diff options
author | Wojciech Polak <polak@gnu.org> | 2010-05-14 23:17:06 +0200 |
---|---|---|
committer | Wojciech Polak <polak@gnu.org> | 2010-05-14 23:17:06 +0200 |
commit | ac61ac8cd76e9588bf8f4879716d9bbbfe718e76 (patch) | |
tree | adef21b82d3262d8476d3217b60b7b3dfbd945ac | |
parent | e577933281b5c423445b510aa272cd4f9acf06e2 (diff) | |
download | cheetah-ac61ac8cd76e9588bf8f4879716d9bbbfe718e76.tar.gz cheetah-ac61ac8cd76e9588bf8f4879716d9bbbfe718e76.tar.bz2 |
Add OpenID providers selection.
Merge openid_manage and fb_connect into linked-accounts.
-rw-r--r-- | css/v2/cswindow.css | 63 | ||||
-rw-r--r-- | css/v2/login.css | 43 | ||||
-rw-r--r-- | frontend/fb_connect.php | 138 | ||||
-rw-r--r-- | frontend/images/master-auth.png | bin | 0 -> 7549 bytes | |||
-rw-r--r-- | frontend/lib/d-files.php | 3 | ||||
-rw-r--r-- | frontend/lib/session.class.php | 53 | ||||
-rw-r--r-- | frontend/linked-accounts.php | 282 | ||||
-rw-r--r-- | frontend/login.php | 97 | ||||
-rw-r--r-- | frontend/openid_manage.php | 183 | ||||
-rw-r--r-- | frontend/rd.php | 11 | ||||
-rw-r--r-- | frontend/reader.php | 3 | ||||
-rw-r--r-- | frontend/xrds.php | 6 | ||||
-rw-r--r-- | js/v2/gui.js | 34 | ||||
-rw-r--r-- | js/v2/login.js | 418 | ||||
-rw-r--r-- | po/POTFILES.in | 2 |
15 files changed, 699 insertions, 637 deletions
diff --git a/css/v2/cswindow.css b/css/v2/cswindow.css index 21643f4..ff00b10 100644 --- a/css/v2/cswindow.css +++ b/css/v2/cswindow.css @@ -5,44 +5,34 @@ a:active { color: yellow; } body { background-color: black; color: white; - text-align: center; + text-align: left; + border: 2px solid red; + border-radius: 8px; + padding: 1em; + -moz-border-radius: 8px; + -webkit-border-radius: 8px; +} +h2 { + font-size: 100%; } ul, p { margin-top: 1em; margin-bottom: 1em; } -.smaller { - font-size: smaller; -} +.hidden { display: none; } +.left { text-align: left; } +.smaller { font-size: smaller; } .warning { color: red; font-weight: bold; } -#box { - position: relative; - width: 80%; - max-width: 600px; - top: 50px; - border: 2px solid red; - margin-left: auto; - margin-right: auto; - padding: 1em; - border-radius: 8px; - -moz-border-radius: 8px; - -webkit-border-radius: 8px; -} -#box a { - color: #eae3d7; - font-size: smaller; -} -#box table { - margin-left: auto; - margin-right: auto; +#accounts { + font-size: 85%; } -#add_openid { +.openid { background: url(images/openid.png) no-repeat; background-color: #fff; background-position: 0 50%; @@ -50,3 +40,26 @@ ul, p { padding-left: 18px; } .img-16-delete {background: transparent url(images/master-icons.png?v=0) no-repeat -64px 0px;} + +#providers { + height: 40px; +} +#providers a { + float: left; + width: 32px; + height: 32px; + margin-right: 4px; + border: 1px solid black; +} +#providers a:hover { + border: 1px dashed #fffcc9; +} +#providers a.selected { + border: 4px solid #fffcc9; + -moz-border-radius: 10px; + -webkit-border-radius: 10px; +} +#auth-facebook { background: transparent url(images/master-auth.png?v=0) no-repeat 0px 0px; } +#auth-google { background: transparent url(images/master-auth.png?v=0) no-repeat -32px 0px; } +#auth-openid { background: transparent url(images/master-auth.png?v=0) no-repeat -64px 0px; } +#auth-yahoo { background: transparent url(images/master-auth.png?v=0) no-repeat -96px 0px; } diff --git a/css/v2/login.css b/css/v2/login.css index 54d7d51..1804f41 100644 --- a/css/v2/login.css +++ b/css/v2/login.css @@ -8,13 +8,9 @@ ul, p { margin-bottom: 1em; } -.hidden { - display: none; -} - -.smaller { - font-size: 90%; -} +.hidden { display: none; } +.left { text-align: left; } +.smaller { font-size: 90%; } .link { color: #eae3d7; @@ -68,7 +64,7 @@ ul, p { margin-right: auto; } -input.openid_identifier { +#openid_identifier { background: url(images/openid.png) no-repeat; background-color: #fff; background-position: 0 50%; @@ -162,3 +158,34 @@ input.openid_identifier { color: white; text-decoration: none; } + +#trExtAuth p { + margin: 0.5em 0 0.5em 0; +} +#trOpenID { + margin: 0.5em 0 0.5em 0; +} + +#providers { + height: 40px; + padding-left: 8px; +} +#providers a { + float: left; + width: 32px; + height: 32px; + margin-right: 4px; + border: 1px solid black; +} +#providers a:hover { + border: 1px dashed #fffcc9; +} +#providers a.selected { + border: 4px solid #fffcc9; + -moz-border-radius: 10px; + -webkit-border-radius: 10px; +} +#auth-facebook { background: transparent url(images/master-auth.png?v=0) no-repeat 0px 0px; } +#auth-google { background: transparent url(images/master-auth.png?v=0) no-repeat -32px 0px; } +#auth-openid { background: transparent url(images/master-auth.png?v=0) no-repeat -64px 0px; } +#auth-yahoo { background: transparent url(images/master-auth.png?v=0) no-repeat -96px 0px; } diff --git a/frontend/fb_connect.php b/frontend/fb_connect.php deleted file mode 100644 index ee91c23..0000000 --- a/frontend/fb_connect.php +++ /dev/null @@ -1,138 +0,0 @@ -<?php - -/* - Cheetah News fb_connect.php - Copyright (C) 2010 Wojciech Polak. - - This program is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by the - Free Software Foundation; either version 3 of the License, or (at your - option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -require_once 'lib/include.php'; -require_once 'lib/d-sigs.php'; -require_once 'lib/facebook.php'; - -start_session (null, true); -$session->auth ('iflogged'); -$message = ''; -$auth = true; - -getvars ('link'); - -if ($session->status['afterlogged'] != 'yes' || - $session->email == 'guest') -{ - $message = _('You are using a guest account. You must register in order to do this.'); - $auth = false; -} -else if ($link == '1') -{ - try { - $fb = new Facebook (array ('appId' => $CONF['fb.app_id'], - 'secret' => $CONF['fb.secret_key'], - 'cookie' => true)); - $fb_session = $fb->getSession (); - if ($fb_session) { - $fb_uid = $fb->getUser (); - if ($fb_uid) { - $db = new Database (); - $db->query ("UPDATE user SET fbUID=".$fb_uid." WHERE id='". - $session->id."'"); - } - } - } - catch (FacebookApiException $e) { - error_log ($e); - } -} -else if ($link == '0') -{ - $db->query ("UPDATE user SET fbUID=0 WHERE id='".$session->id."'"); -} - -if ($auth) { - $profile_url = null; - - $db = new Database (); - $db->query ("SELECT fbUID FROM user WHERE id='".$session->id."'"); - if ($db->next_record ()) { - $fbUID = $db->f ('fbUID'); - - try { - $fb = new Facebook (array ('appId' => $CONF['fb.app_id'], - 'secret' => $CONF['fb.secret_key'], - 'cookie' => true)); - $fb_session = $fb->getSession (); - if ($fb_session) { - $fb_uid = $fb->getUser (); - if ($fb_uid) { - $me = $fb->api ('/me'); - if ($me && isset ($me['link'])) - $profile_url = $me['link']; - } - } - } - catch (FacebookApiException $e) { - error_log ($e); - } - } -} - -?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> -<html xmlns="http://www.w3.org/1999/xhtml" - xmlns:fb="http://www.facebook.com/2008/fbml"> -<head> -<title>Cheetah News</title> -<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> -<meta name="robots" content="noindex,nofollow" /> -<link rel="stylesheet" href="<?=dsp('css.cswindow')?