VBulletin OpenID

Merge lp:~ubuntuforums-devel/vbulletin-openid-integration/version4-fixes into lp:vbulletin-openid-integration

  1. version4-fixes
  2. Merge into trunk
Proposed by kyleabaker
Status: Needs review
Proposed branch: lp:~ubuntuforums-devel/vbulletin-openid-integration/version4-fixes
Merge into: lp:vbulletin-openid-integration
Diff against target: 2640 lines (+1482/-1043)
7 files modified
install.txt (+90/-23)
product-openid.xml (+315/-301)
readme.txt (+12/-6)
upload/openid_associate.php (+47/-34)
upload/openid_authenticate.php (+527/-311)
upload/openid_store.php (+276/-219)
upload/openid_utils.php (+215/-149)
To merge this branch: bzr merge lp:~ubuntuforums-devel/vbulletin-openid-integration/version4-fixes
Reviewer Review Type Date Requested Status
Canonical ISD hackers Pending
Review via email: mp+131238@code.launchpad.net

Description of the change

Initial vBulletin 4 compatibility.

To post a comment you must log in.

Unmerged revisions

2. By kyleabaker

vBulletin 4 fixes

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'install.txt'
--- install.txt 2012-07-23 16:21:45 +0000
+++ install.txt 2012-10-24 17:05:24 +0000
@@ -6,6 +6,7 @@
6#6#
7# Copyright 2009 William Norris7# Copyright 2009 William Norris
8# Copyright 2009 Anthony Lenton8# Copyright 2009 Anthony Lenton
9# Copyright 2012 Kyle Baker
9# Copyright 2012 Canonical10# Copyright 2012 Canonical
10# 11#
11# This file is part of vbulletin-openid-integration.12# This file is part of vbulletin-openid-integration.
@@ -27,29 +28,95 @@
27 the internet, or at least to the domains that you plan on allowing as28 the internet, or at least to the domains that you plan on allowing as
28 OpenID providers.29 OpenID providers.
2930
301) install the OpenID 2.x series libraries from openidenabled.com311) Install the OpenID 2.x series libraries for PHP 5:
31 - http://www.openidenabled.com/php-openid/32 - Download from http://www.openidenabled.com/php-openid/
3233 - Extract the archive and browse the contents.
332) install product-openid.xml using the vBulletin Product Manager34 - Find the directory labeled 'Auth' and copy it to the
3435 base of your vBulletin 4.x installation.
353) Add a new User Profile Field -- a single-lined textbox named "OpenID"36 (ex. http://example.com/vbulletin/Auth)
3637
374) Find the 'OpenID' settings group in the vBulletin Options and configure as 382) Install product-openid.xml using the vBulletin Product Manager:
39 - Log in to the Admin Control Panel in vBulletin 4.x.
40 - In the left panel, find 'Plugins & Products' near the bottom
41 and click the arrow to expand.
42 - Once expanded, click 'Manage Products'.
43 - From this page, find '[Add/Import Product]' at the bottom of
44 the Installed Products section and click it.
45 - Under 'Import Product', select 'Choose File' and browse through
46 the vBulletin OpenID Integration installation files for
47 'product-openid.xml' and open it.
48 - Click 'Import'.
49
503) Upload vBulletin OpenID Integration files:
51 - From the installation vBulletin OpenID Integration files, find
52 the directory labeled 'upload'.
53 - Create a folder named 'vbopenid' in the root of your vBulletin
54 4.x installation. (ex. http://example.com/vbulletin/vbopenid)
55 - Upload the contents of the 'upload' directory to your newly
56 created 'vbopenid' directory.
57
584) Add a new User Profile Field -- a single-lined textbox named "OpenID"
59 - Log in to the Admin Control Panel in vBulletin 4.x.
60 - In the left panel, find 'User Profile Fields' mid-way down and
61 click the arrow to expand.
62 - Once expanded, click 'Add New User Profile Field'.
63 - From this page, the default Profile Field Type should be
64 'Single-Line Text Box'. Click continue.
65 - User Profile Field Settings:
66 * Title: | "OpenID"
67 * Description: |
68 * Profile Field: | "Uncategorized"
69 * Default Value: |
70 * Max length of allowed user input: | Default is 100
71 * Field Length: | Default is 25
72 * Profile Field Type: | "Single-Line Text Box"
73 * Display Order: |
74 * Field Required: |
75 * Field Editable by User: | "No"
76 * Private Field: | "Yes"
77 * Field Searchable on Members List: | "No"
78 * Show on Members List: | "No"
79 * Regular Expression: |
80 |
81 * Which page displays this option?: | "Options: Other"
82 - Click 'Save'.
83
845) Find the 'OpenID' settings group in the vBulletin Options and configure as
38 appropriate. This is particularly important if you installed the libraries 85 appropriate. This is particularly important if you installed the libraries
39 in step 1 in a location that is not part of the standard php include_path86 in step 1 in a location that is not part of the standard php include_path or
87 in a location that differs from step 1 instructions.
88 - Log in to the Admin Control Panel in vBulletin 4.x.
89 - In the left panel, find 'Settings' at the top and
90 click the arrow to expand.
91 - Once expanded, click 'Options'.
92 - From this page, scroll through the list until you find 'OpenID',
93 select it and click 'Edit Settings'.
94 - Adjust settings as needed. Ensure that the OpenID Profile Field matches
95 the title of the User Profile Field that you created in step 4.
96 - Click 'Save'.
4097
415) Edit your templates to add "$openid_login_box" somewhere. I recommend adding 986) Edit your templates to add the OpenID log in form somewhere. I recommend adding
42 it to the 'navbar' template -- inside the existing login box, just before the 99 it to the 'header' template -- inside the existing login box area, just before the
43 submit button, and wrap it in a div that floats right. So you'd end up with100 submit button, and wrap it in a div that floats right. So you'd end up with
44101 - Log in to the Admin Control Panel in vBulletin 4.x.
45 <td>102 - In the left panel, find 'Styles & Templates' near the top and
46 <div style="float: right">103 click the arrow to expand.
47 $openid_login_box104 - Once expanded, click 'Style Manager'.
48 </div>105 - From this page, you will find two sections labeled Style Manager. In
49 <input type="submit" class="button" value="$vbphrase[log_in]" tabindex="104" 106 the section containing 'Default Style', click the right most button
50 title="$vbphrase[enter_username_to_login_or_register]" accesskey="s" />107 to expand a list of all templates for this style.
51 </td>108 - Scroll through the list until you find 'header' or the template that
52109 you've decided to modify.
53 But of course, you can add it anywhere you want.110 - Make your changes and click 'Save'.
54111
55112 - If you decide to add to the 'header' template, insert the following
113 immediately after the list item for Help. Find it by searching for
114 "help" in the text area.
115
116 <li>
117 {vb:phrase openid_login_box}
118 </li>
119
120 But of course, you can add it anywhere you want.
121
122Congratulations! Installation is complete!
56123
=== modified file 'product-openid.xml'
--- product-openid.xml 2012-07-23 16:21:45 +0000
+++ product-openid.xml 2012-10-24 17:05:24 +0000
@@ -1,6 +1,9 @@
1<?xml version="1.0" encoding="ISO-8859-1"?>
2
1<!--3<!--
2Copyright 2009 William Norris4Copyright 2009 William Norris
3Copyright 2009 Anthony Lenton5Copyright 2009 Anthony Lenton
6Copyright 2012 Kyle Baker
4Copyright 2012 Canonical7Copyright 2012 Canonical
58
6This file is part of vbulletin-openid-integration.9This file is part of vbulletin-openid-integration.
@@ -18,309 +21,320 @@
18You should have received a copy of the GNU Lesser Public License21You should have received a copy of the GNU Lesser Public License
19along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>.22along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>.
20-->23-->
21<?xml version="1.0" encoding="ISO-8859-1"?>
2224
23<product productid="openid" active="1">25<product productid="openid" active="1">
24 <title>OpenID</title>26 <title>OpenID</title>
25 <description>OpenID Authentication</description>27 <description>OpenID Authentication</description>
26 <version>1.0.0</version>28 <version>1.0.0</version>
27 <codes>29 <url>https://launchpad.net/vbulletin-openid-integration</url>
28 <code version="1.0">30 <!-- <versioncheckurl>https://code.launchpad.net/vbulletin-openid-integration/version.xml</versioncheckurl> -->
29 <installcode><![CDATA[31 <dependencies>
30require_once('openid_utils.php');32 <dependency dependencytype="vbulletin" minversion="4.2.0" maxversion=""/>
31$secret = generate_password(15);33 </dependencies>
32$vbulletin->options['openid_secret'] = $secret;34 <codes>
33require_once('openid_store.php');35 <code version="1.0">
34_createDBTables($vbulletin);36 <installcode><![CDATA[
35]]></installcode>37 require_once('vbopenid/openid_utils.php');
36 <uninstallcode><![CDATA[38
37require_once('openid_store.php');39 $secret = generate_password(15);
38_removeDBTables($vbulletin);40 $vbulletin->options['openid_secret'] = $secret;
39 ]]></uninstallcode>41
40 </code>42 require_once('vbopenid/openid_store.php');
41 </codes>43
42 <templates>44 _createDBTables($vbulletin);
43 <template name="openid_redirect_form" templatetype="template" username="achuni" version="1.0.0"><![CDATA[45 ]]></installcode>
44<html><head><title>OpenID request</title></head>46 <uninstallcode><![CDATA[
45<body onload="document.getElementById('$form_id').submit();"47 require_once('vbopenid/openid_store.php');
46 style="text-align: center;">48
47 <div style="background: lightyellow; border: 1px solid black; margin: 30px 20%; padding: 5px 15px;">49 _removeDBTables($vbulletin);
48 <p> $text_redirect </p>50 ]]></uninstallcode>
49 </div>51 </code>
50 $form_html52 </codes>
51</body></html>]]></template>53 <templates>
52 <template name="openid_request_email" templatetype="template" username="achuni" version="1.0.0"><![CDATA[$stylevar[htmldoctype]54 <template name="openid_redirect_form" templatetype="template" username="achuni" version="1.0.0">
53<html xmlns="http://www.w3.org/1999/xhtml" dir="$stylevar[textdirection]" lang="$stylevar[languagecode]">55 <![CDATA[
54<head>56<html>
55$headinclude57<head>
56<title>$vboptions[bbtitle] - $vbphrase[registration]</title>58 <title>OpenID request</title>
57</head>59</head>
58<body>60 <body onload="document.getElementById('{vb:raw form_id}').submit();" style="text-align: center;">
5961 <div style="background: lightyellow; border: 1px solid black; margin: 30px 20%; padding: 5px 15px;">
60$header62 <p> {vb:raw text_redirect} </p>
6163 </div>
62<br />64 {vb:raw form_html}
6365 </body>
64<if condition="$show['errors']">66</html>
65 <table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center">67 ]]></template>
66 <tr>68 <template name="openid_request_email" templatetype="template" username="achuni" version="1.0.0">
67 <td class="tcat">The following errors occurred during your registration:</td>69 <![CDATA[
68 </tr>70{vb:stylevar htmldoctype}
69 <tr>71<html xmlns="http://www.w3.org/1999/xhtml" dir="{vb:stylevar textdirection}" lang="{vb:stylevar languagecode}">
70 <td class="alt1"><ul>$errorlist</ul></td>72<head>
71 </tr>73{vb:raw headinclude}
72 </table>74<title>{vb:raw vboptions.bbtitle} - {vb:phrase registration}</title>
73 <br />75</head>
74</if>76<body>
7577
76<form action="login.php?do=login" name="login" method="post">78{vb:raw header}
77<input type="hidden" name="do" value="login" />79{vb:raw navbar}
78<input type="hidden" name="openid" value="$openid" />80
79<input type="hidden" name="openid_confirm" value="$openid_confirm" />81<br />
80<input type="hidden" name="openid_username" value="$openid_username" />82
81<input type="hidden" name="openid_action" value="request_email" />83<vb:if condition="$show['errors']">
82<table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center">84 <form action="profile.php?do=dismissnotice" method="post" id="notices" class="notices">
83<tr>85 <input type="hidden" name="do" value="dismissnotice">
84 <td class="tcat"><phrase 1="$vboptions[bbtitle]">$vbphrase[register_at_x]</phrase></td>86 <input type="hidden" name="s" value="">
85</tr>87 <input type="hidden" name="securitytoken" value="{vb:raw bbuserinfo.securitytoken}">
