Hybrid Auth and e107 XUP - initial work, ready for testing

2025-01-17 04:38:27 +01:00 · 2012-07-31 07:32:00 +00:00 · 2012-07-31 07:32:00 +00:00 · c7d1b78673
commit c7d1b78673
parent 464814c3c3
6 changed files with 764 additions and 12 deletions
--- a/e107_core/controllers/system/xup.php
+++ b/e107_core/controllers/system/xup.php
@ -0,0 +1,105 @@
+<?php
+/*
+ * e107 website system
+ *
+ * Copyright (C) 2008-2011 e107 Inc (e107.org)
+ * Released under the terms and conditions of the
+ * GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
+ *
+ * System XUP controller
+ *
+ * $URL$
+ * $Id$
+*/
+class core_system_xup_controller extends eController
+{
+	
+	public function actionSignup()
+	{
+		echo 'Signup controller';
+
+		// FIXME - pref for default XUP - e.g. Facebook, use it when GET is empty
+		if(vartrue($_GET['provider']))
+		{
+			require_once(e_HANDLER."user_handler.php");
+			$provider = new e_user_provider($_GET['provider']);
+			//$provider->setBackUrl(e107::getUrl()->create('system/xup/endpoint', array(), array('full' => true)));
+			try
+			{
+				$provider->signup('system/xup/test'); // redirect to test page is expected, if true - redirect to SITEURL
+			}
+			catch (Exception $e)
+			{
+				e107::getMessage()->addError('['.$e->getCode().']'.$e->getMessage());
+				print_a($provider->getUserProfile());
+				echo '<br /><br /><a href="'.e107::getUrl()->create('system/xup/test').'">Test page</a>';
+				return;
+			}
+			print_a($provider->getUserProfile());
+			return;
+		}
+		
+		e107::getRedirect()->redirect(e107::getUrl()->create('system/xup/test'));
+	}
+	
+	public function actionLogin()
+	{
+		echo 'Login controller';
+
+		// FIXME - pref for default XUP - e.g. Facebook, use it when GET is empty
+		if(vartrue($_GET['provider']))
+		{
+			require_once(e_HANDLER."user_handler.php");
+			$provider = new e_user_provider($_GET['provider']);
+			//$provider->setBackUrl(e107::getUrl()->create('system/xup/endpoint', array(), array('full' => true)));
+			try
+			{
+				$provider->login('system/xup/test'); // redirect to test page is expected, if true - redirect to SITEURL
+			}
+			catch (Exception $e)
+			{
+				e107::getMessage()->addError('['.$e->getCode().']'.$e->getMessage());
+				print_a($provider->getUserProfile());
+				echo '<br /><br /><a href="'.e107::getUrl()->create('system/xup/test').'">Test page</a>';
+				return;
+			}
+			print_a($provider->getUserProfile());
+			return;
+		}
+		e107::getRedirect()->redirect(e107::getUrl()->create('system/xup/test'));
+	}
+	
+	public function actionTest()
+	{
+		echo 'Login controller<br /><br />';
+		
+		if(isset($_GET['lgt']))
+		{
+			e107::getUser()->logout();
+		}
+		
+		echo 'Logged in: '.(e107::getUser()->isUser() ? 'true' : 'false');
+		
+		$provider = e107::getUser()->getProvider();
+		if($provider) print_a($provider->getUserProfile());
+		
+		echo '<br /><br /><a href="'.e107::getUrl()->create('system/xup/test?lgt').'">Test logout</a>';
+		echo '<br /><a href="'.e107::getUrl()->create('system/xup/login?provider=Facebook').'">Test login with Facebook</a>';
+		echo '<br /><a href="'.e107::getUrl()->create('system/xup/signup?provider=Facebook').'">Test signup with Facebook</a>';
+	}
+	
+	public function actionEndpoint()
+	{
+		require_once( e_HANDLER."hybridauth/Hybrid/Auth.php" );
+		require_once( e_HANDLER."hybridauth/Hybrid/Endpoint.php" ); 
+		try 
+		{
+			Hybrid_Endpoint::process();
+		}
+		catch (Exception $e)
+		{
+			e107::getMessage()->addError('['.$e->getCode().']'.$e->getMessage());
+		}
+		//echo 'End point';
+	}
+}
--- a/e107_handlers/e107_class.php
+++ b/e107_handlers/e107_class.php
@ -191,6 +191,7 @@ class e107
 		'eUrl'							 => '{e_HANDLER}e107Url.php',
 		'eUrlConfig'					 => '{e_HANDLER}application.php',
 		'eUrlRule'						 => '{e_HANDLER}application.php',
+		'Hybrid_Auth'					 => '{e_HANDLER}hybridauth/Hybrid/Auth.php',
 		'language'						 => '{e_HANDLER}language_class.php',
 		'news'							 => '{e_HANDLER}news_class.php',
 		'notify'						 => '{e_HANDLER}notify_class.php',
@ -1291,6 +1292,20 @@ class e107
 		return self::getObject('xmlClass', null, true);
 	}
 	
