*/
require_once '../../common/user.php';
sendResponseCodeAndExitIfTrue(!isset($_SESSION['login_token']), 422);
//Check if session login token is set
$userToken = $_SESSION['login_token'];
unset($_SESSION['login_token']);
printAndExitIfTrue(clientLoggedIn(), 'You are already logged in.');
//Check if already logged in
sendResponseCodeAndExitIfTrue(!isset($_POST['user'], $_POST['pass'], $_POST['logintoken']), 400);
//Check if all expected POST vars are set
sendResponseCodeAndExitIfTrue(md5($userToken) !== $_POST['logintoken'], 422);
//Check if POST login token is correct
$tryUserName = $_POST['user'];
$tryUserPass = $_POST['pass'];
$mysqlConn = connectToDatabase();
$matchingUsers = getArrayFromSQLQuery($mysqlConn, 'SELECT userId, password, nick FROM users WHERE LOWER(nick) = LOWER(?) LIMIT 1', 's', [$tryUserName]);
printAndExitIfTrue(count($matchingUsers) != 1, 'Invalid username and/or password.');
//Check if there is one user matching attempted username
$user = $matchingUsers[0];
printAndExitIfTrue(crypt($tryUserPass, $user['password']) !== $user['password'], 'Invalid username and/or password.');
//Check if password is correct
$tokenSha1 = sha1($userToken);
executePreparedSQLQuery($mysqlConn, 'UPDATE users SET token = ? WHERE userId = ? LIMIT 1', 'ss', [$tokenSha1, $user['userId']]);
//Update user token in database
$mysqlConn->close();
$_SESSION['user_id'] = $user['userId'];
$_SESSION['user_nick'] = $user['nick'];
$_SESSION['user_token'] = $tokenSha1;
//Redirect to "my apps" list
$redirectUrl = 'http://' . $_SERVER['HTTP_HOST'] . '/secure/myapps/';
header('Location: ' . $redirectUrl);
$title = 'Hide App';
require_once '../../common/ucpheader.php';
if (isset($_GET['guid']) && isset($_SESSION['myapps_token' . $_GET['guid']])) {
$myappsToken = $_SESSION['myapps_token' . $_GET['guid']];
}
if (clientLoggedIn() && isset($_GET['guid'], $_GET['token'], $myappsToken) && md5($myappsToken) === $_GET['token']) {
$guidId = uniqid(mt_rand(), true);
$mysqlConn = connectToDatabase();
$matchingApps = getArrayFromSQLQuery($mysqlConn, 'SELECT guid, name, publishstate FROM apps
WHERE guid = ? AND publisher = ? LIMIT 1', 'ss', [$_GET['guid'], $_SESSION['user_id']]);
//Get app with user/GUID combination
$mysqlConn->close();
printAndExitIfTrue(count($matchingApps) != 1, 'Invalid app GUID.');
//Check if there is one app matching attempted GUID/user combination
$appToRemove = $matchingApps[0];
printAndExitIfTrue($appToRemove['publishstate'] === 2 || $appToRemove['publishstate'] === 3, 'This app is rejected or already hidden.');
$_SESSION['hide_app_guid' . $guidId] = $appToRemove['guid'];
$_SESSION['remove_token' . $appToRemove['guid']] = uniqid(mt_rand(), true);
?>
<h1 class="text-center"><?php
echo 'Hiding ' . $appToRemove['name'];
?>
</h1>
<br />
<form role="form" class="small-width" action="action.php" method="post" accept-charset="utf-8">
<label for="pass">Enter your password and an exclamation mark to confirm hiding the app:</label>
<input type="password" class="form-control no-bottom-border-radius" id="pass" name="pass" placeholder="Password" required>
<button type="submit" name="submit" class="btn btn-lg btn-danger btn-block no-top-border-radius">Hide</button>
<input type="hidden" name="removetoken" value="<?php
require_once '../../common/ucpheader.php';
require_once '../../common/user.php';
