API tools faq
paste
Advertisement
lpuarmy

user.php for error twitter 404 dabr

lpuarmy
Oct 23rd, 2012
1,079
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.43 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. menu_register(array(
  4. 'oauth' => array(
  5. 'callback' => 'user_oauth',
  6. 'hidden' => 'true',
  7. ),
  8. 'login' => array(
  9. 'callback' => 'user_login',
  10. 'hidden' => 'true',
  11. ),
  12. ));
  13.  
  14. function user_oauth() {
  15. require_once 'OAuth.php';
  16.  
  17. // Session used to keep track of secret token during authorisation step
  18. session_start();
  19.  
  20. // Flag forces twitter_process() to use OAuth signing
  21. $GLOBALS['user']['type'] = 'oauth';
  22.  
  23. if ($oauth_token = $_GET['oauth_token']) {
  24. // Generate ACCESS token request
  25. $params = array('oauth_verifier' => $_GET['oauth_verifier']);
  26. $response = twitter_process('https://api.twitter.com/oauth/access_token', $params);
  27. parse_str($response, $token);
  28.  
  29. // Store ACCESS tokens in COOKIE
  30. $GLOBALS['user']['password'] = $token['oauth_token'] .'|'.$token['oauth_token_secret'];
  31.  
  32. // Fetch the user's screen name with a quick API call
  33. unset($_SESSION['oauth_request_token_secret']);
  34. $user = twitter_process('https://api.twitter.com/1.1/account/verify_credentials.json');
  35. $GLOBALS['user']['username'] = $user->screen_name;
  36.  
  37. _user_save_cookie(1);
  38. header('Location: '. BASE_URL);
  39. exit();
  40.  
  41. } else {
  42. // Generate AUTH token request
  43. $params = array('oauth_callback' => BASE_URL.'oauth');
  44. $response = twitter_process('https://api.twitter.com/oauth/request_token', $params);
  45. parse_str($response, $token);
  46.  
  47. // Save secret token to session to validate the result that comes back from Twitter
  48. $_SESSION['oauth_request_token_secret'] = $token['oauth_token_secret'];
  49.  
  50. // redirect user to authorisation URL
  51. $authorise_url = 'https://api.twitter.com/oauth/authorize?oauth_token='.$token['oauth_token'];
  52. header("Location: $authorise_url");
  53. }
  54. }
  55.  
  56. function user_oauth_sign(&$url, &$args = false) {
  57. require_once 'OAuth.php';
  58.  
  59. $method = $args !== false ? 'POST' : 'GET';
  60.  
  61. // Move GET parameters out of $url and into $args
  62. if (preg_match_all('#[?&]([^=]+)=([^&]+)#', $url, $matches, PREG_SET_ORDER)) {
  63. foreach ($matches as $match) {
  64. $args[$match[1]] = $match[2];
  65. }
  66. $url = substr($url, 0, strpos($url, '?'));
  67. }
  68.  
  69. $sig_method = new OAuthSignatureMethod_HMAC_SHA1();
  70. $consumer = new OAuthConsumer(OAUTH_CONSUMER_KEY, OAUTH_CONSUMER_SECRET);
  71. $token = NULL;
  72.  
  73. if (($oauth_token = $_GET['oauth_token']) && $_SESSION['oauth_request_token_secret']) {
  74. $oauth_token_secret = $_SESSION['oauth_request_token_secret'];
  75. } else {
  76. list($oauth_token, $oauth_token_secret) = explode('|', $GLOBALS['user']['password']);
  77. }
  78. if ($oauth_token && $oauth_token_secret) {
  79. $token = new OAuthConsumer($oauth_token, $oauth_token_secret);
  80. }
  81.  
  82. $request = OAuthRequest::from_consumer_and_token($consumer, $token, $method, $url, $args);
  83. $request->sign_request($sig_method, $consumer, $token);
  84.  
  85. switch ($method) {
  86. case 'GET':
  87. $url = $request->to_url();
  88. $args = false;
  89. return;
  90. case 'POST':
  91. $url = $request->get_normalized_http_url();
  92. $args = $request->to_postdata();
  93. return;
  94. }
  95. }
  96.  
  97. function user_ensure_authenticated() {
  98. if (!user_is_authenticated()) {
  99. $content = theme('login');
  100. $content .= file_get_contents('about.html');
  101. theme('page', 'Login', $content);
  102. }
  103. }
  104.  
  105. function user_logout() {
  106. unset($GLOBALS['user']);
  107. setcookie('USER_AUTH', '', time() - 3600, '/');
  108. }
  109.  
  110. function user_is_authenticated() {
  111. if (!isset($GLOBALS['user'])) {
  112. if(array_key_exists('USER_AUTH', $_COOKIE)) {
  113. _user_decrypt_cookie($_COOKIE['USER_AUTH']);
  114. } else {
  115. $GLOBALS['user'] = array();
  116. }
  117. }
  118.  
  119. // Auto-logout any users that aren't correctly using OAuth
  120. if (user_current_username() && user_type() !== 'oauth') {
  121. user_logout();
  122. twitter_refresh('logout');
  123. }
  124.  