+	/**
+	 * Retrieve HybridAuth object
+	 *
+	 * @return Hybrid_Auth
+	 */
+	public static function getHybridAuth()
+	{
+		$config = array(
+			'base_url' => e107::getUrl()->create('system/xup/endpoint', array(), array('full' => true)), 
+			'providers' => e107::getPref('social_login', array())	
+		);
+		return new Hybrid_Auth($config);
+	}
+
 	/**
 	 * Retrieve userclass singleton object
 	 *
--- a/e107_handlers/login.php
+++ b/e107_handlers/login.php
@ -86,7 +86,10 @@ class userlogin
 		$tp = e107::getParser();
 		$sql = e107::getDb();
 		
-		if($username == "" || (($userpass == "") && ($response == '')))
+		$forceLogin = ($autologin === 'signup');
+		if(!$forceLogin && $autologin === 'provider') $forceLogin = 'provider';
+
+		if($username == "" || (($userpass == "") && ($response == '') && $forceLogin !== 'provider'))
 		{	// Required fields blank
 			return $this->invalidLogin($username,LOGIN_BLANK_FIELD);
 		}
@ -95,7 +98,6 @@ class userlogin
 //		$this->e107->check_ban("banlist_ip='{$this->userIP}' ",FALSE);			// This will exit if a ban is in force
 		e107::getIPHandler()->checkBan("banlist_ip='{$this->userIP}' ",FALSE);			// This will exit if a ban is in force
 		
-		$forceLogin = ($autologin == 'signup');
 		$autologin = intval($autologin);		// Will decode to zero if forced login
 		$authorized = false;
 		if (!$forceLogin && $this->e107->isInstalled('alt_auth'))
@ -279,13 +281,14 @@ class userlogin
 		{	// See if we're to force a page immediately following login - assumes $pref['frontpage_force'] is an ordered list of rules
 //		  $log_info = "New user: ".$this->userData['user_name']."  Class: ".$this->userData['user_class']."  Admin: ".$this->userData['user_admin']."  Perms: ".$this->userData['user_perms'];
 //		  $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Login Start",$log_info,FALSE,FALSE);
+			// FIXME - front page now supports SEF URLs - make a check here
 			foreach ($pref['frontpage_force'] as $fk=>$fp)
 			{
 				if (in_array($fk,$class_list))
 				{  // We've found the entry of interest
 					if (strlen($fp))
 					{
-						$redir = ((strpos($fp, 'http') === FALSE) ? e_BASE : '').$this->e107->tp->replaceConstants($fp, TRUE, FALSE);
+						$redir = ((strpos($fp, 'http') === FALSE) ? SITEURL : '').$this->e107->tp->replaceConstants($fp, TRUE, FALSE);
 		//				$this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Redirect active",$redir,FALSE,FALSE);
 					}
 					break;
@ -356,6 +359,11 @@ class userlogin

 		$username = preg_replace("/\sOR\s|\=|\#/", "", $username);
 		
