public static function getLanguageId()
{
if ($languageid = vB5_Cookie::get('languageid', vB5_Cookie::TYPE_UINT)) {
return $languageid;
} else {
return self::instance()->_get('languageid');
}
}
/**
* Gets the styles to be used ordered by preference
*/
protected function getStylePreference()
{
$this->stylePreference = array();
try {
$router = vB5_ApplicationAbstract::instance()->getRouter();
if (!empty($router)) {
$arguments = $router->getArguments();
// #1 check for a forced style in current route
if (!empty($arguments) and !empty($arguments['forceStyleId']) and intval($arguments['forceStyleId'])) {
$this->stylePreference[] = $arguments['forceStyleId'];
}
}
} catch (vB5_Exception $e) {
// the application instance might not be initialized yet, so just ignore this first check
}
// #2 check for a style cookie (style chooser in footer)
// If style is set in querystring, the routing component will set this cookie (VBV-3322)
$cookieStyleId = vB5_Cookie::get('userstyleid', vB5_Cookie::TYPE_UINT);
if (!empty($cookieStyleId)) {
$this->stylePreference[] = $cookieStyleId;
}
// #3 check for user defined style
$userStyleId = vB5_User::get('styleid');
if (!empty($userStyleId)) {
$this->stylePreference[] = $userStyleId;
}
// #4 check for a route style which is not forced
if (!empty($arguments) and isset($arguments['routeStyleId']) and is_int($arguments['routeStyleId'])) {
$this->stylePreference[] = $arguments['routeStyleId'];
}
// #5 check for the overall site default style
$defaultStyleId = vB5_Template_Options::instance()->get('options.styleid');
if ($defaultStyleId) {
$this->stylePreference[] = $defaultStyleId;
}
// Moved from Api_Interface_Collapsed::init, it was calling getPreferredStyleId when the forced
// style set by the route wasn't ready yet. (see VBV-3324)
if (!empty($this->stylePreference[0])) {
// If style is -1 then fetch site default styleid
if ($this->stylePreference[0] == '-1') {
$this->stylePreference[0] = $defaultStyleId;
}
vB::getCurrentSession()->set('styleid', $this->stylePreference[0]);
}
}
/** Responds to a request to create a new user.
*
**/
public function actionRegistration()
{
//We need at least a username, email, and password.
if (empty($_REQUEST['username']) or empty($_REQUEST['password']) or empty($_REQUEST['email'])) {
$this->sendAsJson(array('error' => 'insufficient data'));
return;
}
$username = trim($_REQUEST['username']);
$password = trim($_REQUEST['password']);
$postdata = array('username' => $username, 'email' => $_REQUEST['email']);
if (isset($_REQUEST['month']) and isset($_REQUEST['day']) and !empty($_REQUEST['year'])) {
$postdata['birthday'] = $_REQUEST['year'] . '-' . str_pad($_REQUEST['month'], 2, '0', STR_PAD_LEFT) . '-' . str_pad($_REQUEST['day'], 2, '0', STR_PAD_LEFT);
}
if (!empty($_REQUEST['guardian'])) {
$postdata['parentemail'] = $_REQUEST['guardian'];
}
$vboptions = vB5_Template_Options::instance()->getOptions();
$vboptions = $vboptions['options'];
// Coppa cookie check
$coppaage = vB5_Cookie::get('coppaage', vB5_Cookie::TYPE_STRING);
if ($vboptions['usecoppa'] and $vboptions['checkcoppa']) {
if ($coppaage) {
$dob = explode('-', $coppaage);
$month = $dob[0];
$day = $dob[1];
$year = $dob[2];
$postdata['birthday'] = $year . '-' . str_pad($month, 2, '0', STR_PAD_LEFT) . '-' . str_pad($day, 2, '0', STR_PAD_LEFT);
} else {
vB5_Cookie::set('coppaage', $_REQUEST['month'] . '-' . $_REQUEST['day'] . '-' . $_REQUEST['year'], 365, 0);
}
}
