header("Location: {$_GET['returnto']}"); } } //If we have a callback, it probably means the user executed the authorize function, so let's finish authorization by getting the access token. if (isset($_GET['oauth_verifier']) && $_GET['oauth_verifier']) { start_session(); $OAuth = new OAuth2($_SESSION['callto']); $returnstring = base64_encode(serialize($_SESSION)); if ($OAuth->isAuthorized()) { header("Location: {$_SESSION['returnto']}"); unset($_SESSION['returnto'], $_SESSION['callto']); session_write_close(); die; } else { session_write_close(); die("Failed to complete Authorization!<br>Returned error:<br>" . $OAuth->getError()); } } die("This is a redirector OAuth handling script. It is not meant to be called directly."); function start_session() { session_save_path(XTOOLS_BASE_SYS_DIR_SESSION . '/tmp/session'); ini_set('session.gc_probability', 1); session_cache_limiter("public"); session_cache_expire(30); $lifetime = 15552000; $path = preg_replace('/^(\\/.*\\/).*/', '\\1', dirname($_SERVER['SCRIPT_NAME'])); session_name('xtools'); session_set_cookie_params($lifetime, $path, ".tools.wmflabs.org"); session_start(); }