William Norris | 4 | Copyright 2009 William Norris |
140 | 3 | Copyright 2009 Anthony Lenton | 5 | Copyright 2009 Anthony Lenton |
141 | 6 | Copyright 2012 Kyle Baker | ||
142 | 4 | Copyright 2012 Canonical | 7 | Copyright 2012 Canonical |
143 | 5 | 8 | ||
144 | 6 | This file is part of vbulletin-openid-integration. | 9 | This file is part of vbulletin-openid-integration. |
145 | @@ -18,309 +21,320 @@ | |||
146 | 18 | You should have received a copy of the GNU Lesser Public License | 21 | You should have received a copy of the GNU Lesser Public License |
147 | 19 | along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>. | 22 | along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>. |
148 | 20 | --> | 23 | --> |
149 | 21 | <?xml version="1.0" encoding="ISO-8859-1"?> | ||
150 | 22 | 24 | ||
151 | 23 | <product productid="openid" active="1"> | 25 | <product productid="openid" active="1"> |
338 | 24 | <title>OpenID</title> | 26 | <title>OpenID</title> |
339 | 25 | <description>OpenID Authentication</description> | 27 | <description>OpenID Authentication</description> |
340 | 26 | <version>1.0.0</version> | 28 | <version>1.0.0</version> |
341 | 27 | <codes> | 29 | <url>https://launchpad.net/vbulletin-openid-integration</url> |
342 | 28 | <code version="1.0"> | 30 | <!-- <versioncheckurl>https://code.launchpad.net/vbulletin-openid-integration/version.xml</versioncheckurl> --> |
343 | 29 | <installcode><![CDATA[ | 31 | <dependencies> |
344 | 30 | require_once('openid_utils.php'); | 32 | <dependency dependencytype="vbulletin" minversion="4.2.0" maxversion=""/> |
345 | 31 | $secret = generate_password(15); | 33 | </dependencies> |
346 | 32 | $vbulletin->options['openid_secret'] = $secret; | 34 | <codes> |
347 | 33 | require_once('openid_store.php'); | 35 | <code version="1.0"> |
348 | 34 | _createDBTables($vbulletin); | 36 | <installcode><![CDATA[ |
349 | 35 | ]]></installcode> | 37 | require_once('vbopenid/openid_utils.php'); |
350 | 36 | <uninstallcode><![CDATA[ | 38 | |
351 | 37 | require_once('openid_store.php'); | 39 | $secret = generate_password(15); |
352 | 38 | _removeDBTables($vbulletin); | 40 | $vbulletin->options['openid_secret'] = $secret; |
353 | 39 | ]]></uninstallcode> | 41 | |
354 | 40 | </code> | 42 | require_once('vbopenid/openid_store.php'); |
355 | 41 | </codes> | 43 | |
356 | 42 | <templates> | 44 | _createDBTables($vbulletin); |
357 | 43 | <template name="openid_redirect_form" templatetype="template" username="achuni" version="1.0.0"><![CDATA[ | 45 | ]]></installcode> |
358 | 44 | <html><head><title>OpenID request</title></head> | 46 | <uninstallcode><![CDATA[ |
359 | 45 | <body onload="document.getElementById('$form_id').submit();" | 47 | require_once('vbopenid/openid_store.php'); |
360 | 46 | style="text-align: center;"> | 48 | |
361 | 47 | <div style="background: lightyellow; border: 1px solid black; margin: 30px 20%; padding: 5px 15px;"> | 49 | _removeDBTables($vbulletin); |
362 | 48 | <p> $text_redirect </p> | 50 | ]]></uninstallcode> |
363 | 49 | </div> | 51 | </code> |
364 | 50 | $form_html | 52 | </codes> |
365 | 51 | </body></html>]]></template> | 53 | <templates> |
366 | 52 | <template name="openid_request_email" templatetype="template" username="achuni" version="1.0.0"><![CDATA[$stylevar[htmldoctype] | 54 | <template name="openid_redirect_form" templatetype="template" username="achuni" version="1.0.0"> |
367 | 53 | <html xmlns="http://www.w3.org/1999/xhtml" dir="$stylevar[textdirection]" lang="$stylevar[languagecode]"> | 55 | <![CDATA[ |
368 | 54 | <head> | 56 | <html> |
369 | 55 | $headinclude | 57 | <head> |
370 | 56 | <title>$vboptions[bbtitle] - $vbphrase[registration]</title> | 58 | <title>OpenID request</title> |
371 | 57 | </head> | 59 | </head> |
372 | 58 | <body> | 60 | <body onload="document.getElementById('{vb:raw form_id}').submit();" style="text-align: center;"> |
373 | 59 | 61 | <div style="background: lightyellow; border: 1px solid black; margin: 30px 20%; padding: 5px 15px;"> | |
374 | 60 | $header | 62 | <p> {vb:raw text_redirect} </p> |
375 | 61 | 63 | </div> | |
376 | 62 | <br /> | 64 | {vb:raw form_html} |
377 | 63 | 65 | </body> | |
378 | 64 | <if condition="$show['errors']"> | 66 | </html> |
379 | 65 | <table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center"> | 67 | ]]></template> |
380 | 66 | <tr> | 68 | <template name="openid_request_email" templatetype="template" username="achuni" version="1.0.0"> |
381 | 67 | <td class="tcat">The following errors occurred during your registration:</td> | 69 | <![CDATA[ |
382 | 68 | </tr> | 70 | {vb:stylevar htmldoctype} |
383 | 69 | <tr> | 71 | <html xmlns="http://www.w3.org/1999/xhtml" dir="{vb:stylevar textdirection}" lang="{vb:stylevar languagecode}"> |
384 | 70 | <td class="alt1"><ul>$errorlist</ul></td> | 72 | <head> |
385 | 71 | </tr> | 73 | {vb:raw headinclude} |
386 | 72 | </table> | 74 | <title>{vb:raw vboptions.bbtitle} - {vb:phrase registration}</title> |
387 | 73 | <br /> | 75 | </head> |
388 | 74 | </if> | 76 | <body> |
389 | 75 | 77 | ||
390 | 76 | <form action="login.php?do=login" name="login" method="post"> | 78 | {vb:raw header} |
391 | 77 | <input type="hidden" name="do" value="login" /> | 79 | {vb:raw navbar} |
392 | 78 | <input type="hidden" name="openid" value="$openid" /> | 80 | |
393 | 79 | <input type="hidden" name="openid_confirm" value="$openid_confirm" /> | 81 | <br /> |
394 | 80 | <input type="hidden" name="openid_username" value="$openid_username" /> | 82 | |
395 | 81 | <input type="hidden" name="openid_action" value="request_email" /> | 83 | <vb:if condition="$show['errors']"> |
396 | 82 | <table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center"> | 84 | <form action="profile.php?do=dismissnotice" method="post" id="notices" class="notices"> |
397 | 83 | <tr> | 85 | <input type="hidden" name="do" value="dismissnotice"> |
398 | 84 | <td class="tcat"><phrase 1="$vboptions[bbtitle]">$vbphrase[register_at_x]</phrase></td> | 86 | <input type="hidden" name="s" value=""> |
399 | 85 | </tr> | 87 | <input type="hidden" name="securitytoken" value="{vb:raw bbuserinfo.securitytoken}"> |
400 | 86 | <tr> | 88 | <input type="hidden" id="dismiss_notice_hidden" name="dismiss_noticeid" value=""> |
401 | 87 | <td class="panelsurround" align="center"> | 89 | <input type="hidden" name="url" value=""> |
402 | 88 | <div class="panel"> | 90 | <ol> |
403 | 89 | <div style="width:$stylevar[formwidth]" align="$stylevar[left]"> | 91 | <li class="restore" id="navbar_notice_1">{vb:phrase openid_following_errors_occurrred}</li> |
404 | 90 | 92 | {vb:raw errorlist} | |
405 | 91 | <fieldset class="fieldset"> | 93 | </ol> |
406 | 92 | <legend>$vbphrase[email_address]</legend> | 94 | </form> |
407 | 93 | <table cellpadding="0" cellspacing="$stylevar[formspacer]" border="0" width="400"> | 95 | </vb:if> |
408 | 94 | <tr> | 96 | |
409 | 95 | <td> | 97 | <div class="standard_error"> |
410 | 96 | $vbphrase[email_address]:<br /> | 98 | <h2 class="blockhead">{vb:phrase register}</h2> |
411 | 97 | <input type="text" class="bginput" name="email" size="25" maxlength="50" value="$email" dir="ltr" /> | 99 | <form class="block vbform" method="post" action="login.php?do=login"> |
412 | 98 | </td> | 100 | <input type="hidden" name="do" value="login"> |
413 | 99 | <td> | 101 | <input type="hidden" name="openid" value="{vb:raw openid}"> |
414 | 100 | Confirm email address:<br /> | 102 | <input type="hidden" name="openid_confirm" value="{vb:raw openid_confirm}"> |
415 | 101 | <input type="text" class="bginput" name="email_confirm" size="25" maxlength="50" value="$email_confirm" dir="ltr" /> | 103 | <input type="hidden" name="openid_username" value="{vb:raw openid_username}" /> |
416 | 102 | </td> | 104 | <input type="hidden" name="openid_action" value="request_email" /> |
417 | 103 | </tr> | 105 | <input type="hidden" name="vb_login_md5password" value=""> |
418 | 104 | </table> | 106 | <input type="hidden" name="vb_login_md5password_utf" value=""> |
419 | 105 | </fieldset> | 107 | <input type="hidden" name="s" value=""> |
420 | 106 | </div> | 108 | <input type="hidden" name="s" value="{vb:raw session.sessionhash}"> |
421 | 107 | </div> | 109 | <input type="hidden" name="securitytoken" value="{vb:raw bbuserinfo.securitytoken}"> |
422 | 108 | <div style="margin-top:$stylevar[cellpadding]px"> | 110 | <input type="hidden" name="url" value="http://localhost/vbulletin/forum.php"> |
423 | 109 | <input type="submit" class="button" value="Complete Registration" accesskey="s" /> | 111 | <div class="blockbody formcontrols"> |
424 | 110 | <input type="reset" class="button" name="Reset" value="$vbphrase[reset_fields]" /> | 112 | <h3 class="blocksubhead"></h3> |
425 | 111 | </div> | 113 | <div class="blockrow"> |
426 | 112 | </td> | 114 | <label for="vb_registration_email">{vb:phrase email_address}</label> |
427 | 113 | </tr> | 115 | <input type="text" class="primary textbox" id="email" name="email" value="{vb:raw email}" accesskey="u" tabindex="1"> |
428 | 114 | </table> | 116 | </div> |
429 | 115 | </form> | 117 | <div class="blockrow"> |
430 | 116 | 118 | <label for="vb_registration_email_confirm">{vb:phrase openid_email_address_confirm}</label> | |
431 | 117 | $footer | 119 | <input type="text" class="primary textbox" id="email_confirm" name="email_confirm" value="{vb:raw email_confirm}" tabindex="1"> |
432 | 118 | 120 | </div> | |
433 | 119 | </body> | 121 | </div> |
434 | 120 | </html>]]></template> | 122 | <div class="blockfoot actionbuttons"> |
435 | 121 | <template name="openid_request_user_pass" templatetype="template" username="achuni" version="1.0.0"><![CDATA[ | 123 | <div class="group"> |
436 | 122 | $stylevar[htmldoctype] | 124 | <input type="submit" class="button" value="{vb:phrase openid_complete_registration}" accesskey="s" tabindex="1" title="{vb:phrase enter_username_to_login_or_register}"> |
437 | 123 | <html xmlns="http://www.w3.org/1999/xhtml" dir="$stylevar[textdirection]" lang="$stylevar[languagecode]"> | 125 | <input type="reset" class="button" value="{vb:phrase reset_fields}" accesskey="r" tabindex="1"> |
438 | 124 | <head> | 126 | </div> |
439 | 125 | $headinclude | 127 | </div> |
440 | 126 | <title>$vboptions[bbtitle] - $vbphrase[registration]</title> | 128 | </form> |
441 | 127 | </head> | 129 | </div> |
442 | 128 | <body> | 130 | |
443 | 129 | 131 | {vb:raw footer} | |
444 | 130 | $header | 132 | |
445 | 131 | 133 | </body> | |
446 | 132 | <br /> | 134 | </html> |
447 | 133 | 135 | ]]></template> | |
448 | 134 | <if condition="$show['errors']"> | 136 | <template name="openid_request_user_pass" templatetype="template" username="achuni" version="1.0.0"> |
449 | 135 | <table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center"> | 137 | <![CDATA[ |
450 | 136 | <tr> | 138 | {vb:stylevar htmldoctype} |
451 | 137 | <td class="tcat">$vbphrase[openid_first_time]</td> | 139 | <html xmlns="http://www.w3.org/1999/xhtml" dir="{vb:stylevar textdirection}" lang="{vb:stylevar languagecode}"> |
452 | 138 | </tr> | 140 | <head> |
453 | 139 | <tr> | 141 | {vb:raw headinclude} |
454 | 140 | <td class="alt1"><ul>$errorlist</ul></td> | 142 | <title>{vb:raw vboptions.bbtitle} - {vb:phrase registration}</title> |
455 | 141 | </tr> | 143 | </head> |
456 | 142 | </table> | 144 | <body> |
457 | 143 | <br /> | 145 | |
458 | 144 | </if> | 146 | {vb:raw header} |
459 | 145 | 147 | {vb:raw navbar} | |
460 | 146 | <form action="login.php?do=login" name="login" method="post" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, $show[nopasswordempty])"> | 148 | |
461 | 147 | <table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center"> | 149 | <br /> |
462 | 148 | <tr> | 150 | |
463 | 149 | <td class="tcat">$vbphrase[openid_fieldset_assoc_address]</td> | 151 | <vb:if condition="$show['errors']"> |
464 | 150 | </tr> | 152 | <form action="profile.php?do=dismissnotice" method="post" id="notices" class="notices"> |
465 | 151 | <tr> | 153 | <input type="hidden" name="do" value="dismissnotice"> |
466 | 152 | <td class="panelsurround" align="center"> | 154 | <input type="hidden" name="s" value=""> |
467 | 153 | <ul>$vbphrase[openid_description_assoc]</ul> | 155 | <input type="hidden" name="securitytoken" value="{vb:raw bbuserinfo.securitytoken}"> |
468 | 154 | <div class="panel" style="width:$stylevar[formwidth]"> | 156 | <input type="hidden" id="dismiss_notice_hidden" name="dismiss_noticeid" value=""> |
469 | 155 | <div style="width:$stylevar[formwidth]" align="$stylevar[left]"> | 157 | <input type="hidden" name="url" value=""> |
470 | 156 | 158 | <ol> | |
471 | 157 | <!-- login form --> | 159 | <li class="restore" id="navbar_notice_1">{vb:phrase openid_first_time}</li> |
472 | 158 | <input type="hidden" name="do" value="login" /> | 160 | <li class="restore" id="navbar_notice_2">{vb:raw errorlist}</li> |
473 | 159 | <input type="hidden" name="openid" value="$openid" /> | 161 | </ol> |
474 | 160 | <input type="hidden" name="openid_confirm" value="$openid_confirm" /> | 162 | </form> |
475 | 161 | <input type="hidden" name="openid_action" value="request_user" /> | 163 | </vb:if> |
476 | 162 | <script type="text/javascript" src="clientscript/vbulletin_md5.js?v=$vboptions[simpleversion]"></script> | 164 | |
477 | 163 | <table cellpadding="0" cellspacing="$stylevar[formspacer]" border="0"> | 165 | <div class="standard_error"> |
478 | 164 | <tr> | 166 | <h2 class="blockhead">{vb:phrase openid_button_assoc}</h2> |
479 | 165 | <td style="white-space: nowrap;"><label for="navbar_username">$vbphrase[username]</label></td> | 167 | <form class="block vbform" method="post" action="login.php?do=login" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, {vb:raw show.nopasswordempty})"> |
480 | 166 | <td><input type="text" class="bginput" style="font-size: 11px" name="vb_login_username" id="navbar_username" size="10" accesskey="u" tabindex="101" value="$openid_username" onfocus="if (this.value == '$vbphrase[username]') this.value = '';" /></td> | 168 | <input type="hidden" name="do" value="login"> |
