function doProcess($action)
{
$results = new stdClass();
$values = new stdClass();
if ($action == 'check') {
$name = Request('name');
$value = Request('value');
if ($name == 'email') {
if (CheckEmail($value) == true) {
if ($this->db()->select($this->table->member)->where('email', $value)->has() == true) {
$results->success = false;
$results->message = $this->getLanguage('signup/help/email/duplicated');
} else {
$results->success = true;
}
} else {
$results->success = false;
$results->message = $this->getLanguage('signup/help/email/error');
}
}
if ($name == 'name') {
if (strlen($value) > 0) {
$results->success = true;
} else {
$results->success = false;
$results->message = $this->getLanguage('signup/help/name/error');
}
}
if ($name == 'nickname') {
if (CheckNickname($value) == true) {
if ($this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->has() == true) {
$results->success = false;
$results->message = $this->getLanguage('signup/help/nickname/duplicated');
} else {
$results->success = true;
}
} else {
$results->success = false;
$results->message = $this->getLanguage('signup/help/nickname/error');
}
}
if ($name == 'old_password') {
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} else {
$mHash = new Hash();
if ($mHash->password_validate($value, $this->getMember()->password) == true) {
$results->success = true;
$results->message = $this->getLanguage('password/help/old_password/success');
} else {
$results->success = false;
$results->message = $this->getLanguage('password/help/old_password/error');
}
}
}
}
if ($action == 'forceLogin') {
$code = Decoder(Request('code'));
if ($code === false) {
$results->success = false;
$results->message = $this->getLanguage('error/invalidCode');
} else {
$data = json_decode($code);
if ($data != null && $data->ip == $_SERVER['REMOTE_ADDR']) {
$this->login($data->idx);
$results->success = true;
} else {
$results->success = false;
$results->message = $this->getLanguage('error/invalidCode');
}
}
}
if ($action == 'login') {
$mHash = new Hash();
$email = Request('email');
$password = Request('password');
$results->errors = array();
$loginFail = Request('loginFail', 'session') != null && is_array(Request('loginFail', 'session')) == true ? Request('loginFail', 'session') : array('count' => 0, 'time' => 0);
if ($loginFail['time'] > time()) {
$results->success = false;
$results->message = $this->getLanguage('login/error/login');
} else {
$check = $this->db()->select($this->table->member)->where('email', $email)->getOne();
if ($check == null) {
$results->success = false;
$results->errors['email'] = $this->getLanguage('login/error/email');
$loginFail['count']++;
if ($loginFail['count'] == 5) {
$loginFail['count'] = 0;
$loginFail['time'] = time() + 60 * 60 * 5;
}
$values->email = $email;
$values->password = $password;
} elseif ($mHash->password_validate($password, $check->password) == false) {
$results->success = false;
$results->errors['password'] = $this->getLanguage('login/error/password');
$loginFail['count']++;
if ($loginFail['count'] == 5) {
$loginFail['count'] = 0;
$loginFail['time'] = time() + 60 * 60 * 5;
}
$values->email = $email;
$values->password = $password;
} else {
if ($check->status == 'ACTIVE') {
$this->db()->update($this->table->member, array('last_login' => time()))->where('idx', $check->idx)->execute();
$this->login($check->idx);
$results->success = true;
} elseif ($check->status == 'VERIFYING') {
$_SESSION['MEMBER_REGISTER_IDX'] = Encoder($check->idx);
$page = $this->getMemberPage('signup');
$results->success = false;
$results->redirect = $this->IM->getUrl($page->menu, $page->page, 'verify');
} else {
$results->success = false;
$results->message = $this->getLanguage('error/' . $check->status);
}
}
}
$_SESSION['loginFail'] = $loginFail;
}
if ($action == 'logout') {
unset($_SESSION['MEMBER_LOGGED']);
$results->success = true;
}
if ($action == 'cert') {
$results->success = true;
}
if ($action == 'signup') {
$errors = array();
$email = CheckEmail(Request('email')) == true ? Request('email') : ($errors['email'] = $this->getLanguage('signup/help/email/error'));
$password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error'));
if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) {
$errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error');
}
$name = CheckNickname(Request('name')) == true ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error'));
$nickname = CheckNickname(Request('nickname')) == true ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error'));
if ($this->db()->select($this->table->member)->where('email', $email)->has() == true) {
$errors['email'] = $this->getLanguage('signup/help/email/duplicated');
}
if ($this->db()->select($this->table->member)->where('nickname', $nickname)->has() == true) {
$errors['nickname'] = $this->getLanguage('signup/help/nickname/duplicated');
}
if (empty($errors) == true) {
$mHash = new Hash();
$insert = array();
$insert['gidx'] = Request('registerGIDX', 'session');
$insert['email'] = $email;