86<tr>88 <input type="hidden" id="dismiss_notice_hidden" name="dismiss_noticeid" value="">
87 <td class="panelsurround" align="center">89 <input type="hidden" name="url" value="">
88 <div class="panel">90 <ol>
89 <div style="width:$stylevar[formwidth]" align="$stylevar[left]">91 <li class="restore" id="navbar_notice_1">{vb:phrase openid_following_errors_occurrred}</li>
9092 {vb:raw errorlist}
91 <fieldset class="fieldset">93 </ol>
92 <legend>$vbphrase[email_address]</legend>94 </form>
93 <table cellpadding="0" cellspacing="$stylevar[formspacer]" border="0" width="400">95</vb:if>
94 <tr>96
95 <td>97<div class="standard_error">
96 $vbphrase[email_address]:<br />98 <h2 class="blockhead">{vb:phrase register}</h2>
97 <input type="text" class="bginput" name="email" size="25" maxlength="50" value="$email" dir="ltr" />99 <form class="block vbform" method="post" action="login.php?do=login">
98 </td>100 <input type="hidden" name="do" value="login">
99 <td>101 <input type="hidden" name="openid" value="{vb:raw openid}">
100 Confirm email address:<br />102 <input type="hidden" name="openid_confirm" value="{vb:raw openid_confirm}">
101 <input type="text" class="bginput" name="email_confirm" size="25" maxlength="50" value="$email_confirm" dir="ltr" />103 <input type="hidden" name="openid_username" value="{vb:raw openid_username}" />
102 </td>104 <input type="hidden" name="openid_action" value="request_email" />
103 </tr>105 <input type="hidden" name="vb_login_md5password" value="">
104 </table>106 <input type="hidden" name="vb_login_md5password_utf" value="">
105 </fieldset>107 <input type="hidden" name="s" value="">
106 </div>108 <input type="hidden" name="s" value="{vb:raw session.sessionhash}">
107 </div>109 <input type="hidden" name="securitytoken" value="{vb:raw bbuserinfo.securitytoken}">
108 <div style="margin-top:$stylevar[cellpadding]px">110 <input type="hidden" name="url" value="http://localhost/vbulletin/forum.php">
109 <input type="submit" class="button" value="Complete Registration" accesskey="s" />111 <div class="blockbody formcontrols">
110 <input type="reset" class="button" name="Reset" value="$vbphrase[reset_fields]" />112 <h3 class="blocksubhead"></h3>
111 </div>113 <div class="blockrow">
112 </td>114 <label for="vb_registration_email">{vb:phrase email_address}</label>
113</tr>115 <input type="text" class="primary textbox" id="email" name="email" value="{vb:raw email}" accesskey="u" tabindex="1">
114</table>116 </div>
115</form>117 <div class="blockrow">
116118 <label for="vb_registration_email_confirm">{vb:phrase openid_email_address_confirm}</label>
117$footer119 <input type="text" class="primary textbox" id="email_confirm" name="email_confirm" value="{vb:raw email_confirm}" tabindex="1">
118120 </div>
119</body>121 </div>
120</html>]]></template>122 <div class="blockfoot actionbuttons">
121 <template name="openid_request_user_pass" templatetype="template" username="achuni" version="1.0.0"><![CDATA[123 <div class="group">
122$stylevar[htmldoctype]124 <input type="submit" class="button" value="{vb:phrase openid_complete_registration}" accesskey="s" tabindex="1" title="{vb:phrase enter_username_to_login_or_register}">
123<html xmlns="http://www.w3.org/1999/xhtml" dir="$stylevar[textdirection]" lang="$stylevar[languagecode]">125 <input type="reset" class="button" value="{vb:phrase reset_fields}" accesskey="r" tabindex="1">
124<head>126 </div>
125$headinclude127 </div>
126<title>$vboptions[bbtitle] - $vbphrase[registration]</title>128 </form>
127</head>129</div>
128<body>130
129131{vb:raw footer}
130$header132
131133</body>
132<br />134</html>
133135 ]]></template>
134<if condition="$show['errors']">136 <template name="openid_request_user_pass" templatetype="template" username="achuni" version="1.0.0">
135 <table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center">137 <![CDATA[
136 <tr>138{vb:stylevar htmldoctype}
137 <td class="tcat">$vbphrase[openid_first_time]</td>139<html xmlns="http://www.w3.org/1999/xhtml" dir="{vb:stylevar textdirection}" lang="{vb:stylevar languagecode}">
138 </tr>140<head>
139 <tr>141{vb:raw headinclude}
140 <td class="alt1"><ul>$errorlist</ul></td>142<title>{vb:raw vboptions.bbtitle} - {vb:phrase registration}</title>
141 </tr>143</head>
142 </table>144<body>
143 <br />145
144</if>146{vb:raw header}
145147{vb:raw navbar}
146<form action="login.php?do=login" name="login" method="post" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, $show[nopasswordempty])">148
147<table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center">149<br />
148<tr>150
149 <td class="tcat">$vbphrase[openid_fieldset_assoc_address]</td>151<vb:if condition="$show['errors']">
150</tr>152 <form action="profile.php?do=dismissnotice" method="post" id="notices" class="notices">
151<tr>153 <input type="hidden" name="do" value="dismissnotice">
152 <td class="panelsurround" align="center">154 <input type="hidden" name="s" value="">
153 <ul>$vbphrase[openid_description_assoc]</ul>155 <input type="hidden" name="securitytoken" value="{vb:raw bbuserinfo.securitytoken}">
154 <div class="panel" style="width:$stylevar[formwidth]">156 <input type="hidden" id="dismiss_notice_hidden" name="dismiss_noticeid" value="">
155 <div style="width:$stylevar[formwidth]" align="$stylevar[left]">157 <input type="hidden" name="url" value="">
156158 <ol>
157 <!-- login form -->159 <li class="restore" id="navbar_notice_1">{vb:phrase openid_first_time}</li>
158 <input type="hidden" name="do" value="login" />160 <li class="restore" id="navbar_notice_2">{vb:raw errorlist}</li>
159 <input type="hidden" name="openid" value="$openid" />161 </ol>
160 <input type="hidden" name="openid_confirm" value="$openid_confirm" />162 </form>
161 <input type="hidden" name="openid_action" value="request_user" />163</vb:if>
162 <script type="text/javascript" src="clientscript/vbulletin_md5.js?v=$vboptions[simpleversion]"></script>164
163 <table cellpadding="0" cellspacing="$stylevar[formspacer]" border="0">165<div class="standard_error">
164 <tr>166 <h2 class="blockhead">{vb:phrase openid_button_assoc}</h2>
165 <td style="white-space: nowrap;"><label for="navbar_username">$vbphrase[username]</label></td>167 <form class="block vbform" method="post" action="login.php?do=login" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, {vb:raw show.nopasswordempty})">
166 <td><input type="text" class="bginput" style="font-size: 11px" name="vb_login_username" id="navbar_username" size="10" accesskey="u" tabindex="101" value="$openid_username" onfocus="if (this.value == '$vbphrase[username]') this.value = '';" /></td>168 <input type="hidden" name="do" value="login">
167 </tr>169 <input type="hidden" name="openid" value="{vb:raw openid}">
168 <tr>170 <input type="hidden" name="openid_confirm" value="{vb:raw openid_confirm}">
169 <td><label for="navbar_password">$vbphrase[password]</label></td>171 <input type="hidden" name="openid_action" value="request_user">
170 <td><input type="password" class="bginput" style="font-size: 11px" name="vb_login_password" id="navbar_password" size="10" tabindex="102" /></td>172 <input type="hidden" name="vb_login_md5password" value="">
171 </tr>173 <input type="hidden" name="vb_login_md5password_utf" value="">
172 <tr>174 <input type="hidden" name="s" value="">
173 <td nowrap="nowrap" colspan="2"><label for="cb_cookieuser_navbar"><input type="checkbox" name="cookieuser" value="1" tabindex="103" id="cb_cookieuser_navbar" accesskey="c" />$vbphrase[remember_me]</label></td>175 <input type="hidden" name="s" value="{vb:raw session.sessionhash}">
174 </tr>176 <input type="hidden" name="securitytoken" value="{vb:raw bbuserinfo.securitytoken}">
175 </table>177 <input type="hidden" name="url" value="http://localhost/vbulletin/forum.php">
176 <input type="hidden" name="s" value="$session[sessionhash]" />178 <div class="blockbody formcontrols">
177 <input type="hidden" name="securitytoken" value="$bbuserinfo[securitytoken] . "" />179 <div class="blockrow restore">
178 <input type="hidden" name="do" value="login" />180 {vb:phrase openid_description_assoc}
179 <input type="hidden" name="vb_login_md5password" />181 </div>
180 <input type="hidden" name="vb_login_md5password_utf" />182
181 <!-- / login form -->183 <h3 class="blocksubhead">{vb:raw log_in}</h3>
182 </div>184 <div class="blockrow">
183 </div>185 <label for="vb_login_username">{vb:phrase username}</label>
184 <div style="margin-top:$stylevar[cellpadding]px">186 <input type="text" class="primary textbox" id="vb_login_username" name="vb_login_username" value="{vb:raw openid_username}" accesskey="u" tabindex="1">
185 <input type="submit" class="button" tabindex="104" value="$vbphrase[openid_button_assoc]" accesskey="s" title="$vbphrase[enter_username_to_login_or_register]" />187 </div>
186 <input type="reset" class="button" name="Reset" value="$vbphrase[reset_fields]" />188 <div class="blockrow">
187 </div>189 <label for="vb_login_password">{vb:phrase password}</label>
188 </td>190 <input type="password" class="primary textbox" id="vb_login_password" name="vb_login_password" tabindex="1">
189</tr>191 </div>
190</table>192 <div class="blockrow singlecheck">
191</form>193 <label for="cb_cookieuser"><input type="checkbox" name="cookieuser" id="cb_cookieuser" value="1" tabindex="1"> {vb:phrase remember_me}</label>
192<br/>194 </div>
193195 </div>
194<table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center">196 <div class="blockfoot actionbuttons">
195<tr>197 <div class="group">
196 <td class="tcat">$vbphrase[openid_fieldset_register]</td>198 <input type="submit" class="button" value="{vb:phrase openid_button_assoc}" accesskey="s" tabindex="1" title="{vb:phrase enter_username_to_login_or_register}">
197</tr>199 <input type="reset" class="button" value="{vb:phrase reset_fields}" accesskey="r" tabindex="1">
198<tr>200 </div>
199 <td class="alt1"><ul>$vbphrase[openid_description_register]</ul></td>201 </div>
200</tr>202 </form>
201</table>203</div>
202204
203$footer205<p>
204206 <em>{vb:phrase openid_fieldset_register}</em><br>
205</body>207 {vb:phrase openid_description_register}
206</html>208</p>
207]]>209
208</template>210{vb:raw footer}
209 <template name="openid_login_box" templatetype="template" date="1152640721" username="wnorris" version="1.0.0"><![CDATA[211
212</body>
213</html>
214 ]]></template>
215 </templates>
216 <plugins>
217 <plugin active="1">
218 <title>OpenID Login Box</title>
219 <hookname>cache_templates</hookname>
220 <phpcode>
221 <![CDATA[$globaltemplates = array_merge((array)$globaltemplates, array('openid_login_box', 'openid_request_email', 'openid_redirect_form'));]]>
222 </phpcode>
223 </plugin>
224 <plugin active="1">
225 <title>Fix OpenID POST vars</title>
226 <hookname>global_bootstrap_init_start</hookname>
227 <phpcode>
228 <![CDATA[
229if (THIS_SCRIPT == 'login' AND $_REQUEST['do'] == 'login' AND ($_REQUEST['openid'] OR $_REQUEST['openid.mode'] OR $_REQUEST['openid_mode']))
230{
231 $_POST['do'] = 'login';
232 if (!$_POST['vb_login_username']) {
233 $_POST['vb_login_username'] = '.';
234 }
235}
236 ]]>
237 </phpcode>
238 </plugin>
239 <plugin active="1">
240 <title>OpenID Authentication</title>
241 <hookname>login_failure</hookname>
242 <phpcode>
243 <![CDATA[include('vbopenid/openid_authenticate.php');]]>
244 </phpcode>
245 </plugin>
246 <plugin active="1">
247 <title>OpenID associate existing user </title>
248 <hookname>login_process</hookname>
249 <phpcode>
250 <![CDATA[include('vbopenid/openid_associate.php');]]>
251 </phpcode>
252 </plugin>
253 <plugin active="1">
254 <title>OpenID Login Box</title>
255 <hookname>parse_templates</hookname>
256 <phpcode>
257 <![CDATA[
258 //$templater = vB_Template::create('openid_login_box');
259 //$openid_login_box = $templater->render(true, true);
260 //$template_hook['header'] .= $openid_login_box;
261 ]]>
262 </phpcode>
263 </plugin>
264 </plugins>
265 <phrases>
266 <phrasetype name="vBulletin Settings" fieldname="vbsettings">
267 <phrase name="setting_openid_field_desc"><![CDATA[Name of the custom profile field used for storing OpenIDs.]]></phrase>
