diff options
Diffstat (limited to 'plugins/openid')
| -rw-r--r-- | plugins/openid/admin_panels.php | 180 | ||||
| -rw-r--r-- | plugins/openid/comments.php | 236 | ||||
| -rw-r--r-- | plugins/openid/common.php | 519 | ||||
| -rw-r--r-- | plugins/openid/consumer.php | 157 | ||||
| -rw-r--r-- | plugins/openid/lib/Auth/OpenID/SQLStore.php | 2 | ||||
| -rw-r--r-- | plugins/openid/lib/Auth/OpenID/Server.php | 2 | ||||
| -rw-r--r-- | plugins/openid/openid.php | 13 | ||||
| -rw-r--r-- | plugins/openid/readme.txt | 8 | ||||
| -rw-r--r-- | plugins/openid/server.php | 414 | ||||
| -rw-r--r-- | plugins/openid/server_ext.php | 6 |
10 files changed, 809 insertions, 728 deletions
diff --git a/plugins/openid/admin_panels.php b/plugins/openid/admin_panels.php index ed65dc6a..d40bb8e8 100644 --- a/plugins/openid/admin_panels.php +++ b/plugins/openid/admin_panels.php @@ -10,7 +10,7 @@ add_action( 'admin_init', 'openid_admin_register_settings' ); add_action( 'admin_menu', 'openid_admin_panels' ); add_action( 'personal_options_update', 'openid_personal_options_update' ); add_action( 'openid_finish_auth', 'openid_finish_verify', 10, 2 ); -add_filter( 'pre_update_option_openid_cap', 'openid_set_cap', 10, 2); +add_filter( 'pre_update_option_openid_cap', 'openid_set_cap', 10, 2 ); /** @@ -19,51 +19,57 @@ add_filter( 'pre_update_option_openid_cap', 'openid_set_cap', 10, 2); * @action: admin_menu **/ function openid_admin_panels() { - add_filter('plugin_action_links', 'openid_plugin_action_links', 10, 2); + add_filter( 'plugin_action_links', 'openid_plugin_action_links', 10, 2 ); // global options page - $hookname = add_options_page(__('OpenID options', 'openid'), __('OpenID', 'openid'), 'manage_options', 'openid', 'openid_options_page' ); - add_action("load-$hookname", create_function('', 'add_thickbox();')); - add_action("load-$hookname", 'openid_style'); + $hookname = add_options_page( __( 'OpenID options', 'openid' ), __( 'OpenID', 'openid' ), 'manage_options', 'openid', 'openid_options_page' ); + add_action( "load-$hookname", function() { + add_thickbox(); + } ); + add_action( "load-$hookname", 'openid_style' ); // all users can setup external OpenIDs - $hookname = add_users_page(__('Your OpenIDs', 'openid'), __('Your OpenIDs', 'openid'), 'read', 'your_openids', 'openid_profile_panel' ); - add_action("load-$hookname", create_function('', 'wp_enqueue_script("admin-forms");')); - add_action("load-$hookname", 'openid_profile_management' ); - add_action("load-$hookname", 'openid_style' ); + $hookname = add_users_page( __( 'Your OpenIDs', 'openid' ), __( 'Your OpenIDs', 'openid' ), 'read', 'your_openids', 'openid_profile_panel' ); + add_action( "load-$hookname", function() { + wp_enqueue_script( 'admin-forms' ); + } ); + add_action( "load-$hookname", 'openid_profile_management' ); + add_action( "load-$hookname", 'openid_style' ); // additional options for users authorized to use OpenID provider $user = wp_get_current_user(); - if ($user->has_cap('use_openid_provider')) { - add_action('show_user_profile', 'openid_extend_profile', 5); - add_action('profile_update', 'openid_profile_update'); - add_action('user_profile_update_errors', 'openid_profile_update_errors', 10, 3); - add_action('load-profile.php', 'openid_style'); - - if (!get_user_meta($user->ID, 'openid_delegate', true)) { - $hookname = add_submenu_page('profile.php', __('Your Trusted Sites', 'openid'), - __('Your Trusted Sites', 'openid'), 'read', 'openid_trusted_sites', 'openid_manage_trusted_sites' ); - add_action("load-$hookname", 'openid_style' ); - add_action("load-$hookname", create_function('', 'wp_enqueue_script("admin-forms");')); + if ( $user->has_cap( 'use_openid_provider' ) ) { + add_action( 'show_user_profile', 'openid_extend_profile', 5 ); + add_action( 'profile_update', 'openid_profile_update' ); + add_action( 'user_profile_update_errors', 'openid_profile_update_errors', 10, 3 ); + add_action( 'load-profile.php', 'openid_style' ); + + if ( ! get_user_meta( $user->ID, 'openid_delegate', true ) ) { + $hookname = add_submenu_page( 'profile.php', __( 'Your Trusted Sites', 'openid' ), + __( 'Your Trusted Sites', 'openid' ), 'read', 'openid_trusted_sites', 'openid_manage_trusted_sites' ); + add_action( "load-$hookname", 'openid_style' ); + add_action( "load-$hookname", function() { + wp_enqueue_script( 'admin-forms' ); + } ); } } - if ( function_exists('is_site_admin') ) { + if ( function_exists( 'is_site_admin' ) ) { // add OpenID options to WPMU Site Admin page - add_action('wpmu_options', 'openid_wpmu_options'); - add_action('update_wpmu_options', 'openid_update_wpmu_options'); + add_action( 'wpmu_options', 'openid_wpmu_options' ); + add_action( 'update_wpmu_options', 'openid_update_wpmu_options' ); } else { // add OpenID options to General Settings page. For now, the only option on this page is dependent on the // 'users_can_register' option, so only add the OpenID Settings if that is set. If additional OpenID settings // are added to the General Settings page, this check may no longer be necessary - if ( get_option('users_can_register') ) { - add_settings_field('openid_general_settings', __('OpenID Settings', 'openid'), 'openid_general_settings', - 'general', 'default'); + if ( get_option( 'users_can_register' ) ) { + add_settings_field( 'openid_general_settings', __( 'OpenID Settings', 'openid' ), 'openid_general_settings', + 'general', 'default'); } } // add OpenID options to Discussion Settings page - add_settings_field('openid_disucssion_settings', __('OpenID Settings', 'openid'), 'openid_discussion_settings', 'discussion', 'default'); + add_settings_field( 'openid_disucssion_settings', __( 'OpenID Settings', 'openid' ), 'openid_discussion_settings', 'discussion', 'default' ); } @@ -71,14 +77,14 @@ function openid_admin_panels() { * Register OpenID admin settings. */ function openid_admin_register_settings() { - register_setting('general', 'openid_required_for_registration'); + register_setting( 'general', 'openid_required_for_registration' ); - register_setting('discussion', 'openid_no_require_name'); - register_setting('discussion', 'openid_enable_approval'); - register_setting('discussion', 'openid_enable_commentform'); + register_setting( 'discussion', 'openid_no_require_name' ); + register_setting( 'discussion', 'openid_enable_approval' ); + register_setting( 'discussion', 'openid_enable_commentform' ); - register_setting('openid', 'openid_blog_owner'); - register_setting('openid', 'openid_cap'); + register_setting( 'openid', 'openid_blog_owner' ); + register_setting( 'openid', 'openid_cap' ); } @@ -86,22 +92,26 @@ function openid_admin_register_settings() { * Intercept the call to set the openid_cap option. Instead of storing * this in the options table, set the capability on the appropriate roles. */ -function openid_set_cap($newvalue, $oldvalue) { +function openid_set_cap( $newvalue, $oldvalue ) { global $wp_roles; $newvalue = (array) $newvalue; - foreach ($wp_roles->role_names as $key => $name) { - $role = $wp_roles->get_role($key); - if (array_key_exists($key, $newvalue) && $newvalue[$key] == 'on') { + foreach ( $wp_roles->role_names as $key => $name ) { + $role = $wp_roles->get_role( $key ); + if ( array_key_exists( $key, $newvalue ) && 'on' == $newvalue[ $key ] ) { $option_set = true; } else { $option_set = false; } - if ($role->has_cap('use_openid_provider')) { - if (!$option_set) $role->remove_cap('use_openid_provider'); + if ( $role->has_cap( 'use_openid_provider' ) ) { + if ( ! $option_set ) { + $role->remove_cap( 'use_openid_provider' ); + } } else { - if ($option_set) $role->add_cap('use_openid_provider'); + if ( $option_set ) { + $role->add_cap( 'use_openid_provider' ); + } } } @@ -112,11 +122,11 @@ function openid_set_cap($newvalue, $oldvalue) { /** * Add settings link to plugin page. */ -function openid_plugin_action_links($links, $file) { +function openid_plugin_action_links( $links, $file ) { $this_plugin = openid_plugin_file(); - if($file == $this_plugin) { - $links[] = '<a href="options-general.php?page=openid">' . __('Settings') . '</a>'; + if ( $file == $this_plugin ) { + $links[] = '<a href="options-general.php?page=openid">' . __( 'Settings' ) . '</a>'; } return $links; @@ -131,92 +141,92 @@ function openid_plugin_action_links($links, $file) { function openid_options_page() { global $wpdb, $wp_roles; - if ( isset($_REQUEST['action']) ) { - switch($_REQUEST['action']) { - case 'rebuild_tables' : - check_admin_referer('rebuild_tables'); + if ( isset( $_REQUEST['action'] ) ) { + switch ( $_REQUEST['action'] ) { + case 'rebuild_tables': + check_admin_referer( 'rebuild_tables' ); $store = openid_getStore(); $store->reset(); - echo '<div class="updated"><p><strong>'.__('OpenID cache refreshed.', 'openid').'</strong></p></div>'; + echo '<div class="updated"><p><strong>' . __( 'OpenID cache refreshed.', 'openid' ) . '</strong></p></div>'; break; } } // Display the options page form - - screen_icon('openid'); ?> <style type="text/css"> - #icon-openid { background-image: url("<?php echo plugin_dir_url(__FILE__) . 'f/icon.png'; ?>"); } + #icon-openid { background-image: url( "<?php echo plugin_dir_url( __FILE__ ) . 'f/icon.png'; ?>" ); } </style> <div class="wrap"> <form method="post" action="options.php"> - <h2><?php _e('OpenID Settings', 'openid') ?></h2> + <h2><?php _e( 'OpenID Settings', 'openid' ); ?></h2> - <div class="updated fade"><p><?php _e('Please note that all OpenID Consumer options have been moved to their respective sections of the ' - . '<a href="options-general.php">General Settings</a> and <a href="options-discussion.php">Discussion Settings</a> pages.', 'openid') ?></p></div> + <div class="updated fade"><p><?php _e( 'Please note that all OpenID Consumer options have been moved to their respective sections of the ' + . '<a href="options-general.php">General Settings</a> and <a href="options-discussion.php">Discussion Settings</a> pages.', 'openid' ); ?></p></div> <?php $current_user = wp_get_current_user(); - $current_user_url = get_author_posts_url($current_user->ID); + $current_user_url = get_author_posts_url( $current_user->ID ); ?> - <p><?php _e('The OpenID Provider allows authorized ' + <p><?php _e( 'The OpenID Provider allows authorized ' . 'users to use their author URL as an OpenID, either using their ' - . 'local WordPress username and password, or by delegating to another OpenID Provider.', 'openid'); ?></p> + . 'local WordPress username and password, or by delegating to another OpenID Provider.', 'openid' ); ?></p> <table class="form-table optiontable editform"> <tr valign="top"> - <th scope="row"><?php _e('Enable OpenID', 'openid') ?></th> + <th scope="row"><?php _e( 'Enable OpenID', 'openid' ); ?></th> <td> - <p><?php _e('Enable the local OpenID Provider for these roles:', 'openid'); ?></p> + <p><?php _e( 'Enable the local OpenID Provider for these roles:', 'openid' ); ?></p> <p> - <?php - foreach ($wp_roles->role_names as $key => $name) { - $name = _x($name, null); - $role = $wp_roles->get_role($key); - $checked = $role->has_cap('use_openid_provider') ? ' checked="checked"' : ''; - $option_name = 'openid_cap[' . htmlentities($key) . ']'; - echo '<input type="checkbox" id="'.$option_name.'" name="'.$option_name.'"'.$checked.' /><label for="'.$option_name.'"> '.$name.'</label><br />' . "\n"; - } - ?> + <?php + foreach ( $wp_roles->role_names as $key => $name ) { + $name = _x( $name, null ); + $role = $wp_roles->get_role( $key ); + $checked = $role->has_cap( 'use_openid_provider' ) ? ' checked="checked"' : ''; + $option_name = 'openid_cap[' . htmlentities( $key ) . ']'; + echo '<input type="checkbox" id="' . $option_name . '" name="' . $option_name . '"' . $checked . ' /><label for="' . $option_name . '"> ' . $name . '</label><br />' . PHP_EOL; + } + ?> </p> </td> </tr> <?php $users = get_users(); - $users = array_filter($users, create_function('$u', '$u = new WP_User($u->ID); return $u->has_cap("use_openid_provider");')); + $users = array_filter( $users, function( $u ) { + $u = new WP_User( $u->ID ); + return $u->has_cap( 'use_openid_provider' ); + } ); - if (!empty($users)): - ?> + if ( ! empty( $users ) ): + ?> <tr valign="top"> <th scope="row"><?php _e('Blog Owner', 'openid') ?></th> <td> - <p><?php printf(__('Authorized accounts on this blog can use their author URL (i.e. <em>%1$s</em>) as an OpenID. ' - . 'The Blog Owner will be able to use the blog address (%2$s) as their OpenID. If this is a ' - . 'single-user blog, you should set this to your account.', 'openid'), - sprintf('<a href="%1$s">%1$s</a>', $current_user_url), sprintf('<a href="%1$s">%1$s</a>', trailingslashit(get_option('home'))) - ); ?> - </p> + <p><?php printf( __( 'Authorized accounts on this blog can use their author URL (i.e. <em>%1$s</em>) as an OpenID. ' + . 'The Blog Owner will be able to use the blog address (%2$s) as their OpenID. If this is a ' + . 'single-user blog, you should set this to your account.', 'openid'), + sprintf( '<a href="%1$s">%1$s</a>', $current_user_url ), sprintf('<a href="%1$s">%1$s</a>', trailingslashit( get_option( 'home') ) ) + ); ?></p> <?php - if (defined('OPENID_DISALLOW_OWNER') && OPENID_DISALLOW_OWNER) { + if ( defined( 'OPENID_DISALLOW_OWNER' ) && OPENID_DISALLOW_OWNER ) { echo ' - <p class="error">' . __('A Blog Owner cannot be set for this blog. To set a Blog Owner, ' - . 'first remove the following line from your <code>wp-config.php</code>:', 'openid') - . '<br /><code style="margin:1em;">define("OPENID_DISALLOW_OWNER", 1);</code> + <p class="error">' . __( 'A Blog Owner cannot be set for this blog. To set a Blog Owner, ' + . 'first remove the following line from your <code>wp-config.php</code>:', 'openid') + . '<br /><code style="margin:1em;">define("OPENID_DISALLOW_OWNER", 1);</code> </p>'; } else { - $blog_owner = get_option('openid_blog_owner'); + $blog_owner = get_option( 'openid_blog_owner' ); - if (empty($blog_owner) || $blog_owner == $current_user->user_login) { + if ( empty( $blog_owner ) || $blog_owner == $current_user->user_login) { echo '<select id="openid_blog_owner" name="openid_blog_owner"><option value="">' . __('(none)', 'openid') . '</option>'; @@ -283,8 +293,6 @@ function openid_profile_panel() { echo '<div class="error"><p><strong>'.__('Error:', 'openid').'</strong> '.$error.'</p></div>'; unset($error); } - - screen_icon('openid'); ?> <style type="text/css"> #icon-openid { background-image: url("<?php echo plugin_dir_url(__FILE__) . 'f/icon.png'; ?>"); } @@ -419,8 +427,6 @@ function openid_manage_trusted_sites() { } break; } - - screen_icon('openid'); ?> <style type="text/css"> #icon-openid { background-image: url("<?php echo plugin_dir_url(__FILE__) . 'f/icon.png'; ?>"); } diff --git a/plugins/openid/comments.php b/plugins/openid/comments.php index cd4538b4..1e5bd06d 100644 --- a/plugins/openid/comments.php +++ b/plugins/openid/comments.php @@ -6,35 +6,35 @@ // -- WordPress Hooks -add_action( 'preprocess_comment', 'openid_process_comment', -90); -add_action( 'init', 'openid_setup_akismet'); -add_action( 'akismet_spam_caught', 'openid_akismet_spam_caught'); +add_action( 'preprocess_comment', 'openid_process_comment', -90 ); +add_action( 'init', 'openid_setup_akismet' ); +add_action( 'akismet_spam_caught', 'openid_akismet_spam_caught' ); add_action( 'comment_post', 'update_comment_openid', 5 ); add_filter( 'option_require_name_email', 'openid_option_require_name_email' ); -add_action( 'sanitize_comment_cookies', 'openid_sanitize_comment_cookies', 15); +add_action( 'sanitize_comment_cookies', 'openid_sanitize_comment_cookies', 15 ); add_action( 'openid_finish_auth', 'openid_finish_comment', 10, 2 ); -if( get_option('openid_enable_approval') ) { - add_filter('pre_comment_approved', 'openid_comment_approval'); +if ( get_option( 'openid_enable_approval' ) ) { + add_filter( 'pre_comment_approved', 'openid_comment_approval' ); } -add_filter( 'get_comment_author_link', 'openid_comment_author_link'); -if( get_option('openid_enable_commentform') ) { - add_action( 'wp', 'openid_js_setup', 9); - add_action( 'wp_footer', 'openid_comment_profilelink', 10); - add_action( 'comment_form', 'openid_comment_form', 10); +add_filter( 'get_comment_author_link', 'openid_comment_author_link' ); +if ( get_option( 'openid_enable_commentform' ) ) { + add_action( 'wp', 'openid_js_setup', 9 ); + add_action( 'wp_footer', 'openid_comment_profilelink', 10 ); + add_action( 'comment_form', 'openid_comment_form', 10 ); } -add_filter( 'openid_user_data', 'openid_get_user_data_form', 6, 2); +add_filter( 'openid_user_data', 'openid_get_user_data_form', 6, 2 ); add_action( 'delete_comment', 'unset_comment_openid' ); -add_action( 'init', 'openid_recent_comments'); +add_action( 'init', 'openid_recent_comments' ); /** * Ensure akismet runs before OpenID. */ function openid_setup_akismet() { - if (has_filter('preprocess_comment', 'akismet_auto_check_comment')) { - remove_action('preprocess_comment', 'akismet_auto_check_comment', 1); - add_action('preprocess_comment', 'akismet_auto_check_comment', -99); + if ( has_filter( 'preprocess_comment', 'akismet_auto_check_comment' ) ) { + remove_action( 'preprocess_comment', 'akismet_auto_check_comment', 1 ); + add_action( 'preprocess_comment', 'akismet_auto_check_comment', -99 ); } } @@ -43,7 +43,7 @@ function openid_setup_akismet() { * Akismet caught this comment as spam, so no need to do OpenID discovery on the URL. */ function openid_akismet_spam_caught() { - remove_action( 'preprocess_comment', 'openid_process_comment', -90); + remove_action( 'preprocess_comment', 'openid_process_comment', -90 ); } /** @@ -56,36 +56,40 @@ function openid_akismet_spam_caught() { * @return array comment data */ function openid_process_comment( $comment ) { - if ( array_key_exists('openid_skip', $_REQUEST) && $_REQUEST['openid_skip'] ) return $comment; - if ( $comment['comment_type'] != '' ) return $comment; + if ( array_key_exists( 'openid_skip', $_REQUEST ) && $_REQUEST['openid_skip'] ) { + return $comment; + } + if ( '' != $comment['comment_type'] ) { + return $comment; + } - if ( array_key_exists('openid_identifier', $_POST) ) { + if ( array_key_exists( 'openid_identifier', $_POST ) ) { $openid_url = $_POST['openid_identifier']; } elseif ( $_REQUEST['login_with_openid'] ) { $openid_url = $_POST['url']; } @session_start(); - unset($_SESSION['openid_posted_comment']); + unset( $_SESSION['openid_posted_comment'] ); - if ( !empty($openid_url) ) { // Comment form's OpenID url is filled in. + if ( ! empty( $openid_url ) ) { // Comment form's OpenID url is filled in. $_SESSION['openid_comment_post'] = $_POST; $_SESSION['openid_comment_post']['comment_author_openid'] = $openid_url; $_SESSION['openid_comment_post']['openid_skip'] = 1; - openid_start_login($openid_url, 'comment'); + openid_start_login( $openid_url, 'comment' ); // Failure to redirect at all, the URL is malformed or unreachable. // Display an error message only if an explicit OpenID field was used. Otherwise, // just ignore the error... it just means the user entered a normal URL. - if (array_key_exists('openid_identifier', $_POST)) { - openid_repost_comment_anonymously($_SESSION['openid_comment_post']); + if ( array_key_exists( 'openid_identifier', $_POST ) ) { + openid_repost_comment_anonymously( $_SESSION['openid_comment_post'] ); } } // duplicate name and email check from wp-comments-post.php - if ( $comment['comment_type'] == '') { + if ( '' == $comment['comment_type'] ) { openid_require_name_email( $comment ); } @@ -102,11 +106,11 @@ function openid_require_name_email( $comment ) { $comment_author = $comment['comment_author']; $comment_author_email = $comment['comment_author_email']; - if ( get_option('require_name_email') && !$user->ID ) { - if ( 6 > strlen($comment_author_email) || '' == $comment_author ) { - wp_die( __('Error: please fill the required fields (name, email).', 'openid') ); - } elseif ( !is_email($comment_author_email)) { - wp_die( __('Error: please enter a valid email address.', 'openid') ); + if ( get_option( 'require_name_email' ) && ! $user->ID ) { + if ( 6 > strlen( $comment_author_email ) || '' == $comment_author ) { + wp_die( __( 'Error: please fill the required fields (name, email).', 'openid' ) ); + } elseif ( ! is_email( $comment_author_email ) ) { + wp_die( __( 'Error: please enter a valid email address.', 'openid' ) ); } } } @@ -119,8 +123,8 @@ function openid_require_name_email( $comment ) { * @param string $approved comment approval status * @return string new comment approval status */ -function openid_comment_approval($approved) { - return ($_SESSION['openid_posted_comment'] ? 1 : $approved); +function openid_comment_approval( $approved ) { + return ( $_SESSION['openid_posted_comment'] ? 1 : $approved ); } @@ -136,32 +140,31 @@ function openid_comment_approval($approved) { */ function openid_option_require_name_email( $value ) { - $comment_page = (defined('OPENID_COMMENTS_POST_PAGE') ? OPENID_COMMENTS_POST_PAGE : 'wp-comments-post.php'); + $comment_page = ( defined( 'OPENID_COMMENTS_POST_PAGE' ) ? OPENID_COMMENTS_POST_PAGE : 'wp-comments-post.php' ); - if ($GLOBALS['pagenow'] != $comment_page) { + if ( $GLOBALS['pagenow'] != $comment_page ) { return $value; } - if (array_key_exists('openid_skip', $_REQUEST) && $_REQUEST['openid_skip']) { - return get_option('openid_no_require_name') ? false : $value; + if ( array_key_exists( 'openid_skip', $_REQUEST ) && $_REQUEST['openid_skip'] ) { + return get_option( 'openid_no_require_name' ) ? false : $value; } // make sure we only process this once per request static $bypass; - if ($bypass) { + if ( $bypass ) { return $value; } else { $bypass = true; } - - if (array_key_exists('openid_identifier', $_POST)) { - if( !empty( $_POST['openid_identifier'] ) ) { + if ( array_key_exists( 'openid_identifier', $_POST ) ) { + if ( ! empty( $_POST['openid_identifier'] ) ) { return false; } } else { global $comment_author_url; - if ( !empty($comment_author_url) ) { + if ( ! empty( $comment_author_url ) ) { return false; } } @@ -177,15 +180,15 @@ function openid_option_require_name_email( $value ) { * @wordpress-action sanitize_comment_cookies */ function openid_sanitize_comment_cookies() { - if ( isset($_COOKIE['comment_author_openid_'.COOKIEHASH]) ) { + if ( isset( $_COOKIE[ 'comment_author_openid_' . COOKIEHASH ] ) ) { // this might be an i-name, so we don't want to run clean_url() - remove_filter('pre_comment_author_url', 'clean_url'); + remove_filter( 'pre_comment_author_url', 'clean_url' ); - $comment_author_url = apply_filters('pre_comment_author_url', - $_COOKIE['comment_author_openid_'.COOKIEHASH]); - $comment_author_url = stripslashes($comment_author_url); - $_COOKIE['comment_author_url_'.COOKIEHASH] = $comment_author_url; + $comment_author_url = apply_filters( 'pre_comment_author_url', + $_COOKIE[ 'comment_author_openid_' . COOKIEHASH ] ); + $comment_author_url = stripslashes( $comment_author_url ); + $_COOKIE[ 'comment_author_url_' . COOKIEHASH ] = $comment_author_url; } } @@ -196,11 +199,11 @@ function openid_sanitize_comment_cookies() { * @filter: get_comment_author_link **/ function openid_comment_author_link( $html ) { - if( is_comment_openid() ) { - if (preg_match('/<a[^>]* class=[^>]+>/', $html)) { - return preg_replace( '/(<a[^>]* class=[\'"]?)/', '\\1openid_link ' , $html ); + if ( is_comment_openid() ) { + if ( preg_match( '/<a[^>]* class=[^>]+>/', $html ) ) { + return preg_replace( '/(<a[^>]* class=[\'"]?)/', '\\1openid_link ', $html ); } else { - return preg_replace( '/(<a[^>]*)/', '\\1 class="openid_link"' , $html ); + return preg_replace( '/(<a[^>]*)/', '\\1 class="openid_link"', $html ); } } return $html; @@ -212,17 +215,17 @@ function openid_comment_author_link( $html ) { * * @action post_comment */ -function update_comment_openid($comment_ID) { +function update_comment_openid( $comment_id ) { session_start(); - if ($_SESSION['openid_posted_comment']) { - set_comment_openid($comment_ID); - unset($_SESSION['openid_posted_comment']); + if ( $_SESSION['openid_posted_comment'] ) { + set_comment_openid( $comment_id ); + unset( $_SESSION['openid_posted_comment'] ); } else { - $comment = get_comment($comment_ID); + $comment = get_comment( $comment_id ); - if ( is_user_openid($comment->user_id) ) { - set_comment_openid($comment_ID); + if ( is_user_openid( $comment->user_id ) ) { + set_comment_openid( $comment_id ); } } @@ -237,7 +240,7 @@ function update_comment_openid($comment_ID) { function openid_comment_profilelink() { global $wp_scripts; - if (comments_open() && is_user_openid() && $wp_scripts->query('openid')) { + if ( comments_open() && is_user_openid() && $wp_scripts->query( 'openid' ) ) { echo '<script type="text/javascript">stylize_profilelink()</script>'; } } @@ -251,43 +254,42 @@ function openid_comment_profilelink() { function openid_comment_form() { global $wp_scripts; - if (comments_open() && !is_user_logged_in() && isset($wp_scripts) && $wp_scripts->query('openid')) { -?> + if ( comments_open() && ! is_user_logged_in() && isset( $wp_scripts ) && $wp_scripts->query( 'openid' ) ) { + ?> <span id="openid_comment"> <label> <input type="checkbox" id="login_with_openid" name="login_with_openid" checked="checked" /> - <?php _e('Authenticate this comment using <span class="openid_link">OpenID</span>.', 'openid'); ?> + <?php _e( 'Authenticate this comment using <span class="openid_link">OpenID</span>.', 'openid' ); ?> </label> </span> - <script type="text/javascript">jQuery(function(){ add_openid_to_comment_form('<?php echo site_url('index.php') ?>', '<?php echo wp_create_nonce('openid_ajax') ?>') })</script> -<?php + <script type="text/javascript">jQuery(function(){ add_openid_to_comment_form('<?php echo site_url( 'index.php' ); ?>', '<?php echo wp_create_nonce( 'openid_ajax' ); ?>') })</script> + <?php } } -function openid_repost_comment_anonymously($post) { - $comment_page = (defined('OPENID_COMMENTS_POST_PAGE') ? OPENID_COMMENTS_POST_PAGE : 'wp-comments-post.php'); +function openid_repost_comment_anonymously( $post ) { + $comment_page = ( defined( 'OPENID_COMMENTS_POST_PAGE' ) ? OPENID_COMMENTS_POST_PAGE : 'wp-comments-post.php' ); $html = ' - <h1>'.__('OpenID Authentication Error', 'openid').'</h1> - <p id="error">'.__('We were unable to authenticate your claimed OpenID, however you ' - . 'can continue to post your comment without OpenID:', 'openid').'</p> - - <form action="' . site_url("/$comment_page") . '" method="post"> - <p>Name: <input name="author" value="'.$post['author'].'" /></p> - <p>Email: <input name="email" value="'.$post['email'].'" /></p> - <p>URL: <input name="url" value="'.$post['url'].'" /></p> - <textarea name="comment" cols="80%" rows="10">'.stripslashes($post['comment']).'</textarea> - <input type="submit" name="submit" value="'.__('Submit Comment').'" />'; - foreach ($post as $name => $value) { - if (!in_array($name, array('author', 'email', 'url', 'comment', 'submit'))) { + <h1>' . __( 'OpenID Authentication Error', 'openid' ) . '</h1> + <p id="error">' . __( 'We were unable to authenticate your claimed OpenID, however you can continue to post your comment without OpenID:', 'openid' ) . '</p> + + <form action="' . site_url( "/$comment_page" ) . '" method="post"> + <p>Name: <input name="author" value="' . $post['author'] . '" /></p> + <p>Email: <input name="email" value="' . $post['email'] . '" /></p> + <p>URL: <input name="url" value="' . $post['url'] . '" /></p> + <textarea name="comment" cols="80%" rows="10">' . stripslashes( $post['comment'] ) . '</textarea> + <input type="submit" name="submit" value="' . __( 'Submit Comment' ) . '" />'; + foreach ( $post as $name => $value ) { + if ( ! in_array( $name, array( 'author', 'email', 'url', 'comment', 'submit' ) ) ) { $html .= ' - <input type="hidden" name="'.$name.'" value="'.$value.'" />'; + <input type="hidden" name="' . $nam . '" value="' . $value . '" />'; } } $html .= '</form>'; - openid_page($html, __('OpenID Authentication Error', 'openid')); + openid_page( $html, __( 'OpenID Authentication Error', 'openid' ) ); } @@ -296,28 +298,30 @@ function openid_repost_comment_anonymously($post) { * * @param string $identity_url verified OpenID URL */ -function openid_finish_comment($identity_url, $action) { - if ($action != 'comment') return; +function openid_finish_comment( $identity_url, $action ) { + if ( 'comment' != $action ) { + return; + } - if (empty($identity_url)) { - openid_repost_comment_anonymously($_SESSION['openid_comment_post']); + if ( empty( $identity_url ) ) { + openid_repost_comment_anonymously( $_SESSION['openid_comment_post'] ); } - openid_set_current_user($identity_url); + openid_set_current_user( $identity_url ); - if (is_user_logged_in()) { + if ( is_user_logged_in() ) { // simulate an authenticated comment submission $_SESSION['openid_comment_post']['author'] = null; - $_SESSION['openid_comment_post']['email'] = null; - $_SESSION['openid_comment_post']['url'] = null; + $_SESSION['openid_comment_post']['email'] = null; + $_SESSION['openid_comment_post']['url'] = null; } else { // try to get user data from the verified OpenID - $user_data = openid_get_user_data($identity_url); + $user_data = openid_get_user_data( $identity_url ); - if (!empty($user_data['display_name'])) { + if ( ! empty( $user_data['display_name'] ) ) { $_SESSION['openid_comment_post']['author'] = $user_data['display_name']; } - if (!empty($user_data['user_email'])) { + if ( ! empty( $user_data['user_email'] ) ) { $_SESSION['openid_comment_post']['email'] = $user_data['user_email']; } $_SESSION['openid_comment_post']['url'] = $identity_url; @@ -327,9 +331,9 @@ function openid_finish_comment($identity_url, $action) { // We can't actually record it in the database until after the repost below. $_SESSION['openid_posted_comment'] = true; - $comment_page = (defined('OPENID_COMMENTS_POST_PAGE') ? OPENID_COMMENTS_POST_PAGE : 'wp-comments-post.php'); + $comment_page = ( defined( 'OPENID_COMMENTS_POST_PAGE' ) ? OPENID_COMMENTS_POST_PAGE : 'wp-comments-post.php' ); - openid_repost(site_url("/$comment_page"), array_filter($_SESSION['openid_comment_post'])); + openid_repost( site_url( "/$comment_page" ), array_filter( $_SESSION['openid_comment_post'] ) ); } @@ -338,14 +342,14 @@ function openid_finish_comment($identity_url, $action) { * * @param int $id id of comment to set as OpenID */ -function set_comment_openid($id) { - $comment = get_comment($id); - $openid_comments = get_post_meta($comment->comment_post_ID, 'openid_comments', true); - if (!is_array($openid_comments)) { +function set_comment_openid( $id ) { + $comment = get_comment( $id ); + $openid_comments = get_post_meta( $comment->comment_post_ID, 'openid_comments', true ); + if ( ! is_array( $openid_comments ) ) { $openid_comments = array(); } $openid_comments[] = $id; - update_post_meta($comment->comment_post_ID, 'openid_comments', array_unique($openid_comments)); + update_post_meta( $comment->comment_post_ID, 'openid_comments', array_unique( $openid_comments ) ); } @@ -354,17 +358,19 @@ function set_comment_openid($id) { * * @param int $id id of comment to set as OpenID */ -function unset_comment_openid($id) { - $comment = get_comment($id); - $openid_comments = get_post_meta($comment->comment_post_ID, 'openid_comments', true); +function unset_comment_openid( $id ) { + $comment = get_comment( $id ); + $openid_comments = get_post_meta( $comment->comment_post_ID, 'openid_comments', true ); - if (is_array($openid_comments) && in_array($id, $openid_comments)) { + if ( is_array( $openid_comments ) && in_array( $id, $openid_comments ) ) { $new = array(); - foreach($openid_comments as $c) { - if ($c == $id) continue; + foreach ( $openid_comments as $c ) { + if ( $c == $id ) { + continue; + } $new[] = $c; } - update_post_meta($comment->comment_post_ID, 'openid_comments', array_unique($new)); + update_post_meta( $comment->comment_post_ID, 'openid_comments', array_unique( $new ) ); } } @@ -376,20 +382,20 @@ function unset_comment_openid($id) { * @param reference $data reference to user data array * @see get_user_data */ -function openid_get_user_data_form($data, $identity_url) { - if ( array_key_exists('openid_comment_post', $_SESSION) ) { +function openid_get_user_data_form( $data, $identity_url ) { + if ( array_key_exists( 'openid_comment_post', $_SESSION ) ) { $comment = $_SESSION['openid_comment_post']; } - if ( !isset($comment) || !$comment) { + if ( ! isset( $comment ) || ! $comment ) { return $data; } - if ($comment['email']) { + if ( $comment['email'] ) { $data['user_email'] = $comment['email']; } - if ($comment['author']) { + if ( $comment['author'] ) { $data['nickname'] = $comment['author']; $data['user_nicename'] = $comment['author']; $data['display_name'] = $comment['author']; @@ -405,11 +411,11 @@ function openid_get_user_data_form($data, $identity_url) { function openid_recent_comments() { global $wp_widget_factory; - if ( $wp_widget_factory && array_key_exists('WP_Widget_Recent_Comments', $wp_widget_factory->widgets) ) { + if ( $wp_widget_factory && array_key_exists( 'WP_Widget_Recent_Comments', $wp_widget_factory->widgets ) ) { // this is an ugly hack because remove_action doesn't actually work the way it should with objects - foreach ( array_keys($GLOBALS['wp_filter']['wp_head'][10]) as $key ) { - if ( strpos($key, 'WP_Widget_Recent_Commentsrecent_comments_style') === 0 ) { - remove_action('wp_head', $key); + foreach ( array_keys( $GLOBALS['wp_filter']['wp_head'][10] ) as $key ) { + if ( strpos( $key, 'WP_Widget_Recent_Commentsrecent_comments_style' ) === 0 ) { + remove_action( 'wp_head', $key ); return; } } diff --git a/plugins/openid/common.php b/plugins/openid/common.php index 71a5aa2c..7c54b664 100644 --- a/plugins/openid/common.php +++ b/plugins/openid/common.php @@ -8,25 +8,25 @@ add_action( 'init', 'openid_textdomain' ); // load textdomain // include internal stylesheet -if (OPENID_ENABLE_CONSUMER) { - add_action( 'wp', 'openid_style'); +if ( OPENID_ENABLE_CONSUMER ) { + add_action( 'wp', 'openid_style' ); } // parse request -add_action('parse_request', 'openid_parse_request'); -add_action('query_vars', 'openid_query_vars'); -add_action('generate_rewrite_rules', 'openid_rewrite_rules'); +add_action( 'parse_request', 'openid_parse_request' ); +add_action( 'query_vars', 'openid_query_vars' ); +add_action( 'generate_rewrite_rules', 'openid_rewrite_rules' ); add_action( 'cleanup_openid', 'openid_cleanup' ); -add_filter( 'openid_user_data', 'openid_get_user_data_sreg', 8, 2); -add_filter( 'openid_user_data', 'openid_get_user_data_ax', 10, 2); +add_filter( 'openid_user_data', 'openid_get_user_data_sreg', 8, 2 ); +add_filter( 'openid_user_data', 'openid_get_user_data_ax', 10, 2 ); -if (isset($wpmu_version)) { +if ( isset( $wpmu_version ) ) { // wpmu doesn't support non-autoload options add_option( 'openid_associations', array(), null, 'yes' ); add_option( 'openid_nonces', array(), null, 'yes' ); @@ -41,7 +41,7 @@ if (isset($wpmu_version)) { * Set the textdomain for this plugin so we can support localizations. */ function openid_textdomain() { - load_plugin_textdomain('openid', null, dirname(plugin_basename(__FILE__)) . '/localization/'); + load_plugin_textdomain( 'openid', null, dirname( plugin_basename( __FILE__ ) ) . '/localization/' ); } @@ -50,10 +50,10 @@ function openid_textdomain() { * * @return WordPressOpenID_Store internal SQL store */ -function openid_getStore() { +function openid_getStore() { // phpcs:ignore static $store; - if (!$store) { + if ( ! $store ) { $store = new WordPress_OpenID_OptionStore(); } @@ -70,16 +70,18 @@ function openid_activate_plugin() { global $wp_rewrite; // if first time activation, set OpenID capability for administrators - if (get_option('openid_plugin_revision') === false) { + if ( get_option( 'openid_plugin_revision' ) === false ) { global $wp_roles; - $role = $wp_roles->get_role('administrator'); - if ($role) $role->add_cap('use_openid_provider'); + $role = $wp_roles->get_role( 'administrator' ); + if ( $role ) { + $role->add_cap( 'use_openid_provider' ); + } } // for some reason, show_on_front is not always set, causing is_front_page() to fail - $show_on_front = get_option('show_on_front'); - if ( empty($show_on_front) ) { - update_option('show_on_front', 'posts'); + $show_on_front = get_option( 'show_on_front' ); + if ( empty( $show_on_front ) ) { + update_option( 'show_on_front', 'posts' ); } // Add custom OpenID options @@ -95,11 +97,13 @@ function openid_activate_plugin() { openid_migrate_old_data(); // setup schedule cleanup - wp_clear_scheduled_hook('cleanup_openid'); - wp_schedule_event(time(), 'hourly', 'cleanup_openid'); + wp_clear_scheduled_hook( 'cleanup_openid' ); + wp_schedule_event( time(), 'hourly', 'cleanup_openid' ); // flush rewrite rules - if ( !isset($wp_rewrite) ) { $wp_rewrite = new WP_Rewrite(); } + if ( ! isset( $wp_rewrite ) ) { + $wp_rewrite = new WP_Rewrite(); + } $wp_rewrite->flush_rules(); // set current revision @@ -113,26 +117,26 @@ function openid_activate_plugin() { * Remove options that were used by previous versions of the plugin. */ function openid_remove_historical_options() { - delete_option('oid_db_revision'); - delete_option('oid_db_version'); - delete_option('oid_enable_approval'); - delete_option('oid_enable_commentform'); - delete_option('oid_enable_email_mapping'); - delete_option('oid_enable_foaf'); - delete_option('oid_enable_localaccounts'); - delete_option('oid_enable_loginform'); - delete_option('oid_enable_selfstyle'); - delete_option('oid_enable_unobtrusive'); - delete_option('oid_plugin_enabled'); - delete_option('oid_plugin_revision'); - delete_option('oid_plugin_version'); - delete_option('oid_trust_root'); - delete_option('force_openid_registration'); - delete_option('openid_skip_require_name'); - - delete_option('openid_enable_email_mapping'); - delete_option('openid_xrds_idib'); - delete_option('openid_xrds_eaut'); + delete_option( 'oid_db_revision' ); + delete_option( 'oid_db_version' ); + delete_option( 'oid_enable_approval' ); + delete_option( 'oid_enable_commentform' ); + delete_option( 'oid_enable_email_mapping' ); + delete_option( 'oid_enable_foaf' ); + delete_option( 'oid_enable_localaccounts' ); + delete_option( 'oid_enable_loginform' ); + delete_option( 'oid_enable_selfstyle' ); + delete_option( 'oid_enable_unobtrusive' ); + delete_option( 'oid_plugin_enabled' ); + delete_option( 'oid_plugin_revision' ); + delete_option( 'oid_plugin_version' ); + delete_option( 'oid_trust_root' ); + delete_option( 'force_openid_registration' ); + delete_option( 'openid_skip_require_name' ); + + delete_option( 'openid_enable_email_mapping' ); + delete_option( 'openid_xrds_idib' ); + delete_option( 'openid_xrds_eaut' ); } @@ -142,11 +146,11 @@ function openid_remove_historical_options() { * @see register_deactivation_hook */ function openid_deactivate_plugin() { - wp_clear_scheduled_hook('cleanup_openid'); - delete_option('openid_associations'); - delete_option('openid_nonces'); - delete_option('openid_server_associations'); - delete_option('openid_server_nonces'); + wp_clear_scheduled_hook( 'cleanup_openid' ); + delete_option( 'openid_associations' ); + delete_option( 'openid_nonces' ); + delete_option( 'openid_server_associations' ); + delete_option( 'openid_server_nonces' ); } @@ -155,23 +159,23 @@ function openid_deactivate_plugin() { */ function openid_uninstall_plugin() { openid_delete_tables(); - wp_clear_scheduled_hook('cleanup_openid'); + wp_clear_scheduled_hook( 'cleanup_openid' ); // current options - delete_option('openid_enable_commentform'); - delete_option('openid_plugin_enabled'); - delete_option('openid_plugin_revision'); - delete_option('openid_db_revision'); - delete_option('openid_enable_approval'); - delete_option('openid_xrds_returnto'); - delete_option('openid_comment_displayname_length'); - delete_option('openid_associations'); - delete_option('openid_nonces'); - delete_option('openid_server_associations'); - delete_option('openid_server_nonces'); - delete_option('openid_blog_owner'); - delete_option('openid_no_require_name'); - delete_option('openid_required_for_registration'); + delete_option( 'openid_enable_commentform' ); + delete_option( 'openid_plugin_enabled' ); + delete_option( 'openid_plugin_revision' ); + delete_option( 'openid_db_revision' ); + delete_option( 'openid_enable_approval' ); + delete_option( 'openid_xrds_returnto' ); + delete_option( 'openid_comment_displayname_length' ); + delete_option( 'openid_associations' ); + delete_option( 'openid_nonces' ); + delete_option( 'openid_server_associations' ); + delete_option( 'openid_server_nonces' ); + delete_option( 'openid_blog_owner' ); + delete_option( 'openid_no_require_name' ); + delete_option( 'openid_required_for_registration' ); // historical options openid_remove_historical_options(); @@ -191,13 +195,19 @@ function openid_cleanup() { /* * Customer error handler for calls into the JanRain library */ -function openid_customer_error_handler($errno, $errmsg, $filename, $linenum, $vars) { - if( (2048 & $errno) == 2048 ) return; +function openid_customer_error_handler( $errno, $errmsg, $filename, $linenum, $vars ) { + if ( 2048 == ( 2048 & $errno ) ) { + return; + } - if (!defined('WP_DEBUG') || !(WP_DEBUG)) { + if ( ! defined( 'WP_DEBUG' ) || ! ( WP_DEBUG ) ) { // XML errors - if (strpos($errmsg, 'DOMDocument::loadXML') === 0) return; - if (strpos($errmsg, 'domxml') === 0) return; + if ( strpos( $errmsg, 'DOMDocument::loadXML' ) === 0 ) { + return; + } + if ( strpos( $errmsg, 'domxml' ) === 0 ) { + return; + } // php-openid errors //if (strpos($errmsg, 'Successfully fetched') === 0) return; @@ -209,7 +219,7 @@ function openid_customer_error_handler($errno, $errmsg, $filename, $linenum, $va //if (strpos($errmsg, 'CURL error (7)') === 0) return; // couldn't connect to host } - openid_error( "Library Error $errno: $errmsg in $filename :$linenum"); + openid_error( "Library Error $errno: $errmsg in $filename :$linenum" ); } @@ -220,14 +230,16 @@ function openid_customer_error_handler($errno, $errmsg, $filename, $linenum, $va * @param boolean $append should we try appending a number if the username is already taken * @return mixed generated username or null if unable to generate */ -function openid_generate_new_username($url, $append = true) { - $base = openid_normalize_username($url); - $i=''; - while(true) { +function openid_generate_new_username( $url, $append = true ) { + $base = openid_normalize_username( $url ); + $i = ''; + while ( true ) { $username = openid_normalize_username( $base . $i ); - $user = get_user_by('login', $username); + $user = get_user_by( 'login', $username ); if ( $user ) { - if (!$append) return null; + if ( ! $append ) { + return null; + } $i++; continue; } @@ -247,16 +259,16 @@ function openid_generate_new_username($url, $append = true) { * @return string normalized username * @uses apply_filters() Calls 'openid_normalize_username' just before returning normalized username */ -function openid_normalize_username($username) { +function openid_normalize_username( $username ) { $normalized = $username; - $normalized = preg_replace('|^https?://(xri.net/([^@]!?)?)?|', '', $normalized); - $normalized = preg_replace('|^xri://([^@]!?)?|', '', $normalized); - $normalized = preg_replace('|/$|', '', $normalized); + $normalized = preg_replace( '|^https?://(xri.net/([^@]!?)?)?|', '', $normalized ); + $normalized = preg_replace( '|^xri://([^@]!?)?|', '', $normalized ); + $normalized = preg_replace( '|/$|', '', $normalized ); $normalized = sanitize_user( $normalized ); - $normalized = preg_replace('|[^a-z0-9 _.\-@]+|i', '-', $normalized); + $normalized = preg_replace( '|[^a-z0-9 _.\-@]+|i', '-', $normalized ); - $normalized = apply_filters('openid_normalize_username', $normalized, $username); + $normalized = apply_filters( 'openid_normalize_username', $normalized, $username ); return $normalized; } @@ -268,15 +280,15 @@ function openid_normalize_username($username) { * @param string $return_to OpenID return_to URL * @return string OpenID trust root */ -function openid_trust_root($return_to = null) { - $trust_root = trailingslashit(get_option('home')); +function openid_trust_root( $return_to = null ) { + $trust_root = trailingslashit( get_option( 'home' ) ); // If return_to is HTTPS, trust_root must be as well - if (!empty($return_to) && preg_match('/^https/', $return_to)) { - $trust_root = preg_replace('/^http\:/', 'https:', $trust_root); + if ( ! empty( $return_to ) && preg_match( '/^https/', $return_to ) ) { + $trust_root = preg_replace( '/^http\:/', 'https:', $trust_root ); } - $trust_root = apply_filters('openid_trust_root', $trust_root, $return_to); + $trust_root = apply_filters( 'openid_trust_root', $trust_root, $return_to ); return $trust_root; } @@ -289,19 +301,21 @@ function openid_trust_root($return_to = null) { * @param boolean $remember should we set the "remember me" cookie * @return void */ -function openid_set_current_user($identity, $remember = true) { - if (is_numeric($identity)) { +function openid_set_current_user( $identity, $remember = true ) { + if ( is_numeric( $identity ) ) { $user_id = $identity; } else { - $user_id = get_user_by_openid($identity); + $user_id = get_user_by_openid( $identity ); } - if (!$user_id) return; + if ( ! $user_id ) { + return; + } - $user = set_current_user($user_id); - wp_set_auth_cookie($user->ID, $remember); + $user = set_current_user( $user_id ); + wp_set_auth_cookie( $user->ID, $remember ); - do_action('wp_login', $user->user_login); + do_action( 'wp_login', $user->user_login ); } @@ -313,49 +327,53 @@ function openid_set_current_user($identity, $remember = true) { * @param array $user_data array of user data * @uses do_action() Calls 'openid_consumer_new_user_custom_data' hook action after creating user */ -function openid_create_new_user($identity_url, &$user_data) { +function openid_create_new_user( $identity_url, &$user_data ) { global $wpdb; // Identity URL is new, so create a user - @include_once( ABSPATH . 'wp-admin/upgrade-functions.php'); // 2.1 - @include_once( ABSPATH . WPINC . '/registration-functions.php'); // 2.0.4 + @include_once( ABSPATH . 'wp-admin/upgrade-functions.php' ); // 2.1 + @include_once( ABSPATH . WPINC . '/registration-functions.php' ); // 2.0.4 // otherwise, try to use preferred username - if ( empty($username) && array_key_exists('nickname', $user_data) ) { - $username = openid_generate_new_username($user_data['nickname'], false); + if ( empty( $username ) && array_key_exists( 'nickname', $user_data ) ) { + $username = openid_generate_new_username( $user_data['nickname'], false ); } // try using email address before resorting to URL - if (empty($username) && array_key_exists('user_email', $user_data)) { - $username = openid_generate_new_username($user_data['user_email'], false); + if ( empty( $username ) && array_key_exists( 'user_email', $user_data ) ) { + $username = openid_generate_new_username( $user_data['user_email'], false ); } // finally, build username from OpenID URL - if (empty($username)) { - $username = openid_generate_new_username($identity_url); + if ( empty( $username ) ) { + $username = openid_generate_new_username( $identity_url ); } $user_data['user_login'] = $username; $user_data['display_name'] = $username; - $user_data['user_pass'] = substr( md5( uniqid( microtime() ) ), 0, 7); + $user_data['user_pass'] = substr( md5( uniqid( microtime() ) ), 0, 7 ); $user_id = wp_insert_user( $user_data ); - if ($user_id instanceof WP_Error) { - openid_message($user_id->get_error_message()); - openid_status('error'); + if ( $user_id instanceof WP_Error ) { + openid_message( $user_id->get_error_message() ); + openid_status( 'error' ); return; - } else if ( is_integer($user_id) ) { // created ok + } else if ( is_integer( $user_id ) ) { // created ok $user_data['ID'] = $user_id; // XXX this all looks redundant, see openid_set_current_user $user = new WP_User( $user_id ); - $credentials = array('user_login' => $user->user_login, 'user_password' => $user_data['user_pass'], 'remember' => true); - - if( ! wp_signon( $credentials ) ) { - openid_message(__('User was created fine, but wp_signon() for the new user failed. This is probably a bug.', 'openid')); - openid_status('error'); - openid_error(openid_message()); + $credentials = array( + 'user_login' => $user->user_login, + 'user_password' => $user_data['user_pass'], + 'remember' => true, + ); + + if ( ! wp_signon( $credentials ) ) { + openid_message( __( 'User was created fine, but wp_signon() for the new user failed. This is probably a bug.', 'openid' ) ); + openid_status( 'error' ); + openid_error( openid_message() ); return; } @@ -363,22 +381,23 @@ function openid_create_new_user($identity_url, &$user_data) { wp_new_user_notification( $user_id ); wp_clear_auth_cookie(); - wp_set_auth_cookie($user_id, true); + wp_set_auth_cookie( $user_id, true ); // Bind the provided identity to the just-created user - openid_add_user_identity($user_id, $identity_url); + openid_add_user_identity( $user_id, $identity_url ); - openid_status('redirect'); + openid_status( 'redirect' ); - do_action('openid_consumer_new_user_custom_data', $user_id, $user_data); - - if ( !$user->has_cap('edit_posts') ) $redirect_to = '/wp-admin/profile.php'; + do_action( 'openid_consumer_new_user_custom_data', $user_id, $user_data ); + if ( ! $user->has_cap( 'edit_posts' ) ) { + $redirect_to = '/wp-admin/profile.php'; + } } else { // failed to create user for some reason. - openid_message(__('OpenID authentication successful, but failed to create WordPress user. This is probably a bug.', 'openid')); - openid_status('error'); - openid_error(openid_message()); + openid_message( __( 'OpenID authentication successful, but failed to create WordPress user. This is probably a bug.', 'openid' ) ); + openid_status( 'error' ); + openid_error( openid_message() ); } } @@ -389,38 +408,40 @@ function openid_create_new_user($identity_url, &$user_data) { * ID, user_url, user_nicename, display_name * * Multiple soures of data may be available and are attempted in the following order: - * - OpenID Attribute Exchange !! not yet implemented - * - OpenID Simple Registration - * - hCard discovery !! not yet implemented - * - default to identity URL + * - OpenID Attribute Exchange !! not yet implemented + * - OpenID Simple Registration + * - hCard discovery !! not yet implemented + * - default to identity URL * * @param string $identity_url OpenID to get user data about * @return array user data * @uses apply_filters() Calls 'openid_user_data' to gather profile data associated with the identity URL */ -function openid_get_user_data($identity_url) { +function openid_get_user_data( $identity_url ) { $data = array( - 'ID' => null, - 'user_url' => $identity_url, - 'user_nicename' => $identity_url, - 'display_name' => $identity_url + 'ID' => null, + 'user_url' => $identity_url, + 'user_nicename' => $identity_url, + 'display_name' => $identity_url, ); // create proper website URL if OpenID is an i-name - if (preg_match('/^[\=\@\+].+$/', $identity_url)) { + if ( preg_match( '/^[\=\@\+].+$/', $identity_url ) ) { $data['user_url'] = 'http://xri.net/' . $identity_url; } - $data = apply_filters('openid_user_data', $data, $identity_url); + $data = apply_filters( 'openid_user_data', $data, $identity_url ); // if display_name is still the same as the URL, clean that up a bit - if ($data['display_name'] == $identity_url) { - $parts = parse_url($identity_url); - if ($parts !== false) { - $host = preg_replace('/^www./', '', $parts['host']); - - $path = substr($parts['path'], 0, get_option('openid_comment_displayname_length')); - if (strlen($path) < strlen($parts['path'])) $path .= '…'; + if ( $data['display_name'] == $identity_url ) { + $parts = parse_url( $identity_url ); + if ( false !== $parts ) { + $host = preg_replace( '/^www./', '', $parts['host'] ); + + $path = substr( $parts['path'], 0, get_option( 'openid_comment_displayname_length' ) ); + if ( strlen( $path ) < strlen( $parts['path'] ) ) { + $path .= '…'; + } $data['display_name'] = $host . $path; } @@ -437,31 +458,37 @@ function openid_get_user_data($identity_url) { * @param reference $data reference to user data array * @see get_user_data */ -function openid_get_user_data_ax($data, $identity_url) { - require_once('Auth/OpenID/AX.php'); +function openid_get_user_data_ax( $data, $identity_url ) { + require_once( 'Auth/OpenID/AX.php' ); $response = openid_response(); - $ax = Auth_OpenID_AX_FetchResponse::fromSuccessResponse($response); + $ax = Auth_OpenID_AX_FetchResponse::fromSuccessResponse( $response ); - if (!$ax) return $data; + if ( ! $ax ) { + return $data; + } - $email = $ax->getSingle('http://axschema.org/contact/email'); - if ($email && !is_a($email, 'Auth_OpenID_AX_Error')) { + $email = $ax->getSingle( 'http://axschema.org/contact/email' ); + if ( $email && ! is_a( $email, 'Auth_OpenID_AX_Error' ) ) { $data['user_email'] = $email; } - $nickname = $ax->getSingle('http://axschema.org/namePerson/friendly'); - if ($nickname && !is_a($nickname, 'Auth_OpenID_AX_Error')) { - $data['nickname'] = $ax->getSingle('http://axschema.org/namePerson/friendly'); - $data['user_nicename'] = $ax->getSingle('http://axschema.org/namePerson/friendly'); - $data['display_name'] = $ax->getSingle('http://axschema.org/namePerson/friendly'); + $nickname = $ax->getSingle( 'http://axschema.org/namePerson/friendly' ); + if ( $nickname && ! is_a( $nickname, 'Auth_OpenID_AX_Error' ) ) { + $data['nickname'] = $ax->getSingle( 'http://axschema.org/namePerson/friendly' ); + $data['user_nicename'] = $ax->getSingle( 'http://axschema.org/namePerson/friendly' ); + $data['display_name'] = $ax->getSingle( 'http://axschema.org/namePerson/friendly' ); } - $fullname = $ax->getSingle('http://axschema.org/namePerson'); - if ($fullname && !is_a($fullname, 'Auth_OpenID_AX_Error')) { + $fullname = $ax->getSingle( 'http://axschema.org/namePerson' ); + if ( $fullname && ! is_a( $fullname, 'Auth_OpenID_AX_Error' ) ) { $namechunks = explode( ' ', $fullname, 2 ); - if( isset($namechunks[0]) ) $data['first_name'] = $namechunks[0]; - if( isset($namechunks[1]) ) $data['last_name'] = $namechunks[1]; + if ( isset( $namechunks[0] ) ) { + $data['first_name'] = $namechunks[0]; + } + if ( isset( $namechunks[1] ) ) { + $data['last_name'] = $namechunks[1]; + } $data['display_name'] = $fullname; } @@ -476,28 +503,34 @@ function openid_get_user_data_ax($data, $identity_url) { * @param reference $data reference to user data array * @see get_user_data */ -function openid_get_user_data_sreg($data, $identity_url) { - require_once('Auth/OpenID/SReg.php'); +function openid_get_user_data_sreg( $data, $identity_url ) { + require_once( 'Auth/OpenID/SReg.php' ); $response = openid_response(); - $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); + $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse( $response ); $sreg = $sreg_resp->contents(); - if (!