From 3345b13c73e76d2f03a85209d205adb9af49fc6b Mon Sep 17 00:00:00 2001
From: BlueRaja <BlueRaja.admin@gmail.com>
Date: Sun, 2 Jun 2013 10:37:15 -0500
Subject: Updated login form with a few new providers

---
 images/btns/signin_Facebook.png                    | Bin 0 -> 3775 bytes
 images/btns/signin_Steam.png                       | Bin 0 -> 4674 bytes
 images/btns/signin_WindowsLive.png                 | Bin 0 -> 6666 bytes
 includes/HybridAuth/HybridAuthConfig.php           |  76 +++++
 includes/HybridAuth/index.php                      |  15 +
 includes/OAuth/.svn/entries                        |   1 -
 includes/OAuth/.svn/format                         |   1 -
 ...8956e431889809a8751e68b8ce7acc4d0c11be.svn-base |  14 -
 ...fb593a952ddf0685750f39140ccb05841a84b5.svn-base |  18 --
 ...6c340a0ca450577bc1ca6e98ced10653f7da2c.svn-base |  36 ---
 ...383edd5385fc85f90dac12c2629bf15855dc12.svn-base | 308 ---------------------
 ...6151c6141646c1abb975824ebb3f0da7036235.svn-base |   9 -
 includes/OAuth/.svn/wc.db                          | Bin 36864 -> 0 bytes
 includes/OAuth/Facebook.php                        |   9 -
 includes/OAuth/Google.php                          |  18 --
 includes/OAuth/LinkedIn.php                        |  36 ---
 includes/OAuth/Oauth.php                           | 308 ---------------------
 includes/OAuth/Twitter.php                         |  14 -
 includes/header.php                                |   7 +-
 index.php                                          |  15 +-
 pages/login.php                                    | 287 ++++++++++---------
 21 files changed, 249 insertions(+), 923 deletions(-)
 create mode 100644 images/btns/signin_Facebook.png
 create mode 100644 images/btns/signin_Steam.png
 create mode 100644 images/btns/signin_WindowsLive.png
 create mode 100644 includes/HybridAuth/HybridAuthConfig.php
 create mode 100644 includes/HybridAuth/index.php
 delete mode 100644 includes/OAuth/.svn/entries
 delete mode 100644 includes/OAuth/.svn/format
 delete mode 100644 includes/OAuth/.svn/pristine/19/198956e431889809a8751e68b8ce7acc4d0c11be.svn-base
 delete mode 100644 includes/OAuth/.svn/pristine/23/23fb593a952ddf0685750f39140ccb05841a84b5.svn-base
 delete mode 100644 includes/OAuth/.svn/pristine/82/826c340a0ca450577bc1ca6e98ced10653f7da2c.svn-base
 delete mode 100644 includes/OAuth/.svn/pristine/e1/e1383edd5385fc85f90dac12c2629bf15855dc12.svn-base
 delete mode 100644 includes/OAuth/.svn/pristine/e4/e46151c6141646c1abb975824ebb3f0da7036235.svn-base
 delete mode 100644 includes/OAuth/.svn/wc.db
 delete mode 100644 includes/OAuth/Facebook.php
 delete mode 100644 includes/OAuth/Google.php
 delete mode 100644 includes/OAuth/LinkedIn.php
 delete mode 100644 includes/OAuth/Oauth.php
 delete mode 100644 includes/OAuth/Twitter.php