268 <phrase name="setting_openid_field_title"><![CDATA[OpenID Profile Field]]></phrase>
269 <phrase name="setting_openid_secret_desc"><![CDATA[A randomly generated secret to avoid OpenID tampering during automatic registration, after authenticating with the provider, but before we create the user.]]></phrase>
270 <phrase name="setting_openid_secret_title"><![CDATA[A Random Secret]]></phrase>
271 <phrase name="setting_openid_math_desc"><![CDATA[Does this PHP installation have advanced math support such as gmp or bcmath?]]></phrase>
272 <phrase name="setting_openid_math_title"><![CDATA[Math Support]]></phrase>
273 <phrase name="setting_openid_auto_register_desc"><![CDATA[Automatically register a new user when an unknown OpenID is authenticated?]]></phrase>
274 <phrase name="setting_openid_auto_register_title"><![CDATA[Automatic User Registration]]></phrase>
275 <phrase name="setting_openid_path_desc"><![CDATA[If the OpenID libraries aren't available on the standard include path, enter the directory where they are installed.]]></phrase>
276 <phrase name="setting_openid_path_title"><![CDATA[Library Path]]></phrase>
277 <phrase name="setting_openid_allowedproviders_desc"><![CDATA[Coma-separated list of allowed providers. Each provider is taken as a regex to check if a particular server should be allowed. Leave blank to allow all providers.]]></phrase>
278 <phrase name="setting_openid_allowedproviders_title"><![CDATA[Allowed Providers]]></phrase>
279 <phrase name="settinggroup_openid"><![CDATA[OpenID]]></phrase>
280 </phrasetype>
281 <phrasetype name="GLOBAL" fieldname="global">
282 <phrase name="openid_fieldset_assoc_address"><![CDATA[Associate OpenID to an existing account]]></phrase>
283 <phrase name="openid_fieldset_register"><![CDATA[Register a new account]]></phrase>
284 <phrase name="openid_description_assoc"><![CDATA[If you already have a forum account and want to associate this ID to it, please fill in this form.]]></phrase>
285 <phrase name="openid_description_register"><![CDATA[If you don't yet have a forum account and want to register a new one, please <a href="register.php">click here</a>.]]></phrase>
286 <phrase name="openid_button_assoc"><![CDATA[Associate my ID to this account]]></phrase>
287 <phrase name="openid_following_errors_occurrred"><![CDATA[The following errors occurred during your registration:]]></phrase>
288 <phrase name="openid_first_time"><![CDATA[It's the first time that you've signed in using this OpenID]]></phrase>
289 <phrase name="openid_no_auto_register"><![CDATA[Sorry, you'll need to first associate this OpenID to an existing forum user, <em>or</em> register a new account to be able to sign in with your OpenID, as automatic user registration is disabled.]]></phrase>
290 <phrase name="openid_email_address_confirm"><![CDATA[Confirm Email Address:]]></phrase>
291 <phrase name="openid_complete_registration"><![CDATA[Complete Registration]]></phrase>
292 <phrase name="openid_login_box">
293 <![CDATA[
210<!-- OpenID Login Box -->294<!-- OpenID Login Box -->
211<div id="openid_login">295 <form class="logindetails" action="login.php" method="post">
212 <a href="#"><img style="border:0" src="$stylevar[imgdir_button]/openid.png" alt="OpenID" /></a>296 <input type="hidden" name="do" value="login" />
213 <script type="text/javascript">vbmenu_register("openid_login");</script>297 <input type="text" style="background:white url(http://openid.net/login-bg.gif) no-repeat 1px 1px; padding-left:20px" class="bginput" name="openid" size="20" />&nbsp;<input type="submit" class="button" value="Go" /><br />
214</div>298 </form>
215
216<div class="vbmenu_popup" id="openid_login_menu" style="display:none">
217 <table cellpadding="4" cellspacing="1" border="0">
218 <tr>
219 <td class="thead">OpenID Login</td>
220 </tr>
221 <tr>
222 <td class="vbmenu_option" title="nohilite">
223 <form action="login.php" method="post">
224 <input type="hidden" name="do" value="login" />
225 <input type="text" style="background:white url(http://openid.net/login-bg.gif) no-repeat 1px 1px; padding-left:20px" class="bginput" name="openid" size="20" />&nbsp;<input type="submit" class="button" value="Go" /><br />
226 </form>
227 </td>
228 </tr>
229 </table>
230</div>
231<!-- / OpenID Login Box -->299<!-- / OpenID Login Box -->
232 ]]></template>300 ]]>
233 </templates>301 </phrase>
234 <plugins>302 </phrasetype>
235 <plugin active="1">303 <phrasetype name="Error Messages" fieldname="error">
236 <title>OpenID Login Box</title>304 <phrase name="openid_tamperedform"><![CDATA[Inconsistencies were detected in your form values. Please re-authenticate with your OpenID provider]]></phrase>
237 <hookname>cache_templates</hookname>305 <phrase name="openid_server_not_allowed"><![CDATA[Sorry, we currently don't accept OpenIDs from your server ({1})]]></phrase>
238 <phpcode><![CDATA[$globaltemplates = array_merge($globaltemplates, array('openid_login_box', 'openid_request_email', 'openid_redirect_form'));]]></phpcode>306 <phrase name="openid_redirect"><![CDATA[You are about to be redirected to your OpenID provider. If you are not redirected automatically, please click the continue button below.]]></phrase>
239 </plugin>307 </phrasetype>
240 <plugin active="1">308 </phrases>
241 <title>Fix OpenID POST vars</title>309 <options>
242 <hookname>global_start</hookname>310 <settinggroup name="openid" displayorder="999">
243 <phpcode><![CDATA[if (THIS_SCRIPT == 'login' AND $_REQUEST['do'] == 'login' AND ($_REQUEST['openid'] OR $_REQUEST['openid.mode'] OR $_REQUEST['openid_mode']))311 <setting varname="openid_path" displayorder="10">
244{312 <datatype>free</datatype>
245 $_POST['do'] = 'login';313 </setting>
246 if (!$_POST['vb_login_username']) {314 <setting varname="openid_math" displayorder="20">
247 $_POST['vb_login_username'] = '.';315 <datatype>boolean</datatype>
248 }316 <optioncode>yesno</optioncode>
249}]]></phpcode>317 <defaultvalue>0</defaultvalue>
250 </plugin>318 </setting>
251 <plugin active="1">319 <setting varname="openid_auto_register" displayorder="30">
252 <title>OpenID Authentication</title>320 <datatype>boolean</datatype>
253 <hookname>login_failure</hookname>321 <optioncode>yesno</optioncode>
254 <phpcode><![CDATA[include('openid_authenticate.php');]]></phpcode>322 <defaultvalue>0</defaultvalue>
255 </plugin>323 </setting>
256 <plugin active="1">324 <setting varname="openid_field" displayorder="50">
257 <title>OpenID associate existing user </title>325 <datatype>free</datatype>
258 <hookname>login_process</hookname>326 <defaultvalue>OpenID</defaultvalue>
259 <phpcode><![CDATA[include('openid_associate.php');]]></phpcode>327 </setting>
260 </plugin>328 <setting varname="openid_allowedproviders" displayorder="60">
261 <plugin active="1">329 <datatype>free</datatype>
262 <title>OpenID Login Box</title>330 </setting>
263 <hookname>parse_templates</hookname>331 <setting varname="openid_secret" displayorder="70">
264 <phpcode><![CDATA[eval('$openid_login_box = "' . fetch_template('openid_login_box') . '";');]]></phpcode>332 <datatype>free</datatype>
265 </plugin>333 <defaultvalue>CHANGEME</defaultvalue>
266 </plugins>334 </setting>
267 <phrases>335 </settinggroup>
268 <phrasetype name="vBulletin Settings" fieldname="vbsettings">336 </options>
269 <phrase name="setting_openid_field_desc"><![CDATA[Name of the custom profile field used for storing OpenIDs.]]></phrase>337 <!-- <helptopics/> -->
270 <phrase name="setting_openid_field_title"><![CDATA[OpenID Profile Field]]></phrase>338 <!-- <cronentries/> -->
271 <phrase name="setting_openid_secret_desc"><![CDATA[A randomly generated secret to avoid OpenID tampering during automatic registration, after authenticating with the provider, but before we create the user.]]></phrase>339 <!-- <faqentries/> -->
272 <phrase name="setting_openid_secret_title"><![CDATA[A Random Secret]]></phrase>
273 <phrase name="setting_openid_math_desc"><![CDATA[Does this PHP installation have advanced math support such as gmp or bcmath?]]></phrase>
274 <phrase name="setting_openid_math_title"><![CDATA[Math Support]]></phrase>
275 <phrase name="setting_openid_auto_register_desc"><![CDATA[Automatically register a new user when an unknown OpenID is authenticated?]]></phrase>
276 <phrase name="setting_openid_auto_register_title"><![CDATA[Automatic User Registration]]></phrase>
277 <phrase name="setting_openid_path_desc"><![CDATA[If the OpenID libraries aren't available on the standard include path, enter the directory where they are installed.]]></phrase>
278 <phrase name="setting_openid_path_title"><![CDATA[Library Path]]></phrase>
279 <phrase name="setting_openid_allowedproviders_desc"><![CDATA[Coma-separated list of allowed providers. Each provider is taken as a regex to check if a particular server should be allowed. Leave blank to allow all providers.]]></phrase>
280 <phrase name="setting_openid_allowedproviders_title"><![CDATA[Allowed Providers]]></phrase>
281 <phrase name="settinggroup_openid"><![CDATA[OpenID]]></phrase>
282 </phrasetype>
283 <phrasetype name="GLOBAL" fieldname="global">
284 <phrase name="openid_fieldset_assoc_address"><![CDATA[Associate OpenID to an existing account]]></phrase>
285 <phrase name="openid_fieldset_register"><![CDATA[Register a new account]]></phrase>
286 <phrase name="openid_description_assoc"><![CDATA[If you already have a forum account and want to associate this ID to it, please fill in this form.]]></phrase>
287 <phrase name="openid_description_register"><![CDATA[If you don't yet have a forum account and want to register a new one, please <a href="register.php">click here</a>.]]></phrase>
288 <phrase name="openid_button_assoc"><![CDATA[Associate my ID to this account]]></phrase>
289 <phrase name="openid_first_time"><![CDATA[It's the first time you sign in using this OpenID]]></phrase>
290 <phrase name="openid_no_auto_register"><![CDATA[Sorry, you'll need to first associate this OpenID to an existing forum user, <b><big>or</big></b> register a new account to be able to sign in with your OpenID, as automatic user registration is disabled.]]></phrase>
291 </phrasetype>
292 <phrasetype name="Error Messages" fieldname="error">
293 <phrase name="openid_tamperedform"><![CDATA[Inconsistencies were detected in your form values. Please re-authenticate with your OpenID provider]]></phrase>
294 <phrase name="openid_server_not_allowed"><![CDATA[Sorry, we currently don't accept OpenIDs from your server ({1})]]></phrase>
295 <phrase name="openid_redirect"><![CDATA[You are about to be redirected to your OpenID provider. If you are not redirected automatically, please click the continue button below.]]></phrase>
296 </phrasetype>
297 </phrases>
298 <options>
299 <settinggroup name="openid" displayorder="999">
300 <setting varname="openid_path" displayorder="10">
301 <datatype>free</datatype>
302 </setting>
303 <setting varname="openid_math" displayorder="20">
304 <datatype>boolean</datatype>
305 <optioncode>yesno</optioncode>
306 <defaultvalue>0</defaultvalue>
307 </setting>
308 <setting varname="openid_auto_register" displayorder="30">
309 <datatype>boolean</datatype>
310 <optioncode>yesno</optioncode>
311 <defaultvalue>0</defaultvalue>
312 </setting>
313 <setting varname="openid_field" displayorder="50">
314 <datatype>free</datatype>
315 <defaultvalue>OpenID</defaultvalue>
316 </setting>
317 <setting varname="openid_allowedproviders" displayorder="60">
318 <datatype>free</datatype>
319 </setting>
320 <setting varname="openid_secret" displayorder="70">
321 <datatype>free</datatype>
322 <defaultvalue>CHANGEME</defaultvalue>
323 </setting>
324 </settinggroup>
325 </options>
326</product>340</product>
327341
=== modified file 'readme.txt'
--- readme.txt 2012-07-23 16:21:45 +0000
+++ readme.txt 2012-10-24 17:05:24 +0000
@@ -1,5 +1,6 @@
1# Copyright 2009 William Norris1# Copyright 2009 William Norris
2# Copyright 2009 Anthony Lenton2# Copyright 2009 Anthony Lenton
3# Copyright 2012 Kyle Baker
3# Copyright 2012 Canonical4# Copyright 2012 Canonical
4# 5#
5# This file is part of vbulletin-openid-integration.6# This file is part of vbulletin-openid-integration.
