Navigation

← Previous Changeset
Next Changeset →

Changeset 32

Timestamp:

04/04/07 16:56:17 (2 years ago)

Author:

pdingle

Message:

Stable & tested - infocard_audit moved to wp_infocard_audit, ppid/modulus moved to own table. Partial move of functions to plugin-specific & library-common directories.

Files:

trunk/wp-infocard/login/class.infocard-login.php (modified) (1 diff)
trunk/wp-infocard/processing/class.infocard-processing.php (modified) (5 diffs)
trunk/wp-infocard/processing/infocard-post.php (modified) (3 diffs)
trunk/wp-infocard/pw-config.php (modified) (1 diff)
trunk/wp-infocard/wp/userdata.pw.php (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/wp-infocard/login/class.infocard-login.php

r29	r32
123	123	// could put a fancy detection for SSL here
124	124
125		print ~~get_settings('securesiteurl')~~
126		. "/~~wp-content/plugins/wp-infocard/~~processing/infocard-post.php";
	125	print PW_SECUREPLUGINURL
	126	. "/processing/infocard-post.php";
127	127	}
128	128

trunk/wp-infocard/processing/class.infocard-processing.php

r30	r32
11	11	// This class hacks up Kim's original code into task-related chunks of code, and
12	12	// names each function appropriately to the task.
13
14		~~function evaluateIncomingRequest( $email='', $modulusHash='', $ppid=''){~~
15		~~// Input: email, modulus from incoming request~~
16		~~// Output: An array of user information. With the~~
17		~~// following indices:~~
18		~~// array['status'] - contains 1 of these statuses:~~
19		~~// 1. valid-user - supplied email address exists~~
20		~~// and belongs to same user as supplied modulus~~
21		~~// 2. new-user - email address & modulus are new~~
22		~~// 3. new-card - email address exists but modulus~~
23		~~// is new~~
24		~~// 4. new-email - modulus exists but email is new~~
25		~~// 5. an error code~~
26		//
27		~~// array['id'] - contains the user id number~~
28		~~// (or 0 if the status is anything other~~
29		~~// than valid-user~~
30
31		~~global $wpdb;~~
32		~~$incominguser['id'] = 0;~~
33		~~$incominguser['status'] = 'UNKNOWNERROR';~~
34		~~$identity_user_id = 0;~~
35
36		~~InfocardUtils::printDebug( '<br/>Evaluating Incoming Request:<br/>');~~
37
38		~~if (!is_email($email)) {~~
39		~~$incominguser['status'] = "INVALIDEMAIL";~~
40		~~return $incominguser;~~
41		}
42
43		~~//$sql = "SELECT user_id FROM wp_usermeta WHERE meta_key LIKE 'identity' AND meta_value LIKE '$modulusHash'";~~
44		~~//$sql = "SELECT a.user_id, a.meta_value as identity, "~~
45		~~//. "b.meta_value as ppid FROM wp_usermeta a, "~~
46		~~//. "wp_usermeta b WHERE a.meta_key = 'identity' "~~
47		~~//. "AND b.meta_key = 'ppid' AND a.meta_value LIKE '"~~
48		~~//. $modulusHash . "' AND b.meta_value LIKE '"~~
49		~~//. $ppid . "' AND a.user_id = b.user_id";~~
50
51		~~$query = "SELECT * FROM `wp_infocard_identities` WHERE modulusHash = '$modulusHash' "~~
52		~~. "AND ppid = '$ppid'";~~
53		~~$identity_info = $wpdb->get_results( $query, OBJECT );~~
54		~~if (count($identity_info) == 1)~~
55		~~$identity_user_id = $identity_info[0]->accountid;~~
56
57		~~pw_utils::printDebug('Identity_user_id: ' . $identity_user_id );~~
58
59		~~$mail_user_id = 0;~~
60		~~$sql = "SELECT COUNT(id) from wp_users WHERE user_email LIKE '$email'";~~
61		~~//$sql = "select count(id) from wp_users where user_email like 'pamela@nulli.com'";~~
62		~~$total_email = $wpdb->get_var( $sql );~~
63		~~if ($total_email == 1) {~~
64		~~$index = 0;~~
65		~~$sql = "SELECT * FROM wp_users WHERE user_email LIKE '$email'";~~
66		~~$incominguser['user_row'] = $wpdb->get_row( $sql, ARRAY_A, $index );~~
67		~~$mail_user_id = $incominguser['user_row']['ID'];~~
68
69		~~} elseif ($total_email > 1) {~~
70		~~// More than one record returned for an email address~~
71		~~$incominguser['status'] = "EMAILNOTUNIQUE";~~
72		~~return $incominguser;~~
73		}
74
75		~~InfocardUtils::printDebug( "<br/>Action: evaluateIncomingRequest<br/>"~~
76		~~. "  Modulus owned by id: $identity_user_id <br/>"~~
77		~~. "  Email owned by id: $mail_user_id <br/>"~~
78		);
79
80
81		~~if ($mail_user_id == $identity_user_id){~~
82		~~if ($mail_user_id != 0){~~
83		~~$incominguser['id'] = $mail_user_id;~~
84		~~$incominguser['status'] = 'valid-user';~~
85		~~} else {~~
86		~~$incominguser['status'] = 'new-user';~~
87		}
88		}
89		~~else {~~
90		~~// modulus & email don't match - status could be:~~
91		~~// new-user, new-card, or a mismatched claim error~~
92
93		~~if (!$mail_user_id){~~
94		~~// modulus found but not email - must be changing email~~
95
96		~~$incominguser['id'] = $identity_user_id;~~
97		~~$incominguser['status'] = 'new-email';~~
98		}
99
100		~~if (!$identity_user_id){~~
101		~~// email is found but not modulus - must be user changing cards~~
102		~~$incominguser['id'] = $mail_user_id;~~
103		~~$incominguser['status'] = 'new-card';~~
104		}
105
106		~~if ($mail_user_id && $identity_user_id){~~
107		~~// Each of the elements belongs to a different person.~~
108		~~// Could be an attempt to impersonate~~
109
110		~~$incominguser['status'] = "CLAIMSMISMATCHED";~~
111		~~return $incominguser;~~
112		}
113		}
114
115		~~return $incominguser;~~
116		~~} // end of function evaluateIncomingRequest~~
117	13
118	14
…	…
142	38	} // end of function sendAccountValidation
143	39
	40
144	41	function updateUserData( $ID, $user_login, $user_pass, $user_email, $user_nicename, $user_url, $display_name, $first_name, $last_name, $nickname, $user_ppid )
145	42	{
…	…
153	50	global $wpdb;
154	51
155		$sql = "SELECT a.user_login, b.meta_value as identity, "
156		. "c.meta_value as ppid FROM "
157		. "wp_users a, wp_usermeta b, wp_usermeta c "
158		. "WHERE a.ID = $ID AND b.user_id = a.ID AND "
159		. "b.meta_key = 'identity' AND c.meta_key = 'ppid'";
	52	$sql = "SELECT user_login FROM wp_users WHERE ID = $ID";
160	53	$extra_data = $wpdb->get_row( $sql, ARRAY_A, '0');
161	54
162		~~InfocardUtils::checkDBReturn( $extra_data ) ;~~
163	55
164	56	if (PW_DEBUG_ON)
…	…
200	92
201	93	// Take care of the items that wp_update_user doesn't handle
202		pw_userdata::updateIdentityData($ID, $user_pass, $user_ppid);
	94	$error = pw_userdata::updateIdentityData($ID, $user_pass, $user_ppid);
203	95
204		~~if ( pw_utils::dataCompare($extra_data['identity'], $user_pass, 'Identity') == FALSE )~~
205		{
206		~~InfocardUtils::printDebug ( ' Updating Card Identifier<br/>' );~~
207		~~update_usermeta( $ID, 'identity', $user_pass);~~
208		}
209
210		~~if ( pw_utils::dataCompare($extra_data['ppid'], $user_ppid, 'PPID') == FALSE )~~
211		{
212		~~InfocardUtils::printDebug ( ' Updating PPID<br/>' );~~
213		~~update_usermeta( $ID, 'ppid', $user_ppid);~~
214		}
215	96
216	97	if ( pw_utils::dataCompare($extra_data['user_login'], $user_login, 'LoginID') == FALSE )
…	…
223	104	$update_result = $wpdb->query( $sql );
224	105
225		~~InfocardUtils::checkDBReturn( $update_result );~~
226	106	InfocardUtils::printDebug( 'Updated LoginID<br/>');
227	107	}

