/**
* Take arguments for running
*
* @param array $args $_REQUEST args
*
* @return boolean success flag
*/
function prepare($args)
{
parent::prepare($args);
$user = common_current_user();
// User must be logged in.
if (!common_logged_in()) {
$this->clientError(_('Not logged in.'));
return;
}
$user = common_current_user();
// ...because they're logged in
assert(!empty($user));
// It must be a "real" login, not saved cookie login
if (!common_is_real_login()) {
// Cookie theft is too easy; we require automatic
// logins to re-authenticate before admining the site
common_set_returnto($this->selfUrl());
if (Event::handle('RedirectToLogin', array($this, $user))) {
common_redirect(common_local_url('login'), 303);
}
}
// User must have the right to review flags
if (!$user->hasRight(UserFlagPlugin::REVIEWFLAGS)) {
$this->clientError(_('You cannot review profile flags.'));
return false;
}
$this->page = $this->trimmed('page');
if (empty($this->page)) {
$this->page = 1;
}
$this->profiles = $this->getProfiles();
return true;
}
/**
* Handle input, produce output
*
* Switches on request method; either shows the form or handles its input.
*
* @return void
*/
protected function handle()
{
if (common_is_real_login()) {
common_redirect(common_local_url('all', array('nickname' => $this->scoped->nickname)), 307);
}
return parent::handle();
}
/**
* Prepare for the action
*
* We check to see that the user is logged in, has
* authenticated in this session, and has the right
* to configure the site.
*
* @param array $args Array of arguments from Web driver
*
* @return boolean success flag
*/
function prepare($args)
{
parent::prepare($args);
// User must be logged in.
if (!common_logged_in()) {
// TRANS: Error message displayed when trying to perform an action that requires a logged in user.
$this->clientError(_('Not logged in.'));
}
$user = common_current_user();
// ...because they're logged in
assert(!empty($user));
// It must be a "real" login, not saved cookie login
if (!common_is_real_login()) {
// Cookie theft is too easy; we require automatic
// logins to re-authenticate before admining the site
common_set_returnto($this->selfUrl());
if (Event::handle('RedirectToLogin', array($this, $user))) {
common_redirect(common_local_url('login'), 303);
}
}
// User must have the right to change admin settings
if (!$user->hasRight(Right::CONFIGURESITE)) {
// TRANS: Client error message thrown when a user tries to change admin settings but has no access rights.
$this->clientError(_('You cannot make changes to this site.'));
}
// This panel must be enabled
$name = $this->trimmed('action');
$name = mb_substr($name, 0, -10);
if (!self::canAdmin($name)) {
// TRANS: Client error message throw when a certain panel's settings cannot be changed.
$this->clientError(_('Changes to that panel are not allowed.'), 403);
}
return true;
}
/**
* Take arguments for running
*
* This method is called first, and it lets the action class get
* all its arguments and validate them. It's also the time
* to fetch any relevant data from the database.
*
* Action classes should run parent::prepare($args) as the first
* line of this method to make sure the default argument-processing
* happens.
*
* @param array $args $_REQUEST args
*
* @return boolean success flag
*/
function prepare($args)
{
parent::prepare($args);
if (!common_logged_in()) {
// TRANS: Error message displayed when trying to perform an action that requires a logged in user.
$this->clientError(_('Not logged in.'));
return;
} else {
if (!common_is_real_login()) {
// Cookie theft means that automatic logins can't
// change important settings or see private info, and
// _all_ our settings are important
common_set_returnto($this->selfUrl());
$user = common_current_user();
if (Event::handle('RedirectToLogin', array($this, $user))) {
common_redirect(common_local_url('login'), 303);
}
} else {
$this->user = common_current_user();
$sdate = !isset($_REQUEST['sdate']) ? new DateTime('first day of this month') : new DateTime($_REQUEST['sdate']);
$edate = !isset($_REQUEST['edate']) ? new DateTime('last day of this month') : new DateTime($_REQUEST['edate']);
// Custom date range
$this->sa = Social_analytics::init($this->user->id, $sdate, $edate);
}
}
return true;
}
/**
* Handle input and output a page
*
* @param array $args $_REQUEST arguments
*
* @return void
*/
function handle($args)
{
parent::handle($args);
if (!common_logged_in()) {
$this->clientError(_('Not logged in.'));
return;
} else {
if (!common_is_real_login()) {
// Cookie theft means that automatic logins can't
// change important settings or see private info, and
// _all_ our settings are important
common_set_returnto($this->selfUrl());
$user = common_current_user();
if (Event::handle('RedirectToLogin', array($this, $user))) {
common_redirect(common_local_url('login'), 303);
}
} else {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->handlePost();
} else {
$this->showForm();
}
}
}
}
function handle($args)
{
parent::handle($args);
if (common_is_real_login()) {
// TRANS: Client error message trying to log on with OpenID while already logged on.
$this->clientError(_m('Already logged in.'));
} else {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
// TRANS: Message given when there is a problem with the user's session token.
$this->showForm(_m('There was a problem with your session token. Try again, please.'));
return;
}
if ($this->arg('create')) {
if (!$this->boolean('license')) {
// TRANS: Message given if user does not agree with the site's license.
$this->showForm(_m('You can\'t register if you don\'t agree to the license.'), $this->trimmed('newname'));
return;
}
$this->createNewUser();
} else {
if ($this->arg('connect')) {
$this->connectUser();
} else {
// TRANS: Messag given on an unknown error.
$this->showForm(_m('An unknown error has occured.'), $this->trimmed('newname'));
}
}
} else {
$this->tryLogin();
}
}
}
function handle($args)
{
parent::handle($args);
if (common_is_real_login()) {
$this->clientError(_('Already logged in.'));
} else {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
$this->showForm(_('There was a problem with your session token. Try again, please.'));
return;
}
if ($this->arg('create')) {
if (!$this->boolean('license')) {
$this->showForm(_('You can\'t register if you don\'t agree to the license.'), $this->trimmed('newname'));
return;
}
$this->createNewUser();
} else {
if ($this->arg('connect')) {
$this->connectUser();
} else {
common_debug(print_r($this->args, true), __FILE__);
$this->showForm(_('Something weird happened.'), $this->trimmed('newname'));
}
}
} else {
$this->tryLogin();
}
}
}
function handle($args)
{
parent::handle($args);
if (common_is_real_login()) {
$this->clientError(_('Already logged in.'));
}
$this->showPage();
}
function handle($args)
{
parent::handle($args);
if (common_is_real_login()) {
// TRANS: Client error displayed when trying to log in using Twitter while already logged in to StatusNet.
$this->clientError(_m('Already logged in.'));
}
$this->showPage();
}
function getInstructions()
{
if (common_logged_in() && !common_is_real_login() && common_get_returnto()) {
// rememberme logins have to reauthenticate before
// changing any profile settings (cookie-stealing protection)
return _('For security reasons, please re-login with your ' . '[OpenID](%%doc.openid%%) ' . 'before changing your settings.');
} else {
return _('Login with an [OpenID](%%doc.openid%%) account.');
}
}
function handle($args)
{
parent::handle($args);
if (common_is_real_login()) {
// TRANS: Client error displayed when trying to login while already logged in.
$this->clientError(_m('Already logged in.'));
} else {
$this->showPage();
}
}
function prepare($args)
{
parent::prepare($args);
if (common_is_real_login()) {
// TRANS: Client error displayed trying to use "one time password login" when already logged in.
$this->clientError(_('Already logged in.'));
return false;
}
$id = $this->trimmed('user_id');
if (empty($id)) {
// TRANS: Client error displayed trying to use "one time password login" without specifying a user.
$this->clientError(_('No user ID specified.'));
return false;
}
$this->user = User::staticGet('id', $id);
if (empty($this->user)) {
// TRANS: Client error displayed trying to use "one time password login" without using an existing user.
$this->clientError(_('No such user.'));
return false;
}
$this->token = $this->trimmed('token');
if (empty($this->token)) {
// TRANS: Client error displayed trying to use "one time password login" without specifying a login token.
$this->clientError(_('No login token specified.'));
return false;
}
$this->lt = Login_token::staticGet('user_id', $id);
if (empty($this->lt)) {
// TRANS: Client error displayed trying to use "one time password login" without requesting a login token.
$this->clientError(_('No login token requested.'));
return false;
}
if ($this->lt->token != $this->token) {
// TRANS: Client error displayed trying to use "one time password login" while specifying an invalid login token.
$this->clientError(_('Invalid login token specified.'));
return false;
}
if ($this->lt->modified > time() + Login_token::TIMEOUT) {
//token has expired
//delete the token as it is useless
$this->lt->delete();
$this->lt = null;
// TRANS: Client error displayed trying to use "one time password login" while specifying an expired login token.
