From 2dc598ed5b20f656a78f8ee365427c0f37ef78bb Mon Sep 17 00:00:00 2001
From: Hypolite Petovan <mrpetovan@gmail.com>
Date: Sun, 17 Dec 2017 11:40:59 -0500
Subject: [PATCH] Move login() to Login module

- Move nuke_session to include/security
- Remove mod/login
---
 boot.php             | 78 +-------------------------------------------
 include/auth.php     |  9 -----
 include/security.php | 10 ++++++
 mod/admin.php        |  3 +-
 mod/api.php          |  5 +--
 mod/bookmarklet.php  |  3 +-
 mod/dfrn_request.php |  6 ++--
 mod/home.php         |  3 +-
 mod/login.php        | 20 ------------
 mod/network.php      |  4 +--
 mod/notify.php       |  3 +-
 mod/oexchange.php    |  3 +-
 mod/profile.php      |  3 +-
 mod/regmod.php       |  5 ++-
 14 files changed, 33 insertions(+), 122 deletions(-)
 delete mode 100644 mod/login.php

diff --git a/boot.php b/boot.php
index 199ca05551..d786295587 100644
--- a/boot.php
+++ b/boot.php
@@ -29,6 +29,7 @@ use Friendica\Core\Worker;
 use Friendica\Database\DBM;
 use Friendica\Model\Contact;
 use Friendica\Database\DBStructure;
+use Friendica\Module\Login;
 
 require_once 'include/network.php';
 require_once 'include/plugin.php';
@@ -835,83 +836,6 @@ function get_guid($size = 16, $prefix = "")
 	}
 }
 
-/**
- * @brief Wrapper for adding a login box.
- *
- * @param bool $register If $register == true provide a registration link.
- *						 This will most always depend on the value of $a->config['register_policy'].
- * @param bool $hiddens  optional
- *
- * @return string Returns the complete html for inserting into the page
- *
- * @hooks 'login_hook'
- *	string $o
- */
-function login($register = false, $hiddens = false)
-{
-	$a = get_app();
-	$o = "";
-	$reg = false;
-	if ($register) {
-		$reg = array(
-			'title' => t('Create a New Account'),
-			'desc' => t('Register')
-		);
-	}
-
-	$noid = Config::get('system', 'no_openid');
-
-	$dest_url = $a->query_string;
-
-	if (local_user()) {
-		$tpl = get_markup_template("logout.tpl");
-	} else {
-		$a->page['htmlhead'] .= replace_macros(
-			get_markup_template("login_head.tpl"),
-			array(
-			'$baseurl' => $a->get_baseurl(true)
-			)
-		);
-
-		$tpl = get_markup_template("login.tpl");
-		$_SESSION['return_url'] = $a->query_string;
-		$a->module = 'login';
-	}
-
-	$o .= replace_macros(
-		$tpl,
-		array(
-		'$dest_url'     => $dest_url,
-		'$logout'       => t('Logout'),
-		'$login'        => t('Login'),
-
-		'$lname'        => array('username', t('Nickname or Email: ') , '', ''),
-		'$lpassword'    => array('password', t('Password: '), '', ''),
-		'$lremember'    => array('remember', t('Remember me'), 0,  ''),
-
-		'$openid'       => !$noid,
-		'$lopenid'      => array('openid_url', t('Or login using OpenID: '),'',''),
-
-		'$hiddens'      => $hiddens,
-
-		'$register'     => $reg,
-
-		'$lostpass'     => t('Forgot your password?'),
-		'$lostlink'     => t('Password Reset'),
-
-		'$tostitle'     => t('Website Terms of Service'),
-		'$toslink'      => t('terms of service'),
-
-		'$privacytitle' => t('Website Privacy Policy'),
-		'$privacylink'  => t('privacy policy'),
-		)
-	);
-
-	call_hooks('login_hook', $o);
-
-	return $o;
-}
-
 /**
  * @brief Used to end the current process, after saving session state.
  */
diff --git a/include/auth.php b/include/auth.php
index a02c18d1db..7f1b1016e1 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -198,12 +198,3 @@ if (isset($_SESSION) && x($_SESSION, 'authenticated') && (!x($_POST, 'auth-param
 	}
 }
 
