public function GoogleUser()
{
$client = new \Google_Client();
$client->setApplicationName(\SKT_GOOGLEOAUTH2_SETAPPLICATIONNAME);
// Visit https://code.google.com/apis/console?api=plus to generate your
// oauth2_client_id, oauth2_client_secret, and to register your oauth2_redirect_uri.
$client->setClientId(\SKT_GOOGLEOAUTH2_SETCLIENTID);
$client->setClientSecret(\SKT_GOOGLEOAUTH2_SETCLIENTSECRET);
$client->setRedirectUri(\SKT_GOOGLEOAUTH2_SETREDIRECTURI);
$client->setDeveloperKey(\SKT_GOOGLEOAUTH2_SETDEVELOPERKEY);
$oauth2 = new \Google_Oauth2Service($client);
if (isset($_GET['code'])) {
$client->authenticate($_GET['code']);
$_SESSION['token'] = $client->getAccessToken();
$redirect = \SITE_SERVER;
\CmsDev\Header\refresh::refreshNow(\filter_var($redirect, FILTER_SANITIZE_URL));
return;
}
if (isset($_SESSION['token'])) {
$client->setAccessToken($_SESSION['token']);
}
if (isset($_REQUEST['logout']) or \THIS_URL_REAL === 'UserLogout') {
unset($_SESSION['token']);
$client->revokeToken();
}
if ($client->getAccessToken()) {
$user = $oauth2->userinfo->get();
// These fields are currently filtered through the PHP sanitize filters.
// See http://www.php.net/manual/en/filter.filters.sanitize.php
$this->family_name = filter_var($user['family_name'], \FILTER_SANITIZE_STRING);
$this->name = filter_var($user['name'], \FILTER_SANITIZE_STRING);
$this->locale = filter_var($user['locale'], \FILTER_SANITIZE_STRING);
$this->gender = filter_var($user['gender'], \FILTER_SANITIZE_STRING);
$this->email = filter_var($user['email'], \FILTER_SANITIZE_EMAIL);
$this->link = filter_var($user['link'], \FILTER_SANITIZE_URL);
$this->given_name = filter_var($user['given_name'], \FILTER_SANITIZE_STRING);
$this->id = filter_var($user['id'], \FILTER_SANITIZE_STRING);
$this->verified_email = filter_var($user['verified_email'], \FILTER_SANITIZE_STRING);
if (isset($user['picture']) && $user['picture'] != '') {
$this->picture = filter_var($user['picture'], \FILTER_VALIDATE_URL);
} else {
$this->picture = \SKT_ACCESS_AVATAR;
}
$this->ClientAuth = 'Google';
$_SESSION['token'] = $client->getAccessToken();
$this->createAuthUrl = $client->createAuthUrl();
$this->Info = array('family_name' => HtmlSpecialChars($this->family_name), 'name' => HtmlSpecialChars($this->name), 'locale' => $this->locale, 'gender' => $this->gender, 'email' => $this->email, 'link' => $this->link, 'given_name' => HtmlSpecialChars($this->given_name), 'id' => $this->id, 'verified_email' => $this->verified_email, 'picture' => $this->picture, 'ClientAuth' => $this->ClientAuth, 'createAuthUrl' => $this->createAuthUrl);
\CmsDev\Security\UserRegister::checkAction($this->Info);
return true;
} else {
$this->createAuthUrl = $client->createAuthUrl();
new \CmsDev\Url\refer();
return false;
}
}
public static function render()
{
$SectionValues = \CmsDev\Content\Section::get();
$Template = $SectionValues->Template;
if ($Template === '') {
$Template = 'home';
}
/* ------------------------------------------------------------------------------- */
/* ------------------------- LOAD SEARCH ENGINE -------------------------------- */
/* ------------------------------------------------------------------------------- */
if (\SKTURL_Here == 'Google_Search') {
$Template = 'System/Google_Search';
$LoadTemplate = \SKTPATH_TemplateSite . 'SKT_Theme_Pages/System/Google_Search.php';
}
/* ------------------------------------------------------------------------------- */
/* ------------------------- LOGIN AS ADMINISTRATOR ---------------------------- */
/* ------------------------------------------------------------------------------- */
if (\SKTURL_Here === 'admin' or \SKTURL_Here === 'admin?invalid-admin' or \SKTURL_Here === 'admin') {
if (isset($_POST['SKT_AdminName']) && isset($_POST['SKT_AdminPassword'])) {
$checkAction = \CmsDev\Security\loginIntent::checkAction('Admin');
}
$Template = 'System/admin';
}
if (isset($_GET['invalid-admin'])) {
$MessageBox = SKT_INFO\Asistance::get();
$MessageBox->TipError(\SKT_ADMIN_User_Invalid, true);
$Template = 'System/admin';
}
if (\THIS_URL_REAL === 'CloseAdmin') {
$checkAction = \CmsDev\Security\loginIntent::checkAction('close');
exit;
}
/* ------------------------------------------------------------------------------- */
/* ------------------------- USERS, LOGIN, REGISTER, CONNECT -------------------- */
/* ------------------------------------------------------------------------------- */
if (\SKTURL_Here === 'UserProfile') {
$Template = 'System/Profile';
}
if (\SKTURL_Here === 'UserRegistration') {
$Template = 'System/NewUser';
}
if (\SKTURL_Here === 'PasswordRecovery') {
$Template = 'System/PasswordRecovery';
}
if (\SKTURL_Here === 'UserLogin' || \THIS_URL_REAL == 'UserLogin?invalid-user') {
$Template = 'System/user';
}
if (\SKTURL_Here === 'ValidateUser') {
$Template = 'System/ValidateUser';
}
if (\SKTURL_Here === 'UserLogout') {
$checkAction = \CmsDev\Security\loginIntent::checkAction('close');
exit;
}
if (\SKTURL_Here === 'index.php' || \THIS_URL_REAL === '?logout') {
\CmsDev\Header\refresh::refreshNow(\SERVER_DIR);
exit;
}
if (\THIS_URL_REAL === 'login_with_facebook') {
\CmsDev\Header\refresh::refreshNow(\SERVER_DIR . '?login_with_facebook');
exit;
}
if (isset($_POST['SKT_UserName']) && isset($_POST['SKT_Password'])) {
\CmsDev\Security\loginIntent::checkAction('login');
}
if (isset($_GET['invalid-user'])) {
$MessageBox = SKT_INFO\Asistance::get();
$MessageBox->TipError(\SKT_ADMIN_User_Invalid, true);
}
if (defined("error")) {
if (\error == 'error500') {
$Template = 'System/500';
} elseif (\error == 'error404') {
$Template = 'System/404';
} elseif (\error == 'error403') {
$Template = 'System/403';
}
}
if (isset($_GET['usr'])) {
$Template = 'System/Company';
}
if (isset($_GET['empresas'])) {
$Template = 'Empresas';
}
if (isset($_GET['Detail'])) {
$Template = 'System/Detail';
}
if (isset($_GET['Type']) && $_GET['Type'] == 'Search') {
$Template = 'System/Search';
$LoadTemplate = \SKTPATH_TemplateSite . 'SKT_Theme_Pages/System/Search.php';
}
/* ------------------------------------------------------------------------------- */
/* ------------------------- LOAD DYNAMIC SECTION ------------------------------ */
/* ------------------------------------------------------------------------------- */
if (!isset($_GET['SKTGoTo']) && !isset($_GET['SKTFiles']) && !isset($_GET['SKTDir']) && !isset($_GET['SKTFiles']) && !isset($_GET['SKTFSys'])) {
if (\is_file(\SKTPATH_TemplateSite . 'SKT_Theme_Pages/' . $Template . '.php')) {
include \SKTPATH_TemplateSite . 'SKT_Theme_Pages/' . $Template . '.php';
} else {
echo \SKTPATH_TemplateSite . 'SKT_Theme_Pages/' . $Template . '.php';
include \SKTPATH_TemplateSite . 'SKT_Theme_Pages/System/500.php';
}
}
}
