/**
* Check the login data
*
* Determines if the login data is valid. If so, logs the user
* in, and redirects to the 'with friends' page, or to the stored
* return-to URL.
*
* @return void
*/
protected function doPost()
{
// XXX: login throttle
$nickname = $this->trimmed('nickname');
$password = $this->arg('password');
$user = common_check_user($nickname, $password);
if (!$user instanceof User) {
// TRANS: Form validation error displayed when trying to log in with incorrect credentials.
throw new ServerException(_('Incorrect username or password.'));
}
// success!
if (!common_set_user($user)) {
// TRANS: Server error displayed when during login a server error occurs.
throw new ServerException(_('Error setting user. You are probably not authorized.'));
}
common_real_login(true);
$this->updateScopedProfile();
if ($this->boolean('rememberme')) {
common_rememberme($user);
}
$url = common_get_returnto();
if ($url) {
// We don't have to return to it again
common_set_returnto(null);
$url = common_inject_session($url);
} else {
$url = common_local_url('all', array('nickname' => $this->scoped->nickname));
}
common_redirect($url, 303);
}
function common_remembered_user()
{
$user = null;
$packed = isset($_COOKIE[REMEMBERME]) ? $_COOKIE[REMEMBERME] : null;
if (!$packed) {
return null;
}
list($id, $code) = explode(':', $packed);
if (!$id || !$code) {
common_log(LOG_WARNING, 'Malformed rememberme cookie: ' . $packed);
common_forgetme();
return null;
}
$rm = Remember_me::staticGet($code);
if (!$rm) {
common_log(LOG_WARNING, 'No such remember code: ' . $code);
common_forgetme();
return null;
}
if ($rm->user_id != $id) {
common_log(LOG_WARNING, 'Rememberme code for wrong user: '******' != ' . $id);
common_forgetme();
return null;
}
$user = User::staticGet($rm->user_id);
if (!$user) {
common_log(LOG_WARNING, 'No such user for rememberme: ' . $rm->user_id);
common_forgetme();
return null;
}
// successful!
$result = $rm->delete();
if (!$result) {
common_log_db_error($rm, 'DELETE', __FILE__);
common_log(LOG_WARNING, 'Could not delete rememberme: ' . $code);
common_forgetme();
return null;
}
common_log(LOG_INFO, 'logging in ' . $user->nickname . ' using rememberme code ' . $rm->code);
common_set_user($user);
common_real_login(false);
// We issue a new cookie, so they can log in
// automatically again after this session
common_rememberme($user);
return $user;
}
function connectUser()
{
$nickname = $this->trimmed('nickname');
$password = $this->trimmed('password');
if (!common_check_user($nickname, $password)) {
// TRANS: OpenID plugin message.
$this->showForm(_m('Invalid username or password.'));
return;
}
# They're legit!
$user = User::staticGet('nickname', $nickname);
list($display, $canonical, $sreg) = $this->getSavedValues();
if (!$display || !$canonical) {
// TRANS: OpenID plugin server error. A stored OpenID cannot be found.
$this->serverError(_m('Stored OpenID not found.'));
return;
}
$result = oid_link_user($user->id, $canonical, $display);
if (!$result) {
// TRANS: OpenID plugin server error. The user or user profile could not be saved.
$this->serverError(_m('Error connecting user to OpenID.'));
return;
}
if (Event::handle('StartOpenIDUpdateUser', array($user, $canonical, &$sreg))) {
oid_update_user($user, $sreg);
}
Event::handle('EndOpenIDUpdateUser', array($user, $canonical, $sreg));
oid_set_last($display);
common_set_user($user);
common_real_login(true);
if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) {
common_rememberme($user);
}
unset($_SESSION['openid_rememberme']);
$this->goHome($user->nickname);
}
/**
* 注册公共函数
* 由一些条件的判断完成最终注册
* @param $platform_userid 用户id唯一
* @param $platform_type 类型:sina、qq
* @param null $nickname 昵称
* @param null $description 描述
* @param null $location 当前所在地
* @param int $gender 性别
*/
function regist_common($platform_userid, $platform_type, $nickname = null, $profile_image_url = null, $description = null, $gender = 0, $location = null)
{
$head = null;
//拼接userid头
switch ($platform_type) {
case 2:
$head = "qq";
break;
case 1:
$head = 'sina';
break;
}
$user = new User();
$sql = "platform_type='{$platform_type}' AND platform_userid='{$platform_userid}'";
$user->whereAdd($sql);
$user->limit(1);
$user->find();
if ($user->fetch()) {
$this->showUserResult($user, 1);
return;
}
$originalUsername = $head . $platform_userid;
$username = $this->nicknameFromName($originalUsername);
$email = $this->trimmed("email");
$homepage = $this->trimmed("homepage");
$password = $this->password;
if (!User::allowed_nickname($nickname)) {
// TRANS: Client error displayed when trying to create a new user with an invalid username.
