diff options
| author | Evan Prodromou <evan@status.net> | 2010-01-11 00:45:26 -0800 |
|---|---|---|
| committer | Evan Prodromou <evan@status.net> | 2010-01-11 00:45:26 -0800 |
| commit | 8809e577b2c8cf1b8b187840aaf9674136929ec7 (patch) | |
| tree | 28ed1e16f26d55510402f928ed9e484f0670cf01 /lib | |
| parent | ad63a9518cb77d548e61fb39d05f8066733c326d (diff) | |
| parent | 92deb35bc4dbd4203bce93bffec4cfb58eab032c (diff) | |
Merge branch 'sessionidparam' into 0.9.x
Conflicts:
lib/command.php
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/command.php | 76 | ||||
| -rw-r--r-- | lib/router.php | 5 | ||||
| -rw-r--r-- | lib/util.php | 44 |
3 files changed, 81 insertions, 44 deletions
diff --git a/lib/command.php b/lib/command.php index 5a1a8bf33..f846fb823 100644 --- a/lib/command.php +++ b/lib/command.php @@ -85,7 +85,7 @@ class NudgeCommand extends Command { $recipient = User::staticGet('nickname', $this->other); if(! $recipient){ - $channel->error($this->user, sprintf(_('Could not find a user with nickname %s.'), + $channel->error($this->user, sprintf(_('Could not find a user with nickname %s'), $this->other)); }else{ if ($recipient->id == $this->user->id) { @@ -96,7 +96,7 @@ class NudgeCommand extends Command } // XXX: notify by IM // XXX: notify by SMS - $channel->output($this->user, sprintf(_('Nudge sent to %s.'), + $channel->output($this->user, sprintf(_('Nudge sent to %s'), $recipient->nickname)); } } @@ -149,7 +149,7 @@ class FavCommand extends Command $notice = Notice::staticGet(substr($this->other,1)); if (!$notice) { - $channel->error($this->user, _('Notice with that id does not exist.')); + $channel->error($this->user, _('Notice with that id does not exist')); return; } $recipient = $notice->getProfile(); @@ -165,7 +165,7 @@ class FavCommand extends Command } $notice = $recipient->getCurrentNotice(); if (!$notice) { - $channel->error($this->user, _('User has no last notice.')); + $channel->error($this->user, _('User has no last notice')); return; } } @@ -214,7 +214,7 @@ class JoinCommand extends Command } if ($cur->isMember($group)) { - $channel->error($cur, _('You are already a member of that group.')); + $channel->error($cur, _('You are already a member of that group')); return; } if (Group_block::isBlocked($group, $cur->getProfile())) { @@ -231,12 +231,12 @@ class JoinCommand extends Command $result = $member->insert(); if (!$result) { common_log_db_error($member, 'INSERT', __FILE__); - $channel->error($cur, sprintf(_('Could not join user %1$s to group %2$s.'), + $channel->error($cur, sprintf(_('Could not join user %s to group %s'), $cur->nickname, $group->nickname)); return; } - $channel->output($cur, sprintf(_('%1$s joined group %2$s'), + $channel->output($cur, sprintf(_('%s joined group %s'), $cur->nickname, $group->nickname)); } @@ -281,12 +281,12 @@ class DropCommand extends Command $result = $member->delete(); if (!$result) { common_log_db_error($member, 'INSERT', __FILE__); - $channel->error($cur, sprintf(_('Could not remove user %1$s to group %2$s.'), + $channel->error($cur, sprintf(_('Could not remove user %s to group %s'), $cur->nickname, $group->nickname)); return; } - $channel->output($cur, sprintf(_('%1$s left group %2$s'), + $channel->output($cur, sprintf(_('%s left group %s'), $cur->nickname, $group->nickname)); } @@ -315,7 +315,7 @@ class WhoisCommand extends Command $whois = sprintf(_("%1\$s (%2\$s)"), $recipient->nickname, $recipient->profileurl); if ($recipient->fullname) { - $whois .= "\n" . sprintf(_('Full name: %s'), $recipient->fullname); + $whois .= "\n" . sprintf(_('Fullname: %s'), $recipient->fullname); } if ($recipient->location) { $whois .