public static function remove($type, $value)
 {
     global $db;
     if (blacklist::check($type, $value)) {
         $db->query('delete from blacklist where type="' . $type . '" and value="' . $value . '"');
         if ($db->affected_rows() > -1) {
             $status = 'done';
         } else {
             $status = 'error';
         }
     } else {
         $status = 'noEntry';
     }
     return $status;
 }
Example #2
0
 public function add()
 {
     global $db, $game;
     $user = new user();
     if ($user->get('name', $this->data['name']) == 'noUser') {
         if ($user->get('email', $this->data['email']) == 'noUser') {
             if (!blacklist::check('ip', $this->data['ip'])) {
                 if (!blacklist::check('email', $this->data['email'])) {
                     $ok = 1;
                     $this->data['id'] = misc::newId('users');
                     $db->query('insert into users (id, name, password, email, level, joined, lastVisit, ip, template, locale) values ("' . $this->data['id'] . '", "' . $this->data['name'] . '", "' . $this->data['password'] . '", "' . $this->data['email'] . '", "' . $this->data['level'] . '", "' . $this->data['joined'] . '", "' . $this->data['lastVisit'] . '", "' . $this->data['ip'] . '", "' . $this->data['template'] . '", "' . $this->data['locale'] . '")');
                     if ($db->affected_rows() == -1) {
                         $ok = 0;
                     }
                     $preferences = array();
                     foreach ($game['users']['preferences'] as $key => $preference) {
                         $preferences[] = '("' . $this->data['id'] . '", "' . $key . '", "' . $preference . '")';
                     }
                     $preferences = implode(', ', $preferences);
                     $db->query('insert into preferences (user, name, value) values ' . $preferences);
                     if ($db->affected_rows() == -1) {
                         $ok = 0;
                     }
                     if ($ok) {
                         $status = 'done';
                     } else {
                         $status = 'error';
                     }
                 } else {
                     $status = 'emailBanned';
                 }
             } else {
                 $status = 'ipBanned';
             }
         } else {
             $status = 'emailInUse';
         }
     } else {
         $status = 'nameTaken';
     }
     return $status;
 }
 public function send($giftId, $giftTo, $message, $giftAnonymous = 0)
 {
     $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
     if ($giftId == 0) {
         return $result;
     }
     $giftInfo = $this->db_info($giftId);
     if ($giftInfo['error'] === true) {
         return $result;
     }
     $currentTime = time();
     $stmt = $this->db->prepare("INSERT INTO gifts (giftId, giftTo, giftFrom, giftAnonymous, message, imgUrl, createAt) value (:giftId, :giftTo, :giftFrom, :giftAnonymous, :message, :imgUrl, :createAt)");
     $stmt->bindParam(":giftId", $giftId, PDO::PARAM_INT);
     $stmt->bindParam(":giftTo", $giftTo, PDO::PARAM_INT);
     $stmt->bindParam(":giftFrom", $this->requestFrom, PDO::PARAM_INT);
     $stmt->bindParam(":giftAnonymous", $giftAnonymous, PDO::PARAM_INT);
     $stmt->bindParam(":message", $message, PDO::PARAM_STR);
     $stmt->bindParam(":imgUrl", $giftInfo['imgUrl'], PDO::PARAM_STR);
     $stmt->bindParam(":createAt", $currentTime, PDO::PARAM_INT);
     if ($stmt->execute()) {
         $giftId = $this->db->lastInsertId();
         $result = array("error" => false, "error_code" => ERROR_SUCCESS, "giftId" => $this->db->lastInsertId(), "gift" => $this->info($this->db->lastInsertId()));
         $account = new account($this->db, $giftTo);
         $account->updateCounters();
         unset($account);
         if ($this->requestFrom != $giftTo) {
             $blacklist = new blacklist($this->db);
             $blacklist->setRequestFrom($giftTo);
             if (!$blacklist->isExists($this->requestFrom)) {
                 $account = new account($this->db, $giftTo);
                 if ($account->getAllowGiftsGCM() == ENABLE_GIFTS_GCM) {
                     $gcm = new gcm($this->db, $giftTo);
                     $gcm->setData(GCM_NOTIFY_GIFT, "You have new gift", 0);
                     $gcm->send();
                 }
                 unset($account);
                 $notify = new notify($this->db);
                 $notify->createNotify($giftTo, $this->requestFrom, NOTIFY_TYPE_GIFT, $giftId);