$this->clientError(_('username bad'), 400);
return;
}
$user_check = User::staticGet('nickname', $username);
if ($user_check) {
$this->clientError('username exists', 400);
return;
}
$user = User::register(array('nickname' => $username, 'password' => $password, 'email' => $email, 'fullname' => $nickname, 'homepage' => $homepage, 'bio' => $description, 'location' => $location, 'code' => $code, 'gender' => $gender, 'platform_userid' => $platform_userid, 'platform_type' => $platform_type));
if (!$user) {
// TRANS: Form validation error displayed when trying to register with an invalid username or password.
$this->clientError(_('Invalid username or password.', 400, 'json'));
return;
}
// success!
if (!common_set_user($user)) {
// TRANS: Server error displayed when saving fails during user registration.
$this->serverError(_('Error setting user.', '500', 'json'));
return;
}
// this is a real login
common_real_login(true);
if ($this->boolean('rememberme')) {
common_debug('Adding rememberme cookie for ' . $nickname);
common_rememberme($user);
}
// Re-init language env in case it changed (not yet, but soon)
common_init_language();
Event::handle('EndRegistrationTry', array($this));
if (!empty($profile_image_url)) {
try {
$user->getProfile()->setOriginalAvatarUrl($profile_image_url);
common_broadcast_profile($user->getProfile());
} catch (Exception $exc) {
}
}
$this->showUserResult($user, 0);
}
/**
* Try to register a user
*
* Validates the input and tries to save a new user and profile
* record. On success, shows an instructions page.
*
* @return void
*/
function tryRegister()
{
if (Event::handle('StartRegistrationTry', array($this))) {
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
$this->showForm(_('There was a problem with your session token. ' . 'Try again, please.'));
return;
}
$nickname = $this->trimmed('nickname');
$email = $this->trimmed('email');
$fullname = $this->trimmed('fullname');
$homepage = $this->trimmed('homepage');
$bio = $this->trimmed('bio');
$location = $this->trimmed('location');
// We don't trim these... whitespace is OK in a password!
$password = $this->arg('password');
$confirm = $this->arg('confirm');
// invitation code, if any
$code = $this->trimmed('code');
if ($code) {
$invite = Invitation::staticGet($code);
}
if (common_config('site', 'inviteonly') && !($code && $invite)) {
$this->clientError(_('Sorry, only invited people can register.'));
return;
}
// Input scrubbing
try {
$nickname = Nickname::normalize($nickname);
} catch (NicknameException $e) {
$this->showForm($e->getMessage());
}
$email = common_canonical_email($email);
if (!$this->boolean('license')) {
$this->showForm(_('You cannot register if you don\'t ' . 'agree to the license.'));
} else {
if ($email && !Validate::email($email, common_config('email', 'check_domain'))) {
$this->showForm(_('Not a valid email address.'));
} else {
if ($this->nicknameExists($nickname)) {
$this->showForm(_('Nickname already in use. Try another one.'));
} else {
if (!User::allowed_nickname($nickname)) {
$this->showForm(_('Not a valid nickname.'));
} else {
if ($this->emailExists($email)) {
$this->showForm(_('Email address already exists.'));
} else {
if (!is_null($homepage) && strlen($homepage) > 0 && !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) {
$this->showForm(_('Homepage is not a valid URL.'));
return;
} else {
if (!is_null($fullname) && mb_strlen($fullname) > 255) {
$this->showForm(_('Full name is too long (maximum 255 characters).'));
return;
} else {
if (Profile::bioTooLong($bio)) {
$this->showForm(sprintf(_m('Bio is too long (maximum %d character).', 'Bio is too long (maximum %d characters).', Profile::maxBio()), Profile::maxBio()));
return;
} else {
if (!is_null($location) && mb_strlen($location) > 255) {
$this->showForm(_('Location is too long (maximum 255 characters).'));
return;
} else {
if (strlen($password) < 6) {
$this->showForm(_('Password must be 6 or more characters.'));
return;
} else {
if ($password != $confirm) {
$this->showForm(_('Passwords don\'t match.'));
} else {
if ($user = User::register(array('nickname' => $nickname, 'password' => $password, 'email' => $email, 'fullname' => $fullname, 'homepage' => $homepage, 'bio' => $bio, 'location' => $location, 'code' => $code))) {
if (!$user) {
$this->showForm(_('Invalid username or password.'));
return;
}
// success!
