diff options
Diffstat (limited to 'mod')
-rw-r--r-- | mod/item.php | 10 | ||||
-rw-r--r-- | mod/openid.php | 51 |
2 files changed, 47 insertions, 14 deletions
diff --git a/mod/item.php b/mod/item.php index fa7720791..dc005bb20 100644 --- a/mod/item.php +++ b/mod/item.php @@ -453,6 +453,16 @@ function item_post(&$a) { * the post and we should keep it private. If it's encrypted we have no way of knowing * so we'll set the permissions regardless and realise that the media may not be * referenced in the post. + * + * What is preventing us from being able to upload photos into comments is dealing with + * the photo and attachment permissions, since we don't always know who was in the + * distribution for the top level post. + * + * We might be able to provide this functionality with a lot of fiddling: + * - if the top level post is public (make the photo public) + * - if the top level post was written by us or a wall post that belongs to us (match the top level post) + * - if the top level post has privacy mentions, add those to the permissions. + * - otherwise disallow the photo *or* make the photo public. This is the part that gets messy. */ if(! $preview) { diff --git a/mod/openid.php b/mod/openid.php index 6f97c6fb9..e1c71f9ee 100644 --- a/mod/openid.php +++ b/mod/openid.php @@ -52,8 +52,9 @@ function openid_content(&$a) { } // Successful OpenID login - but we can't match it to an existing account. + // See if they've got an xchan - $r = q("select * from xchan where xchan_hash = '%s' limit 1", + $r = q("select * from xconfig left join xchan on xchan_hash = xconfig.xchan where cat = 'system' and k = 'openid' and v = '%s' limit 1", dbesc($authid) ); @@ -73,7 +74,22 @@ function openid_content(&$a) { goaway(z_root()); } + // no xchan... + // create one. + // We should probably probe the openid url. + + $name = $authid; + $url = $_REQUEST['openid_identity']; + if(strpos($url,'http') === false) + $url = 'https://' . $url; + $pphoto = get_default_profile_photo(); + $parsed = @parse_url($url); + if($parsed) { + $host = $parsed['host']; + } + $attr = $openid->getAttributes(); + if(is_array($attr) && count($attr)) { foreach($attr as $k => $v) { if($k === 'namePerson/friendly') @@ -81,30 +97,37 @@ function openid_content(&$a) { if($k === 'namePerson/first') $first = notags(trim($v)); if($k === 'namePerson') - $args .= '&username=' . notags(trim($v)); + $name = notags(trim($v)); if($k === 'contact/email') - $args .= '&email=' . notags(trim($v)); + $addr = notags(trim($v)); if($k === 'media/image/aspect11') - $photosq = bin2hex(trim($v)); + $photosq = trim($v); if($k === 'media/image/default') - $photo = bin2hex(trim($v)); + $photo_other = trim($v); } } - if($nick) - $args .= '&nickname=' . $nick; - elseif($first) - $args .= '&nickname=' . $first; + if(! $nick) { + if($first) + $nick = $first; + else + $nick = $name; + } + require_once('library/urlify/URLify.php'); + $x = strtolower(URLify::transliterate($nick)); + if(! $addr) + $addr = $nick . '@' . $host; + $network = 'unknown'; + if($photosq) - $args .= '&photo=' . $photosq; + $pphoto = $photosq; elseif($photo) - $args .= '&photo=' . $photo; - - $args .= '&openid_url=' . notags(trim($authid)); + $pphoto = $photo; - goaway($a->get_baseurl() . '/register' . $args); + // add the xchan record and xconfig for the openid // NOTREACHED + // actually it is reached until the other bits get written } } notice( t('Login failed.') . EOL); |