$insert['password'] = $mHash->password_hash($password);
$insert['name'] = $name;
$insert['nickname'] = $nickname;
$insert['status'] = 'VERIFYING';
$idx = $this->db()->insert($this->table->member, $insert)->execute();
if ($idx !== false) {
$results->success = true;
$_SESSION['MEMBER_REGISTER_IDX'] = Encoder($idx);
$this->sendVerifyEmail($idx);
unset($_SESSION['registerGIDX']);
} else {
$results->success = false;
}
} else {
$results->success = false;
$results->errors = $errors;
}
}
if ($action == 'verifyEmail') {
$registerIDX = Request('registerIDX');
if ($registerIDX == null) {
$results->success = false;
} else {
$email = Request('email');
$email_verify_code = Request('email_verify_code');
$check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne();
if ($check == null) {
$results->success = false;
$results->errors = array('email' => $this->getLanguage('verifyEmail/help/email/notFound'));
} elseif ($check->code == $email_verify_code) {
$this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $registerIDX)->where('email', $email)->execute();
$this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute();
$results->success = true;
} else {
$results->success = false;
$results->errors = array('email_verify_code' => $this->getLanguage('verifyEmail/help/email_verify_code/error'));
}
}
}
if ($action == 'sendVerifyEmail') {
$registerIDX = Request('registerIDX');
$email = Request('email');
if ($this->isLogged() == true) {
if (CheckEmail($email) == false) {
$results->success = false;
$results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/error'));
} elseif ($this->db()->select($this->table->member)->where('email', $email)->count() == 1) {
$results->success = false;
$results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/duplicated'));
} else {
$check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne();
if ($check == null || $check->status != 'SENDING' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) {
$this->db()->delete($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->execute();
$status = $this->sendVerifyEmail($this->getLogged(), $email);
$results->success = true;
$results->message = $this->getLanguage('verifyEmail/sending');
} else {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/sending');
}
}
} elseif ($registerIDX != null) {
$member = $this->db()->select($this->table->member)->where('idx', $registerIDX)->getOne();
if ($member == null || $member->status != 'VERIFYING') {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/target');
} else {
if (CheckEmail($email) == false) {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/email');
} else {
$check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne();
if ($check->status == 'VERIFIED') {
$signupPage = $this->getMemberPage('signup');
$results->success = true;
$this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute();
$results->redirect = $this->IM->getUrl($signupPage->menu, $signupPage->page, 'complete');
} elseif ($check == null || $check->status == 'CANCELED' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) {
$this->db()->delete($this->table->email)->where('midx', $registerIDX)->where('email', $email)->execute();
$status = $this->sendVerifyEmail($registerIDX, $email);
$results->success = true;
$results->message = $this->getLanguage('verifyEmail/sending');
} else {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/sending');
}
}
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
}
}
if ($action == 'photoEdit') {
$templet = Request('templet');
if ($this->isLogged() == true) {
$results->success = true;
$results->modalHtml = $this->getPhotoEdit($templet);
$results->photo = $this->getMember()->photo;
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
}
}
if ($action == 'photoUpload') {
$photo = Request('photo');
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} else {
if (preg_match('/^data:image\\/(.*?);base64,(.*?)$/', $photo, $match) == true) {
$bytes = base64_decode($match[2]);
file_put_contents($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $bytes);
$this->IM->getModule('attachment')->createThumbnail($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', 250, 250, false, 'jpg');
$results->success = true;
$results->message = $this->getLanguage('photoEdit/success');
} else {
$results->success = false;
$results->message = $this->getLanguage('photoEdit/error');
}
}
}
if ($action == 'modifyEmail') {
$confirm = Request('confirm');
if ($confirm == 'TRUE') {
$email = Request('email');
$code = Request('code');
$check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne();
if ($check == null || $check->code != $code) {
$results->success = false;
$results->errors = array('code' => $this->getLanguage('modifyEmail/help/code/error'));
} else {
$this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $this->getLogged())->where('email', $email)->execute();
$this->db()->update($this->table->member, array('email' => $email))->where('idx', $this->getLogged())->execute();
$results->success = true;
