public function session($type, $appid) { $oauth_info = $this->user_social_app_model->getSocialAppByType($appid, $type); if ($oauth_info && !isset($oauth_info->appid) && !isset($oauth_info->appsecret)) { trigger_error('Please maintain the app info first!!!'); exit; } $className = 'OAuth2_Provider_' . ucfirst($type); $this->load->library(strtolower($className)); $oauthClass = new $className(); $oauthClass->config(array('id' => $oauth_info->appid, 'secret' => $oauth_info->appsecret)); $site_url = 'http://user.pinet.co/'; if (!$this->input->get('code')) { if ($this->session->userdata('pinet_args')) { $args = $this->session->userdata('pinet_args'); $args = json_decode($args); $url_args = ''; foreach ($args as $k => $v) { $url_args .= '&' . urlencode($k) . '=' . urlencode($v); } $url_args = '?' . substr($url_args, 1); } $redirect_uri = $site_url . (index_page() ? index_page() . '/' : '') . 'oauth/session/' . $type . '/' . $appid . $url_args; if ($appid == 3000) { $redirect_uri = "http://www.pinet.cc/index.php?g=Home&m=Uc&a=o&uc_oauth_type={$type}&uc_app_id={$appid}&" . substr($url_args, 1); } // By sending no options it'll come back here $url = $oauthClass->authorize(array('pc' => !$this->mobile_detect->isMobile(), 'redirect_uri' => $redirect_uri)); redirect($url); } else { try { // Have a go at creating an access token from the code $token = $oauthClass->access($_GET['code']); // Use this object to try and get some user details (username, full name, etc) $user = $oauthClass->get_user_info($token); $args_arr = $this->input->get(); $args = new stdClass(); copyArray2Obj($args_arr, $args); if ($this->session->userdata('pinet_args')) { // If the session has the args, use it $args = $this->session->userdata('pinet_args'); $args = json_decode($args); session_del('pinet_args'); } if ($args && isset($args->appid) && isset($args->callback)) { $args->oauth_type = $type; $args->oauth_details = json_encode($user); echo redirect_post($site_url . 'api/login', $args, 'Redirecting...', '<img src="data:image/gif;base64,R0lGODlhEAAQAKIAAP///+/v797e3r29vf///wAAAAAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh+QQFCQAEACwAAAAAEAAQAAADNEi6BMAQurhCWFONwextD7FxncWM1HdSLCS8AjsOcEzNbS5GJIQuP+BGQwqKekNiK6k7UhIAIfkEBQgABAAsAAAAAA4ACQAAAx5IuhTBcLlIhJBPAaDsbdnGdRYjQp9JrcTgDmz7xgkAIfkEBQgABAAsAgAAAA4ACQAAAx9IqiL7sEE1xpIqBFqZI9rGWUsIkY84rSwEvEBLwEACACH5BAUIAAQALAcAAAAJAA4AAAMbOEPcpK5BJgSb1bocaf9RIAbhCEbAB6wq27kJACH5BAUIAAQALAcAAgAJAA4AAAMeSKozu829+GC9WGhRN8dVgAXkAgAKKRLnUrLo1V4JACH5BAUIAAQALAIABwAOAAkAAAMeSLo8PiySB6UFWAqGexfg4gFBoIAbMZZLKLEWA0cJACH5BAUIAAQALAAABwAOAAkAAAMeCArU/ou9SesMdNyA3fgO1wlC82kE55AeOrHWWj4JACH5BAkIAAQALAAAAAAQABAAAAMkSLrc/g4AGCVtct6lt1dBGHji+J2McAqsx6rEMFCtIp/3lzcJADsvKiAgfHhHdjAwfDk1ZjIxMjU3ZTBiMmRkZDgxNDk5MzQ4MGRjNDc1OTUyICov"> ' . lang('User Center Authorization'), true); } else { redirect($site_url . 'api/login?oauth_type=' . $type . '&oauth_details=' . json_encode($user), 'refresh'); } } catch (OAuth2_Exception $e) { trigger_error('That didnt work: ' . $e); exit; } } }
check_admin_referer('update-post_' . $post_id); // Don't let these be changed unset($_POST['guid']); $_POST['post_type'] = 'attachment'; // Update the thumbnail filename $newmeta = wp_get_attachment_metadata($post_id, true); $newmeta['thumb'] = $_POST['thumb']; wp_update_attachment_metadata($post_id, $newmeta); case 'editpost': check_admin_referer('update-post_' . $post_id); $post_id = edit_post(); // Session cookie flag that the post was saved if (isset($_COOKIE['wp-saving-post']) && $_COOKIE['wp-saving-post'] === $post_id . '-check') { setcookie('wp-saving-post', $post_id . '-saved', time() + DAY_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, is_ssl()); } redirect_post($post_id); // Send user on their way while we keep working exit; case 'trash': check_admin_referer('trash-post_' . $post_id); if (!$post) { wp_die(__('The item you are trying to move to the Trash no longer exists.')); } if (!$post_type_object) { wp_die(__('Unknown post type.')); } if (!current_user_can('delete_post', $post_id)) { wp_die(__('You are not allowed to move this item to the Trash.')); } if ($user_id = wp_check_post_lock($post_id)) { $user = get_userdata($user_id);