private static function MakeNewUser($Client = false, $Info = array(), $LevelType = 'Customers')
{
$SKTDB = \CmsDev\Sql\db_Skt::connect();
$new_Google = false;
$new_Facebook = false;
$CheckUserName = new \CmsDev\util\CheckUserName();
$username = Code::Charset(isset($Info['username']) ? $Info['username'] : '');
$password = md5(isset($Info['password']) ? $Info['password'] : '');
$email = Code::Charset(isset($Info['email']) ? $Info['email'] : '');
$isactive = isset($Info['isactive']) ? $Info['isactive'] : 0;
$activekey = isset($Info['activekey']) ? $Info['activekey'] : 0;
$resetkey = isset($Info['resetkey']) ? $Info['resetkey'] : 0;
$cust_no = isset($Info['cust_no']) ? $Info['cust_no'] : 0;
$md5 = isset($Info['md5']) ? $Info['md5'] : md5($username) . $password;
$Description = isset($Info['Description']) ? $Info['Description'] : '';
$Lat = isset($Info['Lat']) ? $Info['Lat'] : '-35';
$Lon = isset($Info['Lon']) ? $Info['Lon'] : '-54';
$zoom = isset($Info['zoom']) ? $Info['zoom'] : '12';
$Type = isset($Info['Type']) ? $Info['Type'] : $LevelType;
$website = isset($Info['website']) ? $Info['website'] : '';
$ViewHelp = isset($Info['ViewHelp']) ? $Info['ViewHelp'] : 0;
$token = isset($Info['token']) ? $Info['token'] : '';
$Company = isset($Info['Company']) ? $Info['Company'] : $Info["username"];
$CompanyUrl = isset($Info['CompanyUrl']) ? $Info['CompanyUrl'] : $CheckUserName->Fix($username);
$Level = isset($Info['level']) ? $Info['level'] : $Type;
$RUT = isset($Info['RUT']) ? $Info['RUT'] : '';
$Position = isset($Info['Position']) ? $Info['Position'] : '';
$Name = isset($Info['Name']) ? $Info['Name'] : '';
$Surname = isset($Info['Surname']) ? $Info['Surname'] : '';
$Country = isset($Info['Country']) ? $Info['Country'] : '';
$City = isset($Info['City']) ? $Info['City'] : '';
$CP = isset($Info['CP']) ? $Info['CP'] : '';
$Address = isset($Info['Address']) ? $Info['Address'] : '';
$From = isset($Info['From']) ? $Info['From'] : '09';
$To = isset($Info['To']) ? $Info['To'] : '18';
$Phone = isset($Info['Phone']) ? $Info['Phone'] : '';
$payment_method = isset($Info['payment_method']) ? $Info['payment_method'] : '';
$ClientAuth = isset($Info['ClientAuth']) ? $Info['ClientAuth'] : '';
$ClientAuth_id = isset($Info['ClientAuth_id']) ? $Info['ClientAuth_id'] : '';
$ClientAuth_link = isset($Info['ClientAuth_link']) ? $Info['ClientAuth_link'] : '';
$ClientAuth_name = isset($Info['ClientAuth_name']) ? $Info['ClientAuth_name'] : '';
$ClientAuth_family_name = isset($Info['ClientAuth_family_name']) ? $Info['ClientAuth_family_name'] : '';
$ClientAuth_given_name = isset($Info['ClientAuth_given_name']) ? $Info['ClientAuth_given_name'] : '';
$ClientAuth_email = isset($Info['ClientAuth_email']) ? $Info['ClientAuth_email'] : '';
$ClientAuth_picture = isset($Info['ClientAuth_picture']) ? $Info['ClientAuth_picture'] : '';
$ClientAuth_locale = isset($Info['ClientAuth_locale']) ? $Info['ClientAuth_locale'] : '';
$ClientAuth_gender = isset($Info['ClientAuth_gender']) ? $Info['ClientAuth_gender'] : '';
$category1 = isset($Info['category1']) ? $Info['category1'] : '';
$category2 = isset($Info['category2']) ? $Info['category2'] : '';
$category3 = isset($Info['category3']) ? $Info['category3'] : '';
$category4 = isset($Info['category4']) ? $Info['category4'] : '';
$category5 = isset($Info['category5']) ? $Info['category5'] : '';
if ($Client == 'FromGoogle') {
/* ----------------------------------------------------------------------/// FromGoogle ///-------------- */
$Name = $Info['name'];
$Surname = $Info['family_name'];
$ClientAuth = $Info['ClientAuth'];
$ClientAuth_id = $Info['id'];
$ClientAuth_link = $Info['link'];
$ClientAuth_name = $Info['name'];
$ClientAuth_family_name = $Info['family_name'];
$ClientAuth_given_name = $Info['given_name'];
$ClientAuth_email = $Info['email'];
$ClientAuth_picture = $Info['picture'];
$ClientAuth_locale = $Info['locale'];
$ClientAuth_gender = $Info['gender'];
$username = Code::Encode($Info['given_name']);
$password = md5($Info['id']);
$email = $Info['email'];
$isactive = 1;
$md5 = md5($username . $password);
$Company = $Info['name'];
$CompanyUrl = $CheckUserName->Fix($Info['name']);
$Type = 'Customers';
$user_listQuery = "SELECT *\r\n FROM users as user, userprofile as profile\r\n WHERE user.id = profile.IDX AND profile.ClientAuth = 'Google' AND profile.ClientAuth_id = " . \GetSQLValueString($Info["id"], 'text') . "";
$user_list = $SKTDB->get_row($user_listQuery);
$MessageBox = SKT_INFO\Asistance::get();
$MessageBox->TipInfo('<b>' . $Name . '.</b><br><pre>' . $user_listQuery . '</pre><pre>' . $user_list->username . '</pre>', false);
if ($user_list) {
$_SESSION['UserName'] = $user_list->username;
$session = md5($user_list->username . $user_list->password);
$_SESSION['login'] = $session;
$_SESSION['UserIDU'] = $user_list->id;
$new_Google = false;
$header = \SERVER_DIR;
\CmsDev\Header\refresh::refreshNow(\SITE_SERVER);
exit;
} else {
$new_Google = true;
}
/* ------------------------------------------------------------------------------------------------------ */
} else {
if ($Client == 'FromFacebook') {
/* --------------------------------------------------------------------/// FromFacebook ///-------------- */
/* ------------------------------------------------------------------------------------------------------ */
} else {
}
}
if ($Client == 'FromSite' || $new_Google == true || $new_Facebook == true) {
if ($username != '' || !isset($_SESSION['login'])) {
$test = $SKTDB->get_var("SELECT id FROM users WHERE username = "******"");
if (!$test) {
$insertUserQuery = "INSERT INTO users \r\n ( username, password, email, CompanyUrl, isactive, activekey, resetkey, cust_no, Lat, Lon, zoom, md5, Type ) \r\n\t\t\tVALUES (" . GetSQLValueString($username, "text") . "," . GetSQLValueString($password, "text") . "," . GetSQLValueString($email, "text") . "," . GetSQLValueString($CompanyUrl, "text") . "," . GetSQLValueString($isactive, "int") . "," . GetSQLValueString($activekey, "int") . "," . GetSQLValueString($resetkey, "int") . "," . GetSQLValueString($cust_no, "int") . "," . GetSQLValueString($Lat, "text") . "," . GetSQLValueString($Lon, "text") . "," . GetSQLValueString($zoom, "int") . "," . GetSQLValueString($md5, "text") . "," . GetSQLValueString($Type, "text") . ")";
$insertUser = $SKTDB->query($insertUserQuery);
if ($insertUser) {
$FotoPerfil = '';
$insertUserID = $SKTDB->insert_id;
if (!isset($Info['FotoPerfil']) || $Info['picture'] === '') {
$FotoPerfil = \SKT_ACCESS_AVATAR;
} else {
$FotoPerfil = $Info['FotoPerfil'];
}
if ($new_Google == true) {
$FotoPerfil = $ClientAuth_picture;
}
