/**
* @see \wcf\action\IAction::execute();
*/
public function execute()
{
parent::execute();
// header
@header('Content-type: text/xml');
// file name
@header('Content-disposition: attachment; filename="options.xml"');
// no cache headers
@header('Pragma: no-cache');
@header('Expires: 0');
// content
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<options>\n";
$options = Option::getOptions();
foreach ($options as $option) {
if ($option->hidden) {
continue;
}
// ignore hidden options
echo "\t<option>\n";
echo "\t\t<name><![CDATA[" . StringUtil::escapeCDATA($option->optionName) . "]]></name>\n";
echo "\t\t<value><![CDATA[" . StringUtil::escapeCDATA($option->optionValue) . "]]></value>\n";
echo "\t</option>\n";
}
echo '</options>';
$this->executed();
exit;
}
public function execute()
{
parent::execute();
$entryEditor = new EntryEditor($this->entry);
$entryEditor->updateCounters(array('visits' => $this->entry->visits + 1));
$this->executed();
HeaderUtil::redirect($this->entry->website);
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
if ($this->user->enableGravatar) {
$fileExtension = $this->user->gravatarFileExtension ?: 'png';
// try to use cached gravatar
$cachedFilename = sprintf(Gravatar::GRAVATAR_CACHE_LOCATION, md5(mb_strtolower($this->user->email)), $this->size, $fileExtension);
if (file_exists(WCF_DIR . $cachedFilename) && filemtime(WCF_DIR . $cachedFilename) > TIME_NOW - Gravatar::GRAVATAR_CACHE_EXPIRE * 86400) {
@header('Content-Type: image/png');
@readfile(WCF_DIR . $cachedFilename);
exit;
}
// try to download new version
$gravatarURL = sprintf(Gravatar::GRAVATAR_BASE, md5(mb_strtolower($this->user->email)), $this->size, GRAVATAR_DEFAULT_TYPE);
try {
$request = new HTTPRequest($gravatarURL);
$request->execute();
$reply = $request->getReply();
// get mime type and file extension
$fileExtension = 'png';
$mimeType = 'image/png';
if (isset($reply['headers']['Content-Type'])) {
switch ($reply['headers']['Content-Type']) {
case 'image/jpeg':
$mimeType = 'image/jpeg';
$fileExtension = 'jpg';
break;
case 'image/gif':
$mimeType = 'image/gif';
$fileExtension = 'gif';
break;
}
}
// save file
$cachedFilename = sprintf(Gravatar::GRAVATAR_CACHE_LOCATION, md5(mb_strtolower($this->user->email)), $this->size, $fileExtension);
file_put_contents(WCF_DIR . $cachedFilename, $reply['body']);
FileUtil::makeWritable(WCF_DIR . $cachedFilename);
// update file extension
if ($fileExtension != $this->user->gravatarFileExtension) {
$editor = new UserEditor($this->user);
$editor->update(array('gravatarFileExtension' => $fileExtension));
}
@header('Content-Type: ' . $mimeType);
@readfile(WCF_DIR . $cachedFilename);
exit;
} catch (SystemException $e) {
// disable gravatar
$editor = new UserEditor($this->user);
$editor->update(array('enableGravatar' => 0));
}
}
// fallback to default avatar
@header('Content-Type: image/svg+xml');
@readfile(WCF_DIR . 'images/avatars/avatar-default.svg');
exit;
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
$filename = BackupHandler::getInstance()->getExportArchive();
$this->executed();
header('Content-Type: application/x-gzip; charset=utf8');
header('Content-Disposition: attachment; filename="CMS-Export.tar.gz"');
readfile($filename);
@unlink($filename);
}
/**
* @see wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
// mark as trashed
$this->statementAction = new UserJcoinsStatementAction($this->statementList->objectIDs, 'trashAll');
$this->statementAction->executeAction();
$this->statementAction = new UserJcoinsStatementAction(array(), 'create', array('data' => array('reason' => 'wcf.jcoins.summaryOfAccountBalances', 'sum' => WCF::getUser()->jCoinsBalance, 'time' => TIME_NOW, 'userID' => WCF::getUser()->userID)));
$this->statementAction->executeAction();
$this->executed();
$url = LinkHandler::getInstance()->getLink('OwnCoinsStatement');
HeaderUtil::delayedRedirect($url, WCF::getLanguage()->get('wcf.jcoins.statement.successfullsumup'));
exit;
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
