function doValidLogin($login) { global $_TABLES, $status, $uid; // Remote auth precludes usersubmission, // and integrates user activation, see?; $status = USER_ACCOUNT_ACTIVE; // PHP replaces "." with "_" $openid_identity = addslashes($this->query['openid_identity']); $openid_nickname = ''; if (isset($this->query['openid_sreg_nickname'])) { $openid_nickname = $this->query['openid_sreg_nickname']; } // Check if that account is already registered. $result = DB_query("SELECT uid FROM {$_TABLES['users']} WHERE remoteusername = '******' AND remoteservice = 'openid'"); $tmp = DB_error(); $nrows = DB_numRows($result); if (!($tmp == 0) || !($nrows == 1)) { // First time login with this OpenID, creating account... if (empty($openid_nickname)) { $openid_nickname = $this->makeUsername($this->query['openid_identity']); } // we simply can't accept empty usernames ... if (empty($openid_nickname)) { COM_errorLog('Got an empty username for ' . $openid_identity); // not strictly correct - just to signal a failed login attempt $status = USER_ACCOUNT_DISABLED; $uid = 0; return; } // Ensure that remoteusername is unique locally. $openid_nickname = USER_uniqueUsername($openid_nickname); $openid_sreg_email = ''; if (isset($this->query['openid_sreg_email'])) { $openid_sreg_email = $this->query['openid_sreg_email']; } $openid_sreg_fullname = ''; if (isset($this->query['openid_sreg_fullname'])) { $openid_sreg_fullname = $this->query['openid_sreg_fullname']; } USER_createAccount($openid_nickname, $openid_sreg_email, '', $openid_sreg_fullname, '', $this->query['openid_identity'], 'openid'); $uid = DB_getItem($_TABLES['users'], 'uid', "remoteusername = '******' AND remoteservice = 'openid'"); // Store full remote account name: DB_query("UPDATE {$_TABLES['users']} SET remoteusername = '******', remoteservice = 'openid', status = 3 WHERE uid = {$uid}"); // Add to remote users: $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'"); DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})"); } else { $result = DB_query("SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******' AND remoteservice = 'openid'"); list($uid, $status) = DB_fetchArray($result); } }
public function doAction($info) { global $_TABLES, $LANG04, $status, $uid, $_CONF, $checkMerge; $users = $this->_getCreateUserInfo($info); $userinfo = $this->_getUpdateUserInfo($info); $sql = "SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******'remoteusername']) . "' AND remoteservice = '" . DB_escapeString($users['remoteservice']) . "'"; $result = DB_query($sql); $tmp = DB_error(); $nrows = DB_numRows($result); if (empty($tmp) && $nrows == 1) { // existing user... list($uid, $status) = DB_fetchArray($result); $checkMerge = false; } else { if ($_CONF['disable_new_user_registration']) { echo COM_siteHeader(); echo $LANG04[122]; echo COM_siteFooter(); exit; } // initial login - create account $loginname = $users['loginname']; $checkName = DB_getItem($_TABLES['users'], 'username', "username='******'"); if (!empty($checkName)) { if (function_exists('CUSTOM_uniqueRemoteUsername')) { $loginname = CUSTOM_uniqueRemoteUsername(loginname, $remoteservice); } if (strcasecmp($checkName, $loginname) == 0) { $loginname = USER_uniqueUsername($loginname); } } $users['loginname'] = $loginname; $uid = USER_createAccount($users['loginname'], $users['email'], '', $users['fullname'], $users['homepage'], $users['remoteusername'], $users['remoteservice']); if (is_array($users)) { $this->_DBupdate_users($uid, $users); } if (is_array($userinfo)) { $this->_DBupdate_userinfo($uid, $userinfo); } $status = DB_getItem($_TABLES['users'], 'status', 'uid=' . (int) $uid); $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'"); DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})"); if (isset($users['socialuser'])) { $social_result = DB_query("SELECT * FROM {$_TABLES['social_follow_services']} WHERE service_name='" . DB_escapeString($users['socialservice']) . "' AND enabled=1"); if (DB_numRows($social_result) > 0) { $social_row = DB_fetchArray($social_result); $sql = "REPLACE INTO {$_TABLES['social_follow_user']} (ssid,uid,ss_username) "; $sql .= " VALUES (" . (int) $social_row['ssid'] . "," . $uid . ",'" . $users['socialuser'] . "');"; DB_query($sql, 1); } } if (isset($users['email']) && $users['email'] != '') { $sql = "SELECT * FROM {$_TABLES['users']} WHERE account_type = " . LOCAL_USER . " AND email='" . DB_escapeString($users['email']) . "' AND uid > 1"; $result = DB_query($sql); $numRows = DB_numRows($result); if ($numRows == 1) { $row = DB_fetchArray($result); $remoteUID = $uid; $localUID = $row['uid']; USER_mergeAccountScreen($remoteUID, $localUID); } } } }
