2008-05-27 20:42:19 +09:00
|
|
|
<?php
|
2009-08-10 21:48:50 +09:00
|
|
|
/**
|
|
|
|
* Handler for remote subscription
|
|
|
|
*
|
|
|
|
* PHP version 5
|
|
|
|
*
|
|
|
|
* @category Action
|
2009-08-28 03:16:45 +09:00
|
|
|
* @package StatusNet
|
|
|
|
* @author Evan Prodromou <evan@status.net>
|
|
|
|
* @author Robin Millette <millette@status.net>
|
2009-08-10 21:48:50 +09:00
|
|
|
* @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
|
2009-08-28 03:16:45 +09:00
|
|
|
* @link http://status.net/
|
2009-08-10 21:48:50 +09:00
|
|
|
*
|
2009-08-26 07:14:12 +09:00
|
|
|
* StatusNet - the distributed open-source microblogging tool
|
2011-07-16 04:13:57 +09:00
|
|
|
* Copyright (C) 2008-2011 StatusNet, Inc.
|
2008-05-27 20:42:19 +09:00
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License as published by
|
|
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2009-08-10 21:48:50 +09:00
|
|
|
**/
|
2008-05-27 20:42:19 +09:00
|
|
|
|
2009-08-26 23:41:36 +09:00
|
|
|
if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
|
2009-08-10 21:48:50 +09:00
|
|
|
|
2011-07-16 04:13:57 +09:00
|
|
|
require_once dirname(__FILE__) . '/../lib/omb.php';
|
|
|
|
require_once dirname(__FILE__) . '/../extlib/libomb/service_consumer.php';
|
|
|
|
require_once dirname(__FILE__) . '/../extlib/libomb/profile.php';
|
2008-05-27 20:42:19 +09:00
|
|
|
|
2009-08-10 21:48:50 +09:00
|
|
|
/**
|
|
|
|
* Handler for remote subscription
|
|
|
|
*
|
|
|
|
* @category Action
|
2009-08-28 03:16:45 +09:00
|
|
|
* @package StatusNet
|
|
|
|
* @author Evan Prodromou <evan@status.net>
|
|
|
|
* @author Robin Millette <millette@status.net>
|
2009-08-10 21:48:50 +09:00
|
|
|
* @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
|
2009-08-28 03:16:45 +09:00
|
|
|
* @link http://status.net/
|
2009-08-10 21:48:50 +09:00
|
|
|
*/
|
2008-12-24 04:49:23 +09:00
|
|
|
class RemotesubscribeAction extends Action
|
|
|
|
{
|
2009-01-23 09:16:36 +09:00
|
|
|
var $nickname;
|
|
|
|
var $profile_url;
|
|
|
|
var $err;
|
2008-06-03 03:18:57 +09:00
|
|
|
|
2009-01-23 09:16:36 +09:00
|
|
|
function prepare($args)
|
2008-12-24 04:33:23 +09:00
|
|
|
{
|
2009-01-23 09:16:36 +09:00
|
|
|
parent::prepare($args);
|
2008-12-24 04:19:07 +09:00
|
|
|
|
|
|
|
if (common_logged_in()) {
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Client error displayed when using remote subscribe for a local entity.
|
2009-01-16 08:03:38 +09:00
|
|
|
$this->clientError(_('You can use the local subscription!'));
|
2009-01-23 09:16:36 +09:00
|
|
|
return false;
|
2008-12-24 04:19:07 +09:00
|
|
|
}
|
|
|
|
|
2009-08-10 21:48:50 +09:00
|
|
|
$this->nickname = $this->trimmed('nickname');
|
2009-01-23 09:16:36 +09:00
|
|
|
$this->profile_url = $this->trimmed('profile_url');
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
function handle($args)
|
|
|
|
{
|
|
|
|
parent::handle($args);
|
2008-12-24 04:19:07 +09:00
|
|
|
|
2009-01-23 09:16:36 +09:00
|
|
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
|
2009-08-10 21:48:50 +09:00
|
|
|
/* Use a session token for CSRF protection. */
|
2008-12-24 04:19:07 +09:00
|
|
|
$token = $this->trimmed('token');
|
|
|
|
if (!$token || $token != common_session_token()) {
|
2011-04-04 06:47:46 +09:00
|
|
|
// TRANS: Client error displayed when the session token does not match or is not given.
|
2009-01-23 09:16:36 +09:00
|
|
|
$this->showForm(_('There was a problem with your session token. '.