// reset stylesheets
StyleHandler::resetStylesheets();
// delete language cache and compiled templates as well
LanguageFactory::getInstance()->deleteLanguageCache();
// get package dirs
CacheHandler::getInstance()->flushAll();
$this->executed();
if (!isset($_POST['noRedirect'])) {
HeaderUtil::redirect(LinkHandler::getInstance()->getLink('CacheList'));
}
exit;
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
if ($this->event !== null) {
$sql = "UPDATE\twcf" . WCF_N . "_user_notification_event_to_user\n\t\t\t\tSET\tmailNotificationType = ?\n\t\t\t\tWHERE\tuserID = ?\n\t\t\t\t\tAND eventID = ?";
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array('none', $this->userID, $this->eventID));
} else {
$sql = "UPDATE\twcf" . WCF_N . "_user_notification_event_to_user\n\t\t\t\tSET\tmailNotificationType = ?\n\t\t\t\tWHERE\tuserID = ?";
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute(array('none', $this->userID));
}
$this->executed();
// redirect to url
HeaderUtil::delayedRedirect(LinkHandler::getInstance()->getLink(), WCF::getLanguage()->get('wcf.user.notification.mail.disabled'));
exit;
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
if (!$this->notification->confirmTime) {
UserNotificationHandler::getInstance()->markAsConfirmedByID($this->notification->notificationID);
}
$event = new UserNotificationEvent($this->notification->eventID);
$objectType = ObjectTypeCache::getInstance()->getObjectType($event->objectTypeID);
$objects = $objectType->getProcessor()->getObjectsByIDs(array($this->notification->objectID));
$userProfile = null;
if ($this->notification->authorID) {
$userProfile = new UserProfile(new User($this->notification->authorID));
} else {
$userProfile = new UserProfile(new User(null, array('userID' => null, 'username' => WCF::getLanguage()->get('wcf.user.guest'))));
}
$className = $event->className;
$notificationEvent = new $className($event);
$notificationEvent->setObject($this->notification, $objects[$this->notification->objectID], $userProfile, $this->notification->additionalData);
HeaderUtil::redirect($notificationEvent->getLink());
exit;
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
AbstractAction::execute();
$returnValues = null;
switch ($this->actionName) {
case 'count':
$returnValues = array('count' => $this->count());
break;
case 'getQuotes':
$returnValues = array('template' => $this->getQuotes());
break;
case 'markForRemoval':
$this->markForRemoval();
break;
case 'remove':
$returnValues = array('count' => $this->remove());
break;
case 'removeMarkedQuotes':
$returnValues = array('count' => $this->removeMarkedQuotes());
break;
default:
throw new SystemException("Unknown action '" . $this->actionName . "'");
break;
}
if (is_array($returnValues) && $this->_getFullQuoteObjectIDs) {
$returnValues['fullQuoteObjectIDs'] = $this->getFullQuoteObjectIDs();
}
$this->executed();
// force session update
WCF::getSession()->update();
WCF::getSession()->disableUpdate();
if ($returnValues !== null) {
// send JSON-encoded response
header('Content-type: application/json');
echo JSON::encode($returnValues);
}
exit;
}
/**
* @see wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
// delete language cache and compiled templates as well
LanguageFactory::getInstance()->deleteLanguageCache();
$conditions = new PreparedStatementConditionBuilder();
$conditions->add("packageID IN (?)", array(PackageDependencyHandler::getInstance()->getDependencies()));
$conditions->add("isApplication = ?", array(1));
// get package dirs
$sql = "SELECT\tpackageDir\n\t\t\tFROM\twcf" . WCF_N . "_package\n\t\t\t" . $conditions;
$statement = WCF::getDB()->prepareStatement($sql);
$statement->execute($conditions->getParameters());
while ($row = $statement->fetchArray()) {
$packageDir = FileUtil::getRealPath(WCF_DIR . $row['packageDir']);
try {
CacheHandler::getInstance()->clear($packageDir . 'cache', '*.php');
} catch (SystemException $e) {
}
}
$this->executed();
HeaderUtil::redirect(LinkHandler::getInstance()->getLink('CacheList'));
