OpencachingDeutschland /
oc-server3
@@ -24,7 +24,8 @@ discard block |
||
| 24 | 24 | if ($error == false) { |
| 25 | 25 | //logid |
| 26 | 26 | $log_id = 0; |
| 27 | - if (isset($_REQUEST['logid'])) { // Ocprop |
|
| 27 | + if (isset($_REQUEST['logid'])) { |
|
| 28 | +// Ocprop |
|
| 28 | 29 | $log_id = $_REQUEST['logid']; |
| 29 | 30 | } |
| 30 | 31 | |
@@ -273,7 +274,8 @@ discard block |
||
| 273 | 274 | } |
| 274 | 275 | |
| 275 | 276 | //store? |
| 276 | - if ($date_ok && $logtype_ok && $pw_ok && isset($_POST['submitform'])) { // Ocprop |
|
| 277 | + if ($date_ok && $logtype_ok && $pw_ok && isset($_POST['submitform'])) { |
|
| 278 | +// Ocprop |
|
| 277 | 279 | // 00:00:01 = "00:00 was logged" |
| 278 | 280 | // 00:00:00 = "no time was logged" |
| 279 | 281 | if ("$log_time_hour$log_time_minute" != "" && |
@@ -24,14 +24,16 @@ discard block |
||
| 24 | 24 | |
| 25 | 25 | // check login |
| 26 | 26 | $login->verify(); |
| 27 | -if ($login->userid == 0) |
|
| 27 | +if ($login->userid == 0) { |
|
| 28 | 28 | $tpl->redirect_login(); |
| 29 | +} |
|
| 29 | 30 | |
| 30 | 31 | // get cache_id if not given |
| 31 | 32 | $cacheId = 0; |
| 32 | 33 | if (isset($_REQUEST['wp'])) { |
| 33 | 34 | $cacheId = cache::cacheIdFromWP($_REQUEST['wp']); |
| 34 | -} elseif (isset($_REQUEST['cacheid'])) { // Ocprop |
|
| 35 | +} elseif (isset($_REQUEST['cacheid'])) { |
|
| 36 | +// Ocprop |
|
| 35 | 37 | $cacheId = $_REQUEST['cacheid']; |
| 36 | 38 | } |
| 37 | 39 | |
@@ -216,7 +218,8 @@ discard block |
||
| 216 | 218 | $validate['duplicateLog'] = true; |
| 217 | 219 | |
| 218 | 220 | // all checks done, no error => log |
| 219 | - if (isset($_POST['submitform']) && $loggable) // Ocprop |
|
| 221 | + if (isset($_POST['submitform']) && $loggable) { |
|
| 222 | + // Ocprop |
|
| 220 | 223 | { |
| 221 | 224 | /* |
| 222 | 225 | * check if time is logged |
@@ -226,6 +229,7 @@ discard block |
||
| 226 | 229 | $logTimeSecond = ($logTimeHour . $logTimeMinute != "" |
| 227 | 230 | && $logTimeHour == 0 |
| 228 | 231 | && $logTimeMinute == 0) + 0; |
| 232 | + } |
|
| 229 | 233 | |
| 230 | 234 | // make time values database ready |
| 231 | 235 | $logDate = date( |
@@ -1,9 +1,10 @@ |
||
| 1 | 1 | <?php |
| 2 | - if (isset($_REQUEST['lang'])) |
|
| 3 | - $lang = $_REQUEST['lang']; |
|
| 4 | - else |
|
| 5 | - $lang = 'de'; |
|
| 6 | -?> |
|
| 2 | + if (isset($_REQUEST['lang'])) { |
|
| 3 | + $lang = $_REQUEST['lang']; |
|
| 4 | + } else { |
|
| 5 | + $lang = 'de'; |
|
| 6 | + } |
|
| 7 | + ?> |
|
| 7 | 8 | |
| 8 | 9 | tinyMCE_GZ.init({ |
| 9 | 10 | plugins : 'advhr,contextmenu,emotions,insertdatetime,paste,table', |
@@ -145,10 +145,11 @@ discard block |
||
| 145 | 145 | <td><strong>{t}Language:{/t} </strong></td> |
| 146 | 146 | <td> |
| 147 | 147 | <?php |
| 148 | - foreach ($opt['template']['locales'] AS $k => $lang) |
|
| 149 | - if ($lang['show'] == true) |
|
| 148 | + foreach ($opt['template']['locales'] AS $k => $lang) { |
|
| 149 | + if ($lang['show'] == true) |
|
| 150 | 150 | echo '<a style="text-decoration: none;" href="index.php?locale=' . $k . '"><img src="' . $lang['flag'] . '" alt="' . $lang['name'] . '" title="' . $lang['name'] . '" width="24px" height="18px" /></a> '; |
| 151 | -?> |
|
| 151 | + } |
|
| 152 | + ?> |
|
| 152 | 153 | </td> |
| 153 | 154 | <td> <strong>{t}Country:{/t} </strong></td> |
| 154 | 155 | <td> |
@@ -157,10 +158,8 @@ discard block |
||
| 157 | 158 | global $tpl_usercountries; |
| 158 | 159 | $nLastGroup = 0; |
| 159 | 160 | $maxUserCountries = count($tpl_usercountries); |
| 160 | - for ($i = 0; $i < $maxUserCountries; $i++) |
|
| 161 | - { |
|
| 162 | - if ($nLastGroup != $tpl_usercountries[$i]['group']) |
|
| 163 | - { |
|
| 161 | + for ($i = 0; $i < $maxUserCountries; $i++) { |
|
| 162 | + if ($nLastGroup != $tpl_usercountries[$i]['group']) { |
|
| 164 | 163 | echo '<option disabled="disabled">'; |
| 165 | 164 | if ($tpl_usercountries[$i]['group'] == 1) { |
| 166 | 165 | echo '- ' . t('This OC node') . ' -'; |
@@ -205,11 +204,12 @@ discard block |
||
| 205 | 204 | <ul> |
| 206 | 205 | <?php |
| 207 | 206 | // $pageidx is -1 e.g. when calling newcache.php as logged-off-user (-> login.tpl.php) |
| 208 | - if ($pageidx >= 0) |
|
| 209 | - mnu_EchoMainMenu($menu[$pageidx]['siteid']); |
|
| 210 | - else |
|
| 211 | - mnu_EchoMainMenu(-1); |
|
| 212 | -?> |
|
| 207 | + if ($pageidx >= 0) { |
|
| 208 | + mnu_EchoMainMenu($menu[$pageidx]['siteid']); |
|
| 209 | + } else { |
|
| 210 | + mnu_EchoMainMenu(-1); |
|
| 211 | + } |
|
| 212 | + ?> |
|
| 213 | 213 | </ul> |
| 214 | 214 | </div> |
| 215 | 215 | |
@@ -228,8 +228,7 @@ discard block |
||
| 228 | 228 | <div class="nav3"> |
| 229 | 229 | <?php |
| 230 | 230 | //SubNavigation |
| 231 | - if (isset($menu[$pageidx]['submenu'])) |
|
| 232 | - { |
|
| 231 | + if (isset($menu[$pageidx]['submenu'])) { |
|
| 233 | 232 | ?> |
| 234 | 233 | <ul> |
| 235 | 234 | <li class="title">{t}Main menu{/t}</li> |
@@ -257,8 +256,7 @@ discard block |
||
| 257 | 256 | |
| 258 | 257 | <!-- Paypalbutton --> |
| 259 | 258 | <?php |
| 260 | - if (isset($opt['page']['showdonations']) && $opt['page']['showdonations']) |
|
| 261 | - { |
|
| 259 | + if (isset($opt['page']['showdonations']) && $opt['page']['showdonations']) { |
|
| 262 | 260 | ?> |
| 263 | 261 | <p class="sidebar-maintitle">{t}Donations{/t}</p> |
| 264 | 262 | <div style="margin-top:16px;width:100%;text-align:center;"> |
@@ -273,8 +271,7 @@ discard block |
||
| 273 | 271 | |
| 274 | 272 | <!-- Social Media --> |
| 275 | 273 | <?php |
| 276 | - if (isset($opt['page']['showsocialmedia']) && $opt['page']['showsocialmedia']) |
|
| 277 | - { |
|
| 274 | + if (isset($opt['page']['showsocialmedia']) && $opt['page']['showsocialmedia']) { |
|
| 278 | 275 | ?> |
| 279 | 276 | <p class="sidebar-maintitle">{t}Social media{/t}</p> |
| 280 | 277 | <div style="margin-top: 10px; margin-bottom: 14px; margin-left: auto; margin-right: auto; text-align: center"> |
@@ -423,7 +423,8 @@ |
||
| 423 | 423 | { |
| 424 | 424 | global $menu; |
| 425 | 425 | |
| 426 | - if ($mainmenuindex >= 0) { // is -1 e.g. when calling newcache.php as logged-off-user (-> login.tpl.php) |
|
| 426 | + if ($mainmenuindex >= 0) { |
|
| 427 | +// is -1 e.g. when calling newcache.php as logged-off-user (-> login.tpl.php) |
|
| 427 | 428 | echo htmlspecialchars(t($menu[$mainmenuindex]['menustring']), ENT_COMPAT, 'UTF-8'); |
| 428 | 429 | |
| 429 | 430 | if (isset($menu[$mainmenuindex]['submenu']) && ($menu[$mainmenuindex]['siteid'] != $pageid)) { |
@@ -34,10 +34,12 @@ discard block |
||
