clones/friendica
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'develop' of https://github.com/friendica/friendica into develop

This commit is contained in:
Hypolite Petovan 2017-03-14 23:11:53 -04:00
parent 6d087aae23 e57bd5fe55
commit 2ff494d899
6 changed files with 115 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
include/auth.php
View File

@ -125,6 +125,7 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
$openid = new LightOpenID; $openid = new LightOpenID;
$openid->identity = $openid_url; $openid->identity = $openid_url;
$_SESSION['openid'] = $openid_url; $_SESSION['openid'] = $openid_url;
$_SESSION['remember'] = $_POST['remember'];
$openid->returnUrl = App::get_baseurl(true).'/openid'; $openid->returnUrl = App::get_baseurl(true).'/openid';
goaway($openid->authUrl()); goaway($openid->authUrl());
} catch (Exception $e) { } catch (Exception $e) {
@ -178,17 +179,12 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
goaway(z_root()); goaway(z_root());
} }
// If the user specified to remember the authentication, then set a cookie if (! $_POST['remember']) {
// that expires after one week (the default is when the browser is closed).
// The cookie will be renewed automatically.
// The week ensures that sessions will expire after some inactivity.
if ($_POST['remember'])
new_cookie(604800, $r[0]);
else
new_cookie(0); // 0 means delete on browser exit new_cookie(0); // 0 means delete on browser exit
}
// if we haven't failed up this point, log them in. // if we haven't failed up this point, log them in.
$_SESSION['remember'] = $_POST['remember'];
$_SESSION['last_login_date'] = datetime_convert('UTC','UTC'); $_SESSION['last_login_date'] = datetime_convert('UTC','UTC');
authenticate_success($record, true, true); authenticate_success($record, true, true);
} }
@ -203,39 +199,3 @@ function nuke_session() {
session_unset(); session_unset();
session_destroy(); session_destroy();
} }
/**
* @brief Calculate the hash that is needed for the "Friendica" cookie
*
* @param array $user Record from "user" table
*
* @return string Hashed data
*/
function cookie_hash($user) {
return(hash("sha256", get_config("system", "site_prvkey").
$user["uprvkey"].
$user["password"]));
}
/**
* @brief Set the "Friendica" cookie
*
* @param int $time
* @param array $user Record from "user" table
*/
function new_cookie($time, $user = array()) {
if ($time != 0)
$time = $time + time();
if ($user)
$value = json_encode(array("uid" => $user["uid"],
"hash" => cookie_hash($user),
"ip" => $_SERVER['REMOTE_ADDR']));
else
$value = "";
setcookie("Friendica", $value, $time, "/", "",
(get_config('system', 'ssl_policy') == SSL_POLICY_FULL), true);
}

54
include/security.php
View File

@ -1,5 +1,44 @@
<?php <?php
/**
* @brief Calculate the hash that is needed for the "Friendica" cookie
*
* @param array $user Record from "user" table
*
* @return string Hashed data
*/
function cookie_hash($user) {
return(hash("sha256", get_config("system", "site_prvkey").
$user["uprvkey"].
$user["password"]));
}
/**
* @brief Set the "Friendica" cookie
*
* @param int $time
* @param array $user Record from "user" table
*/
function new_cookie($time, $user = array()) {
if ($time != 0) {
$time = $time + time();
}
if ($user) {
$value = json_encode(array("uid" => $user["uid"],
"hash" => cookie_hash($user),
"ip" => $_SERVER['REMOTE_ADDR']));
}
else {
$value = "";
}
setcookie("Friendica", $value, $time, "/", "",
(get_config('system', 'ssl_policy') == SSL_POLICY_FULL), true);
}
function authenticate_success($user_record, $login_initial = false, $interactive = false, $login_refresh = false) { function authenticate_success($user_record, $login_initial = false, $interactive = false, $login_refresh = false) {
$a = get_app(); $a = get_app();
@ -94,6 +133,21 @@ function authenticate_success($user_record, $login_initial = false, $interactive
} }
if ($login_initial) {
// If the user specified to remember the authentication, then set a cookie
// that expires after one week (the default is when the browser is closed).
// The cookie will be renewed automatically.
// The week ensures that sessions will expire after some inactivity.
if ($_SESSION['remember']) {
logger('Injecting cookie for remembered user '. $_SESSION['remember_user']['nickname']);
new_cookie(604800, $user_record);
unset($_SESSION['remember']);
}
}
if ($login_initial) { if ($login_initial) {
call_hooks('logged_in', $a->user); call_hooks('logged_in', $a->user);

9
include/text.php
View File

@ -291,8 +291,8 @@ function paginate_data(App $a, $count = null) {
} }
$url = $stripped; $url = $stripped;
$data = array(); $data = array();
function _l(&$d, $name, $url, $text, $class = '') { function _l(&$d, $name, $url, $text, $class = '') {
if (strpos($url, '?') === false && ($pos = strpos($url, '&')) !== false) { if (strpos($url, '?') === false && ($pos = strpos($url, '&')) !== false) {
$url = substr($url, 0, $pos) . '?' . substr($url, $pos + 1); $url = substr($url, 0, $pos) . '?' . substr($url, $pos + 1);
@ -318,9 +318,10 @@ function paginate_data(App $a, $count = null) {
$numstart = 1; $numstart = 1;
$numstop = $numpages; $numstop = $numpages;
if ($numpages > 14) { // Limit the number of displayed page number buttons.
$numstart = (($pagenum > 7) ? ($pagenum - 7) : 1); if ($numpages > 8) {
$numstop = (($pagenum > ($numpages - 7)) ? $numpages : ($numstart + 14)); $numstart = (($pagenum > 4) ? ($pagenum - 4) : 1);
$numstop = (($pagenum > ($numpages - 7)) ? $numpages : ($numstart + 8));
} }
$pages = array(); $pages = array();

