From f9b3a277d343bfba1fa48a135bbfebf406598d1a Mon Sep 17 00:00:00 2001
From: shammash <shammash@autistici.org>
Date: Mon, 10 Oct 2011 21:43:28 +0200
Subject: [PATCH] updated flattr to 0.9.25.4.1
---
wp-content/plugins/flattr/callback.php | 9 +-
wp-content/plugins/flattr/flattr.php | 44 +-
wp-content/plugins/flattr/flattr5.php | 214 ++-
.../plugins/flattr/img/bg-boxlinks-green.png | Bin 0 -> 2876 bytes
.../plugins/flattr/oAuth/flattr_rest.php | 54 +-
wp-content/plugins/flattr/oAuth/oauth.php | 1537 +++++++++--------
wp-content/plugins/flattr/readme.txt | 42 +-
wp-content/plugins/flattr/redirect.php | 134 +-
.../plugins/flattr/settings-template.php | 194 ++-
wp-content/plugins/flattr/settings.php | 42 +-
wp-content/plugins/flattr/tabber.css | 9 +-
.../plugins/flattr/user-settings-template.php | 152 ++
wp-content/plugins/flattr/user-settings.php | 2 +
13 files changed, 1395 insertions(+), 1038 deletions(-)
create mode 100644 wp-content/plugins/flattr/img/bg-boxlinks-green.png
create mode 100644 wp-content/plugins/flattr/user-settings-template.php
create mode 100644 wp-content/plugins/flattr/user-settings.php
diff --git a/wp-content/plugins/flattr/callback.php b/wp-content/plugins/flattr/callback.php
index bc53dbe59..93856176b 100644
--- a/wp-content/plugins/flattr/callback.php
+++ b/wp-content/plugins/flattr/callback.php
@@ -1,6 +1,6 @@
<?php
-if ( isset ($_REQUEST['oauth_token']) && isset ($_REQUEST['oauth_verifier'])) {
+if ( isset ($_REQUEST['oauth_token']) && isset ($_REQUEST['oauth_verifier']) && isset($_REQUEST['page']) && ($_REQUEST['page']=="flattr/settings.php")) {
if (session_id() == '') { session_start(); }
@@ -20,6 +20,13 @@ if ( isset ($_REQUEST['oauth_token']) && isset ($_REQUEST['oauth_verifier'])) {
add_option('flattrss_api_oauth_token_secret', $access_token['oauth_token_secret']);
update_option('flattrss_api_oauth_token_secret', $access_token['oauth_token_secret']);
+
+ require_once( ABSPATH . WPINC . '/registration.php');
+ $user_id = get_current_user_id( );
+
+ update_user_meta( $user_id, "user_flattrss_api_oauth_token", $access_token['oauth_token'] );
+ update_user_meta( $user_id, "user_flattrss_api_oauth_token_secret", $access_token['oauth_token_secret'] );
+
} else {
wp_die("<h1>Callback Error.</h1><p>Please clear browser cach and cookies, then try again. Sorry for the inconvenience.</p><p align='right'>Michael Henke</p>");
}
diff --git a/wp-content/plugins/flattr/flattr.php b/wp-content/plugins/flattr/flattr.php
index e6d64b772..2c466e50e 100644
--- a/wp-content/plugins/flattr/flattr.php
+++ b/wp-content/plugins/flattr/flattr.php
@@ -2,13 +2,11 @@
/**
* @package Flattr
* @author Michael Henke
- * @version 0.9.22.2
- */
-/*
+ * @version 0.9.25.4.1
Plugin Name: Flattr
Plugin URI: http://wordpress.org/extend/plugins/flattr/
Description: Give your readers the opportunity to Flattr your effort
-Version: 0.9.22.2
+Version: 0.9.25.4.1
Author: Michael Henke
Author URI: http://allesblog.de/
License: This code is (un)licensed under the kopimi (copyme) non-license; http://www.kopimi.com. In other words you are free to copy it, taunt it, share it, fork it or whatever. :)
@@ -22,4 +20,40 @@ if (version_compare(PHP_VERSION, '5.0.0', '<'))
else
{
require_once( WP_PLUGIN_DIR . '/' . plugin_basename( dirname(__FILE__) ) . '/flattr5.php');
-}
+
+ $flattr_check = array();
+
+ if (isset ($_POST['flattr_warn_ignore'])) {
+ update_option('flattr_warn_ignore_version', Flattr::VERSION);
+ }
+
+ if (version_compare(get_option('flattr_warn_ignore_version'), Flattr::VERSION, '!=')) {
+ $flattr_check['DOMDocument'] = class_exists('DOMDocument');
+ $flattr_check['cURL'] = function_exists('curl_init');
+ $flattr_check['libxml'] = defined('LIBXML_VERSION');
+
+ if (in_array(FALSE, $flattr_check)) {
+ add_action( 'admin_notices','flattrCheckAdminNotice' );
+ }
+ }
+
+ function flattrCheckAdminNotice() {
+
+ global $flattr_check;
+ echo '<div id="message" class="error">';
+ echo '<div style="float:right"><form method="post">'.
+ '<input type="submit" class="button" name="flattr_warn_ignore" value="Ignore"/>'.
+ '</form></div>';
+ if (!$flattr_check['DOMDocument']) {
+ echo '<p><strong>Warning:</strong> You need <a href="http://php.net/manual/en/dom.installation.php" target="_blank">DOM support</a> enabled for Flattr Plugin to work properly.</p>';
+ }
+ if (!$flattr_check['cURL']) {
+ echo '<p><strong>Warning:</strong> You need <a href="http://php.net/manual/en/curl.installation.php" target="_blank">cURL support</a> enabled for Flattr Plugin to work properly.</p>';
+ }
+ if (!$flattr_check['libxml']) {
+ echo '<p><strong>Warning:</strong> You need <a href="http://de.php.net/manual/en/libxml.installation.php" target="_blank">libXML support</a> enabled for Flattr Plugin to work properly.</p>';
+ }
+
+ echo '</div>';
+ }
+}
\ No newline at end of file
diff --git a/wp-content/plugins/flattr/flattr5.php b/wp-content/plugins/flattr/flattr5.php
index dc6d34096..f641f3b29 100644
--- a/wp-content/plugins/flattr/flattr5.php
+++ b/wp-content/plugins/flattr/flattr5.php
@@ -4,8 +4,8 @@ if (session_id() == '') { session_start(); }
class Flattr
{
- const VERSION = '0.9.22';
- const WP_MIN_VER = '2.9';
+ const VERSION = '0.9.25.4';
+ const WP_MIN_VER = '3.0';
const API_SCRIPT = 'api.flattr.com/js/0.6/load.js?mode=auto';
/** @var array */
@@ -31,17 +31,20 @@ class Flattr
}
$this->init();
- }
- if (( get_option('flattr_aut_page', 'off') == 'on' || get_option('flattr_aut', 'off') == 'on' ) && !in_array( 'live-blogging/live-blogging.php' , get_option('active_plugins') ))
- {
- remove_filter('get_the_excerpt', 'wp_trim_excerpt');
-
- add_filter('the_content', array($this, 'injectIntoTheContent'),11);
- add_filter('get_the_excerpt', array($this, 'filterGetExcerpt'), 1);
- if ( get_option('flattr_override_sharethis', 'false') == 'true' ) {
- add_action('plugins_loaded', array($this, 'overrideShareThis'));
- }
- }
+ } else {
+
+ if (( get_option('flattr_aut_page', 'off') == 'on' || get_option('flattr_aut', 'off') == 'on' ) && !in_array( 'live-blogging/live-blogging.php' , get_option('active_plugins') ))
+ {
+ if (get_option('flattr_handles_exerpt')==1) {
+ remove_filter('get_the_excerpt', 'wp_trim_excerpt');
+ add_filter('get_the_excerpt', array($this, 'filterGetExcerpt'), 1);
+ }
+ if ( get_option('flattr_override_sharethis', 'false') == 'true' ) {
+ add_action('plugins_loaded', array($this, 'overrideShareThis'));
+ }
+ add_filter('the_content', array($this, 'injectIntoTheContent'), 32767);
+ }
+ }
wp_enqueue_script('flattrscript', ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] ? 'https://' : 'http://' ) . self::API_SCRIPT, array(), '0.6', true);
}
@@ -112,21 +115,24 @@ class Flattr
return '';
}
- $flattr_uid = get_option('flattr_uid');
- if (!$flattr_uid) {
+ if (get_option('user_based_flattr_buttons_since_time')< strtotime(get_the_time("c",$post)))
+ $flattr_uid = (get_option('user_based_flattr_buttons')&& get_user_meta(get_the_author_meta('ID'), "user_flattr_uid", true)!="")? get_user_meta(get_the_author_meta('ID'), "user_flattr_uid", true): get_option('flattr_uid');
+ else
+ $flattr_uid = get_option('flattr_uid');
+ if (!$flattr_uid) {
return '';
}
$selectedLanguage = get_post_meta($post->ID, '_flattr_post_language', true);
if (empty($selectedLanguage))
{
- $selectedLanguage = get_option('flattr_lng');
+ $selectedLanguage = (get_option('user_based_flattr_buttons')&& get_user_meta(get_the_author_meta('ID'), "user_flattr_lng", true)!="")? get_user_meta(get_the_author_meta('ID'), "user_flattr_lng", true): get_option('flattr_lng');
}
$selectedCategory = get_post_meta($post->ID, '_flattr_post_category', true);
if (empty($selectedCategory))
{
- $selectedCategory = get_option('flattr_cat');
+ $selectedCategory = (get_option('user_based_flattr_buttons')&& get_user_meta(get_the_author_meta('ID'), "user_flattr_cat", true)!="")? get_user_meta(get_the_author_meta('ID'), "user_flattr_cat", true): get_option('flattr_cat');
}
$hidden = get_post_meta($post->ID, '_flattr_post_hidden', true);
@@ -151,7 +157,18 @@ class Flattr
if (isset($buttonData['user_id'], $buttonData['url'], $buttonData['language'], $buttonData['category']))
{
- return $this->getButtonCode($buttonData);
+ $retval;
+ switch (get_option(flattr_button_style)) {
+ case "text":
+ $retval = '<a href="'. static_flattr_url($post).'" title="Flattr" target="_blank">Flattr this!</a>';
+ break;
+ case "image":
+ $retval = '<a href="'. static_flattr_url($post).'" title="Flattr" target="_blank"><img src="'. FLATTRSS_PLUGIN_PATH .'/img/flattr-badge-large.png" alt="flattr this!"/></a>';
+ break;
+ default:
+ $retval = $this->getButtonCode($buttonData);;
+ }
+ return $retval;
}
}
@@ -192,7 +209,7 @@ class Flattr
$params['url'],
addslashes($params['title']),
$rev,
- $params['body']
+ addslashes($params['body'])
);
}
@@ -340,7 +357,8 @@ Flattr::getInstance();
*/
function get_the_flattr_permalink()
{
- return Flattr::getInstance()->getButton(true);
+
+ return Flattr::getInstance()->getButton(true);
}
/**
@@ -383,34 +401,49 @@ function tabber_stylesheet() {
add_option('flattrss_clicktrack_enabled', true);
add_option('flattrss_error_reporting', true);
add_option('flattrss_autosubmit', true);
+ add_option('flattrss_button_enabled', true);
add_option('flattr_post_types', array('post','page'));
+ add_option('flattr_handles_exerpt', true);
+ add_option('flattr_button_style','js');
+
+function static_flattr_url($post) {
+ $id = $post->ID;
+ $md5 = md5($post->post_title);
+
+ return (get_bloginfo('wpurl') .'/?flattrss_redirect&id='.$id.'&md5='.$md5);
+}
function flattr_post2rss($content) {
global $post;
$flattr = "";
- $flattr_post_types = get_option('flattr_post_types');
- if (is_feed() && in_array(get_post_type(), $flattr_post_types)) {
- $id = $post->ID;
- $md5 = md5($post->post_title);
- $permalink = urlencode(get_permalink( $id ));
+ if (get_post_meta($post->ID, '_flattr_btn_disabled', false)) {
+
+ $flattr_post_types = get_option('flattr_post_types');
- $flattr.= ' <p><a href="'. get_bloginfo('wpurl') .'/?flattrss_redirect&id='.$id.'&md5='.$md5.'" title="Flattr" target="_blank"><img src="'. FLATTRSS_PLUGIN_PATH .'/img/flattr-badge-large.png" alt="flattr this!"/></a></p>';
+ if (is_feed() && in_array(get_post_type(), $flattr_post_types)) {
+ $flattr.= ' <p><a href="'. static_flattr_url($post).'" title="Flattr" target="_blank"><img src="'. FLATTRSS_PLUGIN_PATH .'/img/flattr-badge-large.png" alt="flattr this!"/></a></p>';
+ }
+
}
return ($content.$flattr);
}
-if(function_exists('curl_init')) {
+if(function_exists('curl_init') && get_option('flattrss_button_enabled')) {
add_filter('the_content_feed', 'flattr_post2rss',999999);
}
+
+$call_n = 0; # Do not delete! It will break autosubmit.
