$config = dirname(__FILE__) . '/vendor/hybridauth/config.php';
try {
$hybridauth = new Hybrid_Auth($config);
$adapter = $hybridauth->authenticate($provider);
$userProfile = $adapter->getUserProfile();
// determine if this is first time that user logs in via this social network
if ($register->registeredViaSocial($provider, $userProfile->identifier)) {
// user already exist and his account is connected with this provider, log him in
$user = $register->getBySocial($provider, $userProfile->identifier);
$login->byId($user['user_id']);
redirect(get_redirect_page());
} else {
// user is not registred via this social network, check if his email exist in db
// and associate his account with this provider
$validator = new ASValidator();
if ($validator->emailExist($userProfile->email)) {
// hey, this user is registered here, just associate social account with his email
$user = $register->getByEmail($userProfile->email);
$register->addSocialAccount($user['user_id'], $provider, $userProfile->identifier);
$login->byId($user['user_id']);
redirect(get_redirect_page());
} else {
// this is first time that user is registring on this webiste, create his account
$user = new ASUser(null);
// generate unique username
// for example, if two users with same display name (that is usually first and last name)
// are registred, they will have the same username, so we have to add some random number here
$username = str_replace(' ', '', $userProfile->displayName);
$tmpUsername = $username;
$i = 0;
$max = 50;
/**
* Validate user provided fields.
* @param $data User provided fieds and id's of those fields that will be used for displaying error messages on client side.
* @param bool $botProtection Should bot protection be validated or not
* @return array Array with errors if there are some, empty array otherwise.
*/
public function validateUser($data, $botProtection = true)
{
$id = $data['fieldId'];
$user = $data['userData'];
$errors = array();
$validator = new ASValidator();
//check if email is not empty
if ($validator->isEmpty($user['email'])) {
$errors[] = array("id" => $id['email'], "msg" => ASLang::get('email_required'));
}
//check if username is not empty
if ($validator->isEmpty($user['username'])) {
$errors[] = array("id" => $id['username'], "msg" => ASLang::get('username_required'));
}
//check if password is not empty
if ($validator->isEmpty($user['password'])) {
$errors[] = array("id" => $id['password'], "msg" => ASLang::get('password_required'));
}
//check if password and confirm password are the same
if ($user['password'] != $user['confirm_password']) {
$errors[] = array("id" => $id['confirm_password'], "msg" => ASLang::get('passwords_dont_match'));
}
//check if email format is correct
if (!$validator->emailValid($user['email'])) {
$errors[] = array("id" => $id['email'], "msg" => ASLang::get('email_wrong_format'));
}
//check if email is available
if ($validator->emailExist($user['email'])) {
$errors[] = array("id" => $id['email'], "msg" => ASLang::get('email_taken'));
}
//check if username is available
if ($validator->usernameExist($user['username'])) {
$errors[] = array("id" => $id['username'], "msg" => ASLang::get('username_taken'));
}
if ($botProtection) {
//bot protection
$sum = ASSession::get("bot_first_number") + ASSession::get("bot_second_number");
if ($sum != intval($user['bot_sum'])) {
$errors[] = array("id" => $id['bot_sum'], "msg" => ASLang::get('wrong_sum'));
}
}
return $errors;
}
/**
* Validate data provided during user update
* @param $data
* @return array
*/
private function _validateUserUpdate($data)
{
$id = $data['fieldId'];
$user = $data['userData'];
$errors = array();
$validator = new ASValidator();
$userInfo = $this->getInfo();
if ($userInfo == null) {
$errors[] = array("id" => $id['email'], "msg" => ASLang::get('user_dont_exist'));
return $errors;
}
//check if email is not empty
if ($validator->isEmpty($user['email'])) {
$errors[] = array("id" => $id['email'], "msg" => ASLang::get('email_required'));
}
//check if username is not empty
if ($validator->isEmpty($user['username'])) {
$errors[] = array("id" => $id['username'], "msg" => ASLang::get('username_required'));
}
//check if password and confirm password are the same
if (!$user['password'] == hash('sha512', '') && $user['password'] != $user['confirm_password']) {
$errors[] = array("id" => $id['confirm_password'], "msg" => ASLang::get('passwords_dont_match'));
}
//check if email format is correct
if (!$validator->emailValid($user['email'])) {
$errors[] = array("id" => $id['email'], "msg" => ASLang::get('email_wrong_format'));
}
//check if email is available
if ($user['email'] != $userInfo['email'] && $validator->emailExist($user['email'])) {
$errors[] = array("id" => $id['email'], "msg" => ASLang::get('email_taken'));
}
//check if username is available
if ($user['username'] != $userInfo['username'] && $validator->usernameExist($user['username'])) {
$errors[] = array("id" => $id['username'], "msg" => ASLang::get('username_taken'));
}
return $errors;
}
/**
* Send forgot password email.
* @param string $userEmail Provided email.
*/
public function forgotPassword($userEmail)
{
$validator = new ASValidator();
$errors = array();
//we only have one field to validate here
//so we don't need id's from other fields
if ($userEmail == "") {
$errors[] = ASLang::get('email_required');
}
if (!$validator->emailValid($userEmail)) {
$errors[] = ASLang::get('email_wrong_format');
}
if (!$validator->emailExist($userEmail)) {
$errors[] = ASLang::get('email_not_exist');
}
$login = new ASLogin();
if ($login->_isBruteForce()) {
$errors[] = ASLang::get('brute_force');
}
if (count($errors) == 0) {
//no validation errors
//generate password reset key
$key = $this->_generateKey();
//write key to db
$this->db->update('as_users', array("password_reset_key" => $key, "password_reset_confirmed" => 'N', "password_reset_timestamp" => date('Y-m-d H:i:s')), "`email` = :email", array("email" => $userEmail));
$login->increaseLoginAttempts();
//send email
$this->mailer->passwordResetEmail($userEmail, $key);
} else {
echo json_encode($errors);
}
//output json encoded errors
}
