+<h2>{L_AUTH_PROVIDER_OAUTH_TITLE}</h2>

+

+<p>{L_AUTH_PROVIDER_OAUTH_EXPLAIN}</p>

+

+<!-- BEGIN oauth_services -->

+<fieldset>

+ <legend>{oauth_services.ACTUAL_NAME}</legend>

+ <dl>

+ <dt><label for="oauth_service_{oauth_services.NAME}_key">{L_AUTH_PROVIDER_OAUTH_KEY}{L_COLON}</label></dt>

+ <dd><input type="text" id="oauth_service_{oauth_services.NAME}_key" size="40" name="config[auth_oauth_{oauth_services.NAME}_key]" value="{oauth_services.KEY}" /></dd>

+ </dl>

+ <dl>

+ <dt><label for="oauth_service_{oauth_services.NAME}_secret">{L_AUTH_PROVIDER_OAUTH_SECRET}{L_COLON}</label></dt>

+ <dd><input type="text" id="oauth_service_{oauth_services.NAME}_secret" size="40" name="config[auth_oauth_{oauth_services.NAME}_secret]" value="{oauth_services.SECRET}" /></dd>

+ </dl>

+</fieldset>

+<!-- END oauth_services -->

+ "lusitanian/oauth": "0.2.*",

+ "hash": "a14960de85feb64fdb19eabd165cc09b",

+ "name": "lusitanian/oauth",

+ "version": "v0.2.1",

+ "source": {

+ "type": "git",

+ "url": "https://github.com/Lusitanian/PHPoAuthLib.git",

+ "reference": "00c667d93058e983fc1b7d3d1cebdb1bc03fb043"

+ },

+ "dist": {

+ "type": "zip",

+ "url": "https://api.github.com/repos/Lusitanian/PHPoAuthLib/zipball/00c667d93058e983fc1b7d3d1cebdb1bc03fb043",

+ "reference": "00c667d93058e983fc1b7d3d1cebdb1bc03fb043",

+ "shasum": ""

+ },

+ "require": {

+ "php": ">=5.3.0"

+ },

+ "require-dev": {

+ "phpunit/phpunit": "3.7.*",

+ "predis/predis": "0.8.*@dev",

+ "symfony/http-foundation": "~2.1"

+ },

+ "suggest": {

+ "predis/predis": "Allows using the Redis storage backend.",

+ "symfony/http-foundation": "Allows using the Symfony Session storage backend."

+ },

+ "type": "library",

+ "extra": {

+ "branch-alias": {

+ "dev-master": "0.1-dev"

+ }

+ },

+ "autoload": {

+ "psr-0": {

+ "OAuth": "src",

+ "OAuth\\Unit": "tests"

+ }

+ },

+ "notification-url": "https://packagist.org/downloads/",

+ "license": [

+ "MIT"

+ ],

+ "authors": [

+ {

+ "name": "David Desberg",

+ "email": "david@daviddesberg.com"

+ },

+ {

+ "name": "Pieter Hordijk",

+ "email": "info@pieterhordijk.com",

+ "homepage": "https://pieterhordijk.com",

+ "role": "developer"

+ }

+ ],

+ "description": "PHP 5.3+ oAuth 1/2 Library",

+ "keywords": [

+ "Authentication",

+ "authorization",

+ "oauth",

+ "security"

+ ],

+ "time": "2013-08-29 21:40:04"

+ },

+ {

+ "url": "https://github.com/fabpot/Goutte",

+ "reference": "v0.1.0"

+ "url": "https://github.com/fabpot/Goutte/archive/v0.1.0.zip",

+ "reference": "v0.1.0",

+ "url": "https://github.com/guzzle/guzzle",

+ "reference": "v3.0.7"

+ "url": "https://github.com/guzzle/guzzle/archive/v3.0.7.zip",

+ "reference": "v3.0.7",

+ "url": "https://github.com/phingofficial/phing",

+ "reference": "2.4.14"

+ "url": "https://github.com/phingofficial/phing/archive/2.4.14.zip",

+ "reference": "2.4.14",

+ "reference": "1.2.3"

+ "url": "https://api.github.com/repos/sebastianbergmann/dbunit/zipball/1.2.3",

+ "reference": "1.2.3",

+ "reference": "1.2.12"

+ "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/1.2.12",

+ "reference": "1.2.12",

+ "url": "git://github.com/sebastianbergmann/php-file-iterator.git",

+ "reference": "1.3.3"

+ "url": "https://github.com/sebastianbergmann/php-file-iterator/zipball/1.3.3",

+ "reference": "1.3.3",

+ "time": "2012-10-11 04:44:38"

+ "url": "git://github.com/sebastianbergmann/php-text-template.git",

+ "reference": "1.1.4"

+ "url": "https://github.com/sebastianbergmann/php-text-template/zipball/1.1.4",

+ "reference": "1.1.4",

+ "time": "2012-10-31 11:15:28"

+ "url": "git://github.com/sebastianbergmann/phpunit-mock-objects.git",

+ "reference": "1.2.3"

+ "url": "https://github.com/sebastianbergmann/phpunit-mock-objects/archive/1.2.3.zip",

+ "reference": "1.2.3",

+ auth.provider.oauth:

+ class: phpbb_auth_provider_oauth

+ arguments:

+ - @dbal.conn

+ - @config

+ - @request

+ - @user

+ - %tables.auth_provider_oauth_token_storage%

+ - %tables.auth_provider_oauth_account_assoc%

+ - @auth.provider.oauth.service_collection

+ - %tables.users%

+ - %core.root_path%

+ - %core.php_ext%

+ tags:

+ - { name: auth.provider }

+ auth.provider.oauth.service_collection:

+ class: phpbb_di_service_collection

+ arguments:

+ - @service_container

+ tags:

+ - { name: service_collection, tag: auth.provider.oauth.service }

+ auth.provider.oauth.service.bitly:

+ class: phpbb_auth_provider_oauth_service_bitly

+ arguments:

+ - @config

+ - @request

+ tags:

+ - { name: auth.provider.oauth.service }

+ auth.provider.oauth.service.facebook:

+ class: phpbb_auth_provider_oauth_service_facebook

+ arguments:

+ - @config

+ - @request

+ tags:

+ - { name: auth.provider.oauth.service }

+ auth.provider.oauth.service.google:

+ class: phpbb_auth_provider_oauth_service_google

+ arguments:

+ - @config

+ - @request

+ tags:

+ - { name: auth.provider.oauth.service }

+ notification.type.group_request:

+ class: phpbb_notification_type_group_request

+ scope: prototype # scope MUST be prototype for this to work!

+ arguments:

+ - @user_loader

+ - @dbal.conn

+ - @cache.driver

+ - @user

+ - @auth

+ - @config

+ - %core.root_path%

+ - %core.php_ext%

+ - %tables.notification_types%

+ - %tables.notifications%

+ - %tables.user_notifications%

+ tags:

+ - { name: notification.type }

+

+ notification.type.group_request_approved:

+ class: phpbb_notification_type_group_request_approved

+ scope: prototype # scope MUST be prototype for this to work!

+ arguments:

+ - @user_loader

+ - @dbal.conn

+ - @cache.driver

+ - @user

+ - @auth

+ - @config

+ - %core.root_path%

+ - %core.php_ext%

+ - %tables.notification_types%

+ - %tables.notifications%

+ - %tables.user_notifications%

+ tags:

+ - { name: notification.type }

+

+ tables.auth_provider_oauth_token_storage: %core.table_prefix%oauth_tokens

+ tables.auth_provider_oauth_account_assoc: %core.table_prefix%oauth_accounts

+require(dirname(__FILE__) . '/../includes/db/schema_data.php');

+require($phpbb_root_path . 'includes/db/schema_data.' . $phpEx);

+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11769">PHPBB3-11769</a>] - Wrong poster in subscription email when poster is using the Quote button</li>

+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11775">PHPBB3-11775</a>] - Error while moving posts to a new topic</li>

+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11802">PHPBB3-11802</a>] - Undefined variable $browser in /download/file.php</li>

+ucp_prefs_personal_prepend

+===

+* Locations:

+ + styles/prosilver/template/ucp_prefs_personal.html

+ + styles/subsilver2/template/ucp_prefs_personal.html

+* Purpose: Add user options to the top of the Edit Global Settings block

+

+ucp_prefs_personal_append

+===

+* Locations:

+ + styles/prosilver/template/ucp_prefs_personal.html

+ + styles/subsilver2/template/ucp_prefs_personal.html

+* Purpose: Add user options to the bottom of the Edit Global Settings block

+

+ucp_prefs_post_prepend

+===

+* Locations:

+ + styles/prosilver/template/ucp_prefs_post.html

+ + styles/subsilver2/template/ucp_prefs_post.html

+* Purpose: Add user options to the top of the Edit Posting Defaults block

+

+ucp_prefs_post_append

+===

+* Locations:

+ + styles/prosilver/template/ucp_prefs_post.html

+ + styles/subsilver2/template/ucp_prefs_post.html

+* Purpose: Add user options to the bottom of the Edit Posting Defaults block

+

+ucp_prefs_view_radio_buttons_prepend

+===

+* Locations:

+ + styles/prosilver/template/ucp_prefs_view.html

+ + styles/subsilver2/template/ucp_prefs_view.html

+* Purpose: Add options to the top of the radio buttons block of the Edit

+Display Options screen

+

+ucp_prefs_view_radio_buttons_append

+===

+* Locations:

+ + styles/prosilver/template/ucp_prefs_view.html

+ + styles/subsilver2/template/ucp_prefs_view.html

+* Purpose: Add options to the bottom of the radio buttons block of the Edit

+Display Options screen

+

+ucp_prefs_view_select_menu_prepend

+===

+* Locations:

+ + styles/prosilver/template/ucp_prefs_view.html

+ + styles/subsilver2/template/ucp_prefs_view.html

+* Purpose: Add options to the top of the drop-down lists block of the Edit

+Display Options screen

+

+ucp_prefs_view_select_menu_append

+===

+* Locations:

+ + styles/prosilver/template/ucp_prefs_view.html

+ + styles/subsilver2/template/ucp_prefs_view.html

+* Purpose: Add options to the bottom of the drop-down lists block of the Edit

+Display Options screen

+

+ 'read_notification_expire_days' => array('lang' => 'READ_NOTIFICATION_EXPIRE_DAYS', 'validate' => 'int:0', 'type' => 'number:0', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']),

+ if (array_key_exists('BLOCK_VAR_NAME', $auth_tpl))

+ {

+ foreach ($auth_tpl['BLOCK_VARS'] as $block_vars)

+ {

+ $template->assign_block_vars($auth_tpl['BLOCK_VAR_NAME'], $block_vars);

+ }

+ }

+define('LOGIN_SUCCESS_LINK_PROFILE', 21);

+$schema_data['phpbb_oauth_accounts'] = array(

+ 'COLUMNS' => array(

+ 'user_id' => array('UINT', 0),

+ 'provider' => array('VCHAR', ''),

+ 'oauth_provider_id' => array('TEXT_UNI', ''),

+ ),

+ 'PRIMARY_KEY' => array(

+ 'user_id',

+ 'provider',

+ ),

+);

+

+$schema_data['phpbb_oauth_tokens'] = array(

+ 'COLUMNS' => array(

+ 'user_id' => array('UINT', 0), // phpbb_users.user_id

+ 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set

+ 'provider' => array('VCHAR', ''), // Name of the OAuth provider

+ 'oauth_token' => array('MTEXT', ''), // Serialized token

+ ),

+ 'KEYS' => array(

+ 'user_id' => array('INDEX', 'user_id'),

+ 'provider' => array('INDEX', 'provider'),

+ ),

+);

+

+ global $request, $phpbb_container;

+ if ($request->is_set_post('login') || ($request->is_set('login') && $request->variable('login', '') == 'external'))

+ $auth_provider = $phpbb_container->get('auth.provider.' . $config['auth_method']);

+

+ $auth_provider_data = $auth_provider->get_login_data();

+ if ($auth_provider_data)

+ {

+ if (isset($auth_provider_data['VARS']))

+ {

+ $template->assign_vars($auth_provider_data['VARS']);

+ }

+

+ if (isset($auth_provider_data['BLOCK_VAR_NAME']))

+ {

+ foreach ($auth_provider_data['BLOCK_VARS'] as $block_vars)

+ {

+ $template->assign_block_vars($auth_provider_data['BLOCK_VAR_NAME'], $block_vars);

+ }

+ }

+

+ $template->assign_vars(array(

+ 'PROVIDER_TEMPLATE_FILE' => $auth_provider_data['TEMPLATE_FILE'],

+ ));

+ }

+

+ global $phpbb_container;

+

+ $filesystem = $phpbb_container->get('filesystem');

+ $path_info = $filesystem->clean_path($path_info);

+

+ // Do not count / at start of path

+ $corrections = substr_count(substr($path_info, 1), '/');

+ global $db, $auth, $phpbb_container;

+ if ($pending)

+ {

+ $phpbb_notifications = $phpbb_container->get('notification_manager');

+

+ foreach ($add_id_ary as $user_id)

+ {

+ $phpbb_notifications->add_notifications('group_request', array(

+ 'group_id' => $group_id,

+ 'user_id' => $user_id,

+ 'group_name' => $group_name,

+ ));

+ }

+ }

+

+ global $db, $auth, $config, $phpbb_dispatcher, $phpbb_container;

+ $phpbb_notifications = $phpbb_container->get('notification_manager');

+

+ $phpbb_notifications->delete_notifications('group_request', $user_id_ary, $group_id);

+

+ global $db, $auth, $phpbb_root_path, $phpEx, $config, $phpbb_container;

+ $user_id_ary = array();

+ $phpbb_notifications = $phpbb_container->get('notification_manager');

+ $phpbb_notifications->add_notifications('group_request_approved', array(

+ 'user_ids' => $user_id_ary,

+ 'group_id' => $group_id,

+ 'group_name' => $group_name,

+ ));

+ $phpbb_notifications->delete_notifications('group_request', $user_id_ary, $group_id);

+ 'S_REPORT_CLOSED' => $report['report_closed'],

+ 'S_REPORT_CLOSED' => $report['report_closed'],

+<?php

+/**

+*

+* @package ucp

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @package module_install

+*/

+class ucp_auth_link_info

+{

+ function module()

+ {

+ return array(

+ 'filename' => 'ucp_auth_link',

+ 'title' => 'UCP_AUTH_LINK',

+ 'version' => '1.0.0',

+ 'modes' => array(

+ 'auth_link' => array('title' => 'UCP_AUTH_LINK_MANAGE', 'auth' => '', 'cat' => array('UCP_PROFILE')),

+ ),

+ );

+ }

+

+ function install()

+ {

+ }

+

+ function uninstall()

+ {

+ }

+}

+<?php

+/**

+*

+* @package ucp

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+class ucp_auth_link

+{

+ /**

+ * @var string

+ */

+ public $u_action;

+

+ /**

+ * Generates the ucp_auth_link page and handles the auth link process

+ *

+ * @param int $id

+ * @param string $mode

+ */

+ public function main($id, $mode)

+ {

+ global $config, $request, $template, $phpbb_container, $user;

+

+ $error = array();

+

+ $auth_provider = $phpbb_container->get('auth.provider.' . $config['auth_method']);

+

+ // confirm that the auth provider supports this page

+ $provider_data = $auth_provider->get_auth_link_data();

+ if ($provider_data === null)

+ {

+ $error[] = 'UCP_AUTH_LINK_NOT_SUPPORTED';

+ }

+

+ $s_hidden_fields = array();

+ add_form_key('ucp_auth_link');

+

+ $submit = $request->variable('submit', false, false, phpbb_request_interface::POST);

+

+ // This path is only for primary actions

+ if (!sizeof($error) && $submit)

+ {

+ if (!check_form_key('ucp_auth_link'))

+ {

+ $error[] = 'FORM_INVALID';

+ }

+

+ if (!sizeof($error))

+ {

+ // Any post data could be necessary for auth (un)linking

+ $link_data = $request->get_super_global(phpbb_request_interface::POST);

+

+ // The current user_id is also necessary

+ $link_data['user_id'] = $user->data['user_id'];

+

+ // Tell the provider that the method is auth_link not login_link

+ $link_data['link_method'] = 'auth_link';

+

+ if ($request->variable('link', 0, false, phpbb_request_interface::POST))

+ {

+ $error[] = $auth_provider->link_account($link_data);

+ }

+ else

+ {

+ $error[] = $auth_provider->unlink_account($link_data);

+ }

+

+ // Template data may have changed, get new data

+ $provider_data = $auth_provider->get_auth_link_data();

+ }

+ }

+

+ // In some cases, a request to an external server may be required. In

+ // these cases, the GET parameter 'link' should exist and should be true

+ if ($request->variable('link', false))

+ {

+ // In this case the link data should only be populated with the

+ // link_method as the provider dictates how data is returned to it.

+ $link_data = array('link_method' => 'auth_link');

+

+ $error[] = $auth_provider->link_account($link_data);

+

+ // Template data may have changed, get new data

+ $provider_data = $auth_provider->get_auth_link_data();

+ }

+

+ if (isset($provider_data['VARS']))

+ {

+ // Handle hidden fields separately

+ if (isset($provider_data['VARS']['HIDDEN_FIELDS']))

+ {

+ $s_hidden_fields = array_merge($s_hidden_fields, $provider_data['VARS']['HIDDEN_FIELDS']);

+ unset($provider_data['VARS']['HIDDEN_FIELDS']);

+ }

+

+ $template->assign_vars($provider_data['VARS']);

+ }

+

+ if (isset($provider_data['BLOCK_VAR_NAME']))

+ {

+ foreach ($provider_data['BLOCK_VARS'] as $block_vars)

+ {

+ // See if there are additional hidden fields. This should be an associative array

+ if (isset($block_vars['HIDDEN_FIELDS']))

+ {

+ $block_vars['HIDDEN_FIELDS'] = build_hidden_fields($block_vars['HIDDEN_FIELDS']);

+ }

+

+ $template->assign_block_vars($provider_data['BLOCK_VAR_NAME'], $block_vars);

+ }

+ }

+

+ $s_hidden_fields = build_hidden_fields($s_hidden_fields);

+

+ // Replace "error" strings with their real, localised form

+ $error = array_map(array($user, 'lang'), $error);

+ $error = implode('<br />', $error);

+

+ $template->assign_vars(array(

+ 'ERROR' => $error,

+

+ 'PROVIDER_TEMPLATE_FILE' => $provider_data['TEMPLATE_FILE'],

+

+ 'S_HIDDEN_FIELDS' => $s_hidden_fields,

+ 'S_UCP_ACTION' => $this->u_action,

+ ));

+

+ $this->tpl_name = 'ucp_auth_link';

+ $this->page_title = 'UCP_AUTH_LINK';

+ }

+}

+<?php

+/**

+*

+* @package ucp

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+/**

+* ucp_login_link

+* Allows users of external accounts link those accounts to their phpBB accounts

+* during an attempted login.

+* @package ucp

+*/

+class ucp_login_link

+{

+ /**

+ * @var string

+ */

+ public $u_action;

+

+ /**

+ * Generates the ucp_login_link page and handles login link process

+ *

+ * @param int $id

+ * @param string $mode

+ */

+ function main($id, $mode)

+ {

+ global $config, $phpbb_container, $request, $template, $user;

+ global $phpbb_root_path, $phpEx;

+

+ // Initialize necessary variables

+ $login_error = null;

+ $login_link_error = null;

+ $login_username = null;

+

+ // Build the data array

+ $data = $this->get_login_link_data_array();

+

+ // Ensure the person was sent here with login_link data

+ if (empty($data))

+ {

+ $login_link_error = $user->lang['LOGIN_LINK_NO_DATA_PROVIDED'];

+ }

+

+ // Use the auth_provider requested even if different from configured

+ $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']);

+ $auth_provider = $phpbb_container->get($auth_provider);

+

+ // Set the link_method to login_link

+ $data['link_method'] = 'login_link';

+

+ // Have the authentication provider check that all necessary data is available

+ $result = $auth_provider->login_link_has_necessary_data($data);

+ if ($result !== null)

+ {

+ $login_link_error = $user->lang[$result];

+ }

+

+ // Perform link action if there is no error

+ if (!$login_link_error)

+ {

+ if ($request->is_set_post('login'))

+ {

+ $login_username = $request->variable('login_username', '', false, phpbb_request_interface::POST);

+ $login_password = $request->untrimmed_variable('login_password', '', true, phpbb_request_interface::POST);

+

+ $login_result = $auth_provider->login($login_username, $login_password);

+

+ // We only care if there is or is not an error

+ $login_error = $this->process_login_result($login_result);

+

+ if (!$login_error)

+ {

+ // Give the user_id to the data

+ $data['user_id'] = $login_result['user_row']['user_id'];

+

+ // The user is now logged in, attempt to link the user to the external account

+ $result = $auth_provider->link_account($data);

+

+ if ($result)

+ {

+ $login_link_error = $user->lang[$result];

+ }

+ else

+ {

+ // Finish login

+ $result = $user->session_create($login_result['user_row']['user_id'], false, false, true);

+

+ // Perform a redirect as the account has been linked

+ $this->perform_redirect();

+ }

+ }

+ }

+ }

+

+ $template->assign_vars(array(

+ // Common template elements

+ 'LOGIN_LINK_ERROR' => $login_link_error,

+ 'PASSWORD_CREDENTIAL' => 'login_password',

+ 'USERNAME_CREDENTIAL' => 'login_username',

+ 'S_HIDDEN_FIELDS' => $this->get_hidden_fields($data),

+

+ // Registration elements

+ 'REGISTER_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=register'),

+

+ // Login elements

+ 'LOGIN_ERROR' => $login_error,

+ 'LOGIN_USERNAME' => $login_username,

+ ));

+

+ $this->tpl_name = 'ucp_login_link';

+ $this->page_title = 'UCP_LOGIN_LINK';

+ }

+

+ /**

+ * Builds the hidden fields string from the data array.

+ *

+ * @param array $data This function only includes data in the array

+ * that has a key that begins with 'login_link_'

+ * @return string A string of hidden fields that can be included in the

+ * template

+ */

+ protected function get_hidden_fields($data)

+ {

+ $fields = array();

+

+ foreach ($data as $key => $value)

+ {

+ $fields['login_link_' . $key] = $value;

+ }

+

+ return build_hidden_fields($fields);

+ }

+

+ /**

+ * Builds the login_link data array

+ *

+ * @return array All login_link data. This is all GET data whose names

+ * begin with 'login_link_'

+ */

+ protected function get_login_link_data_array()

+ {

+ global $request;

+

+ $var_names = $request->variable_names(phpbb_request_interface::GET);

+ $login_link_data = array();

+ $string_start_length = strlen('login_link_');

+

+ foreach ($var_names as $var_name)

+ {

+ if (strpos($var_name, 'login_link_') === 0)

+ {

+ $key_name = substr($var_name, $string_start_length);

+ $login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::GET);

+ }

+ }

+

+ return $login_link_data;

+ }

+

+ /**

+ * Processes the result array from the login process

+ * @param array $result The login result array

+ * @return string|null If there was an error in the process, a string is

+ * returned. If the login was successful, then null is

+ * returned.

+ */

+ protected function process_login_result($result)

+ {

+ global $config, $request, $template, $user;

+

+ $login_error = null;

+

+ if ($result['status'] != LOGIN_SUCCESS)

+ {

+ // Handle all errors first

+ if ($result['status'] == LOGIN_BREAK)

+ {

+ trigger_error($result['error_msg']);

+ }

+

+ switch ($result['status'])

+ {

+ case LOGIN_ERROR_ATTEMPTS:

+

+ $captcha = phpbb_captcha_factory::get_instance($config['captcha_plugin']);

+ $captcha->init(CONFIRM_LOGIN);

+

+ $template->assign_vars(array(

+ 'CAPTCHA_TEMPLATE' => $captcha->get_template(),

+ ));

+

+ $login_error = $user->lang[$result['error_msg']];

+ break;

+

+ case LOGIN_ERROR_PASSWORD_CONVERT:

+ $login_error = sprintf(

+ $user->lang[$result['error_msg']],

+ ($config['email_enable']) ? '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=sendpassword') . '">' : '',

+ ($config['email_enable']) ? '</a>' : '',

+ ($config['board_contact']) ? '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">' : '',

+ ($config['board_contact']) ? '</a>' : ''

+ );

+ break;

+

+ // Username, password, etc...

+ default:

+ $login_error = $user->lang[$result['error_msg']];

+

+ // Assign admin contact to some error messages

+ if ($result['error_msg'] == 'LOGIN_ERROR_USERNAME' || $result['error_msg'] == 'LOGIN_ERROR_PASSWORD')

+ {

+ $login_error = (!$config['board_contact']) ? sprintf($user->lang[$result['error_msg']], '', '') : sprintf($user->lang[$result['error_msg']], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>');

+ }

+

+ break;

+ }

+ }

+

+ return $login_error;

+ }

+

+ /**

+ * Performs a post login redirect

+ */

+ protected function perform_redirect()

+ {

+ global $phpbb_root_path, $phpEx;

+ $url = append_sid($phpbb_root_path . 'index.' . $phpEx);

+ redirect($url);

+ }

+}

+ global $config, $db, $user, $auth, $template, $phpbb_dispatcher, $phpbb_root_path, $phpEx;

+ /**

+ * Add UCP edit global settings data before they are assigned to the template or submitted

+ *

+ * To assign data to the template, use $template->assign_vars()

+ *

+ * @event core.ucp_prefs_personal_data

+ * @var bool submit Do we display the form only

+ * or did the user press submit

+ * @var array data Array with current ucp options data

+ * @since 3.1-A1

+ */

+ $vars = array('submit', 'data');

+ extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_personal_data', compact($vars)));

+

+ /**

+ * Update UCP edit global settings data on form submit

+ *

+ * @event core.ucp_prefs_personal_update_data

+ * @var array data Submitted display options data

+ * @var array sql_ary Display options data we udpate

+ * @since 3.1-A1

+ */

+ $vars = array('data', 'sql_ary');

+ extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_personal_update_data', compact($vars)));

+

+ /**

+ * Add UCP edit display options data before they are assigned to the template or submitted

+ *

+ * To assign data to the template, use $template->assign_vars()

+ *

+ * @event core.ucp_prefs_view_data

+ * @var bool submit Do we display the form only

+ * or did the user press submit

+ * @var array data Array with current ucp options data

+ * @since 3.1-A1

+ */

+ $vars = array('submit', 'data');

+ extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_view_data', compact($vars)));

+

+ /**

+ * Update UCP edit display options data on form submit

+ *

+ * @event core.ucp_prefs_view_update_data

+ * @var array data Submitted display options data

+ * @var array sql_ary Display options data we udpate

+ * @since 3.1-A1

+ */

+ $vars = array('data', 'sql_ary');

+ extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_view_update_data', compact($vars)));

+

+ /**

+ * Add UCP edit posting defaults data before they are assigned to the template or submitted

+ *

+ * To assign data to the template, use $template->assign_vars()

+ *

+ * @event core.ucp_prefs_post_data

+ * @var bool submit Do we display the form only

+ * or did the user press submit

+ * @var array data Array with current ucp options data

+ * @since 3.1-A1

+ */

+ $vars = array('submit', 'data');

+ extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_post_data', compact($vars)));

+

+ /**

+ * Update UCP edit posting defaults data on form submit

+ *

+ * @event core.ucp_prefs_post_update_data

+ * @var array data Submitted display options data

+ * @var array sql_ary Display options data we udpate

+ * @since 3.1-A1

+ */

+ $vars = array('data', 'sql_ary');

+ extract($phpbb_dispatcher->trigger_event('core.ucp_prefs_post_update_data', compact($vars)));

+

+ global $request, $phpbb_container;

+ $s_hidden_fields = array();

+

+ // Handle login_link data added to $_hidden_fields

+ $login_link_data = $this->get_login_link_data_array();

+

+ if (!empty($login_link_data))

+ {

+ // Confirm that we have all necessary data

+ $auth_provider = 'auth.provider.' . $request->variable('auth_provider', $config['auth_method']);

+ $auth_provider = $phpbb_container->get($auth_provider);

+

+ $result = $auth_provider->login_link_has_necessary_data($login_link_data);

+ if ($result !== null)

+ {

+ $error[] = $user->lang[$result];

+ }

+

+ $s_hidden_fields = array_merge($s_hidden_fields, $this->get_login_link_data_for_hidden_fields($login_link_data));

+ }

+ $s_hidden_fields = array_merge($s_hidden_fields, array(

+ ));

+ // Perform account linking if necessary

+ if (!empty($login_link_data))

+ {

+ $login_link_data['user_id'] = $user_id;

+

+ $result = $auth_provider->link_account($login_link_data);

+

+ if ($result)

+ {

+ $message = $message . '<br /><br />' . $user->lang[$result];

+ }

+ }

+

+ $s_hidden_fields = array_merge($s_hidden_fields, array(

+ ));

+

+ /**

+ * Creates the login_link data array

+ *

+ * @return array Returns an array of all POST paramaters whose names

+ * begin with 'login_link_'

+ */

+ protected function get_login_link_data_array()

+ {

+ global $request;

+

+ $var_names = $request->variable_names(phpbb_request_interface::POST);

+ $login_link_data = array();

+ $string_start_length = strlen('login_link_');

+

+ foreach ($var_names as $var_name)

+ {

+ if (strpos($var_name, 'login_link_') === 0)

+ {

+ $key_name = substr($var_name, $string_start_length);

+ $login_link_data[$key_name] = $request->variable($var_name, '', false, phpbb_request_interface::POST);

+ }

+ }

+

+ return $login_link_data;

+ }

+

+ /**

+ * Prepends they key names of an associative array with 'login_link_' for

+ * inclusion on the page as hidden fields.

+ *

+ * @param array $data The array to be modified

+ * @return array The modified array

+ */

+ protected function get_login_link_data_for_hidden_fields($data)

+ {

+ $new_data = array();

+

+ foreach ($data as $key => $value)

+ {

+ $new_data['login_link_' . $key] = $value;

+ }

+

+ return $new_data;

+ }

+# Table: 'phpbb_oauth_tokens'

+CREATE TABLE phpbb_oauth_tokens (

+ user_id INTEGER DEFAULT 0 NOT NULL,

+ session_id CHAR(32) CHARACTER SET NONE DEFAULT '' NOT NULL,

+ provider VARCHAR(255) CHARACTER SET NONE DEFAULT '' NOT NULL,

+ oauth_token BLOB SUB_TYPE TEXT CHARACTER SET NONE DEFAULT '' NOT NULL

+);;

+

+CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens(user_id);;

+CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens(provider);;

+

+# Table: 'phpbb_oauth_accounts'

+CREATE TABLE phpbb_oauth_accounts (

+ user_id INTEGER DEFAULT 0 NOT NULL,

+ provider VARCHAR(255) CHARACTER SET NONE DEFAULT '' NOT NULL,

+ oauth_provider_id BLOB SUB_TYPE TEXT CHARACTER SET UTF8 DEFAULT '' NOT NULL

+);;

+

+ALTER TABLE phpbb_oauth_accounts ADD PRIMARY KEY (user_id, provider);;

+

+

+ Table: 'phpbb_oauth_tokens'

+*/

+CREATE TABLE [phpbb_oauth_tokens] (

+ [user_id] [int] DEFAULT (0) NOT NULL ,

+ [session_id] [char] (32) DEFAULT ('') NOT NULL ,

+ [provider] [varchar] (255) DEFAULT ('') NOT NULL ,

+ [oauth_token] [text] DEFAULT ('') NOT NULL

+) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]

+GO

+

+CREATE INDEX [user_id] ON [phpbb_oauth_tokens]([user_id]) ON [PRIMARY]

+GO

+

+CREATE INDEX [provider] ON [phpbb_oauth_tokens]([provider]) ON [PRIMARY]

+GO

+

+

+/*

+ Table: 'phpbb_oauth_accounts'

+*/

+CREATE TABLE [phpbb_oauth_accounts] (

+ [user_id] [int] DEFAULT (0) NOT NULL ,

+ [provider] [varchar] (255) DEFAULT ('') NOT NULL ,

+ [oauth_provider_id] [varchar] (4000) DEFAULT ('') NOT NULL

+) ON [PRIMARY]

+GO

+

+ALTER TABLE [phpbb_oauth_accounts] WITH NOCHECK ADD

+ CONSTRAINT [PK_phpbb_oauth_accounts] PRIMARY KEY CLUSTERED

+ (

+ [user_id],

+ [provider]

+ ) ON [PRIMARY]

+GO

+

+

+/*

+# Table: 'phpbb_oauth_tokens'