$results->message = $this->getLanguage('modifyEmail/success');
}
} else {
$templet = Request('templet');
if ($this->isLogged() == true) {
$results->success = true;
$results->modalHtml = $this->getModifyEmail($templet);
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
}
}
}
if ($action == 'modify') {
$step = Request('step');
if ($step == 'verify') {
$member = $this->getMember();
$password = Request('password');
$mHash = new Hash();
if ($mHash->password_validate($password, $member->password) == true) {
$results->success = true;
$results->password = Encoder($password);
} else {
$results->success = false;
$results->errors = array('password' => $this->getLanguage('verify/help/password/error'));
}
}
if ($step == 'modify') {
$errors = array();
$values->name = Request('name') ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error'));
$values->nickname = Request('nickname') ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error'));
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLangauge('error/notLogged');
} elseif (count($errors) == 0) {
$insert = array();
$insert['name'] = $values->name;
$insert['nickname'] = $values->nickname;
$this->db()->update($this->table->member, $insert)->where('idx', $this->getLogged())->execute();
$results->success = true;
$results->message = $this->getLanguage('modify/success');
} else {
$results->success = false;
$results->errors = $errors;
}
}
}
if ($action == 'password') {
$errors = array();
$password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error'));
if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) {
$errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error');
}
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLangauge('error/notLogged');
} else {
$mHash = new Hash();
if (strlen($this->getMember()->password) == 65) {
$old_password = Request('old_password');
if ($old_password == '' || $mHash->password_validate($old_password, $this->getMember()->password) == false) {
$errors['old_password'] = $this->getLanguage('password/help/old_password/error');
}
}
if (count($errors) == 0) {
$password = $mHash->password_hash($password);
$this->db()->update($this->table->member, array('password' => $password))->where('idx', $this->getLogged())->execute();
$results->success = true;
$results->message = $this->getLanguage('password/success');
} else {
$results->success = false;
$results->errors = $errors;
}
}
}
if ($action == 'facebook') {
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
if ($this->IM->domain == 'www.arzz.com') {
$CLIENT_ID = '985851538105124';
$CLIENT_SECRET = 'c6b74ae32d4786b440bb878c46ee2998';
} elseif ($this->IM->domain == 'www.minitalk.kr') {
$CLIENT_ID = '418845248317025';
$CLIENT_SECRET = '5850c198f8f4b0b254a53ae7f9049600';
} else {
$CLIENT_ID = '985851538105124';
$CLIENT_SECRET = 'c6b74ae32d4786b440bb878c46ee2998';
}
$AUTH_URL = 'https://graph.facebook.com/oauth/authorize';
$TOKEN_URL = 'https://graph.facebook.com/oauth/access_token';
$facebook = new OAuthClient();
$facebook->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('public_profile,email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($facebook->authenticate($_GET['code']) == true) {
$redirectUrl = $facebook->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($facebook->getAccessToken() == null) {
$authUrl = $facebook->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $facebook->get('https://graph.facebook.com/me', array('fields' => 'id,email,name'));
if ($data === false || empty($data->email) == true) {
$this->IM->printError('API ERROR');
}
$accessToken = $facebook->getAccessToken();
$refreshToken = $facebook->getRefreshToken() == null ? '' : $facebook->getRefreshToken();
$this->socialLogin('facebook', $data->id, $data->name, $data->email, 'https://graph.facebook.com/' . $data->id . '/picture?width=250&height=250', $accessToken, $refreshToken);
}
if ($action == 'google') {
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
if ($this->IM->domain == 'www.arzz.com') {
$CLIENT_ID = '367657130146-m9ojilvf3kbsv6j24uieartls0ols8t8.apps.googleusercontent.com';
$CLIENT_SECRET = 'GVgWL29VdBiSQIuRTlL5RZDc';
} elseif ($this->IM->domain == 'www.minitalk.kr') {
$CLIENT_ID = '476101389490-mug55vcsit7af2sd095m3c8fhd3agssu.apps.googleusercontent.com';
$CLIENT_SECRET = 'CJKMFEkaWkiasXWIj42WY4HU';
} else {
$CLIENT_ID = '995059916144-2odfvfoh0h18fhfsid1lh25d1vpunm5n.apps.googleusercontent.com';
$CLIENT_SECRET = 'A3G-GgF_2rsWXUuvmU1hPLOv';
}
$AUTH_URL = 'https://accounts.google.com/o/oauth2/auth';
$TOKEN_URL = 'https://accounts.google.com/o/oauth2/token';
$google = new OAuthClient();
$google->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($google->authenticate($_GET['code']) == true) {
$redirectUrl = $google->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($google->getAccessToken() == null) {
$authUrl = $google->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $google->get('https://www.googleapis.com/plus/v1/people/me');
if ($data === false || empty($data->emails) == true) {