2
mod/openid.php
View File

@ -30,7 +30,7 @@ function openid_content(App $a) {
// mod/settings.php in 8367cad so it might have left mixed // mod/settings.php in 8367cad so it might have left mixed
// records in the user table // records in the user table
// //
$r = q("SELECT * FROM `user` $r = q("SELECT *, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` FROM `user`
WHERE ( `openid` = '%s' OR `openid` = '%s' ) WHERE ( `openid` = '%s' OR `openid` = '%s' )
AND `blocked` = 0 AND `account_expired` = 0 AND `blocked` = 0 AND `account_expired` = 0
AND `account_removed` = 0 AND `verified` = 1 AND `account_removed` = 0 AND `verified` = 1

52
view/theme/frio/css/style.css
View File

@ -2509,21 +2509,53 @@ body .tread-wrapper .hovercard:hover .hover-card-content a {
} }
/* Pagination improvements */ /* Pagination improvements */
.pagination {
text-align: center;
display: block;
}
.pagination > li > a, .pagination > li > a,
.pagination > li > span { .pagination > li > span {
color: $link_color; color: $link_color;
float: none;
} }
.pagination>.active>a, .pagination>li>a:hover,
.pagination>.active>a:focus, .pagination>li>span:hover {
.pagination>.active>a:hover, color: $link_hover_color;
.pagination>.active>span, }
.pagination>.active>span:focus, .pagination > .active > a,
.pagination>.active>span:hover { .pagination > .active > a:focus,
background-color: $link_color; .pagination > .active > a:hover,
.pagination > .active > span,
.pagination > .active > span:focus,
.pagination > .active > span:hover {
background-color: $link_color;
border-color: $link_color; border-color: $link_color;
border-radius: 3px;
} }
.disabled > a { .pagination li.pager_n a {
pointer-events: none; margin-left: 3px;
border-radius: 3px;
}
.pagination .pager_prev a {
margin-left: -5px;
margin-right: 4px;
border-top-right-radius: 3px;
border-bottom-right-radius: 3px;
}
.pagination .pager_next a {
margin-left: 4px;
margin-right: -5px;
border-top-left-radius: 3px;
border-bottom-left-radius: 3px;
}
.pager .next > a,
.pager .previous > a {
float: none;
border-radius: 3px;
}
.pagination .disabled > a,
.pager .disabled > a {
display: none;
} }
/* /*

16
view/theme/frio/templates/paginate.tpl
View File

@ -1,14 +1,16 @@
{{* Pager template, uses output of paginate_data() in include/text.php *}} {{* Pager template, uses output of paginate_data() in include/text.php *}}
{{if $pager}} {{if $pager}}
<div class="{{$pager.class}}"> <ul class="{{$pager.class}} pagination-sm">
{{if $pager.first}}<li class="pager_first {{$pager.first.class}}"><a href="{{$pager.first.url}}">{{$pager.first.text}}</a></li>{{/if}} {{if $pager.first}}<li class="pager_first {{$pager.first.class}}"><a href="{{$pager.first.url}}" title="{{$pager.first.text}}">&#8739;&lt;</a></li>{{/if}}
{{if $pager.prev}}<li class="pager_prev {{$pager.prev.class}}"><a href="{{$pager.prev.url}}">{{$pager.prev.text}}</a></li>{{/if}} {{if $pager.prev}}<li class="pager_prev {{$pager.prev.class}}"><a href="{{$pager.prev.url}}" title="{{$pager.prev.text}}">&lt;</a></li>{{/if}}
{{foreach $pager.pages as $p}}<li class="pager_{{$p.class}}"><a href="{{$p.url}}">{{$p.text}}</a></li>{{/foreach}} {{foreach $pager.pages as $p}}<li class="pager_{{$p.class}} hidden-xs hidden-sm"><a href="{{$p.url}}">{{$p.text}}</a></li>{{/foreach}}
{{if $pager.next}}<li class="pager_next {{$pager.next.class}}"><a href="{{$pager.next.url}}">{{$pager.next.text}}</a></li>{{/if}} {{if $pager.next}}<li class="pager_next {{$pager.next.class}}"><a href="{{$pager.next.url}}" title="{{$pager.next.text}}">&gt;</a></li>{{/if}}
{{if $pager.last}}&nbsp;<li class="pager_last {{$pager.last.class}}"><a href="{{$pager.last.url}}">{{$pager.last.text}}</a></li>{{/if}} {{if $pager.last}}<li class="pager_last {{$pager.last.class}}"><a href="{{$pager.last.url}}" title="{{$pager.last.text}}">&gt;&#8739;</a></li>{{/if}}
</div> </ul>
{{/if}} {{/if}}