| 34 | 34 | |
| 35 | 35 | $uuid = isset($_REQUEST['uuid']) ? $_REQUEST['uuid'] : 0; |
| 36 | 36 | |
| 37 | -if ($action == 'add') { // Ocprop |
|
| 37 | +if ($action == 'add') { |
|
| 38 | +// Ocprop |
|
| 38 | 39 | $picture = new picture(); |
| 39 | 40 | |
| 40 | - if (isset($_REQUEST['cacheuuid'])) { // Ocprop |
|
| 41 | + if (isset($_REQUEST['cacheuuid'])) { |
|
| 42 | +// Ocprop |
|
| 41 | 43 | $cache = cache::fromUUID($_REQUEST['cacheuuid']); |
| 42 | 44 | if ($cache === null) { |
| 43 | 45 | $tpl->error(ERROR_CACHE_NOT_EXISTS); |
@@ -51,7 +53,8 @@ discard block |
||
| 51 | 53 | $picture->setObjectType(OBJECT_CACHE); |
| 52 | 54 | |
| 53 | 55 | $cache = null; |
| 54 | - } elseif (isset($_REQUEST['loguuid'])) {// Ocprop |
|
| 56 | + } elseif (isset($_REQUEST['loguuid'])) { |
|
| 57 | +// Ocprop |
|
| 55 | 58 | $cachelog = cachelog::fromUUID($_REQUEST['loguuid']); |
| 56 | 59 | if ($cachelog === null) { |
| 57 | 60 | $tpl->error(ERROR_CACHELOG_NOT_EXISTS); |
@@ -72,7 +75,8 @@ discard block |
||
| 72 | 75 | } |
| 73 | 76 | |
| 74 | 77 | // uploaded file ok? |
| 75 | - if (isset($_REQUEST['ok'])) { // Ocprop |
|
| 78 | + if (isset($_REQUEST['ok'])) { |
|
| 79 | +// Ocprop |
|
| 76 | 80 | $bError = false; |
| 77 | 81 | |
| 78 | 82 | $picture->setSpoiler(isset($_REQUEST['spoiler']) && $_REQUEST['spoiler'] == '1'); // Ocprop |
@@ -92,7 +96,8 @@ discard block |
||
| 92 | 96 | $tpl->redirect($picture->getPageLink()); |
| 93 | 97 | } |
| 94 | 98 | |
| 95 | - if (!isset($_FILES['file'])) { // Ocprop |
|
| 99 | + if (!isset($_FILES['file'])) { |
|
| 100 | +// Ocprop |
|
| 96 | 101 | $tpl->assign('errorfile', ERROR_UPLOAD_ERR_NO_FILE); |
| 97 | 102 | $bError = true; |
| 98 | 103 | } elseif ($_FILES['file']['error'] == UPLOAD_ERR_NO_FILE) { |
@@ -47,19 +47,26 @@ discard block |
||
| 47 | 47 | */ |
| 48 | 48 | |
| 49 | 49 | /** Base exception type for all exceptions thrown by this module. */ |
| 50 | -abstract class OAuthException extends Exception {} |
|
| 50 | +abstract class OAuthException extends Exception |
|
| 51 | +{ |
|
| 52 | +} |
|
| 51 | 53 | |
| 52 | 54 | # All OAuthExceptions fall back into these two categories: |
| 53 | 55 | |
| 54 | 56 | /** OAuth client errors. */ |
| 55 | -class OAuthClientException extends OAuthException {} |
|
| 57 | +class OAuthClientException extends OAuthException |
|
| 58 | +{ |
|
| 59 | +} |
|
| 56 | 60 | /** OAuth server errors. */ |
| 57 | -abstract class OAuthServerException extends OAuthException { |
|
| 61 | +abstract class OAuthServerException extends OAuthException |
|
| 62 | +{ |
|
| 58 | 63 | abstract public function getHttpStatusCode(); |
| 59 | - protected function provideExtras(&$extras) { |
|
| 64 | + protected function provideExtras(&$extras) |
|
| 65 | + { |
|
| 60 | 66 | $extras['reason_stack'][] = 'invalid_oauth_request'; |
| 61 | 67 | } |
| 62 | - public function getOkapiJSON() { |
|
| 68 | + public function getOkapiJSON() |
|
| 69 | + { |
|
| 63 | 70 | $extras = array( |
| 64 | 71 | 'developer_message' => $this->getMessage(), |
| 65 | 72 | 'reason_stack' => array(), |
@@ -73,77 +80,102 @@ discard block |
||
| 73 | 80 | # More subclasses of server exceptions. |
| 74 | 81 | |
| 75 | 82 | /** OAuth server errors which should result in HTTP 400 response. */ |
| 76 | -abstract class OAuthServer400Exception extends OAuthServerException { |
|
| 77 | - protected function provideExtras(&$extras) { |
|
| 83 | +abstract class OAuthServer400Exception extends OAuthServerException |
|
| 84 | +{ |
|
| 85 | + protected function provideExtras(&$extras) |
|
| 86 | + { |
|
| 78 | 87 | parent::provideExtras($extras); |
| 79 | 88 | $extras['status'] = 400; |
| 80 | 89 | } |
| 81 | - public function getHttpStatusCode() { return 400; } |
|
| 90 | + public function getHttpStatusCode() |
|
| 91 | + { |
|
| 92 | +return 400; } |
|
| 82 | 93 | } |
| 83 | 94 | /** OAuth server errors which should result in HTTP 401 response. */ |
| 84 | -abstract class OAuthServer401Exception extends OAuthServerException { |
|
| 85 | - protected function provideExtras(&$extras) { |
|
| 95 | +abstract class OAuthServer401Exception extends OAuthServerException |
|
| 96 | +{ |
|
| 97 | + protected function provideExtras(&$extras) |
|
| 98 | + { |
|
| 86 | 99 | parent::provideExtras($extras); |
| 87 | 100 | $extras['status'] = 401; |
| 88 | 101 | } |
| 89 | - public function getHttpStatusCode() { return 401; } |
|
| 102 | + public function getHttpStatusCode() |
|
| 103 | + { |
|
| 104 | +return 401; } |
|
| 90 | 105 | } |
| 91 | 106 | |
| 92 | 107 | /** Client asked for an unsupported OAuth version (not 1.0). */ |
| 93 | -class OAuthVersionNotSupportedException extends OAuthServer400Exception { |
|
| 94 | - protected function provideExtras(&$extras) { |
|
| 108 | +class OAuthVersionNotSupportedException extends OAuthServer400Exception |
|
| 109 | +{ |
|
| 110 | + protected function provideExtras(&$extras) |
|
| 111 | + { |
|
| 95 | 112 | parent::provideExtras($extras); |
| 96 | 113 | $extras['reason_stack'][] = 'unsupported_oauth_version'; |
| 97 | 114 | } |
| 98 | 115 | } |
| 99 | 116 | /** Client didn't provide one of the key OAuth parameters. */ |
| 100 | -class OAuthMissingParameterException extends OAuthServer400Exception { |
|
| 117 | +class OAuthMissingParameterException extends OAuthServer400Exception |
|
| 118 | +{ |
|
| 101 | 119 | protected $param_name; |
| 102 | - protected function provideExtras(&$extras) { |
|
| 120 | + protected function provideExtras(&$extras) |
|
| 121 | + { |
|
| 103 | 122 | parent::provideExtras($extras); |
| 104 | 123 | $extras['reason_stack'][] = 'missing_parameter'; |
| 105 | 124 | $extras['parameter'] = $this->param_name; |
| 106 | 125 | } |
| 107 | - public function __construct($param_name) { |
|
| 126 | + public function __construct($param_name) |
|
| 127 | + { |
|
| 108 | 128 | parent::__construct("Missing '$param_name' parameter. This parameter is required."); |
| 109 | 129 | $this->param_name = $param_name; |
| 110 | 130 | } |
| 111 | - public function getParamName() { return $this->param_name; } |
|
| 131 | + public function getParamName() |
|
| 132 | + { |
|
| 133 | +return $this->param_name; } |
|
| 112 | 134 | } |
| 113 | 135 | /** Client used unsupported signature method. */ |
| 114 | -class OAuthUnsupportedSignatureMethodException extends OAuthServer400Exception { |
|
| 115 | - protected function provideExtras(&$extras) { |
|
| 136 | +class OAuthUnsupportedSignatureMethodException extends OAuthServer400Exception |
|
| 137 | +{ |
|
| 138 | + protected function provideExtras(&$extras) |
