function authorize() { global $globals, $db; if (empty($_GET['code'])) { do_error(_('acceso denegado'), false, false); } try { $this->client->setAccessToken($this->client->authenticate()); if (!($access_token = $this->client->getAccessToken())) { do_error(_('acceso denegado'), false, false); } $response = $this->gplus->people->get('me'); $this->uid = $response['id']; $this->username = User::get_valid_username($response['displayName']); } catch (Exception $e) { do_error(_('error de conexión a') . " {$this->service} (authorize2)", false, false); } $db->transaction(); if (!$this->user_exists()) { $this->url = $response['url']; $this->names = $response['displayName']; $this->avatar = $response['image']['url']; $this->store_user(); } $this->store_auth(); $db->commit(); $this->user_login(); }
function authorize() { global $globals, $db; $fb = new Facebook($globals['facebook_key'], $globals['facebook_secret']); $fb->require_login(); $fb_user = $fb->get_loggedin_user(); if ($_GET['op'] != 'ok' || !$fb_user) { $this->user_return(); } $user_details = $fb->api_client->users_getInfo($fb_user, array('uid', 'name', 'profile_url', 'pic_square')); $this->token = $user_details[0]['uid']; $this->secret = $user_details[0]['uid']; $this->uid = $user_details[0]['uid']; $this->username = preg_replace('/.+?\\/.*?([\\w\\.\\-_]+)$/', '$1', $user_details[0]['profile_url']); // Most Facebook users don't have a name, only profile number if (!$this->username || preg_match('/^\\d+$/', $this->username)) { // Create a name like a uri used in stories if (strlen($user_details[0]['name']) > 2) { $this->username = User::get_valid_username($user_details[0]['name']); } else { $this->username = '******' . $this->username; } } $db->transaction(); if (!$this->user_exists()) { $this->url = $user_details[0]['profile_url']; $this->names = $user_details[0]['name']; $this->avatar = $user_details[0]['pic_square']; $this->store_user(); } $this->store_auth(); $db->commit(); $this->user_login(); }
function authorize() { global $globals, $db; $oauth_token = clean_input_string($_GET['oauth_token']); $request_token_secret = $_COOKIE['oauth_token_secret']; if (!empty($oauth_token) && !empty($request_token_secret)) { $this->oauth->setToken($oauth_token, $request_token_secret); try { $access_token_info = $this->oauth->getAccessToken($this->access_token_url); } catch (Exception $e) { do_error(_('error de conexión a') . " {$this->service} (authorize1)", false, false); } } else { do_error(_('acceso denegado'), false, false); } $this->token = $access_token_info['oauth_token']; $this->secret = $access_token_info['oauth_token_secret']; $this->uid = $access_token_info['user_id']; $this->username = User::get_valid_username($access_token_info['screen_name']); if (!$this->user_exists()) { $this->oauth->setToken($access_token_info['oauth_token'], $access_token_info['oauth_token_secret']); try { $data = $this->oauth->fetch($this->credentials_url); } catch (Exception $e) { do_error(_('error de conexión a') . " {$this->service} (authorize2)", false, false); } if ($data) { $response_info = $this->oauth->getLastResponse(); $response = json_decode($response_info); if ($access_token_info['screen_name'] != $response->screen_name) { do_error(_('datos incorrectos') . " {$this->service}", false, false); } $this->url = $response->url; $this->names = $response->name; $this->avatar = $response->profile_image_url; } $db->transaction(); $this->store_user(); } else { $db->transaction(); } $this->store_auth(); $db->commit(); $this->user_login(); }
