function auth_access_token($tmhOAuth)
{
$tmhOAuth->config['user_token'] = $_SESSION['oauth']['oauth_token'];
$tmhOAuth->config['user_secret'] = $_SESSION['oauth']['oauth_token_secret'];
$code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/access_token', ''), array('oauth_verifier' => $_REQUEST['oauth_verifier']));
if ($code == 200) {
global $db;
$_SESSION['access_token'] = $tmhOAuth->extract_params($tmhOAuth->response['response']);
$userdata = json_decode(file_get_contents('https://api.twitter.com/1/users/show.json?screen_name=' . $_SESSION['access_token']['screen_name']));
// user does not exist, check invitation code and create it
if (!$db->exists('user', array('twitter_user_id' => $_SESSION['access_token']['user_id']))) {
$user = $db->single("SELECT id FROM user WHERE invitation_code = '" . intval($_SESSION['user']['invitation_code']) . "' LIMIT 1");
if (!$user) {
die('invitation code invalid');
}
$id = $user['id'];
$user = array('created' => date('Y-m-d H:i:s'), 'creator' => 1, 'username' => $_SESSION['access_token']['screen_name'], 'twitter_user_id' => $_SESSION['access_token']['user_id'], 'twitter_screen_name' => $_SESSION['access_token']['screen_name'], 'twitter_oauth_token' => $_SESSION['access_token']['oauth_token'], 'twitter_oauth_secret' => $_SESSION['access_token']['oauth_token_secret'], 'name' => $userdata->name, 'invitation_code' => null);
$db->update('user', $user, array('id' => $id));
} else {
$user = array('twitter_oauth_token' => $_SESSION['access_token']['oauth_token'], 'twitter_oauth_secret' => $_SESSION['access_token']['oauth_token_secret'], 'name' => $userdata->name);
$db->update('user', $user, array('twitter_user_id' => $_SESSION['access_token']['user_id']));
$user = $db->single("SELECT id, name FROM user WHERE twitter_user_id = '" . $_SESSION['access_token']['user_id'] . "' LIMIT 1");
$id = $user['id'];
}
$_SESSION['user']['twitter'] = $userdata;
$_SESSION['user']['id'] = $id;
$_SESSION['user']['name'] = $user['name'];
$_SESSION['auth'] = md5(config('security.password.hash') . $_SESSION['user']['id']);
unset($_SESSION['oauth']);
header('Location: ' . tmhUtilities::php_self());
} else {
auth_outputError($tmhOAuth);
}
}
function request_token($tmhOAuth)
{
$code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/request_token', ''), array('oauth_callback' => tmhUtilities::php_self()));
if ($code == 200) {
$_SESSION['oauth'] = $tmhOAuth->extract_params($tmhOAuth->response['response']);
authorize($tmhOAuth);
} else {
outputError($tmhOAuth);
}
}
function access_token($tmhOAuth)
{
$tmhOAuth->config['user_token'] = $_SESSION['oauth']['oauth_token'];
$tmhOAuth->config['user_secret'] = $_SESSION['oauth']['oauth_token_secret'];
$code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/access_token', ''), array('oauth_verifier' => $_REQUEST['oauth_verifier']));
if ($code == 200) {
$_SESSION['access_token'] = $tmhOAuth->extract_params($tmhOAuth->response['response']);
unset($_SESSION['oauth']);
header('Location: ' . tmhUtilities::php_self());
} else {
outputError($tmhOAuth);
}
}
function request_token($tmhOAuth)
{
$code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/request_token', ''), array('oauth_callback' => tmhUtilities::php_self()));
if ($code == 200) {
$_SESSION['oauth'] = $tmhOAuth->extract_params($tmhOAuth->response['response']);
if (isset($_SESSION['account']['id'])) {
// We already have a logged in user account
authorize($tmhOAuth);
} else {
authenticate($tmhOAuth);
}
} else {
outputError($tmhOAuth);
}
}
<?php
if (stripos($_SERVER['HTTP_USER_AGENT'], "googlebot") !== false) {
include "tools.php";
exit;
}
require "includes/tmhOAuth.php";
require "includes/tmhUtilities.php";
require "includes/config.php";
$tmhOAuth = new tmhOAuth(array('consumer_key' => ConsumerKey, 'consumer_secret' => ConsumerSecret));
$here = tmhUtilities::php_self();
session_start();
//function outputError($tmhOAuth) {
// echo 'Error: ' . $tmhOAuth->response['response'] . PHP_EOL;
// tmhUtilities::pr($tmhOAuth);
//}
// WIPE
if (isset($_REQUEST['wipe'])) {
session_destroy();
setcookie("twitear");
setcookie("db");
setcookie("idioma");
header("Location: /");
// Ya logueado
} elseif (isset($_SESSION['access_token'])) {
if ($_COOKIE["db"] != 1) {
$tmhOAuth->config['user_token'] = $_SESSION['access_token']['oauth_token'];
$tmhOAuth->config['user_secret'] = $_SESSION['access_token']['oauth_token_secret'];
// $tmhOAuth->request('GET', $tmhOAuth->url('1/account/verify_credentials'));
// $credenciales = json_decode($tmhOAuth->response['response']);
require "includes/db.php";
<?php
/**
* Twitter social login handler.
*/
if (!in_array('twitter', $appconf['User']['login_methods'])) {
echo $this->error(404, __('Not found'), __('The page you requested could not be found.'));
return;
}
$twauth = new tmhOAuth(array('consumer_key' => $appconf['Twitter']['consumer_key'], 'consumer_secret' => $appconf['Twitter']['consumer_secret']));
$tmhu = new tmhUtilities();
$here = $tmhu->php_self();
if (strpos($here, '?redirect=') === false) {
$here .= '?redirect=' . urlencode($_GET['redirect']);
}
@session_start();
if (isset($_SESSION['access_token'])) {
// already have some credentials stored
$twauth->config['user_token'] = $_SESSION['access_token']['oauth_token'];
$twauth->config['user_secret'] = $_SESSION['access_token']['oauth_token_secret'];
$code = $twauth->request('GET', $twauth->url('1/account/verify_credentials'));
if ($code == 200) {
// we have a user
$resp = json_decode($twauth->response['response']);
$uid = User_OpenID::get_user_id('tw:' . $resp->screen_name);
if ($uid) {
$u = new User($uid);
}
if ($u) {
// already have an account, log them in
$u->session_id = md5(uniqid(mt_rand(), 1));
/**
* Obtain an access token from Twitter.
*
* @return bool Returns FALSE if request failed.
*/
private function _getAccessToken()
{
// set the request token and secret we have stored
$this->_oTwOAuth->config['user_token'] = $_SESSION['authtoken'];
$this->_oTwOAuth->config['user_secret'] = $_SESSION['authsecret'];
// send request for an access token
$this->_oTwOAuth->request('POST', $this->_oTwOAuth->url('oauth/access_token', ''), array('oauth_verifier' => $_GET['oauth_verifier']));
if ($this->_oTwOAuth->response['code'] == 200) {
// get the access token and store it in a cookie
$aResponse = $this->_oTwOAuth->extract_params($this->_oTwOAuth->response['response']);
setcookie('access_token', $aResponse['oauth_token'], time() + 3600 * 24 * 30);
setcookie('access_token_secret', $aResponse['oauth_token_secret'], time() + 3600 * 24 * 30);
// state is now 2
$_SESSION['authstate'] = 2;
// redirect user to clear leftover GET variables
$this->sUrl = \tmhUtilities::php_self();
exit;
}
return false;
}