|
|
|
|
'Try again, please.'));
|
2008-12-24 04:19:07 +09:00
|
|
|
return;
|
|
|
|
}
|
2009-01-23 09:16:36 +09:00
|
|
|
$this->remoteSubscription();
|
2008-12-24 04:19:07 +09:00
|
|
|
} else {
|
2009-01-23 09:16:36 +09:00
|
|
|
$this->showForm();
|
2008-12-24 04:19:07 +09:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-01-23 09:16:36 +09:00
|
|
|
function showForm($err=null)
|
2008-12-24 04:33:23 +09:00
|
|
|
{
|
2009-01-23 09:16:36 +09:00
|
|
|
$this->err = $err;
|
|
|
|
$this->showPage();
|
2008-12-24 04:19:07 +09:00
|
|
|
}
|
|
|
|
|
2009-01-23 09:16:36 +09:00
|
|
|
function showPageNotice()
|
2008-12-24 04:33:23 +09:00
|
|
|
{
|
2009-01-23 09:16:36 +09:00
|
|
|
if ($this->err) {
|
|
|
|
$this->element('div', 'error', $this->err);
|
2008-12-24 04:19:07 +09:00
|
|
|
} else {
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Page notice for remote subscribe. This message contains Markdown links.
|
|
|
|
// TRANS: Ensure to keep the correct markup of [link description](link).
|
2009-08-22 05:45:42 +09:00
|
|
|
$inst = _('To subscribe, you can [login](%%action.login%%),' .
|
|
|
|
' or [register](%%action.register%%) a new ' .
|
|
|
|
' account. If you already have an account ' .
|
|
|
|
' on a [compatible microblogging site](%%doc.openmublog%%), ' .
|
|
|
|
' enter your profile URL below.');
|
2009-01-23 09:16:36 +09:00
|
|
|
$output = common_markup_to_html($inst);
|
2009-01-16 07:57:15 +09:00
|
|
|
$this->elementStart('div', 'instructions');
|
|
|
|
$this->raw($output);
|
2009-01-23 09:16:36 +09:00
|
|
|
$this->elementEnd('div');
|
2008-12-24 04:19:07 +09:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-01-23 09:16:36 +09:00
|
|
|
function title()
|
|
|
|
{
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Page title for Remote subscribe.
|
2009-01-23 09:16:36 +09:00
|
|
|
return _('Remote subscribe');
|
|
|
|
}
|
|
|
|
|
|
|
|
function showContent()
|
2008-12-24 04:33:23 +09:00
|
|
|
{
|
2009-08-10 21:48:50 +09:00
|
|
|
/* The id 'remotesubscribe' conflicts with the
|
|
|
|
button on profile page. */
|
2009-01-23 14:23:28 +09:00
|
|
|
$this->elementStart('form', array('id' => 'form_remote_subscribe',
|
|
|
|
'method' => 'post',
|
|
|
|
'class' => 'form_settings',
|
|
|
|
'action' => common_local_url('remotesubscribe')));
|
|
|
|
$this->elementStart('fieldset');
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Field legend on page for remote subscribe.
|
2009-04-02 19:10:32 +09:00
|
|
|
$this->element('legend', _('Subscribe to a remote user'));
|
2009-01-16 07:57:15 +09:00
|
|
|
$this->hidden('token', common_session_token());
|
2009-04-02 04:30:59 +09:00
|
|
|
|
2009-01-23 14:23:28 +09:00
|
|
|
$this->elementStart('ul', 'form_data');
|
|
|
|
$this->elementStart('li');
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Field label on page for remote subscribe.
|
2009-01-23 09:16:36 +09:00
|
|
|
$this->input('nickname', _('User nickname'), $this->nickname,
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Field title on page for remote subscribe.
|
2011-02-17 08:39:53 +09:00
|
|
|
_('Nickname of the user you want to follow.'));
|
2009-01-23 14:23:28 +09:00
|
|
|
$this->elementEnd('li');
|
|
|
|
$this->elementStart('li');
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Field label on page for remote subscribe.
|
2009-01-23 09:16:36 +09:00
|
|
|
$this->input('profile_url', _('Profile URL'), $this->profile_url,
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Field title on page for remote subscribe.
|
2011-02-17 08:39:53 +09:00
|
|
|
_('URL of your profile on another compatible microblogging service.'));
|
2009-01-23 14:23:28 +09:00
|
|
|
$this->elementEnd('li');
|
|
|
|
$this->elementEnd('ul');
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Button text on page for remote subscribe.
|
|
|
|
$this->submit('submit', _m('BUTTON','Subscribe'));
|
2009-01-23 14:23:28 +09:00
|
|
|
$this->elementEnd('fieldset');
|
2009-01-16 07:57:15 +09:00
|
|
|
$this->elementEnd('form');
|
2008-12-24 04:19:07 +09:00
|
|
|
}
|
|
|
|
|
2009-01-23 09:16:36 +09:00
|
|
|
function remoteSubscription()
|
2008-12-24 04:33:23 +09:00
|
|
|
{
|
2009-08-10 21:48:50 +09:00
|
|
|
if (!$this->nickname) {
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Form validation error on page for remote subscribe when no user was provided.