  125. if (!user_current_username()) {
  126. if ($_POST['username'] && $_POST['password']) {
  127. $GLOBALS['user']['username'] = trim($_POST['username']);
  128. $GLOBALS['user']['password'] = $_POST['password'];
  129. $GLOBALS['user']['type'] = 'oauth';
  130.  
  131. $sql = sprintf("SELECT * FROM user WHERE username='%s' AND password=MD5('%s') LIMIT 1", mysql_escape_string($GLOBALS['user']['username']), mysql_escape_string($GLOBALS['user']['password']));
  132. $rs = mysql_query($sql);
  133. if ($rs && $user = mysql_fetch_object($rs)) {
  134. $GLOBALS['user']['password'] = $user->oauth_key . '|' . $user->oauth_secret;
  135. } else {
  136. theme('error', 'Invalid username or password.');
  137. }
  138.  
  139. _user_save_cookie($_POST['stay-logged-in'] == 'yes');
  140. header('Location: '. BASE_URL);
  141. exit();
  142. } else {
  143. return false;
  144. }
  145. }
  146. return true;
  147. }
  148.  
  149. function user_current_username() {
  150. return $GLOBALS['user']['username'];
  151. }
  152.  
  153. function user_is_current_user($username) {
  154. return (strcasecmp($username, user_current_username()) == 0);
  155. }
  156.  
  157. function user_type() {
  158. return $GLOBALS['user']['type'];
  159. }
  160.  
  161. function _user_save_cookie($stay_logged_in = 0) {
  162. $cookie = _user_encrypt_cookie();
  163. $duration = 0;
  164. if ($stay_logged_in) {
  165. $duration = time() + (3600 * 24 * 365);
  166. }
  167. setcookie('USER_AUTH', $cookie, $duration, '/');
  168. }
  169.  
  170. function _user_encryption_key() {
  171. return ENCRYPTION_KEY;
  172. }
  173.  
  174. function _user_encrypt_cookie() {
  175. $plain_text = $GLOBALS['user']['username'] . ':' . $GLOBALS['user']['password'] . ':' . $GLOBALS['user']['type'];
  176.  
  177. $td = mcrypt_module_open('blowfish', '', 'cfb', '');
  178. $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
  179. mcrypt_generic_init($td, _user_encryption_key(), $iv);
  180. $crypt_text = mcrypt_generic($td, $plain_text);
  181. mcrypt_generic_deinit($td);
  182. return base64_encode($iv.$crypt_text);
  183. }
  184.  
  185. function _user_decrypt_cookie($crypt_text) {
  186. $crypt_text = base64_decode($crypt_text);
  187. $td = mcrypt_module_open('blowfish', '', 'cfb', '');
  188. $ivsize = mcrypt_enc_get_iv_size($td);
  189. $iv = substr($crypt_text, 0, $ivsize);
  190. $crypt_text = substr($crypt_text, $ivsize);
  191. mcrypt_generic_init($td, _user_encryption_key(), $iv);
  192. $plain_text = mdecrypt_generic($td, $crypt_text);
  193. mcrypt_generic_deinit($td);
  194.  
  195. list($GLOBALS['user']['username'], $GLOBALS['user']['password'], $GLOBALS['user']['type']) = explode(':', $plain_text);
  196. }
  197.  
  198. function user_login() {
  199. return theme('page', 'Login','
  200. <form method="post" action="'.$_GET['q'].'">
  201. <p>Username <input name="username" size="15" />
  202. <br />Password <input name="password" type="password" size="15" />
  203. <br /><label><input type="checkbox" checked="checked" value="yes" name="stay-logged-in" /> Stay logged in? </label>
  204. <br /><input type="submit" value="Sign In" /></p>
  205. </form>
  206.  
  207. <p><b>Registration steps:</b></p>
  208.  
  209. <ol>
  210. <li><a href="oauth">Sign in via Twitter.com</a> from any computer</li>
  211. <li>Visit the Dabr settings page to choose a password</li>
  212. <li>Done! You can now benefit from accessing Twitter through Dabr from anywhere (even from computers that block Twitter.com)</li>
  213. </ol>
  214. ');
  215. }
  216.  
  217. function theme_login() {
  218. $content = '<div style="margin:1em; font-size: 1.2em">
  219. <p><a href="oauth"><img src="images/twitter_button_2_lo.gif" alt="Sign in with Twitter/OAuth" width="165" height="28" /></a><br /><a href="oauth">Sign in via Twitter.com</a></p>
  220. <p>Twitter no longer allow you to log in directly with a username and password so we can\'t show the standard login form. There\'s some more information on the <a href="http://blog.dabr.co.uk/">Dabr blog</a>.</p>';
  221.  
  222. if (MYSQL_USERS == 'ON') $content .= '<p>No access to Twitter.com? <a href="login">Sign in with your Dabr account</a></p>';
  223. $content .= '</div>';
  224. return $content;
  225. }
  226.  
  227. function theme_logged_out() {
  228. return '<p>Logged out. <a href="">Login again</a></p>';
  229. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!