<?php
+/* Copyright 2006, 2007, 2008, 2009, 2010 Arun Persaud <arun@nubati.net>
+ *
+ * This file is part of e-DoKo.
+ *
+ * e-DoKo is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * e-DoKo is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with e-DoKo. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
/* make sure that we are not called from outside the scripts,
* use a variable defined in config.php to check this
*/
if(!isset($HOST))
exit;
-/* check if login information is present */
-if(!myisset('email','password'))
+include_once('openid.php');
+
+function escape($thing) {
+ return htmlentities($thing);
+}
+
+/* check for openid stuff */
+if($OPENIDPATH && myisset('openid_identity') && $_REQUEST['openid_identity']!='')
{
- echo "can't log you in... missing login information.";
+ /* what openid is being used? */
+ $openid_url = OpenIDUrlEncode($_REQUEST['openid_identity']);
+ /* get the userid from the database, openids need to be registered within E-DoKo */
+ $data = OpenIDVerify();
+ $ok = 0;
+
+ /* verify ok? */
+ if($data)
+ {
+ /* do we know this openid?*/
+ $myid = DB_GetUserId($openid_url);
+
+ if(!$myid)
+ {
+ /* openid unknown, perhaps not registered? */
+ echo "<p>Openid ok, but not registered with any account. If you have an account ".
+ "on E-DoKo, please log in and add your openid in your preferences first. </p>\n";
+
+
+ /* or perhaps a new user...*/
+ $email = $data['email'];
+ $name = $data['fullname'];
+ echo "<p>If you wan to register a new account with this OpenID, please follow this ".
+ "<a href=\"index.php?action=register&openid_url=".$openid_url.
+ "&openidname=$name&openidemail=$email\">link</a>.</p>";
+ }
+ else
+ $ok=1;
+ }
+
+ if($ok)
+ {
+ /* user information is ok, set session variabel */
+ $email = DB_get_email('userid',$myid);
+ $myname = DB_get_name('email',$email);
+ $password = DB_get_passwd_by_userid($myid);
+ $_SESSION['name'] = $myname;
+ $_SESSION['id'] = $myid;
+ $_SESSION['pass'] = $password;
+ }
}
-else
+else if($OPENIDPATH && myisset('openid_url') && $_REQUEST['openid_url']!='')
+ {
+ OpenIDAskForVerification(OpenIDUrlEncode($_REQUEST['openid_url']));
+ }
+/* check if normal login information is present */
+else if(myisset('email','password'))
{
$email = $_REQUEST['email'];
$password = $_REQUEST['password'];
$_SESSION['pass'] = $password;
}
}
+else
+ {
+ echo "can't log you in... missing login information.";
+ }
?>
\ No newline at end of file
projects / e-DoKo.git / blobdiff