function authorize() { global $globals, $db; // syslog(LOG_INFO, "authorize: ".$_SERVER["REQUEST_URI"]); try { $user_profile = $this->facebook->api('/me'); } catch (FacebookApiException $e) { $this->user = null; $this->user_return(); die; } $this->token = $user_profile['id']; $this->secret = $user_profile['id']; $this->uid = $user_profile['id']; $this->username = preg_replace('/.+?\\/.*?([\\w\\.\\-_]+)$/', '$1', $user_profile['username']); // Most Facebook users don't have a name, only profile number if (!$this->username || preg_match('/^\\d+$/', $this->username)) { // Create a name like a uri used in stories if (strlen($user_profile['name']) > 2) { $this->username = User::get_valid_username($user_profile['name']); } else { $this->username = '******' . $this->username; } } $db->transaction(); if (!$this->user_exists()) { $this->url = $user_profile['link']; $this->names = $user_profile['name']; if ($user_profile['username']) { $this->avatar = "http://graph.facebook.com/" . $user_profile['username'] . "/picture"; } $this->store_user(); } $this->store_auth(); $db->commit(); $this->user_login(); }
function save_post($message_id) { global $link, $db, $message, $current_user, $globals, $site_key; $message = new PrivateMessage(); $to_user = User::get_valid_username($_POST['to_user']); if (!$to_user) { echo 'ERROR: ' . _('nombre de usuario erróneo'); die; } $to = User::get_user_id($to_user); if (!$to > 0) { echo 'ERROR: ' . _('usuario erróneo'); die; } if (!PrivateMessage::can_send($current_user->user_id, $to)) { echo 'ERROR: ' . _('el destinatario no lo tiene amigado'); die; } $_POST['post'] = clean_text_with_tags($_POST['post'], 0, false, $globals['posts_len']); if (!empty($_FILES['image']['tmp_name'])) { $limit_exceded = Upload::current_user_limit_exceded($_FILES['image']['size']); if ($limit_exceded) { echo 'ERROR: ' . $limit_exceded; die; } } if (mb_strlen($_POST['post']) < 2) { echo 'ERROR: ' . _('texto muy corto'); die; } if ($current_user->user_id != intval($_POST['author'])) { die; } // Check the post wasn't already stored $message->randkey = intval($_POST['key']); $message->author = $current_user->user_id; $message->to = $to; $message->content = $_POST['post']; $db->transaction(); $dupe = intval($db->get_var("select count(*) from privates where user = {$current_user->user_id} and date > date_sub(now(), interval 5 minute) and randkey = {$message->randkey} FOR UPDATE")); if (!$dupe) { // Verify that there are a period of 1 minute between posts. if (intval($db->get_var("select count(*) from privates where user= {$current_user->user_id} and date > date_sub(now(), interval 15 second)")) > 0) { echo 'ERROR: ' . _('debe esperar 15 segundos entre mensajes'); $db->rollback(); die; } // Verify that there less than X messages from the same user in a day if (intval($db->get_var("select count(*) from privates where user= {$current_user->user_id} and date > date_sub(now(), interval 1 day)")) > 160) { echo 'ERROR: ' . _('demasiados mensajes en un día'); die; } $db->commit(); $message->store(); notify_user($current_user->user_id, $to, $message->content); User::add_notification($message->to, 'private'); } else { $db->commit(); echo 'ERROR: ' . _('mensaje grabado previamente'); die; } // Check image upload or delete if ($_POST['image_delete']) { $message->delete_image(); } else { $message->store_image_from_form('image'); } $message = PrivateMessage::from_db($message->id); // Reread the object $message->print_summary(); }
// You should have received a copy of the GNU Affero General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. // It's licensed under the AFFERO GENERAL PUBLIC LICENSE unless stated otherwise. // You can get copies of the licenses here: // http://www.affero.org/oagpl.html // AFFERO GENERAL PUBLIC LICENSE is also included in the file called "COPYING". include 'config.php'; include mnminclude . 'html1.php'; $globals['extra_js'][] = 'autocomplete/jquery.autocomplete.min.js'; $globals['extra_css'][] = 'jquery.autocomplete.css'; $globals['extra_js'][] = 'jquery.user_autocomplete.js'; $page_size = 20; $offset = (get_current_page() - 1) * $page_size; $globals['ads'] = true; $u1 = User::get_valid_username(clean_input_string($_REQUEST['u1'])); $u2 = User::get_valid_username(clean_input_string($_REQUEST['u2'])); $id1 = User::get_user_id($u1); $id2 = User::get_user_id($u2); switch ($_REQUEST['type']) { case 'comments': $type = 'comments'; $prefix = 'comment'; break; case 'posts': default: $type = 'posts'; $prefix = 'post'; } do_header(sprintf(_('debate entre %s y %s'), $u1, $u2)); do_tabs('main', _('debate'), $globals['uri']); /*** SIDEBAR ****/