$Row = $db->fetch_assoc($db->execute("SELECT `streamer` FROM `streams` WHERE `creator` = '" . $player['id'] . "'"));
if (!empty($Row['streamer'])) {
$db->close();
MessageSend(1, 'Возможно создать только 1 стрим!');
}
$db->execute("INSERT INTO `streams` (`streamer`,`title`,`about`,`creator`) VALUES ('{$streamStreamer}','{$streamTitle}','{$streamAbout}','" . $player['id'] . "')");
$db->close();
MessageSend(3, 'Вы успешно добавили свой стрим!', '/streams/');
}
ob_start();
include SITE_ROOT . 'style/streams/stream_add.html';
$content_main = ob_get_clean();
} elseif (isset($_GET['view'])) {
$db = new DB();
$db->connect("STREAMS_VIEW");
$streamer = (int) TextSave($_GET['view']);
$Row = $db->fetch_assoc($db->execute("SELECT * FROM `streams` WHERE `creator` = '{$streamer}'"));
$db->close();
if (empty($Row['streamer'])) {
MessageSend(1, 'Стрим не найден!', '/streams/');
}
if ($Row['creator'] != $player['id'] && $Row['status'] == 1) {
if ($player['group'] < 16) {
MessageSend(1, 'Стрим на модерации!', '/streams/');
}
}
ob_start();
include SITE_ROOT . 'style/streams/stream_view.html';
$content_main = ob_get_clean();
} else {
$db = new DB();
static function Send($title, $message_text, $reciver, $is_system = 2)
{
if (!is_numeric($reciver)) {
return;
}
$title = TextSave($title);
$message_text = TextSave($message_text, 2);
$db = new DB();
$db->connect("PM");
$Row = $db->fetch_assoc($db->execute("SELECT `login` FROM `users` WHERE `id` = '{$reciver}'"));
if (empty($Row['login'])) {
return;
}
if ($is_system == 2) {
global $player;
//AuthReset();
$sender = $player['id'];
} else {
$sender = 0;
}
$db->execute("INSERT INTO `pm` (`title`,`message`,`reciver`,`sender`,`time`) VALUES ('{$title}','{$message_text}','{$reciver}'," . $sender . "," . time() . ")");
$db->close();
}
function AuthReset()
{
global $player;
if (isset($_SESSION['USER_RESET']) && isset($_SESSION['USER_RESET_ID'])) {
$pass = TextSave($_SESSION['USER_RESET']);
$db = new DB();
$db->connect();
$Row = $db->fetch_assoc($db->execute("SELECT * FROM `users` WHERE `passw` = '{$pass}' AND `id` = " . $_COOKIE['USER_RESET_ID']));
if (empty($Row['login'])) {
unset($_SESSION['USER_RESET']);
setcookie('USER_RESET', '', 0, '/');
exit(header("Location: /"));
} elseif ($Row['group'] == 2) {
unset($_SESSION['USER_RESET']);
setcookie('USER_RESET', '', 0, '/');
MessageSend(1, "Ваш аккаунт заблокирован!", '/');
}
$db->execute("UPDATE `users` SET `last_online` = '" . time() . "',`ip` = '" . GetIP() . "' WHERE `login` = '" . $Row['login'] . "'");
$_SESSION['USER_LOGGED'] = true;
$MRow = $db->fetch_assoc($db->execute("SELECT * FROM `money` WHERE `username` = '" . $Row['login'] . "'"));
$player['id'] = $Row['id'];
$player['login'] = $Row['login'];
$player['email'] = $Row['email'];
$player['group'] = $Row['group'];
$player['realmoney'] = (int) $MRow['realmoney'];
$player['balance'] = (double) $MRow['balance'];
$player['reg_date'] = $Row['reg_date'];
$player['last_online'] = $Row['last_online'];
setcookie('USER_RESET', $pass, time() + '604800', '/');
setcookie('USER_RESET_ID', $_COOKIE['USER_RESET_ID'], time() + '604800', '/');
if ($player['group'] >= 7 && $Row['ip'] != GetIP() && $Row['ip2'] != GetIP()) {
$db->close();
exit("<p style='color:red'>Вход с неизвестного IP!</p> Обратитесь к администрации!");
}
$db->close();
} elseif (isset($_COOKIE['USER_RESET']) && isset($_COOKIE['USER_RESET_ID'])) {
$pass = TextSave($_COOKIE['USER_RESET']);
$db = new DB();
$db->connect();
$Row = $db->fetch_assoc($db->execute("SELECT * FROM `users` WHERE `passw` = '{$pass}' AND `id` = " . $_COOKIE['USER_RESET_ID']));
if (empty($Row['login'])) {