$this->IM->printError('API ERROR');
}
for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) {
if ($data->emails[$i]->type == 'account') {
$data->email = $data->emails[$i]->value;
break;
}
}
$data->photo = str_replace('sz=50', 'sz=250', $data->image->url);
$accessToken = $google->getAccessToken();
$refreshToken = $google->getRefreshToken() == null ? '' : $google->getRefreshToken();
$this->socialLogin('google', $data->id, $data->displayName, $data->email, $data->photo, $accessToken, $refreshToken);
}
if ($action == 'youtube') {
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
if ($this->isLogged() == false) {
die($this->getError('NOT_LOGGED'));
}
$CLIENT_ID = '995059916144-2odfvfoh0h18fhfsid1lh25d1vpunm5n.apps.googleusercontent.com';
$CLIENT_SECRET = 'A3G-GgF_2rsWXUuvmU1hPLOv';
$AUTH_URL = 'https://accounts.google.com/o/oauth2/auth';
$TOKEN_URL = 'https://accounts.google.com/o/oauth2/token';
$youtube = new OAuthClient();
$youtube->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload https://www.googleapis.com/auth/youtubepartner https://www.googleapis.com/auth/youtube.force-ssl')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($youtube->authenticate($_GET['code']) == true) {
$redirectUrl = $youtube->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($youtube->getAccessToken() == null) {
$authUrl = $youtube->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $youtube->get('https://www.googleapis.com/plus/v1/people/me');
if ($data === false || empty($data->emails) == true) {
$this->IM->printError('API ERROR');
}
for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) {
if ($data->emails[$i]->type == 'account') {
$data->email = $data->emails[$i]->value;
break;
}
}
$accessToken = $youtube->getAccessToken();
$refreshToken = $youtube->getRefreshToken() == null ? '' : $youtube->getRefreshToken();
$check = $this->db()->select($this->table->social)->where('midx', $this->getLogged())->where('code', 'youtube')->getOne();
if ($check == null) {
$this->db()->insert($this->table->social, array('midx' => $this->getLogged(), 'code' => 'youtube', 'user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->execute();
} else {
$this->db()->update($this->table->social, array('user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->where('midx', $this->getLogged())->where('code', 'youtube')->execute();
}
unset($_SESSION['OAUTH_ACCESS_TOKEN']);
unset($_SESSION['OAUTH_REFRESH_TOKEN']);
$redirectUrl = Request('SOCIAL_REDIRECT_URL', 'session') != null ? Request('SOCIAL_REDIRECT_URL', 'session') : '/';
unset($_SESSION['SOCIAL_REDIRECT_URL']);
header('location:' . $redirectUrl);
}
if ($action == 'github') {
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
if ($this->IM->domain == 'www.arzz.com') {
$CLIENT_ID = 'b3f954eccc5378afbacf';
$CLIENT_SECRET = '4507787bbac2f89382c5b29dc07017bbc776c218';
} elseif ($this->IM->domain == 'www.minitalk.kr') {
$CLIENT_ID = 'a5b5c360b237ed9de0c7';
$CLIENT_SECRET = '0f5e658a0d05f83ee918da13cfe070ff5bc42e60';
} else {
$CLIENT_ID = 'b3f954eccc5378afbacf';
$CLIENT_SECRET = '4507787bbac2f89382c5b29dc07017bbc776c218';
}
$AUTH_URL = 'https://github.com/login/oauth/authorize';
$TOKEN_URL = 'https://github.com/login/oauth/access_token';
$github = new OAuthClient();
$github->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setAuthUrl($AUTH_URL)->setScope('user')->setAccessType('offline')->setUserAgent('Awesome-Octocat-App')->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($github->authenticate($_GET['code']) == true) {
$redirectUrl = $github->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($github->getAccessToken() == null) {
$authUrl = $github->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $github->get('https://api.github.com/user');
if ($data === false || empty($data->email) == true) {
$this->IM->printError('API ERROR');
}
$accessToken = $github->getAccessToken();
$refreshToken = $github->getRefreshToken() == null ? '' : $github->getRefreshToken();
$this->socialLogin('github', $data->id, $data->name, $data->email, $data->avatar_url, $accessToken, $refreshToken);
}
$this->IM->fireEvent('afterDoProcess', 'member', $action, $values, $results);
return $results;
}
function doProcess($action)
{
$results = new stdClass();
$values = new stdClass();
if ($action == 'check') {
$name = Request('name');
$value = Request('value');
if ($name == 'email') {
$siteType = $this->IM->getSites($this->IM->domain)->member;
if (CheckEmail($value) == true) {
if ($this->db()->select($this->table->member)->where('email', $value)->where('idx', $this->getLogged(), '!=')->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('email', $value)->where('idx', $this->getLogged(), '!=')->where('type', 'ADMINISTRATOR')->has() == true) {
$results->success = false;
$results->message = $this->getLanguage('signup/help/email/duplicated');
} else {
$results->success = true;
}
} else {
$results->success = false;
$results->message = $this->getLanguage('signup/help/email/error');
}
}
if ($name == 'name') {