diff --git a/images/btns/signin_Facebook.png b/images/btns/signin_Facebook.png
new file mode 100644
index 0000000..8ed9724
Binary files /dev/null and b/images/btns/signin_Facebook.png differ
diff --git a/images/btns/signin_Steam.png b/images/btns/signin_Steam.png
new file mode 100644
index 0000000..d5e1fbf
Binary files /dev/null and b/images/btns/signin_Steam.png differ
diff --git a/images/btns/signin_WindowsLive.png b/images/btns/signin_WindowsLive.png
new file mode 100644
index 0000000..ec3e590
Binary files /dev/null and b/images/btns/signin_WindowsLive.png differ
diff --git a/includes/HybridAuth/HybridAuthConfig.php b/includes/HybridAuth/HybridAuthConfig.php
new file mode 100644
index 0000000..4c2891e
--- /dev/null
+++ b/includes/HybridAuth/HybridAuthConfig.php
@@ -0,0 +1,76 @@
+<?php
+/*!
+* HybridAuth
+* http://hybridauth.sourceforge.net | http://github.com/hybridauth/hybridauth
+* (c) 2009-2012, HybridAuth authors | http://hybridauth.sourceforge.net/licenses.html
+*/
+
+// ----------------------------------------------------------------------------------------
+//	HybridAuth Config file: http://hybridauth.sourceforge.net/userguide/Configuration.html
+// ----------------------------------------------------------------------------------------
+
+require_once("includes/db.inc.php");
+
+global $mydomain;
+
+return 
+	array(
+		"base_url" => $mydomain . "HybridAuth/",
+
+		"providers" => array ( 
+//			"OpenID" => array ( // openid providers
+//				"enabled" => true
+//			),
+//
+//			"Yahoo" => array ( 
+//				"enabled" => true,
+//				"keys"    => array ( "id" => "", "secret" => "" ),
+//			),
+//
+//			"AOL"  => array ( 
+//				"enabled" => true 
+//			),
+//
+//			"Google" => array ( 
+//				"enabled" => true,
+//				"keys"    => array ( "id" => "", "secret" => "" ), 
+//			),
+
+			"Facebook" => array ( 
+				"enabled" => true,
+				"keys"    => array ( "id" => "214763445314363", "secret" => "dac195528d640599f8ddf6da7dd070e3" ), 
+				"scope"   => "email"
+			),
+
+			"Twitter" => array ( 
+				"enabled" => true,
+				"keys"    => array ( "key" => "8Y7PY1dk7Mz8VpZWQSTzQ", "secret" => "MUv2qCQVysxqddue5TWhvJDLL0y0v1VMWXDhJtwEps" ) 
+			),
+
+			"Live" => array (  // windows live
+				"enabled" => true,
+				"keys"    => array ( "id" => "000000004C0F37BA", "secret" => "uWkmL1nmkmi71qFinxaXLKNzOZW6o1u0" ),
+				"scope"   => "wl.basic wl.emails wl.contacts_emails"
+			),
+
+//			"MySpace" => array ( 
+//				"enabled" => true,
+//				"keys"    => array ( "key" => "", "secret" => "" ) 
+//			),
+//
+//			"LinkedIn" => array ( 
+//				"enabled" => true,
+//				"keys"    => array ( "key" => "", "secret" => "" ) 
+//			),
+//
+//			"Foursquare" => array (
+//				"enabled" => true,
+//				"keys"    => array ( "id" => "", "secret" => "" ) 
+//			),
+		),
+
+		// if you want to enable logging, set 'debug_mode' to true  then provide a writable file by the web server on "debug_file"
+		"debug_mode" => false,
+
+		"debug_file" => "",
+	);
diff --git a/includes/HybridAuth/index.php b/includes/HybridAuth/index.php
new file mode 100644
index 0000000..972cd3e
--- /dev/null
+++ b/includes/HybridAuth/index.php
@@ -0,0 +1,15 @@
+<?php
+/*!
+* HybridAuth
+* http://hybridauth.sourceforge.net | http://github.com/hybridauth/hybridauth
+* (c) 2009-2012, HybridAuth authors | http://hybridauth.sourceforge.net/licenses.html 
+*/
+
+// ------------------------------------------------------------------------
+//	HybridAuth End Point
+// ------------------------------------------------------------------------
+
+require_once( "includes/HybridAuth/Auth.php" );
+require_once( "includes/HybridAuth/Endpoint.php" ); 
+
+Hybrid_Endpoint::process();
diff --git a/includes/OAuth/.svn/entries b/includes/OAuth/.svn/entries
deleted file mode 100644
index 48082f7..0000000
--- a/includes/OAuth/.svn/entries
+++ /dev/null
@@ -1 +0,0 @@
-12
diff --git a/includes/OAuth/.svn/format b/includes/OAuth/.svn/format
deleted file mode 100644
index 48082f7..0000000
--- a/includes/OAuth/.svn/format
+++ /dev/null
@@ -1 +0,0 @@
-12
diff --git a/includes/OAuth/.svn/pristine/19/198956e431889809a8751e68b8ce7acc4d0c11be.svn-base b/includes/OAuth/.svn/pristine/19/198956e431889809a8751e68b8ce7acc4d0c11be.svn-base
deleted file mode 100644
index cb2f04d..0000000
--- a/includes/OAuth/.svn/pristine/19/198956e431889809a8751e68b8ce7acc4d0c11be.svn-base
+++ /dev/null
@@ -1,14 +0,0 @@
-<?php
-
-class Twitter extends Oauth {
-	
-	protected $_prefix = 'twitter';
-	protected $_authorize_url = 'https://api.twitter.com/oauth/authorize';
-	protected $_access_token_url = 'https://api.twitter.com/oauth/access_token';
-	protected $_request_token_url = 'https://api.twitter.com/oauth/request_token';
-	
-	public function requestAccessToken($method = 'POST', Array $params = array(), $returnType = 'flat', Array $values = array('oauth_token', 'oauth_token_secret')){
-		parent::requestAccessToken($method, $params, $returnType, $values);
-	}
-	
-}
\ No newline at end of file
diff --git a/includes/OAuth/.svn/pristine/23/23fb593a952ddf0685750f39140ccb05841a84b5.svn-base b/includes/OAuth/.svn/pristine/23/23fb593a952ddf0685750f39140ccb05841a84b5.svn-base
deleted file mode 100644
index 6d144b4..0000000
--- a/includes/OAuth/.svn/pristine/23/23fb593a952ddf0685750f39140ccb05841a84b5.svn-base
+++ /dev/null
@@ -1,18 +0,0 @@
-<?php
-
-class Google extends Oauth {
-	
-	protected $_prefix = 'google';
-
-	protected $_authorize_url = 'https://accounts.google.com/o/oauth2/auth';
-	protected $_access_token_url = 'https://accounts.google.com/o/oauth2/token';
-	
-	protected function authorize(Array $scope = array(), $scope_seperator = '+'){
-		parent::authorize($scope, $scope_seperator, '&response_type=code');
-	}
-	
-	protected function requestAccessToken($method = 'POST', Array $params = array('grant_type' => 'authorization_code'), $returnType = 'json', Array $values = array('access_token', 'expires_in')){
-		parent::requestAccessToken($method, $params, $returnType, $values);
-	}
-	
-}
\ No newline at end of file
diff --git a/includes/OAuth/.svn/pristine/82/826c340a0ca450577bc1ca6e98ced10653f7da2c.svn-base b/includes/OAuth/.svn/pristine/82/826c340a0ca450577bc1ca6e98ced10653f7da2c.svn-base
deleted file mode 100644
index b72e20a..0000000
--- a/includes/OAuth/.svn/pristine/82/826c340a0ca450577bc1ca6e98ced10653f7da2c.svn-base
+++ /dev/null
@@ -1,36 +0,0 @@
-<?php
-
-class LinkedIn extends Oauth {
-	
-	protected $_prefix = 'linkedin';
-	protected $_authorize_url = 'https://www.linkedin.com/uas/oauth/authorize';
-	protected $_access_token_url = 'https://api.linkedin.com/uas/oauth/accessToken';
-	protected $_request_token_url = 'https://api.linkedin.com/uas/oauth/requestToken';
-	
-	public function requestAccessToken($method = 'GET', Array $params = array(), $returnType = 'flat', Array $values = array('oauth_token', 'oauth_token_secret')){
-		$response = $this->makeRequest($this->_access_token_url, 'POST', array(), $returnType, false, true);
-		
-		if($returnType != 'json'){
-			$r = explode('&', $response);
-			$params = array();
-			foreach($r as $v){
-				$param = explode('=', $v);
-				$params[$param[0]] = $param[1];
-			}
-		} else {
-			$params = $response;
-		}
-		
-		if(isset($params[$values[0]]) && isset($params[$values[1]])){
-			$_SESSION[$this->_prefix]['access_token'] = $params[$values[0]];
-			$_SESSION[$this->_prefix]['access_token_secret'] = $params[$values[1]];
-		} else {
-			$s = '';
-			foreach($params as $k => $v){
-				$s = $k . '=' . $v;
-			}
-			throw new Exception('incorrect access token parameters returned: ' . implode('&', $s));
-		}
-	}
-	
-}
\ No newline at end of file
diff --git a/includes/OAuth/.svn/pristine/e1/e1383edd5385fc85f90dac12c2629bf15855dc12.svn-base b/includes/OAuth/.svn/pristine/e1/e1383edd5385fc85f90dac12c2629bf15855dc12.svn-base
deleted file mode 100644
index 0ca721d..0000000
--- a/includes/OAuth/.svn/pristine/e1/e1383edd5385fc85f90dac12c2629bf15855dc12.svn-base
+++ /dev/null
@@ -1,308 +0,0 @@
-<?php
-
-class Oauth {
-	
-	protected $_client_id;
-	protected $_client_secret;
-	protected $_callback;
-	
-	protected $_access_token;
-	protected $_access_token_secret;
-	protected $_expires;
-	
-	protected $_scope;
-	
-	protected $_prefix;
-	protected $_authorize_url;
-	protected $_access_token_url;
-	protected $_request_token_url;
-	
-	public function __construct($client_id, $client_secret, $callback){
-		$this->_client_id = $client_id;
-		$this->_client_secret = $client_secret;
-		$this->_callback = $callback;
-	}
-	
-	public function setAccessToken($access_token, $access_token_secret = null, $expires = null){
-		$this->_access_token = $access_token;
-		$this->_access_token_secret = $access_token_secret;
-		$this->_expires = $expires;
-	}
-	
-	public function setScope(Array $scope){
-		$this->_scope = $scope;
-	}
-	
-	public function makeRequest($url, $method = 'GET', Array $parameters = array(), $returnType = 'json', $includeCallback = false, $includeVerifier = false){
