/** * Openid_uri is the URI given by the user * Validates the URI and changes it to a fully canonicalize URL * Determines the IDP server and delegation * Optional array of fields to restore when validation complete. * Redirects the user to the IDP for validation * Enter description here ... * @param string $openid_uri * @param bool $return = false * @param array $save_fields = array() * @param string $return_action = null * @return string */ function smf_openID_validate($openid_uri, $return = false, $save_fields = array(), $return_action = null) { global $sourcedir, $scripturl, $boardurl, $modSettings; $openid_url = smf_openID_canonize($openid_uri); $response_data = smf_openID_getServerInfo($openid_url); if ($response_data === false) { return 'no_data'; } if (($assoc = smf_openID_getAssociation($response_data['server'])) == null) { $assoc = smf_openID_makeAssociation($response_data['server']); } // Before we go wherever it is we are going, store the GET and POST data, because it might be useful when we get back. $request_time = time(); // Just in case they are doing something else at this time. while (isset($_SESSION['openid']['saved_data'][$request_time])) { $request_time = md5($request_time); } $_SESSION['openid']['saved_data'][$request_time] = array('get' => $_GET, 'post' => $_POST, 'openid_uri' => $openid_url, 'cookieTime' => $modSettings['cookieTime']); $parameters = array('openid.mode=checkid_setup', 'openid.trust_root=' . urlencode($scripturl), 'openid.identity=' . urlencode(empty($response_data['delegate']) ? $openid_url : $response_data['delegate']), 'openid.assoc_handle=' . urlencode($assoc['handle']), 'openid.return_to=' . urlencode($scripturl . '?action=openidreturn&sa=' . (!empty($return_action) ? $return_action : $_REQUEST['action']) . '&t=' . $request_time . (!empty($save_fields) ? '&sf=' . base64_encode(serialize($save_fields)) : ''))); // If they are logging in but don't yet have an account or they are registering, let's request some additional information if ($_REQUEST['action'] == 'login2' && !smf_openid_member_exists($openid_url) || ($_REQUEST['action'] == 'register' || $_REQUEST['action'] == 'register2')) { // Email is required. $parameters[] = 'openid.sreg.required=email'; // The rest is just optional. $parameters[] = 'openid.sreg.optional=nickname,dob,gender'; } $redir_url = $response_data['server'] . '?' . implode('&', $parameters); if ($return) { return $redir_url; } else { redirectexit($redir_url); } }
function authentication($memID, $saving = false) { global $context, $cur_profile, $sourcedir, $txt, $post_errors, $modSettings; loadLanguage('Login'); // We are saving? if ($saving) { // Moving to password passed authentication? if ($_POST['authenticate'] == 'passwd') { // Didn't enter anything? if ($_POST['passwrd1'] == '') { $post_errors[] = 'no_password'; } elseif (!isset($_POST['passwrd2']) || $_POST['passwrd1'] != $_POST['passwrd2']) { $post_errors[] = 'bad_new_password'; } else { require_once $sourcedir . '/Subs-Auth.php'; $passwordErrors = validatePassword($_POST['passwrd1'], $cur_profile['member_name'], array($cur_profile['real_name'], $cur_profile['email_address'])); // Were there errors? if ($passwordErrors != null) { $post_errors[] = 'password_' . $passwordErrors; } } if (empty($post_errors)) { // Integration? call_integration_hook('integrate_reset_pass', array($cur_profile['member_name'], $cur_profile['member_name'], $_POST['passwrd1'])); // Go then. $passwd = sha1(strtolower($cur_profile['member_name']) . un_htmlspecialchars($_POST['passwrd1'])); // Do the important bits. updateMemberData($memID, array('openid_uri' => '', 'passwd' => $passwd)); if ($context['user']['is_owner']) { setLoginCookie(60 * $modSettings['cookieTime'], $memID, sha1(sha1(strtolower($cur_profile['member_name']) . un_htmlspecialchars($_POST['passwrd2'])) . $cur_profile['password_salt'])); } redirectexit('action=profile;u=' . $memID); } return true; } elseif ($_POST['authenticate'] == 'openid' && !empty($_POST['openid_identifier'])) { require_once $sourcedir . '/Subs-OpenID.php'; $_POST['openid_identifier'] = smf_openID_canonize($_POST['openid_identifier']); if (smf_openid_member_exists($_POST['openid_identifier'])) { $post_errors[] = 'openid_in_use'; } elseif (empty($post_errors)) { // Authenticate using the new OpenID URI first to make sure they didn't make a mistake. if ($context['user']['is_owner']) { $_SESSION['new_openid_uri'] = $_POST['openid_identifier']; smf_openID_validate($_POST['openid_identifier'], false, null, 'change_uri'); } else { updateMemberData($memID, array('openid_uri' => $_POST['openid_identifier'])); } } } } // Some stuff. $context['member']['openid_uri'] = $cur_profile['openid_uri']; $context['auth_method'] = empty($cur_profile['openid_uri']) ? 'password' : 'openid'; $context['sub_template'] = 'authentication_method'; }