Beispiel #1
0
 # we're parsing because we only support sets right now.
 if ($is_flickr) {
     list($flickr_type, $ignore) = import_flickr_url_type($url);
     $GLOBALS['smarty']->assign_by_ref("flickr_url_type", $flickr_type);
     if ($flickr_type != 'set') {
         $ok = 0;
         $GLOBALS['error']['invalid_flickr_type'] = 1;
     }
 }
 if (!$ok) {
     $GLOBALS['smarty']->display('page_upload3.txt');
     exit;
 }
 # This is an upload from some random remote site
 # Please to make sure you are saying yes, ok?
 if (!post_isset('confirm')) {
     $GLOBALS['smarty']->assign('step', 'confirm');
     $GLOBALS['smarty']->display('page_upload3.txt');
     exit;
 }
 # Am I Google?
 if ($is_flickr) {
     # pass
 } else {
     if ($is_google) {
         if ($feed_url = google_get_mymaps_kml_feed($url)) {
             $url = $feed_url;
         } else {
             $GLOBALS['error']['no_feed_url'] = 1;
             $ok = 0;
         }
<?php

include "include/init.php";
loadlib("api_keys");
loadlib("api_keys_utils");
features_ensure_enabled("api");
features_ensure_enabled("api_register_keys");
login_ensure_loggedin();
$crumb_key = 'api_key';
$GLOBALS['smarty']->assign("crumb_key", $crumb_key);
$step = 1;
if (post_isset('done') && crumb_check($crumb_key)) {
    $ok = 1;
    $title = filter_strict(post_str("title"));
    $description = filter_strict(post_str("description"));
    $callback = filter_strict(post_str("callback"));
    $conf = post_str("confirm");
    if ($ok && !$title) {
        $GLOBALS['smarty']->assign("error", "no_title");
        $ok = 0;
    } else {
        $GLOBALS['smarty']->assign("title", $title);
    }
    if ($ok && !$description) {
        $GLOBALS['smarty']->assign("error", "no_description");
        $ok = 0;
    } else {
        $GLOBALS['smarty']->assign("description", $description);
    }
    if ($ok && $callback) {
        if (!api_keys_utils_is_valid_callback($callback)) {
<?php

include "include/init.php";
login_ensure_loggedin("/account/foursquare/sync/");
$crumb_key = "foursquare_sync";
$GLOBALS['smarty']->assign("crumb_key", $crumb_key);
# put this in a library? which one...
$sync_states = array(0 => 'do not sync 4sq checkins', 1 => 'only sync recent 4sq checkins', 2 => 'sync all 4sq checkins past and future');
if (post_isset("done") && crumb_check($crumb_key)) {
    $ok = 1;
    if (!post_isset("sync")) {
        $update_error = "missing sync";
        $ok = 0;
    }
    if ($ok) {
        $sync = post_int32("sync");
        if (!isset($sync_states[$sync])) {
            $update_error = "invalid sync";
            $ok = 0;
        }
    }
    if ($ok) {
        if ($sync != $GLOBALS['cfg']['user']['sync_foursquare']) {
            $update = array('sync_foursquare' => $sync);
            $ok = users_update_user($GLOBALS['cfg']['user'], $update);
            if ($ok) {
                $GLOBALS['cfg']['user'] = users_get_by_id($GLOBALS['cfg']['user']['id']);
            } else {
                $update_error = "db error";
            }
        }
Beispiel #4
0
    error_404();
}
$reset_code = get_str('reset');
