diff options
| author | Christian Weiske <cweiske@cweiske.de> | 2012-09-19 19:00:35 +0200 |
|---|---|---|
| committer | Christian Weiske <cweiske@cweiske.de> | 2012-09-19 19:00:35 +0200 |
| commit | 1797cbc2b010552b54e9d070820fa9cbc9ce3af9 (patch) | |
| tree | f4ac239f23e5cdccd75e4ec514abedbd582f4333 | |
| parent | 63575a005e8e2386abb24e97791e18d61e6350fe (diff) | |
| parent | 149e039741f94f9e22bd2c8d7dcf33158a110e79 (diff) | |
| download | phorkie-1797cbc2b010552b54e9d070820fa9cbc9ce3af9.tar.gz phorkie-1797cbc2b010552b54e9d070820fa9cbc9ce3af9.zip | |
Merge branch 'master' into remotefork
48 files changed, 578 insertions, 34 deletions
@@ -1,3 +1,15 @@ +2012-09-19 Christian Weiske <cweiske@cweiske.de> + + * Implement request #12: add link rel="vcs-git" + +2012-09-18 Justin J. Novack <jnovack@gmail.com> + + * Add Markdown as a known file-type. + +2012-09-17 Justin J. Novack <jnovack@gmail.com> + + * Add OpenID authentication + 2012-09-16 Christian Weiske <cweiske@cweiske.de> * Implement request #12: DOAP documents for all pastes @@ -84,6 +84,9 @@ phorkie stands on the shoulders of giants. $ pear channel-discover zustellzentrum.cweiske.de $ pear install zz/mime_type_plaindetect-alpha + $ pear channel-discover pear.michelf.ca + $ pear install michelf/Markdown + Note that this version of GeSHi is a bit outdated, but it's the fastest way to install it. @@ -192,6 +195,11 @@ URLs List all pastes, with optional page ``/new`` Shows form for new paste +``/login`` + Login page for protecting site +``/user`` + Edit logged-in user information + Internal directory layout ========================= @@ -230,4 +238,7 @@ If you use nginx, place the following lines into your ``server`` block: rewrite ^/search$ /search.php; rewrite ^/search/([0-9]+)$ /search.php?page=$1; + + rewrite ^/login$ /login.php; + rewrite ^/user$ /user.php; } diff --git a/data/config.default.php b/data/config.default.php index 88c9ae5..abcb43e 100644 --- a/data/config.default.php +++ b/data/config.default.php @@ -12,6 +12,15 @@ $GLOBALS['phorkie']['cfg'] = array( 'geshi' => 'MediaWiki/geshi/geshi/geshi.php', 'index' => 'new'//"new" or "list" ); +$GLOBALS['phorkie']['auth'] = array( + // 0 = public, no authentication, 1 = protect adds/edits/deletes, + // 2 = require authentication + 'securityLevel' => 0, + 'listedUsersOnly' => false, + 'users' => array(), // Array of OpenIDs that may login + 'anonymousName' => 'Anonymous', // Email for non-authenticated commits + 'anonymousEmail' => 'anonymous@phorkie', // Email for non-authenticated commits +); $GLOBALS['phorkie']['tools'] = array( '\\phorkie\\Tool_Xmllint' => true, '\\phorkie\\Tool_PHPlint' => true, @@ -57,6 +66,11 @@ $GLOBALS['phorkie']['languages'] = array( 'mime' => 'application/javascript', 'geshi' => 'javascript' ), + 'md' => array( + 'title' => 'Markdown', + 'mime' => 'text/x-markdown', + 'renderer' => '\\phorkie\\Renderer_Markdown' + ), 'pl' => array( 'title' => 'Perl', 'mime' => 'application/x-perl', diff --git a/data/config.php.dist b/data/config.php.dist index 1e814bd..ced993f 100644 --- a/data/config.php.dist +++ b/data/config.php.dist @@ -5,4 +5,11 @@ //$GLOBALS['phorkie']['cfg']['git']['private'] = 'ssh://git@bogo:paste/'; //$GLOBALS['phorkie']['cfg']['elasticsearch'] = 'http://localhost:9200/phorkie/'; //$GLOBALS['phorkie']['cfg']['setupcheck'] = false; + +//$GLOBALS['phorkie']['auth']['securityLevel'] = 0; +//$GLOBALS['phorkie']['auth']['listedUsersOnly'] = false; +//$GLOBALS['phorkie']['auth']['users'] = array( +// 'https://www.google.com/accounts/o8/id?id=ABCDEFGHIJKLMNOPQRSTUVWXYZ', +// 'http://anonymous.phorkie.openid' +//); ?