Exemplo n.º 1
0
 public function remove($accountId, $accessToken)
 {
     $accountId = helper::clearInt($accountId);
     $accessToken = helper::clearText($accessToken);
     $accessToken = helper::escapeText($accessToken);
     $currentTime = time();
     //current time
     $stmt = $this->db->prepare("UPDATE access_data SET removeAt = (:removeAt) WHERE accountId = (:accountId) AND accessToken = (:accessToken)");
     $stmt->bindParam(":accountId", $accountId, PDO::PARAM_INT);
     $stmt->bindParam(":accessToken", $accessToken, PDO::PARAM_STR);
     $stmt->bindParam(":removeAt", $currentTime, PDO::PARAM_INT);
     if ($stmt->execute()) {
         return true;
     }
     return false;
 }
Exemplo n.º 2
0
 public function signin($username, $password)
 {
     $access_data = array('error' => true);
     $username = helper::clearText($username);
     $password = helper::clearText($password);
     $stmt = $this->db->prepare("SELECT salt FROM users WHERE login = (:username) LIMIT 1");
     $stmt->bindParam(":username", $username, PDO::PARAM_STR);
     $stmt->execute();
     if ($stmt->rowCount() > 0) {
         $row = $stmt->fetch();
         $passw_hash = md5(md5($password) . $row['salt']);
         $stmt2 = $this->db->prepare("SELECT id, state FROM users WHERE login = (:username) AND passw = (:password) LIMIT 1");
         $stmt2->bindParam(":username", $username, PDO::PARAM_STR);
         $stmt2->bindParam(":password", $passw_hash, PDO::PARAM_STR);
         $stmt2->execute();
         if ($stmt2->rowCount() > 0) {
             $row2 = $stmt2->fetch();
             $access_data = array("error" => false, "error_code" => ERROR_SUCCESS, "accountId" => $row2['id']);
         }
     }
     return $access_data;
 }
 *
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $accountId = isset($_POST['accountId']) ? $_POST['accountId'] : 0;
    $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
    $lat = isset($_POST['lat']) ? $_POST['lat'] : '';
    $lng = isset($_POST['lng']) ? $_POST['lng'] : '';
    $lat = helper::clearText($lat);
    $lat = helper::escapeText($lat);
    $lng = helper::clearText($lng);
    $lng = helper::escapeText($lng);
    $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $auth = new auth($dbo);
    if (!$auth->authorize($accountId, $accessToken)) {
        api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
    }
    $result = array("error" => false, "error_code" => ERROR_SUCCESS);
    $geo = new geo($dbo);
    $info = $geo->info(helper::ip_addr());
    $account = new account($dbo, $accountId);
    if (strlen($lat) > 0 && strlen($lng) > 0) {
        $result = $account->setGeoLocation($lat, $lng);
    } else {
        if ($info['geoplugin_status'] == 206) {
            $result = $account->setGeoLocation($info['geoplugin_latitude'], $info['geoplugin_longitude']);
Exemplo n.º 4
0
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
if (!admin::isSession()) {
    header("Location: /admin/login.php");
}
if (!empty($_POST)) {
    $authToken = isset($_POST['authenticity_token']) ? $_POST['authenticity_token'] : '';
    $current_passw = isset($_POST['current_passw']) ? $_POST['current_passw'] : '';
    $new_passw = isset($_POST['new_passw']) ? $_POST['new_passw'] : '';
    $current_passw = helper::clearText($current_passw);
    $current_passw = helper::escapeText($current_passw);
    $new_passw = helper::clearText($new_passw);
    $new_passw = helper::escapeText($new_passw);
    if ($authToken === helper::getAuthenticityToken() && !APP_DEMO) {
        $admin = new admin($dbo);
        $admin->setId(admin::getCurrentAdminId());
        $result = $admin->setPassword($current_passw, $new_passw);
        if ($result['error'] === false) {
            header("Location: /admin/settings.php/?result=success");
            exit;
        } else {
            header("Location: /admin/settings.php/?result=error");
            exit;
        }
    }
    header("Location: /admin/settings.php");
    exit;
Exemplo n.º 5
0
 public function isLoginExists($username)
 {
     if (file_exists("../html/page." . $username . ".inc.php")) {
         return true;
     }
     $username = helper::clearText($username);
     $username = helper::escapeText($username);