verifyGroup('Administrators');
if (isset($_SESSION['admin_users_token'])) {
$usersToken = $_SESSION['admin_users_token'];
}
sendResponseCodeAndExitIfTrue(!isset($_GET['nick'], $_GET['token']), 400);
sendResponseCodeAndExitIfTrue(!isset($usersToken) || md5($usersToken) !== $_GET['token'], 422);
$mysqlConn = connectToDatabase();
//Get list of all groups in the system
$availableGroups = getArrayFromSQLQuery($mysqlConn, 'SELECT groupId, name FROM groups ORDER BY name ASC');
//Get user data for requested name
$matchingUsers = getArrayFromSQLQuery($mysqlConn, 'SELECT userId, nick, email FROM users
WHERE nick = ? LIMIT 1', 's', [$_GET['nick']]);
//Verify that there is one user matching attempted nick
printAndExitIfTrue(count($matchingUsers) !== 1, 'Invalid user nick.');
$user = $matchingUsers[0];
//Get user groups
$assignedGroups = getGroupsForUser($mysqlConn, $user['userId'], false);
$allGroupsForUser = getGroupsForUser($mysqlConn, $user['userId'], true);
//Generate token for admin action
$_SESSION['admin_userview_token' . $user['userId']] = uniqid(mt_rand(), true);
//Print all user attributes
foreach ($user as $attributeName => $attributeValue) {
echo $attributeName . ': ' . $attributeValue . '<br />';
}
//Print user groups
echo '<br />Groups (excluding inherited): ' . implode(', ', $assignedGroups);
echo '<br />Groups (including inherited): ' . implode(', ', $allGroupsForUser);
?>
<br />
//get the banner for the current application
} else {
//get the current main banner
}
break;
case 'dmii':
if (count($param) > 1) {
$secondLevelRequest = $param[1];
switch ($secondLevelRequest) {
case 'version':
$mysqlConn = connectToDatabase();
$mysqlQuery = 'SELECT appver.number AS version FROM apps app
LEFT JOIN appversions appver ON appver.versionId = app.version
WHERE (app.publishstate = 1 OR app.publishstate = 4 OR app.publishstate = 5) AND app.guid = ? LIMIT 1';
$matchingApps = getArrayFromSQLQuery($mysqlConn, $mysqlQuery, 's', [getConfigValue('downloadmii_app_guid')]);
printAndExitIfTrue(count($matchingApps) !== 1, 'Invalid DownloadMii app GUID in config.');
header('Content-Length: ' . strlen($matchingApps[0]['version']));
print $matchingApps[0]['version'];
$mysqlConn->close();
break;
case 'data':
$mysqlConn = connectToDatabase();
$mysqlQuery = $baseAppQuery . ' AND app.guid = ? LIMIT 1';
$data = getJSONFromSQLQuery($mysqlConn, $mysqlQuery, 'DownloadMii', 's', [getConfigValue('downloadmii_app_guid')]);
header('Content-Length: ' . strlen($data));
print $data;
$mysqlConn->close();
break;
default:
echo 'Error: incorrect use of API!';
break;
printAndExitIfTrue(!preg_match('`^[a-zA-Z0-9_]{1,}$`', $_POST['user']), 'Invalid username.');
printAndExitIfTrue(mb_strlen($_POST['user']) < 3, 'Username is too short.');
printAndExitIfTrue(mb_strlen($_POST['user']) > 24, 'Username is too long.');
//Check passwords
printAndExitIfTrue($_POST['pass'] !== $_POST['pass2'], 'Passwords don\'t match.');
printAndExitIfTrue(mb_strlen($_POST['pass']) < 8, 'Password is too short.');
//Check e-mail
printAndExitIfTrue(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) || !checkdnsrr(substr($_POST['email'], strpos($_POST['email'], '@') + 1), 'MX'), 'Invalid email address.');
printAndExitIfTrue(mb_strlen($_POST['email']) > 255, 'E-mail is too long.');
//Check captcha
$reCaptcha = new ReCaptcha(getConfigValue('apikey_recaptcha_secret'));
$resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], $_POST["g-recaptcha-response"]);
printAndExitIfTrue($resp == null || !$resp->success, 'Invalid or no captcha response.');
$tryRegisterName = escapeHTMLChars($_POST['user']);
$tryRegisterPass = $_POST['pass'];
$tryRegisterEmail = escapeHTMLChars($_POST['email']);
$hashedTryRegisterPass = crypt($tryRegisterPass, '$2y$07$' . uniqid(mt_rand(), true));
$mysqlConn = connectToDatabase();
//Check if there are any users with the same nick or email
$matchingUsers = getArrayFromSQLQuery($mysqlConn, 'SELECT userId FROM users WHERE LOWER(nick) = LOWER(?) OR LOWER(email) = LOWER(?) LIMIT 1', 'ss', [$tryRegisterName, $tryRegisterEmail]);
printAndExitIfTrue(count($matchingUsers) != 0, 'User with this name and/or email already exists.');
//Insert user into database
$stmt = executePreparedSQLQuery($mysqlConn, 'INSERT INTO users (nick, password, email, token)
VALUES (?, ?, ?, ?)', 'ssss', [$tryRegisterName, $hashedTryRegisterPass, $tryRegisterEmail, sha1($registerToken)], true);
$userId = $stmt->insert_id;
$stmt->close();
//Insert user group connection
executePreparedSQLQuery($mysqlConn, 'INSERT INTO groupconnections (userId, groupId)
VALUES (?, 1)', 'i', [$userId]);
$mysqlConn->close();
print 'Register complete.';
/**
* Execute an SQL query with prepared statements
*
* @param mysqli $conn The MySQLi connection to execute the query on
* @param string $sql The SQL statement to be prepared
* @param string $bindParamTypes A string that contains one or more characters that specify the types of the corresponding bind variables (corresponds to $types in mysqli_stmt::bind_param)
* @param array $bindParamVarsArr An array of variables to bind to the SQL query (corresponds to $var1 in mysqli_stmt::bind_param, however an array here)
* @param bool $returnStmt If true, return the mysqli_stmt object for the prepared statement, otherwise close it and return null
* @return mixed If $returnStmt is true, the mysqli_stmt object for the prepared statement, otherwise null
*/
function executePreparedSQLQuery($conn, $sql, $bindParamTypes = null, $bindParamVarsArr = null, $returnStmt = false)
{
$stmt = $conn->prepare($sql);
printAndExitIfTrue(!$stmt, 'Error preparing database query.');
if (isset($bindParamTypes, $bindParamVarsArr) && !empty($bindParamTypes) && !empty($bindParamVarsArr)) {
$callUserArgs = $bindParamVarsArr;
array_unshift($callUserArgs, $bindParamTypes);
//Create references for call_user_func_array
$callUserArgsRefs = array();
foreach ($callUserArgs as $key => $value) {
$callUserArgsRefs[$key] =& $callUserArgs[$key];
}
call_user_func_array(array($stmt, 'bind_param'), $callUserArgsRefs);
//Safe SQL binding
}
printAndExitIfTrue(!$stmt->execute(), 'Error executing database query.');
//Perform query
if ($returnStmt) {
return $stmt;
} else {
$stmt->close();
return null;
}
}
}
sendResponseCodeAndExitIfTrue(!isset($_GET['guid'], $_GET['token']), 400);
sendResponseCodeAndExitIfTrue(!isset($appsToken) || md5($appsToken) !== $_GET['token'], 422);
$_SESSION['mod_appview_token' . $_GET['guid']] = uniqid(mt_rand(), true);
//Generate token for moderator action
$mysqlConn = connectToDatabase();
$matchingApps = getArrayFromSQLQuery($mysqlConn, 'SELECT app.*,