function new_flattrss_autosubmit_action () {
global $call_n;
+ $call_n += 1;
+
$post = $_POST;
- if (((get_option('flattr_hide') == false) && $post['post_status'] == "publish") && ($post['original_post_status'] != "publish" && (strtotime($post['post_date_gmt']) - strtotime(gmdate("Y-m-d H:i:s")) <= 0)) && ($call_n == 1)) {
+ if (($post['post_status'] == "publish") && (get_post_meta($post['ID'], "flattrss_autosubmited", true)=="") && ($call_n == 2) && (get_the_time('U') <= time())) {
$e = error_reporting();
error_reporting(E_ERROR);
@@ -419,7 +452,7 @@ function new_flattrss_autosubmit_action () {
$tagsA = get_the_tags($post['ID']);
$tags = "";
- if ($tagsA) {
+ if (!empty($tagsA)) {
foreach ($tagsA as $tag) {
if (strlen($tags)!=0){
$tags .=",";
@@ -429,7 +462,7 @@ function new_flattrss_autosubmit_action () {
}
if (trim($tags) == "") {
- $tags .= "blog";
+ $tags = "blog";
}
$category = "text";
@@ -487,9 +520,16 @@ function new_flattrss_autosubmit_action () {
$api_key = get_option('flattrss_api_key');
$api_secret = get_option('flattrss_api_secret');
+
$oauth_token = get_option('flattrss_api_oauth_token');
$oauth_token_secret = get_option('flattrss_api_oauth_token_secret');
+ if (get_option('user_based_flattr_buttons_since_time')< strtotime(get_the_time("c",$post))) {
+ $user_id = get_current_user_id();
+ $oauth_token = (get_user_meta( $user_id, "user_flattrss_api_oauth_token",true)!="")?get_user_meta( $user_id, "user_flattrss_api_oauth_token",true):get_option('flattrss_api_oauth_token');
+ $oauth_token_secret = (get_user_meta( $user_id, "user_flattrss_api_oauth_token_secret",true))?get_user_meta( $user_id, "user_flattrss_api_oauth_token_secret",true):get_option('flattrss_api_oauth_token_secret');
+ }
+
if (!class_exists('Flattr_Rest')) {
include 'oAuth/flattr_rest.php';
}
@@ -510,19 +550,19 @@ function new_flattrss_autosubmit_action () {
}
}
- #print_r(array($url, encode($title), $category, encode($content), $tags, $language));
+ $server = $_SERVER["SERVER_NAME"];
+ $server = preg_split("/:/", $server);
+ $server = $server[0];
- $flattr_user->submitThing($url, encode($title), $category, encode($content), $tags, $language, get_option('flattr_hide'));
+ $hidden = (get_option('flattr_hide', true) || get_post_meta($post->ID, '_flattr_post_hidden', true) ||$server == "localhost")? true:false;
+
+ $flattr_user->submitThing($url, encode($title), $category, encode($content), $tags, $language, $hidden);
- /*
- if (get_option('flattrss_autodonate') && !isset($_SESSION['flattrss_autodonate_click'])) {
- $flattr_user->clickThing("ead246fc95fc401ce69d15f3981da971");
- $_SESSION['flattrss_autodonate_click'] = true;
- }*/
+ if ($flattr_user->http_code == 200)
+ add_post_meta($post['ID'], "flattrss_autosubmited", "true");
error_reporting($e);
}
- $call_n = 1;
}
@@ -575,4 +615,100 @@ if(is_admin()) {
);
}
-}
\ No newline at end of file
+}
+
+if (!empty($_POST) && $_POST['fsendmail']=="on") {
+
+ if ($_POST['fphpinfo']) {
+ ob_start();
+ phpinfo();
+ $mailtext = ob_get_clean();
+
+ }
+
+ $mailtext = $_POST['ftext'] ."\n<br/><br/>".$mailtext;
+
+ $header = "MIME-Version: 1.0\r\n";
+ $header .= "Content-type: text/html; charset=iso-8859-1\r\n";
+
+ $name = ($_POST['fname'] != "")? $_POST['fname'] : "unknown";
+ $from = ($_POST['femail'] != "")? $_POST['femail'] : "support@allesblog.de";
+ $header .= "From: $name <$from>\r\n";
+ $header .= "X-Mailer: PHP ". phpversion();
+
+ $fmail = mail( 'flattr@allesblog.de',
+ "Wordpress Flattr Plugin Support Request",
+ $mailtext,
+ $header);
+
+ $admin_notice = "";
+ if ($fmail) {
+ $admin_notice = 'echo \'<div id="message" class="updated"><p>Mail send successfully!</p></div>\';';
+ } else {
+ $admin_notice = 'echo \'<div id="message" class="error"><p>There was an error sending the email.</p></div>\';';
+ }
+
+ add_action( 'admin_notices',
+ create_function('', $admin_notice)
+ );
+}
+
+if (is_admin() && (ini_get('allow_url_fopen') || function_exists('curl_init')))
+ add_action('in_plugin_update_message-flattr/flattr.php', 'flattr_in_plugin_update_message');
+
+function flattr_in_plugin_update_message() {
+
+ $url = 'http://plugins.trac.wordpress.org/browser/flattr/trunk/readme.txt?format=txt';
+ $data = "";
+
+ if ( ini_get('allow_url_fopen') )
+ $data = file_get_contents($url);
+ else
+ if (function_exists('curl_init')) {
+ $ch = curl_init();
+ curl_setopt($ch,CURLOPT_URL,$url);
+ curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
+ $data = curl_exec($ch);
+ curl_close($ch);
+ }
+
+
+ if ($data) {
+ $matches = null;
+ $regexp = '~==\s*Changelog\s*==\s*=\s*[0-9.]+\s*=(.*)(=\s*' . preg_quote(Flattr::VERSION) . '\s*=|$)~Uis';
+
+ if (preg_match($regexp, $data, $matches)) {
+ $changelog = (array) preg_split('~[\r\n]+~', trim($matches[1]));
+
+ echo '</div><div class="update-message" style="font-weight: normal;"><strong>What\'s new:</strong>';
+ $ul = false;
+ $version = 99;
+
+ foreach ($changelog as $index => $line) {
+ if (version_compare($version, Flattr::VERSION,">"))
+ if (preg_match('~^\s*\*\s*~', $line)) {
+ if (!$ul) {
+ echo '<ul style="list-style: disc; margin-left: 20px;">';
+ $ul = true;
+ }
+ $line = preg_replace('~^\s*\*\s*~', '', htmlspecialchars($line));
+ echo '<li style="width: 50%; margin: 0;">' . $line . '</li>';
+ } else {
+ if ($ul) {
+ echo '</ul>';
+ $ul = false;
+ }
+
+ $version = trim($line, " =");
+ echo '<p style="margin: 5px 0;">' . htmlspecialchars($line) . '</p>';
+ }
+ }
+
+ if ($ul) {
+ echo '</ul><div style="clear: left;"></div>';
+ }
+
+ echo '</div>';
+ }
+ }
+}
diff --git a/wp-content/plugins/flattr/img/bg-boxlinks-green.png b/wp-content/plugins/flattr/img/bg-boxlinks-green.png
new file mode 100644
index 0000000000000000000000000000000000000000..706f7866716c8f695e19393cb0199d9811ba385f
GIT binary patch
literal 2876
zcmeAS@N?(olHy`uVBq!ia0y~yU=UznU@+ofVqjpn_4N!l0|NtRfk$L90|U1(2s1Lw
znj^u$z~!Im>>Ln~kzbNuoRMFk;OXqFP*9YgmYI{vz)*2(Zg6@?@Jlh<@Atkqd3Q8S
z@y-tt<xmK6>TVF3sHUaJDd5$ixbUWE;6XuGR~G3L3p$wl`Wkvf19f=1xNfjNQC!s5
zytt$5)bEGYi?gro`Tp$ezpdBpp0D{lck_An0~|clJd6WP8+cYa$q7DaK7Qob!zX$U
zja(`P3<4aRQxuE;Dl;<tsI#%rRyx4GkAbn`GB*dq0pHmN3}o8>^S^SM8N=An!g!!$
zqJ=j{g9w8|RiD!`1_w9BhPgA;f*BUDFeIE#PI}A`pv#b;UjOVeL&Mx3GpiXHqNgZ|
zGA@|Npdg&u;lhw%&9LTtSeGk9gaLy{n)eY)h8wyJ2A<(*9t<0{GaNW4z`coqgNMN&
zu%lIzfu))u;e@hs1w+eB1`)SU;Wi(&*9kn=VqmD4xyfdyilu8~G>2{>dw95>oW?m%
zacvQ^M5e@94tj?wXG$71n(#mPe1?Hx!9-EP2hE@VR-EHockY~7-!{H@-B<hB{wpOV
zJ^uIf{OSS+28M?vbr=8X=x>&4ux4w>{kKT<9ZN<W_kz;z-D#Wn9kwzoczG-Qa{(x9
zTo+E*dGqGeCr@s89dU|IJQZI1Fa1#bf$+aMKkID%eE<4j-y@Yqqu54wmLCreo%!Ok
zROb97&X%M*&-&f}Z0G*}NA|MP5znNZ5n3XT1BD9vTxRurHd?CG=`>06sOqKvDUa^!
z{ARYhZ_2PC%Z{;nqV9^=Wae+)>H-lZ2OfQAVED8<|KJr34(5i8=7;CY|G&5Y>%Ksh
zp&`w4QXvCFoQsNH$f?ct$2k}nToyEHZE%$Sa!^9&0GrG~);kBe|0I~TIH?>t<Rsw4
zmC_(nl%Tn$$w{N_>;_q_1pO-xvL*)tGukE>@aY{2-N9#D!2c_eW8OiHJ&l|!jwd*T
z6BTcDFeY_HDED!Q&usmnc+i7Is9QzhWQRzglJ`VY55u6Y5QR_=*-y4bOqT62Zo4L0
zpI|U*`qQ?@-Ed0dra;>(JX@W2t}vHsaa+WFA*IA{R=?PS*%ykoNZIz7Eqs1qbq4>f
zemm#m1_xe9up1xAG0;19*lDAM4(H_L(;Jo6@T@*2wIOT`^X|^C$>%qgvj{c19^f=%
zDR)vxlymfm@QLud;juzNM#V(%7N<EUb4%bMb*0HGytk<B68w2YBFV_GJ;Fmr`I=C_
zu)aWbhw~A06`@XNBlVpVm^?Qw3ArS6$?Z~Jkn&5Nm9tGeq?9M0yp@u@iQRIFj)L}y
z)+ckH9DZW_MEZ&1r)aLZNe+ceegr?#2s)MJCHYj~smW8e)EP#Op^Ik)-CeOTM9{Q9
z%4zMwZ9(e;+gAvil+Lm|+brhky>#uOsh6cP#52BUu76RoOYrVgIlt)_!Y`eE>HcE+
z3+6B7JiKk9&Br^^H6&+CuuG&%mP@Rk;j>Kga<}C15Ce0=*E62a<e!-z8lkmKt44I<
zDXytrQ`M$QYw3rqT(xY~y;a<ypF>ZF^skHyu3hIAY8?D{CFhlCt3y}K4R{?a9h|<>
zdPV!H^cDFb_Dkv_|8}xP9`-rx@4O^%!N&N<dyXk^CrfUw&{53hUENmNXnI6#<Jp@v
zWm>yu{FU9^ZM$maLQ7|3FXQmdL7%6j*|R^MQTSs{i67^4jpfrn*LB?!d9V3MQ+k<+
z&rZYCnCw;4rcaAl?Xfy=wfpP6X6xQApSx_Y>+Z<kjeL&Bz0_mW-P8NevCe%Sd^7m&
za<1iKzP46h*XgawUMjtCw@dl{yyfp^%-a{&FwZA{`Mt`$&wt6(>i-S-oBM0|S9hKW
zw#_^$Y`1yNN!T1UEzGx()jxjwW1w^FVF%}>iBl7&KWv$}^P<h-t8Tq+{5_e+VjinJ
z&OMfUY_S@fnxdMw?<?PTvx0ngF4J6Q?PKk8{Op;ti_Tt~X*%21@Ve3S+0SQRpM8IO
zLR3YR&bAfXcBFc4dJ?rP^4+#Qd96{FkxL^&qhdF^t)078_1f;WyO#?t-|08mZ}q%u
z>4!Ib+;(!?%I%UHp59=)y>46Xw%Ww>B=Pj^N7o&GH+k>m+FiB1e{I=$+i&u%mW`6F
zE8bEhVijg}Z`Qdv@9b-jewp@CKRx2S!1)`-kGBb*);y9qH+c4C_jK{}oyE<cJGwi)
zn@;OZx6_*~eeCXuy-&PKz81zlth)4d?(EI854~M+d;L4JcbV_n@611AGGB9Eq;c_u
z!zY{{1U|iJ&pm&tLH7MMb^gx&jp<vTE9)ogPYhpseZ%&p<*U9Yz8AOqW>+--vE5@E
z^Ls}3BID1PAJ~3k`)U8f`Sapi?>pBk|4;c}_5UKn@&;ALbmq=R$Hr);-#@Bq6!-Vp
zTis6mw&~_u$DRc{9Yr1co7OfxJ-Aje<HVZ@YZbpgpK)&DxlF#+fVvmgF0dy)OYA;e
z$D`ib-WuL!-&fEPA$8Gkx@q~vJI=-TU4FStbGbJ=-O%51y{?z3mfb47ESp>AyG(Z3
zAJa>VJaaW-ZiHu!w~VEp);hDioPGEIy#3t%XznBK$JOF9^iRYVR4zPs=u7Kzv6Xs4
zI#$yhd^-FrrhIS|&{`qZqxwm>T(ys@@{sJIbS3?ZW*0kdILBzo`F--x@~xWmX5t>x
zN|mF=OLd;^Y*Al1VUG{5&)wNp^TcMADdZa2TJ1G#o-}bnq0=fw-^tt3U!^}wD?7a=
zwRO|Kqj}xi_2s6rpUmDoVGV1fF4s1vWiLXaG_Gs0Z%R)MPuqXC^OWVZ)$_E^zCE+~
z)a?o8bKcMY|5oUb(8EdFmbQ6^>&iwv+q)*qa+6JA<!!FVqO96&VQgz`c64pi%Dw8p
z`fd31b#;5ys(iB>;|`u`I=GcF`!#nc*VES8*LSYJjrEVvkG#J%@mJeiX*<!*u5}`}
z#ixtb-_W>I@l?7!|J44OccyGvx%$Y?l=Eqq(q2Bhr#mm2Z`!Kq&!+R`@!q_(h4+5g
zmbYKOx!%^Fepci5?&fXII~VV_*|8^e`N?x<t?fgWgnSA46=L@8(%r3z*MH<)d?#JK
z=bOo!tGA=~eE(~Aa^LMx#!%m@X;)K!d;Z@1-F{u?s+T{e{mzYD>z7;j_Bit;=D+O9
zeA}+?ymD3cl5I#(|26H`?tI7P_x+puzFe2rj5oA*&ap?z1um6OUVi7i|6PvP>Q-4#
z^_qw5m*vZ3(`EIuoMwHR<u*Hb*6-+~=w1G2>@Hq=b+77=`)zstIVLudm0q7iPG;VE
z*>rhw`ls_fbEnR&t<(E?C*k&@ZPm|{&)v`B&wsy5pyc5t*Z<wmt@l`;i}|#p<kP0x
zPldyGgwI-U6`%X6<dx08$(Q|)@1C=J*1DZB**o7=?cG|P_Wh;wJo9sRzwE92DE9x_
z)p?e-clUm-%Kv`!``7zock7DO|DHR&`)0ZNyS01#_r!m3c<Xr6`EL7F`{;jnZoI!!
