Example #1
0
<?php

require_once __DIR__ . '/../../inc/functions.ajax.php';
require_once __DIR__ . '/../../inc/functions.loginaccount.php';
CheckSupportedTypes('responses', 'list', 'blog', 'post', 'delete');
require_once __DIR__ . '/../../inc/classes/database.php';
require_once __DIR__ . '/../../inc/classes/statuses.php';
require_once __DIR__ . '/../../inc/avatar_faces.php';
require_once __DIR__ . '/../../inc/codebird.php';
if ($request_type == 'responses') {
    RetrieveInputGET('statusid');
    $statuses = new Statuses();
    $statuses->Load("s.reply_to = " . intval($P['statusid']), '10');
    // Buffer all results
    ob_start();
    foreach ($statuses->data as $status) {
        $status->PrintAsHTML();
    }
    $data = ob_get_clean();
    if ($data === false) {
        JSONDie('No data returned', 204);
    }
    JSONAnswer(array('result' => $data));
} elseif ($request_type == 'blog') {
    $statuses = new Statuses();
    $statuses->Load("s.blog = 1");
    // Buffer all results
    ob_start();
    foreach ($statuses->data as $status) {
        $status->PrintAsHTML('');
    }
Example #2
0
<?php

require_once __DIR__ . '/../../inc/functions.ajax.php';
CheckSupportedTypes('login', 'check_code');
require_once __DIR__ . '/../../inc/classes/database.php';
require_once __DIR__ . '/../../inc/functions.php';
require_once __DIR__ . '/../../inc/functions.datastorage.php';
if ($request_type == 'login') {
    RetrieveInputPOST('email', 'password');
    $addr = $__database->real_escape_string($_SERVER['REMOTE_ADDR']);
    $q = $__database->query("SELECT COUNT(*) FROM login_requests WHERE ip = '" . $addr . "' AND DATE_ADD(NOW(), INTERVAL 1 DAY) > NOW()");
    $row = $q->fetch_row();
    $amount = $row[0];
    $q->free();
    if ($amount > 10) {
        die('ERROR:Too many failed requests. Try again in a day');
    }
    $q = $__database->query("SELECT id, password, salt FROM accounts WHERE email = '" . $__database->real_escape_string($P['email']) . "'");
    if ($q->num_rows == 0) {
        $__database->query("INSERT INTO login_requests VALUES (NULL, '" . $addr . "', NOW(), 'login')");
        die('ERROR:Invalid username or password');
    }
    $row = $q->fetch_row();
    $encrypted = GetPasswordHash($P['password'], $row[2]);
    if ($encrypted != $row[1]) {
        $__database->query("INSERT INTO login_requests VALUES (NULL, '" . $addr . "', NOW(), 'login')");
        die('ERROR:Invalid username or password');
    }
    // Success! Now, lets get the cookie
    $query = $__database->query("\nSELECT \n\tat.`code`\nFROM \n\taccount_tokens at\nWHERE\n\tat.account_id = " . $row[0] . "\n\tAND\n\tat.type = 'client_token'\n\tAND \n\tat.till > NOW()\n");
    $code = '';
Example #3
0
<?php