@@ -21,13 +22,18 @@
21work with current versions of vBulletin and to add a few often-requested22work with current versions of vBulletin and to add a few often-requested
22features.23features.
2324
24It has been tested on vBulletin 3.8.1.25It has been tested on vBulletin 4.2.0.
2526
26Its main features are:27Its main features are:
27 - Optional automatic registration of users if an unknown openid is28 - Automatic User Registration
28 provided.29 * Enabled: OpenID users can authenticate with your vBulletin Board
29 - If automatic registration is disabled, users can still associate existing30 with no previous vBulletin username. If the OpenID provider does
30 forum accounts to their OpenID the first time they sign in.31 not return an email address, the user will be prompted for an
31 - Optional restriction of allowed OpenID providers.32 email address to link to their account.
33 * Disabled: OpenID users can authenticate with your vBulletin Board
34 using any OpenID provider of their choice. However, they MUST have
35 an existing vBulletin username to link their OpenID authentication
36 with the first time they sign in.
37 - Allowed Providers: Optional restriction of allowed OpenID providers.
3238
3339
3440
=== modified file 'upload/openid_associate.php'
--- upload/openid_associate.php 2012-07-23 16:21:45 +0000
+++ upload/openid_associate.php 2012-10-24 17:05:24 +0000
@@ -1,6 +1,8 @@
1<!--1<?php
2/**
2Copyright 2009 William Norris3Copyright 2009 William Norris
3Copyright 2009 Anthony Lenton4Copyright 2009 Anthony Lenton
5Copyright 2012 Kyle Baker
4Copyright 2012 Canonical6Copyright 2012 Canonical
57
6This file is part of vbulletin-openid-integration.8This file is part of vbulletin-openid-integration.
@@ -17,37 +19,48 @@
1719
18You should have received a copy of the GNU Lesser Public License20You should have received a copy of the GNU Lesser Public License
19along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>.21along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>.
20-->22*/
21<?php23
22/*24 /*
23 * This file is connected to the login_process hook.25 * This file is connected to the login_process hook.
24 *26 *
25 * Here we handle the case where a user attempts to log in for the first time,27 * Here we handle the case where a user attempts to log in for the first time,
26 * and automatic user creation is disabled. The user then cooses to associate28 * and automatic user creation is disabled. The user then cooses to associate
27 * an existing forum user to the provided OpenID by sending a user/pass,29 * an existing forum user to the provided OpenID by sending a user/pass,
28 * and the credentials are successfully verified. We can therefore safely30 * and the credentials are successfully verified. We can therefore safely
29 * modify the user profile to associate it to the provided OpenID, for future31 * modify the user profile to associate it to the provided OpenID, for future
30 * logins.32 * logins.
31 */33 */
3234
33require_once('openid_utils.php');35 require_once('vbopenid/openid_utils.php');
3436
35$vbulletin->input->clean_array_gpc('r', array(37 $vbulletin->input->clean_array_gpc('r', array(
36 'openid' => TYPE_STR,38 'openid' => TYPE_STR,
37 'openid_confirm' => TYPE_STR,39 'openid_confirm' => TYPE_STR,
38));40 ));
3941
40if ($vbulletin->GPC['openid_confirm']) {42 error_log("Entering openid_associate.php...", 0);
41 $openid = $vbulletin->GPC['openid'];43 if ($vbulletin->GPC['openid_confirm'])
42 $checksum = crypt($openid, $vbulletin->options['openid_secret']);44 {
43 if ($vbulletin->GPC['openid_confirm'] == $checksum) {45 $openid = $vbulletin->GPC['openid'];
44 $username = $vbulletin->GPC['vb_login_username'];46 $checksum = crypt($openid, $vbulletin->options['openid_secret']);
45 $userid = $vbulletin->userinfo['userid'];47
46 vBOpenID_setOpenID ($userid, $openid, $vbulletin);48 error_log("GPC openid_confirm: " . $vbulletin->GPC['openid_confirm'] . ":" . $checksum, 0);
47 $vbulletin->url = $vbulletin->options['homeurl'];49 if ($vbulletin->GPC['openid_confirm'] == $checksum)
48 }50 {
49 /*else {51 $username = $vbulletin->GPC['vb_login_username'];
50 Let the error silently pass, simply don't associate anything.52 $userid = $vbulletin->userinfo['userid'];
51 }*/53 error_log("username: " . $username, 0);
52}54 error_log("userid: " . $userid, 0);
55
56 vBOpenID_setOpenID ($userid, $openid, $vbulletin);
57 $vbulletin->url = $vbulletin->options['homeurl'];
58 error_log("vbulletin url: " . $vbulletin->url, 0);
59 }
60 /*else
61 {
62 Let the error silently pass, simply don't associate anything.
63 }*/
64 }
65 error_log("Exiting openid_associate.php...", 0);
53?>66?>
5467
=== modified file 'upload/openid_authenticate.php'
--- upload/openid_authenticate.php 2012-07-23 16:21:45 +0000
+++ upload/openid_authenticate.php 2012-10-24 17:05:24 +0000
@@ -1,6 +1,8 @@
1<!--1<?php
2/**
2Copyright 2009 William Norris3Copyright 2009 William Norris
3Copyright 2009 Anthony Lenton4Copyright 2009 Anthony Lenton
5Copyright 2012 Kyle Baker
4Copyright 2012 Canonical6Copyright 2012 Canonical
57
6This file is part of vbulletin-openid-integration.8This file is part of vbulletin-openid-integration.
@@ -17,314 +19,528 @@
1719
18You should have received a copy of the GNU Lesser Public License20You should have received a copy of the GNU Lesser Public License
19along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>.21along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>.
20-->22*/
21<?php23
22/*24 /*
23 * This file is connected to the login_failure hook.25 * This file is connected to the login_failure hook.
24 *26 *
25 * Here we handle all signing in via OpenID. If the user provides a valid27 * Here we handle all signing in via OpenID. If the user provides a valid
26 * OpenID but not a user/pass the login callback will fail, giving us a chance28 * OpenID but not a user/pass the login callback will fail, giving us a chance
27 * to perform additional authentication.29 * to perform additional authentication.
28 */30 */
29require_once 'openid_utils.php';31 require_once 'vbopenid/openid_utils.php';
30vBOpenID_init ($vbulletin);32 vBOpenID_init ($vbulletin);
3133
32require_once 'Auth/OpenID.php';34 require_once 'Auth/OpenID.php';
33require_once 'Auth/OpenID/Consumer.php';35 require_once 'Auth/OpenID/Consumer.php';
34require_once 'Auth/OpenID/SReg.php';36 require_once 'Auth/OpenID/SReg.php';
3537
36require_once 'openid_store.php';38 require_once 'vbopenid/openid_store.php';
37session_name('vbulletin-openid');39 session_name('vbulletin-openid');
38session_start();40 session_start();
3941
40$loginSuccess = False;42 $loginSuccess = false;
4143
42$dbStore = new vBulletin_OpenID_OptionStore($vbulletin);44 $dbStore = new vBulletin_OpenID_OptionStore($vbulletin);
43$dbStore->cleanupNonces();45 $dbStore->cleanupNonces();
44$auth = new Auth_OpenID_Consumer($dbStore);46 $auth = new Auth_OpenID_Consumer($dbStore);
4547
46$vbulletin->input->clean_array_gpc('r', array(48 $vbulletin->input->clean_array_gpc('r', array(
47 'openid' => TYPE_STR,49 'openid' => TYPE_STR,
48 'openid_mode' => TYPE_STR,50 'openid_mode' => TYPE_STR,
49 'openid_confirm' => TYPE_STR,51 'openid_confirm' => TYPE_STR,
50 'email' => TYPE_STR,52 'email' => TYPE_STR,
51 'email_confirm' => TYPE_STR,53 'email_confirm' => TYPE_STR,
52 'openid_username' => TYPE_STR,54 'openid_username' => TYPE_STR,
53 'openid_action' => TYPE_STR,55 'openid_action' => TYPE_STR,
54));56 ));
5557
56/*58 /*
57 * Picks an available username based on any username.59 * Picks an available username based on any username.
58 * (Search for the lowest numerical suffix we need to append to get an60 * (Search for the lowest numerical suffix we need to append to get an
59 * available username)61 * available username)
60 */62 */
61function pick_username($basename, $vbulletin) {63 function pick_username($basename, $vbulletin)
62 $result = $basename;64 {
63 $usedNames = $vbulletin->db->query_read("65 $result = $basename;
64 SELECT username FROM " . TABLE_PREFIX . "user66 $usedNames = $vbulletin->db->query_read("
65 WHERE username LIKE '" . $basename . "%'67 SELECT username FROM " . TABLE_PREFIX . "user
66 ");68 WHERE username LIKE '" . $basename . "%'
67 if ($usedNames->num_rows > 0) {69 ");
68 $used = array();70
69 for ($i = 0; $i < $usedNames->num_rows; $i++) {71 if ($usedNames->num_rows > 0)
70 $row = $usedNames->fetch_array();72 {
71 $used[] = $row['username'];73 $used = array();
72 }74 for ($i = 0; $i < $usedNames->num_rows; $i++)
73 $suffix = 2;75 {
74 $found = False;76 $row = $usedNames->fetch_array();
75 while (!$found) {77 $used[] = $row['username'];
76 if (!in_array($basename . $suffix, $used)) {78 }
77 $result = $basename . $suffix;79
78 $found = True;80 $suffix = 2;
79 }81 $found = false;
80 else {82 while (!$found)
81 $suffix++;83 {
82 }84 if (!in_array($basename . $suffix, $used))
83 }85 {
84 }86 $result = $basename . $suffix;
85 return $result;87 $found = true;
86}88 }
8789 else
88/*90 {
89 * This function creates a user with the provided data.91 $suffix++;
90 * $username might or might not exist in the DB, we'll just do our best.92 }
91 * $email should not exist in the DB93 }
92 */94 }
93function vBOpenID_createUser ($username, $email, $url, $vbulletin) {95
94 // init user datamanager class96 error_log("pick_username: " . $result, 0);
95 $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY);97 return $result;
9698 }
97 $username = pick_username($username, $vbulletin);99
98100 /*
99 $userdata->set('username', $username);101 * This function creates a user with the provided data.
100102 * $username might or might not exist in the DB, we'll just do our best.
