function mx_actionurl($page = 'main', $option = '', $action = '', $section = '', $redir = '', $site = null, $other = '', $nofacebook = false) { switch ($site) { case 'prod': $host = 'http://www.example.com'; break; case 'normal': $host = mx_option('basicsiteurl'); break; case 'secure': $host = mx_option('secure_siteurl'); break; default: $host = mx_option('siteurl'); } // --- stay in canvas or facebook page mode if (!$nofacebook) { if ($_GET['canvas']) { $other .= ($other ? '&' : '') . 'canvas=1'; } if ($_GET['fbp']) { $other .= ($other ? '&' : '') . 'fbp=1'; } if ($_REQUEST['signed_request']) { $other .= ($other ? '&' : '') . 'signed_request=' . $_REQUEST['signed_request']; } } $r = mx_secureredir(urldecode($_GET['r'])); //error_log('actionurl: redir='.$redir.' r='.$r.' other='.$other); $i = mx_secureword($_GET['i']); if ($r && !$redir && ($option == 'signin' || $option == 'register')) { $redir = $r; } if ($i && strpos($other, 'i=') === false && ($option == 'signin' || $option == 'register')) { $other .= ($other ? '&' : '') . 'i=' . $i; } // --- $str = $host . '/' . $page; if ($option) { $str .= '/' . $option; } $qr = ''; if ($action) { $qr .= 'a=' . $action; } if ($section) { $qr .= ($qr ? '&' : '') . 'k=' . $section; } if ($redir) { $qr .= ($qr ? '&' : '') . 'r=' . urlencode($redir); } //return mx_option('siteurl').'/index.php?p='.$page.'&o='.$option.'&a='.$action.'&k='.$section; if ($other) { $qr .= ($qr ? '&' : '') . $other; } if ($qr) { $str .= '?' . $qr; } return $str; }
function mx_cksignin($page, $option, $action) { global $me, $mxuser, $mxsession, $signerrors; /*if ($mxuser->id) { //die(); header('Location: '.mx_actionurl($page,$option,'ok')); }*/ //die('page='.$page.' option='.$option.' action='.$action.'<br/>REQUESTS: '.print_r($_REQUEST,true)); $signerrors = array(); $redir = mx_secureredir(urldecode($_REQUEST['r'])); //error_log('signin: action='.$action); //mx_checkfblogin(false); if ($action == 'register') { mx_ckregister($page, 'register', $action); return; } else { if ($action == 'signin') { // check login data $login = $_POST['email']; $pwd = $_POST['password']; if ($_POST['captcha']) { require_once 'ext_includes/recaptchalib.php'; $resp = recaptcha_check_answer(MX_RECAPTCHA_PRIVATE, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { // What happens when the CAPTCHA was entered incorrectly $signerrors['captcha'] = _("ReCaptcha incorrect.<br/>Please try again"); } } if (!$signerrors['captcha'] && $mxuser->checklogin($login, $pwd)) { mx_setsession($mxuser, time()); header('Location: ' . mx_actionurl_normal($page, $option, 'ok', '', $redir)); } else { if (!$signerrors['captcha']) { $signerrors = array('email' => _('Wrong credentials...'), 'password' => _('...or wrong password.')); } } } else { if ($action == 'fb') { mx_checkfblogin(false); $cruser = mx_checkfbuser(false); if ($cruser == 1) { $mxuser = new MXUser(); } else { header('Location: ' . mx_actionurl_normal('account', 'register', 'fb')); } /*else if (mx_checkfbuser(true)==2) { error_log(print_r($mxuser,true)); header('Location: '.mx_actionurl('account','setup','setup_0')); } */ /* else { header('Location: '.mx_actionurl_normal('account','register','','',($redir?(':'.$redir):''))); }*/ } else { if ($action == 'forgot') { $login = $_POST['email']; if (!$login) { $signerrors = array('email' => _('Please inform your email or username' . ' (Have you tried signing in using Facebook?)')); } else { $signerrors = $mxuser->lostpassword($login); } } else { if ($action == 'confirmation') { $confirmcode = mx_secureword($_REQUEST['c']); $mxuser->checkconfirm($confirmcode); if ($mxuser->id) { mx_setsession($mxuser, time()); } else { $signerrors = array('email' => _('The password recovery link you\'re using is no more valid.' . ' If you requested twice, check the most recent email you received.')); } return; } else { if ($action == 'update') { $postfld = $_POST['new_password']; $chkconf = $_POST['conf_password']; if ($chkconf != $postfld) { $signerrors = array('password' => _('Password confirmation does not match new password.')); } else { if (!