File: /var/www/html/tmpr/../tmpr/../tmpr/../tmpr/../tmpr/../connect/google-complete.php
<?php
// Complete Google sign-in by issuing the Connect SSO cookie using the
// email from BrandCreator's session, then finish Sites login client-side.
require_once __DIR__ . '/auth.php';
$cfg = require __DIR__ . '/config.php';
// Ensure session is available across the site
if (!headers_sent()) {
session_set_cookie_params(0, '/');
}
@session_start();
$dest = isset($_GET['dest']) ? trim($_GET['dest']) : '/connect/index.php';
// Attempt to read email from BrandCreator's session
$email = isset($_SESSION['brand_session_user_email']) ? trim((string)$_SESSION['brand_session_user_email']) : '';
// Issue SSO cookie and compute a deterministic Sites password for this user
$sitesPassword = '';
if ($email !== '') {
$name = strstr($email, '@', true) ?: $email;
$uid = substr(sha1(strtolower($email)), 0, 16);
$token = issue_token([
'sub' => $uid,
'email' => $email,
'name' => $name,
]);
set_sso_cookie($token);
// Derive a consistent Sites password using Connect secret; 12 chars
$sitesPassword = substr(hash_hmac('sha256', strtolower($email) . '|sites', $cfg['secret']), 0, 12);
}
?>
<!doctype html>
<html lang="en" class="light-style layout-wide customizer-hide" data-theme="theme-default" data-assets-path="/brandcreator/dashboard/assets/" data-template="vertical-menu-template" data-style="light">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no, minimum-scale=1.0, maximum-scale=1.0" />
<title>Finishing Sign-In…</title>
<link rel="stylesheet" href="/brandcreator/dashboard/assets/vendor/css/rtl/core.css" />
<link rel="stylesheet" href="/brandcreator/dashboard/assets/vendor/css/rtl/theme-default.css" />
<link rel="stylesheet" href="/brandcreator/dashboard/assets/css/demo.css" />
<link rel="stylesheet" href="/brandcreator/dashboard/assets/vendor/css/pages/page-auth.css" />
<style>.status{font-size:13px}.ok{color:#0a7f28}.err{color:#b00020}</style>
</head>
<body>
<div class="authentication-wrapper authentication-cover">
<a href="/connect/index.php" class="app-brand auth-cover-brand gap-2">
<span class="app-brand-logo demo"><img src="/brandcreator/files/assets/logo-white3.png" style="max-height:60px"></span>
</a>
<div class="authentication-inner row m-0">
<div class="d-none d-lg-flex col-lg-7 col-xl-8 align-items-center p-5" style="background-image:url('/brandcreator/dashboard/assets/img/illustrations/business-meeting-over-coffee.png');background-size:cover;background-repeat:no-repeat;background-position:bottom;background-color:#9fccde;"></div>
<div class="d-flex col-12 col-lg-5 col-xl-4 align-items-center authentication-bg p-sm-12 p-6">
<div class="w-px-520 mx-auto mt-12 pt-5">
<h4 class="mb-1">Finishing sign-in across apps…</h4>
<div class="list-group mb-4">
<div class="d-flex justify-content-between py-2"><span class="fw-bold">Sites</span><span id="st-sites" class="status">Initializing…</span></div>
</div>
<button id="continueBtn" class="btn btn-primary w-100" disabled>Continue</button>
</div>
</div>
</div>
</div>
<script>
(function(){
const email = <?php echo json_encode($email); ?>;
const password = <?php echo json_encode($sitesPassword); ?>;
const redirect = <?php echo json_encode($dest); ?>;
const fallback = '/connect/index.php';
const st = document.getElementById('st-sites');
function setStatus(text, cls){ st.textContent = text; st.className = 'status ' + (cls || ''); }
function enable(){
const btn = document.getElementById('continueBtn');
btn.disabled = false;
setTimeout(function(){
const target = (redirect && redirect.trim()) ? redirect : fallback;
window.location.href = target;
}, 5000);
}
async function loginSites(){
if (!email || !password){ setStatus('Missing email','err'); enable(); return; }
try {
setStatus('Signing in…');
const resp = await fetch('/sites/index.php/authenticate/verifyLogin', {
method: 'POST',
headers: { 'Content-Type': 'application/x-www-form-urlencoded', 'X-Requested-With': 'XMLHttpRequest' },
credentials: 'include',
body: new URLSearchParams({ ppl_email: email, ppl_pass: password })
});
const ct = resp.headers.get('content-type') || '';
if (ct.includes('application/json')) {
const data = await resp.json();
if (data.status === 'success') {
try { await fetch('/sites/index.php/accounts/splashPage', { credentials: 'include' }); } catch (e) {}
setStatus('Signed in','ok'); enable(); return;
}
}
// Provision/update Sites user with the derived password, then retry
setStatus('Provisioning user…');
const prov = await fetch('/connect/provision_sites.php', {
method: 'POST',
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
body: new URLSearchParams({ email: email, password: password })
});
const pjson = await prov.json().catch(() => ({ success:false }));
if (pjson && pjson.success) {
setStatus('Retrying sign in…');
const resp2 = await fetch('/sites/index.php/authenticate/verifyLogin', {
method: 'POST',
headers: { 'Content-Type': 'application/x-www-form-urlencoded', 'X-Requested-With': 'XMLHttpRequest' },
credentials: 'include',
body: new URLSearchParams({ ppl_email: email, ppl_pass: password })
});
const ct2 = resp2.headers.get('content-type') || '';
if (ct2.includes('application/json')) {
const data2 = await resp2.json();
if (data2.status === 'success') {
try { await fetch('/sites/index.php/accounts/splashPage', { credentials: 'include' }); } catch (e) {}
setStatus('Signed in','ok'); enable(); return;
}
setStatus('Failed: ' + (data2.message || 'Error'),'err'); enable(); return;
}
setStatus(resp2.ok ? 'Signed in' : 'Failed','ok'); enable(); return;
}
setStatus('Failed: ' + ((pjson && pjson.message) || 'Provisioning failed'),'err'); enable();
} catch (e) { setStatus('Failed: ' + e.message,'err'); enable(); }
}
(async function(){ await loginSites(); })();
document.getElementById('continueBtn').addEventListener('click', function(){
const target = (redirect && redirect.trim()) ? redirect : fallback;
window.location.href = target;
});
})();
</script>
</body>
</html>