101 $newusergroupid = $vbulletin->options['moderatenewmembers'] ? 4 : 2;103 * $email should not exist in the DB
102104 */
103105 function vBOpenID_createUser ($username, $email, $url, $vbulletin)
104 //generate random password106 {
105 $userdata->set('password', generate_password());107 // init user datamanager class
106108 $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY);
107 // set usergroupid109
108 $userdata->set('usergroupid', $newusergroupid);110 $username = pick_username($username, $vbulletin);
109111
110 // set languageid112 $userdata->set('username', $username);
111 $userdata->set('languageid', $vbulletin->userinfo['languageid']);113
112114 $newusergroupid = $vbulletin->options['moderatenewmembers'] ? 4 : 2;
113 // set user title115
114 $ugroup = $vbulletin->usergroupcache["$newusergroupid"];116
115 $userdata->set_usertitle('', false, $ugroup, false, false);117 //generate random password
116118 $userdata->set('password', generate_password());
117 // register IP address119
118 $userdata->set('ipaddress', IPADDRESS);120 // set usergroupid
119 $userdata->set('email', $email);121 $userdata->set('usergroupid', $newusergroupid);
120 $userdata->pre_save();122
121 // check for errors123 // set languageid
122 if (!empty($userdata->errors))124 $userdata->set('languageid', $vbulletin->userinfo['languageid']);
123 {125
124 $errorlist = '';126 // set user title
125 foreach ($userdata->errors AS $index => $error)127 $ugroup = $vbulletin->usergroupcache["$newusergroupid"];
126 {128 $userdata->set_usertitle('', false, $ugroup, false, false);
127 $errorlist .= "<li>$error</li>";129
128 }130 // register IP address
129 return $errorlist;131 $userdata->set('ipaddress', IPADDRESS);
130 }132 $userdata->set('email', $email);
131 else133 $userdata->pre_save();
132 {134
133 // save the data135 // check for errors
134 $vbulletin->userinfo['userid'] = $userid = $userdata->save();136 if (!empty($userdata->errors))
135 // set OpenID field137 {
136 vBOpenID_setOpenID ($userid, $url, $vbulletin);138 $errorlist = '';
137 }139 foreach ($userdata->errors AS $index => $error)
138 return False;140 {
139}141 $errorlist .= "<li>$error</li>";
140$return_to = $vbulletin->options['bburl'] . '/login.php?do=login';142 }
141if ($vbulletin->GPC['openid_mode'] == 'id_res') {143
142 // Coming back from the provider144 return $errorlist;
143 $return = $auth->complete($return_to);145 }
144 $openid = $return->getDisplayIdentifier();146 else
145147 {
146 if ($return->status == Auth_OpenID_SUCCESS) {148 // save the data
147 // Coming back from the provider with a successfull authentication.149 $vbulletin->userinfo['userid'] = $userid = $userdata->save();
148 $fieldname = find_openid_fieldname($vbulletin);150 // set OpenID field
149 $alternate = ereg_replace('https?://(.+)/', '\\1', $openid);151 vBOpenID_setOpenID ($userid, $url, $vbulletin);
150 $queryResult = $vbulletin->db->query_first("152 }
151 SELECT userid FROM userfield153
152 WHERE $fieldname='$openid' OR $fieldname='$alternate'154 error_log("vBOpenID_createUser: false", 0);
153 ");155 return false;
154156 }
155 if ($queryResult['userid'] > 0) {157
156 // Coming back from the provider with a successful authentication158
157 // we find that the openid is already associated to a forum user159 $return_to = $vbulletin->options['bburl'] . '/login.php?do=login';
158 $vbulletin->userinfo = $vbulletin->db->query_first("160 if ($vbulletin->GPC['openid_mode'] == 'id_res')
159 SELECT userid, usergroupid, membergroupids, username161 {
160 FROM " . TABLE_PREFIX . "user162 // Coming back from the provider
161 WHERE userid = '" . $queryResult['userid'] . "'163 $return = $auth->complete($return_to);
162 ");164
163 $vbulletin->url = $vbulletin->options['homeurl'];165 // The DisplayIdentifier is the Claimed ID, whereas the Local ID is
164 $loginSuccess = True;166 // the ID that the provider refers to you as. Its safer to just keep
165 }167 // track of the Local ID, but we can switch back to the Display ID
166 else if ($vbulletin->options['openid_auto_register']) {168 // if necessary.
167 // Coming back from the provider with a successful authentication169 //$openid = $return->getDisplayIdentifier();
168 // we find that the openid is not associated to a forum user, but170 $openid = $return->endpoint->getLocalID();
169 // autoregistration is enabled171
170 $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($return);172 error_log("return_to return: " . $return, 0);
171173 error_log("return_to openid: " . $openid, 0);
172 $sreg = $sreg_resp->contents();174
173175 // Was the authentication successful? If not, lets destroy the session.
174 if (@$sreg['nickname']) {176 if ($return->status == Auth_OpenID_SUCCESS)
175 $openid_username = $sreg['nickname'];177 {
176 }178 // Coming back from the provider with a successful authentication.
177 else {179 $fieldname = find_openid_fieldname($vbulletin);
178 $openid_username = munge_url($return->getDisplayIdentifier());180 $alternate = ereg_replace('https?://(.+)/', '\\1', $openid);
179 }181
180182 // We need to make sure that our fieldname was found, otherwise abort.
181 if (@$sreg['email']) {183 if ($fieldname)
182 // Coming back from the provider with a successful authentication184 {
183 // we find that the openid is not associated to a forum user.185 $queryResult = $vbulletin->db->query_first("
184 // Autoregistration is enabled, and an email was provided186 SELECT userid FROM " . TABLE_PREFIX . "userfield
185 // so attempt to create the user.187 WHERE $fieldname='$openid' OR $fieldname='$alternate'
186 $errorlist = vBOpenID_createUser ($openid_username,188 ");
187 $sreg['email'], $openid, $vbulletin);189 }
188 if ($errorlist === False) {190
189 // Success! User created, continue to the forum191 if (isset($queryResult) && $queryResult['userid'] > 0)
190 $vbulletin->url = $vbulletin->options['homeurl'];192 {
191 $loginSuccess = True;193 // Coming back from the provider with a successful authentication
192 }194 // we find that the openid is already associated to a forum user
193 else {195 $vbulletin->userinfo = $vbulletin->db->query_first("
194 // Automatic registration failed. It should be a duplicate196 SELECT userid, usergroupid, membergroupids, username
195 // email problem, so we'll need to ask the user for a197 FROM " . TABLE_PREFIX . "user
196 // different email.198 WHERE userid = '" . $queryResult['userid'] . "'
197 $openid_confirm = crypt($openid,199 ");
198 $vbulletin->options['openid_secret']);200 $vbulletin->url = $vbulletin->options['homeurl'];
199 $email = $email_confirm = $sreg['email'];201 $loginSuccess = true;
200 $openid_username = htmlspecialchars_uni($openid_username);202 }
201 $show['errors'] = True;203 else if ($vbulletin->options['openid_auto_register'])
202 $template = fetch_template('openid_request_email');204 {
203 eval('print_output("' . $template . '");');205 // Coming back from the provider with a successful authentication
204 $loginSuccess = False;206 // we find that the openid is not associated to a forum user, but
205 }207 // autoregistration is enabled
206 }208 $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($return);
207 else {209
208 // Coming back from the provider with a successful authentication210 $sreg = $sreg_resp->contents();
209 // we find that the openid is not associated to a forum user, but211
210 // autoregistration is enabled. Unluckily, no email was provided212 if (@$sreg['nickname'])
211 // so we must ask the user.213 {
212 $openid_confirm = crypt($openid,214 $openid_username = $sreg['nickname'];
213 $vbulletin->options['openid_secret']);215 error_log("openid_username 'nickname': " . $openid_username, 0);
214 $errorlist = "<li>Your OpenID provider didn't send us your216 }
215 email address. Please provide a valid email217 else
216 address to continue:</li>";218 {
217 $show['errors'] = True;219 $openid_username = munge_url($return->getDisplayIdentifier());
218 $template = fetch_template('openid_request_email');220 error_log("openid_username: " . $openid_username, 0);
219 eval('print_output("' . $template . '");');221 }
220222
221 $loginSuccess = False;223 // Did the provider send use the users email address?
222 }224 if (@$sreg['email'])
223 }225 {
224 else {226 // Coming back from the provider with a successful authentication
225 // Coming back from the provider with a successful authentication227 // we find that the openid is not associated to a forum user.
226 // we find that the openid is not associated to a forum user.228 // Autoregistration is enabled, and an email was provided
227 // Autoregistration is disabled, so offer the user to associate the229 // so attempt to create the user.
228 // account to an existing forum user, or forward to the registration230 $errorlist = vBOpenID_createUser ($openid_username,
229 // form.231 $sreg['email'], $openid, $vbulletin);
230 $openid_confirm = crypt($openid,232
231 $vbulletin->options['openid_secret']);233 if ($errorlist === false)
232 $errorlist = $vbphrase[openid_no_auto_register];234 {
233 $show['errors'] = True;235 // Success! User created, continue to the forum
234 $template = fetch_template('openid_request_user_pass');236 $vbulletin->url = $vbulletin->options['homeurl'];
235 eval('print_output("' . $template . '");');237 $loginSuccess = true;
236238 }
237 $loginSuccess = False;239 else
238 }240 {
239 } else {241 // Automatic registration failed. It should be a duplicate
240 // Coming back from the provider with a failed authentication.242 // email problem, so we'll need to ask the user for a
241 // Just leave things as they are and the system will tell the user.243 // different email.
242 session_destroy();244 $openid_confirm = crypt($openid, $vbulletin->options['openid_secret']);
243 }245 $email = $email_confirm = $sreg['email'];
244} else if ($vbulletin->GPC['openid_confirm'] &&246 $openid_username = htmlspecialchars_uni($openid_username);
245 $vbulletin->GPC['openid_action']=='request_email') {247 $show['errors'] = true;
246 // Coming back from the email request form248
247 $openid = $vbulletin->GPC['openid'];249 // We need to build up our basic template sections
248 $openid_confirm = $vbulletin->GPC['openid_confirm'];250 $templater = vB_Template::create('headinclude');
249 $openid_username = $vbulletin->GPC['openid_username'];251 $headinclude = $templater->render(true, true);
250 $email = $vbulletin->GPC['email'];252 $templater = vB_Template::create('header');
251 $email_confirm = $vbulletin->GPC['email_confirm'];253 $header = $templater->render(true, true);
252 if (crypt($openid, $vbulletin->options['openid_secret']) != $openid_confirm) {254 $templater = vB_Template::create('navbar');
253 // Coming back from the email request form, the openid checksum255 $navbar = $templater->render(true, true);
254 // is wrong256 $templater = vB_Template::create('footer');
255 eval(standard_error(fetch_error('openid_tamperedform')));257 $footer = $templater->render(true, true);
256 }258
257 else if ($email != $email_confirm) {259 // Create our custom template and populate our variables
258 // Coming back from the email request form, the provided emails260 $templater = vB_Template::create('openid_request_email');
259 // don't match261 $templater->register('headinclude', $headinclude);
260 $errorlist="<li>The email addresses you provided did not match.262 $templater->register('header', $header);
261 Please try again.</li>";263 $templater->register('navbar', $navbar);
262 $show['errors'] = true;264 $templater->register('footer', $footer);
263 $template = fetch_template('openid_request_email');265 $templater->register('errorlist', $errorlist);
264 eval('print_output("' . $template . '");');266 $templater->register('openid', $openid);
265 $loginSuccess = False;267 $templater->register('openid_confirm', $openid_confirm);
266 }268 $templater->register('openid_username', $openid_username);
267 else {269 $templater->register('email', $email);
268 // Coming back from the email request form, everything seems ok270 $templater->register('email_confirm', $email_confirm);
269 // so we can attempt to create a user271 $template = $templater->render(true, true);
270 $errorlist = vBOpenID_createUser($openid_username, $email, $openid,272 print_output($template);
271 $vbulletin);273
272 if ($errorlist === False) {274 $loginSuccess = false;
273 // Success! Continue to the forum275 }
274 $vbulletin->url = $vbulletin->options['homeurl'];276 }
275 $loginSuccess = True;277 else
276 }278 {
277 else {279 // Coming back from the provider with a successful authentication
278 // User creation failed, so we need to ask again280 // we find that the openid is not associated to a forum user, but
279 $openid_username = htmlspecialchars_uni($openid_username);281 // autoregistration is enabled. Unluckily, no email was provided
280 $show['errors'] = true;282 // so we must ask the user.