> diff --git a/data/templates/base.htm b/data/templates/base.htm index b9c9608..dc06566 100644 --- a/data/templates/base.htm +++ b/data/templates/base.htm @@ -4,10 +4,10 @@ <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="stylesheet" href="{{css}}"/> - <link rel="stylesheet" href="/phorkie.css" /> + <link rel="stylesheet" href="/css/phorkie.css" /> <title>{% block title %}{% endblock %} - {{title}}</title> - <script src="/jquery-1.7.2.min.js"></script> - <script src="/phorkie.js"></script> + <script src="/js/jquery-1.7.2.min.js"></script> + <script src="/js/phorkie.js"></script> {% block meta %}{% endblock %} </head> <body> @@ -27,12 +27,26 @@ </li> {% if db.adapter %} <li> - <form class="navbar-search pull-left" action="/search" method="get"> + <form class="navbar-search" action="/search" method="get"> <input type="text" class="search-query" name="q" placeholder="Search" value="{{query}}"/> </form> </li> {% endif %} </ul> + <ul class="nav pull-right"> + {% if identity %} + <li> + <a href="/user">{{name}} ({{email}})</a> + </li> + <li> + <a href="/login?logout">Logout</a> + </li> + {% else %} + <li> + <a href="/login">Login</a> + </li> + {% endif %} + </ul> </div> </div> </div> @@ -53,8 +67,8 @@ <a href="//sf.net/p/phorkie/">phorkie</a>, the self-hosted, git-based pastebin software is available under the <a href="https://sf.net/p/phorkie/"> - <acronym title="GNU Affero General Public License">AGPL</acronym></a>. + <abbr title="GNU Affero General Public License">AGPL</abbr></a>. </div> </body> -</html>
\ No newline at end of file +</html> diff --git a/data/templates/display-sidebar-history.htm b/data/templates/display-sidebar-history.htm index b3ef9df..bf38884 100644 --- a/data/templates/display-sidebar-history.htm +++ b/data/templates/display-sidebar-history.htm @@ -15,4 +15,4 @@ {% else %} <p>No commits yet</p> {% endfor %} -</ul>
\ No newline at end of file +</ul> diff --git a/data/templates/exception.htm b/data/templates/exception.htm index dc07fc5..7a96da0 100644 --- a/data/templates/exception.htm +++ b/data/templates/exception.htm @@ -1,7 +1,7 @@ <!DOCTYPE html> <html> <head> - <link rel="stylesheet" href="phorkie.css" /> + <link rel="stylesheet" href="/css/phorkie.css" /> <title>Error - phorkie</title> </head> <body> diff --git a/data/templates/forbidden.htm b/data/templates/forbidden.htm new file mode 100644 index 0000000..a39bcf7 --- /dev/null +++ b/data/templates/forbidden.htm @@ -0,0 +1,24 @@ +{% extends "base.htm" %} +{% block title %}Access Denied{% endblock %} + +{% block content %} + +<h2>Access Denied</h2> +{% if identity %} +<p> + You are logged in with the following OpenID: +</p> +<p> + <code>{{identity}}</code> +</p> +<p> + Unfortunately, your OpenID is not unlocked. + Contact the site administrator to get access. +</p> +{% else %} +<p> + We're sorry; but you have to <a href="/login">log in</a> to access this page. +</p> +{% endif %} +{% endblock %} + diff --git a/data/templates/login.htm b/data/templates/login.htm new file mode 100644 index 0000000..084b438 --- /dev/null +++ b/data/templates/login.htm @@ -0,0 +1,27 @@ +{% extends "base.htm" %} +{% block title %}Login{% endblock %} + +{% block content %} + +<link rel="stylesheet" href="css/openid.css" /> + +<form method="post" action="/login" id="openid_form"> + +<fieldset> + <legend>Sign-in</legend> + <div id="openid_choice" style="display: block; "> + <p>Please choose your account provider</p> + <div id="openid_btns"> + <a title="Google" href="/login?openid_url=https://www.google.com/accounts/o8/id" class="google openid_large_btn"></a> + <a title="Yahoo" href="/login?openid_url=http://yahoo.com/" class="yahoo openid_large_btn"></a> + </div> + <div id="openid_input_area"> + <p>or enter your OpenID URL.</p> + <input id="openid_url" type="text" name="openid_url" value="http://" /> + <input class="btn" id="openid_submit" type="submit" value="Sign in" /> + </div> + </div> +</fieldset> + +</form> +{% endblock %} diff --git a/data/templates/pager.htm b/data/templates/pager.htm index 085a281..9be2b9f 100644 --- a/data/templates/pager.htm +++ b/data/templates/pager.htm @@ -45,4 +45,4 @@ {% endif %} </ul> </div> -{% endif %}