-		// set oauth headers for oauth 1.0
-		if(isset($this->_request_token_url) && strlen($this->_request_token_url) > 0){
-			$headers = $this->getOauthHeaders($includeCallback);
-			if($includeVerifier && isset($_GET['oauth_verifier'])){
-				$headers['oauth_verifier'] = $_GET['oauth_verifier'];
-			}
-			$base_info = $this->buildBaseString($url, $method, $headers);
-			$composite_key = $this->getCompositeKey();
-			$headers['oauth_signature'] = base64_encode(hash_hmac('sha1', $base_info, $composite_key, true));
-			$header = array($this->buildAuthorizationHeader($headers), 'Expect:');
-		}
-		// add access token to parameter list for oauth 2.0 requests
-		else {
-			if(isset($_SESSION[$this->_prefix]['access_token'])){
-				$parameters['access_token'] = $_SESSION[$this->_prefix]['access_token'];
-			}
-		}
-		
-		// create a querystring for GET requests
-		if(count($parameters) > 0 && $method == 'GET' && strpos($url, '?') === false){
-			$p = array();
-			foreach($parameters as $k => $v){
-				$p[] = $k . '=' . $v;
-			}
-			$querystring = implode('&', $p);
-			$url = $url . '?' . $querystring;
-		}
-		
-		// set default CURL options
-		$options = array(
-			CURLOPT_URL => $url,
-			CURLOPT_RETURNTRANSFER => true,
-			CURLOPT_SSL_VERIFYPEER => false
-		);
-		
-		// set CURL headers for oauth 1.0 requests
-		if(isset($this->_request_token_url) && strlen($this->_request_token_url) > 0){
-			$options[CURLOPT_HTTPHEADER] = $header;
-			$options[CURLOPT_HEADER] = false;
-		}
-		
-		// set post fields for POST requests
-		if($method == 'POST'){
-			$options[CURLOPT_POST] = true;
-			$options[CURLOPT_POSTFIELDS] = $parameters;
-		}
-		
-		// make CURL request
-		$curl = curl_init();
-		curl_setopt_array($curl, $options);
-		$response = curl_exec($curl);
-		$info = curl_getinfo($curl);
-		curl_close($curl);
-		
-		// show error when http_code is not 200
-		if($info['http_code'] != 200){
-			// mostly errors are thrown when a user has denied access
-			unset($_SESSION[$this->_prefix]);
-			throw new Exception($response);
-		}
-		
-		// return json decoded array or plain response
-		if($returnType == 'json'){
-			return json_decode($response, true);
-		} else {
-			return $response;
-		}
-	}
-	
-	public function validateAccessToken(){
-		// check if current token has expired
-		if(isset($_SESSION[$this->_prefix]['expires']) && $_SESSION[$this->_prefix]['expires'] < time()){
-			unset($_SESSION[$this->_prefix]);
-			$this->authorize($this->_scope);
-			return false;
-		}
-		// return true if access token is found
-		if(isset($_SESSION[$this->_prefix]['access_token']) || (isset($this->_access_token) && strlen($this->_access_token) > 0)){
-			$this->_access_token = $_SESSION[$this->_prefix]['access_token'];
-			if(isset($_SESSION[$this->_prefix]['access_token_secret'])){
-				$this->_access_token_secret = $_SESSION[$this->_prefix]['access_token_secret'];
-			}
-			if(isset($_SESSION[$this->_prefix]['expires'])){
-				$this->_expires = $_SESSION[$this->_prefix]['expires'];
-			}
-			return true;
-		}
-		// authorize app if no token is found
-		if(!isset($this->_access_token) || strlen($this->_access_token) == 0){
-			// handle oauth 1.0 flow
-			if(isset($this->_request_token_url) && strlen($this->_request_token_url) > 0){
-				// request token and authorize app
-				if(!isset($_GET['oauth_token']) && !isset($_GET['oauth_verifier'])){
-					$this->requestToken();
-					$this->authorize();
-					return false;
-				}
-				// request access token
-				else {
-					if($_GET['oauth_token'] != $_SESSION[$this->_prefix]['token']){
-						unset($_SESSION[$this->_prefix]['token'], $_SESSION[$this->_prefix]['token_secret']);
-						return false;
-					} else {
-						$this->requestAccessToken();
-						unset($_SESSION[$this->_prefix]['token'], $_SESSION[$this->_prefix]['token_secret']);
-						return true;
-					}
-				}
-			}
-			// handle oauth 2.0 flow
-			else {
-				// authorize app
-				if(!isset($_GET['state']) && !isset($_GET['code'])){
-					$this->authorize($this->_scope);
-					return false;
-				}
-				// request access token
-				else {
-					if($_GET['state'] != $_SESSION[$this->_prefix]['state']){
-						unset($_SESSION[$this->_prefix]['state']);
-						return false;
-					} else {
-						unset($_SESSION[$this->_prefix]['state']);
-						$this->requestAccessToken();
-						return true;
-					}
-				}
-			}
-		}
-	}
-	
-	protected function requestToken($returnType = 'flat', Array $values = array('oauth_token', 'oauth_token_secret')){
-		// make the request
-		$response = $this->makeRequest($this->_request_token_url, 'POST', array(), $returnType, true);
-		
-		// get the correct parameters from the response
-		$params = $this->getParameters($response, $returnType);
-		
-		// add the token and token secret to the session
-		if(isset($params[$values[0]]) && isset($params[$values[1]])){
-			$_SESSION[$this->_prefix]['token'] = $params[$values[0]];
-			$_SESSION[$this->_prefix]['token_secret'] = $params[$values[1]];
-		}
-		// throw exception if incorrect parameters were returned
-		else {
-			$s = '';
-			foreach($params as $k => $v){$s = $k . '=' . $v;}
-			throw new Exception('incorrect access token parameters returned: ' . implode('&', $s));
-		}
-	}
-	
-	protected function requestAccessToken($method = 'GET', Array $params = array(), $returnType = 'flat', Array $values = array('access_token', 'expires')){
-		// add oauth verifier to parameters for oauth 1.0 request
-		if(isset($this->_request_token_url) && strlen($this->_request_token_url) > 0){
-			$parameters = array('oauth_verifier' => $_GET['oauth_verifier']);
-			$parameters = array_merge($parameters, $params);
-		}
-		// set parameters for oauth 2.0 request
-		else {
-			$parameters = array(
-				'client_id' => $this->_client_id,
-				'redirect_uri' => $this->_callback,
-				'client_secret' => $this->_client_secret,
-				'code' => $_GET['code']
-			);
-			$parameters = array_merge($parameters, $params);
-		}
-		
-		// make the request
-		$response = $this->makeRequest($this->_access_token_url, $method, $parameters, $returnType, false);
-		
-		// get the correct parameters from the response
-		$params = $this->getParameters($response, $returnType);
-		
-		// add the token to the session
-		if(isset($params[$values[0]]) && isset($params[$values[1]])){
-			if(isset($this->_request_token_url) && strlen($this->_request_token_url) > 0){
-				$_SESSION[$this->_prefix]['access_token'] = $params[$values[0]];
-				$_SESSION[$this->_prefix]['access_token_secret'] = $params[$values[1]];
-			} else {
-				$_SESSION[$this->_prefix]['access_token'] = $params[$values[0]];
-				$_SESSION[$this->_prefix]['expires'] = time() + $params[$values[1]];
-			}
-		}
-		// throw exception if incorrect parameters were returned
-		else {
-			$s = '';
-			foreach($params as $k => $v){$s = $k . '=' . $v;}
-			throw new Exception('incorrect access token parameters returned: ' . implode('&', $s));
-		}
-	}
-	
-	protected function authorize(Array $scope = array(), $scope_seperator = ',', $attach = null){
-		// build authorize url for oauth 1.0 requests
-		if(isset($this->_request_token_url) && strlen($this->_request_token_url) > 0){
-			$this->_authorize_url .= '?oauth_token=' . $_SESSION[$this->_prefix]['token'];
-		}
-		// build authorize url for oauth 2.0 requests
-		else {
-			$this->_authorize_url .= '?client_id=' . $this->_client_id . '&redirect_uri=' . $this->_callback;
-			$state = md5(time() . mt_rand());
-			$_SESSION[$this->_prefix]['state'] = $state;
-			$this->_authorize_url .= '&state=' . $state . '&scope=' . implode($scope_seperator, $scope) . $attach;
-		}
-		// redirect
-		header('Location: ' . $this->_authorize_url);exit;
-	}
-	
-	private function getParameters($response, $returnType){
-		if($returnType != 'json'){
-			$r = explode('&', $response);
-			$params = array();
-			foreach($r as $v){
-				$param = explode('=', $v);
-				$params[$param[0]] = $param[1];
-			}
-		} else {
-			$params = $response;
-		}
-		return $params;
-	}
-	
-	private function getCompositeKey(){
-		if(isset($this->_access_token_secret) && strlen($this->_access_token_secret) > 0){
-			$composite_key = rawurlencode($this->_client_secret) . '&' . rawurlencode($this->_access_token_secret);
-		} else if(isset($_SESSION[$this->_prefix]['token_secret'])){
-			$composite_key = rawurlencode($this->_client_secret) . '&' . rawurlencode($_SESSION[$this->_prefix]['token_secret']);
-		} else {
-			$composite_key = rawurlencode($this->_client_secret) . '&';
-		}
-		return $composite_key;
-	}
-	
-	private function getOauthHeaders($includeCallback = false){
-		$oauth = array(
-			'oauth_consumer_key' => $this->_client_id,
-			'oauth_nonce' => time(),
-			'oauth_signature_method' => 'HMAC-SHA1',
-			'oauth_timestamp' => time(),
-			'oauth_version' => '1.0'
-		);
-		if(isset($this->_access_token)){
-			$oauth['oauth_token'] = $this->_access_token;
