<?php /* * @CODOLICENSE */ defined('IN_CODOF') or die; dispatch_post('sso/authorize', function () { //CSRF protection if (\CODOF\Access\Request::valid($_POST['token'])) { //$id = $_POST['uid']; $user = $_POST['sso']; $posted_token = $user['token']; $secret = CODOF\Util::get_opt('sso_secret'); if (!empty($user)) { unset($user['token']); $sso_token = md5(urlencode(json_encode($user)) . $secret . $_POST['timestamp']); } $username = $user['name']; $mail = $user['mail']; if ($sso_token != $posted_token) { echo 'error'; exit; } $db = DB::getPDO(); if (!CODOF\User\User::mailExists($mail)) { //this user does not have an account in codoforum $reg = new \CODOF\User\Register($db); if (\CODOF\User\User::usernameExists($username)) { $username .= time(); } $reg->username = $username;
CODOF\Smarty\Layout::load($user->view, $user->css_files, $user->js_files); }); dispatch_get('/user/avatar/', function () { CODOF\Smarty\Layout::not_found(); }); dispatch_get('/user/avatar/:id', function ($id) { $user = CODOF\User\User::get(); if ($user->rawAvatar == null) { $avatar = new \CODOF\User\Avatar(); $avatar->generate($id); } else { return $user->avatar; } }); dispatch_post('/user/profile/:id/edit', function ($id) { if (Request::valid($_POST['token'])) { $user = new \Controller\user(); $user->edit_profile($id); CODOF\Smarty\Layout::load($user->view, $user->css_files, $user->js_files); } }); dispatch_get('/user/profile/:id/:action', function ($id, $action) { $user = new \Controller\user(); $user->profile($id, $action); CODOF\Smarty\Layout::load($user->view, $user->css_files, $user->js_files); }); dispatch_get('/user/confirm', function () { $user = new \Controller\user(); $user->confirm(); CODOF\Smarty\Layout::load($user->view, $user->css_files, $user->js_files); });