OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
cream
/
quiz
/
backup
/
old_backup
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
05/19/2025 10:07:16 AM
rwxr-xr-x
📁
backup
-
05/19/2025 10:07:16 AM
rwxr-xr-x
📄
callback.php
846 bytes
05/19/2025 10:07:16 AM
rw-r--r--
📁
data
-
02/15/2025 11:20:34 AM
rwxr-xr-x
📄
function.php
5.06 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
index.html
2.27 KB
02/15/2025 11:21:46 AM
rw-r--r--
📄
oauth.php
332 bytes
05/19/2025 10:07:16 AM
rw-r--r--
📄
register.php
5.29 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
subscription_check.php
1.37 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
verify.php
2.21 KB
05/19/2025 10:07:16 AM
rw-r--r--
Editing: function.php
Close
<?php // Function to get OAuth credentials from JSON file function getOAuthCredentials($filePath = 'data/youtube_oauth.json') { return json_decode(file_get_contents($filePath), true); } // Function to build the Google OAuth URL function buildAuthUrl($credentials, $client_id, $redirect_uri) { return $credentials['web']['auth_uri'] . '?' . http_build_query([ 'client_id' => $client_id, 'redirect_uri' => $redirect_uri, 'response_type' => 'code', 'scope' => 'https://www.googleapis.com/auth/youtube.readonly', 'access_type' => 'offline', ]); } // Function to get access token using the authorization code function getAccessToken($credentials, $code, $client_id, $client_secret, $redirect_uri) { $token_url = $credentials['web']['token_uri']; $data = [ 'code' => $code, 'client_id' => $client_id, 'client_secret' => $client_secret, 'redirect_uri' => $redirect_uri, 'grant_type' => 'authorization_code' ]; // Use cURL to get the access token $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $token_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); $response = curl_exec($ch); curl_close($ch); // Decode the response to get the token return json_decode($response, true); } // Function to store tokens in the session function storeTokensInSession($token) { if (isset($token['access_token'])) { $_SESSION['access_token'] = $token['access_token']; if (isset($token['refresh_token'])) { $_SESSION['refresh_token'] = $token['refresh_token']; } } } // Function to redirect to a given URL function redirectToUrl($url) { header('Location: ' . filter_var($url, FILTER_SANITIZE_URL)); exit(); } // Function to ensure the user is authenticated (i.e., has access token in session) function ensureAuthenticated() { if (!isset($_SESSION['access_token'])) { die('You must authenticate first. Please go to <a href="oauth.php">OAuth Page</a>'); } } // Function to get the access token from the session function getAccessTokenFromSession() { return $_SESSION['access_token']; } // Function to fetch subscriptions from YouTube API function fetchYouTubeSubscriptions($access_token) { $youtube_api_url = 'https://www.googleapis.com/youtube/v3/subscriptions?part=snippet&mine=true'; // Make the API request to YouTube using cURL $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $youtube_api_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HTTPHEADER, [ 'Authorization: Bearer ' . $access_token ]); $response = curl_exec($ch); curl_close($ch); // If the response is false, there was an error in the request if ($response === false) { die('Error in fetching subscriptions'); } return json_decode($response, true); } // Function to check if the user is subscribed to a specific channel function checkIfSubscribed($data, $channel_id_to_check) { // Loop through the subscriptions to check if the user is subscribed to the channel foreach ($data['items'] as $subscription) { if ($subscription['snippet']['resourceId']['channelId'] === $channel_id_to_check) { return true; } } return false; } // Function to display the subscription status function displaySubscriptionStatus($is_subscribed) { if ($is_subscribed) { echo 'You are subscribed to this channel.'; } else { echo 'You are not subscribed to this channel.'; } } // Function to handle the OAuth process (main function) function handleOAuth($credentials) { if (!isset($_GET['code'])) { // Step 1: Redirect to Google OAuth if there's no authorization code $client_id = $credentials['web']['client_id']; $redirect_uri = $credentials['web']['redirect_uris'][0]; // First redirect URI $auth_url = buildAuthUrl($credentials, $client_id, $redirect_uri); redirectToUrl($auth_url); } else { // Step 2: If there's an authorization code, exchange it for an access token $code = $_GET['code']; $client_id = $credentials['web']['client_id']; $client_secret = $credentials['web']['client_secret']; $redirect_uri = $credentials['web']['redirect_uris'][0]; // Same as before $token = getAccessToken($credentials, $code, $client_id, $client_secret, $redirect_uri); if (isset($token['access_token'])) { // Step 3: Store tokens and redirect to the next URI storeTokensInSession($token); // Redirect to the second URI in the redirect_uris array redirectToUrl($credentials['web']['redirect_uris'][2]); } else { // Handle errors in token retrieval die('Error: Could not get the access token. Please try again.'); } } } ?>