\ No newline at end of file +{% endif %} diff --git a/data/templates/revision-head.htm b/data/templates/revision-head.htm index 132a68f..9a60b05 100644 --- a/data/templates/revision-head.htm +++ b/data/templates/revision-head.htm @@ -9,8 +9,6 @@ <p> revision <strong>{{repo.hash}}</strong> </p> - <p> - </p> </div> <div class="span2"> </div> diff --git a/data/templates/user.htm b/data/templates/user.htm new file mode 100644 index 0000000..eb032bd --- /dev/null +++ b/data/templates/user.htm @@ -0,0 +1,16 @@ +{% extends "base.htm" %} +{% block title %}User Preferences{% endblock %} + +{% block content %} + +<form method="post" action="/user" id="user_form"> +<fieldset> + <legend>User Profile</legend> + <p>Please update your git preferences.</p> + <p><label>OpenID:</label><code>{{ identity }}</code></p> + <label for='name'>Name:</label><input class="" id="name" type="text" name="name" width="35" value="{{ name }}"><br/> + <label for='email'>Email:</label><input class="" id="email" type="text" name="email" width="35" value="{{ email }}"><br/> + <input class="btn" id="submit" type="submit" value="Update"> +</fieldset> +</form> +{% endblock %} diff --git a/src/phorkie/File.php b/src/phorkie/File.php index 331f2e5..f378f60 100644 --- a/src/phorkie/File.php +++ b/src/phorkie/File.php @@ -165,4 +165,4 @@ class File } } -?>
\ No newline at end of file +?> diff --git a/src/phorkie/GitCommandBinary.php b/src/phorkie/GitCommandBinary.php index 13a31db..a005349 100644 --- a/src/phorkie/GitCommandBinary.php +++ b/src/phorkie/GitCommandBinary.php @@ -12,4 +12,4 @@ class GitCommandBinary extends \VersionControl_Git_Util_Command } } -?>
\ No newline at end of file +?> diff --git a/src/phorkie/HtmlHelper.php b/src/phorkie/HtmlHelper.php index af046cf..ea21ab5 100644 --- a/src/phorkie/HtmlHelper.php +++ b/src/phorkie/HtmlHelper.php @@ -25,4 +25,4 @@ class HtmlHelper } } -?>
\ No newline at end of file +?> diff --git a/src/phorkie/Renderer/Markdown.php b/src/phorkie/Renderer/Markdown.php new file mode 100644 index 0000000..628d87f --- /dev/null +++ b/src/phorkie/Renderer/Markdown.php @@ -0,0 +1,27 @@ +<?php +namespace phorkie; + +class Renderer_Markdown +{ + /** + * Converts the code to HTML + * + * @param File $file File to render + * @param Tool_Result $res Tool result to integrate + * + * @return string HTML + */ + public function toHtml(File $file, Tool_Result $res = null) + { + /** + */ + require_once 'markdown.php'; + $markdown = \markdown($file->getContent()); + + return '<div class="markdown">' + . $markdown + . '</div>'; + } +} + +?> diff --git a/src/phorkie/Repository.php b/src/phorkie/Repository.php index 46b2f65..43f2b23 100644 --- a/src/phorkie/Repository.php +++ b/src/phorkie/Repository.php @@ -32,6 +32,12 @@ class Repository */ public $hash; + /** + * Commit message of the last (or current) revision + * + * @var string + */ + public $message; /** @@ -56,6 +62,7 @@ class Repository $this->id = (int)$_GET['id']; $this->loadDirs(); $this->loadHash(); + $this->loadMessage(); } protected function loadDirs() @@ -97,6 +104,28 @@ class Repository $this->hash = $output; } + /** + * Populates $this->message + * + * @return void + */ + public function loadMessage() + { + $rev = (isset($this->hash)) ? $this->hash : 