CLEAN: use fullUrl when possible

[phorkie.git] / www / login.php

diff --git a/www/login.php b/www/login.php
index 790a73a0acb9fee9d31d84305d2985d1fcf57310..9c1b136d8fdcdc306d1d2fecb2a652cf376d5922 100644 (file)
--- a/www/login.php
+++ b/www/login.php
@@ -1,46 +1,22 @@
 <?php
-/**
- * OpenID 
- * 
- * PHP Version 5.2.0+
- * 
- * @category  Auth
- * @package   OpenID
- * @author    Bill Shupp <hostmaster@shupp.org> 
- * @copyright 2009 Bill Shupp
- * @license   http://www.opensource.org/licenses/bsd-license.php FreeBSD
- * @link      http://github.com/shupp/openid
- */
 namespace phorkie;
-// A tool for testing Relying Party functionality
-set_include_path(
-    __DIR__ . '/../../src/'
-    . PATH_SEPARATOR . get_include_path()
-);
-
-$pageRequiresLogin = false;
+$noSecurityCheck = true;
 require_once 'www-header.php';
-require_once 'openid/config.php';
-
 
 if (isset($_REQUEST['logout'])) {
     unset($_SESSION);
     session_destroy();
-    $redirect = 'http://' . $_SERVER['HTTP_HOST'];
-    header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
-    exit;
+    header('Location: ' . Tools::fullUrl('/'));
+    exit();
 }
 
 if (!count($_GET) && !count($_POST)) {
-    render(
-        'login',
-        null
-    );
-    exit;
+    render('login');
+    exit();
 }
 
 // Hackaround Non-Javascript Login Page
-if (!count($_POST) && isset($_GET['start'])) {
+if (!count($_POST) && isset($_GET['openid_url'])) {
     $_POST = $_GET;
 }
 
@@ -52,6 +28,9 @@ if (isset($_POST['openid_url'])) {
     $openid_url = null;
 }
 
+$realm    = Tools::fullUrl('/');
+$returnTo = Tools::fullUrl('/login');
+
 try {
     $o = new \OpenID_RelyingParty($returnTo, $realm, $openid_url);
 } catch (OpenID_Exception $e) {
@@ -70,7 +49,7 @@ if (!empty($_POST['disable_associations']) || !empty($_SESSION['disable_associat
 $log = new \OpenID_Observer_Log;
 \OpenID::attach($log);
 
-if (isset($_POST['start'])) {
+if (isset($_POST['openid_url'])) {
 
     $_SESSION['openid_url'] = $openid_url;
     try {
@@ -98,7 +77,7 @@ if (isset($_POST['start'])) {
     $authRequest->addExtension($ax);
 
     $url = $authRequest->getAuthorizeURL();
-    
+
     header("Location: $url");
     exit;
     
@@ -137,7 +116,7 @@ try {
 } catch (OpenID_Exception $e) {
     $status  = "<tr><td>Status:</td><td><font color='red'>EXCEPTION!";
     $status .= " ({$e->getMessage()} : {$e->getCode()})</font></td></tr>";
-  }
+}
 
 
 $openid = $message->getArrayFormat();
@@ -170,7 +149,11 @@ $name = isset($openid['openid.sreg.fullname']) && !isset($name)
 $_SESSION['name'] = isset($name) ? $name : $_SERVER['REMOTE_ADDR'];
 $_SESSION['identity'] = $openid['openid.identity'];
 
-$redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SESSION['REQUEST_URI'];
+if (isset($_SESSION['REQUEST_URI'])) {
+    $redirect = Tools::fullUrl($_SESSION['REQUEST_URI']);
+} else {
+    $redirect = Tools::fullUrl('/');
+}
 header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
 exit;
 ?>