exit;
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
AbstractAction::execute();
$returnValues = array('actionName' => $this->actionName, 'pollID' => $this->pollID);
switch ($this->actionName) {
case 'getResult':
$this->getResult($returnValues);
break;
case 'getVote':
$this->getVote($returnValues);
break;
case 'vote':
$this->vote($returnValues);
break;
}
$this->executed();
// send JSON-encoded response
header('Content-type: application/json');
echo JSON::encode($returnValues);
exit;
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
// user accepted the connection
if (isset($_GET['code'])) {
try {
// fetch access_token
$request = new HTTPRequest('https://github.com/login/oauth/access_token', array(), array('client_id' => StringUtil::trim(GITHUB_PUBLIC_KEY), 'client_secret' => StringUtil::trim(GITHUB_PRIVATE_KEY), 'code' => $_GET['code']));
$request->execute();
$reply = $request->getReply();
$content = $reply['body'];
} catch (SystemException $e) {
// force logging
$e->getExceptionID();
throw new IllegalLinkException();
}
// validate state, validation of state is executed after fetching the access_token to invalidate 'code'
if (!isset($_GET['state']) || $_GET['state'] != WCF::getSession()->getVar('__githubInit')) {
throw new IllegalLinkException();
}
WCF::getSession()->unregister('__githubInit');
parse_str($content, $data);
// check whether the token is okay
if (isset($data['error'])) {
throw new IllegalLinkException();
}
// check whether a user is connected to this github account
$user = $this->getUser($data['access_token']);
if ($user->userID) {
// a user is already connected, but we are logged in, break
if (WCF::getUser()->userID) {
throw new NamedUserException(WCF::getLanguage()->get('wcf.user.3rdparty.github.connect.error.inuse'));
} else {
if (UserAuthenticationFactory::getInstance()->getUserAuthentication()->supportsPersistentLogins()) {
$password = StringUtil::getRandomID();
$userEditor = new UserEditor($user);
$userEditor->update(array('password' => $password));
// reload user to retrieve salt
$user = new User($user->userID);
UserAuthenticationFactory::getInstance()->getUserAuthentication()->storeAccessData($user, $user->username, $password);
}
WCF::getSession()->changeUser($user);
WCF::getSession()->update();
HeaderUtil::redirect(LinkHandler::getInstance()->getLink());
}
} else {
try {
// fetch userdata
$request = new HTTPRequest('https://api.github.com/user?access_token=' . $data['access_token']);
$request->execute();
$reply = $request->getReply();
$userData = JSON::decode(StringUtil::trim($reply['body']));
} catch (SystemException $e) {
// force logging
$e->getExceptionID();
throw new IllegalLinkException();
}
WCF::getSession()->register('__3rdPartyProvider', 'github');
// save data for connection
if (WCF::getUser()->userID) {
WCF::getSession()->register('__githubUsername', $userData['login']);
WCF::getSession()->register('__githubToken', $data['access_token']);
HeaderUtil::redirect(LinkHandler::getInstance()->getLink('AccountManagement') . '#3rdParty');
} else {
WCF::getSession()->register('__githubData', $userData);
WCF::getSession()->register('__username', $userData['login']);
// check whether user has entered a public email
if (isset($userData) && isset($userData['email']) && $userData['email'] !== null) {
WCF::getSession()->register('__email', $userData['email']);
} else {
try {
$request = new HTTPRequest('https://api.github.com/user/emails?access_token=' . $data['access_token']);
$request->execute();
$reply = $request->getReply();
$emails = JSON::decode(StringUtil::trim($reply['body']));
// handle future response as well a current response (see. http://developer.github.com/v3/users/emails/)
if (is_string($emails[0])) {
$email = $emails[0];
} else {
$email = $emails[0]['email'];
foreach ($emails as $tmp) {
if ($tmp['primary']) {
$email = $tmp['email'];
}
break;
}
}
WCF::getSession()->register('__email', $email);
} catch (SystemException $e) {
}
}
WCF::getSession()->register('__githubToken', $data['access_token']);