>" type="text/css" /> -<link rel="icon" href="images/favicon.png" type="image/png" /> -</head> -<body> - -<?php - -if (!empty ($message)) { -?> -<div id="box"> - <h2><?php echo $message; ?></h2> -</div> -<?php } - -if ($auth) { - if ($fbUID) { - echo '<p>Your account is connected with Facebook UID: '; - if ($profile_url) - echo '<a href="'.$profile_url.'" target="_blank">'.$fbUID.'</a>'; - else - echo $fbUID; - echo '</p>'; - } - else { - echo '<p>Your account is not connected with Facebook</p>'."\n"; - echo '<p><fb:login-button length="long" onlogin="fb_link()" perms="email" /></p>'."\n"; - } -?> - -<?php if (isset ($CONF['fb.app_id'])) { ?> -<div id="fb-root"></div> -<script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"></script> -<script type="text/javascript"> -function fb_link () { window.location = 'fb_connect?link=1'; } -FB.init ({appId: '<?=$CONF['fb.app_id']?>', status: true, cookie: true, xfbml: true}); -</script> -<?php } }?> - -</body> -</html> diff --git a/frontend/images/master-auth.png b/frontend/images/master-auth.png Binary files differnew file mode 100644 index 0000000..61d171b --- /dev/null +++ b/frontend/images/master-auth.png diff --git a/frontend/lib/d-files.php b/frontend/lib/d-files.php index 4b215c2..d3445bd 100644 --- a/frontend/lib/d-files.php +++ b/frontend/lib/d-files.php @@ -34,7 +34,8 @@ $files = array ('bt' => array ('js', array ('js/v2/i18n.js', 'js/v2/notes.js', 'js/v2/weather.js', 'js/v2/niftycube.js')), - 'login' => array ('js', array ('js/v2/login.js')), + 'login' => array ('js', array ('js/v2/jquery.js', + 'js/v2/login.js')), 'tr' => array ('xml', array ('xslt/v2/feed.xsl')), 'op' => array ('xml', array ('xslt/v2/opml.xsl')), 'wt' => array ('xml', array ('xslt/v2/weather.xsl')), diff --git a/frontend/lib/session.class.php b/frontend/lib/session.class.php index b1f7208..683bf73 100644 --- a/frontend/lib/session.class.php +++ b/frontend/lib/session.class.php @@ -2,7 +2,7 @@ /* Cheetah News lib/session.class.php - Copyright (C) 2005, 2006, 2007, 2008 Wojciech Polak. + Copyright (C) 2005, 2006, 2007, 2008, 2010 Wojciech Polak. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the @@ -18,7 +18,7 @@ with this program. If not, see <http://www.gnu.org/licenses/>. */ -function start_session ($persistentCookie, $noCache = true, $age = 30) +function start_session ($persistentCookie, $noCache=true, $age=30) { global $session; @@ -87,7 +87,7 @@ class Session $this->status['iflogged'] = ''; } - function login ($email, $pass, $feedurl='') + function login ($email, $pass) { global $CONF; @@ -131,10 +131,10 @@ class Session $db->query ("UPDATE user SET lastLog='".gmdate ('Y-m-d H:i:s')."', ". "active='yes', failogCount=0 WHERE id='".$this->id."'"); - $r = $CONF['secureProto'].'://'.$CONF['site'].'/rd'; - if (!empty ($feedurl)) - $r .= '?feedurl=' . urlencode ($feedurl); - redirect ($r); + if (isset ($_SERVER['HTTPS'])) + redirect ($CONF['secureProto'].'://'.$CONF['site'].'/rd'); + else + redirect ('http://'.$CONF['site'].'/'); } else /* failog, protection against dictionary attack */ { @@ -145,14 +145,14 @@ class Session } } - function openid1 ($openid_identifier, $feedurl='') + function openid1 ($openid_identifier) { global $CONF; session_regenerate_id (); - $process_url = $CONF['secureProto'].'://'.$CONF['site'].'/login'; - $trust_root = $CONF['secureProto'].'://'.$CONF['site'].'/'; + $process_url = 'http://'.$CONF['site'].'/login'; + $trust_root = 'http://'.$CONF['site'].'