Файл: wenr.online/app/user/soc/vk.php
Строк: 87
<?php
if($user->isAuth()){
redirect('/game');
exit;
}
$params = [
'client_id' => '7519356',
'redirect_uri' => 'https://wenr.online/vk',
'scope' => 'email',
'response_type' => 'code',
];
$url = 'https://oauth.vk.com/authorize?' . urldecode(http_build_query($params));
if (!empty($_GET['code'])) {
$params = [
'client_id' => '7519356',
'client_secret' => 'Xr2p8y5q4W52muP4z9Dv',
'redirect_uri' => 'https://wenr.online/vk',
'code' => $_GET['code']
];
// Получение access_token
$data = file_get_contents('https://oauth.vk.com/access_token?' . urldecode(http_build_query($params)));
$data = json_decode($data, true);
if (!empty($data['access_token'])) {
// Получили email
$email = $data['email'];
// Получим данные пользователя
$params = array(
'v' => '5.52',
'uids' => $data['user_id'],
'access_token' => $data['access_token'],
'fields' => 'photo_big',
);
$info = file_get_contents('https://api.vk.com/method/users.get?' . urldecode(http_build_query($params)));
$info = json_decode($info, true);
$check = $db->prepare('select user_id from users where email = ?');
$check -> execute([$email]);
$check = $check -> fetch(PDO :: FETCH_OBJ);
if(!isset($check->user_id)){
$form =
['value' =>
[
'password' => random_string(12),
'nick' => $data['user_id'],
'email' => $email
]];
$password = password_hash($form['value']['password'], PASSWORD_DEFAULT);
$created_at = date('Y-m-d H:i:s', time());
$stmt = $db->prepare("INSERT INTO users SET password = :password, nick = :nick, created_at = :created_at, email = :email");
$stmt->bindParam(':password', $password, PDO::PARAM_STR);
$stmt->bindParam(':nick', $form['value']['nick'], PDO::PARAM_STR);
$stmt->bindParam(':created_at', $created_at, PDO::PARAM_STR);
$stmt->bindParam(':email', $email, PDO::PARAM_STR);
$stmt->execute();
$user_id = $db->lastInsertId();
$token = md5(random_string());
$auth = $db->prepare("INSERT INTO users_sessions SET user_id = :user_id, token = :token, created_at = :created_at");
$auth->bindParam(':user_id', $user_id, PDO::PARAM_INT);
$auth->bindParam(':token', $token, PDO::PARAM_STR);
$auth->bindParam(':created_at', $created_at, PDO::PARAM_STR);
$auth->execute();
$session = json_encode([
'user_id' => base64_encode($user_id),
'token' => base64_encode($token),
]);
$session = base64_encode($session);
setcookie('__session', $session, 86400 * 365 + time(), '/');
$_SESSION['__session'] = $session;
redirect('/start/quest');
exit;
}
else
{
$user_id = $check->user_id;
$token = md5(random_string());
$created_at = date('Y-m-d H:i:s', time());
$stmt = $db->prepare("INSERT INTO users_sessions SET user_id = :user_id, token = :token, created_at = :created_at");
$stmt->bindParam(':user_id', $user_id, PDO::PARAM_INT);
$stmt->bindParam(':token', $token, PDO::PARAM_STR);
$stmt->bindParam(':created_at', $created_at, PDO::PARAM_STR);
$stmt->execute();
$session = json_encode([
'user_id' => base64_encode($user_id),
'token' => base64_encode($token),
]);
$session = base64_encode($session);
setcookie('__session', $session, 86400 * 365 + time(), '/');
$_SESSION['__session'] = $session;
redirect('/game');
exit;
}
}
}
else {
redirect($url);
exit;
}