/** * Check querystring variables */ function the_champ_connect() { global $theChampLoginOptions; // verify email if (isset($_GET['SuperSocializerKey']) && ($verificationKey = trim(esc_attr($_GET['SuperSocializerKey']))) != '') { $users = get_users('meta_key=thechamp_key&meta_value=' . $verificationKey); if (count($users) > 0 && isset($users[0]->ID)) { delete_user_meta($users[0]->ID, 'thechamp_key'); // update password and send email $password = wp_generate_password(); wp_update_user(array('ID' => $users[0]->ID, 'user_pass' => $password)); the_champ_password_email($users[0]->ID, $password); wp_redirect(home_url() . '?SuperSocializerVerified=1'); die; } } // Instagram auth if (isset($_GET['SuperSocializerInstaToken']) && $_GET['SuperSocializerInstaToken'] != '') { $instaAuthUrl = 'https://api.instagram.com/v1/users/self?access_token=' . trim(esc_attr($_GET['SuperSocializerInstaToken'])); $response = wp_remote_get($instaAuthUrl, array('timeout' => 15)); if (!is_wp_error($response) && isset($response['response']['code']) && 200 === $response['response']['code']) { $body = json_decode(wp_remote_retrieve_body($response)); if (is_object($body->data) && isset($body->data) && isset($body->data->id)) { $redirection = isset($_GET['super_socializer_redirect_to']) && $_GET['super_socializer_redirect_to'] != '' ? esc_attr($_GET['super_socializer_redirect_to']) : ''; $response = the_champ_user_auth($body->data, 'instagram', $redirection); if (is_array($response) && isset($response['message']) && $response['message'] == 'register' && (!isset($response['url']) || $response['url'] == '')) { $redirectTo = esc_attr(the_champ_get_login_redirection_url($redirection, true)); } elseif (isset($response['message']) && $response['message'] == 'linked') { $redirectTo = $redirection . (strpos($redirection, '?') !== false ? '&' : '?') . 'linked=1'; } elseif (isset($response['message']) && $response['message'] == 'not linked') { $redirectTo = $redirection . (strpos($redirection, '?') !== false ? '&' : '?') . 'linked=0'; } elseif (isset($response['url']) && $response['url'] != '') { $redirectTo = $response['url']; } else { $redirectTo = esc_attr(the_champ_get_login_redirection_url($redirection)); } the_champ_close_login_popup($redirectTo); } } } // send request to Xing if (isset($_GET['SuperSocializerAuth']) && $_GET['SuperSocializerAuth'] == 'Xing') { session_start(); if (!isset($_GET['oauth_token']) && isset($_SESSION['OAUTH_ACCESS_TOKEN'])) { unset($_SESSION['OAUTH_ACCESS_TOKEN']); } if (isset($theChampLoginOptions['xing_ck']) && $theChampLoginOptions['xing_ck'] != '' && isset($theChampLoginOptions['xing_cs']) && $theChampLoginOptions['xing_cs'] != '') { $xingClient = new oauth_client_class(); $xingClient->debug = 0; $xingClient->debug_http = 1; $xingClient->server = 'XING'; $xingClient->redirect_uri = site_url() . '/index.php?SuperSocializerAuth=Xing&super_socializer_redirect_to=' . esc_attr(str_replace(array('http://', 'https://'), '', urldecode($_GET['super_socializer_redirect_to']))); $xingClient->client_id = $theChampLoginOptions['xing_ck']; $xingClient->client_secret = $theChampLoginOptions['xing_cs']; if ($success = $xingClient->Initialize()) { if ($success = $xingClient->Process()) { if (strlen($xingClient->access_token)) { $success = $xingClient->CallAPI('https://api.xing.com/v1/users/me', 'GET', array(), array('FailOnAccessError' => true), $xingResponse); } } $success = $xingClient->Finalize($success); } if ($xingClient->exit) { die('exit'); } if ($success) { if (isset($xingResponse->users) && is_array($xingResponse->users) && isset($xingResponse->users[0]->id)) { $xingRedirect = the_champ_get_http() . esc_attr($_GET['super_socializer_redirect_to']); $response = the_champ_user_auth($xingResponse->users[0], 'xing', $xingRedirect); if (is_array($response) && isset($response['message']) && $response['message'] == 'register' && (!isset($response['url']) || $response['url'] == '')) { $redirectTo = esc_attr(the_champ_get_login_redirection_url($xingRedirect, true)); } elseif (isset($response['message']) && $response['message'] == 'linked') { $redirectTo = $xingRedirect . (strpos($xingRedirect, '?') !