$db->where('email', $user['email'])->where('verified', '1'); $db->getOne('users'); if ($db->count > 0) { // Email is already associated to another account $verified = false; // Record is no more usable. User will be asked to register using different email $db->where('id', $user_id); $db->delete('users'); } else { $db->where('id', $user_id); if ($db->update('users', array('verified' => '1', 'auth_code' => ''))) { $verified = true; /* Login the user */ require DOCUMENT_ROOT . 'classes/LoginHelper.php'; $loginHelper = new LoginHelper($db); $loginHelper->Login($user_id); } } } else { /* Spoof request */ $invalid_request = true; } } else { /* Spoof Request */ $invalid_request = true; } ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8">
// Exchange the code for access token $google->authenticate($_GET['code']); $_SESSION['access_token'] = $google->getAccessToken(); $redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL)); exit; } if ($google->IsAuthenticated()) { // Google User is authenticated and authorized // Login/Registration can be proceeded $gUser = $google->getUserProfile(); $loginHelper = new LoginHelper($db); $user_id = $loginHelper->IsRegistered(OAUTH_GOOGLE, $gUser['id']); if ($user_id) { // User is already registered - Log in the user $redicrect_uri = $loginHelper->Login($user_id, OAUTH_GOOGLE, $gUser['id']); header("Location: {$redirect_uri}"); exit; } else { // User is not registerd // Email may be registered already $rUser = $loginHelper->IsEmailRegistered($gUser['email']); if ($rUser) { // Email is already registered - Login the user $redirect_uri = $loginHelper->Login($rUser['id'], $rUser['oauth_type'], $rUser['oauth_id']); header("Location: {$redirect_uri}"); exit; } // Google user is logging in for the first time // Register the user $tempUser = array();
/* This page receives the sign up information (Sign up using Treasherlocked i.e Oauth_Default) via an AJAX request. The page validates and completes the Oauth registration. */ require $_SERVER['DOCUMENT_ROOT'] . '/ts2/config/consts.php'; session_start(); if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['spoof_proof']) && $_POST['spoof_proof'] == $_SESSION['spoof_proof']) { require_once DOCUMENT_ROOT . 'classes/LoginHelper.php'; require_once DOCUMENT_ROOT . 'classes/Registrar.php'; require_once DOCUMENT_ROOT . 'config/db.php'; $name = $db->escape($_POST['username']); $password = sha1($_POST['password']); $remember = isset($_POST['remember']) ? true : false; $result = $db->rawQuery("SELECT id\n\t\t\t\t\t\t\tFROM users \n\t\t\t\t\t\t\tWHERE \n\t\t\t\t\t\t\t\t( email = ? OR username = ? ) \n\t\t\t\t\t\t\t\tAND oauth_type = ? \n\t\t\t\t\t\t\t\tAND password = ?\n\t\t\t\t\t\t\t\tAND verified = ?\n\t\t\t\t\t\t\t", array($name, $name, OAUTH_DEFAULT, $password, 1)); if ($db->count > 0) { $user = $result[0]; // Valid credentials $loginHelper = new LoginHelper($db); $redirect_uri = $loginHelper->Login($user['id'], OAUTH_DEFAULT, null, $remember); $result = array('success' => true, 'redirect_uri' => $redirect_uri); } else { // invalid credentails $result = array('success' => false); } header('Content-Type: application/json'); echo json_encode($result); exit; } else { header('HTTP/1.1 404 Not Found'); }
if ($facebook->IsAuthenticated()) { /* Verify that all of the required scopes have been granted */ if (!$facebook->verifyScopes(unserialize(SCOPES))) { //var_dump($facebook); exit; header("Location: " . $facebook->getLoginURL($facebook->denied_scopes, REREQUEST)); exit; } // All scopes have been granted // Login/Registration can be proceeded $fb_user = $facebook->getUserProfile(); // Check if the facebook user is already registered $loginHelper = new LoginHelper($db); $user_id = $loginHelper->IsRegistered(OAUTH_FACEBOOK, $fb_user['id']); if ($user_id) { // Facebook user is already registered - Login the user $redirect_uri = $loginHelper->Login($user_id, OAUTH_FACEBOOK, $fb_user['id']); header("Location: {$redirect_uri}"); exit; } else { // User is not registered - Register the user // Check if the email is already registered if (isset($fb_user['email'])) { $registeredUser = $loginHelper->IsEmailRegistered($fb_user['email']); if ($registeredUser) { // Email is already registered $redirect_uri = $loginHelper->Login($registeredUser['id'], $registeredUser['oauth_type'], $registeredUser['oauth_id']); header("Location: {$redirect_uri}"); exit; } } // Email is not registered; Facebook user is loggin in for the first time - Register the user
} require 'config/consumer.php'; require 'config/login.php'; require 'Twitter/Twitter.php'; $twitter = new Twitter(CONSUMER_KEY, CONSUMER_SECRET, REDIRECT_URI); if ($twitter->IsAuthenticated()) { // Twitter user is authenticated and authorized // Login/Registration can be proceeded $twitter_user = $twitter->getUserProfile(); $loginHelper = new LoginHelper($db); $user_id = $loginHelper->IsRegistered(OAUTH_TWITTER, $twitter_user->id); if ($user_id) { // User is registered // TWITTER user needs to have their email verfieid if ($loginHelper->IsVerified($user_id)) { $redirect_uri = $loginHelper->Login($user_id, OAUTH_TWITTER, $twitter_user->id); header("Location: {$redirect_uri}"); } else { $not_verified = true; /* Keeping `access token` alive generates login URL with invalid Oauth token if user goes to `oauth\twitter\index.php` */ // TBD: clearTwitterCredentials if (isset($_SESSION['access_token'])) { unset($_SESSION['access_token']); } require DOCUMENT_ROOT . 'includes/html/login/email_not_verified.php'; } exit; } else { // User is not registerd
$user['institute'] = $institute; if (isset($location)) { $user['location'] = $location; } // Add user's record to the database $registrar = new Registrar($db); $id = $registrar->registerUser($user); if ($id) { // Delete tempUser record $db->where('id', $_SESSION['temp_user_id']); $db->delete('users_temp'); unset($_SESSION['registration_pending']); unset($_SESSION['temp_user_id']); // Now that the registration is complete, log in the user $loginHelper = new LoginHelper(); $loginHelper->Login($id, $user['oauth_type'], $user['oauth_id']); exit; // END OF SCRIPT // } } else { $registrar = new Registrar($db); echo $registrar->getHTML($error); // Get error HTML var_dump($error); exit; } } /* No any data POSTed but registration is pending - show Additional Information page */ if (isset($_SESSION['registration_pending'])) { require_once DOCUMENT_ROOT . 'classes/Registrar.php'; require_once DOCUMENT_ROOT . 'config/db.php';
$db->delete('users_temp'); unset($_SESSION['registration_pending']); unset($_SESSION['temp_user_id']); unset($_SESSION['spoof_proof']); /* If email has been manually provided, it needs to be verified. */ if (isset($email)) { $registrar->sendVerificationEmail($id, $user['email']); // Show verification page link $result = array('success' => true, 'verify' => true); header('Content-Type: application/json'); echo json_encode($result); exit; } // Now that the registration is complete, login the user $loginHelper = new LoginHelper(); $redirect_uri = $loginHelper->Login($id, $user['oauth_type'], $user['oauth_id']); // Return the success information $result = array('success' => true, 'redirect_uri' => $redirect_uri); header('Content-Type: application/json'); echo json_encode($result); exit; } else { $result = array('success' => false, 'error' => 'Unexpected error!'); header('Content-Type: application/json'); echo json_encode($result); exit; } } else { $result = array('success' => false, 'error' => implode("<br/>", $error)); header('Content-Type: application/json'); echo json_encode($result);