daily pastebin goal
59%
SHARE
TWEET

Untitled

a guest Jan 23rd, 2019 55 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. require_once('libs/smarty/Smarty.class.php');
  3. include($_SERVER['DOCUMENT_ROOT'].'/engine/classes/Auth.php');
  4.  
  5. $auth = new Auth();
  6. $smarty = new Smarty;
  7.  
  8. $smarty->debugging = false;
  9. $smarty->caching = false;
  10. $smarty->setTemplateDir($_SERVER['DOCUMENT_ROOT'].'/templates/');
  11. ?>
  12. <html>
  13. <head>
  14. <meta charset="utf-8">
  15. <link rel="shortcut icon" href="/libs/images/favicon.png" type="image/png">
  16. </head>
  17. </html>
  18. <?php
  19. if(!$_GET['page']) $page = "index";
  20. else $page = $_GET['go'];
  21.  
  22. switch($_REQUEST['go']) {
  23.     case "rarity":
  24.         $smarty->assign('page', "rarity");
  25.     break;
  26.     case "devices":
  27.         $smarty->assign('page', "devices");
  28.     break;
  29.     case "anime":
  30.         $smarty->assign('page', "anime");
  31.     break;
  32.     case "checker":
  33.         $smarty->assign('page', "checker");
  34.     break;
  35.     case "success":
  36.         $smarty->assign('page', "success");
  37.     break;
  38.     case "fail":
  39.         $smarty->assign('page', "fail");
  40.     break;
  41.     case "dev":
  42.         $smarty->assign('page', "dev");
  43.     break;
  44.     case "notfound":
  45.         $smarty->assign('page', "notfound");
  46.     break;
  47. }
  48. if(!$auth->is_perm($page)) $smarty->assign('error', "403"); ///////////////
  49. else {
  50.     $smarty->assign('user', $auth->user());
  51.     $smarty->assign('page', $page);
  52. }
  53. $smarty->display('main.html');
  54. ?>
  55.    
  56. <?php
  57. session_start();
  58. class Auth
  59. {
  60.  
  61.     public function __construct(){
  62.         require_once($_SERVER['DOCUMENT_ROOT'].'/engine/config.php');
  63.         $this->cfg = $config;
  64.         $this->db = new mysqli($this->cfg['db']['db_host'], $this->cfg['db']['db_user'], $this->cfg['db']['db_pass'], $this->cfg['db']['db_name']);
  65.         if($this->db->connect_error){
  66.             die("Couldn't connect to MySQLi: ".$this->db->connect_error);
  67.         }
  68.         if (!$this->db->set_charset("utf8")) {
  69.             die("Ошибка при загрузке набора символов utf8: ".$this->db->error);
  70.         }
  71.     }
  72.  
  73.     public function is_perm($page) {
  74.         $query = $this->engine->query_result("SELECT * FROM `access` WHERE `user` = '".(int)$_SESSION['phpmc_uid']."' ORDER BY id DESC");
  75.  
  76.         if(!isset($query)) return false;
  77.             if($query->access == "*"){
  78.                 return true;
  79.             } else {
  80.                 foreach (explode(',', $query->access) as $p) {
  81.                     if($p == $page)
  82.                     {
  83.                         return true;
  84.                     }
  85.                 }
  86.             }
  87.     }
  88.  
  89.     public function generate_hash() {
  90.         $chars="qazxswedcvfrtgbnhyujmkiolp1234567890QAZXSWEDCVFRTGBNHYUJMKIOLP";
  91.         $max=10;
  92.         $size=StrLen($chars)-1;
  93.         $hash=null;
  94.         while($max--) $hash.=$chars[rand(0,$size)];
  95.         return $hash;
  96.     }
  97.  
  98.     public function get_nick($user='') {
  99.         if(!$user) $user = (int)$_SESSION['phpmc_uid'];
  100.  
  101.         $query = $this->engine->query_result("SELECT * FROM `access` WHERE `user` = '".(int)$user."' ORDER BY id DESC");
  102.  
  103.         return $query->nick;
  104.     }
  105.  
  106.     public function user($user='') {
  107.         if(!$user) $user = (int)$_SESSION['phpmc_id'];
  108.         $info = $this->engine->query_result("SELECT * FROM `users` WHERE `id` = '".(int)$user."' ORDER BY id DESC");
  109.         return array(
  110.             'id' => $info->id,
  111.             'first_name' => $info->first_name,
  112.             'last_name' => $info->last_name,
  113.             'uid' => $info->uid,
  114.             'nick' => $this->get_nick((int)$info->uid)
  115.         );
  116.     }
  117. }
  118. ?>
  119.    
  120. <?php
  121. require_once $_SERVER['DOCUMENT_ROOT'].'/engine/classes/Auth.php';
  122. $auth = new Console();
  123.     if(isset($_GET['code'])){
  124.         $params = array(
  125.             'v'             => '5.71',
  126.             'client_id'     => $auth->engine->cfg['console']['vk_id'],
  127.             'client_secret' =>  $auth->engine->cfg['console']['vk_secret'],
  128.             'code'          => $_GET['code'],
  129.             'redirect_uri'  => 'https://'.$auth->engine->cfg['console']['auth_url'].'/auth.php'
  130.         );
  131.         $token = json_decode(file_get_contents('https://oauth.vk.com/access_token?' . urldecode(http_build_query($params))), true);
  132.         if(isset($token['access_token'])){
  133.             $params = array(
  134.                 'uids'         => $token['user_id'],
  135.                 'v'            => '5.71',
  136.                 'fields'       => 'uid,first_name,last_name,photo_200_orig,photo_200',
  137.                 'access_token' => $token['access_token']
  138.             );
  139.             $userInfo = json_decode(file_get_contents('https://api.vk.com/method/users.get?'.urldecode(http_build_query($params))), true);
  140.  
  141.             if(isset($userInfo['response'][0]['id'])) $userInfo = $userInfo['response'][0];
  142.  
  143.             $q = $auth->engine->query_result("SELECT * FROM `users` WHERE uid = '".$userInfo['id']."'");
  144.             $hash = md5($auth->generate_hash());
  145.             if(isset($q->uid)){
  146.                 $auth->engine->query("UPDATE `users` SET hash = '".$hash."' WHERE uid = '".$userInfo['id']."'");
  147.                 $_SESSION['phpmc_id'] = $q->id;
  148.                 $_SESSION['phpmc_uid'] = $q->uid;
  149.                 $_SESSION['phpmc_hash'] = $hash;
  150.             }else{
  151.                 $auth->engine->query("INSERT INTO `users`(`first_name`, `last_name`, `hash`, `uid`) VALUES ('{$userInfo['first_name']}', '{$userInfo['last_name']}', '{$hash}', '{$userInfo['id']}')");
  152.                 $_SESSION['phpmc_id'] = $auth->engine->db->insert_id;
  153.                 $_SESSION['phpmc_uid'] = $userInfo['id'];
  154.                 $_SESSION['phpmc_hash'] = $hash;
  155.             }
  156.             $auth->engine->redirect("https://".$auth->engine->cfg['console']['auth_url']);
  157.             exit;
  158.         } else echo "Токен не получен";
  159.     }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top