-		} else if(isset($_SESSION[$this->_prefix]['token'])){
-			$oauth['oauth_token'] = $_SESSION[$this->_prefix]['token'];
-		}
-		if($includeCallback){
-			$oauth['oauth_callback'] = $this->_callback;
-		}
-		return $oauth;
-	}
-	
-	private function buildBaseString($baseURI, $method, $params){
-		$r = array();
-		ksort($params);
-		foreach($params as $key => $value){
-			$r[] = $key . '=' . rawurlencode($value);
-		}
-		return $method . '&' . rawurlencode($baseURI) . '&' . rawurlencode(implode('&', $r));
-	}
-	
-	private function buildAuthorizationHeader($oauth){
-		$r = 'Authorization: OAuth ';
-		$values = array();
-		foreach($oauth as $key => $value){
-			$values[] = $key . '="' . rawurlencode($value) . '"';
-		}
-		$r .= implode(', ', $values);
-		return $r;
-	}
-	
-}
\ No newline at end of file
diff --git a/includes/OAuth/.svn/pristine/e4/e46151c6141646c1abb975824ebb3f0da7036235.svn-base b/includes/OAuth/.svn/pristine/e4/e46151c6141646c1abb975824ebb3f0da7036235.svn-base
deleted file mode 100644
index 4b4c2bf..0000000
--- a/includes/OAuth/.svn/pristine/e4/e46151c6141646c1abb975824ebb3f0da7036235.svn-base
+++ /dev/null
@@ -1,9 +0,0 @@
-<?php
-
-class Facebook extends Oauth {
-	
-	protected $_prefix = 'facebook';
-	protected $_authorize_url = 'https://www.facebook.com/dialog/oauth';
-	protected $_access_token_url = 'https://graph.facebook.com/oauth/access_token';
-	
-}
\ No newline at end of file
diff --git a/includes/OAuth/.svn/wc.db b/includes/OAuth/.svn/wc.db
deleted file mode 100644
index e61f7ab..0000000
Binary files a/includes/OAuth/.svn/wc.db and /dev/null differ
diff --git a/includes/OAuth/Facebook.php b/includes/OAuth/Facebook.php
deleted file mode 100644
index 4b4c2bf..0000000
--- a/includes/OAuth/Facebook.php
+++ /dev/null
@@ -1,9 +0,0 @@
-<?php
-
-class Facebook extends Oauth {
-	
-	protected $_prefix = 'facebook';
-	protected $_authorize_url = 'https://www.facebook.com/dialog/oauth';
-	protected $_access_token_url = 'https://graph.facebook.com/oauth/access_token';
-	
-}
\ No newline at end of file
diff --git a/includes/OAuth/Google.php b/includes/OAuth/Google.php
deleted file mode 100644
index 6d144b4..0000000
--- a/includes/OAuth/Google.php
+++ /dev/null
@@ -1,18 +0,0 @@
-<?php
-
-class Google extends Oauth {
-	
-	protected $_prefix = 'google';
-
-	protected $_authorize_url = 'https://accounts.google.com/o/oauth2/auth';
-	protected $_access_token_url = 'https://accounts.google.com/o/oauth2/token';
-	
-	protected function authorize(Array $scope = array(), $scope_seperator = '+'){
-		parent::authorize($scope, $scope_seperator, '&response_type=code');
-	}
-	
-	protected function requestAccessToken($method = 'POST', Array $params = array('grant_type' => 'authorization_code'), $returnType = 'json', Array $values = array('access_token', 'expires_in')){
-		parent::requestAccessToken($method, $params, $returnType, $values);
-	}
-	
-}
\ No newline at end of file
diff --git a/includes/OAuth/LinkedIn.php b/includes/OAuth/LinkedIn.php
deleted file mode 100644
index b72e20a..0000000
--- a/includes/OAuth/LinkedIn.php
+++ /dev/null
@@ -1,36 +0,0 @@
-<?php
-
-class LinkedIn extends Oauth {
-	
-	protected $_prefix = 'linkedin';
-	protected $_authorize_url = 'https://www.linkedin.com/uas/oauth/authorize';
-	protected $_access_token_url = 'https://api.linkedin.com/uas/oauth/accessToken';
-	protected $_request_token_url = 'https://api.linkedin.com/uas/oauth/requestToken';
-	
-	public function requestAccessToken($method = 'GET', Array $params = array(), $returnType = 'flat', Array $values = array('oauth_token', 'oauth_token_secret')){
-		$response = $this->makeRequest($this->_access_token_url, 'POST', array(), $returnType, false, true);
-		
-		if($returnType != 'json'){
-			$r = explode('&', $response);
-			$params = array();
-			foreach($r as $v){
-				$param = explode('=', $v);
-				$params[$param[0]] = $param[1];
-			}
-		} else {
-			$params = $response;
-		}
-		
-		if(isset($params[$values[0]]) && isset($params[$values[1]])){
-			$_SESSION[$this->_prefix]['access_token'] = $params[$values[0]];
-			$_SESSION[$this->_prefix]['access_token_secret'] = $params[$values[1]];
-		} else {
-			$s = '';
-			foreach($params as $k => $v){
-				$s = $k . '=' . $v;
-			}
-			throw new Exception('incorrect access token parameters returned: ' . implode('&', $s));
-		}
-	}
-	
-}
\ No newline at end of file
diff --git a/includes/OAuth/Oauth.php b/includes/OAuth/Oauth.php
deleted file mode 100644
index 0ca721d..0000000
--- a/includes/OAuth/Oauth.php
+++ /dev/null
@@ -1,308 +0,0 @@
-<?php
-
-class Oauth {
-	
-	protected $_client_id;
-	protected $_client_secret;
-	protected $_callback;
-	
-	protected $_access_token;
-	protected $_access_token_secret;
-	protected $_expires;
-	
-	protected $_scope;
-	
-	protected $_prefix;
-	protected $_authorize_url;
-	protected $_access_token_url;
-	protected $_request_token_url;
-	
-	public function __construct($client_id, $client_secret, $callback){
-		$this->_client_id = $client_id;
-		$this->_client_secret = $client_secret;
-		$this->_callback = $callback;
-	}
-	
-	public function setAccessToken($access_token, $access_token_secret = null, $expires = null){
-		$this->_access_token = $access_token;
-		$this->_access_token_secret = $access_token_secret;
-		$this->_expires = $expires;
-	}
-	
-	public function setScope(Array $scope){
-		$this->_scope = $scope;
-	}
-	
-	public function makeRequest($url, $method = 'GET', Array $parameters = array(), $returnType = 'json', $includeCallback = false, $includeVerifier = false){
-		// set oauth headers for oauth 1.0
-		if(isset($this->_request_token_url) && strlen($this->_request_token_url) > 0){
-			$headers = $this->getOauthHeaders($includeCallback);
-			if($includeVerifier && isset($_GET['oauth_verifier'])){
-				$headers['oauth_verifier'] = $_GET['oauth_verifier'];
-			}
-			$base_info = $this->buildBaseString($url, $method, $headers);
-			$composite_key = $this->getCompositeKey();
-			$headers['oauth_signature'] = base64_encode(hash_hmac('sha1', $base_info, $composite_key, true));
-			$header = array($this->buildAuthorizationHeader($headers), 'Expect:');
-		}
-		// add access token to parameter list for oauth 2.0 requests
-		else {
-			if(isset($_SESSION[$this->_prefix]['access_token'])){
-				$parameters['access_token'] = $_SESSION[$this->_prefix]['access_token'];
-			}
-		}
-		
-		// create a querystring for GET requests
-		if(count($parameters) > 0 && $method == 'GET' && strpos($url, '?') === false){
-			$p = array();
-			foreach($parameters as $k => $v){
-				$p[] = $k . '=' . $v;
-			}
-			$querystring = implode('&', $p);
-			$url = $url . '?' . $querystring;
-		}
-		
-		// set default CURL options
-		$options = array(
-			CURLOPT_URL => $url,
-			CURLOPT_RETURNTRANSFER => true,
-			CURLOPT_SSL_VERIFYPEER => false
-		);
-		
-		// set CURL headers for oauth 1.0 requests
-		if(isset($this->_request_token_url) && strlen($this->_request_token_url) > 0){
-			$options[CURLOPT_HTTPHEADER] = $header;
-			$options[CURLOPT_HEADER] = false;
-		}
-		
-		// set post fields for POST requests
-		if($method == 'POST'){
-			$options[CURLOPT_POST] = true;
-			$options[CURLOPT_POSTFIELDS] = $parameters;
-		}
-		
-		// make CURL request
-		$curl = curl_init();
-		curl_setopt_array($curl, $options);
-		$response = curl_exec($curl);
-		$info = curl_getinfo($curl);
-		curl_close($curl);
-		
-		// show error when http_code is not 200
-		if($info['http_code'] != 200){
-			// mostly errors are thrown when a user has denied access
-			unset($_SESSION[$this->_prefix]);
-			throw new Exception($response);
-		}
-		
-		// return json decoded array or plain response
-		if($returnType == 'json'){
-			return json_decode($response, true);
-		} else {
-			return $response;
-		}
-	}
-	
-	public function validateAccessToken(){
-		// check if current token has expired
-		if(isset($_SESSION[$this->_prefix]['expires']) && $_SESSION[$this->_prefix]['expires'] < time()){
-			unset($_SESSION[$this->_prefix]);
-			$this->authorize($this->_scope);
-			return false;
-		}
-		// return true if access token is found
-		if(isset($_SESSION[$this->_prefix]['access_token']) || (isset($this->_access_token) && strlen($this->_access_token) > 0)){
-			$this->_access_token = $_SESSION[$this->_prefix]['access_token'];
-			if(isset($_SESSION[$this->_prefix]['access_token_secret'])){
-				$this->_access_token_secret = $_SESSION[$this->_prefix]['access_token_secret'];
-			}
-			if(isset($_SESSION[$this->_prefix]['expires'])){
-				$this->_expires = $_SESSION[$this->_prefix]['expires'];
-			}
-			return true;
-		}
-		// authorize app if no token is found
-		if(!isset($this->_access_token) || strlen($this->_access_token) == 0){
-			// handle oauth 1.0 flow
-			if(isset($this->_request_token_url) && strlen($this->_request_token_url) > 0){
-				// request token and authorize app
-				if(!isset($_GET['oauth_token']) && !isset($_GET['oauth_verifier'])){