// Fill in ReCaptcha data
$recaptchaData = array();
if (!empty($_REQUEST['recaptcha_challenge_field'])) {
$recaptchaData['recaptcha_challenge_field'] = $_REQUEST['recaptcha_challenge_field'];
}
if (!empty($_REQUEST['recaptcha_response_field'])) {
$recaptchaData['recaptcha_response_field'] = $_REQUEST['recaptcha_response_field'];
}
if (!empty($recaptchaData)) {
$_REQUEST['humanverify'] = $recaptchaData + (isset($_REQUEST['humanverify']) ? (array) $_REQUEST['humanverify'] : array());
}
$api = Api_InterfaceAbstract::instance();
$data = array('userid' => 0, 'password' => $password, 'user' => $postdata, array(), array(), 'userfield' => !empty($_REQUEST['userfield']) ? $_REQUEST['userfield'] : false, array(), isset($_REQUEST['humanverify']) ? $_REQUEST['humanverify'] : '', array('registration' => true));
// add facebook data
if ($api->callApi('facebook', 'isFacebookEnabled') && $api->callApi('facebook', 'userIsLoggedIn')) {
$fbUserInfo = $api->callApi('facebook', 'getFbUserInfo');
$data['user']['fbuserid'] = $fbUserInfo['id'];
$data['user']['fbname'] = $fbUserInfo['name'];
$data['user']['timezoneoffset'] = $fbUserInfo['timezone'];
$data['user']['fbjoindate'] = time();
$fb_profilefield_info = $this->getFacebookProfileinfo($fbUserInfo);
if (!empty($fb_profilefield_info['birthday']) and empty($data['user']['birthday'])) {
$data['user']['birthday'] = $fb_profilefield_info['birthday'];
}
if (empty($data['userfield'])) {
$data['userfield'] = array();
}
if ($vboptions['fb_userfield_biography']) {
$data['userfield'] += array($vboptions['fb_userfield_biography'] => $fb_profilefield_info['biography']);
}
if ($vboptions['fb_userfield_location']) {
$data['userfield'] += array($vboptions['fb_userfield_location'] => $fb_profilefield_info['location']);
}
if ($vboptions['fb_userfield_occupation']) {
$data['userfield'] += array($vboptions['fb_userfield_occupation'] => $fb_profilefield_info['occupation']);
}
}
// save data
$response = $api->callApi('user', 'save', $data);
if (!empty($response) and (!is_array($response) or !isset($response['errors']))) {
// try to login
$loginInfo = $api->callApi('user', 'login', array($username, $password, '', '', ''));
if (!isset($loginInfo['errors']) or empty($loginInfo['errors'])) {
// browser session expiration
vB5_Cookie::set('sessionhash', $loginInfo['sessionhash'], 0, true);
vB5_Cookie::set('password', $loginInfo['password'], 0);
vB5_Cookie::set('userid', $loginInfo['userid'], 0);
$urlPath = '';
if (!empty($_POST['urlpath'])) {
$urlPath = base64_decode(trim($_POST['urlpath']), true);
}
if (!$urlPath or strpos($urlPath, '/auth/') !== false or strpos($urlPath, '/register') !== false or !vB5_Template_Runtime::allowRedirectToUrl($urlPath)) {
$urlPath = vB5_Template_Options::instance()->get('options.frontendurl');
}
$response = array('urlPath' => $urlPath);
} else {
if (!empty($loginInfo['errors'])) {
$response = array('errors' => $loginInfo['errors']);
}
}
if ($api->callApi('user', 'usecoppa')) {
$response['usecoppa'] = true;
$response['urlPath'] = vB5_Route::buildUrl('coppa-form|bburl');
} else {
if ($vboptions['verifyemail']) {
$response['msg'] = 'registeremail';
$response['msg_params'] = array(vB5_String::htmlSpecialCharsUni($postdata['username']), $postdata['email'], vB5_Template_Options::instance()->get('options.frontendurl'));
} else {
if ($vboptions['moderatenewmembers']) {
$response['msg'] = 'moderateuser';