|
| 139 | + { |
|
| 116 | 140 | parent::provideExtras($extras); |
| 117 | 141 | $extras['reason_stack'][] = 'unsupported_signature_method'; |
| 118 | 142 | } |
| 119 | 143 | } |
| 120 | 144 | /** Client provided invalid Consumer Key. */ |
| 121 | -class OAuthInvalidConsumerException extends OAuthServer401Exception { |
|
| 122 | - protected function provideExtras(&$extras) { |
|
| 145 | +class OAuthInvalidConsumerException extends OAuthServer401Exception |
|
| 146 | +{ |
|
| 147 | + protected function provideExtras(&$extras) |
|
| 148 | + { |
|
| 123 | 149 | parent::provideExtras($extras); |
| 124 | 150 | $extras['reason_stack'][] = 'invalid_consumer'; |
| 125 | 151 | } |
| 126 | 152 | } |
| 127 | 153 | /** Client provider invalid token (either Request Token or Access Token). */ |
| 128 | -class OAuthInvalidTokenException extends OAuthServer401Exception { |
|
| 129 | - protected function provideExtras(&$extras) { |
|
| 154 | +class OAuthInvalidTokenException extends OAuthServer401Exception |
|
| 155 | +{ |
|
| 156 | + protected function provideExtras(&$extras) |
|
| 157 | + { |
|
| 130 | 158 | parent::provideExtras($extras); |
| 131 | 159 | $extras['reason_stack'][] = 'invalid_token'; |
| 132 | 160 | } |
| 133 | 161 | } |
| 134 | 162 | /** Client's signature was invalid. */ |
| 135 | -class OAuthInvalidSignatureException extends OAuthServer401Exception { |
|
| 136 | - protected function provideExtras(&$extras) { |
|
| 163 | +class OAuthInvalidSignatureException extends OAuthServer401Exception |
|
| 164 | +{ |
|
| 165 | + protected function provideExtras(&$extras) |
|
| 166 | + { |
|
| 137 | 167 | parent::provideExtras($extras); |
| 138 | 168 | $extras['reason_stack'][] = 'invalid_signature'; |
| 139 | 169 | } |
| 140 | 170 | } |
| 141 | 171 | /** Client used expired timestamp (or timestamp too far in future). */ |
| 142 | -class OAuthExpiredTimestampException extends OAuthServer400Exception { |
|
| 172 | +class OAuthExpiredTimestampException extends OAuthServer400Exception |
|
| 173 | +{ |
|
| 143 | 174 | protected $usersTimestamp; |
| 144 | 175 | protected $ourTimestamp; |
| 145 | 176 | protected $threshold; |
| 146 | - protected function provideExtras(&$extras) { |
|
| 177 | + protected function provideExtras(&$extras) |
|
| 178 | + { |
|
| 147 | 179 | parent::provideExtras($extras); |
| 148 | 180 | $extras['reason_stack'][] = 'invalid_timestamp'; |
| 149 | 181 | $extras['yours'] = $this->usersTimestamp; |
@@ -151,39 +183,50 @@ discard block |
||
| 151 | 183 | $extras['difference'] = $this->ourTimestamp - $this->usersTimestamp; |
| 152 | 184 | $extras['threshold'] = $this->threshold; |
| 153 | 185 | } |
| 154 | - public function __construct($users, $ours, $threshold) { |
|
| 186 | + public function __construct($users, $ours, $threshold) |
|
| 187 | + { |
|
| 155 | 188 | $this->usersTimestamp = $users; |
| 156 | 189 | $this->ourTimestamp = $ours; |
| 157 | 190 | $this->threshold = $threshold; |
| 158 | 191 | parent::__construct("Expired timestamp, yours $this->usersTimestamp, ours $this->ourTimestamp (threshold $this->threshold)."); |
| 159 | 192 | } |
| 160 | - public function getUsersTimestamp() { return $this->usersTimestamp; } |
|
| 161 | - public function getOurTimestamp() { return $this->ourTimestamp; } |
|
| 193 | + public function getUsersTimestamp() |
|
| 194 | + { |
|
| 195 | +return $this->usersTimestamp; } |
|
| 196 | + public function getOurTimestamp() |
|
| 197 | + { |
|
| 198 | +return $this->ourTimestamp; } |
|
| 162 | 199 | } |
| 163 | 200 | /** Client used the same nonce for the second time. */ |
| 164 | -class OAuthNonceAlreadyUsedException extends OAuthServer400Exception { |
|
| 165 | - protected function provideExtras(&$extras) { |
|
| 201 | +class OAuthNonceAlreadyUsedException extends OAuthServer400Exception |
|
| 202 | +{ |
|
| 203 | + protected function provideExtras(&$extras) |
|
| 204 | + { |
|
| 166 | 205 | parent::provideExtras($extras); |
| 167 | 206 | $extras['reason_stack'][] = 'nonce_already_used'; |
| 168 | 207 | } |
| 169 | 208 | } |
| 170 | 209 | |
| 171 | -class OAuthConsumer { |
|
| 210 | +class OAuthConsumer |
|
| 211 | +{ |
|
| 172 | 212 | public $key; |
| 173 | 213 | public $secret; |
| 174 | 214 | |
| 175 | - function __construct($key, $secret, $callback_url=NULL) { |
|
| 215 | + function __construct($key, $secret, $callback_url=NULL) |
|
| 216 | + { |
|
| 176 | 217 | $this->key = $key; |
| 177 | 218 | $this->secret = $secret; |
| 178 | 219 | $this->callback_url = $callback_url; |
| 179 | 220 | } |
| 180 | 221 | |
| 181 | - function __toString() { |
|
| 222 | + function __toString() |
|
| 223 | + { |
|
| 182 | 224 | return "OAuthConsumer[key=$this->key,secret=$this->secret]"; |
| 183 | 225 | } |
| 184 | 226 | } |
| 185 | 227 | |
| 186 | -class OAuthToken { |
|
| 228 | +class OAuthToken |
|
| 229 | +{ |
|
| 187 | 230 | // access tokens and request tokens |
| 188 | 231 | public $key; |
| 189 | 232 | public $secret; |
@@ -192,7 +235,8 @@ discard block |
||
| 192 | 235 | * key = the token |
| 193 | 236 | * secret = the token secret |
| 194 | 237 | */ |
| 195 | - function __construct($key, $secret) { |
|
| 238 | + function __construct($key, $secret) |
|
| 239 | + { |
|
| 196 | 240 | $this->key = $key; |
| 197 | 241 | $this->secret = $secret; |
| 198 | 242 | } |
@@ -201,14 +245,16 @@ discard block |
||
| 201 | 245 | * generates the basic string serialization of a token that a server |
| 202 | 246 | * would respond to request_token and access_token calls with |
| 203 | 247 | */ |
| 204 | - function to_string() { |
|
| 248 | + function to_string() |
|
| 249 | + { |
|
| 205 | 250 | return "oauth_token=" . |
| 206 | 251 | OAuthUtil::urlencode_rfc3986($this->key) . |
| 207 | 252 | "&oauth_token_secret=" . |
| 208 | 253 | OAuthUtil::urlencode_rfc3986($this->secret); |
| 209 | 254 | } |
| 210 | 255 | |
| 211 | - function __toString() { |
|
| 256 | + function __toString() |
|
| 257 | + { |
|
| 212 | 258 | return $this->to_string(); |
| 213 | 259 | } |
| 214 | 260 | } |
@@ -217,7 +263,8 @@ discard block |
||
| 217 | 263 | * A class for implementing a Signature Method |
| 218 | 264 | * See section 9 ("Signing Requests") in the spec |
| 219 | 265 | */ |
| 220 | -abstract class OAuthSignatureMethod { |
|
| 266 | +abstract class OAuthSignatureMethod |
|
| 267 | +{ |
|
| 221 | 268 | /** |
| 222 | 269 | * Needs to return the name of the Signature Method (ie HMAC-SHA1) |
| 223 | 270 | * @return string |
@@ -244,7 +291,8 @@ discard block |
||
| 244 | 291 | * @param string $signature |
| 245 | 292 | * @return bool |