// we assume that bots won't register on github first
// thus no need for a captcha
if (REGISTER_USE_CAPTCHA) {
WCF::getSession()->register('noRegistrationCaptcha', true);
}
WCF::getSession()->update();
HeaderUtil::redirect(LinkHandler::getInstance()->getLink('Register'));
}
}
$this->executed();
exit;
}
// user declined or any other error that may occur
if (isset($_GET['error'])) {
throw new NamedUserException(WCF::getLanguage()->get('wcf.user.3rdparty.github.login.error.' . $_GET['error']));
}
// start auth by redirecting to github
$token = StringUtil::getRandomID();
WCF::getSession()->register('__githubInit', $token);
HeaderUtil::redirect("https://github.com/login/oauth/authorize?client_id=" . rawurlencode(StringUtil::trim(GITHUB_PUBLIC_KEY)) . "&scope=" . rawurlencode('user:email') . "&state=" . $token);
$this->executed();
exit;
}
/**
* @see \wcf\action\IAction::execute();
*/
public function execute()
{
ACPMenu::getInstance()->setActiveMenuItem('wcf.acp.menu.link.user.search');
parent::execute();
// add email column for authorized users
if (WCF::getSession()->getPermission('admin.user.canEditMailAddress')) {
array_unshift($this->columns, 'email');
}
switch ($this->mode) {
case 'banned':
$sql = "SELECT\t\tuser_table.userID\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user_table\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value\n\t\t\t\t\tON\t\t(option_value.userID = user_table.userID)\n\t\t\t\t\tWHERE\t\tbanned = ?";
$statement = WCF::getDB()->prepareStatement($sql, $this->maxResults);
$statement->execute(array(1));
while ($row = $statement->fetchArray()) {
$this->matches[] = $row['userID'];
}
break;
case 'newest':
$this->maxResults = 100;
$this->sortField = 'registrationDate';
$this->sortOrder = 'DESC';
$sql = "SELECT\t\tuser_table.userID\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user_table\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value\n\t\t\t\t\tON\t\t(option_value.userID = user_table.userID)\n\t\t\t\t\tORDER BY\tuser_table.registrationDate DESC";
$statement = WCF::getDB()->prepareStatement($sql, $this->maxResults);
$statement->execute();
while ($row = $statement->fetchArray()) {
$this->matches[] = $row['userID'];
}
break;
case 'disabled':
$this->sortField = 'registrationDate';
$this->sortOrder = 'DESC';
$sql = "SELECT\t\tuser_table.userID\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user_table\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value\n\t\t\t\t\tON\t\t(option_value.userID = user_table.userID)\n\t\t\t\t\tWHERE\t\tactivationCode <> ?\n\t\t\t\t\tORDER BY\tuser_table.registrationDate DESC";
$statement = WCF::getDB()->prepareStatement($sql, $this->maxResults);
$statement->execute(array(0));
while ($row = $statement->fetchArray()) {
$this->matches[] = $row['userID'];
}
break;
case 'disabledAvatars':
$sql = "SELECT\t\tuser_table.userID\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user_table\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value\n\t\t\t\t\tON\t\t(option_value.userID = user_table.userID)\n\t\t\t\t\tWHERE\t\tdisableAvatar = ?";
$statement = WCF::getDB()->prepareStatement($sql, $this->maxResults);
$statement->execute(array(1));
while ($row = $statement->fetchArray()) {
$this->matches[] = $row['userID'];
}
break;
case 'disabledSignatures':
$sql = "SELECT\t\tuser_table.userID\n\t\t\t\t\tFROM\t\twcf" . WCF_N . "_user user_table\n\t\t\t\t\tLEFT JOIN\twcf" . WCF_N . "_user_option_value option_value\n\t\t\t\t\tON\t\t(option_value.userID = user_table.userID)\n\t\t\t\t\tWHERE\t\tdisableSignature = ?";
$statement = WCF::getDB()->prepareStatement($sql, $this->maxResults);
$statement->execute(array(1));
while ($row = $statement->fetchArray()) {
$this->matches[] = $row['userID'];
}
break;
}
if (empty($this->matches)) {
throw new NamedUserException(WCF::getLanguage()->get('wcf.acp.user.search.error.noMatches'));
}
// store search result in database
$data = serialize(array('matches' => $this->matches, 'itemsPerPage' => $this->itemsPerPage, 'columns' => $this->columns));
$search = SearchEditor::create(array('userID' => WCF::getUser()->userID, 'searchData' => $data, 'searchTime' => TIME_NOW, 'searchType' => 'users'));
$this->executed();
// forward to result page
$url = LinkHandler::getInstance()->getLink('UserList', array('id' => $search->searchID), 'sortField=' . rawurlencode($this->sortField) . '&sortOrder=' . rawurlencode($this->sortOrder));
HeaderUtil::redirect($url);
exit;
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
// check response
$processor = null;
try {
// post back to paypal to validate
$content = '';
try {
$url = 'https://www.paypal.com/cgi-bin/webscr';
if (!empty($_POST['test_ipn'])) {
// IPN simulator notification
$url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
}
$request = new HTTPRequest($url, array(), array_merge(array('cmd' => '_notify-validate'), $_POST));
$request->execute();
$reply = $request->getReply();
$content = $reply['body'];
} catch (SystemException $e) {
throw new SystemException('connection to paypal.com failed: ' . $e->getMessage());
}
if (strstr($content, "VERIFIED") === false) {
throw new SystemException('request not validated');
}
// fix encoding
if (!empty($_POST['charset']) && strtoupper($_POST['charset']) != 'UTF-8') {
foreach ($_POST as &$value) {
$value = StringUtil::convertEncoding(strtoupper($_POST['charset']), 'UTF-8', $value);
}
}
// Check that receiver_email is your Primary PayPal email
if (strtolower($_POST['business']) != strtolower(PAYPAL_EMAIL_ADDRESS) && strtolower($_POST['receiver_email']) != strtolower(PAYPAL_EMAIL_ADDRESS)) {
throw new SystemException('invalid business or receiver_email');
}
// get token
if (!isset($_POST['custom'])) {
throw new SystemException('invalid custom item');
}
$tokenParts = explode(':', $_POST['custom'], 2);
if (count($tokenParts) != 2) {
throw new SystemException('invalid custom item');
}
// get payment type object type
$objectType = ObjectTypeCache::getInstance()->getObjectType(intval($tokenParts[0]));
if ($objectType === null || !$objectType->getProcessor() instanceof IPaymentType) {
throw new SystemException('invalid payment type id');
}
$processor = $objectType->getProcessor();
// get status
$transactionType = !empty($_POST['txn_type']) ? $_POST['txn_type'] : '';
$paymentStatus = !empty($_POST['payment_status']) ? $_POST['payment_status'] : '';
$status = '';
if ($transactionType == 'web_accept' || $transactionType == 'subscr_payment') {
if ($paymentStatus == 'Completed') {
$status = 'completed';
}
}
if ($paymentStatus == 'Refunded' || $paymentStatus == 'Reversed') {
$status = 'reversed';
}
if ($paymentStatus == 'Canceled_Reversal') {
$status = 'canceled_reversal';
}
if ($status) {
$processor->processTransaction(ObjectTypeCache::getInstance()->getObjectTypeIDByName('com.woltlab.wcf.payment.method', 'com.woltlab.wcf.payment.method.paypal'), $tokenParts[1], $_POST['mc_gross'], $_POST['mc_currency'], $_POST['txn_id'], $status, $_POST);
}
} catch (SystemException $e) {
@header('HTTP/1.1 500 Internal Server Error');
echo $e->getMessage();
exit;
}
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
// user accepted
if (isset($_GET['oauth_token']) && isset($_GET['oauth_verifier'])) {
// fetch data created in the first step
$initData = WCF::getSession()->getVar('__twitterInit');
WCF::getSession()->unregister('__twitterInit');
if (!$initData) {
throw new IllegalLinkException();
}
// validate oauth_token
if ($_GET['oauth_token'] !== $initData['oauth_token']) {
throw new IllegalLinkException();
}
try {
// fetch access_token
$oauthHeader = array('oauth_consumer_key' => StringUtil::trim(TWITTER_PUBLIC_KEY), 'oauth_nonce' => StringUtil::getRandomID(), 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_timestamp' => TIME_NOW, 'oauth_version' => '1.0', 'oauth_token' => $initData['oauth_token']);
$postData = array('oauth_verifier' => $_GET['oauth_verifier']);
$signature = $this->createSignature('https://api.twitter.com/oauth/access_token', array_merge($oauthHeader, $postData));
