//{ // $_SESSION['current_user'] = $_SESSION['user_id']; // unset($_SESSION['user_id']); //} define('TR_INCLUDE_PATH', '../include/'); require TR_INCLUDE_PATH . 'vitals.inc.php'; require_once TR_INCLUDE_PATH . 'classes/DAO/UsersDAO.class.php'; require_once TR_INCLUDE_PATH . 'classes/DAO/OAuthServerTokensDAO.class.php'; $usersDAO = new UsersDAO(); $oAuthServerTokensDAO = new OAuthServerTokensDAO(); // Validation input parameters if ($_REQUEST['oauth_token'] == '') { echo 'error=' . urlencode('Empty oauth token'); exit; } $token_row = $oAuthServerTokensDAO->getByTokenAndType($_REQUEST['oauth_token'], 'request'); if (!is_array($token_row)) { echo 'error=' . urlencode('Invalid oauth token'); exit; } // $_SESSION['token'] is used to encrypt the password from web form if (!isset($_SESSION['token'])) { $_SESSION['token'] = sha1(mt_rand() . microtime(TRUE)); } if (isset($_POST['submit'])) { $user_id = $usersDAO->Validate($addslashes($_POST['form_login']), $addslashes($_POST['form_password_hidden'])); if (!$user_id) { $msg->addError('INVALID_LOGIN'); } else { if ($usersDAO->getStatus($user_id) == TR_STATUS_DISABLED) { $msg->addError('ACCOUNT_DISABLED');
} if (!isset($_POST['allow_a4a_import'])) { $_POST['allow_a4a_import'] = 1; } // the import request is from oauth web service, find the user id from the given token if (isset($_GET['oauth_token'])) { require_once TR_INCLUDE_PATH . 'config.inc.php'; require_once TR_INCLUDE_PATH . 'constants.inc.php'; if ($_GET['oauth_token'] == '') { echo "error=" . urlencode('Empty OAuth token'); exit; } else { $oauth_import = true; require_once TR_INCLUDE_PATH . 'classes/DAO/OAuthServerTokensDAO.class.php'; $oAuthServerTokensDAO = new OAuthServerTokensDAO(); $token_row = $oAuthServerTokensDAO->getByTokenAndType($_GET['oauth_token'], 'access'); if (!is_array($token_row)) { echo "error=" . urlencode('Invalid OAuth token'); exit; } else { if ($oAuthServerTokensDAO->isTokenExpired($_GET['oauth_token'])) { echo "error=" . urlencode('OAuth token expired'); exit; } } $_user_id = $token_row[0]['user_id']; } } require TR_INCLUDE_PATH . 'vitals.inc.php'; require_once TR_INCLUDE_PATH . 'classes/Utility.class.php'; require_once TR_INCLUDE_PATH . '../home/classes/ContentUtility.class.php';