/**
* function show
* render and return content
* @return string
*/
function show()
{
$count = 0;
$inventory_subscribe = [];
$region_id = Misc::escape_text($_GET['inventory']);
foreach (Adapter::secure_query("SELECT * FROM cms_shop_subscriptions WHERE region = :id", [':id' => $region_id]) as $row_a) {
$row_b = Adapter::fetch_object(Adapter::secure_query("SELECT * FROM cms_shop_payments_types WHERE id = :id LIMIT 1", [':id' => $row_a['payment_type']]));
$payment_json[$count] = new JsonPayment($row_b->id, $row_b->name, $row_b->button, $row_b->image, 'subscription');
$inventory_subscribe[$count] = new JsonSubscription($row_a['id'], $row_a['name'], $row_a['description'], $row_a['credits_amount'], $row_a['price'], $row_a['type'], $row_a['icon'], $payment_json);
$count++;
}
$count = 0;
$countries = [];
foreach (Adapter::query("SELECT * FROM cms_shop_countries") as $row_a) {
$countries[$count++] = new JsonCountry($row_a['country_id'], $row_a['country_name'], $row_a['country_locale'], $row_a['country_code']);
}
$row_c = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_shop_countries WHERE country_code = :id LIMIT 1", [':id' => $region_id]));
$country_json = new JsonCountry($row_c['country_id'], $row_c['country_name'], $row_c['country_locale'], $row_c['country_code']);
$subscriptions_object = new stdClass();
$subscriptions_object->selectedCountry = $country_json;
$subscriptions_object->countries = $countries;
$subscriptions_object->items = $inventory_subscribe;
header('Content-type: application/json');
return json_encode($subscriptions_object);
}
/**
* function show
* render and return content
*/
function show()
{
header('Content-type: application/json');
$data = json_decode(file_get_contents("php://input"), true);
$generated_user = User::generate_newbie_username(Misc::escape_text($data['email']));
User::register_user(['username' => $generated_user, 'password' => Misc::escape_text($data['password']), 'email' => Misc::escape_text($data['email'])]);
}
/**
* function show
* render and return content
*/
function show()
{
header('Content-type: application/json');
if (!isset($_SESSION['is_newbie'])) {
return null;
}
$code = 'NAME_IN_USE';
$validation_object = new stdClass();
$validation_object->validationResult = null;
$validation_object->suggestions = [];
if (isset($_GET['aname'])) {
$name = Misc::escape_text($_GET['aname']);
$user_id = Data::$user_instance->user_id;
if (strlen($name) >= 3 && strlen($name) <= 30 && preg_match('`[a-z]`', $name) && substr_count($name, ' ') == 0 && stripos($name, 'MOD_') === false) {
if (Adapter::row_count(Adapter::secure_query("SELECT username FROM users WHERE username = :username LIMIT 1", [':username' => $name])) == 0 || $name == Data::$user_instance->user_name) {
if (Data::$user_instance->is_newbie == 1) {
Adapter::secure_query("UPDATE users SET username = :username WHERE id = :userid", [':username' => $name, ':userid' => $user_id]);
Adapter::secure_query("UPDATE users SET novato = '2' WHERE id = :userid", [':userid' => $user_id]);
Data::user_create_instance($user_id);
$code = 'OK';
}
}
} else {
$validation_object->validationResult = new stdClass();
$validation_object->validationResult->resultType = 'VALIDATION_ERROR_ILLEGAL_WORDS';
$validation_object->validationResult->additionalInfo = 'MOD_';
$validation_object->validationResult->valid = false;
}
}
$validation_object->code = $code;
return json_encode($validation_object);
}
/**
* function show
* render and return content
*/
function show()
{
if (!isset($_SESSION['is_newbie'])) {
return null;
}
Adapter::secure_query("UPDATE users SET look = :look, gender = :gender WHERE id = :userid", [':look' => Misc::escape_text($_GET['afigure']), ':gender' => Misc::escape_text($_GET['agender']), ':userid' => Data::$user_instance->user_id]);
header('Content-type: application/json');
return '[' . Data::$user_instance->get_user_data(4) . ']';
}
/**
* function show
* render and return content
*/
function show()
{
if (!INSTALLED) {
Adapter::secure_query("INSERT INTO cms_hk_users (username,password,rank) VALUES (MD5(:user),MD5(:pass),6);", [':user' => Misc::escape_text($_POST['admin_user']), ':pass' => Misc::escape_text($_POST['admin_pass'])]);