if (strlen($value) > 0) {
$results->success = true;
} else {
$results->success = false;
$results->message = $this->getLanguage('signup/help/name/error');
}
}
if ($name == 'nickname') {
$siteType = $this->IM->getSites($this->IM->domain)->member;
if (CheckNickname($value) == true) {
if ($this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('nickname', $value)->where('idx', $this->getLogged(), '!=')->where('type', 'ADMINISTRATOR')->has() == true) {
$results->success = false;
$results->message = $this->getLanguage('signup/help/nickname/duplicated');
} else {
$results->success = true;
}
} else {
$results->success = false;
$results->message = $this->getLanguage('signup/help/nickname/error');
}
}
if ($name == 'old_password') {
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} else {
$mHash = new Hash();
if ($mHash->password_validate($value, $this->getMember()->password) == true) {
$results->success = true;
$results->message = $this->getLanguage('password/help/old_password/success');
} else {
$results->success = false;
$results->message = $this->getLanguage('password/help/old_password/error');
}
}
}
}
if ($action == 'forceLogin') {
$code = Decoder(Request('code'));
if ($code === false) {
$results->success = false;
$results->message = $this->getLanguage('error/invalidCode');
} else {
$data = json_decode($code);
if ($data != null && $data->ip == $_SERVER['REMOTE_ADDR']) {
$this->login($data->idx);
$results->success = true;
} else {
$results->success = false;
$results->message = $this->getLanguage('error/invalidCode');
}
}
}
if ($action == 'login') {
$mHash = new Hash();
$email = Request('email');
$password = Request('password');
$results->errors = array();
$loginFail = Request('loginFail', 'session') != null && is_array(Request('loginFail', 'session')) == true ? Request('loginFail', 'session') : array('count' => 0, 'time' => 0);
if ($loginFail['time'] > time()) {
$results->success = false;
$results->message = $this->getLanguage('login/error/login');
} else {
$siteType = $this->IM->getSites($this->IM->domain)->member;
if ($siteType == 'MERGE') {
$check = $this->db()->select($this->table->member)->where('email', $email)->where('domain', '*')->getOne();
} else {
$check = $this->db()->select($this->table->member)->where('email', $email)->where('domain', $this->IM->domain)->getOne();
}
// not found member, search ADMINISTRATOR
if ($check == null) {
$check = $this->db()->select($this->table->member)->where('email', $email)->where('type', 'ADMINISTRATOR')->getOne();
}
if ($check == null) {
$results->success = false;
$results->errors['email'] = $this->getLanguage('login/error/email');
$loginFail['count']++;
if ($loginFail['count'] == 5) {
$loginFail['count'] = 0;
$loginFail['time'] = time() + 60 * 60 * 5;
}
$values->email = $email;
$values->password = $password;
} elseif ($mHash->password_validate($password, $check->password) == false) {
$results->success = false;
$results->errors['password'] = $this->getLanguage('login/error/password');
$loginFail['count']++;
if ($loginFail['count'] == 5) {
$loginFail['count'] = 0;
$loginFail['time'] = time() + 60 * 60 * 5;
}
$values->email = $email;
$values->password = $password;
} else {
if ($check->status == 'ACTIVE') {
$this->db()->update($this->table->member, array('last_login' => time()))->where('idx', $check->idx)->execute();
$this->login($check->idx);
$results->success = true;
} elseif ($check->status == 'VERIFYING') {
$_SESSION['MEMBER_REGISTER_IDX'] = Encoder($check->idx);
$page = $this->getMemberPage('signup');
$results->success = false;
$results->redirect = $this->IM->getUrl($page->menu, $page->page, 'verify');
} else {
$results->success = false;
$results->message = $this->getLanguage('error/' . $check->status);
}
}
}
$_SESSION['loginFail'] = $loginFail;
}
if ($action == 'logout') {
unset($_SESSION['MEMBER_LOGGED']);
$results->success = true;
}
if ($action == 'cert') {
$results->success = true;
}
if ($action == 'signup') {
$siteType = $this->IM->getSites($this->IM->domain)->member;
$errors = array();
$email = CheckEmail(Request('email')) == true ? Request('email') : ($errors['email'] = $this->getLanguage('signup/help/email/error'));
$password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error'));
if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) {
$errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error');
}
$name = CheckNickname(Request('name')) == true ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error'));
$nickname = CheckNickname(Request('nickname')) == true ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error'));
if ($this->db()->select($this->table->member)->where('email', $email)->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('email', $email)->where('type', 'ADMINISTRATOR')->has() == true) {
$errors['email'] = $this->getLanguage('signup/help/email/duplicated');
}
if ($this->db()->select($this->table->member)->where('nickname', $nickname)->where('domain', $siteType == 'MERGE' ? '*' : $this->IM->domain)->has() == true || $this->db()->select($this->table->member)->where('nickname', $nickname)->where('type', 'ADMINISTRATOR')->has() == true) {
$errors['nickname'] = $this->getLanguage('signup/help/nickname/duplicated');
}
if (empty($errors) == true) {
$mHash = new Hash();
$insert = array();
$insert['email'] = $email;
$insert['domain'] = $siteType == 'MERGE' ? '*' : $this->IM->domain;
$insert['password'] = $mHash->password_hash($password);
$insert['name'] = $name;
$insert['nickname'] = $nickname;
$insert['status'] = 'VERIFYING';
$insert['reg_date'] = time();
$idx = $this->db()->insert($this->table->member, $insert)->execute();
if ($idx !== false) {
$results->success = true;
$_SESSION['MEMBER_REGISTER_IDX'] = Encoder($idx);
$this->sendVerifyEmail($idx);
unset($_SESSION['registerGIDX']);
} else {
$results->success = false;
}
} else {
$results->success = false;
$results->errors = $errors;
}
}
if ($action == 'verifyEmail') {
$registerIDX = Request('registerIDX');
if ($registerIDX == null) {
$results->success = false;
} else {
$email = Request('email');
$email_verify_code = Request('email_verify_code');
$check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne();
if ($check == null) {
$results->success = false;
$results->errors = array('email' => $this->getLanguage('verifyEmail/help/email/notFound'));
} elseif ($check->code == $email_verify_code) {
$this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $registerIDX)->where('email', $email)->execute();
$this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute();
$results->success = true;
} else {
$results->success = false;
$results->errors = array('email_verify_code' => $this->getLanguage('verifyEmail/help/email_verify_code/error'));
}
}
}
if ($action == 'sendVerifyEmail') {
$registerIDX = Request('registerIDX');
$email = Request('email');
if ($this->isLogged() == true) {
if (CheckEmail($email) == false) {
$results->success = false;
$results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/error'));
} elseif ($this->db()->select($this->table->member)->where('email', $email)->count() == 1) {
$results->success = false;
$results->errors = array('email' => $this->getLanguage('modifyEmail/help/email/duplicated'));
} else {
$check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne();
if ($check == null || $check->status != 'SENDING' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) {
$this->db()->delete($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->execute();
$status = $this->sendVerifyEmail($this->getLogged(), $email);
$results->success = true;
$results->message = $this->getLanguage('verifyEmail/sending');
} else {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/sending');
}
}
} elseif ($registerIDX != null) {
$member = $this->db()->select($this->table->member)->where('idx', $registerIDX)->getOne();
if ($member == null || $member->status != 'VERIFYING') {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/target');
} else {
if (CheckEmail($email) == false) {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/email');
} else {
$check = $this->db()->select($this->table->email)->where('midx', $registerIDX)->where('email', $email)->getOne();
if ($check->status == 'VERIFIED') {
$signupPage = $this->getMemberPage('signup');
$results->success = true;
$this->db()->update($this->table->member, array('status' => 'ACTIVE'))->where('idx', $registerIDX)->execute();
$results->redirect = $this->IM->getUrl($signupPage->menu, $signupPage->page, 'complete');
} elseif ($check == null || $check->status == 'CANCELED' || $check->status == 'SENDING' && $check->reg_date + 300 < time()) {
$this->db()->delete($this->table->email)->where('midx', $registerIDX)->where('email', $email)->execute();
$status = $this->sendVerifyEmail($registerIDX, $email);
$results->success = true;
$results->message = $this->getLanguage('verifyEmail/sending');
} else {
$results->success = false;
$results->message = $this->getLanguage('verifyEmail/error/sending');
}
}
}
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
}
}
if ($action == 'photoEdit') {
$templet = Request('templet');
if ($this->isLogged() == true) {
$results->success = true;
$results->modalHtml = $this->getPhotoEdit($templet);
$results->photo = $this->getMember()->photo;
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
}
}
if ($action == 'photoUpload') {
$photo = Request('photo');
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
} else {
if (preg_match('/^data:image\\/(.*?);base64,(.*?)$/', $photo, $match) == true) {
$bytes = base64_decode($match[2]);
file_put_contents($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $bytes);
$this->IM->getModule('attachment')->createThumbnail($this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', $this->IM->getAttachmentPath() . '/member/' . $this->getLogged() . '.jpg', 250, 250, false, 'jpg');
$results->success = true;
$results->message = $this->getLanguage('photoEdit/success');
} else {
$results->success = false;
$results->message = $this->getLanguage('photoEdit/error');