if (!common_set_user($user)) {
$this->serverError(_('Error setting user.'));
return;
}
// this is a real login
common_real_login(true);
if ($this->boolean('rememberme')) {
common_debug('Adding rememberme cookie for ' . $nickname);
common_rememberme($user);
}
Event::handle('EndRegistrationTry', array($this));
// Re-init language env in case it changed (not yet, but soon)
common_init_language();
$this->showSuccess();
} else {
$this->showForm(_('Invalid username or password.'));
}
}
}
}
}
}
}
}
}
}
}
}
}
}
/**
* Try to register a user
*
* Validates the input and tries to save a new user and profile
* record. On success, shows an instructions page.
*
* @return void
*/
function tryRegister()
{
if (Event::handle('StartRegistrationTry', array($this))) {
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
// TRANS: Client error displayed when the session token does not match or is not given.
$this->showForm(_('There was a problem with your session token. ' . 'Try again, please.'));
return;
}
$nickname = $this->trimmed('nickname');
$email = $this->trimmed('email');
$fullname = $this->trimmed('fullname');
$homepage = $this->trimmed('homepage');
$bio = $this->trimmed('bio');
$location = $this->trimmed('location');
// We don't trim these... whitespace is OK in a password!
$password = $this->arg('password');
$confirm = $this->arg('confirm');
// invitation code, if any
$code = $this->trimmed('code');
if ($code) {
$invite = Invitation::getKV($code);
}
if (common_config('site', 'inviteonly') && !($code && $invite)) {
// TRANS: Client error displayed when trying to register to an invite-only site without an invitation.
$this->clientError(_('Sorry, only invited people can register.'));
}
// Input scrubbing
try {
$nickname = Nickname::normalize($nickname, true);
} catch (NicknameException $e) {
$this->showForm($e->getMessage());
return;
}
$email = common_canonical_email($email);
if (!$this->boolean('license')) {
// TRANS: Form validation error displayed when trying to register without agreeing to the site license.
$this->showForm(_('You cannot register if you do not ' . 'agree to the license.'));
} else {
if ($email && !Validate::email($email, common_config('email', 'check_domain'))) {
// TRANS: Form validation error displayed when trying to register without a valid e-mail address.
$this->showForm(_('Not a valid email address.'));
} else {
if ($this->emailExists($email)) {
// TRANS: Form validation error displayed when trying to register with an already registered e-mail address.
$this->showForm(_('Email address already exists.'));
} else {
if (!is_null($homepage) && strlen($homepage) > 0 && !common_valid_http_url($homepage)) {
// TRANS: Form validation error displayed when trying to register with an invalid homepage URL.
$this->showForm(_('Homepage is not a valid URL.'));
} else {
if (!is_null($fullname) && mb_strlen($fullname) > 255) {
// TRANS: Form validation error displayed when trying to register with a too long full name.
$this->showForm(_('Full name is too long (maximum 255 characters).'));
} else {
if (Profile::bioTooLong($bio)) {
// TRANS: Form validation error on registration page when providing too long a bio text.
// TRANS: %d is the maximum number of characters for bio; used for plural.
$this->showForm(sprintf(_m('Bio is too long (maximum %d character).', 'Bio is too long (maximum %d characters).', Profile::maxBio()), Profile::maxBio()));
} else {
if (!is_null($location) && mb_strlen($location) > 255) {
// TRANS: Form validation error displayed when trying to register with a too long location.
$this->showForm(_('Location is too long (maximum 255 characters).'));
} else {
if (strlen($password) < 6) {
// TRANS: Form validation error displayed when trying to register with too short a password.
$this->showForm(_('Password must be 6 or more characters.'));
} else {
if ($password != $confirm) {
// TRANS: Form validation error displayed when trying to register with non-matching passwords.
$this->showForm(_('Passwords do not match.'));
} else {
try {
$user = User::register(array('nickname' => $nickname, 'password' => $password, 'email' => $email, 'fullname' => $fullname, 'homepage' => $homepage, 'bio' => $bio, 'location' => $location, 'code' => $code));
// success!
if (!common_set_user($user)) {
// TRANS: Server error displayed when saving fails during user registration.
$this->serverError(_('Error setting user.'));
}
// this is a real login
common_real_login(true);
if ($this->boolean('rememberme')) {
common_debug('Adding rememberme cookie for ' . $nickname);
common_rememberme($user);
}
// Re-init language env in case it changed (not yet, but soon)
common_init_language();
Event::handle('EndRegistrationTry', array($this));
$this->showSuccess();
} catch (Exception $e) {
// TRANS: Form validation error displayed when trying to register with an invalid username or password.
$this->showForm($e->getMessage());
}
}
}
}
}
}
}
}
}
}
}
}
function connectUser()
{
$nickname = $this->trimmed('nickname');
$password = $this->trimmed('password');
if (!common_check_user($nickname, $password)) {
$this->showForm(_('Invalid username or password.'));
return;
}
# They're legit!
$user = User::staticGet('nickname', $nickname);
list($display, $canonical, $sreg) = $this->getSavedValues();
if (!$display || !$canonical) {
$this->serverError(_('Stored OpenID not found.'));
return;
}
$result = oid_link_user($user->id, $canonical, $display);
if (!$result) {
$this->serverError(_('Error connecting user to OpenID.'));
return;
}
oid_update_user($user, $sreg);
oid_set_last($display);
common_set_user($user);
common_real_login(true);
if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) {
common_rememberme($user);
}
unset($_SESSION['openid_rememberme']);
$this->goHome($user->nickname);
}
/**
* Check the login data
*
* Determines if the login data is valid. If so, logs the user
* in, and redirects to the 'with friends' page, or to the stored
* return-to URL.
*
* @return void
*/
function checkLogin($user_id = null, $token = null)
{
// XXX: login throttle
// CSRF protection - token set in NoticeForm
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
$st = common_session_token();
if (empty($token)) {
common_log(LOG_WARNING, 'No token provided by client.');
} else {
if (empty($st)) {
common_log(LOG_WARNING, 'No session token stored.');
} else {
common_log(LOG_WARNING, 'Token = ' . $token . ' and session token = ' . $st);
}
}
$this->clientError(_('There was a problem with your session token. ' . 'Try again, please.'));
return;
}
$nickname = $this->trimmed('nickname');
$password = $this->arg('password');
$user = common_check_user($nickname, $password);
if (!$user) {
$this->showForm(_('Incorrect username or password.'));
return;
}
// success!
if (!common_set_user($user)) {
$this->serverError(_('Error setting user. You are probably not authorized.'));
return;
}
common_real_login(true);
if ($this->boolean('rememberme')) {
common_rememberme($user);
}
$url = common_get_returnto();
if ($url) {
// We don't have to return to it again
common_set_returnto(null);
$url = common_inject_session($url);
} else {
$url = common_local_url('all', array('nickname' => $user->nickname));
}
common_redirect($url, 303);
}
function handle($args)
{
parent::handle($args);
// success!
if (!common_set_user($this->user)) {
// TRANS: Server error displayed when a user object could not be created trying to login using "one time password login".
