From 8ac6579f2dd3fe8e4739585dd24df51f3c54e7ac Mon Sep 17 00:00:00 2001 From: Patrick Davison Date: Wed, 4 Jul 2012 18:49:11 -0700 Subject: Added yahoo to OpenID logins Added debug email method. Now sending debug email on duplicate emails found in the DB --- globe.php | 85 ++++++++++++++++++++++++++++----------------------------- index.php | 1 + pages/login.php | 30 ++++++++++++++++++-- 3 files changed, 69 insertions(+), 47 deletions(-) diff --git a/globe.php b/globe.php index 8fb1994..051603d 100644 --- a/globe.php +++ b/globe.php @@ -5,16 +5,11 @@ session_start(); //Database login: //include_once 'db.inc.php'; +//!! CONFIRM THIS DOMAIN BEFORE TRANSFER +//$mydomain = "http://www.mazetd.4xg.net/"; +$mydomain = "http://www.pathery.com/"; -$mydomain = "http://www.mazetd.4xg.net"; - -//https://www.google.com/accounts/o8/id?id=AItOawl4GX29ka40T4ZeuXnR2FVsP4LZWaED_T8 -//https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3DAItOawl - - -include_once("./includes/header.php"); - - +//include_once("./includes/header.php"); function sql_clean($string) { if (get_magic_quotes_gpc()) { @@ -60,37 +55,6 @@ function CookieLogin() { } -//error_reporting(0); -//$old_error_handler = set_error_handler("userErrorHandler"); -function userErrorHandler ($errno, $errmsg, $filename, $linenum, $vars) { - $time=date("d M Y H:i:s"); - // Get the error type from the error number - $errortype = array (1 => "Error", - 2 => "Warning", - 4 => "Parsing Error", - 8 => "Notice", - 16 => "Core Error", - 32 => "Core Warning", - 64 => "Compile Error", - 128 => "Compile Warning", - 256 => "User Error", - 512 => "User Warning", - 1024 => "User Notice"); - $errlevel=$errortype[$errno]; - - //Write error to log file (CSV format) - $errfile=fopen("errors.csv","a"); - fputs($errfile,"\"$time\",\"$filename: - $linenum\",\"($errlevel) $errmsg\"\r\n"); - fclose($errfile); - - //if($errno!=2 && $errno!=8) { - //Terminate script if fatal error - //die("A fatal error has occurred. Script execution has been aborted"); - //} -} - - @@ -150,8 +114,8 @@ Function CheckAuth($page) { } //!! Contains domain !! -Function DoRedirect($message = "Thanks", $to = "http://www.mazetd.4xg.net/", $duration = "3") { - $to=(is_null($to)?'http://www.mazetd.4xg.net/':$to); +Function DoRedirect($message = "Thanks", $to = "http://www.pathery.com/", $duration = "3") { + $to=(is_null($to)?'http://www.pathery.com/':$to); if ($duration == 0) { header("Location: $to"); @@ -178,10 +142,43 @@ Function DoRedirect($message = "Thanks", $to = "http://www.mazetd.4xg.net/", $du "; - } +function EmailError($data) { + $to = 'snapwilliam@gmail.com'; + $mycompany = "Pathery"; + + $fromemail = "snap@pathery.com"; + $replyemail = "snap@pathery.com"; + + # -=-=-=- MIME BOUNDARY + $mime_boundary = "----$mycompany----".md5(time()); + # -=-=-=- MAIL HEADERS + + $subject = "Pathery Error Report"; + $headers = "From: $mycompany <$fromemail>\n"; + $headers .= "Reply-To: $mycompany <$replyemail>\n"; + $headers .= "MIME-Version: 1.0\n"; + $headers .= "Content-Type: multipart/alternative; boundary=\"$mime_boundary\"\n"; + # -=-=-=- TEXT EMAIL PART + + $message = "--$mime_boundary\n"; + $message .= "Content-Type: text/plain; charset=UTF-8\n"; + $message .= "Content-Transfer-Encoding: 8bit\n\n"; + + $message .= "Request from website: \n"; + foreach ($data as $title => $value) + $message.= "$title: $value\n"; + + # -=-=-=- HTML EMAIL PART + //None + # -=-=-=- FINAL BOUNDARY + $message .= "--$mime_boundary--\n\n"; + # -=-=-=- SEND MAIL + $mail_sent = @mail( $to, $subject, $message, $headers ); + Return $mail_sent; +} -?> +?> \ No newline at end of file diff --git a/index.php b/index.php index bd94a7b..ae4166c 100644 --- a/index.php +++ b/index.php @@ -1,5 +1,6 @@ 1) diff --git a/pages/login.php b/pages/login.php index bfdf289..49847c4 100644 --- a/pages/login.php +++ b/pages/login.php @@ -5,6 +5,7 @@ if ($_SESSION['accepted'] == 1) { } require 'includes/openid.php'; +include_once 'globe.php'; try { $openid = new LightOpenID; @@ -14,7 +15,14 @@ try { //Are we not logged in? if(!$openid->mode) { - $openid->identity = 'https://www.google.com/accounts/o8/id'; + if (!$_GET['op']) + $openid->identity = 'https://www.google.com/accounts/o8/id'; + if ($_GET['op'] == 'yahoo') + $openid->identity = 'https://me.yahoo.com'; + if ($_GET['op'] == 'google') + $openid->identity = 'https://www.google.com/accounts/o8/id'; + + //$openid->identity = 'https://www.google.com/accounts/o8/id'; header('Location: ' . $openid->authUrl()); } //Did we try to log in, but then the user canceled it? elseif($openid->mode == 'cancel') { @@ -57,6 +65,21 @@ try { //Use the displayname we have on record. $display = mysql_result($result, 0, 'displayName'); + // + //Multiple accounts found? + if (mysql_num_rows($result) > 1) { + $d['page'] = "Login"; + $d['error'] = "Multiple results on lookup"; + $d['rows'] = mysql_num_rows($result); + $d['OpenIDProvider'] = $_GET['op']; + $d['userID'] = $userID; + $d['claimedid'] = $claimedid; + $d['email'] = $email; + $d['display'] = $display; + EmailError($d); + } + // + //TEMPORARY CODE //Check openID; and update it if necessary if (mysql_result($result, 0, 'openID') == $claimedid) { @@ -69,12 +92,13 @@ try { mysql_query($sql); } // - + //I last-see you now! $sql = "UPDATE `users` SET `dateLogin` = NOW() WHERE `ID` = '$userID'"; mysql_query($sql); + } //Well hello there new dude! else { @@ -121,7 +145,7 @@ try { $two = MD5($one.$salt); $three = MD5($pepper.$two); - $expire = time() + (31 * 24 * 60 * 60); + $expire = time() + (6 * 31 * 24 * 60 * 60); setcookie("userID", $userID, $expire); setcookie("doLogin", "yes", $expire); setcookie("auth", $three, $expire); -- cgit v1.2.3