Context Navigation

source: extensions/oAuth/include/public_events.inc.php @ 26604

Last change on this file since 26604 was 26604, checked in by mistic100, 10 years ago
clean templating + allow to use Steam/Wordpress/Flickr without displaying OpenID
File size: 7.4 KB

Line
1	<?php
2	defined('OAUTH_PATH') or die('Hacking attempt!');
3
4	/**
5	* identification page
6	*/
7	function oauth_begin_identification()
8	{
9	global $template, $conf, $hybridauth_conf;
10
11	if ($hybridauth_conf['enabled'] > 0)
12	{
13	return;
14	}
15
16	$u_redirect = !empty($_GET['redirect']) ? urldecode($_GET['redirect']) : get_gallery_home_url();
17	oauth_assign_template_vars($u_redirect);
18
19	$template->set_prefilter('identification', 'oauth_add_buttons_prefilter');
20	}
21
22	/**
23	* interrupt normal login if corresponding to an oauth user
24	*/
25	function oauth_try_log_user($success, $username)
26	{
27	global $conf, $redirect_to;
28
29	$query = '
30	SELECT oauth_id FROM ' . USERS_TABLE . '
31	WHERE ' . $conf['user_fields']['username'] . ' = "' . pwg_db_real_escape_string($username) . '"
32	AND oauth_id != ""
33	;';
34	$result = pwg_query($query);
35
36	if (pwg_db_num_rows($result))
37	{
38	list($oauth_id) = pwg_db_fetch_row($result);
39	list($provider) = explode('---', $oauth_id);
40	$_SESSION['page_errors'][] = l10n('You registered with a %s account, please sign in with the same account.', $provider);
41
42	$redirect_to = get_root_url().'identification.php'; // variable used by identification.php
43	return true;
44	}
45
46	return false;
47	}
48
49
50	/**
51	* register page
52	*/
53	function oauth_begin_register()
54	{
55	global $conf, $template, $hybridauth_conf, $page;
56
57	if ($hybridauth_conf['enabled'] == 0)
58	{
59	return;
60	}
61
62	// coming from identification page
63	if (pwg_get_session_var('oauth_new_user') != null)
64	{
65	list($provider, $user_identifier) = pwg_get_session_var('oauth_new_user');
66
67	require_once(OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php');
68
69	try {
70	$hybridauth = new Hybrid_Auth($hybridauth_conf);
71	$adapter = $hybridauth->authenticate($provider);
72	$remote_user = $adapter->getUserProfile();
73
74	// security, check remote identifier
75	if ($remote_user->identifier != $user_identifier)
76	{
77	pwg_unset_session_var('oauth_new_user');
78	throw new Exception('Hacking attempt!', 403);
79	}
80
81	$template->assign('OAUTH_USER', array(
82	'provider' => $provider,
83	'username' => $remote_user->displayName,
84	'u_profile' => $remote_user->profileURL,
85	'avatar' => $remote_user->photoURL,
86	));
87
88	$page['infos'][] = l10n('Your registration is almost done, please complete the registration form.');
89
90	$oauth_id = $provider.'---'.$remote_user->identifier;
91
92	// form submited
93	if (isset($_POST['submit']))
94	{
95	$user_id = register_user(
96	$_POST['login'],
97	hash('sha1', $oauth_id.$conf['secret_key']),
98	$_POST['mail_address'],
99	true,
100	$page['errors'],
101	false
102	);
103
104	if ($user_id !== false)
105	{
106	pwg_unset_session_var('oauth_new_user');
107
108	// update oauth field
109	$query = '
110	UPDATE ' . USERS_TABLE . '
111	SET oauth_id = "' . $oauth_id . '"
112	WHERE ' . $conf['user_fields']['id'] . ' = ' . $user_id . '
113	;';
114	pwg_query($query);
115
116	// log_user and redirect
117	log_user($user_id, false);
118	redirect('profile.php');
119	}
120
121	unset($_POST['submit']);
122	}
123	else
124	{
125	// overwrite fields with remote datas
126	$_POST['login'] = $remote_user->displayName;
127	$_POST['mail_address'] = $remote_user->email;
128	}
129
130	// template
131	$template->assign('OAUTH_PATH', OAUTH_PATH);
132	$template->set_prefilter('register', 'oauth_add_profile_prefilter');
133	$template->set_prefilter('register', 'oauth_remove_password_fields_prefilter');
134	}
135	catch (Exception $e) {
136	$page['errors'][] = l10n('An error occured, please contact the gallery owner. <i>Error code : %s</i>', $e->getCode());
137	}
138	}
139	// display login buttons