     $stmt = $this->db->prepare("SELECT id FROM users WHERE login = (:username) LIMIT 1");
     $stmt->bindParam(":username", $username, PDO::PARAM_STR);
     if ($stmt->execute()) {
         if ($stmt->rowCount() > 0) {
             return true;
         }
     }
     return false;
 }
Exemplo n.º 6
0
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $clientId = isset($_POST['clientId']) ? $_POST['clientId'] : 0;
    $gcm_regId = isset($_POST['gcm_regId']) ? $_POST['gcm_regId'] : '';
    $username = isset($_POST['username']) ? $_POST['username'] : '';
    $password = isset($_POST['password']) ? $_POST['password'] : '';
    $clientId = helper::clearInt($clientId);
    $gcm_regId = helper::clearText($gcm_regId);
    $username = helper::clearText($username);
    $password = helper::clearText($password);
    $gcm_regId = helper::escapeText($gcm_regId);
    $username = helper::escapeText($username);
    $password = helper::escapeText($password);
    if ($clientId != CLIENT_ID) {
        api::printError(ERROR_UNKNOWN, "Error client Id.");
    }
    $access_data = array();
    $account = new account($dbo);
    $access_data = $account->signin($username, $password);
    unset($account);
    if ($access_data["error"] === false) {
        $auth = new auth($dbo);
        $access_data = $auth->create($access_data['accountId'], $clientId);
        if ($access_data['error'] === false) {
            $account = new account($dbo, $access_data['accountId']);
Exemplo n.º 7
0
$user_password_repeat = '';
$error_token = false;
$error_username = false;
$error_fullname = false;
$error_password = false;
$error_password_repeat = false;
if (!empty($_POST)) {
    $error = false;
    $user_username = isset($_POST['user_username']) ? $_POST['user_username'] : '';
    $user_password = isset($_POST['user_password']) ? $_POST['user_password'] : '';
    $user_fullname = isset($_POST['user_fullname']) ? $_POST['user_fullname'] : '';
    $token = isset($_POST['authenticity_token']) ? $_POST['authenticity_token'] : '';
    $user_username = helper::clearText($user_username);
    $user_fullname = helper::clearText($user_fullname);
    $user_password = helper::clearText($user_password);
    $user_password_repeat = helper::clearText($user_password_repeat);
    $user_username = helper::escapeText($user_username);
    $user_fullname = helper::escapeText($user_fullname);
    $user_password = helper::escapeText($user_password);
    $user_password_repeat = helper::escapeText($user_password_repeat);
    if (auth::getAuthenticityToken() !== $token) {
        $error = true;
        $error_token = true;
        $error_message[] = 'Error!';
    }
    if (!helper::isCorrectLogin($user_username)) {
        $error = true;
        $error_username = true;
        $error_message[] = 'Incorrect username.';
    }
    if (!helper::isCorrectPassword($user_password)) {
Exemplo n.º 8
0
 $user_year = isset($_POST['year']) ? $_POST['year'] : 0;
 $user_month = isset($_POST['month']) ? $_POST['month'] : 0;
 $user_day = isset($_POST['day']) ? $_POST['day'] : 0;
 $language = isset($_POST['language']) ? $_POST['language'] : '';
 $clientId = helper::clearInt($clientId);
 $user_sex = helper::clearInt($user_sex);
 $user_year = helper::clearInt($user_year);
 $user_month = helper::clearInt($user_month);
 $user_day = helper::clearInt($user_day);
 $facebookId = helper::clearText($facebookId);
 $gcm_regId = helper::clearText($gcm_regId);
 $username = helper::clearText($username);
 $fullname = helper::clearText($fullname);
 $password = helper::clearText($password);
 $email = helper::clearText($email);
 $language = helper::clearText($language);
 $facebookId = helper::escapeText($facebookId);
 $gcm_regId = helper::escapeText($gcm_regId);
 $username = helper::escapeText($username);
 $fullname = helper::escapeText($fullname);
 $password = helper::escapeText($password);
 $email = helper::escapeText($email);
 $language = helper::escapeText($language);
 if ($clientId != CLIENT_ID) {
     api::printError(ERROR_UNKNOWN, "Error client Id.");
 }
 $result = array("error" => true);
 $account = new account($dbo);
 $result = $account->signup($username, $fullname, $password, $email, $user_sex, $user_year, $user_month, $user_day);
 unset($account);
 if ($result['error'] === false) {
 * ifsoft.co.uk engine v1.0
