wamo/gnu-social
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

a

Browse Source 
darcs-hash:20080605183419-84dde-debe7f18565c960ee6886ac1330833bc8ae1ca5f.gz
This commit is contained in:
Evan Prodromou 2008-06-05 14:34:19 -04:00
parent 356f401986
commit 1cdb7919ef
2 changed files with 85 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
actions/login.php
View File

@ -60,7 +60,6 @@ class LoginAction extends Action {
} }
function show_form($error=NULL) { function show_form($error=NULL) {
common_show_header(_t('Login')); common_show_header(_t('Login'));
if (!is_null($error)) { if (!is_null($error)) {
common_element('div', array('class' => 'error'), $msg); common_element('div', array('class' => 'error'), $msg);

117
actions/userauthorization.php
View File

@ -30,39 +30,34 @@ class UserauthorizationAction extends Action {
# We've shown the form, now post user's choice # We've shown the form, now post user's choice
$this->send_authorization(); $this->send_authorization();
} else { } else {
if (!common_logged_in()) {
# Go log in, and then come back
common_debug('userauthorization.php - saving URL for returnto');
common_set_returnto(common_local_url('userauthorization'),
$this->args);
common_debug('userauthorization.php - redirecting to login');
common_redirect(common_local_url('login'));
return;
}
try { try {
common_debug('userauthorization.php - fetching request'); # this must be a new request
# We get called after login if we have a stored request common_debug('userauthorization.php - getting new request');
$req = $this->get_stored_request(); $req = $this->get_new_request();
if (!$req) { if (!$req) {
# this must be a new request common_server_error(_t('No request found!'));
common_debug('userauthorization.php - getting new request');
$req = $this->get_new_request();
if (!$req) {
common_server_error(_t('No request found!'));
}
common_debug('userauthorization.php - validating request');
# XXX: only validate new requests, since nonce is one-time use
$this->validate_request($req);
} }
common_debug('userauthorization.php - validating request');
# XXX: only validate new requests, since nonce is one-time use
$this->validate_request($req);
common_debug('userauthorization.php - showing form');
$this->store_request($req);
$this->show_form($req);
} catch (OAuthException $e) { } catch (OAuthException $e) {
$this->clear_request(); $this->clear_request();
common_server_error($e->getMessage()); common_server_error($e->getMessage());
return; return;
} }
if (common_logged_in()) {
common_debug('userauthorization.php - showing form');
$this->show_form($req);
} else {
common_debug('userauthorization.php - storing request in session');
# Go log in, and then come back
$this->store_request($req);
common_debug('userauthorization.php - saving URL for returnto');
common_set_returnto(common_local_url('userauthorization'));
common_debug('userauthorization.php - redirecting to login');
common_redirect(common_local_url('login'));
}
} }
} }
@ -206,7 +201,8 @@ class UserauthorizationAction extends Action {
# FIXME: we should really do this when the consumer comes # FIXME: we should really do this when the consumer comes
# back for an access token. If they never do, we've got stuff in a # back for an access token. If they never do, we've got stuff in a
# weird state. # weird state.
$nickname = $req->get_parameter('omb_listenee_nickname');
$fullname = $req->get_parameter('omb_listenee_fullname'); $fullname = $req->get_parameter('omb_listenee_fullname');
$profile_url = $req->get_parameter('omb_listenee_profile'); $profile_url = $req->get_parameter('omb_listenee_profile');
$homepage = $req->get_parameter('omb_listenee_homepage'); $homepage = $req->get_parameter('omb_listenee_homepage');
@ -225,7 +221,7 @@ class UserauthorizationAction extends Action {
} else { } else {
$exists = false; $exists = false;
$remote = new Remote_profile(); $remote = new Remote_profile();
$remote->uri = $omb['listener']; $remote->uri = $listenee;
$profile = new Profile(); $profile = new Profile();
} }
@ -253,10 +249,6 @@ class UserauthorizationAction extends Action {
$remote->id = $id; $remote->id = $id;
} }
if ($avatar_url) {
$this->add_avatar($avatar_url);
}
if ($exists) { if ($exists) {
$remote->update($orig_remote); $remote->update($orig_remote);
} else { } else {
@ -264,6 +256,10 @@ class UserauthorizationAction extends Action {
$remote->insert(); $remote->insert();
} }
if ($avatar_url) {
$this->add_avatar($profile->id, $avatar_url);
}
$user = common_current_user(); $user = common_current_user();
$datastore = omb_oauth_datastore(); $datastore = omb_oauth_datastore();
$consumer = $this->get_consumer($datastore, $req); $consumer = $this->get_consumer($datastore, $req);
@ -280,6 +276,50 @@ class UserauthorizationAction extends Action {
return; return;
} }
} }
function add_avatar($profile, $url) {
$temp_filename = tempnam(sys_get_temp_dir(), 'ombavatar');
copy($url, $temp_filename);
$info = @getimagesize($temp_filename);
$filename = common_avatar_filename($profile, image_type_to_extension($info[2]), NULL, common_timestamp());
$filepath = common_avatar_path($filename);
copy($temp_filename, $filename);
$avatar = DB_DataObject::factory('avatar');
$avatar->profile_id = $profile->id;
$avatar->width = $info[0];
$avatar->height = $info[1];
$avatar->mediatype = image_type_to_mime_type($info[2]);
$avatar->filename = $filename;
$avatar->original = true;
$avatar->url = common_avatar_url($filename);
$avatar->created = DB_DataObject_Cast::dateTime(); # current time
foreach (array(AVATAR_STREAM_SIZE, AVATAR_MINI_SIZE) as $size) {
$scaled[] = $this->scale_avatar($user, $avatar, $size);
}
# XXX: start a transaction here
if (!$this->delete_old_avatars($user)) {
@unlink($filepath);
common_server_error(_t('Error deleting old avatars.'));
return;
}
if (!$avatar->insert()) {
@unlink($filepath);
common_server_error(_t('Error inserting avatar.'));
return;
}
foreach ($scaled as $s) {
if (!$s->insert()) {
common_server_error(_t('Error inserting scaled avatar.'));
return;
}
}
}
function show_accept_message($tok) { function show_accept_message($tok) {
common_show_header(_t('Subscription authorized')); common_show_header(_t('Subscription authorized'));
@ -404,8 +444,21 @@ class UserauthorizationAction extends Action {
throw new OAuthException("Location too long '$location'"); throw new OAuthException("Location too long '$location'");
} }
$avatar = $req->get_parameter('omb_listenee_avatar'); $avatar = $req->get_parameter('omb_listenee_avatar');
if ($avatar && (!common_valid_http_url($avatar) || strlen($avatar) > 255)) { if ($avatar) {
throw new OAuthException("Invalid avatar '$avatar'"); if (!common_valid_http_url($avatar) || strlen($avatar) > 255) {
throw new OAuthException("Invalid avatar URL '$avatar'");
}
$size = @getimagesize($avatar);
if (!$size) {
throw new OAuthException("Can't read avatar URL '$avatar'");
}
if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) {
throw new OAuthException("Wrong size image at '$avatar'");
}
if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG,
IMAGETYPE_PNG))) {
throw new OAuthException("Wrong image type for '$avatar'");
}
} }
$callback = $req->get_parameter('oauth_callback'); $callback = $req->get_parameter('oauth_callback');
if ($callback && !common_valid_http_url($callback)) { if ($callback && !common_valid_http_url($callback)) {