function doValidLogin($login)
 {
     global $_TABLES, $status, $uid;
     // Remote auth precludes usersubmission,
     // and integrates user activation, see?;
     $status = USER_ACCOUNT_ACTIVE;
     // PHP replaces "." with "_"
     $openid_identity = addslashes($this->query['openid_identity']);
     $openid_nickname = '';
     if (isset($this->query['openid_sreg_nickname'])) {
         $openid_nickname = $this->query['openid_sreg_nickname'];
     }
     // Check if that account is already registered.
     $result = DB_query("SELECT uid FROM {$_TABLES['users']} WHERE remoteusername = '******' AND remoteservice = 'openid'");
     $tmp = DB_error();
     $nrows = DB_numRows($result);
     if (!($tmp == 0) || !($nrows == 1)) {
         // First time login with this OpenID, creating account...
         if (empty($openid_nickname)) {
             $openid_nickname = $this->makeUsername($this->query['openid_identity']);
         }
         // we simply can't accept empty usernames ...
         if (empty($openid_nickname)) {
             COM_errorLog('Got an empty username for ' . $openid_identity);
             // not strictly correct - just to signal a failed login attempt
             $status = USER_ACCOUNT_DISABLED;
             $uid = 0;
             return;
         }
         // Ensure that remoteusername is unique locally.
         $openid_nickname = USER_uniqueUsername($openid_nickname);
         $openid_sreg_email = '';
         if (isset($this->query['openid_sreg_email'])) {
             $openid_sreg_email = $this->query['openid_sreg_email'];
         }
         $openid_sreg_fullname = '';
         if (isset($this->query['openid_sreg_fullname'])) {
             $openid_sreg_fullname = $this->query['openid_sreg_fullname'];
         }
         USER_createAccount($openid_nickname, $openid_sreg_email, '', $openid_sreg_fullname, '', $this->query['openid_identity'], 'openid');
         $uid = DB_getItem($_TABLES['users'], 'uid', "remoteusername = '******' AND remoteservice = 'openid'");
         // Store full remote account name:
         DB_query("UPDATE {$_TABLES['users']} SET remoteusername = '******', remoteservice = 'openid', status = 3 WHERE uid = {$uid}");
         // Add to remote users:
         $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
         DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})");
     } else {
         $result = DB_query("SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******' AND remoteservice = 'openid'");
         list($uid, $status) = DB_fetchArray($result);
     }
 }
Example #2
0
 public function doAction($info)
 {
     global $_TABLES, $LANG04, $status, $uid, $_CONF, $checkMerge;
     $users = $this->_getCreateUserInfo($info);
     $userinfo = $this->_getUpdateUserInfo($info);
     $sql = "SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******'remoteusername']) . "' AND remoteservice = '" . DB_escapeString($users['remoteservice']) . "'";
     $result = DB_query($sql);
     $tmp = DB_error();
     $nrows = DB_numRows($result);
     if (empty($tmp) && $nrows == 1) {
         // existing user...
         list($uid, $status) = DB_fetchArray($result);
         $checkMerge = false;
     } else {
         if ($_CONF['disable_new_user_registration']) {
             echo COM_siteHeader();
             echo $LANG04[122];
             echo COM_siteFooter();
             exit;
         }
         // initial login - create account
         $loginname = $users['loginname'];
         $checkName = DB_getItem($_TABLES['users'], 'username', "username='******'");
         if (!empty($checkName)) {
             if (function_exists('CUSTOM_uniqueRemoteUsername')) {
                 $loginname = CUSTOM_uniqueRemoteUsername(loginname, $remoteservice);
             }
             if (strcasecmp($checkName, $loginname) == 0) {
                 $loginname = USER_uniqueUsername($loginname);
             }
         }
         $users['loginname'] = $loginname;
         $uid = USER_createAccount($users['loginname'], $users['email'], '', $users['fullname'], $users['homepage'], $users['remoteusername'], $users['remoteservice']);
         if (is_array($users)) {
             $this->_DBupdate_users($uid, $users);
         }
         if (is_array($userinfo)) {
             $this->_DBupdate_userinfo($uid, $userinfo);
         }
         $status = DB_getItem($_TABLES['users'], 'status', 'uid=' . (int) $uid);
         $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
         DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})");
         if (isset($users['socialuser'])) {
             $social_result = DB_query("SELECT * FROM {$_TABLES['social_follow_services']} WHERE service_name='" . DB_escapeString($users['socialservice']) . "' AND enabled=1");
             if (DB_numRows($social_result) > 0) {
                 $social_row = DB_fetchArray($social_result);
                 $sql = "REPLACE INTO {$_TABLES['social_follow_user']} (ssid,uid,ss_username) ";
                 $sql .= " VALUES (" . (int) $social_row['ssid'] . "," . $uid . ",'" . $users['socialuser'] . "');";
                 DB_query($sql, 1);
             }
         }