+		if($forceLogin === 'provider')
+		{
+			return "{$dbAlias}`user_xup`='".$this->e107->tp->toDB($username)."'";
+		}
+
        $qry[0] = "{$dbAlias}`user_loginname`= '".$this->e107->tp->toDB($username)."'";  // username only  (default)
 		$qry[1] = "{$dbAlias}`user_email` = '".$this->e107->tp->toDB($username)."'";   // email only
 		$qry[2] = (strpos($username,'@') !== FALSE ) ? "{$dbAlias}`user_loginname`= '".$this->e107->tp->toDB($username)."'  OR {$dbAlias}`user_email` = '".$this->e107->tp -> toDB($username)."'" : $qry[0];  //username or email
@ -379,6 +387,9 @@ class userlogin
 	protected function checkUserPassword($userpass, $response, $forceLogin)
 	{
 		$pref = e107::getPref();
+		
+		if($forceLogin === 'provider') return true;
+		
 		if ($this->lookEmail && varsettrue($pref['passwordEncoding']))
 		{
 			$tmp = unserialize($this->userData['user_prefs']);
--- a/e107_handlers/user_handler.php
+++ b/e107_handlers/user_handler.php
@ -828,10 +828,290 @@ Following fields auto-filled in code as required:
 	}
 }

+class e_user_provider
+{
+	/**
+	 * @var string
+	 */
+	protected $_provider;
+	
+	/**
+	 * Hybridauth adapter
+	 * @var Hybrid_Provider_Model
+	 */
+	public $adapter;
+	
+	/**
+	 * Hybridauth object
+	 * @var Hybrid_Auth
+	 */
+	public $hybridauth;
+	protected $_config = array();
+	
+	public function __construct($provider, $config = array())
+	{
+		if(!empty($config))
+		{
+			$this->_config = $config;
+			$this->hybridauth = new Hybrid_Auth($this->_config);
+		}
+		else 
+		{
+			$this->_config = array(
+				"base_url" => e107::getUrl()->create('system/xup/endpoint', array(), array('full' => true)), 
+				"providers" => e107::getPref('social_login', array())	
+			);
+			$this->hybridauth = e107::getHybridAuth();
+		}
+
+		$this->setProvider($provider);
+		//require_once(e_HANDLER."hybridauth/Hybrid/Auth.php");
+	}
+	
+	public function setProvider($provider)
+	{
+		$this->_provider = $provider && isset($this->_config['providers'][$provider]) ? $provider : null;
+	}
+	
+	public function setBackUrl($url)
+	{
+		# system/xup/endpoint by default
+		$this->_config['base_url'] = $url;
+	}
+	
+	public function getProvider()
+	{
+		return $this->_provider;
+	}
+	
+	public function getConfig()
+	{
+		return $this->_config;
+	}
+	
+	public function getUserProfile()
+	{
+		if($this->adapter)
+		{
+			return $this->adapter->getUserProfile();
+		}
+		return null;
+	}
+	
+	public function userId()
+	{
+		if($this->adapter && $this->adapter->getUserProfile()->identifier)
+		{
+			return $this->getProvider().'_'.$this->adapter->getUserProfile()->identifier;
+		}
+		return null;
+	}
+	
+	public function signup($redirectUrl = true, $loginAfterSuccess = true, $emailAfterSuccess = true)
+	{
+		if(!e107::getPref('social_login_active', false))
+		{
+			throw new Exception( "Signup failed! This feature is disabled.", 100); // TODO lan
+		}
+		
+		if(!$this->getProvider()) 
+		{
+			throw new Exception( "Signup failed! Wrong provider.", 2); // TODO lan
+		}
+		
+		if($redirectUrl)
+		{
+			if(true === $redirectUrl)
+			{
+				$redirectUrl = SITEURL;
+			}
+			elseif(strpos($redirectUrl, 'http://') !== 0 && strpos($redirectUrl, 'https://') !== 0)
+			{
+				$redirectUrl = e107::getUrl()->create($redirectUrl);
+			}
+		}
+		
+		if(e107::getUser()->isUser())
+		{
+			throw new Exception( "Signup failed! User already signed in. ", 1); // TODO lan
+		}
+		
+		$this->adapter = $this->hybridauth->authenticate($this->getProvider());
+		$profile = $this->adapter->getUserProfile();
+		
+		// returned back, if success...
+		if($profile->identifier)
+		{
+			$sql = e107::getDb();
+			$userMethods = e107::getUserSession();
+			
+			$plainPwd = $userMethods->generateRandomString('************'); // auto plain passwords
+			
+			// TODO - auto login name, shouldn't be used if system set to user_email login...
+			$userdata['user_loginname'] = $this->getProvider().$userMethods->generateUserLogin(e107::getPref('predefinedLoginName', '_..#..#..#')); 
+			$userdata['user_email'] = $sql->escape($profile->emailVerified ? $profile->emailVerified : $profile->email);
+			$userdata['user_name'] = $sql->escape($profile->displayName);
+			$userdata['user_login'] = $userdata['user_name'];
+			$userdata['user_customtitle'] = ''; // not used
+			$userdata['user_password'] = $userMethods->HashPassword($plainPwd, $userdata['user_loginname']); // pwd
