From ed5828f30ea0f7a30e01d407058990b06164c6f3 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 8 Jan 2010 17:20:25 -0800 Subject: Redirect to a one-time-password when ssl and regular server are different --- classes/Login_token.php | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'classes') diff --git a/classes/Login_token.php b/classes/Login_token.php index 746cd7f22..51dc61262 100644 --- a/classes/Login_token.php +++ b/classes/Login_token.php @@ -40,6 +40,8 @@ class Login_token extends Memcached_DataObject /* the code above is auto generated do not remove the tag below */ ###END_AUTOCODE + const TIMEOUT = 120; // seconds after which to timeout the token + /* DB_DataObject calculates the sequence key(s) by taking the first key returned by the keys() function. In this case, the keys() function returns user_id as the first key. user_id is not a sequence, but @@ -52,4 +54,29 @@ class Login_token extends Memcached_DataObject { return array(false,false); } + + function makeNew($user) + { + $login_token = Login_token::staticGet('user_id', $user->id); + + if (!empty($login_token)) { + $login_token->delete(); + } + + $login_token = new Login_token(); + + $login_token->user_id = $user->id; + $login_token->token = common_good_rand(16); + $login_token->created = common_sql_now(); + + $result = $login_token->insert(); + + if (!$result) { + common_log_db_error($login_token, 'INSERT', __FILE__); + throw new Exception(sprintf(_('Could not create login token for %s'), + $user->nickname)); + } + + return $login_token; + } } -- cgit v1.2.3-54-g00ecf From 5ca41b68703e8d8e41325ab4dd9c798946fc7a10 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 9 Jan 2010 16:19:45 -0800 Subject: redirect to sitename.wildcard for SSL --- classes/Status_network.php | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) (limited to 'classes') diff --git a/classes/Status_network.php b/classes/Status_network.php index b3117640d..8dff879df 100644 --- a/classes/Status_network.php +++ b/classes/Status_network.php @@ -150,9 +150,18 @@ class Status_network extends DB_DataObject } if (!empty($sn)) { - if (!empty($sn->hostname) && 0 != strcasecmp($sn->hostname, $servername)) { - $sn->redirectToHostname(); + + // Redirect to the right URL + + if (!empty($sn->hostname) && + empty($SERVER['HTTPS']) && + 0 != strcasecmp($sn->hostname, $servername)) { + $sn->redirectTo('http://'.$sn->hostname.$_SERVER['REQUEST_URI']); + } else if (!empty($SERVER['HTTPS']) && + 0 != strcasecmp($sn->sitename.'.'.$wildcard, $servername)) { + $sn->redirectTo('https://'.$sn->sitename.'.'.$wildcard.$_SERVER['REQUEST_URI']); } + $dbhost = (empty($sn->dbhost)) ? 'localhost' : $sn->dbhost; $dbuser = (empty($sn->dbuser)) ? $sn->nickname : $sn->dbuser; $dbpass = $sn->dbpass; @@ -179,11 +188,8 @@ class Status_network extends DB_DataObject // (C) 2006 by Heiko Richler http://www.richler.de/ // LGPL - function redirectToHostname() + function redirectTo($destination) { - $destination = 'http://'.$this->hostname; - $destination .= $_SERVER['REQUEST_URI']; - $old = 'http'. (($_SERVER['HTTPS'] == 'on') ? 'S' : ''). '://'. -- cgit v1.2.3-54-g00ecf From deb5ee61542d01d90c0b0a462d5be2fdf5b876bb Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 9 Jan 2010 16:31:25 -0800 Subject: correct superglobal variable name --- classes/Status_network.