header("Location: /finish");
return;
}
header("Location: /");
return;
}
/**
* function show
* render and return content
*/
function show()
{
$count = 0;
$photos = [];
$user_id = Misc::escape_text($_GET['user']);
foreach (Adapter::secure_query("SELECT * FROM cms_stories_photos WHERE type = 'PHOTO' AND user_id = :uid", [':uid' => $user_id]) as $row_a) {
$photos[$count++] = new JsonPhotos($row_a['id'], $row_a['user_id'], $row_a['image_preview_url'], $row_a['type'], $row_a['image_url'], $row_a['user_name'], $row_a['room_id'], $row_a['date'], $row_a['tags']);
}
header('Content-type: application/json');
return str_replace("\\/", "/", json_encode($photos));
}
/**
* function show
* render and return content
*/
function show()
{
$count = 0;
$channels_photos = [];
$channel = Misc::escape_text($_GET['channel']);
$channel_id = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_stories_channels WHERE url = :url", [':url' => $channel]));
foreach (Adapter::secure_query("SELECT * FROM cms_stories_channels_inventory WHERE channel_id = :id", [':id' => $channel_id['id']]) as $row_a) {
$channels_photos[$count++] = new JsonChannelsContent($row_a['id'], $row_a['image_url'], $row_a['user_id'], $row_a['user_name'], $row_a['date'], $row_a['type'], $row_a['tags'], $row_a['title']);
}
header('Content-type: application/json');
$channels = new JsonChannels($channel_id['id'], $channel_id['title'], $channel_id['description'], $channel_id['tag'], $channel_id['title_key'], $channel_id['image'], $channel_id['url'], $channels_photos);
return json_encode($channels);
}
/**
* function router_params
* get the inputted url and create a array to define the exactly requested controller
*/
function router_params()
{
// Header Statements
header('Cache-Control: no-cache');
header('Pragma: no-cache');
header("Access-Control-Allow-Origin: *");
// Check if some $_GET indexes is present.
$this->data = isset($_GET['data']) ? Misc::escape_text($_GET['data']) : $this->data;
$this->data = isset($_GET['name']) ? Misc::escape_text($_GET['name']) : $this->data;
$this->api = isset($_GET['api']) ? Misc::escape_text($_GET['api']) : $this->api;
// Our Request URL
$request_url = $_SERVER['REQUEST_URI'];
// Check if Exists some GET
if (strpos($request_url, '?') !== false) {
$request_url = strstr($request_url, '?', true);
}
// Explode the request_url to a Array
$request_url = explode('/', $request_url);
$script_name = explode('/', $_SERVER['SCRIPT_NAME']);
// Verify the Requested URL
for ($i = 0; $i < sizeof($script_name); $i++) {
if ($request_url[$i] == $script_name[$i]) {
unset($request_url[$i]);
}
}
$command = array_values($request_url);
// We will uniform the Requested URL
foreach ($command as $key => $value) {
if (strpos($value, '_') !== false) {
$l = explode('_', $value);
foreach ($l as $key2 => $value2) {
$l[$key2] = ucfirst($l[$key2]);
}
$l = str_replace('_', '', implode('_', $l));
$command[$key] = $l;
$l = null;
} elseif (strpos($value, '-') !== false) {
$l = explode('-', $value);
foreach ($l as $key2 => $value2) {
$l[$key2] = ucfirst($l[$key2]);
}
$l = str_replace('-', '', implode('-', $l));
$command[$key] = $l;
$l = null;
} else {
$command[$key] = ucfirst($command[$key]);
}
}
// Saving the Array
$this->cmd = $command;
}
/**
* function show
* render and return content
*/
function show()
{
$count = 0;
$photos = [];
$user_id = Misc::escape_text($_GET['user']);
foreach (Adapter::secure_query("SELECT * FROM cms_stories_photos WHERE type = 'SELFIE' AND user_id = :uid", [':uid' => $user_id]) as $row_a) {
$photos[$count++] = new JsonSelfies($row_a['id'], $row_a['user_id'], $row_a['image_preview_url'], $row_a['type'], $row_a['image_url'], $row_a['user_name'], $row_a['date'], $row_a['tags']);
}
foreach (Adapter::secure_query("SELECT * FROM cms_stories_channels_inventory WHERE user_id = :uid", [':uid' => $user_id]) as $row_a) {
$row_b = Adapter::fetch_array(Adapter::secure_query("SELECT * FROM cms_stories_channels WHERE id = :cid", [':cid' => $row_a['channel_id']]));
$photos[$count++] = new JsonChannelsContent($row_a['id'], $row_a['image_url'], $row_a['user_id'], $row_a['user_name'], $row_a['date'], $row_a['type'], $row_a['tags'], $row_a['title'], $row_b['url'], $row_b['title']);