481 | 167 | </tr> | 169 | <input type="hidden" name="openid" value="{vb:raw openid}"> |
482 | 168 | <tr> | 170 | <input type="hidden" name="openid_confirm" value="{vb:raw openid_confirm}"> |
483 | 169 | <td><label for="navbar_password">$vbphrase[password]</label></td> | 171 | <input type="hidden" name="openid_action" value="request_user"> |
484 | 170 | <td><input type="password" class="bginput" style="font-size: 11px" name="vb_login_password" id="navbar_password" size="10" tabindex="102" /></td> | 172 | <input type="hidden" name="vb_login_md5password" value=""> |
485 | 171 | </tr> | 173 | <input type="hidden" name="vb_login_md5password_utf" value=""> |
486 | 172 | <tr> | 174 | <input type="hidden" name="s" value=""> |
487 | 173 | <td nowrap="nowrap" colspan="2"><label for="cb_cookieuser_navbar"><input type="checkbox" name="cookieuser" value="1" tabindex="103" id="cb_cookieuser_navbar" accesskey="c" />$vbphrase[remember_me]</label></td> | 175 | <input type="hidden" name="s" value="{vb:raw session.sessionhash}"> |
488 | 174 | </tr> | 176 | <input type="hidden" name="securitytoken" value="{vb:raw bbuserinfo.securitytoken}"> |
489 | 175 | </table> | 177 | <input type="hidden" name="url" value="http://localhost/vbulletin/forum.php"> |
490 | 176 | <input type="hidden" name="s" value="$session[sessionhash]" /> | 178 | <div class="blockbody formcontrols"> |
491 | 177 | <input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken] . "" /> | 179 | <div class="blockrow restore"> |
492 | 178 | <input type="hidden" name="do" value="login" /> | 180 | {vb:phrase openid_description_assoc} |
493 | 179 | <input type="hidden" name="vb_login_md5password" /> | 181 | </div> |
494 | 180 | <input type="hidden" name="vb_login_md5password_utf" /> | 182 | |
495 | 181 | <!-- / login form --> | 183 | <h3 class="blocksubhead">{vb:raw log_in}</h3> |
496 | 182 | </div> | 184 | <div class="blockrow"> |
497 | 183 | </div> | 185 | <label for="vb_login_username">{vb:phrase username}</label> |
498 | 184 | <div style="margin-top:$stylevar[cellpadding]px"> | 186 | <input type="text" class="primary textbox" id="vb_login_username" name="vb_login_username" value="{vb:raw openid_username}" accesskey="u" tabindex="1"> |
499 | 185 | <input type="submit" class="button" tabindex="104" value="$vbphrase[openid_button_assoc]" accesskey="s" title="$vbphrase[enter_username_to_login_or_register]" /> | 187 | </div> |
500 | 186 | <input type="reset" class="button" name="Reset" value="$vbphrase[reset_fields]" /> | 188 | <div class="blockrow"> |
501 | 187 | </div> | 189 | <label for="vb_login_password">{vb:phrase password}</label> |
502 | 188 | </td> | 190 | <input type="password" class="primary textbox" id="vb_login_password" name="vb_login_password" tabindex="1"> |
503 | 189 | </tr> | 191 | </div> |
504 | 190 | </table> | 192 | <div class="blockrow singlecheck"> |
505 | 191 | </form> | 193 | <label for="cb_cookieuser"><input type="checkbox" name="cookieuser" id="cb_cookieuser" value="1" tabindex="1"> {vb:phrase remember_me}</label> |
506 | 192 | <br/> | 194 | </div> |
507 | 193 | 195 | </div> | |
508 | 194 | <table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center"> | 196 | <div class="blockfoot actionbuttons"> |
509 | 195 | <tr> | 197 | <div class="group"> |
510 | 196 | <td class="tcat">$vbphrase[openid_fieldset_register]</td> | 198 | <input type="submit" class="button" value="{vb:phrase openid_button_assoc}" accesskey="s" tabindex="1" title="{vb:phrase enter_username_to_login_or_register}"> |
511 | 197 | </tr> | 199 | <input type="reset" class="button" value="{vb:phrase reset_fields}" accesskey="r" tabindex="1"> |
512 | 198 | <tr> | 200 | </div> |
513 | 199 | <td class="alt1"><ul>$vbphrase[openid_description_register]</ul></td> | 201 | </div> |
514 | 200 | </tr> | 202 | </form> |
515 | 201 | </table> | 203 | </div> |
516 | 202 | 204 | ||
517 | 203 | $footer | 205 | <p> |
518 | 204 | 206 | <em>{vb:phrase openid_fieldset_register}</em><br> | |
519 | 205 | </body> | 207 | {vb:phrase openid_description_register} |
520 | 206 | </html> | 208 | </p> |
521 | 207 | ]]> | 209 | |
522 | 208 | </template> | 210 | {vb:raw footer} |
523 | 209 | <template name="openid_login_box" templatetype="template" date="1152640721" username="wnorris" version="1.0.0"><![CDATA[ | 211 | |
524 | 212 | </body> | ||
525 | 213 | </html> | ||
526 | 214 | ]]></template> | ||
527 | 215 | </templates> | ||
528 | 216 | <plugins> | ||
529 | 217 | <plugin active="1"> | ||
530 | 218 | <title>OpenID Login Box</title> | ||
531 | 219 | <hookname>cache_templates</hookname> | ||
532 | 220 | <phpcode> | ||
533 | 221 | <![CDATA[$globaltemplates = array_merge((array)$globaltemplates, array('openid_login_box', 'openid_request_email', 'openid_redirect_form'));]]> | ||
534 | 222 | </phpcode> | ||
535 | 223 | </plugin> | ||
536 | 224 | <plugin active="1"> | ||
537 | 225 | <title>Fix OpenID POST vars</title> | ||
538 | 226 | <hookname>global_bootstrap_init_start</hookname> | ||
539 | 227 | <phpcode> | ||
540 | 228 | <![CDATA[ | ||
541 | 229 | if (THIS_SCRIPT == 'login' AND $_REQUEST['do'] == 'login' AND ($_REQUEST['openid'] OR $_REQUEST['openid.mode'] OR $_REQUEST['openid_mode'])) | ||
542 | 230 | { | ||
543 | 231 | $_POST['do'] = 'login'; | ||
544 | 232 | if (!$_POST['vb_login_username']) { | ||
545 | 233 | $_POST['vb_login_username'] = '.'; | ||
546 | 234 | } | ||
547 | 235 | } | ||
548 | 236 | ]]> | ||
549 | 237 | </phpcode> | ||
550 | 238 | </plugin> | ||
551 | 239 | <plugin active="1"> | ||
552 | 240 | <title>OpenID Authentication</title> | ||
553 | 241 | <hookname>login_failure</hookname> | ||
554 | 242 | <phpcode> | ||
555 | 243 | <![CDATA[include('vbopenid/openid_authenticate.php');]]> | ||
556 | 244 | </phpcode> | ||
557 | 245 | </plugin> | ||
558 | 246 | <plugin active="1"> | ||
559 | 247 | <title>OpenID associate existing user </title> | ||
560 | 248 | <hookname>login_process</hookname> | ||
561 | 249 | <phpcode> | ||
562 | 250 | <![CDATA[include('vbopenid/openid_associate.php');]]> | ||
563 | 251 | </phpcode> | ||
564 | 252 | </plugin> | ||
565 | 253 | <plugin active="1"> | ||
566 | 254 | <title>OpenID Login Box</title> | ||
567 | 255 | <hookname>parse_templates</hookname> | ||
568 | 256 | <phpcode> | ||
569 | 257 | <![CDATA[ | ||
570 | 258 | //$templater = vB_Template::create('openid_login_box'); | ||
571 | 259 | //$openid_login_box = $templater->render(true, true); | ||
572 | 260 | //$template_hook['header'] .= $openid_login_box; | ||
573 | 261 | ]]> | ||
574 | 262 | </phpcode> | ||
575 | 263 | </plugin> | ||
576 | 264 | </plugins> | ||
577 | 265 | <phrases> | ||
578 | 266 | <phrasetype name="vBulletin Settings" fieldname="vbsettings"> | ||
579 | 267 | <phrase name="setting_openid_field_desc"><![CDATA[Name of the custom profile field used for storing OpenIDs.]]></phrase> | ||
580 | 268 | <phrase name="setting_openid_field_title"><![CDATA[OpenID Profile Field]]></phrase> | ||
581 | 269 | <phrase name="setting_openid_secret_desc"><![CDATA[A randomly generated secret to avoid OpenID tampering during automatic registration, after authenticating with the provider, but before we create the user.]]></phrase> | ||
582 | 270 | <phrase name="setting_openid_secret_title"><![CDATA[A Random Secret]]></phrase> | ||
583 | 271 | <phrase name="setting_openid_math_desc"><![CDATA[Does this PHP installation have advanced math support such as gmp or bcmath?]]></phrase> | ||
584 | 272 | <phrase name="setting_openid_math_title"><![CDATA[Math Support]]></phrase> | ||
585 | 273 | <phrase name="setting_openid_auto_register_desc"><![CDATA[Automatically register a new user when an unknown OpenID is authenticated?]]></phrase> | ||
586 | 274 | <phrase name="setting_openid_auto_register_title"><![CDATA[Automatic User Registration]]></phrase> | ||
587 | 275 | <phrase name="setting_openid_path_desc"><![CDATA[If the OpenID libraries aren't available on the standard include path, enter the directory where they are installed.]]></phrase> | ||
588 | 276 | <phrase name="setting_openid_path_title"><![CDATA[Library Path]]></phrase> | ||
589 | 277 | <phrase name="setting_openid_allowedproviders_desc"><![CDATA[Coma-separated list of allowed providers. Each provider is taken as a regex to check if a particular server should be allowed. Leave blank to allow all providers.]]></phrase> | ||
590 | 278 | <phrase name="setting_openid_allowedproviders_title"><![CDATA[Allowed Providers]]></phrase> | ||
591 | 279 | <phrase name="settinggroup_openid"><![CDATA[OpenID]]></phrase> | ||
592 | 280 | </phrasetype> | ||
593 | 281 | <phrasetype name="GLOBAL" fieldname="global"> | ||
594 | 282 | <phrase name="openid_fieldset_assoc_address"><![CDATA[Associate OpenID to an existing account]]></phrase> | ||
595 | 283 | <phrase name="openid_fieldset_register"><![CDATA[Register a new account]]></phrase> | ||
596 | 284 | <phrase name="openid_description_assoc"><![CDATA[If you already have a forum account and want to associate this ID to it, please fill in this form.]]></phrase> | ||
597 | 285 | <phrase name="openid_description_register"><![CDATA[If you don't yet have a forum account and want to register a new one, please <a href="register.php">click here</a>.]]></phrase> | ||
598 | 286 | <phrase name="openid_button_assoc"><![CDATA[Associate my ID to this account]]></phrase> | ||
599 | 287 | <phrase name="openid_following_errors_occurrred"><![CDATA[The following errors occurred during your registration:]]></phrase> | ||
600 | 288 | <phrase name="openid_first_time"><![CDATA[It's the first time that you've signed in using this OpenID]]></phrase> | ||
601 | 289 | <phrase name="openid_no_auto_register"><![CDATA[Sorry, you'll need to first associate this OpenID to an existing forum user, <em>or</em> register a new account to be able to sign in with your OpenID, as automatic user registration is disabled.]]></phrase> | ||
602 | 290 | <phrase name="openid_email_address_confirm"><![CDATA[Confirm Email Address:]]></phrase> | ||
603 | 291 | <phrase name="openid_complete_registration"><![CDATA[Complete Registration]]></phrase> | ||
604 | 292 | <phrase name="openid_login_box"> | ||
605 | 293 | <![CDATA[ | ||
606 | 210 | <!-- OpenID Login Box --> | 294 | <!-- OpenID Login Box --> |
627 | 211 | <div id="openid_login"> | 295 | <form class="logindetails" action="login.php" method="post"> |
628 | 212 | <a href="#"><img style="border:0" src="$stylevar[imgdir_button]/openid.png" alt="OpenID" /></a> | 296 | <input type="hidden" name="do" value="login" /> |
629 | 213 | <script type="text/javascript">vbmenu_register("openid_login");</script> | 297 | <input type="text" style="background:white url(http://openid.net/login-bg.gif) no-repeat 1px 1px; padding-left:20px" class="bginput" name="openid" size="20" /> <input type="submit" class="button" value="Go" /><br /> |
630 | 214 | </div> | 298 | </form> |
611 | 215 | |||
612 | 216 | <div class="vbmenu_popup" id="openid_login_menu" style="display:none"> | ||
613 | 217 | <table cellpadding="4" cellspacing="1" border="0"> | ||
614 | 218 | <tr> | ||
615 | 219 | <td class="thead">OpenID Login</td> | ||
616 | 220 | </tr> | ||
617 | 221 | <tr> | ||
618 | 222 | <td class="vbmenu_option" title="nohilite"> | ||
619 | 223 | <form action="login.php" method="post"> | ||
620 | 224 | <input type="hidden" name="do" value="login" /> | ||
621 | 225 | <input type="text" style="background:white url(http://openid.net/login-bg.gif) no-repeat 1px 1px; padding-left:20px" class="bginput" name="openid" size="20" /> <input type="submit" class="button" value="Go" /><br /> | ||
622 | 226 | </form> | ||
623 | 227 | </td> | ||
624 | 228 | </tr> | ||
625 | 229 | </table> | ||
626 | 230 | </div> | ||
631 | 231 | <!-- / OpenID Login Box --> | 299 | <!-- / OpenID Login Box --> |
726 | 232 | ]]></template> | 300 | ]]> |
727 | 233 | </templates> | 301 | </phrase> |
728 | 234 | <plugins> | 302 | </phrasetype> |
729 | 235 | <plugin active="1"> | 303 | <phrasetype name="Error Messages" fieldname="error"> |
730 | 236 | <title>OpenID Login Box</title> | 304 | <phrase name="openid_tamperedform"><![CDATA[Inconsistencies were detected in your form values. Please re-authenticate with your OpenID provider]]></phrase> |
731 | 237 | <hookname>cache_templates</hookname> | 305 | <phrase name="openid_server_not_allowed"><![CDATA[Sorry, we currently don't accept OpenIDs from your server ({1})]]></phrase> |
732 | 238 | <phpcode><![CDATA[$globaltemplates = array_merge($globaltemplates, array('openid_login_box', 'openid_request_email', 'openid_redirect_form'));]]></phpcode> | 306 | <phrase name="openid_redirect"><![CDATA[You are about to be redirected to your OpenID provider. If you are not redirected automatically, please click the continue button below.]]></phrase> |
733 | 239 | </plugin> | 307 | </phrasetype> |
734 | 240 | <plugin active="1"> | 308 | </phrases> |
735 | 241 | <title>Fix OpenID POST vars</title> | 309 | <options> |
736 | 242 | <hookname>global_start</hookname> | 310 | <settinggroup name="openid" displayorder="999"> |
737 | 243 | <phpcode><![CDATA[if (THIS_SCRIPT == 'login' AND $_REQUEST['do'] == 'login' AND ($_REQUEST['openid'] OR $_REQUEST['openid.mode'] OR $_REQUEST['openid_mode'])) | 311 | <setting varname="openid_path" displayorder="10"> |
738 | 244 | { | 312 | <datatype>free</datatype> |
739 | 245 | $_POST['do'] = 'login'; | 313 | </setting> |
740 | 246 | if (!$_POST['vb_login_username']) { | 314 | <setting varname="openid_math" displayorder="20"> |
741 | 247 | $_POST['vb_login_username'] = '.'; | 315 | <datatype>boolean</datatype> |
742 | 248 | } | 316 | <optioncode>yesno</optioncode> |
743 | 249 | }]]></phpcode> | 317 | <defaultvalue>0</defaultvalue> |
744 | 250 | </plugin> | 318 | </setting> |
745 | 251 | <plugin active="1"> | 319 | <setting varname="openid_auto_register" displayorder="30"> |
746 | 252 | <title>OpenID Authentication</title> | 320 | <datatype>boolean</datatype> |
747 | 253 | <hookname>login_failure</hookname> | 321 | <optioncode>yesno</optioncode> |