= "\n" . sprintf(_('Location: %s'), $recipient->location); @@ -355,7 +355,7 @@ class MessageCommand extends Command $this->text = common_shorten_links($this->text); if (Message::contentTooLong($this->text)) { - $channel->error($this->user, sprintf(_('Message too long - maximum is %1$d characters, you sent %2$d.'), + $channel->error($this->user, sprintf(_('Message too long - maximum is %d characters, you sent %d'), Message::maxContent(), mb_strlen($this->text))); return; } @@ -373,7 +373,7 @@ class MessageCommand extends Command $message = Message::saveNew($this->user->id, $other->id, $this->text, $channel->source()); if ($message) { $message->notify(); - $channel->output($this->user, sprintf(_('Direct message to %s sent.'), $this->other)); + $channel->output($this->user, sprintf(_('Direct message to %s sent'), $this->other)); } else { $channel->error($this->user, _('Error sending direct message.')); } @@ -396,7 +396,7 @@ class RepeatCommand extends Command $notice = Notice::staticGet(substr($this->other,1)); if (!$notice) { - $channel->error($this->user, _('Notice with that id does not exist.')); + $channel->error($this->user, _('Notice with that id does not exist')); return; } $recipient = $notice->getProfile(); @@ -412,19 +412,19 @@ class RepeatCommand extends Command } $notice = $recipient->getCurrentNotice(); if (!$notice) { - $channel->error($this->user, _('User has no last notice.')); + $channel->error($this->user, _('User has no last notice')); return; } } if($this->user->id == $notice->profile_id) { - $channel->error($this->user, _('Cannot repeat your own notice.')); + $channel->error($this->user, _('Cannot repeat your own notice')); return; } if ($recipient->hasRepeated($notice->id)) { - $channel->error($this->user, _('Already repeated that notice.')); + $channel->error($this->user, _('Already repeated that notice')); return; } @@ -432,7 +432,7 @@ class RepeatCommand extends Command if ($repeat) { common_broadcast_notice($repeat); - $channel->output($this->user, sprintf(_('Notice from %s repeated.'), $recipient->nickname)); + $channel->output($this->user, sprintf(_('Notice from %s repeated'), $recipient->nickname)); } else { $channel->error($this->user, _('Error repeating notice.')); } @@ -457,7 +457,7 @@ class ReplyCommand extends Command $notice = Notice::staticGet(substr($this->other,1)); if (!$notice) { - $channel->error($this->user, _('Notice with that id does not exist.')); + $channel->error($this->user, _('Notice with that id does not exist')); return; } $recipient = $notice->getProfile(); @@ -473,7 +473,7 @@ class ReplyCommand extends Command } $notice = $recipient->getCurrentNotice(); if (!$notice) { - $channel->error($this->user, _('User has no last notice.')); + $channel->error($this->user, _('User has no last notice')); return; } } @@ -488,7 +488,7 @@ class ReplyCommand extends Command $this->text = common_shorten_links($this->text); if (Notice::contentTooLong($this->text)) { - $channel->error($this->user, sprintf(_('Notice too long - maximum is %1$d characters, you sent %2$d.'), + $channel->error($this->user, sprintf(_('Notice too long - maximum is %d characters, you sent %d'), Notice::maxContent(), mb_strlen($this->text))); return; } @@ -497,7 +497,7 @@ class ReplyCommand extends Command array('reply_to' => $notice->id)); if ($notice) { - $channel->output($this->user, sprintf(_('Reply to %s sent.'), $recipient->nickname)); + $channel->output($this->user, sprintf(_('Reply to %s sent'), $recipient->nickname)); } else { $channel->error($this->user, _('Error saving notice.')); } @@ -529,7 +529,7 @@ class GetCommand extends Command } $notice = $target->getCurrentNotice(); if (!$notice) { - $channel->error($this->user, _('User has no last notice.')); + $channel->error($this->user, _('User has no last notice')); return; } $notice_content = $notice->content; @@ -553,7 +553,7 @@ class SubCommand extends Command { if (!$this->other) { - $channel->error($this->user, _('Specify the name of the user to subscribe to.')); + $channel->error($this->user, _('Specify the name of the user to subscribe to')); return; } @@ -581,7 +581,7 @@ class UnsubCommand extends Command function execute($channel) { if(!