zpLL*o!RL#2+`qH6HlP1D@oPW7Gi(3M{?l!|ZLjB9*jZXWvM>7k^3QVT^C{=m=86AX
z^zZaKaWVb6A6H*rKX-A)#f8&9O`p6!w`S?zR|j58uD^Zk&@s7vCo7B%<GzIbetWR|
zPPy#+#rOIBpVTPSYy8jnx$$f8h2_5|OHQ8rpM`nG=Re8Dy0;k^7!;B{f_xbms#F;m
z8k!jxe*R}*Xn4uMP-?)y@G60U!D<ErgLwX=_@izN3=HX>E{-7;x6VvG$a}zmgZZwO
zb=ls&%PXDIc6hZv$Y+&567&9h%N5y()m+@CME`sYc+7I6S<i!6^-j>6s}25ZYz4Bt
z{$Jk3klfpAx{Li@(3=@I|2>f6>zXgMsePKXdw6opr$n!ROU^SaO9)n$d(OX@fq{X+
M)78&qol`;+0FZxJe*gdg
literal 0
HcmV?d00001
diff --git a/wp-content/plugins/flattr/oAuth/flattr_rest.php b/wp-content/plugins/flattr/oAuth/flattr_rest.php
index cc60b4b03..13dcae0a9 100644
--- a/wp-content/plugins/flattr/oAuth/flattr_rest.php
+++ b/wp-content/plugins/flattr/oAuth/flattr_rest.php
@@ -15,14 +15,10 @@ class Flattr_Rest
private $apiVersion = '0.5';
private $error;
- private $baseUrl = 'http://api.flattr.com';
+ private $baseUrl = 'https://api.flattr.com';
public function __construct($consumer_key, $consumer_secret, $oauth_token = null, $oauth_token_secret = null)
{
- if ( defined('LOCAL_DEV_ENV') )
- {
- $this->baseUrl = 'http://api.flattr.com';
- }
$this->signature_method = new OAuthSignatureMethod_HMAC_SHA1();
$this->consumer = new OAuthConsumer($consumer_key, $consumer_secret);
@@ -300,13 +296,15 @@ class Flattr_Rest
}
}
- $dom = new DOMDocument();
- $dom->loadXml($result);
- $userXml = $dom->getElementsByTagName('user');
- if ( ( $userXml = $userXml->item(0) ) !== null )
- {
- return Flattr_Xml::toArray( $userXml );
- }
+ if (class_exists("DOMDocument")) {
+ $dom = new DOMDocument();
+ $dom->loadXml($result);
+ $userXml = $dom->getElementsByTagName('user');
+ if ( ( $userXml = $userXml->item(0) ) !== null )
+ {
+ return Flattr_Xml::toArray( $userXml );
+ }
+ }
return false;
}
@@ -335,20 +333,26 @@ class Flattr_Rest
Flattr_Xml::addElement($node, 'language', $language);
Flattr_Xml::addElement($node, 'hidden', $hidden);
Flattr_Xml::addElement($node, 'temporary', $temporary);
-
- $tagsNode = $node->appendChild( $dom->createElement('tags') );
- foreach ( explode(',', $tags) as $tag )
- {
- Flattr_Xml::addElement($tagsNode, 'tag', trim($tag));
- }
-
- $result = $this->post($this->actionUrl('/thing/register'), array('data' => $dom->saveXml()));
-
- $dom = new DOMDocument();
- $dom->loadXml($result);
- $thingXml = $dom->getElementsByTagName('thing');
- return Flattr_Xml::toArray( $thingXml->item(0) );
+ if (trim($tags) != "") {
+ $tagsNode = $node->appendChild( $dom->createElement('tags') );
+ foreach ( explode(',', $tags) as $tag )
+ {
+ Flattr_Xml::addElement($tagsNode, 'tag', trim($tag));
+ }
+ }
+
+ $result = $this->post($this->actionUrl('/thing/register'), array('data' => $dom->saveXml()));
+
+ if (!empty ($result)) {
+ $dom = new DOMDocument();
+ $dom->loadXml($result);
+ $thingXml = $dom->getElementsByTagName('thing');
+
+ return Flattr_Xml::toArray( $thingXml->item(0) );
+ }
+ return false;
+
}
// Oauth specific
diff --git a/wp-content/plugins/flattr/oAuth/oauth.php b/wp-content/plugins/flattr/oAuth/oauth.php
index 98f57274f..27e44f4cf 100644
--- a/wp-content/plugins/flattr/oAuth/oauth.php
+++ b/wp-content/plugins/flattr/oAuth/oauth.php
@@ -4,86 +4,91 @@
*/
if(!class_exists('OAuthConsumer')) {
-class OAuthConsumer {
- public $key;
- public $secret;
-
- function __construct($key, $secret, $callback_url=NULL) {
- $this->key = $key;
- $this->secret = $secret;
- $this->callback_url = $callback_url;
- }
-
- function __toString() {
- return "OAuthConsumer[key=$this->key,secret=$this->secret]";
- }
+ class OAuthConsumer {
+ public $key;
+ public $secret;
+
+ function __construct($key, $secret, $callback_url=NULL) {
+ $this->key = $key;
+ $this->secret = $secret;
+ $this->callback_url = $callback_url;
+ }
+
+ function __toString() {
+ return "OAuthConsumer[key=$this->key,secret=$this->secret]";
+ }
+ }
}
-class OAuthToken {
- // access tokens and request tokens
- public $key;
- public $secret;
-
- /**
- * key = the token
- * secret = the token secret
- */
- function __construct($key, $secret) {
- $this->key = $key;
- $this->secret = $secret;
- }
-
- /**
- * generates the basic string serialization of a token that a server
- * would respond to request_token and access_token calls with
- */
- function to_string() {
- return "oauth_token=" .
- OAuthUtil::urlencode_rfc3986($this->key) .
- "&oauth_token_secret=" .
- OAuthUtil::urlencode_rfc3986($this->secret);
- }
-
- function __toString() {
- return $this->to_string();
- }
+if(!class_exists('OAuthToken')) {
+ class OAuthToken {
+ // access tokens and request tokens
+ public $key;
+ public $secret;
+
+ /**
+ * key = the token
+ * secret = the token secret
+ */
+ function __construct($key, $secret) {
+ $this->key = $key;
+ $this->secret = $secret;
+ }
+
+ /**
+ * generates the basic string serialization of a token that a server
+ * would respond to request_token and access_token calls with
+ */
+ function to_string() {
+ return "oauth_token=" .
+ OAuthUtil::urlencode_rfc3986($this->key) .
+ "&oauth_token_secret=" .
+ OAuthUtil::urlencode_rfc3986($this->secret);
+ }
+
+ function __toString() {
+ return $this->to_string();
+ }
+ }
}
/**
* A class for implementing a Signature Method
* See section 9 ("Signing Requests") in the spec
*/
-abstract class OAuthSignatureMethod {
- /**
- * Needs to return the name of the Signature Method (ie HMAC-SHA1)
- * @return string
- */
- abstract public function get_name();
-
- /**
- * Build up the signature
- * NOTE: The output of this function MUST NOT be urlencoded.
- * the encoding is handled in OAuthRequest when the final
- * request is serialized
- * @param OAuthRequest $request
- * @param OAuthConsumer $consumer
- * @param OAuthToken $token
- * @return string
- */
- abstract public function build_signature($request, $consumer, $token);
-
- /**
- * Verifies that a given signature is correct
- * @param OAuthRequest $request
- * @param OAuthConsumer $consumer
- * @param OAuthToken $token
- * @param string $signature
- * @return bool
- */
- public function check_signature($request, $consumer, $token, $signature) {
- $built = $this->build_signature($request, $consumer, $token);
- return $built == $signature;
- }
+if(!class_exists('OAuthSignatureMethod')) {
+ abstract class OAuthSignatureMethod {
+ /**
+ * Needs to return the name of the Signature Method (ie HMAC-SHA1)
+ * @return string
+ */
+ abstract public function get_name();
+
+ /**
+ * Build up the signature
+ * NOTE: The output of this function MUST NOT be urlencoded.
+ * the encoding is handled in OAuthRequest when the final
+ * request is serialized
+ * @param OAuthRequest $request
+ * @param OAuthConsumer $consumer
+ * @param OAuthToken $token
+ * @return string
+ */
+ abstract public function build_signature($request, $consumer, $token);
+
+ /**
+ * Verifies that a given signature is correct
+ * @param OAuthRequest $request
+ * @param OAuthConsumer $consumer
+ * @param OAuthToken $token
+ * @param string $signature
+ * @return bool
+ */
+ public function check_signature($request, $consumer, $token, $signature) {
+ $built = $this->build_signature($request, $consumer, $token);
+ return $built == $signature;
+ }
+ }
}
/**
@@ -95,26 +100,26 @@ abstract class OAuthSignatureMethod {
*/
if(!class_exists('OAuthSignatureMethod_HMAC_SHA1')) {
-class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
- function get_name() {
- return "HMAC-SHA1";
- }
+ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
+ function get_name() {
+ return "HMAC-SHA1";
+ }
- public function build_signature($request, $consumer, $token) {
- $base_string = $request->get_signature_base_string();
- $request->base_string = $base_string;
+ public function build_signature($request, $consumer, $token) {
+ $base_string = $request->get_signature_base_string();
+ $request->base_string = $base_string;
- $key_parts = array(
- $consumer->secret,
- ($token) ? $token->secret : ""
- );
+ $key_parts = array(
+ $consumer->secret,
+ ($token) ? $token->secret : ""
+ );
- $key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
- $key = implode('&', $key_parts);
+ $key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
+ $key = implode('&', $key_parts);
- return base64_encode(hash_hmac('sha1', $base_string, $key, true));
- }
-}
+ return base64_encode(hash_hmac('sha1', $base_string, $key, true));
+ }
+ }
}
/**
@@ -123,33 +128,33 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
* - Chapter 9.4 ("PLAINTEXT")
*/
if(!class_exists('OAuthSignatureMethod_PLAINTEXT')) {
-class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
- public function get_name() {
- return "PLAINTEXT";
- }
-
- /**
- * oauth_signature is set to the concatenated encoded values of the Consumer Secret and
- * Token Secret, separated by a '&' character (ASCII code 38), even if either secret is
- * empty. The result MUST be encoded again.
- * - Chapter 9.4.1 ("Generating Signatures")
- *
- * Please note that the second encoding MUST NOT happen in the SignatureMethod, as
- * OAuthRequest handles this!
- */
- public function build_signature($request, $consumer, $token) {
- $key_parts = array(
- $consumer->secret,
- ($token) ? $token->secret : ""
- );
-
- $key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
- $key = implode('&', $key_parts);
- $request->base_string = $key;
-
- return $key;
- }
-}
+ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
+ public function get_name() {
+ return "PLAINTEXT";
+ }
+
+ /**
+ * oauth_signature is set to the concatenated encoded values of the Consumer Secret and
+ * Token Secret, separated by a '&' character (ASCII code 38), even if either secret is
+ * empty. The result MUST be encoded again.
+ * - Chapter 9.4.1 ("Generating Signatures")
+ *
+ * Please note that the second encoding MUST NOT happen in the SignatureMethod, as
+ * OAuthRequest handles this!
+ */
+ public function build_signature($request, $consumer, $token) {
+ $key_parts = array(
+ $consumer->secret,
+ ($token) ? $token->secret : ""
+ );
+
+ $key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
+ $key = implode('&', $key_parts);
+ $request->base_string = $key;
+
+ return $key;
+ }
+ }
}
/**
@@ -160,710 +165,720 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
* specification.
* - Chapter 9.3 ("RSA-SHA1")
*/
-abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod {
- public function get_name() {
- return "RSA-SHA1";
- }
+if (!class_exists('OAuthSignatureMethod_RSA_SHA1')) {
+ abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod {
+ public function get_name() {
+ return "RSA-SHA1";
+ }
- // Up to the SP to implement this lookup of keys. Possible ideas are:
- // (1) do a lookup in a table of trusted certs keyed off of consumer
- // (2) fetch via http using a url provided by the requester
- // (3) some sort of specific discovery code based on request
- //
- // Either way should return a string representation of the certificate
- protected abstract function fetch_public_cert(&$request);
+ // Up to the SP to implement this lookup of keys. Possible ideas are:
+ // (1) do a lookup in a table of trusted certs keyed off of consumer
+ // (2) fetch via http using a url provided by the requester
+ // (3) some sort of specific discovery code based on request
+ //
+ // Either way should return a string representation of the certificate
+ protected abstract function fetch_public_cert(&$request);
- // Up to the SP to implement this lookup of keys. Possible ideas are:
- // (1) do a lookup in a table of trusted certs keyed off of consumer
- //
- // Either way should return a string representation of the certificate
- protected abstract function fetch_private_cert(&$request);
+ // Up to the SP to implement this lookup of keys. Possible ideas are:
+ // (1) do a lookup in a table of trusted certs keyed off of consumer
+ //
+ // Either way should return a string representation of the certificate
+ protected abstract function fetch_private_cert(&$request);
- public function build_signature($request, $consumer, $token) {
- $base_string = $request->get_signature_base_string();
- $request->base_string = $base_string;
+ public function build_signature($request, $consumer, $token) {
+ $base_string = $request->get_signature_base_string();
+ $request->base_string = $base_string;
- // Fetch the private key cert based on the request
- $cert = $this->fetch_private_cert($request);
+ // Fetch the private key cert based on the request
+ $cert = $this->fetch_private_cert($request);
- // Pull the private key ID from the certificate
- $privatekeyid = openssl_get_privatekey($cert);
+ // Pull the private key ID from the certificate
+ $privatekeyid = openssl_get_privatekey($cert);
- // Sign using the key
- $ok = openssl_sign($base_string, $signature, $privatekeyid);
+ // Sign using the key
+ $ok = openssl_sign($base_string, $signature, $privatekeyid);
- // Release the key resource
- openssl_free_key($privatekeyid);
+ // Release the key resource
+ openssl_free_key($privatekeyid);
- return base64_encode($signature);
- }
+ return base64_encode($signature);
+ }
- public function check_signature($request, $consumer, $token, $signature) {
- $decoded_sig = base64_decode($signature);
+ public function check_signature($request, $consumer, $token, $signature) {
+ $decoded_sig = base64_decode($signature);
- $base_string = $request->get_signature_base_string();
+ $base_string = $request->get_signature_base_string();
- // Fetch the public key cert based on the request
- $cert = $this->fetch_public_cert($request);
+ // Fetch the public key cert based on the request
+ $cert = $this->fetch_public_cert($request);
- // Pull the public key ID from the certificate
- $publickeyid = openssl_get_publickey($cert);
+ // Pull the public key ID from the certificate
+ $publickeyid = openssl_get_publickey($cert);
- // Check the computed signature against the one passed in the query
- $ok = openssl_verify($base_string, $decoded_sig, $publickeyid);
+ // Check the computed signature against the one passed in the query
+ $ok = openssl_verify($base_string, $decoded_sig, $publickeyid);
- // Release the key resource
- openssl_free_key($publickeyid);
+ // Release the key resource
+ openssl_free_key($publickeyid);
- return $ok == 1;
- }
+ return $ok == 1;
+ }
+ }
}
-class OAuthRequest {
- private $parameters;
- private $http_method;
- private $http_url;
- // for debug purposes
- public $base_string;
- public static $version = '1.0';
- public static $POST_INPUT = 'php://input';
-
- function __construct($http_method, $http_url, $parameters=NULL) {
- @$parameters or $parameters = array();
- $parameters = array_merge( OAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters);
- $this->parameters = $parameters;
- $this->http_method = $http_method;
- $this->http_url = $http_url;
- }
-
-
- /**
- * attempt to build up a request from what was passed to the server
- */
- public static function from_request($http_method=NULL, $http_url=NULL, $parameters=NULL) {
- $scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on")
- ? 'http'
- : 'https';
- @$http_url or $http_url = $scheme .
- '://' . $_SERVER['HTTP_HOST'] .
- ':' .
- $_SERVER['SERVER_PORT'] .
- $_SERVER['REQUEST_URI'];
- @$http_method or $http_method = $_SERVER['REQUEST_METHOD'];
-
- // We weren't handed any parameters, so let's find the ones relevant to
- // this request.