}
header('Content-type: application/json');
return str_replace("\\/", "/", json_encode($photos));
}
/**
* function show
* render and return content
* @param string $user_name
* @return mixed|void
*/
function show($user_name = '')
{
header('Content-type: application/json');
$is_available = false;
if (isset($user_name)) {
$name = Misc::escape_text($user_name);
if (strlen($name) >= 3 && strlen($name) <= 30 && preg_match('`[a-z]`', $name) && substr_count($name, ' ') == 0 && stripos($name, 'MOD_') === false) {
if (Adapter::row_count(Adapter::secure_query("SELECT username FROM users WHERE username = :username LIMIT 1", [':username' => $name])) == 0 || $name == Data::$user_instance->user_name) {
$is_available = true;
}
}
}
$available_object = new stdClass();
$available_object->isAvailable = $is_available;
return json_encode($available_object);
}
/**
* function show
* render and return content
*/
function show()
{
header('Content-type: application/json');
header('HTTP/1.1 200 OK');
if (!isset($_SESSION['is_newbie'])) {
return;
}
if (Data::$user_instance->is_newbie == 0) {
return;
}
if (Data::$user_instance->is_newbie == 1) {
return;
}
$room_index = Misc::escape_text($_GET['aroomIndex']);
$user_id = Data::$user_instance->user_id;
$username = Data::$user_instance->user_name;
if ($room_index == 1) {
$floor = '610';
$wallpaper = '2403';
$landscape = '0.0';
} elseif ($room_index == 2) {
$floor = '307';
$wallpaper = '3104';
$landscape = '1.10';
} elseif ($room_index == 3) {
$floor = '409';
$wallpaper = '1902';
$landscape = '0.0';
}
if (Data::$user_instance->is_newbie == 2) {
Adapter::secure_query("INSERT INTO rooms_data\n (roomtype, caption, owner, description, category, state, users_max, model_name, wallpaper, floor, landscape) VALUES\n ('private', :caption, :username, :owner, '2', 'open', '25', 'model_h', :wallpaper, :floor, :landscape)", [':caption' => "Central {$username}", ':username' => $username, ':owner' => "Quarto de {$username}", ':wallpaper' => $wallpaper, ':floor' => $floor, ':landscape' => $landscape]);
$instance = Adapter::get_instance();
$room_id = $instance->lastInsertId();
Adapter::secure_query("UPDATE users SET home_room = :room WHERE id = :user", [':room' => $room_id, ':user' => $user_id]);
if ($room_index == 3) {
Adapter::query("INSERT INTO items_rooms VALUES\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3397', '3', '8', '7', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2946', '', '10', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2666', '3', '6', '7', '1.300', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2681', '3', '9', '7', '1.300', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3397', '3', '7', '7', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2675', '0', '5', '10', '0.000', '6', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3397', '3', '6', '7', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3397', '3', '9', '7', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2673', '1', '6', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3867', '', '7', '2', '1.000', '4', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2673', '1', '8', '10', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2677', '1', '4', '10', '0.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2673', '1', '8', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2673', '1', '6', '10', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2675', '0', '5', '9', '0.000', '6', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2672', '1', '4', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2677', '1', '4', '9', '0.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3901', '', '9', '3', '1.000', '6', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3901', '', '6', '3', '1.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '14066', '2', '0', '0', '0.000', '0', ':w=4,8 l=0,27 r', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '14386', '0', '0', '0', '0.000', '0', ':w=4,7 l=5,29 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '14071', '0', '0', '0', '0.000', '0', ':w=2,10 l=4,43 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '14072', '1', '0', '0', '0.000', '0', ':w=8,1 l=14,27 r', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '14383', '1', '0', '0', '0.000', '0', ':w=6,1 l=5,31 r', '0', '', '0', '0');");