-					$this->requestToken();
-					$this->authorize();
-					return false;
-				}
-				// request access token
-				else {
-					if($_GET['oauth_token'] != $_SESSION[$this->_prefix]['token']){
-						unset($_SESSION[$this->_prefix]['token'], $_SESSION[$this->_prefix]['token_secret']);
-						return false;
-					} else {
-						$this->requestAccessToken();
-						unset($_SESSION[$this->_prefix]['token'], $_SESSION[$this->_prefix]['token_secret']);
-						return true;
-					}
-				}
-			}
-			// handle oauth 2.0 flow
-			else {
-				// authorize app
-				if(!isset($_GET['state']) && !isset($_GET['code'])){
-					$this->authorize($this->_scope);
-					return false;
-				}
-				// request access token
-				else {
-					if($_GET['state'] != $_SESSION[$this->_prefix]['state']){
-						unset($_SESSION[$this->_prefix]['state']);
-						return false;
-					} else {
-						unset($_SESSION[$this->_prefix]['state']);
-						$this->requestAccessToken();
-						return true;
-					}
-				}
-			}
-		}
-	}
-	
-	protected function requestToken($returnType = 'flat', Array $values = array('oauth_token', 'oauth_token_secret')){
-		// make the request
-		$response = $this->makeRequest($this->_request_token_url, 'POST', array(), $returnType, true);
-		
-		// get the correct parameters from the response
-		$params = $this->getParameters($response, $returnType);
-		
-		// add the token and token secret to the session
-		if(isset($params[$values[0]]) && isset($params[$values[1]])){
-			$_SESSION[$this->_prefix]['token'] = $params[$values[0]];
-			$_SESSION[$this->_prefix]['token_secret'] = $params[$values[1]];
-		}
-		// throw exception if incorrect parameters were returned
-		else {
-			$s = '';
-			foreach($params as $k => $v){$s = $k . '=' . $v;}
-			throw new Exception('incorrect access token parameters returned: ' . implode('&', $s));
-		}
-	}
-	
-	protected function requestAccessToken($method = 'GET', Array $params = array(), $returnType = 'flat', Array $values = array('access_token', 'expires')){
-		// add oauth verifier to parameters for oauth 1.0 request
-		if(isset($this->_request_token_url) && strlen($this->_request_token_url) > 0){
-			$parameters = array('oauth_verifier' => $_GET['oauth_verifier']);
-			$parameters = array_merge($parameters, $params);
-		}
-		// set parameters for oauth 2.0 request
-		else {
-			$parameters = array(
-				'client_id' => $this->_client_id,
-				'redirect_uri' => $this->_callback,
-				'client_secret' => $this->_client_secret,
-				'code' => $_GET['code']
-			);
-			$parameters = array_merge($parameters, $params);
-		}
-		
-		// make the request
-		$response = $this->makeRequest($this->_access_token_url, $method, $parameters, $returnType, false);
-		
-		// get the correct parameters from the response
-		$params = $this->getParameters($response, $returnType);
-		
-		// add the token to the session
-		if(isset($params[$values[0]]) && isset($params[$values[1]])){
-			if(isset($this->_request_token_url) && strlen($this->_request_token_url) > 0){
-				$_SESSION[$this->_prefix]['access_token'] = $params[$values[0]];
-				$_SESSION[$this->_prefix]['access_token_secret'] = $params[$values[1]];
-			} else {
-				$_SESSION[$this->_prefix]['access_token'] = $params[$values[0]];
-				$_SESSION[$this->_prefix]['expires'] = time() + $params[$values[1]];
-			}
-		}
-		// throw exception if incorrect parameters were returned
-		else {
-			$s = '';
-			foreach($params as $k => $v){$s = $k . '=' . $v;}
-			throw new Exception('incorrect access token parameters returned: ' . implode('&', $s));
-		}
-	}
-	
-	protected function authorize(Array $scope = array(), $scope_seperator = ',', $attach = null){
-		// build authorize url for oauth 1.0 requests
-		if(isset($this->_request_token_url) && strlen($this->_request_token_url) > 0){
-			$this->_authorize_url .= '?oauth_token=' . $_SESSION[$this->_prefix]['token'];
-		}
-		// build authorize url for oauth 2.0 requests
-		else {
-			$this->_authorize_url .= '?client_id=' . $this->_client_id . '&redirect_uri=' . $this->_callback;
-			$state = md5(time() . mt_rand());
-			$_SESSION[$this->_prefix]['state'] = $state;
-			$this->_authorize_url .= '&state=' . $state . '&scope=' . implode($scope_seperator, $scope) . $attach;
-		}
-		// redirect
-		header('Location: ' . $this->_authorize_url);exit;
-	}
-	
-	private function getParameters($response, $returnType){
-		if($returnType != 'json'){
-			$r = explode('&', $response);
-			$params = array();
-			foreach($r as $v){
-				$param = explode('=', $v);
-				$params[$param[0]] = $param[1];
-			}
-		} else {
-			$params = $response;
-		}
-		return $params;
-	}
-	
-	private function getCompositeKey(){
-		if(isset($this->_access_token_secret) && strlen($this->_access_token_secret) > 0){
-			$composite_key = rawurlencode($this->_client_secret) . '&' . rawurlencode($this->_access_token_secret);
-		} else if(isset($_SESSION[$this->_prefix]['token_secret'])){
-			$composite_key = rawurlencode($this->_client_secret) . '&' . rawurlencode($_SESSION[$this->_prefix]['token_secret']);
-		} else {
-			$composite_key = rawurlencode($this->_client_secret) . '&';
-		}
-		return $composite_key;
-	}
-	
-	private function getOauthHeaders($includeCallback = false){
-		$oauth = array(
-			'oauth_consumer_key' => $this->_client_id,
-			'oauth_nonce' => time(),
-			'oauth_signature_method' => 'HMAC-SHA1',
-			'oauth_timestamp' => time(),
-			'oauth_version' => '1.0'
-		);
-		if(isset($this->_access_token)){
-			$oauth['oauth_token'] = $this->_access_token;
-		} else if(isset($_SESSION[$this->_prefix]['token'])){
-			$oauth['oauth_token'] = $_SESSION[$this->_prefix]['token'];
-		}
-		if($includeCallback){
-			$oauth['oauth_callback'] = $this->_callback;
-		}
-		return $oauth;
-	}
-	
-	private function buildBaseString($baseURI, $method, $params){
-		$r = array();
-		ksort($params);
-		foreach($params as $key => $value){
-			$r[] = $key . '=' . rawurlencode($value);
-		}
-		return $method . '&' . rawurlencode($baseURI) . '&' . rawurlencode(implode('&', $r));
-	}
-	
-	private function buildAuthorizationHeader($oauth){
-		$r = 'Authorization: OAuth ';
-		$values = array();
-		foreach($oauth as $key => $value){
-			$values[] = $key . '="' . rawurlencode($value) . '"';
-		}
-		$r .= implode(', ', $values);
-		return $r;
-	}
-	
-}
\ No newline at end of file
diff --git a/includes/OAuth/Twitter.php b/includes/OAuth/Twitter.php
deleted file mode 100644
index cb2f04d..0000000
--- a/includes/OAuth/Twitter.php
+++ /dev/null
@@ -1,14 +0,0 @@
-<?php
-
-class Twitter extends Oauth {
-	
-	protected $_prefix = 'twitter';
-	protected $_authorize_url = 'https://api.twitter.com/oauth/authorize';
-	protected $_access_token_url = 'https://api.twitter.com/oauth/access_token';
-	protected $_request_token_url = 'https://api.twitter.com/oauth/request_token';
-	
-	public function requestAccessToken($method = 'POST', Array $params = array(), $returnType = 'flat', Array $values = array('oauth_token', 'oauth_token_secret')){
-		parent::requestAccessToken($method, $params, $returnType, $values);
-	}
-	
-}
\ No newline at end of file
diff --git a/includes/header.php b/includes/header.php
index b5ffe36..d3256c3 100644
--- a/includes/header.php
+++ b/includes/header.php
@@ -183,10 +183,13 @@ function topbar($links) {
 	echo '	<div class="wrapper" id="oid_hidden" >
 			<h2>Sign in</h2>
 			<div id="oid_box">
-				<h2 style="color:#333;">Do you have an account here?</h2>
+				<h2 style="color:#333;">Please sign in using one of the following</h2>
 				<a rel="nofollow" href="login?op=google"><img id="oid_btn" src="images/btns/signin_Google.png" alt="Sign in with Google" /></a>
-				<a rel="nofollow" href="login?op=yahoo"><img id="oid_btn" src="images/btns/signin_Yahoo.png" alt="Sign in with Yahoo" /></a>
+				<a rel="nofollow" href="login?op=facebook"><img id="oid_btn" src="images/btns/signin_Facebook.png" alt="Sign in with Facebook" /></a>
 				<a rel="nofollow" href="login?op=twitter"><img id="oid_btn" src="images/btns/signin_Twitter.png" alt="Sign in with Twitter" /></a>
+				<a rel="nofollow" href="login?op=yahoo"><img id="oid_btn" src="images/btns/signin_Yahoo.png" alt="Sign in with Yahoo" /></a>
+				<a rel="nofollow" href="login?op=live"><img id="oid_btn" src="images/btns/signin_WindowsLive.png" alt="Sign in with Windows Live" /></a>
+				<a rel="nofollow" href="login?op=steam"><img id="oid_btn" src="images/btns/signin_Steam.png" alt="Sign in with Steam" /></a>
 				<a id="oid_learn" href="http://openid.net/get-an-openid/what-is-openid/"  target="_blank" >Learn more about OpenID</a>
 				<a id="oauth_learn" href="http://oauth.net/about/"  target="_blank" >Learn more about OAuth</a>
 				<a id="oid_cancel" href="javascript:hideSignin();">X</a>
diff --git a/index.php b/index.php
index 08091c3..ad5ed0b 100644
--- a/index.php
+++ b/index.php
@@ -4,6 +4,17 @@ ob_start("ob_gzhandler");
 if (!session_id()) session_start();
 //session_regenerate_id();
 