281 $template = fetch_template('openid_request_email');283 $openid_confirm = crypt($openid, $vbulletin->options['openid_secret']);
282 eval('print_output("' . $template . '");');284 $errorlist = "<li>Your OpenID provider didn't send us your
283 $loginSuccess = False;285 email address. Please provide a valid email
284 }286 address to continue:</li>";
285 }287 $show['errors'] = true;
286} else if ($vbulletin->GPC['openid_confirm'] &&288
287 $vbulletin->GPC['openid_action']=='request_user') {289 // We need to build up our basic template sections
288 // Coming back from user/pass request form. This is already bad, as290 $templater = vB_Template::create('headinclude');
289 // the user/pass form should authenticate successfully.291 $headinclude = $templater->render(true, true);
290 // A bad user/pass must have been provided, so ask again.292 $templater = vB_Template::create('header');
291 $openid_confirm = $vbulletin->GPC['openid_confirm'];293 $header = $templater->render(true, true);
292 $errorlist = fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl']);294 $templater = vB_Template::create('navbar');
293 $show['errors'] = True;295 $navbar = $templater->render(true, true);
294 $template = fetch_template('openid_request_user_pass');296 $templater = vB_Template::create('footer');
295 eval('print_output("' . $template . '");');297 $footer = $templater->render(true, true);
296298
297 $loginSuccess = False;299 // Create our custom template and populate our variables
298} else if ($vbulletin->GPC['openid']) {300 $templater = vB_Template::create('openid_request_email');
299 // Start an OpenID authentication301 $templater->register('headinclude', $headinclude);
300 $authRequest = $auth->begin($vbulletin->GPC['openid']);302 $templater->register('header', $header);
301303 $templater->register('navbar', $navbar);
302 $allowed = $vbulletin->options['openid_allowedproviders'];304 $templater->register('footer', $footer);
303 $endpoint = $authRequest->endpoint->server_url;305 $templater->register('errorlist', $errorlist);
304 if (strlen($allowed) > 0 && !server_allowed($endpoint, $allowed)) {306 $templater->register('openid', $openid);
305 // The provided OpenID's server is not allowed307 $templater->register('openid_confirm', $openid_confirm);
306 eval(standard_error(fetch_error('openid_server_not_allowed', $endpoint)));308 $templater->register('openid_username', $openid_username);
307 }309 $templater->register('email', "");
308 else {310 $templater->register('email_confirm', "");
309 // Start an OpenID authentication with an allowed server311 $template = $templater->render(true, true);
310 $error = vBOpenID_sendRequest ($vbulletin, $authRequest, $return_to);312 print_output($template);
311 if ($error !== False) {313
312 eval(standard_error($error));314 $loginSuccess = false;
313 }315 }
314 }316 }
315} else {317 else
316 session_destroy();318 {
317}319 // Coming back from the provider with a successful authentication
318320 // we find that the openid is not associated to a forum user.
319if ($loginSuccess) {321 // Autoregistration is disabled, so offer the user to associate the
320 exec_unstrike_user($vbulletin->userinfo['username']);322 // account to an existing forum user, or forward to the registration
321 // create new session323 // form.
322 process_new_login($vbulletin->GPC['logintype'],324 $openid_confirm = crypt($openid, $vbulletin->options['openid_secret']);
323 $vbulletin->GPC['cookieuser'],325 $errorlist = $vbphrase[openid_no_auto_register];
324 $vbulletin->GPC['cssprefs']);326 $show['errors'] = true;
325 session_destroy();327
326 // do redirect328 // We need to build up our basic template sections
327 do_login_redirect();329 $templater = vB_Template::create('headinclude');
328}330 $headinclude = $templater->render(true, true);
329331 $templater = vB_Template::create('header');
332 $header = $templater->render(true, true);
333 $templater = vB_Template::create('navbar');
334 $navbar = $templater->render(true, true);
335 $templater = vB_Template::create('footer');
336 $footer = $templater->render(true, true);
337
338 // Create our custom template and populate our variables
339 $templater = vB_Template::create('openid_request_user_pass');
340 $templater->register('headinclude', $headinclude);
341 $templater->register('header', $header);
342 $templater->register('navbar', $navbar);
343 $templater->register('footer', $footer);
344 $templater->register('errorlist', $errorlist);
345 $templater->register('openid', $openid);
346 $templater->register('openid_confirm', $openid_confirm);
347 $templater->register('openid_username', $openid_username);
348 $template = $templater->render(true, true);
349 print_output($template);
350
351 $loginSuccess = false;
352 }
353 }
354 else
355 {
356 // Coming back from the provider with a failed authentication.
357 // Just leave things as they are and the system will tell the user.
358 session_destroy();
359 }
360 }
361 else if ($vbulletin->GPC['openid_confirm'] &&
362 $vbulletin->GPC['openid_action']=='request_email')
363 {
364 // Coming back from the email request form
365 $openid = $vbulletin->GPC['openid'];
366 $openid_confirm = $vbulletin->GPC['openid_confirm'];
367 $openid_username = $vbulletin->GPC['openid_username'];
368 $email = $vbulletin->GPC['email'];
369 $email_confirm = $vbulletin->GPC['email_confirm'];
370
371 // Let's make sure that the openid checksum is correct and the confirmed
372 // email addresses match. If so, we can attempt to create the user.
373 if (crypt($openid, $vbulletin->options['openid_secret']) != $openid_confirm)
374 {
375 // Coming back from the email request form, the openid checksum
376 // is wrong
377 eval(standard_error(fetch_error('openid_tamperedform')));
378 }
379 else if ($email != $email_confirm)
380 {
381 // Coming back from the email request form, the provided emails
382 // don't match
383 $errorlist="<li>The email addresses you provided did not match.
384 Please try again.</li>";
385 $show['errors'] = true;
386
387 // We need to build up our basic template sections
388 $templater = vB_Template::create('headinclude');
389 $headinclude = $templater->render(true, true);
390 $templater = vB_Template::create('header');
391 $header = $templater->render(true, true);
392 $templater = vB_Template::create('navbar');
393 $navbar = $templater->render(true, true);
394 $templater = vB_Template::create('footer');
395 $footer = $templater->render(true, true);
396
397 // Create our custom template and populate our variables
398 $templater = vB_Template::create('openid_request_email');
399 $templater->register('headinclude', $headinclude);
400 $templater->register('header', $header);
401 $templater->register('navbar', $navbar);
402 $templater->register('footer', $footer);
403 $templater->register('errorlist', $errorlist);
404 $templater->register('openid', $openid);
405 $templater->register('openid_confirm', $openid_confirm);
406 $templater->register('openid_username', $openid_username);
407 $templater->register('email', "");
408 $templater->register('email_confirm', "");
409 $template = $templater->render(true, true);
410 print_output($template);
411
412 $loginSuccess = false;
413 }
414 else
415 {
416 // Coming back from the email request form, everything seems ok
417 // so we can attempt to create a user
418 $errorlist = vBOpenID_createUser($openid_username, $email,
419 $openid, $vbulletin);
420
421 if ($errorlist === false)
422 {
423 // Success! Continue to the forum
424 $vbulletin->url = $vbulletin->options['homeurl'];
425 $loginSuccess = true;
426 }
427 else
428 {
429 // User creation failed, so we need to ask again
430 $openid_username = htmlspecialchars_uni($openid_username);
431 $show['errors'] = true;
432
433 // We need to build up our basic template sections
434 $templater = vB_Template::create('headinclude');
435 $headinclude = $templater->render(true, true);
436 $templater = vB_Template::create('header');
437 $header = $templater->render(true, true);
438 $templater = vB_Template::create('navbar');
439 $navbar = $templater->render(true, true);
440 $templater = vB_Template::create('footer');
441 $footer = $templater->render(true, true);
442
443 // Create our custom template and populate our variables
444 $templater = vB_Template::create('openid_request_email');
445 $templater->register('headinclude', $headinclude);
446 $templater->register('header', $header);
447 $templater->register('navbar', $navbar);
448 $templater->register('footer', $footer);
449 $templater->register('errorlist', $errorlist);
450 $templater->register('openid', $openid);
451 $templater->register('openid_confirm', $openid_confirm);
452 $templater->register('openid_username', $openid_username);
453 $templater->register('email', $email);
454 $templater->register('email_confirm', $email_confirm);
455 $template = $templater->render(true, true);
456 print_output($template);
457
458 $loginSuccess = false;
459 }
460 }
461 }
462 else if ($vbulletin->GPC['openid_confirm'] &&
463 $vbulletin->GPC['openid_action']=='request_user')
464 {
465 // Coming back from user/pass request form. This is already bad, as
466 // the user/pass form should authenticate successfully.
467 // A bad user/pass must have been provided, so ask again.
468 $openid_confirm = $vbulletin->GPC['openid_confirm'];
469 $errorlist = fetch_error('badlogin', $vbulletin->options['bburl'],
470 $vbulletin->session->vars['sessionurl']);
471 $show['errors'] = true;
472
473 // We need to build up our basic template sections
474 $templater = vB_Template::create('headinclude');
475 $headinclude = $templater->render(true, true);
476 $templater = vB_Template::create('header');
477 $header = $templater->render(true, true);
478 $templater = vB_Template::create('navbar');
479 $navbar = $templater->render(true, true);
480 $templater = vB_Template::create('footer');
481 $footer = $templater->render(true, true);
482
483 // Create our custom template and populate our variables
484 $templater = vB_Template::create('openid_request_user_pass');
485 $templater->register('headinclude', $headinclude);
486 $templater->register('header', $header);
487 $templater->register('navbar', $navbar);
488 $templater->register('footer', $footer);
489 $templater->register('errorlist', $errorlist);
490 $template = $templater->render(true, true);
491 print_output($template);
492
493 $loginSuccess = false;
494 }
495 else if ($vbulletin->GPC['openid'])
496 {
497 // Start an OpenID authentication
498 $authRequest = $auth->begin($vbulletin->GPC['openid']);
499
500 // Make sure we have a valid auth request. Invalid OpenID urls
501 // can cause problems if we don't check first.
502 if (isset($authRequest))
503 {
504 $allowed = $vbulletin->options['openid_allowedproviders'];
505 $endpoint = $authRequest->endpoint->server_url;
506 if (strlen($allowed) > 0 && !server_allowed($endpoint, $allowed))
507 {
508 // The provided OpenID's server is not allowed
509 eval(standard_error(fetch_error('openid_server_not_allowed', $endpoint)));
510 }
511 else
512 {
513 // Start an OpenID authentication with an allowed server
514 $error = vBOpenID_sendRequest ($vbulletin, $authRequest, $return_to);
515 if ($error !== false)
516 {
517 eval(standard_error($error));
518 }
519 }
520 }
521 /*else
522 {
523 We smoothly let this invalid login attempt fail and warn the user
524 }*/
525 }
526 else
527 {
528 session_destroy();
529 }
530
531 // If the openid authentication was successful, we can process
532 // the users login and smoothly send them back to the forums.
533 if ($loginSuccess)
534 {
535 exec_unstrike_user($vbulletin->userinfo['username']);
536
537 // create new session
538 process_new_login($vbulletin->GPC['logintype'],
539 $vbulletin->GPC['cookieuser'],
540 $vbulletin->GPC['cssprefs']);
541 session_destroy();
542
543 // do redirect
544 do_login_redirect();
545 }
330?>546?>
331547
=== modified file 'upload/openid_store.php'
--- upload/openid_store.php 2012-07-23 16:21:45 +0000
+++ upload/openid_store.php 2012-10-24 17:05:24 +0000
@@ -1,6 +1,8 @@
1<!--1<?php
2/**
2Copyright 2009 William Norris3Copyright 2009 William Norris
3Copyright 2009 Anthony Lenton4Copyright 2009 Anthony Lenton
5Copyright 2012 Kyle Baker
4Copyright 2012 Canonical6Copyright 2012 Canonical
57
6This file is part of vbulletin-openid-integration.8This file is part of vbulletin-openid-integration.
@@ -17,222 +19,277 @@
1719
18You should have received a copy of the GNU Lesser Public License20You should have received a copy of the GNU Lesser Public License
19along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>.21along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>.
