diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php index 1ec842f264..eb105c1e73 100644 --- a/actions/finishremotesubscribe.php +++ b/actions/finishremotesubscribe.php @@ -140,21 +140,34 @@ class FinishremotesubscribeAction extends Action { } else { $profile->created = DB_DataObject_Cast::dateTime(); # current time $id = $profile->insert(); + if (!$id) { + common_server_error(_t('Error inserting new profile')); + return; + } $remote->id = $id; } if ($avatar_url) { - $this->add_avatar($profile, $avatar_url); + if (!$this->add_avatar($profile, $avatar_url)) { + common_server_error(_t('Error inserting avatar')); + return; + } } - $remote->postnoticeurl = $omb[OMB_ENDPOINT_POSTNOTICE]; - $remote->updateprofileurl = $omb[OMB_ENDPOINT_UPDATEPROFILE]; + $remote->postnoticeurl = $omb['post_notice_url']; + $remote->updateprofileurl = $omb['update_profile_url']; if ($exists) { - $remote->update($orig_remote); + if (!$remote->update($orig_remote)) { + common_server_error(_t('Error updating remote profile')); + return; + } } else { $remote->created = DB_DataObject_Cast::dateTime(); # current time - $remote->insert; + if (!$remote->insert()) { + common_server_error(_t('Error inserting remote profile')); + return; + } } $sub = new Subscription(); diff --git a/actions/remotesubscribe.php b/actions/remotesubscribe.php index 8baa3b7af5..214bd863a6 100644 --- a/actions/remotesubscribe.php +++ b/actions/remotesubscribe.php @@ -313,6 +313,8 @@ class RemotesubscribeAction extends Action { $omb['secret'] = $secret; # call doesn't work after bounce back so we cache; maybe serialization issue...? $omb['access_token_url'] = omb_service_uri($omb[OAUTH_ENDPOINT_ACCESS]); + $omb['post_notice_url'] = omb_service_uri($omb[OMB_ENDPOINT_POSTNOTICE]); + $omb['update_profile_url'] = omb_service_uri($omb[OMB_ENDPOINT_UPDATEPROFILE]); $_SESSION['oauth_authorization_request'] = $omb; diff --git a/doc/TODO b/doc/TODO index fd2c257670..3f8321507d 100644 --- a/doc/TODO +++ b/doc/TODO @@ -55,11 +55,11 @@ + release 0.2 + YADIS document link on showstream + YADIS document -- subscribe remote -- add subscriber remote -- server side of user authorization ++ subscribe remote ++ add subscriber remote ++ server side of user authorization + server side of request token -- server side of access token ++ server side of access token + OAuth store + log of consumers who ask for access - receive remote notice