function mx_actionurl($page = 'main', $option = '', $action = '', $section = '', $redir = '', $site = null, $other = '', $nofacebook = false)
{
switch ($site) {
case 'prod':
$host = 'http://www.example.com';
break;
case 'normal':
$host = mx_option('basicsiteurl');
break;
case 'secure':
$host = mx_option('secure_siteurl');
break;
default:
$host = mx_option('siteurl');
}
// --- stay in canvas or facebook page mode
if (!$nofacebook) {
if ($_GET['canvas']) {
$other .= ($other ? '&' : '') . 'canvas=1';
}
if ($_GET['fbp']) {
$other .= ($other ? '&' : '') . 'fbp=1';
}
if ($_REQUEST['signed_request']) {
$other .= ($other ? '&' : '') . 'signed_request=' . $_REQUEST['signed_request'];
}
}
$r = mx_secureredir(urldecode($_GET['r']));
//error_log('actionurl: redir='.$redir.' r='.$r.' other='.$other);
$i = mx_secureword($_GET['i']);
if ($r && !$redir && ($option == 'signin' || $option == 'register')) {
$redir = $r;
}
if ($i && strpos($other, 'i=') === false && ($option == 'signin' || $option == 'register')) {
$other .= ($other ? '&' : '') . 'i=' . $i;
}
// ---
$str = $host . '/' . $page;
if ($option) {
$str .= '/' . $option;
}
$qr = '';
if ($action) {
$qr .= 'a=' . $action;
}
if ($section) {
$qr .= ($qr ? '&' : '') . 'k=' . $section;
}
if ($redir) {
$qr .= ($qr ? '&' : '') . 'r=' . urlencode($redir);
}
//return mx_option('siteurl').'/index.php?p='.$page.'&o='.$option.'&a='.$action.'&k='.$section;
if ($other) {
$qr .= ($qr ? '&' : '') . $other;
}
if ($qr) {
$str .= '?' . $qr;
}
return $str;
}
function mx_cksignin($page, $option, $action)
{
global $me, $mxuser, $mxsession, $signerrors;
/*if ($mxuser->id) {
//die();
header('Location: '.mx_actionurl($page,$option,'ok'));
}*/
//die('page='.$page.' option='.$option.' action='.$action.'<br/>REQUESTS: '.print_r($_REQUEST,true));
$signerrors = array();
$redir = mx_secureredir(urldecode($_REQUEST['r']));
//error_log('signin: action='.$action);
//mx_checkfblogin(false);
if ($action == 'register') {
mx_ckregister($page, 'register', $action);
return;
} else {
if ($action == 'signin') {
// check login data
$login = $_POST['email'];
$pwd = $_POST['password'];
if ($_POST['captcha']) {
require_once 'ext_includes/recaptchalib.php';
$resp = recaptcha_check_answer(MX_RECAPTCHA_PRIVATE, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
$signerrors['captcha'] = _("ReCaptcha incorrect.<br/>Please try again");
}
}
if (!$signerrors['captcha'] && $mxuser->checklogin($login, $pwd)) {
mx_setsession($mxuser, time());
header('Location: ' . mx_actionurl_normal($page, $option, 'ok', '', $redir));
} else {
if (!$signerrors['captcha']) {
$signerrors = array('email' => _('Wrong credentials...'), 'password' => _('...or wrong password.'));
}
}
} else {
if ($action == 'fb') {
mx_checkfblogin(false);
$cruser = mx_checkfbuser(false);
if ($cruser == 1) {
$mxuser = new MXUser();
} else {
header('Location: ' . mx_actionurl_normal('account', 'register', 'fb'));
}
/*else if (mx_checkfbuser(true)==2) {
error_log(print_r($mxuser,true));
header('Location: '.mx_actionurl('account','setup','setup_0'));
} */
/* else {
header('Location: '.mx_actionurl_normal('account','register','','',($redir?(':'.$redir):'')));
}*/
} else {
if ($action == 'forgot') {
$login = $_POST['email'];
if (!$login) {
$signerrors = array('email' => _('Please inform your email or username' . ' (Have you tried signing in using Facebook?)'));
} else {
$signerrors = $mxuser->lostpassword($login);
}
} else {
if ($action == 'confirmation') {
$confirmcode = mx_secureword($_REQUEST['c']);
$mxuser->checkconfirm($confirmcode);
if ($mxuser->id) {
mx_setsession($mxuser, time());
} else {
$signerrors = array('email' => _('The password recovery link you\'re using is no more valid.' . ' If you requested twice, check the most recent email you received.'));
}
return;
} else {
if ($action == 'update') {
$postfld = $_POST['new_password'];
$chkconf = $_POST['conf_password'];
if ($chkconf != $postfld) {
$signerrors = array('password' => _('Password confirmation does not match new password.'));
} else {
if (!$postfld) {
$signerrors = array('password' => _('Password cannot be left blank.'));
} else {
$signerrors = array();
$mxuser->setoption('pwdhash', hash('sha256', $_POST['new_password']));
mx_setsession($mxuser, time());
}
}
return;
}
}
}
}
}
}
/* else {
mx_checkfblogin(false);
if (mx_checkfbuser(false)==1) {
$mxuser=new MXUser();
}
else $me=null;
//if ($me) die('FB logged');
}*/
if ($mxuser->id) {
mx_fbaction('use?website=' . mx_pageurl('main'));
}
if ($mxuser->id && $redir) {
//$action=='redirect') {
preg_match_all('%([^,]*),?%', $redir, $aredir);
//error_log('signin/redir: '.$redir.' - '.print_r($aredir,true));
if ($aredir && $aredir[1][0]) {
header('location: ' . mx_actionurl($aredir[1][0], $aredir[1][1], $aredir[1][2], $aredir[1][3], '', $_SERVER['HTTPS'] ? 'secure' : 'normal', $aredir[1][4]));
}
return;
}
/*if ($mxuser->id && array_key_exists('HTTPS',$_SERVER)) {
header('Location: '.mx_actionurl_normal($page,$option,'ok'.($redir?(':'.$redir):'')));
return;
}*/
// define account if not done...