$this->serverError(_('Error setting user. You are probably not authorized.'));
return;
}
// We're now logged in; disable the lt
$this->lt->delete();
$this->lt = null;
common_real_login(true);
if ($this->rememberme) {
common_rememberme($this->user);
}
if (!empty($this->returnto)) {
$url = $this->returnto;
// We don't have to return to it again
common_set_returnto(null);
} else {
$url = common_local_url('all', array('nickname' => $this->user->nickname));
}
common_redirect($url, 303);
}
function handle($args)
{
parent::handle($args);
if (!Event::handle('StartRegistrationTry', array($this))) {
return;
}
//database use nickname we change it into username for more
//easier to understand
$nickname = $this->trimmed('username');
$email = $this->trimmed('email');
$fullname = $this->trimmed('nickname');
$homepage = NULL;
//$this->trimmed('homepage');
$bio = $this->trimmed('description');
$location = $this->trimmed('location');
$genderStr = $this->trimmed('gender');
if (!empty($bio)) {
if (mb_strlen($bio) > self::MAX_DESCRIPTION) {
$this->clientError(_('description must be set less than 70'));
return;
}
}
if (empty($email) && empty($nickname)) {
$this->clientError(_('must set nickname or email'));
return;
}
if (empty($nickname) && !empty($email)) {
$user_email_check = User::staticGet('email', $email);
if ($user_email_check) {
$this->clientError(_('email exists'));
return;
}
$nickname = $this->nicknameFromEmail($email);
}
// We don't trim these... whitespace is OK in a password!
$password = $this->arg('password');
try {
$nickname = Nickname::normalize($nickname);
} catch (NicknameException $e) {
$this->clientError(_('username error'));
return;
}
if (!User::allowed_nickname($nickname)) {
// TRANS: Client error displayed when trying to create a new user with an invalid username.
$this->clientError(_('username bad'), 400);
return;
}
$gender = 0;
if (!empty($genderStr)) {
if ($genderStr == 'f') {
$gender = 1;
} else {
if ($genderStr == 'm') {
$gender = 2;
}
}
}
$user_check = User::staticGet('nickname', $nickname);
if ($user_check) {
$this->clientError('username exists', 400);
return;
}
if (empty($password)) {
$this->clientError(_('password empty'), 400);
return;
}
//no need to confirmed email
$email_confirmed = !empty($email);
$user = User::register(array('nickname' => $nickname, 'password' => $password, 'email' => $email, 'fullname' => $fullname, 'homepage' => $homepage, 'bio' => $bio, 'location' => $location, 'code' => $code, 'gender' => $gender, 'email_confirmed' => $email_confirmed));
if (!$user) {
// TRANS: Form validation error displayed when trying to register with an invalid username or password.
$this->clientError(_('Invalid username or password.', 400, 'json'));
return;
}
// success!
if (!common_set_user($user)) {
// TRANS: Server error displayed when saving fails during user registration.
$this->serverError(_('Error setting user.', '500', 'json'));
return;
}
// this is a real login
common_real_login(true);
if ($this->boolean('rememberme')) {
common_debug('Adding rememberme cookie for ' . $nickname);
common_rememberme($user);
}
// Re-init language env in case it changed (not yet, but soon)
common_init_language();
Event::handle('EndRegistrationTry', array($this));
$resultUser = $this->twitterUserArray($user->getProfile(), false);
$this->initDocument('json');
$this->showJsonObjects($resultUser);
$this->endDocument('json');
}
/**
* Check the login data
*
* Determines if the login data is valid. If so, logs the user
* in, and redirects to the 'with friends' page, or to the stored
* return-to URL.
*
* @return void
*/
function checkLogin()
{
// XXX: login throttle
// CSRF protection - token set in NoticeForm
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
$this->clientError(_('There was a problem with your session token. ' . 'Try again, please.'));
return;
}
$nickname = common_canonical_nickname($this->trimmed('nickname'));
$password = $this->arg('password');
$user = common_check_user($nickname, $password);
if (!$user) {
$this->showForm(_('Incorrect username or password.'));
return;
}
// success!
if (!common_set_user($user)) {
$this->serverError(_('Error setting user.'));
return;
}
common_real_login(true);
if ($this->boolean('rememberme')) {
common_rememberme($user);
}
$url = common_get_returnto();
if ($url) {
// We don't have to return to it again
common_set_returnto(null);
} else {
$url = common_local_url('all', array('nickname' => $nickname));
}
common_redirect($url);
}
