/**
* function show
* render and return content
* @return string
*/
function show()
{
$count = 0;
$inventory_subscribe = [];
$region_id = Misc::escape_text($_GET['inventory']);
foreach (Adapter::secure_query("SELECT * FROM cms_shop_subscriptions WHERE region = :id", [':id' => $region_id]) as $row_a) {
$row_b = Adapter::fetch_object(Adapter::secure_query("SELECT * FROM cms_shop_payments_types WHERE id = :id LIMIT 1", [':id' => $row_a['payment_type']]));
$payment_json[$count] = new JsonPayment($row_b->id, $row_b->name, $row_b->button, $row_b->image, 'subscription');
$inventory_subscribe[$count] = new JsonSubscription($row_a['id'], $row_a['name'], $row_a['description'], $row_a['credits_amount'], $row_a['price'], $row_a['type'], $row_a['icon'], $payment_json);
$count++;
}
$count = 0;
$countries = [];
foreach (Adapter::query("SELECT * FROM cms_shop_countries") as $row_a) {
$countries[$count++] = new JsonCountry($row_a['country_id'], $row_a['country_name'], $row_a['country_locale'], $row_a['country_code']);
}
$row_c = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_shop_countries WHERE country_code = :id LIMIT 1", [':id' => $region_id]));
$country_json = new JsonCountry($row_c['country_id'], $row_c['country_name'], $row_c['country_locale'], $row_c['country_code']);
$subscriptions_object = new stdClass();
$subscriptions_object->selectedCountry = $country_json;
$subscriptions_object->countries = $countries;
$subscriptions_object->items = $inventory_subscribe;
header('Content-type: application/json');
return json_encode($subscriptions_object);
}
/**
* function show
* render and return content
*/
function show()
{
$photo_id = $_GET['photo_id'];
$row_a = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_stories_photos WHERE id = :uid LIMIT 1", [':uid' => $photo_id]));
$photo = new JsonPhotos($row_a['id'], $row_a['user_id'], $row_a['image_preview_url'], $row_a['type'], $row_a['image_url'], $row_a['user_name'], $row_a['room_id'], $row_a['date'], $row_a['tags']);
header('Content-type: application/json');
return str_replace("\\/", "/", json_encode($photo));
}
/**
* function show
* render and return content
*/
function show()
{
$count = 0;
$channels_photos = [];
$channel = Misc::escape_text($_GET['channel']);
$channel_id = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_stories_channels WHERE url = :url", [':url' => $channel]));
foreach (Adapter::secure_query("SELECT * FROM cms_stories_channels_inventory WHERE channel_id = :id", [':id' => $channel_id['id']]) as $row_a) {
$channels_photos[$count++] = new JsonChannelsContent($row_a['id'], $row_a['image_url'], $row_a['user_id'], $row_a['user_name'], $row_a['date'], $row_a['type'], $row_a['tags'], $row_a['title']);
}
header('Content-type: application/json');
$channels = new JsonChannels($channel_id['id'], $channel_id['title'], $channel_id['description'], $channel_id['tag'], $channel_id['title_key'], $channel_id['image'], $channel_id['url'], $channels_photos);
return json_encode($channels);
}
/**
* function show
* render and return content
*/
function show()
{
$count = 0;
$photos = [];
$user_id = Misc::escape_text($_GET['user']);
foreach (Adapter::secure_query("SELECT * FROM cms_stories_photos WHERE type = 'SELFIE' AND user_id = :uid", [':uid' => $user_id]) as $row_a) {
$photos[$count++] = new JsonSelfies($row_a['id'], $row_a['user_id'], $row_a['image_preview_url'], $row_a['type'], $row_a['image_url'], $row_a['user_name'], $row_a['date'], $row_a['tags']);
}
foreach (Adapter::secure_query("SELECT * FROM cms_stories_channels_inventory WHERE user_id = :uid", [':uid' => $user_id]) as $row_a) {
$row_b = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_stories_channels WHERE id = :cid", [':cid' => $row_a['channel_id']]));
$photos[$count++] = new JsonChannelsContent($row_a['id'], $row_a['image_url'], $row_a['user_id'], $row_a['user_name'], $row_a['date'], $row_a['type'], $row_a['tags'], $row_a['title'], $row_b['url'], $row_b['title']);
}
header('Content-type: application/json');
return str_replace("\\/", "/", json_encode($photos));
}
/**
* function construct
* create a controller for notifications
*/
function __construct()
{
$this->input_figure = strtolower($_GET["figure"]);
$this->input_action = isset($_GET["action"]) ? strtolower($_GET["action"]) : 'std';
$this->input_direction = isset($_GET["direction"]) ? $_GET["direction"] : 4;
$this->input_head_direction = isset($_GET["head_direction"]) ? $_GET["head_direction"] : $this->input_direction;
$this->input_gesture = isset($_GET["gesture"]) ? strtolower($_GET["gesture"]) : 'std';
$this->input_size = isset($_GET["size"]) ? strtolower($_GET["size"]) : 'n';
$this->input_format = isset($_GET["img_format"]) ? strtolower($_GET["img_format"]) : 'png';
$this->input_frame = isset($_GET["frame"]) ? strtolower($_GET["frame"]) : '0';
$this->input_head_only = isset($_GET["headonly"]) ? $_GET["headonly"] : false;
if (isset($_GET['user'])) {
$figure = Adapter::fetch_array(Adapter::secure_query("SELECT look FROM users WHERE username = :username ", ['username' => Misc::escape_text($_GET['user'])]));
$this->input_figure = $figure['look'];
}
$this->input_action = explode(",", $this->input_action);
$this->input_format = $this->input_format == "gif" ? "gif" : "png";
$this->input_frame = explode(",", $this->input_frame);
}
/**
* function show
* render and return content
*/
function show()
{
@session_start();
$username = Misc::escape_text($_POST['username']);
$password = Misc::escape_text($_POST['password']);
if (Adapter::row_count(Adapter::secure_query("SELECT * FROM cms_hk_users WHERE username = MD5(:username) AND password = MD5(:password)", [':username' => $username, ':password' => $password])) == 1) {
$hash = md5(rand(10, 30 . '-ase-' . rand(40, 60) . '-ase-' . rand(80, 90)));
Adapter::secure_query("UPDATE cms_hk_users SET hash = :hash WHERE username = MD5(:username)", [':hash' => $hash, ':username' => $username]);
$row = Adapter::fetch_array(Adapter::secure_query("SELECT rank FROM cms_hk_users WHERE username = MD5(:username)", [':username' => $username]));
$arr = ['username' => $username, 'hash' => $hash, 'rank' => $row['rank']];
$_SESSION['hobbanet'] = serialize($arr);
header("Location: /theallseeingeye/web/index");
return;
} else {
session_destroy();
header("Location: /theallseeingeye/web/?fail");
return;
}
}
/**
* function show
* render and return content
*/
function show()
{
if (!INSTALLED) {
$database_settings = ['host' => Misc::escape_text($_POST['host_name']), 'user' => Misc::escape_text($_POST['host_user']), 'pass' => Misc::escape_text($_POST['host_pass']), 'name' => Misc::escape_text($_POST['host_db']), 'port' => Misc::escape_text($_POST['host_port']), 'type' => 'mysql'];
@Adapter::set_instance($database_settings);
if (array_key_exists('server_ver', Adapter::fetch_array(Adapter::query("SELECT * FROM server_status")))) {
if (strpos(file_get_contents(ROOT_PATH . "/api/Gogo.php"), '$database_settings = array') == false) {
file_put_contents(ROOT_PATH . "/api/Gogo.php", "\n//database settings \n" . '$database_settings = ' . var_export($database_settings, true) . ';', FILE_APPEND);
header("Location: /settings");
return;
}
} else {
header("Location: /error?db");
return;
}
header("Location: /error?db");
return;
}
header("Location: /");
return;
}
/**
* function show
* render and return content
*/
function show()
{
$count = 0;
$inventory_purse = [];
$region_id = $_GET['inventory'];
foreach (Adapter::secure_query("SELECT * FROM cms_shop_inventory WHERE region = :id", [':id' => $region_id]) as $row_a) {
$row_b = Adapter::fetch_object(Adapter::secure_query("SELECT * FROM cms_shop_payments_types WHERE id = :id LIMIT 1", [':id' => $row_a['payment_type']]));
$payment_json[$count] = new JsonPayment($row_b->id, $row_b->name, $row_b->button, $row_b->image, 'online');
$inventory_purse[$count] = new JsonPurse($row_a['id'], $row_a['name'], $row_a['description'], $row_a['credits_amount'], $row_a['price'], [0 => $row_a['categories']], $row_a['icon'], $row_a['region'], $payment_json);
$count++;
}
$row_c = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_shop_countries WHERE country_code = :id LIMIT 1", [':id' => $region_id]));
$country_json = new JsonCountry($row_c['country_id'], $row_c['country_name'], $row_c['country_locale'], $row_c['country_code']);
$inventory_object = new stdClass();
$inventory_object->country = $country_json;
$inventory_object->paymentCategories = ['online'];
$inventory_object->pricePoints = $inventory_purse;
$inventory_object->doubleCredits = true;
header('Content-type: application/json');
return json_encode($inventory_object);
}
/**
* function change mail
* chgange the email
* @param array $data
* @param int $user_id
* @return bool
*/
static function change_email($data = [], $user_id = 0)
{
if (self::change_password($data, $user_id, true, false) == true) {
$query_two = Adapter::secure_query("SELECT * FROM users WHERE `mail` = :mail LIMIT 1", [':mail' => Misc::escape_text($data['newEmail'])]);
if (Adapter::row_count($query_two) == 0) {
$row_two = Adapter::fetch_array(Adapter::secure_query('SELECT * FROM users WHERE id = :userid', [':userid' => $user_id]));
Mailer::send_change_email($row_two['mail'], $data['newEmail']);
Adapter::secure_query("UPDATE cms_azure_id SET `mail` = :newmail WHERE `mail` = :oldmail", [':newmail' => Misc::escape_text($data['newEmail']), ':oldmail' => $row_two['mail']]);
Adapter::secure_query("UPDATE users SET `mail` = :newmail WHERE `mail` = :oldmail", [':newmail' => Misc::escape_text($data['newEmail']), ':oldmail' => $row_two['mail']]);
header('HTTP/1.1 204 No Content');
echo '{"email":"' . Misc::escape_text($data['newEmail']) . '"}';
return true;
}
}
header('HTTP/1.1 400 Bad Request');
echo '{"error":"registration_email"}';
return false;
}
/**
* function user_create_instance
* create instance and get data of a user
* @param $user_id
* @param bool $return
* @return User
*/
static function user_create_instance($user_id, $return = false)
{
// get user_data
$row = is_numeric($user_id) ? Adapter::fetch_object(Adapter::secure_query("SELECT * FROM users WHERE id = :userid LIMIT 1", [':userid' => $user_id])) : Adapter::fetch_object(Adapter::secure_query("SELECT * FROM users WHERE username = :userid LIMIT 1", [':userid' => $user_id]));
$verified = Adapter::fetch_array(Adapter::secure_query('SELECT verified FROM cms_users_verification WHERE user_id = :userid', [':userid' => $row->id]));
$new_verify = $verified['verified'];
if ($new_verify != 'false' && $new_verify != 'true') {
Mailer::send_nux_mail($row->mail);
$new_verify = 'false';
}
$is_admin = $row->rank >= 7 ? true : false;
$pref = new JsonPreferences(true, $row->hide_online, $row->hide_inroom, $row->block_newfriends);
$user_preferences = json_decode($pref->get_json());
$count = 0;
$badge = [];
foreach (Adapter::secure_query("SELECT * FROM users_badges WHERE user_id = :userid", [':userid' => $row->id]) as $row_a) {
$f = new JsonBadge($row_a['badge_id'], $row_a['badge_id'], $row_a['badge_id']);
$badge[$count] = json_decode($f->get_json());
if (!empty($badge[$count])) {
$count++;
} else {
unset($badge[$count]);
}
}
$count = 0;
$badge_used = [];
foreach (Adapter::secure_query("SELECT * FROM users_badges WHERE user_id = :userid AND badge_slot != 0", [':userid' => $row->id]) as $row_a) {
$f = new JsonUsedBadge($row_a['badge_slot'], $row_a['badge_id'], $row_a['badge_id'], $row_a['badge_id']);
$badge_used[$count] = json_decode($f->get_json());
if (!empty($badge_used[$count])) {
$count++;
} else {
unset($badge_used[$count]);
}
}
$count = 0;
$user_friends = [];
foreach (Adapter::secure_query("SELECT user_two_id FROM messenger_friendships WHERE user_one_id = :userid", [':userid' => $row->id]) as $row_a) {
$row_b = Adapter::fetch_object(Adapter::secure_query("SELECT username,motto,id,look FROM users WHERE id = :userid LIMIT 1", [':userid' => $row_a['user_two_id']]));
$f = new JsonFriend($row_b->username, $row_b->motto, $row_b->id, $row_b->look);
$user_friends[$count] = json_decode($f->get_json());
if (!empty($user_friends[$count])) {
$count++;
} else {
unset($user_friends[$count]);
}
}
$count = 0;
$user_rooms = [];
foreach (Adapter::secure_query("SELECT * FROM rooms_data WHERE owner = :userid", [':userid' => $row->username]) as $row_a) {
$f = new JsonRoom($row_a['id'], $row_a['caption'], $row_a['description'], $row->id);
$user_rooms[$count] = json_decode($f->get_json());
if (!empty($user_rooms[$count])) {
$count++;
} else {
unset($user_rooms[$count]);
}
}
$count = 0;
$user_groups = [];
foreach (Adapter::secure_query("SELECT * FROM groups_members WHERE user_id = :userid", [':userid' => $row->username]) as $row_a) {
$row_b = Adapter::fetch_object(Adapter::secure_query("SELECT * FROM groups_data WHERE id = :userid LIMIT 1", [':userid' => $row_a['group_id']]));
$f = new JsonGroup($row_a['group_id'], $row_b->name, $row_b->desc, 'NORMAL', $row_b->badge, $row_b->room_id, $row_b->colour1, $row_b->colour2, false);
$user_groups[$count] = json_decode($f->get_json());
if (!empty($user_groups[$count])) {
$count++;
} else {
unset($user_groups[$count]);
}
}
$user_json = new JsonUser($row->id, $row->username, $row->mail, $row->gender, $row->motto, $row->look, $badge_used, date('Y-m-d', $row->account_created) . 'T' . date('H:i:s', $row->account_created) . '.000+0000', $new_verify);
self::$user_instance = new User($user_id, $row->username, $row->mail, $row->gender, $row->motto, $row->credits, $row->activity_points, "127.0.0.1", "Default", $row->look, $is_admin, $row->builders_expire, $badge, $user_friends, $user_rooms, $badge_used, $user_groups, $user_json, $user_preferences, $new_verify, $row->novato);
if ($return) {
return self::$user_instance;
}
$_SESSION['user_data'] = serialize(self::$user_instance);
return null;
}