748 | 254 | <phpcode><![CDATA[include('openid_authenticate.php');]]></phpcode> | 322 | <defaultvalue>0</defaultvalue> |
749 | 255 | </plugin> | 323 | </setting> |
750 | 256 | <plugin active="1"> | 324 | <setting varname="openid_field" displayorder="50"> |
751 | 257 | <title>OpenID associate existing user </title> | 325 | <datatype>free</datatype> |
752 | 258 | <hookname>login_process</hookname> | 326 | <defaultvalue>OpenID</defaultvalue> |
753 | 259 | <phpcode><![CDATA[include('openid_associate.php');]]></phpcode> | 327 | </setting> |
754 | 260 | </plugin> | 328 | <setting varname="openid_allowedproviders" displayorder="60"> |
755 | 261 | <plugin active="1"> | 329 | <datatype>free</datatype> |
756 | 262 | <title>OpenID Login Box</title> | 330 | </setting> |
757 | 263 | <hookname>parse_templates</hookname> | 331 | <setting varname="openid_secret" displayorder="70"> |
758 | 264 | <phpcode><![CDATA[eval('$openid_login_box = "' . fetch_template('openid_login_box') . '";');]]></phpcode> | 332 | <datatype>free</datatype> |
759 | 265 | </plugin> | 333 | <defaultvalue>CHANGEME</defaultvalue> |
760 | 266 | </plugins> | 334 | </setting> |
761 | 267 | <phrases> | 335 | </settinggroup> |
762 | 268 | <phrasetype name="vBulletin Settings" fieldname="vbsettings"> | 336 | </options> |
763 | 269 | <phrase name="setting_openid_field_desc"><![CDATA[Name of the custom profile field used for storing OpenIDs.]]></phrase> | 337 | <!-- <helptopics/> --> |
764 | 270 | <phrase name="setting_openid_field_title"><![CDATA[OpenID Profile Field]]></phrase> | 338 | <!-- <cronentries/> --> |
765 | 271 | <phrase name="setting_openid_secret_desc"><![CDATA[A randomly generated secret to avoid OpenID tampering during automatic registration, after authenticating with the provider, but before we create the user.]]></phrase> | 339 | <!-- <faqentries/> --> |
672 | 272 | <phrase name="setting_openid_secret_title"><![CDATA[A Random Secret]]></phrase> | ||
673 | 273 | <phrase name="setting_openid_math_desc"><![CDATA[Does this PHP installation have advanced math support such as gmp or bcmath?]]></phrase> | ||
674 | 274 | <phrase name="setting_openid_math_title"><![CDATA[Math Support]]></phrase> | ||
675 | 275 | <phrase name="setting_openid_auto_register_desc"><![CDATA[Automatically register a new user when an unknown OpenID is authenticated?]]></phrase> | ||
676 | 276 | <phrase name="setting_openid_auto_register_title"><![CDATA[Automatic User Registration]]></phrase> | ||
677 | 277 | <phrase name="setting_openid_path_desc"><![CDATA[If the OpenID libraries aren't available on the standard include path, enter the directory where they are installed.]]></phrase> | ||
678 | 278 | <phrase name="setting_openid_path_title"><![CDATA[Library Path]]></phrase> | ||
679 | 279 | <phrase name="setting_openid_allowedproviders_desc"><![CDATA[Coma-separated list of allowed providers. Each provider is taken as a regex to check if a particular server should be allowed. Leave blank to allow all providers.]]></phrase> | ||
680 | 280 | <phrase name="setting_openid_allowedproviders_title"><![CDATA[Allowed Providers]]></phrase> | ||
681 | 281 | <phrase name="settinggroup_openid"><![CDATA[OpenID]]></phrase> | ||
682 | 282 | </phrasetype> | ||
683 | 283 | <phrasetype name="GLOBAL" fieldname="global"> | ||
684 | 284 | <phrase name="openid_fieldset_assoc_address"><![CDATA[Associate OpenID to an existing account]]></phrase> | ||
685 | 285 | <phrase name="openid_fieldset_register"><![CDATA[Register a new account]]></phrase> | ||
686 | 286 | <phrase name="openid_description_assoc"><![CDATA[If you already have a forum account and want to associate this ID to it, please fill in this form.]]></phrase> | ||
687 | 287 | <phrase name="openid_description_register"><![CDATA[If you don't yet have a forum account and want to register a new one, please <a href="register.php">click here</a>.]]></phrase> | ||
688 | 288 | <phrase name="openid_button_assoc"><![CDATA[Associate my ID to this account]]></phrase> | ||
689 | 289 | <phrase name="openid_first_time"><![CDATA[It's the first time you sign in using this OpenID]]></phrase> | ||
690 | 290 | <phrase name="openid_no_auto_register"><![CDATA[Sorry, you'll need to first associate this OpenID to an existing forum user, <b><big>or</big></b> register a new account to be able to sign in with your OpenID, as automatic user registration is disabled.]]></phrase> | ||
691 | 291 | </phrasetype> | ||
692 | 292 | <phrasetype name="Error Messages" fieldname="error"> | ||
693 | 293 | <phrase name="openid_tamperedform"><![CDATA[Inconsistencies were detected in your form values. Please re-authenticate with your OpenID provider]]></phrase> | ||
694 | 294 | <phrase name="openid_server_not_allowed"><![CDATA[Sorry, we currently don't accept OpenIDs from your server ({1})]]></phrase> | ||
695 | 295 | <phrase name="openid_redirect"><![CDATA[You are about to be redirected to your OpenID provider. If you are not redirected automatically, please click the continue button below.]]></phrase> | ||
696 | 296 | </phrasetype> | ||
697 | 297 | </phrases> | ||
698 | 298 | <options> | ||
699 | 299 | <settinggroup name="openid" displayorder="999"> | ||
700 | 300 | <setting varname="openid_path" displayorder="10"> | ||
701 | 301 | <datatype>free</datatype> | ||
702 | 302 | </setting> | ||
703 | 303 | <setting varname="openid_math" displayorder="20"> | ||
704 | 304 | <datatype>boolean</datatype> | ||
705 | 305 | <optioncode>yesno</optioncode> | ||
706 | 306 | <defaultvalue>0</defaultvalue> | ||
707 | 307 | </setting> | ||
708 | 308 | <setting varname="openid_auto_register" displayorder="30"> | ||
709 | 309 | <datatype>boolean</datatype> | ||
710 | 310 | <optioncode>yesno</optioncode> | ||
711 | 311 | <defaultvalue>0</defaultvalue> | ||
712 | 312 | </setting> | ||
713 | 313 | <setting varname="openid_field" displayorder="50"> | ||
714 | 314 | <datatype>free</datatype> | ||
715 | 315 | <defaultvalue>OpenID</defaultvalue> | ||
716 | 316 | </setting> | ||
717 | 317 | <setting varname="openid_allowedproviders" displayorder="60"> | ||
718 | 318 | <datatype>free</datatype> | ||
719 | 319 | </setting> | ||
720 | 320 | <setting varname="openid_secret" displayorder="70"> | ||
721 | 321 | <datatype>free</datatype> | ||
722 | 322 | <defaultvalue>CHANGEME</defaultvalue> | ||
723 | 323 | </setting> | ||
724 | 324 | </settinggroup> | ||
725 | 325 | </options> | ||
766 | 326 | </product> | 340 | </product> |
767 | 327 | 341 | ||
768 | === modified file 'readme.txt' | |||
769 | --- readme.txt 2012-07-23 16:21:45 +0000 | |||
770 | +++ readme.txt 2012-10-24 17:05:24 +0000 | |||
771 | @@ -1,5 +1,6 @@ | |||
772 | 1 | # Copyright 2009 William Norris | 1 | # Copyright 2009 William Norris |
773 | 2 | # Copyright 2009 Anthony Lenton | 2 | # Copyright 2009 Anthony Lenton |
774 | 3 | # Copyright 2012 Kyle Baker | ||
775 | 3 | # Copyright 2012 Canonical | 4 | # Copyright 2012 Canonical |
776 | 4 | # | 5 | # |
777 | 5 | # This file is part of vbulletin-openid-integration. | 6 | # This file is part of vbulletin-openid-integration. |
778 | @@ -21,13 +22,18 @@ | |||
779 | 21 | work with current versions of vBulletin and to add a few often-requested | 22 | work with current versions of vBulletin and to add a few often-requested |
780 | 22 | features. | 23 | features. |
781 | 23 | 24 | ||
783 | 24 | It has been tested on vBulletin 3.8.1. | 25 | It has been tested on vBulletin 4.2.0. |
784 | 25 | 26 | ||
785 | 26 | Its main features are: | 27 | Its main features are: |
791 | 27 | - Optional automatic registration of users if an unknown openid is | 28 | - Automatic User Registration |
792 | 28 | provided. | 29 | * Enabled: OpenID users can authenticate with your vBulletin Board |
793 | 29 | - If automatic registration is disabled, users can still associate existing | 30 | with no previous vBulletin username. If the OpenID provider does |
794 | 30 | forum accounts to their OpenID the first time they sign in. | 31 | not return an email address, the user will be prompted for an |
795 | 31 | - Optional restriction of allowed OpenID providers. | 32 | email address to link to their account. |
796 | 33 | * Disabled: OpenID users can authenticate with your vBulletin Board | ||
797 | 34 | using any OpenID provider of their choice. However, they MUST have | ||
798 | 35 | an existing vBulletin username to link their OpenID authentication | ||
799 | 36 | with the first time they sign in. | ||
800 | 37 | - Allowed Providers: Optional restriction of allowed OpenID providers. | ||
801 | 32 | 38 | ||
802 | 33 | 39 | ||
803 | 34 | 40 | ||
804 | === modified file 'upload/openid_associate.php' | |||
805 | --- upload/openid_associate.php 2012-07-23 16:21:45 +0000 | |||
806 | +++ upload/openid_associate.php 2012-10-24 17:05:24 +0000 | |||
807 | @@ -1,6 +1,8 @@ | |||
809 | 1 | <!-- | 1 | <?php |
810 | 2 | /** | ||
811 | 2 | Copyright 2009 William Norris | 3 | Copyright 2009 William Norris |
812 | 3 | Copyright 2009 Anthony Lenton | 4 | Copyright 2009 Anthony Lenton |
813 | 5 | Copyright 2012 Kyle Baker | ||
814 | 4 | Copyright 2012 Canonical | 6 | Copyright 2012 Canonical |
815 | 5 | 7 | ||
816 | 6 | This file is part of vbulletin-openid-integration. | 8 | This file is part of vbulletin-openid-integration. |
817 | @@ -17,37 +19,48 @@ | |||
818 | 17 | 19 | ||
819 | 18 | You should have received a copy of the GNU Lesser Public License | 20 | You should have received a copy of the GNU Lesser Public License |
820 | 19 | along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>. | 21 | along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>. |
854 | 20 | --> | 22 | */ |
855 | 21 | <?php | 23 | |
856 | 22 | /* | 24 | /* |
857 | 23 | * This file is connected to the login_process hook. | 25 | * This file is connected to the login_process hook. |
858 | 24 | * | 26 | * |
859 | 25 | * Here we handle the case where a user attempts to log in for the first time, | 27 | * Here we handle the case where a user attempts to log in for the first time, |
860 | 26 | * and automatic user creation is disabled. The user then cooses to associate | 28 | * and automatic user creation is disabled. The user then cooses to associate |
861 | 27 | * an existing forum user to the provided OpenID by sending a user/pass, | 29 | * an existing forum user to the provided OpenID by sending a user/pass, |
862 | 28 | * and the credentials are successfully verified. We can therefore safely | 30 | * and the credentials are successfully verified. We can therefore safely |
863 | 29 | * modify the user profile to associate it to the provided OpenID, for future | 31 | * modify the user profile to associate it to the provided OpenID, for future |
864 | 30 | * logins. | 32 | * logins. |
865 | 31 | */ | 33 | */ |
866 | 32 | 34 | ||
867 | 33 | require_once('openid_utils.php'); | 35 | require_once('vbopenid/openid_utils.php'); |
868 | 34 | 36 | ||
869 | 35 | $vbulletin->input->clean_array_gpc('r', array( | 37 | $vbulletin->input->clean_array_gpc('r', array( |
870 | 36 | 'openid' => TYPE_STR, | 38 | 'openid' => TYPE_STR, |
871 | 37 | 'openid_confirm' => TYPE_STR, | 39 | 'openid_confirm' => TYPE_STR, |
872 | 38 | )); | 40 | )); |
873 | 39 | 41 | ||
874 | 40 | if ($vbulletin->GPC['openid_confirm']) { | 42 | error_log("Entering openid_associate.php...", 0); |
875 | 41 | $openid = $vbulletin->GPC['openid']; | 43 | if ($vbulletin->GPC['openid_confirm']) |
876 | 42 | $checksum = crypt($openid, $vbulletin->options['openid_secret']); | 44 | { |
877 | 43 | if ($vbulletin->GPC['openid_confirm'] == $checksum) { | 45 | $openid = $vbulletin->GPC['openid']; |
878 | 44 | $username = $vbulletin->GPC['vb_login_username']; | 46 | $checksum = crypt($openid, $vbulletin->options['openid_secret']); |
879 | 45 | $userid = $vbulletin->userinfo['userid']; | 47 | |
880 | 46 | vBOpenID_setOpenID ($userid, $openid, $vbulletin); | 48 | error_log("GPC openid_confirm: " . $vbulletin->GPC['openid_confirm'] . ":" . $checksum, 0); |
881 | 47 | $vbulletin->url = $vbulletin->options['homeurl']; | 49 | if ($vbulletin->GPC['openid_confirm'] == $checksum) |
882 | 48 | } | 50 | { |
883 | 49 | /*else { | 51 | $username = $vbulletin->GPC['vb_login_username']; |
884 | 50 | Let the error silently pass, simply don't associate anything. | 52 | $userid = $vbulletin->userinfo['userid']; |
885 | 51 | }*/ | 53 | error_log("username: " . $username, 0); |
886 | 52 | } | 54 | error_log("userid: " . $userid, 0); |
887 | 55 | |||
888 | 56 | vBOpenID_setOpenID ($userid, $openid, $vbulletin); | ||
889 | 57 | $vbulletin->url = $vbulletin->options['homeurl']; | ||
890 | 58 | error_log("vbulletin url: " . $vbulletin->url, 0); | ||
891 | 59 | } | ||
892 | 60 | /*else | ||
893 | 61 | { | ||
894 | 62 | Let the error silently pass, simply don't associate anything. | ||
895 | 63 | }*/ | ||
896 | 64 | } | ||
897 | 65 | error_log("Exiting openid_associate.php...", 0); | ||
898 | 53 | ?> | 66 | ?> |
899 | 54 | 67 | ||
900 | === modified file 'upload/openid_authenticate.php' | |||
901 | --- upload/openid_authenticate.php 2012-07-23 16:21:45 +0000 | |||
902 | +++ upload/openid_authenticate.php 2012-10-24 17:05:24 +0000 | |||
903 | @@ -1,6 +1,8 @@ | |||
905 | 1 | <!-- | 1 | <?php |
906 | 2 | /** | ||
907 | 2 | Copyright 2009 William Norris | 3 | Copyright 2009 William Norris |
908 | 3 | Copyright 2009 Anthony Lenton | 4 | Copyright 2009 Anthony Lenton |
909 | 5 | Copyright 2012 Kyle Baker | ||
910 | 4 | Copyright 2012 Canonical | 6 | Copyright 2012 Canonical |
911 | 5 | 7 | ||
912 | 6 | This file is part of vbulletin-openid-integration. | 8 | This file is part of vbulletin-openid-integration. |
913 | @@ -17,314 +19,528 @@ | |||
914 | 17 | 19 | ||
915 | 18 | You should have received a copy of the GNU Lesser Public License | 20 | You should have received a copy of the GNU Lesser Public License |
916 | 19 | along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>. | 21 | along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>. |
