remove direct calls to wp-load.php

Frique · Jan 26, 2014 · b3b42ab · b3b42ab
1 parent 6874f19
commit b3b42ab
Show file tree

Hide file tree

Showing 11 changed files with 69 additions and 27 deletions.
diff --git a/constants.php b/constants.php
@@ -1,8 +1,5 @@
 <?php
-require_once( dirname( dirname( dirname( dirname( __FILE__ )))) . '/wp-load.php' );
 
 if( !defined( 'SOCIAL_CONNECT_PLUGIN_URL' )) {
   define( 'SOCIAL_CONNECT_PLUGIN_URL', plugins_url() . '/' . basename( dirname( __FILE__ )));
 }
-
-?>
diff --git a/facebook/callback.php b/facebook/callback.php
@@ -11,7 +11,7 @@
   $client_id = get_option('social_connect_facebook_api_key');
   $secret_key = get_option('social_connect_facebook_secret_key');
   parse_str(sc_curl_get_contents("https://graph.facebook.com/oauth/access_token?" .
-    'client_id=' . $client_id . '&redirect_uri=' . urlencode(SOCIAL_CONNECT_PLUGIN_URL . '/facebook/callback.php') .
+    'client_id=' . $client_id . '&redirect_uri=' . home_url('index.php?social-connect=facebook-callback') .
     '&client_secret=' .  $secret_key .
     '&code=' . urlencode($code)));
 

diff --git a/google/connect.php b/google/connect.php
@@ -8,9 +8,12 @@
 		$openid = new LightOpenID;
 		$openid->identity = 'https://www.google.com/accounts/o8/id';
 		$openid->required = array('namePerson/first', 'namePerson/last', 'contact/email');
+		$openid->returnUrl = home_url('index.php?social-connect=google');
 		header('Location: ' . $openid->authUrl());
+		die();
 	} else {
 		$openid = new LightOpenID;
+		$openid->returnUrl = home_url('index.php?social-connect=google');
 		if ($openid->validate()) {
 			$google_id = $openid->identity;
 			$attributes = $openid->getAttributes();

diff --git a/media/js/connect.js b/media/js/connect.js
@@ -35,7 +35,7 @@ jQuery.noConflict();
 			var context = $(e.target).parents('.social_connect_wordpress_form')[0];
 			var blog_name = $('.wordpress_blog_url', context).val();
 			var blog_url = "http://" + blog_name + ".wordpress.com";
-			redirect_uri = redirect_uri + "?wordpress_blog_url=" + encodeURIComponent(blog_url);
+			redirect_uri = redirect_uri + "&wordpress_blog_url=" + encodeURIComponent(blog_url);
 
 			window.open(redirect_uri,'','scrollbars=yes,menubar=no,height=400,width=800,resizable=yes,toolbar=no,status=no');
 		};

diff --git a/social-connect.php b/social-connect.php
@@ -7,8 +7,7 @@
 Author: Brent Shepherd and Rodrigo Primo
 Author URI: http://wordpress.org/extend/plugins/social-connect/
 License: GPL2
- */
-
+*/
 
 /** 
  * Check technical requirements are fulfilled before activating.
@@ -53,6 +52,54 @@ function sc_social_connect_l10n() {
 require_once( dirname( __FILE__ ) . '/admin.php' );
 require_once( dirname( __FILE__ ) . '/ui.php' );
 
+/**
+ * Add valid query vars to WordPress for Social Connect.
+ */
+function sc_query_vars($vars) {
+	$vars[] = 'social-connect';
+	return $vars;
+}
+add_action('query_vars', 'sc_query_vars');
+
+/**
+ * Parse the WordPress request. If the query var 'social-connect' is present,
+ * then handle the request accordingly.
+ *
+ * @param WP $wp WP instance for the current request
+ */
+function sc_parse_request($wp) {
+	if (array_key_exists('social-connect', $wp->query_vars)) {
+		if (!session_id()) {
+			session_start();
+		}
+
+		switch ($wp->query_vars['social-connect']) {
+			case 'twitter':
+				require_once 'twitter/connect.php';
+				break;
+			case 'twitter-callback':
+				require_once 'twitter/callback.php';
+				break;
+			case 'facebook-callback':
+				require_once 'facebook/callback.php';
+				break;
+			case 'google':
+				require_once 'google/connect.php';
+				break;
+			case 'yahoo':
+				require_once 'yahoo/connect.php';
+				break;
+			case 'wordpress':
+				require_once 'wordpress/connect.php';
+				break;
+			default:
+				break;
+		}
+
+		wp_die();
+	}
+}
+add_action('parse_request', 'sc_parse_request');
 
 function sc_social_connect_process_login( $is_ajax = false ){
 	if ( isset( $_REQUEST[ 'redirect_to' ] ) && $_REQUEST[ 'redirect_to' ] != '' ) {
@@ -294,5 +341,3 @@ function sc_filter_avatar($avatar, $id_or_email, $size, $default, $alt) {
 	return $return;
 }
 add_filter('get_avatar', 'sc_filter_avatar', 10, 5);
-
-?>
diff --git a/twitter/callback.php b/twitter/callback.php
@@ -1,15 +1,10 @@
 <?php
 
-require_once(dirname(dirname(dirname(dirname(dirname(__FILE__))))) . '/wp-load.php');
-require_once(dirname(dirname(__FILE__)) . '/utils.php' );
+require_once dirname( __FILE__ ) . '/../utils.php';
 
 define('CONSUMER_KEY', get_option('social_connect_twitter_consumer_key'));
 define('CONSUMER_SECRET', get_option('social_connect_twitter_consumer_secret'));
 
