summaryrefslogtreecommitdiffstats
path: root/include/login.php
diff options
context:
space:
mode:
authorArun Persaud <arun@nubati.net>2009-04-25 00:33:14 -0700
committerArun Persaud <arun@nubati.net>2009-04-25 11:32:25 -0700
commita57cfa3be6ee0fbce336dc98e2862ac39f2b1add (patch)
treeb7e4fc46ca06b6147c005700fb2a092c5b13a080 /include/login.php
parent4cbc3848a891ac9addf10264d24a9f4273c5e355 (diff)
downloade-DoKo-a57cfa3be6ee0fbce336dc98e2862ac39f2b1add.tar.gz
e-DoKo-a57cfa3be6ee0fbce336dc98e2862ac39f2b1add.tar.bz2
e-DoKo-a57cfa3be6ee0fbce336dc98e2862ac39f2b1add.zip
NEW FEATURE: added OpenID support
Users can add and delete OpenIDs on the settings page and then log in user those OpenIds. They can also use their OpenIDs to register.
Diffstat (limited to 'include/login.php')
-rw-r--r--include/login.php62
1 files changed, 58 insertions, 4 deletions
diff --git a/include/login.php b/include/login.php
index c1a0e42..3c3f6be 100644
--- a/include/login.php
+++ b/include/login.php
@@ -5,12 +5,62 @@
if(!isset($HOST))
exit;
-/* check if login information is present */
-if(!myisset('email','password'))
+include_once('openid.php');
+
+function escape($thing) {
+ return htmlentities($thing);
+}
+
+/* check for openid stuff */
+if($OPENIDPATH && myisset('openid_identity') && $_REQUEST['openid_identity']!='')
{
- echo "can't log you in... missing login information.";
+ /* what openid is being used? */
+ $openid_url = OpenIDUrlEncode($_REQUEST['openid_identity']);
+ /* get the userid from the database, openids need to be registered within E-DoKo */
+ $data = OpenIDVerify();
+ $ok = 0;
+
+ /* verify ok? */
+ if($data)
+ {
+ /* do we know this openid?*/
+ $myid = DB_GetUserId($openid_url);
+
+ if(!$myid)
+ {
+ /* openid unknown, perhaps not registered? */
+ echo "<p>Openid ok, but not registered with any account. If you have an account ".
+ "on E-DoKo, please log in and add your openid in your preferences first. </p>\n";
+
+
+ /* or perhaps a new user...*/
+ $email = $data['email'];
+ $name = $data['fullname'];
+ echo "<p>If you wan to register a new account with this OpenID, please follow this ".
+ "<a href=\"index.php?action=register&amp;openid_url=".$openid_url.
+ "&amp;openidname=$name&amp;openidemail=$email\">link</a>.</p>";
+ }
+ else
+ $ok=1;
+ }
+
+ if($ok)
+ {
+ /* user information is ok, set session variabel */
+ $email = DB_get_email('userid',$myid);
+ $myname = DB_get_name('email',$email);
+ $password = DB_get_passwd_by_userid($myid);
+ $_SESSION['name'] = $myname;
+ $_SESSION['id'] = $myid;
+ $_SESSION['pass'] = $password;
+ }
}
-else
+else if($OPENIDPATH && myisset('openid_url') && $_REQUEST['openid_url']!='')
+ {
+ OpenIDAskForVerification(OpenIDUrlEncode($_REQUEST['openid_url']));
+ }
+/* check if normal login information is present */
+else if(myisset('email','password'))
{
$email = $_REQUEST['email'];
$password = $_REQUEST['password'];
@@ -33,4 +83,8 @@ else
$_SESSION['pass'] = $password;
}
}
+else
+ {
+ echo "can't log you in... missing login information.";
+ }
?> \ No newline at end of file