# we're parsing because we only support sets right now.
if ($is_flickr) {
list($flickr_type, $ignore) = import_flickr_url_type($url);
$GLOBALS['smarty']->assign_by_ref("flickr_url_type", $flickr_type);
if ($flickr_type != 'set') {
$ok = 0;
$GLOBALS['error']['invalid_flickr_type'] = 1;
}
}
if (!$ok) {
$GLOBALS['smarty']->display('page_upload3.txt');
exit;
}
# This is an upload from some random remote site
# Please to make sure you are saying yes, ok?
if (!post_isset('confirm')) {
$GLOBALS['smarty']->assign('step', 'confirm');
$GLOBALS['smarty']->display('page_upload3.txt');
exit;
}
# Am I Google?
if ($is_flickr) {
# pass
} else {
if ($is_google) {
if ($feed_url = google_get_mymaps_kml_feed($url)) {
$url = $feed_url;
} else {
$GLOBALS['error']['no_feed_url'] = 1;
$ok = 0;
}
<?php
include "include/init.php";
loadlib("api_keys");
loadlib("api_keys_utils");
features_ensure_enabled("api");
features_ensure_enabled("api_register_keys");
login_ensure_loggedin();
$crumb_key = 'api_key';
$GLOBALS['smarty']->assign("crumb_key", $crumb_key);
$step = 1;
if (post_isset('done') && crumb_check($crumb_key)) {
$ok = 1;
$title = filter_strict(post_str("title"));
$description = filter_strict(post_str("description"));
$callback = filter_strict(post_str("callback"));
$conf = post_str("confirm");
if ($ok && !$title) {
$GLOBALS['smarty']->assign("error", "no_title");
$ok = 0;
} else {
$GLOBALS['smarty']->assign("title", $title);
}
if ($ok && !$description) {
$GLOBALS['smarty']->assign("error", "no_description");
$ok = 0;
} else {
$GLOBALS['smarty']->assign("description", $description);
}
if ($ok && $callback) {
if (!api_keys_utils_is_valid_callback($callback)) {
<?php
include "include/init.php";
login_ensure_loggedin("/account/foursquare/sync/");
$crumb_key = "foursquare_sync";
$GLOBALS['smarty']->assign("crumb_key", $crumb_key);
# put this in a library? which one...
$sync_states = array(0 => 'do not sync 4sq checkins', 1 => 'only sync recent 4sq checkins', 2 => 'sync all 4sq checkins past and future');
if (post_isset("done") && crumb_check($crumb_key)) {
$ok = 1;
if (!post_isset("sync")) {
$update_error = "missing sync";
$ok = 0;
}
if ($ok) {
$sync = post_int32("sync");
if (!isset($sync_states[$sync])) {
$update_error = "invalid sync";
$ok = 0;
}
}
if ($ok) {
if ($sync != $GLOBALS['cfg']['user']['sync_foursquare']) {
$update = array('sync_foursquare' => $sync);
$ok = users_update_user($GLOBALS['cfg']['user'], $update);
if ($ok) {
$GLOBALS['cfg']['user'] = users_get_by_id($GLOBALS['cfg']['user']['id']);
} else {
$update_error = "db error";
}
}
error_404();
}
$reset_code = get_str('reset');