 *
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2015 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $clientId = isset($_POST['clientId']) ? $_POST['clientId'] : 0;
    $accountId = isset($_POST['accountId']) ? $_POST['accountId'] : '';
    $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
    $clientId = helper::clearInt($clientId);
    $accountId = helper::clearInt($accountId);
    $accessToken = helper::clearText($accessToken);
    $accessToken = helper::escapeText($accessToken);
    if ($clientId != CLIENT_ID) {
        api::printError(ERROR_UNKNOWN, "Error client Id.");
    }
    $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $auth = new auth($dbo);
    if (!$auth->authorize($accountId, $accessToken)) {
        api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
    }
    $account = new account($dbo, $accountId);
    $account->setFacebookId("");
    $result = array("error" => false, "error_code" => ERROR_SUCCESS);
    echo json_encode($result);
    exit;
}
 $personalPriority = helper::clearInt($personalPriority);
 $importantInOthers = helper::clearInt($importantInOthers);
 $smokingViews = helper::clearInt($smokingViews);
 $alcoholViews = helper::clearInt($alcoholViews);
 $lookingViews = helper::clearInt($lookingViews);
 $interestedViews = helper::clearInt($interestedViews);
 $accountId = helper::clearInt($accountId);
 $fullname = helper::clearText($fullname);
 $fullname = helper::escapeText($fullname);
 $location = helper::clearText($location);
 $location = helper::escapeText($location);
 $facebookPage = helper::clearText($facebookPage);
 $facebookPage = helper::escapeText($facebookPage);
 $instagramPage = helper::clearText($instagramPage);
 $instagramPage = helper::escapeText($instagramPage);
 $bio = helper::clearText($bio);
 $bio = preg_replace("/[\r\n]+/", " ", $bio);
 //replace all new lines to one new line
 $bio = preg_replace('/\\s+/', ' ', $bio);
 //replace all white spaces to one space
 $bio = helper::escapeText($bio);
 $sex = helper::clearInt($sex);
 $year = helper::clearInt($year);
 $month = helper::clearInt($month);
 $day = helper::clearInt($day);
 $auth = new auth($dbo);
 if (!$auth->authorize($accountId, $accessToken)) {
     api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
 }
 $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
 $account = new account($dbo, $accountId);
<?php

/*!
 * ifsoft.co.uk engine v1.0
 *
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $username = isset($_POST['username']) ? $_POST['username'] : '';
    $username = helper::clearText($username);
    $username = helper::escapeText($username);
    $result = array("error" => true);
    if (!$helper->isLoginExists($username)) {
        $result = array("error" => false);
    }
    echo json_encode($result);
    exit;
}
Exemplo n.º 12
0
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
if (!admin::isSession()) {
    header("Location: /admin/login.php");
}
$stats = new stats($dbo);
$gift = new gift($dbo);
$page_id = "gifts";
$error = false;
$error_message = '';
if (isset($_GET['action'])) {
    $action = isset($_GET['action']) ? $_GET['action'] : '';
    $id = isset($_GET['id']) ? $_GET['id'] : 0;
    $action = helper::clearText($action);
    $action = helper::escapeText($action);
    $id = helper::clearInt($id);
    if (!APP_DEMO) {
        switch ($action) {
            case 'remove':
                $gift->db_remove($id);
                header("Location: /admin/gifts.php");
                break;
            default:
                header("Location: /admin/gifts.php");
                break;
        }
    }
}
if (!empty($_POST)) {
Exemplo n.º 13
0
 * ifsoft.co.uk engine v1.0
 *
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
if (!admin::isSession()) {
    header("Location: /admin/login.php");
}
if (!empty($_POST)) {
    $authToken = isset($_POST['authenticity_token']) ? $_POST['authenticity_token'] : '';
    $message = isset($_POST['message']) ? $_POST['message'] : '';
    $type = isset($_POST['type']) ? $_POST['type'] : 1;
    $message = helper::clearText($message);
    $message = helper::escapeText($message);
    $type = helper::clearInt($type);
    if ($authToken === helper::getAuthenticityToken() && !APP_DEMO) {