+			$userdata['user_sess'] = $profile->photoURL; // should we?
+			$userdata['user_image'] = ''; // not used
+			$userdata['user_signature'] = ''; // not used
+			$userdata['user_hideemail'] = 1; // hide it by default
+			$userdata['user_xup'] = $sql->escape($this->userId());
+			$userdata['user_class'] = ''; // TODO - check (with Steve) initial class for new users feature...
+			
+			// user_name, user_xup, user_email and user_loginname shouldn't match
+			if($sql->db_Count("user", "(*)", "user_xup='".$sql->escape($this->userId())."' OR user_email='{$userdata['user_email']}' OR user_loginname='{$userdata['user_loginname']}' OR user_name='{$userdata['user_name']}'"))
+			{
+				throw new Exception( "Signup failed! User already exists. Please use 'login' instead.", 3); // TODO lan
+			}
+			
+			if(empty($userdata['user_email']))
+			{
+				throw new Exception( "Signup failed! Can't access user email - registration without an email is impossible.", 4); // TODO lan
+			}
+			
+			// other fields
+			$now = time(); 
+			$userdata['user_id'] = null;
+			$userdata['user_join'] = $now;
+			$userdata['user_lastvisit'] = 0;
+			$userdata['user_currentvisit'] = 0;
+			$userdata['user_comments'] = 0;
+			$userdata['user_ip'] = e107::getIPHandler()->getIP(FALSE);
+			$userdata['user_ban'] = USER_VALIDATED;
+			$userdata['user_prefs'] = '';
+			$userdata['user_visits'] = 0;
+			$userdata['user_admin'] = 0;
+			$userdata['user_perms'] = '';
+			$userdata['user_realm'] = '';
+			$userdata['user_pwchange'] = $now;
+			
+			$user = e107::getSystemUser(0, false);
+			$user->setData($userdata);
+			$user->getExtendedModel(); // init
+			//$user->setEditor(e107::getSystemUser(1, false));
+			$user->save(true);
+			
+			// user model error
+			if($user->hasError())
+			{
+				throw new Exception($user->renderMessages(), 5); 
+			}
+			
+			### Successful signup!
+			
+			// FIXME documentation of new signup trigger - usersupprov
+			//$user->set('provider', $this->getProvider());
+			$userdata = $user->getData();
+			$userdata['provider'] = $this->getProvider();
+			
+			$ret = e107::getEvent()->trigger('usersupprov', $userdata);	// XXX - it's time to pass objects instead of array? 
+			if(true === $ret) return $this;
+			
+			// send email
+			if($emailAfterSuccess)
+			{
+				$user->set('user_password', $plainPwd)->email('signup'); 
+			}
+			
+			e107::getUser()->setProvider($this);
+			
+			// auto login
+			if($loginAfterSuccess)
+			{
+				e107::getUser()->loginProvider($this->userId()); // if not proper after-login, return true so user can see login screen
+			}
+			
+			if($redirectUrl)
+			{
+				e107::getRedirect()->redirect($redirectUrl);
+			}
+			
+			return true;
+		}
+
+		return false;
+	}
+	
+	public function login($redirectUrl = true)
+	{
+		if(!e107::getPref('social_login_active', false))
+		{
+			throw new Exception( "Signup failed! This feature is disabled.", 100); // TODO lan
+		}
+		
+		if(!$this->getProvider()) 
+		{
+			throw new Exception( "Login failed! Wrong provider.", 22); // TODO lan
+		}
+		
+		if($redirectUrl)
+		{
+			if(true === $redirectUrl)
+			{
+				$redirectUrl = SITEURL;
+			}
+			elseif(strpos($redirectUrl, 'http://') !== 0 && strpos($redirectUrl, 'https://') !== 0)
+			{
+				$redirectUrl = e107::getUrl()->create($redirectUrl);
+			}
+		}
+		
+		if(e107::getUser()->isUser())
+		{
+			if($redirectUrl)
+			{
+				e107::getRedirect()->redirect($redirectUrl);
+			}
+			return true; 
+		}
+		
+		$this->adapter = $this->hybridauth->authenticate($this->getProvider());
+		$check = e107::getUser()->setProvider($this)->loginProvider($this->userId(), false);
+		
+		if($redirectUrl)
+		{
+			e107::getRedirect()->redirect($redirectUrl);
+		}
+		
+		return $check;
+	}
+	
+	public function init()
+	{
+		if(!e107::getPref('social_login_active', false))
+		{
+			return;
+		}
+		$this->adapter = null;
+		$providerId = $this->_provider;
+		if($providerId && Hybrid_Auth::isConnectedWith($providerId))
+		{
+			$this->adapter = Hybrid_Auth::setup($providerId);
+		}
+	}
+	
+	public function logout()
+	{
+		if(!e107::getPref('social_login_active', false) || !$this->adapter || !Hybrid_Auth::isConnectedWith($this->getProvider())) return true;
+		try
+		{
+			$this->adapter->logout();
+			$this->adapter = null;
+		}
+		catch(Exception $e)
+		{
+			return $e->getMessage();
+		}
+		return true;
+	}
+	
+}


