Exemplo n.º 1
0
function validate_identities_url($value)
{
    if ($value == 'http://') {
        return true;
    }
    if (environment('authentication') == 'password') {
        return true;
    }
    if (!(environment('openid_version') > 1)) {
        return true;
    }
    global $db;
    wp_plugin_include(array('wp-openid'));
    $logic = new WordPressOpenID_Logic(null);
    $logic->activate_plugin();
    if (!WordPressOpenID_Logic::late_bind()) {
        trigger_error('Sorry, there was an error in the OpenID plugin.', E_USER_ERROR);
    }
    $consumer = WordPressOpenID_Logic::getConsumer();
    $auth_request = $consumer->begin($value);
    if (null === $auth_request) {
        trigger_error('Sorry, an OpenID server could not be located from: ' . htmlentities($value), E_USER_ERROR);
    }
    return true;
}
Exemplo n.º 2
0
function start_wp_openid()
{
    global $request;
    wp_plugin_include(array('wp-openid'));
    $logic = new WordPressOpenID_Logic(null);
    $logic->activate_plugin();
    if (!WordPressOpenID_Logic::late_bind()) {
        return;
    }
    $redirect_to = '';
    if (!empty($_SESSION['requested_url'])) {
        $redirect_to = $_SESSION['requested_url'];
    }
    $claimed_url = $request->openid_url;
    $consumer = WordPressOpenID_Logic::getConsumer();
    $auth_request = $consumer->begin($claimed_url);
    if (null === $auth_request) {
        trigger_error('OpenID server not found at ' . htmlentities($claimed_url), E_USER_ERROR);
    }
    $return_to = $request->url_for('openid_continue') . '/';
    $store =& WordPressOpenID_Logic::getStore();
    $sreg_request = Auth_OpenID_SRegRequest::build(array(), array('nickname', 'email', 'fullname'));
    $auth_request->addExtension($sreg_request);
    $_SESSION['oid_return_to'] = $return_to;
    WordPressOpenID_Logic::doRedirect($auth_request, $request->protected_url, $return_to);
    exit(0);
}
Exemplo n.º 3
0
        /**
         * Handle user management of OpenID associations.
         *
         * @submenu_page: profile.php
         **/
        function profile_panel()
        {
            global $error, $openid;
            if (!current_user_can('read')) {
                return;
            }
            $user = wp_get_current_user();
            WordPressOpenID_Logic::late_bind();
            if (!$openid->action && $_SESSION['oid_action']) {
                $openid->action = $_SESSION['oid_action'];
                unset($_SESSION['oid_action']);
            }
            if (!$openid->message && $_SESSION['oid_message']) {
                $openid->message = $_SESSION['oid_message'];
                unset($_SESSION['oid_message']);
            }
            if ('success' == $openid->action) {
                echo '<div class="updated"><p><strong>' . __('Success:', 'openid') . '</strong> ' . $openid->message . '</p></div>';
            } elseif ('warning' == $openid->action) {
                echo '<div class="error"><p><strong>' . __('Warning:', 'openid') . '</strong> ' . $openid->message . '</p></div>';
            } elseif ('error' == $openid->action) {
                echo '<div class="error"><p><strong>' . __('Error:', 'openid') . '</strong> ' . $openid->message . '</p></div>';
            }
            if (!empty($error)) {
                echo '<div class="error"><p><strong>' . __('Error:', 'openid') . '</strong> ' . $error . '</p></div>';
                unset($error);
            }
            ?>

		<div class="wrap">
			<h2><?php 
            _e('Your Identity URLs', 'openid');
            ?>
</h2>

			<p><?php 
            printf(__('The following Identity URLs %s are tied to this user account. You can login ' . 'with equivalent permissions using any of the following identities.', 'openid'), '<a title="' . __('What is OpenID?', 'openid') . '" href="http://openid.net/">' . __('?', 'openid') . '</a>');
            ?>
			</p>
		<?php 
            $urls = $openid->store->get_identities($user->ID);
            if (count($urls)) {
                ?>
			<p>There are <?php 
                echo count($urls);
                ?>
 identities associated with this WordPress user.</p>