$insertProfile = $SKTDB->query("INSERT INTO userprofile \r\n (IDX, level, Name, Surname, Company, RUT, Position, Country, City, CP, Address, eFrom, eTo, Phone, payment_method, \r\n ClientAuth,ClientAuth_id,ClientAuth_link,ClientAuth_name,ClientAuth_family_name,ClientAuth_given_name,ClientAuth_email,ClientAuth_picture,ClientAuth_locale, ClientAuth_gender)\r\n VALUES (" . GetSQLValueString($insertUserID, "int") . "," . GetSQLValueString($Level, "text") . "," . GetSQLValueString(Code::Charset($Name), "text") . "," . GetSQLValueString(Code::Charset($Surname), "text") . "," . GetSQLValueString(Code::Charset($Company), "text") . "," . GetSQLValueString(Code::Charset($RUT), "text") . "," . GetSQLValueString(Code::Charset($Position), "text") . "," . GetSQLValueString(Code::Charset($Country), "text") . "," . GetSQLValueString(Code::Charset($City), "text") . "," . GetSQLValueString(Code::Charset($CP), "text") . "," . GetSQLValueString(Code::Charset($Address), "text") . "," . GetSQLValueString(Code::Charset($From), "text") . "," . GetSQLValueString(Code::Charset($To), "text") . "," . GetSQLValueString(Code::Charset($Phone), "text") . "," . GetSQLValueString(Code::Charset($payment_method), "text") . "," . GetSQLValueString(Code::Charset($ClientAuth), "text") . "," . GetSQLValueString(Code::Charset($ClientAuth_id), "text") . "," . GetSQLValueString(Code::Charset($ClientAuth_link), "text") . "," . GetSQLValueString(Code::Charset($ClientAuth_name), "text") . "," . GetSQLValueString(Code::Charset($ClientAuth_family_name), "text") . "," . GetSQLValueString(Code::Charset($ClientAuth_given_name), "text") . "," . GetSQLValueString(Code::Charset($ClientAuth_email), "text") . "," . GetSQLValueString(Code::Charset($FotoPerfil), "text") . "," . GetSQLValueString(Code::Charset($ClientAuth_locale), "text") . "," . GetSQLValueString(Code::Charset($ClientAuth_gender), "text") . ")");
if ($LevelType == 'Publishers' || $Type == 'Publishers' || $Level == 'Publishers') {
$date = date('Y-m-d');
$Date_FinishBuild = strtotime('+ 182 day', strtotime($date));
$Date_Finish = date('Y-m-d', $Date_FinishBuild);
$query = "INSERT INTO user_plan (UID,Limit_Plan,planID,Date_Finish) " . "VALUES (" . GetSQLValueString($insertUserID, "int") . "," . GetSQLValueString("180", "int") . "," . GetSQLValueString("99", "int") . "," . GetSQLValueString($Date_Finish, "date") . ")";
$SKTDB->query($query);
}
if ($insertProfile) {
if ($Client == 'FromSite') {
$ValidateUserMail = new \CmsDev\Security\ValidateUserMail();
echo $ValidateUserMail->User($insertUserID);
}
if ($new_Google == true || $new_Facebook == true) {
$_SESSION['UserName'] = $ClientAuth_id;
$session = md5($username . $password);
$_SESSION['login'] = $session;
$_SESSION['UserIDU'] = $insertUserID;
\CmsDev\Header\refresh::refreshNow(SITE_SERVER);
exit;
}
} else {
$error = "error";
}
} else {
$error = \SKT_ADMIN_User_Invalid;
}
}
}
}
if ($error != '') {
$MessageBox = SKT_INFO\Asistance::get();
$MessageBox->TipError('<b>' . $Name . '.</b> - ' . $error . ', <pre>' . $username . '</pre>', false);
}
}
public static function action($a = '', $selfAction = '', $arguments = '')
{
$confirm = '';
$session = '';
$Request = new \CmsDev\Url\Request();
$All = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $_SERVER['REQUEST_URI'];
//echo $All;
//exit();
$find = array('/CloseAdmin', '/admin?invalid-admin', '/admin', '/UserLogin', '/UserLogin?invalid-user', '/UserLogout');
$LOCATION = str_replace($find, '', $All);
if ($a === 'close' || $a === 'CloseAdmin') {
if (!isset($_SESSION)) {
session_start();
}