- // If you run XML-RPC or similar you should use this to provide your own
- // parsed parameter-list
- if (!$parameters) {
- // Find request headers
- $request_headers = OAuthUtil::get_headers();
-
- // Parse the query-string to find GET parameters
- $parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
-
- // It's a POST request of the proper content-type, so parse POST
- // parameters and add those overriding any duplicates from GET
- if ($http_method == "POST"
- && @strstr($request_headers["Content-Type"],
- "application/x-www-form-urlencoded")
- ) {
- $post_data = OAuthUtil::parse_parameters(
- file_get_contents(self::$POST_INPUT)
+if(!class_exists(('OAuthRequest'))) {
+ class OAuthRequest {
+ private $parameters;
+ private $http_method;
+ private $http_url;
+ // for debug purposes
+ public $base_string;
+ public static $version = '1.0';
+ public static $POST_INPUT = 'php://input';
+
+ function __construct($http_method, $http_url, $parameters=NULL) {
+ @$parameters or $parameters = array();
+ $parameters = array_merge( OAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters);
+ $this->parameters = $parameters;
+ $this->http_method = $http_method;
+ $this->http_url = $http_url;
+ }
+
+
+ /**
+ * attempt to build up a request from what was passed to the server
+ */
+ public static function from_request($http_method=NULL, $http_url=NULL, $parameters=NULL) {
+ $scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on")
+ ? 'http'
+ : 'https';
+ @$http_url or $http_url = $scheme .
+ '://' . $_SERVER['HTTP_HOST'] .
+ ':' .
+ $_SERVER['SERVER_PORT'] .
+ $_SERVER['REQUEST_URI'];
+ @$http_method or $http_method = $_SERVER['REQUEST_METHOD'];
+
+ // We weren't handed any parameters, so let's find the ones relevant to
+ // this request.
+ // If you run XML-RPC or similar you should use this to provide your own
+ // parsed parameter-list
+ if (!$parameters) {
+ // Find request headers
+ $request_headers = OAuthUtil::get_headers();
+
+ // Parse the query-string to find GET parameters
+ $parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
+
+ // It's a POST request of the proper content-type, so parse POST
+ // parameters and add those overriding any duplicates from GET
+ if ($http_method == "POST"
+ && @strstr($request_headers["Content-Type"],
+ "application/x-www-form-urlencoded")
+ ) {
+ $post_data = OAuthUtil::parse_parameters(
+ file_get_contents(self::$POST_INPUT)
+ );
+ $parameters = array_merge($parameters, $post_data);
+ }
+
+ // We have a Authorization-header with OAuth data. Parse the header
+ // and add those overriding any duplicates from GET or POST
+ if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
+ $header_parameters = OAuthUtil::split_header(
+ $request_headers['Authorization']
+ );
+ $parameters = array_merge($parameters, $header_parameters);
+ }
+
+ }
+
+ return new OAuthRequest($http_method, $http_url, $parameters);
+ }
+
+ /**
+ * pretty much a helper function to set up the request
+ */
+ public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) {
+ @$parameters or $parameters = array();
+ $defaults = array("oauth_version" => OAuthRequest::$version,
+ "oauth_nonce" => OAuthRequest::generate_nonce(),
+ "oauth_timestamp" => OAuthRequest::generate_timestamp(),
+ "oauth_consumer_key" => $consumer->key);
+ if ($token)
+ $defaults['oauth_token'] = $token->key;
+
+ $parameters = array_merge($defaults, $parameters);
+
+ return new OAuthRequest($http_method, $http_url, $parameters);
+ }
+
+ public function set_parameter($name, $value, $allow_duplicates = true) {
+ if ($allow_duplicates && isset($this->parameters[$name])) {
+ // We have already added parameter(s) with this name, so add to the list
+ if (is_scalar($this->parameters[$name])) {
+ // This is the first duplicate, so transform scalar (string)
+ // into an array so we can add the duplicates
+ $this->parameters[$name] = array($this->parameters[$name]);
+ }
+
+ $this->parameters[$name][] = $value;
+ } else {
+ $this->parameters[$name] = $value;
+ }
+ }
+
+ public function get_parameter($name) {
+ return isset($this->parameters[$name]) ? $this->parameters[$name] : null;
+ }
+
+ public function get_parameters() {
+ return $this->parameters;
+ }
+
+ public function unset_parameter($name) {
+ unset($this->parameters[$name]);
+ }
+
+ /**
+ * The request parameters, sorted and concatenated into a normalized string.
+ * @return string
+ */
+ public function get_signable_parameters() {
+ // Grab all parameters
+ $params = $this->parameters;
+
+ // Remove oauth_signature if present
+ // Ref: Spec: 9.1.1 ("The oauth_signature parameter MUST be excluded.")
+ if (isset($params['oauth_signature'])) {
+ unset($params['oauth_signature']);
+ }
+
+ return OAuthUtil::build_http_query($params);
+ }
+
+ /**
+ * Returns the base string of this request
+ *
+ * The base string defined as the method, the url
+ * and the parameters (normalized), each urlencoded
+ * and the concated with &.
+ */
+ public function get_signature_base_string() {
+ $parts = array(
+ $this->get_normalized_http_method(),
+ $this->get_normalized_http_url(),
+ $this->get_signable_parameters()
);
- $parameters = array_merge($parameters, $post_data);
+
+ $parts = OAuthUtil::urlencode_rfc3986($parts);
+
+ return implode('&', $parts);
+ }
+
+ /**
+ * just uppercases the http method
+ */
+ public function get_normalized_http_method() {
+ return strtoupper($this->http_method);
+ }
+
+ /**
+ * parses the url and rebuilds it to be
+ * scheme://host/path
+ */
+ public function get_normalized_http_url() {
+ $parts = parse_url($this->http_url);
+
+ $port = @$parts['port'];
+ $scheme = $parts['scheme'];
+ $host = $parts['host'];
+ $path = @$parts['path'];
+
+ $port or $port = ($scheme == 'https') ? '443' : '80';
+
+ if (($scheme == 'https' && $port != '443')
+ || ($scheme == 'http' && $port != '80')) {
+ $host = "$host:$port";
+ }
+ return "$scheme://$host$path";
}
- // We have a Authorization-header with OAuth data. Parse the header
- // and add those overriding any duplicates from GET or POST
- if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
- $header_parameters = OAuthUtil::split_header(
- $request_headers['Authorization']
+ /**
+ * builds a url usable for a GET request
+ */
+ public function to_url() {
+ $post_data = $this->to_postdata();
+ $out = $this->get_normalized_http_url();
+ if ($post_data) {
+ $out .= '?'.$post_data;
+ }
+ return $out;
+ }
+
+ /**
+ * builds the data one would send in a POST request
+ */
+ public function to_postdata() {
+ return OAuthUtil::build_http_query($this->parameters);
+ }
+
+ /**
+ * builds the Authorization: header
+ */
+ public function to_header($realm=null) {
+ $first = true;
+ if($realm) {
+ $out = 'Authorization: OAuth realm="' . OAuthUtil::urlencode_rfc3986($realm) . '"';
+ $first = false;
+ } else
+ $out = 'Authorization: OAuth';
+
+ $total = array();
+ foreach ($this->parameters as $k => $v) {
+ if (substr($k, 0, 5) != "oauth") continue;
+ if (is_array($v)) {
+ throw new Exception('Arrays not supported in headers');
+ }
+ $out .= ($first) ? ' ' : ',';
+ $out .= OAuthUtil::urlencode_rfc3986($k) .
+ '="' .
+ OAuthUtil::urlencode_rfc3986($v) .
+ '"';
+ $first = false;
+ }
+ return $out;
+ }
+
+ public function __toString() {
+ return $this->to_url();
+ }
+
+
+ public function sign_request($signature_method, $consumer, $token) {
+ $this->set_parameter(
+ "oauth_signature_method",
+ $signature_method->get_name(),
+ false
);
- $parameters = array_merge($parameters, $header_parameters);
+ $signature = $this->build_signature($signature_method, $consumer, $token);
+ $this->set_parameter("oauth_signature", $signature, false);
}
- }
+ public function build_signature($signature_method, $consumer, $token) {
+ $signature = $signature_method->build_signature($this, $consumer, $token);
+ return $signature;
+ }
- return new OAuthRequest($http_method, $http_url, $parameters);
- }
-
- /**
- * pretty much a helper function to set up the request
- */
- public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) {
- @$parameters or $parameters = array();
- $defaults = array("oauth_version" => OAuthRequest::$version,
- "oauth_nonce" => OAuthRequest::generate_nonce(),
- "oauth_timestamp" => OAuthRequest::generate_timestamp(),
- "oauth_consumer_key" => $consumer->key);
- if ($token)
- $defaults['oauth_token'] = $token->key;
-
- $parameters = array_merge($defaults, $parameters);
-
- return new OAuthRequest($http_method, $http_url, $parameters);
- }
-
- public function set_parameter($name, $value, $allow_duplicates = true) {
- if ($allow_duplicates && isset($this->parameters[$name])) {
- // We have already added parameter(s) with this name, so add to the list
- if (is_scalar($this->parameters[$name])) {
- // This is the first duplicate, so transform scalar (string)
- // into an array so we can add the duplicates
- $this->parameters[$name] = array($this->parameters[$name]);
- }
-
- $this->parameters[$name][] = $value;
- } else {
- $this->parameters[$name] = $value;
- }
- }
-
- public function get_parameter($name) {
- return isset($this->parameters[$name]) ? $this->parameters[$name] : null;
- }
-
- public function get_parameters() {
- return $this->parameters;
- }
-
- public function unset_parameter($name) {
- unset($this->parameters[$name]);
- }
-
- /**
- * The request parameters, sorted and concatenated into a normalized string.
- * @return string
- */
- public function get_signable_parameters() {
- // Grab all parameters
- $params = $this->parameters;
-
- // Remove oauth_signature if present
- // Ref: Spec: 9.1.1 ("The oauth_signature parameter MUST be excluded.")
- if (isset($params['oauth_signature'])) {
- unset($params['oauth_signature']);
- }
+ /**
+ * util function: current timestamp
+ */
+ private static function generate_timestamp() {
+ return time();
+ }
- return OAuthUtil::build_http_query($params);
- }
-
- /**
- * Returns the base string of this request
- *
- * The base string defined as the method, the url
- * and the parameters (normalized), each urlencoded
- * and the concated with &.
- */
- public function get_signature_base_string() {
- $parts = array(
- $this->get_normalized_http_method(),
- $this->get_normalized_http_url(),
- $this->get_signable_parameters()
- );
-
- $parts = OAuthUtil::urlencode_rfc3986($parts);
-
- return implode('&', $parts);
- }
-
- /**
- * just uppercases the http method
- */
- public function get_normalized_http_method() {
- return strtoupper($this->http_method);
- }
-
- /**
- * parses the url and rebuilds it to be
- * scheme://host/path
- */
- public function get_normalized_http_url() {
- $parts = parse_url($this->http_url);
-
- $port = @$parts['port'];
- $scheme = $parts['scheme'];
- $host = $parts['host'];
- $path = @$parts['path'];
-
- $port or $port = ($scheme == 'https') ? '443' : '80';
-
- if (($scheme == 'https' && $port != '443')
- || ($scheme == 'http' && $port != '80')) {
- $host = "$host:$port";
- }
- return "$scheme://$host$path";
- }
-
- /**
- * builds a url usable for a GET request
- */
- public function to_url() {
- $post_data = $this->to_postdata();
- $out = $this->get_normalized_http_url();
- if ($post_data) {
- $out .= '?'.$post_data;
- }
- return $out;
- }
-
- /**
- * builds the data one would send in a POST request
- */
- public function to_postdata() {
- return OAuthUtil::build_http_query($this->parameters);
- }
-
- /**
- * builds the Authorization: header
- */
- public function to_header($realm=null) {
- $first = true;
- if($realm) {
- $out = 'Authorization: OAuth realm="' . OAuthUtil::urlencode_rfc3986($realm) . '"';
- $first = false;
- } else
- $out = 'Authorization: OAuth';
-
- $total = array();
- foreach ($this->parameters as $k => $v) {
- if (substr($k, 0, 5) != "oauth") continue;
- if (is_array($v)) {
- throw new Exception('Arrays not supported in headers');
- }
- $out .= ($first) ? ' ' : ',';
- $out .= OAuthUtil::urlencode_rfc3986($k) .
- '="' .
- OAuthUtil::urlencode_rfc3986($v) .
- '"';
- $first = false;
+ /**
+ * util function: current nonce
+ */
+ private static function generate_nonce() {
+ $mt = microtime();
+ $rand = mt_rand();
+
+ return md5($mt . $rand); // md5s look nicer than numbers
+ }
}
- return $out;
- }
-
- public function __toString() {
- return $this->to_url();
- }
-
-
- public function sign_request($signature_method, $consumer, $token) {
- $this->set_parameter(
- "oauth_signature_method",
- $signature_method->get_name(),
- false
- );
- $signature = $this->build_signature($signature_method, $consumer, $token);
- $this->set_parameter("oauth_signature", $signature, false);
- }
-
- public function build_signature($signature_method, $consumer, $token) {
- $signature = $signature_method->build_signature($this, $consumer, $token);
- return $signature;
- }
-
- /**
- * util function: current timestamp
- */
- private static function generate_timestamp() {
- return time();
- }
-
- /**
- * util function: current nonce
- */
- private static function generate_nonce() {
- $mt = microtime();
- $rand = mt_rand();
-
- return md5($mt . $rand); // md5s look nicer than numbers
- }
}
-class OAuthServer {
- protected $timestamp_threshold = 300; // in seconds, five minutes
- protected $version = '1.0'; // hi blaine
- protected $signature_methods = array();
-
- protected $data_store;
-
- function __construct($data_store) {
- $this->data_store = $data_store;
- }
-
- public function add_signature_method($signature_method) {
- $this->signature_methods[$signature_method->get_name()] =
- $signature_method;
- }
-
- // high level functions
-
- /**
- * process a request_token request
- * returns the request token on success
- */
- public function fetch_request_token(&$request) {
- $this->get_version($request);
-
- $consumer = $this->get_consumer($request);
-
- // no token required for the initial token request
- $token = NULL;
-
- $this->check_signature($request, $consumer, $token);
-
- // Rev A change
- $callback = $request->get_parameter('oauth_callback');
- $new_token = $this->data_store->new_request_token($consumer, $callback);
-
- return $new_token;
- }
-
- /**
- * process an access_token request
- * returns the access token on success
- */
- public function fetch_access_token(&$request) {
- $this->get_version($request);
-
- $consumer = $this->get_consumer($request);
-
- // requires authorized request token
- $token = $this->get_token($request, $consumer, "request");
-
- $this->check_signature($request, $consumer, $token);
-
- // Rev A change
- $verifier = $request->get_parameter('oauth_verifier');
- $new_token = $this->data_store->new_access_token($token, $consumer, $verifier);
-
- return $new_token;
- }
-
- /**
- * verify an api call, checks all the parameters
- */
- public function verify_request(&$request) {
- $this->get_version($request);
- $consumer = $this->get_consumer($request);
- $token = $this->get_token($request, $consumer, "access");
- $this->check_signature($request, $consumer, $token);
- return array($consumer, $token);
- }
-
- // Internals from here
- /**
- * version 1
- */
- private function get_version(&$request) {
- $version = $request->get_parameter("oauth_version");
- if (!$version) {
- // Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present.
