| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
- Fixed some typos
- Fixed the way an association is retreived from the store (getAssociation()).
The existing implementation was poping (LPOP) from a list, causing unneeded
re-associations. If we need to discard stale association handles, i think we
should rather set the appropriate expiry intervals.
|
| |\
| |
| | |
Add warning when you disable SSL, don't be silly please
|
| | | |
|
| |\ \
| |/
|/| |
Reject OpenID XML responses with a doctype
|
| | | |
|
| |/ |
|
| |\
| |
| | |
Add Auth_OpenID_DISABLE_SSL_VERIFY opt to disable SSL verify
|
| | | |
|
| | | |
|
| |\ \
| | |
| | | |
Yadis: drop custom replaceEntities() function and use html_entity_decode
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Yadis' ParseHTML.php has a replaceEntities() function for replacing HTML
entities, with a comment that appears to explain its existence by stating
"Replace numeric entities because html_entity_decode doesn't do it for us".
This is breaking with PHP 5.5 because it uses the deprecated /e modifier
for preg_replace() - https://github.com/openid/php-openid/issues/108 .
I think this custom function is no longer needed at least with PHP 5. PHP 5
has had support for replacing numeric entities since 2003, and its entity
handling code has been refined quite a lot since then. replaceEntities() has
been there since 2006, and probably earlier. I guess at that time PHP 4
compatibility was still important so this was needed - I don't think PHP 4's
html_entity_decode() has ever had numeric entity support - but now PHP 5 is
a decade old and there's a separate PHP 4 branch of php-openid, I think we
can ditch replaceEntities() in the main branch!
|
| |\ \
| | |
| | | |
Improves open_basedir detection
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
fredden@gordo:/tmp/php-openid/examples$ php detect.php | grep -C1 basedir
If you are using a filesystem-based store or SQLite, be aware that
open_basedir
<http://www.php.net/manual/en/features.safe-mode.php#ini.open-basedir> is
in effect. This means that your data will have to be stored in one of the
fredden@gordo:/tmp/php-openid/examples$ php -i | grep basedir
open_basedir => no value => no value
fredden@gordo:/tmp/php-openid/examples$ vi detect.php
fredden@gordo:/tmp/php-openid/examples$ php detect.php | grep basedir
The *open_basedir* configuration restriction is not in effect.
fredden@gordo:/tmp/php-openid/examples$ git diff detect.php
diff --git a/examples/detect.php b/examples/detect.php
index 9c59db3..90e3995 100644
--- a/examples/detect.php
+++ b/examples/detect.php
@@ -352,7 +352,7 @@ function detect_stores($r, &$out)
}
$basedir_str = ini_get('open_basedir');
- if (gettype($basedir_str) == 'string') {
+ if (gettype($basedir_str) == 'string' && $basedir_str) {
$url = 'http://www.php.net/manual/en/features.safe-mode.php' .
'#ini.open-basedir';
$lnk = $r->link($url, 'open_basedir');
fredden@gordo:/tmp/php-openid/examples$
|
| |\ \ \
| |_|/
|/| | |
Update Consumer.php for Auth_OpenID_DumbStore
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
```
$this->_use_assocs = (is_null($this->store) ? false : true);
```
always return true, even the store is Auth_OpenID_DumbStore, and do an association with the OpenID Server.
but OpenID Server will reject the check_authentication, if RP have do an association.
|
| |\ \ \
| |/ /
|/| | |
issue #8 fix (PHP 5.4 call-time pass-by-reference removed)
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
Changed gist location as the current was returning 404, new Hello World!...
|
| |/ / /
| | |
| | |
| | | |
gist created
|
| |\ \ \
| | | |
| | | | |
Fixed wrong expiration command (expiresat -> expireat)
|
| | | | | |
|
| | | | |
| | | |
| | | | |
libxml_disable_entity_loader (PHP 5 >= 5.2.11)
|
| |\ \ \ \
| |/ / /
| | | | |
Implemented PredisStore to provide association store for Redis servers.
|
| | | |/
| |/| |
|
| |/ /
| |
| |
| | |
thanks to Kousuke Ebihara for the report and patch.
|
| |\ \
| | |
| | | |
PEAR and strict mode issues
|
| |/ / |
|
| |\ \
| | |
| | | |
Pass request data to fix AX. Fixes #54.
|
| |/ /
| |
| |
| |
| |
| | |
AX fetch response is created based on AX fetch request data. Need to
pass the $request to the Auth_OpenID_AX_FetchResponse getExtensionArgs
method.
|
| |\ \
| | |
| | | |
Separate file_exists() and filesize() checks to avoid fread and filesize error
|
| |/ / |
|
| |\ \
| |/
|/| |
Added composer support
|
| |/ |
|
| |\
| |
| | |
If $_SESSION isn't set, don't trigger a PHP notice.
|
| | | |
|
| |/ |
|
| |\
| |
| | |
Fix encoding errors in some POST forms + fix example server
|
| | |
| |
| |
| |
| | |
Since all objects are passed by reference in PHP 5, assigning them by
reference does not make sense, and in some cases causes warnings.
|
| | |
| |
| |
| |
| |
| | |
Since this data is inserted as strings in HTML documents, we should
call htmlspecialchars() to protect against any values containing
special characters, e.g. '"' or '&'.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
needed)."
Since the message values are not URL encoded, calling urldecode() on
them does not make sense. Instead, it breaks any OpenID parameter
containing anything that looks like URL encoding.
This reverts commit 8d53dfe542f321da3a6e6d6e626923d575ed91d2.
|
| |\ \
| | |
| | | |
Removed logging calls for a successful retrieval, as the PlainHTTPFetcher doesn't perform logging on a successful commit.
|
| | | |
| | |
| | |
| | | |
doesn't perform logging on a successful commit.
|
| |\ \ \
| |_|/
|/| | |
Set proxy options only if Auth_OpenID_HTTP_PROXY is explicitly set
|
| |/ / |
|
| |\ \
| | |
| | | |
Fixed issue #32
|
| |/ / |
|
| |\ \
| | |
| | | |
Fixing "preg_match_all() expects parameter 2 to be string, array given" error
|
| |/ / |
|
| |\ \
| | |
| | | |
Fixed one deprecated runtime call-by-reference from Server.php (line 1707)
|
| |/ / |
|
| |\ \
| | |
| | | |
Changing datatype of the server_url column from blob to varchar
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
Remove call-time pass-by-reference
|
| |/ / / |
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
Fix for all dl() cases and short_open_tag
I'm pretty sure we should remove the dl() calls entirely, since it is not longer present in PHP 5.3, but going ahead and merging this as-is for now.
|
| | | | | |
|
| | | |/
| |/| |
|
| |\ \ \
| | | |
| | | | |
Fix detect
|
| | | | |
| | | |
| | | |
| | | | |
changed and they do some redirects. This makes the test pass again
|
| | |/ /
| | |
| | |
| | | |
format the URL doesn't get printed.
|
| |\ \ \
| | | |
| | | | |
Fix minor typo
|
| | |/ / |
|
| | | |
| | |
| | |
| | | |
partially fixes #38
|
| | | |
| | |
| | |
| | | |
make it a little more readable and obvious what we're doing here
|
| |/ /
| |
| |
| | |
verification on and off, or leaving the defaults as-is.
|
| |\ \
| | |
| | |
| | | |
adrianlang-master
|
| | |/ |
|
| |/
|
|
| |
is not available the old mechanisms are used.
|
| |
|
|
|
|
| |
This was also logged previously as Trac ticket 356
This patch was submitted at the time by https://me.yahoo.com/doulepov
|
| |
|
|
|
|
|
|
|
| |
Auth/OpenID/Parse.php
The match() function takes a reference parameter $match and, depending on execution flow, either returns that as an array or a string. This has been modified to now return an array in both cases.