1227 | 20 | --> | 22 | */ |
1228 | 21 | <?php | 23 | |
1229 | 22 | /* | 24 | /* |
1230 | 23 | * This file is connected to the login_failure hook. | 25 | * This file is connected to the login_failure hook. |
1231 | 24 | * | 26 | * |
1232 | 25 | * Here we handle all signing in via OpenID. If the user provides a valid | 27 | * Here we handle all signing in via OpenID. If the user provides a valid |
1233 | 26 | * OpenID but not a user/pass the login callback will fail, giving us a chance | 28 | * OpenID but not a user/pass the login callback will fail, giving us a chance |
1234 | 27 | * to perform additional authentication. | 29 | * to perform additional authentication. |
1235 | 28 | */ | 30 | */ |
1236 | 29 | require_once 'openid_utils.php'; | 31 | require_once 'vbopenid/openid_utils.php'; |
1237 | 30 | vBOpenID_init ($vbulletin); | 32 | vBOpenID_init ($vbulletin); |
1238 | 31 | 33 | ||
1239 | 32 | require_once 'Auth/OpenID.php'; | 34 | require_once 'Auth/OpenID.php'; |
1240 | 33 | require_once 'Auth/OpenID/Consumer.php'; | 35 | require_once 'Auth/OpenID/Consumer.php'; |
1241 | 34 | require_once 'Auth/OpenID/SReg.php'; | 36 | require_once 'Auth/OpenID/SReg.php'; |
1242 | 35 | 37 | ||
1243 | 36 | require_once 'openid_store.php'; | 38 | require_once 'vbopenid/openid_store.php'; |
1244 | 37 | session_name('vbulletin-openid'); | 39 | session_name('vbulletin-openid'); |
1245 | 38 | session_start(); | 40 | session_start(); |
1246 | 39 | 41 | ||
1247 | 40 | $loginSuccess = False; | 42 | $loginSuccess = false; |
1248 | 41 | 43 | ||
1249 | 42 | $dbStore = new vBulletin_OpenID_OptionStore($vbulletin); | 44 | $dbStore = new vBulletin_OpenID_OptionStore($vbulletin); |
1250 | 43 | $dbStore->cleanupNonces(); | 45 | $dbStore->cleanupNonces(); |
1251 | 44 | $auth = new Auth_OpenID_Consumer($dbStore); | 46 | $auth = new Auth_OpenID_Consumer($dbStore); |
1252 | 45 | 47 | ||
1253 | 46 | $vbulletin->input->clean_array_gpc('r', array( | 48 | $vbulletin->input->clean_array_gpc('r', array( |
1254 | 47 | 'openid' => TYPE_STR, | 49 | 'openid' => TYPE_STR, |
1255 | 48 | 'openid_mode' => TYPE_STR, | 50 | 'openid_mode' => TYPE_STR, |
1256 | 49 | 'openid_confirm' => TYPE_STR, | 51 | 'openid_confirm' => TYPE_STR, |
1257 | 50 | 'email' => TYPE_STR, | 52 | 'email' => TYPE_STR, |
1258 | 51 | 'email_confirm' => TYPE_STR, | 53 | 'email_confirm' => TYPE_STR, |
1259 | 52 | 'openid_username' => TYPE_STR, | 54 | 'openid_username' => TYPE_STR, |
1260 | 53 | 'openid_action' => TYPE_STR, | 55 | 'openid_action' => TYPE_STR, |
1261 | 54 | )); | 56 | )); |
1262 | 55 | 57 | ||
1263 | 56 | /* | 58 | /* |
1264 | 57 | * Picks an available username based on any username. | 59 | * Picks an available username based on any username. |
1265 | 58 | * (Search for the lowest numerical suffix we need to append to get an | 60 | * (Search for the lowest numerical suffix we need to append to get an |
1266 | 59 | * available username) | 61 | * available username) |
1267 | 60 | */ | 62 | */ |
1268 | 61 | function pick_username($basename, $vbulletin) { | 63 | function pick_username($basename, $vbulletin) |
1269 | 62 | $result = $basename; | 64 | { |
1270 | 63 | $usedNames = $vbulletin->db->query_read(" | 65 | $result = $basename; |
1271 | 64 | SELECT username FROM " . TABLE_PREFIX . "user | 66 | $usedNames = $vbulletin->db->query_read(" |
1272 | 65 | WHERE username LIKE '" . $basename . "%' | 67 | SELECT username FROM " . TABLE_PREFIX . "user |
1273 | 66 | "); | 68 | WHERE username LIKE '" . $basename . "%' |
1274 | 67 | if ($usedNames->num_rows > 0) { | 69 | "); |
1275 | 68 | $used = array(); | 70 | |
1276 | 69 | for ($i = 0; $i < $usedNames->num_rows; $i++) { | 71 | if ($usedNames->num_rows > 0) |
1277 | 70 | $row = $usedNames->fetch_array(); | 72 | { |
1278 | 71 | $used[] = $row['username']; | 73 | $used = array(); |
1279 | 72 | } | 74 | for ($i = 0; $i < $usedNames->num_rows; $i++) |
1280 | 73 | $suffix = 2; | 75 | { |
1281 | 74 | $found = False; | 76 | $row = $usedNames->fetch_array(); |
1282 | 75 | while (!$found) { | 77 | $used[] = $row['username']; |
1283 | 76 | if (!in_array($basename . $suffix, $used)) { | 78 | } |
1284 | 77 | $result = $basename . $suffix; | 79 | |
1285 | 78 | $found = True; | 80 | $suffix = 2; |
1286 | 79 | } | 81 | $found = false; |
1287 | 80 | else { | 82 | while (!$found) |
1288 | 81 | $suffix++; | 83 | { |
1289 | 82 | } | 84 | if (!in_array($basename . $suffix, $used)) |
1290 | 83 | } | 85 | { |
1291 | 84 | } | 86 | $result = $basename . $suffix; |
1292 | 85 | return $result; | 87 | $found = true; |
1293 | 86 | } | 88 | } |
1294 | 87 | 89 | else | |
1295 | 88 | /* | 90 | { |
1296 | 89 | * This function creates a user with the provided data. | 91 | $suffix++; |
1297 | 90 | * $username might or might not exist in the DB, we'll just do our best. | 92 | } |
1298 | 91 | * $email should not exist in the DB | 93 | } |
1299 | 92 | */ | 94 | } |
1300 | 93 | function vBOpenID_createUser ($username, $email, $url, $vbulletin) { | 95 | |
1301 | 94 | // init user datamanager class | 96 | error_log("pick_username: " . $result, 0); |
1302 | 95 | $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY); | 97 | return $result; |
1303 | 96 | 98 | } | |
1304 | 97 | $username = pick_username($username, $vbulletin); | 99 | |
1305 | 98 | 100 | /* | |
1306 | 99 | $userdata->set('username', $username); | 101 | * This function creates a user with the provided data. |
1307 | 100 | 102 | * $username might or might not exist in the DB, we'll just do our best. | |
1308 | 101 | $newusergroupid = $vbulletin->options['moderatenewmembers'] ? 4 : 2; | 103 | * $email should not exist in the DB |
1309 | 102 | 104 | */ | |
1310 | 103 | 105 | function vBOpenID_createUser ($username, $email, $url, $vbulletin) | |
1311 | 104 | //generate random password | 106 | { |
1312 | 105 | $userdata->set('password', generate_password()); | 107 | // init user datamanager class |
1313 | 106 | 108 | $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY); | |
1314 | 107 | // set usergroupid | 109 | |
1315 | 108 | $userdata->set('usergroupid', $newusergroupid); | 110 | $username = pick_username($username, $vbulletin); |
1316 | 109 | 111 | ||
1317 | 110 | // set languageid | 112 | $userdata->set('username', $username); |
1318 | 111 | $userdata->set('languageid', $vbulletin->userinfo['languageid']); | 113 | |
1319 | 112 | 114 | $newusergroupid = $vbulletin->options['moderatenewmembers'] ? 4 : 2; | |
1320 | 113 | // set user title | 115 | |
1321 | 114 | $ugroup = $vbulletin->usergroupcache["$newusergroupid"]; | 116 | |
1322 | 115 | $userdata->set_usertitle('', false, $ugroup, false, false); | 117 | //generate random password |
1323 | 116 | 118 | $userdata->set('password', generate_password()); | |
1324 | 117 | // register IP address | 119 | |
1325 | 118 | $userdata->set('ipaddress', IPADDRESS); | 120 | // set usergroupid |
1326 | 119 | $userdata->set('email', $email); | 121 | $userdata->set('usergroupid', $newusergroupid); |
1327 | 120 | $userdata->pre_save(); | 122 | |
1328 | 121 | // check for errors | 123 | // set languageid |
1329 | 122 | if (!empty($userdata->errors)) | 124 | $userdata->set('languageid', $vbulletin->userinfo['languageid']); |
1330 | 123 | { | 125 | |
1331 | 124 | $errorlist = ''; | 126 | // set user title |
1332 | 125 | foreach ($userdata->errors AS $index => $error) | 127 | $ugroup = $vbulletin->usergroupcache["$newusergroupid"]; |
1333 | 126 | { | 128 | $userdata->set_usertitle('', false, $ugroup, false, false); |
1334 | 127 | $errorlist .= "<li>$error</li>"; | 129 | |
1335 | 128 | } | 130 | // register IP address |
1336 | 129 | return $errorlist; | 131 | $userdata->set('ipaddress', IPADDRESS); |
1337 | 130 | } | 132 | $userdata->set('email', $email); |
1338 | 131 | else | 133 | $userdata->pre_save(); |
1339 | 132 | { | 134 | |
1340 | 133 | // save the data | 135 | // check for errors |
1341 | 134 | $vbulletin->userinfo['userid'] = $userid = $userdata->save(); | 136 | if (!empty($userdata->errors)) |
1342 | 135 | // set OpenID field | 137 | { |
1343 | 136 | vBOpenID_setOpenID ($userid, $url, $vbulletin); | 138 | $errorlist = ''; |
1344 | 137 | } | 139 | foreach ($userdata->errors AS $index => $error) |
1345 | 138 | return False; | 140 | { |
1346 | 139 | } | 141 | $errorlist .= "<li>$error</li>"; |
1347 | 140 | $return_to = $vbulletin->options['bburl'] . '/login.php?do=login'; | 142 | } |
1348 | 141 | if ($vbulletin->GPC['openid_mode'] == 'id_res') { | 143 | |
1349 | 142 | // Coming back from the provider | 144 | return $errorlist; |
1350 | 143 | $return = $auth->complete($return_to); | 145 | } |
1351 | 144 | $openid = $return->getDisplayIdentifier(); | 146 | else |
1352 | 145 | 147 | { | |
1353 | 146 | if ($return->status == Auth_OpenID_SUCCESS) { | 148 | // save the data |
1354 | 147 | // Coming back from the provider with a successfull authentication. | 149 | $vbulletin->userinfo['userid'] = $userid = $userdata->save(); |
1355 | 148 | $fieldname = find_openid_fieldname($vbulletin); | 150 | // set OpenID field |
1356 | 149 | $alternate = ereg_replace('https?://(.+)/', '\\1', $openid); | 151 | vBOpenID_setOpenID ($userid, $url, $vbulletin); |
1357 | 150 | $queryResult = $vbulletin->db->query_first(" | 152 | } |
1358 | 151 | SELECT userid FROM userfield | 153 | |
1359 | 152 | WHERE $fieldname='$openid' OR $fieldname='$alternate' | 154 | error_log("vBOpenID_createUser: false", 0); |
1360 | 153 | "); | 155 | return false; |
1361 | 154 | 156 | } | |
1362 | 155 | if ($queryResult['userid'] > 0) { | 157 | |
1363 | 156 | // Coming back from the provider with a successful authentication | 158 | |
1364 | 157 | // we find that the openid is already associated to a forum user | 159 | $return_to = $vbulletin->options['bburl'] . '/login.php?do=login'; |
1365 | 158 | $vbulletin->userinfo = $vbulletin->db->query_first(" | 160 | if ($vbulletin->GPC['openid_mode'] == 'id_res') |
1366 | 159 | SELECT userid, usergroupid, membergroupids, username | 161 | { |
1367 | 160 | FROM " . TABLE_PREFIX . "user | 162 | // Coming back from the provider |
1368 | 161 | WHERE userid = '" . $queryResult['userid'] . "' | 163 | $return = $auth->complete($return_to); |
1369 | 162 | "); | 164 | |
1370 | 163 | $vbulletin->url = $vbulletin->options['homeurl']; | 165 | // The DisplayIdentifier is the Claimed ID, whereas the Local ID is |
1371 | 164 | $loginSuccess = True; | 166 | // the ID that the provider refers to you as. Its safer to just keep |
1372 | 165 | } | 167 | // track of the Local ID, but we can switch back to the Display ID |
1373 | 166 | else if ($vbulletin->options['openid_auto_register']) { | 168 | // if necessary. |
1374 | 167 | // Coming back from the provider with a successful authentication | 169 | //$openid = $return->getDisplayIdentifier(); |
1375 | 168 | // we find that the openid is not associated to a forum user, but | 170 | $openid = $return->endpoint->getLocalID(); |
1376 | 169 | // autoregistration is enabled | 171 | |
1377 | 170 | $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($return); | 172 | error_log("return_to return: " . $return, 0); |
1378 | 171 | 173 | error_log("return_to openid: " . $openid, 0); | |
1379 | 172 | $sreg = $sreg_resp->contents(); | 174 | |
1380 | 173 | 175 | // Was the authentication successful? If not, lets destroy the session. | |
1381 | 174 | if (@$sreg['nickname']) { | 176 | if ($return->status == Auth_OpenID_SUCCESS) |
1382 | 175 | $openid_username = $sreg['nickname']; | 177 | { |
1383 | 176 | } | 178 | // Coming back from the provider with a successful authentication. |
1384 | 177 | else { | 179 | $fieldname = find_openid_fieldname($vbulletin); |
1385 | 178 | $openid_username = munge_url($return->getDisplayIdentifier()); | 180 | $alternate = ereg_replace('https?://(.+)/', '\\1', $openid); |
1386 | 179 | } | 181 | |
1387 | 180 | 182 | // We need to make sure that our fieldname was found, otherwise abort. | |
1388 | 181 | if (@$sreg['email']) { | 183 | if ($fieldname) |
1389 | 182 | // Coming back from the provider with a successful authentication | 184 | { |
1390 | 183 | // we find that the openid is not associated to a forum user. | 185 | $queryResult = $vbulletin->db->query_first(" |
1391 | 184 | // Autoregistration is enabled, and an email was provided | 186 | SELECT userid FROM " . TABLE_PREFIX . "userfield |
1392 | 185 | // so attempt to create the user. | 187 | WHERE $fieldname='$openid' OR $fieldname='$alternate' |
1393 | 186 | $errorlist = vBOpenID_createUser ($openid_username, | 188 | "); |
1394 | 187 | $sreg['email'], $openid, $vbulletin); | 189 | } |
1395 | 188 | if ($errorlist === False) { | 190 | |
1396 | 189 | // Success! User created, continue to the forum | 191 | if (isset($queryResult) && $queryResult['userid'] > 0) |
1397 | 190 | $vbulletin->url = $vbulletin->options['homeurl']; | 192 | { |
1398 | 191 | $loginSuccess = True; | 193 | // Coming back from the provider with a successful authentication |
1399 | 192 | } | 194 | // we find that the openid is already associated to a forum user |
1400 | 193 | else { | 195 | $vbulletin->userinfo = $vbulletin->db->query_first(" |
1401 | 194 | // Automatic registration failed. It should be a duplicate | 196 | SELECT userid, usergroupid, membergroupids, username |
1402 | 195 | // email problem, so we'll need to ask the user for a | 197 | FROM " . TABLE_PREFIX . "user |
1403 | 196 | // different email. | 198 | WHERE userid = '" . $queryResult['userid'] . "' |
1404 | 197 | $openid_confirm = crypt($openid, | 199 | "); |
1405 | 198 | $vbulletin->options['openid_secret']); | 200 | $vbulletin->url = $vbulletin->options['homeurl']; |
1406 | 199 | $email = $email_confirm = $sreg['email']; | 201 | $loginSuccess = true; |
1407 | 200 | $openid_username = htmlspecialchars_uni($openid_username); | 202 | } |
1408 | 201 | $show['errors'] = True; | 203 | else if ($vbulletin->options['openid_auto_register']) |
1409 | 202 | $template = fetch_template('openid_request_email'); | 204 | { |