== false ? '&' : '?') . 'linked=1'; } elseif (isset($response['message']) && $response['message'] == 'not linked') { $redirectTo = $xingRedirect . (strpos($xingRedirect, '?') !== false ? '&' : '?') . 'linked=0'; } elseif (isset($response['url']) && $response['url'] != '') { $redirectTo = $response['url']; } else { $redirectTo = esc_attr(the_champ_get_login_redirection_url($xingRedirect)); } the_champ_close_login_popup($redirectTo); } } else { echo 'Error:' . $xingClient->error; die; } } } // send request to twitter if (isset($_GET['SuperSocializerAuth']) && $_GET['SuperSocializerAuth'] == 'Twitter') { if (isset($theChampLoginOptions['twitter_key']) && $theChampLoginOptions['twitter_key'] != '' && isset($theChampLoginOptions['twitter_secret']) && $theChampLoginOptions['twitter_secret'] != '') { /* Build TwitterOAuth object with client credentials. */ $connection = new TwitterOAuth($theChampLoginOptions['twitter_key'], $theChampLoginOptions['twitter_secret']); /* Get temporary credentials. */ $requestToken = $connection->getRequestToken(site_url() . '/index.php'); if ($connection->http_code == 200) { // generate unique ID $uniqueId = mt_rand(); // save oauth token and secret in db temporarily update_user_meta($uniqueId, 'thechamp_twitter_oauthtoken', $requestToken['oauth_token']); update_user_meta($uniqueId, 'thechamp_twitter_oauthtokensecret', $requestToken['oauth_token_secret']); if (isset($_GET['super_socializer_redirect_to']) && $_GET['super_socializer_redirect_to'] != '') { update_user_meta($uniqueId, 'thechamp_twitter_redirect', esc_attr($_GET['super_socializer_redirect_to'])); } wp_redirect($connection->getAuthorizeURL($requestToken['oauth_token'])); die; } else { ?> <div style="width: 500px; margin: 0 auto"> <ol> <li><?php echo sprintf(__('Enter exactly the following url in <strong>Website</strong> and <strong>Callback Url</strong> options in your Twitter app (see step 3 %s)', 'Super-Socializer'), '<a target="_blank" href="http://support.heateor.com/how-to-get-twitter-api-key-and-secret/">here</a>'); ?> <br/> <?php echo site_url(); ?> </li> <li><?php _e('Make sure cURL is enabled at your website server. You may need to contact the server administrator of your website to verify this', 'Super-Socializer'); ?> </li> </ol> </div> <?php die; } } } // twitter authentication if (isset($_REQUEST['oauth_token'])) { global $wpdb; $uniqueId = $wpdb->get_var($wpdb->prepare("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = 'thechamp_twitter_oauthtoken' and meta_value = %s", $_REQUEST['oauth_token'])); $oauthTokenSecret = get_user_meta($uniqueId, 'thechamp_twitter_oauthtokensecret', true); // twitter redirect url $twitterRedirectUrl = get_user_meta($uniqueId, 'thechamp_twitter_redirect', true); if (empty($uniqueId) || $oauthTokenSecret == '') { // invalid request wp_redirect(site_url()); die; } $connection = new TwitterOAuth($theChampLoginOptions['twitter_key'], $theChampLoginOptions['twitter_secret'], $_REQUEST['oauth_token'], $oauthTokenSecret); /* Request access tokens from twitter */ $accessToken = $connection->getAccessToken($_REQUEST['oauth_verifier']); /* Create a TwitterOauth object with consumer/user tokens. */ $connection = new TwitterOAuth($theChampLoginOptions['twitter_key'], $theChampLoginOptions['twitter_secret'], $accessToken['oauth_token'], $accessToken['oauth_token_secret']); $content = $connection->get('account/verify_credentials'); // delete temporary data delete_user_meta($uniqueId, 'thechamp_twitter_oauthtokensecret'); delete_user_meta($uniqueId, 'thechamp_twitter_oauthtoken'); delete_user_meta($uniqueId, 'thechamp_twitter_redirect'); if (is_object($content) && isset($content->id)) { $response = the_champ_user_auth($content, 'twitter', $twitterRedirectUrl); if (is_array($response) && isset($response['message']) && $response['message'] == 'register' && (!isset($response['url']) || $response['url'] == '')) { $redirectTo = esc_attr(the_champ_get_login_redirection_url($twitterRedirectUrl, true)); } elseif (isset($response['message']) && $response['message'] == 'linked') { $redirectTo = $twitterRedirectUrl . (strpos($twitterRedirectUrl, '?') !