diff options
| author | Fabio Comuni <fabrix.xm@gmail.com> | 2011-11-07 17:38:30 +0100 |
|---|---|---|
| committer | Fabio Comuni <fabrix.xm@gmail.com> | 2011-11-07 17:38:30 +0100 |
| commit | 4407fc2c5d47ee1a7dfb8bfdfd47e73b22ec7e2a (patch) | |
| tree | 7ea864a6a7acf9f8f6475add1cae20707d2a6463 | |
| parent | b464b819a15b5b9d62be810dd44a1111d35963d8 (diff) | |
| download | volse-hubzilla-4407fc2c5d47ee1a7dfb8bfdfd47e73b22ec7e2a.tar.gz volse-hubzilla-4407fc2c5d47ee1a7dfb8bfdfd47e73b22ec7e2a.tar.bz2 volse-hubzilla-4407fc2c5d47ee1a7dfb8bfdfd47e73b22ec7e2a.zip | |
oauth apps/authorization management in settings page
| -rw-r--r-- | mod/settings.php | 119 | ||||
| -rw-r--r-- | view/settings_oauth.tpl | 26 | ||||
| -rw-r--r-- | view/settings_oauth_edit.tpl | 17 |
3 files changed, 160 insertions, 2 deletions
diff --git a/mod/settings.php b/mod/settings.php index ca9b4bd54..2b9cde735 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -47,6 +47,58 @@ function settings_post(&$a) { return; } + if(($a->argc > 1) && ($a->argv[1] === 'oauth') && x($_POST,'remove')){ + $key = $_POST['remove']; + q("DELETE FROM tokens WHERE id='%s' AND uid=%d", + dbesc($key), + local_user()); + goaway($a->get_baseurl()."/settings/oauth/"); + return; + } + + if(($a->argc > 2) && ($a->argv[1] === 'oauth') && ($a->argv[2] === 'edit') && x($_POST,'submit')) { + + $name = ((x($_POST,'name')) ? $_POST['name'] : ''); + $key = ((x($_POST,'key')) ? $_POST['key'] : ''); + $secret = ((x($_POST,'secret')) ? $_POST['secret'] : ''); + $redirect = ((x($_POST,'redirect')) ? $_POST['redirect'] : ''); + $icon = ((x($_POST,'icon')) ? $_POST['icon'] : ''); + if ($name=="" || $key=="" || $secret==""){ + notice(t("Missing some important data!")); + + } else { + if ($_POST['submit']==t("Update")){ + $r = q("UPDATE clients SET + client_id='%s', + pw='%s', + name='%s', + redirect_uri='%s', + icon='%s', + uid=%d + WHERE client_id='%s'", + dbesc($key), + dbesc($secret), + dbesc($name), + dbesc($redirect), + dbesc($icon), + local_user(), + dbesc($key)); + } else { + $r = q("INSERT INTO clients + (client_id, pw, name, redirect_uri, icon, uid) + VALUES ('%s','%s','%s','%s','%s',%d)", + dbesc($key), + dbesc($secret), + dbesc($name), + dbesc($redirect), + dbesc($icon), + local_user()); + } + } + goaway($a->get_baseurl()."/settings/oauth/"); + return; + } + if(($a->argc > 1) && ($a->argv[1] == 'addon')) { call_hooks('plugin_settings_post', $_POST); return; @@ -358,10 +410,77 @@ function settings_content(&$a) { if(($a->argc > 1) && ($a->argv[1] === 'oauth')) { + if(($a->argc > 2) && ($a->argv[2] === 'add')) { + $tpl = get_markup_template("settings_oauth_edit.tpl"); + $o .= replace_macros($tpl, array( + '$tabs' => $tabs, + '$title' => t('Add application'), + '$submit' => t('Submit'), + '$cancel' => t('Cancel'), + '$name' => array('name', t('Name'), '', ''), + '$key' => array('key', t('Consumer Key'), '', ''), + '$secret' => array('secret', t('Consumer Secret'), '', ''), + '$redirect' => array('redirect', t('Redirect'), '', ''), + '$icon' => array('icon', t('Icon url'), '', ''), + )); + return $o; + } + + if(($a->argc > 3) && ($a->argv[2] === 'edit')) { + $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", + dbesc($a->argv[3]), + local_user()); + + if (!count($r)){ + notice(t("You can't edit this application.")); + return; + } + $app = $r[0]; + + $tpl = get_markup_template("settings_oauth_edit.tpl"); + $o .