/** * Sets the nonce cookie then redirects to Sopresto. * * @return void */ public function action_authorize() { $proxy = apply_filters('social_authorize_url', Social::$api_url . $this->request->query('key') . '/authorize/', $this->request->query('key')); if (strpos($proxy, Social::$api_url) !== false) { $salt = $this->auth_nonce_salt(); $id = Social::wp39_create_nonce($this->auth_nonce_key($salt)); $url = home_url('index.php'); $args = array('social_controller' => 'auth', 'social_action' => 'authorized', 'salt' => $salt); if (is_admin()) { $args['is_admin'] = 'true'; $args['user_id'] = get_current_user_id(); if (defined('IS_PROFILE_PAGE')) { $args['personal'] = 'true'; $url = add_query_arg('personal', 'true', $url); } } else { $post_id = $this->request->query('post_id'); if ($post_id !== null) { $args['p'] = $post_id; } // Set the nonce cookie setcookie('social_auth_nonce', $id, 0, '/'); } $proxy = add_query_arg(array('v' => '2', 'id' => $id, 'response_url' => urlencode(add_query_arg($args, $url))), $proxy); $proxy = apply_filters('social_proxy_url', $proxy); } nocache_headers(); Social::log('Authorizing with URL: ' . $proxy); wp_redirect($proxy); exit; }
/** * Retrieve URL with nonce added to URL query using Social::wp39_create_nonce() * instead of Social::wp_create_nonce() * * @param string $actionurl URL to add nonce action. * @param string $action Optional. Nonce action name. Default -1. * @param string $name Optional. Nonce name. Default '_wpnonce'. * @return string Escaped URL with nonce action added. */ public static function wp39_nonce_url($actionurl, $action = -1, $name = '_wpnonce') { $actionurl = str_replace('&', '&', $actionurl); return esc_html(add_query_arg($name, Social::wp39_create_nonce($action), $actionurl)); }