Example #1
0
 /**
  * Standard login provider hook.
  *
  * @param  ?MEMBER		Member ID already detected as logged in (NULL: none). May be a guest ID.
  * @return ?MEMBER		Member ID now detected as logged in (NULL: none). May be a guest ID.
  */
 function try_login($member)
 {
     // Some kind of OpenID provider
     try {
         require_code('openid');
         require_code('developer_tools');
         if (!isset($_REQUEST['openid_mode'])) {
             if (array_key_exists('openid_identifier', $_POST)) {
                 destrictify();
                 $openid = new LightOpenID();
                 $openid->identity = $_POST['openid_identifier'];
                 $openid->required = array('namePerson/friendly', 'namePerson', 'contact/email', 'birthDate', 'pref/language', 'media/image/default');
                 header('Location: ' . $openid->authUrl());
                 exit;
             }
         } elseif ($_GET['openid_mode'] == 'cancel') {
             destrictify();
             require_code('site');
             require_code('site2');
             attach_message('You cancelled your OpenID login, so you are not logged into the site.', 'inform');
         } else {
             destrictify();
             $openid = new LightOpenID();
             if ($openid->validate()) {
                 $attributes = $openid->getAttributes();
                 // If member already existed, no action needed - just create a session to existing record
                 $member = $GLOBALS['FORUM_DB']->query_value_null_ok('f_members', 'id', array('m_password_compat_scheme' => 'openid', 'm_pass_hash_salted' => $openid->identity));
                 if (!is_null($member)) {
                     require_code('users_inactive_occasionals');
                     create_session($member, 1, isset($_COOKIE[get_member_cookie() . '_invisible']) && $_COOKIE[get_member_cookie() . '_invisible'] == '1');
                     // This will mark it as confirmed
                     return $member;
                 }
                 require_code('ocf_members');
                 require_code('ocf_groups');
                 require_lang('ocf');
                 if (running_script('index') || running_script('execute_temp')) {
                     require_code('ocf_members_action');
                     require_code('ocf_members_action2');
                     $email = '';
                     if (array_key_exists('contact/email', $attributes)) {
                         $email = $attributes['contact/email'];
                     }
                     $username = $openid->identity;
                     // Yuck, we'll try and build on this
                     if (array_key_exists('namePerson/friendly', $attributes)) {
                         $username = $attributes['namePerson/friendly'];
                     } elseif (array_key_exists('namePerson', $attributes)) {
                         $username = $attributes['namePerson'];
                     } elseif ($email != '') {
                         $username = substr($email, 0, strpos($email, '@'));
                     }
                     if ($username != '') {
                         $_username = $username;
                         $i = 1;
                         do {
                             $test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_members', 'id', array('m_username' => $_username));
                             if (!is_null($test)) {
                                 $i++;
                                 $_username = $username . ' (' . strval($i) . ')';
                             }
                         } while (!is_null($test));
                         $username = $_username;
                     }
                     $dob = '';
                     if (array_key_exists('birthDate', $attributes)) {
                         $dob = $attributes['birthDate'];
                     }
                     $dob_day = mixed();
                     $dob_month = mixed();
                     $dob_year = mixed();
                     if ($dob != '') {
                         $dob_bits = explode('-', $dob);
                         $dob_day = intval($dob_bits[2]);
                         $dob_month = intval($dob_bits[1]);
                         $dob_year = intval($dob_bits[0]);
                     }
                     $language = mixed();
                     if (array_key_exists('pref/language', $attributes)) {
                         if (file_exists(get_file_base() . '/lang_custom/' . $attributes['pref/language'])) {
                             $language = $attributes['pref/language'];
                         }
                     }
                     require_code('config2');
                     set_option('maximum_password_length', '1000');
                     $member = ocf_member_external_linker($username, $openid->identity, 'openid', false, $email, $dob_day, $dob_month, $dob_year, NULL, $language);
                     $avatar = '';
                     if (array_key_exists('media/image/default', $attributes)) {
                         $avatar = $attributes['media/image/default'];
                     }
                     ocf_member_choose_avatar($avatar, $member);
                 }
                 if (!is_null($member)) {
                     require_code('users_inactive_occasionals');
                     create_session($member, 1, isset($_COOKIE[get_member_cookie() . '_invisible']) && $_COOKIE[get_member_cookie() . '_invisible'] == '1');
                     // This will mark it as confirmed
                 }
             } else {
                 require_code('site');
                 require_code('site2');
                 attach_message('An unknown error occurred during OpenID login.', 'warn');
             }
         }
     } catch (ErrorException $e) {
         require_code('site');
         require_code('site2');
         attach_message($e->getMessage(), 'warn');
     }
     return $member;
 }
Example #2
0
 /**
  * Standard modular render function for profile tabs edit hooks.
  *
  * @param  MEMBER			The ID of the member who is being viewed
  * @param  MEMBER			The ID of the member who is doing the viewing
  * @param  boolean		Whether to leave the tab contents NULL, if tis hook supports it, so that AJAX can load it later
  * @return ?array			A tuple: The tab title, the tab body text (may be blank), the tab fields, extra Javascript (may be blank) the suggested tab order, hidden fields (optional) (NULL: if $leave_to_ajax_if_possible was set)
  */
 function render_tab($member_id_of, $member_id_viewing, $leave_to_ajax_if_possible = false)
 {
     $title = do_lang_tempcode('AVATAR');
     $order = 20;
     // Actualiser
     if (post_param_integer('submitting_avatar_tab', 0) == 1) {
         require_code('uploads');
         if (has_specific_permission($member_id_viewing, 'own_avatars')) {
             if (!(is_swf_upload(true) && array_key_exists('avatar_file', $_FILES) || array_key_exists('avatar_file', $_FILES) && is_uploaded_file($_FILES['avatar_file']['tmp_name']))) {
                 $urls = array();
                 $stock = post_param('avatar_alt_url', '');
                 if ($stock == '') {
                     $stock = post_param('avatar_stock', NULL);
                     if (!is_null($stock)) {
                         $urls[0] = $stock == '' ? '' : find_theme_image($stock, false, true);
                     } else {
                         $urls[0] = '';
                     }
                     // None
                 } else {
                     if (url_is_local($stock) && !$GLOBALS['FORUM_DRIVER']->is_super_admin($member_id_viewing)) {
                         $old = $GLOBALS['FORUM_DB']->query_value('f_members', 'm_avatar_url', array('id' => $member_id_of));
                         if ($old != $stock) {
                             access_denied('ASSOCIATE_EXISTING_FILE');
                         }
                     }
                     $urls[0] = $stock;
                     // URL
                 }
             } else {
                 // We have chosen an upload. Note that we will not be looking at alt_url at this point, even though it is specified below for canonical reasons
                 $urls = get_url('avatar_alt_url', 'avatar_file', file_exists(get_custom_file_base() . '/uploads/avatars') ? 'uploads/avatars' : 'uploads/ocf_avatars', 0, OCP_UPLOAD_IMAGE, false, '', '', false, true);
                 if ((get_base_url() != get_forum_base_url() || array_key_exists('on_msn', $GLOBALS['SITE_INFO']) && $GLOBALS['SITE_INFO']['on_msn'] == '1') && $urls[0] != '' && url_is_local($urls[0])) {
                     $urls[0] = get_custom_base_url() . '/' . $urls[0];
                 }
             }
             $avatar_url = $urls[0];
         } else {
             $stock = post_param('avatar_stock');
             $avatar_url = $stock == '' ? '' : find_theme_image($stock, false, true);
         }
         require_code('ocf_members_action');
         require_code('ocf_members_action2');
         ocf_member_choose_avatar($avatar_url, $member_id_of);