user.nick AS publisher, appver.number AS version, maincat.name AS category, subcat.name AS subcategory, appver.3dsx, appver.smdh, appver.appdata, appver.3dsx_md5, appver.smdh_md5, appver.appdata_md5, appver.largeIcon, group_concat(scr.url) AS screenshots FROM apps app
LEFT JOIN users user ON user.userId = app.publisher
LEFT JOIN appversions appver ON appver.versionId = (SELECT versionId FROM appversions WHERE appGuid = ? ORDER BY versionId DESC LIMIT 1)
LEFT JOIN categories maincat ON maincat.categoryId = app.category
LEFT JOIN categories subcat ON subcat.categoryId = app.subcategory
LEFT JOIN screenshots scr ON scr.appGuid = app.guid
WHERE app.guid = ? LIMIT 1', 'ss', [$_GET['guid'], $_GET['guid']]);
//Get app with requested GUID
printAndExitIfTrue(count($matchingApps) != 1, 'Invalid app GUID.');
//Check if there is one app matching attempted GUID
$currentApp = $matchingApps[0];
$screenshots = explode(',', $currentApp['screenshots']);
//Print all app attributes
foreach ($currentApp as $attributeName => $attributeValue) {
if ($attributeName == 'screenshots') {
for ($i = 0; $i < count($screenshots); $i++) {
echo $attributeName . ' (' . ($i + 1) . '): <a href="' . $screenshots[$i] . '">' . $screenshots[$i] . '</a><br />';
}
} else {
if ($attributeName == '3dsx' || $attributeName == 'smdh' || $attributeName == 'appdata' || $attributeName == 'largeIcon') {
echo $attributeName . ': <a href="' . $attributeValue . '">' . $attributeValue . '</a><br />';
} else {
$safeValue = escapeHTMLChars($attributeValue);
echo $attributeName . ': ' . $safeValue . '<br />';
sendResponseCodeAndExitIfTrue(!isset($_POST['guidid']), 400); sendResponseCodeAndExitIfTrue(!isset($_SESSION['hide_app_guid' . $_POST['guidid']]), 422); //Check if GUID of app to remove is set $guid = $_SESSION['hide_app_guid' . $_POST['guidid']]; //Get GUID sendResponseCodeAndExitIfTrue(!isset($_SESSION['remove_token' . $guid]), 422); //Check if session app remove token is set $removeToken = $_SESSION['remove_token' . $guid]; sendResponseCodeAndExitIfTrue(!isset($_POST['pass'], $_POST['removetoken']), 400); //Check if all expected POST vars are set sendResponseCodeAndExitIfTrue(md5($removeToken) !== $_POST['removetoken'], 422); //Check if POST login token is correct printAndExitIfTrue(mb_substr($_POST['pass'], -1) !== '!', 'No exclamation mark entered at the end of the password.'); //Check if question mark was entered $tryUserPass = mb_substr($_POST['pass'], 0, -1); $mysqlConn = connectToDatabase(); $matchingUsers = getArrayFromSQLQuery($mysqlConn, 'SELECT password FROM users WHERE userId = ? LIMIT 1', 's', [$_SESSION['user_id']]); $user = $matchingUsers[0]; printAndExitIfTrue(crypt($tryUserPass, $user['password']) !== $user['password'], 'Invalid password.'); //Check if password is correct //Check if app not hidden already $matchingApps = getArrayFromSQLQuery($mysqlConn, 'SELECT publishstate FROM apps WHERE guid = ?', 's', [$guid]); printAndExitIfTrue($matchingApps[0]['publishstate'] === 2 || $matchingApps[0]['publishstate'] === 3, 'This app is rejected or already hidden.'); executePreparedSQLQuery($mysqlConn, 'UPDATE apps SET publishstate = 3 WHERE guid = ? LIMIT 1', 's', [$guid]); //Update publish state in database $mysqlConn->close(); unset($_SESSION['myapps_token' . $guid]); unset($_SESSION['remove_token' . $guid]); unset($_SESSION['hide_app_guid' . $_POST['guidid']]); //TODO: Actually remove the apps in the future? print 'App hidden.';