$sreg) return $data; + if ( ! $sreg ) { + return $data; + } - if (array_key_exists('email', $sreg) && $sreg['email']) { + if ( array_key_exists( 'email', $sreg ) && $sreg['email'] ) { $data['user_email'] = $sreg['email']; } - if (array_key_exists('nickname', $sreg) && $sreg['nickname']) { + if ( array_key_exists( 'nickname', $sreg ) && $sreg['nickname'] ) { $data['nickname'] = $sreg['nickname']; $data['user_nicename'] = $sreg['nickname']; $data['display_name'] = $sreg['nickname']; } - if (array_key_exists('fullname', $sreg) && $sreg['fullname']) { + if ( array_key_exists( 'fullname', $sreg ) && $sreg['fullname'] ) { $namechunks = explode( ' ', $sreg['fullname'], 2 ); - if( isset($namechunks[0]) ) $data['first_name'] = $namechunks[0]; - if( isset($namechunks[1]) ) $data['last_name'] = $namechunks[1]; + if ( isset( $namechunks[0] ) ) { + $data['first_name'] = $namechunks[0]; + } + if ( isset( $namechunks[1] ) ) { + $data['last_name'] = $namechunks[1]; + } $data['display_name'] = $sreg['fullname']; } @@ -512,7 +545,7 @@ function openid_get_user_data_sreg($data, $identity_url) { * @param reference $data reference to user data array * @see get_user_data */ -function openid_get_user_data_hcard($data, $identity_url) { +function openid_get_user_data_hcard( $data, $identity_url ) { // TODO implement hcard discovery return $data; } @@ -524,12 +557,12 @@ function openid_get_user_data_hcard($data, $identity_url) { * * @param WP $wp WP instance for the current request */ -function openid_parse_request($wp) { - if (array_key_exists('openid', $wp->query_vars)) { +function openid_parse_request( $wp ) { + if ( array_key_exists( 'openid', $wp->query_vars ) ) { openid_clean_request(); - switch ($wp->query_vars['openid']) { + switch ( $wp->query_vars['openid'] ) { case 'consumer': @session_start(); @@ -537,25 +570,25 @@ function openid_parse_request($wp) { // no action, which probably means OP-initiated login. Set // action to 'login', and redirect to home page when finished - if (empty($action)) { + if ( empty( $action ) ) { $action = 'login'; - if (empty($_SESSION['openid_finish_url'])) { + if ( empty( $_SESSION['openid_finish_url'] ) ) { //$_SESSION['openid_finish_url'] = get_option('home'); } } - finish_openid($action); + finish_openid( $action ); break; case 'server': - $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null; - openid_server_request($action); + $action = isset( $_REQUEST['action'] ) ? $_REQUEST['action'] : null; + openid_server_request( $action ); break; case 'ajax': - if ( check_admin_referer('openid_ajax') ) { - header('Content-Type: application/json'); - echo '{ "valid":' . ( is_url_openid( $_REQUEST['url'] ) ? 'true' : 'false' ) . ', "nonce":"' . wp_create_nonce('openid_ajax') . '" }'; + if ( check_admin_referer( 'openid_ajax' ) ) { + header( 'Content-Type: application/json' ); + echo '{ "valid":' . ( is_url_openid( $_REQUEST['url'] ) ? 'true' : 'false' ) . ', "nonce":"' . wp_create_nonce( 'openid_ajax' ) . '" }'; exit; } } @@ -571,7 +604,7 @@ function openid_parse_request($wp) { */ function is_url_openid( $url ) { $auth_request = openid_begin_consumer( $url ); - return ( $auth_request != null ); + return ( null != $auth_request ); } @@ -586,30 +619,30 @@ function is_url_openid( $url ) { */ function openid_clean_request() { - if (array_key_exists('q', $_GET)) { + if ( array_key_exists( 'q', $_GET ) ) { // handle nginx web server, which adds an additional query string parameter named "q" - unset($_GET['q']); + unset( $_GET['q'] ); - $vars = explode('&', $_SERVER['QUERY_STRING']); + $vars = explode( '&', $_SERVER['QUERY_STRING'] ); $clean = array(); - foreach ($vars as $v) { - if (strpos($v, 'q=') !== 0) { + foreach ( $vars as $v ) { + if ( strpos( $v, 'q=' ) !== 0 ) { $clean[] = $v; } } - $_SERVER['QUERY_STRING'] = implode('&', $clean); + $_SERVER['QUERY_STRING'] = implode( '&', $clean ); - } else if (isset($_SERVER['argc']) && $_SERVER['argc'] >= 1 && $_SERVER['argv'][0] == 'error=404') { + } elseif ( isset( $_SERVER['argc'] ) && $_SERVER['argc'] >= 1 && 'error=404' == $_SERVER['argv'][0] ) { // handle lighttpd hack which uses a custom error-handler, passing 404 errors to WordPress. // This results in the QUERY_STRING not having the correct information, but fortunately we // can pull it out of REQUEST_URI - list($path, $query) = explode('?', $_SERVER['REQUEST_URI'], 2); + list($path, $query) = explode( '?', $_SERVER['REQUEST_URI'], 2 ); $_SERVER['QUERY_STRING'] = $query; } } @@ -623,12 +656,16 @@ function openid_clean_request() { * @return string service URL * @see site_url */ -function openid_service_url($service, $scheme = null) { +function openid_service_url( $service, $scheme = null ) { global $wp_rewrite; - if (!$wp_rewrite) $wp_rewrite = new WP_Rewrite(); + if ( ! $wp_rewrite ) { + $wp_rewrite = new WP_Rewrite(); + } - if (!defined('OPENID_SSL') || !OPENID_SSL) $scheme = null; - $url = site_url('/?openid=' . $service, $scheme); + if ( ! defined( 'OPENID_SSL' ) || ! OPENID_SSL ) { + $scheme = null; + } + $url = site_url( '/?openid=' . $service, $scheme ); return $url; } @@ -637,7 +674,7 @@ function openid_service_url($service, $scheme = null) { /** * Add rewrite rules to WP_Rewrite for the OpenID services. */ -function openid_rewrite_rules($wp_rewrite) { +function openid_rewrite_rules( $wp_rewrite ) { $openid_rules = array( 'openid/(.+)' => 'index.php?openid=$matches[1]', ); @@ -649,30 +686,32 @@ function openid_rewrite_rules($wp_rewrite) { /** * Add valid query vars to WordPress for OpenID. */ -function openid_query_vars($vars) { +function openid_query_vars( $vars ) { $vars[] = 'openid'; return $vars; } -function openid_status($new = null) { +function openid_status( $new = null ) { static $status; - return ($new == null) ? $status : $status = $new; + return ( null == $new ) ? $status : $status = $new; } -function openid_message($new = null) { +function openid_message( $new = null ) { static $message; - return ($new == null) ? $message : $message = $new; + return ( null == $new ) ? $message : $message = $new; } -function openid_response($new = null) { +function openid_response( $new = null ) { static $response; - return ($new == null) ? $response : $response = $new; + return ( null == $new ) ? $response : $response = $new; } -function openid_enabled($new = null) { +function openid_enabled( $new = null ) { static $enabled; - if ($enabled == null) $enabled = true; - return ($new == null) ? $enabled : $enabled = $new; + if ( null == $enabled ) { + $enabled = true; + } + return ( null == $new ) ? $enabled : $enabled = $new; } @@ -684,51 +723,53 @@ function openid_enabled($new = null) { * @param array $parameters key-value pairs of parameters to include in the form * @uses do_action() Calls 'openid_page_head' hook action */ -function openid_repost($action, $parameters) { +function openid_repost( $action, $parameters ) { $html = ' - <noscript><p>' . __('Since your browser does not support JavaScript, you must press the Continue button once to proceed.', 'openid') . '</p></noscript> - <form action="'.$action.'" method="post">'; + <noscript><p>' . __( 'Since your browser does not support JavaScript, you must press the Continue button once to proceed.', 'openid' ) . '</p></noscript> + <form action="' . $action . '" method="post">'; - foreach ($parameters as $k => $v) { - if ($k == 'submit') continue; - $html .= "\n" . '<input type="hidden" name="'.$k.'" value="' . htmlspecialchars(stripslashes($v), ENT_COMPAT, get_option('blog_charset')) . '" />'; + foreach ( $parameters as $k => $v ) { + if ( 'submit' == $k ) { + continue; + } + $html .= "\n" . '<input type="hidden" name="' . $k . '" value="' . htmlspecialchars( stripslashes( $v ), ENT_COMPAT, get_option( 'blog_charset' ) ) . '" />'; } $html .= ' - <noscript><div><input type="submit" value="' . __('Continue') . '" /></div></noscript> + <noscript><div><input type="submit" value="' . __( 'Continue' ) . '" /></div></noscript> </form> <script type="text/javascript"> - document.write("<h2>'.__('Please Wait...', 'openid').'</h2>"); + document.write("<h2>' . __( 'Please Wait...', 'openid' ) . '</h2>"); document.forms[0].submit() </script>'; - openid_page($html, __('OpenID Authentication Redirect', 'openid')); + openid_page( $html, __( 'OpenID Authentication Redirect', 'openid' ) ); } -function openid_page($message, $title = '') { +function openid_page( $message, $title = '' ) { global $wp_locale; -?> + ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" <?php language_attributes(); ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> - <title><?php echo $title ?></title> -<?php - wp_admin_css('install', true); - if ( ($wp_locale) && ('rtl' == $wp_locale->text_direction) ) { - wp_admin_css('login-rtl', true); + <title><?php echo $title; ?></title> + <?php + wp_admin_css( 'install', true ); + if ( ( $wp_locale ) && ( 'rtl' == $wp_locale->text_direction ) ) { + wp_admin_css( 'login-rtl', true ); } - do_action('admin_head'); - do_action('openid_page_head'); -?> + do_action( 'admin_head' ); + do_action( 'openid_page_head' ); + ?> </head> <body id="openid-page"> <?php echo $message; ?> </body> </html> -<?php + <?php die(); } @@ -752,14 +793,14 @@ function openid_js_setup() { * action has been run. (This logic taken from the core wp_admin_css function) **/ function openid_style() { - if ( !wp_style_is('openid', 'registered') ) { - wp_register_style('openid', plugin_dir_url(__FILE__) . 'f/openid.css', array(), OPENID_PLUGIN_REVISION); + if ( ! wp_style_is( 'openid', 'registered' ) ) { + wp_register_style( 'openid', plugin_dir_url( __FILE__ ) . 'f/openid.css', array(), OPENID_PLUGIN_REVISION ); } - if ( did_action('wp_print_styles') ) { - wp_print_styles('openid'); + if ( did_action( 'wp_print_styles' ) ) { + wp_print_styles( 'openid' ); } else { - wp_enqueue_style('openid'); + wp_enqueue_style( 'openid' ); } } @@ -773,8 +814,8 @@ function openid_style() { /** * When a WordPress user is deleted, make sure all associated OpenIDs are deleted as well. */ -function delete_user_openids($userid) { - openid_drop_all_identities($userid); +function delete_user_openids( $userid ) { + openid_drop_all_identities( $userid ); } add_action( 'delete_user', 'delete_user_openids' ); @@ -785,8 +826,8 @@ add_action( 'delete_user', 'delete_user_openids' ); * @param int $user_id user id * @param string $identity_url identity url to add */ -function openid_add_user_identity($user_id, $identity_url) { - openid_add_identity($user_id, $identity_url); +function openid_add_user_identity( $user_id, $identity_url ) { + openid_add_identity( $user_id, $identity_url ); } @@ -796,9 +837,9 @@ function openid_add_user_identity($user_id, $identity_url) { * @param int $user_id user id * @param string $url identity url to add */ -function openid_add_identity($user_id, $url) { +function openid_add_identity( $user_id, $url ) { global $wpdb; - $sql = $wpdb->prepare('INSERT INTO ' . openid_identity_table() . ' (user_id,url,hash) VALUES ( %s, %s, MD5(%s) )', $user_id, $url, $url); + $sql = $wpdb->prepare( 'INSERT INTO ' . openid_identity_table() . ' (user_id,url,hash) VALUES ( %s, %s, MD5(%s) )', $user_id, $url, $url ); return $wpdb->query( $sql ); } @@ -809,9 +850,9 @@ function openid_add_identity($user_id, $url) { * @param int $user_id user id * @param string $identity_url identity url to remove */ -function openid_drop_identity($user_id, $identity_url) { +function openid_drop_identity( $user_id, $identity_url ) { global $wpdb; - return $wpdb->query( $wpdb->prepare('DELETE FROM '.openid_identity_table().' WHERE user_id = %s AND url = %s', $user_id, $identity_url) ); + return $wpdb->query( $wpdb->prepare( 'DELETE FROM ' . openid_identity_table() . ' WHERE user_id = %s AND url = %s', $user_id, $identity_url ) ); } @@ -820,9 +861,9 @@ function openid_drop_identity($user_id, $identity_url) { * * @param int $user_id user id */ -function openid_drop_all_identities($user_id) { +function openid_drop_all_identities( $user_id ) { global $wpdb; - return $wpdb->query( $wpdb->prepare('DELETE FROM '.openid_identity_table().' WHERE user_id = %s', $user_id ) ); + return $wpdb->query( $wpdb->prepare( 'DELETE FROM ' . openid_identity_table() . ' WHERE user_id = %s', $user_id ) ); } @@ -836,18 +877,18 @@ function openid_drop_all_identities($user_id) { * @param string $url url to display * @return url formatted for display */ -function openid_display_identity($url) { - return preg_replace('/#.+$/', '', $url); +function openid_display_identity( $url ) { + return preg_replace( '/#.+$/', '', $url ); } -function openid_error($msg) { - error_log('[OpenID] ' . $msg); +function openid_error( $msg ) { + error_log( '[OpenID] ' . $msg ); } -function openid_debug($msg) { - if (defined('WP_DEBUG') && WP_DEBUG) { - openid_error($msg); +function openid_debug( $msg ) { + if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) { + openid_error( $msg ); } } diff --git a/plugins/openid/consumer.php b/plugins/openid/consumer.php index e478ccbe..2c3ab5bc 100644 --- a/plugins/openid/consumer.php +++ b/plugins/openid/consumer.php @@ -5,29 +5,28 @@ // hooks for getting user data -add_filter('openid_auth_request_extensions', 'openid_add_sreg_extension', 10, 2); -add_filter('openid_auth_request_extensions', 'openid_add_ax_extension', 10, 2); +add_filter( 'openid_auth_request_extensions', 'openid_add_sreg_extension', 10, 2 ); +add_filter( 'openid_auth_request_extensions', 'openid_add_ax_extension', 10, 2 ); -add_filter( 'xrds_simple', 'openid_consumer_xrds_simple'); +add_filter( 'xrds_simple', 'openid_consumer_xrds_simple' ); /** * Get the internal OpenID Consumer object. If it is not already initialized, do so. * * @return Auth_OpenID_Consumer OpenID consumer object */ -function openid_getConsumer() { +function openid_getConsumer() { // phpcs:ignore static $consumer; - if (!$consumer) { + if ( ! $consumer ) { require_once 'Auth/OpenID/Consumer.php'; $store = openid_getStore(); - $consumer = new Auth_OpenID_Consumer($store); - if( null === $consumer ) { - openid_error('OpenID consumer could not be created properly.'); - openid_enabled(false); + $consumer = new Auth_OpenID_Consumer( $store ); + if ( null === $consumer ) { + openid_error( 'OpenID consumer could not be created properly.' ); + openid_enabled( false ); } - } return $consumer; @@ -41,23 +40,23 @@ function openid_getConsumer() { * @param string $trust_root OpenID trust root * @param string $return_to URL where the OpenID provider should return the user */ -function openid_redirect($auth_request, $trust_root, $return_to) { - do_action('openid_redirect', $auth_request, $trust_root, $return_to); +function openid_redirect( $auth_request, $trust_root, $return_to ) { + do_action( 'openid_redirect', $auth_request, $trust_root, $return_to ); - $message = $auth_request->getMessage($trust_root, $return_to, false); + $message = $auth_request->getMessage( $trust_root, $return_to, false ); - if (Auth_OpenID::isFailure($message)) { - return openid_error('Could not redirect to server: '.