| 246 | 293 | */ |
| 247 | - public function check_signature($request, $consumer, $token, $signature) { |
|
| 294 | + public function check_signature($request, $consumer, $token, $signature) |
|
| 295 | + { |
|
| 248 | 296 | $built = $this->build_signature($request, $consumer, $token); |
| 249 | 297 | |
| 250 | 298 | // Check for zero length, although unlikely here |
@@ -273,12 +321,15 @@ discard block |
||
| 273 | 321 | * character (ASCII code 38) even if empty. |
| 274 | 322 | * - Chapter 9.2 ("HMAC-SHA1") |
| 275 | 323 | */ |
| 276 | -class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod { |
|
| 277 | - function get_name() { |
|
| 324 | +class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod |
|
| 325 | +{ |
|
| 326 | + function get_name() |
|
| 327 | + { |
|
| 278 | 328 | return "HMAC-SHA1"; |
| 279 | 329 | } |
| 280 | 330 | |
| 281 | - public function build_signature($request, $consumer, $token) { |
|
| 331 | + public function build_signature($request, $consumer, $token) |
|
| 332 | + { |
|
| 282 | 333 | $base_string = $request->get_signature_base_string(); |
| 283 | 334 | $request->base_string = $base_string; |
| 284 | 335 | |
@@ -299,8 +350,10 @@ discard block |
||
| 299 | 350 | * over a secure channel such as HTTPS. It does not use the Signature Base String. |
| 300 | 351 | * - Chapter 9.4 ("PLAINTEXT") |
| 301 | 352 | */ |
| 302 | -class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod { |
|
| 303 | - public function get_name() { |
|
| 353 | +class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod |
|
| 354 | +{ |
|
| 355 | + public function get_name() |
|
| 356 | + { |
|
| 304 | 357 | return "PLAINTEXT"; |
| 305 | 358 | } |
| 306 | 359 | |
@@ -313,7 +366,8 @@ discard block |
||
| 313 | 366 | * Please note that the second encoding MUST NOT happen in the SignatureMethod, as |
| 314 | 367 | * OAuthRequest handles this! |
| 315 | 368 | */ |
| 316 | - public function build_signature($request, $consumer, $token) { |
|
| 369 | + public function build_signature($request, $consumer, $token) |
|
| 370 | + { |
|
| 317 | 371 | $key_parts = array( |
| 318 | 372 | $consumer->secret, |
| 319 | 373 | ($token) ? $token->secret : "" |
@@ -335,8 +389,10 @@ discard block |
||
| 335 | 389 | * specification. |
| 336 | 390 | * - Chapter 9.3 ("RSA-SHA1") |
| 337 | 391 | */ |
| 338 | -abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod { |
|
| 339 | - public function get_name() { |
|
| 392 | +abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod |
|
| 393 | +{ |
|
| 394 | + public function get_name() |
|
| 395 | + { |
|
| 340 | 396 | return "RSA-SHA1"; |
| 341 | 397 | } |
| 342 | 398 | |
@@ -354,7 +410,8 @@ discard block |
||
| 354 | 410 | // Either way should return a string representation of the certificate |
| 355 | 411 | protected abstract function fetch_private_cert(&$request); |
| 356 | 412 | |
| 357 | - public function build_signature($request, $consumer, $token) { |
|
| 413 | + public function build_signature($request, $consumer, $token) |
|
| 414 | + { |
|
| 358 | 415 | $base_string = $request->get_signature_base_string(); |
| 359 | 416 | $request->base_string = $base_string; |
| 360 | 417 | |
@@ -373,7 +430,8 @@ discard block |
||
| 373 | 430 | return base64_encode($signature); |
| 374 | 431 | } |
| 375 | 432 | |
| 376 | - public function check_signature($request, $consumer, $token, $signature) { |
|
| 433 | + public function check_signature($request, $consumer, $token, $signature) |
|
| 434 | + { |
|
| 377 | 435 | $decoded_sig = base64_decode($signature); |
| 378 | 436 | |
| 379 | 437 | $base_string = $request->get_signature_base_string(); |
@@ -394,7 +452,8 @@ discard block |
||
| 394 | 452 | } |
| 395 | 453 | } |
| 396 | 454 | |
| 397 | -class OAuthRequest { |
|
| 455 | +class OAuthRequest |
|
| 456 | +{ |
|
| 398 | 457 | protected $parameters; |
| 399 | 458 | protected $http_method; |
| 400 | 459 | protected $http_url; |
@@ -403,7 +462,8 @@ discard block |
||
| 403 | 462 | public static $version = '1.0'; |
| 404 | 463 | public static $POST_INPUT = 'php://input'; |
| 405 | 464 | |
| 406 | - function __construct($http_method, $http_url, $parameters=NULL) { |
|
| 465 | + function __construct($http_method, $http_url, $parameters=NULL) |
|
| 466 | + { |
|
| 407 | 467 | $parameters = ($parameters) ? $parameters : array(); |
| 408 | 468 | $parameters = array_merge( OAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters); |
| 409 | 469 | $this->parameters = $parameters; |
@@ -415,7 +475,8 @@ discard block |
||
| 415 | 475 | /** |
| 416 | 476 | * attempt to build up a request from what was passed to the server |
| 417 | 477 | */ |
| 418 | - public static function from_request($http_method=NULL, $http_url=NULL, $parameters=NULL) { |
|
| 478 | + public static function from_request($http_method=NULL, $http_url=NULL, $parameters=NULL) |
|
| 479 | + { |
|
| 419 | 480 | $scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") |
| 420 | 481 | ? 'http' |
| 421 | 482 | : 'https'; |
@@ -467,21 +528,24 @@ discard block |
||
| 467 | 528 | /** |
| 468 | 529 | * pretty much a helper function to set up the request |
| 469 | 530 | */ |
| 470 | - public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) { |
|
| 531 | + public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) |
|
| 532 | + { |
|
| 471 | 533 | $parameters = ($parameters) ? $parameters : array(); |
| 472 | 534 | $defaults = array("oauth_version" => OAuthRequest::$version, |
| 473 | 535 | "oauth_nonce" => OAuthRequest::generate_nonce(), |
| 474 | 536 | "oauth_timestamp" => OAuthRequest::generate_timestamp(), |
| 475 | 537 | "oauth_consumer_key" => $consumer->key); |
| 476 | - if ($token) |
|
| 477 | - $defaults['oauth_token'] = $token->key; |
|
| 538 | + if ($token) { |
|
| 539 | + $defaults['oauth_token'] = $token->key; |
|
| 540 | + } |
|
| 478 | 541 | |
| 479 | 542 | $parameters = array_merge($defaults, $parameters); |
| 480 | 543 | |
| 481 | 544 | return new OAuthRequest($http_method, $http_url, $parameters); |
| 482 | 545 | } |
| 483 | 546 | |
| 484 | - public function set_parameter($name, $value, $allow_duplicates = true) { |
|
| 547 | + public function set_parameter($name, $value, $allow_duplicates = true) |
|
| 548 | + { |
|
| 485 | 549 | if ($allow_duplicates && isset($this->parameters[$name])) { |
| 486 | 550 | // We have already added parameter(s) with this name, so add to the list |
| 487 | 551 | if (is_scalar($this->parameters[$name])) { |
@@ -496,15 +560,18 @@ discard block |
||
| 496 | 560 | } |
| 497 | 561 | } |
