/** * function show * render and return content * @return string */ function show() { $count = 0; $inventory_subscribe = []; $region_id = Misc::escape_text($_GET['inventory']); foreach (Adapter::secure_query("SELECT * FROM cms_shop_subscriptions WHERE region = :id", [':id' => $region_id]) as $row_a) { $row_b = Adapter::fetch_object(Adapter::secure_query("SELECT * FROM cms_shop_payments_types WHERE id = :id LIMIT 1", [':id' => $row_a['payment_type']])); $payment_json[$count] = new JsonPayment($row_b->id, $row_b->name, $row_b->button, $row_b->image, 'subscription'); $inventory_subscribe[$count] = new JsonSubscription($row_a['id'], $row_a['name'], $row_a['description'], $row_a['credits_amount'], $row_a['price'], $row_a['type'], $row_a['icon'], $payment_json); $count++; } $count = 0; $countries = []; foreach (Adapter::query("SELECT * FROM cms_shop_countries") as $row_a) { $countries[$count++] = new JsonCountry($row_a['country_id'], $row_a['country_name'], $row_a['country_locale'], $row_a['country_code']); } $row_c = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_shop_countries WHERE country_code = :id LIMIT 1", [':id' => $region_id])); $country_json = new JsonCountry($row_c['country_id'], $row_c['country_name'], $row_c['country_locale'], $row_c['country_code']); $subscriptions_object = new stdClass(); $subscriptions_object->selectedCountry = $country_json; $subscriptions_object->countries = $countries; $subscriptions_object->items = $inventory_subscribe; header('Content-type: application/json'); return json_encode($subscriptions_object); }
/** * function show * render and return content */ function show() { $photo_id = $_GET['photo_id']; $row_a = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_stories_photos WHERE id = :uid LIMIT 1", [':uid' => $photo_id])); $photo = new JsonPhotos($row_a['id'], $row_a['user_id'], $row_a['image_preview_url'], $row_a['type'], $row_a['image_url'], $row_a['user_name'], $row_a['room_id'], $row_a['date'], $row_a['tags']); header('Content-type: application/json'); return str_replace("\\/", "/", json_encode($photo)); }
/** * function show * render and return content */ function show() { $count = 0; $channels_photos = []; $channel = Misc::escape_text($_GET['channel']); $channel_id = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_stories_channels WHERE url = :url", [':url' => $channel])); foreach (Adapter::secure_query("SELECT * FROM cms_stories_channels_inventory WHERE channel_id = :id", [':id' => $channel_id['id']]) as $row_a) { $channels_photos[$count++] = new JsonChannelsContent($row_a['id'], $row_a['image_url'], $row_a['user_id'], $row_a['user_name'], $row_a['date'], $row_a['type'], $row_a['tags'], $row_a['title']); } header('Content-type: application/json'); $channels = new JsonChannels($channel_id['id'], $channel_id['title'], $channel_id['description'], $channel_id['tag'], $channel_id['title_key'], $channel_id['image'], $channel_id['url'], $channels_photos); return json_encode($channels); }
/** * function show * render and return content */ function show() { $count = 0; $photos = []; $user_id = Misc::escape_text($_GET['user']); foreach (Adapter::secure_query("SELECT * FROM cms_stories_photos WHERE type = 'SELFIE' AND user_id = :uid", [':uid' => $user_id]) as $row_a) { $photos[$count++] = new JsonSelfies($row_a['id'], $row_a['user_id'], $row_a['image_preview_url'], $row_a['type'], $row_a['image_url'], $row_a['user_name'], $row_a['date'], $row_a['tags']); } foreach (Adapter::secure_query("SELECT * FROM cms_stories_channels_inventory WHERE user_id = :uid", [':uid' => $user_id]) as $row_a) { $row_b = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_stories_channels WHERE id = :cid", [':cid' => $row_a['channel_id']])); $photos[$count++] = new JsonChannelsContent($row_a['id'], $row_a['image_url'], $row_a['user_id'], $row_a['user_name'], $row_a['date'], $row_a['type'], $row_a['tags'], $row_a['title'], $row_b['url'], $row_b['title']); } header('Content-type: application/json'); return str_replace("\\/", "/", json_encode($photos)); }
/** * function construct * create a controller for notifications */ function __construct() { $this->input_figure = strtolower($_GET["figure"]); $this->input_action = isset($_GET["action"]) ? strtolower($_GET["action"]) : 'std'; $this->input_direction = isset($_GET["direction"]) ? $_GET["direction"] : 4; $this->input_head_direction = isset($_GET["head_direction"]) ? $_GET["head_direction"] : $this->input_direction; $this->input_gesture = isset($_GET["gesture"]) ? strtolower($_GET["gesture"]) : 'std'; $this->input_size = isset($_GET["size"]) ? strtolower($_GET["size"]) : 'n'; $this->input_format = isset($_GET["img_format"]) ? strtolower($_GET["img_format"]) : 'png'; $this->input_frame = isset($_GET["frame"]) ? strtolower($_GET["frame"]) : '0'; $this->input_head_only = isset($_GET["headonly"]) ? $_GET["headonly"] : false; if (isset($_GET['user'])) { $figure = Adapter::fetch_array(Adapter::secure_query("SELECT look FROM users WHERE username = :username ", ['username' => Misc::escape_text($_GET['user'])])); $this->input_figure = $figure['look']; } $this->input_action = explode(",", $this->input_action); $this->input_format = $this->input_format == "gif" ? "gif" : "png"; $this->input_frame = explode(",", $this->input_frame); }
/** * function show * render and return content */ function show() { @session_start(); $username = Misc::escape_text($_POST['username']); $password = Misc::escape_text($_POST['password']); if (Adapter::row_count(Adapter::secure_query("SELECT * FROM cms_hk_users WHERE username = MD5(:username) AND password = MD5(:password)", [':username' => $username, ':password' => $password])) == 1) { $hash = md5(rand(10, 30 . '-ase-' . rand(40, 60) . '-ase-' . rand(80, 90))); Adapter::secure_query("UPDATE cms_hk_users SET hash = :hash WHERE username = MD5(:username)", [':hash' => $hash, ':username' => $username]); $row = Adapter::fetch_array(Adapter::secure_query("SELECT rank FROM cms_hk_users WHERE username = MD5(:username)", [':username' => $username])); $arr = ['username' => $username, 'hash' => $hash, 'rank' => $row['rank']]; $_SESSION['hobbanet'] = serialize($arr); header("Location: /theallseeingeye/web/index"); return; } else { session_destroy(); header("Location: /theallseeingeye/web/?fail"); return; } }
/** * function show * render and return content */ function show() { if (!INSTALLED) { $database_settings = ['host' => Misc::escape_text($_POST['host_name']), 'user' => Misc::escape_text($_POST['host_user']), 'pass' => Misc::escape_text($_POST['host_pass']), 'name' => Misc::escape_text($_POST['host_db']), 'port' => Misc::escape_text($_POST['host_port']), 'type' => 'mysql']; @Adapter::set_instance($database_settings); if (array_key_exists('server_ver', Adapter::fetch_array(Adapter::query("SELECT * FROM server_status")))) { if (strpos(file_get_contents(ROOT_PATH . "/api/Gogo.php"), '$database_settings = array') == false) { file_put_contents(ROOT_PATH . "/api/Gogo.php", "\n//database settings \n" . '$database_settings = ' . var_export($database_settings, true) . ';', FILE_APPEND); header("Location: /settings"); return; } } else { header("Location: /error?db"); return; } header("Location: /error?db"); return; } header("Location: /"); return; }
/** * function show * render and return content */ function show() { $count = 0; $inventory_purse = []; $region_id = $_GET['inventory']; foreach (Adapter::secure_query("SELECT * FROM cms_shop_inventory WHERE region = :id", [':id' => $region_id]) as $row_a) { $row_b = Adapter::fetch_object(Adapter::secure_query("SELECT * FROM cms_shop_payments_types WHERE id = :id LIMIT 1", [':id' => $row_a['payment_type']])); $payment_json[$count] = new JsonPayment($row_b->id, $row_b->name, $row_b->button, $row_b->image, 'online'); $inventory_purse[$count] = new JsonPurse($row_a['id'], $row_a['name'], $row_a['description'], $row_a['credits_amount'], $row_a['price'], [0 => $row_a['categories']], $row_a['icon'], $row_a['region'], $payment_json); $count++; } $row_c = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_shop_countries WHERE country_code = :id LIMIT 1", [':id' => $region_id])); $country_json = new JsonCountry($row_c['country_id'], $row_c['country_name'], $row_c['country_locale'], $row_c['country_code']); $inventory_object = new stdClass(); $inventory_object->country = $country_json; $inventory_object->paymentCategories = ['online']; $inventory_object->pricePoints = $inventory_purse; $inventory_object->doubleCredits = true; header('Content-type: application/json'); return json_encode($inventory_object); }
/** * function change mail * chgange the email * @param array $data * @param int $user_id * @return bool */ static function change_email($data = [], $user_id = 0) { if (self::change_password($data, $user_id, true, false) == true) { $query_two = Adapter::secure_query("SELECT * FROM users WHERE `mail` = :mail LIMIT 1", [':mail' => Misc::escape_text($data['newEmail'])]); if (Adapter::row_count($query_two) == 0) { $row_two = Adapter::fetch_array(Adapter::secure_query('SELECT * FROM users WHERE id = :userid', [':userid' => $user_id])); Mailer::send_change_email($row_two['mail'], $data['newEmail']); Adapter::secure_query("UPDATE cms_azure_id SET `mail` = :newmail WHERE `mail` = :oldmail", [':newmail' => Misc::escape_text($data['newEmail']), ':oldmail' => $row_two['mail']]); Adapter::secure_query("UPDATE users SET `mail` = :newmail WHERE `mail` = :oldmail", [':newmail' => Misc::escape_text($data['newEmail']), ':oldmail' => $row_two['mail']]); header('HTTP/1.1 204 No Content'); echo '{"email":"' . Misc::escape_text($data['newEmail']) . '"}'; return true; } } header('HTTP/1.1 400 Bad Request'); echo '{"error":"registration_email"}'; return false; }
/** * function user_create_instance * create instance and get data of a user * @param $user_id * @param bool $return * @return User */ static function user_create_instance($user_id, $return = false) { // get user_data $row = is_numeric($user_id) ? Adapter::fetch_object(Adapter::secure_query("SELECT * FROM users WHERE id = :userid LIMIT 1", [':userid' => $user_id])) : Adapter::fetch_object(Adapter::secure_query("SELECT * FROM users WHERE username = :userid LIMIT 1", [':userid' => $user_id])); $verified = Adapter::fetch_array(Adapter::secure_query('SELECT verified FROM cms_users_verification WHERE user_id = :userid', [':userid' => $row->id])); $new_verify = $verified['verified']; if ($new_verify != 'false' && $new_verify != 'true') { Mailer::send_nux_mail($row->mail); $new_verify = 'false'; } $is_admin = $row->rank >= 7 ? true : false; $pref = new JsonPreferences(true, $row->hide_online, $row->hide_inroom, $row->block_newfriends); $user_preferences = json_decode($pref->get_json()); $count = 0; $badge = []; foreach (Adapter::secure_query("SELECT * FROM users_badges WHERE user_id = :userid", [':userid' => $row->id]) as $row_a) { $f = new JsonBadge($row_a['badge_id'], $row_a['badge_id'], $row_a['badge_id']); $badge[$count] = json_decode($f->get_json()); if (!empty($badge[$count])) { $count++; } else { unset($badge[$count]); } } $count = 0; $badge_used = []; foreach (Adapter::secure_query("SELECT * FROM users_badges WHERE user_id = :userid AND badge_slot != 0", [':userid' => $row->id]) as $row_a) { $f = new JsonUsedBadge($row_a['badge_slot'], $row_a['badge_id'], $row_a['badge_id'], $row_a['badge_id']); $badge_used[$count] = json_decode($f->get_json()); if (!empty($badge_used[$count])) { $count++; } else { unset($badge_used[$count]); } } $count = 0; $user_friends = []; foreach (Adapter::secure_query("SELECT user_two_id FROM messenger_friendships WHERE user_one_id = :userid", [':userid' => $row->id]) as $row_a) { $row_b = Adapter::fetch_object(Adapter::secure_query("SELECT username,motto,id,look FROM users WHERE id = :userid LIMIT 1", [':userid' => $row_a['user_two_id']])); $f = new JsonFriend($row_b->username, $row_b->motto, $row_b->id, $row_b->look); $user_friends[$count] = json_decode($f->get_json()); if (!empty($user_friends[$count])) { $count++; } else { unset($user_friends[$count]); } } $count = 0; $user_rooms = []; foreach (Adapter::secure_query("SELECT * FROM rooms_data WHERE owner = :userid", [':userid' => $row->username]) as $row_a) { $f = new JsonRoom($row_a['id'], $row_a['caption'], $row_a['description'], $row->id); $user_rooms[$count] = json_decode($f->get_json()); if (!empty($user_rooms[$count])) { $count++; } else { unset($user_rooms[$count]); } } $count = 0; $user_groups = []; foreach (Adapter::secure_query("SELECT * FROM groups_members WHERE user_id = :userid", [':userid' => $row->username]) as $row_a) { $row_b = Adapter::fetch_object(Adapter::secure_query("SELECT * FROM groups_data WHERE id = :userid LIMIT 1", [':userid' => $row_a['group_id']])); $f = new JsonGroup($row_a['group_id'], $row_b->name, $row_b->desc, 'NORMAL', $row_b->badge, $row_b->room_id, $row_b->colour1, $row_b->colour2, false); $user_groups[$count] = json_decode($f->get_json()); if (!empty($user_groups[$count])) { $count++; } else { unset($user_groups[$count]); } } $user_json = new JsonUser($row->id, $row->username, $row->mail, $row->gender, $row->motto, $row->look, $badge_used, date('Y-m-d', $row->account_created) . 'T' . date('H:i:s', $row->account_created) . '.000+0000', $new_verify); self::$user_instance = new User($user_id, $row->username, $row->mail, $row->gender, $row->motto, $row->credits, $row->activity_points, "127.0.0.1", "Default", $row->look, $is_admin, $row->builders_expire, $badge, $user_friends, $user_rooms, $badge_used, $user_groups, $user_json, $user_preferences, $new_verify, $row->novato); if ($return) { return self::$user_instance; } $_SESSION['user_data'] = serialize(self::$user_instance); return null; }