$response['msg_params'] = array(vB5_String::htmlSpecialCharsUni($postdata['username']), vB5_Template_Options::instance()->get('options.frontendurl'));
} else {
$frontendurl = vB5_Template_Options::instance()->get('options.frontendurl');
$routeProfile = $api->callApi('route', 'getUrl', array('route' => 'profile', 'data' => array('userid' => $loginInfo['userid']), array()));
$routeuserSettings = $api->callApi('route', 'getUrl', array('route' => 'settings', 'data' => array('tab' => 'profile'), array()));
$routeAccount = $api->callApi('route', 'getUrl', array('route' => 'settings', 'data' => array('tab' => 'account'), array()));
$response['msg'] = 'registration_complete';
$response['msg_params'] = array(vB5_String::htmlSpecialCharsUni($postdata['username']), $frontendurl . $routeProfile, $frontendurl . $routeAccount, $frontendurl . $routeuserSettings, $frontendurl);
}
}
}
}
$this->sendAsJson(array('response' => $response));
}
function fr_parse_thread($node, $previewtype = 1)
{
$userinfo = vB_Api::instance('user')->fetchUserInfo();
$options = vB::get_datastore()->get_value('options');
$topic = array('thread_id' => $node['nodeid'], 'thread_title' => html_entity_decode($node['title']), 'forum_id' => $node['parentid'], 'forum_title' => $node['content']['channeltitle'], 'post_username' => $node['userid'] > 0 ? $node['authorname'] : (string) new vB_Phrase('global', 'guest'), 'post_userid' => $node['userid'], 'post_lastposttime' => fr_date($node['lastupdate']), 'total_posts' => $node['textcount']);
$did_lastcontent = false;
if ($node['lastcontentid'] > 0 && $node['lastcontentid'] != $node['nodeid'] && $previewtype == 2) {
$lastcontent = vB_Api::instance('node')->getFullContentforNodes(array($node['lastcontentid']));
$lastcontent = $lastcontent[0];
if ($lastcontent['parentid'] == $lastcontent['starter']) {
if (in_array($lastcontent['content']['contenttypeclass'], array('Text', 'Photo', 'Link', 'Video'))) {
$topic['post_userid'] = $node['lastauthorid'];
$topic['post_username'] = $node['lastauthorid'] > 0 ? $node['lastcontentauthor'] : (string) new vB_Phrase('global', 'guest');
$topic['thread_preview'] = make_preview($lastcontent['content']['rawtext']);
if ($avatarurl = fr_find_avatarurl($lastcontent)) {
$topic['avatarurl'] = $options['bburl'] . '/' . $avatarurl;
}
$did_lastcontent = true;
}
}
}
if (!$did_lastcontent) {
$topic['thread_preview'] = make_preview($node['content']['rawtext']);
if ($avatarurl = fr_find_avatarurl($node)) {
$topic['avatarurl'] = $options['bburl'] . '/' . $avatarurl;
}
}
if ($options['threadmarking'] and $userinfo['userid']) {
$userlastvisit = !empty($node['readtime']) ? $node['readtime'] : vB::getRequest()->getTimeNow() - $options['markinglimit'] * 86400;
} else {
$lastvisit = vB5_Cookie::get('lastvisit', vB5_Cookie::TYPE_UINT);
$forumview = fr_fetch_bbarray_cookie('discussion-view', $node['nodeid']);
//use which one produces the highest value, most likely cookie
$userlastvisit = $forumview > $lastvisit ? $forumview : $lastvisit;
}
if (!empty($node['content']['prefix_plain'])) {
$topic['prefix'] = $node['content']['prefix_plain'];
}
$topic['new_posts'] = 0;
if ($node['lastupdate'] and $userlastvisit < $node['lastupdate']) {
$topic['new_posts'] = 1;
}
return $topic;
}
public function index($pageid)
{
//the api init can redirect. We need to make sure that happens before we echo anything
$api = Api_InterfaceAbstract::instance();
$top = '';
// We should not cache register page for guest. See VBV-7695.
if (vB5_Request::get('cachePageForGuestTime') > 0 and !vB5_User::get('userid') and (empty($_REQUEST['routestring']) or $_REQUEST['routestring'] != 'register' and $_REQUEST['routestring'] != 'lostpw')) {
// languageid should be in the pagekey to fix VBV-8095
$fullPageKey = 'vBPage_' . md5(serialize($_REQUEST)) . '_' . vB::getCurrentSession()->get('languageid');
$styleid = vB5_Cookie::get('userstyleid', vB5_Cookie::TYPE_UINT);
if (!empty($styleid)) {
$fullPageKey .= '_' . $styleid;
}
$fullPage = vB_Cache::instance(vB_Cache::CACHE_LARGE)->read($fullPageKey);
if (!empty($fullPage)) {
echo $fullPage;
exit;
}
}
$preheader = vB5_ApplicationAbstract::getPreheader();
$top .= $preheader;
if (vB5_Request::get('useEarlyFlush')) {
echo $preheader;
flush();
}
$router = vB5_ApplicationAbstract::instance()->getRouter();
$arguments = $router->getArguments();
$userAction = $router->getUserAction();
$pageKey = $router->getPageKey();
$api->callApi('page', 'preload', array($pageKey));
if (!empty($userAction)) {
$api->callApi('wol', 'register', array($userAction['action'], $userAction['params'], $pageKey, vB::getRequest()->getScriptPath(), !empty($arguments['nodeid']) ? $arguments['nodeid'] : 0));
}
if (isset($arguments['pagenum'])) {
$arguments['pagenum'] = intval($arguments['pagenum']) > 0 ? intval($arguments['pagenum']) : 1;
}
$pageid = (int) (isset($arguments['pageid']) ? $arguments['pageid'] : (isset($arguments['contentid']) ? $arguments['contentid'] : 0));
if ($pageid < 1) {
// @todo This needs to output a user-friendly "page not found" page
throw new Exception('Could not find page.');
}
$page = $api->callApi('page', 'fetchPageById', array($pageid, $arguments));
if (!$page) {
// @todo This needs to output a user-friendly "page not found" page
throw new Exception('Could not find page.');
}
// Go to the first new / unread post for this user in this topic
if (!empty($_REQUEST['goto']) and $_REQUEST['goto'] == 'newpost' and !empty($arguments['nodeid']) and !empty($arguments['channelid'])) {
if ($this->vboptions['threadmarking'] and vB5_User::get('userid')) {
// Database read marking
$channelRead = $api->callApi('node', 'getNodeReadTime', array($arguments['channelid']));
$topicRead = $api->callApi('node', 'getNodeReadTime', array($arguments['nodeid']));
$topicView = max($topicRead, $channelRead, time() - $this->vboptions['markinglimit'] * 86400);
} else {
// Cookie read marking
$topicView = intval(vB5_Cookie::fetchBbarrayCookie('discussion_view', $arguments['nodeid']));
if (!$topicView) {
$topicView = vB5_User::get('lastvisit');
}
}
$topicView = intval($topicView);
// Get the first unread reply
$goToNodeId = $api->callApi('node', 'getFirstChildAfterTime', array($arguments['nodeid'], $topicView));
if (empty($goToNodeId)) {
$thread = $api->callApi('node', 'getNodes', array(array($arguments['nodeid'])));
if (!empty($thread) and isset($thread[$arguments['nodeid']])) {
$goToNodeId = $thread[$arguments['nodeid']]['lastcontentid'];
}
}
if ($goToNodeId) {
// Redirect to the new post
$urlCache = vB5_Template_Url::instance();
$urlKey = $urlCache->register($router->getRouteId(), array('nodeid' => $arguments['nodeid']), array('p' => $goToNodeId));
$replacements = $urlCache->finalBuildUrls(array($urlKey));
$url = $replacements[$urlKey];
if ($url) {
$url .= '#post' . $goToNodeId;
if (headers_sent()) {
echo '<script type="text/javascript">window.location = "' . $url . '";</script>';
} else {
header('Location: ' . $url);
}
exit;
}
}
}
$page['routeInfo'] = array('routeId' => $router->getRouteId(), 'arguments' => $arguments, 'queryParameters' => $router->getQueryParameters());
$page['crumbs'] = $router->getBreadcrumbs();
$page['headlinks'] = $router->getHeadLinks();
$page['pageKey'] = $pageKey;
// default value for pageSchema
$page['pageSchema'] = 'http://schema.org/WebPage';
$queryParameters = $router->getQueryParameters();
/*
* VBV-12506
* this is where we would add other things to clean up dangerous query params.
* For VBV-12486, I'll just unset anything here that can't use vb:var in the templates,
* but really we should just make a whitelist of expected page object parameters that
* come from the query string and unset EVERYTHING else. For the expected ones, we
* should also force the value into the expected (and hopefully safer) range
*/
/*
* VBV-12506
* $doNotReplaceWithQueryParams is a list of parameters that the page object usually
* gets naturally/internally, and we NEVER want to replace with a user provided query
* parameter. (In fact, *when* exactly DO we want to do this???)
* If we don't do this, it's a potential XSS vulnerability for the items that we
* cannot send through vb:var for whatever reason (title for ex)
* and even if they *are* sent through vb:var, the replacements can sometimes just
* break the page even when it's sent through vb:var (for example, ?pagetemplateid=%0D,
* the new line this inserts in var pageData = {...} in the header template tends to
* break things (tested on Chrome).
* Furthermore, any script that uses the pageData var would get the user injected data
* that might cause more problems down the line.
* Parameter Notes:
* 'titleprefix'
* As these two should already be html escaped, we don't want to double escape
* them. So we can't us vb:var in the templates. As such, we must prevent a
* malicious querystring from being injected into the page object here.
* 'title'
* Similar to above, but channels are allowed to have HTML in the title, so
* they are intentinoally not escaped in the DB, and the templates can't use
* vb:var.
* 'pageid', 'channelid', 'nodeid'
* These are usually set in the arguments, so the array_merge below usually
* takes care of not passing a pageid query string through to the page object,
* but I'm leaving them in just in case.
*/
$doNotReplaceWithQueryParams = array('titleprefix', 'title', 'pageid', 'channelid', 'nodeid', 'pagetemplateid', 'url', 'pagenum', 'tagCloudTitle');
foreach ($doNotReplaceWithQueryParams as $key) {
unset($queryParameters[$key]);
}
$arguments = array_merge($queryParameters, $arguments);
foreach ($arguments as $key => $value) {
$page[$key] = $value;
}
$options = vB5_Template_Options::instance();
$page['phrasedate'] = $options->get('miscoptions.phrasedate');
$page['optionsdate'] = $options->get('miscoptions.optionsdate');
// if no meta description, use node data or global one instead, prefer node data
if (empty($page['metadescription']) and !empty($page['nodedescription'])) {
$page['metadescription'] = $page['nodedescription'];
}
if (empty($page['metadescription'])) {
$page['metadescription'] = $options->get('options.description');
}
$config = vB5_Config::instance();
// Non-persistent notices @todo - change this to use vB_Cookie
$page['ignore_np_notices'] = vB5_ApplicationAbstract::getIgnoreNPNotices();
$templateCache = vB5_Template_Cache::instance();
$templater = new vB5_Template($page['screenlayouttemplate']);
//IMPORTANT: If you add any variable to the page object here,
// please make sure you add them to other controllers which create page objects.
// That includes at a minimum the search controller (in two places currently)
// and vB5_ApplicationAbstract::showErrorPage
$templater->registerGlobal('page', $page);
$page = $this->outputPage($templater->render(), false);
$fullPage = $top . $page;
if (!empty($fullPageKey) and is_string($fullPageKey)) {
vB_Cache::instance(vB_Cache::CACHE_LARGE)->write($fullPageKey, $fullPage, vB5_Request::get('cachePageForGuestTime'), 'vbCachedFullPage');
}
// these are the templates rendered for this page
$loadedTemplates = vB5_Template::getRenderedTemplates();
$api->callApi('page', 'savePreCacheInfo', array($pageKey));
if (!vB5_Request::get('useEarlyFlush')) {
echo $fullPage;
} else {
echo $page;
}
}
function fr_get_and_parse_forum($forumid, $foruminfo = false)
{
$userinfo = vB_Api::instance('user')->fetchUserInfo();
$options = vB::get_datastore()->get_value('options');
if (!$foruminfo) {
$foruminfo = vB_Api::instance('node')->getFullContentforNodes(array($forumid));
if (empty($foruminfo)) {
return null;
}
$foruminfo = $foruminfo[0];
}
if (!$foruminfo) {
return null;
}
$type = 'old';
if ($options['threadmarking'] and $userinfo['userid']) {
$userlastvisit = !empty($foruminfo['readtime']) ? $foruminfo['readtime'] : vB::getRequest()->getTimeNow() - $options['markinglimit'] * 86400;
} else {
$lastvisit = vB5_Cookie::get('lastvisit', vB5_Cookie::TYPE_UINT);
$forumview = fr_fetch_bbarray_cookie('channel_view', $foruminfo['nodeid']);
//use which one produces the highest value, most likely cookie
$userlastvisit = $forumview > $lastvisit ? $forumview : $lastvisit;
}
if ($foruminfo['lastcontent'] and $userlastvisit < $foruminfo['lastcontent']) {
$type = 'new';
} else {
$type = 'old';
}
$out = array('id' => $foruminfo['nodeid'], 'new' => $type == 'new' ? true : false, 'name' => html_entity_decode(strip_tags($foruminfo['title'])), 'password' => false);
$icon = fr_get_forum_icon($foruminfo['nodeid'], $foruminfo == 'new');
if ($icon) {
$out['icon'] = $icon;
}
if ($foruminfo['description'] != '') {
$desc = strip_tags($foruminfo['description']);
if (strlen($desc) > 0) {
$out['desc'] = $desc;
}
}
return $out;
}
public function init()
{
if ($this->initialized) {
return true;
}
//initialize core
$core_path = vB5_Config::instance()->core_path;
require_once $core_path . '/vb/vb.php';
vB::init();
$request = new vB_Request_WebApi();
vB::setRequest($request);
// When we reach here, there's no user information loaded. What we can do is trying to load language from cookies.
// Shouldn't use vB5_User::getLanguageId() as it will try to load userinfo from session
$languageid = vB5_Cookie::get('languageid', vB5_Cookie::TYPE_UINT);
if ($languageid) {
$request->setLanguageid($languageid);
}
$sessionhash = vB5_Cookie::get('sessionhash', vB5_Cookie::TYPE_STRING);
$restoreSessionInfo['userid'] = vB5_Cookie::get('userid', vB5_Cookie::TYPE_STRING);
$restoreSessionInfo['remembermetoken'] = vB5_Cookie::get('password', vB5_Cookie::TYPE_STRING);
$remembermetokenOrig = $restoreSessionInfo['remembermetoken'];
$retry = false;
if ($restoreSessionInfo['remembermetoken'] == 'facebook-retry') {
$restoreSessionInfo['remembermetoken'] = 'facebook';
$retry = true;
}
//We normally don't allow the use of the backend classes in the front end, but the
//rules are relaxed inside the api class and especially in the bootstrap dance of getting
//things set up. Right now getting at the options in the front end is nasty, but I don't
//want the backend dealing with cookies if I can help it (among other things it makes
//it nasty to handle callers of the backend that don't have cookies). But we need
//so information to determine what the cookie name is. This is the least bad way
//of handling things.
$options = vB::getDatastore()->getValue('options');
if ($options['facebookactive'] and $options['facebookappid']) {
//this is not a vB cookie so it doesn't use our prefix -- which the cookie class adds automatically
$cookie_name = 'fbsr_' . $options['facebookappid'];
$restoreSessionInfo['fb_signed_request'] = isset($_COOKIE[$cookie_name]) ? strval($_COOKIE[$cookie_name]) : '';
}
$session = $request->createSessionNew($sessionhash, $restoreSessionInfo);
if ($session['sessionhash'] !== $sessionhash) {
vB5_Cookie::set('sessionhash', $session['sessionhash'], 0, true);
}
//redirect to handle a stale FB cookie when doing a FB "remember me".
