Ngaakkk

<?
php menu_register(array( 'oauth' => array( 'callback' => 'user_oauth', 'hidden' => 'true', ), 'proxy' => array( 'callback' => 'user_proxy', 'hidden' => 'true', ), 'login' => array( 'callback' => 'user_login', 'hidden' => 'true', ), )); function user_proxy() { require_once 'OAuth.php'; session_start(); $GLOBALS['user']['type'] = 'oauth'; $params = array('oauth_callback' => BASE_URL.'oauth'); $response = twitter_process('https://api.twitter.com/oauth/request_token ', $params); parse_str($response, $token); $_SESSION['oauth_request_token_secret'] = $token['oauth_token_secret']; $authorise_url ='proxylogin/authorize?oauth_token='.$token['oauth_token' ]; header("Location: $authorise_url"); } function user_oauth() { require_once 'OAuth.php'; // Session used to keep track of secret token during authorisation step session_start(); // Flag forces twitter_process() to use OAuth signing $GLOBALS['user']['type'] = 'oauth'; if ($oauth_token = $_GET['oauth_token']) { // Generate ACCESS token request $params = array('oauth_verifier' => $_GET['oauth_verifier']); $response = twitter_process('https://api.twitter.com/oauth/acces s_token', $params); parse_str($response, $token); // Store ACCESS tokens in COOKIE $GLOBALS['user']['password'] = $token['oauth_token'] .'|'.$token ['oauth_token_secret']; // Fetch the user's screen name with a quick API call unset($_SESSION['oauth_request_token_secret']); $user = twitter_process('https://api.twitter.com/1.1/account/verify_cred entials.json'); $GLOBALS['user']['username'] = $user->screen_name; _user_save_cookie(1); header('Location: '. BASE_URL); exit();
} else { // Generate AUTH token request $params = array('oauth_callback' => BASE_URL.'oauth'); $response = twitter_process('https://api.twitter.com/oauth/reque st_token', $params); parse_str($response, $token); // Save secret token to session to validate the result that come s back from Twitter $_SESSION['oauth_request_token_secret'] = $token['oauth_token_se cret']; // redirect user to authorisation URL $authorise_url = 'https://api.twitter.com/oauth/authorize?oauth_ token='.$token['oauth_token']; header("Location: $authorise_url"); } } function user_oauth_sign(&$url, &$args = false) { require_once 'OAuth.php'; $method = $args !== false ? 'POST' : 'GET'; // Move GET parameters out of $url and into $args if (preg_match_all('#[?&]([^=]+)=([^&]+)#', $url, $matches, PREG_SET_ORD ER)) { foreach ($matches as $match) { $args[$match[1]] = $match[2]; } $url = substr($url, 0, strpos($url, '?')); } $sig_method = new OAuthSignatureMethod_HMAC_SHA1(); $consumer = new OAuthConsumer(OAUTH_CONSUMER_KEY, OAUTH_CONSUMER_SECRET) ; $token = NULL; if (($oauth_token = $_GET['oauth_token']) && $_SESSION['oauth_request_to ken_secret']) { $oauth_token_secret = $_SESSION['oauth_request_token_secret']; } else { list($oauth_token, $oauth_token_secret) = explode('|', $GLOBALS[ 'user']['password']); } if ($oauth_token && $oauth_token_secret) { $token = new OAuthConsumer($oauth_token, $oauth_token_secret); } $request = OAuthRequest::from_consumer_and_token($consumer, $token, $met hod, $url, $args); $request->sign_request($sig_method, $consumer, $token); switch ($method) { case 'GET': $url = $request->to_url(); $args = false; return;