$message->message); + if ( Auth_OpenID::isFailure( $message ) ) { + return openid_error( 'Could not redirect to server: ' . $message->message ); } - $_SESSION['openid_return_to'] = $message->getArg(Auth_OpenID_OPENID_NS, 'return_to'); + $_SESSION['openid_return_to'] = $message->getArg( Auth_OpenID_OPENID_NS, 'return_to' ); // send 302 redirect or POST - if ($auth_request->shouldSendRedirect()) { - $redirect_url = $auth_request->redirectURL($trust_root, $return_to); + if ( $auth_request->shouldSendRedirect() ) { + $redirect_url = $auth_request->redirectURL( $trust_root, $return_to ); wp_redirect( $redirect_url ); } else { - openid_repost($auth_request->endpoint->server_url, $message->toPostArgs()); + openid_repost( $auth_request->endpoint->server_url, $message->toPostArgs() ); } } @@ -71,40 +70,40 @@ function finish_openid_auth() { @session_start(); $consumer = openid_getConsumer(); - if ( array_key_exists('openid_return_to', $_SESSION) ) { + if ( array_key_exists( 'openid_return_to', $_SESSION ) ) { $openid_return_to = $_SESSION['openid_return_to']; } - if ( empty($openid_return_to) ) { - $openid_return_to = openid_service_url('consumer'); + if ( empty( $openid_return_to ) ) { + $openid_return_to = openid_service_url( 'consumer' ); } - $response = $consumer->complete($openid_return_to); + $response = $consumer->complete( $openid_return_to ); - unset($_SESSION['openid_return_to']); - openid_response($response); + unset( $_SESSION['openid_return_to'] ); + openid_response( $response ); - switch( $response->status ) { + switch ( $response->status ) { case Auth_OpenID_CANCEL: - openid_message(__('OpenID login was cancelled.', 'openid')); - openid_status('error'); + openid_message( __( 'OpenID login was cancelled.', 'openid' ) ); + openid_status( 'error' ); break; case Auth_OpenID_FAILURE: - openid_message(sprintf(__('OpenID login failed: %s', 'openid'), $response->message)); - openid_status('error'); + openid_message( sprintf( __( 'OpenID login failed: %s', 'openid' ), $response->message ) ); + openid_status( 'error' ); break; case Auth_OpenID_SUCCESS: - openid_message(__('OpenID login successful', 'openid')); - openid_status('success'); + openid_message( __( 'OpenID login successful', 'openid' ) ); + openid_status( 'success' ); $identity_url = $response->identity_url; - $escaped_url = htmlspecialchars($identity_url, ENT_QUOTES); + $escaped_url = htmlspecialchars( $identity_url, ENT_QUOTES ); return $escaped_url; default: - openid_message(__('Unknown Status. Bind not successful. This is probably a bug.', 'openid')); - openid_status('error'); + openid_message( __( 'Unknown Status. Bind not successful. This is probably a bug.', 'openid' ) ); + openid_status( 'error' ); } return null; @@ -117,15 +116,15 @@ function finish_openid_auth() { * @param string $url claimed ID * @return Auth_OpenID_Request OpenID Request */ -function openid_begin_consumer($url) { +function openid_begin_consumer( $url ) { static $request; @session_start(); - if ($request == NULL) { - set_error_handler( 'openid_customer_error_handler'); + if ( null == $request ) { + set_error_handler( 'openid_customer_error_handler' ); $consumer = openid_getConsumer(); - $request = $consumer->begin($url); + $request = $consumer->begin( $url ); restore_error_handler(); } @@ -142,16 +141,18 @@ function openid_begin_consumer($url) { * @param string $finish_url stored in user session for later redirect * @uses apply_filters() Calls 'openid_auth_request_extensions' to gather extensions to be attached to auth request */ -function openid_start_login( $claimed_url, $action, $finish_url = null) { - if ( empty($claimed_url) ) return; // do nothing. +function openid_start_login( $claimed_url, $action, $finish_url = null ) { + if ( empty( $claimed_url ) ) { + return; // do nothing. + } $auth_request = openid_begin_consumer( $claimed_url ); if ( null === $auth_request ) { - openid_status('error'); + openid_status( 'error' ); openid_message(sprintf( - __('Could not discover an OpenID identity server endpoint at the url: %s', 'openid'), - htmlentities($claimed_url) + __( 'Could not discover an OpenID identity server endpoint at the url: %s', 'openid' ), + htmlentities( $claimed_url ) )); return; @@ -161,41 +162,41 @@ function openid_start_login( $claimed_url, $action, $finish_url = null) { $_SESSION['openid_action'] = $action; $_SESSION['openid_finish_url'] = $finish_url; - $extensions = apply_filters('openid_auth_request_extensions', array(), $auth_request); - foreach ($extensions as $e) { - if (is_a($e, 'Auth_OpenID_Extension')) { - $auth_request->addExtension($e); + $extensions = apply_filters( 'openid_auth_request_extensions', array(), $auth_request ); + foreach ( $extensions as $e ) { + if ( is_a( $e, 'Auth_OpenID_Extension' ) ) { + $auth_request->addExtension( $e ); } } - $return_to = openid_service_url('consumer', 'login_post'); - $return_to = apply_filters('openid_return_to', $return_to); + $return_to = openid_service_url( 'consumer', 'login_post' ); + $return_to = apply_filters( 'openid_return_to', $return_to ); - $trust_root = openid_trust_root($return_to); + $trust_root = openid_trust_root( $return_to ); - openid_redirect($auth_request, $trust_root, $return_to); - exit(0); + openid_redirect( $auth_request, $trust_root, $return_to ); + exit( 0 ); } /** * Build an Attribute Exchange attribute query extension if we've never seen this OpenID before. */ -function openid_add_ax_extension($extensions, $auth_request) { - if(!get_user_by_openid($auth_request->endpoint->claimed_id)) { - require_once('Auth/OpenID/AX.php'); +function openid_add_ax_extension( $extensions, $auth_request ) { + if ( ! get_user_by_openid( $auth_request->endpoint->claimed_id ) ) { + require_once( 'Auth/OpenID/AX.php' ); - if ($auth_request->endpoint->usesExtension(Auth_OpenID_AX_NS_URI)) { + if ( $auth_request->endpoint->usesExtension( Auth_OpenID_AX_NS_URI ) ) { $default_fields = array( - Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/friendly', 1, true), - Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email', 1, true), - Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson', 1, true) + Auth_OpenID_AX_AttrInfo::make( 'http://axschema.org/namePerson/friendly', 1, true ), + Auth_OpenID_AX_AttrInfo::make( 'http://axschema.org/contact/email', 1, true ), + Auth_OpenID_AX_AttrInfo::make( 'http://axschema.org/namePerson', 1, true ), ); - $fields = apply_filters('openid_consumer_ax_fields', $default_fields); + $fields = apply_filters( 'openid_consumer_ax_fields', $default_fields ); $ax_request = new Auth_OpenID_AX_FetchRequest(); - foreach ($fields as $field) { - $ax_request->add($field); + foreach ( $fields as $field ) { + $ax_request->add( $field ); } $extensions[] = $ax_request; @@ -212,14 +213,14 @@ function openid_add_ax_extension($extensions, $auth_request) { * @uses apply_filters() Calls 'openid_consumer_sreg_required_fields' and * 'openid_consumer_sreg_required_fields' to collect sreg fields. */ -function openid_add_sreg_extension($extensions, $auth_request) { - if(!get_user_by_openid($auth_request->endpoint->claimed_id)) { - require_once('Auth/OpenID/SReg.php'); - - if ($auth_request->endpoint->usesExtension(Auth_OpenID_SREG_NS_URI_1_0) || $auth_request->endpoint->usesExtension(Auth_OpenID_SREG_NS_URI_1_1)) { - $required = apply_filters('openid_consumer_sreg_required_fields', array()); - $optional = apply_filters('openid_consumer_sreg_optional_fields', array('nickname','email','fullname')); - $extensions[] = Auth_OpenID_SRegRequest::build($required, $optional); +function openid_add_sreg_extension( $extensions, $auth_request ) { + if ( ! get_user_by_openid( $auth_request->endpoint->claimed_id ) ) { + require_once( 'Auth/OpenID/SReg.php' ); + + if ( $auth_request->endpoint->usesExtension( Auth_OpenID_SREG_NS_URI_1_0 ) || $auth_request->endpoint->usesExtension( Auth_OpenID_SREG_NS_URI_1_1 ) ) { + $required = apply_filters( 'openid_consumer_sreg_required_fields', array() ); + $optional = apply_filters( 'openid_consumer_sreg_optional_fields', array( 'nickname', 'email', 'fullname' ) ); + $extensions[] = Auth_OpenID_SRegRequest::build( $required, $optional ); } } @@ -233,9 +234,9 @@ function openid_add_sreg_extension($extensions, $auth_request) { * @param string $action login action that is being performed * @uses do_action() Calls 'openid_finish_auth' hook action after processing the authentication response. */ -function finish_openid($action) { +function finish_openid( $action ) { $identity_url = finish_openid_auth(); - do_action('openid_finish_auth', $identity_url, $action); + do_action( 'openid_finish_auth', $identity_url, $action ); } @@ -243,15 +244,15 @@ function finish_openid($action) { * * @uses apply_filters() Calls 'openid_consumer_return_urls' to collect return_to URLs to be included in XRDS document. */ -function openid_consumer_xrds_simple($xrds) { +function openid_consumer_xrds_simple( $xrds ) { - if (get_option('openid_xrds_returnto')) { + if ( get_option( 'openid_xrds_returnto' ) ) { // OpenID Consumer Service - $return_urls = array_unique(apply_filters('openid_consumer_return_urls', array(openid_service_url('consumer', 'login_post')))); - if (!empty($return_urls)) { + $return_urls = array_unique( apply_filters( 'openid_consumer_return_urls', array( openid_service_url( 'consumer', 'login_post' ) ) ) ); + if ( ! empty( $return_urls ) ) { // fixes https://github.com/diso/wordpress-xrds-simple/issues/4 unset( $xrds['main']['type'] ); - $xrds = xrds_add_simple_service($xrds, 'OpenID Consumer Service', 'http://specs.openid.net/auth/2.0/return_to', $return_urls); + $xrds = xrds_add_simple_service( $xrds, 'OpenID Consumer Service', 'http://specs.openid.net/auth/2.0/return_to', $return_urls ); } } diff --git a/plugins/openid/lib/Auth/OpenID/SQLStore.php b/plugins/openid/lib/Auth/OpenID/SQLStore.php index 9069771e..b2a953d6 100644 --- a/plugins/openid/lib/Auth/OpenID/SQLStore.php +++ b/plugins/openid/lib/Auth/OpenID/SQLStore.php @@ -465,7 +465,7 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore { $associations); // return the most recently issued one. - list($assoc) = $associations[0]; + list(, $assoc) = $associations[0]; return $assoc; } else { return null; diff --git a/plugins/openid/lib/Auth/OpenID/Server.php b/plugins/openid/lib/Auth/OpenID/Server.php index df8550a0..0901d507 100644 --- a/plugins/openid/lib/Auth/OpenID/Server.php +++ b/plugins/openid/lib/Auth/OpenID/Server.php @@ -813,7 +813,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request { private $claimed_id = ''; - private $identity = ''; + public $identity = ''; /** * @param Auth_OpenID_Message $message diff --git a/plugins/openid/openid.php b/plugins/openid/openid.php index 027512d3..86fb4725 100644 --- a/plugins/openid/openid.php +++ b/plugins/openid/openid.php @@ -5,7 +5,8 @@ * Description: Allows the use of OpenID for account registration, authentication, and commenting. Also includes an OpenID provider which can turn WordPress author URLs into OpenIDs. * Author: DiSo Development Team * Author URI: http://diso-project.org/ - * Version: 3.4.4 + * Version: 3.5.0 + * Requires PHP: 5.3 * License: Apache 2.0 * License URI: https://www.apache.org/licenses/LICENSE-2.0 * Text Domain: openid @@ -98,7 +99,7 @@ function is_user_openid( $user = null ) { * @access public * @since 1.0 */ -function is_comment_openid($id = null) { +function is_comment_openid( $id = null ) { if ( is_numeric( $id ) ) { $comment = get_comment( $id ); } else { @@ -134,7 +135,7 @@ function get_user_openids( $id_or_name = null ) { if ( $user ) { global $wpdb; - return $wpdb->get_col( $wpdb->prepare( 'SELECT url FROM '.openid_identity_table().' WHERE user_id = %s', $user->ID ) ); + return $wpdb->get_col( $wpdb->prepare( 'SELECT url FROM ' . openid_identity_table() . ' WHERE user_id = %s', $user->ID ) ); } else { return array(); } @@ -149,9 +150,9 @@ function get_user_openids( $id_or_name = null ) { * @access public * @since 3.0 */ -function get_user_by_openid($url) { +function get_user_by_openid( $url ) { global $wpdb; - return $wpdb->get_var( $wpdb->prepare( 'SELECT user_id FROM '.openid_identity_table().' WHERE url = %s', $url ) ); + return $wpdb->get_var( $wpdb->prepare( 'SELECT user_id FROM ' . openid_identity_table() . ' WHERE url = %s', $url ) ); } @@ -175,7 +176,7 @@ function openid_input() { * @since 3.0 */ if ( ! function_exists( 'get_userdata_by_various' ) ) : - function get_userdata_by_various($id_or_name = null) { + function get_userdata_by_various( $id_or_name = null ) { if ( null === $id_or_name ) { if ( ! is_user_logged_in() ) { return false; diff --git a/plugins/openid/readme.txt b/plugins/openid/readme.txt index c0656989..56cbd1c9 100644 --- a/plugins/openid/readme.txt +++ b/plugins/openid/readme.txt @@ -2,8 +2,9 @@ Contributors: willnorris, factoryjoe, pfefferle Tags: openid, authentication, login, comments Requires at least: 2.8 -Tested up to: 4.9.1 -Stable tag: 3.4.4 +Tested up to: 5.1 +Stable tag: 3.5.0 +Requires PHP: 5.3 License: Apache 2.0 License URI: https://www.apache.org/licenses/LICENSE-2.0 @@ -98,6 +99,9 @@ report at <http://code.google.com/p/diso/issues/list>. Project maintined on github at [diso/wordpress-openid](https://github.com/diso/wordpress-openid). += version 3.5.0 (Feb 12, 2019) = + - fixed PHP warnings and deprecation messages + = version 3.4.4 (Jan 12, 2018) = - fixed bug with latest OpenID library diff --git a/plugins/openid/server.php b/plugins/openid/server.php index 15e64d39..2804fcd1 100644 --- a/plugins/openid/server.php +++ b/plugins/openid/server.php @@ -14,7 +14,7 @@ add_action( 'wp_head', 'openid_provider_link_tags' ); * @see openid_service_url */ function openid_server_url() { - return openid_service_url('server', 'login_post'); + return openid_service_url( 'server', 'login_post' ); } @@ -24,88 +24,93 @@ function openid_server_url() { * * @uses apply_filters() Calls 'openid_server_xrds_types' before returning XRDS Types for OpenID authentication services. */ -function openid_provider_xrds_simple($xrds) { +function openid_provider_xrds_simple( $xrds ) { global $wp_roles; - if (!