/** * Action method for completing the 'verify' action. This action is used adding an identity URL to a * WordPress user through the admin interface. * * @param string $identity_url verified OpenID URL */ function _finish_openid_verify($identity_url) { global $openid; $user = wp_get_current_user(); if (empty($identity_url)) { // FIXME unable to authenticate OpenID WordPressOpenID_Logic::set_error('Unable to authenticate OpenID.'); } else { $store =& WordPressOpenID_Logic::getStore(); if (!$store->insert_identity($user->ID, $identity_url)) { // TODO should we check for this duplication *before* authenticating the ID? WordPressOpenID_Logic::set_error('OpenID assertion successful, but this URL is already claimed by ' . 'another user on this blog. This is probably a bug. ' . $identity_url); } else { $openid->action = 'success'; } } $wpp = parse_url(get_option('siteurl')); $redirect_to = $wpp['path'] . '/wp-admin/' . (current_user_can('edit_users') ? 'users.php' : 'profile.php') . '?page=openid'; if (function_exists('wp_safe_redirect')) { wp_safe_redirect($redirect_to); } else { wp_redirect($redirect_to); } // TODO display success message exit; }
/** * Action method for completing the 'verify' action. This action is used adding an identity URL to a * WordPress user through the admin interface. * * @param string $identity_url verified OpenID URL */ function _finish_openid_verify($identity_url) { global $openid; $user = wp_get_current_user(); if (empty($identity_url)) { WordPressOpenID_Logic::set_error('Unable to authenticate OpenID.'); } else { $store =& WordPressOpenID_Logic::getStore(); if (!$store->insert_identity($user->ID, $identity_url)) { WordPressOpenID_Logic::set_error('OpenID assertion successful, but this URL is already claimed by ' . 'another user on this blog. This is probably a bug. ' . $identity_url); } else { $openid->action = 'success'; $openid->message = "Successfully added Identity URL: {$identity_url}."; // ensure that profile URL is a verified Identity URL set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path()); require_once 'Auth/OpenID.php'; if ($GLOBALS['wp_version'] >= '2.3') { require_once ABSPATH . 'wp-admin/includes/admin.php'; } else { require_once ABSPATH . WPINC . '/registration.php'; } $identities = $store->get_identities($user->ID); $current_url = Auth_OpenID::normalizeUrl($user->user_url); $verified_url = false; if (!empty($identities)) { foreach ($identities as $id) { if ($id['url'] == $current_url) { $verified_url = true; break; } } if (!$verified_url) { $user->user_url = $identity_url; wp_update_user(get_object_vars($user)); $openid->message .= '<br /><strong>Note:</strong> For security reasons, your profile URL has been updated to match your Identity URL.'; } } } } $_SESSION['oid_message'] = $openid->message; $_SESSION['oid_action'] = $openid->action; $wpp = parse_url(get_option('siteurl')); $redirect_to = $wpp['path'] . '/wp-admin/' . (current_user_can('edit_users') ? 'users.php' : 'profile.php') . '?page=openid'; if (function_exists('wp_safe_redirect')) { wp_safe_redirect($redirect_to); } else { wp_redirect($redirect_to); } exit; }