'HEAD'; + $output = $this->getVc()->getCommand('log') + ->setOption('oneline') + ->addArgument('-1') + ->addArgument($rev) + ->execute(); + $output = trim($output); + if (strpos($output, ' ') > 0) { + $output = substr($output, strpos($output, ' '), strlen($output)); + $this->message = trim($output); + } else { + $this->message = "This commit message intentionally left blank."; + } + } + public function loadById($id) { if (!is_numeric($id)) { diff --git a/src/phorkie/Repository/Commit.php b/src/phorkie/Repository/Commit.php index 05c988b..62f1d40 100644 --- a/src/phorkie/Repository/Commit.php +++ b/src/phorkie/Repository/Commit.php @@ -70,4 +70,4 @@ class Repository_Commit } } -?>
\ No newline at end of file +?> diff --git a/src/phorkie/Repository/Post.php b/src/phorkie/Repository/Post.php index de987e0..9119e06 100644 --- a/src/phorkie/Repository/Post.php +++ b/src/phorkie/Repository/Post.php @@ -15,7 +15,7 @@ class Repository_Post * * @return boolean True if the post was successful */ - public function process($postData) + public function process($postData, $sessionData) { if (!isset($postData['files'])) { return false; @@ -117,11 +117,23 @@ class Repository_Post } } + $commitmsg = "phorkie commit"; + + if (isset($sessionData['identity'])) { + $notes = $sessionData['identity']; + } else { + $notes = $sessionData['ipaddr']; + } + if ($bCommit) { $vc->getCommand('commit') - ->setOption('message', '') - ->setOption('allow-empty-message') - ->setOption('author', 'Anonymous <anonymous@phorkie>') + ->setOption('message', $commitmsg) + ->setOption('author', $sessionData['name'].' <'.$sessionData['email'].'>') + ->execute(); + //FIXME: git needs ref BEFORE add. ideally VersionControl_Git needs to be updated + $vc->getCommand('notes --ref=identity add') + ->setOption('force') + ->setOption('message', "$notes") ->execute(); $bChanged = true; } diff --git a/src/phorkie/Tool/Manager.php b/src/phorkie/Tool/Manager.php index 8e18199..ca93b4a 100644 --- a/src/phorkie/Tool/Manager.php +++ b/src/phorkie/Tool/Manager.php @@ -43,4 +43,4 @@ class Tool_Manager } } -?>
\ No newline at end of file +?> diff --git a/src/phorkie/Tool/Result.php b/src/phorkie/Tool/Result.php index 22ea273..94dfe5e 100644 --- a/src/phorkie/Tool/Result.php +++ b/src/phorkie/Tool/Result.php @@ -6,4 +6,4 @@ class Tool_Result public $annotations; } -?>
\ No newline at end of file +?> diff --git a/src/phorkie/Tool/Result/Line.php b/src/phorkie/Tool/Result/Line.php index a788db6..1fa8bcb 100644 --- a/src/phorkie/Tool/Result/Line.php +++ b/src/phorkie/Tool/Result/Line.php @@ -31,4 +31,4 @@ class Tool_Result_Line } } -?>
\ No newline at end of file +?> diff --git a/src/phorkie/Tools.php b/src/phorkie/Tools.php index 843b2df..e4aab63 100644 --- a/src/phorkie/Tools.php +++ b/src/phorkie/Tools.php @@ -62,4 +62,4 @@ class Tools } -?>
\ No newline at end of file +?> diff --git a/www/.htaccess b/www/.htaccess index efb03a9..03bbf60 100644 --- a/www/.htaccess +++ b/www/.htaccess @@ -21,3 +21,6 @@ RewriteRule ^list/([0-9]+)$ /list.php?page=$1 RewriteRule ^search$ /search.php RewriteRule ^search/([0-9]+)$ /search.php?page=$1 + +RewriteRule ^login$ /login.php +RewriteRule ^user$ /user.php diff --git a/www/css/openid.css b/www/css/openid.css new file mode 100644 index 0000000..296618b --- /dev/null +++ b/www/css/openid.css @@ -0,0 +1,64 @@ +body { + font-family:"Helvetica Neue", Helvetica, Arial, sans-serif; +} +#openid_form { + width: 470px; +} +#openid_form legend { + font-weight: bold; +} +#openid_choice { + display: none; +} +#openid_input_area { + clear: both; +} +#openid_btns { + height: 66px; + margin-bottom: 10px; +} +#openid_btns br { + clear: both; +} +#openid_highlight { + padding: 3px; + background-color: #FFFCC9; + float: left; +} +#openid_url { + margin: 0px !important; + width: 250px; + background: #FFF url(/images/openid-inputicon.gif) no-repeat scroll 0 50%; + padding-left:18px; +} +.openid_large_btn { + width: 100px; + height: 60px; + border: 1px solid #DDD; + margin: 3px; + float: left; +} +.openid_small_btn { + width: 24px; + height: 24px; + border: 1px solid #DDD; + margin: 3px; + float: left; +} +.google { + background: #FFF url(/images/google.gif) no-repeat center center; +} +.yahoo { + background: #FFF url(/images/yahoo.gif) no-repeat center center; +} + +a.openid_large_btn:hover { + outline: none; + border: 1px solid #030303; +} +a.openid_large_btn:focus { + -moz-outline-style: none; +} +.openid_selected { + border: 4px solid #DDD; +} diff --git a/www/phorkie.css b/www/css/phorkie.css index c8d8dce..c8d8dce 100644 --- a/www/phorkie.css +++ b/www/css/phorkie.css diff --git a/www/delete.php b/www/delete.php index 6d68ae4..43ec9d5 100644 --- a/www/delete.php +++ b/www/delete.php @@ -3,6 +3,7 @@ namespace phorkie; /** * Delete paste or ask for deletion */ +$reqWritePermissions = true; require_once 'www-header.php'; $repo = new Repository(); diff --git a/www/display.php b/www/display.php index c8df8a9..ffc9786 100644 --- a/www/display.php +++ b/www/display.php @@ -3,6 +3,7 @@ namespace phorkie; /** * Display paste contents */ +$reqWritePermissions = false; require_once 'www-header.php'; $repo = new Repository(); diff --git a/www/doap.php b/www/doap.php index db00df4..63a66e6 100644 --- a/www/doap.php +++ b/www/doap.php @@ -4,6 +4,7 @@ namespace phorkie; * Display DOAP of the paste. * Contains a machine-readable project description with Git URL. */ +$reqWritePermissions = false; require_once 'www-header.php'; $repo = new Repository(); diff --git a/www/edit.php b/www/edit.php index 562c97c..4de3d47 100644 --- a/www/edit.php +++ b/www/edit.php @@ -3,13 +3,14 @@ namespace phorkie; /** * Edit paste contents */ +$reqWritePermissions = true; require_once 'www-header.php'; $repo = new Repository(); $repo->loadFromRequest(); $repopo = new Repository_Post($repo); -if ($repopo->process($_POST)) { +if ($repopo->process($_POST, $_SESSION)) { redirect($repo->getLink('display')); } diff --git a/www/forbidden.php b/www/forbidden.php new file mode 100644 index 0000000..f55c4ba --- /dev/null +++ b/www/forbidden.php @@ -0,0 +1,15 @@ +<?php +namespace phorkie; +/** + * Show an access denied error + */ + +header('HTTP/1.0 403 Forbidden'); +render( + 'forbidden', + array( + 'identity' => isset($_SESSION['identity']) ? $_SESSION['identity'] : null + ) +); +exit(); +?> diff --git a/www/fork.php b/www/fork.php index 7997632..6c96a6a 100644 --- a/www/fork.php +++ b/www/fork.php @@ -3,6 +3,7 @@ * Fork a repository */ namespace phorkie; +$reqWritePermissions = true; require_once 'www-header.php'; if ($_SERVER['REQUEST_METHOD'] !== 'POST') { @@ -30,4 +31,4 @@ foreach (\glob($new->gitDir . '/hooks/*') as $hookfile) { //FIXME: where to put fork source link? redirect($new->getLink('display')); -?>
\ No newline at end of file +?> diff --git a/www/images/google.gif b/www/images/google.gif Binary files differnew file mode 100644 index 0000000..1b6cd07 --- /dev/null +++ b/www/images/google.gif diff --git a/www/images/openid-inputicon.gif b/www/images/openid-inputicon.gif Binary files differnew file mode 100644 index 0000000..cde836c --- /dev/null +++ b/www/images/openid-inputicon.gif diff --git a/www/images/yahoo.gif b/www/images/yahoo.gif Binary files differnew file mode 100644 index 0000000..42adbfa --- /dev/null +++ b/www/images/yahoo.gif diff --git a/www/index.php b/www/index.php index 9a05add..0ee9211 100644 --- a/www/index.php +++ b/www/index.php @@ -1,5 +1,13 @@ <?php +/** + * Jump to the index as per the configuration + */ namespace phorkie; +$reqWritePermissions = false; require_once 'www-header.php'; -require_once $GLOBALS['phorkie']['cfg']['index'].".php"; + +header( + 'Location: ' + . Tools::fullUrl('/' . $GLOBALS['phorkie']['cfg']['index']) +); ?