140	else if ($conf['oauth']['display_register'])
141	{
142	oauth_assign_template_vars(get_gallery_home_url());
143
144	$template->set_prefilter('register', 'oauth_add_buttons_prefilter');
145	}
146	}
147
148
149	/**
150	* profile page
151	*/
152	function oauth_begin_profile()
153	{
154	global $template, $user, $hybridauth_conf, $page;
155
156	$oauth_id = get_oauth_id($user['id']);
157
158	if (!isset($oauth_id))
159	{
160	return;
161	}
162
163	list($provider) = explode('---', $oauth_id);
164
165	require_once(OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php');
166
167	try {
168	$hybridauth = new Hybrid_Auth($hybridauth_conf);
169	$adapter = $hybridauth->getAdapter($provider);
170	$remote_user = $adapter->getUserProfile();
171
172	$template->assign('OAUTH_USER', array(
173	'provider' => $provider,
174	'username' => $remote_user->displayName,
175	'u_profile' => $remote_user->profileURL,
176	'avatar' => $remote_user->photoURL,
177	));
178
179	$template->assign('OAUTH_PATH', OAUTH_PATH);
180	$template->set_prefilter('profile_content', 'oauth_add_profile_prefilter');
181	$template->set_prefilter('profile_content', 'oauth_remove_password_fields_prefilter');
182	}
183	catch (Exception $e) {
184	$page['errors'][] = l10n('An error occured, please contact the gallery owner. <i>Error code : %s</i>', $e->getCode());
185	}
186	}
187
188
189	/**
190	* logout
191	*/
192	function oauth_logout($user_id)
193	{
194	global $hybridauth_conf;
195
196	$oauth_id = get_oauth_id($user_id);
197
198	if (!isset($oauth_id))
199	{
200	return;
201	}
202
203	list($provider) = explode('---', $oauth_id);
204
205	require_once(OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php');
206
207	try {
208	$hybridauth = new Hybrid_Auth($hybridauth_conf);
209	$adapter = $hybridauth->getAdapter($provider);
210	$adapter->logout();
211	}
212	catch (Exception $e) {
213	$_SESSION['page_errors'][] = l10n('An error occured, please contact the gallery owner. <i>Error code : %s</i>', $e->getCode());
214	}
215	}
216
217
218	/**
219	* identification menu block
220	*/
221	function oauth_blockmanager($menu_ref_arr)
222	{
223	global $template, $conf, $hybridauth_conf;
224
225	$menu = &$menu_ref_arr[0];
226
227	if ($hybridauth_conf['enabled'] == 0 or
228	!$conf['oauth']['display_menubar'] or
229	$menu->get_block('mbIdentification') == null
230	)
231	{
232	return;
233	}
234
235	oauth_assign_template_vars(get_gallery_home_url());
236
237	$template->set_prefilter('menubar', 'oauth_add_menubar_buttons_prefilter');
238	}
239
240	function oauth_include_template()
241	{
242	global $conf, $template;
243
244	if (isset($conf['oauth']['include_common_template']))
245	{
246	$template->set_filename('oauth', realpath(OAUTH_PATH . 'template/identification_common.tpl'));
247	$template->parse('oauth');
248	}
249	}
250
251
252	/**
253	* prefilters
254	*/
255	function oauth_add_buttons_prefilter($content)
256	{
257	$search = '</form>';
258	$add = file_get_contents(OAUTH_PATH . 'template/identification_page.tpl');
259	return str_replace($search, $search.$add, $content);
260	}
261
262	function oauth_remove_password_fields_prefilter($content)
263	{
264	$search = 'type="password" ';
265	$add = 'disabled="disabled" ';
266	$script = '
267	{footer_script require="jquery"}
268	jQuery("input[type=password], input[name=send_password_by_mail]").parent().hide();
269	{/footer_script}';
270
271	$content = str_replace($search, $search.$add, $content);
272	return $content.$script;
273	}
274
275	function oauth_add_profile_prefilter($content)
276	{
277	$search = '#(</legend>)#';
278	$add = file_get_contents(OAUTH_PATH . 'template/profile.tpl');
279	return preg_replace($search, '$1 '.$add, $content, 1);
280	}
281
282	function oauth_add_menubar_buttons_prefilter($content)
283	{
284	$search = '#({include file=\$block->template\\|@?get_extent:\$id ?})#';
285	$add = file_get_contents(OAUTH_PATH . 'template/identification_menubar.tpl');
286	return preg_replace($search, '$1 '.$add, $content);
287	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: