if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') { $scheme .= 's'; } $openid = $_GET['openid_url']; $process_url = sprintf("{$scheme}://%s/oid_finish.php?redir=%s", $_SERVER['SERVER_NAME'], urlencode($_SERVER["HTTP_REFERER"])); $trust_root = sprintf("{$scheme}://%s", $_SERVER['SERVER_NAME']); #,$_SERVER['SERVER_PORT']); // Begin the OpenID authentication process. $auth_request = $consumer->begin($openid); // Handle failure status return values. if (!$auth_request) { if (!preg_match('/(^[=@$+!]|^http:\\/\\/)/', $_GET["openid_url"])) { $_GET["openid_url"] = 'http://idbin.ca/' . urlencode($_GET["openid_url"]); $openid = $_GET['openid_url']; $auth_request = $consumer->begin($openid); if (!$auth_request) { Template::Error('authentication error', 'Sorry, there was a general authentication error. Please go back and check your username for accuracy. It should be a valid OpenID username.</p><p>If you need an account, <a href="/oid.php">you can get a new OpenID here</a>.'); exit; } } else { Template::Error('authentication error', 'Sorry, there was a general authentication error. Please go back and check your username for accuracy. It should be a valid OpenID username.</p><p>If you need an account, <a href="/oid.php">you can get a new OpenID here</a>.'); exit; } } if (!Account::existsByOID($_GET["openid_url"])) { $auth_request->addExtensionArg('sreg', 'optional', 'email,nickname,fullname,country,language,timezone'); } // Redirect the user to the OpenID server for authentication. Store // the token for this authentication so we can verify the response. $redirect_url = $auth_request->redirectURL($trust_root, $process_url); header("Location: " . $redirect_url);
$s->timezone = $_POST["timezone"]; } $s->prefs = $_POST["kvp"]; $s->save(); $s->load($s->id); $_SESSION["user"]["id"] = $s->id; $_SESSION["user"]["prefs"] = $s->prefs; $_SESSION["user"]["nick"] = !empty($s->nickname) ? $s->nickname : $_SESSION["user"]["nick"]; $_SESSION["user"]["fullname"] = $s->fullname; $_SESSION["user"]["apikey"] = $s->apikey; $_SESSION["user"]["guid"] = $s->guid; $_SESSION["user"]["adminLevel"] = $s->adminLevel; $_SESSION["user"]["timezone"] = $s->timezone; } if (!$s) { Template::Error("No Such Account", _("Sorry, your account could not be found.")); exit; } $t->assign('account', &$s); $t->assign('countries', &$country_codes); $t->assign('languages', &$language_codes); $t->assign('timezones', &$timezone_strings); $others = array(); $s->loadIdentifiers(); if (!empty($s->identifiers)) { foreach ($s->identifiers as $v) { $v = $v['pretty_name'] ? $v['pretty_name'] : $v['username']; if (substr($v, 0, 1) == '=' || substr($v, 0, 1) == '@' || substr($v, 0, 1) == '!') { $others[] = '<a href="http://xri.net/' . htmlspecialchars($v) . '">' . htmlspecialchars($v) . '</a>'; } else { $others[] = '<a href="' . htmlspecialchars($v) . '">' . htmlspecialchars($v) . '</a>';
$_SESSION["user"]["prefs"] = $acct->prefs; $_SESSION["user"]["nick"] = !empty($acct->nickname) ? $acct->nickname : $openid; $_SESSION["user"]["fullname"] = $acct->fullname; $_SESSION["user"]["apikey"] = $acct->apikey; $_SESSION["user"]["guid"] = $acct->guid; $_SESSION["user"]["adminLevel"] = $acct->adminLevel; $_SESSION["user"]["timezone"] = $acct->timezone; } else { Template::Simple("New OpenID Associated", "Thank you! Your new OpenID username has been associated with this account. You may now <a href='/settings.php'>continue with more settings</a>."); exit; } session_write_close(); if (isset($_GET["redir"])) { if (preg_match(',/login\\.php$,', $_GET["redir"])) { header("Location: http://" . $_SERVER["SERVER_NAME"]); } else { if (preg_match(',/oid\\.php$,', $_GET["redir"])) { header("Location: http://" . $_SERVER["SERVER_NAME"] . "/settings.php"); } else { header("Location: " . $_GET["redir"]); } } } else { header("Location: http://" . $_SERVER["SERVER_NAME"]); } } else { Template::Error("General Authentication Failure", "Sorry, there was a general authentication failure.. <a href=\"/login.php\">Please try again.</a>"); exit; } } }