makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[feature/oauth] More minor changes from review

Browse source 
PHPBB3-11673
This commit is contained in:
Joseph Warner 2013-09-02 16:47:40 -04:00
parent 63ba064065
commit 29e3768ecc
5 changed files with 22 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
phpBB/includes/ucp/ucp_login_link.php
View file

@ -236,8 +236,8 @@ class ucp_login_link
*/ */
protected function perform_redirect() protected function perform_redirect()
{ {
global $phpEx; global $phpbb_root_path, $phpEx;
$url = append_sid('index.' . $phpEx); $url = append_sid($phpbb_root_path . 'index.' . $phpEx);
redirect($url); redirect($url);
} }
} }

5
phpBB/includes/ucp/ucp_register.php
View file

@ -86,7 +86,7 @@ class ucp_register
// Handle login_link data added to $_hidden_fields // Handle login_link data added to $_hidden_fields
$login_link_data = $this->get_login_link_data_array(); $login_link_data = $this->get_login_link_data_array();
if ($login_link_data !== array()) if (!empty($login_link_data))
{ {
// Confirm that we have all necessary data // Confirm that we have all necessary data
$auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']); $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']);
@ -518,12 +518,13 @@ class ucp_register
$var_names = $request->variable_names(phpbb_request_interface::POST); $var_names = $request->variable_names(phpbb_request_interface::POST);
$login_link_data = array(); $login_link_data = array();
$string_start_length = strlen('login_link_');
foreach ($var_names as $var_name) foreach ($var_names as $var_name)
{ {
if (strpos($var_name, 'login_link_') === 0) if (strpos($var_name, 'login_link_') === 0)
{ {
$key_name = str_replace('login_link_', '', $var_name); $key_name = substr($var_name, $string_start_length);
$login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::POST); $login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::POST);
} }
} }

2
phpBB/phpbb/auth/auth.php
View file

@ -977,7 +977,7 @@ class phpbb_auth
// This data is passed along as GET data to the next page allow the account to be linked // This data is passed along as GET data to the next page allow the account to be linked
$params = array('mode' => 'login_link'); $params = array('mode' => 'login_link');
$url = append_sid('ucp.' . $phpEx, array_merge($params, $login['redirect_data'])); $url = append_sid($phpbb_root_path . 'ucp.' . $phpEx, array_merge($params, $login['redirect_data']));
redirect($url); redirect($url);
} }

2
phpBB/phpbb/auth/provider/oauth/oauth.php
View file

@ -545,7 +545,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base
// Get all external accounts tied to the current user // Get all external accounts tied to the current user
$data = array( $data = array(
'user_id' => $this->user->data['user_id'], 'user_id' => (int) $this->user->data['user_id'],
); );
$sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . ' $sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . '
WHERE ' . $this->db->sql_build_array('SELECT', $data); WHERE ' . $this->db->sql_build_array('SELECT', $data);

26
phpBB/phpbb/auth/provider/oauth/token_storage.php
View file

@ -82,11 +82,11 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface
} }
$data = array( $data = array(
'user_id' => $this->user->data['user_id'], 'user_id' => (int) $this->user->data['user_id'],
'provider' => $service, 'provider' => $service,
); );
if ($this->user->data['user_id'] === ANONYMOUS) if ((int) $this->user->data['user_id'] === ANONYMOUS)
{ {
$data['session_id'] = $this->user->data['session_id']; $data['session_id'] = $this->user->data['session_id'];
} }
@ -104,7 +104,7 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface
$this->cachedToken = $token; $this->cachedToken = $token;
$data = array( $data = array(
'user_id' => $this->user->data['user_id'], 'user_id' => (int) $this->user->data['user_id'],
'provider' => $service, 'provider' => $service,
'oauth_token' => $this->json_encode_token($token), 'oauth_token' => $this->json_encode_token($token),
'session_id' => $this->user->data['session_id'], 'session_id' => $this->user->data['session_id'],
@ -127,11 +127,11 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface
} }
$data = array( $data = array(
'user_id' => $this->user->data['user_id'], 'user_id' => (int) $this->user->data['user_id'],
'provider' => $service, 'provider' => $service,
); );
if ($this->user->data['user_id'] === ANONYMOUS) if ((int) $this->user->data['user_id'] === ANONYMOUS)
{ {
$data['session_id'] = $this->user->data['session_id']; $data['session_id'] = $this->user->data['session_id'];
} }
@ -149,12 +149,12 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface
$this->cachedToken = null; $this->cachedToken = null;
$sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . '
WHERE user_id = ' . $this->user->data['user_id'] . " WHERE user_id = ' . (int) $this->user->data['user_id'] . "
AND provider = '" . $this->db->sql_escape($service) . "'"; AND provider = '" . $this->db->sql_escape($service) . "'";
if ($this->user->data['user_id'] === ANONYMOUS) if ((int) $this->user->data['user_id'] === ANONYMOUS)
{ {
$sql .= " AND session_id = '" . $this->user->data['session_id'] . "'"; $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
} }
$this->db->sql_query($sql); $this->db->sql_query($sql);
@ -168,11 +168,11 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface
$this->cachedToken = null; $this->cachedToken = null;
$sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . '
WHERE user_id = ' . $this->user->data['user_id']; WHERE user_id = ' . (int) $this->user->data['user_id'];
if ($this->user->data['user_id'] === ANONYMOUS) if ((int) $this->user->data['user_id'] === ANONYMOUS)
{ {
$sql .= " AND session_id = '" . $this->user->data['session_id'] . "'"; $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
} }
$this->db->sql_query($sql); $this->db->sql_query($sql);
@ -194,8 +194,8 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface
SET ' . $this->db->sql_build_array('UPDATE', array( SET ' . $this->db->sql_build_array('UPDATE', array(
'user_id' => (int) $user_id 'user_id' => (int) $user_id
)) . ' )) . '
WHERE user_id = ' . $this->user->data['user_id'] . " WHERE user_id = ' . (int) $this->user->data['user_id'] . "
AND session_id = '" . $this->user->data['session_id'] . "'"; AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";
$this->db->sql_query($sql); $this->db->sql_query($sql);
} }