function checkLogin($username, $pass)
{
if ($pass == "" || $username == "") {
$pass = "******";
}
include_once "config.php";
include_once "login.php";
$mysqli = new mysqli($DB_HOSTlogin, $DB_USERlogin, $DB_PASSlogin, $DB_NAMElogin);
$mysqli->set_charset("utf8");
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
exit;
}
if ($pass != getHashed($username, $mysqli)) {
header('Location: http://minecore.cz/minecore-times/');
exit;
}
close($mysqli);
}
public function editUser($email, $pass, $user_id, $level)
{
$email = pg_escape_string($this->conn, $email);
$pass = pg_escape_string($this->conn, $pass);
$user_id = pg_escape_string($this->conn, $user_id);
$level = pg_escape_string($this->conn, $level);
$sql = "SELECT * FROM users WHERE email = '{$email}' AND _id != '{$user_id}' LIMIT 1";
$query = pg_query($this->conn, $sql) or die(pg_last_error($this->conn));
if (pg_num_rows($query) <= 0) {
if (strlen($pass) > 0 && strlen($level) > 0) {
$hash = getHashed($pass);
$sql = "UPDATE users SET email = '{$email}', pass = '******', level = '{$level}' WHERE _id = '{$user_id}'";
} elseif (strlen($pass) > 0) {
$hash = getHashed($pass);
$sql = "UPDATE users SET email = '{$email}', pass = '******' WHERE _id = '{$user_id}'";
} elseif (strlen($level) > 0) {
$sql = "UPDATE users SET email = '{$email}', level = '{$level}' WHERE _id = '{$user_id}'";
} else {
$sql = "UPDATE users SET email = '{$email}' WHERE _id = '{$user_id}'";
}
$query = pg_query($this->conn, $sql);
if ($query) {
json_return(200, "User Update Succeeded", NULL);
} else {
json_return(400, "Something Went Wrong", NULL);
}
} else {
json_return(400, "User Already Exists", NULL);
}
}
public function editUser($email, $pass, $user_id, $level)
{
$email = mysqli_real_escape_string($this->conn, $email);
$pass = mysqli_real_escape_string($this->conn, $pass);
$user_id = mysqli_real_escape_string($this->conn, $user_id);
$level = mysqli_real_escape_string($this->conn, $level);
$sql = "SELECT * FROM `users` WHERE `email` = '{$email}' AND `_id` != '{$user_id}' LIMIT 1";
$query = mysqli_query($this->conn, $sql) or die(mysqli_errno($this->conn));
if (mysqli_num_rows($query) <= 0) {
if (strlen($pass) > 0 && strlen($level) > 0) {
$hash = getHashed($pass);
$sql = "UPDATE `users` SET `email` = '{$email}', `pass` = '{$hash}', `level` = '{$level}' WHERE `_id` = '{$user_id}'";
} elseif (strlen($pass) > 0) {
$hash = getHashed($pass);
$sql = "UPDATE `users` SET `email` = '{$email}', `pass` = '{$hash}' WHERE `_id` = '{$user_id}'";
} elseif (strlen($level) > 0) {
$sql = "UPDATE `users` SET `email` = '{$email}', `level` = '{$level}' WHERE `_id` = '{$user_id}'";
} else {
$sql = "UPDATE `users` SET `email` = '{$email}' WHERE `_id` = '{$user_id}'";
}
$query = mysqli_query($this->conn, $sql);
if ($query) {
json_return(200, "User Update Succeeded", NULL);
} else {
json_return(400, "Something Went Wrong", NULL);
}
} else {
json_return(400, "User Already Exists", NULL);
}
}
function getAPIKey()
{
return getHashed(md5(uniqid(rand(), true)));
}
