/**
* Applies the upgrade.
*/
function upgrade_apply()
{
global $xtpl, $upgrade_access_check;
if (!validate_form_token($_POST['tk'], 'upgrade_selection')) {
set_message('SimpleID detected a potential security attack. Please try again.');
upgrade_selection();
return;
}
$results = '';
$functions = cache_get('upgrade', $_POST['handle']);
foreach ($functions as $function) {
$results .= call_user_func($function);
}
if (!$upgrade_access_check) {
$xtpl->parse('main.upgrade_results.upgrade_access_check');
}
$xtpl->assign('results', $results);
$xtpl->parse('main.upgrade_results');
cache_gc(0, 'upgrade');
$xtpl->assign('title', 'Upgrade');
$xtpl->parse('main');
$xtpl->out('main');
}
/**
* Processes a user response from the {@link simpleid_openid_consent_form()} function.
*
* If the user verifies the relying party, an OpenID response will be sent to
* the relying party. Otherwise, the dashboard will be displayed to the user.
*
*/
function simpleid_openid_consent()
{
global $xtpl, $user, $version, $GETPOST;
if ($user == NULL) {
user_login_form('');
return;
}
if (!validate_form_token($GETPOST['tk'], 'rp')) {
set_message('SimpleID detected a potential security attack. Please try again.');
$xtpl->assign('title', 'OpenID Login');
$xtpl->parse('main');
$xtpl->out('main');
return;
}
$uid = $user['uid'];
$response = unpickle($GETPOST['s']);
$version = openid_get_version($response);
$return_to = $response['openid.return_to'];
if (!$return_to) {
$return_to = $GETPOST['openid.return_to'];
}
if ($GETPOST['op'] == 'Cancel') {
$response = simpleid_checkid_error(false);
if (!$return_to) {
set_message('Log in cancelled.');
}
} else {
$now = time();
$realm = $GETPOST['openid.realm'];
if (isset($user['rp'][$realm])) {
$rp = $user['rp'][$realm];
} else {
$rp = array('realm' => $realm, 'first_time' => $now);
}
$rp['last_time'] = $now;
$rp['auto_release'] = isset($GETPOST['autorelease']) && $GETPOST['autorelease'] ? 1 : 0;
extension_invoke_all('consent', $GETPOST, $response, $rp);
$user['rp'][$realm] = $rp;
user_save($user);
$response = simpleid_sign($response, isset($response['openid.assoc_handle']) ? $response['openid.assoc_handle'] : NULL);
if (!$return_to) {
set_message('You were logged in successfully.');
}
}
if ($return_to) {
simpleid_assertion_response($response, $return_to);
} else {
page_dashboard();
}
}
<?php
define(MAIN_PATH, realpath(__DIR__) . DIRECTORY_SEPARATOR . '..');
require 'includes/config.inc.php';
require 'includes/functions.inc.php';
require 'includes/user.inc.php';
mysql_connect($config['db']['server'], $config['db']['user'], $config['db']['password']) or die('Could not connect to MySQL server');
// SERVER, DB USERNAME, DB PASSWORD
mysql_select_db($config['db']['db']);
// DATABASE
mysql_query('SET NAMES utf8');
session_name('session');
session_start();
if (!isset($_SESSION['form-token'])) {
session_regenerate_id();
$_SESSION['form-token'] = generate_token();
}
if (!empty($_POST)) {
validate_form_token();
}