> diff --git a/www/jquery-1.7.2.min.js b/www/js/jquery-1.7.2.min.js index 16ad06c..16ad06c 100644 --- a/www/jquery-1.7.2.min.js +++ b/www/js/jquery-1.7.2.min.js diff --git a/www/phorkie.js b/www/js/phorkie.js index 1171b1a..7078e8f 100644 --- a/www/phorkie.js +++ b/www/js/phorkie.js @@ -50,4 +50,4 @@ function toggleAdditional(elem, time) jt.children('i').toggleClass('icon-chevron-down') .toggleClass('icon-chevron-up'); jt.parents('.row-fluid').children('.additional').toggle(time); -}
\ No newline at end of file +} diff --git a/www/list.php b/www/list.php index 911f26d..750e811 100644 --- a/www/list.php +++ b/www/list.php @@ -1,8 +1,9 @@ <?php /** - * Fork a repository + * List a repository */ namespace phorkie; +$reqWritePermissions = false; require_once 'www-header.php'; $rs = new Repositories(); diff --git a/www/login.php b/www/login.php new file mode 100644 index 0000000..77e3953 --- /dev/null +++ b/www/login.php @@ -0,0 +1,161 @@ +<?php +namespace phorkie; +$noSecurityCheck = true; +require_once 'www-header.php'; + +if (isset($_REQUEST['logout'])) { + unset($_SESSION); + session_destroy(); + header('Location: ' . Tools::fullUrl('/')); + exit(); +} + +if (!count($_GET) && !count($_POST)) { + render('login'); + exit(); +} + +// Hackaround Non-Javascript Login Page +if (!count($_POST) && isset($_GET['openid_url'])) { + $_POST = $_GET; +} + +if (isset($_POST['openid_url'])) { + $openid_url = $_POST['openid_url']; +} else if (isset($_SESSION['openid_url'])) { + $openid_url = $_SESSION['openid_url']; +} else { + $openid_url = null; +} + +$realm = Tools::fullUrl('/'); +$returnTo = Tools::fullUrl('/login'); + +try { + $o = new \OpenID_RelyingParty($returnTo, $realm, $openid_url); +} catch (OpenID_Exception $e) { + throw new Exception($e->getMessage()); +} + +if (!empty($_POST['disable_associations']) || !empty($_SESSION['disable_associations'])) { + $o->disableAssociations(); + $_SESSION['disable_associations'] = true; +} + +$log = new \OpenID_Observer_Log; +\OpenID::attach($log); + +if (isset($_POST['openid_url'])) { + + $_SESSION['openid_url'] = $openid_url; + try { + $authRequest = $o->prepare(); + } catch (OpenID_Exception $e) { + throw new Exception($e->getMessage()); + } + + // SREG + $sreg = new \OpenID_Extension_SREG11(\OpenID_Extension::REQUEST); + $sreg->set('required', 'email,fullname'); + $authRequest->addExtension($sreg); + + // AX, http://stackoverflow.com/a/7657061/282601 + $ax = new \OpenID_Extension_AX(\OpenID_Extension::REQUEST); + $ax->set('type.email', 'http://axschema.org/contact/email'); + $ax->set('type.firstname', 'http://axschema.org/namePerson/first'); + $ax->set('type.lastname', 'http://axschema.org/namePerson/last'); + $ax->set('type.fullname', 'http://axschema.org/namePerson'); + $ax->set('mode', 'fetch_request'); + $ax->set('required', 'email,firstname,lastname,fullname'); + $authRequest->addExtension($ax); + + $url = $authRequest->getAuthorizeURL(); + + header("Location: $url"); + exit; + +} + +if (isset($_SESSION['openid_url'])) { + $usid = $_SESSION['openid_url']; + unset($_SESSION['openid_url']); +} else { + $usid = null; +} + +unset($_SESSION['disable_associations']); + +if (!count($_POST)) { + list(, $queryString) = explode('?', $_SERVER['REQUEST_URI']); +} else { + // I hate php sometimes + $queryString = file_get_contents('php://input'); +} + +$message = new \OpenID_Message($queryString, \OpenID_Message::FORMAT_HTTP); +$id = $message->get('openid.claimed_id'); +$mode = $message->get('openid.mode'); + +try { + $result = $o->verify(new \Net_URL2($returnTo . '?' . $queryString), $message); + + if ($result->success()) { + $status = "<tr><td>Status:</td><td><font color='green'>SUCCESS!"; + $status .