} elseif ($room_index == 2) {
Adapter::query("INSERT INTO items_rooms VALUES\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2957', '2', '3', '10', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '9', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2853', '', '3', '9', '0.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3889', '1', '8', '2', '1.470', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3898', '1', '9', '8', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2487', '', '5', '11', '1.300', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3880', '0', '8', '8', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '4182', '2', '3', '9', '0.800', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2781', '', '4', '9', '0.000', '4', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2952', '0', '3', '10', '0.400', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '7', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3900', '0', '5', '4', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3302', '', '7', '3', '1.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2502', '0', '3', '10', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2952', '0', '3', '12', '0.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3870', '0', '9', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2955', '', '3', '11', '0.000', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '8', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '10', '4', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3880', '1', '10', '8', '0.000', '4', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3806', '', '5', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2957', '2', '3', '9', '0.400', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3870', '0', '8', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3880', '1', '8', '9', '0.000', '6', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3900', '0', '5', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '10', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '7', '4', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3870', '0', '9', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2955', '', '4', '9', '0.000', '4', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '7', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3312', '0', '8', '3', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '9', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2957', '0', '3', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '10', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3870', '0', '8', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '10', '3', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2781', '', '3', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2781', '', '3', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3315', '0', '8', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8029', '', '0', '0', '0.000', '0', ':w=4,8 l=7,31 r', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8262', '1', '0', '0', '0.000', '0', ':w=4,5 l=11,33 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8108', '1', '0', '0', '0.000', '0', ':w=7,1 l=9,31 r', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8108', '1', '0', '0', '0.000', '0', ':w=10,1 l=0,26 r', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8262', '1', '0', '0', '0.000', '0', ':w=4,3 l=5,37 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8096', '0', '0', '0', '0.000', '0', ':w=2,11 l=5,58 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8029', '', '0', '0', '0.000', '0', ':w=4,8 l=8,31 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8096', '0', '0', '0', '0.000', '0', ':w=2,10 l=10,56 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8108', '3', '0', '0', '0.000', '0', ':w=5,1 l=15,34 r', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8108', '3', '0', '0', '0.000', '0', ':w=9,1 l=0,26 r', '0', '', '0', '0');");