-/**
- * @brief Kills the "Friendica" cookie and all session data
- */
-function nuke_session()
-{
-	new_cookie(-3600); // make sure cookie is deleted on browser close, as a security measure
-	session_unset();
-	session_destroy();
-}
diff --git a/include/security.php b/include/security.php
index 1a5629f935..c443586c25 100644
--- a/include/security.php
+++ b/include/security.php
@@ -425,3 +425,13 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f
 		killme();
 	}
 }
+
+/**
+ * @brief Kills the "Friendica" cookie and all session data
+ */
+function nuke_session()
+{
+	new_cookie(-3600); // make sure cookie is deleted on browser close, as a security measure
+	session_unset();
+	session_destroy();
+}
diff --git a/mod/admin.php b/mod/admin.php
index 9408aa31c6..142c2e0625 100644
--- a/mod/admin.php
+++ b/mod/admin.php
@@ -13,6 +13,7 @@ use Friendica\Database\DBM;
 use Friendica\Database\DBStructure;
 use Friendica\Model\Contact;
 use Friendica\Model\User;
+use Friendica\Module\Login;
 
 require_once 'include/enotify.php';
 require_once 'include/text.php';
@@ -153,7 +154,7 @@ function admin_post(App $a)
 function admin_content(App $a)
 {
 	if (!is_site_admin()) {
-		return login(false);
+		return Login::form();
 	}
 
 	if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
diff --git a/mod/api.php b/mod/api.php
index fdd9790c09..69d7311a0b 100644
--- a/mod/api.php
+++ b/mod/api.php
@@ -3,6 +3,7 @@
 use Friendica\App;
 use Friendica\Core\Config;
 use Friendica\Database\DBM;
+use Friendica\Module\Login;
 
 require_once('include/api.php');
 
@@ -87,8 +88,8 @@ function api_content(App $a)
 
 		if (!local_user()) {
 			/// @TODO We need login form to redirect to this page
-			notice( t('Please login to continue.') . EOL );
-			return login(false,$request->get_parameters());
+			notice(t('Please login to continue.') . EOL);
+			return Login::form($a->query_string, false, $request->get_parameters());
 		}
 		//FKOAuth1::loginUser(4);
 
diff --git a/mod/bookmarklet.php b/mod/bookmarklet.php
index e781536075..4696ed6580 100644
--- a/mod/bookmarklet.php
+++ b/mod/bookmarklet.php
@@ -2,6 +2,7 @@
 
 use Friendica\App;
 use Friendica\Core\System;
+use Friendica\Module\Login;
 
 require_once('include/conversation.php');
 require_once('include/items.php');
@@ -14,8 +15,8 @@ function bookmarklet_init(App $a)
 function bookmarklet_content(App $a)
 {
 	if (!local_user()) {
-		$o .= login(($a->config['register_policy'] == REGISTER_CLOSED) ? false : true);
 		$o = '<h2>' . t('Login') . '</h2>';
+		$o .= Login::form($a->query_string, $a->config['register_policy'] == REGISTER_CLOSED ? false : true);
 		return $o;
 	}
 
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php
index 6a4b6c4043..0bbc794bd5 100644
--- a/mod/dfrn_request.php
+++ b/mod/dfrn_request.php
@@ -19,6 +19,7 @@ use Friendica\Database\DBM;
 use Friendica\Model\Contact;
 use Friendica\Model\Group;
 use Friendica\Model\User;
+use Friendica\Module\Login;
 use Friendica\Network\Probe;
 
 require_once 'include/enotify.php';
@@ -481,15 +482,14 @@ function dfrn_request_content(App $a)
 		if (!local_user()) {
 			info(t("Please login to confirm introduction.") . EOL);
 			/* setup the return URL to come back to this page if they use openid */
-			$_SESSION['return_url'] = $a->query_string;
-			return login();
+			return Login::form();
 		}
 
 		// Edge case, but can easily happen in the wild. This person is authenticated,
 		// but not as the person who needs to deal with this request.
 		if ($a->user['nickname'] != $a->argv[1]) {
-			return login();
 			notice(t("Incorrect identity currently logged in. Please login to <strong>this</strong> profile.") . EOL);
+			return Login::form();
 		}
 
 		$dfrn_url = notags(trim(hex2bin($_GET['dfrn_url'])));
diff --git a/mod/home.php b/mod/home.php
index 985c408b5c..5f8d6a64ff 100644
--- a/mod/home.php
+++ b/mod/home.php
@@ -3,6 +3,7 @@
 use Friendica\App;
 use Friendica\Core\Config;
 use Friendica\Core\System;
+use Friendica\Module\Login;
 
 if(! function_exists('home_init')) {
 function home_init(App $a) {
@@ -43,8 +44,8 @@ function home_content(App $a) {
 		$o .= '<h1>'.((x($a->config,'sitename')) ? sprintf(t("Welcome to %s"), $a->config['sitename']) : "").'</h1>';
 	}
 
