function api_keys_utils_get_from_url($more = array()) { $defaults = array('allow_disabled' => 0, 'ensure_isown' => 1); $more = array_merge($defaults, $more); $api_key = request_str("api_key"); # OAuth2 section 2.2 ... if (!$api_key) { $api_key = request_str("client_id"); } if (!$api_key) { error_404(); } $key_row = api_keys_get_by_key($api_key); if (!$key_row) { error_404(); } if ($key_row['deleted']) { error_410(); } if ($more['ensure_isown']) { if ($key_row['user_id'] != $GLOBALS['cfg']['user']['id']) { error_403(); } } if (!$more['allow_disabled']) { if ($key_row['disabled']) { error_403(); } } return $key_row; }
loadlib("foursquare_users"); $fsq_id = get_int32("foursquare_id"); if (!$fsq_id) { error_404(); } $history_url = "user/{$fsq_id}/history/"; login_ensure_loggedin($history_url); $fsq_user = foursquare_users_get_by_foursquare_id($fsq_id); if (!$fsq_user) { error_404(); } $owner = users_get_by_id($fsq_user['user_id']); $is_own = $owner['id'] == $GLOBALS['cfg']['user']['id'] ? 1 : 0; # for now... if (!$is_own) { error_403(); } $more = array(); if ($page = get_int32("page")) { $more['page'] = $page; } if ($when = get_str("when")) { $more['when'] = $when; $history_url .= urlencode($when) . "/"; # TO DO: find some better heuristic for this number # besides "pull it out of my ass" (20120206/straup) $more['per_page'] = 100; } $more['inflate_locality'] = 1; $rsp = privatesquare_checkins_for_user($owner, $more); # TO DO: oh god...timezones :-(
/** * Testing for setup * @global array $profile */ function test_mode() { global $profile, $p, $g; if ($profile['allow_test'] != true) { error_403(); } @ini_set('max_execution_time', 180); $test_expire = time() + 120; $test_ss_enc = 'W7hvmld2yEYdDb0fHfSkKhQX+PM='; $test_ss = base64_decode($test_ss_enc); $test_token = "alpha:bravo\ncharlie:delta\necho:foxtrot"; $test_server_private = '11263846781670293092494395517924811173145217135753406847875706165886322533899689335716152496005807017390233667003995430954419468996805220211293016296351031812246187748601293733816011832462964410766956326501185504714561648498549481477143603650090931135412673422192550825523386522507656442905243832471167330268'; $test_client_public = base64_decode('AL63zqI5a5p8HdXZF5hFu8p+P9GOb816HcHuvNOhqrgkKdA3fO4XEzmldlb37nv3+xqMBgWj6gxT7vfuFerEZLBvuWyVvR7IOGZmx0BAByoq3fxYd3Fpe2Coxngs015vK37otmH8e83YyyGo5Qua/NAf13yz1PVuJ5Ctk7E+YdVc'); $res = array(); // bcmath $res['bcmath'] = extension_loaded('bcmath') ? 'pass' : 'warn - not loaded'; // gmp if ($profile['allow_gmp']) { $res['gmp'] = extension_loaded('gmp') ? 'pass' : 'warn - not loaded'; } else { $res['gmp'] = 'pass - n/a'; } // get_temp_dir $res['logfile'] = is_writable($profile['logfile']) ? 'pass' : "warn - log is not writable"; // session & new_assoc user_session(); list($test_assoc, $test_new_ss) = new_assoc($test_expire); $res['session'] = $test_assoc != session_id() ? 'pass' : 'fail'; // secret @session_unregister('shared_secret'); list($check, $check2) = secret($test_assoc); $res['secret'] = $check == $test_new_ss ? 'pass' : 'fail'; // expire $res['expire'] = $check2 <= $test_expire ? 