} elseif ($room_index == 1) {
Adapter::query("INSERT INTO items_rooms VALUES\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3893', '1', '8', '4', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '18', '', '10', '9', '0.000', '4', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '4636', '', '3', '10', '0.010', '2', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2169', '', '9', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2188', '', '7', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '4654', '', '3', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '18', '', '10', '12', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '4654', '', '5', '9', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3712', '', '9', '10', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3642', '1', '7', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '18', '', '9', '12', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3632', '4', '9', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '18', '', '9', '9', '0.000', '4', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '4654', '', '5', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '2228', '', '8', '5', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '3632', '4', '6', '2', '1.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '4654', '', '3', '11', '0.000', '0', '', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8364', '', '0', '0', '0.000', '0', ':w=2,10 l=1,34 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8021', '0', '0', '0', '0.000', '0', ':w=4,3 l=12,34 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8294', '0', '0', '0', '0.000', '0', ':w=2,10 l=2,34 l', '0', '', '0', '0'),\n\t\t\t\t\t\t\t\t(null, '{$user_id}', '{$room_id}', '8199', '1', '0', '0', '0.000', '0', ':w=4,8 l=0,45 r', '0', '', '0', '0');");
}
}
Adapter::secure_query("UPDATE users SET novato = '0' WHERE username = :username OR id = :userid", [':username' => $username, ':userid' => $user_id]);
Data::user_create_instance($user_id);
$_SESSION['is_newbie'] = false;
return null;
}
/**
* function show
* render and return content
*/
function show()
{
if (!INSTALLED) {
$hotel_settings = ['bench_enabled' => false, 'server_lang' => 'en', 'maintenance' => 0, 'smtp_server' => 'localhost', 'global_url' => Misc::escape_text($_POST['hotel_url']), 'hotel_name' => Misc::escape_text($_POST['hotel_name']), 'hotel_url' => '', 'client_newbie_name' => 'client_new/', 'badge_url' => Misc::escape_text($_POST['swf_url']) . 'c_images/album1584/', 'imaging_url' => Misc::escape_text($_POST['hotel_url']) . 'habbo-imaging', 'gallery_url' => Misc::escape_text($_POST['gallery_url']), 'swf_url' => Misc::escape_text($_POST['swf_url']), 'random_stuff' => 's' . rand(0, 9) . 'a' . rand(0, 9) . 'm' . rand(0, 100), 'client_name' => 'client/', 'comb_name' => '1.xml', 'emu_ip' => Misc::escape_text($_POST['emu_ip']), 'emu_port' => Misc::escape_text($_POST['emu_port']), 'swf_name' => Misc::escape_text($_POST['swf_file']), 'gordon_path' => Misc::escape_text($_POST['swf_gordon']), 'fb_appid' => Misc::escape_text($_POST['fb_id']), 'fb_secret' => '', 'fastfood_port' => '', 'fastfood_ip' => '', 'sonic_id' => '2abb40ad', 'fb_int_name' => 'habboen', 'fb_int_id' => '65d5e60e738877cb53bb5004edf6a8fc', 'twitter_on' => 'visible', 'twitter_name' => Misc::escape_text($_POST['twitter_name']), 'twitter_id' => Misc::escape_text($_POST['twitter_id']), 'pay_pal_url' => 'www.paypal.com/order/4535535/'];
$c = file_get_contents(ROOT_PATH . "/api/Gogo.php");
if (strpos($c, '$hotel_settings = array') == false) {
$d = '' . "\n" . '//hotel settings ' . "\n" . "\n" . '$hotel_settings = ' . var_export($hotel_settings, true) . ';' . "\n" . "\n" . "\n";
