From c09bda10fcf3fc7b84908bc15d86eca86b71f232 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Mon, 29 Jul 2013 13:10:56 -0400 Subject: [PATCH] [feature/oauth] Properly check that all data needed is available PHPBB3-11673 --- phpBB/includes/ucp/ucp_login_link.php | 13 ++++++++++--- phpBB/language/en/ucp.php | 1 + phpBB/phpbb/auth/provider/oauth/oauth.php | 18 ++++++++++++++++++ 3 files changed, 29 insertions(+), 3 deletions(-) diff --git a/phpBB/includes/ucp/ucp_login_link.php b/phpBB/includes/ucp/ucp_login_link.php index 1b9b0e45cb..c99f162f1a 100644 --- a/phpBB/includes/ucp/ucp_login_link.php +++ b/phpBB/includes/ucp/ucp_login_link.php @@ -33,7 +33,9 @@ class ucp_login_link $auth_provider = $phpbb_container->get($auth_provider); // Initialize necessary variables + $login_error = null; $login_link_error = null; + $login_username = null; // Build the data array $data = $this->get_login_link_data_array(); @@ -45,10 +47,14 @@ class ucp_login_link } // Have the authentication provider check that all necessary data is available - + $result = $auth_provider->login_link_has_necessary_data($data); + if ($result !== null) + { + $login_link_error = $user->lang[$result]; + } // Perform link action if there is no error - if (!login_link_error) + if (!$login_link_error) { if ($request->is_set_post('login')) { @@ -143,7 +149,8 @@ class ucp_login_link { if (strpos($var_name, 'login_link_') === 0) { - $login_link_data[$var_name] = $request->variable($var_name, '', false, phpbb_request_interface::GET); + $key_name = str_replace('login_link_', '', $var_name); + $login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::GET); } } diff --git a/phpBB/language/en/ucp.php b/phpBB/language/en/ucp.php index 6e48e3b801..bfc27013fe 100644 --- a/phpBB/language/en/ucp.php +++ b/phpBB/language/en/ucp.php @@ -272,6 +272,7 @@ $lang = array_merge($lang, array( 'LOGIN_EXPLAIN_UCP' => 'Please login in order to access the User Control Panel.', 'LOGIN_LINK' => 'Link or Register Your External Account with phpBB', 'LOGIN_LINK_EXPLAIN' => 'You have attempted to login with an external service that is not yet connected to an account on these forums. You may now either link this account to an existing account or you may create a new account.', + 'LOGIN_LINK_MISSING_DATA' => 'Data that is necessary to link your account with an external service is not available. Please restart the login process.', 'LOGIN_LINK_NO_DATA_PROVIDED' => 'No data has been provided to this page to link an external account to a forum account. Please contact the board administrator if you continue to experience problems.', 'LOGIN_KEY' => 'Login Key', 'LOGIN_TIME' => 'Login Time', diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index a8b55fc532..eaa111d194 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -337,4 +337,22 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base return $ret; } + + /** + * {@inheritdoc} + */ + public function login_link_has_necessary_data($login_link_data) + { + if (empty($login_link_data)) + { + return 'LOGIN_LINK_NO_DATA_PROVIDED'; + } + + if (!array_key_exists('oauth_service', $login_link_data) || !$login_link_data['oauth_service']) + { + return 'LOGIN_LINK_MISSING_DATA'; + } + + return null; + } }