* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is furnished
* to do so, subject to the following conditions:
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
* INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
* PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
* HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
* OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
require_once 'runtime.php';
foreach ($_SESSION as $k => $v) {
sess($k, null);
}
if (isset($i_next)) {
sess('next', $i_next);
} elseif (isMethod('GET') && isset($_SERVER['HTTP_REFERER'])) {
sess('next', $_SERVER['HTTP_REFERER']);
}
if (isSess('next')) {
$next = sess('next', null);
$next = str_replace('https://', 'http://', $next);
header('Location: ' . $next);
} else {
header('Location: /');
}
exit;
if (isset($i_provider)) {
header('Location: ' . REQUEST_BASE . '/rp_auth' . newQSA());
exit;
}
if (isset($i_display) && $i_display == 'popup') {
$next = newQSA(array('display' => NULL));
echo "<script>opener.document.location = '{$next}';window.close();</script>";
} elseif (isset($i_id) && $i_id == 'facebook' && isset($i_session)) {
$i_session = str_replace('\\', '', $i_session);
$session = json_decode($i_session, true);
if (isset($session['access_token'])) {
$q = json_decode(file_get_contents('https://graph.facebook.com/me?fields=id,name,picture,link,username,email&access_token=' . $session['access_token']), true);
if (isset($q['id'])) {
sess('f:id', $q['id']);
sess('f:access_expires', $session['expires']);
sess('f:access_token', $session['access_token']);
sess('u:name', $q['name']);
sess('u:link', $q['link']);
$q['id'] = 'https://graph.facebook.com/' . $q['id'];
sess('u:id', $q['id']);
}
}
header('Location: ' . REQUEST_BASE . '/login');
} elseif (isSess('next')) {
$next = sess('next', null);
header('Location: ' . $next);
} elseif ($_user) {
header('Location: ' . REQUEST_BASE . '/');
} else {
require_once '401.php';
}
}
if (in_array($k, array('open'))) {
continue;
}
if (isset($_options->{$k})) {
$_options->{$k} = $v;
}
}
}
}
# ensure user props
if (sess('u:id')) {
if (!isSess('u:link')) {
sess('u:link', $_user);
}
if (!isSess('u:name')) {
$_user_name = basename($_user);
$c = strpos($_user_name, ':');
if ($c > 0) {
$_user_name = substr($_user_name, $c + 1);
}
sess('u:name', $_user_name);
}
}
header("User: {$_user}");
// HTTP Access Control
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
header('Access-Control-Allow-Headers: ' . $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']);
}
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) {
header('Access-Control-Allow-Methods: ' . $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']);
function sess($id, $val = NULL)
{
if (func_num_args() == 1) {
return isSess($id) ? $_SESSION[$id] : NULL;
} elseif (is_null($val)) {
$r = isset($_SESSION[$id]) ? $_SESSION[$id] : null;
unset($_SESSION[$id]);
return $r;
} else {
$prev = sess($id);
$_SESSION[$id] = $val;
return $prev;
}
}