public function doAction($info) { global $_TABLES, $status, $uid, $_CONF; // COM_errorLog("doAction() method ------------------"); // remote auth precludes usersubmission, and integrates user activation $status = USER_ACCOUNT_ACTIVE; $users = $this->_getCreateUserInfo($info); $userinfo = $this->_getUpdateUserInfo($info); $passwords = USER_createPassword(); $users['passwd2'] = $passwords['encrypted']; $sql = "SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******'remoteusername']}' AND remoteservice = '{$users['remoteservice']}'"; // COM_errorLog("sql={$sql}"); $result = DB_query($sql); $tmp = DB_error(); // COM_errorLog("DB_error={$tmp}"); $nrows = DB_numRows($result); // COM_errorLog("DB_numRows={$nrows}"); if (empty($tmp) && $nrows == 1) { list($uid, $status) = DB_fetchArray($result); // COM_errorLog("user found! uid={$uid} status={$status}"); } else { // COM_errorLog("user not found - creating new account"); // initial login - create account $status = USER_ACCOUNT_ACTIVE; // COM_errorLog("checking remoteuser login name for uniqueness"); $checkName = DB_getItem($_TABLES['users'], 'username', "username='******'loginname']}'"); if (!empty($checkName)) { if ($checkName == $users['loginname']) { if (function_exists('CUSTOM_uniqueRemoteUsername')) { // COM_errorLog("CUSTOM_uniqueRemoteUserName function exists, calling it"); $users['loginname'] = CUSTOM_uniqueRemoteUsername($users['loginname'], $users['remoteservice']); } else { // COM_errorLog("loginname is not unique, using USER_uniqueUsername() to create one"); $users['loginname'] = USER_uniqueUsername($users['loginname']); } } } $uid = USER_createAccount($users['loginname'], $users['email'], $users['passwd2'], $users['fullname'], $users['homepage'], $users['remoteusername'], $users['remoteservice']); // COM_errorLog("after creation, uid={$uid}"); // COM_errorLog("updating users[]"); if (is_array($users)) { $this->_DBupdate_users($uid, $users); } // COM_errorLog("updating userinfo[]"); if (is_array($userinfo)) { $this->_DBupdate_userinfo($uid, $userinfo); } // COM_errorLog("adding uid={$uid} to Remote Users group"); $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'"); DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})"); // usercreate after trigger if (method_exists($this, '_after_trigger')) { $this->_after_trigger($uid, $users, $userinfo); } } }
public function doAction($info) { global $_TABLES, $status, $uid, $_CONF; // remote auth precludes usersubmission, and integrates user activation $status = USER_ACCOUNT_ACTIVE; $users = $this->_getCreateUserInfo($info); $userinfo = $this->_getUpdateUserInfo($info); $sql = "SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******'remoteusername']) . "' AND remoteservice = '" . DB_escapeString($users['remoteservice']) . "'"; $result = DB_query($sql); $tmp = DB_error(); $nrows = DB_numRows($result); if (empty($tmp) && $nrows == 1) { list($uid, $status) = DB_fetchArray($result); } else { // initial login - create account $status = USER_ACCOUNT_ACTIVE; $loginname = $users['loginname']; $checkName = DB_getItem($_TABLES['users'], 'username', "username='******'"); if (!empty($checkName)) { if (function_exists('CUSTOM_uniqueRemoteUsername')) { $loginname = CUSTOM_uniqueRemoteUsername(loginname, $remoteservice); } if (strcasecmp($checkName, $loginname) == 0) { $loginname = USER_uniqueUsername($loginname); } } $users['loginname'] = $loginname; $uid = USER_createAccount($users['loginname'], $users['email'], '', $users['fullname'], $users['homepage'], $users['remoteusername'], $users['remoteservice']); if (is_array($users)) { $this->_DBupdate_users($uid, $users); } if (is_array($userinfo)) { $this->_DBupdate_userinfo($uid, $userinfo); } $remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'"); DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})"); } }