+$request = isset($_GET['page']) ? strtolower($_GET['page']) : '';
+if ($request == '' && !$accepted)
+	$request = 'hometutorial';
+
+//Callback for OAuth authentication
+if($request === "hybridauth" || $request === "hybridauth/")
+{
+	require 'includes/HybridAuth/index.php';
+	return;
+}
+
 //Show updating page?
 //$showUpdatePage = true;
 $showUpdatePage = false;
@@ -92,10 +103,6 @@ if ($accepted) {
 //$headerLinks['faq'] = "FAQ";
 //$headerLinks['about'] = "About Us";
 
-$request = isset($_GET['page']) ? strtolower($_GET['page']) : '';
-if ($request == '' && !$accepted)
-	$request = 'hometutorial';
-
 switch ($request) {
    case "tutorial":
 	require("pages/tutorial.php");
diff --git a/pages/login.php b/pages/login.php
index d818f58..c400e52 100644
--- a/pages/login.php
+++ b/pages/login.php
@@ -8,24 +8,20 @@ if ($accepted) {
 	header("Location: $mydomain");
 	exit;
 }
-echo "testest";
 
 require 'includes/openid.php';
 include_once 'globe.php';
 include_once('./includes/sqlEmbedded.php');
 include_once('./includes/datas.php');
-include_once('includes/chats.php');
+include_once('./includes/chats.php');
 include_once('./includes/emails.php');
-include_once('./includes/OAuth/Oauth.php');
-include_once('./includes/OAuth/Facebook.php');
-include_once('./includes/OAuth/Twitter.php');
+include_once('./includes/HybridAuth/Auth.php');
 
