oauth apps/authorization management in settings page

mod/settings.php

@@ -47,6 +47,58 @@ function settings_post(&$a) {
 		return;
 	}
 
+	if(($a->argc > 1) && ($a->argv[1] === 'oauth') && x($_POST,'remove')){
+		$key = $_POST['remove'];
+		q("DELETE FROM tokens WHERE id='%s' AND uid=%d",
+			dbesc($key),
+			local_user());
+		goaway($a->get_baseurl()."/settings/oauth/");
+		return;			
+	}
+
+	if(($a->argc > 2) && ($a->argv[1] === 'oauth')  && ($a->argv[2] === 'edit') && x($_POST,'submit')) {
+		
+		$name   	= ((x($_POST,'name')) ? $_POST['name'] : '');
+		$key		= ((x($_POST,'key')) ? $_POST['key'] : '');
+		$secret		= ((x($_POST,'secret')) ? $_POST['secret'] : '');
+		$redirect	= ((x($_POST,'redirect')) ? $_POST['redirect'] : '');
+		$icon		= ((x($_POST,'icon')) ? $_POST['icon'] : '');
+		if ($name=="" || $key=="" || $secret==""){
+			notice(t("Missing some important data!"));
+			
+		} else {
+			if ($_POST['submit']==t("Update")){
+				$r = q("UPDATE clients SET
+							client_id='%s',
+							pw='%s',
+							name='%s',
+							redirect_uri='%s',
+							icon='%s',
+							uid=%d
+						WHERE client_id='%s'",
+						dbesc($key),
+						dbesc($secret),
+						dbesc($name),
+						dbesc($redirect),
+						dbesc($icon),
+						local_user(),
+						dbesc($key));
+			} else {
+				$r = q("INSERT INTO clients
+							(client_id, pw, name, redirect_uri, icon, uid)
+						VALUES ('%s','%s','%s','%s','%s',%d)",
+						dbesc($key),
+						dbesc($secret),
+						dbesc($name),
+						dbesc($redirect),
+						dbesc($icon),
+						local_user());
+			}
+		}
+		goaway($a->get_baseurl()."/settings/oauth/");
+		return;
+	}
+
 	if(($a->argc > 1) && ($a->argv[1] == 'addon')) {
 		call_hooks('plugin_settings_post', $_POST);
 		return;
@@ -358,10 +410,77 @@ function settings_content(&$a) {
 		
 	if(($a->argc > 1) && ($a->argv[1] === 'oauth')) {
 		
+		if(($a->argc > 2) && ($a->argv[2] === 'add')) {
+			$tpl = get_markup_template("settings_oauth_edit.tpl");
+			$o .= replace_macros($tpl, array(
+				'$tabs'		=> $tabs,
+				'$title'	=> t('Add application'),
+				'$submit'	=> t('Submit'),
+				'$cancel'	=> t('Cancel'),
+				'$name'		=> array('name', t('Name'), '', ''),
+				'$key'		=> array('key', t('Consumer Key'), '', ''),
+				'$secret'	=> array('secret', t('Consumer Secret'), '', ''),
+				'$redirect'	=> array('redirect', t('Redirect'), '', ''),
+				'$icon'		=> array('icon', t('Icon url'), '', ''),
+			));
+			return $o;
+		}
+		
+		if(($a->argc > 3) && ($a->argv[2] === 'edit')) {
+			$r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d",
+					dbesc($a->argv[3]),
+					local_user());
+			
+			if (!count($r)){
+				notice(t("You can't edit this application."));
+				return;
+			}
+			$app = $r[0];
+			
+			$tpl = get_markup_template("settings_oauth_edit.tpl");
+			$o .= replace_macros($tpl, array(
+				'$tabs'		=> $tabs,
+				'$title'	=> t('Add application'),
+				'$submit'	=> t('Update'),
+				'$cancel'	=> t('Cancel'),
+				'$name'		=> array('name', t('Name'), $app['name'] , ''),
+				'$key'		=> array('key', t('Consumer Key'), $app['client_id'], ''),
+				'$secret'	=> array('secret', t('Consumer Secret'), $app['pw'], ''),
+				'$redirect'	=> array('redirect', t('Redirect'), $app['redirect_uri'], ''),
+				'$icon'		=> array('icon', t('Icon url'), $app['icon'], ''),
+			));
+			return $o;
+		}
+		
+		if(($a->argc > 3) && ($a->argv[2] === 'delete')) {
+			$r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d",
+					dbesc($a->argv[3]),
+					local_user());
+			goaway($a->get_baseurl()."/settings/oauth/");
+			return;			
+		}
+		
+		
+		$r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my 
+				FROM clients
+				LEFT JOIN tokens ON clients.client_id=tokens.client_id
+				WHERE clients.uid IN (%d,0)",
+				local_user(),
+				local_user());
+		
+		
 		$tpl = get_markup_template("settings_oauth.tpl");
 		$o .= replace_macros($tpl, array(
+			'$baseurl'	=> $a->get_baseurl(),
 			'$title'	=> t('Connected Apps'),
+			'$add'		=> t('Add application'),
+			'$edit'		=> t('Edit'),
+			'$delete'		=> t('Delete'),
+			'$consumerkey' => t('Client key starts with'),
+			'$noname'	=> t('No name'),
+			'$remove'	=> t('Remove authorization'),
 			'$tabs'		=> $tabs,
+			'$apps'		=> $r,
 		));
 		return $o;
 		

view/settings_oauth.tpl

@@ -3,8 +3,30 @@ $tabs
 <h1>$title</h1>
 
 
-<form action="settings/addon" method="post" autocomplete="off">
+<form action="settings/oauth" method="post" autocomplete="off">
+	
+	<div id="profile-edit-links">
+		<ul>
+			<li>
+				<a id="profile-edit-view-link" href="$baseurl/settings/oauth/add">$add</a>
+			</li>
+		</ul>
+	</div>
 
-$settings_addons
+	{{ for $apps as $app }}
+	<div class='oauthapp'>
+		<img src='$app.icon' class="{{ if $app.icon }} {{ else }}noicon{{ endif }}">
+		{{ if $app.name }}<h4>$app.name</h4>{{ else }}<h4>$noname</h4>{{ endif }}
+		{{ if $app.my }}
+			{{ if $app.oauth_token }}
+			<div class="settings-submit-wrapper" ><button class="settings-submit"  type="submit" name="remove" value="$app.oauth_token">$remove</button></div>
+			{{ endif }}
+		{{ endif }}
+		{{ if $app.my }}
+		<a href="$baseurl/settings/oauth/edit/$app.client_id" class="icon edit" title="$edit">&nbsp;</a>
+		<a href="$baseurl/settings/oauth/delete/$app.client_id" class="icon drop" title="$delete">&nbsp;</a>
+		{{ endif }}		
+	</div>
+	{{ endfor }}
 
 </form>

view/settings_oauth_edit.tpl

@@ -0,0 +1,17 @@
+$tabs
+
+<h1>$title</h1>
+
+<form method="POST">
+{{ inc field_input.tpl with $field=$name }}{{ endinc }}
+{{ inc field_input.tpl with $field=$key }}{{ endinc }}
+{{ inc field_input.tpl with $field=$secret }}{{ endinc }}
+{{ inc field_input.tpl with $field=$redirect }}{{ endinc }}
+{{ inc field_input.tpl with $field=$icon }}{{ endinc }}
+
+<div class="settings-submit-wrapper" >
+<input type="submit" name="submit" class="settings-submit" value="$submit" />
+<input type="submit" name="cancel" class="settings-submit" value="$cancel" />
+</div>
+
+</form>