setcookie('USER_RESET', '', 0, '/');
exit(header("Location: /"));
} elseif ($Row['group'] == 2) {
unset($_SESSION['USER_RESET']);
setcookie('USER_RESET', '', 0, '/');
MessageSend(1, "Ваш аккаунт заблокирован!", '/');
}
$db->execute("UPDATE `users` SET `last_online` = '" . time() . "',`ip` = '" . GetIP() . "' WHERE `login` = '" . $Row['login'] . "'");
$_SESSION['USER_LOGGED'] = true;
$MRow = $db->fetch_assoc($db->execute("SELECT * FROM `money` WHERE `username` = '" . $Row['login'] . "'"));
$player['id'] = $Row['id'];
$player['login'] = $Row['login'];
$player['email'] = $Row['email'];
$player['group'] = $Row['group'];
$player['realmoney'] = (int) $MRow['realmoney'];
$player['balance'] = (double) $MRow['balance'];
$player['reg_date'] = $Row['reg_date'];
$player['last_online'] = $Row['last_online'];
setcookie('USER_RESET', $pass, time() + '604800', '/');
setcookie('USER_RESET_ID', $_COOKIE['USER_RESET_ID'], time() + '604800', '/');
if ($player['group'] >= 7 && $Row['ip'] != GetIP() && $Row['ip2'] != GetIP()) {
$db->close();
exit("<p style='color:red'>Вход с неизвестного IP!</p> Обратитесь к администрации!");
}
$db->close();
} else {
$_SESSION['USER_LOGGED'] = false;
}
}
if (empty($Row['id']) or $Row['reciver'] != $player['id']) {
$db->close();
exit(header("Location: /pm/"));
}
$db->execute("UPDATE `pm` SET `readed` = '2' WHERE `id` = '{$id}'");
$db->close();
ob_start();
include SITE_ROOT . 'style/pm/see.html';
$content_main = ob_get_clean();
} else {
$pm_on_page = 10;
$db = new DB();
$db->connect();
$pm_count = $db->fetch_array($db->execute("SELECT COUNT(id) FROM `pm`"));
$total = ceil($pm_count[0] / $pm_on_page);
if (empty($_GET['p'])) {
$_GET['p'] = '1';
}
$p = $_GET['p'];
$p = TextSave($p);
if (!ctype_digit($p) or $p > $total) {
$p = "1";
}
// формируем запрос
$first = $p * $pm_on_page - $pm_on_page;
$result = $db->execute("SELECT * FROM `pm` WHERE `reciver` = '" . $player['id'] . "' ORDER BY `id` DESC LIMIT {$first}, {$pm_on_page}");
$db->close();
ob_start();
include SITE_ROOT . 'style/pm/list.html';
$content_main = ob_get_clean();
}
<?php
require $_SERVER['DOCUMENT_ROOT'] . '/system.php';
if (isset($_GET['login']) && isset($_GET['passwd'])) {
$login = TextSave($_GET['login']);
$passw = TextSave($_GET['passwd']);
if (empty($login) or empty($passw)) {
exit;
}
$db = new DB();
$db->connect("LauncherAuth");
$Row = $db->fetch_assoc($db->execute("SELECT `passw` FROM `users` WHERE `login` = '{$login}'"));
if (empty($Row['passw'])) {
exit("Пользователь не найден!");
}
if (ToPass($passw) != $Row['passw']) {
exit("Неверный пароль!");
}
exit("OK:" . $login);
} else {
exit;
}
<?php
Access(0);
SiteRefer();
if (isset($_POST['login']) && isset($_POST['password']) && isset($_POST['email'])) {
if (!$_REQUEST['rules-accept']) {
MessageSend(1, 'Вы не приняли правила сервера!', '/register/');
}
$login = TextSave($_POST['login']);
$pass = TextSave($_POST['password']);
$email = TextSave($_POST['email']);
/* Проверки */
if (strlen($login) > 16) {
MessageSend(1, 'Логин должен содержать не более 16 символов.', '/register/');
}
if (strlen($pass) > 30) {
MessageSend(1, 'Пароль должен содержать не более 30 символов.', '/register/');
}
if (strlen($email) > 50) {
MessageSend(1, 'E-Mail должен содержать не более 50 символов.', '/register/');
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
MessageSend(1, 'Невалидный E-Mail!', '/register/');
}
if (strlen($login) < 3) {
MessageSend(1, 'Логин должен содержать не менее 3 символов.', '/register/');
}
if (strlen($pass) < 5) {
MessageSend(1, 'Пароль должен содержать не менее 5 символов.', '/register/');
}
if (empty($email)) {