| 498 | 562 | |
| 499 | - public function get_parameter($name) { |
|
| 563 | + public function get_parameter($name) |
|
| 564 | + { |
|
| 500 | 565 | return isset($this->parameters[$name]) ? $this->parameters[$name] : null; |
| 501 | 566 | } |
| 502 | 567 | |
| 503 | - public function get_parameters() { |
|
| 568 | + public function get_parameters() |
|
| 569 | + { |
|
| 504 | 570 | return $this->parameters; |
| 505 | 571 | } |
| 506 | 572 | |
| 507 | - public function unset_parameter($name) { |
|
| 573 | + public function unset_parameter($name) |
|
| 574 | + { |
|
| 508 | 575 | unset($this->parameters[$name]); |
| 509 | 576 | } |
| 510 | 577 | |
@@ -512,7 +579,8 @@ discard block |
||
| 512 | 579 | * The request parameters, sorted and concatenated into a normalized string. |
| 513 | 580 | * @return string |
| 514 | 581 | */ |
| 515 | - public function get_signable_parameters() { |
|
| 582 | + public function get_signable_parameters() |
|
| 583 | + { |
|
| 516 | 584 | // Grab all parameters |
| 517 | 585 | $params = $this->parameters; |
| 518 | 586 | |
@@ -532,7 +600,8 @@ discard block |
||
| 532 | 600 | * and the parameters (normalized), each urlencoded |
| 533 | 601 | * and the concated with &. |
| 534 | 602 | */ |
| 535 | - public function get_signature_base_string() { |
|
| 603 | + public function get_signature_base_string() |
|
| 604 | + { |
|
| 536 | 605 | $parts = array( |
| 537 | 606 | $this->get_normalized_http_method(), |
| 538 | 607 | $this->get_normalized_http_url(), |
@@ -547,7 +616,8 @@ discard block |
||
| 547 | 616 | /** |
| 548 | 617 | * just uppercases the http method |
| 549 | 618 | */ |
| 550 | - public function get_normalized_http_method() { |
|
| 619 | + public function get_normalized_http_method() |
|
| 620 | + { |
|
| 551 | 621 | return strtoupper($this->http_method); |
| 552 | 622 | } |
| 553 | 623 | |
@@ -555,7 +625,8 @@ discard block |
||
| 555 | 625 | * parses the url and rebuilds it to be |
| 556 | 626 | * scheme://host/path |
| 557 | 627 | */ |
| 558 | - public function get_normalized_http_url() { |
|
| 628 | + public function get_normalized_http_url() |
|
| 629 | + { |
|
| 559 | 630 | $parts = parse_url($this->http_url); |
| 560 | 631 | |
| 561 | 632 | $scheme = (isset($parts['scheme'])) ? $parts['scheme'] : 'http'; |
@@ -573,7 +644,8 @@ discard block |
||
| 573 | 644 | /** |
| 574 | 645 | * builds a url usable for a GET request |
| 575 | 646 | */ |
| 576 | - public function to_url() { |
|
| 647 | + public function to_url() |
|
| 648 | + { |
|
| 577 | 649 | $post_data = $this->to_postdata(); |
| 578 | 650 | $out = $this->get_normalized_http_url(); |
| 579 | 651 | if ($post_data) { |
@@ -585,24 +657,29 @@ discard block |
||
| 585 | 657 | /** |
| 586 | 658 | * builds the data one would send in a POST request |
| 587 | 659 | */ |
| 588 | - public function to_postdata() { |
|
| 660 | + public function to_postdata() |
|
| 661 | + { |
|
| 589 | 662 | return OAuthUtil::build_http_query($this->parameters); |
| 590 | 663 | } |
| 591 | 664 | |
| 592 | 665 | /** |
| 593 | 666 | * builds the Authorization: header |
| 594 | 667 | */ |
| 595 | - public function to_header($realm=null) { |
|
| 668 | + public function to_header($realm=null) |
|
| 669 | + { |
|
| 596 | 670 | $first = true; |
| 597 | 671 | if($realm) { |
| 598 | 672 | $out = 'Authorization: OAuth realm="' . OAuthUtil::urlencode_rfc3986($realm) . '"'; |
| 599 | 673 | $first = false; |
| 600 | - } else |
|
| 601 | - $out = 'Authorization: OAuth'; |
|
| 674 | + } else { |
|
| 675 | + $out = 'Authorization: OAuth'; |
|
| 676 | + } |
|
| 602 | 677 | |
| 603 | 678 | $total = array(); |
| 604 | 679 | foreach ($this->parameters as $k => $v) { |
| 605 | - if (substr($k, 0, 5) != "oauth") continue; |
|
| 680 | + if (substr($k, 0, 5) != "oauth") { |
|
| 681 | + continue; |
|
| 682 | + } |
|
| 606 | 683 | if (is_array($v)) { |
| 607 | 684 | throw new OAuthClientException('Arrays not supported in headers.'); |
| 608 | 685 | } |
@@ -616,12 +693,14 @@ discard block |
||
| 616 | 693 | return $out; |
| 617 | 694 | } |
| 618 | 695 | |
| 619 | - public function __toString() { |
|
| 696 | + public function __toString() |
|
| 697 | + { |
|
| 620 | 698 | return $this->to_url(); |
| 621 | 699 | } |
| 622 | 700 | |
| 623 | 701 | |
| 624 | - public function sign_request($signature_method, $consumer, $token) { |
|
| 702 | + public function sign_request($signature_method, $consumer, $token) |
|
| 703 | + { |
|
| 625 | 704 | $this->set_parameter( |
| 626 | 705 | "oauth_signature_method", |
| 627 | 706 | $signature_method->get_name(), |
@@ -631,7 +710,8 @@ discard block |
||
| 631 | 710 | $this->set_parameter("oauth_signature", $signature, false); |
| 632 | 711 | } |
| 633 | 712 | |
| 634 | - public function build_signature($signature_method, $consumer, $token) { |
|
| 713 | + public function build_signature($signature_method, $consumer, $token) |
|
| 714 | + { |
|
| 635 | 715 | $signature = $signature_method->build_signature($this, $consumer, $token); |
| 636 | 716 | return $signature; |
| 637 | 717 | } |
@@ -639,14 +719,16 @@ discard block |
||
| 639 | 719 | /** |
| 640 | 720 | * util function: current timestamp |
| 641 | 721 | */ |
| 642 | - private static function generate_timestamp() { |
|
| 722 | + private static function generate_timestamp() |
|
| 723 | + { |
|
| 643 | 724 | return time(); |
| 644 | 725 | } |
| 645 | 726 | |
| 646 | 727 | /** |
| 647 | 728 | * util function: current nonce |
| 648 | 729 | */ |
| 649 | - private static function generate_nonce() { |
|
| 730 | + private static function generate_nonce() |
|
| 731 | + { |
|
| 650 | 732 | $mt = microtime(); |
| 651 | 733 | $rand = mt_rand(); |
| 652 | 734 | |
@@ -654,18 +736,21 @@ discard block |
||
| 654 | 736 | } |
| 655 | 737 | } |
| 656 | 738 | |
| 657 | -class OAuthServer { |
|
| 739 | +class OAuthServer |
|
| 740 | +{ |
|
| 658 | 741 | protected $timestamp_threshold = 300; // in seconds, five minutes |
| 659 | 742 | protected $version = '1.0'; // hi blaine |
| 660 | 743 | protected $signature_methods = array(); |
| 661 | 744 | |
| 662 | 745 | protected $data_store; |
| 663 | 746 | |
| 664 | - function __construct($data_store) { |
|
| 747 | + function __construct($data_store) |
|
| 748 | + { |
|
| 665 | 749 | $this->data_store = $data_store; |
| 666 | 750 | } |
| 667 | 751 | |
| 668 | - public function add_signature_method($signature_method) { |
|
| 752 | + public function add_signature_method($signature_method) |
|
| 753 | + { |
|
| 669 | 754 | $this->signature_methods[$signature_method->get_name()] = |