== false ? '&' : '?') . 'linked=1'; } elseif (isset($response['message']) && $response['message'] == 'not linked') { $redirectTo = $twitterRedirectUrl . (strpos($twitterRedirectUrl, '?') !== false ? '&' : '?') . 'linked=0'; } elseif (isset($response['url']) && $response['url'] != '') { $redirectTo = $response['url']; } else { $redirectTo = esc_attr(the_champ_get_login_redirection_url($twitterRedirectUrl)); } the_champ_close_login_popup($redirectTo); } } }
/** * User authentication after Social Login */ function the_champ_user_auth($profileData, $provider = 'facebook', $twitterRedirect = '') { global $theChampLoginOptions, $user_ID; if ($provider != 'facebook') { $profileData = the_champ_format_profile_data($profileData, $provider); } else { $profileData['provider'] = 'facebook'; // social avatar url $profileData['avatar'] = "//graph.facebook.com/" . $profileData['id'] . "/picture?type=square"; $profileData['large_avatar'] = "//graph.facebook.com/" . $profileData['id'] . "/picture?type=large"; } // authenticate user // check if Social ID exists in database if ($profileData['id'] == '') { return array('status' => false, 'message' => ''); } $existingUser = get_users('meta_key=thechamp_social_id&meta_value=' . $profileData['id']); // login redirection url $loginUrl = ''; if (isset($theChampLoginOptions['login_redirection']) && $theChampLoginOptions['login_redirection'] == 'bp_profile') { $loginUrl = 'bp'; } if (count($existingUser) > 0) { // user exists in the database if (isset($existingUser[0]->ID)) { // check if account needs verification if (get_user_meta($existingUser[0]->ID, 'thechamp_key', true) != '') { if (!in_array($profileData['provider'], array('twitter', 'instagram', 'steam'))) { if (is_user_logged_in()) { wp_delete_user($existingUser[0]->ID); the_champ_link_account($socialId, $provider, $user_ID); return array('status' => true, 'message' => 'linked'); } else { return array('status' => false, 'message' => 'unverified'); } } if (is_user_logged_in()) { wp_delete_user($existingUser[0]->ID); the_champ_link_account($profileData['id'], $profileData['provider'], $user_ID); the_champ_close_login_popup(admin_url() . '/profile.php'); //** may be BP profile/custom profile page/wp profile page } else { the_champ_close_login_popup(home_url() . '?SuperSocializerUnverified=1'); } } if (is_user_logged_in()) { return array('status' => false, 'message' => 'not linked'); } else { // hook to update profile data do_action('the_champ_hook_update_profile_data', $existingUser[0]->ID, $profileData); // update Xprofile fields if (isset($theChampLoginOptions['xprofile_mapping']) && is_array($theChampLoginOptions['xprofile_mapping'])) { foreach ($theChampLoginOptions['xprofile_mapping'] as $key => $val) { global $wpdb; $value = ''; if (isset($profileData[$val])) { $value = $profileData[$val]; } $wpdb->update($wpdb->prefix . 'bp_xprofile_data', array('value' => $value, 'last_updated' => ''), array('field_id' => $wpdb->get_var($wpdb->prepare("SELECT id FROM " . $wpdb->prefix . "bp_xprofile_fields WHERE name = %s", $key)), 'user_id' => $existingUser[0]->ID), array('%s', '%s'), array('%d', '%d')); } } the_champ_login_user($existingUser[0]->ID, $profileData, $profileData['id'], true); return array('status' => true, 'message' => '', 'url' => $loginUrl == 'bp' ? bp_core_get_user_domain($existingUser[0]->ID) : ''); } } } else { // check if id in linked accounts global $wpdb; $existingUserId = $wpdb->get_var('SELECT user_id FROM ' . $wpdb->prefix . 