$c = '// define constants ' . "\n" . 'defined(\'ROOT_PATH\') || define(\'ROOT_PATH\', realpath(dirname(__FILE__) . \'/../\'));' . "\n" . 'defined(\'DATABASE_SETTINGS\') || define(\'DATABASE_SETTINGS\', serialize($database_settings));' . "\n" . 'defined(\'SYSTEM_SETTINGS\') || define(\'SYSTEM_SETTINGS\', serialize($hotel_settings));' . "\n" . 'defined(\'RESOURCE_CACHE\') || define(\'RESOURCE_CACHE\', false);' . "\n" . 'defined(\'LITE_RECOLOR_FUNCTION\') || define("LITE_RECOLOR_FUNCTION", false);' . "\n" . 'defined(\'IMAGER_RESOURCE\') || define("IMAGER_RESOURCE", ROOT_PATH . "/public/habbo-imaging/");' . "\n" . 'defined(\'PATH_RESOURCE\') || define("PATH_RESOURCE", IMAGER_RESOURCE . "BE/");' . "\n" . "\n" . '// auto load namespaces ' . "\n" . 'spl_autoload_register(function ($class) {' . "\n" . ' include_once(str_replace(\'\\\\\', \'/\', $class . \'.php\'));' . "\n" . '});' . "\n";
file_put_contents(ROOT_PATH . '/api/Gogo.php', $d, FILE_APPEND);
file_put_contents(ROOT_PATH . '/api/Gogo.php', $c, FILE_APPEND);
}
header("Location: /installation");
return;
}
header("Location: /");
return;
}
/**
* function show
* render and return content
*/
function show()
{
@session_start();
$username = Misc::escape_text($_POST['username']);
$password = Misc::escape_text($_POST['password']);
if (Adapter::row_count(Adapter::secure_query("SELECT * FROM cms_hk_users WHERE username = MD5(:username) AND password = MD5(:password)", [':username' => $username, ':password' => $password])) == 1) {
$hash = md5(rand(10, 30 . '-ase-' . rand(40, 60) . '-ase-' . rand(80, 90)));
Adapter::secure_query("UPDATE cms_hk_users SET hash = :hash WHERE username = MD5(:username)", [':hash' => $hash, ':username' => $username]);
$row = Adapter::fetch_array(Adapter::secure_query("SELECT rank FROM cms_hk_users WHERE username = MD5(:username)", [':username' => $username]));
$arr = ['username' => $username, 'hash' => $hash, 'rank' => $row['rank']];
$_SESSION['hobbanet'] = serialize($arr);
header("Location: /theallseeingeye/web/index");
return;
} else {
session_destroy();
header("Location: /theallseeingeye/web/?fail");
return;
}
}
/**
* function construct
* create a controller for notifications
*/
function __construct()
{
$this->input_figure = strtolower($_GET["figure"]);
$this->input_action = isset($_GET["action"]) ? strtolower($_GET["action"]) : 'std';
$this->input_direction = isset($_GET["direction"]) ? $_GET["direction"] : 4;
$this->input_head_direction = isset($_GET["head_direction"]) ? $_GET["head_direction"] : $this->input_direction;
$this->input_gesture = isset($_GET["gesture"]) ? strtolower($_GET["gesture"]) : 'std';
$this->input_size = isset($_GET["size"]) ? strtolower($_GET["size"]) : 'n';
$this->input_format = isset($_GET["img_format"]) ? strtolower($_GET["img_format"]) : 'png';
$this->input_frame = isset($_GET["frame"]) ? strtolower($_GET["frame"]) : '0';
$this->input_head_only = isset($_GET["headonly"]) ? $_GET["headonly"] : false;
if (isset($_GET['user'])) {
$figure = Adapter::fetch_array(Adapter::secure_query("SELECT look FROM users WHERE username = :username ", ['username' => Misc::escape_text($_GET['user'])]));
$this->input_figure = $figure['look'];
}
$this->input_action = explode(",", $this->input_action);
$this->input_format = $this->input_format == "gif" ? "gif" : "png";
$this->input_frame = explode(",", $this->input_frame);
}
/**
* function show
* render and return content
*/
function show()
{
if (!INSTALLED) {
$database_settings = ['host' => Misc::escape_text($_POST['host_name']), 'user' => Misc::escape_text($_POST['host_user']), 'pass' => Misc::escape_text($_POST['host_pass']), 'name' => Misc::escape_text($_POST['host_db']), 'port' => Misc::escape_text($_POST['host_port']), 'type' => 'mysql'];
@Adapter::set_instance($database_settings);
if (array_key_exists('server_ver', Adapter::fetch_array(Adapter::query("SELECT * FROM server_status")))) {
if (strpos(file_get_contents(ROOT_PATH . "/api/Gogo.php"), '$database_settings = array') == false) {
file_put_contents(ROOT_PATH . "/api/Gogo.php", "\n//database settings \n" . '$database_settings = ' . var_export($database_settings, true) . ';', FILE_APPEND);
header("Location: /settings");
return;
}
} else {
header("Location: /error?db");
return;
}
header("Location: /error?db");
return;
}
header("Location: /");
return;
}
/**
* function trace_routers
* some magic magic is magic
* keep on rising
* kidding, trace the content and request content.