}
}
}
if ($action == 'modifyEmail') {
$confirm = Request('confirm');
if ($confirm == 'TRUE') {
$email = Request('email');
$code = Request('code');
$check = $this->db()->select($this->table->email)->where('midx', $this->getLogged())->where('email', $email)->getOne();
if ($check == null || $check->code != $code) {
$results->success = false;
$results->errors = array('code' => $this->getLanguage('modifyEmail/help/code/error'));
} else {
$this->db()->update($this->table->email, array('status' => 'VERIFIED'))->where('midx', $this->getLogged())->where('email', $email)->execute();
$this->db()->update($this->table->member, array('email' => $email))->where('idx', $this->getLogged())->execute();
$results->success = true;
$results->message = $this->getLanguage('modifyEmail/success');
}
} else {
$templet = Request('templet');
if ($this->isLogged() == true) {
$results->success = true;
$results->modalHtml = $this->getModifyEmail($templet);
} else {
$results->success = false;
$results->message = $this->getLanguage('error/notLogged');
}
}
}
if ($action == 'modify') {
$step = Request('step');
if ($step == 'verify') {
$member = $this->getMember();
$password = Request('password');
$mHash = new Hash();
if ($mHash->password_validate($password, $member->password) == true) {
$results->success = true;
$results->password = Encoder($password);
} else {
$results->success = false;
$results->errors = array('password' => $this->getLanguage('verify/help/password/error'));
}
}
if ($step == 'modify') {
$errors = array();
$values->name = Request('name') ? Request('name') : ($errors['name'] = $this->getLanguage('signup/help/name/error'));
$values->nickname = Request('nickname') ? Request('nickname') : ($errors['nickname'] = $this->getLanguage('signup/help/nickname/error'));
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLangauge('error/notLogged');
} elseif (count($errors) == 0) {
$insert = array();
$insert['name'] = $values->name;
$insert['nickname'] = $values->nickname;
$this->db()->update($this->table->member, $insert)->where('idx', $this->getLogged())->execute();
$results->success = true;
$results->message = $this->getLanguage('modify/success');
} else {
$results->success = false;
$results->errors = $errors;
}
}
}
if ($action == 'password') {
$errors = array();
$password = strlen(Request('password')) >= 4 ? Request('password') : ($errors['password'] = $this->getLanguage('signup/help/password/error'));
if (strlen(Request('password')) < 4 || Request('password') != Request('password_confirm')) {
$errors['password_confirm'] = $this->getLanguage('signup/help/password_confirm/error');
}
if ($this->isLogged() == false) {
$results->success = false;
$results->message = $this->getLangauge('error/notLogged');
} else {
$mHash = new Hash();
if (strlen($this->getMember()->password) == 65) {
$old_password = Request('old_password');
if ($old_password == '' || $mHash->password_validate($old_password, $this->getMember()->password) == false) {
$errors['old_password'] = $this->getLanguage('password/help/old_password/error');
}
}
if (count($errors) == 0) {
$password = $mHash->password_hash($password);
$this->db()->update($this->table->member, array('password' => $password))->where('idx', $this->getLogged())->execute();
$results->success = true;
$results->message = $this->getLanguage('password/success');
} else {
$results->success = false;
$results->errors = $errors;
}
}
}
if ($action == 'facebook') {
$OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne();
if ($OAUTH == null) {
$this->IM->printError('OAUTH_DOMAIN_ERROR');
}
$CLIENT_ID = $OAUTH->client_id;
$CLIENT_SECRET = $OAUTH->client_secret;
$AUTH_URL = 'https://graph.facebook.com/oauth/authorize';
$TOKEN_URL = 'https://graph.facebook.com/oauth/access_token';
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
$facebook = new OAuthClient();
$facebook->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('public_profile,email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($facebook->authenticate($_GET['code']) == true) {
$redirectUrl = $facebook->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($facebook->getAccessToken() == null) {
$authUrl = $facebook->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $facebook->get('https://graph.facebook.com/me', array('fields' => 'id,email,name'));
if ($data === false || empty($data->email) == true) {
$this->IM->printError('OAUTH_API_ERROR');
}
$accessToken = $facebook->getAccessToken();
$refreshToken = $facebook->getRefreshToken() == null ? '' : $facebook->getRefreshToken();
$this->socialLogin('facebook', $data->id, $data->name, $data->email, 'https://graph.facebook.com/' . $data->id . '/picture?width=250&height=250', $accessToken, $refreshToken);
}
if ($action == 'google') {
$OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne();
if ($OAUTH == null) {
$this->IM->printError('OAUTH_DOMAIN_ERROR');
}
$CLIENT_ID = $OAUTH->client_id;
$CLIENT_SECRET = $OAUTH->client_secret;
$AUTH_URL = 'https://accounts.google.com/o/oauth2/auth';
