Example #1
0
<?php

function make_captcha($id)
{
    require 'kcaptcha/kcaptcha.php';
    $captcha = new KCAPTCHA();
    cache_set('taxi_captcha_' . $id, $captcha->getKeyString());
    die;
}
if ($id = intval($_GET['id']) and preg_match('/\\d{11,12}/', $_GET['id'])) {
    require 'inc/dbcm.php';
    if (cache_isset('taxi_captcha_' . $id)) {
        make_captcha($id);
    } else {
        if (fetch_user_by_id($id)) {
            make_captcha($id);
        } else {
            header('HTTP/1.0 404 Not Found');
        }
    }
} else {
    header('HTTP/1.0 400 Bad Request');
}
Example #2
0
<?php

global $DB, $RQ, $USER, $CONFIG;
require_once '../../../inc/bootstrap.inc';
if ($RQ['user']['id']) {
    if (check_user_id($RQ['user']['id'])) {
        if (!is_array(fetch_user_by_id($id = intval($RQ['user']['id'])))) {
            if (($len = mb_strlen($RQ['user']['nick'])) >= $CONFIG['LIMITS']['NICK_LENGTH']['MIN']) {
                if ($len <= $CONFIG['LIMITS']['NICK_LENGTH']['MAX']) {
                    if (!is_array(fetch_user_by_nick($RQ['user']['nick']))) {
                        if (preg_match('/[\\da-f]{40}/', $RQ['user']['password'])) {
                            if (!is_array($USER) or !$USER['flags']['super'] and !$USER['flags']['dispatcher']) {
                                require_once '../../../inc/challenge.inc.php';
                                challenge_first($CONFIG['REGISTER']['CHALLENGE']);
                            }
                            $user = array('id' => $id, 'nick' => $RQ['user']['nick'], 'password' => $RQ['user']['password'], 'fullname_published' => $RQ['user']['fullname_published'] ? true : false, 'email_published' => $RQ['user']['email_published'] ? true : false);
                            fill_if_nonempty($user, $RQ['user'], 'fullname');
                            fill_if_nonempty($user, $RQ['user'], 'email');
                            if ($CONFIG['REGISTER']['DEFAULT_BLOCKED']) {
                                $user['flags']['blocked'] = true;
                            }
                            if ($RQ['user']['flags'] and $USER['flags']['super']) {
                                $user['flags'] = $RQ['user']['flags'];
                            }
                            if (is_array($RQ['user']['car']) and car_model_exists($RQ['user']['car']['model']) and car_color_exists($RQ['user']['car']['model']) and check_car_number($RQ['user']['car']['number'])) {
                                $user['car'] = array('model' => $RQ['user']['car']['model'], 'color' => $RQ['user']['car']['color'], 'number' => $RQ['user']['car']['number']);
                                if ($RQ['user']['driving']) {
                                    $user['driving'] = true;
                                }
                            }
                            update_user($user);
Example #3
0
<?php

global $DB, $RQ, $USER;
function try_auth($id, $signature)
{
}
if (is_array($RQ = json_decode(file_get_contents('php://input'), true))) {
    $RQ['id'] = intval($RQ['id']);
    list(, $method) = explode('/', trim($_SERVER['REQUEST_URI'], '/'), 2);
    if ($RQ['id'] and preg_match('/\\d{11,12}/', $RQ['id'])) {
        require_once __DIR__ . '/config.inc.php';
        require_once __DIR__ . '/dbcm.inc.php';
        if (is_array($USER = fetch_user_by_id($RQ['id']))) {
            if ($USER['flags']['blocked']) {
                die('{ "err": 401, "errmsg": "bad_id_or_signature" }');
            }
            $t = gmmktime() / 10;
            $signed = false;
            $mup = $method . $USER['id'] . $USER['password'];
            for ($i = t + $CONFIG['API']['ALLOWED_CLOCK_SKEW'][0]; $i < t + $CONFIG['API']['ALLOWED_CLOCK_SKEW'][1]; $i++) {
                if (sha1($mup . $i) == $RQ['signature']) {
                    $signed = true;
                    break;
                }
            }
            if (!$signed) {
                die('{ "err": 401, "errmsg": "bad_id_or_signature" }');
            }
        } else {
            die('{ "err": 401, "errmsg": "bad_id_or_signature" }');
        }