/**
* register page
*/
function oauth_begin_register()
{
global $conf, $template, $hybridauth_conf, $page, $user;
if ($hybridauth_conf['enabled'] == 0) {
return;
}
// coming from identification page
if (pwg_get_session_var('oauth_new_user') != null) {
list($provider, $user_identifier) = pwg_get_session_var('oauth_new_user');
try {
if ($provider == 'Persona') {
$template->assign('OAUTH_USER', array('provider' => 'Persona', 'username' => $user_identifier, 'u_profile' => null, 'avatar' => null));
oauth_assign_template_vars();
$template->append('OAUTH', array('persona_email' => $user_identifier), true);
$conf['oauth']['include_common_template'] = true;
} else {
require_once OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php';
$hybridauth = new Hybrid_Auth($hybridauth_conf);
$adapter = $hybridauth->authenticate($provider);
$remote_user = $adapter->getUserProfile();
// security, check remote identifier
if ($remote_user->identifier != $user_identifier) {
pwg_unset_session_var('oauth_new_user');
throw new Exception('Hacking attempt!', 403);
}
$template->assign('OAUTH_USER', array('provider' => $hybridauth_conf['providers'][$provider]['name'], 'username' => $remote_user->displayName, 'u_profile' => $remote_user->profileURL, 'avatar' => $remote_user->photoURL));
}
$oauth_id = pwg_db_real_escape_string($provider . '---' . $user_identifier);
$page['infos'][] = l10n('Your registration is almost done, please complete the registration form.');
// register form submited
if (isset($_POST['submit'])) {
$user_id = register_user($_POST['login'], hash('sha1', $oauth_id . $conf['secret_key']), $_POST['mail_address'], true, $page['errors'], false);
if ($user_id !== false) {
pwg_unset_session_var('oauth_new_user');
// update oauth field
single_update(USER_INFOS_TABLE, array('oauth_id' => $oauth_id), array('user_id' => $user_id));
// log_user and redirect
log_user($user_id, false);
redirect('profile.php');
}
unset($_POST['submit']);
} else {
if (isset($_POST['login']) && $conf['oauth']['allow_merge_accounts']) {
if ($conf['insensitive_case_logon'] == true) {
$_POST['username'] = search_case_username($_POST['username']);
}
$user_id = get_userid($_POST['username']);
if ($user_id === false) {
$page['errors'][] = l10n('Invalid username or email');
} else {
if ($user_id == $conf['webmaster_id']) {
$page['errors'][] = l10n('For security reason, the main webmaster account can\'t be merged with a remote account, but you can use another webmaster account.');
} else {
if (pwg_login(false, $_POST['username'], $_POST['password'], false)) {
// update oauth field
single_update(USER_INFOS_TABLE, array('oauth_id' => $oauth_id), array('user_id' => $user['id']));
pwg_unset_session_var('oauth_new_user');
redirect('profile.php');
} else {
$page['errors'][] = l10n('Invalid password!');
}
}
}
}
}
// overwrite fields with remote datas
if ($provider == 'Persona') {
$_POST['login'] = '';
$_POST['mail_address'] = $user_identifier;
} else {
$_POST['login'] = $remote_user->displayName;
$_POST['mail_address'] = $remote_user->email;
}
// template
$template->assign('OAUTH_PATH', OAUTH_PATH);
if ($conf['oauth']['allow_merge_accounts']) {
$template->assign('OAUTH_LOGIN_IN_REGISTER', true);
$template->set_prefilter('register', 'oauth_add_login_in_register');
} else {
$template->set_prefilter('register', 'oauth_add_profile_prefilter');
$template->set_prefilter('register', 'oauth_remove_password_fields_prefilter');
}
} catch (Exception $e) {
$page['errors'][] = l10n('An error occured, please contact the gallery owner. <i>Error code : %s</i>', $e->getCode());
}
} else {
if ($conf['oauth']['display_register']) {
oauth_assign_template_vars(get_gallery_home_url());
$template->set_prefilter('register', 'oauth_add_buttons_prefilter');
}
}
}
check_status(ACCESS_FREE);
trigger_notify('loc_begin_identification');
//-------------------------------------------------------------- identification
$redirect_to = '';
if (!empty($_GET['redirect'])) {
$redirect_to = urldecode($_GET['redirect']);
if (is_a_guest()) {
$page['errors'][] = l10n('You are not authorized to access the requested page');
}
}
if (isset($_POST['login'])) {
if (!isset($_COOKIE[session_name()])) {
$page['errors'][] = l10n('Cookies are blocked or not supported by your browser. You must enable cookies to connect.');
} else {
if ($conf['insensitive_case_logon'] == true) {
$_POST['username'] = search_case_username($_POST['username']);
}
$redirect_to = isset($_POST['redirect']) ? urldecode($_POST['redirect']) : '';
$remember_me = isset($_POST['remember_me']) and $_POST['remember_me'] == 1;
if (try_log_user($_POST['username'], $_POST['password'], $remember_me)) {
redirect(empty($redirect_to) ? get_gallery_home_url() : $redirect_to);
} else {
$page['errors'][] = l10n('Invalid password!');
}
}
}
//----------------------------------------------------- template initialization
//
// Start output of page
//
$title = l10n('Identification');