trunk/wp-infocard/processing/infocard-post.php

r30	r32
10	10	include_once( dirname(__FILE__) . "/../pw-config.php");
11	11	include_once( dirname(__FILE__) . "/../" . PW_PLUGIN . "/admin.pw.php");
	12	include_once( dirname(__FILE__) . "/../" . PW_PLUGIN . "/userdata.pw.php");
12	13	include_once( dirname(__FILE__) . "/../" . PW_PLUGIN . "/audit.pw.php");
	14
13	15	if (version_compare($wp_version, '2.1', '>='))
14	16	{
…	…
91	93	$pass2rounds = MD5($modulusHash);
92	94
93		$incominguser = InfocardProcessing::evaluateIncomingRequest($user_email, $modulusHash, $user_ppid);
94		InfocardUtils::printDebug( '<br/>User status: ' . $incominguser['status'] . '<br/>');
	95	$incominguser = pw_userdata::evaluateIncomingRequest( $user_email, $modulusHash, $user_ppid );
95	96
96	97	$accountValidationRequired=TRUE;
…	…
205	206
206	207	InfocardProcessing::updateUserData( $user_ID, $user_email, $modulusHash, $user_email, $user_nicename, $user_url, $user_nicename, $user_firstname, $user_lastname, $user_nicename, $user_ppid );
	208	$error = pw_userdata::updateIdentityData( $user_ID, $modulusHash, $user_ppid );
207	209
208	210

