<?php require_once '../lib/database.php'; require_once '../lib/memcache.php'; require_once '../lib/url_utils.php'; if ($_GET['response_type'] !== 'code') { throw new Exception('Only code response type supported'); } assert_redirect_allowed($_GET['client_id'], $_GET['redirect_uri']); $app_name = get_app_name($_GET['client_id']); $cancel_uri = addParamsToURL($_GET['redirect_uri'], array('error' => 'access_denied', 'state' => $_GET['state'])); if ($_GET['display'] == 'none') { // This would normally issue a very limited access token that can // only call "import" and nothing else $_POST = $_GET; include_once 'authorize_success.php'; die; } ?> Send all your data to <?php print $app_name; ?> ? <form action="authorize_success" method="POST"> <input type="submit" value="Yes"> <input type="hidden" name="client_id" value="<?php print htmlentities($_GET['client_id']); ?> ">
<?php require_once '../lib/database.php'; require_once '../lib/memcache.php'; require_once '../lib/url_utils.php'; $user_id = get_loggedin_user(); $m = get_memcache(); $code = mt_rand(); $key = 'oauth:code:' . $code; $m->set($key, json_encode(array('user_id' => $user_id, 'client_id' => $_POST['client_id'], 'redirect_uri' => $_POST['redirect_uri'])), 15 * 60); $redirect_uri = addParamsToURL($_POST['redirect_uri'], array('code' => $code, 'state' => $_POST['state'])); header('Location: ' . $redirect_uri);