$wp_roles) $wp_roles = new WP_Roles(); + if ( ! $wp_roles ) { + $wp_roles = new WP_Roles(); + } $provider_enabled = false; - foreach ($wp_roles->role_names as $key => $name) { - $role = $wp_roles->get_role($key); - if ($role->has_cap('use_openid_provider')) { + foreach ( $wp_roles->role_names as $key => $name ) { + $role = $wp_roles->get_role( $key ); + if ( $role->has_cap( 'use_openid_provider' ) ) { $provider_enabled = true; break; } } - if (!$provider_enabled) return $xrds; + if ( ! $provider_enabled ) { + return $xrds; + } $user = openid_server_requested_user(); - if (!$user && get_option('openid_blog_owner')) { - $url_parts = parse_url(get_option('home')); - $path = array_key_exists('path', $url_parts) ? $url_parts['path'] : ''; - $path = trailingslashit($path); + if ( ! $user && get_option( 'openid_blog_owner' ) ) { + $url_parts = parse_url( get_option( 'home' ) ); + $path = array_key_exists( 'path', $url_parts ) ? $url_parts['path'] : ''; + $path = trailingslashit( $path ); - $script = preg_replace('/index.php$/', '', $_SERVER['SCRIPT_NAME']); - $script = trailingslashit($script); + $script = preg_replace( '/index.php$/', '', $_SERVER['SCRIPT_NAME'] ); + $script = trailingslashit( $script ); - if ($path != $script && !is_admin()) { + if ( $path != $script && ! is_admin() ) { return $xrds; } - if (!defined('OPENID_DISALLOW_OWNER') || !OPENID_DISALLOW_OWNER) { - $user = get_user_by('login', get_option('openid_blog_owner')); + if ( ! defined( 'OPENID_DISALLOW_OWNER' ) || ! OPENID_DISALLOW_OWNER ) { + $user = get_user_by( 'login', get_option( 'openid_blog_owner' ) ); } } - if ($user) { + if ( $user ) { // if user doesn't have capability, bail - $user_object = new WP_User($user->ID); - if (!$user_object->has_cap('use_openid_provider')) return $xrds; + $user_object = new WP_User( $user->ID ); + if ( ! $user_object->has_cap( 'use_openid_provider' ) ) { + return $xrds; + } - if (get_user_meta($user->ID, 'openid_delegate', true)) { - $services = get_user_meta($user->ID, 'openid_delegate_services', true); + if ( get_user_meta( $user->ID, 'openid_delegate', true ) ) { + $services = get_user_meta( $user->ID, 'openid_delegate_services', true ); } else { $services = array(); - $tmp_types = apply_filters('openid_server_xrds_types', array('http://specs.openid.net/auth/2.0/signon')); + $tmp_types = apply_filters( 'openid_server_xrds_types', array( 'http://specs.openid.net/auth/2.0/signon' ) ); $types = array(); - foreach ($tmp_types as $t) { - $types[] = array('content' => $t); + foreach ( $tmp_types as $t ) { + $types[] = array( 'content' => $t ); } $services[] = array( - 'Type' => $types, - 'URI' => openid_server_url(), - 'LocalID' => get_author_posts_url($user->ID), - ); + 'Type' => $types, + 'URI' => openid_server_url(), + 'LocalID' => get_author_posts_url( $user->ID ), + ); - $tmp_types = apply_filters('openid_server_xrds_types', array('http://openid.net/signon/1.1')); + $tmp_types = apply_filters( 'openid_server_xrds_types', array( 'http://openid.net/signon/1.1' ) ); $types = array(); - foreach ($tmp_types as $t) { - $types[] = array('content' => $t); + foreach ( $tmp_types as $t ) { + $types[] = array( 'content' => $t ); } $services[] = array( - 'Type' => $types, - 'URI' => openid_server_url(), - 'openid:Delegate' => get_author_posts_url($user->ID), - ); + 'Type' => $types, + 'URI' => openid_server_url(), + 'openid:Delegate' => get_author_posts_url( $user->ID ), + ); } } else { $services = array( array( - 'Type' => array(array('content' => 'http://specs.openid.net/auth/2.0/server')), + 'Type' => array( array( 'content' => 'http://specs.openid.net/auth/2.0/server' ) ), 'URI' => openid_server_url(), 'LocalID' => 'http://specs.openid.net/auth/2.0/identifier_select', - ) + ), ); } - - if (!empty($services)) { - foreach ($services as $index => $service) { + if ( ! empty( $services ) ) { + foreach ( $services as $index => $service ) { $name = 'OpenID Provider Service (' . $index . ')'; - $xrds = xrds_add_service($xrds, 'main', $name, $service, $index); + $xrds = xrds_add_service( $xrds, 'main', $name, $service, $index ); } } @@ -135,7 +140,7 @@ function openid_provider_webfinger( $webfinger, $resource, $user ) { ); } else { // check if WebFinger user is "blog-owner" - if ( get_option( 'openid_blog_owner' ) && $user->user_login == get_option( 'openid_blog_owner' ) ) { + if ( get_option( 'openid_blog_owner' ) && get_option( 'openid_blog_owner' ) == $user->user_login ) { $webfinger['links'][] = array( 'href' => site_url( '/' ), 'rel' => 'http://specs.openid.net/auth/2.0/provider', @@ -160,18 +165,18 @@ function openid_provider_webfinger( $webfinger, $resource, $user ) { function openid_server_requested_user() { global $wp_rewrite; - if (array_key_exists('author', $_REQUEST) && $_REQUEST['author']) { - if (is_numeric($_REQUEST['author'])) { - return get_user_by('id', $_REQUEST['author']); + if ( array_key_exists( 'author', $_REQUEST ) && $_REQUEST['author'] ) { + if ( is_numeric( $_REQUEST['author'] ) ) { + return get_user_by( 'id', $_REQUEST['author'] ); } else { - return get_user_by('login', $_REQUEST['author']); + return get_user_by( 'login', $_REQUEST['author'] ); } } else { - $regex = preg_replace('/%author%/', '(.+)', $wp_rewrite->get_author_permastruct()); - preg_match('|'.$regex.'|', $_SERVER['REQUEST_URI'], $matches); - if ($matches) { - $username = sanitize_user($matches[1], true); - return get_user_by('login', $username); + $regex = preg_replace( '/%author%/', '(.+)', $wp_rewrite->get_author_permastruct() ); + preg_match( '|' . $regex . '|', $_SERVER['REQUEST_URI'], $matches ); + if ( $matches ) { + $username = sanitize_user( $matches[1], true ); + return get_user_by( 'login', $username ); } } } @@ -187,35 +192,35 @@ function openid_server_request() { // get OpenID request, either from session or HTTP request $request = $server->decodeRequest(); - if (!$request || Auth_OpenID_isError($request)) { + if ( ! $request || Auth_OpenID_isError( $request ) ) { @session_start(); - if (isset($_SESSION['openid_server_request']) && $_SESSION['openid_server_request']) { + if ( isset( $_SESSION['openid_server_request'] ) && $_SESSION['openid_server_request'] ) { $request = $_SESSION['openid_server_request']; - unset($_SESSION['openid_server_request']); + unset( $_SESSION['openid_server_request'] ); } } - if (!$request || Auth_OpenID_isError($request)) { + if ( ! $request || Auth_OpenID_isError( $request ) ) { $html = '<h1>This is an OpenID Server.</h1>'; - if (Auth_OpenID_isError($request)) { + if ( Auth_OpenID_isError( $request ) ) { $html .= '<p><strong>Request Error:</strong> ' . $request->toString() . '</p>'; } else { $html .= '<p>Nothing to see here… move along.</p>'; } - wp_die($html); + wp_die( $html ); } // process request - if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) { - $response = openid_server_auth_request($request); - $response = apply_filters('openid_server_auth_response', $response); + if ( in_array( $request->mode, array( 'checkid_immediate', 'checkid_setup' ) ) ) { + $response = openid_server_auth_request( $request ); + $response = apply_filters( 'openid_server_auth_response', $response ); } else { - $response = $server->handleRequest($request); + $response = $server->handleRequest( $request ); } - openid_server_process_response($response); + openid_server_process_response( $response ); } @@ -225,14 +230,14 @@ function openid_server_request() { * @uses do_action() Calls the 'openid_server_pre_auth' hook action before checking if the user is logged in. * @uses do_action() Calls the 'openid_server_post_auth' hook action after ensuring that the user is logged in. */ -function openid_server_auth_request($request) { +function openid_server_auth_request( $request ) { - do_action('openid_server_pre_auth', $request); + do_action( 'openid_server_pre_auth', $request ); // user must be logged in - if (!is_user_logged_in()) { - if ($request->mode == 'checkid_immediate') { - return $request->answer(false); + if ( ! is_user_logged_in() ) { + if ( 'checkid_immediate' == $request->mode ) { + return $request->answer( false ); } else { @session_start(); $_SESSION['openid_server_request'] = $request; @@ -240,32 +245,34 @@ function openid_server_auth_request($request) { } } - do_action('openid_server_post_auth', $request); + do_action( 'openid_server_post_auth', $request ); // get some user data $user = wp_get_current_user(); - $author_url = get_author_posts_url($user->ID); + $author_url = get_author_posts_url( $user->ID ); $id_select = $request->idSelect(); // bail if user does not have access to OpenID provider - if (!$user->has_cap('use_openid_provider')) return $request->answer(false); + if ( ! $user->has_cap( 'use_openid_provider' ) ) { + return $request->answer( false ); + } // if using id select but user is delegating, display error to user (unless checkid_immediate) - if ($id_select && get_user_meta($user->ID, 'openid_delegate', true)) { - if ($request->mode != 'checkid_immediate') { - if ($_REQUEST['action'] == 'cancel') { - check_admin_referer('openid-server_cancel'); - return $request->answer(false); + if ( $id_select && get_user_meta( $user->ID, 'openid_delegate', true ) ) { + if ( 'checkid_immediate' != $request->mode ) { + if ( 'cancel' == $_REQUEST['action'] ) { + check_admin_referer( 'openid-server_cancel' ); + return $request->answer( false ); } else { @session_start(); $_SESSION['openid_server_request'] = $request; ob_start(); - echo '<h1>'.__('OpenID Login Error', 'openid').'</h1>'; + echo '<h1>' . __( 'OpenID Login Error', 'openid' ) . '</h1>'; echo '<p>'; - printf(__('Because you have delegated your OpenID, you cannot login with the URL <strong>%s</strong>. Instead, you must use your full OpenID when logging in.', 'openid'), trailingslashit(get_option('home'))); + printf( __( 'Because you have delegated your OpenID, you cannot login with the URL <strong>%s</strong>. Instead, you must use your full OpenID when logging in.', 'openid'), trailingslashit( get_option( 'home' ) ) ); echo'</p>'; - echo '<p>' . sprintf(__('Your full OpenID is: %s', 'openid'), '<strong>'.$author_url.'</strong>') . '</p>'; + echo '<p>' . sprintf( __( 'Your full OpenID is: %s', 'openid'), '<strong>' . $author_url . '</strong>' ) . '</p>'; echo ' <form method="post"> @@ -274,44 +281,44 @@ function openid_server_auth_request($request) { <input type="hidden" name="action" value="cancel" /> <input type="hidden" name="openid_server" value="1" /> </p>' - . wp_nonce_field('openid-server_cancel', '_wpnonce', true, false) - .'</form>'; + . wp_nonce_field( 'openid-server_cancel', '_wpnonce', true, false ) + . '</form>'; $html = ob_get_contents(); ob_end_clean(); - wp_die($html, 'OpenID Login Error'); + wp_die( $html, 'OpenID Login Error' ); } } } // if user trusts site, we're done - $trusted_sites = get_user_meta($user->ID, 'openid_trusted_sites', true); - $site_hash = md5($request->trust_root); - if (is_array($trusted_sites) && array_key_exists($site_hash, $trusted_sites)) { - $trusted_sites[$site_hash]['last_login'] = time(); - update_user_meta($user->ID, 'openid_trusted_sites', $trusted_sites); - - if ($id_select) { - return $request->answer(true, null, $author_url); + $trusted_sites = get_user_meta( $user->ID, 'openid_trusted_sites', true ); + $site_hash = md5( $request->trust_root ); + if ( is_array( $trusted_sites ) && array_key_exists( $site_hash, $trusted_sites ) ) { + $trusted_sites[ $site_hash ]['last_login'] = time(); + update_user_meta( $user->ID, 'openid_trusted_sites', $trusted_sites ); + + if ( $id_select ) { + return $request->answer( true, null, $author_url ); } else { - return $request->answer(true); + return $request->answer( true ); } } // that's all we can do without interacting with the user... bail if using immediate - if ($request->mode == 'checkid_immediate') { - return $request->answer(false); + if ( 'checkid_immediate' == $request->mode ) { + return $request->answer( false ); } // finally, prompt the user to trust this site - if (openid_server_user_trust($request)) { - if ($id_select) { - return $request->answer(true, null, $author_url); + if ( openid_server_user_trust( $request ) ) { + if ( $id_select ) { + return $request->answer( true, null, $author_url ); } else { - return $request->answer(true); + return $request->answer( true ); } } else { - return $request->answer(false); + return $request->answer( false ); } } @@ -323,12 +330,14 @@ function openid_server_auth_request($request) { * @param string $claimed claimed url * @return bool whether the current user matches the claimed URL */ -function openid_server_check_user_login($claimed) { +function openid_server_check_user_login( $claimed ) { $user = wp_get_current_user(); - if (!$user) return false; + if ( ! $user ) { + return false; + } - $identifier = get_author_posts_url($user->ID); - return ($claimed == $identifier); + $identifier = get_author_posts_url( $user->ID ); + return ( $claimed == $identifier ); } @@ -337,16 +346,16 @@ function openid_server_check_user_login($claimed) { * * @param object $response response object */ -function openid_server_process_response($response) { +function openid_server_process_response( $response ) { $server = openid_server(); - $web_response = $server->encodeResponse($response); + $web_response = $server->encodeResponse( $response ); - if ($web_response->code != AUTH_OPENID_HTTP_OK) { - header(sprintf('HTTP/1.1 %d', $web_response->code), true, $web_response->code); + if ( AUTH_OPENID_HTTP_OK != $web_response->code ) { + header( sprintf( 'HTTP/1.1 %d', $web_response->code ), true, $web_response->code ); } - foreach ($web_response->headers as $k => $v) { - header("$k: $v"); + foreach ( $web_response->headers as $k => $v ) { + header( "$k: $v" ); } print $web_response->body; @@ -362,8 +371,8 @@ function openid_server_process_response($response) { function openid_server() { static $server; - if (!