$postfld) { $signerrors = array('password' => _('Password cannot be left blank.')); } else { $signerrors = array(); $mxuser->setoption('pwdhash', hash('sha256', $_POST['new_password'])); mx_setsession($mxuser, time()); } } return; } } } } } } /* else { mx_checkfblogin(false); if (mx_checkfbuser(false)==1) { $mxuser=new MXUser(); } else $me=null; //if ($me) die('FB logged'); }*/ if ($mxuser->id) { mx_fbaction('use?website=' . mx_pageurl('main')); } if ($mxuser->id && $redir) { //$action=='redirect') { preg_match_all('%([^,]*),?%', $redir, $aredir); //error_log('signin/redir: '.$redir.' - '.print_r($aredir,true)); if ($aredir && $aredir[1][0]) { header('location: ' . mx_actionurl($aredir[1][0], $aredir[1][1], $aredir[1][2], $aredir[1][3], '', $_SERVER['HTTPS'] ? 'secure' : 'normal', $aredir[1][4])); } return; } /*if ($mxuser->id && array_key_exists('HTTPS',$_SERVER)) { header('Location: '.mx_actionurl_normal($page,$option,'ok'.($redir?(':'.$redir):''))); return; }*/ // define account if not done... if ($mxuser->id) { if (!$mxuser->acctype) { header('location: ' . mx_optionurl('account', 'setup')); } header('location: ' . mx_actionurl('main', '', 'signed')); } //error_log('hello!'); //die(phpinfo()); }
function mx_FBinit() { global $FBsession, $facebook; $page = mx_secureword($_GET['p']); $option = mx_secureword($_GET['o']); $action = mx_secureword($_REQUEST['a']); $section = mx_secureword($_REQUEST['k']); $invite = mx_secureword($_GET['i']); $redir = mx_secureredir(urldecode($_GET['r'])); ?> <div id="fb-root"></div> <script> window.fbAsyncInit = function() { FB.init({ appId : '<?php echo $facebook->getAppId(); ?> ', //session : <?php echo json_encode($FBsession); ?> , // don't refetch the session when PHP already has it channelURL : '<?php echo mx_option('siteurl') . '/fb-channel.php'; ?> ', status : false, // check login status cookie : true, // enable cookies to allow the server to access the session xfbml : true, // parse XFBML oauth : true }); FB.Event.subscribe('auth.statusChange', function(response) { //FB.getLoginStatus(function(response) { if (response.status === 'connected') { //alert('Connected!'); <?php if ($option == 'signin' || $option == 'register') { echo 'blackout(\'' . _('Signing you in<br/>using Facebook') . '\'); window.location=\'' . mx_actionurl($page, $option, 'fb', '', $redir) . '\';'; } else { //echo 'blackout(\''._('Signing you in<br/>using Facebook').'\'); window.location=\''.mx_loginfbredirecturl($page,$option,$action,$section).($invite?('&i='.$invite):'').'\';'; } ?> } else if (response.status === 'not_authorized') { // the user is logged in to Facebook, // but has not authenticated your app } else { // the user isn't logged in to Facebook. } }); FB.Event.subscribe('auth.authResponseChange', function(response) { if (response.status=='connected') { <?php if ($option == 'signin' || $option == 'register') { echo 'blackout(\'' . _('Signing you in<br/>using Facebook') . '\'); window.location=\'' . mx_actionurl($page, $option, 'fb', '', $redir) . '\';'; } else { //echo 'blackout(\''._('Signing you in<br/>using Facebook').'\'); window.location=\''.mx_loginfbredirecturl($page,$option,$action,$section).($invite?('&i='.$invite):'').'\';'; } ?> } else { window.location='<?php echo mx_actionurl($page, $option, $action); ?> '; //alert('status='+response.status); //window.location.reload(); } }); FB.Event.subscribe('edge.create', function(response) { if (response.indexOf('artists/artprof')>0) { art=response.substr(response.lastIndexOf('a=')+2); iconclick('il_'+art,'',''); } } ); FB.Event.subscribe('edge.remove', function(response) { if (response.indexOf('artists/artprof')>0) { art=response.substr(response.lastIndexOf('a=')+2); iconclick('nl_'+art,'',''); } } ); <?php if ($_GET['canvas'] || $_GET['fbp']) { // resize FB Canvas ?> var psize=new Object; psize.width=$(document).width(); psize.height=$(document).height(); FB.Canvas.setSize(psize); FB.Canvas.setAutoGrow(1000); <?php } ?> }; (function(d){ var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;} js = d.createElement('script'); js.id = id; js.async = true; js.src = "//connect.facebook.net/en_US/all.js"; d.getElementsByTagName('head')[0].appendChild(js); }(document)); //(function() { // var e = document.createElement('script'); // e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js'; // e.async = true; // document.getElementById('fb-root').appendChild(e); //}()); function addToPage() { // calling the API ... var obj = { method: 'pagetab' //redirect_uri: '<?php echo mx_optionurl($page, $option); ?> ', }; FB.ui(obj); } </script> <?php }