         if (isset($users['email']) && $users['email'] != '') {
             $sql = "SELECT * FROM {$_TABLES['users']} WHERE account_type = " . LOCAL_USER . " AND email='" . DB_escapeString($users['email']) . "' AND uid > 1";
             $result = DB_query($sql);
             $numRows = DB_numRows($result);
             if ($numRows == 1) {
                 $row = DB_fetchArray($result);
                 $remoteUID = $uid;
                 $localUID = $row['uid'];
                 USER_mergeAccountScreen($remoteUID, $localUID);
             }
         }
     }
 }
Example #3
0
 public function doAction($info)
 {
     global $_TABLES, $status, $uid, $_CONF;
     // COM_errorLog("doAction() method ------------------");
     // remote auth precludes usersubmission, and integrates user activation
     $status = USER_ACCOUNT_ACTIVE;
     $users = $this->_getCreateUserInfo($info);
     $userinfo = $this->_getUpdateUserInfo($info);
     $passwords = USER_createPassword();
     $users['passwd2'] = $passwords['encrypted'];
     $sql = "SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******'remoteusername']}' AND remoteservice = '{$users['remoteservice']}'";
     // COM_errorLog("sql={$sql}");
     $result = DB_query($sql);
     $tmp = DB_error();
     // COM_errorLog("DB_error={$tmp}");
     $nrows = DB_numRows($result);
     // COM_errorLog("DB_numRows={$nrows}");
     if (empty($tmp) && $nrows == 1) {
         list($uid, $status) = DB_fetchArray($result);
         // COM_errorLog("user found!  uid={$uid} status={$status}");
     } else {
         // COM_errorLog("user not found - creating new account");
         // initial login - create account
         $status = USER_ACCOUNT_ACTIVE;
         // COM_errorLog("checking remoteuser login name for uniqueness");
         $checkName = DB_getItem($_TABLES['users'], 'username', "username='******'loginname']}'");
         if (!empty($checkName)) {
             if ($checkName == $users['loginname']) {
                 if (function_exists('CUSTOM_uniqueRemoteUsername')) {
                     // COM_errorLog("CUSTOM_uniqueRemoteUserName function exists, calling it");
                     $users['loginname'] = CUSTOM_uniqueRemoteUsername($users['loginname'], $users['remoteservice']);
                 } else {
                     // COM_errorLog("loginname is not unique, using USER_uniqueUsername() to create one");
                     $users['loginname'] = USER_uniqueUsername($users['loginname']);
                 }
             }
         }
         $uid = USER_createAccount($users['loginname'], $users['email'], $users['passwd2'], $users['fullname'], $users['homepage'], $users['remoteusername'], $users['remoteservice']);
         // COM_errorLog("after creation, uid={$uid}");
         // COM_errorLog("updating users[]");
         if (is_array($users)) {
             $this->_DBupdate_users($uid, $users);
         }
         // COM_errorLog("updating userinfo[]");
         if (is_array($userinfo)) {
             $this->_DBupdate_userinfo($uid, $userinfo);
         }
         // COM_errorLog("adding uid={$uid} to Remote Users group");
         $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
         DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})");
         // usercreate after trigger
         if (method_exists($this, '_after_trigger')) {
             $this->_after_trigger($uid, $users, $userinfo);
         }
     }
 }
 public function doAction($info)
 {
     global $_TABLES, $status, $uid, $_CONF;
     // remote auth precludes usersubmission, and integrates user activation
     $status = USER_ACCOUNT_ACTIVE;
     $users = $this->_getCreateUserInfo($info);
     $userinfo = $this->_getUpdateUserInfo($info);
     $sql = "SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******'remoteusername']) . "' AND remoteservice = '" . DB_escapeString($users['remoteservice']) . "'";
     $result = DB_query($sql);
     $tmp = DB_error();
     $nrows = DB_numRows($result);
     if (empty($tmp) && $nrows == 1) {
         list($uid, $status) = DB_fetchArray($result);
     } else {
         // initial login - create account
         $status = USER_ACCOUNT_ACTIVE;
         $loginname = $users['loginname'];
         $checkName = DB_getItem($_TABLES['users'], 'username', "username='******'");
         if (!empty($checkName)) {
             if (function_exists('CUSTOM_uniqueRemoteUsername')) {
                 $loginname = CUSTOM_uniqueRemoteUsername(loginname, $remoteservice);
             }
             if (strcasecmp($checkName, $loginname) == 0) {
                 $loginname = USER_uniqueUsername($loginname);
             }
         }
         $users['loginname'] = $loginname;
         $uid = USER_createAccount($users['loginname'], $users['email'], '', $users['fullname'], $users['homepage'], $users['remoteusername'], $users['remoteservice']);
         if (is_array($users)) {
             $this->_DBupdate_users($uid, $users);
         }
         if (is_array($userinfo)) {
             $this->_DBupdate_userinfo($uid, $userinfo);
         }
         $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
         DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})");
     }
 }