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'classes') diff --git a/classes/Status_network.php b/classes/Status_network.php index 8dff879df..dce3e0b8f 100644 --- a/classes/Status_network.php +++ b/classes/Status_network.php @@ -154,10 +154,10 @@ class Status_network extends DB_DataObject // Redirect to the right URL if (!empty($sn->hostname) && - empty($SERVER['HTTPS']) && + empty($_SERVER['HTTPS']) && 0 != strcasecmp($sn->hostname, $servername)) { $sn->redirectTo('http://'.$sn->hostname.$_SERVER['REQUEST_URI']); - } else if (!empty($SERVER['HTTPS']) && + } else if (!empty($_SERVER['HTTPS']) && 0 != strcasecmp($sn->sitename.'.'.$wildcard, $servername)) { $sn->redirectTo('https://'.$sn->sitename.'.'.$wildcard.$_SERVER['REQUEST_URI']); } -- cgit v1.2.3-54-g00ecf From e8d85a1ef5966ba89ea88a6d706a066986e1dceb Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 9 Jan 2010 22:48:05 -0800 Subject: use nickname, not sitename, in domain for SSL --- classes/Status_network.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'classes') diff --git a/classes/Status_network.php b/classes/Status_network.php index dce3e0b8f..96212c465 100644 --- a/classes/Status_network.php +++ b/classes/Status_network.php @@ -158,8 +158,8 @@ class Status_network extends DB_DataObject 0 != strcasecmp($sn->hostname, $servername)) { $sn->redirectTo('http://'.$sn->hostname.$_SERVER['REQUEST_URI']); } else if (!empty($_SERVER['HTTPS']) && - 0 != strcasecmp($sn->sitename.'.'.$wildcard, $servername)) { - $sn->redirectTo('https://'.$sn->sitename.'.'.$wildcard.$_SERVER['REQUEST_URI']); + 0 != strcasecmp($sn->nickname.'.'.$wildcard, $servername)) { + $sn->redirectTo('https://'.$sn->nickname.'.'.$wildcard.$_SERVER['REQUEST_URI']); } $dbhost = (empty($sn->dbhost)) ? 'localhost' : $sn->dbhost; -- cgit v1.2.3-54-g00ecf From 3d723ed1ed0755a4ad30e1d3388d663f53193295 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 9 Jan 2010 22:49:26 -0800 Subject: allow hostname with SSL --- classes/Status_network.php | 1 + 1 file changed, 1 insertion(+) (limited to 'classes') diff --git a/classes/Status_network.php b/classes/Status_network.php index 96212c465..1f0e602cf 100644 --- a/classes/Status_network.php +++ b/classes/Status_network.php @@ -158,6 +158,7 @@ class Status_network extends DB_DataObject 0 != strcasecmp($sn->hostname, $servername)) { $sn->redirectTo('http://'.$sn->hostname.$_SERVER['REQUEST_URI']); } else if (!empty($_SERVER['HTTPS']) && + 0 != strcasecmp($sn->hostname, $servername) && 0 != strcasecmp($sn->nickname.'.'.$wildcard, $servername)) { $sn->redirectTo('https://'.$sn->nickname.'.'.$wildcard.$_SERVER['REQUEST_URI']); } -- cgit v1.2.3-54-g00ecf From e2dee5fedbedef69fbc825fcac39973f91f09c1a Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 10 Jan 2010 00:20:08 -0800 Subject: always set site/server to hostname if it exists --- classes/Status_network.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'classes') diff --git a/classes/Status_network.php b/classes/Status_network.php index 1f0e602cf..776f6abb0 100644 --- a/classes/Status_network.php +++ b/classes/Status_network.php @@ -170,7 +170,11 @@ class Status_network extends DB_DataObject $config['db']['database'] = "mysqli://$dbuser:$dbpass@$dbhost/$dbname"; - $config['site']['name'] = $sn->sitename; + $config['site']['name'] = $sn->sitename; + + if (!empty($sn->hostname)) { + $config['site']['server'] = $sn->hostname; + } if (!empty($sn->theme)) { $config['site']['theme'] = $sn->theme; -- cgit v1.2.3-54-g00ecf