+CREATE TABLE phpbb_oauth_tokens (

+ user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,

+ session_id binary(32) DEFAULT '' NOT NULL,

+ provider varbinary(255) DEFAULT '' NOT NULL,

+ oauth_token mediumblob NOT NULL,

+ KEY user_id (user_id),

+ KEY provider (provider)

+);

+

+

+# Table: 'phpbb_oauth_accounts'

+CREATE TABLE phpbb_oauth_accounts (

+ user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,

+ provider varbinary(255) DEFAULT '' NOT NULL,

+ oauth_provider_id blob NOT NULL,

+ PRIMARY KEY (user_id, provider)

+);

+

+

+# Table: 'phpbb_oauth_tokens'

+CREATE TABLE phpbb_oauth_tokens (

+ user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,

+ session_id char(32) DEFAULT '' NOT NULL,

+ provider varchar(255) DEFAULT '' NOT NULL,

+ oauth_token mediumtext NOT NULL,

+ KEY user_id (user_id),

+ KEY provider (provider)

+) CHARACTER SET `utf8` COLLATE `utf8_bin`;

+

+

+# Table: 'phpbb_oauth_accounts'

+CREATE TABLE phpbb_oauth_accounts (

+ user_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,

+ provider varchar(255) DEFAULT '' NOT NULL,

+ oauth_provider_id text NOT NULL,

+ PRIMARY KEY (user_id, provider)

+) CHARACTER SET `utf8` COLLATE `utf8_bin`;

+

+

+ Table: 'phpbb_oauth_tokens'

+*/

+CREATE TABLE phpbb_oauth_tokens (

+ user_id number(8) DEFAULT '0' NOT NULL,

+ session_id char(32) DEFAULT '' ,

+ provider varchar2(255) DEFAULT '' ,

+ oauth_token clob DEFAULT ''

+)

+/

+

+CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id)

+/

+CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (provider)

+/

+

+/*

+ Table: 'phpbb_oauth_accounts'

+*/

+CREATE TABLE phpbb_oauth_accounts (

+ user_id number(8) DEFAULT '0' NOT NULL,

+ provider varchar2(255) DEFAULT '' ,

+ oauth_provider_id clob DEFAULT '' ,

+ CONSTRAINT pk_phpbb_oauth_accounts PRIMARY KEY (user_id, provider)

+)

+/

+

+

+/*

+ Table: 'phpbb_oauth_tokens'

+*/

+CREATE TABLE phpbb_oauth_tokens (

+ user_id INT4 DEFAULT '0' NOT NULL CHECK (user_id >= 0),

+ session_id char(32) DEFAULT '' NOT NULL,

+ provider varchar(255) DEFAULT '' NOT NULL,

+ oauth_token TEXT DEFAULT '' NOT NULL

+);

+

+CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id);

+CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (provider);

+

+/*

+ Table: 'phpbb_oauth_accounts'

+*/

+CREATE TABLE phpbb_oauth_accounts (

+ user_id INT4 DEFAULT '0' NOT NULL CHECK (user_id >= 0),

+ provider varchar(255) DEFAULT '' NOT NULL,

+ oauth_provider_id varchar(4000) DEFAULT '' NOT NULL,

+ PRIMARY KEY (user_id, provider)

+);

+

+

+/*

+# Table: 'phpbb_oauth_tokens'

+CREATE TABLE phpbb_oauth_tokens (

+ user_id INTEGER UNSIGNED NOT NULL DEFAULT '0',

+ session_id char(32) NOT NULL DEFAULT '',

+ provider varchar(255) NOT NULL DEFAULT '',

+ oauth_token mediumtext(16777215) NOT NULL DEFAULT ''

+);

+

+CREATE INDEX phpbb_oauth_tokens_user_id ON phpbb_oauth_tokens (user_id);

+CREATE INDEX phpbb_oauth_tokens_provider ON phpbb_oauth_tokens (provider);

+

+# Table: 'phpbb_oauth_accounts'

+CREATE TABLE phpbb_oauth_accounts (

+ user_id INTEGER UNSIGNED NOT NULL DEFAULT '0',

+ provider varchar(255) NOT NULL DEFAULT '',

+ oauth_provider_id text(65535) NOT NULL DEFAULT '',

+ PRIMARY KEY (user_id, provider)

+);

+

+

+ 'READ_NOTIFICATION_EXPIRE_DAYS' => 'Read Notification Expiration',

+ 'READ_NOTIFICATION_EXPIRE_DAYS_EXPLAIN' => 'Number of days that will elapse before a read notification will automatically be deleted. Set this value to 0 to make notifications permanent.',

+ 'AUTH_PROVIDER_OAUTH_ERROR_ELEMENT_MISSING' => 'Both the key and secret of each enabled OAuth service provider must be provided. Only one was provided for an OAuth service provider.',

+ 'AUTH_PROVIDER_OAUTH_EXPLAIN' => 'Each OAuth provider requires a unique secret and key in order to authenticate with the external server.<br />These should be supplied by the OAuth service when you register your website with them and should be entered exactly as provided to you.<br />Any service that does not have both a key and a secret entered here will not be available for use by the forum users.',

+ 'AUTH_PROVIDER_OAUTH_KEY' => 'Key',

+ 'AUTH_PROVIDER_OAUTH_TITLE' => 'OAuth',

+ 'AUTH_PROVIDER_OAUTH_SECRET' => 'Secret',

+

+ 'AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY' => 'Invalid database entry.',

+ 'AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE' => 'Invalid service type provided to OAuth service handler.',

+ 'AUTH_PROVIDER_OAUTH_ERROR_SERVICE_NOT_CREATED' => 'OAuth service not created',

+ 'AUTH_PROVIDER_OAUTH_SERVICE_BITLY' => 'Bitly',

+ 'AUTH_PROVIDER_OAUTH_SERVICE_FACEBOOK' => 'Facebook',

+ 'AUTH_PROVIDER_OAUTH_SERVICE_GOOGLE' => 'Google',

+ 'AUTH_PROVIDER_OAUTH_TOKEN_ERROR_NOT_STORED' => 'OAuth token not stored.',

+ 'AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED' => 'OAuth token incorrectly stored.',

+ 'LOGIN_ERROR_OAUTH_SERVICE_DOES_NOT_EXIST' => 'A non-existant OAuth service has been requested.',

+ 'NOTIFICATION_GROUP_REQUEST' => '%1$s is requesting to join the group %2$s.',

+ 'NOTIFICATION_GROUP_REQUEST_APPROVED' => 'Your request to join the group %1$s has been approved.',

+ 'LOGIN_LINK' => 'Link or register your account on an external service with your board account',

+ 'LOGIN_LINK_EXPLAIN' => 'You have attempted to login with an external service that is not yet connected to an account on this board. You must now either link this account to an existing account or create a new account.',

+ 'LOGIN_LINK_MISSING_DATA' => 'Data that is necessary to link your account with an external service is not available. Please restart the login process.',

+ 'LOGIN_LINK_NO_DATA_PROVIDED' => 'No data has been provided to this page to link an external account to a forum account. Please contact the board administrator if you continue to experience problems.',

+ 'NOTIFICATION_TYPE_GROUP_REQUEST' => 'Someone requests to join a group you lead',

+ 'UCP_AUTH_LINK' => 'External accounts',

+ 'UCP_AUTH_LINK_ASK' => 'You currently have no account associated with this external service. Click the button below to link your board account to an account with this external service.',

+ 'UCP_AUTH_LINK_ID' => 'Unique identifier',

+ 'UCP_AUTH_LINK_LINK' => 'Link',

+ 'UCP_AUTH_LINK_MANAGE' => 'Manage external account associations',

+ 'UCP_AUTH_LINK_TITLE' => 'Manage your external account associations',

+ 'UCP_AUTH_LINK_UNLINK' => 'Unlink',

+ 'UCP_LOGIN_LINK' => 'Set up an external account association',

+ // If the auth provider wants us to link an empty account do so and redirect

+ if ($login['status'] == LOGIN_SUCCESS_LINK_PROFILE)

+ {

+ // If this status exists a fourth field is in the $login array called 'redirect_data'

+ // This data is passed along as GET data to the next page allow the account to be linked

+

+ $params = array('mode' => 'login_link');

+ $url = append_sid($phpbb_root_path . 'ucp.' . $phpEx, array_merge($params, $login['redirect_data']));

+

+ redirect($url);

+ }

+

+ public function get_login_data()

+ {

+ return;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_auth_link_data()

+ {

+ return;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+

+ /**

+ * {@inheritdoc}

+ */

+ public function login_link_has_necessary_data($login_link_data)

+ {

+ return;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function link_account(array $link_data)

+ {

+ return;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function unlink_account(array $link_data)

+ {

+ return;

+ }

+ * A fourth key of the array may be present:

+ * 'redirect_data' This key is only used when 'status' is

+ * equal to LOGIN_SUCCESS_LINK_PROFILE and its value is an

+ * associative array that is turned into GET variables on

+ * the redirect url.

+ * An optional third element may be added to this

+ * array: 'BLOCK_VAR_NAME'. If this is present,

+ * then its value should be a string that is used

+ * to designate the name of the loop used in the

+ * ACP template file. When this is present, an

+ * additional key named 'BLOCK_VARS' is required.

+ * This must be an array containing at least one

+ * array of variables that will be assigned during

+ * the loop in the template. An example of this is

+ * presented below:

+ * array(

+ * 'BLOCK_VAR_NAME' => string,

+ * 'BLOCK_VARS' => array(

+ * 'KEY IS UNIMPORTANT' => array(...),

+ * ),

+ * 'TEMPLATE_FILE' => string,

+ * 'TEMPLATE_VARS' => array(...),

+ * )

+ * Returns an array of data necessary to build custom elements on the login

+ * form.

+ *

+ * @return array|null If this function is not implemented on an auth

+ * provider then it returns null. If it is implemented

+ * it will return an array of up to four elements of

+ * which only 'TEMPLATE_FILE'. If 'BLOCK_VAR_NAME' is

+ * present then 'BLOCK_VARS' must also be present in

+ * the array. The fourth element 'VARS' is also

+ * optional. The array, with all four elements present

+ * looks like the following:

+ * array(

+ * 'TEMPLATE_FILE' => string,

+ * 'BLOCK_VAR_NAME' => string,

+ * 'BLOCK_VARS' => array(...),

+ * 'VARS' => array(...),

+ * )

+ */

+ public function get_login_data();

+

+ /**

+

+ /**

+ * Checks to see if $login_link_data contains all information except for the

+ * user_id of an account needed to successfully link an external account to

+ * a forum account.

+ *

+ * @param array $link_data Any data needed to link a phpBB account to

+ * an external account.

+ * @return string|null Returns a string with a language constant if there

+ * is data missing or null if there is no error.

+ */

+ public function login_link_has_necessary_data($login_link_data);

+

+ /**

+ * Links an external account to a phpBB account.

+ *

+ * @param array $link_data Any data needed to link a phpBB account to

+ * an external account.

+ */

+ public function link_account(array $link_data);

+

+ /**

+ * Returns an array of data necessary to build the ucp_auth_link page

+ *

+ * @return array|null If this function is not implemented on an auth

+ * provider then it returns null. If it is implemented

+ * it will return an array of up to four elements of

+ * which only 'TEMPLATE_FILE'. If 'BLOCK_VAR_NAME' is

+ * present then 'BLOCK_VARS' must also be present in

+ * the array. The fourth element 'VARS' is also

+ * optional. The array, with all four elements present

+ * looks like the following:

+ * array(

+ * 'TEMPLATE_FILE' => string,

+ * 'BLOCK_VAR_NAME' => string,

+ * 'BLOCK_VARS' => array(...),

+ * 'VARS' => array(...),

+ * )

+ */

+ public function get_auth_link_data();

+

+ /**

+ * Unlinks an external account from a phpBB account.

+ *

+ * @param array $link_data Any data needed to unlink a phpBB account

+ * from a phpbb account.

+ */

+ public function unlink_account(array $link_data);

+<?php

+/**

+*

+* @package auth

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+use OAuth\Common\Consumer\Credentials;

+use OAuth\Common\Http\Uri\Uri;

+

+/**

+* OAuth authentication provider for phpBB3

+*

+* @package auth

+*/

+class phpbb_auth_provider_oauth extends phpbb_auth_provider_base

+{

+ /**

+ * Database driver

+ *

+ * @var phpbb_db_driver

+ */

+ protected $db;

+

+ /**

+ * phpBB config

+ *

+ * @var phpbb_config

+ */

+ protected $config;

+

+ /**

+ * phpBB request object

+ *

+ * @var phpbb_request

+ */

+ protected $request;

+

+ /**

+ * phpBB user

+ *

+ * @var phpbb_user

+ */

+ protected $user;

+

+ /**

+ * OAuth token table

+ *

+ * @var string

+ */

+ protected $auth_provider_oauth_token_storage_table;

+

+ /**

+ * OAuth account association table

+ *

+ * @var string

+ */

+ protected $auth_provider_oauth_token_account_assoc;

+

+ /**

+ * All OAuth service providers

+ *

+ * @var phpbb_di_service_collection Contains phpbb_auth_provider_oauth_service_interface

+ */

+ protected $service_providers;

+

+ /**

+ * Users table

+ *

+ * @var string

+ */

+ protected $users_table;

+

+ /**

+ * Cached current uri object

+ *

+ * @var \OAuth\Common\Http\Uri\UriInterface|null

+ */

+ protected $current_uri;

+

+ /**

+ * phpBB root path

+ *

+ * @var string

+ */

+ protected $phpbb_root_path;

+

+ /**

+ * PHP extenstion

+ *

+ * @var string

+ */

+ protected $php_ext;

+

+ /**

+ * OAuth Authentication Constructor

+ *

+ * @param phpbb_db_driver $db

+ * @param phpbb_config $config

+ * @param phpbb_request $request

+ * @param phpbb_user $user

+ * @param string $auth_provider_oauth_token_storage_table

+ * @param string $auth_provider_oauth_token_account_assoc

+ * @param phpbb_di_service_collection $service_providers Contains phpbb_auth_provider_oauth_service_interface

+ * @param string $users_table

+ * @param string $phpbb_root_path

+ * @param string $php_ext

+ */

+ public function __construct(phpbb_db_driver $db, phpbb_config $config, phpbb_request $request, phpbb_user $user, $auth_provider_oauth_token_storage_table, $auth_provider_oauth_token_account_assoc, phpbb_di_service_collection $service_providers, $users_table, $phpbb_root_path, $php_ext)

+ {

+ $this->db = $db;

+ $this->config = $config;

+ $this->request = $request;

+ $this->user = $user;

+ $this->auth_provider_oauth_token_storage_table = $auth_provider_oauth_token_storage_table;

+ $this->auth_provider_oauth_token_account_assoc = $auth_provider_oauth_token_account_assoc;

+ $this->service_providers = $service_providers;

+ $this->users_table = $users_table;

+ $this->phpbb_root_path = $phpbb_root_path;

+ $this->php_ext = $php_ext;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function init()

+ {

+ // This does not test whether or not the key and secret provided are valid.

+ foreach ($this->service_providers as $service_provider)

+ {

+ $credentials = $service_provider->get_service_credentials();

+

+ if (($credentials['key'] && !$credentials['secret']) || (!$credentials['key'] && $credentials['secret']))

+ {

+ return $this->user->lang['AUTH_PROVIDER_OAUTH_ERROR_ELEMENT_MISSING'];

+ }

+ }

+ return false;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function login($username, $password)

+ {

+ // Temporary workaround for only having one authentication provider available

+ if (!$this->request->is_set('oauth_service'))

+ {

+ $provider = new phpbb_auth_provider_db($this->db, $this->config, $this->request, $this->user, $this->phpbb_root_path, $this->php_ext);

+ return $provider->login($username, $password);

+ }

+

+ // Requst the name of the OAuth service

+ $service_name_original = $this->request->variable('oauth_service', '', false);

+ $service_name = 'auth.provider.oauth.service.' . strtolower($service_name_original);

+ if ($service_name_original === '' || !array_key_exists($service_name, $this->service_providers))

+ {

+ return array(

+ 'status' => LOGIN_ERROR_EXTERNAL_AUTH,

+ 'error_msg' => 'LOGIN_ERROR_OAUTH_SERVICE_DOES_NOT_EXIST',

+ 'user_row' => array('user_id' => ANONYMOUS),

+ );

+ }

+

+ // Get the service credentials for the given service

+ $service_credentials = $this->service_providers[$service_name]->get_service_credentials();

+

+ $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table);

+ $query = 'mode=login&login=external&oauth_service=' . $service_name_original;

+ $service = $this->get_service($service_name_original, $storage, $service_credentials, $this->service_providers[$service_name]->get_auth_scope(), $query);

+

+ if ($this->request->is_set('code', phpbb_request_interface::GET))

+ {

+ $this->service_providers[$service_name]->set_external_service_provider($service);

+ $unique_id = $this->service_providers[$service_name]->perform_auth_login();

+

+ // Check to see if this provider is already assosciated with an account

+ $data = array(

+ 'provider' => $service_name_original,

+ 'oauth_provider_id' => $unique_id

+ );

+ $sql = 'SELECT user_id FROM ' . $this->auth_provider_oauth_token_account_assoc . '

+ WHERE ' . $this->db->sql_build_array('SELECT', $data);

+ $result = $this->db->sql_query($sql);

+ $row = $this->db->sql_fetchrow($result);

+ $this->db->sql_freeresult($result);

+

+ if (!$row)

+ {

+ // The user does not yet exist, ask to link or create profile

+ return array(

+ 'status' => LOGIN_SUCCESS_LINK_PROFILE,

+ 'error_msg' => 'LOGIN_OAUTH_ACCOUNT_NOT_LINKED',

+ 'user_row' => array(),

+ 'redirect_data' => array(

+ 'auth_provider' => 'oauth',

+ 'login_link_oauth_service' => $service_name_original,

+ ),

+ );

+ }

+

+ // Retrieve the user's account

+ $sql = 'SELECT user_id, username, user_password, user_passchg, user_pass_convert, user_email, user_type, user_login_attempts

+ FROM ' . $this->users_table . '

+ WHERE user_id = ' . (int) $row['user_id'];

+ $result = $this->db->sql_query($sql);

+ $row = $this->db->sql_fetchrow($result);

+ $this->db->sql_freeresult($result);

+

+ if (!$row)

+ {

+ throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY');

+ }

+

+ // Update token storage to store the user_id

+ $storage->set_user_id($row['user_id']);

+

+ // The user is now authenticated and can be logged in

+ return array(

+ 'status' => LOGIN_SUCCESS,

+ 'error_msg' => false,

+ 'user_row' => $row,

+ );

+ }

+ else

+ {

+ $url = $service->getAuthorizationUri();

+ header('Location: ' . $url);

+ }

+ }

+

+ /**

+ * Returns the cached current_uri object or creates and caches it if it is

+ * not already created. In each case the query string is updated based on

+ * the $query parameter.

+ *

+ * @param string $service_name The name of the service

+ * @param string $query The query string of the current_uri

+ * used in redirects

+ * @return \OAuth\Common\Http\Uri\UriInterface

+ */

+ protected function get_current_uri($service_name, $query)

+ {

+ if ($this->current_uri)

+ {

+ $this->current_uri->setQuery($query);

+ return $this->current_uri;

+ }

+

+ $uri_factory = new \OAuth\Common\Http\Uri\UriFactory();

+ $current_uri = $uri_factory->createFromSuperGlobalArray($this->request->get_super_global(phpbb_request_interface::SERVER));

+ $current_uri->setQuery($query);

+

+ $this->current_uri = $current_uri;

+ return $current_uri;

+ }

+

+ /**

+ * Returns a new service object

+ *

+ * @param string $service_name The name of the service

+ * @param phpbb_auth_oauth_token_storage $storage

+ * @param array $service_credentials {@see phpbb_auth_provider_oauth::get_service_credentials}

+ * @param array $scope The scope of the request against

+ * the api.

+ * @param string $query The query string of the

+ * current_uri used in redirection

+ * @return \OAuth\Common\Service\ServiceInterface

+ */

+ protected function get_service($service_name, phpbb_auth_provider_oauth_token_storage $storage, array $service_credentials, array $scopes = array(), $query)

+ {

+ $current_uri = $this->get_current_uri($service_name, $query);

+

+ // Setup the credentials for the requests

+ $credentials = new Credentials(

+ $service_credentials['key'],

+ $service_credentials['secret'],

+ $current_uri->getAbsoluteUri()

+ );

+

+ $service_factory = new \OAuth\ServiceFactory();

+ $service = $service_factory->createService($service_name, $credentials, $storage, $scopes);

+

+ if (!$service)

+ {

+ throw new Exception('AUTH_PROVIDER_OAUTH_ERROR_SERVICE_NOT_CREATED');

+ }

+

+ return $service;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_login_data()

+ {

+ $login_data = array(

+ 'TEMPLATE_FILE' => 'login_body_oauth.html',

+ 'BLOCK_VAR_NAME' => 'oauth',

+ 'BLOCK_VARS' => array(),

+ );

+

+ foreach ($this->service_providers as $service_name => $service_provider)

+ {

+ // Only include data if the credentials are set

+ $credentials = $service_provider->get_service_credentials();

+ if ($credentials['key'] && $credentials['secret'])

+ {

+ $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name);

+ $redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name;

+ $login_data['BLOCK_VARS'][$service_name] = array(

+ 'REDIRECT_URL' => redirect($redirect_url, true),

+ 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)],

+ );

+ }

+ }

+

+ return $login_data;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function acp()

+ {

+ $ret = array();

+

+ foreach ($this->service_providers as $service_name => $service_provider)

+ {

+ $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name);

+ $ret[] = 'auth_oauth_' . $actual_name . '_key';

+ $ret[] = 'auth_oauth_' . $actual_name . '_secret';

+ }

+

+ return $ret;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_acp_template($new_config)

+ {

+ $ret = array(

+ 'BLOCK_VAR_NAME' => 'oauth_services',

+ 'BLOCK_VARS' => array(),

+ 'TEMPLATE_FILE' => 'auth_provider_oauth.html',

+ 'TEMPLATE_VARS' => array(),

+ );

+

+ foreach ($this->service_providers as $service_name => $service_provider)

+ {

+ $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name);

+ $ret['BLOCK_VARS'][$actual_name] = array(

+ 'ACTUAL_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)],

+ 'KEY' => $new_config['auth_oauth_' . $actual_name . '_key'],

+ 'NAME' => $actual_name,

+ 'SECRET' => $new_config['auth_oauth_' . $actual_name . '_secret'],

+ );

+ }

+

+ return $ret;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function login_link_has_necessary_data($login_link_data)

+ {

+ if (empty($login_link_data))

+ {

+ return 'LOGIN_LINK_NO_DATA_PROVIDED';

+ }

+

+ if (!array_key_exists('oauth_service', $login_link_data) || !$login_link_data['oauth_service'] ||

+ !array_key_exists('link_method', $login_link_data) || !$login_link_data['link_method'])

+ {

+ return 'LOGIN_LINK_MISSING_DATA';

+ }

+

+ return null;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function link_account(array $link_data)

+ {

+ // Check for a valid link method (auth_link or login_link)

+ if (!array_key_exists('link_method', $link_data) ||

+ !in_array($link_data['link_method'], array(

+ 'auth_link',

+ 'login_link',

+ )))

+ {

+ return 'LOGIN_LINK_MISSING_DATA';

+ }

+

+ // We must have an oauth_service listed, check for it two ways

+ if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service'])

+ {

+ $link_data['oauth_service'] = $this->request->variable('oauth_service', '');

+

+ if (!$link_data['oauth_service'])

+ {

+ return 'LOGIN_LINK_MISSING_DATA';

+ }

+ }

+

+ $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']);

+ if (!array_key_exists($service_name, $this->service_providers))

+ {

+ return 'LOGIN_ERROR_OAUTH_SERVICE_DOES_NOT_EXIST';

+ }

+

+ switch ($link_data['link_method'])

+ {

+ case 'auth_link':

+ return $this->link_account_auth_link($link_data, $service_name);

+ case 'login_link':

+ return $this->link_account_login_link($link_data, $service_name);

+ }

+ }

+

+ /**

+ * Performs the account linking for login_link

+ *

+ * @param array $link_data The same variable given to {@see phpbb_auth_provider_interface::link_account}

+ * @param string $service_name The name of the service being used in

+ * linking.

+ * @return string|null Returns a language constant (string) if an error is

+ * encountered, or null on success.

+ */

+ protected function link_account_login_link(array $link_data, $service_name)

+ {

+ $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table);

+

+ // Check for an access token, they should have one

+ if (!$storage->has_access_token_by_session($service_name))

+ {

+ return 'LOGIN_LINK_ERROR_OAUTH_NO_ACCESS_TOKEN';

+ }

+

+ // Prepare the query string

+ $query = 'mode=login_link&login_link_oauth_service=' . strtolower($link_data['oauth_service']);

+

+ // Prepare for an authentication request

+ $service_credentials = $this->service_providers[$service_name]->get_service_credentials();

+ $scopes = $this->service_providers[$service_name]->get_auth_scope();

+ $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query);

+ $this->service_providers[$service_name]->set_external_service_provider($service);

+

+ // The user has already authenticated successfully, request to authenticate again

+ $unique_id = $this->service_providers[$service_name]->perform_token_auth();

+

+ // Insert into table, they will be able to log in after this

+ $data = array(

+ 'user_id' => $link_data['user_id'],

+ 'provider' => strtolower($link_data['oauth_service']),

+ 'oauth_provider_id' => $unique_id,

+ );

+

+ $this->link_account_perform_link($data);

+ // Update token storage to store the user_id

+ $storage->set_user_id($link_data['user_id']);

+ }

+

+ /**

+ * Performs the account linking for auth_link

+ *

+ * @param array $link_data The same variable given to {@see phpbb_auth_provider_interface::link_account}

+ * @param string $service_name The name of the service being used in

+ * linking.

+ * @return string|null Returns a language constant (string) if an error is

+ * encountered, or null on success.

+ */

+ protected function link_account_auth_link(array $link_data, $service_name)

+ {

+ $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table);

+ $query = 'i=ucp_auth_link&mode=auth_link&link=1&oauth_service=' . strtolower($link_data['oauth_service']);

+ $service_credentials = $this->service_providers[$service_name]->get_service_credentials();

+ $scopes = $this->service_providers[$service_name]->get_auth_scope();

+ $service = $this->get_service(strtolower($link_data['oauth_service']), $storage, $service_credentials, $scopes, $query);

+

+ if ($this->request->is_set('code', phpbb_request_interface::GET))

+ {

+ $this->service_providers[$service_name]->set_external_service_provider($service);

+ $unique_id = $this->service_providers[$service_name]->perform_auth_login();

+

+ // Insert into table, they will be able to log in after this

+ $data = array(

+ 'user_id' => $this->user->data['user_id'],

+ 'provider' => strtolower($link_data['oauth_service']),

+ 'oauth_provider_id' => $unique_id,

+ );

+

+ $this->link_account_perform_link($data);

+ }

+ else

+ {

+ $url = $service->getAuthorizationUri();

+ header('Location: ' . $url);

+ }

+ }

+

+ /**

+ * Performs the query that inserts an account link

+ *

+ * @param array $data This array is passed to db->sql_build_array

+ */

+ protected function link_account_perform_link(array $data)

+ {

+ $sql = 'INSERT INTO ' . $this->auth_provider_oauth_token_account_assoc . '

+ ' . $this->db->sql_build_array('INSERT', $data);

+ $this->db->sql_query($sql);

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function logout($data, $new_session)

+ {

+ // Clear all tokens belonging to the user

+ $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table);

+ $storage->clearAllTokens();

+

+ return;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_auth_link_data()

+ {

+ $block_vars = array();

+

+ // Get all external accounts tied to the current user

+ $data = array(

+ 'user_id' => (int) $this->user->data['user_id'],

+ );

+ $sql = 'SELECT oauth_provider_id, provider FROM ' . $this->auth_provider_oauth_token_account_assoc . '

+ WHERE ' . $this->db->sql_build_array('SELECT', $data);

+ $result = $this->db->sql_query($sql);

+ $rows = $this->db->sql_fetchrowset($result);

+ $this->db->sql_freeresult($result);

+

+ $oauth_user_ids = array();

+

+ if ($rows !== false && sizeof($rows))

+ {

+ foreach ($rows as $row)

+ {

+ $oauth_user_ids[$row['provider']] = $row['oauth_provider_id'];

+ }

+ }

+ unset($rows);

+

+ foreach ($this->service_providers as $service_name => $service_provider)

+ {

+ // Only include data if the credentials are set

+ $credentials = $service_provider->get_service_credentials();

+ if ($credentials['key'] && $credentials['secret'])

+ {

+ $actual_name = str_replace('auth.provider.oauth.service.', '', $service_name);

+

+ $block_vars[$service_name] = array(

+ 'HIDDEN_FIELDS' => array(

+ 'link' => (!isset($oauth_user_ids[$actual_name])),

+ 'oauth_service' => $actual_name,

+ ),

+

+ 'SERVICE_NAME' => $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)],

+ 'UNIQUE_ID' => (isset($oauth_user_ids[$actual_name])) ? $oauth_user_ids[$actual_name] : null,

+ );

+ }

+ }

+

+ return array(

+ 'BLOCK_VAR_NAME' => 'oauth',

+ 'BLOCK_VARS' => $block_vars,

+

+ 'TEMPLATE_FILE' => 'ucp_auth_link_oauth.html',

+ );

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function unlink_account(array $link_data)

+ {

+ if (!array_key_exists('oauth_service', $link_data) || !$link_data['oauth_service'])

+ {

+ return 'LOGIN_LINK_MISSING_DATA';

+ }

+

+ // Remove the link

+ $sql = 'DELETE FROM ' . $this->auth_provider_oauth_token_account_assoc . "

+ WHERE provider = '" . $this->db->sql_escape($link_data['oauth_service']) . "'

+ AND user_id = " . (int) $this->user->data['user_id'];

+ $this->db->sql_query($sql);

+

+ // Clear all tokens belonging to the user on this servce

+ $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']);

+ $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table);

+ $storage->clearToken($service_name);

+

+ return;

+ }

+}

+<?php

+/**

+*

+* @package auth

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+/**

+* Base OAuth abstract class that all OAuth services should implement

+*

+* @package auth

+*/

+abstract class phpbb_auth_provider_oauth_service_base implements phpbb_auth_provider_oauth_service_interface

+{

+ /**

+ * External OAuth service provider

+ *

+ * @var \OAuth\Common\Service\ServiceInterface

+ */

+ protected $service_provider;

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_external_service_provider()

+ {

+ return $this->service_provider;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_auth_scope()

+ {

+ return array();

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider)

+ {

+ $this->service_provider = $service_provider;

+ }

+}

+<?php

+/**

+*

+* @package auth

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+/**

+* Bitly OAuth service

+*

+* @package auth

+*/

+class phpbb_auth_provider_oauth_service_bitly extends phpbb_auth_provider_oauth_service_base

+{

+ /**

+ * phpBB config

+ *

+ * @var phpbb_config

+ */

+ protected $config;

+

+ /**

+ * phpBB request

+ *

+ * @var phpbb_request

+ */

+ protected $request;

+

+ /**

+ * Constructor

+ *

+ * @param phpbb_config $config

+ * @param phpbb_request $request

+ */

+ public function __construct(phpbb_config $config, phpbb_request $request)

+ {

+ $this->config = $config;

+ $this->request = $request;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_service_credentials()

+ {

+ return array(

+ 'key' => $this->config['auth_oauth_bitly_key'],

+ 'secret' => $this->config['auth_oauth_bitly_secret'],

+ );

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function perform_auth_login()

+ {

+ if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly))

+ {

+ throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');

+ }

+

+ // This was a callback request from bitly, get the token

+ $this->service_provider->requestAccessToken($this->request->variable('code', ''));

+

+ // Send a request with it

+ $result = json_decode($this->service_provider->request('user/info'), true);

+

+ // Return the unique identifier returned from bitly

+ return $result['data']['login'];

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function perform_token_auth()

+ {

+ if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Bitly))

+ {

+ throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');

+ }

+

+ // Send a request with it

+ $result = json_decode($this->service_provider->request('user/info'), true);

+

+ // Return the unique identifier returned from bitly

+ return $result['data']['login'];

+ }

+}

+<?php

+/**

+*

+* @package auth

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+/**

+* OAuth service exception class

+*

+* @package auth

+*/

+class phpbb_auth_provider_oauth_service_exception extends RuntimeException

+{

+}

+<?php

+/**

+*

+* @package auth

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+/**

+* Facebook OAuth service

+*

+* @package auth

+*/

+class phpbb_auth_provider_oauth_service_facebook extends phpbb_auth_provider_oauth_service_base

