Subversion Repositories cheapmusic

<?php

/*

 * Facebook OAuth

*/

// Include the autoloader provided in the SDK

require_once __DIR__ . '/social_oauth_lib/facebook-php-sdk/autoload.php';

// Include required libraries

use Facebook\Facebook;

use Facebook\Exceptions\FacebookResponseException;

use Facebook\Exceptions\FacebookSDKException;

$fb = new Facebook(array(

    'app_id' => FB_APP_ID,

    'app_secret' => FB_APP_SECRET,

    'default_graph_version' => 'v2.10',

    'persistent_data_handler' => 'session'

));

// Get redirect login helper

$helper = $fb->getRedirectLoginHelper();

if (isset($_GET['state'])) {

    $_SESSION['FBRLH_state'] = $_GET['state'];

}

if ((isset($_REQUEST['state']) && isset($_REQUEST['code'])) || isset($_SESSION['facebook_access_token'])) {

    // Try to get access token

    try {

        if (isset($_SESSION['facebook_access_token'])) {

            $fbAccessToken = $_SESSION['facebook_access_token'];

        }

        else {

            $fbAccessToken = $helper->getAccessToken(SOCIAL_REDIRECT_URL);

        }

    }

    catch(FacebookResponseException $e) {

        echo 'Graph returned an error: ' . $e->getMessage();

        exit;

    }

    catch(FacebookSDKException $e) {

        echo 'Facebook SDK returned an error: ' . $e->getMessage();

        exit;

    }

}

if (isset($fbAccessToken)) {

    if (isset($_SESSION['facebook_access_token'])) {

        $fb->setDefaultAccessToken($_SESSION['facebook_access_token']);

    }

    else {

        // Put short-lived access token in session

        $_SESSION['facebook_access_token'] = (string)$fbAccessToken;

        // OAuth 2.0 client handler helps to manage access tokens

        $oAuth2Client = $fb->getOAuth2Client();

        // Exchanges a short-lived access token for a long-lived one

        $longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);

        $_SESSION['facebook_access_token'] = (string)$longLivedAccessToken;

        // Set default access token to be used in script

        $fb->setDefaultAccessToken($_SESSION['facebook_access_token']);

    }

    // Redirect the user back to the same page if url has "code" parameter in query string

    if (isset($_GET['code'])) {

        MySessionHandler::commit(session_id());

        header('Location: ./');

        exit;

    }

    // Getting user facebook profile info

    try {

        $profileRequest = $fb->get('/me?fields=name,first_name,last_name,email,link,picture');

        $fbUserProfile = $profileRequest->getGraphNode()

            ->asArray();

    }

    catch(FacebookResponseException $e) {

        echo 'Graph returned an error: ' . $e->getMessage();

        session_destroy();

        // Redirect user back to app login page

        MySessionHandler::commit(session_id());

        header("Location: ./");

        exit;

    }

    catch(FacebookSDKException $e) {

        echo 'Facebook SDK returned an error: ' . $e->getMessage();

        exit;

    }

    // Initialize User class

    $user = new User();

    // Getting user profile info

    $fbUserData = array();

    $fbUserData['oauth_uid'] = !empty($fbUserProfile['id']) ? $fbUserProfile['id'] : '';

    $fbUserData['first_name'] = !empty($fbUserProfile['first_name']) ? $fbUserProfile['first_name'] : '';

    $fbUserData['last_name'] = !empty($fbUserProfile['last_name']) ? $fbUserProfile['last_name'] : '';

    $fbUserData['email'] = !empty($fbUserProfile['email']) ? $fbUserProfile['email'] : '';

    $fbUserData['picture'] = !empty($fbUserProfile['picture']['url']) ? $fbUserProfile['picture']['url'] : '';

    $fbUserData['link'] = !empty($fbUserProfile['link']) ? $fbUserProfile['link'] : '';

    // Insert or update user data to the database

    $fbUserData['oauth_provider'] = 'facebook';

    $userData = $user->checkUser($fbUserData);

    // Get logout url

    $logoutURL = $helper->getLogoutUrl($fbAccessToken, BASE_URL . 'userAccount.php?logoutSubmit=1');

    // Store login status into the session

    $sessData['userLoggedIn'] = true;

    $sessData['userID'] = $userData['id'];

    $sessData['loginType'] = 'social';

    $_SESSION['sessData'] = $sessData;

    // Redirect to my account

    MySessionHandler::commit(session_id());

    header("Location: account.php");

    exit();

}

else {

    // Get login url

    $fbLoginURL = $helper->getLoginUrl(SOCIAL_REDIRECT_URL, array(

        'email'

    ));

    $fbLoginURL = filter_var($fbLoginURL, FILTER_SANITIZE_URL);

}

/*

 * Google OAuth

*/

// Include Google client library

require_once 'social_oauth_lib/google-php-client/Google_Client.php';

require_once 'social_oauth_lib/google-php-client/contrib/Google_Oauth2Service.php';

// Call Google API

$gClient = new Google_Client();

$gClient->setApplicationName('Login to FindCheapMusic.com');

$gClient->setClientId(GP_CLIENT_ID);

$gClient->setClientSecret(GP_CLIENT_SECRET);

$gClient->setRedirectUri(SOCIAL_REDIRECT_URL);

$google_oauthV2 = new Google_Oauth2Service($gClient);

if (isset($_GET['code'])) {

    $gClient->authenticate($_GET['code']);

    $_SESSION['google_access_token'] = $gClient->getAccessToken();

    MySessionHandler::commit(session_id());

    header('Location: ' . filter_var(BASE_URL, FILTER_SANITIZE_URL));

    exit;

