コード例 #1
0
ファイル: index.php プロジェクト: PaulinaKowalczuk/oc-server3
 public static function call()
 {
     $langpref = isset($_GET['langpref']) ? $_GET['langpref'] : Settings::get('SITELANG');
     $langprefs = explode("|", $langpref);
     # Determine which user is logged in to OC.
     require_once $GLOBALS['rootpath'] . "okapi/lib/oc_session.php";
     $OC_user_id = OCSession::get_user_id();
     if ($OC_user_id == null) {
         $after_login = "******" . ($langpref != Settings::get('SITELANG') ? "?langpref=" . $langpref : "");
         $login_url = Settings::get('SITE_URL') . "login.php?target=" . urlencode($after_login);
         return new OkapiRedirectResponse($login_url);
     }
     # Get the list of authorized apps.
     $rs = Db::query("\n            select c.`key`, c.name, c.url\n            from\n                okapi_consumers c,\n                okapi_authorizations a\n            where\n                a.user_id = '" . mysql_real_escape_string($OC_user_id) . "'\n                and c.`key` = a.consumer_key\n            order by c.name\n        ");
     $vars = array();
     $vars['okapi_base_url'] = Settings::get('SITE_URL') . "okapi/";
     $vars['site_url'] = Settings::get('SITE_URL');
     $vars['site_name'] = Okapi::get_normalized_site_name();
     $vars['site_logo'] = Settings::get('SITE_LOGO');
     $vars['apps'] = array();
     while ($row = mysql_fetch_assoc($rs)) {
         $vars['apps'][] = $row;
     }
     mysql_free_result($rs);
     $response = new OkapiHttpResponse();
     $response->content_type = "text/html; charset=utf-8";
     ob_start();
     Okapi::gettext_domain_init($langprefs);
     include 'index.tpl.php';
     $response->body = ob_get_clean();
     Okapi::gettext_domain_restore();
     return $response;
 }
コード例 #2
0
ファイル: revoke_access.php プロジェクト: kratenko/oc-server3
 public static function call()
 {
     # Determine which user is logged in to OC.
     require_once $GLOBALS['rootpath'] . "okapi/lib/oc_session.php";
     $OC_user_id = OCSession::get_user_id();
     # Ensure a user is logged in.
     if ($OC_user_id == null) {
         $after_login = "******";
         # it is correct, if you're wondering
         $login_url = Settings::get('SITE_URL') . "login.php?target=" . urlencode($after_login);
         return new OkapiRedirectResponse($login_url);
     }
     $consumer_key = isset($_REQUEST['consumer_key']) ? $_REQUEST['consumer_key'] : '';
     # Just remove app (if it doesn't exist - nothing wrong will happen anyway).
     Db::execute("\n            delete from okapi_tokens\n            where\n                user_id = '" . Db::escape_string($OC_user_id) . "'\n                and consumer_key = '" . Db::escape_string($consumer_key) . "'\n        ");
     Db::execute("\n            delete from okapi_authorizations\n            where\n                user_id = '" . Db::escape_string($OC_user_id) . "'\n                and consumer_key = '" . Db::escape_string($consumer_key) . "'\n        ");
     # Redirect back to the apps page.
     return new OkapiRedirectResponse(Settings::get('SITE_URL') . "okapi/apps/");
 }
コード例 #3
0
ファイル: authorize.php プロジェクト: kratenko/oc-server3
 public static function call()
 {
     $token_key = isset($_GET['oauth_token']) ? $_GET['oauth_token'] : '';
     $langpref = isset($_GET['langpref']) ? $_GET['langpref'] : Settings::get('SITELANG');
     $langprefs = explode("|", $langpref);
     $locales = array();
     foreach (Locales::$languages as $lang => $attrs) {
         $locales[$attrs['locale']] = $attrs;
     }
     # Current implementation of the "interactivity" parameter is: If developer
     # wants to "confirm_user", then just log out the current user before we
     # continue.
     $force_relogin = isset($_GET['interactivity']) && $_GET['interactivity'] == 'confirm_user';
     $token = Db::select_row("\n            select\n                t.`key` as `key`,\n                c.`key` as consumer_key,\n                c.name as consumer_name,\n                c.url as consumer_url,\n                t.callback,\n                t.verifier\n            from\n                okapi_consumers c,\n                okapi_tokens t\n            where\n                t.`key` = '" . Db::escape_string($token_key) . "'\n                and t.consumer_key = c.`key`\n                and t.user_id is null\n        ");
     $callback_concat_char = strpos($token['callback'], '?') === false ? "?" : "&";
     if (!$token) {
         # Probably Request Token has expired. This will be usually viewed
         # by the user, who knows nothing on tokens and OAuth. Let's be nice then!
         $vars = array('okapi_base_url' => Settings::get('SITE_URL') . "okapi/", 'token' => $token, 'token_expired' => true, 'site_name' => Okapi::get_normalized_site_name(), 'site_url' => Settings::get('SITE_URL'), 'site_logo' => Settings::get('SITE_LOGO'), 'locales' => $locales);
         $response = new OkapiHttpResponse();
         $response->content_type = "text/html; charset=utf-8";
         ob_start();
         $vars['locale_displayed'] = Okapi::gettext_domain_init($langprefs);
         include 'authorize.tpl.php';
         $response->body = ob_get_clean();
         Okapi::gettext_domain_restore();
         return $response;
     }
     # Determine which user is logged in to OC.
     require_once $GLOBALS['rootpath'] . "okapi/lib/oc_session.php";
     $OC_user_id = OCSession::get_user_id();