1410 | 203 | eval('print_output("' . $template . '");'); | 205 | // Coming back from the provider with a successful authentication |
1411 | 204 | $loginSuccess = False; | 206 | // we find that the openid is not associated to a forum user, but |
1412 | 205 | } | 207 | // autoregistration is enabled |
1413 | 206 | } | 208 | $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($return); |
1414 | 207 | else { | 209 | |
1415 | 208 | // Coming back from the provider with a successful authentication | 210 | $sreg = $sreg_resp->contents(); |
1416 | 209 | // we find that the openid is not associated to a forum user, but | 211 | |
1417 | 210 | // autoregistration is enabled. Unluckily, no email was provided | 212 | if (@$sreg['nickname']) |
1418 | 211 | // so we must ask the user. | 213 | { |
1419 | 212 | $openid_confirm = crypt($openid, | 214 | $openid_username = $sreg['nickname']; |
1420 | 213 | $vbulletin->options['openid_secret']); | 215 | error_log("openid_username 'nickname': " . $openid_username, 0); |
1421 | 214 | $errorlist = "<li>Your OpenID provider didn't send us your | 216 | } |
1422 | 215 | email address. Please provide a valid email | 217 | else |
1423 | 216 | address to continue:</li>"; | 218 | { |
1424 | 217 | $show['errors'] = True; | 219 | $openid_username = munge_url($return->getDisplayIdentifier()); |
1425 | 218 | $template = fetch_template('openid_request_email'); | 220 | error_log("openid_username: " . $openid_username, 0); |
1426 | 219 | eval('print_output("' . $template . '");'); | 221 | } |
1427 | 220 | 222 | ||
1428 | 221 | $loginSuccess = False; | 223 | // Did the provider send use the users email address? |
1429 | 222 | } | 224 | if (@$sreg['email']) |
1430 | 223 | } | 225 | { |
1431 | 224 | else { | 226 | // Coming back from the provider with a successful authentication |
1432 | 225 | // Coming back from the provider with a successful authentication | 227 | // we find that the openid is not associated to a forum user. |
1433 | 226 | // we find that the openid is not associated to a forum user. | 228 | // Autoregistration is enabled, and an email was provided |
1434 | 227 | // Autoregistration is disabled, so offer the user to associate the | 229 | // so attempt to create the user. |
1435 | 228 | // account to an existing forum user, or forward to the registration | 230 | $errorlist = vBOpenID_createUser ($openid_username, |
1436 | 229 | // form. | 231 | $sreg['email'], $openid, $vbulletin); |
1437 | 230 | $openid_confirm = crypt($openid, | 232 | |
1438 | 231 | $vbulletin->options['openid_secret']); | 233 | if ($errorlist === false) |
1439 | 232 | $errorlist = $vbphrase[openid_no_auto_register]; | 234 | { |
1440 | 233 | $show['errors'] = True; | 235 | // Success! User created, continue to the forum |
1441 | 234 | $template = fetch_template('openid_request_user_pass'); | 236 | $vbulletin->url = $vbulletin->options['homeurl']; |
1442 | 235 | eval('print_output("' . $template . '");'); | 237 | $loginSuccess = true; |
1443 | 236 | 238 | } | |
1444 | 237 | $loginSuccess = False; | 239 | else |
1445 | 238 | } | 240 | { |
1446 | 239 | } else { | 241 | // Automatic registration failed. It should be a duplicate |
1447 | 240 | // Coming back from the provider with a failed authentication. | 242 | // email problem, so we'll need to ask the user for a |
1448 | 241 | // Just leave things as they are and the system will tell the user. | 243 | // different email. |
1449 | 242 | session_destroy(); | 244 | $openid_confirm = crypt($openid, $vbulletin->options['openid_secret']); |
1450 | 243 | } | 245 | $email = $email_confirm = $sreg['email']; |
1451 | 244 | } else if ($vbulletin->GPC['openid_confirm'] && | 246 | $openid_username = htmlspecialchars_uni($openid_username); |
1452 | 245 | $vbulletin->GPC['openid_action']=='request_email') { | 247 | $show['errors'] = true; |
1453 | 246 | // Coming back from the email request form | 248 | |
1454 | 247 | $openid = $vbulletin->GPC['openid']; | 249 | // We need to build up our basic template sections |
1455 | 248 | $openid_confirm = $vbulletin->GPC['openid_confirm']; | 250 | $templater = vB_Template::create('headinclude'); |
1456 | 249 | $openid_username = $vbulletin->GPC['openid_username']; | 251 | $headinclude = $templater->render(true, true); |
1457 | 250 | $email = $vbulletin->GPC['email']; | 252 | $templater = vB_Template::create('header'); |
1458 | 251 | $email_confirm = $vbulletin->GPC['email_confirm']; | 253 | $header = $templater->render(true, true); |
1459 | 252 | if (crypt($openid, $vbulletin->options['openid_secret']) != $openid_confirm) { | 254 | $templater = vB_Template::create('navbar'); |
1460 | 253 | // Coming back from the email request form, the openid checksum | 255 | $navbar = $templater->render(true, true); |
1461 | 254 | // is wrong | 256 | $templater = vB_Template::create('footer'); |
1462 | 255 | eval(standard_error(fetch_error('openid_tamperedform'))); | 257 | $footer = $templater->render(true, true); |
1463 | 256 | } | 258 | |
1464 | 257 | else if ($email != $email_confirm) { | 259 | // Create our custom template and populate our variables |
1465 | 258 | // Coming back from the email request form, the provided emails | 260 | $templater = vB_Template::create('openid_request_email'); |
1466 | 259 | // don't match | 261 | $templater->register('headinclude', $headinclude); |
1467 | 260 | $errorlist="<li>The email addresses you provided did not match. | 262 | $templater->register('header', $header); |
1468 | 261 | Please try again.</li>"; | 263 | $templater->register('navbar', $navbar); |
1469 | 262 | $show['errors'] = true; | 264 | $templater->register('footer', $footer); |
1470 | 263 | $template = fetch_template('openid_request_email'); | 265 | $templater->register('errorlist', $errorlist); |
1471 | 264 | eval('print_output("' . $template . '");'); | 266 | $templater->register('openid', $openid); |
1472 | 265 | $loginSuccess = False; | 267 | $templater->register('openid_confirm', $openid_confirm); |
1473 | 266 | } | 268 | $templater->register('openid_username', $openid_username); |
1474 | 267 | else { | 269 | $templater->register('email', $email); |
1475 | 268 | // Coming back from the email request form, everything seems ok | 270 | $templater->register('email_confirm', $email_confirm); |
1476 | 269 | // so we can attempt to create a user | 271 | $template = $templater->render(true, true); |
1477 | 270 | $errorlist = vBOpenID_createUser($openid_username, $email, $openid, | 272 | print_output($template); |
1478 | 271 | $vbulletin); | 273 | |
1479 | 272 | if ($errorlist === False) { | 274 | $loginSuccess = false; |
1480 | 273 | // Success! Continue to the forum | 275 | } |
1481 | 274 | $vbulletin->url = $vbulletin->options['homeurl']; | 276 | } |
1482 | 275 | $loginSuccess = True; | 277 | else |
1483 | 276 | } | 278 | { |
1484 | 277 | else { | 279 | // Coming back from the provider with a successful authentication |
1485 | 278 | // User creation failed, so we need to ask again | 280 | // we find that the openid is not associated to a forum user, but |
1486 | 279 | $openid_username = htmlspecialchars_uni($openid_username); | 281 | // autoregistration is enabled. Unluckily, no email was provided |
1487 | 280 | $show['errors'] = true; | 282 | // so we must ask the user. |
1488 | 281 | $template = fetch_template('openid_request_email'); | 283 | $openid_confirm = crypt($openid, $vbulletin->options['openid_secret']); |
1489 | 282 | eval('print_output("' . $template . '");'); | 284 | $errorlist = "<li>Your OpenID provider didn't send us your |
1490 | 283 | $loginSuccess = False; | 285 | email address. Please provide a valid email |
1491 | 284 | } | 286 | address to continue:</li>"; |
1492 | 285 | } | 287 | $show['errors'] = true; |
1493 | 286 | } else if ($vbulletin->GPC['openid_confirm'] && | 288 | |
1494 | 287 | $vbulletin->GPC['openid_action']=='request_user') { | 289 | // We need to build up our basic template sections |
1495 | 288 | // Coming back from user/pass request form. This is already bad, as | 290 | $templater = vB_Template::create('headinclude'); |
1496 | 289 | // the user/pass form should authenticate successfully. | 291 | $headinclude = $templater->render(true, true); |
1497 | 290 | // A bad user/pass must have been provided, so ask again. | 292 | $templater = vB_Template::create('header'); |
1498 | 291 | $openid_confirm = $vbulletin->GPC['openid_confirm']; | 293 | $header = $templater->render(true, true); |
1499 | 292 | $errorlist = fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl']); | 294 | $templater = vB_Template::create('navbar'); |
1500 | 293 | $show['errors'] = True; | 295 | $navbar = $templater->render(true, true); |
1501 | 294 | $template = fetch_template('openid_request_user_pass'); | 296 | $templater = vB_Template::create('footer'); |
1502 | 295 | eval('print_output("' . $template . '");'); | 297 | $footer = $templater->render(true, true); |
1503 | 296 | 298 | ||
1504 | 297 | $loginSuccess = False; | 299 | // Create our custom template and populate our variables |
1505 | 298 | } else if ($vbulletin->GPC['openid']) { | 300 | $templater = vB_Template::create('openid_request_email'); |
1506 | 299 | // Start an OpenID authentication | 301 | $templater->register('headinclude', $headinclude); |
1507 | 300 | $authRequest = $auth->begin($vbulletin->GPC['openid']); | 302 | $templater->register('header', $header); |
1508 | 301 | 303 | $templater->register('navbar', $navbar); | |
1509 | 302 | $allowed = $vbulletin->options['openid_allowedproviders']; | 304 | $templater->register('footer', $footer); |
1510 | 303 | $endpoint = $authRequest->endpoint->server_url; | 305 | $templater->register('errorlist', $errorlist); |
1511 | 304 | if (strlen($allowed) > 0 && !server_allowed($endpoint, $allowed)) { | 306 | $templater->register('openid', $openid); |
1512 | 305 | // The provided OpenID's server is not allowed | 307 | $templater->register('openid_confirm', $openid_confirm); |
1513 | 306 | eval(standard_error(fetch_error('openid_server_not_allowed', $endpoint))); | 308 | $templater->register('openid_username', $openid_username); |
1514 | 307 | } | 309 | $templater->register('email', ""); |
1515 | 308 | else { | 310 | $templater->register('email_confirm', ""); |
1516 | 309 | // Start an OpenID authentication with an allowed server | 311 | $template = $templater->render(true, true); |
1517 | 310 | $error = vBOpenID_sendRequest ($vbulletin, $authRequest, $return_to); | 312 | print_output($template); |
1518 | 311 | if ($error !== False) { | 313 | |
1519 | 312 | eval(standard_error($error)); | 314 | $loginSuccess = false; |
1520 | 313 | } | 315 | } |
1521 | 314 | } | 316 | } |
1522 | 315 | } else { | 317 | else |
1523 | 316 | session_destroy(); | 318 | { |
1524 | 317 | } | 319 | // Coming back from the provider with a successful authentication |
1525 | 318 | 320 | // we find that the openid is not associated to a forum user. | |
1526 | 319 | if ($loginSuccess) { | 321 | // Autoregistration is disabled, so offer the user to associate the |
1527 | 320 | exec_unstrike_user($vbulletin->userinfo['username']); | 322 | // account to an existing forum user, or forward to the registration |
1528 | 321 | // create new session | 323 | // form. |
1529 | 322 | process_new_login($vbulletin->GPC['logintype'], | 324 | $openid_confirm = crypt($openid, $vbulletin->options['openid_secret']); |
1530 | 323 | $vbulletin->GPC['cookieuser'], | 325 | $errorlist = $vbphrase[openid_no_auto_register]; |
1531 | 324 | $vbulletin->GPC['cssprefs']); | 326 | $show['errors'] = true; |
1532 | 325 | session_destroy(); | 327 | |
1533 | 326 | // do redirect | 328 | // We need to build up our basic template sections |
1534 | 327 | do_login_redirect(); | 329 | $templater = vB_Template::create('headinclude'); |
1535 | 328 | } | 330 | $headinclude = $templater->render(true, true); |
1536 | 329 | 331 | $templater = vB_Template::create('header'); | |
1537 | 332 | $header = $templater->render(true, true); | ||
1538 | 333 | $templater = vB_Template::create('navbar'); | ||
1539 | 334 | $navbar = $templater->render(true, true); | ||
1540 | 335 | $templater = vB_Template::create('footer'); | ||
1541 | 336 | $footer = $templater->render(true, true); | ||
1542 | 337 | |||
1543 | 338 | // Create our custom template and populate our variables | ||
1544 | 339 | $templater = vB_Template::create('openid_request_user_pass'); | ||
1545 | 340 | $templater->register('headinclude', $headinclude); | ||
1546 | 341 | $templater->register('header', $header); | ||
1547 | 342 | $templater->register('navbar', $navbar); | ||
1548 | 343 | $templater->register('footer', $footer); | ||
1549 | 344 | $templater->register('errorlist', $errorlist); | ||
1550 | 345 | $templater->register('openid', $openid); | ||
1551 | 346 | $templater->register('openid_confirm', $openid_confirm); | ||
1552 | 347 | $templater->register('openid_username', $openid_username); | ||
1553 | 348 | $template = $templater->render(true, true); | ||
1554 | 349 | print_output($template); | ||
1555 | 350 | |||
1556 | 351 | $loginSuccess = false; | ||
1557 | 352 | } | ||
1558 | 353 | } | ||
1559 | 354 | else | ||
1560 | 355 | { | ||
1561 | 356 | // Coming back from the provider with a failed authentication. | ||
1562 | 357 | // Just leave things as they are and the system will tell the user. | ||
1563 | 358 | session_destroy(); | ||
1564 | 359 | } | ||
1565 | 360 | } | ||
1566 | 361 | else if ($vbulletin->GPC['openid_confirm'] && | ||
1567 | 362 | $vbulletin->GPC['openid_action']=='request_email') | ||
1568 | 363 | { | ||
1569 | 364 | // Coming back from the email request form | ||
1570 | 365 | $openid = $vbulletin->GPC['openid']; | ||
1571 | 366 | $openid_confirm = $vbulletin->GPC['openid_confirm']; | ||
1572 | 367 | $openid_username = $vbulletin->GPC['openid_username']; | ||
1573 | 368 | $email = $vbulletin->GPC['email']; | ||
1574 | 369 | $email_confirm = $vbulletin->GPC['email_confirm']; | ||
1575 | 370 | |||
1576 | 371 | // Let's make sure that the openid checksum is correct and the confirmed | ||