/'; $store = new Auth_OpenID_FileStore ($CONF['openIdStorePath']); $consumer = new Auth_OpenID_Consumer ($store); @@ -180,7 +180,7 @@ class Session redirect ($redirect_url); } - function openid2 ($identity, $email, $feedurl='') + function openid2 ($identity, $email) { global $CONF; @@ -208,10 +208,10 @@ class Session $db->query ("UPDATE user SET lastLog='".gmdate ('Y-m-d H:i:s')."', ". "active='yes' WHERE id='".$this->id."'"); - $r = $CONF['secureProto'].'://'.$CONF['site'].'/rd'; - if (!empty ($feedurl)) - $r .= '?feedurl=' . urlencode ($feedurl); - redirect ($r); + if (isset ($_SERVER['HTTPS'])) + redirect ($CONF['secureProto'].'://'.$CONF['site'].'/rd'); + else + redirect ('http://'.$CONF['site'].'/'); } else return "OpenID account match error"; @@ -243,7 +243,7 @@ class Session return _("New OpenID accounts without email address are not supported."); } - function fb_login (&$fb, $fb_uid, $insideFB=false, $feedurl='') + function fb_login (&$fb, $fb_uid, $insideFB=false) { global $CONF; @@ -262,15 +262,10 @@ class Session $db->query ("UPDATE user SET lastLog='".gmdate ('Y-m-d H:i:s')."', ". "active='yes' WHERE id='".$this->id."'"); - if ($insideFB) { + if ($insideFB) $r = 'http://'.$CONF['site'].'/reader?insideFB=1'; - } - else { - if (!empty ($feedurl)) - $r = 'http://'.$CONF['site'].'/rd?feedurl='.urlencode ($feedurl); - else - $r = 'http://'.$CONF['site'].'/'; - } + else + $r = 'http://'.$CONF['site'].'/'; redirect ($r); } else @@ -328,7 +323,7 @@ class Session redirect ('http://'.$CONF['site'].'/'); } - function auth ($res, $feedurl = '') + function auth ($res) { global $_ARGS, $CONF; @@ -359,12 +354,8 @@ class Session } else if ($res == 'iflogged') return false; - else { - $r = 'http://'.$CONF['site'].'/login'; - if (!empty ($feedurl)) - $r .= '?feedurl=' . urlencode ($feedurl); - redirect ($r); - } + else + redirect ('http://'.$CONF['site'].'/login'); } } diff --git a/frontend/linked-accounts.php b/frontend/linked-accounts.php new file mode 100644 index 0000000..4e94ea9 --- /dev/null +++ b/frontend/linked-accounts.php @@ -0,0 +1,282 @@ +<?php + +/* + Cheetah News linked-accounts.php + Copyright (C) 2008, 2010 Wojciech Polak. + + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by the + Free Software Foundation; either version 3 of the License, or (at your + option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +require_once 'lib/include.php'; +require_once 'lib/d-sigs.php'; +require_once 'lib/facebook.php'; +require_once 'Auth/OpenID/Consumer.php'; +require_once 'Auth/OpenID/FileStore.php'; +require_once 'Auth/OpenID/SReg.php'; + +start_session (null, true); +$session->auth ('iflogged'); + +$qs = false; +$message = ''; + +postvars ('link,unlink'); +$link = trim (strip_tags ($link)); +$unlink = trim (strip_tags ($unlink)); + +$db = new Database (); + +if ($session->status['afterlogged'] != 'yes' || + $session->email == 'guest') +{ + $message = _('You are using a guest account. You must register in order to do this.'); + $qs = true; +} +else if (isset ($_GET['openid_mode']) && !empty ($_GET['openid_mode'])) +{ + $store = new Auth_OpenID_FileStore ($CONF['openIdStorePath']); + $consumer = new Auth_OpenID_Consumer ($store); + + $return_to = isset ($_GET['openid_return_to']) ? + $_GET['openid_return_to'] : ''; + $response = $consumer->complete ($return_to); + + if ($response->status == Auth_OpenID_CANCEL) { + $message = _('Verification cancelled.'); + } + else if ($response->status == Auth_OpenID_FAILURE) { + $message = sprintf (_('OpenID authentication failed: %s'), + $response->message); + } + else if ($response->status == Auth_OpenID_SUCCESS) + { + $identity = $response->identity_url; + if ($identity[strlen ($identity) - 1] == '/') + $identity = substr ($identity, 0, -1); + + $db->query ("SELECT id FROM openid WHERE identity='". + $db->escape ($identity)."'"); + if ($db->next_record ()) { + $message = _('This OpenID is already attached.'); + } + else { + $db->query ("INSERT INTO openid SET userid='".