= " ({$result->getAssertionMethod()})</font></td></tr>"; + } else { + $status = "<tr><td>Status:</td><td><font color='red'>FAIL!"; + $status .= " ({$result->getAssertionMethod()})</font></td></tr>"; + } +} catch (OpenID_Exception $e) { + $status = "<tr><td>Status:</td><td><font color='red'>EXCEPTION!"; + $status .= " ({$e->getMessage()} : {$e->getCode()})</font></td></tr>"; +} + + +$openid = $message->getArrayFormat(); + +$email = isset($openid['openid.ext1.value.email']) + ? $openid['openid.ext1.value.email'] + : null; +$email = isset($openid['openid.ext2.value.email']) && !isset($email) + ? $openid['openid.ext2.value.email'] + : $email; +$email = isset($openid['openid.sreg.email']) && !isset($email) + ? $openid['openid.sreg.email'] + : $email; +$email = isset($openid['openid.ax.value.email']) + && isset($openid['openid.ax.type.email']) + && $openid['openid.ax.type.email'] == 'http://axschema.org/contact/email' + && !isset($email) + ? $openid['openid.ax.value.email'] + : $email; +$_SESSION['email'] = isset($email) + ? $email + : $GLOBALS['phorkie']['auth']['anonymousEmail']; + +$name = isset($openid['openid.ext1.value.firstname']) + && isset($openid['openid.ext1.value.lastname']) + ? $openid['openid.ext1.value.firstname'] . ' ' + . $openid['openid.ext1.value.lastname'] + : null; +$name = isset($openid['openid.sreg.fullname']) && !isset($name) + ? $openid['openid.sreg.fullname'] + : $name; +$name = isset($openid['openid.ax.value.fullname']) + && isset($openid['openid.ax.type.fullname']) + && $openid['openid.ax.type.fullname'] == 'http://axschema.org/namePerson' + && !isset($name) + ? $openid['openid.ax.value.fullname'] + : $name; + +$_SESSION['name'] = isset($name) ? $name : $_SERVER['REMOTE_ADDR']; +$_SESSION['identity'] = $openid['openid.identity']; + +if (isset($_SESSION['REQUEST_URI'])) { + $redirect = Tools::fullUrl($_SESSION['REQUEST_URI']); +} else { + $redirect = Tools::fullUrl('/'); +} +header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL)); +exit; +?> diff --git a/www/new.php b/www/new.php index ef9daec..7a70891 100644 --- a/www/new.php +++ b/www/new.php @@ -10,10 +10,11 @@ namespace phorkie; * * Creates and redirects to display page */ +$reqWritePermissions = true; require_once 'www-header.php'; $repopo = new Repository_Post(); -if ($repopo->process($_POST)) { +if ($repopo->process($_POST, $_SESSION)) { redirect($repopo->repo->getLink('display')); } diff --git a/www/raw.php b/www/raw.php index 8bda11e..605462d 100644 --- a/www/raw.php +++ b/www/raw.php @@ -1,9 +1,11 @@ <?php +namespace phorkie; /** * Displays a file */ -namespace phorkie; +$reqWritePermissions = false; require_once 'www-header.php'; + $repo = new Repository(); $repo->loadFromRequest(); diff --git a/www/revision.php b/www/revision.php index 53ac458..4d4f97c 100644 --- a/www/revision.php +++ b/www/revision.php @@ -1,8 +1,9 @@ <?php namespace phorkie; /** - * Display paste contents + * Display historic paste contents */ +$reqWritePermissions = false; require_once 'www-header.php'; $repo = new Repository(); diff --git a/www/search.php b/www/search.php index cb72c6a..9c7ff6e 100644 --- a/www/search.php +++ b/www/search.php @@ -3,6 +3,7 @@ namespace phorkie; /** * Search for a search term */ +$reqWritePermissions = false; require_once 'www-header.php'; if (!isset($_GET['q']) || $_GET['q'] == '') { diff --git a/www/tool.php b/www/tool.php index d42954c..647d6a7 100644 --- a/www/tool.php +++ b/www/tool.php @@ -30,4 +30,4 @@ render( ) ); -?>
