public function extra_process_login($network, $account_id, $message_id, $extra_ids) { if ($network != 'envato') { dir('Incorrect network in request_extra_login() - this should not happen'); } $accounts = $this->get_accounts(); if (!isset($accounts[$account_id])) { die('Invalid account, please report this error.'); } if (false) { // for testing without doing a full login: $shub_message = new shub_message(false, false, $message_id); ob_start(); $shub_message->output_message_list(false); return array('message' => ob_get_clean()); } // check if the user is already logged in via oauth. if (!empty($_SESSION['shub_oauth_envato']) && is_array($_SESSION['shub_oauth_envato']) && $_SESSION['shub_oauth_envato']['expires'] > time() && $_SESSION['shub_oauth_envato']['account_id'] == $account_id && $_SESSION['shub_oauth_envato']['message_id'] == $message_id) { // user is logged in $shub_message = new shub_message(false, false, $message_id); if ($shub_message->get('account')->get('shub_account_id') == $account_id && $shub_message->get('shub_message_id') == $message_id) { ob_start(); if (!empty($_SESSION['shub_oauth_envato']['is_admin'])) { echo "<p>You are currently logged in as the Administrator account. You can see all message history.</p>"; } $shub_message->output_message_list(false); if (isset($_GET['done'])) { // submission of extra data was successful, clear the token so the user has to login again $_SESSION['shub_oauth_envato'] = false; } return array('message' => ob_get_clean()); } } else { // user isn't logged in or the token has expired. show the login url again. // find the account. if (isset($accounts[$account_id])) { $shub_envato_account = new shub_envato_account($accounts[$account_id]['shub_account_id']); // found the account, pull in the API and build the url $api = $shub_envato_account->get_api(); // check if we have a code from a previous redirect: if (!empty($_SESSION['shub_oauth_doing_envato']['code'])) { // grab a token from the api $token = $api->get_authentication($_SESSION['shub_oauth_doing_envato']['code']); unset($_SESSION['shub_oauth_doing_envato']['code']); if (!empty($token) && !empty($token['access_token'])) { // good so far, time to check their username matches from the api $shub_message = new shub_message(false, false, $message_id); if ($shub_message->get('account')->get('shub_account_id') == $shub_envato_account->get('shub_account_id')) { // grab the details from the envato message: $envato_comments = $shub_message->get_comments(); $first_comment = current($envato_comments); if (!empty($first_comment)) { $api_result = $api->api('v1/market/private/user/username.json', array(), false); $api_result_email = $api->api('v1/market/private/user/email.json', array(), false); $api_user = new SupportHubUser_Envato(); if ($api_result && !empty($api_result['username'])) { if ($api_result_email && !empty($api_result_email['email'])) { $email = trim(strtolower($api_result_email['email'])); $api_user->load_by('user_email', $email); if (!$api_user->get('shub_user_id')) { // see if we can load by envato username instead $api_user->load_by_meta('envato_username', $api_result['username']); if (!$api_user->get('shub_user_id')) { // no match on envato username // try to find a match by plain old username instead // no existing match by email, find a match by username $api_user->load_by('user_username', $api_result['username']); if (!$api_user->get('shub_user_id')) { // no existing match by email, envato_username or plain username, pump a new entry in the db $api_user->create_new(); $api_user->add_meta('envato_username', $api_result['username']); $api_user->update('user_email', $email); $api_user->update('user_username', $api_result['username']); } else { // we got a match by username } } else { // yes! we got a match by envato username. } } } else { // no email from the user, strange! we should always get an email from the API. // well just incase we fall back and try to load based on username. // (COPIED CODE FROM ABOVE ) // see if we can load by envato username instead $api_user->load_by_meta('envato_username', $api_result['username']); if (!$api_user->get('shub_user_id')) { // no match on envato username // try to find a match by plain old username instead // no existing match by email, find a match by username $api_user->load_by('user_username', $api_result['username']); if (!$api_user->get('shub_user_id')) { // no existing match by email, envato_username or plain username, pump a new entry in the db $api_user->create_new(); $api_user->add_meta('envato_username', $api_result['username']); $api_user->update('user_username', $api_result['username']); } else { // we got a match by username } } else { // yes! we got a match by envato username. } } } if (!$api_result || empty($api_result['username']) || !