From c30342e2f7bde6fda899193f97ce3051cd8b2fdd Mon Sep 17 00:00:00 2001 From: Fabio Comuni Date: Mon, 12 Mar 2012 15:58:59 +0100 Subject: add 'loggin_out' hook --- include/auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/auth.php') diff --git a/include/auth.php b/include/auth.php index fc52684e6..f2975c4c6 100755 --- a/include/auth.php +++ b/include/auth.php @@ -24,7 +24,7 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p if(((x($_POST,'auth-params')) && ($_POST['auth-params'] === 'logout')) || ($a->module === 'logout')) { // process logout request - + call_hooks("logging_out"); nuke_session(); info( t('Logged out.') . EOL); goaway(z_root()); -- cgit v1.2.3 From 9e133d6412945f84f858d4bfde26c69f9e1afbfd Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 19 Mar 2012 15:03:09 -0700 Subject: refactor openid logins/registrations --- include/auth.php | 29 ++++------------------------- 1 file changed, 4 insertions(+), 25 deletions(-) (limited to 'include/auth.php') diff --git a/include/auth.php b/include/auth.php index fc52684e6..faf922199 100755 --- a/include/auth.php +++ b/include/auth.php @@ -77,7 +77,7 @@ else { $noid = get_config('system','no_openid'); - $openid_url = trim( (strlen($_POST['openid_url'])?$_POST['openid_url']:$_POST['username']) ); + $openid_url = trim((strlen($_POST['openid_url'])?$_POST['openid_url']:$_POST['username']) ); // validate_url alters the calling parameter @@ -99,30 +99,9 @@ else { $openid->identity = $openid_url; $_SESSION['openid'] = $openid_url; $a = get_app(); - $openid->returnUrl = $a->get_baseurl() . '/openid'; - - $r = q("SELECT `uid` FROM `user` WHERE `openid` = '%s' LIMIT 1", - dbesc($openid_url) - ); - if(count($r)) { - // existing account - goaway($openid->authUrl()); - // NOTREACHED - } - else { - if($a->config['register_policy'] == REGISTER_CLOSED) { - $a = get_app(); - notice( t('Login failed.') . EOL); - goaway(z_root()); - // NOTREACHED - } - // new account - $_SESSION['register'] = 1; - $openid->required = array('namePerson/friendly', 'contact/email', 'namePerson'); - $openid->optional = array('namePerson/first','media/image/aspect11','media/image/default'); - goaway($openid->authUrl()); - // NOTREACHED - } + $openid->returnUrl = $a->get_baseurl(true) . '/openid'; + goaway($openid->authUrl()); + // NOTREACHED } } if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') { -- cgit v1.2.3 From 5a5aadb743e055530aa071dd3e47705a3bf5d728 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 19 Mar 2012 21:58:21 -0700 Subject: add IP address to failed login log message --- include/auth.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include/auth.php') diff --git a/include/auth.php b/include/auth.php index 4e246e354..835616a82 100755 --- a/include/auth.php +++ b/include/auth.php @@ -104,6 +104,7 @@ else { // NOTREACHED } } + if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') { $record = null; @@ -144,7 +145,7 @@ else { } if((! $record) || (! count($record))) { - logger('authenticate: failed login attempt: ' . notags(trim($_POST['username']))); + logger('authenticate: failed login attempt: ' . notags(trim($_POST['username'])) . ' from IP ' . $_SERVER['REMOTE_ADDR']); notice( t('Login failed.') . EOL ); goaway(z_root()); } -- cgit v1.2.3