if ($mxuser->id) {
if (!$mxuser->acctype) {
header('location: ' . mx_optionurl('account', 'setup'));
}
header('location: ' . mx_actionurl('main', '', 'signed'));
}
//error_log('hello!');
//die(phpinfo());
}
function mx_FBinit()
{
global $FBsession, $facebook;
$page = mx_secureword($_GET['p']);
$option = mx_secureword($_GET['o']);
$action = mx_secureword($_REQUEST['a']);
$section = mx_secureword($_REQUEST['k']);
$invite = mx_secureword($_GET['i']);
$redir = mx_secureredir(urldecode($_GET['r']));
?>
<div id="fb-root"></div>
<script>
window.fbAsyncInit = function() {
FB.init({
appId : '<?php
echo $facebook->getAppId();
?>
',
//session : <?php
echo json_encode($FBsession);
?>
, // don't refetch the session when PHP already has it
channelURL : '<?php
echo mx_option('siteurl') . '/fb-channel.php';
?>
',
status : false, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true, // parse XFBML
oauth : true
});
FB.Event.subscribe('auth.statusChange', function(response) {
//FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
//alert('Connected!');
<?php
if ($option == 'signin' || $option == 'register') {
echo 'blackout(\'' . _('Signing you in<br/>using Facebook') . '\'); window.location=\'' . mx_actionurl($page, $option, 'fb', '', $redir) . '\';';
} else {
//echo 'blackout(\''._('Signing you in<br/>using Facebook').'\'); window.location=\''.mx_loginfbredirecturl($page,$option,$action,$section).($invite?('&i='.$invite):'').'\';';
}
?>
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
// but has not authenticated your app
} else {
// the user isn't logged in to Facebook.
}
});
FB.Event.subscribe('auth.authResponseChange', function(response) {
if (response.status=='connected') {
<?php
if ($option == 'signin' || $option == 'register') {
echo 'blackout(\'' . _('Signing you in<br/>using Facebook') . '\'); window.location=\'' . mx_actionurl($page, $option, 'fb', '', $redir) . '\';';
} else {
//echo 'blackout(\''._('Signing you in<br/>using Facebook').'\'); window.location=\''.mx_loginfbredirecturl($page,$option,$action,$section).($invite?('&i='.$invite):'').'\';';
}
?>
} else {
window.location='<?php
echo mx_actionurl($page, $option, $action);
?>
';
//alert('status='+response.status);
//window.location.reload();
}
});
FB.Event.subscribe('edge.create',
function(response) {
if (response.indexOf('artists/artprof')>0) {
art=response.substr(response.lastIndexOf('a=')+2);
iconclick('il_'+art,'','');
}
}
);
FB.Event.subscribe('edge.remove',
function(response) {
if (response.indexOf('artists/artprof')>0) {
art=response.substr(response.lastIndexOf('a=')+2);
iconclick('nl_'+art,'','');
}
}
);
<?php
if ($_GET['canvas'] || $_GET['fbp']) {
// resize FB Canvas
?>
var psize=new Object;
psize.width=$(document).width();
psize.height=$(document).height();
FB.Canvas.setSize(psize);
FB.Canvas.setAutoGrow(1000);
<?php
}
?>
};
(function(d){
var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
d.getElementsByTagName('head')[0].appendChild(js);
}(document));
//(function() {
// var e = document.createElement('script');
// e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js';
// e.async = true;
// document.getElementById('fb-root').appendChild(e);
//}());
function addToPage() {
// calling the API ...
var obj = {
method: 'pagetab'
//redirect_uri: '<?php
echo mx_optionurl($page, $option);
?>
',
};
FB.ui(obj);
}
</script>
<?php
}