20-->22*/
21<?php23
22/**24 /**
23 * store.php25 * store.php
24 *26 *
25 * Database Connector for vBulletin OpenID27 * Database Connector for vBulletin OpenID
26 * Dual Licence: GPL & Modified BSD28 * Dual Licence: GPL & Modified BSD
27 */29 */
2830
29require_once 'Auth/OpenID/Interface.php';31 require_once 'Auth/OpenID/Interface.php';
30require_once 'Auth/OpenID/Association.php';32 require_once 'Auth/OpenID/Association.php';
3133
32define ('OPENID_ASSOCIATIONS', 'openid_associations');34 define ('OPENID_ASSOCIATIONS', 'openid_associations');
33define ('OPENID_NONCES', 'openid_nonces');35 define ('OPENID_NONCES', 'openid_nonces');
3436
35function escape_string($connection, $string) {37 function escape_string($connection, $string)
36 if (is_a($connection, 'mysqli')) {38 {
37 return mysqli_real_escape_string($connection, $string);39 if (is_a($connection, 'mysqli'))
38 }40 {
39 elseif (@get_resource_type($connection)) {41 error_log("escape_string is_a: " . mysqli_real_escape_string($connection, $string), 0);
40 return mysql_real_escape_string($string, $connection);42 return mysqli_real_escape_string($connection, $string);
41 }43 }
42}44 elseif (@get_resource_type($connection))
4345 {
44function query($connection, $sql) {46 error_log("escape_string get_resource_type: " . mysql_real_escape_string($string, $connection), 0);
45 if (is_a($connection, 'mysqli')) {47 return mysql_real_escape_string($string, $connection);
46 return mysqli_query($connection, $sql);48 }
47 }49 error_log("escape_string: none", 0);
48 elseif (@get_resource_type($connection)) {50 }
49 return mysql_query($sql, $connection);51
50 }52 function query($connection, $sql)
51}53 {
5254 if (is_a($connection, 'mysqli'))
53function commit($connection) {55 {
54 if (is_a($connection, 'mysqli')) {56 return mysqli_query($connection, $sql);
55 return mysqli_commit($connection);57 }
56 }58 elseif (@get_resource_type($connection))
57 // plain MySQL connections don't need committing59 {
58}60 return mysql_query($sql, $connection);
5961 }
60function fetch_row($result) {62 }
61 if (is_a($result, 'mysqli_result')) {63
62 return mysqli_fetch_row($result);64 function commit($connection)
63 }65 {
64 elseif (@get_resource_type($result)) {66 if (is_a($connection, 'mysqli'))
65 return mysql_fetch_row($result);67 {
66 }68 error_log("commit is_a: " . mysqli_commit($connection), 0);
67}69 return mysqli_commit($connection);
6870 }
69function _createDBTables($vbulletin) {71 error_log("commit: none", 0);
70 $connection = $vbulletin->db->connection_master;72 // plain MySQL connections don't need committing
71 $assoc_name = OPENID_ASSOCIATIONS;73 }
72 $nonce_name = OPENID_NONCES;74
73 query($connection,75 function fetch_row($result)
74 "CREATE TABLE `$assoc_name` (76 {
75 `value` mediumtext,77 if (is_a($result, 'mysqli_result'))
76 `server_url` varchar(500),78 {
77 `handle` varchar(200),79 return mysqli_fetch_row($result);
78 `expires` timestamp,80 }
79 PRIMARY KEY (`server_url`, `handle`)81 elseif (@get_resource_type($result))
80 )"82 {
81 );83 return mysql_fetch_row($result);
82 query($connection,84 }
83 "CREATE TABLE `$nonce_name` (85 }
84 `keyname` varchar(200) NOT NULL default '',86
85 `value` timestamp,87 function _createDBTables($vbulletin)
86 PRIMARY KEY (`keyname`)88 {
87 )"89 $connection = $vbulletin->db->connection_master;
88 );90 $assoc_name = OPENID_ASSOCIATIONS;
89}91 $nonce_name = OPENID_NONCES;
9092
91function _removeDBTables($vbulletin) {93 query($connection,
92 $connection = $vbulletin->db->connection_master;94 "CREATE TABLE `$assoc_name` (
93 $assoc_name = OPENID_ASSOCIATIONS;95 `value` mediumtext,
94 $nonce_name = OPENID_NONCES;96 `server_url` varchar(500),
95 query($connection, "DROP TABLE $assoc_name");97 `handle` varchar(200),
96 query($connection, "DROP TABLE $nonce_name");98 `expires` timestamp,
97}99 PRIMARY KEY (`server_url`, `handle`)
98100 )"
99/**101 );
100 * OpenID store that uses the vBulletin options table for storage.102 query($connection,
101 * Originally written by Simon Willison for use in the mu-open-id103 "CREATE TABLE `$nonce_name` (
102 * plugin. Modified a fair amount for use in WordPress OpenID,104 `keyname` varchar(200) NOT NULL default '',
103 * then ported to use with vBulletin.105 `value` timestamp,
104 */106 PRIMARY KEY (`keyname`)
105class vBulletin_OpenID_OptionStore extends Auth_OpenID_OpenIDStore {107 )"
106 function vBulletin_OpenID_OptionStore($vbulletin,108 );
107 $associations_table = null,109 }
108 $nonces_table = null)110
109 {111 function _removeDBTables($vbulletin)
110 /* DB tables are created during product installation */112 {
111 $this->connection = $vbulletin->db->connection_master;113 $connection = $vbulletin->db->connection_master;
112 }114 $assoc_name = OPENID_ASSOCIATIONS;
113115 $nonce_name = OPENID_NONCES;
114 function _fetchNonceFromDB($key) {116
115 $nonce_name = OPENID_NONCES;117 query($connection, "DROP TABLE $assoc_name");
116 if ($result = query($this->connection,118 query($connection, "DROP TABLE $nonce_name");
117 "SELECT value FROM $nonce_name WHERE keyname='$key'")) {119 }
118 $row = fetch_row($result);120
119 return $row[0];121 /**
120 }122 * OpenID store that uses the vBulletin options table for storage.
121 }123 * Originally written by Simon Willison for use in the mu-open-id
122124 * plugin. Modified a fair amount for use in WordPress OpenID,
123 function _fetchAssocFromDB($server_url, $handle=null) {125 * then ported to use with vBulletin.
124 $table = OPENID_ASSOCIATIONS;126 */
125 $server_url = escape_string($this->connection, $server_url);127 class vBulletin_OpenID_OptionStore extends Auth_OpenID_OpenIDStore
126 if ($handle) {128 {
127 $handle = escape_string($this->connection, $handle);129 function vBulletin_OpenID_OptionStore($vbulletin,
128 $sql = "SELECT value FROM $table WHERE130 $associations_table = null,
129 server_url='$server_url'131 $nonces_table = null)
130 AND handle='$handle'";132 {
131 }133 /* DB tables are created during product installation */
132 else {134 $this->connection = $vbulletin->db->connection_master;
133 $sql = "SELECT value FROM $table WHERE135 }
134 server_url='$server_url' AND136
135 expires > NOW()137 function _fetchNonceFromDB($key)
136 ORDER BY expires DESC LIMIT 1";138 {
137 }139 $nonce_name = OPENID_NONCES;
138 $result = query($this->connection, $sql);140 $result = query($this->connection,
139 if ($result) {141 "SELECT value FROM $nonce_name WHERE keyname='$key'");
140 $row = fetch_row($result);142
141 return $row[0];143 if ($result)
142 }144 {
143 }145 $row = fetch_row($result);
144146 error_log("_fetchNonceFromDB: " . $row[0], 0);
145 function _storeNonceToDB($key, $value) {147 return $row[0];
146 $table = OPENID_NONCES;148 }
147 query($this->connection,149 }
148 "DELETE FROM $table WHERE keyname='$key'");150
149 query($this->connection, "INSERT INTO $table151 function _fetchAssocFromDB($server_url, $handle=null)
150 (`keyname`, `value`) VALUES ('$key', '$value')");152 {
151 commit($this->connection);153 $table = OPENID_ASSOCIATIONS;
152 }154 $server_url = escape_string($this->connection, $server_url);
153155
154 function _storeAssocToDB($server_url, $handle, $value, $expires) {156 if ($handle)
155 $table = OPENID_ASSOCIATIONS;157 {
156 $server_url = escape_string($this->connection, $server_url);158 $handle = escape_string($this->connection, $handle);
157 $handle = escape_string($this->connection, $handle);159 $sql = "SELECT value FROM $table WHERE
158 query($this->connection, "DELETE FROM $table WHERE160 server_url='$server_url'
159 server_url='$server_url'");161 AND handle='$handle'";
160 query($this->connection, "INSERT INTO $table162 }
161 (`server_url`, `handle`, `value`, `expires`) VALUES163 else
162 ('$server_url', '$handle', '$value', '$expires')");164 {
163 commit($this->connection);165 $sql = "SELECT value FROM $table WHERE
164 }166 server_url='$server_url' AND
165167 expires > NOW()
166 function storeAssociation($server_url, $association) {168 ORDER BY expires DESC LIMIT 1";
167 $value = $association->serialize();169 }
168 $handle = $association->handle;170
169 if ($handle === null) {171 $result = query($this->connection, $sql);
170 $handle = '';172 if ($result)
171 }173 {
172 $expires = $association->issued + $association->lifetime;174 $row = fetch_row($result);
173 $expires = strftime('%F %T', $expires);175 error_log("_fetchAssocFromDB: " . $row[0], 0);
174 $this->_storeAssocToDB($server_url, $handle, $value, $expires);176 return $row[0];
175 }177 }
176178 }
177 function getAssociation($server_url, $handle = null) {179
178 $association = $this->_fetchAssocFromDB($server_url, $handle);180 function _storeNonceToDB($key, $value)
179 if ($association) {181 {
180 return Auth_OpenID_Association::deserialize(182 $table = OPENID_NONCES;
181 'Auth_OpenID_Association', $association183 query($this->connection,
182 );184 "DELETE FROM $table WHERE keyname='$key'");
183 }185 query($this->connection, "INSERT INTO $table
184 return null;186 (`keyname`, `value`) VALUES ('$key', '$value')");
185 }187 commit($this->connection);
186188 }
187 function removeAssociation($server_url, $handle) {189
188 // Remove the matching association if it's found, and190 function _storeAssocToDB($server_url, $handle, $value, $expires)
189 // returns whether the association was removed or not.191 {
190 $assoc = $this->getAssociation($server_url, $handle);192 $table = OPENID_ASSOCIATIONS;
191 if ($assoc === null) {193 $server_url = escape_string($this->connection, $server_url);
192 return false;194 $handle = escape_string($this->connection, $handle);
193 } else {195
194 $table = OPENID_ASSOCIATIONS;196 query($this->connection, "DELETE FROM $table WHERE
195 $server_url = escape_string($this->connection, $server_url);197 server_url='$server_url'");
196 $handle = escape_string($this->connection, $handle);198 query($this->connection, "INSERT INTO $table
197 query($this->connection, "DELETE FROM $table WHERE199 (`server_url`, `handle`, `value`, `expires`) VALUES
198 server_url='$server_url' AND handle='$handle'");200 ('$server_url', '$handle', '$value', '$expires')");
199 return true;201 commit($this->connection);
200 }202 }
201 }203
202204 function storeAssociation($server_url, $association)
203 function useNonce($server_url, $timestamp, $salt) {205 {
204 if ( abs($timestamp - time()) > 1200 ) {206 $value = $association->serialize();
205 return false;207 $handle = $association->handle;
206 }208
207 $key = $this->_getNonceKey($server_url, $timestamp, $salt);209 if ($handle === null)
208 $nonce = $this->_fetchNonceFromDB($key);210 {
209 if ($nonce) {211 $handle = '';
210 return false;212 }
211 } else {213
212 $value = strftime('%F %T', $timestamp);214 $expires = $association->issued + $association->lifetime;
213 $this->_storeNonceToDB($key, $value);215 $expires = strftime('%F %T', $expires);
214 return true;216 $this->_storeAssocToDB($server_url, $handle, $value, $expires);
215 }217 }
216 }218
217219 function getAssociation($server_url, $handle = null)
218 function _getNonceKey($server_url, $timestamp, $salt) {220 {
219 $url_hash = base64_encode($server_url);221 $association = $this->_fetchAssocFromDB($server_url, $handle);
220 $salt_hash = base64_encode($salt);222 if ($association)
221 return sprintf('%08x-%s-%s', $timestamp, $url_hash, $salt_hash);223 {
222 }224 return Auth_OpenID_Association::deserialize(
223225 'Auth_OpenID_Association', $association
224 function cleanupNonces() {226 );
225 $table = OPENID_NONCES;227 }
226 query($this->connection, "DELETE FROM $table228 return null;
227 WHERE value < NOW() - INTERVAL 20 MINUTE");229 }
228 }230
229231 function removeAssociation($server_url, $handle)
230 function cleanupAssociations() {232 {
231 $table = OPENID_ASSOCIATIONS;233 // Remove the matching association if it's found, and
232 query($this->connection, "DELETE FROM $table234 // returns whether the association was removed or not.