                 unset($notify);
             }
             unset($blacklist);
         }
     }
     return $result;
 }
Example #4
0
 function login($instance, $username, $password)
 {
     log_debug("user_auth", "Executing login({$instance}, {$username}, \$password)");
     /*
     	Make sure it's safe to allow users to login
     */
     $schema_version = sql_get_singlevalue("SELECT value FROM config WHERE name='SCHEMA_VERSION' LIMIT 1");
     if ($schema_version != $GLOBALS["config"]["schema_version"]) {
         log_write("error", "user_auth", "The application has been updated, but the database has not been upgraded to match. Login is disabled until this is resolved.");
         return -5;
     }
     /*
     	Run Authentication Process
     */
     // connect to correct database instance
     $return = $this->login_instance_init($instance);
     if ($return == "-2") {
         // instance has been disabled
         return -4;
     } elseif ($return != "1") {
         // invalid instance ID or unknown error
         return -3;
     }
     // verify IP against blacklist
     $obj_blacklist = new blacklist();
     if ($obj_blacklist->check_ip()) {
         // blacklisted user
         return -1;
     }
     // authenticate the user
     $userid = $this->login_authenticate($username, $password);
     if ($userid <= 0) {
         if ($userid == "-2") {
             // user is disabled and can not be authenticated
             return -2;
         } else {
             // invalid password or unknown failure occured
             $obj_blacklist->increment();
             return 0;
         }
     }
     // Create user authentication session
     if (!$this->session_init($userid, $username)) {
         // unknown failure occured
         $obj_blacklist->increment();
         return 0;
     }
     /*
     	If enabled, run the phone home feature now - this submits non-private
     	data to Amberdms to better understand the size and requirements of
     	our userbase.
     */
     $phone_home = new phone_home();
     if ($phone_home->check_enabled()) {
         if ($phone_home->check_phone_home_timer()) {
             // time to update
             $phone_home->stats_generate();
             $phone_home->stats_submit();
         }
     }
     /*
     	Login Successful!
     */
     return 1;
 }
 public function addFollower($follower_id)
 {
     $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
     $account = new account($this->db, $this->id);
     $account->setLastActive();
     unset($account);
     if ($this->is_friend_exists($follower_id)) {
         return $result;
     }
     if ($this->is_follower_exists($follower_id)) {
         $stmt = $this->db->prepare("DELETE FROM profile_followers WHERE follower = (:follower) AND follow_to = (:follow_to)");
         $stmt->bindParam(":follower", $follower_id, PDO::PARAM_INT);
         $stmt->bindParam(":follow_to", $this->id, PDO::PARAM_INT);
         $stmt->execute();
         $result = array("error" => false, "error_code" => ERROR_SUCCESS, "follow" => false, "followersCount" => 0);
         $notify = new notify($this->db);
         $notify->removeNotify($this->id, $follower_id, NOTIFY_TYPE_FOLLOWER, 0);
         unset($notify);
     } else {
         $create_at = time();
         $stmt = $this->db->prepare("INSERT INTO profile_followers (follower, follow_to, create_at) value (:follower, :follow_to, :create_at)");
         $stmt->bindParam(":follower", $follower_id, PDO::PARAM_INT);
         $stmt->bindParam(":follow_to", $this->id, PDO::PARAM_INT);
         $stmt->bindParam(":create_at", $create_at, PDO::PARAM_INT);
         $stmt->execute();
         $blacklist = new blacklist($this->db);
         $blacklist->setRequestFrom($this->id);
         if (!$blacklist->isExists($follower_id)) {
             $account = new account($this->db, $this->id);
             if ($account->getAllowFollowersGCM() == ENABLE_FOLLOWERS_GCM) {
                 $gcm = new gcm($this->db, $this->id);
                 $gcm->setData(GCM_NOTIFY_FOLLOWER, "You have new follower", 0);
                 $gcm->send();
             }
             unset($account);
             $notify = new notify($this->db);
             $notify->createNotify($this->id, $follower_id, NOTIFY_TYPE_FOLLOWER, 0);
             unset($notify);
         }
         unset($blacklist);
         $result = array("error" => false, "error_code" => ERROR_SUCCESS, "follow" => true, "followersCount" => 0);
     }
     return $result;
 }
/*!