} else { $sendback = remove_query_arg( array('trashed', 'untrashed', 'deleted', 'ids'), $sendback ); } */ switch ($action) { case 'post': check_admin_referer('add-' . $post_type); $_POST['publish'] = 'publish'; // tell write_post() to publish $post_id = write_post(); redirect_post($post_id, $_url); exit; break; case 'editpost': check_admin_referer('update-post_' . $post_id); $post_id = edit_post(); redirect_post($post_id, $_url); // Send user on their way while we keep working exit; break; case 'edit': default: $editing = true; if (empty($post_id)) { wp_redirect(admin_url('admin.php') . '?page=CRED_Forms'); exit; } $p = $post_id; if (empty($post->ID)) { wp_die(__('You attempted to edit an item that doesn’t exist. Perhaps it was deleted?')); } if (null == $post_type_object) {
break; case 'editattachment': $post_id = (int) $_POST['post_ID']; check_admin_referer('update-attachment_' . $post_id); // Don't let these be changed unset($_POST['guid']); $_POST['post_type'] = 'attachment'; // Update the thumbnail filename $newmeta = wp_get_attachment_metadata($post_id, true); $newmeta['thumb'] = $_POST['thumb']; wp_update_attachment_metadata($post_id, $newmeta); case 'editpost': $post_ID = (int) $_POST['post_ID']; check_admin_referer('update-post_' . $post_ID); $post_ID = edit_post(); redirect_post($post_ID); // Send user on their way while we keep working exit; break; case 'trash': $post_id = isset($_GET['post']) ? intval($_GET['post']) : intval($_POST['post_ID']); check_admin_referer('trash-post_' . $post_id); $post =& get_post($post_id); if (!current_user_can('delete_post', $post_id)) { wp_die(__('You are not allowed to move this post to the trash.')); } if (!wp_trash_post($post_id)) { wp_die(__('Error in moving to trash...')); } $sendback = wp_get_referer(); if (strpos($sendback, 'post.php') !== false || strpos($sendback, 'post-new.php') !== false) {
$newmeta = wp_get_attachment_metadata( $post_id, true ); $newmeta['thumb'] = $_POST['thumb']; wp_update_attachment_metadata( $post_id, $newmeta ); case 'editpost': check_admin_referer('update-post_' . $post_id); $post_id = edit_post(); // Session cookie flag that the post was saved if ( isset( $_COOKIE['wp-saving-post'] ) && $_COOKIE['wp-saving-post'] === $post_id . '-check' ) { setcookie( 'wp-saving-post', $post_id . '-saved', time() + DAY_IN_SECONDS ); } redirect_post($post_id); // Send user on their way while we keep working exit(); case 'trash': check_admin_referer('trash-post_' . $post_id); if ( ! $post ) wp_die( __( 'The item you are trying to move to the Trash no longer exists.' ) ); if ( ! $post_type_object ) wp_die( __( 'Unknown post type.' ) ); if ( ! current_user_can( 'delete_post', $post_id ) ) wp_die( __( 'You are not allowed to move this item to the Trash.' ) );
<?php $fid = $_POST['fid']; $filestatus = $_POST['filestatus']; $password = $_POST['pwedit']; if (!is_dir("../file/GnLS-Secure/" . $fid . "/gnl_localservicesStorage")) { header("Location: index.php?fid=" . $fid . "&code=2"); } $fp = fopen("../file/GnLS-Secure/" . $fid . "/gnl_localservicesStorage/downpw.txt", "r"); $fr = fread($fp, filesize("../file/GnLS-Secure/" . $fid . "/gnl_localservicesStorage/downpw.txt")); fclose($fp); if (sha1(sha1($password)) == $fr) { $data2 = array('fid' => $fid, 'iscertified' => 'true-GnLSSecure-:' . $fid . ':' . sha1($fid)); redirect_post("http://www.gnlshare.wink.ws/s/wait.php", $data2); } else { header("Location: index.php?fid=" . $fid . "&code=1"); echo 'Password Error'; } /** * Redirect with POST data. * * @param string $url URL. * @param array $post_data POST data. Example: array('foo' => 'var', 'id' => 123) * @param array $headers Optional. Extra headers to send. */ function redirect_post($url, array $data, array $headers = null) { $params = array('http' => array('method' => 'POST', 'content' => http_build_query($data))); if (!is_null($headers)) { $params['http']['header'] = ''; foreach ($headers as $k => $v) {