+	$o .= Login::form($a->query_string, $a->config['register_policy'] == REGISTER_CLOSED ? 0 : 1);
 
-	$o .= login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
 
 	call_hooks("home_content",$o);
 
diff --git a/mod/login.php b/mod/login.php
deleted file mode 100644
index f30353e828..0000000000
--- a/mod/login.php
+++ /dev/null
@@ -1,20 +0,0 @@
-<?php
-
-use Friendica\App;
-use Friendica\Core\System;
-
-function login_content(App $a) {
-	if (x($_SESSION, 'theme')) {
-		unset($_SESSION['theme']);
-	}
-
-	if (x($_SESSION, 'mobile-theme')) {
-		unset($_SESSION['mobile-theme']);
-	}
-
-	if (local_user()) {
-		goaway(System::baseUrl());
-	}
-
-	return login(($a->config['register_policy'] == REGISTER_CLOSED) ? false : true);
-}
diff --git a/mod/network.php b/mod/network.php
index 552625c2af..1933c3d1e6 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -11,6 +11,7 @@ use Friendica\Core\PConfig;
 use Friendica\Database\DBM;
 use Friendica\Model\Contact;
 use Friendica\Model\Group;
+use Friendica\Module\Login;
 
 require_once 'include/conversation.php';
 require_once 'include/contact_widgets.php';
@@ -380,8 +381,7 @@ function networkConversation($a, $items, $mode, $update) {
 
 function network_content(App $a, $update = 0) {
 	if (!local_user()) {
-		$_SESSION['return_url'] = $a->query_string;
-		return login(false);
+		return Login::form();
 	}
 
 	/// @TODO Is this really necessary? $a is already available to hooks
diff --git a/mod/notify.php b/mod/notify.php
index fae7ebb39b..913f83f9be 100644
--- a/mod/notify.php
+++ b/mod/notify.php
@@ -4,6 +4,7 @@ use Friendica\App;
 use Friendica\Core\NotificationsManager;
 use Friendica\Core\System;
 use Friendica\Database\DBM;
+use Friendica\Module\Login;
 
 function notify_init(App $a) {
 	if (! local_user()) {
@@ -45,7 +46,7 @@ function notify_init(App $a) {
 
 function notify_content(App $a) {
 	if (! local_user()) {
-		return login();
+		return Login::form();
 	}
 
 	$nm = new NotificationsManager();
diff --git a/mod/oexchange.php b/mod/oexchange.php
index 88edc9d60c..37dc76545f 100644
--- a/mod/oexchange.php
+++ b/mod/oexchange.php
@@ -2,6 +2,7 @@
 
 use Friendica\App;
 use Friendica\Core\System;
+use Friendica\Module\Login;
 
 function oexchange_init(App $a) {
 
@@ -17,7 +18,7 @@ function oexchange_init(App $a) {
 function oexchange_content(App $a) {
 
 	if (! local_user()) {
-		$o = login(false);
+		$o = Login::form();
 		return $o;
 	}
 
diff --git a/mod/profile.php b/mod/profile.php
index fe2475c7af..9d4bd57c89 100644
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -6,6 +6,7 @@ use Friendica\Core\PConfig;
 use Friendica\Core\System;
 use Friendica\Database\DBM;
 use Friendica\Model\Group;
+use Friendica\Module\Login;
 
 require_once('include/contact_widgets.php');
 require_once('include/redir.php');
@@ -102,7 +103,7 @@ function profile_content(App $a, $update = 0) {
 	$hashtags = (x($_GET, 'tag') ? $_GET['tag'] : '');
 
 	if (Config::get('system','block_public') && (! local_user()) && (! remote_user())) {
-		return login();
+		return Login::form();
 	}
 
 	require_once("include/bbcode.php");
diff --git a/mod/regmod.php b/mod/regmod.php
index d4908b210f..8f08067e21 100644
--- a/mod/regmod.php
+++ b/mod/regmod.php
@@ -6,6 +6,7 @@ use Friendica\Core\System;
 use Friendica\Core\Worker;
 use Friendica\Database\DBM;
 use Friendica\Model\User;
+use Friendica\Module\Login;
 
 require_once 'include/enotify.php';
 
@@ -94,11 +95,9 @@ function regmod_content(App $a)
 {
 	global $lang;
 
-	$_SESSION['return_url'] = $a->cmd;
-
 	if (!local_user()) {
 		info(t('Please login.') . EOL);
-		$o .= '<br /><br />' . login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
+		$o .= '<br /><br />' . Login::form($a->query_string, $a->config['register_policy'] == REGISTER_CLOSED ? 0 : 1);
 		return $o;
 	}