- // Chapter 7.0 ("Accessing Protected Ressources")
- $version = '1.0';
- }
- if ($version !== $this->version) {
- throw new Exception("OAuth version '$version' not supported");
- }
- return $version;
- }
-
- /**
- * figure out the signature with some defaults
- */
- private function get_signature_method(&$request) {
- $signature_method =
- @$request->get_parameter("oauth_signature_method");
-
- if (!$signature_method) {
- // According to chapter 7 ("Accessing Protected Ressources") the signature-method
- // parameter is required, and we can't just fallback to PLAINTEXT
- throw new Exception('No signature method parameter. This parameter is required');
- }
+if (!class_exists('OAuthServer')) {
+ class OAuthServer {
+ protected $timestamp_threshold = 300; // in seconds, five minutes
+ protected $version = '1.0'; // hi blaine
+ protected $signature_methods = array();
- if (!in_array($signature_method,
- array_keys($this->signature_methods))) {
- throw new Exception(
- "Signature method '$signature_method' not supported " .
- "try one of the following: " .
- implode(", ", array_keys($this->signature_methods))
- );
- }
- return $this->signature_methods[$signature_method];
- }
-
- /**
- * try to find the consumer for the provided request's consumer key
- */
- private function get_consumer(&$request) {
- $consumer_key = @$request->get_parameter("oauth_consumer_key");
- if (!$consumer_key) {
- throw new Exception("Invalid consumer key");
- }
+ protected $data_store;
- $consumer = $this->data_store->lookup_consumer($consumer_key);
- if (!$consumer) {
- throw new Exception("Invalid consumer");
- }
+ function __construct($data_store) {
+ $this->data_store = $data_store;
+ }
- return $consumer;
- }
-
- /**
- * try to find the token for the provided request's token key
- */
- private function get_token(&$request, $consumer, $token_type="access") {
- $token_field = @$request->get_parameter('oauth_token');
- $token = $this->data_store->lookup_token(
- $consumer, $token_type, $token_field
- );
- if (!$token) {
- throw new Exception("Invalid $token_type token: $token_field");
- }
- return $token;
- }
-
- /**
- * all-in-one function to check the signature on a request
- * should guess the signature method appropriately
- */
- private function check_signature(&$request, $consumer, $token) {
- // this should probably be in a different method
- $timestamp = @$request->get_parameter('oauth_timestamp');
- $nonce = @$request->get_parameter('oauth_nonce');
-
- $this->check_timestamp($timestamp);
- $this->check_nonce($consumer, $token, $nonce, $timestamp);
-
- $signature_method = $this->get_signature_method($request);
-
- $signature = $request->get_parameter('oauth_signature');
- $valid_sig = $signature_method->check_signature(
- $request,
- $consumer,
- $token,
- $signature
- );
-
- if (!$valid_sig) {
- throw new Exception("Invalid signature");
- }
- }
-
- /**
- * check that the timestamp is new enough
- */
- private function check_timestamp($timestamp) {
- if( ! $timestamp )
- throw new Exception(
- 'Missing timestamp parameter. The parameter is required'
- );
-
- // verify that timestamp is recentish
- $now = time();
- if (abs($now - $timestamp) > $this->timestamp_threshold) {
- throw new Exception(
- "Expired timestamp, yours $timestamp, ours $now"
- );
- }
- }
-
- /**
- * check that the nonce is not repeated
- */
- private function check_nonce($consumer, $token, $nonce, $timestamp) {
- if( ! $nonce )
- throw new Exception(
- 'Missing nonce parameter. The parameter is required'
- );
-
- // verify that the nonce is uniqueish
- $found = $this->data_store->lookup_nonce(
- $consumer,
- $token,
- $nonce,
- $timestamp
- );
- if ($found) {
- throw new Exception("Nonce already used: $nonce");
- }
- }
+ public function add_signature_method($signature_method) {
+ $this->signature_methods[$signature_method->get_name()] =
+ $signature_method;
+ }
-}
+ // high level functions
-class OAuthDataStore {
- function lookup_consumer($consumer_key) {
- // implement me
- }
+ /**
+ * process a request_token request
+ * returns the request token on success
+ */
+ public function fetch_request_token(&$request) {
+ $this->get_version($request);
- function lookup_token($consumer, $token_type, $token) {
- // implement me
- }
+ $consumer = $this->get_consumer($request);
- function lookup_nonce($consumer, $token, $nonce, $timestamp) {
- // implement me
- }
+ // no token required for the initial token request
+ $token = NULL;
- function new_request_token($consumer, $callback = null) {
- // return a new token attached to this consumer
- }
+ $this->check_signature($request, $consumer, $token);
- function new_access_token($token, $consumer, $verifier = null) {
- // return a new access token attached to this consumer
- // for the user associated with this token if the request token
- // is authorized
- // should also invalidate the request token
- }
+ // Rev A change
+ $callback = $request->get_parameter('oauth_callback');
+ $new_token = $this->data_store->new_request_token($consumer, $callback);
-}
+ return $new_token;
+ }
-class OAuthUtil {
- public static function urlencode_rfc3986($input) {
- if (is_array($input)) {
- return array_map(array('OAuthUtil', 'urlencode_rfc3986'), $input);
- } else if (is_scalar($input)) {
- return str_replace(
- '+',
- ' ',
- str_replace('%7E', '~', rawurlencode($input))
- );
- } else {
- return '';
- }
-}
+ /**
+ * process an access_token request
+ * returns the access token on success
+ */
+ public function fetch_access_token(&$request) {
+ $this->get_version($request);
+
+ $consumer = $this->get_consumer($request);
+
+ // requires authorized request token
+ $token = $this->get_token($request, $consumer, "request");
+ $this->check_signature($request, $consumer, $token);
- // This decode function isn't taking into consideration the above
- // modifications to the encoding process. However, this method doesn't
- // seem to be used anywhere so leaving it as is.
- public static function urldecode_rfc3986($string) {
- return urldecode($string);
- }
+ // Rev A change
+ $verifier = $request->get_parameter('oauth_verifier');
+ $new_token = $this->data_store->new_access_token($token, $consumer, $verifier);
- // Utility function for turning the Authorization: header into
- // parameters, has to do some unescaping
- // Can filter out any non-oauth parameters if needed (default behaviour)
- // May 28th, 2010 - method updated to tjerk.meesters for a speed improvement.
- // see http://code.google.com/p/oauth/issues/detail?id=163
- public static function split_header($header, $only_allow_oauth_parameters = true) {
- $params = array();
- if (preg_match_all('/('.($only_allow_oauth_parameters ? 'oauth_' : '').'[a-z_-]*)=(:?"([^"]*)"|([^,]*))/', $header, $matches)) {
- foreach ($matches[1] as $i => $h) {
- $params[$h] = OAuthUtil::urldecode_rfc3986(empty($matches[3][$i]) ? $matches[4][$i] : $matches[3][$i]);
+ return $new_token;
}
- if (isset($params['realm'])) {
- unset($params['realm']);
+
+ /**
+ * verify an api call, checks all the parameters
+ */
+ public function verify_request(&$request) {
+ $this->get_version($request);
+ $consumer = $this->get_consumer($request);
+ $token = $this->get_token($request, $consumer, "access");
+ $this->check_signature($request, $consumer, $token);
+ return array($consumer, $token);
}
- }
- return $params;
- }
-
- // helper to try to sort out headers for people who aren't running apache
- public static function get_headers() {
- if (function_exists('apache_request_headers')) {
- // we need this to get the actual Authorization: header
- // because apache tends to tell us it doesn't exist
- $headers = apache_request_headers();
-
- // sanitize the output of apache_request_headers because
- // we always want the keys to be Cased-Like-This and arh()
- // returns the headers in the same case as they are in the
- // request
- $out = array();
- foreach ($headers AS $key => $value) {
- $key = str_replace(
- " ",
- "-",
- ucwords(strtolower(str_replace("-", " ", $key)))
+
+ // Internals from here
+ /**
+ * version 1
+ */
+ private function get_version(&$request) {
+ $version = $request->get_parameter("oauth_version");
+ if (!$version) {
+ // Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present.
+ // Chapter 7.0 ("Accessing Protected Ressources")
+ $version = '1.0';
+ }
+ if ($version !== $this->version) {
+ throw new Exception("OAuth version '$version' not supported");
+ }
+ return $version;
+ }
+
+ /**
+ * figure out the signature with some defaults
+ */
+ private function get_signature_method(&$request) {
+ $signature_method =
+ @$request->get_parameter("oauth_signature_method");
+
+ if (!$signature_method) {
+ // According to chapter 7 ("Accessing Protected Ressources") the signature-method
+ // parameter is required, and we can't just fallback to PLAINTEXT
+ throw new Exception('No signature method parameter. This parameter is required');
+ }
+
+ if (!in_array($signature_method,
+ array_keys($this->signature_methods))) {
+ throw new Exception(
+ "Signature method '$signature_method' not supported " .
+ "try one of the following: " .
+ implode(", ", array_keys($this->signature_methods))
+ );
+ }
+ return $this->signature_methods[$signature_method];
+ }
+
+ /**
+ * try to find the consumer for the provided request's consumer key
+ */
+ private function get_consumer(&$request) {
+ $consumer_key = @$request->get_parameter("oauth_consumer_key");
+ if (!$consumer_key) {
+ throw new Exception("Invalid consumer key");
+ }
+
+ $consumer = $this->data_store->lookup_consumer($consumer_key);
+ if (!$consumer) {
+ throw new Exception("Invalid consumer");
+ }
+
+ return $consumer;
+ }
+
+ /**
+ * try to find the token for the provided request's token key
+ */
+ private function get_token(&$request, $consumer, $token_type="access") {
+ $token_field = @$request->get_parameter('oauth_token');
+ $token = $this->data_store->lookup_token(
+ $consumer, $token_type, $token_field
+ );
+ if (!$token) {
+ throw new Exception("Invalid $token_type token: $token_field");
+ }
+ return $token;
+ }
+
+ /**
+ * all-in-one function to check the signature on a request
+ * should guess the signature method appropriately
+ */
+ private function check_signature(&$request, $consumer, $token) {
+ // this should probably be in a different method
+ $timestamp = @$request->get_parameter('oauth_timestamp');
+ $nonce = @$request->get_parameter('oauth_nonce');
+
+ $this->check_timestamp($timestamp);
+ $this->check_nonce($consumer, $token, $nonce, $timestamp);
+
+ $signature_method = $this->get_signature_method($request);
+
+ $signature = $request->get_parameter('oauth_signature');
+ $valid_sig = $signature_method->check_signature(
+ $request,
+ $consumer,
+ $token,
+ $signature
+ );
+
+ if (!$valid_sig) {
+ throw new Exception("Invalid signature");
+ }
+ }
+
+ /**
+ * check that the timestamp is new enough
+ */
+ private function check_timestamp($timestamp) {
+ if( ! $timestamp )
+ throw new Exception(
+ 'Missing timestamp parameter. The parameter is required'
);
- $out[$key] = $value;
- }
- } else {
- // otherwise we don't have apache and are just going to have to hope
- // that $_SERVER actually contains what we need
- $out = array();
- if( isset($_SERVER['CONTENT_TYPE']) )
- $out['Content-Type'] = $_SERVER['CONTENT_TYPE'];
- if( isset($_ENV['CONTENT_TYPE']) )
- $out['Content-Type'] = $_ENV['CONTENT_TYPE'];
-
- foreach ($_SERVER as $key => $value) {
- if (substr($key, 0, 5) == "HTTP_") {
- // this is chaos, basically it is just there to capitalize the first
- // letter of every word that is not an initial HTTP and strip HTTP
- // code from przemek
- $key = str_replace(
- " ",
- "-",
- ucwords(strtolower(str_replace("_", " ", substr($key, 5))))
+
+ // verify that timestamp is recentish
+ $now = time();
+ if (abs($now - $timestamp) > $this->timestamp_threshold) {
+ throw new Exception(
+ "Expired timestamp, yours $timestamp, ours $now"
);
- $out[$key] = $value;
}
}
- }
- return $out;
- }
-
- // This function takes a input like a=b&a=c&d=e and returns the parsed
- // parameters like this
- // array('a' => array('b','c'), 'd' => 'e')
- public static function parse_parameters( $input ) {
- if (!isset($input) || !$input) return array();
-
- $pairs = explode('&', $input);
-
- $parsed_parameters = array();
- foreach ($pairs as $pair) {
- $split = explode('=', $pair, 2);
- $parameter = OAuthUtil::urldecode_rfc3986($split[0]);
- $value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : '';
-
- if (isset($parsed_parameters[$parameter])) {
- // We have already recieved parameter(s) with this name, so add to the list
- // of parameters with this name
-
- if (is_scalar($parsed_parameters[$parameter])) {
- // This is the first duplicate, so transform scalar (string) into an array
- // so we can add the duplicates
- $parsed_parameters[$parameter] = array($parsed_parameters[$parameter]);
+
+ /**
+ * check that the nonce is not repeated
+ */
+ private function check_nonce($consumer, $token, $nonce, $timestamp) {
+ if( ! $nonce )
+ throw new Exception(
+ 'Missing nonce parameter. The parameter is required'
+ );
+
+ // verify that the nonce is uniqueish
+ $found = $this->data_store->lookup_nonce(
+ $consumer,
+ $token,
+ $nonce,
+ $timestamp
+ );
+ if ($found) {
+ throw new Exception("Nonce already used: $nonce");
}
+ }
+
+ }
+}
- $parsed_parameters[$parameter][] = $value;
- } else {
- $parsed_parameters[$parameter] = $value;
+if (!class_exists('OAuthDataStore')) {
+ class OAuthDataStore {
+ function lookup_consumer($consumer_key) {
+ // implement me
}
+
+ function lookup_token($consumer, $token_type, $token) {
+ // implement me
+ }
+
+ function lookup_nonce($consumer, $token, $nonce, $timestamp) {
+ // implement me
+ }
+
+ function new_request_token($consumer, $callback = null) {
+ // return a new token attached to this consumer
+ }
+
+ function new_access_token($token, $consumer, $verifier = null) {
+ // return a new access token attached to this consumer
+ // for the user associated with this token if the request token
+ // is authorized
+ // should also invalidate the request token
+ }
+
}
- return $parsed_parameters;
- }
+}
+
+if (!class_exists('OAuthUtil')) {
+ class OAuthUtil {
+ public static function urlencode_rfc3986($input) {
+ if (is_array($input)) {
+ return array_map(array('OAuthUtil', 'urlencode_rfc3986'), $input);
+ } else if (is_scalar($input)) {
+ return str_replace(
+ '+',
+ ' ',
+ str_replace('%7E', '~', rawurlencode($input))
+ );
+ } else {
+ return '';
+ }
+ }
+
+
+ // This decode function isn't taking into consideration the above
+ // modifications to the encoding process. However, this method doesn't
+ // seem to be used anywhere so leaving it as is.
+
+ public static function urldecode_rfc3986($string) {
+ return urldecode($string);
+ }
+ // Utility function for turning the Authorization: header into
+ // parameters, has to do some unescaping
+ // Can filter out any non-oauth parameters if needed (default behaviour)
+ // May 28th, 2010 - method updated to tjerk.meesters for a speed improvement.
