/**
* If returnto not set, return to the public stream.
*
* @return string URL
*/
function defaultReturnTo()
{
$returnto = common_get_returnto();
if (empty($returnto)) {
return common_local_url('public');
} else {
return $returnto;
}
}
function getInstructions()
{
if (common_logged_in() && !common_is_real_login() && common_get_returnto()) {
// rememberme logins have to reauthenticate before
// changing any profile settings (cookie-stealing protection)
return _('For security reasons, please re-login with your ' . '[OpenID](%%doc.openid%%) ' . 'before changing your settings.');
} else {
return _('Login with an [OpenID](%%doc.openid%%) account.');
}
}
protected function doPost()
{
if ($this->arg('yes')) {
if (Event::handle('StartDeleteOwnNotice', array($this->scoped->getUser(), $this->notice))) {
$this->notice->deleteAs($this->scoped);
Event::handle('EndDeleteOwnNotice', array($this->scoped->getUser(), $this->notice));
}
} else {
common_redirect(common_get_returnto(), 303);
}
common_redirect(common_local_url('top'), 303);
}
function getInstructions()
{
if (common_logged_in() && !common_is_real_login() && common_get_returnto()) {
// rememberme logins have to reauthenticate before
// changing any profile settings (cookie-stealing protection)
// TRANS: OpenID plugin message. Rememberme logins have to reauthenticate before changing any profile settings.
// TRANS: "OpenID" is the display text for a link with URL "(%%doc.openid%%)".
return _m('For security reasons, please re-login with your ' . '[OpenID](%%doc.openid%%) ' . 'before changing your settings.');
} else {
// TRANS: OpenID plugin message.
// TRANS: "OpenID" is the display text for a link with URL "(%%doc.openid%%)".
return _m('Login with an [OpenID](%%doc.openid%%) account.');
}
}
function handle($args)
{
parent::handle($args);
if (common_is_real_login()) {
// TRANS: Client error displayed when trying to log in while already logged on.
$this->clientError(_m('Already logged in.'));
} else {
global $casSettings;
phpCAS::client(CAS_VERSION_2_0, $casSettings['server'], $casSettings['port'], $casSettings['path'], false);
phpCAS::setNoCasServerValidation();
phpCAS::handleLogoutRequests();
phpCAS::forceAuthentication();
global $casTempPassword;
$casTempPassword = common_good_rand(16);
$user = common_check_user(phpCAS::getUser(), $casTempPassword);
if (!$user) {
// TRANS: Server error displayed when trying to log in with incorrect username or password.
$this->serverError(_m('Incorrect username or password.'));
return;
}
// success!
if (!common_set_user($user)) {
// TRANS: Server error displayed when login fails in CAS authentication plugin.
$this->serverError(_m('Error setting user. You are probably not authorized.'));
return;
}
common_real_login(true);
$url = common_get_returnto();
if ($url) {
// We don't have to return to it again
common_set_returnto(null);
} else {
if (common_config('site', 'private') && $casSettings['takeOverLogin']) {
//SSO users expect to just go to the URL they entered
//if we don't have a returnto set, the user entered the
//main StatusNet url, so send them there.
$url = common_local_url('public');
} else {
//With normal logins (regular form-based username/password),
//the user would expect to go to their home after logging in.
$url = common_local_url('public', array('nickname' => $user->nickname));
}
}
common_redirect($url, 303);
}
}
/**
* Instructions for using the form
*
* For "remembered" logins, we make the user re-login when they
* try to change settings. Different instructions for this case.
*
* @return void
*/
function getInstructions()
{
if (common_logged_in() && !common_is_real_login() && common_get_returnto()) {
// rememberme logins have to reauthenticate before
// changing any profile settings (cookie-stealing protection)
// TRANS: Form instructions on login page before being able to change user settings.
return _('For security reasons, please re-enter your ' . 'user name and password ' . 'before changing your settings.');
} else {
// TRANS: Form instructions on login page.
$prompt = _('Login with your username and password.');
if (!common_config('site', 'closed') && !common_config('site', 'inviteonly')) {
$prompt .= ' ';
// TRANS: Form instructions on login page. This message contains Markdown links in the form [Link text](Link).
// TRANS: %%action.register%% is a link to the registration page.
$prompt .= _('Don\'t have a username yet? ' . '[Register](%%action.register%%) a new account.');
}
return $prompt;
}
}
function goHome($nickname)
{
$url = common_get_returnto();
if ($url) {
// We don't have to return to it again
common_set_returnto(null);
} else {
$url = common_local_url('all', array('nickname' => $nickname));
}
common_redirect($url, 303);
}
function deleteNotice()
{
// CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
// TRANS: Client error displayed when the session token does not match or is not given.