//only do it once to prevent redirect loops -- don't try this with
//posts since we'd lose the post data in that case
//
//Some notes on the JS code (don't want them in the JS inself to avoid
//increasing what gets sent to the browser).
//1) This code is deliberately designed to avoid using subsystems that
// would increase the processing time for something that doesn't need it
// (we even avoid initializing JQUERY here). This is the reason it is
// inline and not in a template.
//2) The code inits the FB system which will create update the cookie
// if it is able to validate the user. The cookie is what we are after.
// We use getLoginStatus instead of setting status to true because
// the latter introduces a race condition were we can do the redirect
// before the we've fully initialized and updated the cookie. The
// explicit call to getLoginStatus allows us to redirect when the
// status is obtained.
//3) If we fail to update the cookie we catch that when we try to
// create the vb session (which is why we only allow one retry)
//4) The JS here should *never* prompt the user, assuming the FB
// docs are correct.
//5) If the FB version is changed it needs to changed in the
// FB library class and the facebook.js file
if (strtolower($_SERVER['REQUEST_METHOD']) == 'get' and vB::getCurrentSession()->get('userid') == 0 and $options['facebookactive'] and $options['facebookappid'] and $restoreSessionInfo['remembermetoken'] == 'facebook') {
if (!$retry) {
//if this isn't a retry, then do a redirect
vB5_Auth::setRememberMeCookies('facebook-retry', $restoreSessionInfo['userid']);
$fbredirect = "\n\t\t\t\t\t<!DOCTYPE html>\n\t\t\t\t\t<html>\n\t\t\t\t\t<head>\n\t\t\t\t\t\t<script type='text/javascript' src='//connect.facebook.net/en_US/sdk.js'></script>\n\t\t\t\t\t\t<script type='text/javascript'>\n\t\t\t\t\t\t\tFB.init({\n\t\t\t\t\t\t\t\tappId : '{$options['facebookappid']}',\n\t\t\t\t\t\t\t\tversion : 'v2.2',\n\t\t\t\t\t\t\t\tstatus : false,\n\t\t\t\t\t\t\t\tcookie : true,\n\t\t\t\t\t\t\t\txfbml : false\n\t\t\t\t\t\t\t});\n\n\t\t\t\t\t\t\tFB.getLoginStatus(function(response)\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\twindow.top.location.reload(true);\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t</script>\n\t\t\t\t\t</head>\n\t\t\t\t\t<body></body>\n\t\t\t\t\t</html>\n\t\t\t\t";
echo $fbredirect;
exit;
} else {
//we tried and failed to log in via FB. That probably means that the user
//is logged out of facebook. Let's kill the autolog in so that we stop
//trying to connect via FB
vB5_Auth::setRememberMeCookies('', '');
}
}
//if we have an existing token and if we got a token back from the session that is different then we
//need to update the token in the browser. We shouldn't get a token back if we didn't pass one in but
//we shouldn't depend on that behavior.
if ($session['remembermetoken'] and $session['remembermetoken'] != $remembermetokenOrig) {
vB5_Auth::setRememberMeCookies($session['remembermetoken'], $restoreSessionInfo['userid']);
}
// Try to set cpsession hash to session object if exists
vB::getCurrentSession()->setCpsessionHash(vB5_Cookie::get('cpsession', vB5_Cookie::TYPE_STRING));
// Update lastvisit/lastactivity
$info = vB::getCurrentSession()->doLastVisitUpdate(vB5_Cookie::get('lastvisit', vB5_Cookie::TYPE_UINT), vB5_Cookie::get('lastactivity', vB5_Cookie::TYPE_UINT));
if (!empty($info)) {
// for guests we need to set some cookies
if (isset($info['lastvisit'])) {
vB5_Cookie::set('lastvisit', $info['lastvisit']);
}
if (isset($info['lastactivity'])) {
vB5_Cookie::set('lastactivity', $info['lastactivity']);
}
}
$this->initialized = true;
}