$oauthHeader['oauth_signature'] = $signature;
$request = new HTTPRequest('https://api.twitter.com/oauth/access_token', array(), $postData);
$request->addHeader('Authorization', 'OAuth ' . $this->buildOAuthHeader($oauthHeader));
$request->execute();
$reply = $request->getReply();
$content = $reply['body'];
} catch (SystemException $e) {
// force logging
$e->getExceptionID();
throw new IllegalLinkException();
}
parse_str($content, $data);
// check whether a user is connected to this twitter account
$user = $this->getUser($data['user_id']);
if ($user->userID) {
// a user is already connected, but we are logged in, break
if (WCF::getUser()->userID) {
throw new NamedUserException(WCF::getLanguage()->get('wcf.user.3rdparty.twitter.connect.error.inuse'));
} else {
if (UserAuthenticationFactory::getInstance()->getUserAuthentication()->supportsPersistentLogins()) {
$password = StringUtil::getRandomID();
$userEditor = new UserEditor($user);
$userEditor->update(array('password' => $password));
// reload user to retrieve salt
$user = new User($user->userID);
UserAuthenticationFactory::getInstance()->getUserAuthentication()->storeAccessData($user, $user->username, $password);
}
WCF::getSession()->changeUser($user);
WCF::getSession()->update();
HeaderUtil::redirect(LinkHandler::getInstance()->getLink());
}
} else {
WCF::getSession()->register('__3rdPartyProvider', 'twitter');
// save data for connection
if (WCF::getUser()->userID) {
WCF::getSession()->register('__twitterUsername', $data['screen_name']);
WCF::getSession()->register('__twitterData', $data);
HeaderUtil::redirect(LinkHandler::getInstance()->getLink('AccountManagement') . '#3rdParty');
} else {
// fetch user data
$twitterData = null;
try {
$request = new HTTPRequest('https://api.twitter.com/1.1/users/show.json?screen_name=' . $data['screen_name']);
$request->execute();
$reply = $request->getReply();
$twitterData = json_decode($reply['body'], true);
} catch (SystemException $e) {
/* ignore errors */
}
WCF::getSession()->register('__username', $data['screen_name']);
if ($twitterData !== null) {
$data = $twitterData;
}
WCF::getSession()->register('__twitterData', $data);
// we assume that bots won't register on twitter first
// thus no need for a captcha
if (REGISTER_USE_CAPTCHA) {
WCF::getSession()->register('noRegistrationCaptcha', true);
}
WCF::getSession()->update();
HeaderUtil::redirect(LinkHandler::getInstance()->getLink('Register'));
}
}
$this->executed();
exit;
}
// user declined
if (isset($_GET['denied'])) {
throw new NamedUserException(WCF::getLanguage()->get('wcf.user.3rdparty.twitter.login.error.denied'));
}
// start auth by fetching request_token
try {
$callbackURL = LinkHandler::getInstance()->getLink('TwitterAuth', array('appendSession' => false));
$oauthHeader = array('oauth_callback' => $callbackURL, 'oauth_consumer_key' => StringUtil::trim(TWITTER_PUBLIC_KEY), 'oauth_nonce' => StringUtil::getRandomID(), 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_timestamp' => TIME_NOW, 'oauth_version' => '1.0');
$signature = $this->createSignature('https://api.twitter.com/oauth/request_token', $oauthHeader);
$oauthHeader['oauth_signature'] = $signature;
// call api
$request = new HTTPRequest('https://api.twitter.com/oauth/request_token', array('method' => 'POST'));
$request->addHeader('Authorization', 'OAuth ' . $this->buildOAuthHeader($oauthHeader));
$request->execute();
$reply = $request->getReply();
$content = $reply['body'];
} catch (SystemException $e) {
// force logging
$e->getExceptionID();
throw new IllegalLinkException();
}
parse_str($content, $data);
if ($data['oauth_callback_confirmed'] != 'true') {
throw new IllegalLinkException();
}
WCF::getSession()->register('__twitterInit', $data);
// redirect to twitter
HeaderUtil::redirect('https://api.twitter.com/oauth/authenticate?oauth_token=' . rawurlencode($data['oauth_token']));
$this->executed();
exit;
}
/**
* @see wcf\action\IAction::readParameters()
*/
public function readParameters() {
