action.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171

<?php
    require __DIR__ . '/vendor/autoload.php';

    session_start();

    $consumer_key = getenv('CONSUMER_KEY');
    $consumer_secret = getenv('CONSUMER_SECRET');
    $client = new Tumblr\API\Client($consumer_key, $consumer_secret);
    $requestHandler = $client->getRequestHandler();
    $requestHandler->setBaseUrl('https://www.tumblr.com/');

    // Check if the user has already authenticated
    if(isset($_SESSION['perm_token']) && !empty($_SESSION['perm_token']) && isset($_SESSION['perm_secret']) && !empty($_SESSION['perm_secret'])) {
        $token = $_SESSION['perm_token'];
        $token_secret = $_SESSION['perm_secret'];
    }
    // Check if the user was here earlier by checking cookies
    else if (isset($_COOKIE['perm_token']) && !empty($_COOKIE['perm_token']) && isset($_COOKIE['perm_secret']) && !empty($_COOKIE['perm_secret'])) {
        $token = $_COOKIE['perm_token'];
        $token_secret = $_COOKIE['perm_secret'];
    }
    // Check if this is the user's first visit
    else if (!isset($_GET['oauth_verifier'])) {

        // Grab the oauth token
        $resp = $requestHandler->request('POST', 'oauth/request_token', array());
        $out = $result = $resp->body;
        $data = array();
        parse_str($out, $data);

        // Save temporary tokens to session
        $_SESSION['tmp_token'] = $data['oauth_token'];
        $_SESSION['tmp_secret'] = $data['oauth_token_secret'];

        // Redirect user to Tumblr auth page
        session_regenerate_id(true);
        $header_url = 'https://www.tumblr.com/oauth/authorize?oauth_token=' . $data['oauth_token'];
        header('Location: ' . $header_url);
        die();

    }
    // Check if the user was just sent back from the Tumblr authentication site
    else {

        $verifier = $_GET['oauth_verifier'];

        // Use the stored temporary tokens
        $client->setToken($_SESSION['tmp_token'], $_SESSION['tmp_secret']);

        // Access the permanent tokens
        $resp = $requestHandler->request('POST', 'oauth/access_token', array('oauth_verifier' => $verifier));
        $out = $result = $resp->body;
        $data = array();
        parse_str($out, $data);

        // Set permanent tokens
        $token = $data['oauth_token'];
        $token_secret = $data['oauth_token_secret'];;
        $_SESSION['perm_token'] = $data['oauth_token'];
        $_SESSION['perm_secret'] = $data['oauth_token_secret'];

        // Set cookies in case the user comes back later
        setcookie("perm_token", $_SESSION['perm_token']);
        setcookie("perm_secret", $_SESSION['perm_secret']);

        // Redirect user to homepage for a clean URL
        session_regenerate_id(true);
        $header_url = 'https://example.com/vox-populi/';
        header('Location: ' . $header_url);
        die();

    }

    // Authenticate via OAuth
    $client = new Tumblr\API\Client(
        $consumer_key,
        $consumer_secret,
        $token,
        $token_secret
    );

    // Set up a function to check if variables are blank later (this function accepts 0, 0.0, and "0" as valid)
    function not_blank($value) {
        return !empty($value) && isset($value) && $value !== '';
    }

    // Grab the callback URL
    $url = $_GET['callback'];
    if (!not_blank($url)) {
        $url = 'Location: https://example.com/vox-populi/';
    }

    // See what action we need to do
    $action = $_GET['action'];
    if (!not_blank($action)) {
        header('Location: ' . $url);
        die();
    }

    // Follow a new blog
    if ($action == "follow") {
        $blogName = $_GET['blog_name'];
        if(not_blank($blogName)) {
            $client->follow($blogName);
            print 'success';
        } else {
            print 'failure';
        }
    }

    // Unfollow a blog
    if ($action == "unfollow") {
        $blogName = $_GET['blog_name'];
        if(not_blank($blogName)) {
            $client->unfollow($blogName);
            print 'success';
        } else {
            print 'failure';
        }
    }

    // Like a post
    if ($action == "like") {
        $postId = $_GET['post_id'];
        $reblogKey = $_GET['reblog_key'];
        if(not_blank($postId) && not_blank($reblogKey)) {
            $client->like($postId, $reblogKey);
            print 'success';
        } else {
            print 'failure';
        }
    }

    // Unlike a post
    if ($action == "unlike") {
        $postId = $_GET['post_id'];
        $reblogKey = $_GET['reblog_key'];
        if(not_blank($postId) && not_blank($reblogKey)) {
            $client->unlike($postId, $reblogKey);
            print 'success';
        } else {
            print 'failure';
        }
    }

    // Reblog a post
    if ($action == "reblog") {
        $blogName = $_GET['blog_name'];
        $id = $_GET['id'];
        $reblogKey = $_GET['reblog_key'];
        if(not_blank($blogName) && not_blank($id) && not_blank($reblogKey)) {
            $client->reblogPost($blogName, $id, $reblogKey);
            print 'success';
        } else {
            print 'failure';
        }
    }

    // Unreblog a post
    if ($action == "reblog") {
        $blogName = $_GET['blog_name'];
        $id = $_GET['id'];
        $reblogKey = $_GET['reblog_key'];
        if(not_blank($blogName) && not_blank($id) && not_blank($reblogKey)) {
            $client->deletePost($blogName, $id, $reblogKey);
            print 'success';
        } else {
            print 'failure';
        }
    }
?>