/** * Applies the upgrade. */ function upgrade_apply() { global $xtpl, $upgrade_access_check; if (!validate_form_token($_POST['tk'], 'upgrade_selection')) { set_message('SimpleID detected a potential security attack. Please try again.'); upgrade_selection(); return; } $results = ''; $functions = cache_get('upgrade', $_POST['handle']); foreach ($functions as $function) { $results .= call_user_func($function); } if (!$upgrade_access_check) { $xtpl->parse('main.upgrade_results.upgrade_access_check'); } $xtpl->assign('results', $results); $xtpl->parse('main.upgrade_results'); cache_gc(0, 'upgrade'); $xtpl->assign('title', 'Upgrade'); $xtpl->parse('main'); $xtpl->out('main'); }
/** * Processes a user response from the {@link simpleid_openid_consent_form()} function. * * If the user verifies the relying party, an OpenID response will be sent to * the relying party. Otherwise, the dashboard will be displayed to the user. * */ function simpleid_openid_consent() { global $xtpl, $user, $version, $GETPOST; if ($user == NULL) { user_login_form(''); return; } if (!validate_form_token($GETPOST['tk'], 'rp')) { set_message('SimpleID detected a potential security attack. Please try again.'); $xtpl->assign('title', 'OpenID Login'); $xtpl->parse('main'); $xtpl->out('main'); return; } $uid = $user['uid']; $response = unpickle($GETPOST['s']); $version = openid_get_version($response); $return_to = $response['openid.return_to']; if (!$return_to) { $return_to = $GETPOST['openid.return_to']; } if ($GETPOST['op'] == 'Cancel') { $response = simpleid_checkid_error(false); if (!$return_to) { set_message('Log in cancelled.'); } } else { $now = time(); $realm = $GETPOST['openid.realm']; if (isset($user['rp'][$realm])) { $rp = $user['rp'][$realm]; } else { $rp = array('realm' => $realm, 'first_time' => $now); } $rp['last_time'] = $now; $rp['auto_release'] = isset($GETPOST['autorelease']) && $GETPOST['autorelease'] ? 1 : 0; extension_invoke_all('consent', $GETPOST, $response, $rp); $user['rp'][$realm] = $rp; user_save($user); $response = simpleid_sign($response, isset($response['openid.assoc_handle']) ? $response['openid.assoc_handle'] : NULL); if (!$return_to) { set_message('You were logged in successfully.'); } } if ($return_to) { simpleid_assertion_response($response, $return_to); } else { page_dashboard(); } }
<?php define(MAIN_PATH, realpath(__DIR__) . DIRECTORY_SEPARATOR . '..'); require 'includes/config.inc.php'; require 'includes/functions.inc.php'; require 'includes/user.inc.php'; mysql_connect($config['db']['server'], $config['db']['user'], $config['db']['password']) or die('Could not connect to MySQL server'); // SERVER, DB USERNAME, DB PASSWORD mysql_select_db($config['db']['db']); // DATABASE mysql_query('SET NAMES utf8'); session_name('session'); session_start(); if (!isset($_SESSION['form-token'])) { session_regenerate_id(); $_SESSION['form-token'] = generate_token(); } if (!empty($_POST)) { validate_form_token(); }