Final version

account/index.php

@@ -33,11 +33,11 @@
 
 // Request method: GET
 $ajax = checkRequestMode("get");
-
 // User must be logged in
 if (!isUserLoggedIn()){
   addAlert("danger", lang("LOGIN_REQUIRED"));
   apiReturnError($ajax, SITE_ROOT . "login.php");
+
 }
 
 setReferralPage(getAbsoluteDocumentPath(__FILE__));
@@ -47,5 +47,4 @@
 
 header( "Location: $home_page" ) ;
 exit();
-
 ?>

account/logout.php

@@ -28,11 +28,13 @@
 THE SOFTWARE.
 
 */
-
 require_once("../models/config.php");
+require_once("../hybridauth/Hybrid/Auth.php");
 
 // Request method: GET
 $ajax = checkRequestMode("get");
+$config = '../hybridauth/config.php';
+
 
 if (!securePage(__FILE__)){
     apiReturnError($ajax);
@@ -43,6 +45,11 @@
 //Log the user out
 if(isUserLoggedIn())
 {
+    // initialize Hybrid_Auth class with the config file
+   $hybridauth = new Hybrid_Auth($config);
+    //Make HybridAuth forget that the user logged in with a provider
+    $hybridauth->logoutAllProviders();
+    //log out the user from our site
 	$loggedInUser->userLogOut();
 }
 

api/process_login.php

@@ -33,7 +33,7 @@
 
 set_error_handler('logAllErrors');
 
-// Publically accessible API
+// Publicly accessible API
 
 // Request method: POST
 $ajax = checkRequestMode("post");

api/update_plugin_settings.php

@@ -37,7 +37,7 @@
 
 // Check to see if this should be a binary or string value, update accordingly
 if ($results = checkBinaryConfig($name)){
-    // Assume binary data type, hack to simply change to new value rather then using value
+    // Assume binary data type, hack to simply change to new value rather than using value
     if ($results[1] == 1){
         if (updateSitePluginSettings($name, 0)){
             $successes[] = lang("CONFIG_UPDATE_SUCCESSFUL");

api/user_resend_activation.php

@@ -84,7 +84,7 @@
 		{
 			$userdetails = fetchUserAuthByUserName($username);
 
-			//See if the user's account is activation
+			//See if the user's account is active
 			if($userdetails["active"]==1)
 			{
 				$errors[] = lang("ACCOUNT_ALREADY_ACTIVE");

hybridauth/hybridauth/Hybrid/Auth.php → hybridauth/Hybrid/Auth.php

@@ -10,11 +10,11 @@
  *
  * Hybrid_Auth class provide a simple way to authenticate users via OpenID and OAuth.
  *
- * Generally, Hybrid_Auth is the only class you should instansiate and use throughout your application.
+ * Generally, Hybrid_Auth is the only class you should instanciate and use throughout your application.
  */
 class Hybrid_Auth
 {
-	public static $version = "2.4.0";
+	public static $version = "2.4.1";
 
 	public static $config  = array();
 
@@ -380,15 +380,18 @@ public static function getCurrentUrl( $request_uri = true )
 			return '';
 		}
 
+		$protocol = 'http://';
+
 		if(
-			isset( $_SERVER['HTTPS'] ) && ( $_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1 )
-		|| 	isset( $_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'
+			(
+				isset( $_SERVER['HTTPS'] ) && ( $_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1 )
+			) ||
+			(
+				isset( $_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'
+			)
 		){
 			$protocol = 'https://';
 		}
-		else {
-			$protocol = 'http://';
-		}
 
 		$url = $protocol . $_SERVER['HTTP_HOST'];
 

hybridauth/hybridauth/Hybrid/Endpoint.php → hybridauth/Hybrid/Endpoint.php

@@ -201,7 +201,7 @@ protected function authInit()
 
 			// Init Hybrid_Auth
 			try {
-                if(!class_exists("Hybrid_Storage")){
+                if(!class_exists("Hybrid_Storage", false)){
                     require_once realpath( dirname( __FILE__ ) )  . "/Storage.php";
                 }
 

hybridauth/hybridauth/Hybrid/Providers/Google.php → hybridauth/Hybrid/Providers/Google.php