-if (!session_id()) {
-    session_start();
-}
-
 /**
  * Take the user when they return from Twitter. Get access tokens.
  * Verify credentials and redirect to based on response from Twitter.

diff --git a/twitter/connect.php b/twitter/connect.php
@@ -1,15 +1,10 @@
 <?php
-require_once(dirname(dirname(dirname(dirname(dirname(__FILE__))))) . '/wp-load.php');
-
-if (!session_id()) {
-    session_start();
-}
 
 require_once('twitteroauth/twitteroauth.php');
 
 define('CONSUMER_KEY', get_option('social_connect_twitter_consumer_key'));
 define('CONSUMER_SECRET', get_option('social_connect_twitter_consumer_secret'));
-define('OAUTH_CALLBACK', SOCIAL_CONNECT_PLUGIN_URL . '/twitter/callback.php');
+define( 'OAUTH_CALLBACK', home_url( 'index.php?social-connect=twitter-callback' ) );
 
 if (CONSUMER_KEY != '' && CONSUMER_SECRET != '') {
 	/* Build TwitterOAuth object with client credentials. */
@@ -19,6 +14,7 @@
 	$request_token = $connection->getRequestToken(OAUTH_CALLBACK);
 	$_SESSION['oauth_token'] = $token = $request_token['oauth_token'];
 	$_SESSION['oauth_token_secret'] = $request_token['oauth_token_secret'];
+
 	/* If last connection failed don't display authorization link. */
 	switch ($connection->http_code) {
 		case 200:

diff --git a/ui.php b/ui.php
@@ -52,12 +52,13 @@ function sc_render_login_form_social_connect( $args = NULL ) {
 			do_action ('social_connect_auth'); ?>
 			<div id="social_connect_facebook_auth">
 				<input type="hidden" name="client_id" value="<?php echo get_option( 'social_connect_facebook_api_key' ); ?>" />
-				<input type="hidden" name="redirect_uri" value="<?php echo urlencode( SOCIAL_CONNECT_PLUGIN_URL . '/facebook/callback.php' ); ?>" />
+				<input type="hidden" name="redirect_uri" value="<?php echo home_url('index.php?social-connect=facebook-callback'); ?>" />
 			</div>
-			<div id="social_connect_twitter_auth"><input type="hidden" name="redirect_uri" value="<?php echo( SOCIAL_CONNECT_PLUGIN_URL . '/twitter/connect.php' ); ?>" /></div>
-			<div id="social_connect_google_auth"><input type="hidden" name="redirect_uri" value="<?php echo( SOCIAL_CONNECT_PLUGIN_URL . '/google/connect.php' ); ?>" /></div>
-			<div id="social_connect_yahoo_auth"><input type="hidden" name="redirect_uri" value="<?php echo( SOCIAL_CONNECT_PLUGIN_URL . '/yahoo/connect.php' ); ?>" /></div>
-			<div id="social_connect_wordpress_auth"><input type="hidden" name="redirect_uri" value="<?php echo( SOCIAL_CONNECT_PLUGIN_URL . '/wordpress/connect.php' ); ?>" /></div>
+
+			<div id="social_connect_twitter_auth"><input type="hidden" name="redirect_uri" value="<?php echo home_url('index.php?social-connect=twitter'); ?>" /></div>
+			<div id="social_connect_google_auth"><input type="hidden" name="redirect_uri" value="<?php echo home_url('index.php?social-connect=google'); ?>" /></div>
+			<div id="social_connect_yahoo_auth"><input type="hidden" name="redirect_uri" value="<?php echo home_url('index.php?social-connect=yahoo'); ?>" /></div>
+			<div id="social_connect_wordpress_auth"><input type="hidden" name="redirect_uri" value="<?php echo home_url('index.php?social-connect=wordpress'); ?>" /></div>
 
 			<div class="social_connect_wordpress_form" title="WordPress">
 				<p><?php _e( 'Enter your WordPress.com blog URL', 'social_connect' ); ?></p><br />

diff --git a/utils.php b/utils.php
@@ -1,5 +1,4 @@
 <?php
-require_once( dirname( dirname( dirname( dirname( __FILE__ ) ) ) ) . '/wp-load.php' );
 
 function social_connect_get_user_by_meta( $meta_key, $meta_value ) {
 	global $wpdb;

diff --git a/wordpress/connect.php b/wordpress/connect.php
@@ -8,7 +8,9 @@
 		$openid = new LightOpenID;
 		$openid->identity = urldecode($_GET['wordpress_blog_url']);
 		$openid->required = array('namePerson', 'namePerson/friendly', 'contact/email');
+		$openid->returnUrl = home_url('index.php?social-connect=wordpress');
 		header('Location: ' . $openid->authUrl());
+		die();
 	} elseif($_GET['openid_mode'] == 'cancel') {
 		?>
 		<html>
@@ -19,6 +21,7 @@
 		<?php
 	} else {
 		$openid = new LightOpenID;
+		$openid->returnUrl = home_url('index.php?social-connect=wordpress');
 		if ($openid->validate()) {
 			$wordpress_id = $openid->identity;
 			$attributes = $openid->getAttributes();

diff --git a/yahoo/connect.php b/yahoo/connect.php
@@ -8,9 +8,12 @@
 		$openid = new LightOpenID;
 		$openid->identity = 'me.yahoo.com';
 		$openid->required = array('namePerson', 'namePerson/friendly', 'contact/email');
+		$openid->returnUrl = home_url('index.php?social-connect=yahoo');
 		header('Location: ' . $openid->authUrl());
+		die();
 	} else {
 		$openid = new LightOpenID;
+		$openid->returnUrl = home_url('index.php?social-connect=yahoo');
 		if ($openid->validate()) {
 			$yahoo_id = $openid->identity;
 			$attributes = $openid->getAttributes();