unset($_SESSION['AccessLevel']);
$_SESSION['language'] = THIS_LANG;
unset($_SESSION['View_DesignCMS']);
$_SESSION['login'] = '';
$_SESSION['sktlogin'] = '';
unset($_SESSION['UserID']);
unset($_SESSION['UserName']);
//$_SESSION['token'] = '';
$_SESSION['SKTVersion'] = \URL_VERSION;
$header = $LOCATION;
\CmsDev\Header\refresh::refreshNow(\SERVER_DIR);
} else {
$SKTDBadmin = SKT_DB::connect();
if ($a === 'Admin') {
$MessageBox = SKT_INFO\Asistance::get();
//$MessageBox->TipInfo('Administrador: ' . $_POST["SKT_AdminName"] . ' - ' . $_POST["SKT_AdminPassword"]);
$user_list = $SKTDBadmin->get_row("SELECT UserName,Password,md5,id, AccessLevel\r\n FROM admin \r\n WHERE UserName = "******"SKT_AdminName"], 'text') . " AND Password = "******"SKT_AdminPassword"], 'text') . "");
if ($user_list) {
$session = md5($user_list->UserName . $user_list->Password);
$confirm = 'ok';
$_SESSION['language'] = THIS_LANG;
$_SESSION['View_DesignCMS'] = 0;
$_SESSION['sktlogin'] = $session;
$_SESSION['UserID'] = $user_list->id;
$_SESSION['AccessLevel'] = $user_list->AccessLevel;
$_SESSION['UserName'] = $user_list->UserName;
$_SESSION['SKTVersion'] = \URL_VERSION;
$header = $LOCATION;
\CmsDev\Header\refresh::refreshNow(\SERVER_DIR);
} else {
$confirm = 'error';
$LoggedInAdmin = 0;
$_SESSION['language'] = THIS_LANG;
unset($_SESSION['View_DesignCMS']);
$_SESSION['sktlogin'] = '';
unset($_SESSION['UserID']);
unset($_SESSION['AccessLevel']);
$_SESSION['UserName'] = \SKT_ADMIN_TXT_anonymous;
$_SESSION['SKTVersion'] = \URL_VERSION;
$MessageBox = SKT_INFO\Asistance::get();
$MessageBox->TipError(\SKT_ADMIN_User_Invalid . \SKT_ADMIN_User_max_attempts . \SKT_ADMIN_User_max_attempts_TXT);
$header = \SKTURL . '?invalid-admin';
\CmsDev\Header\refresh::refreshNow($header);
}
}
if ($a === 'login') {
$user_list = $SKTDBadmin->get_row("SELECT *\r\n FROM users \r\n WHERE username = "******"SKT_UserName"], 'text') . " AND password = "******"SKT_Password"]), 'text') . "");
if ($user_list) {
if ($user_list->isactive == 0) {
\CmsDev\Header\refresh::refreshNow(\SKTURL . 'ValidateUser?username='******'login'] = $session;
$_SESSION['UserIDU'] = $user_list->id;
$SKTDBadmin->query(sprintf("UPDATE users SET md5 = %s WHERE ID = %s", \GetSQLValueString($session, "text"), \GetSQLValueString($user_list->id, 'int')));
$header = $LOCATION;
\CmsDev\Header\refresh::refreshNow($header);
} else {
$header = \SKTURL . '?invalid-user';
\CmsDev\Header\refresh::refreshNow($header);
}
}
if ($a === 'validateAdmin') {
if (isset($_SESSION['sktlogin']) && $_SESSION['sktlogin'] != '') {
$user_list = $SKTDBadmin->get_var("SELECT md5 FROM admin WHERE md5 = " . \GetSQLValueString($_SESSION['sktlogin'], 'text') . "");
if ($user_list === $_SESSION['sktlogin']) {
return true;
} else {
return false;
}
} else {
return false;
}
}
if ($a === 'validateUser') {
if (isset($_SESSION['login']) && $_SESSION['login'] != '') {
$user_list = $SKTDBadmin->get_var("SELECT md5 FROM users WHERE md5 = " . \GetSQLValueString($_SESSION['login'], 'text') . "");
if ($user_list == $_SESSION['login']) {
return true;
} else {
return false;
}
} else {
return false;
}
}
if ($a === 'validate') {
if (self::action('validateAdmin') == true || self::action('validateUser') == true) {
if ($selfAction !== '' && $arguments !== '') {
return self::selfAction($selfAction, $arguments);
} else {
return true;
}
} else {
return false;
}
}
}
}
