/** * register page */ function oauth_begin_register() { global $conf, $template, $hybridauth_conf, $page, $user; if ($hybridauth_conf['enabled'] == 0) { return; } // coming from identification page if (pwg_get_session_var('oauth_new_user') != null) { list($provider, $user_identifier) = pwg_get_session_var('oauth_new_user'); try { if ($provider == 'Persona') { $template->assign('OAUTH_USER', array('provider' => 'Persona', 'username' => $user_identifier, 'u_profile' => null, 'avatar' => null)); oauth_assign_template_vars(); $template->append('OAUTH', array('persona_email' => $user_identifier), true); $conf['oauth']['include_common_template'] = true; } else { require_once OAUTH_PATH . 'include/hybridauth/Hybrid/Auth.php'; $hybridauth = new Hybrid_Auth($hybridauth_conf); $adapter = $hybridauth->authenticate($provider); $remote_user = $adapter->getUserProfile(); // security, check remote identifier if ($remote_user->identifier != $user_identifier) { pwg_unset_session_var('oauth_new_user'); throw new Exception('Hacking attempt!', 403); } $template->assign('OAUTH_USER', array('provider' => $hybridauth_conf['providers'][$provider]['name'], 'username' => $remote_user->displayName, 'u_profile' => $remote_user->profileURL, 'avatar' => $remote_user->photoURL)); } $oauth_id = pwg_db_real_escape_string($provider . '---' . $user_identifier); $page['infos'][] = l10n('Your registration is almost done, please complete the registration form.'); // register form submited if (isset($_POST['submit'])) { $user_id = register_user($_POST['login'], hash('sha1', $oauth_id . $conf['secret_key']), $_POST['mail_address'], true, $page['errors'], false); if ($user_id !== false) { pwg_unset_session_var('oauth_new_user'); // update oauth field single_update(USER_INFOS_TABLE, array('oauth_id' => $oauth_id), array('user_id' => $user_id)); // log_user and redirect log_user($user_id, false); redirect('profile.php'); } unset($_POST['submit']); } else { if (isset($_POST['login']) && $conf['oauth']['allow_merge_accounts']) { if ($conf['insensitive_case_logon'] == true) { $_POST['username'] = search_case_username($_POST['username']); } $user_id = get_userid($_POST['username']); if ($user_id === false) { $page['errors'][] = l10n('Invalid username or email'); } else { if ($user_id == $conf['webmaster_id']) { $page['errors'][] = l10n('For security reason, the main webmaster account can\'t be merged with a remote account, but you can use another webmaster account.'); } else { if (pwg_login(false, $_POST['username'], $_POST['password'], false)) { // update oauth field single_update(USER_INFOS_TABLE, array('oauth_id' => $oauth_id), array('user_id' => $user['id'])); pwg_unset_session_var('oauth_new_user'); redirect('profile.php'); } else { $page['errors'][] = l10n('Invalid password!'); } } } } } // overwrite fields with remote datas if ($provider == 'Persona') { $_POST['login'] = ''; $_POST['mail_address'] = $user_identifier; } else { $_POST['login'] = $remote_user->displayName; $_POST['mail_address'] = $remote_user->email; } // template $template->assign('OAUTH_PATH', OAUTH_PATH); if ($conf['oauth']['allow_merge_accounts']) { $template->assign('OAUTH_LOGIN_IN_REGISTER', true); $template->set_prefilter('register', 'oauth_add_login_in_register'); } else { $template->set_prefilter('register', 'oauth_add_profile_prefilter'); $template->set_prefilter('register', 'oauth_remove_password_fields_prefilter'); } } catch (Exception $e) { $page['errors'][] = l10n('An error occured, please contact the gallery owner. <i>Error code : %s</i>', $e->getCode()); } } else { if ($conf['oauth']['display_register']) { oauth_assign_template_vars(get_gallery_home_url()); $template->set_prefilter('register', 'oauth_add_buttons_prefilter'); } } }
check_status(ACCESS_FREE); trigger_notify('loc_begin_identification'); //-------------------------------------------------------------- identification $redirect_to = ''; if (!empty($_GET['redirect'])) { $redirect_to = urldecode($_GET['redirect']); if (is_a_guest()) { $page['errors'][] = l10n('You are not authorized to access the requested page'); } } if (isset($_POST['login'])) { if (!isset($_COOKIE[session_name()])) { $page['errors'][] = l10n('Cookies are blocked or not supported by your browser. You must enable cookies to connect.'); } else { if ($conf['insensitive_case_logon'] == true) { $_POST['username'] = search_case_username($_POST['username']); } $redirect_to = isset($_POST['redirect']) ? urldecode($_POST['redirect']) : ''; $remember_me = isset($_POST['remember_me']) and $_POST['remember_me'] == 1; if (try_log_user($_POST['username'], $_POST['password'], $remember_me)) { redirect(empty($redirect_to) ? get_gallery_home_url() : $redirect_to); } else { $page['errors'][] = l10n('Invalid password!'); } } } //----------------------------------------------------- template initialization // // Start output of page // $title = l10n('Identification');