trunk/wp-infocard/pw-config.php

r31	r32
12	12	define ('PW_IMGURL', get_settings('siteurl') . '/wp-content/plugins/wp-infocard/images');
13	13	define ('PW_PLUGINURL', get_settings('siteurl') . '/' . PW_PLUGINPATH );
14		define ('PW_SECUREPLUGINURL', get_settings('securesiteurl') . '/' . PW_PLUGINPATH );
	14	define ('PW_SECUREPLUGINURL', get_settings('pw_securesiteurl') . '/' . PW_PLUGINPATH );
15	15	define ('PW_SITEMESGURL', PW_PLUGINURL . '/site-messages/infocard-usermessage.php');
16	16	?>

trunk/wp-infocard/wp/userdata.pw.php

r31	r32
4	4	include_once( dirname(__FILE__) . '/utils.pw.php');
5	5	//require_once( ABSPATH . WPINC . '/registration-functions.php');
	6
6	7	/*
7	8
…	…
11	12
12	13	*/
13
14	14	class pw_userdata
15	15	{
	16
	17	// Function: evaluateIncomingRequest
	18	// Description: decides what kind of user is connecting.
	19	// Input: email, modulus, ppid from incoming request
	20	// Output: An array of user information. With the
	21	// following indices:
	22	// array['status'] - contains 1 of these statuses:
	23	// 1. valid-user - supplied email address exists
	24	// and belongs to same user as supplied modulus/ppid
	25	// 2. new-user - email address & modulus/ppid are new
	26	// 3. new-card - email address exists but modulus is new
	27	// 4. new-email - modulus/ppid exists but email is new
	28	// 5. an error code
	29	//
	30	// array['id'] - contains the user id number (or 0 if the status
	31	// is anything other than valid-user
	32	// Side-effects: none
	33
	34	function evaluateIncomingRequest( $email='', $modulusHash='', $ppid='')
	35	{
	36	global $wpdb;
	37	$incominguser['id'] = 0;
	38	$incominguser['status'] = 'UNKNOWNERROR';
	39	$identity_user_id = 0;
	40
	41	InfocardUtils::printDebug( '<br/>Evaluating Incoming Request:<br/>');
	42
	43	if (!is_email($email)) {
	44	$incominguser['status'] = "INVALIDEMAIL";
	45	return $incominguser;
	46	}
	47
	48	$query = "SELECT * FROM `wp_infocard_identities` WHERE modulusHash = "
	49	. "'$modulusHash' AND ppid = '$ppid'";
	50	$identity_info = $wpdb->get_results( $query, OBJECT );
	51
	52	switch (count($identity_info))
	53	{
	54	case 1:
	55	// could be valid-user, or new-email
	56	$identity_user_id = $identity_info[0]->accountid;
	57	break;
	58
	59	case 0:
	60	// could be new-card or new-user
	61	$identity_user_id = 0;
	62	break;
	63
	64	default:
	65	$incominguser['status'] = "CARDNOTUNIQUE";
	66	return $incominguser;
	67
	68	}
	69
	70
	71	pw_utils::printDebug('  Identity_user_id: ' . $identity_user_id . "<br/>" );
	72
	73
	74	$query = "SELECT * from wp_users WHERE user_email LIKE '$email'";
	75	$user_info = $wpdb->get_results( $query, ARRAY_A );
	76
	77	switch (count($user_info))
	78	{
	79	case 1:
	80	$mail_user_id = $user_info[0][ID];
	81	$incominguser['user_row'] = $user_info[0];
	82
	83	if ($identity_user_id == $mail_user_id)
	84	{
	85	$incominguser['id'] = $mail_user_id;
	86	$incominguser['status'] = 'valid-user';
	87	}
	88	elseif ($identity_user_id == 0)
	89	{
	90	$incominguser['id'] = $mail_user_id;
	91	$incominguser['status'] = 'new-card';
	92
	93	}
	94	else
	95	{
	96	$incominguser['status'] = "CLAIMSMISMATCHED";
	97	return $incominguser;
	98	}
	99	break;
	100
	101	case 0:
	102	$mail_user_id = 0;
	103	if ($identity_user_id == 0)
	104	{
	105	// no user entry or identity entry
	106	$incominguser['status'] = 'new-user';
	107	}
	108	else
	109	{
	110	//identity entry but no mail entry
	111	$incominguser['id'] = $identity_user_id;
	112	$incominguser['status'] = 'new-email';
	113	}
	114	break;
	115	default:
	116
	117	// More than one record returned for an email address
	118	$incominguser['status'] = "EMAILNOTUNIQUE";
	119	return $incominguser;
	120	}
	121
	122	InfocardUtils::printDebug( "  Email_user_id: $mail_user_id <br/>" );
	123	InfocardUtils::printDebug( "  Status: " . $incominguser['status'] . "<br/>" );
	124
	125	return $incominguser;
	126	} // end function evaluateIncomingRequest
	127
16	128
17	129	// Function: updateIdentityData
…	…
72	184	return FALSE; // no error, life is good
73	185
74		}
75		// end pw_infocard
	186	} // end function updateIdentityData
76	187
77	188	} // end class pw_userdata