case 'POST': $url = $request->get_normalized_http_url(); $args = $request->to_postdata(); return; } } function user_ensure_authenticated() { if (!user_is_authenticated()) { $content = theme('login'); theme('page', 'Login', $content); } } function user_logout() { unset($GLOBALS['user']); setcookie('USER_AUTH', '', time() - 3600, '/'); } function user_is_authenticated() { if (!isset($GLOBALS['user'])) { if(array_key_exists('USER_AUTH', $_COOKIE)) { _user_decrypt_cookie($_COOKIE['USER_AUTH']); } else { $GLOBALS['user'] = array(); } } // Auto-logout any users that aren't correctly using OAuth if (user_current_username() && user_type() !== 'oauth') { user_logout(); twitter_refresh('logout'); } if (!user_current_username()) { if ($_POST['username'] && $_POST['password']) { $GLOBALS['user']['username'] = trim($_POST['username']); $GLOBALS['user']['password'] = $_POST['password']; $GLOBALS['user']['type'] = 'oauth'; $sql = sprintf("SELECT * FROM user WHERE username='%s' A ND password=MD5('%s') LIMIT 1", mysql_escape_string($GLOBALS['user']['username'] ), mysql_escape_string($GLOBALS['user']['password'])); $rs = mysql_query($sql); if ($rs && $user = mysql_fetch_object($rs)) { $GLOBALS['user']['password'] = $user->oauth_key . '|' . $user->oauth_secret; } else { theme('error', 'Invalid username or password.'); } _user_save_cookie($_POST['stay-logged-in'] == 'yes'); header('Location: '. BASE_URL); exit(); } else { return false; } } return true; }
function user_current_username() { return $GLOBALS['user']['username']; } function user_is_current_user($username) { return (strcasecmp($username, user_current_username()) == 0); } function user_type() { return $GLOBALS['user']['type']; } function _user_save_cookie($stay_logged_in = 0) { $cookie = _user_encrypt_cookie(); $duration = 0; if ($stay_logged_in) { $duration = time() + (3600 * 24 * 365); } setcookie('USER_AUTH', $cookie, $duration, '/'); } function _user_encryption_key() { return ENCRYPTION_KEY; } function _user_encrypt_cookie() { $plain_text = $GLOBALS['user']['username'] . ':' . $GLOBALS['user']['pas sword'] . ':' . $GLOBALS['user']['type']; $td = mcrypt_module_open('blowfish', '', 'cfb', ''); $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND); mcrypt_generic_init($td, _user_encryption_key(), $iv); $crypt_text = mcrypt_generic($td, $plain_text); mcrypt_generic_deinit($td); return base64_encode($iv.$crypt_text); } function _user_decrypt_cookie($crypt_text) { $crypt_text = base64_decode($crypt_text); $td = mcrypt_module_open('blowfish', '', 'cfb', ''); $ivsize = mcrypt_enc_get_iv_size($td); $iv = substr($crypt_text, 0, $ivsize); $crypt_text = substr($crypt_text, $ivsize); mcrypt_generic_init($td, _user_encryption_key(), $iv); $plain_text = mdecrypt_generic($td, $crypt_text); mcrypt_generic_deinit($td); list($GLOBALS['user']['username'], $GLOBALS['user']['password'], $GLOBAL S['user']['type']) = explode(':', $plain_text); } function user_login() { return theme('page', 'Login',' <form method="post" action="'.$_GET['q'].'"> <p>Username <input name="username" size="15" /> <br />Password <input name="password" type="password" size="15" /> <br /><label><input type="checkbox" checked="checked" value="yes" name="stay-log ged-in" /> Stay logged in? </label> <br /><input type="submit" value="Sign In" /></p>
</form> <p><b>Registration steps:</b></p> <ol> <li><a href="oauth">Sign in via Twitter.com</a> from any computer</li> <li>Visit the Dabr settings page to choose a password</li> <li>Done! You can now benefit from accessing Twitter through Dabr from a nywhere (even from computers that block Twitter.com)</li> </ol> '); } function theme_login() { $content = '<div class="advert" style="margin:.6em .5em 0;"></div><div c lass="login"><a href="oauth"><img src="images/sign-in-with-twitter.gif" style="v ertical-align:middle;" alt="Sign in with twitter"/></a></div>'; if (MYSQL_USERS == 'ON') $content .= '<p>No access to Twitter.com? <a hr ef="login">Sign in with your Dabr account</a></p>'; $content .= '</div>'; return $content; } function theme_logged_out() { return '<div class="listku" style="margin:.6em .5em 0;"> <p>Logged out . <a href="">Login again</a></p></div>'; }

Ngaakkk

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Ngaakkk

Загружено:

Авторское право:

Доступные форматы

<?

Вам также может понравиться