parent::readParameters();
// check security token
$this->checkSecurityToken();
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
$callbackURL = LinkHandler::getInstance()->getLink('FacebookAuth');
// Work around Facebook performing an illegal substitution of the Slash
// by '%2F' when entering redirect URI (RFC 3986 sect. 2.2, sect. 3.4)
$callbackURL = preg_replace_callback('/(?<=\\?).*/', function ($matches) {
return rawurlencode($matches[0]);
}, $callbackURL);
// user accepted the connection
if (isset($_GET['code'])) {
try {
// fetch access_token
$request = new HTTPRequest('https://graph.facebook.com/oauth/access_token?client_id=' . StringUtil::trim(FACEBOOK_PUBLIC_KEY) . '&redirect_uri=' . rawurlencode($callbackURL) . '&client_secret=' . StringUtil::trim(FACEBOOK_PRIVATE_KEY) . '&code=' . rawurlencode($_GET['code']));
$request->execute();
$reply = $request->getReply();
$content = $reply['body'];
} catch (SystemException $e) {
// force logging
$e->getExceptionID();
throw new IllegalLinkException();
}
// validate state, validation of state is executed after fetching the access_token to invalidate 'code'
if (!isset($_GET['state']) || $_GET['state'] != WCF::getSession()->getVar('__facebookInit')) {
throw new IllegalLinkException();
}
WCF::getSession()->unregister('__facebookInit');
parse_str($content, $data);
try {
// fetch userdata
$request = new HTTPRequest('https://graph.facebook.com/me?access_token=' . rawurlencode($data['access_token']) . '&fields=birthday,bio,email,gender,id,location,name,picture.type(large),website');
$request->execute();
$reply = $request->getReply();
$content = $reply['body'];
} catch (SystemException $e) {
// force logging
$e->getExceptionID();
throw new IllegalLinkException();
}
$userData = JSON::decode($content);
// check whether a user is connected to this facebook account
$user = $this->getUser($userData['id']);
if ($user->userID) {
// a user is already connected, but we are logged in, break
if (WCF::getUser()->userID) {
throw new NamedUserException(WCF::getLanguage()->get('wcf.user.3rdparty.facebook.connect.error.inuse'));
} else {
if (UserAuthenticationFactory::getInstance()->getUserAuthentication()->supportsPersistentLogins()) {
$password = StringUtil::getRandomID();
$userEditor = new UserEditor($user);
$userEditor->update(array('password' => $password));
// reload user to retrieve salt
$user = new User($user->userID);
UserAuthenticationFactory::getInstance()->getUserAuthentication()->storeAccessData($user, $user->username, $password);
}
WCF::getSession()->changeUser($user);
WCF::getSession()->update();
HeaderUtil::redirect(LinkHandler::getInstance()->getLink());
}
} else {
WCF::getSession()->register('__3rdPartyProvider', 'facebook');
// save data for connection
if (WCF::getUser()->userID) {
WCF::getSession()->register('__facebookUsername', $userData['name']);
WCF::getSession()->register('__facebookData', $userData);
HeaderUtil::redirect(LinkHandler::getInstance()->getLink('AccountManagement') . '#3rdParty');
} else {
WCF::getSession()->register('__username', $userData['name']);
if (isset($userData['email'])) {
WCF::getSession()->register('__email', $userData['email']);
}
WCF::getSession()->register('__facebookData', $userData);
// we assume that bots won't register on facebook first
// thus no need for a captcha
if (REGISTER_USE_CAPTCHA) {
WCF::getSession()->register('noRegistrationCaptcha', true);
}
WCF::getSession()->update();
HeaderUtil::redirect(LinkHandler::getInstance()->getLink('Register'));
}
}
$this->executed();
exit;
}
// user declined or any other error that may occur
if (isset($_GET['error'])) {
throw new NamedUserException(WCF::getLanguage()->get('wcf.user.3rdparty.facebook.login.error.' . $_GET['error']));
}
// start auth by redirecting to facebook
$token = StringUtil::getRandomID();
WCF::getSession()->register('__facebookInit', $token);
