$show_step2 = true;
$error_msg = str_replace('%size%', $fileverification['msg_extra'], $LANG['FILE_IS_BIG']);
break;
}
}
}
}
if ($show_step2 !== true) {
if ($client_status == 1) {
$fullname = $user['fullname'];
$email = $user['email'];
$user_id = $user['id'];
} else {
$fullname = $input->p['fullname'];
$email = $input->p['email'];
$user_id = hdz_registerAccount(array('fullname' => $input->p['fullname'], 'email' => $input->p['email']));
}
$ticket_id = substr(strtoupper(sha1(time() . $email)), 0, 11);
$ticket_id = substr_replace($ticket_id, '-', 3, 0);
$ticket_id = substr_replace($ticket_id, '-', 7, 0);
$previewcode = substr(md5(time() . $fullname), 2, 12);
$custom_post = serialize($custom_post);
$data = array('code' => $ticket_id, 'department_id' => $department_id, 'priority_id' => $input->p['priority'], 'user_id' => $user_id, 'fullname' => $fullname, 'email' => $email, 'subject' => $input->p['subject'], 'date' => time(), 'last_update' => time(), 'previewcode' => $previewcode, 'last_replier' => $fullname, 'custom_vars' => $custom_post);
$db->insert(TABLE_PREFIX . 'tickets', $data);
$ticketid = $db->lastInsertId();
$data = array('ticket_id' => $ticketid, 'date' => time(), 'message' => $input->p['message'], 'ip' => $_SERVER['REMOTE_ADDR'], 'email' => $email);
$db->insert(TABLE_PREFIX . 'tickets_messages', $data);
$message_id = $db->lastInsertId();
if (is_array($fileuploaded)) {
foreach ($fileuploaded as $f) {
$data = array('name' => $f['name'], 'enc' => $f['enc'], 'filesize' => $f['size'], 'ticket_id' => $ticketid, 'msg_id' => $message_id, 'filetype' => $f['filetype']);
$redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
}
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
} else {
$authUrl = $client->createAuthUrl();
}
if ($client->getAccessToken()) {
$_SESSION['access_token'] = $client->getAccessToken();
//$token_data = $client->verifyIdToken()->getAttributes();
$objOAuthService = new Google_Service_Oauth2($client);
$userData = $objOAuthService->userinfo->get();
}
if (strpos($client_id, "googleusercontent") == false) {
echo missingClientSecretsWarning();
exit;
}
if (isset($authUrl)) {
header('location: ' . $authUrl);
exit;
}
if (isset($userData)) {
$userData = $objOAuthService->userinfo->get();
$data = array('fullname' => $userData->givenName . ' ' . $userData->familyName, 'email' => $userData->email);
$user_id = hdz_registerAccount($data);
hdz_loginAccount($userData->email, 48);
unset($_SESSION['access_token']);
header('location: ' . getUrl('view_tickets'));
exit;
}
if ($settings['loginshare'] == 1) {
$xmlurl = $settings['loginshare_url'];
$postfields = "email=" . urlencode($input->p['email']) . "&password="******"&ip=" . urlencode($_SERVER['REMOTE_ADDR']);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $xmlurl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_POST, 3);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
$output = curl_exec($ch);
curl_close($ch);
libxml_use_internal_errors(true);
$xml = simplexml_load_string($output);
if ($xml !== false) {
if ($xml->result == 1 && !empty($xml->user->fullname) && !empty($xml->user->email)) {
hdz_registerAccount(array('fullname' => $xml->user->fullname, 'email' => $xml->user->email, 'password' => $input->p['password']), FALSE, TRUE);
$data = array('fullname' => $xml->user->fullname, 'email' => $xml->user->email, 'password' => sha1($input->p['password']));
$chk = $db->fetchOne("SELECT COUNT(id) AS NUM FROM " . TABLE_PREFIX . "users WHERE email='" . $db->real_escape_string($input->p['email']) . "'");
if ($chk == 0) {
$db->insert(TABLE_PREFIX . "users", $data);
} else {
$db->update(TABLE_PREFIX . "users", $data, "email='" . $db->real_escape_string($input->p['email']) . "'");
}
}
}
}
$password = sha1($input->p['password']);
$chk = $db->fetchOne("SELECT COUNT(id) AS NUM FROM " . TABLE_PREFIX . "users WHERE email='" . $db->real_escape_string($input->p['email']) . "' AND password='******'");
if ($chk == 0) {
$error_msg = $LANG['INVALID_EMAIL_OR_PASSWORD'];
} else {