Auth/OpenID/Consumer.php
Auth/Yadis/Manager.php
Fixed two function calls with explicit call-by-reference parameters.
|
| |
|
|
| |
openid-enabled.com in detect.php
|
| | |
|
| | |
|
| |
|
|
| |
2. Fixed a notice with absent $_GET parameter.
|
| |
|
|
| |
github.com/openid/php-openid branch
|
| |
|
|
| |
pseudo-references
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
user reported that the regular expression in Auth/OpenID/Parse.php is too greedy to cope with big pages. A simple fix is to make .? to . See http://bugs.debian.org/535479 for more info."
|
| | |
|
| |\ |
|
| | | |
|
| | | |
|
| | | |
|
| |/
|
|
| |
reference here, as php-5.x already treats all objects as pseudo-references'
|
| |\ |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This prevents a blank page with no error indication at all, if there
appears to happen a fatal error when trying to require DB.php from
the global include path (very bad practice!)
Instead, using is_subclass_of should be enough, especially when
using an own implementation.
|
| | |
| |
| |
| | |
the commit was failing as when I tried to pull the change. This fixes the issue opened by ccazette: 'In Server.php, this function calls the Auth_OpenID_verifyReturnTo() function from TrustRoot.php, which takes 3 arguments, but only 2 are given in call_user_func_array.'
|
| |/
|
|
| |
me a notice error at line 1471 because ->code can be undefined. An isset test can correct the problem ;)'
|
| |
|
|
| |
reference has been updated.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
http://trac.openidenabled.com/trac/ticket/338
(http://trac.openidenabled.com/trac/attachment/ticket/338/openid-php5.3.diff)
Patch makes php-openid library compatible with PHP 5.3, and included changes to many files.
Original Message:
Reported by: http://paulisageek.com/
Opened 6 months ago
Last modified 2 months ago
php openid library doesn't seem to work with php 5.3
"I get many PHP warnings and then the error condition on the Consumer.
Deprecated: Assigning the return value of new by reference is deprecated in *path*/Auth/OpenID/Consumer.php on line 271
Deprecated: Assigning the return value of new by reference is deprecated in *path*/Auth/OpenID/Consumer.php on line 273
Warning: Parameter 1 to filter_MatchesAnyOpenIDType() expected to be a reference, value given in *path*/Auth/Yadis/XRDS.php on line 431
Warning: Parameter 2 to Auth_OpenID_GenericConsumer::_completeInvalid() expected to be a reference, value given in *path*/Auth/OpenID/Consumer.php on line 669 "
It should be noted that 3 hunks across 7 files failed, and I applied most of them manually. 7 files were patched.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
http://trac.openidenabled.com/trac/ticket/337
(http://trac.openidenabled.com/trac/attachment/ticket/337/php-openid-php5.3.patch)
Patch makes php-openid library compatible with PHP 5.3, and included changes to many files.
Original Message:
Reported by: http://bfarber.myopenid.com/
Opened 7 months ago
Last modified 2 months ago
PHP OpenID libraries do not work on PHP 5.3
"In my own application the script simply stops working at
function Auth_OpenID_setNoMathSupport() {
if (!defined('Auth_OpenID_NO_MATH_SUPPORT')) {
define('Auth_OpenID_NO_MATH_SUPPORT', true);
}
}
(Namespace issue perhaps?)