| 670 | 755 | $signature_method; |
| 671 | 756 | } |
@@ -676,7 +761,8 @@ discard block |
||
| 676 | 761 | * process a request_token request |
| 677 | 762 | * returns the request token on success |
| 678 | 763 | */ |
| 679 | - public function fetch_request_token(&$request) { |
|
| 764 | + public function fetch_request_token(&$request) |
|
| 765 | + { |
|
| 680 | 766 | $this->get_version($request); |
| 681 | 767 | |
| 682 | 768 | $consumer = $this->get_consumer($request); |
@@ -697,7 +783,8 @@ discard block |
||
| 697 | 783 | * process an access_token request |
| 698 | 784 | * returns the access token on success |
| 699 | 785 | */ |
| 700 | - public function fetch_access_token(&$request) { |
|
| 786 | + public function fetch_access_token(&$request) |
|
| 787 | + { |
|
| 701 | 788 | $this->get_version($request); |
| 702 | 789 | |
| 703 | 790 | $consumer = $this->get_consumer($request); |
@@ -717,7 +804,8 @@ discard block |
||
| 717 | 804 | /** |
| 718 | 805 | * verify an api call, checks all the parameters |
| 719 | 806 | */ |
| 720 | - public function verify_request(&$request) { |
|
| 807 | + public function verify_request(&$request) |
|
| 808 | + { |
|
| 721 | 809 | $this->get_version($request); |
| 722 | 810 | $consumer = $this->get_consumer($request); |
| 723 | 811 | $token = $this->get_token($request, $consumer, "access"); |
@@ -729,7 +817,8 @@ discard block |
||
| 729 | 817 | /** |
| 730 | 818 | * version 1 |
| 731 | 819 | */ |
| 732 | - protected function get_version(&$request) { |
|
| 820 | + protected function get_version(&$request) |
|
| 821 | + { |
|
| 733 | 822 | $version = $request->get_parameter("oauth_version"); |
| 734 | 823 | if (!$version) { |
| 735 | 824 | // Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present. |
@@ -745,7 +834,8 @@ discard block |
||
| 745 | 834 | /** |
| 746 | 835 | * figure out the signature with some defaults |
| 747 | 836 | */ |
| 748 | - private function get_signature_method($request) { |
|
| 837 | + private function get_signature_method($request) |
|
| 838 | + { |
|
| 749 | 839 | $signature_method = $request instanceof OAuthRequest |
| 750 | 840 | ? $request->get_parameter("oauth_signature_method") |
| 751 | 841 | : NULL; |
@@ -770,7 +860,8 @@ discard block |
||
| 770 | 860 | /** |
| 771 | 861 | * try to find the consumer for the provided request's consumer key |
| 772 | 862 | */ |
| 773 | - protected function get_consumer($request) { |
|
| 863 | + protected function get_consumer($request) |
|
| 864 | + { |
|
| 774 | 865 | $consumer_key = $request instanceof OAuthRequest |
| 775 | 866 | ? $request->get_parameter("oauth_consumer_key") |
| 776 | 867 | : NULL; |
@@ -790,7 +881,8 @@ discard block |
||
| 790 | 881 | /** |
| 791 | 882 | * try to find the token for the provided request's token key |
| 792 | 883 | */ |
| 793 | - protected function get_token($request, $consumer, $token_type="access") { |
|
| 884 | + protected function get_token($request, $consumer, $token_type="access") |
|
| 885 | + { |
|
| 794 | 886 | $token_field = $request instanceof OAuthRequest |
| 795 | 887 | ? $request->get_parameter('oauth_token') |
| 796 | 888 | : NULL; |
@@ -810,7 +902,8 @@ discard block |
||
| 810 | 902 | * all-in-one function to check the signature on a request |
| 811 | 903 | * should guess the signature method appropriately |
| 812 | 904 | */ |
| 813 | - protected function check_signature($request, $consumer, $token) { |
|
| 905 | + protected function check_signature($request, $consumer, $token) |
|
| 906 | + { |
|
| 814 | 907 | // this should probably be in a different method |
| 815 | 908 | $timestamp = $request instanceof OAuthRequest |
| 816 | 909 | ? $request->get_parameter('oauth_timestamp') |
@@ -840,9 +933,11 @@ discard block |
||
| 840 | 933 | /** |
| 841 | 934 | * check that the timestamp is new enough |
| 842 | 935 | */ |
| 843 | - private function check_timestamp($timestamp) { |
|
| 844 | - if( ! $timestamp ) |
|
| 845 | - throw new OAuthMissingParameterException('oauth_timestamp'); |
|
| 936 | + private function check_timestamp($timestamp) |
|
| 937 | + { |
|
| 938 | + if( ! $timestamp ) { |
|
| 939 | + throw new OAuthMissingParameterException('oauth_timestamp'); |
|
| 940 | + } |
|
| 846 | 941 | |
| 847 | 942 | // Cast to integer. See issue #314. |
| 848 | 943 | $timestamp = $timestamp + 0; |
@@ -858,9 +953,11 @@ discard block |
||
| 858 | 953 | /** |
| 859 | 954 | * check that the nonce is not repeated |
| 860 | 955 | */ |
| 861 | - private function check_nonce($consumer, $token, $nonce, $timestamp) { |
|
| 862 | - if( ! $nonce ) |
|
| 863 | - throw new OAuthMissingParameterException('oauth_nonce'); |
|
| 956 | + private function check_nonce($consumer, $token, $nonce, $timestamp) |
|
| 957 | + { |
|
| 958 | + if( ! $nonce ) { |
|
| 959 | + throw new OAuthMissingParameterException('oauth_nonce'); |
|
| 960 | + } |
|
| 864 | 961 | |
| 865 | 962 | // verify that the nonce is uniqueish |
| 866 | 963 | $found = $this->data_store->lookup_nonce( |
@@ -876,24 +973,30 @@ discard block |
||
| 876 | 973 | |
| 877 | 974 | } |
| 878 | 975 | |
| 879 | -class OAuthDataStore { |
|
| 880 | - function lookup_consumer($consumer_key) { |
|
| 976 | +class OAuthDataStore |
|
| 977 | +{ |
|
| 978 | + function lookup_consumer($consumer_key) |
|
| 979 | + { |
|
| 881 | 980 | // implement me |
| 882 | 981 | } |
| 883 | 982 | |
| 884 | - function lookup_token($consumer, $token_type, $token) { |
|
| 983 | + function lookup_token($consumer, $token_type, $token) |
|
| 984 | + { |
|
| 885 | 985 | // implement me |
| 886 | 986 | } |
| 887 | 987 | |
| 888 | - function lookup_nonce($consumer, $token, $nonce, $timestamp) { |
|
| 988 | + function lookup_nonce($consumer, $token, $nonce, $timestamp) |
|
| 989 | + { |
|
| 889 | 990 | // implement me |
| 890 | 991 | } |
| 891 | 992 | |
| 892 | - function new_request_token($consumer, $callback = null) { |
|
| 993 | + function new_request_token($consumer, $callback = null) |
|
| 994 | + { |
|
| 893 | 995 | // return a new token attached to this consumer |
| 894 | 996 | } |
| 895 | 997 | |
| 896 | - function new_access_token($token, $consumer, $verifier = null) { |
|
| 998 | + function new_access_token($token, $consumer, $verifier = null) |
|
| 999 | + { |
|
| 897 | 1000 | // return a new access token attached to this consumer |
| 898 | 1001 | // for the user associated with this token if the request token |
| 899 | 1002 | // is authorized |
@@ -902,8 +1005,10 @@ discard block |
||
| 902 | 1005 | |
| 903 | 1006 | } |
| 904 | 1007 | |
| 905 | -class OAuthUtil { |
|