|
2009-01-23 09:16:36 +09:00
|
|
|
$this->showForm(_('No such user.'));
|
2008-12-24 04:19:07 +09:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2013-08-18 20:04:58 +09:00
|
|
|
$user = User::getKV('nickname', $this->nickname);
|
2009-08-10 21:48:50 +09:00
|
|
|
|
2009-01-23 09:16:36 +09:00
|
|
|
$this->profile_url = $this->trimmed('profile_url');
|
2008-12-24 04:19:07 +09:00
|
|
|
|
2009-01-23 09:16:36 +09:00
|
|
|
if (!$this->profile_url) {
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Form validation error on page for remote subscribe when no user profile was found.
|
2009-11-09 07:10:44 +09:00
|
|
|
$this->showForm(_('No such user.'));
|
2008-12-24 04:19:07 +09:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2009-08-21 19:13:24 +09:00
|
|
|
if (!common_valid_http_url($this->profile_url)) {
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Form validation error on page for remote subscribe when an invalid profile URL was provided.
|
2011-02-17 08:39:53 +09:00
|
|
|
$this->showForm(_('Invalid profile URL (bad format).'));
|
2008-12-24 04:19:07 +09:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2009-08-10 21:48:50 +09:00
|
|
|
try {
|
|
|
|
$service = new OMB_Service_Consumer($this->profile_url,
|
|
|
|
common_root_url(),
|
|
|
|
omb_oauth_datastore());
|
|
|
|
} catch (OMB_InvalidYadisException $e) {
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Form validation error on page for remote subscribe when no the provided profile URL
|
|
|
|
// TRANS: does not contain expected data.
|
2009-08-10 21:48:50 +09:00
|
|
|
$this->showForm(_('Not a valid profile URL (no YADIS document or ' .
|
2009-11-29 04:52:46 +09:00
|
|
|
'invalid XRDS defined).'));
|
2008-12-24 04:19:07 +09:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2009-08-10 21:48:50 +09:00
|
|
|
if ($service->getServiceURI(OAUTH_ENDPOINT_REQUEST) ==
|
|
|
|
common_local_url('requesttoken') ||
|
2013-08-18 20:04:58 +09:00
|
|
|
User::getKV('uri', $service->getRemoteUserURI())) {
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Form validation error on page for remote subscribe.
|
2011-01-21 04:00:45 +09:00
|
|
|
$this->showForm(_('That is a local profile! Login to subscribe.'));
|
2008-12-24 04:19:07 +09:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2009-08-10 21:48:50 +09:00
|
|
|
try {
|
|
|
|
$service->requestToken();
|
|
|
|
} catch (OMB_RemoteServiceException $e) {
|
2011-03-19 01:04:38 +09:00
|
|
|
// TRANS: Form validation error on page for remote subscribe when the remote service is not providing a request token.
|
2011-01-21 04:00:45 +09:00
|
|
|
$this->showForm(_('Could not get a request token.'));
|
2008-12-24 04:19:07 +09:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2009-08-10 21:48:50 +09:00
|
|
|
/* Create an OMB_Profile from $user. */
|
2008-12-24 04:19:07 +09:00
|
|
|
$profile = $user->getProfile();
|
|
|
|
if (!$profile) {
|
|
|
|
common_log_db_error($user, 'SELECT', __FILE__);
|
2011-04-25 21:48:19 +09:00
|
|
|
// TRANS: Error message displayed when referring to a user without a profile.
|
|
|
|
$this->serverError(_('User has no profile.'));
|
2008-12-24 04:19:07 +09:00
|
|
|
return;
|
|
|
|
}
|
2008-12-12 03:55:25 +09:00
|
|
|
|
2009-08-10 21:48:50 +09:00
|
|
|
$target_url = $service->requestAuthorization(
|
|
|
|
profile_to_omb_profile($user->uri, $profile),
|
|
|
|
common_local_url('finishremotesubscribe'));
|
2008-06-03 03:18:57 +09:00
|
|
|
|
2008-12-24 04:19:07 +09:00
|
|
|
common_ensure_session();
|
2008-12-12 03:55:25 +09:00
|
|
|
|
2009-08-10 21:48:50 +09:00
|
|
|
$_SESSION['oauth_authorization_request'] = serialize($service);
|
2008-06-03 03:18:57 +09:00
|
|
|
|
2009-08-10 21:48:50 +09:00
|
|
|
/* Redirect to the remote service for authorization. */
|
|
|
|
common_redirect($target_url, 303);
|
2008-12-24 04:19:07 +09:00
|
|
|
}
|
2008-07-02 01:37:05 +09:00
|
|
|
}
|