         attach_message(do_lang_tempcode('SUCCESS_SAVE'), 'inform');
     }
     if ($leave_to_ajax_if_possible) {
         return NULL;
     }
     // UI fields
     $avatar_url = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id_of, 'm_avatar_url');
     require_javascript('javascript_multi');
     $fields = new ocp_tempcode();
     require_code('form_templates');
     require_code('themes2');
     $ids = get_all_image_ids_type('ocf_default_avatars', true);
     $found_it = false;
     foreach ($ids as $id) {
         $pos = strpos($avatar_url, '/' . $id);
         $selected = $pos !== false;
         if ($selected) {
             $found_it = true;
         }
     }
     $hidden = new ocp_tempcode();
     if (has_specific_permission($member_id_viewing, 'own_avatars')) {
         $javascript = 'standardAlternateFields(\'avatar_file\',\'avatar_alt_url\',\'avatar_stock*\',true);';
         $fields->attach(form_input_upload(do_lang_tempcode('UPLOAD'), do_lang_tempcode('DESCRIPTION_UPLOAD'), 'avatar_file', false, NULL, NULL, true, str_replace(' ', '', get_option('valid_images'))));
         handle_max_file_size($hidden, 'image');
         $fields->attach(form_input_line(do_lang_tempcode('ALT_FIELD', do_lang_tempcode('URL')), do_lang_tempcode('DESCRIPTION_ALTERNATE_URL'), 'avatar_alt_url', $found_it ? '' : $avatar_url, false));
         $fields->attach(form_input_picture_choose_specific(do_lang_tempcode('ALT_FIELD', do_lang_tempcode('STOCK')), do_lang_tempcode('DESCRIPTION_ALTERNATE_STOCK'), 'avatar_stock', $ids, $avatar_url, NULL, NULL, true));
     } else {
         $javascript = '';
         $fields->attach(form_input_picture_choose_specific(do_lang_tempcode('STOCK'), '', 'avatar_stock', $ids, $avatar_url, NULL, NULL, true));
     }
     if ($avatar_url != '') {
         if (url_is_local($avatar_url)) {
             $avatar_url = get_complex_base_url($avatar_url) . '/' . $avatar_url;
         }
         $avatar = do_template('OCF_TOPIC_POST_AVATAR', array('_GUID' => '50a5902f3ab7e384d9cf99577b222cc8', 'AVATAR' => $avatar_url));
     } else {
         $avatar = do_lang_tempcode('NONE_EM');
     }
     $width = ocf_get_member_best_group_property($member_id_of, 'max_avatar_width');
     $height = ocf_get_member_best_group_property($member_id_of, 'max_avatar_height');
     $text = do_template('OCF_EDIT_AVATAR_TAB', array('_GUID' => 'dbdac6ca3bc752b54d2a24a4c6e69c7c', 'MEMBER_ID' => strval($member_id_of), 'USERNAME' => $GLOBALS['FORUM_DRIVER']->get_username($member_id_of), 'AVATAR' => $avatar, 'WIDTH' => integer_format($width), 'HEIGHT' => integer_format($height)));
     $hidden = new ocp_tempcode();
     $hidden->attach(form_input_hidden('submitting_avatar_tab', '1'));
     return array($title, $fields, $text, $javascript, $order, $hidden);
 }
/**
 * Edit a member's photo, and check validity.
 *
 * @param  ID_TEXT	The identifier for the name of the posted URL field.
 * @param  ID_TEXT	The identifier for the name of the posted upload.
 * @param  ?MEMBER	The member (NULL: the current member).