| 906 | - public static function urlencode_rfc3986($input) { |
|
| 1008 | +class OAuthUtil |
|
| 1009 | +{ |
|
| 1010 | + public static function urlencode_rfc3986($input) |
|
| 1011 | + { |
|
| 907 | 1012 | if (is_array($input)) { |
| 908 | 1013 | return array_map(array('\okapi\oauth\OAuthUtil', 'urlencode_rfc3986'), $input); |
| 909 | 1014 | } else if (is_scalar($input)) { |
@@ -921,7 +1026,8 @@ discard block |
||
| 921 | 1026 | // This decode function isn't taking into consideration the above |
| 922 | 1027 | // modifications to the encoding process. However, this method doesn't |
| 923 | 1028 | // seem to be used anywhere so leaving it as is. |
| 924 | - public static function urldecode_rfc3986($string) { |
|
| 1029 | + public static function urldecode_rfc3986($string) |
|
| 1030 | + { |
|
| 925 | 1031 | return urldecode($string); |
| 926 | 1032 | } |
| 927 | 1033 | |
@@ -930,7 +1036,8 @@ discard block |
||
| 930 | 1036 | // Can filter out any non-oauth parameters if needed (default behaviour) |
| 931 | 1037 | // May 28th, 2010 - method updated to tjerk.meesters for a speed improvement. |
| 932 | 1038 | // see http://code.google.com/p/oauth/issues/detail?id=163 |
| 933 | - public static function split_header($header, $only_allow_oauth_parameters = true) { |
|
| 1039 | + public static function split_header($header, $only_allow_oauth_parameters = true) |
|
| 1040 | + { |
|
| 934 | 1041 | $params = array(); |
| 935 | 1042 | if (preg_match_all('/('.($only_allow_oauth_parameters ? 'oauth_' : '').'[a-z_-]*)=(:?"([^"]*)"|([^,]*))/', $header, $matches)) { |
| 936 | 1043 | foreach ($matches[1] as $i => $h) { |
@@ -944,7 +1051,8 @@ discard block |
||
| 944 | 1051 | } |
| 945 | 1052 | |
| 946 | 1053 | // helper to try to sort out headers for people who aren't running apache |
| 947 | - public static function get_headers() { |
|
| 1054 | + public static function get_headers() |
|
| 1055 | + { |
|
| 948 | 1056 | if (function_exists('apache_request_headers')) { |
| 949 | 1057 | // we need this to get the actual Authorization: header |
| 950 | 1058 | // because apache tends to tell us it doesn't exist |
@@ -967,10 +1075,12 @@ discard block |
||
| 967 | 1075 | // otherwise we don't have apache and are just going to have to hope |
| 968 | 1076 | // that $_SERVER actually contains what we need |
| 969 | 1077 | $out = array(); |
| 970 | - if( isset($_SERVER['CONTENT_TYPE']) ) |
|
| 971 | - $out['Content-Type'] = $_SERVER['CONTENT_TYPE']; |
|
| 972 | - if( isset($_ENV['CONTENT_TYPE']) ) |
|
| 973 | - $out['Content-Type'] = $_ENV['CONTENT_TYPE']; |
|
| 1078 | + if( isset($_SERVER['CONTENT_TYPE']) ) { |
|
| 1079 | + $out['Content-Type'] = $_SERVER['CONTENT_TYPE']; |
|
| 1080 | + } |
|
| 1081 | + if( isset($_ENV['CONTENT_TYPE']) ) { |
|
| 1082 | + $out['Content-Type'] = $_ENV['CONTENT_TYPE']; |
|
| 1083 | + } |
|
| 974 | 1084 | |
| 975 | 1085 | foreach ($_SERVER as $key => $value) { |
| 976 | 1086 | if (substr($key, 0, 5) == "HTTP_") { |
@@ -992,8 +1102,11 @@ discard block |
||
| 992 | 1102 | // This function takes a input like a=b&a=c&d=e and returns the parsed |
| 993 | 1103 | // parameters like this |
| 994 | 1104 | // array('a' => array('b','c'), 'd' => 'e') |
| 995 | - public static function parse_parameters( $input ) { |
|
| 996 | - if (!isset($input) || !$input) return array(); |
|
| 1105 | + public static function parse_parameters( $input ) |
|
| 1106 | + { |
|
| 1107 | + if (!isset($input) || !$input) { |
|
| 1108 | + return array(); |
|
| 1109 | + } |
|
| 997 | 1110 | |
| 998 | 1111 | $pairs = explode('&', $input); |
| 999 | 1112 | |
@@ -1021,8 +1134,11 @@ discard block |
||
| 1021 | 1134 | return $parsed_parameters; |
| 1022 | 1135 | } |
| 1023 | 1136 | |
| 1024 | - public static function build_http_query($params) { |
|
| 1025 | - if (!$params) return ''; |
|
| 1137 | + public static function build_http_query($params) |
|
| 1138 | + { |
|
| 1139 | + if (!$params) { |
|
| 1140 | + return ''; |
|
| 1141 | + } |
|
| 1026 | 1142 | |
| 1027 | 1143 | // Urlencode both keys and values |
| 1028 | 1144 | $keys = OAuthUtil::urlencode_rfc3986(array_keys($params)); |
@@ -13,8 +13,9 @@ discard block |
||
| 13 | 13 | from okapi_consumers |
| 14 | 14 | where `key` = '".Db::escape_string($consumer_key)."' |
| 15 | 15 | "); |
| 16 | - if (!$row) |
|
| 17 | - return null; |
|
| 16 | + if (!$row) { |
|
| 17 | + return null; |
|
| 18 | + } |
|
| 18 | 19 | return new OkapiConsumer($row['key'], $row['secret'], $row['name'], |
| 19 | 20 | $row['url'], $row['email'], $row['bflags']); |
| 20 | 21 | } |
@@ -29,10 +30,10 @@ discard block |
||
| 29 | 30 | and token_type = '".Db::escape_string($token_type)."' |
| 30 | 31 | and `key` = '".Db::escape_string($token)."' |
| 31 | 32 | "); |
| 32 | - if (!$row) |
|
| 33 | - return null; |
|
| 34 | - switch ($row['token_type']) |
|
| 35 | - { |
|
| 33 | + if (!$row) { |
|
| 34 | + return null; |
|
| 35 | + } |
|
| 36 | + switch ($row['token_type']) { |
|
| 36 | 37 | case 'request': |
| 37 | 38 | return new OkapiRequestToken($row['key'], $row['secret'], |
| 38 | 39 | $row['consumer_key'], $row['callback'], $row['user_id'], |
@@ -57,8 +58,7 @@ discard block |
||
| 57 | 58 | $timestamp, |
| 58 | 59 | $nonce |
| 59 | 60 | ))); |
| 60 | - try |
|
| 61 | - { |
|
| 61 | + try { |
|
| 62 | 62 | # Time timestamp is saved separately, because we are periodically |
| 63 | 63 | # removing older nonces from the database (see cronjobs). |
| 64 | 64 | |
@@ -71,9 +71,7 @@ discard block |
||
| 71 | 71 | ); |
| 72 | 72 | "); |
| 73 | 73 | return null; |
| 74 | - } |
|
| 75 | - catch (\Exception $e) |
|
| 76 | - { |
|
| 74 | + } catch (\Exception $e) { |
|
| 77 | 75 | # INSERT failed. This nonce was already used. |
| 78 | 76 | |
| 79 | 77 | return $nonce; |
@@ -83,9 +81,8 @@ discard block |
||
| 83 | 81 | public function new_request_token($consumer, $callback = null) |
| 84 | 82 | { |
| 85 | 83 | if ((preg_match("#^[a-z][a-z0-9_.-]*://#", $callback) > 0) || |
| 86 | - $callback == "oob") |
|
| 87 | - { /* ok */ } |
|
| 88 | - else { throw new BadRequest("oauth_callback should begin with lower case <scheme>://, or should equal 'oob'."); } |
|
| 84 | + $callback == "oob") { |
|
| 85 | +/* ok */ } else { throw new BadRequest("oauth_callback should begin with lower case <scheme>://, or should equal 'oob'."); } |
|
| 89 | 86 | $token = new OkapiRequestToken(Okapi::generate_key(20), Okapi::generate_key(40), |
| 90 | 87 | $consumer->key, $callback, null, Okapi::generate_key(8, true)); |
| 91 | 88 | Db::execute(" |
@@ -111,12 +108,15 @@ discard block |
||