}

if (isset($_SESSION['google_access_token'])) {

    $gClient->setAccessToken($_SESSION['google_access_token']);

}

if ($gClient->getAccessToken() && !isset($_GET['logoutSubmit'])) {

    // Get user profile data from google

    $gpUserProfile = $google_oauthV2

        ->userinfo

        ->get();

    // Initialize User class

    $user = new User();

    // Getting user profile info

    $gpUserData = array();

    $gpUserData['oauth_uid'] = !empty($gpUserProfile['id']) ? $gpUserProfile['id'] : '';

    $gpUserData['first_name'] = !empty($gpUserProfile['given_name']) ? $gpUserProfile['given_name'] : '';

    $gpUserData['last_name'] = !empty($gpUserProfile['family_name']) ? $gpUserProfile['family_name'] : '';

    $gpUserData['email'] = !empty($gpUserProfile['email']) ? $gpUserProfile['email'] : '';

    $gpUserData['picture'] = !empty($gpUserProfile['picture']) ? $gpUserProfile['picture'] : '';

    $gpUserData['link'] = !empty($gpUserProfile['link']) ? $gpUserProfile['link'] : '';

    // Insert or update user data to the database

    $gpUserData['oauth_provider'] = 'google';

    $userData = $user->checkUser($gpUserData);

    // Store login status into the session

    $sessData['userLoggedIn'] = true;

    $sessData['userID'] = $userData['id'];

    $sessData['loginType'] = 'social';

    $_SESSION['sessData'] = $sessData;

    // Redirect to my account

    MySessionHandler::commit(session_id());

    header("Location: account.php");

    exit();

}

else {

    $gpLoginURL = $gClient->createAuthUrl();

    $gpLoginURL = filter_var($gpLoginURL, FILTER_SANITIZE_URL);

}

/*

 * Twitter OAuth

*/

// Include Twitter client library

require_once 'social_oauth_lib/twitter-php-oauth/twitteroauth.php';

// If OAuth token not matched

if (isset($_REQUEST['oauth_token']) && $_SESSION['twitter_access_token'] !== $_REQUEST['oauth_token']) {

    // Remove token from session

    unset($_SESSION['twitter_access_token']);

    unset($_SESSION['twitter_token_secret']);

}

// If user already verified

if (isset($_SESSION['status']) && $_SESSION['status'] == 'verified' && !empty($_SESSION['request_vars'])) {

    // Retrive variables from session

    $username = $_SESSION['request_vars']['screen_name'];

    $twitterId = $_SESSION['request_vars']['user_id'];

    $oauthToken = $_SESSION['request_vars']['oauth_token'];

    $oauthTokenSecret = $_SESSION['request_vars']['oauth_token_secret'];

    $profilePicture = $_SESSION['userData']['picture'];

}

elseif (isset($_REQUEST['oauth_token']) && $_SESSION['twitter_access_token'] == $_REQUEST['oauth_token']) {

    // Call Twitter API

    $twClient = new TwitterOAuth(TW_CONSUMER_KEY, TW_CONSUMER_SECRET, $_SESSION['twitter_access_token'], $_SESSION['twitter_token_secret']);

    // Get OAuth token

    $tw_access_token = $twClient->getAccessToken($_REQUEST['oauth_verifier']);

    // If returns success

    if ($twClient->http_code == '200') {

        // Storing access token data into session

        $_SESSION['status'] = 'verified';

        $_SESSION['request_vars'] = $tw_access_token;

        // Get user profile data from twitter

        $userInfo = $twClient->get('account/verify_credentials', ['include_email' => 'true']);

        // Initialize User class

        $user = new User();

        // Getting user profile info

        $name = explode(" ", $userInfo->name);

        $twUserData = array();

        $twUserData['oauth_uid'] = !empty($userInfo->id) ? $userInfo->id : '';

        $twUserData['first_name'] = !empty($name[0]) ? $name[0] : '';

        $twUserData['last_name'] = !empty($name[1]) ? $name[1] : '';

        $twUserData['email'] = !empty($userInfo->email) ? $userInfo->email : '';

        $twUserData['picture'] = !empty($userInfo->profile_image_url) ? str_replace('http://', 'https://', $userInfo->profile_image_url) : '';

        $twUserData['link'] = !empty($userInfo->screen_name) ? 'https://twitter.com/' . $userInfo->screen_name : '';

        $twUserData['username'] = !empty($userInfo->screen_name) ? $userInfo->screen_name : '';

        // Insert or update user data to the database

        $twUserData['oauth_provider'] = 'twitter';

        $userData = $user->checkUser($twUserData);

        // Store login status into the session

        $sessData['userLoggedIn'] = true;

        $sessData['userID'] = $userData['id'];

        $sessData['loginType'] = 'social';

        $_SESSION['sessData'] = $sessData;

        // Remove oauth token and secret from session

        unset($_SESSION['twitter_access_token']);

        unset($_SESSION['twitter_token_secret']);

        // Redirect to my account

        MySessionHandler::commit(session_id());

        header("Location: account.php");

        exit();

    }

}

else {

    // Fresh authentication

    $twClient = new TwitterOAuth(TW_CONSUMER_KEY, TW_CONSUMER_SECRET);

    $request_token = $twClient->getRequestToken(SOCIAL_REDIRECT_URL);

    // Get twitter oauth url

    $_SESSION['twitter_access_token'] = $request_token['oauth_token'];

    $_SESSION['twitter_token_secret'] = $request_token['oauth_token_secret'];

    // If authentication returns success

    if ($twClient->http_code == '200') {

        $twLoginURL = $twClient->getAuthorizeURL($request_token['oauth_token']);

        $twLoginURL = filter_var($twLoginURL, FILTER_SANITIZE_URL);

    }

}

?>