Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once('libs/smarty/Smarty.class.php');
- include($_SERVER['DOCUMENT_ROOT'].'/engine/classes/Auth.php');
- $auth = new Auth();
- $smarty = new Smarty;
- $smarty->debugging = false;
- $smarty->caching = false;
- $smarty->setTemplateDir($_SERVER['DOCUMENT_ROOT'].'/templates/');
- ?>
- <html>
- <head>
- <meta charset="utf-8">
- <link rel="shortcut icon" href="/libs/images/favicon.png" type="image/png">
- </head>
- </html>
- <?php
- if(!$_GET['page']) $page = "index";
- else $page = $_GET['go'];
- switch($_REQUEST['go']) {
- case "rarity":
- $smarty->assign('page', "rarity");
- break;
- case "devices":
- $smarty->assign('page', "devices");
- break;
- case "anime":
- $smarty->assign('page', "anime");
- break;
- case "checker":
- $smarty->assign('page', "checker");
- break;
- case "success":
- $smarty->assign('page', "success");
- break;
- case "fail":
- $smarty->assign('page', "fail");
- break;
- case "dev":
- $smarty->assign('page', "dev");
- break;
- case "notfound":
- $smarty->assign('page', "notfound");
- break;
- }
- if(!$auth->is_perm($page)) $smarty->assign('error', "403"); ///////////////
- else {
- $smarty->assign('user', $auth->user());
- $smarty->assign('page', $page);
- }
- $smarty->display('main.html');
- ?>
- <?php
- session_start();
- class Auth
- {
- public function __construct(){
- require_once($_SERVER['DOCUMENT_ROOT'].'/engine/config.php');
- $this->cfg = $config;
- $this->db = new mysqli($this->cfg['db']['db_host'], $this->cfg['db']['db_user'], $this->cfg['db']['db_pass'], $this->cfg['db']['db_name']);
- if($this->db->connect_error){
- die("Couldn't connect to MySQLi: ".$this->db->connect_error);
- }
- if (!$this->db->set_charset("utf8")) {
- die("Ошибка при загрузке набора символов utf8: ".$this->db->error);
- }
- }
- public function is_perm($page) {
- $query = $this->engine->query_result("SELECT * FROM `access` WHERE `user` = '".(int)$_SESSION['phpmc_uid']."' ORDER BY id DESC");
- if(!isset($query)) return false;
- if($query->access == "*"){
- return true;
- } else {
- foreach (explode(',', $query->access) as $p) {
- if($p == $page)
- {
- return true;
- }
- }
- }
- }
- public function generate_hash() {
- $chars="qazxswedcvfrtgbnhyujmkiolp1234567890QAZXSWEDCVFRTGBNHYUJMKIOLP";
- $max=10;
- $size=StrLen($chars)-1;
- $hash=null;
- while($max--) $hash.=$chars[rand(0,$size)];
- return $hash;
- }
- public function get_nick($user='') {
- if(!$user) $user = (int)$_SESSION['phpmc_uid'];
- $query = $this->engine->query_result("SELECT * FROM `access` WHERE `user` = '".(int)$user."' ORDER BY id DESC");
- return $query->nick;
- }
- public function user($user='') {
- if(!$user) $user = (int)$_SESSION['phpmc_id'];
- $info = $this->engine->query_result("SELECT * FROM `users` WHERE `id` = '".(int)$user."' ORDER BY id DESC");
- return array(
- 'id' => $info->id,
- 'first_name' => $info->first_name,
- 'last_name' => $info->last_name,
- 'uid' => $info->uid,
- 'nick' => $this->get_nick((int)$info->uid)
- );
- }
- }
- ?>
- <?php
- require_once $_SERVER['DOCUMENT_ROOT'].'/engine/classes/Auth.php';
- $auth = new Console();
- if(isset($_GET['code'])){
- $params = array(
- 'v' => '5.71',
- 'client_id' => $auth->engine->cfg['console']['vk_id'],
- 'client_secret' => $auth->engine->cfg['console']['vk_secret'],
- 'code' => $_GET['code'],
- 'redirect_uri' => 'https://'.$auth->engine->cfg['console']['auth_url'].'/auth.php'
- );
- $token = json_decode(file_get_contents('https://oauth.vk.com/access_token?' . urldecode(http_build_query($params))), true);
- if(isset($token['access_token'])){
- $params = array(
- 'uids' => $token['user_id'],
- 'v' => '5.71',
- 'fields' => 'uid,first_name,last_name,photo_200_orig,photo_200',
- 'access_token' => $token['access_token']
- );
- $userInfo = json_decode(file_get_contents('https://api.vk.com/method/users.get?'.urldecode(http_build_query($params))), true);
- if(isset($userInfo['response'][0]['id'])) $userInfo = $userInfo['response'][0];
- $q = $auth->engine->query_result("SELECT * FROM `users` WHERE uid = '".$userInfo['id']."'");
- $hash = md5($auth->generate_hash());
- if(isset($q->uid)){
- $auth->engine->query("UPDATE `users` SET hash = '".$hash."' WHERE uid = '".$userInfo['id']."'");
- $_SESSION['phpmc_id'] = $q->id;
- $_SESSION['phpmc_uid'] = $q->uid;
- $_SESSION['phpmc_hash'] = $hash;
- }else{
- $auth->engine->query("INSERT INTO `users`(`first_name`, `last_name`, `hash`, `uid`) VALUES ('{$userInfo['first_name']}', '{$userInfo['last_name']}', '{$hash}', '{$userInfo['id']}')");
- $_SESSION['phpmc_id'] = $auth->engine->db->insert_id;
- $_SESSION['phpmc_uid'] = $userInfo['id'];
- $_SESSION['phpmc_hash'] = $hash;
- }
- $auth->engine->redirect("https://".$auth->engine->cfg['console']['auth_url']);
- exit;
- } else echo "Токен не получен";
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement