<?php try { require_once "Sprinkles.php"; $sprink = new Sprinkles(); $return = request_param('return'); $smarty->assign('return', $return); # FIXME: check for nastiness? redirect($sprink->authorize_url($return, false)); exit(0); } catch (Exception $e) { error_log("Exception thrown while preparing page: " . $e->getMessage()); $smarty->display('error.t'); }
## Validation | FIXME: not finished $bad_fields = array(); $contact_email = request_param('contact_email'); if (preg_match($email_regex, $contact_email)) { $contact_email = trim($contact_email); } else { array_push($bad_fields, 'contact_email'); } $contact_phone = request_param('contact_phone'); $contact_address = request_param('contact_address'); # TBD: additional links $sprink = new Sprinkles(); # TBD: this is expensive; cheapen! $active_username = $sprink->current_username(); if (!$active_username) { redirect($sprink->authorize_url('admin.php', false)); exit(0); } $existing_admin_users = $sprink->get_users(); if (!$sprink->user_is_admin()) { redirect('error.php'); exit(0); } sort($existing_admin_users); $admin_users_str = request_param('admin_users_str'); $admin_users = preg_split('/,\\s*|\\s+/', $admin_users_str); if (!member($active_username, $admin_users)) { array_push($bad_fields, 'admin_users_str'); } else { $admin_users = array_filter($admin_users); $existing_admin_usernames = array();
$company_sfnid = request_param('company_sfnid'); $oauth_consumer_key = request_param('oauth_consumer_key'); $oauth_consumer_secret = request_param('oauth_consumer_secret'); $sprinkles_root_url = request_param('sprinkles_root_url'); if (!$oauth_consumer_key || !$oauth_consumer_secret) { redirect('admin-findsite.php?msg=missing_oauth' . '&company_sfnid=' . $company_sfnid . '&oauth_consumer_key=' . $oauth_consumer_key . '&oauth_consumer_secret=' . $oauth_consumer_secret . '&sprinkles_root_url=' . $sprinkles_root_url); exit; } if (!$sprinkles_root_url) { redirect('admin-findsite.php?msg=missing_sprinkles_root_url' . '&company_sfnid=' . $company_sfnid . '&oauth_consumer_key=' . $oauth_consumer_key . '&oauth_consumer_secret=' . $oauth_consumer_secret . '&sprinkles_root_url=' . $sprinkles_root_url); exit; } if (!$company_sfnid) { redirect('admin-findsite.php?msg=missing_company_sfnid' . '&company_sfnid=' . $company_sfnid . '&oauth_consumer_key=' . $oauth_consumer_key . '&oauth_consumer_secret=' . $oauth_consumer_secret . '&sprinkles_root_url=' . $sprinkles_root_url); exit; } $sprinkles_root_url = preg_replace('|[^/]*.php$|', '', $sprinkles_root_url); # Note: the naive regex you'd usee below doesn't work; pcre is not in fact # Perl-compatible in this case $sprinkles_root_url = preg_replace('|([^/])/*$|', '\\1/', $sprinkles_root_url); $result = $sprink->set_site_settings(array('company_id' => $company_sfnid, 'oauth_consumer_key' => $oauth_consumer_key, 'oauth_consumer_secret' => $oauth_consumer_secret, 'sprinkles_root_url' => $sprinkles_root_url)); if (!$result) { die(mysql_error()); } message($sprink->site_configured()); redirect($sprink->authorize_url('admin.php?hooked=true', true)); exit(0); } catch (Exception $e) { error_log("Exception thrown while preparing page: " . $e->getMessage()); $smarty->display('error.t'); }