-
-e107::includeLan(e_LANGUAGEDIR.e_LANGUAGE."/admin/lan_administrator.php");
+e107::coreLan('administrator', true);

 class e_userperms
 {
--- a/e107_handlers/user_model.php
+++ b/e107_handlers/user_model.php
@ -703,6 +703,28 @@ class e_user_model extends e_admin_model
 		return $this;
 	}
 	
+	/**
+	 * New - External login providers support
+	 * @return string Provider name
+	 */
+	public function getProviderName()
+	{
+		if($this->get('user_xup'))
+		{
+			return array_shift(explode('_', $this->get('user_xup')));
+		}
+		return null;
+	}
+	
+	/**
+	 * New - External login providers support
+	 * @return boolean Check if there is external provider data
+	 */
+	public function hasProviderName()
+	{
+		return $this->has('user_xup');
+	}
+
 	/**
 	 * Get user extended model
 	 *
@ -876,9 +898,9 @@ class e_user_model extends e_admin_model
 	/**
 	 * Send model data to DB
 	 */
-	public function save($force = false, $session = false)
+	public function save($noEditorCheck = false, $force = false, $session = false)
 	{
-		if (!$this->checkEditorPerms())
+		if (!$noEditorCheck && !$this->checkEditorPerms())
 		{
 			return false; // TODO - message, admin log
 		}
@ -960,6 +982,204 @@ class e_system_user extends e_user_model
 		//return ($this->getId() && $this->getId() == e107::getUser()->getId());
 		return false;
 	}
+	
+	/**
+	 * Send user email
+	 * @param mixed $userInfo array data or null for current logged in user or any object subclass of e_object (@see e_system_user::renderEmail() for field requirements)
+	 */
+	public function email($type = 'default', $options = array(), $userInfo = null)
+	{
+		
+		if(null === $userInfo)
+		{
+			$userInfo = $this->getData();
+		}
+		elseif(is_object($userInfo) && get_class($userInfo) == 'e_object' || is_subclass_of($userInfo, 'e_object'))
+		{
+			$userInfo = $userInfo->getData();
+		}
+		
+		if(empty($userInfo) || !vartrue($userInfo['user_email'])) return false;
+		
+		if($options && is_array($options))
+		{
+			$userInfo = array_merge($options, $userInfo);
+		}
+		
+		$eml = $this->renderEmail($userInfo, $type);
+		if(empty($eml)) return false;
+		
+		$mailer = e107::getEmail();
+		return $mailer->sendEmail($userInfo['user_email'], $userInfo['user_name'], $eml, false);
+	}
+	
+	/**
+	 * Render user email. 
+	 * Additional user fields:
+	 * 'mail_subject' -> required when type is not signup
+	 * 'mail_body' -> required when type is not signup
+	 * 'mail_copy_to' -> optional, carbon copy, used when type is not signup
+	 * 'mail_bcopy_to' -> optional, blind carbon copy, used when type is not signup
+	 * 'mail_attach' -> optional, attach files, available for all types, additionally it overrides $SIGNUPEMAIL_ATTACHMENTS when type is signup
+	 * 'mail_options' -> optional, available for all types, any additional valid mailer option as described in e107Email::sendEmail() phpDoc help (options above can override them)
+	 * All standard user fields from the DB (user_name, user_loginname, etc.)
+	 * 
+	 * @param array $userInfo
+	 * @param string $type signup|notify|default
+	 * @return array
+	 */
+	public function renderEmail($type, $userInfo)
+	{	
+		$pref = e107::getPref();
+		$ret = array();
+		
+		// mailer options
+		if(isset($userInfo['mail_options']) && is_array($userInfo['mail_options']))
+		{
+			$ret = $userInfo['mail_options'];
+		}
+
+		// FIXME convert to the new template to avoid include on every call
+		// BC
+		if (file_exists(THEME.'email_template.php'))
+		{
+			include(THEME.'email_template.php');
+		}
+		else
+		{
+			// new standards
+			include(e107::coreTemplatePath('email'));
+		}
+		
+		$template = '';
+		switch ($type) 
+		{
+			case 'signup':
+				if(vartrue($SIGNUPPROVIDEREMAIL_TEMPLATE)) $template = $SIGNUPPROVIDEREMAIL_TEMPLATE; 
+				else $template = $SIGNUPEMAIL_TEMPLATE;
+			break;
+				
+			case 'notify':
+				if(vartrue($userInfo['mail_body'])) $template = $NOTIFY_HEADER.$userInfo['mail_body'].$NOTIFY_FOOTER; 
+			break;
+				
+			case 'default':
+				if(vartrue($userInfo['mail_body'])) $template = $EMAIL_HEADER.$userInfo['mail_body'].$EMAIL_FOOTER; 
