require_once $C->INCPATH . 'helpers/func_api.php';
if ($_SERVER['REQUEST_METHOD'] != 'GET' && $_SERVER['REQUEST_METHOD'] != 'POST') {
echo 'Invalid request method.';
exit;
} elseif (isset($_REQUEST['oauth_version']) && $_REQUEST['oauth_version'] != '1.0') {
echo 'Invalid OAuth version.';
exit;
}
if (isset($_REQUEST['oauth_consumer_key'], $_REQUEST['oauth_nonce'], $_REQUEST['oauth_signature_method'], $_REQUEST['oauth_signature'], $_REQUEST['oauth_timestamp']) && $_REQUEST['oauth_signature_method'] != '') {
require_once $C->INCPATH . 'classes/class_oauth.php';
$oauth_client = new OAuth($_REQUEST['oauth_consumer_key'], $_REQUEST['oauth_nonce'], $_REQUEST['oauth_signature'], $_REQUEST['oauth_timestamp']);
if (isset($_REQUEST['oauth_version'])) {
$oauth_client->set_variable('version', '1.0');
}
if ($oauth_client->is_valid_consumer_key() && $oauth_client->is_valid_nonce() && $oauth_client->is_valid_timestamp() && strtolower(urldecode($_REQUEST['oauth_signature_method'])) == 'hmac-sha1' && $oauth_client->decrypt_hmac_sha1() && $oauth_client->is_valid_application()) {
$oauth_client->set_variable('token_secret', $oauth_client->generate_random_value());
$oauth_client->set_variable('request_token', $oauth_client->generate_request_token());
if ($oauth_client->set_request_table()) {
echo 'oauth_token_secret=' . $oauth_client->get_variable('token_secret');
echo '&oauth_token=' . $oauth_client->get_variable('request_token') . '&oauth_callback_confirmed=true';
} else {
echo $oauth_client->get_variable('error_msg');
exit;
}
} else {
echo $oauth_client->there_is_error() ? $oauth_client->get_variable('error_msg') : 'Invalid signature method';
exit;
}
} else {
echo 'Missing OAuth parameter(s).';
$api_session->oauth_error = '';
if (($auth = prepare_request()) || ($auth = prepare_header())) {
if (isset($auth['oauth_version']) && $auth['oauth_version'] != '1.0') {
$api_session->oauth_error = 'Not supported OAuth version';
} elseif (isset($auth['oauth_consumer_key'], $auth['oauth_nonce'], $auth['oauth_token'], $auth['oauth_signature_method'], $auth['oauth_signature'], $auth['oauth_timestamp'])) {
$ares = isset($api_session->resource_option) ? '/' . $api_session->resource_option : '';
$resource = isset($api_session->resource) ? 'favorites/' . $api_session->resource . $ares : 'favorites';
$oauth_client = new OAuth($auth['oauth_consumer_key'], $auth['oauth_nonce'], $auth['oauth_token'], $auth['oauth_timestamp'], $auth['oauth_signature']);
$oauth_client->set_variable('stage_url', $C->SITE_URL . '1/' . $resource . '.' . $api_session->format);
if (isset($auth['oauth_version'])) {
$oauth_client->set_variable('version', '1.0');
}
if ($oauth_client->is_valid_get_resource_request()) {
if ($auth['oauth_signature_method'] != 'HMAC-SHA1') {
$api_session->oauth_error = 'Unsupported signature method';
} elseif (!$oauth_client->decrypt_hmac_sha1()) {
$api_session->oauth_error = 'Invalid signature';
} else {
//success
$id = $oauth_client->get_user_id(urldecode($auth['oauth_token']));
$u = $this->network->get_user_by_id($id);
if ($u) {
$api_session->oauth_status = true;
$user->is_logged = true;
$user->id = $id;
$user->info = new stdClass();
$user->info->id = $id;
$user->info->is_network_admin = $u->is_network_admin;
$user->info->is_posts_protected = $u->is_posts_protected;
$user->info->username = $u->username;
$user->info->network_id = $u->network_id;
<?php
if ($_SERVER['REQUEST_METHOD'] != 'GET' && $_SERVER['REQUEST_METHOD'] != 'POST') {
echo 'Invalid request method.';
exit;
} elseif (isset($_REQUEST['oauth_version']) && $_REQUEST['oauth_version'] != '1.0') {
echo 'Not supported oauth version.';
exit;
}
if (isset($_REQUEST['oauth_consumer_key'], $_REQUEST['oauth_nonce'], $_REQUEST['oauth_signature_method'], $_REQUEST['oauth_signature'], $_REQUEST['oauth_timestamp'], $_REQUEST['oauth_token'], $_REQUEST['oauth_verifier'])) {
require_once $C->INCPATH . 'classes/class_oauth.php';
$oauth_client = new OAuth($_REQUEST['oauth_consumer_key'], $_REQUEST['oauth_nonce'], $_REQUEST['oauth_signature'], $_REQUEST['oauth_timestamp'], $_REQUEST['oauth_token'], $_REQUEST['oauth_verifier']);
if (isset($_REQUEST['oauth_version'])) {
$oauth_client->set_variable('version', '1.0');
}
if ($oauth_client->is_valid_access_token_request() && strtolower(urldecode($_REQUEST['oauth_signature_method'])) == 'hmac-sha1' && $oauth_client->decrypt_hmac_sha1()) {
$oauth_client->set_variable('access_token', $oauth_client->generate_access_token());
$oauth_client->set_variable('user_id', $oauth_client->get_field_in_table('oauth_request_token', 'user_id', 'request_token', $_REQUEST['oauth_token']));
if ($oauth_client->set_access_table() && $oauth_client->delete_row_in_table('oauth_request_token', 'request_token', $oauth_client->get_variable('request_token'))) {
echo 'oauth_token_secret=' . urlencode($oauth_client->get_variable('token_secret'));
echo '&oauth_token=' . urlencode($oauth_client->get_variable('access_token'));
} else {
echo $oauth_client->get_variable('error_msg');
exit;
}
} else {
echo $oauth_client->there_is_error() ? $oauth_client->get_variable('error_msg') : 'Invalid signature method';
exit;
}
} else {
echo 'Missing OAuth parameters.';