'usermeta WHERE meta_key = "thechamp_linked_accounts" and meta_value LIKE "%' . $profileData['id'] . '%"'); if ($existingUserId) { if (is_user_logged_in()) { return array('status' => false, 'message' => 'not linked'); } else { the_champ_login_user($existingUserId, $profileData, $profileData['id'], true); return array('status' => true, 'message' => '', 'url' => $loginUrl == 'bp' ? bp_core_get_user_domain($existingUserId) : ''); } } // linking if (is_user_logged_in()) { global $user_ID; $providerExists = $wpdb->get_var('SELECT user_id FROM ' . $wpdb->prefix . 'usermeta WHERE user_id = ' . $user_ID . ' and meta_key = "thechamp_linked_accounts" and meta_value LIKE "%' . $profileData['provider'] . '%"'); if ($providerExists) { return array('status' => false, 'message' => 'provider exists'); } else { the_champ_link_account($profileData['id'], $profileData['provider'], $user_ID); return array('status' => true, 'message' => 'linked'); } } // if email is blank if (!isset($profileData['email']) || $profileData['email'] == '') { if (!isset($theChampLoginOptions['email_required']) || $theChampLoginOptions['email_required'] != 1) { // generate dummy email $profileData['email'] = $profileData['id'] . '@' . $provider . '.com'; } else { // save temporary data if ($twitterRedirect != '') { $profileData['twitter_redirect'] = $twitterRedirect; } $serializedProfileData = maybe_serialize($profileData); $uniqueId = mt_rand(); update_user_meta($uniqueId, 'the_champ_temp_data', $serializedProfileData); if (!in_array($profileData['provider'], array('twitter', 'instagram', 'xing', 'steam'))) { return array('status' => false, 'message' => 'ask email|' . $uniqueId); } the_champ_close_login_popup(home_url() . '?SuperSocializerEmail=1&par=' . $uniqueId); } } // check if email exists in database if (isset($profileData['email']) && ($userId = email_exists($profileData['email']))) { // email exists in WP DB the_champ_login_user($userId, $profileData, '', true); the_champ_link_account($profileData['id'], $profileData['provider'], $userId); return array('status' => true, 'message' => '', 'url' => $loginUrl == 'bp' ? bp_core_get_user_domain($userId) : ''); } } $customRedirection = apply_filters('the_champ_before_user_registration', '', $profileData); if ($customRedirection) { return $customRedirection; } do_action('the_champ_before_registration', $profileData); // register user $userId = the_champ_create_user($profileData); if ($userId) { the_champ_login_user($userId, $profileData, $profileData['id'], false); if (isset($theChampLoginOptions['register_redirection']) && $theChampLoginOptions['register_redirection'] == 'bp_profile') { return array('status' => true, 'message' => 'register', 'url' => bp_core_get_user_domain($userId)); } else { return array('status' => true, 'message' => 'register'); } } return array('status' => false, 'message' => ''); }
/** * Check querystring variables */ function the_champ_connect() { global $theChampLoginOptions; // verify email if (isset($_GET['SuperSocializerKey']) && ($verificationKey = trim(esc_attr($_GET['SuperSocializerKey']))) != '') { $users = get_users('meta_key=thechamp_key&meta_value=' . $verificationKey); if (count($users) > 0 && isset($users[0]->ID)) { delete_user_meta($users[0]->ID, 'thechamp_key'); // update password $password = wp_generate_password(); wp_update_user(array('ID' => $users[0]->ID, 'user_pass' => $password)); // send notification email heateor_ss_new_user_notification($users[0]->ID); wp_redirect(home_url() . '?SuperSocializerVerified=1'); die; } } // Instagram auth if (isset($_GET['SuperSocializerInstaToken']) && $_GET['SuperSocializerInstaToken'] != '') { $instaAuthUrl = 'https://api.instagram.com/v1/users/self?access_token=' . trim(esc_attr($_GET['SuperSocializerInstaToken'])); $response = wp_remote_get($instaAuthUrl, array('timeout' => 15)); if (!is_wp_error($response) && isset($response['response']['code']) && 200 === $response['response']['code']) { $body = json_decode(wp_remote_retrieve_body($response)); if (is_object($body->data) && isset($body->data) && isset($body->data->id)) { $redirection = isset($_GET['super_socializer_redirect_to']) && $_GET['super_socializer_redirect_to'] != '' ? esc_attr($_GET['super_socializer_redirect_to']) : ''; $response = the_champ_user_auth($body->data, 'instagram', $redirection); if (is_array($response) && isset($response['message']) && $response['message'] == 'register' && (!isset($response['url']) || $response['url'] == '')) { $redirectTo = esc_attr(the_champ_get_login_redirection_url($redirection, true)); } elseif (isset($response['message']) && $response['message'] == 'linked') { $redirectTo = $redirection . (strpos($redirection, '?') !== false ? '&' : '?') . 'linked=1'; } elseif (isset($response['message']) && $response['message'] == 'not linked') { $redirectTo = $redirection . (strpos($redirection, '?') !== false ? '&' : '?') . 'linked=0'; } elseif (isset($response['url']) && $response['url'] != '') { $redirectTo = $response['url']; } else { $redirectTo = esc_attr(the_champ_get_login_redirection_url($redirection)); } the_champ_close_login_popup($redirectTo); } } } // Twitch auth if (isset($_GET['SuperSocializerAuth']) && $_GET['SuperSocializerAuth'] == 'Twitch') { if (isset($_GET['SuperSocializerData'])) { $body = explode('&&', urldecode($_GET['SuperSocializerData'])); $profileData = array(); foreach ($body as $dataField) { $keyValue = explode('=', $dataField); $profileData[$keyValue[0]] = $keyValue[1]; } if (isset($profileData['_id']) && $profileData['_id'] != '') { $redirection = isset($_GET['super_socializer_redirect_to']) && $_GET['super_socializer_redirect_to'] != '' ? esc_attr($_GET['super_socializer_redirect_to']) : ''; $response = the_champ_user_auth($profileData, 'twitch', $redirection); if (is_array($response) && isset($response['message']) && $response['message'] == 'register' && (!isset($response['url']) || $response['url'] == '')) { $redirectTo = esc_attr(the_champ_get_login_redirection_url($redirection, true)); } elseif (isset($response['message']) && $response['message'] == 'linked') { $redirectTo = $redirection . (strpos($redirection, '?') !== false ? '&' : '?') . 'linked=1'; } elseif (isset($response['message']) && $response['message'] == 'not linked') { $redirectTo = $redirection . (strpos($redirection, '?') !== false ? '&' : '?') . 'linked=0'; } elseif (isset($response['url']) && $response['url'] != '') { $redirectTo = $response['url']; } else { $redirectTo = esc_attr(the_champ_get_login_redirection_url($redirection)); } the_champ_close_login_popup($redirectTo); } } elseif (isset($theChampLoginOptions['twitch_client_id']) && $theChampLoginOptions['twitch_client_id'] != '') { ?> <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js"></script> <script src="https://ttv-api.s3.amazonaws.com/twitch.min.js"></script> <script> theChampSerialize = function(obj, prefix) { var str = []; for(var p in obj) { if (obj.hasOwnProperty(p)) { var k = prefix ? prefix + "[" + p + "]" : p, v = obj[p]; str.push(typeof v == "object" ? theChampSerialize(v, k) : encodeURIComponent(k) + "=" + encodeURIComponent(v)); } } return str.join("&&"); } jQuery(function(){ Twitch.init({clientId: '<?php echo $theChampLoginOptions['twitch_client_id']; ?> '}, function(error, status) { // the sdk is now loaded console.log(error); console.log(status); if( !status.authenticated ){ Twitch.login({ scope: ['user_read', 'channel_read'] }); } else { Twitch.api({method: 'user'}, function(error, user) { if(user._id && user._id != null){ window.opener.theChampAjaxUserAuth(user, 'twitch'); window.opener.location.href = '<?php echo site_url(); ?