'pass' : 'fail'; // base64 $res['base64'] = base64_encode($test_ss) == $test_ss_enc ? 'pass' : 'fail'; // hmac $test_sig = base64_decode('/VXgHvZAOdoz/OTa5+XJXzSGhjs='); $check = hmac($test_ss, $test_token); $res['hmac'] = $check == $test_sig ? 'pass' : sprintf("fail - '%s'", base64_encode($check)); if ($profile['use_bigmath']) { // bigmath powmod $test_server_public = '102773334773637418574009974502372885384288396853657336911033649141556441102566075470916498748591002884433213640712303846640842555822818660704173387461364443541327856226098159843042567251113889701110175072389560896826887426539315893475252988846151505416694218615764823146765717947374855806613410142231092856731'; $check = bmpowmod($g, $test_server_private, $p); $res['bmpowmod-1'] = $check == $test_server_public ? 'pass' : sprintf("fail - '%s'", $check); // long $test_client_long = '133926731803116519408547886573524294471756220428015419404483437186057383311250738749035616354107518232016420809434801736658109316293127101479053449990587221774635063166689561125137927607200322073086097478667514042144489248048756916881344442393090205172004842481037581607299263456852036730858519133859409417564'; $res['long'] = long($test_client_public) == $test_client_long ? 'pass' : 'fail'; // bigmath powmod 2 $test_client_share = '19333275433742428703546496981182797556056709274486796259858099992516081822015362253491867310832140733686713353304595602619444380387600756677924791671971324290032515367930532292542300647858206600215875069588627551090223949962823532134061941805446571307168890255137575975911397744471376862555181588554632928402'; $check = bmpowmod($test_client_long, $test_server_private, $p); $res['bmpowmod-2'] = $check == $test_client_share ? 'pass' : sprintf("fail - '%s'", $check); // bin $test_client_mac_s1 = base64_decode('G4gQQkYM6QmAzhKbVKSBahFesPL0nL3F2MREVwEtnVRRYI0ifl9zmPklwTcvURt3QTiGBd+9Dn3ESLk5qka6IO5xnILcIoBT8nnGVPiOZvTygfuzKp4tQ2mXuIATJoa7oXRGmBWtlSdFapH5Zt6NJj4B83XF/jzZiRwdYuK4HJI='); $check = bin($test_client_share); $res['bin'] = $check == $test_client_mac_s1 ? 'pass' : sprintf("fail - '%s'", base64_encode($check)); } else { $res['bigmath'] = 'fail - big math functions are not available.'; } // sha1_20 $test_client_mac_s1 = base64_decode('G4gQQkYM6QmAzhKbVKSBahFesPL0nL3F2MREVwEtnVRRYI0ifl9zmPklwTcvURt3QTiGBd+9Dn3ESLk5qka6IO5xnILcIoBT8nnGVPiOZvTygfuzKp4tQ2mXuIATJoa7oXRGmBWtlSdFapH5Zt6NJj4B83XF/jzZiRwdYuK4HJI='); $test_client_mac_s2 = base64_decode('0Mb2t9d/HvAZyuhbARJPYdx3+v4='); $check = sha1_20($test_client_mac_s1); $res['sha1_20'] = $check == $test_client_mac_s2 ? 'pass' : sprintf("fail - '%s'", base64_encode($check)); // x_or $test_client_mac_s3 = base64_decode('i36ZLYAJ1rYEx1VEHObrS8hgAg0='); $check = x_or($test_client_mac_s2, $test_ss); $res['x_or'] = $check == $test_client_mac_s3 ? 'pass' : sprintf("fail - '%s'", base64_encode($check)); $out = "<table border=1 cellpadding=4>\n"; foreach ($res as $test => $stat) { $code = substr($stat, 0, 4); $color = $code == 'pass' ? '#9f9' : ($code == 'warn' ? '#ff9' : '#f99'); $out .= sprintf("<tr><th>%s</th><td style='background:%s'>%s</td></tr>\n", $test, $color, $stat); } $out .= "</table>"; wrap_html($out); }