public static function finishAuth() { Social_Client::init(); $network_name = trim(strip_tags(Social_Client::$request["sa_login_finish"])); $network = Social_Auth::prepare($network_name); if (!$network) { Social_Logger::error("Invalid parameter given on sa_login_finish"); $network->adapter->disconnectUser(); header("HTTP/1.0 404 Not Found"); die("Invalid parameter given on sa_login_finish. Try login again"); } try { Social_Logger::info("Login finish: {$network_name}"); $network->adapter->finishLogin(); $user_profile = $network->adapter->getUserProfile(); if ($network_name == 'facebook') { $user_profile->photoURL = $user_profile->photoURL . '&ts=' . getTimeStamp(); } $user_profile->network_name = $network_name; $userid = socialLogin($user_profile); Social_Auth::session()->set("SA_USER", $user_profile); } catch (Exception $e) { $network->adapter->disconnectUser(); } Social_Logger::info("Returned to callback"); $network->goToCallbackPage(); die; }
function chatLogin($userName, $userPass) { $userid = 0; if (!empty($userName) && !empty($_REQUEST['social_details'])) { $social_details = json_decode($_REQUEST['social_details']); $userid = socialLogin($social_details); } return $userid; }
function chatLogin($userName, $userPass) { $userid = 0; global $guestsMode; if (filter_var($userName, FILTER_VALIDATE_EMAIL)) { $sql = "SELECT * FROM `" . TABLE_PREFIX . DB_USERTABLE . "` WHERE email = '" . mysqli_real_escape_string($GLOBALS['dbh'], $userName) . "'"; } else { $sql = "SELECT * FROM `" . TABLE_PREFIX . DB_USERTABLE . "` WHERE " . DB_USERTABLE_NAME . " = '" . mysqli_real_escape_string($GLOBALS['dbh'], $userName) . "'"; } $result = mysqli_query($GLOBALS['dbh'], $sql); $row = mysqli_fetch_assoc($result); if (CAKEPHP_VERSION == '3.x.x') { $checkpass = 0; $hash = $row['password']; if (substr($hash, 0, 4) == '$2a$' || substr($hash, 0, 4) == '$2y$') { if (substr($hash, 0, 4) == '$2y$') { $type = '$2y$'; } else { $type = '$2a$'; } $hash = $type . substr($hash, 4); $checkpass = crypt($userPass, $hash) === $hash; } if (substr($hash, 0, 3) == '$1$') { $checkpass = crypt($userPass, $hash) === $hash; } if (preg_match('#[a-z0-9]{32}:[A-Za-z0-9]{32}#', $hash) === 1) { $checkpass = md5($userPass . substr($hash, 33)) == substr($hash, 0, 32); } if ($checkpass) { $userid = $row[DB_USERTABLE_USERID]; } } else { if (CAKEPHP_VERSION == '2.x.x') { $salt = 'fvjhdj8fvn85grg73fbrvfn9fjFGfnhvt758nADG'; /* Add here the string used in security hashing methods from 'app/core.php'. */ /* Add your password validation mechanism here. For eg: salted_password = md5($row['value'].$userPass.$row['salt']);*/ $salted_password = sha1($salt . $userPass); if ($row['password'] == $salted_password) { $userid = $row[DB_USERTABLE_USERID]; } } } if (!empty($userName) && !empty($_REQUEST['social_details'])) { $social_details = json_decode($_REQUEST['social_details']); $userid = socialLogin($social_details); } if (!empty($_REQUEST['guest_login']) && $userPass == "CC^CONTROL_GUEST" && $guestsMode == 1) { $userid = getGuestID($userName); } if (!empty($userid) && isset($_REQUEST['callbackfn']) && $_REQUEST['callbackfn'] == 'mobileapp') { $sql = "insert into cometchat_status (userid,isdevice) values ('" . mysqli_real_escape_string($GLOBALS['dbh'], $userid) . "','1') on duplicate key update isdevice = '1'"; mysqli_query($GLOBALS['dbh'], $sql); } if ($userid && function_exists('mcrypt_encrypt') && defined('ENCRYPT_USERID') && ENCRYPT_USERID == '1') { $key = ""; if (defined('KEY_A') && defined('KEY_B') && defined('KEY_C')) { $key = KEY_A . KEY_B . KEY_C; } $userid = rawurlencode(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $userid, MCRYPT_MODE_CBC, md5(md5($key))))); } return $userid; }
unset($_SESSION['oauth_token']); // Remove old OAuth token unset($_SESSION['oauth_token_secret']); // Same $twitter = twitter(); // Initialize Twitter again with the new OAuth token $get = $twitter->get("account/verify_credentials"); // Retrieve user info $get = (array) $get; $sid = $get['id']; $_SESSION['sid'] = $sid; // Save social ID to session $usercheck = mysqli_query($con, "SELECT * FROM users WHERE type='twitter' AND sid='{$sid}'"); if (mysqli_num_rows($usercheck) > 0) { // Check if user exists $login = explode("|||", socialLogin($sid, "twitter")); // Login if ($login[0]) { header('Location: ' . $login[1]); exit; } else { echo "<div class='col-sm-12'>" . $login[1] . "</div>"; } } else { // Show registration form ?> <form method='post' id='social_register'> <div class='row'> <div class='col-md-12'> <div class='form-group'> <label class='col-sm-4 control-label'><?php