 */
function ocf_member_choose_photo($param_name, $upload_name, $member_id = NULL)
{
    if (is_null($member_id)) {
        $member_id = get_member();
    }
    require_code('uploads');
    if (!array_key_exists($upload_name, $_FILES) || !is_swf_upload() && !is_uploaded_file($_FILES[$upload_name]['tmp_name'])) {
        $old = $GLOBALS['FORUM_DB']->query_value('f_members', 'm_photo_url', array('id' => $member_id));
        $x = post_param($param_name);
        if ($x != '' && url_is_local($x) && !$GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) {
            if ($old != $x) {
                access_denied('ASSOCIATE_EXISTING_FILE');
            }
        }
        if ($old == $x) {
            return;
        }
        // Not changed, bomb out as we don't want to generate a thumbnail, or copy to avatar, or send notification
    }
    // Find photo URL
    $urls = get_url($param_name, $upload_name, file_exists(get_custom_file_base() . '/uploads/photos') ? 'uploads/photos' : 'uploads/ocf_photos', 0, OCP_UPLOAD_IMAGE, true, 'thumb_' . $param_name, $upload_name . '2', false, true);
    if (!(strlen($urls[0]) > 1)) {
        $urls[1] = '';
    }
    if ((get_base_url() != get_forum_base_url() || array_key_exists('on_msn', $GLOBALS['SITE_INFO']) && $GLOBALS['SITE_INFO']['on_msn'] == '1') && $urls[0] != '' && url_is_local($urls[0])) {
        $urls[0] = get_custom_base_url() . '/' . $urls[0];
    }
    if ((get_base_url() != get_forum_base_url() || array_key_exists('on_msn', $GLOBALS['SITE_INFO']) && $GLOBALS['SITE_INFO']['on_msn'] == '1') && $urls[1] != '' && url_is_local($urls[1])) {
        $urls[1] = get_custom_base_url() . '/' . $urls[1];
    }
    if (get_option('is_on_gd') == '0' || !function_exists('imagetypes')) {
        if (!array_key_exists($upload_name . '2', $_FILES) || !is_swf_upload() && !is_uploaded_file($_FILES[$upload_name . '2']['tmp_name'])) {
            $field = post_param('thumb_' . $param_name, '');
            if ($field == '' && $urls[0] != '') {
                warn_exit(do_lang_tempcode('IMPROPERLY_FILLED_IN_UPLOAD'));
            }
            if ($field != '' && url_is_local($field) && !$GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) {
                $old = $GLOBALS['FORUM_DB']->query_value('f_members', 'm_photo_thumb_url', array('id' => $member_id));
                if ($old != $field) {
                    access_denied('ASSOCIATE_EXISTING_FILE');
                }
            }
        }
    }
    // Cleanup old photo
    $old = $GLOBALS['FORUM_DB']->query_value('f_members', 'm_photo_url', array('id' => $member_id));
    if ($old == $urls[0]) {
        return;
    }
    if (url_is_local($old) && (substr($old, 0, 19) == 'uploads/ocf_photos/' || substr($old, 0, 15) == 'uploads/photos/')) {
        @unlink(get_custom_file_base() . '/' . rawurldecode($old));
    }
    $GLOBALS['FORUM_DB']->query_update('f_members', array('m_photo_url' => $urls[0], 'm_photo_thumb_url' => $urls[1]), array('id' => $member_id), '', 1);
    require_code('notifications');
    dispatch_notification('ocf_choose_photo', NULL, do_lang('CHOOSE_PHOTO_SUBJECT', $GLOBALS['FORUM_DRIVER']->get_username($member_id), NULL, NULL, get_lang($member_id)), do_lang('CHOOSE_PHOTO_BODY', $urls[0], $urls[1], $GLOBALS['FORUM_DRIVER']->get_username($member_id), get_lang($member_id)));
    // If no avatar, or default avatar, or avatars not installed, use photo for it
    $avatar_url = $GLOBALS['FORUM_DRIVER']->get_member_avatar_url($member_id);
    $default_avatar_url = find_theme_image('ocf_default_avatars/default', true, true);
    if (!addon_installed('ocf_avatars')) {
        $avatar_url = $urls[0];
        if (get_option('is_on_gd') == '1' && function_exists('imagetypes')) {
            $stub = url_is_local($avatar_url) ? get_complex_base_url($avatar_url) . '/' : '';
            $file_path = convert_url_to_path($stub . $avatar_url);
            if (!is_null($file_path)) {
                $new_file_path = str_replace('/ocf_photos/', '/ocf_avatars/', $file_path);
                if (!file_exists($new_file_path)) {
                    copy($file_path, $new_file_path);
                    fix_permissions($new_file_path);
                    sync_file($new_file_path);
                }
                $avatar_url = str_replace('/ocf_photos/', '/ocf_avatars/', $avatar_url);
            }
        }
        ocf_member_choose_avatar($avatar_url, $member_id);
    }
    // Decache from run-time cache
    unset($GLOBALS['FORUM_DRIVER']->MEMBER_ROWS_CACHED[$member_id]);
    unset($GLOBALS['MEMBER_CACHE_FIELD_MAPPINGS'][$member_id]);
}