1577 | 372 | // email addresses match. If so, we can attempt to create the user. | ||
1578 | 373 | if (crypt($openid, $vbulletin->options['openid_secret']) != $openid_confirm) | ||
1579 | 374 | { | ||
1580 | 375 | // Coming back from the email request form, the openid checksum | ||
1581 | 376 | // is wrong | ||
1582 | 377 | eval(standard_error(fetch_error('openid_tamperedform'))); | ||
1583 | 378 | } | ||
1584 | 379 | else if ($email != $email_confirm) | ||
1585 | 380 | { | ||
1586 | 381 | // Coming back from the email request form, the provided emails | ||
1587 | 382 | // don't match | ||
1588 | 383 | $errorlist="<li>The email addresses you provided did not match. | ||
1589 | 384 | Please try again.</li>"; | ||
1590 | 385 | $show['errors'] = true; | ||
1591 | 386 | |||
1592 | 387 | // We need to build up our basic template sections | ||
1593 | 388 | $templater = vB_Template::create('headinclude'); | ||
1594 | 389 | $headinclude = $templater->render(true, true); | ||
1595 | 390 | $templater = vB_Template::create('header'); | ||
1596 | 391 | $header = $templater->render(true, true); | ||
1597 | 392 | $templater = vB_Template::create('navbar'); | ||
1598 | 393 | $navbar = $templater->render(true, true); | ||
1599 | 394 | $templater = vB_Template::create('footer'); | ||
1600 | 395 | $footer = $templater->render(true, true); | ||
1601 | 396 | |||
1602 | 397 | // Create our custom template and populate our variables | ||
1603 | 398 | $templater = vB_Template::create('openid_request_email'); | ||
1604 | 399 | $templater->register('headinclude', $headinclude); | ||
1605 | 400 | $templater->register('header', $header); | ||
1606 | 401 | $templater->register('navbar', $navbar); | ||
1607 | 402 | $templater->register('footer', $footer); | ||
1608 | 403 | $templater->register('errorlist', $errorlist); | ||
1609 | 404 | $templater->register('openid', $openid); | ||
1610 | 405 | $templater->register('openid_confirm', $openid_confirm); | ||
1611 | 406 | $templater->register('openid_username', $openid_username); | ||
1612 | 407 | $templater->register('email', ""); | ||
1613 | 408 | $templater->register('email_confirm', ""); | ||
1614 | 409 | $template = $templater->render(true, true); | ||
1615 | 410 | print_output($template); | ||
1616 | 411 | |||
1617 | 412 | $loginSuccess = false; | ||
1618 | 413 | } | ||
1619 | 414 | else | ||
1620 | 415 | { | ||
1621 | 416 | // Coming back from the email request form, everything seems ok | ||
1622 | 417 | // so we can attempt to create a user | ||
1623 | 418 | $errorlist = vBOpenID_createUser($openid_username, $email, | ||
1624 | 419 | $openid, $vbulletin); | ||
1625 | 420 | |||
1626 | 421 | if ($errorlist === false) | ||
1627 | 422 | { | ||
1628 | 423 | // Success! Continue to the forum | ||
1629 | 424 | $vbulletin->url = $vbulletin->options['homeurl']; | ||
1630 | 425 | $loginSuccess = true; | ||
1631 | 426 | } | ||
1632 | 427 | else | ||
1633 | 428 | { | ||
1634 | 429 | // User creation failed, so we need to ask again | ||
1635 | 430 | $openid_username = htmlspecialchars_uni($openid_username); | ||
1636 | 431 | $show['errors'] = true; | ||
1637 | 432 | |||
1638 | 433 | // We need to build up our basic template sections | ||
1639 | 434 | $templater = vB_Template::create('headinclude'); | ||
1640 | 435 | $headinclude = $templater->render(true, true); | ||
1641 | 436 | $templater = vB_Template::create('header'); | ||
1642 | 437 | $header = $templater->render(true, true); | ||
1643 | 438 | $templater = vB_Template::create('navbar'); | ||
1644 | 439 | $navbar = $templater->render(true, true); | ||
1645 | 440 | $templater = vB_Template::create('footer'); | ||
1646 | 441 | $footer = $templater->render(true, true); | ||
1647 | 442 | |||
1648 | 443 | // Create our custom template and populate our variables | ||
1649 | 444 | $templater = vB_Template::create('openid_request_email'); | ||
1650 | 445 | $templater->register('headinclude', $headinclude); | ||
1651 | 446 | $templater->register('header', $header); | ||
1652 | 447 | $templater->register('navbar', $navbar); | ||
1653 | 448 | $templater->register('footer', $footer); | ||
1654 | 449 | $templater->register('errorlist', $errorlist); | ||
1655 | 450 | $templater->register('openid', $openid); | ||
1656 | 451 | $templater->register('openid_confirm', $openid_confirm); | ||
1657 | 452 | $templater->register('openid_username', $openid_username); | ||
1658 | 453 | $templater->register('email', $email); | ||
1659 | 454 | $templater->register('email_confirm', $email_confirm); | ||
1660 | 455 | $template = $templater->render(true, true); | ||
1661 | 456 | print_output($template); | ||
1662 | 457 | |||
1663 | 458 | $loginSuccess = false; | ||
1664 | 459 | } | ||
1665 | 460 | } | ||
1666 | 461 | } | ||
1667 | 462 | else if ($vbulletin->GPC['openid_confirm'] && | ||
1668 | 463 | $vbulletin->GPC['openid_action']=='request_user') | ||
1669 | 464 | { | ||
1670 | 465 | // Coming back from user/pass request form. This is already bad, as | ||
1671 | 466 | // the user/pass form should authenticate successfully. | ||
1672 | 467 | // A bad user/pass must have been provided, so ask again. | ||
1673 | 468 | $openid_confirm = $vbulletin->GPC['openid_confirm']; | ||
1674 | 469 | $errorlist = fetch_error('badlogin', $vbulletin->options['bburl'], | ||
1675 | 470 | $vbulletin->session->vars['sessionurl']); | ||
1676 | 471 | $show['errors'] = true; | ||
1677 | 472 | |||
1678 | 473 | // We need to build up our basic template sections | ||
1679 | 474 | $templater = vB_Template::create('headinclude'); | ||
1680 | 475 | $headinclude = $templater->render(true, true); | ||
1681 | 476 | $templater = vB_Template::create('header'); | ||
1682 | 477 | $header = $templater->render(true, true); | ||
1683 | 478 | $templater = vB_Template::create('navbar'); | ||
1684 | 479 | $navbar = $templater->render(true, true); | ||
1685 | 480 | $templater = vB_Template::create('footer'); | ||
1686 | 481 | $footer = $templater->render(true, true); | ||
1687 | 482 | |||
1688 | 483 | // Create our custom template and populate our variables | ||
1689 | 484 | $templater = vB_Template::create('openid_request_user_pass'); | ||
1690 | 485 | $templater->register('headinclude', $headinclude); | ||
1691 | 486 | $templater->register('header', $header); | ||
1692 | 487 | $templater->register('navbar', $navbar); | ||
1693 | 488 | $templater->register('footer', $footer); | ||
1694 | 489 | $templater->register('errorlist', $errorlist); | ||
1695 | 490 | $template = $templater->render(true, true); | ||
1696 | 491 | print_output($template); | ||
1697 | 492 | |||
1698 | 493 | $loginSuccess = false; | ||
1699 | 494 | } | ||
1700 | 495 | else if ($vbulletin->GPC['openid']) | ||
1701 | 496 | { | ||
1702 | 497 | // Start an OpenID authentication | ||
1703 | 498 | $authRequest = $auth->begin($vbulletin->GPC['openid']); | ||
1704 | 499 | |||
1705 | 500 | // Make sure we have a valid auth request. Invalid OpenID urls | ||
1706 | 501 | // can cause problems if we don't check first. | ||
1707 | 502 | if (isset($authRequest)) | ||
1708 | 503 | { | ||
1709 | 504 | $allowed = $vbulletin->options['openid_allowedproviders']; | ||
1710 | 505 | $endpoint = $authRequest->endpoint->server_url; | ||
1711 | 506 | if (strlen($allowed) > 0 && !server_allowed($endpoint, $allowed)) | ||
1712 | 507 | { | ||
1713 | 508 | // The provided OpenID's server is not allowed | ||
1714 | 509 | eval(standard_error(fetch_error('openid_server_not_allowed', $endpoint))); | ||
1715 | 510 | } | ||
1716 | 511 | else | ||
1717 | 512 | { | ||
1718 | 513 | // Start an OpenID authentication with an allowed server | ||
1719 | 514 | $error = vBOpenID_sendRequest ($vbulletin, $authRequest, $return_to); | ||
1720 | 515 | if ($error !== false) | ||
1721 | 516 | { | ||
1722 | 517 | eval(standard_error($error)); | ||
1723 | 518 | } | ||
1724 | 519 | } | ||
1725 | 520 | } | ||
1726 | 521 | /*else | ||
1727 | 522 | { | ||
1728 | 523 | We smoothly let this invalid login attempt fail and warn the user | ||
1729 | 524 | }*/ | ||
1730 | 525 | } | ||
1731 | 526 | else | ||
1732 | 527 | { | ||
1733 | 528 | session_destroy(); | ||
1734 | 529 | } | ||
1735 | 530 | |||
1736 | 531 | // If the openid authentication was successful, we can process | ||
1737 | 532 | // the users login and smoothly send them back to the forums. | ||
1738 | 533 | if ($loginSuccess) | ||
1739 | 534 | { | ||
1740 | 535 | exec_unstrike_user($vbulletin->userinfo['username']); | ||
1741 | 536 | |||
1742 | 537 | // create new session | ||
1743 | 538 | process_new_login($vbulletin->GPC['logintype'], | ||
1744 | 539 | $vbulletin->GPC['cookieuser'], | ||
1745 | 540 | $vbulletin->GPC['cssprefs']); | ||
1746 | 541 | session_destroy(); | ||
1747 | 542 | |||
1748 | 543 | // do redirect | ||
1749 | 544 | do_login_redirect(); | ||
1750 | 545 | } | ||
1751 | 330 | ?> | 546 | ?> |
1752 | 331 | 547 | ||
1753 | === modified file 'upload/openid_store.php' | |||
1754 | --- upload/openid_store.php 2012-07-23 16:21:45 +0000 | |||
1755 | +++ upload/openid_store.php 2012-10-24 17:05:24 +0000 | |||
1756 | @@ -1,6 +1,8 @@ | |||
1758 | 1 | <!-- | 1 | <?php |
1759 | 2 | /** | ||
1760 | 2 | Copyright 2009 William Norris | 3 | Copyright 2009 William Norris |
1761 | 3 | Copyright 2009 Anthony Lenton | 4 | Copyright 2009 Anthony Lenton |
1762 | 5 | Copyright 2012 Kyle Baker | ||
1763 | 4 | Copyright 2012 Canonical | 6 | Copyright 2012 Canonical |
1764 | 5 | 7 | ||
1765 | 6 | This file is part of vbulletin-openid-integration. | 8 | This file is part of vbulletin-openid-integration. |
1766 | @@ -17,222 +19,277 @@ | |||
1767 | 17 | 19 | ||
1768 | 18 | You should have received a copy of the GNU Lesser Public License | 20 | You should have received a copy of the GNU Lesser Public License |
1769 | 19 | along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>. | 21 | along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>. |
1988 | 20 | --> | 22 | */ |
1989 | 21 | <?php | 23 | |
1990 | 22 | /** | 24 | /** |
1991 | 23 | * store.php | 25 | * store.php |
1992 | 24 | * | 26 | * |
1993 | 25 | * Database Connector for vBulletin OpenID | 27 | * Database Connector for vBulletin OpenID |
1994 | 26 | * Dual Licence: GPL & Modified BSD | 28 | * Dual Licence: GPL & Modified BSD |
1995 | 27 | */ | 29 | */ |
1996 | 28 | 30 | ||
1997 | 29 | require_once 'Auth/OpenID/Interface.php'; | 31 | require_once 'Auth/OpenID/Interface.php'; |
1998 | 30 | require_once 'Auth/OpenID/Association.php'; | 32 | require_once 'Auth/OpenID/Association.php'; |
1999 | 31 | 33 | ||
2000 | 32 | define ('OPENID_ASSOCIATIONS', 'openid_associations'); | 34 | define ('OPENID_ASSOCIATIONS', 'openid_associations'); |
2001 | 33 | define ('OPENID_NONCES', 'openid_nonces'); | 35 | define ('OPENID_NONCES', 'openid_nonces'); |
2002 | 34 | 36 | ||
2003 | 35 | function escape_string($connection, $string) { | 37 | function escape_string($connection, $string) |
2004 | 36 | if (is_a($connection, 'mysqli')) { | 38 | { |
2005 | 37 | return mysqli_real_escape_string($connection, $string); | 39 | if (is_a($connection, 'mysqli')) |
2006 | 38 | } | 40 | { |
2007 | 39 | elseif (@get_resource_type($connection)) { | 41 | error_log("escape_string is_a: " . mysqli_real_escape_string($connection, $string), 0); |
2008 | 40 | return mysql_real_escape_string($string, $connection); | 42 | return mysqli_real_escape_string($connection, $string); |
2009 | 41 | } | 43 | } |
2010 | 42 | } | 44 | elseif (@get_resource_type($connection)) |
2011 | 43 | 45 | { | |
2012 | 44 | function query($connection, $sql) { | 46 | error_log("escape_string get_resource_type: " . mysql_real_escape_string($string, $connection), 0); |
2013 | 45 | if (is_a($connection, 'mysqli')) { | 47 | return mysql_real_escape_string($string, $connection); |
2014 | 46 | return mysqli_query($connection, $sql); | 48 | } |
2015 | 47 | } | 49 | error_log("escape_string: none", 0); |
2016 | 48 | elseif (@get_resource_type($connection)) { | 50 | } |
2017 | 49 | return mysql_query($sql, $connection); | 51 | |
2018 | 50 | } | 52 | function query($connection, $sql) |
2019 | 51 | } | 53 | { |
2020 | 52 | 54 | if (is_a($connection, 'mysqli')) | |
2021 | 53 | function commit($connection) { | 55 | { |
2022 | 54 | if (is_a($connection, 'mysqli')) { | 56 | return mysqli_query($connection, $sql); |
2023 | 55 | return mysqli_commit($connection); | 57 | } |
2024 | 56 | } | 58 | elseif (@get_resource_type($connection)) |
2025 | 57 | // plain MySQL connections don't need committing | 59 | { |
2026 | 58 | } | 60 | return mysql_query($sql, $connection); |
2027 | 59 | 61 | } | |
2028 | 60 | function fetch_row($result) { | 62 | } |
2029 | 61 | if (is_a($result, 'mysqli_result')) { | 63 | |
2030 | 62 | return mysqli_fetch_row($result); | 64 | function commit($connection) |
2031 | 63 | } | 65 | { |
2032 | 64 | elseif (@get_resource_type($result)) { | 66 | if (is_a($connection, 'mysqli')) |
2033 | 65 | return mysql_fetch_row($result); | 67 | { |
2034 | 66 | } | 68 | error_log("commit is_a: " . mysqli_commit($connection), 0); |
2035 | 67 | } | 69 | return mysqli_commit($connection); |
2036 | 68 | 70 | } | |
2037 | 69 | function _createDBTables($vbulletin) { | 71 | error_log("commit: none", 0); |
2038 | 70 | $connection = $vbulletin->db->connection_master; | 72 | // plain MySQL connections don't need committing |
2039 | 71 | $assoc_name = OPENID_ASSOCIATIONS; | 73 | } |
2040 | 72 | $nonce_name = OPENID_NONCES; | 74 | |
2041 | 73 | query($connection, | 75 | function fetch_row($result) |
2042 | 74 | "CREATE TABLE `$assoc_name` ( | 76 | { |
2043 | 75 | `value` mediumtext, | 77 | if (is_a($result, 'mysqli_result')) |
2044 | 76 | `server_url` varchar(500), | 78 | { |
2045 | 77 | `handle` varchar(200), | 79 | return mysqli_fetch_row($result); |
2046 | 78 | `expires` timestamp, | 80 | } |
2047 | 79 | PRIMARY KEY (`server_url`, `handle`) | 81 | elseif (@get_resource_type($result)) |
2048 | 80 | )" | 82 | { |
2049 | 81 | ); | 83 | return mysql_fetch_row($result); |
2050 | 82 | query($connection, | 84 | } |
