summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--actions/recoverpassword.php133
-rw-r--r--actions/remotesubscribe.php121
2 files changed, 141 insertions, 113 deletions
diff --git a/actions/recoverpassword.php b/actions/recoverpassword.php
index 3d839e751..eeb6b2516 100644
--- a/actions/recoverpassword.php
+++ b/actions/recoverpassword.php
@@ -25,6 +25,9 @@ define(MAX_RECOVERY_TIME, 24 * 60 * 60);
class RecoverpasswordAction extends Action
{
+ var $mode = null;
+ var $msg = null;
+ var $success = null;
function handle($args)
{
@@ -34,22 +37,22 @@ class RecoverpasswordAction extends Action
return;
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($this->arg('recover')) {
- $this->recover_password();
+ $this->recoverPassword();
} else if ($this->arg('reset')) {
- $this->reset_password();
+ $this->resetPassword();
} else {
$this->clientError(_('Unexpected form submission.'));
}
} else {
if ($this->trimmed('code')) {
- $this->check_code();
+ $this->checkCode();
} else {
- $this->show_form();
+ $this->showForm();
}
}
}
- function check_code()
+ function checkCode()
{
$code = $this->trimmed('code');
@@ -88,7 +91,7 @@ class RecoverpasswordAction extends Action
# Note: it's still deleted; let's avoid a second attempt!
if ((time() - $touched) > MAX_RECOVERY_TIME) {
- common_log(LOG_WARNING,
+ common_log(LOG_WARNING,
'Attempted redemption on recovery code ' .
'that is ' . $touched . ' seconds old. ');
$this->clientError(_('This confirmation code is too old. ' .
@@ -112,17 +115,17 @@ class RecoverpasswordAction extends Action
# Success!
- $this->set_temp_user($user);
- $this->show_password_form();
+ $this->setTempUser($user);
+ $this->showPasswordForm();
}
- function set_temp_user(&$user)
+ function setTempUser(&$user)
{
common_ensure_session();
$_SESSION['tempuser'] = $user->id;
}
- function get_temp_user()
+ function getTempUser()
{
common_ensure_session();
$user_id = $_SESSION['tempuser'];
@@ -132,44 +135,51 @@ class RecoverpasswordAction extends Action
return $user;
}
- function clear_temp_user()
+ function clearTempUser()
{
common_ensure_session();
unset($_SESSION['tempuser']);
}
- function show_top($msg=null)
+ function showPageNotice()
{
- if ($msg) {
- $this->element('div', 'error', $msg);
+ if ($this->msg) {
+ $this->element('div', ($this->success) ? 'success' : 'error', $this->msg);
} else {
$this->elementStart('div', 'instructions');
- $this->element('p', null,
- _('If you\'ve forgotten or lost your' .
- ' password, you can get a new one sent to' .
- ' the email address you have stored ' .
- ' in your account.'));
+ if ($this->mode == 'recover') {
+ $this->element('p', null,
+ _('If you\'ve forgotten or lost your' .
+ ' password, you can get a new one sent to' .
+ ' the email address you have stored ' .
+ ' in your account.'));
+ } else if ($this->mode == 'reset') {
+ $this->element('p', null,
+ _('You\'ve been identified. Enter a ' .
+ ' new password below. '));
+ }
$this->elementEnd('div');
}
}
- function show_password_top($msg=null)
+ function showForm($msg=null)
{
- if ($msg) {
- $this->element('div', 'error', $msg);
- } else {
- $this->element('div', 'instructions',
- _('You\'ve been identified. Enter a ' .