$this->clientError(_('Login token expired.'));
return false;
}
$this->rememberme = $this->boolean('rememberme');
$this->returnto = $this->trimmed('returnto');
return true;
}
function getInstructions()
{
if (common_logged_in() && !common_is_real_login() && common_get_returnto()) {
// rememberme logins have to reauthenticate before
// changing any profile settings (cookie-stealing protection)
// TRANS: OpenID plugin message. Rememberme logins have to reauthenticate before changing any profile settings.
// TRANS: "OpenID" is the display text for a link with URL "(%%doc.openid%%)".
return _m('For security reasons, please re-login with your ' . '[OpenID](%%doc.openid%%) ' . 'before changing your settings.');
} else {
// TRANS: OpenID plugin message.
// TRANS: "OpenID" is the display text for a link with URL "(%%doc.openid%%)".
return _m('Login with an [OpenID](%%doc.openid%%) account.');
}
}
function handle($args)
{
parent::handle($args);
if (common_is_real_login()) {
// This will throw a client exception if the user already
// has some sort of foreign_link to Facebook.
$this->checkForExistingLink();
// Possibly reconnect an existing account
$this->connectUser();
} else {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->handlePost();
} else {
$this->tryLogin();
}
}
}
function handle($args)
{
parent::handle($args);
if (common_is_real_login()) {
// TRANS: Client error displayed when trying to log in while already logged on.
$this->clientError(_m('Already logged in.'));
} else {
global $casSettings;
phpCAS::client(CAS_VERSION_2_0, $casSettings['server'], $casSettings['port'], $casSettings['path'], false);
phpCAS::setNoCasServerValidation();
phpCAS::handleLogoutRequests();
phpCAS::forceAuthentication();
global $casTempPassword;
$casTempPassword = common_good_rand(16);
$user = common_check_user(phpCAS::getUser(), $casTempPassword);
if (!$user) {
// TRANS: Server error displayed when trying to log in with incorrect username or password.
$this->serverError(_m('Incorrect username or password.'));
return;
}
// success!
if (!common_set_user($user)) {
// TRANS: Server error displayed when login fails in CAS authentication plugin.
$this->serverError(_m('Error setting user. You are probably not authorized.'));
return;
}
common_real_login(true);
$url = common_get_returnto();
if ($url) {
// We don't have to return to it again
common_set_returnto(null);
} else {
if (common_config('site', 'private') && $casSettings['takeOverLogin']) {
//SSO users expect to just go to the URL they entered
//if we don't have a returnto set, the user entered the
//main StatusNet url, so send them there.
$url = common_local_url('public');
} else {
//With normal logins (regular form-based username/password),
//the user would expect to go to their home after logging in.
$url = common_local_url('public', array('nickname' => $user->nickname));
}
}
common_redirect($url, 303);
}
}
function prepare($args)
{
parent::prepare($args);
if (common_is_real_login()) {
$this->clientError(_('Already logged in.'));
return false;
}
$id = $this->trimmed('user_id');
if (empty($id)) {
$this->clientError(_('No user ID specified.'));
return false;
}
$this->user = User::staticGet('id', $id);
if (empty($this->user)) {
$this->clientError(_('No such user.'));
return false;
}
$this->token = $this->trimmed('token');
if (empty($this->token)) {
$this->clientError(_('No login token specified.'));
return false;
}
$this->lt = Login_token::staticGet('user_id', $id);
if (empty($this->lt)) {
$this->clientError(_('No login token requested.'));
return false;
}
if ($this->lt->token != $this->token) {
$this->clientError(_('Invalid login token specified.'));
return false;
}
if ($this->lt->modified > time() + Login_token::TIMEOUT) {
//token has expired
//delete the token as it is useless
$this->lt->delete();
$this->lt = null;
$this->clientError(_('Login token expired.'));
return false;
}
$this->rememberme = $this->boolean('rememberme');
$this->returnto = $this->trimmed('returnto');
return true;
}
function handle($args)
{
parent::handle($args);
if (common_is_real_login()) {
// User is already logged in. Does she already have a linked Facebook acct?
