$api_session->resource_option = isset($uri[1]) ? $uri[1] : false; unset($uri); $api_session->not_in_groups = ''; $api_session->oauth_status = false; $api_session->rate_status = false; $api_session->bauth_status = false; $api_session->available_resources = array('ids'); $api_session->oauth_error = ''; if (($auth = prepare_request()) || ($auth = prepare_header())) { if (isset($auth['oauth_version']) && $auth['oauth_version'] != '1.0') { $api_session->oauth_error = 'Not supported OAuth version'; } elseif (isset($auth['oauth_consumer_key'], $auth['oauth_nonce'], $auth['oauth_token'], $auth['oauth_signature_method'], $auth['oauth_signature'], $auth['oauth_timestamp'])) { $ares = isset($api_session->resource_option) ? '/' . $api_session->resource_option : ''; $resource = isset($api_session->resource) ? 'favorites/' . $api_session->resource . $ares : 'favorites'; $oauth_client = new OAuth($auth['oauth_consumer_key'], $auth['oauth_nonce'], $auth['oauth_token'], $auth['oauth_timestamp'], $auth['oauth_signature']); $oauth_client->set_variable('stage_url', $C->SITE_URL . '1/' . $resource . '.' . $api_session->format); if (isset($auth['oauth_version'])) { $oauth_client->set_variable('version', '1.0'); } if ($oauth_client->is_valid_get_resource_request()) { if ($auth['oauth_signature_method'] != 'HMAC-SHA1') { $api_session->oauth_error = 'Unsupported signature method'; } elseif (!$oauth_client->decrypt_hmac_sha1()) { $api_session->oauth_error = 'Invalid signature'; } else { //success $id = $oauth_client->get_user_id(urldecode($auth['oauth_token'])); $u = $this->network->get_user_by_id($id); if ($u) { $api_session->oauth_status = true; $user->is_logged = true;
<?php global $user; $snow_form = true; $this->load_template('header_oauth.php'); if (isset($_GET['oauth_token']) && $_GET['oauth_token'] != '') { require_once $C->INCPATH . 'classes/class_oauth.php'; $oauth_client = new OAuth($_GET['oauth_token']); } else { echo 'Missing request token.'; $snow_form = false; } if (isset($_POST['submit'])) { $oauth_client->set_variable('consumer_key', $oauth_client->get_field_in_table('oauth_request_token', 'consumer_key', 'request_token', $_GET['oauth_token'])); $err = true; if ($_POST['submit'] == 'Deny') { $app_name = $oauth_client->get_field_in_table('applications', 'name', 'app_id', $oauth_client->get_value_in_consumer_key('app_id')); ?> <p style='margin-bottom: 50px; width: auto; text-align: center;'> You've denied <b><?php echo $app_name; ?> </b> access to interact with your account! </p> <?php } elseif ($_POST['submit'] == 'Allow') { $err = false; $user_id = $user->id; } elseif ($_POST['submit'] == 'Submit') { $user->logout(); $user->login($_POST['email'], md5($_POST['password']));
<?php require_once $C->INCPATH . 'helpers/func_api.php'; if ($_SERVER['REQUEST_METHOD'] != 'GET' && $_SERVER['REQUEST_METHOD'] != 'POST') { echo 'Invalid request method.'; exit; } elseif (isset($_REQUEST['oauth_version']) && $_REQUEST['oauth_version'] != '1.0') { echo 'Invalid OAuth version.'; exit; } if (isset($_REQUEST['oauth_consumer_key'], $_REQUEST['oauth_nonce'], $_REQUEST['oauth_signature_method'], $_REQUEST['oauth_signature'], $_REQUEST['oauth_timestamp']) && $_REQUEST['oauth_signature_method'] != '') { require_once $C->INCPATH . 'classes/class_oauth.php'; $oauth_client = new OAuth($_REQUEST['oauth_consumer_key'], $_REQUEST['oauth_nonce'], $_REQUEST['oauth_signature'], $_REQUEST['oauth_timestamp']); if (isset($_REQUEST['oauth_version'])) { $oauth_client->set_variable('version', '1.0'); } if ($oauth_client->is_valid_consumer_key() && $oauth_client->is_valid_nonce() && $oauth_client->is_valid_timestamp() && strtolower(urldecode($_REQUEST['oauth_signature_method'])) == 'hmac-sha1' && $oauth_client->decrypt_hmac_sha1() && $oauth_client->is_valid_application()) { $oauth_client->set_variable('token_secret', $oauth_client->generate_random_value()); $oauth_client->set_variable('request_token', $oauth_client->generate_request_token()); if ($oauth_client->set_request_table()) { echo 'oauth_token_secret=' . $oauth_client->get_variable('token_secret'); echo '&oauth_token=' . $oauth_client->get_variable('request_token') . '&oauth_callback_confirmed=true'; } else { echo $oauth_client->get_variable('error_msg'); exit; } } else { echo $oauth_client->there_is_error() ? $oauth_client->get_variable('error_msg') : 'Invalid signature method'; exit; } } else {
<?php if ($_SERVER['REQUEST_METHOD'] != 'GET' && $_SERVER['REQUEST_METHOD'] != 'POST') { echo 'Invalid request method.'; exit; } elseif (isset($_REQUEST['oauth_version']) && $_REQUEST['oauth_version'] != '1.0') { echo 'Not supported oauth version.'; exit; } if (isset($_REQUEST['oauth_consumer_key'], $_REQUEST['oauth_nonce'], $_REQUEST['oauth_signature_method'], $_REQUEST['oauth_signature'], $_REQUEST['oauth_timestamp'], $_REQUEST['oauth_token'], $_REQUEST['oauth_verifier'])) { require_once $C->INCPATH . 'classes/class_oauth.php'; $oauth_client = new OAuth($_REQUEST['oauth_consumer_key'], $_REQUEST['oauth_nonce'], $_REQUEST['oauth_signature'], $_REQUEST['oauth_timestamp'], $_REQUEST['oauth_token'], $_REQUEST['oauth_verifier']); if (isset($_REQUEST['oauth_version'])) { $oauth_client->set_variable('version', '1.0'); } if ($oauth_client->is_valid_access_token_request() && strtolower(urldecode($_REQUEST['oauth_signature_method'])) == 'hmac-sha1' && $oauth_client->decrypt_hmac_sha1()) { $oauth_client->set_variable('access_token', $oauth_client->generate_access_token()); $oauth_client->set_variable('user_id', $oauth_client->get_field_in_table('oauth_request_token', 'user_id', 'request_token', $_REQUEST['oauth_token'])); if ($oauth_client->set_access_table() && $oauth_client->delete_row_in_table('oauth_request_token', 'request_token', $oauth_client->get_variable('request_token'))) { echo 'oauth_token_secret=' . urlencode($oauth_client->get_variable('token_secret')); echo '&oauth_token=' . urlencode($oauth_client->get_variable('access_token')); } else { echo $oauth_client->get_variable('error_msg'); exit; } } else { echo $oauth_client->there_is_error() ? $oauth_client->get_variable('error_msg') : 'Invalid signature method'; exit; } } else { echo 'Missing OAuth parameters.';