Файл: wenr.online/app/user/soc/fb.php
Строк: 91
<?php
if($user->isAuth()){
redirect('/game');
exit;
}
$params = [
'client_id' => '2592903854296944',
'redirect_uri' => 'https://wenr.online/fb',
'scope' => 'email',
'response_type' => 'code',
'state' => '123'
];
$url = 'https://www.facebook.com/dialog/oauth?' . urldecode(http_build_query($params));
if (!empty($_GET['code'])) {
// var_dump($_GET['state']);
$params = array(
'client_id' => '2592903854296944',
'client_secret' => '0520fe348ea80c6b127d5dbdf2501d0f',
'redirect_uri' => 'https://wenr.online/fb',
'code' => $_GET['code']
);
// Получение access_token
$data = file_get_contents('https://graph.facebook.com/oauth/access_token?' . urldecode(http_build_query($params)));
$data = json_decode($data, true);
if (!empty($data['access_token'])) {
$params = array(
'access_token' => $data['access_token'],
'fields' => 'id,email,first_name,last_name,picture'
);
// Получение данных пользователя
$info = file_get_contents('https://graph.facebook.com/me?' . urldecode(http_build_query($params)));
$info = json_decode($info, true);
$check = $db->prepare('select user_id from users where soc = ?');
$check -> execute([$info['id']]);
$check = $check -> fetch(PDO :: FETCH_OBJ);
if(!isset($check->user_id)){
$form =
['value' =>
[
'password' => random_string(12),
'nick' => 'Безымянный',
]];
$password = password_hash($form['value']['password'], PASSWORD_DEFAULT);
$created_at = date('Y-m-d H:i:s', time());
$stmt = $db->prepare("INSERT INTO users SET password = :password, nick = :nick, created_at = :created_at, soc = :soc");
$stmt->bindParam(':password', $password, PDO::PARAM_STR);
$stmt->bindParam(':nick', $form['value']['nick'], PDO::PARAM_STR);
$stmt->bindParam(':created_at', $created_at, PDO::PARAM_STR);
$stmt->bindParam(':soc', $info['id'], PDO::PARAM_STR);
$stmt->execute();
$user_id = $db->lastInsertId();
$token = md5(random_string());
$auth = $db->prepare("INSERT INTO users_sessions SET user_id = :user_id, token = :token, created_at = :created_at");
$auth->bindParam(':user_id', $user_id, PDO::PARAM_INT);
$auth->bindParam(':token', $token, PDO::PARAM_STR);
$auth->bindParam(':created_at', $created_at, PDO::PARAM_STR);
$auth->execute();
$session = json_encode([
'user_id' => base64_encode($user_id),
'token' => base64_encode($token),
]);
$session = base64_encode($session);
setcookie('__session', $session, 86400 * 365 + time(), '/');
$_SESSION['__session'] = $session;
redirect('/start/quest');
exit;
}
else
{
$user_id = $check->user_id;
$token = md5(random_string());
$created_at = date('Y-m-d H:i:s', time());
$stmt = $db->prepare("INSERT INTO users_sessions SET user_id = :user_id, token = :token, created_at = :created_at");
$stmt->bindParam(':user_id', $user_id, PDO::PARAM_INT);
$stmt->bindParam(':token', $token, PDO::PARAM_STR);
$stmt->bindParam(':created_at', $created_at, PDO::PARAM_STR);
$stmt->execute();
$session = json_encode([
'user_id' => base64_encode($user_id),
'token' => base64_encode($token),
]);
$session = base64_encode($session);
setcookie('__session', $session, 86400 * 365 + time(), '/');
$_SESSION['__session'] = $session;
redirect('/game');
exit;
}
}
}
else {
redirect($url);
exit;
}