$server || !is_a($server, 'Auth_OpenID_Server')) { - $server = new Auth_OpenID_Server(openid_getStore(), openid_server_url()); + if ( ! $server || ! is_a( $server, 'Auth_OpenID_Server' ) ) { + $server = new Auth_OpenID_Server( openid_getStore(), openid_server_url() ); } return $server; @@ -375,57 +384,57 @@ function openid_server() { */ function openid_provider_link_tags() { - if (is_front_page()) { - if (!defined('OPENID_DISALLOW_OWNER') || !OPENID_DISALLOW_OWNER) { - $user = get_user_by('login', get_option('openid_blog_owner')); + if ( is_front_page() ) { + if ( ! defined( 'OPENID_DISALLOW_OWNER' ) || ! OPENID_DISALLOW_OWNER ) { + $user = get_user_by( 'login', get_option( 'openid_blog_owner' ) ); } - } else if (is_author()) { + } elseif ( is_author() ) { global $wp_query; $user = $wp_query->get_queried_object(); } - if ( isset($user) && $user) { + if ( isset( $user ) && $user ) { // if user doesn't have capability, bail - $user_object = new WP_User($user->ID); - if (!$user_object->has_cap('use_openid_provider')) return; + $user_object = new WP_User( $user->ID ); + if ( ! $user_object->has_cap( 'use_openid_provider' ) ) { + return; + } - if (get_user_meta($user->ID, 'openid_delegate', true)) { - $services = get_user_meta($user->ID, 'openid_delegate_services', true); + if ( get_user_meta( $user->ID, 'openid_delegate', true ) ) { + $services = get_user_meta( $user->ID, 'openid_delegate_services', true ); $openid_1 = false; $openid_2 = false; - foreach($services as $service) { - if (!$openid_1 && $service['openid:Delegate']) { + foreach ( $services as $service ) { + if ( ! $openid_1 && $service['openid:Delegate'] ) { echo ' - <link rel="openid.server" href="'.$service['URI'].'" /> - <link rel="openid.delegate" href="'.$service['openid:Delegate'].'" />'; + <link rel="openid.server" href="' . $service['URI'] . '" /> + <link rel="openid.delegate" href="' . $service['openid:Delegate'] . '" />'; $openid_1 = true; } - if (!$openid_2 && $service['LocalID']) { + if ( ! $openid_2 && $service['LocalID'] ) { echo ' - <link rel="openid2.provider" href="'.$service['URI'].'" /> - <link rel="openid2.local_id" href="'.$service['LocalID'].'" />'; + <link rel="openid2.provider" href="' . $service['URI'] . '" /> + <link rel="openid2.local_id" href="' . $service['LocalID'] . '" />'; $openid_2 = true; } } - } else { + } else { $server = openid_server_url(); - $identifier = get_author_posts_url($user->ID); + $identifier = get_author_posts_url( $user->ID ); echo ' - <link rel="openid2.provider" href="'.$server.'" /> - <link rel="openid2.local_id" href="'.$identifier.'" /> - <link rel="openid.server" href="'.$server.'" /> - <link rel="openid.delegate" href="'.$identifier.'" />'; + <link rel="openid2.provider" href="' . $server . '" /> + <link rel="openid2.local_id" href="' . $identifier . '" /> + <link rel="openid.server" href="' . $server . '" /> + <link rel="openid.delegate" href="' . $identifier . '" />'; } - } - } -function openid_server_add_trust_site($user_id, $site_url, $site_name = null, $release_attributes) { +function openid_server_add_trust_site( $user_id, $site_url, $site_name = null, $release_attributes ) { } function openid_server_remove_trust_site() { @@ -438,32 +447,35 @@ function openid_server_remove_trust_site() { * @uses do_action() Calls the 'openid_server_trust_submit' hook action when processing the submitted trust form. * @uses apply_filters() Calls 'openid_server_store_trusted_site' before storing trusted site data. */ -function openid_server_user_trust($request) { +function openid_server_user_trust( $request ) { $user = wp_get_current_user(); - if (isset($_REQUEST['openid_trust']) && $_REQUEST['openid_trust']) { + if ( isset( $_REQUEST['openid_trust'] ) && $_REQUEST['openid_trust'] ) { $trust = null; - if ($_REQUEST['openid_trust'] == 'cancel') { + if ( 'cancel' == $_REQUEST['openid_trust'] ) { $trust = false; } else { - check_admin_referer('openid-server_trust'); + check_admin_referer( 'openid-server_trust' ); $trust = true; } - do_action('openid_server_trust_submit', $trust, $request); + do_action( 'openid_server_trust_submit', $trust, $request ); - if ($trust) { + if ( $trust ) { // store trusted site (unless hidden constant is set) - if (!defined('OPENID_NO_AUTO_TRUST') || !OPENID_NO_AUTO_TRUST) { - $site = array( 'url' => $request->trust_root, 'last_login' => time()); - $site = apply_filters('openid_server_store_trusted_site', $site); - - $trusted_sites = get_user_meta($user->ID, 'openid_trusted_sites', true); - $site_hash = md5($request->trust_root); - $trusted_sites[$site_hash] = $site; - - update_user_meta($user->ID, 'openid_trusted_sites', $trusted_sites); + if ( ! defined( 'OPENID_NO_AUTO_TRUST' ) || ! OPENID_NO_AUTO_TRUST ) { + $site = array( + 'url' => $request->trust_root, + 'last_login' => time(), + ); + $site = apply_filters( 'openid_server_store_trusted_site', $site ); + + $trusted_sites = get_user_meta( $user->ID, 'openid_trusted_sites', true ); + $site_hash = md5( $request->trust_root ); + $trusted_sites[ $site_hash ] = $site; + + update_user_meta( $user->ID, 'openid_trusted_sites', $trusted_sites ); } } @@ -487,46 +499,46 @@ function openid_server_user_trust($request) { </style> <div id="banner"> - <div id="site">'.get_option('blogname').'</div>'; + <div id="site">' . get_option( 'blogname' ) . '</div>'; - if (is_user_logged_in()) { + if ( is_user_logged_in() ) { $user = wp_get_current_user(); - $logout_url = site_url('wp-login.php?action=logout&redirect_to=' . urlencode(openid_server_url()), 'login'); + $logout_url = site_url( 'wp-login.php?action=logout&redirect_to=' . urlencode( openid_server_url() ), 'login' ); echo ' - <div id="loggedin">' . sprintf(__('Logged in as %1$s (%2$s). <a href="%3$s">Use a different account?</a>', 'openid'), $user->display_name, $user->user_login, $logout_url ) . '</div>'; + <div id="loggedin">' . sprintf( __( 'Logged in as %1$s (%2$s). <a href="%3$s">Use a different account?</a>', 'openid' ), $user->display_name, $user->user_login, $logout_url ) . '</div>'; } echo ' </div> <form action="' . openid_server_url() . '" method="post"> - <h1>'.__('Verify Your Identity', 'openid').'</h1> + <h1>' . __( 'Verify Your Identity', 'openid' ) . '</h1> <p style="margin: 1.5em 0 1em 0;">' - . sprintf(__('%s has asked to verify your identity.', 'openid'), '<strong>'.$request->trust_root.'</strong>') + . sprintf( __( '%s has asked to verify your identity.', 'openid' ), '<strong>' . $request->trust_root . '</strong>' ) . '</p> <p style="margin: 1em 0;">' - . __('Click <strong>Continue</strong> to verify your identity and login without creating a new password.', 'openid') + . __( 'Click <strong>Continue</strong> to verify your identity and login without creating a new password.', 'openid' ) . '</p>'; - do_action('openid_server_trust_form'); + do_action( 'openid_server_trust_form' ); echo ' <p class="submit" style="text-align: center; margin-top: 2.4em;"> - <a href="' . add_query_arg('openid_trust', 'cancel', openid_server_url()) . '">'.__('Cancel and go back', 'openid').'</a> - <input type="submit" id="submit" name="openid_trust" value="'.__('Continue', 'openid').'" /> + <a href="' . add_query_arg( 'openid_trust', 'cancel', openid_server_url() ) . '">' . __( 'Cancel and go back', 'openid' ) . '</a> + <input type="submit" id="submit" name="openid_trust" value="' . __( 'Continue', 'openid' ) . '" /> </p> <p style="margin: 3em 0 1em 0; font-size: 0.8em;">' - . sprintf(__('Manage or remove access on the <a href="%s" target="_blank">Trusted Sites</a> page.', 'openid'), - admin_url((current_user_can('edit_users') ? 'users.php' : 'profile.php') . '?page=openid_trusted_sites')) + . sprintf( __( 'Manage or remove access on the <a href="%s" target="_blank">Trusted Sites</a> page.', 'openid' ), + admin_url( ( current_user_can( 'edit_users' ) ? 'users.php' : 'profile.php' ) . '?page=openid_trusted_sites' ) ) . '</p> <p style="margin: 1em 0; font-size: 0.8em;">' - . sprintf(__('<a href="%s" target="_blank">Edit your profile</a> to change the information that gets shared with Trusted Sites.', 'openid'), admin_url('profile.php')) + . sprintf( __( '<a href="%s" target="_blank">Edit your profile</a> to change the information that gets shared with Trusted Sites.', 'openid' ), admin_url( 'profile.php' ) ) . '</p> '; - wp_nonce_field('openid-server_trust', '_wpnonce', true); + wp_nonce_field( 'openid-server_trust', '_wpnonce', true ); echo ' </form>'; @@ -534,7 +546,7 @@ function openid_server_user_trust($request) { $html = ob_get_contents(); ob_end_clean(); - openid_page($html, __('Verify Your Identity', 'openid')); + openid_page( $html, __( 'Verify Your Identity', 'openid' ) ); } } @@ -546,30 +558,34 @@ function openid_server_user_trust($request) { * @url string URL to discover. If not provided, user's current delegate will be used * @return bool true if successful */ -function openid_server_get_delegation_info($userid, $url = null) { - if (empty($url)) $url = get_user_meta($userid, 'openid_delegate', true); - if (empty($url)) return false; +function openid_server_get_delegation_info( $userid, $url = null ) { + if ( empty( $url ) ) { + $url = get_user_meta( $userid, 'openid_delegate', true ); + } + if ( empty( $url ) ) { + return false; + } - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - $discoveryResult = Auth_Yadis_Yadis::discover($url, $fetcher); - $endpoints = Auth_OpenID_ServiceEndpoint::fromDiscoveryResult($discoveryResult); - $services = array(); + $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); + $discovery_result = Auth_Yadis_Yadis::discover( $url, $fetcher ); + $endpoints = Auth_OpenID_ServiceEndpoint::fromDiscoveryResult( $discovery_result ); + $services = array(); - if (!empty($endpoints)) { - foreach ($endpoints as $endpoint) { + if ( ! empty( $endpoints ) ) { + foreach ( $endpoints as $endpoint ) { $service = array( 'Type' => array(), - 'URI' => $endpoint->server_url, + 'URI' => $endpoint->server_url, ); - foreach ($endpoint->type_uris as $type) { - $service['Type'][] = array('content' => $type); + foreach ( $endpoint->type_uris as $type ) { + $service['Type'][] = array( 'content' => $type ); - if ($type == Auth_OpenID_TYPE_2_0_IDP) { + if ( Auth_OpenID_TYPE_2_0_IDP == $type ) { $service['LocalID'] = Auth_OpenID_IDENTIFIER_SELECT; - } else if ($type == Auth_OpenID_TYPE_2_0) { + } elseif ( Auth_OpenID_TYPE_2_0 == $type ) { $service['LocalID'] = $endpoint->local_id; - } else if (in_array($type, array(Auth_OpenID_TYPE_1_0, Auth_OpenID_TYPE_1_1, Auth_OpenID_TYPE_1_2))) { + } elseif ( in_array( $type, array( Auth_OpenID_TYPE_1_0, Auth_OpenID_TYPE_1_1, Auth_OpenID_TYPE_1_2 ) ) ) { $service['openid:Delegate'] = $endpoint->local_id; } } @@ -578,9 +594,9 @@ function openid_server_get_delegation_info($userid, $url = null) { } } - if (empty($services)) { + if ( empty( $services ) ) { // resort to checking for HTML links - $response = $fetcher->get($url); + $response = $fetcher->get( $url ); if ( ! $response ) { return false; @@ -588,37 +604,43 @@ function openid_server_get_delegation_info($userid, $url = null) { $html_content = $response->body; $p = new Auth_OpenID_Parse(); - $link_attrs = $p->parseLinkAttrs($html_content); + $link_attrs = $p->parseLinkAttrs( $html_content ); // check HTML for OpenID2 - $server_url = $p->findFirstHref($link_attrs, 'openid2.provider'); - if ($server_url !== null) { - $openid_url = $p->findFirstHref($link_attrs, 'openid2.local_id'); - if ($openid_url == null) $openid_url = $url; + $server_url = $p->findFirstHref( $link_attrs, 'openid2.provider' ); + if ( null !== $server_url ) { + $openid_url = $p->findFirstHref( $link_attrs, 'openid2.local_id' ); + if ( null == $openid_url ) { + $openid_url = $url; + } $services[] = array( - 'Type' => array(array('content' => Auth_OpenID_Type_1_1)), + 'Type' => array( array( 'content' => Auth_OpenID_Type_1_1 ) ), 'URI' => $server_url, 'LocalID' => $openid_url, ); } // check HTML for OpenID1 - $server_url = $p->findFirstHref($link_attrs, 'openid.server'); - if ($server_url !== null) { - $openid_url = $p->findFirstHref($link_attrs, 'openid.delegate'); - if ($openid_url == null) $openid_url = $url; + $server_url = $p->findFirstHref( $link_attrs, 'openid.server' ); + if ( null !== $server_url ) { + $openid_url = $p->findFirstHref( $link_attrs, 'openid.delegate' ); + if ( null == $openid_url ) { + $openid_url = $url; + } $services[] = array( - 'Type' => array(array('content' => Auth_OpenID_Type_2_0)), - 'URI' => $server_url, + 'Type' => array( array( 'content' => Auth_OpenID_Type_2_0 ) ), + 'URI' => $server_url, 'openid:Delegate' => $openid_url, ); } } - if (empty($services)) return false; + if ( empty( $services ) ) { + return false; + } return array( - 'url' => $url, - 'services' => $services + 'url' => $url, + 'services' => $services, ); } diff --git a/plugins/openid/server_ext.php b/plugins/openid/server_ext.php index c494325b..b0fced72 100644 --- a/plugins/openid/server_ext.php +++ b/plugins/openid/server_ext.php @@ -5,7 +5,7 @@ require_once 'Auth/OpenID/SReg.php'; add_filter( 'openid_server_xrds_types', 'openid_server_sreg_xrds_types' ); add_action( 'openid_server_post_auth', 'openid_server_sreg_post_auth' ); -function openid_server_sreg_xrds_types($types) { +function openid_server_sreg_xrds_types( $types ) { $types[] = 'http://openid.net/extensions/sreg/1.1'; $types[] = 'http://openid.net/sreg/1.0'; return $types; @@ -60,7 +60,7 @@ function openid_server_attributes_trust_form() { echo ' <p class="trust_form_add" style="padding: 0"> <input type="checkbox" id="include_sreg" name="include_sreg" checked="checked" style="display: block; float: left; margin: 0.8em;" /> - <label for="include_sreg" style="display: block; padding: 0.5em 2em;">'.sprintf( __( 'Also grant access to see my %s.', 'openid' ), $attr_string ) . '</label> + <label for="include_sreg" style="display: block; padding: 0.5em 2em;">' . sprintf( __( 'Also grant access to see my %s.', 'openid' ), $attr_string ) . '</label> </p>'; } } @@ -158,7 +158,7 @@ function openid_server_sreg_auth_response( $response ) { * @uses apply_filters() Calls 'openid_server_sreg_*' before returning sreg values, * where '*' is the name of the sreg attribute. */ -function openid_server_sreg_from_profile($field) { +function openid_server_sreg_from_profile( $field ) { $user = wp_get_current_user(); $value = ''; |