$session->id. + "', identity='".$db->escape ($identity)."'"); + $message = _('Your OpenID has been successfully attached.'); + } + } +} +else if ($link == 'facebook') +{ + try { + $fb = new Facebook (array ('appId' => $CONF['fb.app_id'], + 'secret' => $CONF['fb.secret_key'], + 'cookie' => true)); + $fb_session = $fb->getSession (); + if ($fb_session) { + $fb_uid = $fb->getUser (); + if ($fb_uid) { + $db->query ("UPDATE user SET fbUID=".$fb_uid." WHERE id='". + $session->id."'"); + } + } + } + catch (FacebookApiException $e) { + error_log ($e); + } +} +else if ($unlink == 'facebook') +{ + $db->query ("UPDATE user SET fbUID=0 WHERE id='".$session->id."'"); +} +else if (!empty ($link)) +{ + $process_url = 'http://'.$CONF['site'].'/linked-accounts'; + $trust_root = 'http://'.$CONF['site'].'/'; + + $store = new Auth_OpenID_FileStore ($CONF['openIdStorePath']); + $consumer = new Auth_OpenID_Consumer ($store); + $auth_request = $consumer->begin ($link); + + if (!$auth_request) { + $message = _('OpenID authentication failed.'); + } + else { + if (strpos ($link, 'http://') !== 0) + $link = 'http://'.$link; + if ($link[strlen ($link) - 1] == '/') + $link = substr ($link, 0, -1); + + $db->query ("SELECT id FROM openid WHERE identity='".$db->escape ($link)."'"); + if (!$db->next_record ()) { + $sreg_request = Auth_OpenID_SRegRequest::build (null, null, + 'http://'.$CONF['site'].'/privacy'); + if ($sreg_request) + $auth_request->addExtension ($sreg_request); + + $redirect_url = $auth_request->redirectURL ($trust_root, $process_url); + redirect ($redirect_url); + } + else + $message = _('This OpenID is already attached.'); + } +} +else if (!empty ($unlink)) { + $db->query ("DELETE FROM openid WHERE userid='".$session->id. + "' AND identity='".$db->escape ($unlink)."'"); + redirect ('linked-accounts'); +} + +?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> +<title>Cheetah News</title> +<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> +<meta name="robots" content="noindex,nofollow" /> +<link rel="stylesheet" href="<?=dsp('css.cswindow')?>" type="text/css" /> +<link rel="icon" href="images/favicon.png" type="image/png" /> +</head> +<body> + +<a href="#" onclick="window.close()" style="float:right"><?php echo _('Close'); ?></a> + +<?php + +if (!empty ($message)) { + echo '<div id="box"><h2>'.$message.'</h2></div><p></p>'; + if ($qs) + exit (); +} + +// Facebook +$fb_profile_url = null; +$db->query ("SELECT fbUID FROM user WHERE id='".$session->id."' AND fbUID!=0"); +if ($db->next_record ()) { + $fbUID = $db->f ('fbUID'); + $fb_profile_url = 'http://www.facebook.com/profile.php?id='.$fbUID; +} + +// OpenIDs +$db->query ("SELECT * FROM openid WHERE userid='".$session->id."' ORDER BY identity"); + +?> + +<div id="box"> + <h2><?php echo _('Linked Accounts'); ?></h2> + <form action="linked-accounts" method="post"> + <ul id="accounts"> + <?php + if ($fb_profile_url) { + echo '<li><a href="'.$fb_profile_url.'" target="_blank">Facebook ID '.$fbUID.'</a> + <a href="#" onclick="return detach(\'facebook\')"> + <img class="img-16-delete" src="images/t.gif" width="16" height="16" style="border:none" + alt="'._('Unlink').'" title="'._('Unlink').'" /> + </a></li>'."