$api_user->get('shub_user_id')) { // we got an API error, should always have a username. SupportHub::getInstance()->log_data(_SUPPORT_HUB_LOG_ERROR, 'envato', 'OAuth Login Fail - No Username From API', 'API Result ' . var_export($api_result, true) . ' tried to login and gain access to ticket message ' . $message_id); echo "Sorry, unable to login with Envato. <br><br> "; $item_data = $shub_message->get('item')->get('item_data'); if ($item_data && $item_data['url']) { echo '<a href="' . $item_data['url'] . '/comments' . (!empty($comment_data['id']) ? '/' . $comment_data['id'] : '') . '">Please click here to return to the Item Comment</a>'; } return false; } if (!$api_user->get('user_email') && !empty($api_result_email['email'])) { $api_user->update('user_email', trim(strtolower($api_result_email['email']))); } $api_user->add_unique_meta('envato_username', $api_result['username']); // if we get this far then we have a successul api result and we should store it so we can use the refresh token at a later date $shub_envato_oauth_id = shub_update_insert('shub_envato_oauth_id', false, 'shub_envato_oauth', array('expire_time' => time() + $token['expires_in'], 'shub_account_id' => $accounts[$account_id]['shub_account_id'], 'shub_user_id' => $api_user->get('shub_user_id'), 'access_token' => $token['access_token'], 'refresh_token' => $token['refresh_token'])); // this also updates their username/email from the API. not sure if that's a good idea. $api_user->update_purchase_history(); // NOTE AT THIS STAGE WE HAVE NOT VERIFIED THAT THE LOGGING IN USER IS INFACT THE USER WHO POSTED THE COMMENT // ANYONE COULD BE LOGGING IN NOW $comment_data = @json_decode($first_comment['data'], true); $account_data = $shub_envato_account->get('account_data'); // todo: THIS WILL FAIL IF THE USER CHANGES THEIR USERNAME. maybe? maybe not? we should refresh the comment from the API serach if a username change is detected. this will load our serialized comment data back into the db so we can confirm new username. if ($comment_data && $api_result && !empty($api_result['username']) && ($account_data && isset($account_data['user']['username']) && $api_result['username'] == $account_data['user']['username'] || $api_user->get('shub_user_id') == $shub_message->get('shub_user_id'))) { //if($comment_data && $api_result && !empty($api_result['username']) && !empty($comment_data['username']) && (($account_data && isset($account_data['user']['username']) && $api_result['username'] == $account_data['user']['username']) || $comment_data['username'] == $api_result['username'])){ SupportHub::getInstance()->log_data(_SUPPORT_HUB_LOG_ERROR, 'envato', 'OAuth Login Success - request extra', 'User ' . $api_result['username'] . ' has logged in to provide extra details'); $comment_user = new SupportHubUser_Envato($shub_message->get('shub_user_id')); $_SESSION['shub_oauth_envato'] = $token; $_SESSION['shub_oauth_envato']['shib_envato_oauth_id'] = $shub_envato_oauth_id; $_SESSION['shub_oauth_envato']['account_id'] = $account_id; $_SESSION['shub_oauth_envato']['message_id'] = $message_id; $_SESSION['shub_oauth_envato']['is_admin'] = $account_data && isset($account_data['user']['username']) && $api_result['username'] == $account_data['user']['username']; $_SESSION['shub_oauth_envato']['expires'] = time() + $token['expires_in']; $_SESSION['shub_oauth_envato']['shub_user_id'] = $comment_user->get('shub_user_id'); ob_start(); if ($_SESSION['shub_oauth_envato']['is_admin']) { echo "<p>You are currently logged in as the Administrator account. You can see all message history.</p>"; } $shub_message->output_message_list(false); return array('message' => ob_get_clean()); } else { SupportHub::getInstance()->log_data(_SUPPORT_HUB_LOG_ERROR, 'envato', 'OAuth Login Fail - Username mismatch', 'User ' . var_export($api_result, true) . ' tried to login and gain access to ticket message ' . $message_id . ': ' . var_export($comment_data, true)); echo "Sorry, unable to verify identity. Please submit a new support message if you require assistance. <br><br> "; $item_data = $shub_message->get('item')->get('item_data'); if ($item_data && $item_data['url']) { echo '<a href="' . $item_data['url'] . '/comments' . (!empty($comment_data['id']) ? '/' . $comment_data['id'] : '') . '">Please click here to return to the Item Comment</a>'; } return false; } } } } else { echo 'Failed to get access token, please try again and report this error.'; //print_r($token); } } else { $login_url = $api->get_authorization_url(); $_SESSION['shub_oauth_doing_envato'] = array('url' => str_replace('&done', '', $_SERVER['REQUEST_URI'])); ?> <p> To continue please login using your Envato account. </p> <a href="<?php echo esc_attr($login_url); ?> " class="submit_button">Login with Envato</a> <?php } } } return false; }