+{

+ /**

+ * phpBB config

+ *

+ * @var phpbb_config

+ */

+ protected $config;

+

+ /**

+ * phpBB request

+ *

+ * @var phpbb_request

+ */

+ protected $request;

+

+ /**

+ * Constructor

+ *

+ * @param phpbb_config $config

+ * @param phpbb_request $request

+ */

+ public function __construct(phpbb_config $config, phpbb_request $request)

+ {

+ $this->config = $config;

+ $this->request = $request;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_service_credentials()

+ {

+ return array(

+ 'key' => $this->config['auth_oauth_facebook_key'],

+ 'secret' => $this->config['auth_oauth_facebook_secret'],

+ );

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function perform_auth_login()

+ {

+ if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook))

+ {

+ throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');

+ }

+

+ // This was a callback request, get the token

+ $this->service_provider->requestAccessToken($this->request->variable('code', ''));

+

+ // Send a request with it

+ $result = json_decode($this->service_provider->request('/me'), true);

+

+ // Return the unique identifier

+ return $result['id'];

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function perform_token_auth()

+ {

+ if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Facebook))

+ {

+ throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');

+ }

+

+ // Send a request with it

+ $result = json_decode($this->service_provider->request('/me'), true);

+

+ // Return the unique identifier

+ return $result['id'];

+ }

+}

+<?php

+/**

+*

+* @package auth

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+/**

+* Google OAuth service

+*

+* @package auth

+*/

+class phpbb_auth_provider_oauth_service_google extends phpbb_auth_provider_oauth_service_base

+{

+ /**

+ * phpBB config

+ *

+ * @var phpbb_config

+ */

+ protected $config;

+

+ /**

+ * phpBB request

+ *

+ * @var phpbb_request

+ */

+ protected $request;

+

+ /**

+ * Constructor

+ *

+ * @param phpbb_config $config

+ * @param phpbb_request $request

+ */

+ public function __construct(phpbb_config $config, phpbb_request $request)

+ {

+ $this->config = $config;

+ $this->request = $request;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_auth_scope()

+ {

+ return array(

+ 'userinfo_email',

+ 'userinfo_profile',

+ );

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_service_credentials()

+ {

+ return array(

+ 'key' => $this->config['auth_oauth_google_key'],

+ 'secret' => $this->config['auth_oauth_google_secret'],

+ );

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function perform_auth_login()

+ {

+ if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google))

+ {

+ throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');

+ }

+

+ // This was a callback request, get the token

+ $this->service_provider->requestAccessToken($this->request->variable('code', ''));

+

+ // Send a request with it

+ $result = json_decode($this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true);

+

+ // Return the unique identifier

+ return $result['id'];

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function perform_token_auth()

+ {

+ if (!($this->service_provider instanceof \OAuth\OAuth2\Service\Google))

+ {

+ throw new phpbb_auth_provider_oauth_service_exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_SERVICE_TYPE');

+ }

+

+ // Send a request with it

+ $result = json_decode($this->service_provider->request('https://www.googleapis.com/oauth2/v1/userinfo'), true);

+

+ // Return the unique identifier

+ return $result['id'];

+ }

+}

+<?php

+/**

+*

+* @package auth

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+/**

+* OAuth service interface

+*

+* @package auth

+*/

+interface phpbb_auth_provider_oauth_service_interface

+{

+ /**

+ * Returns an array of the scopes necessary for auth

+ *

+ * @return array An array of the required scopes

+ */

+ public function get_auth_scope();

+

+ /**

+ * Returns the external library service provider once it has been set

+ *

+ * @param \OAuth\Common\Service\ServiceInterface|null

+ */

+ public function get_external_service_provider();

+

+ /**

+ * Returns an array containing the service credentials belonging to requested

+ * service.

+ *

+ * @return array An array containing the 'key' and the 'secret' of the

+ * service in the form:

+ * array(

+ * 'key' => string

+ * 'secret' => string

+ * )

+ */

+ public function get_service_credentials();

+

+ /**

+ * Returns the results of the authentication in json format

+ *

+ * @throws phpbb_auth_provider_oauth_service_exception

+ * @return string The unique identifier returned by the service provider

+ * that is used to authenticate the user with phpBB.

+ */

+ public function perform_auth_login();

+

+ /**

+ * Returns the results of the authentication in json format

+ * Use this function when the user already has an access token

+ *

+ * @throws phpbb_auth_provider_oauth_service_exception

+ * @return string The unique identifier returned by the service provider

+ * that is used to authenticate the user with phpBB.

+ */

+ public function perform_token_auth();

+

+ /**

+ * Sets the external library service provider

+ *

+ * @param \OAuth\Common\Service\ServiceInterface $service

+ */

+ public function set_external_service_provider(\OAuth\Common\Service\ServiceInterface $service_provider);

+}

+<?php

+/**

+*

+* @package auth

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+

+use OAuth\OAuth1\Token\StdOAuth1Token;

+use OAuth\Common\Token\TokenInterface;

+use OAuth\Common\Storage\TokenStorageInterface;

+use OAuth\Common\Storage\Exception\StorageException;

+use OAuth\Common\Storage\Exception\TokenNotFoundException;

+

+/**

+* OAuth storage wrapper for phpbb's cache

+*

+* @package auth

+*/

+class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface

+{

+ /**

+ * Cache driver.

+ *

+ * @var phpbb_db_driver

+ */

+ protected $db;

+

+ /**

+ * phpBB user

+ *

+ * @var phpbb_user

+ */

+ protected $user;

+

+ /**

+ * OAuth token table

+ *

+ * @var string

+ */

+ protected $auth_provider_oauth_table;

+

+ /**

+ * @var object|TokenInterface

+ */

+ protected $cachedToken;

+

+ /**

+ * Creates token storage for phpBB.

+ *

+ * @param phpbb_db_driver $db

+ * @param phpbb_user $user

+ * @param string $auth_provider_oauth_table

+ */

+ public function __construct(phpbb_db_driver $db, phpbb_user $user, $auth_provider_oauth_table)

+ {

+ $this->db = $db;

+ $this->user = $user;

+ $this->auth_provider_oauth_table = $auth_provider_oauth_table;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function retrieveAccessToken($service)

+ {

+ $service = $this->get_service_name_for_db($service);

+

+ if ($this->cachedToken instanceOf TokenInterface)

+ {

+ return $this->cachedToken;

+ }

+

+ $data = array(

+ 'user_id' => (int) $this->user->data['user_id'],

+ 'provider' => $service,

+ );

+

+ if ((int) $this->user->data['user_id'] === ANONYMOUS)

+ {

+ $data['session_id'] = $this->user->data['session_id'];

+ }

+

+ return $this->_retrieve_access_token($data);

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function storeAccessToken($service, TokenInterface $token)

+ {

+ $service = $this->get_service_name_for_db($service);

+

+ $this->cachedToken = $token;

+

+ $data = array(

+ 'user_id' => (int) $this->user->data['user_id'],

+ 'provider' => $service,

+ 'oauth_token' => $this->json_encode_token($token),

+ 'session_id' => $this->user->data['session_id'],

+ );

+

+ $sql = 'INSERT INTO ' . $this->auth_provider_oauth_table . '

+ ' . $this->db->sql_build_array('INSERT', $data);

+ $this->db->sql_query($sql);

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function hasAccessToken($service)

+ {

+ $service = $this->get_service_name_for_db($service);

+

+ if ($this->cachedToken) {

+ return true;

+ }

+

+ $data = array(

+ 'user_id' => (int) $this->user->data['user_id'],

+ 'provider' => $service,

+ );

+

+ if ((int) $this->user->data['user_id'] === ANONYMOUS)

+ {

+ $data['session_id'] = $this->user->data['session_id'];

+ }

+

+ return $this->_has_acess_token($data);

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function clearToken($service)

+ {

+ $service = $this->get_service_name_for_db($service);

+

+ $this->cachedToken = null;

+

+ $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . '

+ WHERE user_id = ' . (int) $this->user->data['user_id'] . "

+ AND provider = '" . $this->db->sql_escape($service) . "'";

+

+ if ((int) $this->user->data['user_id'] === ANONYMOUS)

+ {

+ $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";

+ }

+

+ $this->db->sql_query($sql);

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function clearAllTokens()

+ {

+ $this->cachedToken = null;

+

+ $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . '

+ WHERE user_id = ' . (int) $this->user->data['user_id'];

+

+ if ((int) $this->user->data['user_id'] === ANONYMOUS)

+ {

+ $sql .= " AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";

+ }

+

+ $this->db->sql_query($sql);

+ }

+

+ /**

+ * Updates the user_id field in the database assosciated with the token

+ *

+ * @param int $user_id

+ */

+ public function set_user_id($user_id)

+ {

+ if (!$this->cachedToken)

+ {

+ return;

+ }

+

+ $sql = 'UPDATE ' . $this->auth_provider_oauth_table . '

+ SET ' . $this->db->sql_build_array('UPDATE', array(

+ 'user_id' => (int) $user_id

+ )) . '

+ WHERE user_id = ' . (int) $this->user->data['user_id'] . "

+ AND session_id = '" . $this->db->sql_escape($this->user->data['session_id']) . "'";

+ $this->db->sql_query($sql);

+ }

+

+ /**

+ * Checks to see if an access token exists solely by the session_id of the user

+ *

+ * @return bool true if they have token, false if they don't

+ */

+ public function has_access_token_by_session($service)

+ {

+ $service = $this->get_service_name_for_db($service);

+

+ if ($this->cachedToken)

+ {

+ return true;

+ }

+

+ $data = array(

+ 'session_id' => $this->user->data['session_id'],

+ 'provider' => $service,

+ );

+

+ return $this->_has_acess_token($data);

+ }

+

+ /**

+ * A helper function that performs the query for has access token functions

+ *

+ * @param array $data

+ * @return bool

+ */

+ protected function _has_acess_token($data)

+ {

+ return (bool) $this->get_access_token_row($data);

+ }

+

+ public function retrieve_access_token_by_session($service)

+ {

+ $service = $this->get_service_name_for_db($service);

+

+ if ($this->cachedToken instanceOf TokenInterface) {

+ return $this->cachedToken;

+ }

+

+ $data = array(

+ 'session_id' => $this->user->data['session_id'],

+ 'provider' => $service,

+ );

+

+ return $this->_retrieve_access_token($data);

+ }

+

+ /**

+ * A helper function that performs the query for retrieve access token functions

+ * Also checks if the token is a valid token

+ *

+ * @param array $data

+ * @return mixed

+ */

+ protected function _retrieve_access_token($data)

+ {

+ $row = $this->get_access_token_row($data);

+

+ if (!$row)

+ {

+ throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_NOT_STORED');

+ }

+

+ $token = $this->json_decode_token($row['oauth_token']);

+

+ // Ensure that the token was serialized/unserialized correctly

+ if (!($token instanceof TokenInterface))

+ {

+ $this->clearToken();

+ throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED');

+ }

+

+ $this->cachedToken = $token;

+ return $token;

+ }

+

+ /**

+ * A helper function that performs the query for retrieving an access token

+ *

+ * @param array $data

+ * @return mixed

+ */

+ protected function get_access_token_row($data)

+ {

+ $sql = 'SELECT oauth_token FROM ' . $this->auth_provider_oauth_table . '

+ WHERE ' . $this->db->sql_build_array('SELECT', $data);

+ $result = $this->db->sql_query($sql);

+ $row = $this->db->sql_fetchrow($result);

+ $this->db->sql_freeresult($result);

+

+ return $row;

+ }

+

+ public function json_encode_token(TokenInterface $token)

+ {

+ $members = array(

+ 'accessToken' => $token->getAccessToken(),

+ 'endOfLife' => $token->getEndOfLife(),

+ 'extraParams' => $token->getExtraParams(),

+ 'refreshToken' => $token->getRefreshToken(),

+

+ 'token_class' => get_class($token),

+ );

+

+ // Handle additional data needed for OAuth1 tokens

+ if ($token instanceof StdOAuth1Token)

+ {

+ $members['requestToken'] = $token->getRequestToken();

+ $members['requestTokenSecret'] = $token->getRequestTokenSecret();

+ $members['accessTokenSecret'] = $token->getAccessTokenSecret();

+ }

+

+ return json_encode($members);

+ }

+

+ public function json_decode_token($json)

+ {

+ $token_data = json_decode($json, true);

+

+ if ($token_data === null)

+ {

+ throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED');

+ }

+

+ $token_class = $token_data['token_class'];

+ $access_token = $token_data['accessToken'];

+ $refresh_token = $token_data['refreshToken'];

+ $endOfLife = $token_data['endOfLife'];

+ $extra_params = $token_data['extraParams'];

+

+ // Create the token

+ $token = new $token_class($access_token, $refresh_token, TokenInterface::EOL_NEVER_EXPIRES, $extra_params);

+ $token->setEndOfLife($endOfLife);

+

+ // Handle OAuth 1.0 specific elements

+ if ($token instanceof StdOAuth1Token)

+ {

+ $token->setRequestToken($token_data['requestToken']);

+ $token->setRequestTokenSecret($token_data['requestTokenSecret']);

+ $token->setAccessTokenSecret($token_data['accessTokenSecret']);

+ }

+

+ return $token;

+ }

+

+ /**

+ * Returns the name of the service as it must be stored in the database.

+ *

+ * @param string $service The name of the OAuth service

+ * @return string The name of the OAuth service as it needs to be stored

+ * in the database.

+ */

+ protected function get_service_name_for_db($service)

+ {

+ // Enforce the naming convention for oauth services

+ if (strpos($service, 'auth.provider.oauth.service.') !== 0)

+ {

+ $service = 'auth.provider.oauth.service.' . strtolower($service);

+ }

+

+ return $service;

+ }

+}

+<?php

+/**

+*

+* @package phpBB3

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+/**

+* Prune notifications cron task.

+*

+* @package phpBB3

+*/

+class phpbb_cron_task_core_prune_notifications extends phpbb_cron_task_base

+{

+ protected $config;

+ protected $notification_manager;

+

+ /**

+ * Constructor.

+ *

+ * @param phpbb_config $config The config

+ * @param phpbb_notification_manager $notification_manager Notification manager

+ */

+ public function __construct(phpbb_config $config, phpbb_notification_manager $notification_manager)

+ {

+ $this->config = $config;

+ $this->notification_manager = $notification_manager;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function run()

+ {

+ // time minus expire days in seconds

+ $timestamp = time() - ($this->config['read_notification_expire_days'] * 60 * 60 * 24);

+ $this->notification_manager->prune_notifications($timestamp);

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function is_runnable()

+ {

+ return (bool) $this->config['read_notification_expire_days'];

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function should_run()

+ {

+ return $this->config['read_notification_last_gc'] < time() - $this->config['read_notification_gc'];

+ }

+}

+<?php

+/**

+*

+* @package migration

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-license.php GNU Public License v2

+*

+*/

+

+class phpbb_db_migration_data_310_auth_provider_oauth extends phpbb_db_migration

+{

+ public function effectively_installed()

+ {

+ return $this->db_tools->sql_table_exists($this->table_prefix . 'auth_provider_oauth');

+ }

+

+ public function update_schema()

+ {

+ return array(

+ 'add_tables' => array(

+ $this->table_prefix . 'oauth_tokens' => array(

+ 'COLUMNS' => array(

+ 'user_id' => array('UINT', 0), // phpbb_users.user_id

+ 'session_id' => array('CHAR:32', ''), // phpbb_sessions.session_id used only when user_id not set

+ 'provider' => array('VCHAR', ''), // Name of the OAuth provider

+ 'oauth_token' => array('MTEXT', ''), // Serialized token

+ ),

+ 'KEYS' => array(

+ 'user_id' => array('INDEX', 'user_id'),

+ 'provider' => array('INDEX', 'provider'),

+ ),

+ ),

+ $this->table_prefix . 'oauth_accounts' => array(

+ 'COLUMNS' => array(

+ 'user_id' => array('UINT', 0),

+ 'provider' => array('VCHAR', ''),

+ 'oauth_provider_id' => array('TEXT_UNI', ''),

+ ),

+ 'PRIMARY_KEY' => array(

+ 'user_id',

+ 'provider',

+ ),

+ ),

+ ),

+ );

+ }

+

+ public function revert_schema()

+ {

+ return array(

+ 'drop_tables' => array(

+ $this->table_prefix . 'oauth_tokens',

+ $this->table_prefix . 'oauth_accounts',

+ ),

+ );

+ }

+

+ public function update_data()

+ {

+ return array(

+ array('module.add', array(

+ 'ucp',

+ 'UCP_PROFILE',

+ array(

+ 'module_basename' => 'ucp_auth_link',

+ 'modes' => array('auth_link'),

+ ),

+ )),

+ );

+ }

+}

+<?php

+/**

+*

+* @package migration

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+class phpbb_db_migration_data_310_notifications_cron extends phpbb_db_migration

+{

+ static public function depends_on()

+ {

+ return array('phpbb_db_migration_data_310_notifications');

+ }

+

+ public function update_data()

+ {

+ return array(

+ array('config.add', array('read_notification_expire_days', 30)),

+ array('config.add', array('read_notification_last_gc', 0)), // last run

+ array('config.add', array('read_notification_gc', (60 * 60 * 24))), // seconds between run; 1 day

+ );

+ }

+}

+<?php

+/**

+*

+* @package phpbb_log

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+/**

+* Null logger

+*

+* @package phpbb_log

+*/

+class phpbb_log_null implements phpbb_log_interface

+{

+ /**

+ * {@inheritdoc}

+ */

+ public function is_enabled($type = '')

+ {

+ return false;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function disable($type = '')

+ {

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function enable($type = '')

+ {

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function add($mode, $user_id, $log_ip, $log_operation, $log_time = false, $additional_data = array())

+ {

+ return false;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_logs($mode, $count_logs = true, $limit = 0, $offset = 0, $forum_id = 0, $topic_id = 0, $user_id = 0, $log_time = 0, $sort_by = 'l.log_time DESC', $keywords = '')

+ {

+ return array();

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_log_count()

+ {

+ return 0;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_valid_offset()

+ {

+ return 0;

+ }

+}

+ *

+ * @param mixed $parent_id Parent identifier within the type (or array of ids), used in combination with item_id if specified (Default: false; not checked)

+ public function delete_notifications($notification_type_name, $item_id, $parent_id = false)

+ $this->delete_notifications($type, $item_id, $parent_id);

+ AND ' . (is_array($item_id) ? $this->db->sql_in_set('item_id', $item_id) : 'item_id = ' . (int) $item_id) .

+ (($parent_id !== false) ? ' AND ' . ((is_array($parent_id) ? $this->db->sql_in_set('item_parent_id', $parent_id) : 'item_parent_id = ' . (int) $parent_id)) : '');

+ * @param bool $only_unread True (default) to only prune read notifications

+ public function prune_notifications($timestamp, $only_read = true)

+ WHERE notification_time < ' . (int) $timestamp .

+ (($only_read) ? ' AND notification_read = 1' : '');

+

+

+<?php

+/**

+*

+* @package notifications

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+class phpbb_notification_type_group_request extends phpbb_notification_type_base

+{

+ /**

+ * {@inheritdoc}

+ */

+ public function get_type()

+ {

+ return 'group_request';

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public static $notification_option = array(

+ 'lang' => 'NOTIFICATION_TYPE_GROUP_REQUEST',

+ );

+

+ /**

+ * {@inheritdoc}

+ */

+ public function is_available()

+ {

+ // Leader of any groups?

+ $sql = 'SELECT group_id

+ FROM ' . USER_GROUP_TABLE . '

+ WHERE user_id = ' . (int) $this->user->data['user_id'] . '

+ AND group_leader = 1';

+ $result = $this->db->sql_query_limit($sql, 1);

+ $row = $this->db->sql_fetchrow($result);

+ $this->db->sql_freeresult($result);

+

+ return (!empty($row)) ? true : false;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public static function get_item_id($group)

+ {

+ return (int) $group['user_id'];

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public static function get_item_parent_id($group)

+ {

+ // Group id is the parent

+ return (int) $group['group_id'];

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function find_users_for_notification($group, $options = array())

+ {

+ $options = array_merge(array(

+ 'ignore_users' => array(),

+ ), $options);

+

+ $sql = 'SELECT user_id

+ FROM ' . USER_GROUP_TABLE . '

+ WHERE group_leader = 1

+ AND group_id = ' . (int) $group['group_id'];

+ $result = $this->db->sql_query($sql);

+

+ $user_ids = array();

+ while ($row = $this->db->sql_fetchrow($result))

+ {

+ $user_ids[] = (int) $row['user_id'];

+ }

+ $this->db->sql_freeresult($result);

+

+ $this->user_loader->load_users($user_ids);

+

+ return $this->check_user_notification_options($user_ids, $options);

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_avatar()

+ {

+ return $this->user_loader->get_avatar($this->item_id);

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_title()

+ {

+ $username = $this->user_loader->get_username($this->item_id, 'no_profile');

+

+ return $this->user->lang('NOTIFICATION_GROUP_REQUEST', $username, $this->get_data('group_name'));

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_email_template()

+ {

+ return 'group_request';

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_email_template_variables()

+ {

+ $user_data = $this->user_loader->get_user($this->item_id);

+

+ return array(

+ 'GROUP_NAME' => htmlspecialchars_decode($this->get_data('group_name')),

+ 'REQUEST_USERNAME' => htmlspecialchars_decode($user_data['username']),

+

+ 'U_PENDING' => generate_board_url() . "/ucp.{$this->php_ext}?i=groups&mode=manage&action=list&g={$this->item_parent_id}",

+ 'U_GROUP' => generate_board_url() . "/memberlist.{$this->php_ext}?mode=group&g={$this->item_parent_id}",

+ );

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_url()

+ {

+ return append_sid($this->phpbb_root_path . 'ucp.' . $this->php_ext, "i=groups&mode=manage&action=list&g={$this->item_parent_id}");

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function users_to_query()

+ {

+ return array($this->item_id);

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function create_insert_array($group, $pre_create_data = array())

+ {

+ $this->set_data('group_name', $group['group_name']);

+

+ return parent::create_insert_array($group, $pre_create_data);

+ }

+}

+<?php

+/**

+*

+* @package notifications

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+class phpbb_notification_type_group_request_approved extends phpbb_notification_type_base

+{

+ /**

+ * {@inheritdoc}

+ */

+ public function get_type()

+ {

+ return 'group_request_approved';

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function is_available()

+ {

+ return false;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public static function get_item_id($group)

+ {

+ return (int) $group['group_id'];

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public static function get_item_parent_id($group)

+ {

+ return 0;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function find_users_for_notification($group, $options = array())

+ {

+ $users = array();

+

+ $group['user_ids'] = (!is_array($group['user_ids'])) ? array($group['user_ids']) : $group['user_ids'];

+

+ foreach ($group['user_ids'] as $user_id)

+ {

+ $users[$user_id] = array('');

+ }

+

+ return $users;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_title()

+ {

+ return $this->user->lang('NOTIFICATION_GROUP_REQUEST_APPROVED', $this->get_data('group_name'));

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_url()

+ {

+ return append_sid($this->phpbb_root_path . 'memberlist.' . $this->php_ext, "mode=group&g={$this->item_id}");

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function create_insert_array($group, $pre_create_data = array())

+ {

+ $this->set_data('group_name', $group['group_name']);

+

+ return parent::create_insert_array($group, $pre_create_data);

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function users_to_query()

+ {

+ return array();

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_email_template()

+ {

+ return false;

+ }

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_email_template_variables()

+ {

+ return array();

+ }

+}

+

+ /**

+ * Returns the original array of the requested super global

+ *

+ * @param phpbb_request_interface::POST|GET|REQUEST|COOKIE $super_global

+ * The super global which will be returned

+ *

+ * @return array The original array of the requested super global.

+ */

+ public function get_super_global($super_global = phpbb_request_interface::REQUEST);

+

+ /**

+ * {@inheritdoc}

+ */

+ public function get_super_global($super_global = phpbb_request_interface::REQUEST)

+ {

+ return $this->input[$super_global];

+ }

+

+ /**

+ * Finds a template by name.

+ *

+ * @param string $name The template name

+ * @return string

+ */

+ public function findTemplate($name)

+ {

+ if (strpos($name, '@') === false)

+ {

+ foreach ($this->getNamespaceLookUpOrder() as $namespace)

+ {

+ try

+ {

+ if ($namespace === '__main__')

+ {

+ return parent::getLoader()->getCacheKey($name);

+ }

+

+ return parent::getLoader()->getCacheKey('@' . $namespace . '/' . $name);

+ }

+ catch (Twig_Error_Loader $e)

+ {

+ }

+ }

+

+ // We were unable to load any templates

+ throw $e;

+ }

+ else

+ {

+ return parent::getLoader()->getCacheKey($name);

+ }

+ }

+ 'DEFINE \$[a-zA-Z0-9_]+ =',

+ // Replace <!-- BEGINELSE -->

+ $body = str_replace('<!-- BEGINELSE -->', '{% else %}', $body);

+

+ $inner = preg_replace('#(\s\(?!?)\$([a-zA-Z_0-9]+)#', '$1definition.$2', $inner);

+ $inner = preg_replace('#(\s\(?!?)\.([a-zA-Z_0-9]+)([^a-zA-Z_0-9\.])#', '$1loops.$2|length$3', $inner);

+ $inner = preg_replace('#(\s\(?!?)\.([a-zA-Z_0-9\.]+)([^a-zA-Z_0-9\.])#', '$1$2|length$3', $inner);

+ return preg_replace_callback('#<!-- (ELSE)?IF((.*?) \(?!?[\$|\.]([^\s]+)(.*?))-->#', $callback, $code);

+ $code = preg_replace('#<!-- DEFINE \$(.*?) -->#', '{% DEFINE $1 %}', $code);

+ $code = preg_replace('#<!-- UNDEFINE \$(.*?)-->#', '{% DEFINE $1= null %}', $code);

+<?php

+/**

+*

+* @package phpBB3

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+/**

+* @ignore

+*/

+if (!defined('IN_PHPBB'))

+{

+ exit;

+}

+

+/**

+* Twig Template loader

+* @package phpBB3

+*/

+class phpbb_template_twig_loader extends Twig_Loader_Filesystem

+{

+ protected $safe_directories = array();

+

+ /**

+ * Set safe directories

+ *

+ * @param array $directories Array of directories that are safe (empty to clear)

+ * @return Twig_Loader_Filesystem

+ */

+ public function setSafeDirectories($directories = array())

+ {

+ $this->safe_directories = array();

+

+ if (!empty($directories))

+ {

+ foreach ($directories as $directory)

+ {

+ $this->addSafeDirectory($directory);

+ }

+ }

+

+ return $this;

+ }

+

+ /**

+ * Add safe directory

+ *

+ * @param string $directory Directory that should be added

+ * @return Twig_Loader_Filesystem

+ */

+ public function addSafeDirectory($directory)

+ {

+ $directory = phpbb_realpath($directory);

+

+ if ($directory !== false)

+ {

+ $this->safe_directories[] = $directory;

+ }

+

+ return $this;

+ }

+

+ /**

+ * Get current safe directories

+ *

+ * @return array

+ */

+ public function getSafeDirectories()

+ {

+ return $this->safe_directories;

+ }

+

+ /**

+ * Override for parent::validateName()

+ *

+ * This is done because we added support for safe directories, and when Twig

+ * findTemplate() is called, validateName() is called first, which would

+ * always throw an exception if the file is outside of the configured

+ * template directories.

+ */

+ protected function validateName($name)

+ {

+ return;

+ }

+

+ /**

+ * Find the template

+ *

+ * Override for Twig_Loader_Filesystem::findTemplate to add support

+ * for loading from safe directories.

+ */

+ protected function findTemplate($name)

+ {

+ $name = (string) $name;

+

+ // normalize name

+ $name = preg_replace('#/{2,}#', '/', strtr($name, '\\', '/'));

+

+ // If this is in the cache we can skip the entire process below

+ // as it should have already been validated

+ if (isset($this->cache[$name])) {

+ return $this->cache[$name];

+ }

+

+ // First, find the template name. The override above of validateName

+ // causes the validateName process to be skipped for this call

+ $file = parent::findTemplate($name);

+

+ try

+ {

+ // Try validating the name (which may throw an exception)

+ parent::validateName($name);

+ }

+ catch (Twig_Error_Loader $e)

+ {

+ if (strpos($e->getRawMessage(), 'Looks like you try to load a template outside configured directories') === 0)

+ {

+ // Ok, so outside of the configured template directories, we

+ // can now check if we're within a "safe" directory

+

+ // Find the real path of the directory the file is in

+ $directory = phpbb_realpath(dirname($file));

+

+ if ($directory === false)

+ {

+ // Some sort of error finding the actual path, must throw the exception

+ throw $e;

+ }

+

+ foreach ($this->safe_directories as $safe_directory)

+ {

+ if (strpos($directory, $safe_directory) === 0)

+ {

+ // The directory being loaded is below a directory

+ // that is "safe". We're good to load it!

+ return $file;

+ }

+ }

+ }

+

+ // Not within any safe directories

+ throw $e;

+ }

+

+ // No exception from validateName, safe to load.

+ return $file;

+ }

+}

+ ->write("\$local_file = \$this->getEnvironment()->findTemplate(\$asset_path);\n")

+ ->write("\$asset->add_assets_version('{$config['assets_version']}');\n")

+ $loader = new phpbb_template_twig_loader('');

+ $path = $this->phpbb_root_path . trim($directory, '/') . "/{$name}/";

+ $template_path = $path . 'template/';

+ if (is_dir($template_path))

+ // Add the base style directory as a safe directory

+ $this->twig->getLoader()->addSafeDirectory($path);

+

+ $paths[] = $template_path;

+ $ext_style_path = $ext_path . 'styles/' . $style_name . '/';

+ $ext_style_template_path = $ext_style_path . 'template/';

+ if (is_dir($ext_style_template_path))

+ // Add the base style directory as a safe directory

+ $this->twig->getLoader()->addSafeDirectory($ext_style_path);

+

+ $paths[] = $ext_style_template_path;

+ $parse_flags = ($row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;

+ $row['post_text'] = generate_text_for_display($row['post_text'], $row['bbcode_uid'], $row['bbcode_bitfield'], $parse_flags, false);

+ jQuery('#' + id + ' input[type=checkbox][name]').each(function() {

+ var $this = jQuery(this);

+ if ($this.attr('name').substr(0, name.length) == name) {

+ $this.prop('checked', state);

+ });

+ var i;

+ jQuery('#' + panels[i]).css('display', panels[i] === show_panel ? 'block' : 'none');

+ jQuery('#' + panels[i] + '-tab').toggleClass('activetab', panels[i] === show_panel);

+

+ <!-- IF not S_ADMIN_AUTH and PROVIDER_TEMPLATE_FILE -->

+ <!-- INCLUDE {PROVIDER_TEMPLATE_FILE} -->

+ <!-- ENDIF -->

+<div class="content">

+ <!-- BEGIN oauth -->

+ <dl>

+ <dt>&nbsp;</dt>

+ <dd><a href="{oauth.REDIRECT_URL}" class="button2">{oauth.SERVICE_NAME}</a></dd>

+ </dl>

+ <!-- END oauth -->

+</div>

+ <!-- END usernotes -->

+ <!-- IF S_REPORT_CLOSED -->

+ <p class="post-notice reported">{L_REPORT_CLOSED}</p>

+ <!-- IF not S_REPORT_CLOSED -->

+ <p class="post-notice unapproved">

+ <p class="post-notice deleted">

+ <p class="post-notice reported">

+ <!-- IF postrow.S_POST_UNAPPROVED -->

+ <p class="post-notice unapproved">

+ <a href="{postrow.U_MCP_APPROVE}"><strong>{L_POST_UNAPPROVED}</strong></a>

+ </p>

+ <!-- ENDIF -->

+

+ <!-- IF postrow.S_POST_DELETED -->

+ <p class="post-notice deleted">

+ <a href="{postrow.U_MCP_APPROVE}"><strong>{L_POST_DELETED}</strong></a>

+ </p>

+ <!-- ENDIF -->

+

+ <!-- IF postrow.S_POST_REPORTED -->

+ <p class="post-notice reported">

+ <a href="{postrow.U_MCP_REPORT}"><strong>{L_POST_REPORTED}</strong></a>

+<!-- INCLUDE ucp_header.html -->

+

+<h2>{L_UCP_AUTH_LINK_TITLE}</h2>

+

+<div class="panel">

+ <div class="inner">

+ <!-- IF ERROR --><dl><dd class="error">{ERROR}</dd></dl><!-- ENDIF -->

+

+ <!-- INCLUDE {PROVIDER_TEMPLATE_FILE} -->

+ </div>

+</div>

+

+<!-- INCLUDE ucp_footer.html -->

+<!-- BEGIN oauth -->

+ <form id="ucp" method="post" action="{S_UCP_ACTION}">

+ <h3>{oauth.SERVICE_NAME}</h3>

+

+ <fieldset class="fields2">

+ <!-- IF oauth.UNIQUE_ID -->

+ <dl>

+ <dt>{L_UCP_AUTH_LINK_ID}{L_COLON}</dt>

+ <dd>{oauth.UNIQUE_ID}</dd>

+ </dl>

+ <dl>

+ <dt>&nbsp;</dt>

+ <dd><input type="submit" name="submit" tabindex="6" value="{L_UCP_AUTH_LINK_UNLINK}" class="button1" /></dd>