<?php
require $_SERVER['DOCUMENT_ROOT'] . '/system.php';
if ($_POST['LMI_PREREQUEST'] == 1) {
if ($_POST['LMI_PAYEE_PURSE'] == 'R317832667477') {
echo 'YES';
}
} else {
$key = $_POST['LMI_PAYEE_PURSE'] . $_POST['LMI_PAYMENT_AMOUNT'] . $_POST['LMI_PAYMENT_NO'] . $_POST['LMI_MODE'] . $_POST['LMI_SYS_INVS_NO'] . $_POST['LMI_SYS_TRANS_NO'] . $_POST['LMI_SYS_TRANS_DATE'] . 'd61v5CU80M7toDxZP38M2JXv5V3YD8' . $_POST['LMI_PAYER_PURSE'] . $_POST['LMI_PAYER_WM'];
if (strtoupper(hash('sha256', $key)) != $_POST['LMI_HASH']) {
exit('DDD');
}
///////
$ID = TextSave($_POST['SUID']);
AuthReset();
$db = new DB();
$db->connect("WebMoneyPayment");
if ($_SESSION['USER_LOGGED'] == false) {
$Row = $db->fetch_assoc($db->execute("SELECT `id` FROM `users` WHERE `id` = '{$ID}'"));
if (!empty($Row['id'])) {
$amount = $_POST['LMI_PAYMENT_AMOUNT'];
$db->execute("INSERT INTO `money_log` (`user_id`,`amount`,`payer`,`date`) VALUES ('{$ID}',{$amount},'WebMoney','" . time() . "')");
$db->execute("UPDATE `money` SET `realmoney` = `realmoney` + " . $_POST['LMI_PAYMENT_AMOUNT'] . " WHERE `id` = '{$ID}'");
}
} else {
if ($player['id'] != $ID) {
$ID = $player['id'];
}
}
$db->close();
}
break;
default:
$SITE_CLOSED_REASON = 'причина не указана.';
break;
}
if ($_SESSION['USER_LOGGED'] == true && $player['group'] >= 16) {
$notify_for_user .= '<div class="notify_for_user">Сайт закрыт для обычных пользователей, проссматривать его могут только администраторы!</div>';
} else {
exit(include SITE_ROOT . 'style/site_closed.html');
}
}
if (isset($_GET['type']) && $_GET['type'] == 'login') {
if (isset($_POST['login']) && isset($_POST['password'])) {
if (!isset($_SESSION['USER_LOGGED']) || $_SESSION['USER_LOGGED'] != true) {
$login = TextSave($_POST['login']);
$pass = TextSave($_POST['password']);
if (strlen($login) > 16) {
MessageSend(1, 'Логин должен содержать не более 16 символов.');
}
if (strlen($pass) > 30) {
MessageSend(1, 'Пароль должен содержать не более 30 символов.');
}
if (strlen($login) < 3) {
MessageSend(1, 'Логин должен содержать не менее 3 символов.');
}
if (strlen($pass) < 5) {
MessageSend(1, 'Пароль должен содержать не менее 5 символов.');
}
if (!preg_match("/^[a-zA-Z0-9_-]+\$/", $login)) {
MessageSend(1, 'Логин может содержать только английские буквы/цифры, и некоторые символы!');
}
MessageSend(1, 'Не валидный код! [2]', '/reset-pass/');
$db->close();
}
$time = (int) time() - (int) $Row['reset-pass'];
if (86400 < (int) $time) {
MessageSend(1, 'Срок жизни ссылки истёк, либо вы не запрашивали восстановление пароля.', '/reset-pass/');
}
$_SESSION['RESET_PASSWORD'] = '******';
$_SESSION['RESET_USER'] = $code[0];
$db->close();
ob_start();
include SITE_ROOT . 'style/reset-password_input_new.html';
$content_main = ob_get_clean();
} elseif (isset($_POST['submit-new-pass']) && isset($_POST['newpass'])) {
if (isset($_SESSION['RESET_PASSWORD']) && $_SESSION['RESET_PASSWORD'] == 'YES') {
$password = TextSave($_POST['newpass']);
if (empty($password) or !preg_match("/^[a-zA-Z0-9_-]+\$/", $password) or strlen($password) > 30 or strlen($password) < 5) {
ob_start();
include SITE_ROOT . 'style/reset-password.html';
$content_main = ob_get_clean();
} else {
$db = new DB();
$db->connect();
$password = ToPass($password);
$Row = $db->fetch_assoc($db->execute("SELECT `reset-pass` FROM `users` WHERE `id` = '" . $_SESSION['RESET_USER'] . "'"));
$db->execute("UPDATE `users` SET `passw` = '{$password}',`reset-pass` = 'NULL' WHERE `id` = '" . $_SESSION['RESET_USER'] . "'");
unset($_SESSION['RESET_PASSWORD']);
unset($_SESSION['RESET_USER']);
MessageSend(3, 'Пароль успешно изменён!', '/');
}
} else {