        if (strlen($message) != 0) {
            $gcm = new gcm($dbo, 0);
            $gcm->setData($type, $message, 0);
            $gcm->forAll();
            $gcm->send();
        }
    }
    header("Location: /admin/gcm.php");
}
$stats = new stats($dbo);
$page_id = "gcm";
$error = false;
Exemplo n.º 14
0
 $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
 $profileId = isset($_POST['profileId']) ? $_POST['profileId'] : 0;
 $chatId = isset($_POST['chatId']) ? $_POST['chatId'] : 0;
 $messageText = isset($_POST['messageText']) ? $_POST['messageText'] : "";
 $messageImg = isset($_POST['messageImg']) ? $_POST['messageImg'] : "";
 $clientId = helper::clearInt($clientId);
 $accountId = helper::clearInt($accountId);
 $profileId = helper::clearInt($profileId);
 $chatId = helper::clearInt($chatId);
 $messageText = helper::clearText($messageText);
 $messageText = preg_replace("/[\r\n]+/", "<br>", $messageText);
 //replace all new lines to one new line
 $messageText = preg_replace('/\\s+/', ' ', $messageText);
 //replace all white spaces to one space
 $messageText = helper::escapeText($messageText);
 $messageImg = helper::clearText($messageImg);
 $messageImg = helper::escapeText($messageImg);
 $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
 $auth = new auth($dbo);
 if (!$auth->authorize($accountId, $accessToken)) {
     api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
 }
 $profile = new profile($dbo, $profileId);
 $profile->setRequestFrom($accountId);
 $profileInfo = $profile->get();
 if ($profileInfo['state'] != ACCOUNT_STATE_ENABLED) {
     echo json_encode($result);
     exit;
 }
 if ($profileInfo['allowMessages'] == 0 && $profileInfo['follower'] === false) {
     echo json_encode($result);
Exemplo n.º 15
0
if (!admin::isSession()) {
    header("Location: /admin/login.php");
}
$page_id = "support";
$error = false;
$error_message = '';
$query = '';
$result = array();
$result['id'] = 0;
$result['tickets'] = array();
$support = new support($dbo);
if (isset($_GET['act'])) {
    $act = isset($_GET['act']) ? $_GET['act'] : '';
    $ticketId = isset($_GET['ticketId']) ? $_GET['ticketId'] : 0;
    $token = isset($_GET['access_token']) ? $_GET['access_token'] : '';
    $ticketId = helper::clearText($ticketId);
    if (admin::getAccessToken() === $token && !APP_DEMO) {
        switch ($act) {
            case "delete":
                $support->removeTicket($ticketId);
                header("Location: /admin/support.php");
                break;
            default:
                header("Location: /admin/support.php");
        }
    }
    header("Location: /admin/support.php");
}
$result = $support->getTickets();
$css_files = array("admin.css");
$page_title = "Support";
Exemplo n.º 16
0
    $accessMode = isset($_POST['accessMode']) ? $_POST['accessMode'] : 0;
    $comment = isset($_POST['comment']) ? $_POST['comment'] : "";
    $originImgUrl = isset($_POST['originImgUrl']) ? $_POST['originImgUrl'] : "";
    $previewImgUrl = isset($_POST['previewImgUrl']) ? $_POST['previewImgUrl'] : "";
    $imgUrl = isset($_POST['imgUrl']) ? $_POST['imgUrl'] : "";
    $clientId = helper::clearInt($clientId);
    $accountId = helper::clearInt($accountId);
    $accessMode = helper::clearInt($accessMode);
    $comment = helper::clearText($comment);
    $comment = preg_replace("/[\r\n]+/", "<br>", $comment);
    //replace all new lines to one new line
    $comment = preg_replace('/\\s+/', ' ', $comment);
    //replace all white spaces to one space
    $comment = helper::escapeText($comment);
    $originImgUrl = helper::clearText($originImgUrl);
    $originImgUrl = helper::escapeText($originImgUrl);
    $previewImgUrl = helper::clearText($previewImgUrl);
    $previewImgUrl = helper::escapeText($previewImgUrl);
    $imgUrl = helper::clearText($imgUrl);
    $imgUrl = helper::escapeText($imgUrl);
    $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $auth = new auth($dbo);
    if (!$auth->authorize($accountId, $accessToken)) {
        api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
    }
    $photos = new photos($dbo);
    $photos->setRequestFrom($accountId);
    $result = $photos->add($accessMode, $comment, $originImgUrl, $previewImgUrl, $imgUrl);
    echo json_encode($result);
    exit;
}
<?php

/*!
