class ModuleFacebookRegistration extends Module{ /** * Template * @v

1. class ModuleFacebookRegistration extends Module
2. {
3.  
4.     /**
5.      * Template
6.      * @var string
7.      */
8.     protected $strTemplate = 'mod_facebookRegistration';
9.  
10.     /**
11.      * Display a wildcard in the back end
12.      * @return string
13.      */
14.     public function generate()
15.     {
16.         if (TL_MODE == 'BE')
17.         {
18.             $objTemplate = new BackendTemplate('be_wildcard');
19.  
20.             $objTemplate->wildcard = '### USER FACEBOOK REGISTRATION ###';
21.             $objTemplate->title = $this->headline;
22.             $objTemplate->id = $this->id;
23.             $objTemplate->link = $this->name;
24.             $objTemplate->href = 'contao/main.php?do=themes&table=tl_module&act=edit&id=' . $this->id;
25.  
26.             return $objTemplate->parse();
27.         }
28.  
29.         $this->editable = deserialize($this->editable);
30.  
31.         // Return if there are no editable fields
32.         if (!is_array($this->editable) || count($this->editable) < 1 || FE_USER_LOGGED_IN)
33.         {
34.             //return '';
35.         }
36.        
37.         return parent::generate();
38.     }
39.  
40.  
41.     /**
42.      * Generate module
43.      */
44.     protected function compile()
45.     {
46.         global $objPage;
47.  
48.         $GLOBALS['TL_LANGUAGE'] = $objPage->language;
49.  
50.         $this->loadLanguageFile('tl_member');
51.         $this->loadDataContainer('tl_member');
52.  
53.         // Call onload_callback (e.g. to check permissions)
54.         if (is_array($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback']))
55.         {
56.             foreach ($GLOBALS['TL_DCA']['tl_member']['config']['onload_callback'] as $callback)
57.             {
58.                 if (is_array($callback))
59.                 {
60.                     $this->import($callback[0]);
61.                     $this->$callback[0]->$callback[1]();
62.                 }
63.             }
64.         }
65.  
66.         $this->Template->fields = '';
67.         $this->Template->tableless = $this->tableless;
68.         $doNotSubmit = false;
69.  
70.  
71.         $arrUser = array();
72.         $arrFields = array();
73.         $hasUpload = false;
74.         $i = 0;
75.  
76.         // Create new user if there are no errors and the signed request is correct
77.         if ($_REQUEST['signed_request'])
78.         {  
79.             $response = $this->parse_signed_request($_REQUEST['signed_request']);
80.             $arrUser = array(
81.                 'firstname' => $response['registration']['first_name'],
82.                 'lastname' => $response['registration']['last_name'],
83.                 'dateOfBirth' =>  strtotime($response['registration']['birthday']),
84.                 'gender' => $response['registration']['gender'],
85.                 'street' => $response['registration']['street'],
86.                 'postal' => $response['registration']['postal'],
87.                 'city' => $response['registration']['city'],
88.                 'email' => $response['registration']['email'],
89.                 'username' => $response['registration']['username'],
90.                 'fbUid' => $response['user_id'],
91.                 'password' => '829c3804401b0727f70f73d4415e162400cbe57b',
92.                 'mobile' => $response['registration']['phone']
93.             );
94.            
95.             // check if the user already exists
96.             $resultSettings     = $this->Database->prepare("SELECT fbUid FROM tl_member WHERE fbUid=?")
97.                                     ->execute($arrUser['fbUid'])->fbUid;
98.             if($resultSettings){
99.                 $this->jumpToOrReload($this->jumpTo);
100.                 exit;
101.             }
102.            
103.             // check if Email-Adress already exists and merge accounts
104.             $resultEmail    = $this->Database->prepare("SELECT email FROM tl_member WHERE email=?")
105.                                     ->execute($arrUser['email'])->email;
106.             if($resultEmail){
107.                 $this->mergeAccounts($arrUser);
108.                 $this->jumpToOrReload($this->jumpTo);
109.                 exit;
110.             }
111.            
112.             // its a new user
113.             $this->createNewUser($arrUser);
114.  
115.         }
116.  
117.  
118.         $this->Template->loginDetails = $GLOBALS['TL_LANG']['tl_member']['loginDetails'];
119.         $this->Template->addressDetails = $GLOBALS['TL_LANG']['tl_member']['addressDetails'];
120.         $this->Template->contactDetails = $GLOBALS['TL_LANG']['tl_member']['contactDetails'];
121.         $this->Template->personalData = $GLOBALS['TL_LANG']['tl_member']['personalData'];
122.         $this->Template->captchaDetails = $GLOBALS['TL_LANG']['MSC']['securityQuestion'];
123.  