2051 | 83 | "CREATE TABLE `$nonce_name` ( | 85 | } |
2052 | 84 | `keyname` varchar(200) NOT NULL default '', | 86 | |
2053 | 85 | `value` timestamp, | 87 | function _createDBTables($vbulletin) |
2054 | 86 | PRIMARY KEY (`keyname`) | 88 | { |
2055 | 87 | )" | 89 | $connection = $vbulletin->db->connection_master; |
2056 | 88 | ); | 90 | $assoc_name = OPENID_ASSOCIATIONS; |
2057 | 89 | } | 91 | $nonce_name = OPENID_NONCES; |
2058 | 90 | 92 | ||
2059 | 91 | function _removeDBTables($vbulletin) { | 93 | query($connection, |
2060 | 92 | $connection = $vbulletin->db->connection_master; | 94 | "CREATE TABLE `$assoc_name` ( |
2061 | 93 | $assoc_name = OPENID_ASSOCIATIONS; | 95 | `value` mediumtext, |
2062 | 94 | $nonce_name = OPENID_NONCES; | 96 | `server_url` varchar(500), |
2063 | 95 | query($connection, "DROP TABLE $assoc_name"); | 97 | `handle` varchar(200), |
2064 | 96 | query($connection, "DROP TABLE $nonce_name"); | 98 | `expires` timestamp, |
2065 | 97 | } | 99 | PRIMARY KEY (`server_url`, `handle`) |
2066 | 98 | 100 | )" | |
2067 | 99 | /** | 101 | ); |
2068 | 100 | * OpenID store that uses the vBulletin options table for storage. | 102 | query($connection, |
2069 | 101 | * Originally written by Simon Willison for use in the mu-open-id | 103 | "CREATE TABLE `$nonce_name` ( |
2070 | 102 | * plugin. Modified a fair amount for use in WordPress OpenID, | 104 | `keyname` varchar(200) NOT NULL default '', |
2071 | 103 | * then ported to use with vBulletin. | 105 | `value` timestamp, |
2072 | 104 | */ | 106 | PRIMARY KEY (`keyname`) |
2073 | 105 | class vBulletin_OpenID_OptionStore extends Auth_OpenID_OpenIDStore { | 107 | )" |
2074 | 106 | function vBulletin_OpenID_OptionStore($vbulletin, | 108 | ); |
2075 | 107 | $associations_table = null, | 109 | } |
2076 | 108 | $nonces_table = null) | 110 | |
2077 | 109 | { | 111 | function _removeDBTables($vbulletin) |
2078 | 110 | /* DB tables are created during product installation */ | 112 | { |
2079 | 111 | $this->connection = $vbulletin->db->connection_master; | 113 | $connection = $vbulletin->db->connection_master; |
2080 | 112 | } | 114 | $assoc_name = OPENID_ASSOCIATIONS; |
2081 | 113 | 115 | $nonce_name = OPENID_NONCES; | |
2082 | 114 | function _fetchNonceFromDB($key) { | 116 | |
2083 | 115 | $nonce_name = OPENID_NONCES; | 117 | query($connection, "DROP TABLE $assoc_name"); |
2084 | 116 | if ($result = query($this->connection, | 118 | query($connection, "DROP TABLE $nonce_name"); |
2085 | 117 | "SELECT value FROM $nonce_name WHERE keyname='$key'")) { | 119 | } |
2086 | 118 | $row = fetch_row($result); | 120 | |
2087 | 119 | return $row[0]; | 121 | /** |
2088 | 120 | } | 122 | * OpenID store that uses the vBulletin options table for storage. |
2089 | 121 | } | 123 | * Originally written by Simon Willison for use in the mu-open-id |
2090 | 122 | 124 | * plugin. Modified a fair amount for use in WordPress OpenID, | |
2091 | 123 | function _fetchAssocFromDB($server_url, $handle=null) { | 125 | * then ported to use with vBulletin. |
2092 | 124 | $table = OPENID_ASSOCIATIONS; | 126 | */ |
2093 | 125 | $server_url = escape_string($this->connection, $server_url); | 127 | class vBulletin_OpenID_OptionStore extends Auth_OpenID_OpenIDStore |
2094 | 126 | if ($handle) { | 128 | { |
2095 | 127 | $handle = escape_string($this->connection, $handle); | 129 | function vBulletin_OpenID_OptionStore($vbulletin, |
2096 | 128 | $sql = "SELECT value FROM $table WHERE | 130 | $associations_table = null, |
2097 | 129 | server_url='$server_url' | 131 | $nonces_table = null) |
2098 | 130 | AND handle='$handle'"; | 132 | { |
2099 | 131 | } | 133 | /* DB tables are created during product installation */ |
2100 | 132 | else { | 134 | $this->connection = $vbulletin->db->connection_master; |
2101 | 133 | $sql = "SELECT value FROM $table WHERE | 135 | } |
2102 | 134 | server_url='$server_url' AND | 136 | |
2103 | 135 | expires > NOW() | 137 | function _fetchNonceFromDB($key) |
2104 | 136 | ORDER BY expires DESC LIMIT 1"; | 138 | { |
2105 | 137 | } | 139 | $nonce_name = OPENID_NONCES; |
2106 | 138 | $result = query($this->connection, $sql); | 140 | $result = query($this->connection, |
2107 | 139 | if ($result) { | 141 | "SELECT value FROM $nonce_name WHERE keyname='$key'"); |
2108 | 140 | $row = fetch_row($result); | 142 | |
2109 | 141 | return $row[0]; | 143 | if ($result) |
2110 | 142 | } | 144 | { |
2111 | 143 | } | 145 | $row = fetch_row($result); |
2112 | 144 | 146 | error_log("_fetchNonceFromDB: " . $row[0], 0); | |
2113 | 145 | function _storeNonceToDB($key, $value) { | 147 | return $row[0]; |
2114 | 146 | $table = OPENID_NONCES; | 148 | } |
2115 | 147 | query($this->connection, | 149 | } |
2116 | 148 | "DELETE FROM $table WHERE keyname='$key'"); | 150 | |
2117 | 149 | query($this->connection, "INSERT INTO $table | 151 | function _fetchAssocFromDB($server_url, $handle=null) |
2118 | 150 | (`keyname`, `value`) VALUES ('$key', '$value')"); | 152 | { |
2119 | 151 | commit($this->connection); | 153 | $table = OPENID_ASSOCIATIONS; |
2120 | 152 | } | 154 | $server_url = escape_string($this->connection, $server_url); |
2121 | 153 | 155 | ||
2122 | 154 | function _storeAssocToDB($server_url, $handle, $value, $expires) { | 156 | if ($handle) |
2123 | 155 | $table = OPENID_ASSOCIATIONS; | 157 | { |
2124 | 156 | $server_url = escape_string($this->connection, $server_url); | 158 | $handle = escape_string($this->connection, $handle); |
2125 | 157 | $handle = escape_string($this->connection, $handle); | 159 | $sql = "SELECT value FROM $table WHERE |
2126 | 158 | query($this->connection, "DELETE FROM $table WHERE | 160 | server_url='$server_url' |
2127 | 159 | server_url='$server_url'"); | 161 | AND handle='$handle'"; |
2128 | 160 | query($this->connection, "INSERT INTO $table | 162 | } |
2129 | 161 | (`server_url`, `handle`, `value`, `expires`) VALUES | 163 | else |
2130 | 162 | ('$server_url', '$handle', '$value', '$expires')"); | 164 | { |
2131 | 163 | commit($this->connection); | 165 | $sql = "SELECT value FROM $table WHERE |
2132 | 164 | } | 166 | server_url='$server_url' AND |
2133 | 165 | 167 | expires > NOW() | |
2134 | 166 | function storeAssociation($server_url, $association) { | 168 | ORDER BY expires DESC LIMIT 1"; |
2135 | 167 | $value = $association->serialize(); | 169 | } |
2136 | 168 | $handle = $association->handle; | 170 | |
2137 | 169 | if ($handle === null) { | 171 | $result = query($this->connection, $sql); |
2138 | 170 | $handle = ''; | 172 | if ($result) |
2139 | 171 | } | 173 | { |
2140 | 172 | $expires = $association->issued + $association->lifetime; | 174 | $row = fetch_row($result); |
2141 | 173 | $expires = strftime('%F %T', $expires); | 175 | error_log("_fetchAssocFromDB: " . $row[0], 0); |
2142 | 174 | $this->_storeAssocToDB($server_url, $handle, $value, $expires); | 176 | return $row[0]; |
2143 | 175 | } | 177 | } |
2144 | 176 | 178 | } | |
2145 | 177 | function getAssociation($server_url, $handle = null) { | 179 | |
2146 | 178 | $association = $this->_fetchAssocFromDB($server_url, $handle); | 180 | function _storeNonceToDB($key, $value) |
2147 | 179 | if ($association) { | 181 | { |
2148 | 180 | return Auth_OpenID_Association::deserialize( | 182 | $table = OPENID_NONCES; |
2149 | 181 | 'Auth_OpenID_Association', $association | 183 | query($this->connection, |
2150 | 182 | ); | 184 | "DELETE FROM $table WHERE keyname='$key'"); |
2151 | 183 | } | 185 | query($this->connection, "INSERT INTO $table |
2152 | 184 | return null; | 186 | (`keyname`, `value`) VALUES ('$key', '$value')"); |
2153 | 185 | } | 187 | commit($this->connection); |
2154 | 186 | 188 | } | |
2155 | 187 | function removeAssociation($server_url, $handle) { | 189 | |
2156 | 188 | // Remove the matching association if it's found, and | 190 | function _storeAssocToDB($server_url, $handle, $value, $expires) |
2157 | 189 | // returns whether the association was removed or not. | 191 | { |
2158 | 190 | $assoc = $this->getAssociation($server_url, $handle); | 192 | $table = OPENID_ASSOCIATIONS; |
2159 | 191 | if ($assoc === null) { | 193 | $server_url = escape_string($this->connection, $server_url); |
2160 | 192 | return false; | 194 | $handle = escape_string($this->connection, $handle); |
2161 | 193 | } else { | 195 | |
2162 | 194 | $table = OPENID_ASSOCIATIONS; | 196 | query($this->connection, "DELETE FROM $table WHERE |
2163 | 195 | $server_url = escape_string($this->connection, $server_url); | 197 | server_url='$server_url'"); |
2164 | 196 | $handle = escape_string($this->connection, $handle); | 198 | query($this->connection, "INSERT INTO $table |
2165 | 197 | query($this->connection, "DELETE FROM $table WHERE | 199 | (`server_url`, `handle`, `value`, `expires`) VALUES |
2166 | 198 | server_url='$server_url' AND handle='$handle'"); | 200 | ('$server_url', '$handle', '$value', '$expires')"); |
2167 | 199 | return true; | 201 | commit($this->connection); |
2168 | 200 | } | 202 | } |
2169 | 201 | } | 203 | |
2170 | 202 | 204 | function storeAssociation($server_url, $association) | |
2171 | 203 | function useNonce($server_url, $timestamp, $salt) { | 205 | { |
2172 | 204 | if ( abs($timestamp - time()) > 1200 ) { | 206 | $value = $association->serialize(); |
2173 | 205 | return false; | 207 | $handle = $association->handle; |
2174 | 206 | } | 208 | |
2175 | 207 | $key = $this->_getNonceKey($server_url, $timestamp, $salt); | 209 | if ($handle === null) |
2176 | 208 | $nonce = $this->_fetchNonceFromDB($key); | 210 | { |
2177 | 209 | if ($nonce) { | 211 | $handle = ''; |
2178 | 210 | return false; | 212 | } |
2179 | 211 | } else { | 213 | |
2180 | 212 | $value = strftime('%F %T', $timestamp); | 214 | $expires = $association->issued + $association->lifetime; |
2181 | 213 | $this->_storeNonceToDB($key, $value); | 215 | $expires = strftime('%F %T', $expires); |
2182 | 214 | return true; | 216 | $this->_storeAssocToDB($server_url, $handle, $value, $expires); |
2183 | 215 | } | 217 | } |
2184 | 216 | } | 218 | |
2185 | 217 | 219 | function getAssociation($server_url, $handle = null) | |
2186 | 218 | function _getNonceKey($server_url, $timestamp, $salt) { | 220 | { |
2187 | 219 | $url_hash = base64_encode($server_url); | 221 | $association = $this->_fetchAssocFromDB($server_url, $handle); |
2188 | 220 | $salt_hash = base64_encode($salt); | 222 | if ($association) |
2189 | 221 | return sprintf('%08x-%s-%s', $timestamp, $url_hash, $salt_hash); | 223 | { |
2190 | 222 | } | 224 | return Auth_OpenID_Association::deserialize( |
2191 | 223 | 225 | 'Auth_OpenID_Association', $association | |
2192 | 224 | function cleanupNonces() { | 226 | ); |
2193 | 225 | $table = OPENID_NONCES; | 227 | } |
2194 | 226 | query($this->connection, "DELETE FROM $table | 228 | return null; |
2195 | 227 | WHERE value < NOW() - INTERVAL 20 MINUTE"); | 229 | } |
2196 | 228 | } | 230 | |
2197 | 229 | 231 | function removeAssociation($server_url, $handle) | |
2198 | 230 | function cleanupAssociations() { | 232 | { |
2199 | 231 | $table = OPENID_ASSOCIATIONS; | 233 | // Remove the matching association if it's found, and |
2200 | 232 | query($this->connection, "DELETE FROM $table | 234 | // returns whether the association was removed or not. |
2201 | 233 | WHERE expires < NOW()"); | 235 | $assoc = $this->getAssociation($server_url, $handle); |
2202 | 234 | } | 236 | if ($assoc === null) |
2203 | 235 | 237 | { | |
2204 | 236 | } | 238 | return false; |
2205 | 237 | 239 | } | |
2206 | 240 | else | ||
2207 | 241 | { | ||
2208 | 242 | $table = OPENID_ASSOCIATIONS; | ||
2209 | 243 | $server_url = escape_string($this->connection, $server_url); | ||
2210 | 244 | $handle = escape_string($this->connection, $handle); | ||
2211 | 245 | query($this->connection, "DELETE FROM $table WHERE | ||
2212 | 246 | server_url='$server_url' AND handle='$handle'"); | ||
2213 | 247 | return true; | ||
2214 | 248 | } | ||
2215 | 249 | } | ||
2216 | 250 | |||
2217 | 251 | function useNonce($server_url, $timestamp, $salt) | ||
2218 | 252 | { | ||
2219 | 253 | if ( abs($timestamp - time()) > 1200 ) | ||
2220 | 254 | { | ||
2221 | 255 | return false; | ||
2222 | 256 | } | ||
2223 | 257 | |||
2224 | 258 | $key = $this->_getNonceKey($server_url, $timestamp, $salt); | ||
2225 | 259 | $nonce = $this->_fetchNonceFromDB($key); | ||
2226 | 260 | |||
2227 | 261 | if ($nonce) | ||
2228 | 262 | { | ||
2229 | 263 | return false; | ||
2230 | 264 | } | ||
2231 | 265 | else | ||
2232 | 266 | { | ||
2233 | 267 | $value = strftime('%F %T', $timestamp); | ||
2234 | 268 | $this->_storeNonceToDB($key, $value); | ||
2235 | 269 | return true; | ||
2236 | 270 | } | ||
2237 | 271 | } | ||
2238 | 272 | |||
2239 | 273 | function _getNonceKey($server_url, $timestamp, $salt) | ||
2240 | 274 | { | ||
2241 | 275 | $url_hash = base64_encode($server_url); | ||
2242 | 276 | $salt_hash = base64_encode($salt); | ||
2243 | 277 | error_log("_getNonceKey: " . sprintf('%08x-%s-%s', $timestamp, $url_hash, $salt_hash), 0); | ||
2244 | 278 | return sprintf('%08x-%s-%s', $timestamp, $url_hash, $salt_hash); | ||
2245 | 279 | } | ||
2246 | 280 | |||
2247 | 281 | function cleanupNonces() | ||
2248 | 282 | { | ||
2249 | 283 | $table = OPENID_NONCES; | ||
2250 | 284 | query($this->connection, "DELETE FROM $table | ||
2251 | 285 | WHERE value < NOW() - INTERVAL 20 MINUTE"); | ||
2252 | 286 | } | ||
2253 | 287 | |||
2254 | 288 | function cleanupAssociations() | ||
2255 | 289 | { | ||
2256 | 290 | $table = OPENID_ASSOCIATIONS; | ||
2257 | 291 | query($this->connection, "DELETE FROM $table | ||
2258 | 292 | WHERE expires < NOW()"); | ||
2259 | 293 | } | ||
2260 | 294 | } | ||
2261 | 238 | ?> | 295 | ?> |
2262 | 239 | 296 | ||
2263 | === modified file 'upload/openid_utils.php' | |||
2264 | --- upload/openid_utils.php 2012-07-23 16:21:45 +0000 | |||
2265 | +++ upload/openid_utils.php 2012-10-24 17:05:24 +0000 | |||
2266 | @@ -1,6 +1,8 @@ | |||
2268 | 1 | <!-- | 1 | <?php |
2269 | 2 | /** | ||
2270 | 2 | Copyright 2009 William Norris | 3 | Copyright 2009 William Norris |