> ?SuperSocializerAuth=Twitch&super_socializer_redirect_to='+window.opener.theChampTwitterRedirect+'&SuperSocializerData=' + encodeURIComponent(theChampSerialize(user)); window.close(); } }); } }); }); </script> <?php } die; } // Steam auth if (isset($_GET['SuperSocializerSteamAuth']) && $_GET['SuperSocializerSteamAuth'] != '') { global $theChampSteamLogin; $theChampSteamId = $theChampSteamLogin->validate(); $result = wp_remote_get("http://steamcommunity.com/profiles/{$theChampSteamId}/?xml=1", array('timeout' => 15)); if (!is_wp_error($result) && isset($result['response']['code']) && 200 === $result['response']['code']) { $body = wp_remote_retrieve_body($result); $xml = simplexml_load_string($body, null, LIBXML_NOCDATA); if ($xml && isset($xml->steamID64) && $xml->steamID64) { $steamRedirect = esc_url($_GET['SuperSocializerSteamAuth']); $response = the_champ_user_auth($xml, 'steam', $steamRedirect); if (is_array($response) && isset($response['message']) && $response['message'] == 'register' && (!isset($response['url']) || $response['url'] == '')) { $redirectTo = esc_attr(the_champ_get_login_redirection_url($steamRedirect, true)); } elseif (isset($response['message']) && $response['message'] == 'linked') { $redirectTo = $steamRedirect . (strpos($steamRedirect, '?') !== false ? '&' : '?') . 'linked=1'; } elseif (isset($response['message']) && $response['message'] == 'not linked') { $redirectTo = $steamRedirect . (strpos($steamRedirect, '?') !== false ? '&' : '?') . 'linked=0'; } elseif (isset($response['url']) && $response['url'] != '') { $redirectTo = $response['url']; } else { $redirectTo = esc_attr(the_champ_get_login_redirection_url($steamRedirect)); } the_champ_close_login_popup($redirectTo); } } die; } // send request to Xing if (isset($_GET['SuperSocializerAuth']) && $_GET['SuperSocializerAuth'] == 'Xing') { session_start(); if (!isset($_GET['oauth_token']) && isset($_SESSION['OAUTH_ACCESS_TOKEN'])) { unset($_SESSION['OAUTH_ACCESS_TOKEN']); } if (isset($theChampLoginOptions['xing_ck']) && $theChampLoginOptions['xing_ck'] != '' && isset($theChampLoginOptions['xing_cs']) && $theChampLoginOptions['xing_cs'] != '') { $xingClient = new oauth_client_class(); $xingClient->debug = 0; $xingClient->debug_http = 1; $xingClient->server = 'XING'; $xingClient->redirect_uri = site_url() . '/index.php?SuperSocializerAuth=Xing&super_socializer_redirect_to=' . esc_attr(str_replace(array('http://', 'https://'), '', urldecode($_GET['super_socializer_redirect_to']))); $xingClient->client_id = $theChampLoginOptions['xing_ck']; $xingClient->client_secret = $theChampLoginOptions['xing_cs']; if ($success = $xingClient->Initialize()) { if ($success = $xingClient->Process()) { if (strlen($xingClient->access_token)) { $success = $xingClient->CallAPI('https://api.xing.com/v1/users/me', 'GET', array(), array('FailOnAccessError' => true), $xingResponse); } } $success = $xingClient->Finalize($success); } if ($xingClient->exit) { die('exit'); } if ($success) { if (isset($xingResponse->users) && is_array($xingResponse->users) && isset($xingResponse->users[0]->id)) { $xingRedirect = the_champ_get_http() . esc_attr($_GET['super_socializer_redirect_to']); $response = the_champ_user_auth($xingResponse->users[0], 'xing', $xingRedirect); if (is_array($response) && isset($response['message']) && $response['message'] == 'register' && (!isset($response['url']) || $response['url'] == '')) { $redirectTo = esc_attr(the_champ_get_login_redirection_url($xingRedirect, true)); } elseif (isset($response['message']) && $response['message'] == 'linked') { $redirectTo = $xingRedirect . (strpos($xingRedirect, '?') !== false ? '&' : '?') . 'linked=1'; } elseif (isset($response['message']) && $response['message'] == 'not linked') { $redirectTo = $xingRedirect . (strpos($xingRedirect, '?') !== false ? '&' : '?') . 