| 111 | 108 | |
| 112 | 109 | public function new_access_token($token, $consumer, $verifier = null) |
| 113 | 110 | { |
| 114 | - if ($token->consumer_key != $consumer->key) |
|
| 115 | - throw new BadRequest("Request Token given is not associated with the Consumer who signed the request."); |
|
| 116 | - if (!$token->authorized_by_user_id) |
|
| 117 | - throw new BadRequest("Request Token given has not been authorized."); |
|
| 118 | - if ($token->verifier != $verifier) |
|
| 119 | - throw new BadRequest("Invalid verifier."); |
|
| 111 | + if ($token->consumer_key != $consumer->key) { |
|
| 112 | + throw new BadRequest("Request Token given is not associated with the Consumer who signed the request."); |
|
| 113 | + } |
|
| 114 | + if (!$token->authorized_by_user_id) { |
|
| 115 | + throw new BadRequest("Request Token given has not been authorized."); |
|
| 116 | + } |
|
| 117 | + if ($token->verifier != $verifier) { |
|
| 118 | + throw new BadRequest("Invalid verifier."); |
|
| 119 | + } |
|
| 120 | 120 | |
| 121 | 121 | # Invalidate the Request Token. |
| 122 | 122 | |
@@ -138,15 +138,12 @@ discard block |
||
| 138 | 138 | and user_id = '".Db::escape_string($token->authorized_by_user_id)."' |
| 139 | 139 | and consumer_key = '".Db::escape_string($consumer->key)."' |
| 140 | 140 | "); |
| 141 | - if ($row) |
|
| 142 | - { |
|
| 141 | + if ($row) { |
|
| 143 | 142 | # Use existing Access Token |
| 144 | 143 | |
| 145 | 144 | $access_token = new OkapiAccessToken($row['key'], $row['secret'], |
| 146 | 145 | $consumer->key, $token->authorized_by_user_id); |
| 147 | - } |
|
| 148 | - else |
|
| 149 | - { |
|
| 146 | + } else { |
|
| 150 | 147 | # Generate a new Access Token. |
| 151 | 148 | |
| 152 | 149 | $access_token = new OkapiAccessToken(Okapi::generate_key(20), Okapi::generate_key(40), |
@@ -71,15 +71,14 @@ discard block |
||
| 71 | 71 | /** Get method options (is consumer required etc.). */ |
| 72 | 72 | public static function options($service_name) |
| 73 | 73 | { |
| 74 | - if (!self::exists($service_name)) |
|
| 75 | - throw new Exception(); |
|
| 74 | + if (!self::exists($service_name)) { |
|
| 75 | + throw new Exception(); |
|
| 76 | + } |
|
| 76 | 77 | require_once($GLOBALS['rootpath']."okapi/$service_name.php"); |
| 77 | - try |
|
| 78 | - { |
|
| 78 | + try { |
|
| 79 | 79 | return call_user_func(array('\\okapi\\'. |
| 80 | 80 | str_replace('/', '\\', $service_name).'\\WebService', 'options')); |
| 81 | - } catch (Exception $e) |
|
| 82 | - { |
|
| 81 | + } catch (Exception $e) { |
|
| 83 | 82 | throw new Exception("Make sure you've declared your WebService class ". |
| 84 | 83 | "in an valid namespace (".'okapi\\'.str_replace('/', '\\', $service_name)."); ". |
| 85 | 84 | $e->getMessage()); |
@@ -92,8 +91,9 @@ discard block |
||
| 92 | 91 | */ |
| 93 | 92 | public static function docs($service_name) |
| 94 | 93 | { |
| 95 | - if (!self::exists($service_name)) |
|
| 96 | - throw new Exception(); |
|
| 94 | + if (!self::exists($service_name)) { |
|
| 95 | + throw new Exception(); |
|
| 96 | + } |
|
| 97 | 97 | try { |
| 98 | 98 | return file_get_contents("$service_name.xml", true); |
| 99 | 99 | } catch (Exception $e) { |
@@ -114,31 +114,28 @@ discard block |
||
| 114 | 114 | { |
| 115 | 115 | Okapi::init_internals(); |
| 116 | 116 | |
| 117 | - if (!self::exists($service_name)) |
|
| 118 | - throw new Exception("Method does not exist: '$service_name'"); |
|
| 117 | + if (!self::exists($service_name)) { |
|
| 118 | + throw new Exception("Method does not exist: '$service_name'"); |
|
| 119 | + } |
|
| 119 | 120 | |
| 120 | 121 | $options = self::options($service_name); |
| 121 | - if ($options['min_auth_level'] >= 2 && $request->consumer == null) |
|
| 122 | - { |
|
| 122 | + if ($options['min_auth_level'] >= 2 && $request->consumer == null) { |
|
| 123 | 123 | throw new Exception("Method '$service_name' called with mismatched OkapiRequest: ". |
| 124 | 124 | "\$request->consumer MAY NOT be empty for Level 2 and Level 3 methods. Provide ". |
| 125 | 125 | "a dummy Consumer if you have to."); |
| 126 | 126 | } |
| 127 | - if ($options['min_auth_level'] >= 3 && $request->token == null) |
|
| 128 | - { |
|
| 127 | + if ($options['min_auth_level'] >= 3 && $request->token == null) { |
|
| 129 | 128 | throw new Exception("Method '$service_name' called with mismatched OkapiRequest: ". |
| 130 | 129 | "\$request->token MAY NOT be empty for Level 3 methods."); |
| 131 | 130 | } |
| 132 | 131 | |
| 133 | 132 | $time_started = microtime(true); |
| 134 | 133 | Okapi::gettext_domain_init(); |
| 135 | - try |
|
| 136 | - { |
|
| 134 | + try { |
|
| 137 | 135 | require_once($GLOBALS['rootpath']."okapi/$service_name.php"); |
| 138 | 136 | $response = call_user_func(array('\\okapi\\'. |
| 139 | 137 | str_replace('/', '\\', $service_name).'\\WebService', 'call'), $request); |
| 140 | - if ($options['min_auth_level'] >= 3 && $request->token->token_type == "access") |
|
| 141 | - { |
|
| 138 | + if ($options['min_auth_level'] >= 3 && $request->token->token_type == "access") { |
|
| 142 | 139 | Db::execute(" |
| 143 | 140 | update user set last_login=now() |
| 144 | 141 | where user_id='".Db::escape_string($request->token->user_id)."' |
@@ -178,18 +175,21 @@ discard block |
||
| 178 | 175 | if ($request !== null) { |
| 179 | 176 | $consumer_key = ($request->consumer != null) ? $request->consumer->key : 'anonymous'; |
| 180 | 177 | $user_id = (($request->token != null) && ($request->token instanceof OkapiAccessToken)) ? $request->token->user_id : -1; |
| 181 | - if ($request->is_http_request() && ($service_name[0] == 's')) # 's' for "services/", we don't want "extra/" included |
|
| 178 | + if ($request->is_http_request() && ($service_name[0] == 's')) { |
|
| 179 | + # 's' for "services/", we don't want "extra/" included |
|
| 182 | 180 | $calltype = 'http'; |
| 183 | - else |
|
| 184 | - $calltype = 'internal'; |
|
| 181 | + } else { |
|
| 182 | + $calltype = 'internal'; |
|
| 183 | + } |
|
| 185 | 184 | } else { |
| 186 | 185 | $consumer_key = 'internal'; |
| 187 | 186 | $user_id = -1; |
| 188 | 187 | $calltype = 'internal'; |
| 189 | 188 | } |
| 190 | 189 | |
| 191 | - if (Settings::get('OC_BRANCH') == 'oc.de' && $user_id != -1) |
|
| 192 | - $user_id = 0; |
|
| 190 | + if (Settings::get('OC_BRANCH') == 'oc.de' && $user_id != -1) { |
|
| 191 | + $user_id = 0; |
|
| 192 | + } |
|
| 193 | 193 | |
| 194 | 194 | Db::execute(" |
| 195 | 195 | insert into okapi_stats_temp (`datetime`, consumer_key, user_id, service_name, calltype, runtime) |
