correct authentication and put the login/password in the config template.
<?php
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
/**
* include some common code (like we did in the 90s)
* People still do this? ;)
*/
include_once 'common.php';
if(!isset($_REQUEST['rep'])) {
$rep = $C_default_rep;
}
else {
$rep = $_REQUEST['rep'];
}
/**
* Someone's knocking at the door using the Callback URL - if they have
* some GET data, it might mean that someone's just approved OAuth access
* to their account, so we better exchange our current Request Token
* for a newly authorised Access Token. There is an outstanding Request Token
* to exchange, right?
*/
if (!empty($_GET) && isset($_SESSION['TWITTER_REQUEST_TOKEN'])) {
$token = $consumer->getAccessToken($_GET, unserialize($_SESSION['TWITTER_REQUEST_TOKEN']));
$_SESSION['TWITTER_ACCESS_TOKEN'] = serialize($token);
/**
* Now that we have an Access Token, we can discard the Request Token
*/
$_SESSION['TWITTER_REQUEST_TOKEN'] = null;
/**
* With Access Token in hand, let's try accessing the client again
*/
header('Location: ' . ( isset($_SESSION['TWITTER_REDIRECT_URL']) ? $_SESSION['TWITTER_REDIRECT_URL'] : ( URL_ROOT . "$rep/client.php" ) ) );
} else {
/**
* Mistaken request? Some malfeasant trying something?
*/
exit('Invalid callback request. Oops. Sorry.');
}