\n"; + } + while ($db->next_record ()) { ?> + <li> + <?php echo $db->f ('identity'); ?> + <a href="#" onclick="return detach('<?=$db->f ('identity')?>')"> + <img class="img-16-delete" src="images/t.gif" width="16" height="16" style="border:none" + alt="<?php echo _('Unlink'); ?>" title="<?php echo _('Unlink'); ?>" /> + </a> + </li> + <?php } ?> + </ul> + <div style="margin-top:10px; border-top:1px dotted #fffcc9;"></div> + <div> + <p class="left"><?php echo _('Link your Cheetah News account with:'); ?></p> + <p id="providers"> + <?php if (isset ($CONF['fb.app_id'])) { ?> + <a href="#" id="auth-facebook" title="Facebook"></a> + <?php } ?> + <a href="#" id="auth-google" title="Google"></a> + <a href="#" id="auth-yahoo" title="Yahoo"></a> + <a href="#" id="auth-openid" title="OpenID"></a> + </p> + <div style="clear:both"></div> + </div> + <div id="add-openid" class="hidden"> + <input type="hidden" id="unlink" name="unlink" disabled="disabled" /> + <input type="text" id="link" class="openid" name="link" size="30" maxlength="255" /> + <input type="submit" value="<?php echo _('Attach'); ?>" /> + </div> + </form> +</div> + +<script type="text/javascript"> +function detach (id) { + var c = confirm ('<?php echo _('Are you sure you want to detach this account?'); ?>'); + if (c) { + var unlink = document.getElementById ('unlink'); + if (unlink) { + unlink.value = id; + unlink.disabled = false; + document.getElementById ('link').disabled = true; + document.forms[0].submit (); + } + } + return false; +} +(function () { + function GID (x) { + return document.getElementById (x); + } + function selectAuthMech () { + this.blur (); + var id = this.id; + if (id == 'auth-facebook') { + FB.login (function (res) { + if (res.session && res.perms && + res.perms.indexOf ('email') != -1) { + GID ('link').value = 'facebook'; + document.forms[0].submit (); + } + }, {perms: 'email'}); + } + else if (id == 'auth-google') { + GID ('link').value = 'https://www.google.com/accounts/o8/id'; + document.forms[0].submit (); + } + else if (id == 'auth-yahoo') { + GID ('link').value = 'http://www.yahoo.com/'; + document.forms[0].submit (); + } + else if (id == 'auth-openid') { + GID ('add-openid').className = ''; + GID ('link').focus (); + } + return false; + } + function init () { + GID ('auth-facebook').onclick = selectAuthMech; + GID ('auth-google').onclick = selectAuthMech; + GID ('auth-yahoo').onclick = selectAuthMech; + GID ('auth-openid').onclick = selectAuthMech; + } + window.onload = init; +})(); +</script> + +<?php if (isset ($CONF['fb.app_id'])) { ?> +<div id="fb-root"></div> +<script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"></script> +<script type="text/javascript"> +FB.init ({appId: '<?=$CONF['fb.app_id']?>', status: true, cookie: true, xfbml: false}); +</script> +<?php } ?> + +</body> +</html> diff --git a/frontend/login.php b/frontend/login.php index 11be241..095634d 100644 --- a/frontend/login.php +++ b/frontend/login.php @@ -27,13 +27,7 @@ require_once 'Auth/OpenID/SReg.php'; getvars ('cEmail,cPassword,openid_identifier,PersistentCookie,SignIn'); getvars ('fbConnect,fb_sig_in_iframe'); -postvars ('feedurl,regPassword,regRPassword,SignUp,RecoverPassword'); - -if (empty ($feedurl) && isset ($_SERVER['QUERY_STRING'])) -{ - if (substr ($_SERVER['QUERY_STRING'], 0, 8) == 'feedurl=') - $feedurl = substr ($_SERVER['QUERY_STRING'], 8); -} +postvars ('regPassword,regRPassword,SignUp,RecoverPassword'); if (!isset ($insideLogin)) { if ($cEmail == 'guest') $PersistentCookie = 'no'; @@ -42,7 +36,6 @@ if (!isset ($insideLogin)) { $cEmail = htmlspecialchars (strip_tags ($cEmail)); $openid_identifier = htmlspecialchars (strip_tags ($openid_identifier)); -$feedurl = strip_tags (urldecode ($feedurl)); $validPass = true; $validPassLen = true; @@ -88,17 +81,16 @@ else if ($fbConnect && isset ($CONF['fb.app_id']) && $fb_uid = $fb->getUser (); if ($fb_uid) { $insideFB = $fb_sig_in_iframe == '1' ? true : false; - $message = $_SESSION['session']->fb_login ($fb, $fb_uid, $insideFB, - $feedurl); + $message = $_SESSION['session']->fb_login ($fb, $fb_uid, $insideFB); } } } else if ($SignIn) { if (!empty ($openid_identifier)) { - $message = $_SESSION['session']->openid1 ($openid_identifier, $feedurl); + $message = $_SESSION['session']->openid1 ($openid_identifier); } - else if (!$_SESSION['session']->login ($cEmail, $cPassword, $feedurl)) + else if (!$_SESSION['session']->login ($cEmail, $cPassword)) $message = _('E-mail and password do not match.'); } else if ($RecoverPassword) @@ -166,8 +158,7 @@ else ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <?php -echo '<html xmlns="http://www.w3.org/1999/xhtml" - xmlns:fb="http://www.facebook.com/2008/fbml">'; +echo '<html xmlns="http://www.w3.org/1999/xhtml">'; ?> <head> @@ -197,24 +188,25 @@ echo '<html xmlns="http://www.w3.org/1999/xhtml" <td align="right"><?php echo _('Password: '); ?></td> <td align="left"><input type="password" id="cPassword" name="cPassword" style="width:95%" maxlength="255" /></td> </tr> - <tr id="trOpenID"> - <td align="right"><?php echo _('OpenID: '); ?></td> - <td align="left"> - <input type="text" id="openid_identifier" name="openid_identifier" - class="openid_identifier" style="width:90%" maxlength="255" /> - </td> - </tr> - <tr id="trFBConnect"> - <td align="right"><?php echo 'Facebook: '; ?></td> - <td align="left"> - <fb:login-button length="long" onlogin="fb_login()" perms="email" /> + <tr id="trExtAuth"> + <td colspan="2"> + <div class="left"> + <p><?php echo _('Sign in using your account with: '); ?></p> + <p id="providers"> + <a href="#" id="auth-facebook" title="Facebook"></a> + <a href="#" id="auth-google" title="Google"></a> + <a href="#" id="auth-yahoo" title="Yahoo"></a> + <a href="#" id="auth-openid" title="OpenID"></a> + </p> + <div style="clear:both"></div> + </div> </td> </tr> - <tr> - <td align="right"></td> - <td align="left"> - <span id="useOpenID" class="link" style="display:none"><?php echo _('Use OpenID'); ?></span> - <span id="useCommon" class="link"><?php echo _('Use username / password'); ?></span> + <tr id="trOpenID" class="hidden"> + <td align="right"><?php echo _('OpenID: '); ?></td> + <td> + <input type="text" id="openid_identifier" name="openid_identifier" + style="width:90%" maxlength="255" /> </td> </tr> <tr> @@ -222,21 +214,24 @@ echo '<html xmlns="http://www.w3.org/1999/xhtml" <td align="left"><label for="PersistentCookie"><?php echo _('Remember me on this computer.'); ?></label></td> </tr> <tr> - <td><?php if (!empty ($feedurl)) echo '<input type="hidden" name="feedurl" value="'.htmlspecialchars ($feedurl).'" />'; ?></td> + <td align="right"></td> <td align="left"> <input type="submit" id="SignIn" name="SignIn" value="<?php echo _('Sign in'); ?>" /> - <?php echo '(<a id="l0" href="http://blog.cheetah-news.com/2008/09/ssl-certificate/">'._('About SSL').'</a>)'; ?> + <span id="l0wrap" class="hidden"> + <?php echo '(<a id="l0" href="http://blog.cheetah-news.com/2008/09/ssl-certificate/">'._('About SSL').'</a>)'; ?> + </span> </td> </tr> <tr style="height:10px"><td></td></tr> - <tr id="trForgotPassword"> - <td colspan="2" align="left"> - <span id="forgotPassword" class="link"><?php echo _('Forgot your password?'); ?