* @return array
*/
function trace_routers()
{
header('Cache-Control: no-cache');
header('Pragma: no-cache');
header("Access-Control-Allow-Origin: *");
$request_url = explode('/', $_SERVER['REQUEST_URI']);
$scriptName = explode('/', $_SERVER['SCRIPT_NAME']);
for ($i = 0; $i < sizeof($scriptName); $i++) {
if ($request_url[$i] == $scriptName[$i]) {
unset($request_url[$i]);
}
}
$command = array_values($request_url);
switch ($command[0]) {
case 'theallseeingeye':
$f = isset($command[2]) && $command[2] != '' ? 'hk_' . Misc::escape_text($command[2]) : 'hk_index';
break;
default:
$f = isset($command[0]) && $command[0] != '' ? Misc::escape_text($command[0]) : 'index';
break;
}
if (strpos($command[sizeof($command) - 1], "?") !== false) {
$c = explode("?", $command[sizeof($command) - 1]);
$command[sizeof($command) - 1] = $c[0];
unset($c[0]);
$command[] = implode("&", $c);
}
unset($command[0]);
foreach ($command as $key => $value) {
if (is_numeric($key)) {
$last = $command[$key - 1];
if (isset($last) && $last != '') {
$_GET[$last] = urldecode($value);
$last = '';
}
}
}
return $f;
}
/**
* function insert_array
* inserts an query based of a array
* @param $table
* @param $data
* @param array $exclude
*/
static function insert_array($table, $data, $exclude = [])
{
$fields = $values = [];
if (!is_array($exclude)) {
$exclude = [$exclude];
}
foreach (array_keys($data) as $key) {
if (!in_array($key, $exclude)) {
$fields[] = "`{$key}`";
$values[] = "'" . Misc::escape_text($data[$key]) . "'";
}
}
$fields = implode(",", $fields);
$values = implode(",", $values);
self::query("INSERT INTO `{$table}` ({$fields}) VALUES ({$values})");
}
/**
* function show
* render and return content
*/
function show()
{
header('Content-type: application/json');
$data = json_decode(file_get_contents("php://input"), true);
User::user_login(Misc::escape_text($data['email']), Misc::escape_text($data['password']));
}
/**
* function __set
* store a value for a variable
* @param $name
* @param string $value
* @return mixed|void
*/
function __set($name, $value = '')
{
$this->{$name} = Misc::escape_text($value);
}
/**
* function show
* render and return content
* @param int $data
* @return null|string
*/
function show($data = 0)
{
return str_replace(['\\r', '\\n', '\\'], '', Data::compose_news(true, str_replace('.en', '', Misc::escape_text($data))));
}
/**
* function change mail
* chgange the email
* @param array $data
* @param int $user_id
* @return bool
*/
static function change_email($data = [], $user_id = 0)
{
if (self::change_password($data, $user_id, true, false) == true) {
$query_two = Adapter::secure_query("SELECT * FROM users WHERE `mail` = :mail LIMIT 1", [':mail' => Misc::escape_text($data['newEmail'])]);
if (Adapter::row_count($query_two) == 0) {
$row_two = Adapter::fetch_array(Adapter::secure_query('SELECT * FROM users WHERE id = :userid', [':userid' => $user_id]));
Mailer::send_change_email($row_two['mail'], $data['newEmail']);
Adapter::secure_query("UPDATE cms_azure_id SET `mail` = :newmail WHERE `mail` = :oldmail", [':newmail' => Misc::escape_text($data['newEmail']), ':oldmail' => $row_two['mail']]);
Adapter::secure_query("UPDATE users SET `mail` = :newmail WHERE `mail` = :oldmail", [':newmail' => Misc::escape_text($data['newEmail']), ':oldmail' => $row_two['mail']]);
header('HTTP/1.1 204 No Content');
echo '{"email":"' . Misc::escape_text($data['newEmail']) . '"}';
return true;
}
}
header('HTTP/1.1 400 Bad Request');
echo '{"error":"registration_email"}';
return false;
}