			<table class="widefat">
			<thead>
				<tr>
					<th scope="col" style="text-align: center"><?php 
                _e('ID', 'openid');
                ?>
</th>
					<th scope="col"><?php 
                _e('Identity Url', 'openid');
                ?>
</th>
					<th scope="col" style="text-align: center"><?php 
                _e('Action', 'openid');
                ?>
</th>
				</tr>
			</thead>

			<?php 
                foreach ($urls as $k => $v) {
                    ?>

				<tr class="alternate">
					<th scope="row" style="text-align: center"><?php 
                    echo $v['uurl_id'];
                    ?>
</th>
					<td><a href="<?php 
                    echo $v['url'];
                    ?>
"><?php 
                    echo $v['url'];
                    ?>
</a></td>
					<td style="text-align: center"><a class="delete" href="<?php 
                    echo wp_nonce_url(sprintf('?page=%s&action=drop_identity&id=%s', 'openid', $v['uurl_id']), 'wp-openid-drop-identity_' . $v['url']);
                    ?>
"><?php 
                    _e('Delete', 'openid');
                    ?>
</a></td>
				</tr>

			<?php 
                }
                ?>

			</table>

			<?php 
            } else {
                echo '
			<p class="error">' . __('There are no OpenIDs associated with this WordPress user.', 'openid') . '</p>';
            }
            ?>

		<p>
			<form method="post"><?php 
            _e('Add identity:', 'openid');
            ?>
				<?php 
            wp_nonce_field('wp-openid-add_identity');
            ?>
				<input id="openid_url" name="openid_url" /> 
				<input type="submit" value="<?php 
            _e('Add', 'openid');
            ?>
" />
				<input type="hidden" name="action" value="add_identity" >
			</form>
		</p>
		</div>
		<?php 
        }
Exemplo n.º 4
0
 /**
  * If the comment contains a valid OpenID, skip the check for requiring a name and email address.  Even if
  * this data is provided in the form, we may get it through other methods, so we don't want to bail out
  * prematurely.  After OpenID authentication has completed (and $_SESSION['oid_skip'] is set), we don't
  * interfere so that this data can be required if desired.
  *
  * @param boolean $value existing value of flag, whether to require name and email
  * @return boolean new value of flag, whether to require name and email
  * @see get_user_data
  */
 function bypass_option_require_name_email($value)
 {
     global $openid_auth_request, $openid;
     if ($_REQUEST['oid_skip']) {
         return $value;
     }
     if (array_key_exists('openid_url', $_POST)) {
         if (!empty($_POST['openid_url'])) {
             return false;
         }
     } else {
         if (!empty($_POST['url'])) {
             if (WordPressOpenID_Logic::late_bind()) {
                 // check if url is valid OpenID by forming an auth request
                 set_error_handler(array('WordPressOpenID_Logic', 'customer_error_handler'));
                 $consumer = WordPressOpenID_Logic::getConsumer();
                 $openid_auth_request = $consumer->begin($_POST['url']);
                 restore_error_handler();
                 if (null !== $openid_auth_request) {
                     return false;
                 }
             }
         }
     }
     return $value;
 }
Exemplo n.º 5
0
 /**
  * If the comment contains a valid OpenID, skip the check for requiring a name and email address.  Even if
  * this data is provided in the form, we may get it through other methods, so we don't want to bail out
  * prematurely.  After OpenID authentication has completed (and $_SESSION['oid_skip'] is set), we don't
  * interfere so that this data can be required if desired.
  *
  * @param boolean $value existing value of flag, whether to require name and email
  * @return boolean new value of flag, whether to require name and email
  * @see get_user_data
  */
 function bypass_option_require_name_email($value)
 {
     global $openid;
     if ($_REQUEST['oid_skip']) {
         return $value;
     }
     if (array_key_exists('openid_url', $_POST)) {
         if (!empty($_POST['openid_url'])) {
             return false;
         }
     } else {
         if (!empty($_POST['url'])) {
             if (WordPressOpenID_Logic::late_bind()) {
                 // check if url is valid OpenID by forming an auth request
                 $auth_request = WordPressOpenID_Logic::begin_consumer($_POST['url']);
                 if (null !== $auth_request) {
                     return false;
                 }
             }
         }
     }
     return $value;
 }