/** * Allows users to delete OpenID locations from their account. */ require_login(); $messages = array(); $errors = array(); $identity = require_post("identity"); // make sure we aren't deleting our last identity $q = db()->prepare("SELECT COUNT(*) AS c FROM user_openid_identities WHERE user_id=?"); $q->execute(array(user_id())); $count = $q->fetch(); // or we have an OAuth2 identity $q = db()->prepare("SELECT * FROM user_oauth2_identities WHERE user_id=? LIMIT 1"); $q->execute(array(user_id())); $oauth2 = $q->fetch(); // or we have a password hash $q = db()->prepare("SELECT * FROM user_passwords WHERE user_id=?"); $q->execute(array(user_id())); $password_hash = $q->fetch(); if ($count['c'] <= 1 && !$password_hash && !$oauth2) { $errors[] = t("Cannot remove that OpenID identity; at least one identity must be defined."); set_temporary_messages($messages); set_temporary_errors($errors); redirect(url_for('user#user_openid')); } $user = \Users\User::getInstance(db()); \Users\UserOpenID::removeIdentity(db(), $user, $identity); $messages[] = t("Removed OpenID identity ':identity'.", array(':identity' => $identity)); set_temporary_messages($messages); set_temporary_errors($errors); redirect(url_for('user#user_openid'));
require_login(); // POST overrides GET $openid = require_post("openid", require_get("openid", require_post("openid_manual", require_get("openid_manual", false)))); if ($openid && !is_string($openid)) { throw new Exception("Invalid openid parameter"); } $messages = array(); $errors = array(); // try logging in? try { if ($openid) { $user = \Users\User::getInstance(db()); $args = array("openid" => $openid); $redirect = absolute_url(url_for('openid_add', $args)); try { $identity = \Users\UserOpenID::addIdentity(db(), $user, $openid, $redirect); $messages[] = t("Added OpenID identity ':identity' to your account.", array(':identity' => htmlspecialchars($identity))); // redirect $destination = url_for('user#user_openid'); set_temporary_messages($messages); set_temporary_errors($errors); redirect($destination); } catch (\Users\UserSignupException $e) { $errors[] = $e->getMessage(); } } } catch (Exception $e) { if (!$e instanceof EscapedException) { $e = new EscapedException(htmlspecialchars($e->getMessage()), (int) $e->getCode(), $e); } $errors[] = $e->getMessage();