diff options
| author | Steve Clay <steve@mrclay.org> | 2012-08-05 21:03:35 -0400 |
|---|---|---|
| committer | Steve Clay <steve@mrclay.org> | 2012-08-05 21:03:35 -0400 |
| commit | ef351d0cf8a866cb40285e71fe5ed2b980bd11ed (patch) | |
| tree | 7e5c43f03e2b2a4d13e6cee3a7e850b3ad811597 | |
| parent | 0a0203a418a082a38c5c700ea11377153fa37555 (diff) | |
| download | elgg-ef351d0cf8a866cb40285e71fe5ed2b980bd11ed.tar.gz elgg-ef351d0cf8a866cb40285e71fe5ed2b980bd11ed.tar.bz2 | |
Fixes #4764: Twitter login supports persistent and referrer forwarding
| -rw-r--r-- | actions/login.php | 4 | ||||
| -rw-r--r-- | engine/classes/ElggSession.php | 14 | ||||
| -rw-r--r-- | mod/twitter_api/lib/twitter_api.php | 44 | ||||
| -rw-r--r-- | mod/twitter_api/start.php | 9 | ||||
| -rw-r--r-- | mod/twitter_api/views/default/twitter_api/css.php | 2 | ||||
| -rw-r--r-- | mod/twitter_api/views/default/twitter_api/js.php | 16 | ||||
| -rw-r--r-- | mod/twitter_api/views/default/twitter_api/login.php | 2 |
7 files changed, 72 insertions, 19 deletions
diff --git a/actions/login.php b/actions/login.php index ea7fb3508..1e5e92ede 100644 --- a/actions/login.php +++ b/actions/login.php @@ -7,7 +7,7 @@ */ // set forward url -if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) { +if (!empty($_SESSION['last_forward_from'])) { $forward_url = $_SESSION['last_forward_from']; unset($_SESSION['last_forward_from']); } elseif (get_input('returntoreferer')) { @@ -19,7 +19,7 @@ if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) { $username = get_input('username'); $password = get_input('password', null, false); -$persistent = get_input("persistent", false); +$persistent = (bool) get_input("persistent"); $result = false; if (empty($username) || empty($password)) { diff --git a/engine/classes/ElggSession.php b/engine/classes/ElggSession.php index 13a33736c..9750f063e 100644 --- a/engine/classes/ElggSession.php +++ b/engine/classes/ElggSession.php @@ -54,7 +54,7 @@ class ElggSession implements ArrayAccess { * * @param mixed $key Name * - * @return void + * @return mixed */ function offsetGet($key) { if (!ElggSession::$__localcache) { @@ -98,7 +98,7 @@ class ElggSession implements ArrayAccess { * * @param int $offset Offset * - * @return int + * @return bool */ function offsetExists($offset) { if (isset(ElggSession::$__localcache[$offset])) { @@ -112,6 +112,8 @@ class ElggSession implements ArrayAccess { if ($this->offsetGet($offset)) { return true; } + + return false; } @@ -132,10 +134,10 @@ class ElggSession implements ArrayAccess { * @param string $key Name * @param mixed $value Value * - * @return mixed + * @return void */ function set($key, $value) { - return $this->offsetSet($key, $value); + $this->offsetSet($key, $value); } /** @@ -143,9 +145,9 @@ class ElggSession implements ArrayAccess { * * @param string $key Name * - * @return bool + * @return void */ function del($key) { - return $this->offsetUnset($key); + $this->offsetUnset($key); } } diff --git a/mod/twitter_api/lib/twitter_api.php b/mod/twitter_api/lib/twitter_api.php index fbce00d34..81c9c6628 100644 --- a/mod/twitter_api/lib/twitter_api.php +++ b/mod/twitter_api/lib/twitter_api.php @@ -29,6 +29,8 @@ function twitter_api_allow_sign_on_with_twitter() { * This includes the login URL as the callback */ function twitter_api_forward() { + global $SESSION; + // sanity check if (!twitter_api_allow_sign_on_with_twitter()) { forward(); @@ -37,6 +39,18 @@ function twitter_api_forward() { $callback = elgg_normalize_url("twitter_api/login"); $request_link = twitter_api_get_authorize_url($callback); + // capture metadata about login to persist through redirects + $login_metadata = array( + 'persistent' => (bool) get_input("persistent"), + ); + // capture referrer if in site, but not the twitter_api + if (!empty($_SERVER['HTTP_REFERER']) + && 0 === strpos($_SERVER['HTTP_REFERER'], elgg_get_site_url()) + && 0 !== strpos($_SERVER['HTTP_REFERER'], elgg_get_site_url() . 'twitter_api/')) { + $login_metadata['forward'] = $_SERVER['HTTP_REFERER']; + } + $SESSION['twitter_api_login_metadata'] = $login_metadata; + forward($request_link, 'twitter_api'); } @@ -55,6 +69,8 @@ function twitter_api_forward() { * the Twitter OAuth data. */ function twitter_api_login() { + /* @var ElggSession $SESSION */ + global $SESSION; // sanity check if (!twitter_api_allow_sign_on_with_twitter()) { @@ -62,6 +78,20 @@ function twitter_api_login() { } $token = twitter_api_get_access_token(get_input('oauth_verifier')); + + $persistent = false; + $forward = ''; + + // fetch login metadata from session + $login_metadata = $SESSION['twitter_api_login_metadata']; + unset($SESSION['twitter_api_login_metadata']); + if (!empty($login_metadata['persistent'])) { + $persistent = true; + } + if (!empty($login_metadata['forward'])) { + $forward = $login_metadata['forward']; + } + if (!isset($token['oauth_token']) or !isset($token['oauth_token_secret'])) { register_error(elgg_echo('twitter_api:login:error')); forward(); @@ -81,13 +111,13 @@ function twitter_api_login() { $users = elgg_get_entities_from_plugin_user_settings($options); if ($users) { - if (count($users) == 1 && login($users[0])) { - system_message(elgg_echo('twitter_api:login:success')); + if (count($users) == 1 && login($users[0], $persistent)) { + system_message(elgg_echo('twitter_api:login:success')); + forward($forward); } else { register_error(elgg_echo('twitter_api:login:error')); + forward(); } - - forward(elgg_get_site_url()); } else { $consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api'); $consumer_secret = elgg_get_plugin_setting('consumer_secret', 'twitter_api'); @@ -301,9 +331,11 @@ function twitter_api_get_authorize_url($callback = NULL, $login = true) { /** * Returns the access token to use in twitter calls. * - * @param unknown_type $oauth_verifier + * @param bool $oauth_verifier + * @return array */ function twitter_api_get_access_token($oauth_verifier = FALSE) { + /* @var ElggSession $SESSION */ global $SESSION; $consumer_key = elgg_get_plugin_setting('consumer_key', 'twitter_api'); @@ -312,7 +344,7 @@ function twitter_api_get_access_token($oauth_verifier = FALSE) { // retrieve stored tokens $oauth_token = $SESSION['twitter_api']['oauth_token']; $oauth_token_secret = $SESSION['twitter_api']['oauth_token_secret']; - $SESSION->offsetUnset('twitter_api'); + unset($SESSION['twitter_api']); // fetch an access token $api = new TwitterOAuth($consumer_key, $consumer_secret, $oauth_token, $oauth_token_secret); diff --git a/mod/twitter_api/start.php b/mod/twitter_api/start.php index 08bce5479..e6221de6b 100644 --- a/mod/twitter_api/start.php +++ b/mod/twitter_api/start.php @@ -20,6 +20,7 @@ function twitter_api_init() { //elgg_extend_view('metatags', 'twitter_api/metatags'); elgg_extend_view('css/elgg', 'twitter_api/css'); elgg_extend_view('css/admin', 'twitter_api/css'); + elgg_extend_view('js/elgg', 'twitter_api/js'); // sign on with twitter if (twitter_api_allow_sign_on_with_twitter()) { @@ -60,7 +61,7 @@ function twitter_api_pagehandler_deprecated($page) { * Serves pages for twitter. * * @param array $page - * @return void + * @return bool */ function twitter_api_pagehandler($page) { if (!isset($page[0])) { @@ -131,14 +132,15 @@ function twitter_api_tweet($hook, $type, $returnvalue, $params) { // send tweet $api = new TwitterOAuth($consumer_key, $consumer_secret, $access_key, $access_secret); - $response = $api->post('statuses/update', array('status' => $params['message'])); + $api->post('statuses/update', array('status' => $params['message'])); } /** * Get tweets for a user. * - * @param int $user_id The Elgg user GUID + * @param int $user_guid The Elgg user GUID * @param array $options + * @return array */ function twitter_api_fetch_tweets($user_guid, $options = array()) { // check admin settings @@ -167,6 +169,7 @@ function twitter_api_fetch_tweets($user_guid, $options = array()) { * @param string $type * @param array $return_value * @param array $params + * @return array */ function twitter_api_public_pages($hook, $type, $return_value, $params) { $return_value[] = 'twitter_api/forward'; diff --git a/mod/twitter_api/views/default/twitter_api/css.php b/mod/twitter_api/views/default/twitter_api/css.php index 04bbed668..2d081d361 100644 --- a/mod/twitter_api/views/default/twitter_api/css.php +++ b/mod/twitter_api/views/default/twitter_api/css.php @@ -4,7 +4,7 @@ */ ?> -#login_with_twitter { +.login_with_twitter { padding: 10px 0 0 0; } diff --git a/mod/twitter_api/views/default/twitter_api/js.php b/mod/twitter_api/views/default/twitter_api/js.php new file mode 100644 index 000000000..60839709d --- /dev/null +++ b/mod/twitter_api/views/default/twitter_api/js.php @@ -0,0 +1,16 @@ +<?php if (0): ?><script><? endif; ?> + +// add ?persistent to login link +elgg.register_hook_handler('init', 'system', function() { + $('form.elgg-form-login').each(function () { + var link = $('.login_with_twitter a', this).get(0), + $input = $('input[name="persistent"]', this); + function sync() { + link.href = link.href.replace(/\?.*/, '') + ($input[0].checked ? '?persistent' : ''); + } + if (link && $input.length) { + sync(); + $input.change(sync); + } + }); +}); diff --git a/mod/twitter_api/views/default/twitter_api/login.php b/mod/twitter_api/views/default/twitter_api/login.php index 17bd76d56..7b4b4ecb1 100644 --- a/mod/twitter_api/views/default/twitter_api/login.php +++ b/mod/twitter_api/views/default/twitter_api/login.php @@ -7,7 +7,7 @@ $url = elgg_get_site_url() . 'twitter_api/forward'; $img_url = elgg_get_site_url() . 'mod/twitter_api/graphics/sign-in-with-twitter-d.png'; $login = <<<__HTML -<div id="login_with_twitter"> +<div class="login_with_twitter"> <a href="$url"> <img src="$img_url" alt="Twitter" /> </a> |