= replace_macros($tpl, array( + '$tabs' => $tabs, + '$title' => t('Add application'), + '$submit' => t('Update'), + '$cancel' => t('Cancel'), + '$name' => array('name', t('Name'), $app['name'] , ''), + '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), + '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), + '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), + '$icon' => array('icon', t('Icon url'), $app['icon'], ''), + )); + return $o; + } + + if(($a->argc > 3) && ($a->argv[2] === 'delete')) { + $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", + dbesc($a->argv[3]), + local_user()); + goaway($a->get_baseurl()."/settings/oauth/"); + return; + } + + + $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my + FROM clients + LEFT JOIN tokens ON clients.client_id=tokens.client_id + WHERE clients.uid IN (%d,0)", + local_user(), + local_user()); + + $tpl = get_markup_template("settings_oauth.tpl"); $o .= replace_macros($tpl, array( + '$baseurl' => $a->get_baseurl(), '$title' => t('Connected Apps'), + '$add' => t('Add application'), + '$edit' => t('Edit'), + '$delete' => t('Delete'), + '$consumerkey' => t('Client key starts with'), + '$noname' => t('No name'), + '$remove' => t('Remove authorization'), '$tabs' => $tabs, + '$apps' => $r, )); return $o; diff --git a/view/settings_oauth.tpl b/view/settings_oauth.tpl index 87fd6d1ee..bc5866bec 100644 --- a/view/settings_oauth.tpl +++ b/view/settings_oauth.tpl @@ -3,8 +3,30 @@ $tabs <h1>$title</h1> -<form action="settings/addon" method="post" autocomplete="off"> +<form action="settings/oauth" method="post" autocomplete="off"> + + <div id="profile-edit-links"> + <ul> + <li> + <a id="profile-edit-view-link" href="$baseurl/settings/oauth/add">$add</a> + </li> + </ul> + </div> -$settings_addons + {{ for $apps as $app }} + <div class='oauthapp'> + <img src='$app.icon' class="{{ if $app.icon }} {{ else }}noicon{{ endif }}"> + {{ if $app.name }}<h4>$app.name</h4>{{ else }}<h4>$noname</h4>{{ endif }} + {{ if $app.my }} + {{ if $app.oauth_token }} + <div class="settings-submit-wrapper" ><button class="settings-submit" type="submit" name="remove" value="$app.oauth_token">$remove</button></div> + {{ endif }} + {{ endif }} + {{ if $app.my }} + <a href="$baseurl/settings/oauth/edit/$app.client_id" class="icon edit" title="$edit"> </a> + <a href="$baseurl/settings/oauth/delete/$app.client_id" class="icon drop" title="$delete"> </a> + {{ endif }} + </div> + {{ endfor }} </form> diff --git a/view/settings_oauth_edit.tpl b/view/settings_oauth_edit.tpl new file mode 100644 index 000000000..98b7457aa --- /dev/null +++ b/view/settings_oauth_edit.tpl @@ -0,0 +1,17 @@ +$tabs + +<h1>$title</h1> + +<form method="POST"> +{{ inc field_input.tpl with $field=$name }}{{ endinc }} +{{ inc field_input.tpl with $field=$key }}{{ endinc }} +{{ inc field_input.tpl with $field=$secret }}{{ endinc }} +{{ inc field_input.tpl with $field=$redirect }}{{ endinc }} +{{ inc field_input.tpl with $field=$icon }}{{ endinc }} + +<div class="settings-submit-wrapper" > +<input type="submit" name="submit" class="settings-submit" value="$submit" /> +<input type="submit" name="cancel" class="settings-submit" value="$cancel" /> +</div> + +</form> |