     # Ensure a user is logged in (or force re-login).
     if ($force_relogin || $OC_user_id == null) {
         # TODO: confirm_user should first ask the user if he's "the proper one",
         # and then offer to sign in as a different user.
         $login_page = 'login.php?';
         if ($OC_user_id !== null) {
             if (Settings::get('OC_BRANCH') == 'oc.de') {
                 # OCDE login.php?action=logout&target=... will NOT logout and
                 # then redirect to the target, but it will log out, prompt for
                 # login and then redirect to the target after logging in -
                 # that's exactly the relogin that we want.
                 $login_page .= 'action=logout&';
             } else {
                 # OCPL uses REAL MAGIC for session handling. I don't get ANY of it.
                 # The logout.php DOES NOT support the "target" parameter, so we
                 # can't just call it. The only thing that comes to mind is...
                 # Try to destroy EVERYTHING. (This still won't necessarilly work,
                 # because OC may store cookies in separate paths, but hopefully
                 # they won't).
                 if (isset($_SERVER['HTTP_COOKIE'])) {
                     $cookies = explode(';', $_SERVER['HTTP_COOKIE']);
                     foreach ($cookies as $cookie) {
                         $parts = explode('=', $cookie);
                         $name = trim($parts[0]);
                         setcookie($name, '', time() - 1000);
                         setcookie($name, '', time() - 1000, '/');
                         foreach (self::getPossibleCookieDomains() as $domain) {
                             setcookie($name, '', time() - 1000, '/', $domain);
                         }
                     }
                 }
                 # We should be logged out now. Let's login again.
             }
         }
         $after_login = "******" . ($langpref != Settings::get('SITELANG') ? "&langpref=" . $langpref : "");
         $login_url = Settings::get('SITE_URL') . $login_page . "target=" . urlencode($after_login) . "&langpref=" . $langpref;
         return new OkapiRedirectResponse($login_url);
     }
     # Check if this user has already authorized this Consumer. If he did,
     # then we will automatically authorize all subsequent Request Tokens
     # from this Consumer.
     $authorized = Db::select_value("\n            select 1\n            from okapi_authorizations\n            where\n                user_id = '" . Db::escape_string($OC_user_id) . "'\n                and consumer_key = '" . Db::escape_string($token['consumer_key']) . "'\n        ", 0);
     if (!$authorized) {
         if (isset($_POST['authorization_result'])) {
             # Not yet authorized, but user have just submitted the authorization form.
             # WRTODO: CSRF protection
             if ($_POST['authorization_result'] == 'granted') {
                 Db::execute("\n                        insert ignore into okapi_authorizations (consumer_key, user_id)\n                        values (\n                            '" . Db::escape_string($token['consumer_key']) . "',\n                            '" . Db::escape_string($OC_user_id) . "'\n                        );\n                    ");
                 $authorized = true;
             } else {
                 # User denied access. Nothing sensible to do now. Will try to report
                 # back to the Consumer application with an error.
                 if ($token['callback']) {
                     return new OkapiRedirectResponse($token['callback'] . $callback_concat_char . "error=access_denied" . "&oauth_token=" . $token['key']);
                 } else {
                     # Consumer did not provide a callback URL (oauth_callback=oob).
                     # We'll have to redirect to the Opencaching main page then...
                     return new OkapiRedirectResponse(Settings::get('SITE_URL') . "index.php");
                 }
             }
         } else {
             # Not yet authorized. Display an authorization request.
             $vars = array('okapi_base_url' => Settings::get('SITE_URL') . "okapi/", 'token' => $token, 'site_name' => Okapi::get_normalized_site_name(), 'site_url' => Settings::get('SITE_URL'), 'site_logo' => Settings::get('SITE_LOGO'), 'locales' => $locales);
             $response = new OkapiHttpResponse();
             $response->content_type = "text/html; charset=utf-8";
             ob_start();
             $vars['locale_displayed'] = Okapi::gettext_domain_init($langprefs);
             include 'authorize.tpl.php';
             $response->body = ob_get_clean();
             Okapi::gettext_domain_restore();
             return $response;
         }
     }
     # User granted access. Now we can authorize the Request Token.
     Db::execute("\n            update okapi_tokens\n            set user_id = '" . Db::escape_string($OC_user_id) . "'\n            where `key` = '" . Db::escape_string($token_key) . "';\n        ");
     # Redirect to the callback_url.
     if ($token['callback']) {
         return new OkapiRedirectResponse($token['callback'] . $callback_concat_char . "oauth_token=" . $token_key . "&oauth_verifier=" . $token['verifier']);
     } else {
         # Consumer did not provide a callback URL (probably the user is using a desktop
         # or mobile application). We'll just have to display the verifier to the user.
         return new OkapiRedirectResponse(Settings::get('SITE_URL') . "okapi/apps/authorized?oauth_token=" . $token_key . "&oauth_verifier=" . $token['verifier'] . "&langpref=" . $langpref);
     }
 }