$this->other) { - $channel->error($this->user, _('Specify the name of the user to unsubscribe from.')); + $channel->error($this->user, _('Specify the name of the user to unsubscribe from')); return; } @@ -647,28 +647,20 @@ class LoginCommand extends Command $disabled = common_config('logincommand','disabled'); $disabled = isset($disabled) && $disabled; if($disabled) { - $channel->error($this->user, _('Login command is disabled.')); + $channel->error($this->user, _('Login command is disabled')); return; } - $login_token = Login_token::staticGet('user_id',$this->user->id); - if($login_token){ - $login_token->delete(); - } - $login_token = new Login_token(); - $login_token->user_id = $this->user->id; - $login_token->token = common_good_rand(16); - $login_token->created = common_sql_now(); - $result = $login_token->insert(); - if (!$result) { - common_log_db_error($login_token, 'INSERT', __FILE__); - $channel->error($this->user, sprintf(_('Could not create login token for %s.'), - $this->user->nickname)); - return; + + try { + $login_token = Login_token::makeNew($this->user); + } catch (Exception $e) { + $channel->error($this->user, $e->getMessage()); } + $channel->output($this->user, - sprintf(_('This link is useable only once, and is good for only 2 minutes: %s.'), - common_local_url('login', - array('user_id'=>$login_token->user_id, 'token'=>$login_token->token)))); + sprintf(_('This link is useable only once, and is good for only 2 minutes: %s'), + common_local_url('otp', + array('user_id' => $login_token->user_id, 'token' => $login_token->token)))); } } diff --git a/lib/router.php b/lib/router.php index 785e78fd0..6b87ed27f 100644 --- a/lib/router.php +++ b/lib/router.php @@ -88,7 +88,10 @@ class Router $m->connect('doc/:title', array('action' => 'doc')); - $m->connect('main/login?user_id=:user_id&token=:token', array('action'=>'login'), array('user_id'=> '[0-9]+', 'token'=>'.+')); + $m->connect('main/otp/:user_id/:token', + array('action' => 'otp'), + array('user_id' => '[0-9]+', + 'token' => '.+')); // main stuff is repetitive diff --git a/lib/util.php b/lib/util.php index 23a22ad8c..1237d718b 100644 --- a/lib/util.php +++ b/lib/util.php @@ -171,15 +171,27 @@ function common_ensure_session() if (common_config('sessions', 'handle')) { Session::setSaveHandler(); } + if (array_key_exists(session_name(), $_GET)) { + $id = $_GET[session_name()]; + common_log(LOG_INFO, 'Setting session from GET parameter: '.$id); + } else if (array_key_exists(session_name(), $_COOKIE)) { + $id = $_COOKIE[session_name()]; + common_log(LOG_INFO, 'Setting session from COOKIE: '.$id); + } + if (isset($id)) { + session_id($id); + setcookie(session_name(), $id); + } @session_start(); if (!isset($_SESSION['started'])) { $_SESSION['started'] = time(); - if (!empty($c)) { + if (!empty($id)) { common_log(LOG_WARNING, 'Session cookie "' . $_COOKIE[session_name()] . '" ' . ' is set but started value is null'); } } } + common_debug("Session ID = " . session_id()); } // Three kinds of arguments: @@ -825,9 +837,39 @@ function common_path($relative, $ssl=false) } } + $relative = common_inject_session($relative, $serverpart); + return $proto.'://'.$serverpart.'/'.$pathpart.$relative; } +function common_inject_session($url, $serverpart = null) +{ + if (common_have_session()) { + + if (empty($serverpart)) { + $serverpart = parse_url($url, PHP_URL_HOST); + } + + $currentServer = $_SERVER['HTTP_HOST']; + + // Are we pointing to another server (like an SSL server?) + + if (!empty($currentServer) && + 0 != strcasecmp($currentServer, $serverpart)) { + // Pass the session ID as a GET parameter + $sesspart = session_name() . '=' . session_id(); + $i = strpos($url, '?'); + if ($i === false) { // no GET params, just append + $url .= '?' . $sesspart; + } else { + $url = substr($url, 0, $i + 1).$sesspart.'&'.substr($url, $i + 1); + } + } + } + + return $url; +} + function common_date_string($dt) { // XXX: do some sexy date formatting |