if (!$reset_code) {
    # seriously, go away...
    header("location: /");
    exit;
}
$user = users_get_by_password_reset_code($reset_code);
if (!$user) {
    $smarty->assign('error_nouser', 1);
    $smarty->display('page_reset.txt');
    exit;
}
$smarty->assign('reset_code', $reset_code);
if (post_isset('done')) {
    $new_password1 = post_str('new_password1');
    $new_password2 = post_str('new_password2');
    if (!$new_password1 || !$new_password2) {
        $smarty->assign('error_missing_password', 1);
        $smarty->display('page_reset.txt');
        exit;
    }
    if ($new_password1 !== $new_password2) {
        $smarty->assign('error_password_mismatch', 1);
        $smarty->display('page_reset.txt');
        exit;
    }
    if (!users_update_password($user, $new_password1)) {
        $smarty->assign('error_update_failed', 1);
        $smarty->display('page_reset.txt');
# http://www.rfc-editor.org/rfc/rfc6749.txt
include "include/init.php";
features_ensure_enabled("api");
features_ensure_enabled("api_delegated_auth");
features_ensure_enabled("api_authenticate_self");
login_ensure_loggedin();
loadlib("api_keys");
loadlib("api_oauth2_access_tokens");
$crumb_key = 'access_token_authenticate_like_magic';
$GLOBALS['smarty']->assign("crumb_key", $crumb_key);
$perms_map = api_oauth2_access_tokens_permissions_map();
$GLOBALS['smarty']->assign_by_ref("permissions", $perms_map);
$ttl_map = api_oauth2_access_tokens_ttl_map();
$GLOBALS['smarty']->assign_by_ref("ttl_map", $ttl_map);
$step = 1;
if (post_isset("done") && crumb_check($crumb_key)) {
    $ok = 1;
    $title = post_str("title");
    $perms = post_str("perms");
    $ttl = post_int32("ttl");
    $conf = post_str("confirm");
    if ($ok && !$title) {
        $GLOBALS['smarty']->assign("error", "no_title");
        $ok = 0;
    }
    if ($ok && !api_oauth2_access_tokens_is_valid_permission($perms)) {
        $GLOBALS['smarty']->assign("error", "bad_perms");
        $ok = 0;
    }
    # We're not going to worry about descriptions
    if ($ok) {
Beispiel #6
0
$key_row = api_keys_utils_get_from_url($key_more);
$crumb_key = 'this_api_key';
$GLOBALS['smarty']->assign("crumb_key", $crumb_key);
$token_count = api_oauth2_access_tokens_count_for_key($key_row);
$GLOBALS['smarty']->assign("token_count", $token_count);
if (post_isset('delete') && crumb_check($crumb_key) && !$key_row['disabled']) {
    $conf = post_str("confirm");
    if ($conf) {
        $rsp = api_keys_delete($key_row);
        $GLOBALS['smarty']->assign_by_ref("delete_rsp", $rsp);
    }
    $GLOBALS['smarty']->assign_by_ref("key", $key_row);
    $GLOBALS['smarty']->display("page_api_key_delete.txt");
    exit;
} else {
    if (post_isset('done') && crumb_check($crumb_key) && !$key_row['disabled']) {
        $ok = 1;
        $update = array();
        $title = filter_strict(post_str("title"));
        $description = filter_strict(post_str("description"));
        $callback = filter_strict(post_str("callback"));
        if ($ok && !$title) {
            $GLOBALS['smarty']->assign("error", "no_title");
            $ok = 0;
        }
        if ($ok && !$description) {
            $GLOBALS['smarty']->assign("error", "no_description");
            $ok = 0;
        }
        if ($ok && $callback) {
            if (!api_keys_utils_is_valid_callback($callback)) {
    }
}
#
# Okay, you buy?
#
if (!$ok) {
    $GLOBALS['error']['invalid_url'] = 1;
    $GLOBALS['error']['details'] = $error_details;
    $GLOBALS['smarty']->display('page_upload_by_url_form.txt');
    exit;
}
#
# Confirmation and/or remote fetching
#
$smarty->assign_by_ref('parsed_url', $parsed);
$smarty->assign('url', $url);
if (post_isset('confirm') && crumb_check($crumb_key)) {
    $label = filter_strict(post_str('label'));
    $private = post_str('private') ? 1 : 0;
    $dots_index_on = filter_strict(post_str('dots_index_on'));
    $more = array('label' => $label, 'mark_all_private' => $private, 'return_dots' => 0, 'dots_index_on' => $dots_index_on);
    if ($mime_type = post_str('mime_type')) {
        $more['assume_mime_type'] = $mime_type;
    }
    $rsp = import_import_uri($GLOBALS['cfg']['user'], $url, $more);
    $smarty->assign_by_ref('import', $rsp);
}
$import_formats = formats_valid_import_map('key by extension');
$GLOBALS['smarty']->assign_by_ref("import_formats", $import_formats);
$smarty->display("page_upload_by_url.txt");
exit;
    $conf = post_str("confirm");
    if ($conf) {
        $rsp = api_oauth2_access_tokens_delete($token_row);
        $GLOBALS['smarty']->assign_by_ref("delete_rsp", $rsp);
    }
    $GLOBALS['smarty']->assign_by_ref("token", $token_row);
    $GLOBALS['smarty']->display("page_api_oauth2_token_delete.txt");
    exit;
} else {
    if (post_isset('done') && crumb_check($crumb_key)) {
        $perms = post_str("perms");
        if (!api_oauth2_access_tokens_is_valid_permission($perms)) {
            $GLOBALS['smarty']->assign("error", "bad_perms");
        } else {
            $update = array('perms' => $perms);
            if ($update_ttl = post_isset("update_ttl")) {
                $ttl = post_str("update_ttl");
                $ttl = $ttl == '' ? -1 : intval($ttl);
                if ($ttl >= 0) {
                    $update['expires'] = $ttl ? time() + $ttl : 0;
                }
            }
            $update_rsp = api_oauth2_access_tokens_update($token_row, $update);
            $GLOBALS['smarty']->assign_by_ref("update_rsp", $update_rsp);
            if ($update_rsp['ok']) {
                $token_row = $update_rsp['token'];
            }
        }
    } else {
    }
}