global $user; $snow_form = true; $this->load_template('header_oauth.php'); if (isset($_GET['oauth_token']) && $_GET['oauth_token'] != '') { require_once $C->INCPATH . 'classes/class_oauth.php'; $oauth_client = new OAuth($_GET['oauth_token']); } else { echo 'Missing request token.'; $snow_form = false; } if (isset($_POST['submit'])) { $oauth_client->set_variable('consumer_key', $oauth_client->get_field_in_table('oauth_request_token', 'consumer_key', 'request_token', $_GET['oauth_token'])); $err = true; if ($_POST['submit'] == 'Deny') { $app_name = $oauth_client->get_field_in_table('applications', 'name', 'app_id', $oauth_client->get_value_in_consumer_key('app_id')); ?> <p style='margin-bottom: 50px; width: auto; text-align: center;'> You've denied <b><?php echo $app_name; ?> </b> access to interact with your account! </p> <?php } elseif ($_POST['submit'] == 'Allow') { $err = false; $user_id = $user->id; } elseif ($_POST['submit'] == 'Submit') { $user->logout(); $user->login($_POST['email'], md5($_POST['password'])); if (!$user->is_logged) {
if ($_SERVER['REQUEST_METHOD'] != 'POST' || !is_valid_data_format($api_session->format, TRUE)) { if (!isset($_REQUEST['suppress_response_codes'])) { header('HTTP/1.1 400 Bad Request'); } else { echo generate_error('xml', 'This method requires a POST.', $_SERVER['REQUEST_URI'], $api_session->callback); } exit; } elseif (!$api_session->oauth_status && !$api_session->bauth_status) { if (!isset($_POST['suppress_response_codes'])) { header('HTTP/1.1 401 Unauthorized'); } else { echo generate_error($api_session->format, 'OAuth otorization problem: ' . $api_session->oauth_error, $_SERVER['REQUEST_URI'], $api_session->callback); } exit; } elseif ($api_session->oauth_status) { $app_id = $oauth_client->get_value_in_consumer_key('app_id'); if (!$oauth_client->check_access_type('rw')) { if (!isset($_POST['suppress_response_codes'])) { header('HTTP/1.1 403 Forbidden'); } else { echo generate_error($api_session->format, 'You have no permission for this action.', $_SERVER['REQUEST_URI'], $api_session->callback); } exit; } } elseif ($api_session->bauth_status) { if (isset($_POST['source'])) { $app_id = detect_app($_POST['source']); } else { $app_id = detect_app(); } if (!is_numeric($app_id)) {