HeaderUtil::redirect("https://www.facebook.com/dialog/oauth?client_id=" . StringUtil::trim(FACEBOOK_PUBLIC_KEY) . "&redirect_uri=" . rawurlencode($callbackURL) . "&state=" . $token . "&scope=email,user_about_me,user_birthday,user_location,user_website");
$this->executed();
exit;
}
/**
* @see \wcf\action\IAction::execute()
*/
public function execute()
{
parent::execute();
$callbackURL = LinkHandler::getInstance()->getLink('GoogleAuth', array('appendSession' => false));
// user accepted the connection
if (isset($_GET['code'])) {
try {
// fetch access_token
$request = new HTTPRequest('https://accounts.google.com/o/oauth2/token', array(), array('code' => $_GET['code'], 'client_id' => StringUtil::trim(GOOGLE_PUBLIC_KEY), 'client_secret' => StringUtil::trim(GOOGLE_PRIVATE_KEY), 'redirect_uri' => $callbackURL, 'grant_type' => 'authorization_code'));
$request->execute();
$reply = $request->getReply();
$content = $reply['body'];
} catch (SystemException $e) {
// force logging
$e->getExceptionID();
throw new IllegalLinkException();
}
// validate state, validation of state is executed after fetching the access_token to invalidate 'code'
if (!isset($_GET['state']) || $_GET['state'] != WCF::getSession()->getVar('__googleInit')) {
throw new IllegalLinkException();
}
WCF::getSession()->unregister('__googleInit');
$data = JSON::decode($content);
try {
// fetch userdata
$request = new HTTPRequest('https://www.googleapis.com/plus/v1/people/me');
$request->addHeader('Authorization', 'Bearer ' . $data['access_token']);
$request->execute();
$reply = $request->getReply();
$content = $reply['body'];
} catch (SystemException $e) {
// force logging
$e->getExceptionID();
throw new IllegalLinkException();
}
$userData = JSON::decode($content);
// check whether a user is connected to this google account
$user = $this->getUser($userData['id']);
if ($user->userID) {
// a user is already connected, but we are logged in, break
if (WCF::getUser()->userID) {
throw new NamedUserException(WCF::getLanguage()->get('wcf.user.3rdparty.google.connect.error.inuse'));
} else {
if (UserAuthenticationFactory::getInstance()->getUserAuthentication()->supportsPersistentLogins()) {
$password = StringUtil::getRandomID();
$userEditor = new UserEditor($user);
$userEditor->update(array('password' => $password));
// reload user to retrieve salt
$user = new User($user->userID);
UserAuthenticationFactory::getInstance()->getUserAuthentication()->storeAccessData($user, $user->username, $password);
}
WCF::getSession()->changeUser($user);
WCF::getSession()->update();
HeaderUtil::redirect(LinkHandler::getInstance()->getLink());
}
} else {
WCF::getSession()->register('__3rdPartyProvider', 'google');
// save data for connection
if (WCF::getUser()->userID) {
WCF::getSession()->register('__googleUsername', $userData['displayName']);
WCF::getSession()->register('__googleData', $userData);
HeaderUtil::redirect(LinkHandler::getInstance()->getLink('AccountManagement') . '#3rdParty');
} else {
WCF::getSession()->register('__username', $userData['displayName']);
if (isset($userData['emails'][0]['value'])) {
WCF::getSession()->register('__email', $userData['emails'][0]['value']);
}
WCF::getSession()->register('__googleData', $userData);
// we assume that bots won't register on google first
// thus no need for a captcha
if (REGISTER_USE_CAPTCHA) {
WCF::getSession()->register('noRegistrationCaptcha', true);
}
WCF::getSession()->update();
HeaderUtil::redirect(LinkHandler::getInstance()->getLink('Register'));
}
}
$this->executed();
exit;
}
// user declined or any other error that may occur
if (isset($_GET['error'])) {
throw new NamedUserException(WCF::getLanguage()->get('wcf.user.3rdparty.google.login.error.' . $_GET['error']));
}
// start auth by redirecting to google
$token = StringUtil::getRandomID();
WCF::getSession()->register('__googleInit', $token);
HeaderUtil::redirect("https://accounts.google.com/o/oauth2/auth?client_id=" . rawurlencode(StringUtil::trim(GOOGLE_PUBLIC_KEY)) . "&redirect_uri=" . rawurlencode($callbackURL) . "&state=" . $token . "&scope=profile+email&response_type=code");
$this->executed();
exit;
}