+ // see http://code.google.com/p/oauth/issues/detail?id=163
+ public static function split_header($header, $only_allow_oauth_parameters = true) {
+ $params = array();
+ if (preg_match_all('/('.($only_allow_oauth_parameters ? 'oauth_' : '').'[a-z_-]*)=(:?"([^"]*)"|([^,]*))/', $header, $matches)) {
+ foreach ($matches[1] as $i => $h) {
+ $params[$h] = OAuthUtil::urldecode_rfc3986(empty($matches[3][$i]) ? $matches[4][$i] : $matches[3][$i]);
+ }
+ if (isset($params['realm'])) {
+ unset($params['realm']);
+ }
+ }
+ return $params;
+ }
+
+ // helper to try to sort out headers for people who aren't running apache
+ public static function get_headers() {
+ if (function_exists('apache_request_headers')) {
+ // we need this to get the actual Authorization: header
+ // because apache tends to tell us it doesn't exist
+ $headers = apache_request_headers();
+
+ // sanitize the output of apache_request_headers because
+ // we always want the keys to be Cased-Like-This and arh()
+ // returns the headers in the same case as they are in the
+ // request
+ $out = array();
+ foreach ($headers AS $key => $value) {
+ $key = str_replace(
+ " ",
+ "-",
+ ucwords(strtolower(str_replace("-", " ", $key)))
+ );
+ $out[$key] = $value;
+ }
+ } else {
+ // otherwise we don't have apache and are just going to have to hope
+ // that $_SERVER actually contains what we need
+ $out = array();
+ if( isset($_SERVER['CONTENT_TYPE']) )
+ $out['Content-Type'] = $_SERVER['CONTENT_TYPE'];
+ if( isset($_ENV['CONTENT_TYPE']) )
+ $out['Content-Type'] = $_ENV['CONTENT_TYPE'];
+
+ foreach ($_SERVER as $key => $value) {
+ if (substr($key, 0, 5) == "HTTP_") {
+ // this is chaos, basically it is just there to capitalize the first
+ // letter of every word that is not an initial HTTP and strip HTTP
+ // code from przemek
+ $key = str_replace(
+ " ",
+ "-",
+ ucwords(strtolower(str_replace("_", " ", substr($key, 5))))
+ );
+ $out[$key] = $value;
+ }
+ }
+ }
+ return $out;
+ }
- public static function build_http_query($params) {
- if (!$params) return '';
+ // This function takes a input like a=b&a=c&d=e and returns the parsed
+ // parameters like this
+ // array('a' => array('b','c'), 'd' => 'e')
+ public static function parse_parameters( $input ) {
+ if (!isset($input) || !$input) return array();
+
+ $pairs = explode('&', $input);
+
+ $parsed_parameters = array();
+ foreach ($pairs as $pair) {
+ $split = explode('=', $pair, 2);
+ $parameter = OAuthUtil::urldecode_rfc3986($split[0]);
+ $value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : '';
+
+ if (isset($parsed_parameters[$parameter])) {
+ // We have already recieved parameter(s) with this name, so add to the list
+ // of parameters with this name
+
+ if (is_scalar($parsed_parameters[$parameter])) {
+ // This is the first duplicate, so transform scalar (string) into an array
+ // so we can add the duplicates
+ $parsed_parameters[$parameter] = array($parsed_parameters[$parameter]);
+ }
+
+ $parsed_parameters[$parameter][] = $value;
+ } else {
+ $parsed_parameters[$parameter] = $value;
+ }
+ }
+ return $parsed_parameters;
+ }
- // Urlencode both keys and values
- $keys = OAuthUtil::urlencode_rfc3986(array_keys($params));
- $values = OAuthUtil::urlencode_rfc3986(array_values($params));
- $params = array_combine($keys, $values);
+ public static function build_http_query($params) {
+ if (!$params) return '';
- // Parameters are sorted by name, using lexicographical byte value ordering.
- // Ref: Spec: 9.1.1 (1)
- uksort($params, 'strcmp');
+ // Urlencode both keys and values
+ $keys = OAuthUtil::urlencode_rfc3986(array_keys($params));
+ $values = OAuthUtil::urlencode_rfc3986(array_values($params));
+ $params = array_combine($keys, $values);
- $pairs = array();
- foreach ($params as $parameter => $value) {
- if (is_array($value)) {
- // If two or more parameters share the same name, they are sorted by their value
+ // Parameters are sorted by name, using lexicographical byte value ordering.
// Ref: Spec: 9.1.1 (1)
- natsort($value);
- foreach ($value as $duplicate_value) {
- $pairs[] = $parameter . '=' . $duplicate_value;
+ uksort($params, 'strcmp');
+
+ $pairs = array();
+ foreach ($params as $parameter => $value) {
+ if (is_array($value)) {
+ // If two or more parameters share the same name, they are sorted by their value
+ // Ref: Spec: 9.1.1 (1)
+ natsort($value);
+ foreach ($value as $duplicate_value) {
+ $pairs[] = $parameter . '=' . $duplicate_value;
+ }
+ } else {
+ $pairs[] = $parameter . '=' . $value;
+ }
}
- } else {
- $pairs[] = $parameter . '=' . $value;
+ // For each parameter, the name is separated from the corresponding value by an '=' character (ASCII code 61)
+ // Each name-value pair is separated by an '&' character (ASCII code 38)
+ return implode('&', $pairs);
}
+
}
- // For each parameter, the name is separated from the corresponding value by an '=' character (ASCII code 61)
- // Each name-value pair is separated by an '&' character (ASCII code 38)
- return implode('&', $pairs);
- }
-}
}
\ No newline at end of file
diff --git a/wp-content/plugins/flattr/readme.txt b/wp-content/plugins/flattr/readme.txt
index a2307f5e9..a4696b3f8 100644
--- a/wp-content/plugins/flattr/readme.txt
+++ b/wp-content/plugins/flattr/readme.txt
@@ -2,8 +2,8 @@
Contributors: aphex3k
Donate link: https://flattr.com/donation/give/to/der_michael
Tags: flattr, donate, micropayments
-Requires at least: 2.9.0
-Tested up to: 3.0.5
+Requires at least: 3.0
+Tested up to: 3.2
Stable tag: trunk
This plugin allows you to easily add a Flattr button to your wordpress blog.
@@ -37,7 +37,41 @@ To use advanced features like auto-submission or feed-buttons, your web server n
== Changelog ==
-`Attention: ` It is mandatory to disable FlattRSS and Flattr Widget standalone plugins before upgrading.
+= 0.9.25.4 =
+* New Feature: Initial test with WP 3.2 passed
+* Fix: saving option for user based flattr buttons
+
+= 0.9.25.3 =
+* Fix: typo in check time of post before autopublishing
+
+= 0.9.25.2 =
+* Fix: fixed a typo in the code, thanks to F. Holzhauer
+
+= 0.9.25.1 =
+* New Feature: Changelog Preview
+* New Feature: Explicit warning messages about missing functionality
+* Fix: Check time of post before autopublishing
+
+= 0.9.25 =
+* Requires at least Wordpress 3.0, tested against Wordpress 3.1.4
+* New Feature: personalized Flattr buttons for every blog author
+* New Feature: choose whether Flattr plugin handles excerpts or Wordpress
+* New Feature: advanced feedback form
+* New Feature: select JavaScript, static image or static text button
+* Fix: buttons disabled for the post don't show up in the feed anymore
+* Fix: Wordpress admin dashboard external resources fix
+* Fix: trying to suggest the callback domain more reliably
+
+= 0.9.24 =
+* Fix: replaced the connect link for basic connect with Flattr with a text box where you enter your username yourself
+
+= 0.9.23.1 =
+* New Feature: reenabling auto-submit feature as soon as advanced account setup is complete.
+* Fix: raising compatibility alongside other oauth plugins (Twitter Tools, etc.)
+
+= 0.9.23 =
+* New Feature: the Feed button can now be disabled
+* Fix: fixed a bug that accidentally deletes authorization keys while "Save Changes"
= 0.9.22.2 =
* Plugin basic functionality will work even though cURL is not available
@@ -165,4 +199,4 @@ A: Please clear session/cookie/browser cache and try again please.
For support requests regarding the wordpress plugin, please visit the plugin support forum: http://wordpress.org/tags/flattr?forum_id=10
-For every other Flattr support request head over to the Flattr forum: http://forum.flattr.com/
+For every other Flattr support request head over to the Flattr forum: http://forum.flattr.net/
diff --git a/wp-content/plugins/flattr/redirect.php b/wp-content/plugins/flattr/redirect.php
index b7606f419..8c6055c27 100644
--- a/wp-content/plugins/flattr/redirect.php
+++ b/wp-content/plugins/flattr/redirect.php
@@ -5,10 +5,7 @@ if (isset ($_GET['id'])&&
isset ($_GET['flattrss_redirect'])&&
function_exists('curl_init')) {
- $e = error_reporting();
- if (get_option('flattrss_error_reporting')) {
- error_reporting(0);
- }
+ header('Status-Code: 307');
$old_charset = ini_get('default_charset');
ini_set('default_charset',get_option('blog_charset'));
@@ -17,46 +14,28 @@ if (isset ($_GET['id'])&&
$md5 = $_GET['md5'];
$post = get_post($id,ARRAY_A);
-
- function return_error($x) { die(strval($x)); }
-
- if (md5($post['post_title']) != $md5) {
- return_error("Post title mismatch");
- }
-
- if ($post['post_status'] != "publish") {
- return_error("Post status not published");
- }
-
- if (get_option('flattrss_clicktrack_enabled')) {
- update_option('flattrss_clickthrough_n', get_option('flattrss_clickthrough_n')+1);
- }
-
+
$url = get_permalink($post['ID']);
$tagsA = get_the_tags($post['ID']);
- $tags = "";
+ $tags = "blog";
- if ($tagsA) {
+ if (!empty($tagsA)) {
foreach ($tagsA as $tag) {
- if (strlen($tags)!=0){
+ if (strlen($tags)>0){
$tags .=",";
}
$tags .= $tag->name;
}
}
- if (trim($tags) == "") {
- $tags .= "blog";
+ $category = get_post_meta($post['ID'], '_flattr_post_category', true);
+ if (empty($category)) {
+ $category = (get_option('user_based_flattr_buttons')&& get_user_meta(get_the_author_meta('ID'), "user_flattr_cat", true)!="")? get_user_meta(get_the_author_meta('ID'), "user_flattr_cat", true): get_option('flattr_cat');
}
- $category = "text";
- if (get_option('flattr_cat')!= "") {
- $category = get_option('flattr_cat');
- }
-
- $language = "en_EN";
- if (get_option('flattr_lng')!="") {
- $language = get_option('flattr_lng');
+ $language = get_post_meta($post['ID'], '_flattr_post_language', true);
+ if (empty($language)) {
+ $language = (get_option('user_based_flattr_buttons')&& get_user_meta(get_the_author_meta('ID'), "user_flattr_lng", true)!="")? get_user_meta(get_the_author_meta('ID'), "user_flattr_lng", true): get_option('flattr_lng');
}
function getExcerpt($post, $excerpt_max_length = 1024) {
@@ -98,78 +77,25 @@ if (isset ($_GET['id'])&&
}
$title = strip_tags($post['post_title']);
- $title = str_replace(array("\"","\'"), "", $title);
-
- include_once 'oAuth/flattr_rest.php';
- require_once 'oAuth/oauth.php';
-
- $api_key = get_option('flattrss_api_key');
- $api_secret = get_option('flattrss_api_secret');
- $oauth_token = get_option('flattrss_api_oauth_token');
- $oauth_token_secret = get_option('flattrss_api_oauth_token_secret');
-
- $flattr_user = new Flattr_Rest($api_key, $api_secret, $oauth_token, $oauth_token_secret);
-
- if ($flattr_user->error()) {
- return_error("Flattr User Error!");
- }
-
- function encode($string) {
- if (function_exists("mb_detect_encoding")) {
- $string = (mb_detect_encoding($string, "UTF-8") == "UTF-8" )? $string : utf8_encode($string);
- } else {
- $string = utf8_encode($string);
- }
- return $string;
- }
-
- if (get_option('flattrss_autodonate') && !isset($_SESSION['flattrss_autodonate_click'])) {
- $flattr_user->clickThing("ead246fc95fc401ce69d15f3981da971");
- $_SESSION['flattrss_autodonate_click'] = true;
- }
-
- $thing = $flattr_user->submitThing($url, encode($title), $category, encode($content), $tags, $language);
-
- if($flattr_user->http_code == 500) {
- /*
- header('Status-Code: 307');
- header('LOCATION: '.$url);
- */
- /*
- print_r(array($url, encode($title), $category, encode($content), $tags, $language));
- print_r($flattr_user);
- print_r($thing);
- die();
-
- break;
- */
- }
-
- if (isset ($thing['int_id'])) {
- header('LOCATION: https://flattr.com/thing/'.$thing['int_id']);
- }
-
- $thingList = $flattr_user->getThingList();
- $thing_id = 0;
-
- foreach ($thingList as $thing){
- if($thing['url'] == $url) {
- $thing_id = $thing['int_id'];
- }
- }
-
- $location = $url;
-
- if ($thing_id != 0) {
- $location = 'https://flattr.com/thing/'.$thing_id;
- }
-
- header('Status-Code: 307');
- header('LOCATION: '. $location);
-
+ $hidden = ($hidden)?"1":"0";
+
+ if (get_option('user_based_flattr_buttons_since_time')< strtotime(get_the_time("c",$post)))
+ $flattr_uid = (get_option('user_based_flattr_buttons')&& get_user_meta(get_the_author_meta('ID'), "user_flattr_uid", true)!="")? get_user_meta(get_the_author_meta('ID'), "user_flattr_uid", true): get_option('flattr_uid');
+ else
+ $flattr_uid = get_option('flattr_uid');
+
+ $location = "https://flattr.com/submit/auto?user_id=".urlencode($flattr_uid).
+ "&url=".urlencode($url).
+ "&title=".urlencode($title).
+ "&description=".urlencode($content).
+ "&language=". urlencode($language).
+ "&tags=". urlencode($tags).
+ "&hidden=". $hidden.
+ "&category=". urlencode($category);
+
+ header('Location: '. $location);
+
ini_set('default_charset',$old_charset);
- error_reporting($e);
-
- exit ($thing_id);
+ exit(0);
}
\ No newline at end of file
diff --git a/wp-content/plugins/flattr/settings-template.php b/wp-content/plugins/flattr/settings-template.php
index 668007358..467ce16ad 100644
--- a/wp-content/plugins/flattr/settings-template.php
+++ b/wp-content/plugins/flattr/settings-template.php
@@ -9,46 +9,53 @@
$server = preg_split("/:/", $server);
$server = $server[0];
+ $server2 = substr(home_url('','http'),7);
+ $server2 = preg_split("/\//", $server2);
+ $server2 = $server2[0];
+
?>
<div class="wrap flattr-wrap" style="width:90%">
<div>
<!-- <h2><?php _e('Flattr Settings'); ?> <img id="loaderanim" onload="javascript:{document.getElementById('loaderanim').style.display='none'};" src="<?php echo get_bloginfo('wpurl') . '/wp-content/plugins/flattr'.'/img/loader.gif' ?>"/></h2> -->
<div class="tabber">
- <div style="float:right; margin-top: -31px;"><img src="../wp-content/plugins/flattr/img/flattr-logo-beta-small.png" alt="Flattr Beta Logo"/></div>
+ <div style="float:right; margin-top: -31px;margin-left: 10px;"><img src="../wp-content/plugins/flattr/img/flattr-logo-beta-small.png" alt="Flattr Beta Logo"/><br />
+ <ul style="margin-top: 10px;">
+ <li style="display: inline;">
+ <script type="text/javascript">
+ var flattr_uid = "der_michael";
+ var flattr_btn = "compact";
+ var flattr_tle = "Wordpress Flattr plugin";
+ var flattr_dsc = "Give your readers the opportunity to Flattr your effort. See http://wordpress.org/extend/plugins/flattr/ for details.";
+ var flattr_cat = "software";
+ var flattr_tag = "wordpress,plugin,flattr,rss";
+ var flattr_url = "http://wordpress.org/extend/plugins/flattr/";
+ </script><script src="<?php echo (isset($_SERVER['HTTPS'])) ? 'https' : 'http'; ?>://api.flattr.com/button/load.js" type="text/javascript"></script>
+ </li>
+ <li style="display: inline-block;position:relative; top: -6px;"><a href="https://flattr.com/donation/give/to/der_michael" style="color:#ffffff;text-decoration:none;background-image: url('<?php echo get_bloginfo('wpurl');?>/wp-content/plugins/flattr/img/bg-boxlinks-green.png');border-radius:3px;text-shadow:#666666 0 1px 1px;width:53px;padding:1px;padding-top: 2px;padding-bottom: 2px;display:block;text-align:center;font-weight: bold;" target="_blank">Donate</a></li>
+ </ul>
+ </div>
<div class="tabbertab" title="Flattr Account" style="border-left:0;">
+ <form method="post" action="options.php">
+ <?php settings_fields( 'flattr-settings-group' ); ?>
+ <?php if (current_user_can( "activate_plugins" )): ;?>
+ <p><input type="checkbox" name="user_based_flattr_buttons"<?php echo get_option('user_based_flattr_buttons')?" checked":"";?> /> If you tick this box, every user of the blog will have the chance to register it's own Flattr buttons. Buttons will then be linked to post authors and only display if the user completed plugin setup.</p>
+ <?php endif; ?>
<h2><?php _e('Basic Setup'); ?></h2>
- <p>
+ <p>
The basic account setup enables this plugin to work.
</p>
<table class="form-table">
<tr valign="top">
- <th scope="row"><?php _e('Your Flattr account'); ?></th>
+ <th scope="row"><?php _e('The blogs/your Flattr account'); ?></th>
<td>
- <?php
- $connect_callback = rawurlencode( (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
- if (get_option('flattr_uid')) { ?>
- Connected as
- <?php
- if (preg_match('/[A-Za-z-_.]/', get_option('flattr_uid'))) {
- ?><a href="<?php echo esc_url( 'https://flattr.com/profile/' . get_option('flattr_uid') ); ?>"><?php
- esc_html_e(get_option('flattr_uid'));
- ?></a>.<?php
- }
- else {
- ?>user id <?php esc_html_e(get_option('flattr_uid'));?>.<?php
- }
- ?>
- (<a href="https://flattr.com/login?idCallback=<?php echo $connect_callback; ?>">Reconnect</a>)
- <?php } else { ?>
- None - <a href="https://flattr.com/login?idCallback=<?php echo $connect_callback; ?>">Connect with Flattr</a>
- <?php } ?>
+ <input name="flattr_uid" type="text" value="<?php echo(get_option('flattr_uid')); ?>" />
</td>
</tr>
</table>
<?php if (get_option('flattr_uid') && function_exists('curl_init')) { ?>
<h2>Advanced Setup</h2>
<p>
- The advanced account setup enables advanced features like Feed buttons and autosubmit.
+ The advanced account setup enables autosubmit feature.
</p>
<?php
$oauth_token = get_option('flattrss_api_oauth_token');
@@ -63,18 +70,18 @@
<li>To get your personal Flattr APP Key and APP Secret you need to <a href="https://flattr.com/apps/new" target="_blank">register your blog</a> as Flattr app. <small><a href="http://developers.flattr.net/doku.php/register_your_application" target="_blank">(More Info)</a></small></li>
<li>Choose reasonable values for <em>Application name</em>, <em>Application website</em> and <em>Application description</em></li>
<li>It is mandatory to <strong>select BROWSER application type!</strong> This plugin will currently <strong>not work if CLIENT is selected</strong>.</li>
- <li>You must use <code><?php echo $server; ?></code> as callback domain.</li>
+ <li>You must use <code><?php echo ($server == $server2)? $server2 : "$server2</code> or <code>$server"; ?></code> as callback domain.</li>
<li>Copy 'n Paste your APP Key and APP Secret in the corresponding fields below. Save Changes.</li>
<li>As soon as you saved your APP information <a href="#Authorize">authorize</a> your Flattr account with your own application.</li>
<li>If everything is done correctly you'll see your <a href="#UserInfo">Flattr username and info</a> on this site.</li>
</ol>
<?php } ?>
-<form method="post" action="options.php">
-<?php settings_fields( 'flattr-settings-group' ); ?>
- <table class="form-table">
+ <table class="form-table">
<tr valign="top">
<th scope="row">Callback Domain</th>
- <td><input size="30" value="<?php echo $server; ?>" readonly/></td>
+ <td><input size="30" value="<?php echo $server2; ?>" readonly/><?php if ($server!=$server2) : ?> or
+ <br /><input size="30" value="<?php echo $server; ?>" readonly/><p>One of the above values should work. If not. Please contact me.</p>
+ <?php endif; ?></td>
</tr>
<tr valign="top">
<th scope="row">APP_KEY</th>
@@ -100,12 +107,28 @@
$token = $flattr->getRequestToken( $callback_ );
$_SESSION['flattrss_current_token'] = $token;
- $url = $flattr->getAuthorizeUrl($token, 'read,readextended,click,publish');
+ if ($token != "") {
+
+ $url = $flattr->getAuthorizeUrl($token, 'read,readextended,click,publish');
?><a name="Authorize"><div id="icon-options-general" class="icon32"><br /></div><h2>Authorize App</h2></a>
<p>In order to automatically generate the correct "<em>Things</em>" link for your blog post from the feed, you need to authorize you Flattr app with your Flattr account.</p>
- <p><a href="<?php echo $url;?>">(re-)Authorize with Flattr</a>.
-<?php
+ <p><a href="<?php echo $url;?>">(re-)Authorize with Flattr</a>.</p>
+ <?php
+ } else {
+ ?><a name="Authorize"><div id="icon-options-general" class="icon32"><br /></div><h2>Authorize App</h2></a>
+ <p>Unable to aquire oAuth token. What now?</p>
+ <ol>
+ <li>Check PHP cURL support</li>
+ <li>Check PHP libXML support</li>
+ <li>Check PHP DOM support</li>
+ <li>DoubleCheck APP_KEY & APP_SECERT</li>
+ <li>Flattr Service might be down?</li>
+ <li>There might be a communication/firewall issue between your webserver and flattr.com</li>
+ <li>Try again later...</li>
+ </ol>
+ <?php
+ }
#print_r($flattr);
@@ -131,6 +154,33 @@
?>
</div>
<div class="tabbertab" title="Post/Page Buttons">
+ <h2>Button Style</h2>
+ <p>What do you want your Flattr button to look like?</p>
+ <table id="option">
+ <tr>
+ <td><input type="radio" name="flattr_button_style" value="js"<?=(get_option('flattr_button_style')=="js")?" checked":"";?>/></td>
+ <td><script type="text/javascript">
+ var flattr_uid = "der_michael";
+ var flattr_btn = "<?=get_option('flattr_compact')?"compact":"";?>";
+ var flattr_tle = "Wordpress Flattr plugin";
+ var flattr_dsc = "Give your readers the opportunity to Flattr your effort. See http://wordpress.org/extend/plugins/flattr/ for details.";
+ var flattr_cat = "software";
+ var flattr_tag = "wordpress,plugin,flattr,rss";
+ var flattr_url = "http://wordpress.org/extend/plugins/flattr/";
+ </script><script src="<?php echo (isset($_SERVER['HTTPS'])) ? 'https' : 'http'; ?>://api.flattr.com/button/load.js" type="text/javascript"></script></td>
+ <td>JavaScript Version</td>
+ </tr><tr>
+ <td><input type="radio" name="flattr_button_style" value="image"<?=(get_option('flattr_button_style')=="image")?" checked":"";?>/></td>
+ <td>
+ <img src="<?=get_option('flattrss_custom_image_url');?>"/>
+ </td>
+ <td>static Image</td>
+ </tr><tr>
+ <td><input type="radio" name="flattr_button_style" value="text"<?=(get_option('flattr_button_style')=="text")?" checked":"";?>/></td>
+ <td><a href="#">Flattr this!</a></td>
+ <td>static Text</td>
+ </tr>
+ </table>
<h2>Post/Page Buttons</h2>
<p>These options are for the Flattr buttons automatically generated for posts and pages.</p>
@@ -214,10 +264,20 @@
<p id="message" class="updated" style="padding:10px;"><strong>Attention:</strong> Currently nothing can be autosubmitted. Enable cURL extension for your webserver to use this feature!</p>
<?php }?>
+
<table>
<tr valign="top">
<th scope="row">Automatic Submission</th>
- <td><p><input name="flattrss_autosubmit" type="checkbox"<?php echo get_option('flattrss_autosubmit')? " checked": ""; echo ($oauth_token != $oauth_token_secret && get_option('flattr_hide') == false)? "":" disabled"; ?> /> Check this box to automatically submit your blog post when you publish. You need to complete the full advanced setup in order for autosubmission to work.</p>
+ <td><p><input name="flattrss_autosubmit" type="checkbox"<?php echo get_option('flattrss_autosubmit')? " checked": ""; echo ($oauth_token != $oauth_token_secret)? "":" disabled"; ?> /> Check this box to automatically submit your blog post when you publish. You need to complete the full advanced setup in order for autosubmission to work.</p>
+ </td>
+ </tr>
+ <tr valign="top">
+ <th scope="row">Excerpt Handling</th>
+ <td><p>Let <select name="flattr_handles_exerpt">
+ <option value="1" <?php echo (get_option('flattr_handles_exerpt')==1)? " selected": "";?>>Flattr Plugin</option>
+ <option value="0" <?php echo (get_option('flattr_handles_exerpt')==0)? " selected": "";?>>Wordpress</option>
+ </select> handle the excerpt. If you are new to the plugin select Wordpress here and see if it works out for you. If your upgrading from an earlier version this will likely default to Flattr plugin.
+ </p>
</td>
</tr>
<tr valign="top">
@@ -231,6 +291,11 @@
<p id="message" class="updated" style="padding:10px;"><strong>Attention:</strong> Currently no button will be inserted in your RSS feed. Enable cURL extension for your webserver to use this feature.</p>
<?php }?>
<table>
+ <tr valign="top">
+ <th scope="row">RSS/Atom Feed Button</th>
+ <td><p><input name="flattrss_button_enabled" type="checkbox" <?php if(get_option('flattrss_button_enabled')) {echo "checked";}?> /> A Flattr button will be included in the RSS/Atom Feed of your blog.</p>
+ </td>
+ </tr>
<tr valign="top">
<th scope="row">Custom Image URL</th>
<td><p>This image is served as static image to be included in the RSS/Atom Feed of your blog.</p><input name="flattrss_custom_image_url" size="70" value="<?php echo get_option('flattrss_custom_image_url');?>"/><br/>
@@ -266,64 +331,21 @@
<div class="tabbertab" title="Feedback">
<h2>Feedback</h2>
- <table>
- <tr>
- <td valign="top" style="padding-top:13px;padding-right: 13px;">
- <script type="text/javascript">
- var flattr_uid = "der_michael";
- var flattr_tle = "Wordpress Flattr plugin";
- var flattr_dsc = "Give your readers the opportunity to Flattr your effort. See http://wordpress.org/extend/plugins/flattr/ for details.";
- var flattr_cat = "software";
- var flattr_tag = "wordpress,plugin,flattr,rss";
- var flattr_url = "http://wordpress.org/extend/plugins/flattr/";
- </script><script src="http://api.flattr.com/button/load.js" type="text/javascript"></script>
- <p><a href="https://flattr.com/donation/give/to/der_michael" style="color:#ffffff;text-decoration:none;background-image: url(https://flattr.com/_img/fluff/bg-boxlinks-green.png);border-radius:3px;text-shadow:#666666 0 1px 1px;width:53px;padding:1px;padding-top: 2px;padding-bottom: 2px;display:block;text-align:center;font-weight: bold;" target="_blank">Donate</a></p>
- </td>
- <td>
- <p>Please post feedback regarding wordpress integration on <a href="http://wordpress.org/tags/flattr?forum_id=10" target="_blank">the plugins board at wordpress.org</a>. You can use <a href="http://forum.flattr.net/" target="_blank">the official flattr board</a> for every concern regarding flattr.</p>
- <p>If you have a certain remark, request or simply something you want to let me know feel free to mail me at <a href="mailto:flattr@allesblog.de?subject=Flattr Wordpress Plugin" title="flattr@allesblog.de">flattr@allesblog.de</a>. Please note that I'm not an official part of the Flattr Dev-Team. So I can only answer questions regarding the flattr wordpress plugin alone.</p>
- <p><strong>Spread the word!</strong></p>
- <p>You can help getting Flattr out there!</p>
- </td>
- </tr>
- </table>
+ <p>Please post feedback regarding wordpress integration on <a href="http://wordpress.org/tags/flattr?forum_id=10" target="_blank">the plugins board at wordpress.org</a>. You can use <a href="http://forum.flattr.net/" target="_blank">the official flattr board</a> for every concern regarding flattr.</p>
+ <p>If you have a certain remark, request or simply something you want to let me know feel free to mail me at <a href="mailto:flattr@allesblog.de?subject=Flattr Wordpress Plugin" title="flattr@allesblog.de">flattr@allesblog.de</a>. Please note that I'm not an official part of the Flattr Dev-Team. So I can only answer questions regarding the flattr wordpress plugin alone.</p>
+ <p><strong>Spread the word!</strong></p>
+ <p>You can help getting Flattr out there!</p>
<h2>Debug</h2>
<p>
- Please provide the following information with your support request.
+ Please provide the following information with your support request. All fields are <em>optional</em>. However, If you expect a reply, provide at least a valid eMail address.
</p>
- <textarea cols="80" rows="10"><?php
-
- if (time() - $_SESSION['debug_date']>60) {
- $_SESSION['debug_date'] = time();
- $_SESSION['debug'] = "";
- if (function_exists('apache_get_version')) {
- $_SESSION['debug'] .= "HTTPSERVER: ".apache_get_version() ."\n";
- } elseif (function_exists('iis_start_server')) {
- $_SESSION['debug'] .= "IIS Server\n";
- } else {
- $_SESSION['debug'] .= "non-Apache web Server\n";
- }
- if (function_exists('domxml_version')) {
- $_SESSION['debug'] .= "XML Version: ".domxml_version()." (PHP4!)\n";
- }
- if (defined('LIBXML_VERSION')) {
- $_SESSION['debug'] .= "LIBXML_VERSION: ". LIBXML_VERSION ."\n";
- } else {
- $modules = get_loaded_extensions();
- foreach ($modules as $module) {
- $_SESSION['debug'] .= trim("$module ". phpversion($module)).", ";
- }
- }
- if (function_exists('curl_init')) {
- $v = curl_version();
- $_SESSION['debug'] .= "cURL extension installed. ".$v['version']."\n";
- } else {
- $_SESSION['debug'] .= "no cURL extension found.\n";
- }
- }
- echo htmlentities($_SESSION['debug']);
-
- ?></textarea>
+ <table>
+ <tr><td>Your Name:</td><td><input type="text" name="fname" /></td></tr>
+ <tr><td>Your eMail:</td><td><input type="text" name="femail" /></td></tr>
+ <tr><td>Comment:</td><td><textarea cols="80" rows="10" name="ftext">What's your problem?</textarea></td></tr>
+ <tr><td>DEBUG:</td><td><input type="checkbox" checked name="fphpinfo"> Include extended debug information in mail. <a href="http://php.net/manual/function.phpinfo.php" target="_blank">phpinfo()</a></td></tr>
+ <tr><td>Send Mail</td><td><input type="checkbox" name="fsendmail"> ⇐ tick this box and click "Save Changes" to submit support request.</td></tr>
+ </table>
</div>
<p class="submit">
<input type="submit" class="button-primary" value="Save Changes" />
diff --git a/wp-content/plugins/flattr/settings.php b/wp-content/plugins/flattr/settings.php
index 85985b2dc..27f7dc8e8 100644
--- a/wp-content/plugins/flattr/settings.php
+++ b/wp-content/plugins/flattr/settings.php
@@ -11,16 +11,16 @@ class Flattr_Settings
public function init_ui()
{
$menutitle = __('Flattr', 'flattr');
- add_menu_page('Flattr', $menutitle, 1, 'flattr/settings.php', '', get_bloginfo('wpurl') . '/wp-content/plugins/flattr'.'/img/flattr-icon_new.png');
-
- add_submenu_page( 'flattr/settings.php', __('Flattr'), __('Flattr'), 'manage_options', 'flattr/settings.php', array($this, 'render'));
+ $cap = get_option('user_based_flattr_buttons')? "edit_posts":"manage_options";
- }
+ add_menu_page('Flattr', $menutitle, $cap, 'flattr/settings.php', '', get_bloginfo('wpurl') . '/wp-content/plugins/flattr'.'/img/flattr-icon_new.png');
+ add_submenu_page( 'flattr/settings.php', __('Flattr'), __('Flattr'), $cap, 'flattr/settings.php', array($this, 'render'));
+ }
public function register_settings()
{
- register_setting('flattr-settings-uid-group', 'flattr_uid', array($this, 'sanitize_userid'));
+ register_setting('flattr-settings-group', 'flattr_uid', array($this, 'sanitize_userid'));
register_setting('flattr-settings-group', 'flattr_aut', array($this, 'sanitize_auto'));
register_setting('flattr-settings-group', 'flattr_aut_page', array($this, 'sanitize_auto_page'));
register_setting('flattr-settings-group', 'flattr_cat', array($this, 'sanitize_category'));
@@ -37,18 +37,36 @@ class Flattr_Settings
register_setting('flattr-settings-group', 'flattrss_custom_image_url');
register_setting('flattr-settings-group', 'flattrss_autosubmit');
register_setting('flattr-settings-group', 'flattr_post_types');
- register_setting('flattr-settings-group', 'flattrss_api_oauth_token_secret');
- register_setting('flattr-settings-group', 'flattrss_api_oauth_token');
+
+ register_setting('flattr-settings-group', 'flattrss_button_enabled');
+ register_setting('flattr-settings-group', 'flattr_handles_exerpt');
+ register_setting('flattr-settings-group', 'flattr_button_style');
+
+ register_setting('flattr-settings-group', 'flattr_warn_ignore_version');
+
+ register_setting('flattr-settings-group', 'user_based_flattr_buttons');
+
+ if (isset($_POST['user_flattr_uid']) && isset($_POST['user_flattr_cat']) && isset ($_POST['user_flattr_lng'])) {
+ require_once( ABSPATH . WPINC . '/registration.php');
+ $user_id = get_current_user_id( );
+
+ update_user_meta( $user_id, "user_flattr_uid", $_POST['user_flattr_uid'] );
+ update_user_meta( $user_id, "user_flattr_cat", $_POST['user_flattr_cat'] );
+ update_user_meta( $user_id, "user_flattr_lng", $_POST['user_flattr_lng'] );
+ }
+
+ if(get_option('user_based_flattr_buttons')) {
+ add_option('user_based_flattr_buttons_since_time', time());
+ }
}
public function render()
{
- if (array_key_exists('FlattrId', $_GET)) {
- include('settings-confirm-template.php');
- }
- else {
+ if (current_user_can("activate_plugins")) {
include('settings-template.php');
- }
+ } elseif (current_user_can("edit_posts") && get_option('user_based_flattr_buttons')) {
+ include('user-settings-template.php');
+ }
}
public function sanitize_category($category)
diff --git a/wp-content/plugins/flattr/tabber.css b/wp-content/plugins/flattr/tabber.css
index 5477ab8ae..b850fce8e 100644
--- a/wp-content/plugins/flattr/tabber.css
+++ b/wp-content/plugins/flattr/tabber.css
@@ -52,7 +52,7 @@ ul.tabbernav li a
margin-left: 0px;
border-bottom: none;
background-color: #78A931;
- background-image: url(https://flattr.com/_img/fluff/bg-boxlinks-green.png);
+ background-image: url(../flattr/img/bg-boxlinks-green.png);
color: #fff;
border-left: 1px solid #7a3;
text-decoration: none;
@@ -110,4 +110,11 @@ ul.tabbernav li.tabberactive a:hover
.tabberlive#tab2 .tabbertab {
height:200px;
overflow:auto;
+}
+
+.tabbertab #option {
+ width: 400px;
+}
+.tabbertab #option tr {
+ height: 28px;
}
\ No newline at end of file
diff --git a/wp-content/plugins/flattr/user-settings-template.php b/wp-content/plugins/flattr/user-settings-template.php
new file mode 100644
index 000000000..19a80f9f7
--- /dev/null
+++ b/wp-content/plugins/flattr/user-settings-template.php
@@ -0,0 +1,152 @@
+<?php
+
+ define(FLATTRSS_PLUGIN_PATH, get_bloginfo('wpurl') . '/wp-content/plugins/flattr');
+ include_once 'oAuth/flattr_rest.php';
+ include_once 'oAuth/oauth.php';
+ ?>
+<div class="wrap flattr-wrap" style="width:90%">
+ <div>
+<div class="tabber">
+ <div style="float:right; margin-top: -31px;margin-left: 10px;"><img src="../wp-content/plugins/flattr/img/flattr-logo-beta-small.png" alt="Flattr Beta Logo"/><br />
+ <ul style="margin-top: 10px;">
+ <li style="display: inline;">
+ <script type="text/javascript">
+ var flattr_uid = "der_michael";
+ var flattr_btn = "compact";
+ var flattr_tle = "Wordpress Flattr plugin";
+ var flattr_dsc = "Give your readers the opportunity to Flattr your effort. See http://wordpress.org/extend/plugins/flattr/ for details.";
+ var flattr_cat = "software";
+ var flattr_tag = "wordpress,plugin,flattr,rss";
+ var flattr_url = "http://wordpress.org/extend/plugins/flattr/";
+ </script><script src="<?php echo (isset($_SERVER['HTTPS'])) ? 'https' : 'http'; ?>://api.flattr.com/button/load.js" type="text/javascript"></script>
+ </li>
+ <li style="display: inline-block;position:relative; top: -6px;"><a href="https://flattr.com/donation/give/to/der_michael" style="color:#ffffff;text-decoration:none;background-image: url('<?php echo get_bloginfo('wpurl');?>/wp-content/plugins/flattr/img/bg-boxlinks-green.png');border-radius:3px;text-shadow:#666666 0 1px 1px;width:53px;padding:1px;padding-top: 2px;padding-bottom: 2px;display:block;text-align:center;font-weight: bold;" target="_blank">Donate</a></li>
+ </ul>
+ </div>
+ <div class="tabbertab" title="Flattr Account" style="border-left:0;">
+ <form method="post" action="admin.php?page=flattr/settings.php">
+ <h2><?php _e('User Setup'); ?></h2>
+ <p>
+ Set up your own Flattr user for all your posts.
+ </p>
+ <table class="form-table">
+ <tr valign="top">
+ <th scope="row"><?php _e('Your Flattr account name'); ?></th>
+ <td>
+ <input name="user_flattr_uid" type="text" value="<?php echo(get_user_meta(get_current_user_id( ), "user_flattr_uid", true)); ?>" />
+ </td>
+ </tr>
+ </table>
+ <?php
+
+ $api_key = get_option('flattrss_api_key');
+ $api_secret = get_option('flattrss_api_secret');
+
+ if ($api_key != $api_secret) {
+
+ $flattr = new Flattr_Rest($api_key, $api_secret);
+
+ # Do not rawurlencode!
+ $callback_ = (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ;
+
+ $token = $flattr->getRequestToken( $callback_ );
+ $_SESSION['flattrss_current_token'] = $token;
+
+ $url = $flattr->getAuthorizeUrl($token, 'read,readextended,click,publish');
+
+ ?><a name="Authorize"><div id="icon-options-general" class="icon32"><br /></div><h2>Authorize App</h2></a>
+ <p>In order to automatically generate the correct "<em>Things</em>" link for your blog post from the feed, you need to authorize you Flattr app with your Flattr account.</p>
+ <p><a href="<?php echo $url;?>">(re-)Authorize with Flattr</a>.
+<?php
+
+ $oauth_token = get_user_meta(get_current_user_id( ), "user_flattrss_api_oauth_token", true);
+ $oauth_token_secret = get_user_meta(get_current_user_id( ), "user_flattrss_api_oauth_token_secret", true);
+
+ if ($oauth_token != $oauth_token_secret) {
+ $flattr_user = new Flattr_Rest($api_key, $api_secret, $oauth_token, $oauth_token_secret);
+ if ( $flattr_user->error() ) {
+ echo( 'Error ' . $flattr_user->error() );
+ }
+ $user = $flattr_user->getUserInfo();
+?>
+ <div style="float:right"><img src="<?php echo $user['gravatar'];?>"></div><a name="UserInfo"><h2><img src="<?php echo FLATTRSS_PLUGIN_PATH .'/img/flattr_button.png' ?>" alt="flattr"/> Advanced Flattr User Info</h2></a>
+ <p><?php echo $user['firstname'];?> <?php echo $user['lastname'];?><br/>
+ <?php echo $user['username'];?>(<?php echo $user['id'];?>)</p>
+ <p>Flattr: <a href="https://flattr.com/profile/<?php echo $user['username'];?>" target="_blank">Profile</a>, <a href="https://flattr.com/dashboard" target="_blank">Dashboard</a>, <a href="https://flattr.com/settings" target="_blank">Settings</a></p>
+ <?php
+ #print_r($flattr_user);
+ }
+ }
+?>
+
+ </div>
+ <div class="tabbertab" title="Post/Page Buttons">
+ <h2>Post/Page Buttons</h2>
+ <p>These options are for the Flattr buttons automatically generated for posts and pages.</p>
+
+ <table class="form-table">
+
+ <tr valign="top">
+ <th scope="row"><?php _e('Default category for your posts'); ?></th>
+ <td>
+ <select name="user_flattr_cat">
+ <?php
+ foreach (Flattr::getCategories() as $category)
+ {
+ printf('<option value="%1$s" %2$s>%1$s</option>',
+ $category,
+ ($category == get_user_meta(get_current_user_id( ), "user_flattr_cat", true) ? 'selected' : '')
+ );
+ }
+ ?>
+ </select>
+ </td>
+ </tr>
+
+ <tr valign="top">
+ <th scope="row"><?php _e('Default language for your posts'); ?></th>
+ <td>
+ <select name="user_flattr_lng">
+ <?php
+ foreach (Flattr::getLanguages() as $languageCode => $language)
+ {
+ printf('<option value="%s" %s>%s</option>',
+ $languageCode,
+ ($languageCode == get_user_meta(get_current_user_id( ), "user_flattr_lng", true) ? 'selected' : ''),
+ $language
+ );
+ }
+ ?>
+ </select>
+ </td>
+ </tr>
+ </table>
+ </div>
+
+ <div class="tabbertab" title="Feedback">
+ <h2>Feedback</h2>
+ <p>Please post feedback regarding wordpress integration on <a href="http://wordpress.org/tags/flattr?forum_id=10" target="_blank">the plugins board at wordpress.org</a>. You can use <a href="http://forum.flattr.net/" target="_blank">the official flattr board</a> for every concern regarding flattr.</p>
+ <p>If you have a certain remark, request or simply something you want to let me know feel free to mail me at <a href="mailto:flattr@allesblog.de?subject=Flattr Wordpress Plugin" title="flattr@allesblog.de">flattr@allesblog.de</a>. Please note that I'm not an official part of the Flattr Dev-Team. So I can only answer questions regarding the flattr wordpress plugin alone.</p>
+ <p><strong>Spread the word!</strong></p>
+ <p>You can help getting Flattr out there!</p>
+ <h2>Debug</h2>
+ <p>
+ Please provide the following information with your support request. All fields are <em>optional</em>. However, If you expect a reply, provide at least a valid eMail address.
+ </p>
+ <table>
+ <tr><td>Your Name:</td><td><input type="text" name="fname" /></td></tr>
+ <tr><td>Your eMail:</td><td><input type="text" name="femail" /></td></tr>
+ <tr><td>Comment:</td><td><textarea cols="80" rows="10" name="ftext">What's your problem?</textarea></td></tr>
+ <tr><td>DEBUG:</td><td><input type="checkbox" checked name="fphpinfo"> Include extended debug information in mail. <a href="http://php.net/manual/function.phpinfo.php" target="_blank">phpinfo()</a></td></tr>
+ <tr><td>Send Mail</td><td><input type="checkbox" name="fsendmail"> ⇐ tick this box and click "Save Changes" to submit support request.</td></tr>
+ </table>
+ </div>
+ <p class="submit">
+ <input type="submit" class="button-primary" value="Save Changes" />
+ <input type="reset" class="button" value="Reset" />
+ </p>
+ </form>
+</div>
+</div>
+
+ </div><script type="text/javascript" src="<?php echo FLATTRSS_PLUGIN_PATH . '/tabber.js'; ?>"></script>
\ No newline at end of file
diff --git a/wp-content/plugins/flattr/user-settings.php b/wp-content/plugins/flattr/user-settings.php
new file mode 100644
index 000000000..a4abe2daf
--- /dev/null
+++ b/wp-content/plugins/flattr/user-settings.php
@@ -0,0 +1,2 @@
+<?php
+
--
GitLab