@@ -31,7 +31,7 @@ function initialize()
 		$this->api->token_info_url = "https://www.googleapis.com/oauth2/v2/tokeninfo";
 
 		// Google POST methods require an access_token in the header
-		$this->api->curl_header = array("Authorization: OAuth " . $this->access_token);
+		$this->api->curl_header = array("Authorization: OAuth " . $this->api->access_token);
 
 		// Override the redirect uri when it's set in the config parameters. This way we prevent
 		// redirect uri mismatches when authenticating with Google.
@@ -112,16 +112,18 @@ function getUserProfile()
 					}
 				}
 			}
-            if (count($verified->emails) == 1) {
-                $this->user->profile->emailVerified = $verified->emails[0]->value;
-            } else {
-                foreach ($verified->emails as $email) {
-                    if ($email->type == 'account') {
-                        $this->user->profile->emailVerified = $email->value;
-                        break;
-                    }
-                }
-            }
+			if (property_exists($verified, 'emails')) {
+				if (count($verified->emails) == 1) {
+					$this->user->profile->emailVerified = $verified->emails[0]->value;
+				} else {
+					foreach ($verified->emails as $email) {
+						if ($email->type == 'account') {
+							$this->user->profile->emailVerified = $email->value;
+							break;
+						}
+					}
+				}
+			}
 		}
 		$this->user->profile->phone 		= (property_exists($response,'phone'))?$response->phone:"";
 		$this->user->profile->country 		= (property_exists($response,'country'))?$response->country:"";

hybridauth/hybridauth/Hybrid/Providers/LinkedIn.php → hybridauth/Hybrid/Providers/LinkedIn.php

@@ -22,7 +22,7 @@ function initialize()
 		if ( ! $this->config["keys"]["key"] || ! $this->config["keys"]["secret"] ){
 			throw new Exception( "Your application key and secret are required in order to connect to {$this->providerId}.", 4 );
 		}
-		if ( ! class_exists('OAuthConsumer') ) {
+		if ( ! class_exists('OAuthConsumer', false) ) {
 			require_once Hybrid_Auth::$config["path_libraries"] . "OAuth/OAuth.php";
 		}
 		require_once Hybrid_Auth::$config["path_libraries"] . "LinkedIn/LinkedIn.php";

hybridauth/Hybrid/index.html

@@ -0,0 +1,10 @@
+<html>
+<head>
+	<title>403 Forbidden</title>
+</head>
+<body>
+
+<p>Directory access is forbidden.</p>
+
+</body>
+</html>

hybridauth/Hybrid/resources/index.html

@@ -0,0 +1,10 @@
+<html>
+<head>
+	<title>403 Forbidden</title>
+</head>
+<body>
+
+<p>Directory access is forbidden.</p>
+
+</body>
+</html>

hybridauth/hybridauth/Hybrid/thirdparty/Facebook/base_facebook.php → hybridauth/Hybrid/thirdparty/Facebook/base_facebook.php

@@ -170,6 +170,13 @@ abstract class BaseFacebook
     'www'         => 'https://www.facebook.com/',
   );
 
+  /**
+   * The decoded response object.
+   *
+   * @var mixed
+   */
+  protected $response;
+
   /**
    * The Application ID.
    *
@@ -451,6 +458,16 @@ public function getAccessToken() {
     return $this->accessToken;
   }
 
+  /**
+   * Return the response object afer the fact
+   *
+   * @return mixed
+   */
+  public function getResponse()
+  {
+      return $this->response;
+  }
+
   /**
    * Determines and returns the user access token, first using
    * the signed request if present, and then falling back on
@@ -913,7 +930,7 @@ protected function _graph($path, $method = 'GET', $params = array()) {
     }
     // @codeCoverageIgnoreEnd
 
-    return $result;
+    return $this->response = $result;
   }
 
   /**

hybridauth/hybridauth/Hybrid/thirdparty/OAuth/OAuth.php → hybridauth/Hybrid/thirdparty/OAuth/OAuth.php

@@ -6,7 +6,7 @@
 
 /* Generic exception class
  */
-if (!class_exists('OAuthException')) {
+if (!class_exists('OAuthException', false)) {
   class OAuthException extends Exception {
     // pass
   }