File: /var/www/html/tmpr/../tmpr/../tmpr/../tmpr/../tmpr/../tmpr/..//brandcreator/auth-google.php
<?php
require 'dashboard/data/files/config.php';
session_start();
// Set your Google credentials
$client_id = '239464930486-7suoq231ihvl5tu2rjrrd5n3cfdptu2a.apps.googleusercontent.com';
$client_secret = 'GD7izSGPtVXH1RrVBpFSRfQK';
$redirect_uri = 'https://www.thebrand.ai/insights/auth-google.php';
// Step 1: Redirect to Google
if (!isset($_GET['code'])) {
$auth_url = 'https://accounts.google.com/o/oauth2/v2/auth?' . http_build_query([
'client_id' => $client_id,
'redirect_uri' => $redirect_uri,
'response_type' => 'code',
'scope' => 'openid email profile',
'access_type' => 'offline',
'prompt' => 'consent'
]);
header('Location: ' . $auth_url);
exit;
}
// Step 2: Handle Google callback
if (isset($_GET['code'])) {
$code = $_GET['code'];
// Exchange code for token
$token_url = 'https://oauth2.googleapis.com/token';
$post_fields = [
'code' => $code,
'client_id' => $client_id,
'client_secret' => $client_secret,
'redirect_uri' => $redirect_uri,
'grant_type' => 'authorization_code'
];
$ch = curl_init($token_url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_fields));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
$token_data = json_decode($response, true);
if (isset($token_data['access_token'])) {
// Get user info from Google
$user_info_url = 'https://www.googleapis.com/oauth2/v2/userinfo';
$ch = curl_init($user_info_url);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Authorization: Bearer ' . $token_data['access_token']
]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$user_info = curl_exec($ch);
curl_close($ch);
$google_user = json_decode($user_info, true);
// Check if user exists in database
try {
$username = strstr(trim($google_user['email']), '@', true);
// Prepare the SQL query to check both email and username
$stmt = $pdo->prepare("SELECT id, pwd, approved, user_name, user_email FROM users WHERE user_email = ? OR user_name = ?");
$stmt->execute([$google_user['email'], $username]);
$user = $stmt->fetch();
if (!$user) {
// Register new user
require 'data/files/registerGoogle.php';
/* $stmt = $pdo->prepare("INSERT INTO users (google_id, name, email, picture) VALUES (?, ?, ?, ?)");
$stmt->execute([
$google_user['id'],
$google_user['name'],
$google_user['email'],
$google_user['picture']
]);
$user_id = $pdo->lastInsertId();*/
} else {
$user_id = $user['id'];
$stmt = $pdo->prepare("UPDATE users SET catalogname = ?, picture = ? WHERE id = ?");
$stmt->execute([
$google_user['name'],
$google_user['picture'],
$user_id
]);
$_SESSION['euserid'] = $user['id'];
$_SESSION['uid'] = $user['id'];
$_SESSION['admini'] = $user['admin'];
$_SESSION['isLogin'] = true;
$_SESSION['brand_session_user_email'] = $user['user_email'];
$_SESSION['brand_session_user_role'] = $user['admin'];
$_SESSION['brand_session_logged_in'] = true;
$_SESSION['brand_session_app_key'] = "'cbLQtiQWnKjEfgoIRvXyc5hgqbfIbU6atljuyqx5dfgte'";
setcookie("user_id", $user['id'], time()+60*60*24*60, "/");
setcookie("euserid", $user['id'], time()+60*60*24*60, "/");
setcookie("admini", $user['admin'], time()+60*60*24*60, "/");
setcookie("uid", $user['id'], time()+60*60*24*60, "/");
}
header('Location: https://www.thebrand.ai/insights/dashboard');
exit;
} catch(PDOException $e) {
header('Location: https://www.thebrand.ai/insights/dashboard');
exit('Database error: ' . $e->getMessage());
}
} else {
header('Location: https://www.thebrand.ai/insights/dashboard');
exit('Google authentication failed');
}
}
?>