'linked=0'; } elseif (isset($response['url']) && $response['url'] != '') { $redirectTo = $response['url']; } else { $redirectTo = esc_attr(the_champ_get_login_redirection_url($xingRedirect)); } the_champ_close_login_popup($redirectTo); } } else { echo 'Error:' . $xingClient->error; die; } } } // send request to twitter if (isset($_GET['SuperSocializerAuth']) && $_GET['SuperSocializerAuth'] == 'Twitter') { if (isset($theChampLoginOptions['twitter_key']) && $theChampLoginOptions['twitter_key'] != '' && isset($theChampLoginOptions['twitter_secret']) && $theChampLoginOptions['twitter_secret'] != '') { /* Build TwitterOAuth object with client credentials. */ $connection = new TwitterOAuth($theChampLoginOptions['twitter_key'], $theChampLoginOptions['twitter_secret']); /* Get temporary credentials. */ $requestToken = $connection->getRequestToken(site_url() . '/index.php'); if ($connection->http_code == 200) { // generate unique ID $uniqueId = mt_rand(); // save oauth token and secret in db temporarily update_user_meta($uniqueId, 'thechamp_twitter_oauthtoken', $requestToken['oauth_token']); update_user_meta($uniqueId, 'thechamp_twitter_oauthtokensecret', $requestToken['oauth_token_secret']); if (isset($_GET['super_socializer_redirect_to']) && $_GET['super_socializer_redirect_to'] != '') { update_user_meta($uniqueId, 'thechamp_twitter_redirect', esc_attr($_GET['super_socializer_redirect_to'])); } wp_redirect($connection->getAuthorizeURL($requestToken['oauth_token'])); die; } else { ?> <div style="width: 500px; margin: 0 auto"> <ol> <li><?php echo sprintf(__('Enter exactly the following url in <strong>Website</strong> and <strong>Callback Url</strong> options in your Twitter app (see step 3 %s)', 'Super-Socializer'), '<a target="_blank" href="http://support.heateor.com/how-to-get-twitter-api-key-and-secret/">here</a>'); ?> <br/> <?php echo site_url(); ?> </li> <li><?php _e('Make sure cURL is enabled at your website server. You may need to contact the server administrator of your website to verify this', 'Super-Socializer'); ?> </li> </ol> </div> <?php die; } } } // twitter authentication if (isset($_REQUEST['oauth_token'])) { global $wpdb; $uniqueId = $wpdb->get_var($wpdb->prepare("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = 'thechamp_twitter_oauthtoken' and meta_value = %s", $_REQUEST['oauth_token'])); $oauthTokenSecret = get_user_meta($uniqueId, 'thechamp_twitter_oauthtokensecret', true); // twitter redirect url $twitterRedirectUrl = get_user_meta($uniqueId, 'thechamp_twitter_redirect', true); if (empty($uniqueId) || $oauthTokenSecret == '') { // invalid request wp_redirect(site_url()); die; } $connection = new TwitterOAuth($theChampLoginOptions['twitter_key'], $theChampLoginOptions['twitter_secret'], $_REQUEST['oauth_token'], $oauthTokenSecret); /* Request access tokens from twitter */ $accessToken = $connection->getAccessToken($_REQUEST['oauth_verifier']); /* Create a TwitterOauth object with consumer/user tokens. */ $connection = new TwitterOAuth($theChampLoginOptions['twitter_key'], $theChampLoginOptions['twitter_secret'], $accessToken['oauth_token'], $accessToken['oauth_token_secret']); $content = $connection->get('account/verify_credentials'); // delete temporary data delete_user_meta($uniqueId, 'thechamp_twitter_oauthtokensecret'); delete_user_meta($uniqueId, 'thechamp_twitter_oauthtoken'); delete_user_meta($uniqueId, 'thechamp_twitter_redirect'); if (is_object($content) && isset($content->id)) { $response = the_champ_user_auth($content, 'twitter', $twitterRedirectUrl); if (is_array($response) && isset($response['message']) && $response['message'] == 'register' && (!isset($response['url']) || $response['url'] == '')) { $redirectTo = esc_attr(the_champ_get_login_redirection_url($twitterRedirectUrl, true)); } elseif (isset($response['message']) && $response['message'] == 'linked') { $redirectTo = $twitterRedirectUrl . (strpos($twitterRedirectUrl, '?') !== false ? '&' : '?') . 'linked=1'; } elseif (isset($response['message']) && $response['message'] == 'not linked') { $redirectTo = $twitterRedirectUrl . (strpos($twitterRedirectUrl, '?') !== false ? '&' : '?') . 'linked=0'; } elseif (isset($response['url']) && $response['url'] != '') { $redirectTo = $response['url']; } else { $redirectTo = esc_attr(the_champ_get_login_redirection_url($twitterRedirectUrl)); } the_champ_close_login_popup($redirectTo); } } }