+			break;
+		}
+		
+		if(!$template) return array();
+
+		// signup email only
+		if($type == 'signup')
+		{
+			$pass_show = $userInfo['user_password'];
+			
+			$ret['mail_recipient_id'] = $userInfo['user_id'];
+			if (vartrue($SIGNUPEMAIL_CC)) { $ret['mail_copy_to'] = $SIGNUPEMAIL_CC; }
+			if (vartrue($SIGNUPEMAIL_BCC)) { $ret['mail_bcopy_to'] = $SIGNUPEMAIL_BCC; }
+			if (vartrue($userInfo['mail_attach'])) { $ret['mail_attach'] = $userInfo['mail_attach']; }
+			elseif (vartrue($SIGNUPEMAIL_ATTACHMENTS)) { $ret['mail_attach'] = $SIGNUPEMAIL_ATTACHMENTS; }
+			
+			$style = vartrue($SIGNUPEMAIL_LINKSTYLE) ? "style='{$SIGNUPEMAIL_LINKSTYLE}'" : "";
+		
+			$search[0] = '{LOGINNAME}';
+			$replace[0] = intval($pref['allowEmailLogin']) === 0 ? $userInfo['user_loginname'] : $userInfo['user_email'];
+		
+			$search[1] = '{PASSWORD}';
+			$replace[1] = $pass_show;
+		
+			$search[2] = '{ACTIVATION_LINK}';
+			$replace[2] = '';
+		
+			$search[3] = '{SITENAME}';
+			$replace[3] = SITENAME;
+		
+			$search[4] = '{SITEURL}';
+			$replace[4] = "<a href='".SITEURL."' {$style}>".SITEURL."</a>";
+		
+			$search[5] = '{USERNAME}';
+			$replace[5] = $userInfo['user_name'];
+		
+			$search[6] = '{USERURL}';
+			$replace[6] = varsettrue($userInfo['user_website']) ? $userInfo['user_website'] : "";
+			
+			$search[7] = '{DISPLAYNAME}';
+			$replace[7] = $userInfo['user_login'] ? $userInfo['user_login'] : $userInfo['user_name'];
+			
+			$search[8] = '{EMAIL}';
+			$replace[8] = $userInfo['user_email'];
+		
+			$subject = str_replace($search, $replace, $SIGNUPEMAIL_SUBJECT);
+			$ret['mail_subject'] =  $subject;
+			$ret['send_html'] = TRUE;
+		
+			$HEAD = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n";
+			$HEAD .= "<html xmlns='http://www.w3.org/1999/xhtml' >\n";
+			$HEAD .= "<head><meta http-equiv='content-type' content='text/html; charset=utf-8' />\n";
+			$HEAD .= ($SIGNUPEMAIL_USETHEME == 1) ? "<link rel=\"stylesheet\" href=\"".SITEURLBASE.THEME_ABS."style.css\" type=\"text/css\" />\n" : "";
+		    $HEAD .= "<title>".LAN_SIGNUP_58."</title>\n";
+			
+			if($SIGNUPEMAIL_USETHEME == 2)
+			{
+				$CSS = file_get_contents(THEME."style.css");
+				$HEAD .= "<style>\n".$CSS."\n</style>";
+			}
+		
+			$HEAD .= "</head>\n";
+			if(vartrue($SIGNUPEMAIL_BACKGROUNDIMAGE))
+			{
+				$HEAD .= "<body background=\"".$SIGNUPEMAIL_BACKGROUNDIMAGE."\" >\n";
+			}
+			else
+			{
+				$HEAD .= "<body>\n";
+			}
+			$FOOT = "\n</body>\n</html>\n";
+		
+			$ret['mail_body'] = str_replace($search,$replace,$HEAD.$template.$FOOT);
+			$ret['preview'] = $ret['mail_body'];// Non-standard field
+			return $ret;
+		}
+
+		// all other email types
+		$subject = $userInfo['mail_subject'];
+		
+		if(!$subject) return array();
+		
+		$ret['mail_recipient_id'] = $userInfo['user_id'];
+		if (vartrue($userInfo['mail_copy_to'])) { $ret['mail_copy_to'] = $userInfo['mail_copy_to']; }
+		if (vartrue($userInfo['mail_bcopy_to'])) { $ret['mail_bcopy_to'] = $userInfo['mail_bcopy_to']; }
+		if (vartrue($userInfo['mail_attach'])) { $ret['mail_attach'] = $userInfo['mail_attach']; }
+		
+		$search[0] = '{LOGINNAME}';
+		$replace[0] = intval($pref['allowEmailLogin']) === 0 ? $userInfo['user_loginname'] : $userInfo['user_email'];
+		
+		$search[1] = '{DISPLAYNAME}';
+		$replace[1] = $userInfo['user_login'] ? $userInfo['user_login'] : $userInfo['user_name'];
+		
+		$search[2] = '{EMAIL}';
+		$replace[2] = $userInfo['user_email'];
+	
+		$search[3] = '{SITENAME}';
+		$replace[3] = SITENAME;
+	
+		$search[4] = '{SITEURL}';
+		$replace[4] = "<a href='".SITEURL."'>".SITEURL."</a>";
+	
+		$search[5] = '{USERNAME}';
+		$replace[5] = $userInfo['user_name'];
+	
+		$search[6] = '{USERURL}';
+		$replace[6] = vartrue($userInfo['user_website']) ? $userInfo['user_website'] : "";
+	
+		$ret['mail_subject'] =  str_replace($search, $replace, $subject);
+		$ret['send_html'] = TRUE;
+		$ret['mail_body'] = str_replace($search, $replace, $template);
+		$ret['preview'] = $ret['mail_body']; // Non-standard field
+		
+		return $ret;
+	}
 }