- ' new password below. '));
- }
+ $this->msg = $msg;
+ $this->mode = 'recover';
+ $this->showPage();
}
- function show_form($msg=null)
+ function showContent()
{
+ if ($this->mode == 'recover') {
+ $this->showRecoverForm();
+ } else if ($this->mode == 'reset') {
+ $this->showResetForm();
+ }
+ }
- common_show_header(_('Recover password'), null,
- $msg, array($this, 'show_top'));
-
+ function showRecoverForm()
+ {
$this->elementStart('form', array('method' => 'post',
'id' => 'recoverpassword',
'action' => common_local_url('recoverpassword')));
@@ -179,15 +189,29 @@ class RecoverpasswordAction extends Action
'or your registered email address.'));
$this->submit('recover', _('Recover'));
$this->elementEnd('form');
- common_show_footer();
}
- function show_password_form($msg=null)
+ function title()
{
+ switch ($this->mode) {
+ case 'reset': return _('Reset password');
+ case 'recover': return _('Recover password');
+ case 'sent': return _('Password recovery requested');
+ case 'saved': return _('Password saved.');
+ default:
+ return _('Unknown action');
+ }
+ }
- common_show_header(_('Reset password'), null,
- $msg, array($this, 'show_password_top'));
+ function showPasswordForm($msg=null)
+ {
+ $this->msg = $msg;
+ $this->mode = 'reset';
+ $this->showPage();
+ }
+ function showResetForm()
+ {
$this->elementStart('form', array('method' => 'post',
'id' => 'recoverpassword',
'action' => common_local_url('recoverpassword')));
@@ -198,14 +222,13 @@ class RecoverpasswordAction extends Action
_('Same as password above'));
$this->submit('reset', _('Reset'));
$this->elementEnd('form');
- common_show_footer();
}
- function recover_password()
+ function recoverPassword()
{
$nore = $this->trimmed('nicknameoremail');
if (!$nore) {
- $this->show_form(_('Enter a nickname or email address.'));
+ $this->showForm(_('Enter a nickname or email address.'));
return;
}
@@ -225,7 +248,7 @@ class RecoverpasswordAction extends Action
}
if (!$user) {
- $this->show_form(_('No user with that email address or username.'));
+ $this->showForm(_('No user with that email address or username.'));
return;
}
@@ -277,25 +300,24 @@ class RecoverpasswordAction extends Action
mail_to_user($user, _('Password recovery requested'), $body, $confirm->address);
- common_show_header(_('Password recovery requested'));
- $this->element('p', null,
- _('Instructions for recovering your password ' .
+ $this->mode = 'sent';
+ $this->msg = _('Instructions for recovering your password ' .
'have been sent to the email address registered to your ' .
- 'account.'));
- common_show_footer();
+ 'account.');
+ $this->success = true;
+ $this->showPage();
}
- function reset_password()
+ function resetPassword()
{
-
# CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
- $this->show_form(_('There was a problem with your session token. Try again, please.'));
+ $this->showForm(_('There was a problem with your session token. Try again, please.'));
return;
}
- $user = $this->get_temp_user();
+ $user = $this->getTempUser();
if (!$user) {
$this->clientError(_('Unexpected password reset.'));
@@ -306,11 +328,11 @@ class RecoverpasswordAction extends Action
$confirm = $this->trimmed('confirm');
if (!$newpassword || strlen($newpassword) < 6) {
- $this->show_password_form(_('Password must be 6 chars or more.'));
+ $this->showPasswordForm(_('Password must be 6 chars or more.'));
return;
}
if ($newpassword != $confirm) {
- $this->show_password_form(_('Password and confirmation do not match.'));
+ $this->showPasswordForm(_('Password and confirmation do not match.'));
return;
}
@@ -326,7 +348,7 @@ class RecoverpasswordAction extends Action
return;
}
- $this->clear_temp_user();
+ $this->clearTempUser();
if (!common_set_user($user->nickname)) {
$this->serverError(_('Error setting user.'));
@@ -335,9 +357,10 @@ class RecoverpasswordAction extends Action
common_real_login(true);
- common_show_header(_('Password saved.'));
- $this->element('p', null, _('New password successfully saved. ' .
