. */ require_once 'lib/include.php'; require_once 'Auth/OpenID/Consumer.php'; require_once 'Auth/OpenID/FileStore.php'; require_once 'Auth/OpenID/SReg.php'; start_session (null, true); $session->auth ('iflogged'); $qs = false; $message = ''; postvars ('add'); getvars ('remove'); $add = trim (strip_tags ($add)); $remove = trim (strip_tags ($remove)); if ($session->status['afterlogged'] != 'yes' || $session->email == 'guest') { $message = _('You are using a guest account. You must register in order to do this.'); $qs = true; } else if (isset ($_GET['openid_mode']) && !empty ($_GET['openid_mode'])) { $store = new Auth_OpenID_FileStore ($CONF['openIdStorePath']); $consumer = new Auth_OpenID_Consumer ($store); $return_to = isset ($_GET['openid_return_to']) ? $_GET['openid_return_to'] : ''; $response = $consumer->complete ($return_to); if ($response->status == Auth_OpenID_CANCEL) { $message = _('Verification cancelled.'); } else if ($response->status == Auth_OpenID_FAILURE) { $message = sprintf (_('OpenID authentication failed: %s'), $response->message); } else if ($response->status == Auth_OpenID_SUCCESS) { $identity = $response->identity_url; if ($identity[strlen ($identity) - 1] == '/') $identity = substr ($identity, 0, -1); $db = new Database (); $db->query ("SELECT id FROM openid WHERE identity='". $db->escape ($identity)."'"); if ($db->next_record ()) { $message = _('This OpenID is already attached.'); } else { $db->query ("INSERT INTO openid SET userid='".$session->id. "', identity='".$db->escape ($identity)."'"); $message = _('Your OpenID has been successfully attached.'); } } } else if (!empty ($add)) { $process_url = $CONF['secureProto'].'://'.$CONF['site'].'/openid_manage'; $trust_root = $CONF['secureProto'].'://'.$CONF['site'].'/'; $store = new Auth_OpenID_FileStore ($CONF['openIdStorePath']); $consumer = new Auth_OpenID_Consumer ($store); $auth_request = $consumer->begin ($add); if (!$auth_request) { $message = _('OpenID authentication failed.'); } else { if (strpos ($add, 'http://') !== 0) $add = 'http://'.$add; if ($add[strlen ($add) - 1] == '/') $add = substr ($add, 0, -1); $db = new Database (); $db->query ("SELECT id FROM openid WHERE identity='".$db->escape ($add)."'"); if (!$db->next_record ()) { $sreg_request = Auth_OpenID_SRegRequest::build (null, null, 'http://'.$CONF['site'].'/privacy'); if ($sreg_request) $auth_request->addExtension ($sreg_request); $redirect_url = $auth_request->redirectURL ($trust_root, $process_url); redirect ($redirect_url); } else $message = _('This OpenID is already attached.'); } } else if (!empty ($remove)) { $db = new Database (); $db->query ("DELETE FROM openid WHERE userid='".$session->id. "' AND identity='".$db->escape ($remove)."'"); redirect ('openid_manage'); } ?>