 * ifsoft.co.uk engine v1.0
 *
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2015 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $accountId = isset($_POST['accountId']) ? $_POST['accountId'] : '';
    $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
    $currentPassword = isset($_POST['currentPassword']) ? $_POST['currentPassword'] : '';
    $currentPassword = helper::clearText($currentPassword);
    $currentPassword = helper::escapeText($currentPassword);
    $auth = new auth($dbo);
    if (!$auth->authorize($accountId, $accessToken)) {
        api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
    }
    $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $account = new account($dbo, $accountId);
    $result = $account->deactivation($currentPassword);
    echo json_encode($result);
    exit;
}
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $clientId = isset($_POST['clientId']) ? $_POST['clientId'] : 0;
    $accountId = isset($_POST['accountId']) ? $_POST['accountId'] : 0;
    $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
    $email = isset($_POST['email']) ? $_POST['email'] : "";
    $subject = isset($_POST['subject']) ? $_POST['subject'] : "";
    $detail = isset($_POST['detail']) ? $_POST['detail'] : "";
    $clientId = helper::clearInt($clientId);
    $accountId = helper::clearInt($accountId);
    $email = helper::clearText($email);
    $email = helper::escapeText($email);
    $subject = helper::clearText($subject);
    $subject = helper::escapeText($subject);
    $detail = helper::clearText($detail);
    $detail = helper::escapeText($detail);
    $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $auth = new auth($dbo);
    if (!$auth->authorize($accountId, $accessToken)) {
        api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
    }
    $support = new support($dbo);
    $support->setRequestFrom($accountId);
    $result = $support->createTicket($accountId, $email, $subject, $detail, $clientId);
    echo json_encode($result);
    exit;
}
Exemplo n.º 19
0
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
if (!admin::isSession()) {
    header("Location: /admin/login.php");
}
$page_id = "search";
$error = false;
$error_message = '';
$query = '';
$result = array();
$result['users'] = array();
$stats = new stats($dbo);
$settings = new settings($dbo);
$admin = new admin($dbo);
if (isset($_GET['query'])) {
    $query = isset($_GET['query']) ? $_GET['query'] : '';
    $query = helper::clearText($query);
    $query = helper::escapeText($query);
    if (strlen($query) > 2) {
        $result = $stats->searchAccounts(0, $query);
    }
}
helper::newAuthenticityToken();
$css_files = array("admin.css");
$page_title = "Users";
include_once $_SERVER['DOCUMENT_ROOT'] . "/common/header.inc.php";
?>

<body class="bg_gray">

    <div id="page_wrap">
 *
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $clientId = isset($_POST['clientId']) ? $_POST['clientId'] : 0;
    $gcm_regId = isset($_POST['gcm_regId']) ? $_POST['gcm_regId'] : '';
    $facebookId = isset($_POST['facebookId']) ? $_POST['facebookId'] : '';
    $clientId = helper::clearInt($clientId);
    $gcm_regId = helper::clearText($gcm_regId);
    $gcm_regId = helper::escapeText($gcm_regId);
    $facebookId = helper::clearText($facebookId);
    $facebookId = helper::escapeText($facebookId);
    $access_data = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $helper = new helper($dbo);
    $accountId = $helper->getUserIdByFacebook($facebookId);
    if ($accountId != 0) {
        $auth = new auth($dbo);
        $access_data = $auth->create($accountId, $clientId);
        if ($access_data['error'] === false) {
            $account = new account($dbo, $accountId);
            $account->setState(ACCOUNT_STATE_ENABLED);
            $account->setLastActive();
            $access_data['account'] = array();
            array_push($access_data['account'], $account->get());
            if (strlen($gcm_regId) != 0) {
                $account->setGCM_regId($gcm_regId);
Exemplo n.º 21
0
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
if (admin::isSession()) {
    header("Location: /admin/main.php");
}
$page_id = "login";
$user_username = '';
$error = false;
$error_message = '';
if (!empty($_POST)) {
    $user_username = isset($_POST['user_username']) ? $_POST['user_username'] : '';
    $user_password = isset($_POST['user_password']) ? $_POST['user_password'] : '';
    $token = isset($_POST['authenticity_token']) ? $_POST['authenticity_token'] : '';