233 WHERE expires < NOW()");235 $assoc = $this->getAssociation($server_url, $handle);
234 }236 if ($assoc === null)
235237 {
236}238 return false;
237239 }
240 else
241 {
242 $table = OPENID_ASSOCIATIONS;
243 $server_url = escape_string($this->connection, $server_url);
244 $handle = escape_string($this->connection, $handle);
245 query($this->connection, "DELETE FROM $table WHERE
246 server_url='$server_url' AND handle='$handle'");
247 return true;
248 }
249 }
250
251 function useNonce($server_url, $timestamp, $salt)
252 {
253 if ( abs($timestamp - time()) > 1200 )
254 {
255 return false;
256 }
257
258 $key = $this->_getNonceKey($server_url, $timestamp, $salt);
259 $nonce = $this->_fetchNonceFromDB($key);
260
261 if ($nonce)
262 {
263 return false;
264 }
265 else
266 {
267 $value = strftime('%F %T', $timestamp);
268 $this->_storeNonceToDB($key, $value);
269 return true;
270 }
271 }
272
273 function _getNonceKey($server_url, $timestamp, $salt)
274 {
275 $url_hash = base64_encode($server_url);
276 $salt_hash = base64_encode($salt);
277 error_log("_getNonceKey: " . sprintf('%08x-%s-%s', $timestamp, $url_hash, $salt_hash), 0);
278 return sprintf('%08x-%s-%s', $timestamp, $url_hash, $salt_hash);
279 }
280
281 function cleanupNonces()
282 {
283 $table = OPENID_NONCES;
284 query($this->connection, "DELETE FROM $table
285 WHERE value < NOW() - INTERVAL 20 MINUTE");
286 }
287
288 function cleanupAssociations()
289 {
290 $table = OPENID_ASSOCIATIONS;
291 query($this->connection, "DELETE FROM $table
292 WHERE expires < NOW()");
293 }
294 }
238?>295?>
239296
=== modified file 'upload/openid_utils.php'
--- upload/openid_utils.php 2012-07-23 16:21:45 +0000
+++ upload/openid_utils.php 2012-10-24 17:05:24 +0000
@@ -1,6 +1,8 @@
1<!--1<?php
2/**
2Copyright 2009 William Norris3Copyright 2009 William Norris
3Copyright 2009 Anthony Lenton4Copyright 2009 Anthony Lenton
5Copyright 2012 Kyle Baker
4Copyright 2012 Canonical6Copyright 2012 Canonical
57
6This file is part of vbulletin-openid-integration.8This file is part of vbulletin-openid-integration.
@@ -17,152 +19,216 @@
1719
18You should have received a copy of the GNU Lesser Public License20You should have received a copy of the GNU Lesser Public License
19along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>.21along with vbulletin-openid-integration. If not, see <http://www.gnu.org/licenses/>.
20-->22*/
21<?php23
2224 /*
23/*25 * Generates a random password
24 * Generates a random password26 */
25 */27 function generate_password($passwordLength=10)
26function generate_password($passwordLength=10) {28 {
27 $letters = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";29 $letters = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
28 $lettersLength = strlen($letters);30 $lettersLength = strlen($letters);
29 $pass = '';31
30 for($i = 0; $i < $passwordLength; $i++) {32 $pass = '';
31 $pass .= $letters[rand(0, $lettersLength)];33 for($i = 0; $i < $passwordLength; $i++)
32 }34 {
33 return $pass;35 $pass .= $letters[rand(0, $lettersLength-1)];
34}36 }
3537
36/*38 error_log("generate_password: " . $pass, 0);
37 * Returns something that could be used as a username based on an OpenID url.39 return $pass;
38 */40 }
39function munge_url($url) {41
40 $letters = "0123456789abcdefghijklmnopqrstuvwxyz";42 /*
41 $parts = array_reverse(explode('/', $url));43 * Returns something that could be used as a username based on an OpenID url.
42 $found = FALSE;44 */
43 foreach($parts as $part) {45 function munge_url($url)
44 $munged = '';46 {
45 for($i = 0; $i < strlen($part); $i++) {47 $letters = "0123456789abcdefghijklmnopqrstuvwxyz";
46 if (stripos($letters, $part[$i]) !== FALSE) {48 $parts = array_reverse(explode('/', $url));
47 $munged .= $part[$i];49
48 $found = TRUE;50 $found = false;
49 }51 foreach($parts as $part)
50 if ($part[$i] == '#') break; // Skip from the hash onwards52 {
51 }53 $munged = '';
52 if ($found) {54 for($i = 0; $i < strlen($part); $i++)
53 return $munged;55 {
54 }56 if (stripos($letters, $part[$i]) !== false)
55 }57 {
56}58 $munged .= $part[$i];
5759 $found = true;
58/**60 }
59 * fnmatch function is not available on non-posix system. This should be a61 if ($part[$i] == '#') break; // Skip from the hash onwards
60 * suitable replacement for our purposes (ie: wildcard pattern matching for62 }
61 * server addresses like '*.php.net')63
62 */64 if ($found)
63if (!function_exists('fnmatch')) {65 {
64 function fnmatch($pattern, $string) {66 error_log("munge_url: " . $munged, 0);
65 return @preg_match(67 return $munged;
66 '/^' . strtr(addcslashes($pattern, '/\\.+^$(){}=!<>|'),68 }
67 array('*' => '.*', '?' => '.?')) . '$/i', $string69
68 );70 error_log("munge_url: none", 0);
69 }71 }
70}72 }
7173
72/**74 /**
73 * Check if a particular openid provider's server is allowed be used75 * fnmatch function is not available on non-posix system. This should be a
74 *76 * suitable replacement for our purposes (ie: wildcard pattern matching for
75 * This may be particularly useful if you want to limit openid servers to those77 * server addresses like '*.php.net')
76 * which you know meet your authentication requirements or if you are using78 */
77 * openid as a single sign-on mechanism.79 if (!function_exists('fnmatch'))
78 * @param string Name of the server to check80 {
79 * @param string Coma-separated list of allowed servers. Each server is taken81 function fnmatch($pattern, $string)
80 * as a regex to check if a particular server is allowed.82 {
81 */83 return @preg_match(
82function server_allowed($server, $servers) {84 '/^' . strtr(addcslashes($pattern, '/\\.+^$(){}=!<>|'),
83 $servers = explode(",", $servers);85 array('*' => '.*', '?' => '.?')) . '$/i', $string
84 foreach ($servers as $allowed_server) {86 );
85 $allowed_server = trim($allowed_server);87 }
86 if (empty($allowed_server)) {88 }
87 next;89
88 }90 /**
89 if (true === fnmatch($allowed_server, $server)) {91 * Check if a particular openid provider's server is allowed be used
90 return true;92 *
91 }93 * This may be particularly useful if you want to limit openid servers to those
92 }94 * which you know meet your authentication requirements or if you are using
93 return false;95 * openid as a single sign-on mechanism.
94}96 * @param string Name of the server to check
9597 * @param string Coma-separated list of allowed servers. Each server is taken
96/*98 * as a regex to check if a particular server is allowed.
97 * Retrieve the name of the profile field in which we're storing the99 */
98 * OpenID100 function server_allowed($server, $servers)
99 */101 {
100function find_openid_fieldname($vbulletin) {102 $servers = explode(",", $servers);
101 $title = $vbulletin->options['openid_field'];103
102 $row = $vbulletin->db->query_first("104 foreach ($servers as $allowed_server)
103 SELECT varname FROM phrase105 {
104 WHERE text='$title' AND varname LIKE 'field%_title'106 $allowed_server = trim($allowed_server);
105 ");107
106 $varname = $row['varname'];108 if (empty($allowed_server))
107 return substr($varname, 0, strpos($varname, '_'));109 {
108}110 next;
109111 }
110/*112
111 * Set the OpenID profile field for a given user113 if (true === fnmatch($allowed_server, $server))
112 */114 {
113function vBOpenID_setOpenID ($userid, $url, $vbulletin) {115 error_log("server_allowed: true", 0);
114 $fieldname = find_openid_fieldname($vbulletin);116 return true;
115 $vbulletin->db->query_write("117 }
116 UPDATE userfield SET $fieldname = '$url' WHERE userid=$userid118 }
117 ");119
118}120 error_log("server_allowed: false", 0);
119121 return false;
120/*122 }
121 * Set up global variables123
122 */124 /*
123function vBOpenID_init ($vbulletin) {125 * Retrieve the name of the profile field in which we're storing the
124 if (!$vbulletin->options['openid_math']) {126 * OpenID
125 define('Auth_OpenID_NO_MATH_SUPPORT', 1);127 */
126 }128 function find_openid_fieldname($vbulletin)
127 if ($vbulletin->options['openid_path']) {129 {
128 $path = $vbulletin->options['openid_path'] . ':' . ini_get('include_path');130 $title = $vbulletin->options['openid_field'];
129 ini_set('include_path', $path);131 $row = $vbulletin->db->query_first("
130 }132 SELECT varname FROM " . TABLE_PREFIX . "phrase
131}133 WHERE text='$title' AND varname LIKE 'field%_title'
132134 ");
133135
134function vBOpenID_sendRequest ($vbulletin, $authRequest, $return_to) {136 $varname = $row['varname'];
135 $sreg_request = Auth_OpenID_SRegRequest::build(137
136 array('nickname'),138 error_log("find_openid_fieldname: " . substr($varname, 0, strpos($varname, '_')), 0);
137 array('fullname', 'email'));139 return substr($varname, 0, strpos($varname, '_'));
138 $authRequest->addExtension($sreg_request);140 }
139141
140 if ($authRequest->shouldSendRedirect()) {142 /*
141 $redirect_url = $authRequest->redirectURL($vbulletin->options['homeurl'], $return_to);143 * Set the OpenID profile field for a given user
142 144 */
143 // If the redirect URL can't be built, display an error message.145 function vBOpenID_setOpenID ($userid, $url, $vbulletin)
144 if (Auth_OpenID::isFailure($redirect_url)) {146 {
145 return $redirect_url->message;147 $fieldname = find_openid_fieldname($vbulletin);
146 }148
147 else {149 error_log("vBOpenID_setOpenID fieldname: " . $fieldname, 0);
148 header("Location: $redirectURL");150 $vbulletin->db->query_write("
149 }151 UPDATE " . TABLE_PREFIX . "userfield SET $fieldname = '$url' WHERE userid=$userid
150 }152 ");
151 else {153 }
152 $form_id = 'openid_message';154
153 $message = $authRequest->getMessage($vbulletin->options['homeurl'], $return_to, False);155 /*
154 if (Auth_OpenID::isFailure($message)) {156 * Set up global variables
155 return $message->message;157 */
156 }158 function vBOpenID_init ($vbulletin)
157 else {159 {
158 $text_redirect = fetch_error('openid_redirect');160 if (!$vbulletin->options['openid_math'])
159 $form_html = $message->toFormMarkup($authRequest->endpoint->server_url,161 {
160 array('id' => $form_id));162 define('Auth_OpenID_NO_MATH_SUPPORT', 1);
161 $template = fetch_template('openid_redirect_form');163 }
162 eval('print_output("' . $template . '");');164 if ($vbulletin->options['openid_path'])
163 }165 {
164 }166 $path = $vbulletin->options['openid_path'] . ':' . ini_get('include_path');
165 return False;167 ini_set('include_path', $path);
166}168 }
167169 }
170
171 function vBOpenID_sendRequest ($vbulletin, $authRequest, $return_to)
172 {
173 $sreg_request = Auth_OpenID_SRegRequest::build(
174 array('nickname'),
175 array('fullname', 'email'));
176
177 $authRequest->addExtension($sreg_request);
178
179 if ($authRequest->shouldSendRedirect())
180 {
181 $redirect_url = $authRequest->redirectURL($vbulletin->options['homeurl'], $return_to);
182 error_log("redirect url: " . $redirect_url, 0);
183
184 // If the redirect URL can't be built, display an error message.
185 if (Auth_OpenID::isFailure($redirect_url))
186 {
187 return $redirect_url->message;
188 }
189 else
190 {
191 header("Location: $redirectURL");
192 }
193 }
194 else
195 {
196 $form_id = 'openid_message';
197 $message = $authRequest->getMessage($vbulletin->options['homeurl'], $return_to, false);
198 if (Auth_OpenID::isFailure($message))
199 {
200 return $message->message;
201 }
202 else
203 {
204 $text_redirect = fetch_error('openid_redirect');
205
206 // We need to urlencode our localid url for launchpad to preserve
207 // the plus char in our uri (ex. https://login.launchpad.net/+id/<random_user_string>)
208 $bkp_values = $message->args->values;
209 foreach ($bkp_values as $tmp_value)
210 {
211 // replace + with %2B: https://login.launchpad.net/%2Bid/<random_user_string>
212 $tmp_values[] = str_replace("/+id/", "/%2Bid/", $tmp_value);
213 }
214 $message->args->values = $tmp_values;
215
216 $form_html = $message->toFormMarkup($authRequest->endpoint->server_url,
217 array('id' => $form_id));
218 error_log("form_html: " . $form_html, 0);
219
220 // Let's restore our Message stack in case we decide to use it again later.
221 $message->args->values = $bkp_values;
222
223 $templater = vB_Template::create('openid_redirect_form');
224 $templater->register('form_id', $form_id);
225 $templater->register('text_redirect', $text_redirect);
226 $templater->register('form_html', $form_html);
227 $template = $templater->render(true, true);
228 print_output($template);
229 }
230 }
231
232 return false;
233 }
168?>234?>

Subscribers

People subscribed via source and target branches