$TOKEN_URL = 'https://accounts.google.com/o/oauth2/token';
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
$google = new OAuthClient();
$google->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($google->authenticate($_GET['code']) == true) {
$redirectUrl = $google->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($google->getAccessToken() == null) {
$authUrl = $google->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $google->get('https://www.googleapis.com/plus/v1/people/me');
if ($data === false || empty($data->emails) == true) {
$this->IM->printError('OAUTH_API_ERROR');
}
for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) {
if ($data->emails[$i]->type == 'account') {
$data->email = $data->emails[$i]->value;
break;
}
}
$data->photo = str_replace('sz=50', 'sz=250', $data->image->url);
$accessToken = $google->getAccessToken();
$refreshToken = $google->getRefreshToken() == null ? '' : $google->getRefreshToken();
$this->socialLogin('google', $data->id, $data->displayName, $data->email, $data->photo, $accessToken, $refreshToken);
}
if ($action == 'youtube') {
$OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne();
if ($OAUTH == null) {
$this->IM->printError('OAUTH_DOMAIN_ERROR');
}
$CLIENT_ID = $OAUTH->client_id;
$CLIENT_SECRET = $OAUTH->client_secret;
$AUTH_URL = 'https://accounts.google.com/o/oauth2/auth';
$TOKEN_URL = 'https://accounts.google.com/o/oauth2/token';
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
if ($this->isLogged() == false) {
die($this->getError('NOT_LOGGED'));
}
$youtube = new OAuthClient();
$youtube->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setScope('https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload https://www.googleapis.com/auth/youtubepartner https://www.googleapis.com/auth/youtube.force-ssl')->setAccessType('offline')->setAuthUrl($AUTH_URL)->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($youtube->authenticate($_GET['code']) == true) {
$redirectUrl = $youtube->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($youtube->getAccessToken() == null) {
$authUrl = $youtube->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $youtube->get('https://www.googleapis.com/plus/v1/people/me');
if ($data === false || empty($data->emails) == true) {
$this->IM->printError('OAUTH_API_ERROR');
}
for ($i = 0, $loop = count($data->emails); $i < $loop; $i++) {
if ($data->emails[$i]->type == 'account') {
$data->email = $data->emails[$i]->value;
break;
}
}
$accessToken = $youtube->getAccessToken();
$refreshToken = $youtube->getRefreshToken() == null ? '' : $youtube->getRefreshToken();
$check = $this->db()->select($this->table->social_token)->where('midx', $this->getLogged())->where('code', 'youtube')->getOne();
if ($check == null) {
$this->db()->insert($this->table->social_token, array('midx' => $this->getLogged(), 'code' => 'youtube', 'user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->execute();
} else {
$this->db()->update($this->table->social_token, array('user_id' => $data->id, 'email' => $data->email, 'access_token' => $accessToken, 'refresh_token' => $refreshToken))->where('midx', $this->getLogged())->where('code', 'youtube')->execute();
}
unset($_SESSION['OAUTH_ACCESS_TOKEN']);
unset($_SESSION['OAUTH_REFRESH_TOKEN']);
$redirectUrl = Request('SOCIAL_REDIRECT_URL', 'session') != null ? Request('SOCIAL_REDIRECT_URL', 'session') : '/';
unset($_SESSION['SOCIAL_REDIRECT_URL']);
header('location:' . $redirectUrl);
}
if ($action == 'github') {
$OAUTH = $this->db()->select($this->table->social_oauth)->where('domain', $this->IM->domain)->where('code', $action)->getOne();
if ($OAUTH == null) {
$this->IM->printError('OAUTH_DOMAIN_ERROR');
}
$CLIENT_ID = $OAUTH->client_id;
$CLIENT_SECRET = $OAUTH->client_secret;
$AUTH_URL = 'https://github.com/login/oauth/authorize';
$TOKEN_URL = 'https://github.com/login/oauth/access_token';
if (Request('SOCIAL_REDIRECT_URL', 'session') == null) {
$_SESSION['SOCIAL_REDIRECT_URL'] = $_SERVER['HTTP_REFERER'];
}
$github = new OAuthClient();
$github->setClientId($CLIENT_ID)->setClientSecret($CLIENT_SECRET)->setAuthUrl($AUTH_URL)->setScope('user')->setAccessType('offline')->setUserAgent('Awesome-Octocat-App')->setTokenUrl($TOKEN_URL);
if (isset($_GET['code']) == true) {
if ($github->authenticate($_GET['code']) == true) {
$redirectUrl = $github->getRedirectUrl();
header('location:' . $redirectUrl);
}
exit;
} elseif ($github->getAccessToken() == null) {
$authUrl = $github->getAuthenticationUrl();
header('location:' . $authUrl);
exit;
}
$data = $github->get('https://api.github.com/user');
if ($data === false || empty($data->email) == true) {
$this->IM->printError('OAUTH_API_ERROR');
}
$accessToken = $github->getAccessToken();
$refreshToken = $github->getRefreshToken() == null ? '' : $github->getRefreshToken();
$this->socialLogin('github', $data->id, $data->name, $data->email, $data->avatar_url, $accessToken, $refreshToken);
}
$this->IM->fireEvent('afterDoProcess', 'member', $action, $values, $results);
return $results;
}