+ </dl>

+ <!-- ELSE -->

+ <dl>

+ <dd>{L_UCP_AUTH_LINK_ASK}</dd>

+ </dl>

+ <dl>

+ <dt>&nbsp;</dt>

+ <dd><input type="submit" name="submit" tabindex="6" value="{L_UCP_AUTH_LINK_LINK}" class="button1" /></dd>

+ </dl>

+ <!-- ENDIF-->

+ </fieldset>

+ {oauth.HIDDEN_FIELDS}

+ {S_HIDDEN_FIELDS}

+ {S_FORM_TOKEN}

+ </form>

+<!-- END oauth -->

+<!-- INCLUDE overall_header.html -->

+

+<div class="panel">

+ <div class="inner">

+

+ <h2>{SITENAME} - {L_LOGIN_LINK}</h2>

+

+ <p>{L_LOGIN_LINK_EXPLAIN}</p>

+

+ <!-- IF LOGIN_LINK_ERROR --><div class="content">

+ <div class="error">{LOGIN_LINK_ERROR}</div>

+ </div><!-- ENDIF -->

+

+ <div class="content">

+ <h2>{L_REGISTER}</h2>

+

+ <form action="{REGISTER_ACTION}" method="post" id="register">

+ <fieldset class="fields1">

+ <dl>

+ <dt>&nbsp;</dt>

+ <dd>{S_HIDDEN_FIELDS}<input type="submit" name="register" tabindex="1" value="{L_REGISTER}" class="button1" /></dd>

+ </dl>

+ </fieldset>

+ </form>

+ </div>

+

+ <div class="content">

+ <h2>{L_LOGIN}</h2>

+

+ <form action="{LOGIN_ACTION}" method="post" id="login">

+ <fieldset class="fields1">

+ <!-- IF LOGIN_ERROR --><div class="error">{LOGIN_ERROR}</div><!-- ENDIF -->

+ <dl>

+ <dt><label for="{USERNAME_CREDENTIAL}">{L_USERNAME}{L_COLON}</label></dt>

+ <dd><input type="text" tabindex="2" name="{USERNAME_CREDENTIAL}" id="{USERNAME_CREDENTIAL}" size="25" value="{LOGIN_USERNAME}" class="inputbox autowidth" /></dd>

+ </dl>

+ <dl>

+ <dt><label for="{PASSWORD_CREDENTIAL}">{L_PASSWORD}{L_COLON}</label></dt>

+ <dd><input type="password" tabindex="3" id="{PASSWORD_CREDENTIAL}" name="{PASSWORD_CREDENTIAL}" size="25" class="inputbox autowidth" /></dd>

+ </dl>

+ <!-- IF CAPTCHA_TEMPLATE and S_CONFIRM_CODE -->

+ <!-- DEFINE $CAPTCHA_TAB_INDEX = 4 -->

+ <!-- INCLUDE {CAPTCHA_TEMPLATE} -->

+ <!-- ENDIF -->

+

+ {S_LOGIN_REDIRECT}

+ <dl>

+ <dt>&nbsp;</dt>

+ <dd>{S_HIDDEN_FIELDS}<input type="submit" name="login" tabindex="5" value="{L_LOGIN}" class="button1" /></dd>

+ </dl>

+ </fieldset>

+ </form>

+ </div>

+

+ </div>

+</div>

+

+<!-- INCLUDE overall_footer.html -->

+ <div class="post-notice error">{L_DOWNLOAD_NOTICE}</div>

+ <!-- EVENT ucp_prefs_personal_prepend -->

+ <!-- EVENT ucp_prefs_personal_append -->

+ <!-- EVENT ucp_prefs_post_prepend -->

+ <!-- EVENT ucp_prefs_post_append -->

+ <!-- EVENT ucp_prefs_view_radio_buttons_prepend -->

+ <!-- EVENT ucp_prefs_view_radio_buttons_append -->

+ <!-- EVENT ucp_prefs_view_select_menu_prepend -->

+ <!-- EVENT ucp_prefs_view_select_menu_append -->

+ <!-- IF postrow.S_POST_UNAPPROVED -->

+ <p class="post-notice unapproved">

+ <strong>{L_POST_UNAPPROVED}</strong>

+ <input class="button2" type="submit" value="{L_DISAPPROVE}" name="action[disapprove]" />

+ <input class="button1" type="submit" value="{L_APPROVE}" name="action[approve]" />

+ <input type="hidden" name="post_id_list[]" value="{postrow.POST_ID}" />

+ {S_FORM_TOKEN}

+ <!-- ELSEIF postrow.S_POST_DELETED -->

+ <form method="post" class="mcp_approve" action="{postrow.U_APPROVE_ACTION}">

+ <p class="post-notice deleted">

+ <strong>{L_POST_DELETED}</strong>

+ <input class="button2" type="submit" value="{L_DELETE}" name="action[disapprove]" />

+ <input class="button1" type="submit" value="{L_RESTORE}" name="action[restore]" />

+ <input type="hidden" name="post_id_list[]" value="{postrow.POST_ID}" />

+ {S_FORM_TOKEN}

+ </p>

+ </form>

+ <!-- ENDIF -->

+

+ <!-- IF postrow.S_POST_REPORTED -->

+ <p class="post-notice reported">

+ <a href="{postrow.U_MCP_REPORT}"><strong>{L_POST_REPORTED}</strong></a>

+ </p>

+.rtl p.post-notice:before {

+ left: auto;

+ right: 0;

+ padding-left: 5px;

+ padding-right: 26px;

+}

+

+p.post-notice {

+p.post-notice.deleted:before {

+ background-image: url("./images/icon_topic_deleted.png");

+}

+

+p.post-notice.unapproved:before {

+ background-image: url("./images/icon_topic_unapproved.gif");

+}

+

+p.post-notice.reported:before, p.post-notice.error:before {

+ background-image: url("./images/icon_topic_reported.gif");

+}

+

+

+p.post-notice {

+ position: relative;

+ padding-left: 26px;

+ min-height: 14px;

+ margin-bottom: 1em;

+p.post-notice:before {

+ content: '';

+ display: block;

+ position: absolute;

+ top: 0;

+ bottom: 0;

+ left: 0;

+ width: 28px;

+ background: transparent none 50% 50% no-repeat;

+ pointer-events: none;

+form > p.post-notice strong {

+ line-height: 20px;

+ <!-- IF not S_ADMIN_AUTH and PROVIDER_TEMPLATE_FILE -->

+ <!-- INCLUDE {PROVIDER_TEMPLATE_FILE} -->

+ <!-- ENDIF -->

+<!-- BEGIN oauth -->

+ <tr>

+ <td>

+ <a href="{oauth.REDIRECT_URL}">{oauth.SERVICE_NAME}</a>

+ </td>

+ </tr>

+<!-- END oauth -->

+ <td class="cat" align="center" colspan="2"><!-- IF not S_REPORT_CLOSED --><input class="btnmain" type="submit" value="{L_CLOSE_REPORT}" name="action[close]" /><!-- ELSE -->{L_REPORT_CLOSED}<!-- ENDIF --> &nbsp; <input class="btnlite" type="submit" value="{L_DELETE_REPORT}" name="action[delete]" /></td>

+<!-- INCLUDE ucp_header.html -->

+

+<table class="tablebg" width="100%" cellspacing="1">

+ <tr>

+ <th colspan="4">{L_UCP_AUTH_LINK_TITLE}</th>

+ </tr>

+

+ <!-- IF ERROR -->

+ <tr>

+ <td class="row1" colspan="2" align="center"><span class="genmed error">{ERROR}</span></td>

+ </tr>

+ <!-- ENDIF -->

+

+ <!-- INCLUDE {PROVIDER_TEMPLATE_FILE} -->

+</table>

+

+<!-- INCLUDE ucp_footer.html -->

+<!-- BEGIN oauth -->

+ <tr>

+ <th>{oauth.SERVICE_NAME}</th>

+ </tr>

+

+ <tr>

+ <td class="row1">

+ <form id="ucp" method="post" action="{S_UCP_ACTION}">

+ <table>

+ <!-- IF oauth.UNIQUE_ID -->

+ <tr>

+ <td class="row1">{L_UCP_AUTH_LINK_ID}{L_COLON}</td>

+ <td class="row1">{oauth.UNIQUE_ID}</td>

+ </tr>

+ <tr>

+ <td class="row1">&nbsp;</td>

+ <td class="row1"><input type="submit" name="submit" tabindex="6" value="{L_UCP_AUTH_LINK_UNLINK}" class="button1" /></td>

+ </tr>

+ <!-- ELSE -->

+ <tr>

+ <td class="row1">{L_UCP_AUTH_LINK_ASK}</td>

+ </tr>

+ <tr>

+ <td class="row1"><input type="submit" name="submit" tabindex="6" value="{L_UCP_AUTH_LINK_LINK}" class="button1" /></td>

+ </tr>

+ <!-- ENDIF-->

+ </table>

+ {oauth.HIDDEN_FIELDS}

+ {S_HIDDEN_FIELDS}

+ {S_FORM_TOKEN}

+ </form>

+ </td>

+ </tr>

+<!-- END oauth -->

+<!-- INCLUDE overall_header.html -->

+

+<table class="tablebg" width="100%" cellspacing="1">

+ <tr>

+ <th>{SITENAME} - {L_LOGIN_LINK}</th>

+ </tr>

+

+ <tr>

+ <td class="row1" align="center"><span class="genmed">{L_LOGIN_LINK_EXPLAIN}</span></td>

+ </tr>

+

+ <!-- IF LOGIN_LINK_ERROR -->

+ <tr>

+ <td class="row1" align="center"><span class="genmed error">{LOGIN_LINK_ERROR}</span></td>

+ </tr>

+ <!-- ENDIF -->

+

+ <tr>

+ <td class="row1">

+ <form action="{REGISTER_ACTION}" method="post" id="register">

+ <table width="100%" cellspacing="1">

+ <tr>

+ <th colspan="2">{L_REGISTER}</th>

+ </tr>

+

+ <tr>

+ <td>{S_HIDDEN_FIELDS}<input type="submit" name="register" tabindex="1" value="{L_REGISTER}" class="button1" /></td>

+ </tr>

+ </table>

+ </form>

+ </td>

+ </tr>

+

+ <tr>

+ <td class="row1">

+ <form action="{LOGIN_ACTION}" method="post" id="login">

+ <table width="100%" cellspacing="1">

+ <tr>

+ <th colspan="2">{L_LOGIN}</th>

+ </tr>

+

+ <!-- IF LOGIN_ERROR -->

+ <tr>

+ <td class="row1" align="center" colspan="2"><span class="genmed error">{LOGIN_ERROR}</span></td>

+ </tr>

+ <!-- ENDIF -->

+

+ <tr>

+ <td><label for="{USERNAME_CREDENTIAL}">{L_USERNAME}{L_COLON}</label></td>

+ <td><input type="text" tabindex="2" name="{USERNAME_CREDENTIAL}" id="{USERNAME_CREDENTIAL}" size="25" value="{LOGIN_USERNAME}" class="inputbox autowidth" /></td>

+ </tr>

+

+ <tr>

+ <td><label for="{PASSWORD_CREDENTIAL}">{L_PASSWORD}{L_COLON}</label></td>

+ <td><input type="password" tabindex="3" id="{PASSWORD_CREDENTIAL}" name="{PASSWORD_CREDENTIAL}" size="25" class="inputbox autowidth" /></td>

+ </tr>

+

+ <!-- IF CAPTCHA_TEMPLATE and S_CONFIRM_CODE -->

+ <!-- DEFINE $CAPTCHA_TAB_INDEX = 4 -->

+ <!-- INCLUDE {CAPTCHA_TEMPLATE} -->

+ <!-- ENDIF -->

+

+ {S_LOGIN_REDIRECT}

+ <tr>

+ <td>&nbsp;</td>

+ <td>{S_HIDDEN_FIELDS}<input type="submit" name="login" tabindex="5" value="{L_LOGIN}" class="button1" /></td>

+ </tr>

+ </table>

+ </form>

+ </td>

+ </tr>

+</table>

+

+<!-- INCLUDE overall_footer.html -->

+<!-- EVENT ucp_prefs_personal_prepend -->

+<!-- EVENT ucp_prefs_personal_append -->

+<!-- EVENT ucp_prefs_post_prepend -->

+<!-- EVENT ucp_prefs_post_append -->

+<!-- EVENT ucp_prefs_view_radio_buttons_prepend -->

+<!-- EVENT ucp_prefs_view_radio_buttons_append -->

+<!-- EVENT ucp_prefs_view_select_menu_prepend -->

+<!-- EVENT ucp_prefs_view_select_menu_append -->

+if (in_array($mode, array('login', 'login_link', 'logout', 'confirm', 'sendpassword', 'activate')))

+ case 'login_link':

+ if ($user->data['is_registered'])

+ {

+ redirect(append_sid("{$phpbb_root_path}index.$phpEx"));

+ }

+

+ $module->load('ucp', 'login_link');

+ $module->display($user->lang['UCP_LOGIN_LINK']);

+ break;

+

+ $rowset_data = array(

+ /**

+ * Modify the post rowset containing data to be displayed with posts

+ *

+ * @event core.viewtopic_post_rowset_data

+ * @var array rowset_data Array with the rowset data for this post

+ * @var array row Array with original user and post data

+ * @since 3.1-A1

+ */

+ $vars = array('rowset_data', 'row');

+ extract($phpbb_dispatcher->trigger_event('core.viewtopic_post_rowset_data', compact($vars)));

+

+ $rowset[$row['post_id']] = $rowset_data;

+

+<?xml version="1.0" encoding="UTF-8" ?>

+<dataset>

+ <table name="phpbb_oauth_tokens">

+ <column>user_id</column>

+ <column>session_id</column>

+ <column>provider</column>

+ <column>oauth_token</column>

+ </table>

+</dataset>

+

+<?php

+/**

+*

+* @package testing

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+use OAuth\OAuth2\Token\StdOAuth2Token;

+

+class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_case

+{

+ protected $db;

+ protected $service_name;

+ protected $session_id;

+ protected $token_storage;

+ protected $token_storage_table;

+ protected $user;

+

+ protected function setup()

+ {

+ parent::setUp();

+

+ global $phpbb_root_path, $phpEx;

+

+ $this->db = $this->new_dbal();

+ $this->user = $this->getMock('phpbb_user');

+ $this->service_name = 'auth.provider.oauth.service.testing';

+ $this->token_storage_table = 'phpbb_oauth_tokens';

+

+ // Give the user a session_id that we will remember

+ $this->session_id = '12345';

+ $this->user->data['session_id'] = $this->session_id;

+

+ // Set the user id to anonymous

+ $this->user->data['user_id'] = ANONYMOUS;

+

+ $this->token_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->token_storage_table);

+ }

+

+ public function getDataSet()

+ {

+ return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/oauth_tokens.xml');

+ }

+

+ public static function retrieveAccessToken_data()

+ {

+ return array(

+ array(new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param')), null),

+ array(null, 'OAuth\Common\Storage\Exception\TokenNotFoundException'),

+ );

+ }

+

+ /**

+ * @dataProvider retrieveAccessToken_data

+ */

+ public function test_retrieveAccessToken($cache_token, $exception)

+ {

+ if ($cache_token)

+ {

+ $this->token_storage->storeAccessToken($this->service_name, $cache_token);

+ $token = $cache_token;

+ }

+

+ $this->setExpectedException($exception);