<?php if (!isset($shub_account_id) || !isset($shub_message_id)) { exit; } if ($shub_account_id && $shub_message_id) { $envato = new shub_envato_account($shub_account_id); if ($shub_account_id && $envato->get('shub_account_id') == $shub_account_id) { $envato_message = new shub_message($envato, false, $shub_message_id); $envato_message->output_message_page('popup'); } } if ($shub_account_id && !(int) $shub_message_id) { $envato = new shub_envato_account($shub_account_id); if ($shub_account_id && $envato->get('shub_account_id') == $shub_account_id) { /* @var $groups shub_item[] */ $groups = $envato->get('groups'); //print_r($groups); ?> <form action="" method="post" enctype="multipart/form-data"> <input type="hidden" name="_process" value="send_envato_message"> <?php wp_nonce_field('send-envato' . (int) $envato->get('shub_account_id')); ?> <?php $fieldset_data = array('heading' => array('type' => 'h3', 'title' => 'Compose message'), 'class' => 'tableclass tableclass_form tableclass_full', 'elements' => array('item' => array('title' => __('envato Group', 'support_hub'), 'fields' => array()), 'message' => array('title' => __('message', 'support_hub'), 'field' => array('type' => 'textarea', 'name' => 'message', 'id' => 'envato_compose_message', 'value' => '')), 'type' => array('title' => __('Type', 'support_hub'), 'fields' => array('<input type="radio" name="post_type" id="post_type_wall" value="wall" checked> ', '<label for="post_type_wall">', __('Wall Post', 'support_hub'), '</label>', '<input type="radio" name="post_type" id="post_type_link" value="link"> ', '<label for="post_type_link">', __('Link Post', 'support_hub'), '</label>', '<input type="radio" name="post_type" id="post_type_picture" value="picture"> ', '<label for="post_type_picture">', __('Picture Post', 'support_hub'), '</label>')), 'link' => array('title' => __('Link', 'support_hub'), 'fields' => array(array('type' => 'text', 'name' => 'link', 'id' => 'message_link_url', 'value' => ''), '<div id="envato_link_loading_message"></div>', '<span class="envato-type-link envato-type-option"></span>')), 'link_picture' => array('title' => __('Link Picture', 'support_hub'), 'fields' => array(array('type' => 'text', 'name' => 'link_picture', 'value' => ''), 'Full URL (eg: http://) to the picture to use for this link preview', '<span class="envato-type-link envato-type-option"></span>')), 'link_name' => array('title' => __('Link Title', 'support_hub'), 'fields' => array(array('type' => 'text', 'name' => 'link_name', 'value' => ''), 'Title to use instead of the automatically generated one from the Link page', '<span class="envato-type-link envato-type-option"></span>')), 'link_caption' => array('title' => __('Link Caption', 'support_hub'), 'fields' => array(array('type' => 'text', 'name' => 'link_caption', 'value' => ''), 'Caption to use instead of the automatically generated one from the Link page', '<span class="envato-type-link envato-type-option"></span>')), 'link_description' => array('title' => __('Link Description', 'support_hub'), 'fields' => array(array('type' => 'text', 'name' => 'link_description', 'value' => ''), 'Description to use instead of the automatically generated one from the Link page', '<span class="envato-type-link envato-type-option"></span>')), 'picture' => array('title' => __('Picture', 'support_hub'), 'fields' => array('<input type="file" name="picture" value="">', '<span class="envato-type-picture envato-type-option"></span>')), 'schedule' => array('title' => __('Schedule', 'support_hub'), 'fields' => array(array('type' => 'date', 'name' => 'schedule_date', 'value' => ''), array('type' => 'time', 'name' => 'schedule_time', 'value' => ''), ' ', sprintf(__('Currently: %s', 'support_hub'), date('c')), ' (Leave blank to send now, or pick a date in the future.)')), 'debug' => array('title' => __('Debug', 'support_hub'), 'field' => array('type' => 'check', 'name' => 'debug', 'value' => '1', 'checked' => false, 'help' => 'Show debug output while posting the message')))); foreach ($groups as $item_id => $group) { $fieldset_data['elements']['item']['fields'][] = '<div id="envato_compose_group_select">' . '<input type="checkbox" name="compose_group_id[' . $item_id . ']" value="1" checked> ' . '<img src="//graph.envato.com/' . $item_id . '/picture"> ' . htmlspecialchars($group->get('item_name')) . '</div>'; } echo shub_module_form::generate_fieldset($fieldset_data); ?>
</p> </form> </div> <?php } } } else { // show account overview: $myListTable = new SupportHub_Account_Data_List_Table(); $accounts = $shub_envato->get_accounts(); foreach ($accounts as $account_id => $account) { $a = new shub_envato_account($account['shub_account_id']); $accounts[$account_id]['edit_link'] = $a->link_edit(); $accounts[$account_id]['title'] = $a->get('account_name'); $accounts[$account_id]['last_checked'] = $a->get('last_checked') ? shub_print_date($a->get('last_checked')) : 'N/A'; } $myListTable->set_data($accounts); $myListTable->prepare_items(); ?> <div class="wrap"> <h2> <?php _e('Envato Accounts', 'support_hub'); ?> <a href="?page=<?php echo esc_attr($_GET['page']); ?> &tab=<?php echo esc_attr($_GET['tab']);