I downloaded the latest 2.1.3 libraries available from the site here and set them up on my local server. Using PHP 5.2.9 they work fine (with some notices) however using PHP 5.3 they don't work at all. I just get this one a white screen
Deprecated: Assigning the return value of new by reference is deprecated in C:\wamp\www\openid\php-openid-2.1.3\examples\consumer\common.php on line 72
Deprecated: Assigning the return value of new by reference is deprecated in C:\wamp\www\openid\php-openid-2.1.3\Auth\OpenID\Consumer.php on line 271
Deprecated: Assigning the return value of new by reference is deprecated in C:\wamp\www\openid\php-openid-2.1.3\Auth\OpenID\Consumer.php on line 273"
It should be noted that 34 hunks across about 22 files failed, and I applied most of them manually. 37 files were patched.
|
| |
|
|
|
|
|
|
|
| |
http://php-openid-apps-discovery.googlecode.com/files/php-openid-apps-discover-1.0.1.tar.gz to the contrib/google directory.
Project Home:
http://code.google.com/p/php-openid-apps-discovery/
"Add-on to JanRain's php-openid library that enables the use of Google Apps host domains as an IDP."
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
http://lists.openidenabled.com/pipermail/dev/attachments/20090928/2d616914/attachment.bin
Original Message:
anthony.lenton at canonical.com anthony.lenton at canonical.com
Mon Sep 28 11:30:12 PDT 2009
darcs patch: cURL verify host
"With this patch, if you define Auth_Openid_VERIFY_HOST cURL will enable host verification on ssl connections, for added security."
This patch was in the form of a Darcs patch, not a normal patch. So solve this, I applied it to the Darcs repository found on openidenabled, then created a new diff file between the original Darcs repo and the new one (with the patch applied) so that I could apply it to this git repo.
All hunks were applied successfully.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
http://lists.openidenabled.com/pipermail/dev/attachments/20090206/f0d91666/attachment-0001.bin
Original Message:
will at willnorris.com will at willnorris.com
Fri Feb 6 14:56:12 PST 2009
darcs patch: Properly handle Yadis discovery failure
"The library does not curently handle failures during Yadis discovery properly. Specifically, if Yadis discovery fails, and discovery WAS being done with an XRDS document, then non-Yadis discovery should be attempted.
The use-case I'm dealing with right now that exposes this bug is when an XRDS document location is advertised (via HTTP response header or <meta /> HTML tag), but the document is not able to be retrieved for whatever reason. The library is failing in this case, instead of continuing to attempt non-Yadis discovery.
This patch includes two changes:
- change to Yadis/Yadis.php that properly detects if XRDS was used
- change to OpenID/Discovery.php that prevents discovery from halting in the
above example"
This patch was in the form of a Darcs patch, not a normal patch. So solve this, I applied it to the Darcs repository found on openidenabled, then created a new diff file between the original Darcs repo and the new one (with the patch applied) so that I could apply it to this git repo.
All hunks were applied successfully.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
http://lists.openidenabled.com/pipermail/dev/attachments/20090113/8ed067b3/attachment.bin
Original Message:
will at willnorris.com will at willnorris.com
Sun Jan 4 11:27:26 PST 2009
darcs patch: I'm not entirely sure which versions of PHP are having...
"I've had a number of users report that $this->store is incorrectly evaluating to false, thereby preventing associations from being used. I've been unable to reproduce this myself, but the change is minor enough."
This patch was in the form of a Darcs patch, not a normal patch. So solve this, I applied it to the Darcs repository found on openidenabled, then created a new diff file between the original Darcs repo and the new one (with the patch applied) so that I could apply it to this git repo.
All hunks were applied successfully.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
http://lists.openidenabled.com/pipermail/dev/attachments/20090109/7e344691/attachment-0001.bin
Original Message:
ketmar at ketmar.no-ip.org ketmar at ketmar.no-ip.org
Fri Jan 9 07:51:35 PST 2009
darcs patch: fix for incomplete URIs in "location" http field (for ...
"* fix for incomplete URIs in "location" http field (for technorati and maybe others)"
This patch was in the form of a Darcs patch, not a normal patch. So solve this, I applied it to the Darcs repository found on openidenabled, then created a new diff file between the original Darcs repo and the new one (with the patch applied) so that I could apply it to this git repo.
Hunks were applied successfully.
|