\ No newline at end of file +?> diff --git a/www/user.php b/www/user.php new file mode 100644 index 0000000..8b86a50 --- /dev/null +++ b/www/user.php @@ -0,0 +1,25 @@ +<?php +/** + * Edit user information + */ +namespace phorkie; +$reqWritePermissions = true; +require_once 'www-header.php'; + +if (isset($_POST['name'])) { + $_SESSION['name'] = substr(filter_var($_POST['name'], FILTER_SANITIZE_STRING), 0, 35); +} + +if (isset($_POST['email'])) { + $_SESSION['email'] = substr(filter_var($_POST['email'], FILTER_SANITIZE_EMAIL), 0, 35); +} + +render( + 'user', + array( + 'identity' => $_SESSION['identity'], + 'name' => $_SESSION['name'], + 'email' => $_SESSION['email'] + ) +); +?> diff --git a/www/www-header.php b/www/www-header.php index 72a2e67..9aa8732 100644 --- a/www/www-header.php +++ b/www/www-header.php @@ -1,5 +1,7 @@ <?php namespace phorkie; +session_start(); + set_include_path( __DIR__ . '/../src/' . PATH_SEPARATOR . get_include_path() @@ -46,6 +48,16 @@ if (file_exists(__DIR__ . '/../data/config.php')) { if ($GLOBALS['phorkie']['cfg']['setupcheck']) { SetupCheck::run(); } + +// Set/Get git commit session variables +$_SESSION['ipaddr'] = $_SERVER['REMOTE_ADDR']; +if (!isset($_SESSION['name'])) { + $_SESSION['name'] = $GLOBALS['phorkie']['auth']['anonymousName']; +} +if (!isset($_SESSION['email'])) { + $_SESSION['email'] = $GLOBALS['phorkie']['auth']['anonymousEmail']; +} + \Twig_Autoloader::register(); $loader = new \Twig_Loader_Filesystem($GLOBALS['phorkie']['cfg']['tpl']); @@ -58,11 +70,20 @@ $twig = new \Twig_Environment( ); //$twig->addExtension(new \Twig_Extension_Debug()); -function render($tplname, $vars) +if (!isset($noSecurityCheck) || $noSecurityCheck !== true) { + require __DIR__ . '/www-security.php'; +} + +function render($tplname, $vars = array()) { $vars['css'] = $GLOBALS['phorkie']['cfg']['css']; $vars['title'] = $GLOBALS['phorkie']['cfg']['title']; $vars['topbar'] = $GLOBALS['phorkie']['cfg']['topbar']; + if (isset($_SESSION['identity'])) { + $vars['identity'] = $_SESSION['identity']; + $vars['name'] = $_SESSION['name']; + $vars['email'] = $_SESSION['email']; + } $vars['db'] = new Database(); $template = $GLOBALS['twig']->loadTemplate($tplname . '.htm'); @@ -73,4 +94,4 @@ function redirect($target) header('Location: ' . $target); exit(); } -?>
\ No newline at end of file +?> diff --git a/www/www-security.php b/www/www-security.php new file mode 100644 index 0000000..5051b0f --- /dev/null +++ b/www/www-security.php @@ -0,0 +1,45 @@ +<?php +namespace phorkie; +/** + * security levels + login requirement: + */ + +if (!isset($GLOBALS['phorkie']['auth']['securityLevel'])) { + //not set? highest level of security + $GLOBALS['phorkie']['auth']['securityLevel'] = 2; +} + +if ($GLOBALS['phorkie']['auth']['securityLevel'] == 0) { + //everyone may do everything + return; +} + +$logged_in = false; +if (!isset($_SESSION['identity'])) { + //not logged in +} else if ($GLOBALS['phorkie']['auth']['listedUsersOnly']) { + if (in_array($_SESSION['identity'], $GLOBALS['phorkie']['auth']['users'])) { + $logged_in = true; + } +} else { + //session identity exists, no special checks required + $logged_in = true; +} + +if ($logged_in) { + //you may do everything if you're logged in + return; +} + +if (!isset($reqWritePermissions)) { + $reqWritePermissions = true; +} +if ($GLOBALS['phorkie']['auth']['securityLevel'] == 1 + && !$reqWritePermissions +) { + return; +} + +$_SESSION['REQUEST_URI'] = $_SERVER['REQUEST_URI']; +require 'forbidden.php'; +?> |