 * ifsoft.co.uk engine v1.0
 *
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $accountId = isset($_POST['accountId']) ? $_POST['accountId'] : 0;
    $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
    $profileId = isset($_POST['profileId']) ? $_POST['profileId'] : 0;
    $profileId = helper::clearInt($profileId);
    $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $auth = new auth($dbo);
    if (!$auth->authorize($accountId, $accessToken)) {
        api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
    }
    $blacklist = new blacklist($dbo);
    $blacklist->setRequestFrom($profileId);
    if (!$blacklist->isExists($accountId)) {
        $profile = new profile($dbo, $profileId);
        $profile->setRequestFrom($accountId);
        $result = $profile->addFollower($accountId);
    }
    echo json_encode($result);
    exit;
}
 *
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $accountId = isset($_POST['accountId']) ? $_POST['accountId'] : 0;
    $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
    $profileId = isset($_POST['profileId']) ? $_POST['profileId'] : 0;
    $reason = isset($_POST['reason']) ? $_POST['reason'] : '';
    $accountId = helper::clearInt($accountId);
    $profileId = helper::clearInt($profileId);
    $reason = preg_replace("/[\r\n]+/", " ", $reason);
    //replace all new lines to one new line
    $reason = preg_replace('/\\s+/', ' ', $reason);
    //replace all white spaces to one space
    $reason = helper::escapeText($reason);
    $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $auth = new auth($dbo);
    if (!$auth->authorize($accountId, $accessToken)) {
        api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
    }
    $blacklist = new blacklist($dbo);
    $blacklist->setRequestFrom($accountId);
    $result = $blacklist->add($profileId, $reason);
    echo json_encode($result);
    exit;
}
<?php

/*!
 * ifsoft.co.uk engine v1.0
 *
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $accountId = isset($_POST['accountId']) ? $_POST['accountId'] : 0;
    $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
    $itemId = isset($_POST['itemId']) ? $_POST['itemId'] : 0;
    $itemId = helper::clearInt($itemId);
    $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $auth = new auth($dbo);
    if (!$auth->authorize($accountId, $accessToken)) {
        api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
    }
    $blacklist = new blacklist($dbo);
    $blacklist->setRequestFrom($accountId);
    $result = $blacklist->get($itemId);
    echo json_encode($result);
    exit;
}
Example #9
0
                        $message = $ui['wrongPassword'];
                    }
                } else {
                    $message = $ui['insufficientData'];
                }
                break;
        }
    }
    $flags = flags::get('id');
    $flagNames = '';
    $flagValues = array();
    foreach ($flags as $key => $flag) {
        $flagNames .= '<option value="' . $flag['name'] . '">' . $ui[$flag['name']] . '</option>';
        $flagValues[$key] = '"' . $flag['value'] . '"';
    }
    $blacklist = array('ip' => blacklist::get('ip'), 'email' => blacklist::get('email'));
    $temp = '';
    foreach ($blacklist['ip'] as $item) {
        $temp .= '<option value="' . $item['value'] . '">' . $item['value'] . '</option>';
    }
    $blacklist['ip'] = $temp;
    $temp = '';
    foreach ($blacklist['email'] as $item) {
        $temp .= '<option value="' . $item['value'] . '">' . $item['value'] . '</option>';
    }
    $blacklist['email'] = $temp;
} else {
    header('Location: logout.php');
}
if (isset($status) && $status == 'error') {
    $db->query('rollback');
<?php

/*!
 * ifsoft.co.uk engine v1.0
 *
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $accountId = isset($_POST['accountId']) ? $_POST['accountId'] : '';
    $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
    $profileId = isset($_POST['profileId']) ? $_POST['profileId'] : 0;
    $accountId = helper::clearInt($accountId);
    $profileId = helper::clearInt($profileId);
    $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $auth = new auth($dbo);
    if (!$auth->authorize($accountId, $accessToken)) {
        api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
    }
    $blacklist = new blacklist($dbo);
    $blacklist->setRequestFrom($accountId);
    $result = $blacklist->remove($profileId);
    echo json_encode($result);
    exit;
}