 /**
@ -979,6 +1199,11 @@ class e_user extends e_user_model
 	private $_parent_extstruct = null;
 	private $_parent_config = null;
 	
+	/**
+	 * @var Hybrid_Provider_Model
+	 */
+	protected $_provider;
+
 	public function __construct()
 	{
 		$this->setSessionData() // retrieve data from current session
@ -1007,6 +1232,53 @@ class e_user extends e_user_model
 		return $this->_parent_id;
 	}
 	
+	/**
+	 * Init external user login/signup provider
+	 * @return e_system_user
+	 */
+	public function initProvider()
+	{
+		if(null !== $this->_provider) return $this;
+
+		if($this->get('user_xup'))
+		{
+			$providerId = $this->getProviderName();
+			require_once(e_HANDLER.'user_handler.php');
+			$this->_provider = new e_user_provider($providerId);
+			$this->_provider->init();
+		}
+	}
+	
+	/**
+	 * Get external user provider
+	 * @return Hybrid_Provider_Model
+	 */
+	public function getProvider()
+	{
+		if(null === $this->_provider) $this->initProvider();
+		return $this->_provider;
+	}
+	
+	
+	/**
+	 * Set external user provider (already initialized)
+	 * @return e_user
+	 */
+	public function setProvider($provider)
+	{
+		$this->_provider = $provider;
+		return $this;
+	}
+	
+	/**
+	 * Check if this user has assigned login provider
+	 * @return boolean
+	 */
+	public function hasProvider()
+	{
+		return ($this->getProvider() !== null);
+	}
+
 	/**
 	 * User login
 	 * @param string $uname
@ -1029,6 +1301,26 @@ class e_user extends e_user_model
 		return $this->isUser();
 	}
 	