if (!$reset_code) {
# seriously, go away...
header("location: /");
exit;
}
$user = users_get_by_password_reset_code($reset_code);
if (!$user) {
$smarty->assign('error_nouser', 1);
$smarty->display('page_reset.txt');
exit;
}
$smarty->assign('reset_code', $reset_code);
if (post_isset('done')) {
$new_password1 = post_str('new_password1');
$new_password2 = post_str('new_password2');
if (!$new_password1 || !$new_password2) {
$smarty->assign('error_missing_password', 1);
$smarty->display('page_reset.txt');
exit;
}
if ($new_password1 !== $new_password2) {
$smarty->assign('error_password_mismatch', 1);
$smarty->display('page_reset.txt');
exit;
}
if (!users_update_password($user, $new_password1)) {
$smarty->assign('error_update_failed', 1);
$smarty->display('page_reset.txt');
# http://www.rfc-editor.org/rfc/rfc6749.txt
include "include/init.php";
features_ensure_enabled("api");
features_ensure_enabled("api_delegated_auth");
features_ensure_enabled("api_authenticate_self");
login_ensure_loggedin();
loadlib("api_keys");
loadlib("api_oauth2_access_tokens");
$crumb_key = 'access_token_authenticate_like_magic';
$GLOBALS['smarty']->assign("crumb_key", $crumb_key);
$perms_map = api_oauth2_access_tokens_permissions_map();
$GLOBALS['smarty']->assign_by_ref("permissions", $perms_map);
$ttl_map = api_oauth2_access_tokens_ttl_map();
$GLOBALS['smarty']->assign_by_ref("ttl_map", $ttl_map);
$step = 1;
if (post_isset("done") && crumb_check($crumb_key)) {
$ok = 1;
$title = post_str("title");
$perms = post_str("perms");
$ttl = post_int32("ttl");
$conf = post_str("confirm");
if ($ok && !$title) {
$GLOBALS['smarty']->assign("error", "no_title");
$ok = 0;
}
if ($ok && !api_oauth2_access_tokens_is_valid_permission($perms)) {
$GLOBALS['smarty']->assign("error", "bad_perms");
$ok = 0;
}
# We're not going to worry about descriptions
if ($ok) {
$key_row = api_keys_utils_get_from_url($key_more);
$crumb_key = 'this_api_key';
$GLOBALS['smarty']->assign("crumb_key", $crumb_key);
$token_count = api_oauth2_access_tokens_count_for_key($key_row);
$GLOBALS['smarty']->assign("token_count", $token_count);
if (post_isset('delete') && crumb_check($crumb_key) && !$key_row['disabled']) {
$conf = post_str("confirm");
if ($conf) {
$rsp = api_keys_delete($key_row);
$GLOBALS['smarty']->assign_by_ref("delete_rsp", $rsp);
}
$GLOBALS['smarty']->assign_by_ref("key", $key_row);
$GLOBALS['smarty']->display("page_api_key_delete.txt");
exit;
} else {
if (post_isset('done') && crumb_check($crumb_key) && !$key_row['disabled']) {
$ok = 1;
$update = array();
$title = filter_strict(post_str("title"));
$description = filter_strict(post_str("description"));
$callback = filter_strict(post_str("callback"));
if ($ok && !$title) {
$GLOBALS['smarty']->assign("error", "no_title");
$ok = 0;
}
if ($ok && !$description) {
$GLOBALS['smarty']->assign("error", "no_description");
$ok = 0;
}
if ($ok && $callback) {
if (!api_keys_utils_is_valid_callback($callback)) {
}
}
#
# Okay, you buy?
#
if (!$ok) {
$GLOBALS['error']['invalid_url'] = 1;
$GLOBALS['error']['details'] = $error_details;
$GLOBALS['smarty']->display('page_upload_by_url_form.txt');
exit;
}
#
# Confirmation and/or remote fetching
#
$smarty->assign_by_ref('parsed_url', $parsed);
$smarty->assign('url', $url);
if (post_isset('confirm') && crumb_check($crumb_key)) {
$label = filter_strict(post_str('label'));
$private = post_str('private') ? 1 : 0;
$dots_index_on = filter_strict(post_str('dots_index_on'));
$more = array('label' => $label, 'mark_all_private' => $private, 'return_dots' => 0, 'dots_index_on' => $dots_index_on);
if ($mime_type = post_str('mime_type')) {
$more['assume_mime_type'] = $mime_type;
}
$rsp = import_import_uri($GLOBALS['cfg']['user'], $url, $more);
$smarty->assign_by_ref('import', $rsp);
}
$import_formats = formats_valid_import_map('key by extension');
$GLOBALS['smarty']->assign_by_ref("import_formats", $import_formats);
$smarty->display("page_upload_by_url.txt");
exit;
$conf = post_str("confirm");
if ($conf) {
$rsp = api_oauth2_access_tokens_delete($token_row);
$GLOBALS['smarty']->assign_by_ref("delete_rsp", $rsp);
}
$GLOBALS['smarty']->assign_by_ref("token", $token_row);
$GLOBALS['smarty']->display("page_api_oauth2_token_delete.txt");
exit;
} else {
if (post_isset('done') && crumb_check($crumb_key)) {
$perms = post_str("perms");
if (!api_oauth2_access_tokens_is_valid_permission($perms)) {
$GLOBALS['smarty']->assign("error", "bad_perms");
} else {
$update = array('perms' => $perms);
if ($update_ttl = post_isset("update_ttl")) {
$ttl = post_str("update_ttl");
$ttl = $ttl == '' ? -1 : intval($ttl);
if ($ttl >= 0) {
$update['expires'] = $ttl ? time() + $ttl : 0;
}
}
$update_rsp = api_oauth2_access_tokens_update($token_row, $update);
$GLOBALS['smarty']->assign_by_ref("update_rsp", $update_rsp);
if ($update_rsp['ok']) {
$token_row = $update_rsp['token'];
}
}
} else {
}
}