function getAPIKey()
{
if (isLoggedIn()) {
$key = mysql_result(mysql_query("SELECT apikey FROM `users` WHERE username='******'username'] . "' LIMIT 1") or die(mysql_error()), 0, "apikey");
$id = mysql_result(mysql_query("SELECT id FROM `users` WHERE username='******'username'] . "' LIMIT 1") or die(mysql_error()), 0, "id");
if (strlen($key) < 6) {
$key = sha1($id . time() . genAPIKey());
mysql_query("UPDATE users SET apikey='" . $key . "' WHERE `id`='{$id}'");
}
return substr($key, 0, 6);
} else {
return "none";
}
}
echo json_encode(array("message" => "Updated Message", "status" => "OK"));
} else {
echo json_encode(array("message" => "Unknown arguments", "status" => "ERROR", "mode" => $mode));
}
} else {
if ($mode == "REGISTER") {
$username = clean($_POST['username']);
$password = clean($_POST['password']);
// Encoded by plugin
if (valid($username) && valid($password)) {
$query = mysql_query("SELECT id FROM users WHERE username='******'") or die(mysql_error());
if (mysql_num_rows($query) == 1) {
echo json_encode(array("message" => "Username in use", "status" => "ERROR"));
} else {
if (!$debug) {
$key = genAPIKey();
mysql_query("INSERT INTO users (username, password, loggedin, lastlogin, apikey) VALUES ('{$username}', '{$password}', '1', '{$now}', '{$key}')") or die(mysql_error());
mysql_query("INSERT INTO `serversessions` (`ip`, `username`, `loggedin`) VALUES ('{$ip}', '{$username}', '1')") or die(mysql_error());
}
onRegister($username);
$key = get_key($ip, $mode, $username);
echo json_encode(array("message" => "User registered", "status" => "OK", "username" => $username, "date" => $now, "loggedin" => true, "lastlogin" => $now, "apikey" => $key));
}
} else {
echo json_encode(array("message" => "Unknown arguments", "status" => "ERROR", "mode" => $mode));
}
} else {
if ($mode == "LOGIN") {
$username = clean($_POST['username']);
$password = clean($_POST['password']);
// Encoded by plugin