-echo "test2";
+$hybrid_config_file = 'includes/HybridAuth/HybridAuthConfig.php';
 
 try {
 	//Use OpenID for Google/Yahoo
-	if(!$_GET['op'] || $_GET['op'] == 'google' || $_GET['op'] == 'yahoo')
-	{
+	if (!$_GET['op'] || $_GET['op'] == 'google' || $_GET['op'] == 'yahoo' || $_GET['op'] == 'steam') {
 		$openid = new LightOpenID;
 
 		//Require Email, and first name.
@@ -37,6 +33,8 @@ try {
 				$openid->identity = 'https://www.google.com/accounts/o8/id';
 			else if ($_GET['op'] == 'yahoo')
 				$openid->identity = 'https://me.yahoo.com';
+			else if ($_GET['op'] == 'steam')
+				$openid->identity = 'http://steamcommunity.com/openid';
 
 			header('Location: ' . $openid->authUrl());
 		} //Did we try to log in, but then the user canceled it?
@@ -46,174 +44,172 @@ try {
 		} //We logged in and it worked!
 		else if ($openid->validate()) {
 			//What's in the goodie bag labeled "personal information"... hmmm
-			$tmp = $openid->getAttributes();
-			$display = $tmp['namePerson/first'];
+			$openIdAttributes = $openid->getAttributes();
+			$display = $openIdAttributes['namePerson/first'];
 
 			//You don't have a name entered? whyfore!?
 			if (strlen($display) == 0) {
 				$display = 'noname';
 			}
-			$email = $tmp['contact/email'];
-
+			$email = $openIdAttributes['contact/email'];
+			$claimedid = $openid->__get('identity');
+			
 			if ($email == '') {
-				$tmp['op'] = $_GET['op'];
-				die(throwLoginError($tmp, "No email provided from OpenID Provider"));
+				$openIdAttributes['op'] = $_GET['op'];
+				die(throwLoginError($openIdAttributes, "No email provided by OpenID provider - please try a different provider"));
 			}
-			$claimedid = $openid->__get('identity');
-		}
-		else
-		{
+			
+			createNewUser($claimedid, $display, $email);
+		} else {
 			DoRedirect("Login failed. Back to the home page with you!");
 		}
 	}
-	
-	//Use OAuth for Twitter/Facebook
-	else if($_GET['op'] == 'twitter')
-	{
-		$twitter_consumer_key = "8Y7PY1dk7Mz8VpZWQSTzQ";
-		$twitter_consumer_secret = "MUv2qCQVysxqddue5TWhvJDLL0y0v1VMWXDhJtwEps";
-		$redirect_uri = $mydomain."login?op=twitter";
-		$twitter = new Twitter($twitter_consumer_key, $twitter_consumer_secret, $redirect_uri);
-		$response = $twitter->validateAccessToken();
-		echo "Response: ";
-		print_r($response);
+
+	//Use HybridAuth for everything else
+	else if ($_GET['op'] == 'twitter' || $_GET['op'] == 'facebook' || $_GET['op'] == 'live') {
+		$provider = $_GET['op'];
+		$hybridAuth = new Hybrid_Auth($hybrid_config_file);
+		$authenticator = $hybridAuth->authenticate($provider);
 		
-		echo "Making next request...";
-		try
+		if(!$authenticator)
 		{
-			$response = $twitter->makeRequest("https://api.twitter.com/1/account/settings.json");
-			echo "<br>Response 2:<br>";
-			print_r($response);
+			//If user cancelled request, return to home page (?)
+			return;
 		}
-		catch(Exception $e)
+		
+		$userProfile = $authenticator->getUserProfile();
+
+		$claimedid = $authenticator->id . '|' . $userProfile->identifier;
+		$display = ($userProfile->firstName != '' ? $userProfile->firstName : $userProfile->displayName);
+		$email = $userProfile->email;
+
+		//TODO: This will always fail for Twitter - we need to reconsider our needs...
+		if($email == '')
 		{
-			echo "Exception was thrown: ";
-			echo $e->getMessage();
+			$userProfile['op'] = $_GET['op'];
+			die(throwLoginError($userProfile, "No email provided by {$authenticator->id} - please try a different provider"));
 		}
+		createNewUser($claimedid, $display, $email);
 		return;
 	}
-	
-	else if($_GET['op'] == 'facebook')
-	{
-		//TODO
-	}
-	
+
 	//Unknown provider
-	else
-	{
+	else {
 		DoRedirect("Unknown login provider. Back to the home page with you!");
 	}
-		//I know just where to put this stuff!
-		//Unless I already have this information...
-		$sql = "SELECT `ID`, `isAdmin`, `openID`, `displayName`, `dateJoined` FROM `users` WHERE `openID` = '$claimedid' OR `email` = '$email'";
-		$result = mysql_query($sql);
+} catch (ErrorException $e) {
+	echo $e->getMessage();
+}
 
-		$_SESSION['isAdmin'] = false;
-
-		//What a loser, he's already registered.
-		if (mysql_num_rows($result) > 0) {
-			$userID = mysql_result($result, 0, 'ID');
-			//Is he a cool admin person?
-			if (mysql_result($result, 0, 'isAdmin') == 1)
-				$_SESSION['isAdmin'] = true;
-
-			$display = mysql_result($result, 0, 'displayName');
-			$dateJoined = mysql_result($result, 0, 'dateJoined');
-
-			//Multiple accounts found?
-			if (mysql_num_rows($result) > 1) {
-				$d['page'] = "Login";
-				$d['error'] = "Multiple results on lookup";
-				$d['rows'] = mysql_num_rows($result);
-				$d['OpenIDProvider'] = $_GET['op'];
-				$d['userID'] = $userID;
-				$d['claimedid'] = $claimedid;
-				$d['email'] = $email;
-				$d['display'] = $display;
-				EmailError($d);
-			}
-			// Continue Loging in; should be fine.
-			//TEMPORARY CODE
-			//Check openID; and update it if necessary
-			if (mysql_result($result, 0, 'openID') == $claimedid) {
-				//Don't need to do anything
-			} else {
-				//Update the OpenID Code
-				$sql = "UPDATE `users`
+function createNewUser($claimedid, $display, $email)
+{
+	//I know just where to put this stuff!
+	//Unless I already have this information...
+	$sql = "SELECT `ID`, `isAdmin`, `openID`, `displayName`, `dateJoined` FROM `users` WHERE `openID` = '$claimedid' OR `email` = '$email'";
+	$result = mysql_query($sql);
+
+	$_SESSION['isAdmin'] = false;
+
+	//What a loser, he's already registered.
+	if (mysql_num_rows($result) > 0) {
+		$userID = mysql_result($result, 0, 'ID');
+		//Is he a cool admin person?
+		if (mysql_result($result, 0, 'isAdmin') == 1)
+			$_SESSION['isAdmin'] = true;
+
+		$display = mysql_result($result, 0, 'displayName');
+		$dateJoined = mysql_result($result, 0, 'dateJoined');
+
+		//Multiple accounts found?
+		if (mysql_num_rows($result) > 1) {
+			$d['page'] = "Login";
+			$d['error'] = "Multiple results on lookup";
+			$d['rows'] = mysql_num_rows($result);
+			$d['OpenIDProvider'] = $_GET['op'];
+			$d['userID'] = $userID;
+			$d['claimedid'] = $claimedid;
+			$d['email'] = $email;
+			$d['display'] = $display;
+			EmailError($d);
+		}
+		// Continue Loging in; should be fine.
+		//TEMPORARY CODE
+		//Check openID; and update it if necessary
+		if (mysql_result($result, 0, 'openID') == $claimedid) {
+			//Don't need to do anything
+		} else {
+			//Update the OpenID Code
+			$sql = "UPDATE `users`
 				SET `openID` = '$claimedid'
 				WHERE `ID` = '$userID'";
-				mysql_query($sql);
-			}
-			// </TEMPORARY CODE>
-			//I last-see you now!
-			$sql = "UPDATE `users`
+			mysql_query($sql);
+		}
+		// </TEMPORARY CODE>
+		//I last-see you now!
+		$sql = "UPDATE `users`
          SET `dateLogin` = NOW()
          WHERE `ID` = '$userID'";
-			mysql_query($sql);
-		} //Well hello there new dude!
-		else {
+		mysql_query($sql);
+	} //Well hello there new dude!
+	else {
 
