daily pastebin goal
9%
SHARE
TWEET

Untitled

a guest Dec 7th, 2017 51 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. function facebook() {
  2.     if($this->fbapp) {
  3.         $getToken = $this->getFbToken($this->fbappid, $this->fbappsecret, $this->url.'/requests/connect.php?facebook=true', $this->fbcode);
  4.         $user = $this->parseFbInfo($getToken['access_token']);
  5.  
  6.         if($getToken == null || $_SESSION['state'] == null || ($_SESSION['state'] != $this->fbstate) || empty($user->email)) {
  7.             header("Location: ".$this->url);
  8.         }
  9.         if(!empty($user->email)) {
  10.             $this->email = $user->email;
  11.  
  12.             $this->first_name = $user->first_name;
  13.             $this->last_name = $user->last_name;
  14.             $checkEmail = $this->verify_if_email_exists(1);
  15.  
  16.             // If user already exist
  17.             if($checkEmail) {
  18.                 // Set sessions and log-in
  19.                 $_SESSION['username'] = $checkEmail['username'];
  20.                 $_SESSION['password'] = $checkEmail['password'];
  21.  
  22.                 // Redirect user
  23.                 header("Location: ".$this->url);
  24.             } else {
  25.                 $this->profile_image = $this->parseFbPicture($getToken['access_token']);
  26.                 $this->generateUsername();
  27.                 $this->password = $this->generatePassword(8);
  28.                 $this->query();
  29.  
  30.                 $_SESSION['username'] = $this->username;
  31.                 $_SESSION['password'] = md5($this->password);
  32.  
  33.                 return 1;
  34.             }
  35.         }
  36.     }
  37. }
  38.  
  39. function generateUsername($type = null) {
  40.     // If type is set, generate a random username
  41.     if($type) {
  42.         $this->username = $this->parseUsername().rand(0, 999);
  43.     } else {
  44.         $this->username = $this->parseUsername();
  45.     }
  46.  
  47.     // Replace the '.' sign with '_' (allows @user_mention)
  48.     $this->username = str_replace('.', '_', $this->username);
  49.  
  50.     // Check if the username exists
  51.     $checkUser = $this->verify_if_user_exist();
  52.  
  53.     if($checkUser) {
  54.         $this->generateUsername(1);
  55.     }
  56. }
  57.  
  58. function parseUsername() {
  59.     if(ctype_alnum($this->first_name) && ctype_alnum($this->last_name)) {
  60.         return $this->username = $this->first_name.'.'.$this->last_name;
  61.     } elseif(ctype_alnum($this->first_name)) {
  62.         return $this->first_name;
  63.     } elseif(ctype_alnum($this->last_name)) {
  64.         return $this->last_name;
  65.     } else {
  66.         // Parse email address
  67.         $email = explode('@', $this->email);
  68.         $email = preg_replace("/[^a-z0-9]+/i", "", $email[0]);
  69.         if(ctype_alnum($email)) {
  70.             return $email;
  71.         } else {
  72.             return rand(0, 9999);
  73.         }
  74.     }
  75. }
  76.  
  77. function generatePassword($length) {
  78.     // Allowed characters
  79.     $chars = str_split("abcdefghijklmnopqrstuvwxyz0123456789");
  80.  
  81.     // Generate password
  82.     for($i = 1; $i <= $length; $i++) {
  83.         // Get a random character
  84.         $n = array_rand($chars, 1);
  85.  
  86.         // Store random char
  87.         $password .= $chars[$n];
  88.     }
  89.     return $password;
  90. }
  91.  
  92. function getFbToken($app_id, $app_secret, $redirect_url, $code) {
  93.     // Build the token URL
  94.     $url = 'https://graph.facebook.com/oauth/access_token?client_id='.$app_id.'&redirect_uri='.urlencode($redirect_url).'&client_secret='.$app_secret.'&code='.$code;
  95.  
  96.     // Get the file
  97.     $response = json_decode(fetch($url), true);
  98.  
  99.     // Return parameters
  100.     return $response;
  101. }
  102.  
  103. function parseFbInfo($access_token) {
  104.     // Build the Graph URL
  105.     $url = "https://graph.facebook.com/me?fields=id,email,first_name,gender,last_name,link,locale,name,timezone,updated_time,verified&access_token=".$access_token;
  106.  
  107.     // Get the file
  108.     $user = json_decode(fetch($url));
  109.  
  110.     // Return user
  111.     if($user != null && isset($user->name)) {
  112.         return $user;
  113.     }
  114.     return null;
  115. }
  116.  
  117. function parseFbPicture($access_token) {
  118.     // Build the Graph URL
  119.     $url = "https://graph.facebook.com/me/picture?width=500&height=500&access_token=".$access_token;
  120.  
  121.     // Get the image
  122.     $image = fetch($url);
  123.  
  124.     // Generate the file name
  125.     $file_name = mt_rand().'_'.mt_rand().'_'.mt_rand().'.jpg';
  126.     $file_path = __DIR__ .'/../uploads/avatars/';
  127.  
  128.     // Create the file
  129.     $fp = fopen($file_path.$file_name, 'wb');
  130.  
  131.     // If the file can't be written
  132.     if(!file_exists($file_path.$file_name)) {
  133.         // Return the file name
  134.         return false;
  135.     }
  136.  
  137.     // Write the image
  138.     fwrite($fp, $image);
  139.  
  140.     // Close
  141.     fclose($fp);
  142.  
  143.     // Return the filename
  144.     return $file_name;
  145. }
  146.  
  147. function process() {
  148.     global $LNG;
  149.  
  150.     // Prevents bypassing the FILTER_VALIDATE_EMAIL
  151.     $this->email = htmlspecialchars($this->email, ENT_QUOTES, 'UTF-8');
  152.  
  153.     $arr = $this->validate_values(); // Must be stored in a variable before executing an empty condition
  154.     if(empty($arr)) { // If there is no error message then execute the query;
  155.         $this->query();
  156.  
  157.         // Set a session and log-in the user
  158.         $_SESSION['username'] = $this->username;
  159.         $_SESSION['password'] = md5($this->password);
  160.  
  161.         // Return (int) 1 if everything was validated
  162.         return 1;
  163.  
  164.         // return $LNG['user_success'];
  165.     } else { // If there is an error message
  166.         foreach($arr as $err) {
  167.             return notificationBox('error', $LNG["$err"], 1); // Return the error value for translation file
  168.         }
  169.     }  
  170. }
  171.  
  172. function verify_if_user_exist() {
  173.     $query = sprintf("SELECT `username` FROM `users` WHERE `username` = '%s'", $this->db->real_escape_string(mb_strtolower($this->username)));
  174.     $result = $this->db->query($query);
  175.  
  176.     return ($result->num_rows == 0 && !in_array(mb_strtolower($this->username), array('playlists', 'subscribers', 'subscriptions', 'about', 'messages'))) ? 0 : 1;
  177. }
  178.  
  179. function verify_accounts_per_ip() {
  180.     if($this->accounts_per_ip) {
  181.         $query = $this->db->query(sprintf("SELECT COUNT(`ip`) FROM `users` WHERE `ip` = '%s'", $this->db->real_escape_string(getUserIP())));
  182.  
  183.         $result = $query->fetch_row();
  184.         if($result[0] < $this->accounts_per_ip) {
  185.             return true;
  186.         } else {
  187.             return false;
  188.         }
  189.     } else {
  190.         return true;
  191.     }
  192. }
  193.  
  194. function verify_if_email_exists($type = null) {
  195.     // Type 0: Normal check
  196.     // Type 1: Facebook check & return type
  197.     if($type) {
  198.         $query = sprintf("SELECT `username`, `password` FROM `users` WHERE `email` = '%s'", $this->db->real_escape_string(mb_strtolower($this->email)));
  199.     } else {
  200.         $query = sprintf("SELECT `email` FROM `users` WHERE `email` = '%s'", $this->db->real_escape_string(mb_strtolower($this->email)));
  201.     }
  202.     $result = $this->db->query($query);
  203.  
  204.     if($type) {
  205.         return ($result->num_rows == 0) ? 0 : $result->fetch_assoc();
  206.     } else {
  207.         return ($result->num_rows == 0) ? 0 : 1;
  208.     }
  209. }
  210.  
  211. function verify_captcha() {
  212.     if($this->captcha_on) {
  213.         if($this->captcha == "{$_SESSION['captcha']}" && !empty($this->captcha)) {
  214.             return true;
  215.         } else {
  216.             return false;
  217.         }
  218.     } else {
  219.         return true;
  220.     }
  221. }
  222.  
  223. function validate_values() {
  224.     // Create the array which contains the Language variable
  225.     $error = array();
  226.  
  227.     // Define the Language variable for each type of error
  228.     if($this->verify_accounts_per_ip() == false) {
  229.         $error[] = 'user_limit';
  230.     }
  231.     if($this->verify_if_user_exist() !== 0) {
  232.         $error[] = 'user_exists';
  233.     }
  234.     if($this->verify_if_email_exists() !== 0) {
  235.         $error[] = 'email_exists';
  236.     }
  237.     if(empty($this->username) && empty($this->password) && empty($email)) {
  238.         $error[] = 'all_fields';
  239.     }
  240.     if(strlen($this->password) < 6) {
  241.         $error[] = 'password_too_short';
  242.     }
  243.     if(!ctype_alnum($this->username)) {
  244.         $error[] = 'user_alnum';
  245.     }
  246.     if(strlen($this->username) <= 2 || strlen($this->username) >= 33) {
  247.         $error[] = 'user_too_short';
  248.     }
  249.     if(!filter_var($this->email, FILTER_VALIDATE_EMAIL)) {
  250.         $error[] = 'invalid_email';
  251.     }
  252.     if($this->verify_captcha() == false) {
  253.         $error[] = 'invalid_captcha';
  254.     }
  255.  
  256.     return $error;
  257. }
  258.  
  259. function query() {
  260.     $query = sprintf("INSERT into `users` (`username`, `password`, `first_name`, `last_name`, `email`, `date`, `image`, `cover`, `online`, `ip`, `notificationl`, `notificationc`, `notificationd`, `notificationf`, `email_comment`, `email_like`, `email_new_friend`) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', 'default.png', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s');", $this->db->real_escape_string(mb_strtolower($this->username)), md5($this->db->real_escape_string($this->password)), $this->db->real_escape_string($this->first_name), $this->db->real_escape_string($this->last_name), $this->db->real_escape_string($this->email), date("Y-m-d H:i:s"), ($this->profile_image ? $this->profile_image : 'default.png'), time(), $this->db->real_escape_string(getUserIp()), 1, 1, 1, 1, $this->email_comment, $this->email_like, $this->email_new_friend);
  261.     $this->db->query($query);
  262. }
RAW Paste Data
Top