- 'You are now logged in.'));
- common_show_footer();
+ $this->mode = 'saved';
+ $this->msg = _('New password successfully saved. ' .
+ 'You are now logged in.');
+ $this->success = true;
+ $this->showPage();
}
}
diff --git a/actions/remotesubscribe.php b/actions/remotesubscribe.php
index 32e9bf3d3..3c8346fbe 100644
--- a/actions/remotesubscribe.php
+++ b/actions/remotesubscribe.php
@@ -23,100 +23,112 @@ require_once(INSTALLDIR.'/lib/omb.php');
class RemotesubscribeAction extends Action
{
+ var $nickname;
+ var $profile_url;
+ var $err;
- function handle($args)
+ function prepare($args)
{
-
- parent::handle($args);
+ parent::prepare($args);
if (common_logged_in()) {
$this->clientError(_('You can use the local subscription!'));
- return;
+ return false;
}
- if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+ $this->nickname = $this->trimmed('nickname');
+ $this->profile_url = $this->trimmed('profile_url');
+
+ return true;
+ }
+
+ function handle($args)
+ {
+ parent::handle($args);
+ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
# CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
- $this->show_form(_('There was a problem with your session token. Try again, please.'));
+ $this->showForm(_('There was a problem with your session token. '.
+ 'Try again, please.'));
return;
}
-
- $this->remote_subscription();
+ $this->remoteSubscription();
} else {
- $this->show_form();
+ $this->showForm();
}
}
- function get_instructions()
+ function showForm($err=null)
{
- return _('To subscribe, you can [login](%%action.login%%),' .
- ' or [register](%%action.register%%) a new ' .
- ' account. If you already have an account ' .
- ' on a [compatible microblogging site](%%doc.openmublog%%), ' .
- ' enter your profile URL below.');
+ $this->err = $err;
+ $this->showPage();
}
- function show_top($err=null)
+ function showPageNotice()
{
- if ($err) {
- $this->element('div', 'error', $err);
+ if ($this->err) {
+ $this->element('div', 'error', $this->err);
} else {
- $instructions = $this->get_instructions();
- $output = common_markup_to_html($instructions);
+ $inst = _('To subscribe, you can [login](%%action.login%%),' .
+ ' or [register](%%action.register%%) a new ' .
+ ' account. If you already have an account ' .
+ ' on a [compatible microblogging site](%%doc.openmublog%%), ' .
+ ' enter your profile URL below.');
+ $output = common_markup_to_html($inst);
$this->elementStart('div', 'instructions');
$this->raw($output);
- $this->elementEnd('p');
+ $this->elementEnd('div');
}
}
- function show_form($err=null)
+ function title()
+ {
+ return _('Remote subscribe');
+ }
+
+ function showContent()
{
- $nickname = $this->trimmed('nickname');
- $profile = $this->trimmed('profile_url');
- common_show_header(_('Remote subscribe'), null, $err,
- array($this, 'show_top'));
# id = remotesubscribe conflicts with the
# button on profile page
$this->elementStart('form', array('id' => 'remsub', 'method' => 'post',
'action' => common_local_url('remotesubscribe')));
$this->hidden('token', common_session_token());
- $this->input('nickname', _('User nickname'), $nickname,
+ $this->input('nickname', _('User nickname'), $this->nickname,
_('Nickname of the user you want to follow'));
- $this->input('profile_url', _('Profile URL'), $profile,
+ $this->input('profile_url', _('Profile URL'), $this->profile_url,
_('URL of your profile on another compatible microblogging service'));
$this->submit('submit', _('Subscribe'));
$this->elementEnd('form');
- common_show_footer();
}
- function remote_subscription()
+ function remoteSubscription()
{
- $user = $this->get_user();
+ $user = $this->getUser();
if (!$user) {
- $this->show_form(_('No such user.'));
+ $this->showForm(_('No such user.'));
return;
}
- $profile = $this->trimmed('profile_url');
+ $this->profile_url = $this->trimmed('profile_url');
- if (!$profile) {
- $this->show_form(_('No such user.'));
+ if (!$this->profile_url) {
+ $this->showForm(_('No such user.'));
return;
}
- if (!Validate::uri($profile, array('allowed_schemes' => array('http', 'https')))) {
- $this->show_form(_('Invalid profile URL (bad format)'));
+ if (!Validate::uri($this->profile_url, array('allowed_schemes' => array('http', 'https')))) {
+ $this->showForm(_('Invalid profile URL (bad format)'));
return;
}
$fetcher = Auth_Yadis_Yadis::getHTTPFetcher();
- $yadis = Auth_Yadis_Yadis::discover($profile, $fetcher);
+ $yadis = Auth_Yadis_Yadis::discover($this->profile_url, $fetcher);
if (!$yadis || $yadis->failed) {
- $this->show_form(_('Not a valid profile URL (no YADIS document).'));
+ $this->showForm(_('Not a valid profile URL (no YADIS document).'));
return;
}
@@ -125,52 +137,50 @@ class RemotesubscribeAction extends Action
$xrds =& Auth_Yadis_XRDS::parseXRDS(trim($yadis->response_text));
if (!$xrds) {
- $this->show_form(_('Not a valid profile URL (no XRDS defined).'));
+ $this->showForm(_('Not a valid profile URL (no XRDS defined).'));
return;
}
$omb = $this->getOmb($xrds);
if (!$omb) {
- $this->show_form(_('Not a valid profile URL (incorrect services).'));
+ $this->showForm(_('Not a valid profile URL (incorrect services).'));
return;
}
if (omb_service_uri($omb[OAUTH_ENDPOINT_REQUEST]) ==
common_local_url('requesttoken'))
{
- $this->show_form(_('That\'s a local profile! Login to subscribe.'));
+ $this->showForm(_('That\'s a local profile! Login to subscribe.'));
return;
}
if (User::staticGet('uri', omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]))) {
- $this->show_form(_('That\'s a local profile! Login to subscribe.'));
+ $this->showForm(_('That\'s a local profile! Login to subscribe.'));
return;
}
- list($token, $secret) = $this->request_token($omb);
+ list($token, $secret) = $this->requestToken($omb);
if (!$token || !$secret) {
- $this->show_form(_('Couldn\'t get a request token.'));
+ $this->showForm(_('Couldn\'t get a request token.'));
return;
}
- $this->request_authorization($user, $omb, $token, $secret);
+ $this->requestAuthorization($user, $omb, $token, $secret);
}
- function get_user()
+ function getUser()
{
$user = null;
- $nickname = $this->trimmed('nickname');
- if ($nickname) {
- $user = User::staticGet('nickname', $nickname);
+ if ($this->nickname) {
+ $user = User::staticGet('nickname', $this->nickname);
}
return $user;
}
function getOmb($xrds)
{
-
static $omb_endpoints = array(OMB_ENDPOINT_UPDATEPROFILE, OMB_ENDPOINT_POSTNOTICE);
static $oauth_endpoints = array(OAUTH_ENDPOINT_REQUEST, OAUTH_ENDPOINT_AUTHORIZE,
OAUTH_ENDPOINT_ACCESS);
@@ -265,7 +275,7 @@ class RemotesubscribeAction extends Action
return true;
}
- function request_token($omb)
+ function requestToken($omb)
{
$con = omb_oauth_consumer();
@@ -310,7 +320,7 @@ class RemotesubscribeAction extends Action
return array($return['oauth_token'], $return['oauth_token_secret']);
}
- function request_authorization($user, $omb, $token, $secret)
+ function requestAuthorization($user, $omb, $token, $secret)
{
global $config; # for license URL
@@ -391,9 +401,4 @@ class RemotesubscribeAction extends Action
common_redirect($req->to_url());
return;
}
-
- function make_nonce()
- {
- return common_good_rand(16);
- }
}