+

+ $stored_token = $this->token_storage->retrieveAccessToken($this->service_name);

+ $this->assertEquals($token, $stored_token);

+ }

+

+ public function test_retrieveAccessToken_from_db()

+ {

+ $expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES);

+

+ // Store a token in the database

+ $temp_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->token_storage_table);

+ $temp_storage->storeAccessToken($this->service_name, $expected_token);

+ unset($temp_storage);

+

+ // Test to see if the token can be retrieved

+ $stored_token = $this->token_storage->retrieveAccessToken($this->service_name);

+ $this->assertEquals($expected_token, $stored_token);

+ }

+

+ /**

+ * @dataProvider retrieveAccessToken_data

+ */

+ public function test_retrieve_access_token_by_session($cache_token, $exception)

+ {

+ if ($cache_token)

+ {

+ $this->token_storage->storeAccessToken($this->service_name, $cache_token);

+ $token = $cache_token;

+ }

+

+ $this->setExpectedException($exception);

+

+ $stored_token = $this->token_storage->retrieve_access_token_by_session($this->service_name);

+ $this->assertEquals($token, $stored_token);

+ }

+

+ public function test_retrieve_access_token_by_session_from_db()

+ {

+ $expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES);

+

+ // Store a token in the database

+ $temp_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->token_storage_table);

+ $temp_storage->storeAccessToken($this->service_name, $expected_token);

+ unset($temp_storage);

+

+ // Test to see if the token can be retrieved

+ $stored_token = $this->token_storage->retrieve_access_token_by_session($this->service_name);

+ $this->assertEquals($expected_token, $stored_token);

+ }

+

+ public function test_storeAccessToken()

+ {

+ $token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );

+ $this->token_storage->storeAccessToken($this->service_name, $token);

+

+ // Confirm that the token is cached

+ $extraParams = $this->token_storage->retrieveAccessToken($this->service_name)->getExtraParams();

+ $this->assertEquals( 'param', $extraParams['extra'] );

+ $this->assertEquals( 'access', $this->token_storage->retrieveAccessToken($this->service_name)->getAccessToken() );

+

+ $row = $this->get_token_row_by_session_id($this->session_id);

+

+ // The token is serialized before stored in the database

+ $this->assertEquals($this->token_storage->json_encode_token($token), $row['oauth_token']);

+ }

+

+ public static function hasAccessToken_data()

+ {

+ return array(

+ array(null, false),

+ array(new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ), true),

+ );

+ }

+

+ /**

+ * @dataProvider hasAccessToken_data

+ */

+ public function test_hasAccessToken($token, $expected)

+ {

+ if ($token)

+ {

+ $this->token_storage->storeAccessToken($this->service_name, $token);

+ }

+

+ $has_access_token = $this->token_storage->hasAccessToken($this->service_name);

+ $this->assertEquals($expected, $has_access_token);

+ }

+

+ /**

+ * @dataProvider hasAccessToken_data

+ */

+ public function test_has_access_token_by_session($token, $expected)

+ {

+ if ($token)

+ {

+ $this->token_storage->storeAccessToken($this->service_name, $token);

+ }

+

+ $has_access_token = $this->token_storage->has_access_token_by_session($this->service_name);

+ $this->assertEquals($expected, $has_access_token);

+ }

+

+ public function test_clearToken()

+ {

+ $token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );

+ $this->token_storage->storeAccessToken($this->service_name, $token);

+

+ $this->token_storage->clearToken($this->service_name);

+

+ // Check that the database has been cleared

+ $row = $this->get_token_row_by_session_id($this->session_id);

+ $this->assertFalse($row);

+

+ // Check that the token is no longer in memory

+ $this->assertFalse($this->token_storage->hasAccessToken($this->service_name));

+ }

+

+ public function test_set_user_id()

+ {

+ $token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );

+ $this->token_storage->storeAccessToken($this->service_name, $token);

+

+ $new_user_id = ANONYMOUS + 1;

+ $this->token_storage->set_user_id($new_user_id);

+

+ $row = $this->get_token_row_by_session_id($this->session_id);

+ $this->assertEquals($new_user_id, $row['user_id']);

+ }

+

+ protected function get_token_row_by_session_id($session_id)

+ {

+ // Test that the token is stored in the database

+ $sql = 'SELECT * FROM phpbb_oauth_tokens

+ WHERE session_id = \'' . $this->db->sql_escape($session_id) . '\'';

+ $result = $this->db->sql_query($sql);

+ $row = $this->db->sql_fetchrow($result);

+ $this->db->sql_freeresult($result);

+

+ return $row;

+ }

+}

+ public function get_super_global($super_global = phpbb_request_interface::REQUEST)

+ {

+ return $this->data[$super_global];

+ }

+

+<?php

+/**

+*

+* @package testing

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+require_once dirname(__FILE__) . '/manager_helper.php';

+

+abstract class phpbb_tests_notification_base extends phpbb_database_test_case

+{

+ protected $notifications, $db, $container, $user, $config, $auth, $cache;

+

+ protected function get_notification_types()

+ {

+ return array(

+ 'test',

+ 'approve_post',

+ 'approve_topic',

+ 'bookmark',

+ 'disapprove_post',

+ 'disapprove_topic',

+ 'pm',

+ 'post',

+ 'post_in_queue',

+ 'quote',

+ 'report_pm',

+ 'report_pm_closed',

+ 'report_post',

+ 'report_post_closed',

+ 'topic',

+ 'topic_in_queue',

+ );

+ }

+

+ protected function setUp()

+ {

+ parent::setUp();

+

+ global $phpbb_root_path, $phpEx;

+

+ include_once(__DIR__ . '/ext/test/notification/type/test.' . $phpEx);

+

+ global $db, $config, $user, $auth, $cache, $phpbb_container;

+

+ $db = $this->db = $this->new_dbal();

+ $config = $this->config = new phpbb_config(array(

+ 'allow_privmsg' => true,

+ 'allow_bookmarks' => true,

+ 'allow_topic_notify' => true,

+ 'allow_forum_notify' => true,

+ ));

+ $user = $this->user = new phpbb_user();

+ $this->user_loader = new phpbb_user_loader($this->db, $phpbb_root_path, $phpEx, 'phpbb_users');

+ $auth = $this->auth = new phpbb_mock_notifications_auth();

+ $cache = $this->cache = new phpbb_cache_service(

+ new phpbb_cache_driver_null(),

+ $this->config,

+ $this->db,

+ $phpbb_root_path,

+ $phpEx

+ );

+

+ $phpbb_container = $this->container = new phpbb_mock_container_builder();

+

+ $this->notifications = new phpbb_notification_manager_helper(

+ array(),

+ array(),

+ $this->container,

+ $this->user_loader,

+ $this->db,

+ $this->cache,

+ $this->user,

+ $phpbb_root_path,

+ $phpEx,

+ 'phpbb_notification_types',

+ 'phpbb_notifications',

+ 'phpbb_user_notifications'

+ );

+

+ $phpbb_container->set('notification_manager', $this->notifications);

+

+ $this->notifications->setDependencies($this->auth, $this->config);

+

+ $types = array();

+ foreach ($this->get_notification_types() as $type)

+ {

+ $class = $this->build_type('phpbb_notification_type_' . $type);

+

+ $types[$type] = $class;

+ $this->container->set('notification.type.' . $type, $class);

+ }

+

+ $this->notifications->set_var('notification_types', $types);

+

+ $this->db->sql_query('DELETE FROM phpbb_notification_types');

+ $this->db->sql_query('DELETE FROM phpbb_notifications');

+ $this->db->sql_query('DELETE FROM phpbb_user_notifications');

+ }

+

+ protected function build_type($type)

+ {

+ global $phpbb_root_path, $phpEx;

+

+ return new $type($this->user_loader, $this->db, $this->cache->get_driver(), $this->user, $this->auth, $this->config, $phpbb_root_path, $phpEx, 'phpbb_notification_types', 'phpbb_notifications', 'phpbb_user_notifications');

+ }

+

+ protected function assert_notifications($expected, $options = array())

+ {

+ $notifications = $this->notifications->load_notifications(array_merge(array(

+ 'count_unread' => true,

+ 'order_by' => 'notification_time',

+ 'order_dir' => 'ASC',

+ ), $options));

+

+ $this->assertEquals(sizeof($expected), $notifications['unread_count']);

+

+ $i = 0;

+ foreach ($notifications['notifications'] as $notification)

+ {

+ foreach ($expected[$i] as $key => $value)

+ {

+ $this->assertEquals($value, $notification->$key, $i . ' ' . $key);

+ }

+

+ $i++;

+ }

+ }

+}

+<?xml version="1.0" encoding="UTF-8" ?>

+<dataset>

+ <table name="phpbb_users">

+ <column>user_id</column>

+ <column>username</column>

+ <column>username_clean</column>

+ <column>user_permissions</column>

+ <column>user_sig</column>

+ <column>user_occ</column>

+ <column>user_interests</column>

+ <row>

+ <value>2</value>

+ <value>2</value>

+ <value>2</value>

+ <value></value>

+ <value></value>

+ <value></value>

+ <value></value>

+ </row>

+ <row>

+ <value>3</value>

+ <value>3</value>

+ <value>3</value>

+ <value></value>

+ <value></value>

+ <value></value>

+ <value></value>

+ </row>

+ </table>

+</dataset>

+<?php

+/**

+*

+* @package testing

+* @copyright (c) 2013 phpBB Group

+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2

+*

+*/

+

+require_once dirname(__FILE__) . '/base.php';

+

+class phpbb_notification_group_request_test extends phpbb_tests_notification_base

+{

+ public function getDataSet()

+ {

+ return $this->createXMLDataSet(dirname(__FILE__) . '/fixtures/group_request.xml');

+ }

+

+ protected function get_notification_types()

+ {

+ return array_merge(

+ parent::get_notification_types(),

+ array(

+ 'group_request',

+ 'group_request_approved',

+ )

+ );

+ }

+

+ public function test_notifications()

+ {

+ global $phpbb_root_path, $phpEx, $phpbb_dispatcher, $phpbb_log;

+

+ include_once($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx);

+ include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);

+ include_once($phpbb_root_path . 'includes/functions_content.' . $phpEx);

+

+ set_config(false, false, false, $this->config);

+

+ $this->container->set('groupposition.legend', new phpbb_groupposition_legend(

+ $this->db,

+ $this->user

+ ));

+ $this->container->set('groupposition.teampage', new phpbb_groupposition_teampage(

+ $this->db,

+ $this->user,

+ $this->cache->get_driver()

+ ));

+ $phpbb_dispatcher = new phpbb_mock_event_dispatcher;

+ $phpbb_log = new phpbb_log_null();

+

+ // Now on to the actual test

+

+ $group_id = false;

+ group_create($group_id, GROUP_OPEN, 'test', 'test group', array());

+

+ // Add user 2 as group leader

+ group_user_add($group_id, 2, false, false, false, true, false);

+

+ // Add user 3 as pending

+ group_user_add($group_id, 3, false, false, false, false, true);

+

+ $this->assert_notifications(

+ array(

+ // user 3 pending notification

+ array(

+ 'item_id' => 3, // user_id of requesting join

+ 'item_parent_id' => $group_id,

+ 'user_id' => 2,

+ 'notification_read' => 0,

+ 'notification_data' => array(

+ 'group_name' => 'test',

+ ),

+ ),

+ ),

+ array(

+ 'user_id' => 2,

+ )

+ );

+

+ // Approve user 3 joining the group

+ group_user_attributes('approve', $group_id, array(3));

+

+ // user 3 pending notification should have been deleted

+ $this->assert_notifications(

+ array(),

+ array(

+ 'user_id' => 2,

+ )

+ );

+

+ $this->assert_notifications(

+ array(

+ // user 3 approved notification

+ array(

+ 'item_id' => $group_id, // user_id of requesting join

+ 'user_id' => 3,

+ 'notification_read' => 0,

+ 'notification_data' => array(

+ 'group_name' => 'test',

+ ),

+ ),

+ ),

+ array(

+ 'user_id' => 3,

+ )

+ );

+ }

+}

+require_once dirname(__FILE__) . '/base.php';

+class phpbb_notification_test extends phpbb_tests_notification_base

+ $post_type_id = $this->notifications->get_notification_type_id('post');

+ $quote_type_id = $this->notifications->get_notification_type_id('quote');

+ $test_type_id = $this->notifications->get_notification_type_id('test');

+ 'test' => $test_type_id,

+ 'quote' => $quote_type_id,

+ 'post' => $post_type_id,

+ $this->assertEquals($quote_type_id, $this->notifications->get_notification_type_id('quote'));

+ $this->assertEquals(false, $this->notifications->get_notification_type_id('fail'));

+ $this->assert_notifications(

+ array(

+ array(

+ 'item_id' => 1,

+ 'item_parent_id' => 1,

+ 'user_id' => 0,

+ 'notification_read' => 0,

+ 'notification_time' => 1349413321,

+ 'notification_data' => array(),

+ array(

+ 'item_id' => 2,

+ 'item_parent_id' => 2,

+ 'user_id' => 0,

+ 'notification_read' => 0,

+ 'notification_time' => 1349413322,

+ 'notification_data' => array(),

+ array(

+ 'item_id' => 3,

+ 'item_parent_id' => 2,

+ 'user_id' => 0,

+ 'notification_read' => 0,

+ 'notification_time' => 1349413323,

+ 'notification_data' => array(),

+ ),

+ array(

+ 'item_id' => 4,

+ 'item_parent_id' => 2,

+ 'user_id' => 0,

+ 'notification_read' => 0,

+ 'notification_time' => 1349413324,

+ 'notification_data' => array(

+ 'poster_id' => 2,

+ 'topic_title' => 'test-title',

+ 'post_subject' => 'Re: test-title',

+ 'post_username' => '',

+ 'forum_id' => 2,

+ 'forum_name' => 'Your first forum',

+ ),

+ ),

+ array(

+ 'item_id' => 5,

+ 'item_parent_id' => 2,

+ 'user_id' => 0,

+ 'notification_read' => 0,

+ 'notification_time' => 1349413325,

+ 'notification_data' => array(

+ 'poster_id' => 2,

+ 'topic_title' => 'test-title',

+ 'post_subject' => 'Re: test-title',

+ 'post_username' => '',

+ 'forum_id' => 2,

+ 'forum_name' => 'Your first forum',

+ ),

+ ),

+ )

+ $this->assert_notifications(

+ array(

+ array(

+ 'item_id' => 3,

+ 'item_parent_id' => 2,

+ 'user_id' => 0,

+ 'notification_read' => 0,

+ 'notification_time' => 1234,

+ 'notification_data' => array(),

+ array(

+ 'item_id' => 1,

+ 'item_parent_id' => 2,

+ 'user_id' => 0,

+ 'notification_read' => 0,

+ 'notification_time' => 1349413321,

+ 'notification_data' => array(),

+ array(

+ 'item_id' => 2,

+ 'item_parent_id' => 2,

+ 'user_id' => 0,

+ 'notification_read' => 0,

+ 'notification_time' => 1349413322,

+ 'notification_data' => array(),

+ ),

+ array(

+ 'item_id' => 4,

+ 'item_parent_id' => 2,

+ 'user_id' => 0,

+ 'notification_read' => 0,

+ 'notification_time' => 1349413324,

+ 'notification_data' => array(

+ 'poster_id' => 2,

+ 'topic_title' => 'test-title',

+ 'post_subject' => 'Re: test-title',

+ 'post_username' => '',

+ 'forum_id' => 2,

+ 'forum_name' => 'Your first forum',

+ ),

+ ),

+ array(

+ 'item_id' => 5,

+ 'item_parent_id' => 2,

+ 'user_id' => 0,

+ 'notification_read' => 0,

+ 'notification_time' => 1349413325,

+ 'notification_data' => array(

+ 'poster_id' => 2,

+ 'topic_title' => 'test-title2',

+ 'post_subject' => 'Re: test-title2',

+ 'post_username' => '',

+ 'forum_id' => 3,

+ 'forum_name' => 'Your second forum',

+ ),

+ ),

+ )

+ "xyz\nabc\n\$VALUE == 'abc'\n(\$VALUE == 'abc')\n!\$DOESNT_EXIST\n(!\$DOESNT_EXIST)\nabc\nbar\nbar\nabc\ntest!@#$%^&*()_-=+{}[]:;\",<.>/?[]|foobar|",

+ "variable.html\nvariable.html\nvariable.html",