header('Access-Control-Allow-Origin: *');
require_once __DIR__ . '/../../inc/functions.ajax.php';
require_once __DIR__ . '/../../inc/functions.loginaccount.php';
require_once __DIR__ . '/../../inc/classes/database.php';
require_once __DIR__ . '/../../inc/exp_table.php';
require_once __DIR__ . '/../../inc/job_list.php';
CheckSupportedTypes('visibility', 'statistics');
$_char_db = ConnectCharacterDatabase(CURRENT_LOCALE);
if ($request_type == 'visibility') {
    if (!$_loggedin) {
        JSONDie('Not loggedin');
    }
    RetrieveInputGET('name', 'what', 'shown');
    $internalid = IsOwnCharacter($P['name'], CURRENT_LOCALE);
    if ($internalid === false) {
        JSONDie('No.');
    }
    $q = $_char_db->query("\nINSERT INTO\n\tcharacter_options\nVALUES\n\t(\n\t\t" . $internalid . ",\n\t\t'display_" . $_char_db->real_escape_string($P['what']) . "',\n\t\t" . ($P['shown'] == 'false' ? 0 : 1) . "\n\t)\nON DUPLICATE KEY UPDATE\n\t`option_value` = VALUES(`option_value`)");
    if ($_char_db->affected_rows != 0) {
        JSONAnswer(array('result' => 'okay'));
    } else {
        JSONAnswer(array('result' => 'failure'));
    }
} elseif ($request_type == 'statistics') {
    RetrieveInputGET('name');
    $q = $_char_db->query("\nSELECT \n\tchr.name,\n\tw.world_name,\n\tchr.channel_id AS channel,\n\tchr.level,\n\tchr.job,\n\tchr.fame,\n\tchr.str,\n\tchr.dex,\n\tchr.int,\n\tchr.luk,\n\tchr.exp,\n\tchr.map,\n\tchr.honourlevel AS honorlevel,\n\tchr.honourexp AS honorexp,\n\tmesos,\n\tTIMESTAMPDIFF(SECOND, last_update, NOW()) AS `seconds_since`\nFROM\n\t`characters` chr\nLEFT JOIN \n\tworld_data w\n\tON\n\t\tw.world_id = chr.world_id\nWHERE \n\tchr.name = '" . $_char_db->real_escape_string($P['name']) . "'");
    if ($q->num_rows == 0) {
        JSONDie('Character not found', 404);
    }
Example #4
0
<?php

require_once __DIR__ . '/../../inc/functions.php';
require_once __DIR__ . '/../../inc/functions.ajax.php';
require_once __DIR__ . '/../../inc/classes/statuses.php';
require_once __DIR__ . '/../../inc/job_list.php';
CheckSupportedTypes('info');
if ($request_type == 'info') {
    $res = array();
    $res['time'] = (int) $__server_time;
    $_client_time = isset($_POST['client-time']) ? intval($_POST['client-time']) : time() - 10000;
    $res['loggedin'] = $_loggedin;
    $res['notifications'] = $_loggedin ? (int) GetNotification() : 0;
    if ($_loggedin) {
        $res['membername'] = $_loginaccount->GetUsername();
        $__database->query("UPDATE accounts SET last_login = NOW(), last_ip = '" . $_SERVER['REMOTE_ADDR'] . "' WHERE id = " . $_loginaccount->GetID());
        $statuscount = $__database->query("SELECT COUNT(*) FROM social_statuses WHERE account_id = " . $_loginaccount->GetID());
        $row = $statuscount->fetch_row();
        $res['memberstatuses'] = (int) $row[0];
    }
    $url = isset($_POST['url']) ? $_POST['url'] : null;
    $parsed_url = $url == null ? null : parse_url($url);
    $is_ok_url = $url != null && strpos($parsed_url['host'], $domain) !== false;
    // Check server status
    $res['server_status'] = GetMaplerServerInfo();
    $status_info = array();
    if (isset($_POST['shown-statuses'])) {
        // Check status info
        $correctids = array();
        foreach ($_POST['shown-statuses'] as $oriid) {
            $id = intval($oriid);
Example #5
0
<?php

require_once __DIR__ . '/../../inc/functions.ajax.php';
CheckSupportedTypes('description', 'name', 'nebuliteinfo', 'potentialinfo');
require_once __DIR__ . '/../../inc/classes/database.php';
require_once __DIR__ . '/../../inc/functions.php';
require_once __DIR__ . '/../../inc/functions.datastorage.php';
RetrieveInputGET('id');
if (!is_numeric($P['id'])) {
    JSONDie('Error');
}
$id = $P['id'];
if ($request_type == 'description') {
    $result = IGTextToWeb(GetMapleStoryString('item', $id, 'desc', CURRENT_LOCALE));
    JSONAnswer(array('result' => $result));
} elseif ($request_type == 'name') {
    $result = IGTextToWeb(GetMapleStoryString('item', $id, 'name', CURRENT_LOCALE));
    JSONAnswer(array('result' => $result));
} elseif ($request_type == 'nebuliteinfo') {
    $result = GetNebuliteInfo($id, CURRENT_LOCALE);
    JSONAnswer(array('result' => $result));
} elseif ($request_type == 'potentialinfo') {
    $result = GetPotentialInfo($id, CURRENT_LOCALE);
    JSONAnswer(array('result' => $result));
}