HEX
Server: LiteSpeed
System: Linux s1049.use1.mysecurecloudhost.com 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64
User: xedaptot (3356)
PHP: 8.3.31
Disabled: NONE
Upload Files
File: /home/xedaptot/360.naniguide.com/backend/social_auth.php
<?php
error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE & ~E_DEPRECATED);
ob_start();
session_start();
ini_set('session.gc_probability', 0);
include("vendor/hybridauth/autoload.php");
use Hybridauth\Hybridauth;
use Hybridauth\Storage\Session;
require_once("functions.php");

if(isset($_SESSION['provider'])) {
    $provider = $_SESSION['provider'];
    unset($_SESSION['provider']);
} else {
    $provider = $_GET['provider'];
    $_SESSION['provider'] = $provider;
}

if(isset($_SESSION['reg'])) {
    $reg = $_SESSION['reg'];
    unset($_SESSION['reg']);
} else {
    $reg = $_GET['reg'];
    $_SESSION['reg'] = $reg;
}

if(isset($_SESSION['edit_p'])) {
    $edit_p = $_SESSION['edit_p'];
    unset($_SESSION['edit_p']);
} else {
    if(isset($_GET['edit_p'])) {
        $edit_p = $_SESSION['id_user'];
        $_SESSION['edit_p'] = $_SESSION['id_user'];
    } else {
        $edit_p = 0;
        $_SESSION['edit_p'] = 0;
    }
}

if(isset($_GET['signout_p'])) {
    if($_GET['signout_p']==1) {
        $field_identifier = strtolower($provider)."_identifier";
        $mysqli->query("UPDATE svt_users SET $field_identifier=NULL WHERE id=".$_SESSION['id_user']);
        unset($_SESSION['edit_p']);
        ob_end_clean();
        session_write_close();
        header("Location:index.php?p=edit_profile");
        exit;
    }
}

if (is_ssl()) { $protocol = 'https'; } else { $protocol = 'http'; }
$link_callback = $protocol ."://". $_SERVER['SERVER_NAME'].$_SERVER['SCRIPT_NAME'];

$settings = get_settings();
$config = [
    'callback' => $link_callback,
    'providers' => [
        'Twitter' => ['enabled' => $settings['social_twitter_enable'], 'keys' => ['key' => $settings['social_twitter_id'], 'secret' => $settings['social_twitter_secret']]],
        'Google' => ['enabled' => $settings['social_google_enable'], 'keys' => ['id' => $settings['social_google_id'], 'secret' => $settings['social_google_secret']]],
        'Facebook' => ['enabled' => $settings['social_facebook_enable'], 'keys' => ['id' => $settings['social_facebook_id'], 'secret' => $settings['social_facebook_secret']]],
        'WeChat' => ['enabled' => $settings['social_wechat_enable'], 'keys' => ['id' => $settings['social_wechat_id'], 'secret' => $settings['social_wechat_secret']]],
        'QQ' => ['enabled' => $settings['social_qq_enable'], 'keys' => ['id' => $settings['social_qq_id'], 'secret' => $settings['social_qq_secret']]],
    ]
];

$email = '';
$first_name = '';
$last_name = '';
$user_name = '';
$identifier = '';

try {
    $hybridauth = new Hybridauth($config);
    $storage = new Session();
    $storage->set('reg', $reg);
    $storage->set('edit_p', $edit_p);
    if (isset($_GET['provider'])) {
        $storage->set('provider', $_GET['provider']);
    }
    if ($provider = $storage->get('provider')) {
        $hybridauth->authenticate($provider);
        $storage->set('provider', null);
        $adapter = $hybridauth->getAdapter($provider);
        $userProfile = $adapter->getUserProfile();
        $identifier = $userProfile->identifier;
        $first_name = $userProfile->firstName;
        $last_name = $userProfile->lastName;
        $email = $userProfile->email;
        $user_name = $userProfile->displayName;
    }
} catch(Exception $e) {
    echo $e->getMessage();
    die();
}

try {
    $reg = $storage->get('reg');
} catch (Exception $e) {}
try {
    $edit_p = $storage->get('edit_p');
} catch (Exception $e) {}
$field_identifier = strtolower($provider)."_identifier";

//$twofa_enabled = $settings['2fa_enable'];
$twofa_enabled = false;

if($edit_p==0) {
    if(!empty($email)) {
        $query_login = "SELECT * FROM svt_users WHERE email='$email' LIMIT 1;";
        $query = "SELECT id,active FROM svt_users WHERE $field_identifier='$identifier' LIMIT 1;";
        $result = $mysqli->query($query);
        if($result) {
            if ($result->num_rows == 1) {
                $row = $result->fetch_array(MYSQLI_ASSOC);
                $query_login = "SELECT * FROM svt_users WHERE id=".$row['id']." LIMIT 1;";
            }
        }
        $result = $mysqli->query($query_login);
        if($result) {
            if ($result->num_rows == 1) {
                $row = $result->fetch_array(MYSQLI_ASSOC);
                if($row['active']) {
                    $mysqli->query("UPDATE svt_users SET $field_identifier='$identifier' WHERE $field_identifier IS NULL AND id=".$row['id']);
                    unset($_SESSION['social_identifier']);
                    unset($_SESSION['social_provider']);
                    if($twofa_enabled && !empty($row['2fa_secretkey'])) {
                        $_SESSION['id_user_2fa'] = $row['id'];
                        session_write_close();
                        ob_end_clean();
                        header("Location:index.php");
                        exit;
                    } else {
                        $_SESSION['id_user'] = $row['id'];
                        $browser = parse_user_agent();
                        set_user_log($_SESSION['id_user'],'login',$_SERVER['REMOTE_ADDR']." - ".$browser['browser']." ".$browser['version']." - ".$browser['platform'],date('Y-m-d H:i:s', time()));
                        session_write_close();
                        ob_end_clean();
                        header("Location:index.php");
                        exit;
                    }
                }
            } else {
                if($reg==1) {
                    if($last_name=="") {
                        $_SESSION['username_reg'] = strtolower(str_replace(" ","",$first_name));
                    } else {
                        $_SESSION['username_reg'] = strtolower(str_replace(" ","",$first_name).".".str_replace(" ","",$last_name));
                    }
                    $_SESSION['email_reg'] = $email;
                    $_SESSION['password_reg'] = randomPassword();
                    $_SESSION['social_identifier'] = $identifier;
                    $_SESSION['social_provider'] = $provider;
                    session_write_close();
                    ob_end_clean();
                    header("Location:register.php");
                    exit;
                } else {
                    if($settings['enable_registration']) {
                        if($last_name=="") {
                            $_SESSION['username_log'] = strtolower(str_replace(" ","",$first_name));
                        } else {
                            $_SESSION['username_log'] = strtolower(str_replace(" ","",$first_name).".".str_replace(" ","",$last_name));
                        }
                        $_SESSION['email_log'] = $email;
                        $_SESSION['password_log'] = randomPassword();
                        $_SESSION['social_identifier'] = $identifier;
                        $_SESSION['social_provider'] = $provider;
                        $_SESSION['modal_register'] = 1;
                    }
                }
            }
        }
    } elseif($provider=='WeChat' || $provider=='QQ') {
        $query_login = "SELECT * FROM svt_users WHERE username='$user_name' LIMIT 1;";
        $query = "SELECT id,active FROM svt_users WHERE $field_identifier='$identifier' LIMIT 1;";
        $result = $mysqli->query($query);
        if($result) {
            if ($result->num_rows == 1) {
                $row = $result->fetch_array(MYSQLI_ASSOC);
                $query_login = "SELECT * FROM svt_users WHERE id=".$row['id']." LIMIT 1;";
            }
        }
        $result = $mysqli->query($query_login);
        if($result) {
            if ($result->num_rows == 1) {
                $row = $result->fetch_array(MYSQLI_ASSOC);
                if($row['active']) {
                    $mysqli->query("UPDATE svt_users SET $field_identifier='$identifier' WHERE $field_identifier IS NULL AND id=".$row['id']);
                    unset($_SESSION['social_identifier']);
                    unset($_SESSION['social_provider']);
                    if($twofa_enabled && !empty($row['2fa_secretkey'])) {
                        $_SESSION['id_user_2fa'] = $row['id'];
                        session_write_close();
                        ob_end_clean();
                        header("Location:index.php");
                        exit;
                    } else {
                        $_SESSION['id_user'] = $row['id'];
                        $browser = parse_user_agent();
                        set_user_log($_SESSION['id_user'], 'login', $_SERVER['REMOTE_ADDR'] . " - " . $browser['browser'] . " " . $browser['version'] . " - " . $browser['platform'], date('Y-m-d H:i:s', time()));
                        session_write_close();
                        ob_end_clean();
                        header("Location:index.php");
                        exit;
                    }
                }
            } else {
                if($reg==1) {
                    $_SESSION['username_reg'] = $user_name;
                    $_SESSION['email_reg'] = '';
                    $_SESSION['password_reg'] = randomPassword();
                    $_SESSION['social_identifier'] = $identifier;
                    $_SESSION['social_provider'] = $provider;
                    session_write_close();
                    ob_end_clean();
                    header("Location:register.php");
                    exit;
                } else {
                    if($settings['enable_registration']) {
                        $_SESSION['username_log'] = $user_name;
                        $_SESSION['email_log'] = '';
                        $_SESSION['password_log'] = randomPassword();
                        $_SESSION['social_identifier'] = $identifier;
                        $_SESSION['social_provider'] = $provider;
                        $_SESSION['modal_register'] = 1;
                    }
                }
            }
        }
    }
    ob_end_clean();
    session_write_close();
    header("Location:login.php");
    exit;
} else {
    $mysqli->query("UPDATE svt_users SET $field_identifier='$identifier' WHERE $field_identifier IS NULL AND id=".$edit_p);
    unset($_SESSION['edit_p']);
    ob_end_clean();
    session_write_close();
    header("Location:index.php?p=edit_profile");
    exit;
}

function randomPassword() {
    $alphabet = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890';
    $pass = array();
    $alphaLength = strlen($alphabet) - 1;
    for ($i = 0; $i < 8; $i++) {
        $n = rand(0, $alphaLength);
        $pass[] = $alphabet[$n];
    }
    return implode($pass);
}