<?php

/* Start session and load lib */

if(!isset($_SESSION)){

session_start();

}

include_once('lib/twitese.php');

foreach ($AUTH_ID as &$id) {

$id = strtoupper($id);

}

if (isset($_REQUEST['oauth_token'])) {

if($_SESSION['oauth_token'] !== $_REQUEST['oauth_token']) {

$_SESSION['oauth_status'] = 'oldtoken';

session_destroy();

header('Location: login.php?oauth=old');exit();

}else{

/* Create TwitteroAuth object with app key/secret and token key/secret from default phase */

$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $_SESSION['oauth_token'], $_SESSION['oauth_token_secret']);

/* Request access tokens from twitter */

$access_token = $connection->getAccessToken($_REQUEST['oauth_verifier']);

/* Save the access tokens. Normally these would be saved in a database for future use. */

$_SESSION['access_token'] = $access_token;

/* Remove no longer needed request tokens */

unset($_SESSION['oauth_token']);

unset($_SESSION['oauth_token_secret']);

/* If HTTP response is 200 continue otherwise send to connect page to retry */

if (200 == $connection->http_code) {

/* The user has been verified and the access tokens can be saved for future use */

$_SESSION['login_status'] = 'verified';

$t = getTwitter();

$user = $t->veverify();

if ( ID_AUTH && (!in_array(strtoupper($t->screen_name),$AUTH_ID)) ){

session_destroy();

header("Location: login.php?oauth=denied");exit;

}

/* And set new cookies */

$time = $_SERVER['REQUEST_TIME']+3600*24*365;

setEncryptCookie('oauth_token', $access_token['oauth_token'], $time, '/');

setEncryptCookie('oauth_token_secret', $access_token['oauth_token_secret'], $time, '/');

setcookie('user_id', $access_token['user_id'], $time, '/');

setcookie('name', $t->screen_name, $time, '/');

refreshProfile();

if(!isset($_COOKIE['showpic'])){

setcookie('showpic', 'true', $time, '/');

}

if(!isset($_COOKIE['shownick'])){

setcookie('shownick', 'false', $time, '/');

}

if(!isset($_COOKIE['mediaPre'])){

setcookie('mediaPre', 'true', $time, '/');

}

if(!isset($_COOKIE['loginPage'])) {

header('Location: index.php');exit();

} else {

$scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 'http' : 'https';

$port = $_SERVER['SERVER_PORT'] != 80 ? ':'.$_SERVER['SERVER_PORT'] : '';

$login_page = $scheme . '://' . $_SERVER['HTTP_HOST'] . $port . $_COOKIE['loginPage'];

header('Location: '. $login_page);exit();

}

} else {

session_destroy();

header('Location: login.php?oauth=error');exit();

}

}

}else{

/* Create TwitterOAuth object and get request token */

$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);

/* Get callback URL */

$scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 'http' : 'https';

$port = $_SERVER['SERVER_PORT'] != 80 ? ':'.$_SERVER['SERVER_PORT'] : '';

$oauth_callback = $scheme . '://' . $_SERVER['HTTP_HOST'] . $port . $_SERVER['REQUEST_URI'];

/* Get request token */

$request_token = $connection->getRequestToken($oauth_callback);

/* Save request token to session */

$_SESSION['oauth_token'] = $token = $request_token['oauth_token'];

$_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];

/* If last connection fails don't display authorization link */

switch ($connection->http_code) {

case 200:

$time = $_SERVER['REQUEST_TIME']+3600*24*365;

$url = $connection->getAuthorizeURL($token);

if ( isset($_POST['proxify']) ) {

$raw= processCurl($url);

$formpreg = '/(<form( \w+=\"[^"]*\")* action=\")[^"]*(\"( \w+=\"[^"]*\")*>)/';

$new = preg_replace($formpreg, '\1authorize.php\3',$raw);

$new = str_replace('html { display:none; }','.error,a.sign-up,input[name="deny"]{display:none !important;}',$new);

$new = preg_replace('/https?:\/\/\w+([0-9])\.twimg\.com/i','https://s3.amazonaws.com/twitter_production',$new);

echo $new;

} //OAuth Proxy End

else {

header('Location: ' . $url);

}

break;

default:

header('Location: error.php?t=1');exit();

break;

}

}

?>