$this->showForm(_('There was a problem with your session token. ' . 'Try again, please.'));
return;
}
if ($this->arg('yes')) {
if (Event::handle('StartDeleteOwnNotice', array($this->user, $this->notice))) {
$this->notice->delete();
Event::handle('EndDeleteOwnNotice', array($this->user, $this->notice));
}
}
$url = common_get_returnto();
if ($url) {
common_set_returnto(null);
} else {
$url = common_local_url('public');
}
common_redirect($url, 303);
}
function deleteNotice()
{
// CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
$this->showForm(_('There was a problem with your session token. ' . 'Try again, please.'));
return;
}
if ($this->arg('yes')) {
$this->notice->delete();
}
$url = common_get_returnto();
if ($url) {
common_set_returnto(null);
} else {
$url = common_local_url('public');
}
common_redirect($url, 303);
}
/**
* Handle the request
*
* On POST, add the current user to the group
*
* @param array $args unused
*
* @return void
*/
function handle($args)
{
parent::handle($args);
$cur = common_current_user();
Profile_tag_subscription::remove($this->peopletag, $cur);
if ($this->boolean('ajax')) {
$this->startHTML('text/xml;charset=utf-8');
$this->elementStart('head');
// TRANS: Page title for form that allows unsubscribing from a list.
// TRANS: %1$s is a nickname, %2$s is a list, %3$s is a tagger nickname.
$this->element('title', null, sprintf(_('%1$s unsubscribed from list %2$s by %3$s'), $cur->nickname, $this->peopletag->tag, $this->tagger->nickname));
$this->elementEnd('head');
$this->elementStart('body');
$lf = new SubscribePeopletagForm($this, $this->peopletag);
$lf->show();
$this->elementEnd('body');
$this->elementEnd('html');
} else {
if (common_get_returnto()) {
common_redirect(common_get_returnto(), 303);
return true;
}
common_redirect(common_local_url('peopletagsbyuser', array('nickname' => $this->tagger->nickname)), 303);
}
}
/**
* Instructions for using the form
*
* For "remembered" logins, we make the user re-login when they
* try to change settings. Different instructions for this case.
*
* @return void
*/
function getInstructions()
{
if (common_logged_in() && !common_is_real_login() && common_get_returnto()) {
// rememberme logins have to reauthenticate before
// changing any profile settings (cookie-stealing protection)
return _('For security reasons, please re-enter your ' . 'user name and password ' . 'before changing your settings.');
} else {
$prompt = _('Login with your username and password.');
if (!common_config('site', 'closed') && !common_config('site', 'inviteonly')) {
$prompt .= ' ';
$prompt .= _('Don\'t have a username yet? ' . '[Register](%%action.register%%) a new account.');
}
return $prompt;
}
}
/**
* Instructions for using the form
*
* For "remembered" logins, we make the user re-login when they
* try to change settings. Different instructions for this case.
*
* @return void
*/
function getInstructions()
{
if (common_logged_in() && !common_is_real_login() && common_get_returnto()) {
// rememberme logins have to reauthenticate before
// changing any profile settings (cookie-stealing protection)
return _('For security reasons, please re-enter your ' . 'user name and password ' . 'before changing your settings.');
} else {
return _('Login with your username and password. ' . 'Don\'t have a username yet? ' . '[Register](%%action.register%%) a new account, or ' . 'try [OpenID](%%action.openidlogin%%). ');
}
}
/**
* Check the login data
*
* Determines if the login data is valid. If so, logs the user
* in, and redirects to the 'with friends' page, or to the stored
* return-to URL.
*
* @return void
*/
protected function handlePost()
{
parent::handlePost();
// XXX: login throttle
$nickname = $this->trimmed('nickname');
$password = $this->arg('password');
$user = common_check_user($nickname, $password);
if (!$user instanceof User) {
// TRANS: Form validation error displayed when trying to log in with incorrect credentials.
throw new ServerException(_('Incorrect username or password.'));
}
// success!
if (!common_set_user($user)) {
// TRANS: Server error displayed when during login a server error occurs.
throw new ServerException(_('Error setting user. You are probably not authorized.'));
}
common_real_login(true);
$this->updateScopedProfile();
if ($this->boolean('rememberme')) {
common_rememberme($user);
}
$url = common_get_returnto();
if ($url) {
// We don't have to return to it again
common_set_returnto(null);
$url = common_inject_session($url);
} else {
$url = common_local_url('all', array('nickname' => $this->scoped->nickname));
}
common_redirect($url, 303);
}