public function confirm($confirmid) { if (isset($this->helper) && $this != $this->helper) { return $this->helper->confirm($confirmid); } return tsimplecontent::html($this->getconfirmform($confirmid)); }
private function checkid($wait) { if (empty($_REQUEST['openid_return_to'])) { return $this->error400('return_to'); } $return_to = $_REQUEST['openid_return_to']; if (empty($_REQUEST['openid_identity'])) { return $this->error_get($return_to, 'identity'); } $identity = $_REQUEST['openid_identity']; if ($identity != litepublisher::$site->url . $this->url) { return $this->error_get($return_to, 'identity'); } $trust_root = !empty($_REQUEST['openid_trust_root']) ? $_REQUEST['openid_trust_root'] : $return_to; if ($trust_root != $return_to) { if (!$this->urldescends($return_to, $trust_root)) { return $this->error500('Invalidtrust'); } } $assoc_handle = !empty($_REQUEST['openid_assoc_handle']) ? $_REQUEST['openid_assoc_handle'] : null; $sreg_required = !empty($_REQUEST['openid_sreg_required']) ? $_REQUEST['openid_sreg_required'] : ''; $sreg_optional = !empty($_REQUEST['openid_sreg_optional']) ? $_REQUEST['openid_sreg_optional'] : ''; //join fields $sreg_required .= ',' . $sreg_optional; $auth = tauthdigest::i(); if (litepublisher::$options->cookieenabled) { if (!litepublisher::$options->user) { return litepublisher::$urlmap->redir('/admin/login/'); } } elseif (!$auth->Auth()) { return $auth->headers(); } if (litepublisher::$options->group != 'admin') { return 404; } $q = strpos($return_to, '?') ? '&' : '?'; $cancel_url = $return_to . $q . 'openid.mode=cancel'; if ($wait && (!in_array($trust_root, $this->trusted) || $this->confirm)) { //вывести форму и проверит результат формы if (empty($_POST['submit'])) { if (!empty($_REQUEST['openid_assoc_handle']) && isset($this->keys[$_REQUEST['openid_assoc_handle']])) { $this->keys[$_REQUEST['openid_assoc_handle']]['request'] = $_REQUEST; $this->save(); } $html = tadminhtml::i(); $html->section = 'openidserver'; $lang = tlocal::i('openidserver'); $args = targs::i(); $args->trust_root = $trust_root; $args->assoc_handle = $assoc_handle; $form = $html->trustform($args); return tsimplecontent::html($form); } else { switch ($_POST['accept']) { case 'yes': break; case 'yesall': $this->trusted[] = $trust_root; $this->save(); break; default: return $this->redir($cancel_url); } } } $keys = array('mode' => 'id_res', 'identity' => litepublisher::$site->url . $this->url, 'return_to' => $return_to); if (!($shared_secret = $this->GetSecret($assoc_handle))) { if ($assoc_handle != null) { $keys['invalidate_handle'] = $assoc_handle; if (isset($this->keys[$assoc_handle])) { unset($this->keys[$assoc_handle]); } } $this->NewKeys($assoc_handle, $shared_secret, $lifetime); } $keys['assoc_handle'] = $assoc_handle; foreach (explode(',', $sreg_required) as $key) { if (!isset($_REQUEST[$key])) { continue; } $skey = 'sreg.' . $key; if ($value = $this->GetReg($key)) { $keys[$skey] = $value; } } $tokens = ''; foreach ($keys as $key => $value) { $tokens .= "{$key}:{$value}\n"; } $keys['signed'] = implode(',', array_keys($keys)); $keys['sig'] = base64_encode(hmac($shared_secret, $tokens)); return $this->RedirKeys($return_to, $keys); }