2271 | 3 | Copyright 2009 Anthony Lenton | 4 | Copyright 2009 Anthony Lenton |
2272 | 5 | Copyright 2012 Kyle Baker | ||
2273 | 4 | Copyright 2012 Canonical | 6 | Copyright 2012 Canonical |
2274 | 5 | 7 | ||
2275 | 6 | This file is part of vbulletin-openid-integration. | 8 | This file is part of vbulletin-openid-integration. |
2276 | @@ -17,152 +19,216 @@ | |||
2277 | 17 | 19 | ||
2278 | 18 | You should have received a copy of the GNU Lesser Public License | 20 | You should have received a copy of the GNU Lesser Public License |
2279 | 19 | along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>. | 21 | along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>. |
2428 | 20 | --> | 22 | */ |
2429 | 21 | <?php | 23 | |
2430 | 22 | 24 | /* | |
2431 | 23 | /* | 25 | * Generates a random password |
2432 | 24 | * Generates a random password | 26 | */ |
2433 | 25 | */ | 27 | function generate_password($passwordLength=10) |
2434 | 26 | function generate_password($passwordLength=10) { | 28 | { |
2435 | 27 | $letters = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; | 29 | $letters = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; |
2436 | 28 | $lettersLength = strlen($letters); | 30 | $lettersLength = strlen($letters); |
2437 | 29 | $pass = ''; | 31 | |
2438 | 30 | for($i = 0; $i < $passwordLength; $i++) { | 32 | $pass = ''; |
2439 | 31 | $pass .= $letters[rand(0, $lettersLength)]; | 33 | for($i = 0; $i < $passwordLength; $i++) |
2440 | 32 | } | 34 | { |
2441 | 33 | return $pass; | 35 | $pass .= $letters[rand(0, $lettersLength-1)]; |
2442 | 34 | } | 36 | } |
2443 | 35 | 37 | ||
2444 | 36 | /* | 38 | error_log("generate_password: " . $pass, 0); |
2445 | 37 | * Returns something that could be used as a username based on an OpenID url. | 39 | return $pass; |
2446 | 38 | */ | 40 | } |
2447 | 39 | function munge_url($url) { | 41 | |
2448 | 40 | $letters = "0123456789abcdefghijklmnopqrstuvwxyz"; | 42 | /* |
2449 | 41 | $parts = array_reverse(explode('/', $url)); | 43 | * Returns something that could be used as a username based on an OpenID url. |
2450 | 42 | $found = FALSE; | 44 | */ |
2451 | 43 | foreach($parts as $part) { | 45 | function munge_url($url) |
2452 | 44 | $munged = ''; | 46 | { |
2453 | 45 | for($i = 0; $i < strlen($part); $i++) { | 47 | $letters = "0123456789abcdefghijklmnopqrstuvwxyz"; |
2454 | 46 | if (stripos($letters, $part[$i]) !== FALSE) { | 48 | $parts = array_reverse(explode('/', $url)); |
2455 | 47 | $munged .= $part[$i]; | 49 | |
2456 | 48 | $found = TRUE; | 50 | $found = false; |
2457 | 49 | } | 51 | foreach($parts as $part) |
2458 | 50 | if ($part[$i] == '#') break; // Skip from the hash onwards | 52 | { |
2459 | 51 | } | 53 | $munged = ''; |
2460 | 52 | if ($found) { | 54 | for($i = 0; $i < strlen($part); $i++) |
2461 | 53 | return $munged; | 55 | { |
2462 | 54 | } | 56 | if (stripos($letters, $part[$i]) !== false) |
2463 | 55 | } | 57 | { |
2464 | 56 | } | 58 | $munged .= $part[$i]; |
2465 | 57 | 59 | $found = true; | |
2466 | 58 | /** | 60 | } |
2467 | 59 | * fnmatch function is not available on non-posix system. This should be a | 61 | if ($part[$i] == '#') break; // Skip from the hash onwards |
2468 | 60 | * suitable replacement for our purposes (ie: wildcard pattern matching for | 62 | } |
2469 | 61 | * server addresses like '*.php.net') | 63 | |
2470 | 62 | */ | 64 | if ($found) |
2471 | 63 | if (!function_exists('fnmatch')) { | 65 | { |
2472 | 64 | function fnmatch($pattern, $string) { | 66 | error_log("munge_url: " . $munged, 0); |
2473 | 65 | return @preg_match( | 67 | return $munged; |
2474 | 66 | '/^' . strtr(addcslashes($pattern, '/\\.+^$(){}=!<>|'), | 68 | } |
2475 | 67 | array('*' => '.*', '?' => '.?')) . '$/i', $string | 69 | |
2476 | 68 | ); | 70 | error_log("munge_url: none", 0); |
2477 | 69 | } | 71 | } |
2478 | 70 | } | 72 | } |
2479 | 71 | 73 | ||
2480 | 72 | /** | 74 | /** |
2481 | 73 | * Check if a particular openid provider's server is allowed be used | 75 | * fnmatch function is not available on non-posix system. This should be a |
2482 | 74 | * | 76 | * suitable replacement for our purposes (ie: wildcard pattern matching for |
2483 | 75 | * This may be particularly useful if you want to limit openid servers to those | 77 | * server addresses like '*.php.net') |
2484 | 76 | * which you know meet your authentication requirements or if you are using | 78 | */ |
2485 | 77 | * openid as a single sign-on mechanism. | 79 | if (!function_exists('fnmatch')) |
2486 | 78 | * @param string Name of the server to check | 80 | { |
2487 | 79 | * @param string Coma-separated list of allowed servers. Each server is taken | 81 | function fnmatch($pattern, $string) |
2488 | 80 | * as a regex to check if a particular server is allowed. | 82 | { |
2489 | 81 | */ | 83 | return @preg_match( |
2490 | 82 | function server_allowed($server, $servers) { | 84 | '/^' . strtr(addcslashes($pattern, '/\\.+^$(){}=!<>|'), |
2491 | 83 | $servers = explode(",", $servers); | 85 | array('*' => '.*', '?' => '.?')) . '$/i', $string |
2492 | 84 | foreach ($servers as $allowed_server) { | 86 | ); |
2493 | 85 | $allowed_server = trim($allowed_server); | 87 | } |
2494 | 86 | if (empty($allowed_server)) { | 88 | } |
2495 | 87 | next; | 89 | |
2496 | 88 | } | 90 | /** |
2497 | 89 | if (true === fnmatch($allowed_server, $server)) { | 91 | * Check if a particular openid provider's server is allowed be used |
2498 | 90 | return true; | 92 | * |
2499 | 91 | } | 93 | * This may be particularly useful if you want to limit openid servers to those |
2500 | 92 | } | 94 | * which you know meet your authentication requirements or if you are using |
2501 | 93 | return false; | 95 | * openid as a single sign-on mechanism. |
2502 | 94 | } | 96 | * @param string Name of the server to check |
2503 | 95 | 97 | * @param string Coma-separated list of allowed servers. Each server is taken | |
2504 | 96 | /* | 98 | * as a regex to check if a particular server is allowed. |
2505 | 97 | * Retrieve the name of the profile field in which we're storing the | 99 | */ |
2506 | 98 | * OpenID | 100 | function server_allowed($server, $servers) |
2507 | 99 | */ | 101 | { |
2508 | 100 | function find_openid_fieldname($vbulletin) { | 102 | $servers = explode(",", $servers); |
2509 | 101 | $title = $vbulletin->options['openid_field']; | 103 | |
2510 | 102 | $row = $vbulletin->db->query_first(" | 104 | foreach ($servers as $allowed_server) |
2511 | 103 | SELECT varname FROM phrase | 105 | { |
2512 | 104 | WHERE text='$title' AND varname LIKE 'field%_title' | 106 | $allowed_server = trim($allowed_server); |
2513 | 105 | "); | 107 | |
2514 | 106 | $varname = $row['varname']; | 108 | if (empty($allowed_server)) |
2515 | 107 | return substr($varname, 0, strpos($varname, '_')); | 109 | { |
2516 | 108 | } | 110 | next; |
2517 | 109 | 111 | } | |
2518 | 110 | /* | 112 | |
2519 | 111 | * Set the OpenID profile field for a given user | 113 | if (true === fnmatch($allowed_server, $server)) |
2520 | 112 | */ | 114 | { |
2521 | 113 | function vBOpenID_setOpenID ($userid, $url, $vbulletin) { | 115 | error_log("server_allowed: true", 0); |
2522 | 114 | $fieldname = find_openid_fieldname($vbulletin); | 116 | return true; |
2523 | 115 | $vbulletin->db->query_write(" | 117 | } |
2524 | 116 | UPDATE userfield SET $fieldname = '$url' WHERE userid=$userid | 118 | } |
2525 | 117 | "); | 119 | |
2526 | 118 | } | 120 | error_log("server_allowed: false", 0); |
2527 | 119 | 121 | return false; | |
2528 | 120 | /* | 122 | } |
2529 | 121 | * Set up global variables | 123 | |
2530 | 122 | */ | 124 | /* |
2531 | 123 | function vBOpenID_init ($vbulletin) { | 125 | * Retrieve the name of the profile field in which we're storing the |
2532 | 124 | if (!$vbulletin->options['openid_math']) { | 126 | * OpenID |
2533 | 125 | define('Auth_OpenID_NO_MATH_SUPPORT', 1); | 127 | */ |
2534 | 126 | } | 128 | function find_openid_fieldname($vbulletin) |
2535 | 127 | if ($vbulletin->options['openid_path']) { | 129 | { |
2536 | 128 | $path = $vbulletin->options['openid_path'] . ':' . ini_get('include_path'); | 130 | $title = $vbulletin->options['openid_field']; |
2537 | 129 | ini_set('include_path', $path); | 131 | $row = $vbulletin->db->query_first(" |
2538 | 130 | } | 132 | SELECT varname FROM " . TABLE_PREFIX . "phrase |
2539 | 131 | } | 133 | WHERE text='$title' AND varname LIKE 'field%_title' |
2540 | 132 | 134 | "); | |
2541 | 133 | 135 | ||
2542 | 134 | function vBOpenID_sendRequest ($vbulletin, $authRequest, $return_to) { | 136 | $varname = $row['varname']; |
2543 | 135 | $sreg_request = Auth_OpenID_SRegRequest::build( | 137 | |
2544 | 136 | array('nickname'), | 138 | error_log("find_openid_fieldname: " . substr($varname, 0, strpos($varname, '_')), 0); |
2545 | 137 | array('fullname', 'email')); | 139 | return substr($varname, 0, strpos($varname, '_')); |
2546 | 138 | $authRequest->addExtension($sreg_request); | 140 | } |
2547 | 139 | 141 | ||
2548 | 140 | if ($authRequest->shouldSendRedirect()) { | 142 | /* |
2549 | 141 | $redirect_url = $authRequest->redirectURL($vbulletin->options['homeurl'], $return_to); | 143 | * Set the OpenID profile field for a given user |
2550 | 142 | 144 | */ | |
2551 | 143 | // If the redirect URL can't be built, display an error message. | 145 | function vBOpenID_setOpenID ($userid, $url, $vbulletin) |
2552 | 144 | if (Auth_OpenID::isFailure($redirect_url)) { | 146 | { |
2553 | 145 | return $redirect_url->message; | 147 | $fieldname = find_openid_fieldname($vbulletin); |
2554 | 146 | } | 148 | |
2555 | 147 | else { | 149 | error_log("vBOpenID_setOpenID fieldname: " . $fieldname, 0); |
2556 | 148 | header("Location: $redirectURL"); | 150 | $vbulletin->db->query_write(" |
2557 | 149 | } | 151 | UPDATE " . TABLE_PREFIX . "userfield SET $fieldname = '$url' WHERE userid=$userid |
2558 | 150 | } | 152 | "); |
2559 | 151 | else { | 153 | } |
2560 | 152 | $form_id = 'openid_message'; | 154 | |
2561 | 153 | $message = $authRequest->getMessage($vbulletin->options['homeurl'], $return_to, False); | 155 | /* |
2562 | 154 | if (Auth_OpenID::isFailure($message)) { | 156 | * Set up global variables |
2563 | 155 | return $message->message; | 157 | */ |
2564 | 156 | } | 158 | function vBOpenID_init ($vbulletin) |
2565 | 157 | else { | 159 | { |
2566 | 158 | $text_redirect = fetch_error('openid_redirect'); | 160 | if (!$vbulletin->options['openid_math']) |
2567 | 159 | $form_html = $message->toFormMarkup($authRequest->endpoint->server_url, | 161 | { |
2568 | 160 | array('id' => $form_id)); | 162 | define('Auth_OpenID_NO_MATH_SUPPORT', 1); |
2569 | 161 | $template = fetch_template('openid_redirect_form'); | 163 | } |
2570 | 162 | eval('print_output("' . $template . '");'); | 164 | if ($vbulletin->options['openid_path']) |
2571 | 163 | } | 165 | { |
2572 | 164 | } | 166 | $path = $vbulletin->options['openid_path'] . ':' . ini_get('include_path'); |
2573 | 165 | return False; | 167 | ini_set('include_path', $path); |
2574 | 166 | } | 168 | } |
2575 | 167 | 169 | } | |
2576 | 170 | |||
2577 | 171 | function vBOpenID_sendRequest ($vbulletin, $authRequest, $return_to) | ||
2578 | 172 | { | ||
2579 | 173 | $sreg_request = Auth_OpenID_SRegRequest::build( | ||
2580 | 174 | array('nickname'), | ||
2581 | 175 | array('fullname', 'email')); | ||
2582 | 176 | |||
2583 | 177 | $authRequest->addExtension($sreg_request); | ||
2584 | 178 | |||
2585 | 179 | if ($authRequest->shouldSendRedirect()) | ||
2586 | 180 | { | ||
2587 | 181 | $redirect_url = $authRequest->redirectURL($vbulletin->options['homeurl'], $return_to); | ||
2588 | 182 | error_log("redirect url: " . $redirect_url, 0); | ||
2589 | 183 | |||
2590 | 184 | // If the redirect URL can't be built, display an error message. | ||
2591 | 185 | if (Auth_OpenID::isFailure($redirect_url)) | ||
2592 | 186 | { | ||
2593 | 187 | return $redirect_url->message; | ||
2594 | 188 | } | ||
2595 | 189 | else | ||
2596 | 190 | { | ||
2597 | 191 | header("Location: $redirectURL"); | ||
2598 | 192 | } | ||
2599 | 193 | } | ||
2600 | 194 | else | ||
2601 | 195 | { | ||
2602 | 196 | $form_id = 'openid_message'; | ||
2603 | 197 | $message = $authRequest->getMessage($vbulletin->options['homeurl'], $return_to, false); | ||
2604 | 198 | if (Auth_OpenID::isFailure($message)) | ||
2605 | 199 | { | ||
2606 | 200 | return $message->message; | ||
2607 | 201 | } | ||
2608 | 202 | else | ||
2609 | 203 | { | ||
2610 | 204 | $text_redirect = fetch_error('openid_redirect'); | ||
2611 | 205 | |||
2612 | 206 | // We need to urlencode our localid url for launchpad to preserve | ||
2613 | 207 | // the plus char in our uri (ex. https://login.launchpad.net/+id/<random_user_string>) | ||
2614 | 208 | $bkp_values = $message->args->values; | ||
2615 | 209 | foreach ($bkp_values as $tmp_value) | ||
2616 | 210 | { | ||
2617 | 211 | // replace + with %2B: https://login.launchpad.net/%2Bid/<random_user_string> | ||
2618 | 212 | $tmp_values[] = str_replace("/+id/", "/%2Bid/", $tmp_value); | ||
2619 | 213 | } | ||
2620 | 214 | $message->args->values = $tmp_values; | ||
2621 | 215 | |||
2622 | 216 | $form_html = $message->toFormMarkup($authRequest->endpoint->server_url, | ||
2623 | 217 | array('id' => $form_id)); | ||
2624 | 218 | error_log("form_html: " . $form_html, 0); | ||
2625 | 219 | |||
2626 | 220 | // Let's restore our Message stack in case we decide to use it again later. | ||
2627 | 221 | $message->args->values = $bkp_values; | ||
2628 | 222 | |||
2629 | 223 | $templater = vB_Template::create('openid_redirect_form'); | ||
2630 | 224 | $templater->register('form_id', $form_id); | ||
2631 | 225 | $templater->register('text_redirect', $text_redirect); | ||
2632 | 226 | $templater->register('form_html', $form_html); | ||
2633 | 227 | $template = $templater->render(true, true); | ||
2634 | 228 | print_output($template); | ||
2635 | 229 | } | ||
2636 | 230 | } | ||
2637 | 231 | |||
2638 | 232 | return false; | ||
2639 | 233 | } | ||
2640 | 168 | ?> | 234 | ?> |