-			//About that personal information - give me a second while save it.
-			// sql_clean is an addslashes equivilent
-			$sql = "INSERT INTO `users` (`openID`, `displayName`, `email`, `dateJoined`, `dateLogin`)
+		//About that personal information - give me a second while save it.
+		// sql_clean is an addslashes equivilent
+		$sql = "INSERT INTO `users` (`openID`, `displayName`, `email`, `dateJoined`, `dateLogin`)
             VALUES (
                   '$claimedid', 
                   '" . sql_clean($display) . "', 
                   '" . sql_clean($email) . "', 
                    NOW(), NOW())";
-			$result = mysql_query($sql);
-			//Allright, all set.
-			if ($result) {
-				$userID = mysql_insert_id();
-				$dateJoined = date(DateTime::ISO8601);
-
-				//Tutorial done?
-				if (isset($_SESSION['preCompletedTutorial'])) {
-					if ($_SESSION['preCompletedTutorial'] == true) {
-						onCompletedTutorial($userID);
-					}
+		$result = mysql_query($sql);
+		//Allright, all set.
+		if ($result) {
+			$userID = mysql_insert_id();
+			$dateJoined = date(DateTime::ISO8601);
+
+			//Tutorial done?
+			if (isset($_SESSION['preCompletedTutorial'])) {
+				if ($_SESSION['preCompletedTutorial'] == true) {
+					onCompletedTutorial($userID);
 				}
-				//Oh crap?
-			} else {
-				$d['sqlError'] = mysql_error();
-				$d['result'] = $result;
-				throwLoginError($d, "Unknown DB Registration failure");
-				exit;
 			}
-			addchat(null, "New user registered: \"$display\"");
-			sendNewUserEmail($userID, $email, $display, $dateJoined);
+			//Oh crap?
+		} else {
+			$d['sqlError'] = mysql_error();
+			$d['result'] = $result;
+			throwLoginError($d, "Unknown DB Registration failure");
+			exit;
 		}
-		//If 'remember me' use this for cookie password
-		//$_SESSION['Passcode'] = MD5($Password.$Pepper.$Username);
-		$_SESSION['accepted'] = 1;
-		$_SESSION['userID'] = $userID;
-		$_SESSION['email'] = $email;
-		$_SESSION['displayName'] = $display;
-		$_SESSION['dateJoined'] = $dateJoined;
-
-		//The below is me hashing the claimedID.
-		//TODO: Store these values in a single location...
-		$salt = "33qs5d4j6z98gt1a7n6b5d4x1c66f5nuh8a6d8g9j09aphgf56z5745";
-		$pepper = "chilis baby-back ribss! I want my baby back, baby back, baby back, baby back, baby back, I want my, baby backTREE3!";
-		$one = MD5($claimedid);
-		$two = MD5($one . $salt);
-		$three = MD5($pepper . $two);
-
-		$expire = time() + (6 * 31 * 24 * 60 * 60);
-		setcookie("userID", $userID, $expire);
-		setcookie("doLogin", "yes", $expire);
-		setcookie("auth", $three, $expire);
-
-		$refTo = null;
-		if (isset($_GET['ref']))
-			$refTo = $_GET['ref'];
-		//DoRedirect("Thank you $display.", $_GET['ref']);
-		DoRedirect("", $refTo, 0);
-		exit;
-	//The defaults will do fine here.
-	DoRedirect();
-} catch (ErrorException $e) {
-	echo $e->getMessage();
+		addchat(null, "New user registered: \"$display\"");
+		sendNewUserEmail($userID, $email, $display, $dateJoined);
+	}
+	//If 'remember me' use this for cookie password
+	//$_SESSION['Passcode'] = MD5($Password.$Pepper.$Username);
+	$_SESSION['accepted'] = 1;
+	$_SESSION['userID'] = $userID;
+	$_SESSION['email'] = $email;
+	$_SESSION['displayName'] = $display;
+	$_SESSION['dateJoined'] = $dateJoined;
+
+	//The below is me hashing the claimedID.
+	//TODO: Store these values in a single location...
+	$salt = "33qs5d4j6z98gt1a7n6b5d4x1c66f5nuh8a6d8g9j09aphgf56z5745";
+	$pepper = "chilis baby-back ribss! I want my baby back, baby back, baby back, baby back, baby back, I want my, baby backTREE3!";
+	$one = MD5($claimedid);
+	$two = MD5($one . $salt);
+	$three = MD5($pepper . $two);
+
+	$expire = time() + (6 * 31 * 24 * 60 * 60);
+	setcookie("userID", $userID, $expire);
+	setcookie("doLogin", "yes", $expire);
+	setcookie("auth", $three, $expire);
+
+	$refTo = null;
+	if (isset($_GET['ref']))
+		$refTo = $_GET['ref'];
+	//DoRedirect("Thank you $display.", $_GET['ref']);
+	DoRedirect("", $refTo, 0);
+	exit;
 }
 
 function sendNewUserEmail($userID, $email, $display, $dateJoined) {
@@ -234,9 +230,9 @@ Happy Pathing,
 	QueueEmail(null, $email, $emailSubject, $emailBody, 5);
 }
 
-function throwLoginError($data, $explination) {
+function throwLoginError($data, $explanation) {
 	$randCode = rand(10000, 99999);
-	$errortext = "<br />Error; $explination \n
+	$errortext = "<br />Error; $explanation \n
 		<br />The error details have been emailed to the administrator.
 		<br />If this problem continues; please email me:
 		<a target='top' href='mailto:snap@pathery.com?Subject=Pathery%20Login%20Error%20$randCode'>
@@ -246,7 +242,8 @@ function throwLoginError($data, $explination) {
 		<br />";
 	$errortext .= mysql_error();
 	DoRedirect($errortext, NULL, 500);
-	$data['explination'] = $explination;
+	
+	$data['explanation'] = $explanation;
 	$data['randCode'] = $randCode;
 	EmailError($data);
 }
-- 
cgit v1.2.3