function persona_verify() { $url = 'https://verifier.login.persona.org/verify'; $assert = filter_input(INPUT_POST, 'assertion', FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH); $params = 'assertion=' . urlencode($assert) . '&audience=' . urlencode(get_servername(true)); $options = array(CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_POSTFIELDS => $params, CURLOPT_SSL_VERIFYPEER => true, CURLOPT_SSL_VERIFYHOST => 2); $ch = curl_init(); curl_setopt_array($ch, $options); $result = curl_exec($ch); curl_close($ch); if ($result === false) { return false; } else { return json_decode($result, true); } }
$count_enabled++; } if ($PROVIDERS_CONFIG[$id]['new_app_link'] and $data['enabled']) { if (empty($data['keys']['secret']) or @$PROVIDERS_CONFIG[$id]['require_client_id'] and empty($data['keys']['id']) or !@$PROVIDERS_CONFIG[$id]['require_client_id'] and empty($data['keys']['key'])) { $page['errors'][] = l10n('%s: invalid keys', $PROVIDERS_CONFIG[$id]['name']); } } if (isset($PROVIDERS_CONFIG[$id]['scope'])) { $data['scope'] = $PROVIDERS_CONFIG[$id]['scope']; } if (is_array(@$data['keys'])) { $data['keys'] = array_map('trim', $data['keys']); } $data['name'] = $PROVIDERS_CONFIG[$id]['name']; $providers[$id] = $data; } $hybridauth_conf['providers'] = $providers; $hybridauth_conf['total'] = count($hybridauth_conf['providers']); $hybridauth_conf['enabled'] = $count_enabled; if (!count($page['errors'])) { // generate config file $content = "<?php\ndefined('PHPWG_ROOT_PATH') or die('Hacking attempt!');\n\nreturn "; $content .= var_export(array_intersect_key($hybridauth_conf, array_flip(array('providers', 'total', 'enabled'))), true); $content .= ";\n?>"; file_put_contents(OAUTH_CONFIG, $content); $page['infos'][] = l10n('Information data registered in database'); } } $template->assign(array('PROVIDERS' => $PROVIDERS_CONFIG, 'CONFIG' => $hybridauth_conf['providers'], 'SERVERNAME' => get_servername(), 'WEBSITE' => get_absolute_root_url(), 'OAUTH_CALLBACK' => OAUTH_PUBLIC . '?hauth.done=')); // define template file $template->set_filename('oauth_content', realpath(OAUTH_PATH . 'admin/template/providers.tpl'));