+	/**
+	 * User login via external user provider
+	 * @param string $xup external user provider identifier
+	 * @return boolean success
+	 */
+	final public function loginProvider($xup)
+	{
+		if(!e107::getPref('social_login_active', false))  return false;
+		
+		if($this->isUser()) return true;
+		
+		$userlogin = new userlogin();
+		$userlogin->login($xup, '', 'provider', false, true);
+		
+		$this->setSessionData(true)
+			->setData($userlogin->getUserData());
+
+		return $this->isUser();
+	}
+
 	/**
 	 * Login as another user account
 	 * @param integer $user_id
@ -1082,6 +1374,10 @@ class e_user extends e_user_model
 	 */
 	final public function logout()
 	{
+		if($this->hasProvider())
+		{
+			$this->getProvider()->logout();
+		}
 		$this->logoutAs()
 			->_destroySession();

@ -1116,6 +1412,42 @@ class e_user extends e_user_model
 		return $this;
 	}
 	
+	public function tryProviderSession($deniedAs)
+	{
+		// don't allow if main admin browse front-end or there is already user session
+		if((!$deniedAs && $this->getSessionDataAs()) || null !== $this->_session_data || !e107::getPref('social_login_active', false)) return $this;
+		
+		// detect all currently connected providers
+		$hybrid = e107::getHybridAuth(); // init the auth class
+
+		$connected = Hybrid_Auth::getConnectedProviders();
+		
+		// no active session found 
+		if(!$connected) return $this;
+		
+		// query DB
+		$sql = e107::getDb();
+		$where = array();
+		foreach ($connected as $providerId) 
+		{
+			$adapter = Hybrid_Auth::getAdapter($providerId);
+			
+			if(!$adapter->getUserProfile()->identifier) continue;
+			
+			$id = $providerId.'_'.$adapter->getUserProfile()->identifier;
+			$where[] = "user_xup='".$sql->escape($id)."'";
+		}
+		$where = implode(' OR ', $where);
+		if($sql->db_Select('user', 'user_id, user_password, user_xup', $where))
+		{
+			$user = $sql->db_Fetch();
+			e107::getUserSession()->makeUserCookie($user);
+			$this->setSessionData();
+		}
+		
+		return $this;
+	}
+
 	/**
 	 * TODO load user data by cookie/session data
 	 * @return e_user
@ -1134,6 +1466,9 @@ class e_user extends e_user_model
 			return $this;
 		}
 		
+		// NEW - new external user login provider feature
+		$this->tryProviderSession($denyAs);
+
 		// We have active session
 		if(null !== $this->_session_data)
 		{
@ -1169,6 +1504,10 @@ class e_user extends e_user_model

 				// currently does nothing
 				$this->_initConstants();
+				
+				// init any available external user provider
+				if(e107::getPref('social_login_active', false)) $this->initProvider();
+				
 				return $this;
 			}

--- a/signup.php
+++ b/signup.php
@ -622,13 +622,15 @@ if (isset($_POST['register']))
 				require_once(e_HANDLER.'mail.php');
 				$mailer = new e107Email();
 				
-				if(!$mailer->sendEmail($allData['data']['user_email'], $allData['data']['user_name'], $eml,FALSE))
+				// FIX - sendEmail returns TRUE or error message...
+				if(true !== $mailer->sendEmail($allData['data']['user_email'], $allData['data']['user_name'], $eml,FALSE))
 				{
 					$error_message = LAN_SIGNUP_42; // There was a problem, the registration mail was not sent, please contact the website administrator.
 				}
 				unset($allData['data']['user_password']);
 			}
 			$e_event->trigger('usersup', $_POST);  // Old trigger - send everything in the template, including extended fields.
+			// FIXME - undocummented feature - userpartial trigger (better trigger name?)
 			$e_event->trigger('userpartial', array_merge($allData['data'],$eufVals['data']));  // New trigger - send everything in the template, including extended fields.

 			require_once(HEADERF);