124.         // Add groups
125.         foreach ($arrFields as $k=>$v)
126.         {
127.             $this->Template->$k = $v;
128.         }
129.  
130.         $this->Template->captcha = $arrFields['captcha'];
131.         $this->Template->formId = 'tl_registration';
132.         $this->Template->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['register']);
133.         $this->Template->action = $this->getIndexFreeRequest();
134.  
135.         // HOOK: add memberlist fields
136.         if (in_array('memberlist', $this->Config->getActiveModules()))
137.         {
138.             $this->Template->profile = $arrFields['profile'];
139.             $this->Template->profileDetails = $GLOBALS['TL_LANG']['tl_member']['profileDetails'];
140.         }
141.  
142.         // HOOK: add newsletter fields
143.         if (in_array('newsletter', $this->Config->getActiveModules()))
144.         {
145.             $this->Template->newsletter = $arrFields['newsletter'];
146.             $this->Template->newsletterDetails = $GLOBALS['TL_LANG']['tl_member']['newsletterDetails'];
147.         }
148.  
149.         // HOOK: add helpdesk fields
150.         if (in_array('helpdesk', $this->Config->getActiveModules()))
151.         {
152.             $this->Template->helpdesk = $arrFields['helpdesk'];
153.             $this->Template->helpdeskDetails = $GLOBALS['TL_LANG']['tl_member']['helpdeskDetails'];
154.         }
155.     }
156.  
157.     /**
158.      * function merges a user if the email-adress already exists
159.      *
160.      */
161.     public function mergeAccounts($arrUser){
162.         $this->Database->prepare("UPDATE tl_member SET firstname=? , lastname=?, dateOfBirth=?, gender=?, street=?,
163.                                     postal=?, city=?, email=?, username=?, fbUid=?, password=?, mobile=? WHERE email=?")
164.                         ->execute(
165.                         $arrUser['firstname'],
166.                         $arrUser['lastname'],
167.                         $arrUser['dateOfBirth'],
168.                         $arrUser['gender'],
169.                         $arrUser['street'],
170.                         $arrUser['postal'],
171.                         $arrUser['city'],
172.                         $arrUser['email'],
173.                         $arrUser['username'],
174.                         $arrUser['fbUid'],
175.                         $arrUser['password'],
176.                         $arrUser['mobile'],
177.                         $arrUser['email']
178.                         );
179.     }
180.    
181.     /**
182.      * Create a new user and redirect
183.      * @param array
184.      */
185.     protected function createNewUser($arrData)
186.     {
187.         $arrData['tstamp'] = time();
188.         $arrData['login'] = $this->reg_allowLogin;
189.         $arrData['activation'] = md5(uniqid(mt_rand(), true));
190.         $arrData['dateAdded'] = $arrData['tstamp'];
191.  
192.         // Set default groups
193.         if (!array_key_exists('groups', $arrData))
194.         {
195.             $arrData['groups'] = $this->reg_groups;
196.         }
197.  
198.         // Make sure newsletter is an array
199.         if (isset($arrData['newsletter']) && !is_array($arrData['newsletter']))
200.         {
201.             $arrData['newsletter'] = array($arrData['newsletter']);
202.         }
203.  
204.         // Create user
205.         $objNewUser = $this->Database->prepare("INSERT INTO tl_member %s")->set($arrData)->execute();
206.         $insertId = $objNewUser->insertId;
207.  
208.         // HOOK: send insert ID and user data
209.         if (isset($GLOBALS['TL_HOOKS']['createNewUser']) && is_array($GLOBALS['TL_HOOKS']['createNewUser']))
210.         {
211.             foreach ($GLOBALS['TL_HOOKS']['createNewUser'] as $callback)
212.             {
213.                 $this->import($callback[0]);
214.                 $this->$callback[0]->$callback[1]($insertId, $arrData);
215.             }
216.         }
217.  
218.         $this->jumpToOrReload($this->jumpTo);
219.     }
220.  
221.  
222.     private function parse_signed_request($signed_request) {
223.         $secret = '77c26c54b7ec722da01ed7b7284fac34';
224.         list($encoded_sig, $payload) = explode('.', $signed_request, 2);
225.  
226.         // decode the data
227.         $sig = $this->base64_url_decode($encoded_sig);
228.         $data = json_decode($this->base64_url_decode($payload), true);
229.                    
230.         if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
231.             error_log('Unknown algorithm. Expected HMAC-SHA256');
232.             return null;
233.         }
234.  
235.         // check sig
236.         $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
237.  
238.         if ($sig !== $expected_sig) {
239.                 error_log('Bad Signed JSON signature!');
240.                 return null;
241.         }
242.  
243.         return $data;
244.     }
245.  
246.     private function base64_url_decode($input) {
247.         return base64_decode(strtr($input, '-_', '+/'));
248.     }
249. }