$flink = Foreign_link::getByForeignID($this->fbuid, FACEBOOK_CONNECT_SERVICE);
if (!empty($flink)) {
// User already has a linked Facebook account and shouldn't be here
common_debug('There is already a local user (' . $flink->user_id . ') linked with this Facebook (' . $this->fbuid . ').');
// We don't want these cookies
getFacebook()->clear_cookie_state();
$this->clientError(_('There is already a local user linked with this Facebook.'));
} else {
// User came from the Facebook connect settings tab, and
// probably just wants to link/relink their Facebook account
$this->connectUser();
}
} else {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
$this->showForm(_('There was a problem with your session token. Try again, please.'));
return;
}
if ($this->arg('create')) {
if (!$this->boolean('license')) {
$this->showForm(_('You can\'t register if you don\'t agree to the license.'), $this->trimmed('newname'));
return;
}
$this->createNewUser();
} else {
if ($this->arg('connect')) {
$this->connectNewUser();
} else {
common_debug(print_r($this->args, true), __FILE__);
$this->showForm(_('Something weird happened.'), $this->trimmed('newname'));
}
}
} else {
$this->tryLogin();
}
}
}
function handle($args)
{
parent::handle($args);
if (common_is_real_login()) {
// User is already logged in, are her accounts already linked?
$flink = Foreign_link::getByForeignID($this->fbuid, FACEBOOK_SERVICE);
if (!empty($flink)) {
// User already has a linked Facebook account and shouldn't be here!
common_debug(sprintf('There\'s already a local user %d linked with Facebook user %s.', $flink->user_id, $this->fbuid));
$this->clientError(_m('There is already a local account linked with that Facebook account.'));
} else {
// Possibly reconnect an existing account
$this->connectUser();
}
} else {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->handlePost();
} else {
$this->tryLogin();
}
}
}
/**
* Instructions for using the form
*
* For "remembered" logins, we make the user re-login when they
* try to change settings. Different instructions for this case.
*
* @return void
*/
function getInstructions()
{
if (common_logged_in() && !common_is_real_login() && common_get_returnto()) {
// rememberme logins have to reauthenticate before
// changing any profile settings (cookie-stealing protection)
// TRANS: Form instructions on login page before being able to change user settings.
return _('For security reasons, please re-enter your ' . 'user name and password ' . 'before changing your settings.');
} else {
// TRANS: Form instructions on login page.
$prompt = _('Login with your username and password.');
if (!common_config('site', 'closed') && !common_config('site', 'inviteonly')) {
$prompt .= ' ';
// TRANS: Form instructions on login page. This message contains Markdown links in the form [Link text](Link).
// TRANS: %%action.register%% is a link to the registration page.
$prompt .= _('Don\'t have a username yet? ' . '[Register](%%action.register%%) a new account.');
}
return $prompt;
}
}
protected function doDebug()
{
$data = array('timestamp' => gmdate('r'), 'remote_addr' => @$_SERVER['REMOTE_ADDR'], 'url' => @$_SERVER['REQUEST_URI'], 'have_session' => common_have_session(), 'logged_in' => common_logged_in(), 'is_real_login' => common_is_real_login(), 'user' => common_logged_in() ? common_current_user()->nickname : null, 'headers' => $this->getHttpHeaders(), 'post_data' => $this->sanitizePostData($_POST));
$this->saveDebug($data);
}
/**
* Instructions for using the form
*
* For "remembered" logins, we make the user re-login when they
* try to change settings. Different instructions for this case.
*
* @return void
*/
function getInstructions()
{
if (common_logged_in() && !common_is_real_login() && common_get_returnto()) {
// rememberme logins have to reauthenticate before
// changing any profile settings (cookie-stealing protection)
return _('For security reasons, please re-enter your ' . 'user name and password ' . 'before changing your settings.');
} else {
return _('Login with your username and password. ' . 'Don\'t have a username yet? ' . '[Register](%%action.register%%) a new account, or ' . 'try [OpenID](%%action.openidlogin%%). ');
}
}
function setLoginUser($user)
{
if (common_is_real_login()) {
$this->logoutWeb();
}
common_ensure_session();
// success!
if (!common_set_user($user)) {
// TRANS: Server error displayed when during login a server error occurs.
$this->serverError(_('Error setting user. You are probably not authorized.'));
return;
}
common_real_login(true);
}
/**
* Instructions for using the form
*
* For "remembered" logins, we make the user re-login when they
* try to change settings. Different instructions for this case.
*
* @return void
*/
function getInstructions()
{
if (common_logged_in() && !common_is_real_login() && common_get_returnto()) {
// rememberme logins have to reauthenticate before
// changing any profile settings (cookie-stealing protection)
return _('For security reasons, please re-enter your ' . 'user name and password ' . 'before changing your settings.');
} else {
$prompt = _('Login with your username and password.');
if (!common_config('site', 'closed') && !common_config('site', 'inviteonly')) {
$prompt .= ' ';
$prompt .= _('Don\'t have a username yet? ' . '[Register](%%action.register%%) a new account.');
}
return $prompt;
}
}