></span> + <tr> + <td align="left" colspan="2"> + <span id="useOpenID" class="link" style="display:none"><?php echo _('Use OpenID'); ?></span> + <span id="useCommon" class="link"><?php echo _('Use e-mail / password'); ?></span> </td> </tr> - <tr id="trWhatIsOpenID"> + <tr id="trForgotPassword"> <td colspan="2" align="left"> - <a id="whatIsOpenID" href="http://www.wikipedia.org/wiki/OpenID"><?php echo _('What is OpenID?'); ?></a> + <span id="forgotPassword" class="link"><?php echo _('Forgot your password?'); ?></span> </td> </tr> <tr> @@ -260,20 +255,24 @@ echo '<html xmlns="http://www.w3.org/1999/xhtml" <tr> <td align="right" colspan="2"> <script type="text/javascript"> - var addthis_pub = 'wojciechpolak'; - var addthis_url = 'http://www.cheetah-news.com/'; - var addthis_title = 'Cheetah News -- Web-based Personal News Aggregator'; - var addthis_logo = 'http://www.cheetah-news.com/favicon.ico'; - var addthis_logo_background = 'ffffff'; - var addthis_logo_color = '666699'; - var addthis_brand = 'Cheetah News'; - var addthis_options = 'delicious,twitter,facebook,friendfeed,googlebuzz,google,stumbleupon,digg,reddit,more'; + var addthis_config = { + username: 'wojciechpolak', + ui_cobrand: 'Cheetah News', + ui_header_color: '#ffffff', + ui_header_background: '#000000', + data_track_clickback: false, + services_compact: 'delicious,twitter,facebook,friendfeed,googlebuzz,google,stumbleupon,digg,reddit,more' + }; + var addthis_share = { + url: 'http://www.cheetah-news.com/', + title: 'Cheetah News -- Web-based Personal News Aggregator' + }; </script> - <a href="http://www.addthis.com/bookmark.php?v=20" onmouseover="return addthis_open(this, '', 'http://www.cheetah-news.com/', 'Cheetah News -- Web-based Personal News Aggregator')" onmouseout="addthis_close()" onclick="return addthis_sendto()"><img src="images/share.png" width="83" height="16" alt="Bookmark and Share" style="border-style:none" /></a> + <a href="http://www.addthis.com/bookmark.php?v=250" class="addthis_button"><img src="images/share.png" width="83" height="16" alt="Bookmark and Share" style="border-style:none" /></a> <?php if (isset ($_SERVER['HTTPS'])) { ?> - <script type="text/javascript" src="https://secure.addthis.com/js/200/addthis_widget.js"></script> + <script type="text/javascript" src="https://secure.addthis.com/js/250/addthis_widget.js"></script> <?php } else { ?> - <script type="text/javascript" src="http://s7.addthis.com/js/200/addthis_widget.js"></script> + <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js"></script> <?php } ?> </td> </tr> @@ -363,7 +362,7 @@ if ($message) <div id="fb-root"></div> <script type="text/javascript" src="http://connect.facebook.net/en_US/all.js"></script> <script type="text/javascript"> -FB.init ({appId: '<?=$CONF['fb.app_id']?>', status: true, cookie: true, xfbml: true}); +FB.init ({appId: '<?=$CONF['fb.app_id']?>', status: true, cookie: true, xfbml: false}); </script> <?php } ?> diff --git a/frontend/openid_manage.php b/frontend/openid_manage.php deleted file mode 100644 index 45fb1d8..0000000 --- a/frontend/openid_manage.php +++ /dev/null @@ -1,183 +0,0 @@ -<?php - -/* - Cheetah News openid_manage.php - Copyright (C) 2008, 2010 Wojciech Polak. - - This program is free software; you can redistribute it and/or modify it - under the terms of the GNU General Public License as published by the - Free Software Foundation; either version 3 of the License, or (at your - option) any later version. - |