    $user_username = helper::clearText($user_username);
    $user_password = helper::clearText($user_password);
    $user_username = helper::escapeText($user_username);
    $user_password = helper::escapeText($user_password);
    if (helper::getAuthenticityToken() !== $token) {
        $error = true;
        $error_message = 'Error!';
    }
    if (!$error) {
        $access_data = array();
        $admin = new admin($dbo);
        $access_data = $admin->signin($user_username, $user_password);
        if ($access_data['error'] === false) {
            $clientId = 0;
            // Desktop version
            admin::createAccessToken();
            admin::setSession($access_data['accountId'], admin::getAccessToken());
Exemplo n.º 22
0
                 $balance = isset($_POST['balance']) ? $_POST['balance'] : 0;
                 $fb_page = isset($_POST['fb_page']) ? $_POST['fb_page'] : '';
                 $instagram_page = isset($_POST['instagram_page']) ? $_POST['instagram_page'] : '';
                 $email = isset($_POST['email']) ? $_POST['email'] : '';
                 $username = helper::clearText($username);
                 $username = helper::escapeText($username);
                 $fullname = helper::clearText($fullname);
                 $fullname = helper::escapeText($fullname);
                 $location = helper::clearText($location);
                 $location = helper::escapeText($location);
                 $balance = helper::clearInt($balance);
                 $fb_page = helper::clearText($fb_page);
                 $fb_page = helper::escapeText($fb_page);
                 $instagram_page = helper::clearText($instagram_page);
                 $instagram_page = helper::escapeText($instagram_page);
                 $email = helper::clearText($email);
                 $email = helper::escapeText($email);
                 if ($authToken === helper::getAuthenticityToken()) {
                     $account->setUsername($username);
                     $account->setFullname($fullname);
                     $account->setLocation($location);
                     $account->setBalance($balance);
                     $account->setFacebookPage($fb_page);
                     $account->setInstagramPage($instagram_page);
                     $account->setEmail($email);
                 }
             }
             header("Location: /admin/profile.php/?id=" . $accountInfo['id']);
             exit;
     }
 }
<?php

/*!
 * ifsoft.co.uk engine v1.0
 *
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2015 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $accountId = isset($_POST['accountId']) ? $_POST['accountId'] : 0;
    $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
    $gcm_regId = isset($_POST['gcm_regId']) ? $_POST['gcm_regId'] : '';
    $gcm_regId = helper::clearText($gcm_regId);
    $gcm_regId = helper::escapeText($gcm_regId);
    $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $auth = new auth($dbo);
    if (!$auth->authorize($accountId, $accessToken)) {
        api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
    }
    $account = new account($dbo, $accountId);
    $result = $account->setGCM_regId($gcm_regId);
    echo json_encode($result);
    exit;
}
<?php

/*!
 * ifsoft.co.uk engine v1.0
 *
 * http://ifsoft.com.ua, http://ifsoft.co.uk
 * qascript@ifsoft.co.uk
 *
 * Copyright 2012-2016 Demyanchuk Dmitry (https://vk.com/dmitry.demyanchuk)
 */
include_once $_SERVER['DOCUMENT_ROOT'] . "/core/init.inc.php";
include_once $_SERVER['DOCUMENT_ROOT'] . "/config/api.inc.php";
if (!empty($_POST)) {
    $accountId = isset($_POST['accountId']) ? $_POST['accountId'] : '';
    $accessToken = isset($_POST['accessToken']) ? $_POST['accessToken'] : '';
    $currentPassword = isset($_POST['currentPassword']) ? $_POST['currentPassword'] : '';
    $newPassword = isset($_POST['newPassword']) ? $_POST['newPassword'] : '';
    $currentPassword = helper::clearText($currentPassword);
    $currentPassword = helper::escapeText($currentPassword);
    $newPassword = helper::clearText($newPassword);
    $newPassword = helper::escapeText($newPassword);
    $auth = new auth($dbo);
    if (!$auth->authorize($accountId, $accessToken)) {
        api::printError(ERROR_ACCESS_TOKEN, "Error authorization.");
    }
    $result = array("error" => true, "error_code" => ERROR_UNKNOWN);
    $account = new account($dbo, $accountId);
    $result = $account->setPassword($currentPassword, $newPassword);
    echo json_encode($result);
    exit;
}